3 * Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/)
4 * Copyright (C) 2002-2009 The Nucleus Group
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version 2
9 * of the License, or (at your option) any later version.
10 * (see nucleus/documentation/index.html#license for more info)
13 * The code for the Nucleus admin area
15 * @license http://nucleuscms.org/license.txt GNU General Public License
16 * @copyright Copyright (C) 2002-2009 The Nucleus Group
17 * @version $Id: ADMIN.php 1661 2012-02-12 11:55:39Z sakamocchi $
20 if ( !function_exists('requestVar') ) exit;
21 require_once dirname(__FILE__) . '/showlist.php';
27 static public $action;
28 static public $aOptions;
30 static public $contents;
31 static public $extrahead;
32 static public $headMess;
33 static public $passvar;
35 static private $skinless_actions = array(
36 'plugindeleteconfirm',
37 'pluginoptionsupdate',
45 'changemembersettings',
50 'skinremovetypeconfirm',
60 'templatedeleteconfirm',
64 'adminskinremovetypeconfirm',
66 'adminskindeleteconfirm',
68 'adminskineditgeneral',
73 'admintemplateupdate',
74 'admintemplatedeleteconfirm',
79 static private $ticketless_actions = array(
110 'banlistnewfromitem',
147 'adminskinremovetype',
149 'adminskinieoverview',
151 'admintemplateoverview',
152 'admintemplateclone',
154 'admintemplatedelete'
158 * NOTE: This is for condition of admin/normal skin actions
160 static public $adminskin_actions = array(
168 'adminskinremovetype',
170 'adminskinieoverview',
172 'admintemplateoverview',
173 'admintemplateclone',
175 'admintemplatedelete',
178 'adminskineditgeneral',
180 'adminskindeleteconfirm',
181 'adminskinremovetypeconfirm',
183 'adminskinieoverview',
184 'adminskiniedoimport',
189 'admintemplatedeleteconfirm',
190 'admintemplateupdate'
193 static public function initialize()
195 global $CONF, $manager, $member;
197 /* NOTE: 1. decide which skinid to use */
198 $skinid = $CONF['AdminSkin'];
199 if ( $member->isLoggedIn() )
201 $memskin = $member->getAdminSkin();
202 if ( $memskin && Skin::existsID($memskin))
208 /* NOTE: 2. make an instance of skin object */
209 if ( !Skin::existsID($skinid) )
214 /* NOTE: 3. initializing each members */
215 self::$skin =& $manager->getSkin($skinid, 'AdminActions', 'AdminSkin');
217 self::$extrahead = '';
219 self::$headMess = '';
220 self::$aOptions = '';
228 * @param string $action action to be performed
231 static public function action($action)
233 global $CONF, $manager, $member;
235 /* 1. decide action name */
236 $customAction = postvar('customaction');
237 if ( empty($customAction) )
240 'login' => 'overview',
247 'login' => $customAction,
251 if ( array_key_exists($action, $alias) && isset($alias[$action]) )
253 $action = $alias[$action];
255 $method_name = "action_{$action}";
256 self::$action = strtolower($action);
258 /* 2. check ticket-needed action */
259 if ( !in_array(self::$action, self::$ticketless_actions) && !$manager->checkTicket() )
261 self::error(_ERROR_BADTICKET);
265 /* 3. parse according to the action */
266 else if ( method_exists('Admin', $method_name) )
268 call_user_func(array(__CLASS__, $method_name));
271 /* 4. parse special admin skin */
272 elseif ( in_array(self::$action, self::$skinless_actions) )
274 /* TODO: need to be implemented or not?
275 self::action_parseSpecialskin();
280 self::error(_BADACTION . ENTITY::hsc($action));
288 * Action::action_showlogin()
293 static private function action_showlogin()
296 self::action_login($error);
301 * Action::action_login()
303 * @param string $msg message for pageheader
304 * @param integer $passvars ???
306 static private function action_login($msg = '', $passvars = 1)
310 // skip to overview when allowed
311 if ( $member->isLoggedIn() && $member->canLogin() )
313 self::action_overview();
317 /* TODO: needless variable??? */
318 self::$passvar = $passvars;
321 self::$headMess = $msg;
324 self::$skin->parse('showlogin');
328 * Action::action_overview()
329 * provides a screen with the overview of the actions available
331 * @param string $msg message for pageheader
334 static private function action_overview($msg = '')
338 self::$headMess = $msg;
341 self::$skin->parse('overview');
346 * Admin::action_manage()
348 * @param string $msg message for pageheader
351 static private function action_manage($msg = '')
357 self::$headMess = $msg;
359 $member->isAdmin() or self::disallow();
361 self::$skin->parse('manage');
366 * Action::action_itemlist()
368 * @param integer id for weblod
371 static private function action_itemlist($blogid = '')
373 global $member, $manager, $CONF;
377 $blogid = intRequestVar('blogid');
380 $member->teamRights($blogid) or $member->isAdmin() or self::disallow();
382 self::$skin->parse('itemlist');
387 * Action::action_batchitem()
392 static private function action_batchitem()
394 global $member, $manager;
396 $member->isLoggedIn() or self::disallow();
398 $selected = requestIntArray('batch');
399 $action = requestVar('batchaction');
401 if ( !is_array($selected) || sizeof($selected) == 0 )
403 self::error(_BATCH_NOSELECTION);
407 // On move: when no destination blog/category chosen, show choice now
408 $destCatid = intRequestVar('destcatid');
409 if ( ($action == 'move') && (!$manager->existsCategory($destCatid)) )
411 self::batchMoveSelectDestination('item', $selected);
414 // On delete: check if confirmation has been given
415 if ( ($action == 'delete') && (requestVar('confirmation') != 'yes') )
417 self::batchAskDeleteConfirmation('item', $selected);
420 self::$skin->parse('batchitem');
425 * Action::action_batchcomment()
430 static private function action_batchcomment()
434 $member->isLoggedIn() or self::disallow();
436 $selected = requestIntArray('batch');
437 $action = requestVar('batchaction');
439 // Show error when no items were selected
440 if ( !is_array($selected) || sizeof($selected) == 0 )
442 self::error(_BATCH_NOSELECTION);
446 // On delete: check if confirmation has been given
447 if ( ($action == 'delete') && (requestVar('confirmation') != 'yes') )
449 self::batchAskDeleteConfirmation('comment', $selected);
452 self::$skin->parse('batchcomment');
457 * Admin::action_batchmember()
462 static private function action_batchmember()
466 ($member->isLoggedIn() && $member->isAdmin()) or self::disallow();
468 $selected = requestIntArray('batch');
469 $action = requestVar('batchaction');
471 // Show error when no members selected
472 if ( !is_array($selected) || sizeof($selected) == 0 )
474 self::error(_BATCH_NOSELECTION);
478 // On delete: check if confirmation has been given
479 if ( ($action == 'delete') && (requestVar('confirmation') != 'yes') )
481 self::batchAskDeleteConfirmation('member',$selected);
484 self::$skin->parse('batchmember');
489 * Admin::action_batchteam()
494 static private function action_batchteam()
498 $blogid = intRequestVar('blogid');
500 ($member->isLoggedIn() && $member->blogAdminRights($blogid)) or self::disallow();
502 $selected = requestIntArray('batch');
503 $action = requestVar('batchaction');
505 if ( !is_array($selected) || sizeof($selected) == 0 )
507 self::error(_BATCH_NOSELECTION);
511 // On delete: check if confirmation has been given
512 if ( ($action == 'delete') && (requestVar('confirmation') != 'yes') )
514 self::batchAskDeleteConfirmation('team',$selected);
517 self::$skin->parse('batchteam');
522 * Admin::action_batchcategory()
527 static private function action_batchcategory()
529 global $member, $manager;
531 $member->isLoggedIn() or self::disallow();
533 $selected = requestIntArray('batch');
534 $action = requestVar('batchaction');
536 if ( !is_array($selected) || sizeof($selected) == 0 )
538 self::error(_BATCH_NOSELECTION);
542 // On move: when no destination blog chosen, show choice now
543 $destBlogId = intRequestVar('destblogid');
544 if ( ($action == 'move') && (!$manager->existsBlogID($destBlogId)) )
546 self::batchMoveCategorySelectDestination('category', $selected);
549 // On delete: check if confirmation has been given
550 if ( ($action == 'delete') && (requestVar('confirmation') != 'yes') )
552 self::batchAskDeleteConfirmation('category', $selected);
555 self::$skin->parse('batchcategory');
560 * Admin::batchMoveSelectDestination()
562 * @param string $type type of batch action
563 * @param integer $ids needless???
566 * TODO: remove needless argument
568 static private function batchMoveSelectDestination($type, $ids)
570 $_POST['batchmove'] = $type;
571 self::$skin->parse('batchmove');
576 * Admin::batchMoveCategorySelectDestination()
578 * @param string $type type of batch action
579 * @param integer $ids needless???
582 * TODO: remove needless argument
584 static private function batchMoveCategorySelectDestination($type, $ids)
586 $_POST['batchmove'] = $type;
588 self::$skin->parse('batchmovecat');
593 * Admin::batchAskDeleteConfirmation()
595 * @param string $type type of batch action
596 * @param integer $ids needless???
599 * TODO: remove needless argument
601 static private function batchAskDeleteConfirmation($type, $ids)
603 self::$skin->parse('batchdelete');
608 * Admin::action_browseownitems()
613 static private function action_browseownitems()
615 global $member, $manager, $CONF;
617 self::$skin->parse('browseownitems');
622 * Admin::action_itemcommentlist()
623 * Show all the comments for a given item
625 * @param integer $itemid ID for item
628 static private function action_itemcommentlist($itemid = '')
630 global $member, $manager, $CONF;
634 $itemid = intRequestVar('itemid');
637 // only allow if user is allowed to alter item
638 $member->canAlterItem($itemid) or self::disallow();
640 $item =& $manager->getItem($itemid, 1, 1);
641 $_REQUEST['itemid'] = $item['itemid'];
642 $_REQUEST['blogid'] = $item['blogid'];
644 self::$skin->parse('itemcommentlist');
649 * Admin::action_browseowncomments()
650 * Browse own comments
655 static private function action_browseowncomments()
657 self::$skin->parse('browseowncomments');
662 * Admin::action_blogcommentlist()
663 * Browse all comments for a weblog
665 * @param integer $blogid ID for weblog
668 static private function action_blogcommentlist($blogid = '')
670 global $member, $manager, $CONF;
674 $blogid = intRequestVar('blogid');
678 $blogid = intval($blogid);
681 $member->teamRights($blogid) or $member->isAdmin() or self::disallow();
683 /* TODO: we consider to use the other way insterad of this */
684 $_REQUEST['blogid'] = $blogid;
686 self::$skin->parse('blogcommentlist');
691 * Admin::action_createaccount()
696 static private function action_createaccount()
700 if ( $CONF['AllowMemberCreate'] != 1 )
702 self::$skin->parse('createaccountdisable');
718 if ( array_key_exists('showform', $_POST) && $_POST['showform'] == 1 )
720 $action = new Action();
721 $message = $action->createAccount();
722 if ( $message === 1 )
724 self::$headMess = $message;
725 self::$skin->parse('createaccountsuccess');
729 /* TODO: validation */
730 if ( array_key_exists('name', $_POST) )
732 $contents['name'] = $_POST['name'];
734 if ( array_key_exists('realname', $_POST) )
736 $contents['realname'] = $_POST['realname'];
738 if ( array_key_exists('email', $_POST) )
740 $contents['email'] = $_POST['email'];
742 if ( array_key_exists('url', $_POST) )
744 $contents['url'] = $_POST['url'];
747 self::$contents = $contents;
751 self::$skin->parse('createaccountinput');
756 * Admin::action_createitem()
757 * Provide a page to item a new item to the given blog
762 static private function action_createitem()
764 global $member, $manager;
766 $blogid = intRequestVar('blogid');
769 $member->teamRights($blogid) or self::disallow();
771 $blog =& $manager->getBlog($blogid);
776 'contents' => &$contents
778 $manager->notify('PreAddItemForm', $data);
780 if ( $blog->convertBreaks() )
782 if ( array_key_exists('body', $contents) && !empty($contents['body']) )
784 $contents['body'] = removeBreaks($contents['body']);
786 if ( array_key_exists('more', $contents) && !empty($contents['more']) )
788 $contents['more'] = removeBreaks($contents['more']);
792 self::$blog = &$blog;
793 self::$contents = &$contents;
795 self::$skin->parse('createitem');
800 * Admin::action_itemedit()
805 static private function action_itemedit()
807 global $member, $manager;
809 $itemid = intRequestVar('itemid');
811 // only allow if user is allowed to alter item
812 $member->canAlterItem($itemid) or self::disallow();
814 $item =& $manager->getItem($itemid, 1, 1);
815 $blog =& $manager->getBlog($item['blogid']);
816 $data = array('blog'=> &$blog, 'item' => &$item);
817 $manager->notify('PrepareItemForEdit', $data);
819 if ( $blog->convertBreaks() )
821 if ( array_key_exists('body', $item) && !empty($item['body']) )
823 $item['body'] = removeBreaks($item['body']);
825 if ( array_key_exists('more', $item) && !empty($item['more']) )
827 $item['more'] = removeBreaks($item['more']);
831 self::$blog = &$blog;
832 self::$contents = &$item;
834 self::$skin->parse('itemedit');
839 * Admin::action_itemupdate()
844 static private function action_itemupdate()
846 global $member, $manager, $CONF;
848 $itemid = intRequestVar('itemid');
849 $catid = postVar('catid');
851 // only allow if user is allowed to alter item
852 $member->canUpdateItem($itemid, $catid) or self::disallow();
854 $actiontype = postVar('actiontype');
856 // delete actions are handled by itemdelete (which has confirmation)
857 if ( $actiontype == 'delete' )
859 self::action_itemdelete();
863 $body = postVar('body');
864 $title = postVar('title');
865 $more = postVar('more');
866 $closed = intPostVar('closed');
867 $draftid = intPostVar('draftid');
869 // default action = add now
872 $actiontype='addnow';
875 // create new category if needed
876 if ( i18n::strpos($catid,'newcat') === 0 )
879 list($blogid) = sscanf($catid,"newcat-%d");
882 $blog =& $manager->getBlog($blogid);
883 $catid = $blog->createNewCategory();
885 // show error when sth goes wrong
888 self::doError(_ERROR_CATCREATEFAIL);
893 * set some variables based on actiontype
896 * draft items -> addnow, addfuture, adddraft, delete
897 * non-draft items -> edit, changedate, delete
900 * $timestamp: set to a nonzero value for future dates or date changes
901 * $wasdraft: set to 1 when the item used to be a draft item
902 * $publish: set to 1 when the edited item is not a draft
904 $blogid = getBlogIDFromItemID($itemid);
905 $blog =& $manager->getBlog($blogid);
907 $wasdrafts = array('adddraft', 'addfuture', 'addnow');
908 $wasdraft = in_array($actiontype, $wasdrafts) ? 1 : 0;
909 $publish = ($actiontype != 'adddraft' && $actiontype != 'backtodrafts') ? 1 : 0;
910 if ( $actiontype == 'addfuture' || $actiontype == 'changedate' )
912 $timestamp = mktime(intPostVar('hour'), intPostVar('minutes'), 0, intPostVar('month'), intPostVar('day'), intPostVar('year'));
919 // edit the item for real
920 Item::update($itemid, $catid, $title, $body, $more, $closed, $wasdraft, $publish, $timestamp);
922 self::updateFuturePosted($blogid);
926 // delete permission is checked inside Item::delete()
927 Item::delete($draftid);
930 if ( $catid != intPostVar('catid') )
932 self::action_categoryedit(
935 $CONF['AdminURL'] . 'index.php?action=itemlist&blogid=' . getBlogIDFromItemID($itemid)
940 // TODO: set start item correctly for itemlist
941 $item =& $manager->getitem($itemid, 1, 1);
942 $query = "SELECT COUNT(*) FROM %s WHERE unix_timestamp(itime) <= '%s';";
943 $query = sprintf($query, sql_table('item'), $item['timestamp']);
944 $cnt = DB::getValue($query);
945 $_REQUEST['start'] = $cnt + 1;
946 self::action_itemlist(getBlogIDFromItemID($itemid));
952 * Admin::action_itemdelete()
958 static private function action_itemdelete()
960 global $member, $manager;
962 $itemid = intRequestVar('itemid');
964 // only allow if user is allowed to alter item
965 $member->canAlterItem($itemid) or self::disallow();
967 if ( !$manager->existsItem($itemid,1,1) )
969 self::error(_ERROR_NOSUCHITEM);
973 self::$skin->parse('itemdelete');
978 * Admin::action_itemdeleteconfirm()
983 static private function action_itemdeleteconfirm()
985 global $member, $manager;
987 $itemid = intRequestVar('itemid');
989 // only allow if user is allowed to alter item
990 $member->canAlterItem($itemid) or self::disallow();
993 $item =& $manager->getItem($itemid, 1, 1);
995 // delete item (note: some checks will be performed twice)
996 self::deleteOneItem($item['itemid']);
998 self::action_itemlist($item['blogid']);
1003 * Admin::deleteOneItem()
1004 * Deletes one item and returns error if something goes wrong
1006 * @param integer $itemid ID for item
1009 static public function deleteOneItem($itemid)
1011 global $member, $manager;
1013 // only allow if user is allowed to alter item (also checks if itemid exists)
1014 if ( !$member->canAlterItem($itemid) )
1016 return _ERROR_DISALLOWED;
1019 // need to get blogid before the item is deleted
1020 $item =& $manager->getItem($itemid, 1, 1);
1022 $manager->loadClass('ITEM');
1023 Item::delete($item['itemid']);
1025 // update blog's futureposted
1026 self::updateFuturePosted($item['itemid']);
1031 * Admin::updateFuturePosted()
1032 * Update a blog's future posted flag
1034 * @param integer $blogid
1037 static private function updateFuturePosted($blogid)
1041 $blogid = intval($blogid);
1042 $blog =& $manager->getBlog($blogid);
1043 $currenttime = $blog->getCorrectTime(time());
1045 $query = "SELECT * FROM %s WHERE iblog=%d AND iposted=0 AND itime>'%s'";
1046 $query = sprintf($query, sql_table('item'), (integer) $blogid, i18n::formatted_datetime('mysql', $currenttime));
1047 $result = DB::getResult($query);
1049 if ( $result->rowCount() > 0 )
1051 $blog->setFuturePost();
1055 $blog->clearFuturePost();
1061 * Admin::action_itemmove()
1066 static private function action_itemmove()
1068 global $member, $manager;
1070 $itemid = intRequestVar('itemid');
1072 $member->canAlterItem($itemid) or self::disallow();
1074 self::$skin->parse('itemmove');
1079 * Admin::action_itemmoveto()
1084 static private function action_itemmoveto()
1086 global $member, $manager;
1088 $itemid = intRequestVar('itemid');
1089 $catid = requestVar('catid');
1091 // create new category if needed
1092 if ( i18n::strpos($catid,'newcat') === 0 )
1095 list($blogid) = sscanf($catid,'newcat-%d');
1098 $blog =& $manager->getBlog($blogid);
1099 $catid = $blog->createNewCategory();
1101 // show error when sth goes wrong
1104 self::doError(_ERROR_CATCREATEFAIL);
1108 // only allow if user is allowed to alter item
1109 $member->canUpdateItem($itemid, $catid) or self::disallow();
1111 $old_blogid = getBlogIDFromItemId($itemid);
1113 Item::move($itemid, $catid);
1115 // set the futurePosted flag on the blog
1116 self::updateFuturePosted(getBlogIDFromItemId($itemid));
1118 // reset the futurePosted in case the item is moved from one blog to another
1119 self::updateFuturePosted($old_blogid);
1121 if ( $catid != intRequestVar('catid') )
1123 self::action_categoryedit($catid, $blog->getID());
1127 self::action_itemlist(getBlogIDFromCatID($catid));
1133 * Admin::moveOneItem()
1134 * Moves one item to a given category (category existance should be checked by caller)
1135 * errors are returned
1137 * @param integer $itemid ID for item
1138 * @param integer $destCatid ID for category to which the item will be moved
1141 static public function moveOneItem($itemid, $destCatid)
1145 // only allow if user is allowed to move item
1146 if ( !$member->canUpdateItem($itemid, $destCatid) )
1148 return _ERROR_DISALLOWED;
1151 Item::move($itemid, $destCatid);
1156 * Admin::action_additem()
1157 * Adds a item to the chosen blog
1162 static private function action_additem()
1164 global $manager, $CONF;
1166 $manager->loadClass('ITEM');
1168 $result = Item::createFromRequest();
1170 if ( $result['status'] == 'error' )
1172 self::error($result['message']);
1176 $item =& $manager->getItem($result['itemid'], 0, 0);
1178 if ( $result['status'] == 'newcategory' )
1180 $distURI = $manager->addTicketToUrl($CONF['AdminURL'] . 'index.php?action=itemList&blogid=' . $item['blogid']);
1181 self::action_categoryedit($result['catid'], $item['blogid'], $distURI);
1185 $methodName = 'action_itemlist';
1186 self::action_itemlist($item['blogid']);
1192 * Admin::action_commentedit()
1193 * Allows to edit previously made comments
1198 static private function action_commentedit()
1200 global $member, $manager;
1202 $commentid = intRequestVar('commentid');
1204 $member->canAlterComment($commentid) or self::disallow();
1206 $comment = Comment::getComment($commentid);
1207 $data = array('comment' => &$comment);
1208 $manager->notify('PrepareCommentForEdit', $data);
1210 self::$contents = $comment;
1211 self::$skin->parse('commentedit');
1216 * Admin::action_commentupdate()
1221 static private function action_commentupdate()
1223 global $member, $manager;
1225 $commentid = intRequestVar('commentid');
1227 $member->canAlterComment($commentid) or self::disallow();
1229 $url = postVar('url');
1230 $email = postVar('email');
1231 $body = postVar('body');
1233 // intercept words that are too long
1234 if (preg_match('#[a-zA-Z0-9|\.,;:!\?=\/\\\\]{90,90}#', $body) != FALSE)
1236 self::error(_ERROR_COMMENT_LONGWORD);
1241 if ( i18n::strlen($body) < 3 )
1243 self::error(_ERROR_COMMENT_NOCOMMENT);
1247 if ( i18n::strlen($body) > 5000 )
1249 self::error(_ERROR_COMMENT_TOOLONG);
1254 $body = Comment::prepareBody($body);
1260 $manager->notify('PreUpdateComment', $data);
1262 $query = "UPDATE %s SET cmail=%s, cemail=%s, cbody=%s WHERE cnumber=%d;";
1263 $query = sprintf($query, sql_table('comment'), DB::quoteValue($url), DB::quoteValue($email), DB::quoteValue($body), (integer) $commentid);
1264 DB::execute($query);
1267 $query = "SELECT citem FROM %s WHERE cnumber=%d;";
1268 $query = sprintf($query, sql_table('comment'), (integer) $commentid);
1270 $itemid = DB::getValue($query);
1272 if ( $member->canAlterItem($itemid) )
1274 self::action_itemcommentlist($itemid);
1278 self::action_browseowncomments();
1284 * Admin::action_commentdelete()
1290 static private function action_commentdelete()
1292 global $member, $manager;
1294 $commentid = intRequestVar('commentid');
1295 $member->canAlterComment($commentid) or self::disallow();
1297 self::$skin->parse('commentdelete');
1302 * Admin::action_commentdeleteconfirm()
1307 static private function action_commentdeleteconfirm()
1311 $commentid = intRequestVar('commentid');
1313 // get item id first
1314 $query = "SELECT citem FROM %s WHERE cnumber=%d;";
1315 $query = sprintf($query, sql_table('comment'), (integer) $commentid);
1317 $itemid = DB::getValue($query);
1319 $error = self::deleteOneComment($commentid);
1322 self::doError($error);
1325 if ( $member->canAlterItem($itemid) )
1327 self::action_itemcommentlist($itemid);
1331 self::action_browseowncomments();
1337 * Admin::deleteOneComment()
1339 * @param integer $commentid ID for comment
1342 static public function deleteOneComment($commentid)
1344 global $member, $manager;
1346 $commentid = (integer) $commentid;
1348 if ( !$member->canAlterComment($commentid) )
1350 return _ERROR_DISALLOWED;
1354 'commentid' => $commentid
1357 $manager->notify('PreDeleteComment', $data);
1359 // delete the comments associated with the item
1360 $query = "DELETE FROM %s WHERE cnumber=%d;";
1361 $query = sprintf($query, sql_table('comment'), (integer) $commentid);
1362 DB::execute($query);
1365 'commentid' => $commentid
1368 $manager->notify('PostDeleteComment', $data);
1374 * Admin::action_usermanagement()
1375 * Usermanagement main
1380 static private function action_usermanagement()
1382 global $member, $manager;
1385 $member->isAdmin() or self::disallow();
1387 self::$skin->parse('usermanagement');
1392 * Admin::action_memberedit()
1393 * Edit member settings
1398 static private function action_memberedit()
1400 self::action_editmembersettings(intRequestVar('memberid'));
1405 * Admin::action_editmembersettings()
1407 * @param integer $memberid ID for member
1411 static private function action_editmembersettings($memberid = '')
1413 global $member, $manager, $CONF;
1415 if ( $memberid == '' )
1417 $memberid = $member->getID();
1420 /* TODO: we should consider to use the other way insterad of this */
1421 $_REQUEST['memberid'] = $memberid;
1424 ($member->getID() == $memberid) or $member->isAdmin() or self::disallow();
1426 self::$extrahead .= "<script type=\"text/javascript\" src=\"<%skinfile(/javascripts/numbercheck.js)%>\"></script>\n";
1428 self::$skin->parse('editmembersettings');
1433 * Admin::action_changemembersettings()
1438 static private function action_changemembersettings()
1440 global $member, $CONF, $manager;
1442 $memberid = intRequestVar('memberid');
1445 ($member->getID() == $memberid) or $member->isAdmin() or self::disallow();
1447 $name = trim(strip_tags(postVar('name')));
1448 $realname = trim(strip_tags(postVar('realname')));
1449 $password = postVar('password');
1450 $repeatpassword = postVar('repeatpassword');
1451 $email = strip_tags(postVar('email'));
1452 $url = strip_tags(postVar('url'));
1453 $adminskin = intPostVar('adminskin');
1454 $bookmarklet = intPostVar('bookmarklet');
1456 // begin if: sometimes user didn't prefix the URL with http:// or https://, this cause a malformed URL. Let's fix it.
1457 if ( !preg_match('#^https?://#', $url) )
1459 $url = 'http://' . $url;
1462 $admin = postVar('admin');
1463 $canlogin = postVar('canlogin');
1464 $notes = strip_tags(postVar('notes'));
1465 $locale = postVar('locale');
1467 $mem =& $manager->getMember($memberid);
1469 if ( $CONF['AllowLoginEdit'] || $member->isAdmin() )
1471 if ( !isValidDisplayName($name) )
1473 self::error(_ERROR_BADNAME);
1477 if ( ($name != $mem->getDisplayName()) && Member::exists($name) )
1479 self::error(_ERROR_NICKNAMEINUSE);
1483 if ( $password != $repeatpassword )
1485 self::error(_ERROR_PASSWORDMISMATCH);
1489 if ( $password && (i18n::strlen($password) < 6) )
1491 self::error(_ERROR_PASSWORDTOOSHORT);
1501 'password' => $password,
1502 'errormessage' => &$pwderror,
1503 'valid' => &$pwdvalid
1505 $manager->notify('PrePasswordSet', $data);
1509 self::error($pwderror);
1515 if ( !NOTIFICATION::address_validation($email) )
1517 self::error(_ERROR_BADMAILADDRESS);
1522 self::error(_ERROR_REALNAMEMISSING);
1525 if ( ($locale != '') && (!in_array($locale, i18n::get_available_locale_list())) )
1527 self::error(_ERROR_NOSUCHTRANSLATION);
1531 // check if there will remain at least one site member with both the logon and admin rights
1532 // (check occurs when taking away one of these rights from such a member)
1533 if ( (!$admin && $mem->isAdmin() && $mem->canLogin())
1534 || (!$canlogin && $mem->isAdmin() && $mem->canLogin())
1537 $r = DB::getResult('SELECT * FROM '.sql_table('member').' WHERE madmin=1 and mcanlogin=1');
1538 if ( $r->rowCount() < 2 )
1540 self::error(_ERROR_ATLEASTONEADMIN);
1545 if ( $CONF['AllowLoginEdit'] || $member->isAdmin() )
1547 $mem->setDisplayName($name);
1550 $mem->setPassword($password);
1554 $oldEmail = $mem->getEmail();
1556 $mem->setRealName($realname);
1557 $mem->setEmail($email);
1559 $mem->setNotes($notes);
1560 $mem->setLocale($locale);
1561 $mem->setAdminSkin($adminskin);
1562 $mem->setBookmarklet($bookmarklet);
1564 // only allow super-admins to make changes to the admin status
1565 if ( $member->isAdmin() )
1567 $mem->setAdmin($admin);
1568 $mem->setCanLogin($canlogin);
1571 $autosave = postVar('autosave');
1572 $mem->setAutosave($autosave);
1576 // store plugin options
1577 $aOptions = requestArray('plugoption');
1578 NucleusPlugin::apply_plugin_options($aOptions);
1580 'context' => 'member',
1581 'memberid' => $memberid,
1584 $manager->notify('PostPluginOptionsUpdate', $data);
1586 // if email changed, generate new password
1587 if ( $oldEmail != $mem->getEmail() )
1589 $mem->sendActivationLink('addresschange', $oldEmail);
1591 $mem->newCookieKey();
1593 // only log out if the member being edited is the current member.
1594 if ( $member->getID() == $memberid )
1598 self::action_login(_MSG_ACTIVATION_SENT, 0);
1602 if ( ($mem->getID() == $member->getID())
1603 && ($mem->getDisplayName() != $member->getDisplayName()) )
1605 $mem->newCookieKey();
1607 self::action_login(_MSG_LOGINAGAIN, 0);
1611 self::action_overview(_MSG_SETTINGSCHANGED);
1617 * Admin::action_memberadd()
1623 static private function action_memberadd()
1625 global $member, $manager;
1628 $member->isAdmin() or self::disallow();
1630 if ( postVar('password') != postVar('repeatpassword') )
1632 self::error(_ERROR_PASSWORDMISMATCH);
1636 if ( i18n::strlen(postVar('password')) < 6 )
1638 self::error(_ERROR_PASSWORDTOOSHORT);
1642 $res = Member::create(
1644 postVar('realname'),
1645 postVar('password'),
1649 postVar('canlogin'),
1659 // fire PostRegister event
1660 $newmem = new Member();
1661 $newmem->readFromName(postVar('name'));
1663 'member' => &$newmem
1665 $manager->notify('PostRegister', $data);
1667 self::action_usermanagement();
1672 * Admin::action_forgotpassword()
1677 static private function action_forgotpassword()
1679 self::$skin->parse('forgotpassword');
1684 * Admin::action_activate()
1685 * Account activation
1690 static private function action_activate()
1692 $key = getVar('key');
1693 self::showActivationPage($key);
1698 * Admin::showActivationPage()
1703 static private function showActivationPage($key, $message = '')
1707 // clean up old activation keys
1708 Member::cleanupActivationTable();
1710 // get activation info
1711 $info = Member::getActivationInfo($key);
1715 self::error(_ERROR_ACTIVATE);
1719 $mem =& $manager->getMember($info->vmember);
1723 self::error(_ERROR_ACTIVATE);
1727 /* TODO: we should consider to use the other way insterad of this */
1728 $_POST['ackey'] = $key;
1729 $_POST['bNeedsPasswordChange'] = TRUE;
1731 self::$headMess = $message;
1732 self::$skin->parse('activate');
1737 * Admin::action_activatesetpwd()
1738 * Account activation - set password part
1743 static private function action_activatesetpwd()
1746 $key = postVar('key');
1748 // clean up old activation keys
1749 Member::cleanupActivationTable();
1751 // get activation info
1752 $info = Member::getActivationInfo($key);
1754 if ( !$info || ($info->type == 'addresschange') )
1756 return self::showActivationPage($key, _ERROR_ACTIVATE);
1759 $mem =& $manager->getMember($info->vmember);
1763 return self::showActivationPage($key, _ERROR_ACTIVATE);
1766 $password = postVar('password');
1767 $repeatpassword = postVar('repeatpassword');
1769 if ( $password != $repeatpassword )
1771 return self::showActivationPage($key, _ERROR_PASSWORDMISMATCH);
1774 if ( $password && (i18n::strlen($password) < 6) )
1776 return self::showActivationPage($key, _ERROR_PASSWORDTOOSHORT);
1785 'password' => $password,
1786 'errormessage' => &$pwderror,
1787 'valid' => &$pwdvalid
1789 $manager->notify('PrePasswordSet', $data);
1792 return self::showActivationPage($key,$pwderror);
1799 'type' => 'activation',
1803 $manager->notify('ValidateForm', $data);
1806 return self::showActivationPage($key, $error);
1810 $mem->setPassword($password);
1813 // do the activation
1814 Member::activate($key);
1816 self::$skin->parse('activatesetpwd');
1821 * Admin::action_manageteam()
1827 static private function action_manageteam()
1829 global $member, $manager;
1831 $blogid = intRequestVar('blogid');
1834 $member->blogAdminRights($blogid) or self::disallow();
1836 self::$skin->parse('manageteam');
1841 * Admin::action_teamaddmember()
1842 * Add member to team
1847 static private function action_teamaddmember()
1849 global $member, $manager;
1851 $memberid = intPostVar('memberid');
1852 $blogid = intPostVar('blogid');
1853 $admin = intPostVar('admin');
1856 $member->blogAdminRights($blogid) or self::disallow();
1858 $blog =& $manager->getBlog($blogid);
1859 if ( !$blog->addTeamMember($memberid, $admin) )
1861 self::error(_ERROR_ALREADYONTEAM);
1865 self::action_manageteam();
1870 * Admin::action_teamdelete()
1875 static private function action_teamdelete()
1877 global $member, $manager;
1879 $memberid = intRequestVar('memberid');
1880 $blogid = intRequestVar('blogid');
1883 $member->blogAdminRights($blogid) or self::disallow();
1885 $teammem =& $manager->getMember($memberid);
1886 $blog =& $manager->getBlog($blogid);
1888 self::$skin->parse('teamdelete');
1893 * Admin::action_teamdeleteconfirm()
1898 static private function action_teamdeleteconfirm()
1902 $memberid = intRequestVar('memberid');
1903 $blogid = intRequestVar('blogid');
1905 $error = self::deleteOneTeamMember($blogid, $memberid);
1908 self::error($error);
1911 self::action_manageteam();
1916 * Admin::deleteOneTeamMember()
1921 static public function deleteOneTeamMember($blogid, $memberid)
1923 global $member, $manager;
1925 $blogid = intval($blogid);
1926 $memberid = intval($memberid);
1929 if ( !$member->blogAdminRights($blogid) )
1931 return _ERROR_DISALLOWED;
1934 // check if: - there remains at least one blog admin
1935 // - (there remains at least one team member)
1936 $tmem =& $manager->getMember($memberid);
1943 $manager->notify('PreDeleteTeamMember', $data);
1945 if ( $tmem->isBlogAdmin($blogid) )
1947 /* TODO: why we did double check? */
1948 // check if there are more blog members left and at least one admin
1949 // (check for at least two admins before deletion)
1950 $query = "SELECT * FROM %s WHERE tblog=%d and tadmin=1;";
1951 $query = sprintf($query, sql_table('team'), (integer) $blogid);
1952 $r = DB::getResult($query);
1953 if ( $r->rowCount() < 2 )
1955 return _ERROR_ATLEASTONEBLOGADMIN;
1959 $query = "DELETE FROM %s WHERE tblog=%d AND tmember=%d;";
1960 $query = sprintf($query, sql_table('team'), (integer) $blogid, (integer) $memberid);
1961 DB::execute($query);
1967 $manager->notify('PostDeleteTeamMember', $data);
1973 * Admin::action_teamchangeadmin()
1978 static private function action_teamchangeadmin()
1980 global $manager, $member;
1982 $blogid = intRequestVar('blogid');
1983 $memberid = intRequestVar('memberid');
1986 $member->blogAdminRights($blogid) or self::disallow();
1988 $mem =& $manager->getMember($memberid);
1990 // don't allow when there is only one admin at this moment
1991 if ( $mem->isBlogAdmin($blogid) )
1993 $query = "SELECT * FROM %s WHERE tblog=%d AND tadmin=1;";
1994 $query = sprintf($query, sql_table('team'), (integer) $blogid);
1995 $r = DB::getResult($query);
1996 if ( $r->rowCount() == 1 )
1998 self::error(_ERROR_ATLEASTONEBLOGADMIN);
2003 if ( $mem->isBlogAdmin($blogid) )
2012 $query = "UPDATE %s SET tadmin=%d WHERE tblog=%d and tmember=%d;";
2013 $query = sprintf($query, (integer) $blogid, (integer) $newval, (integer) $blogid, (integer) $memberid);
2014 DB::execute($query);
2016 // only show manageteam if member did not change its own admin privileges
2017 if ( $member->isBlogAdmin($blogid) )
2019 self::action_manageteam();
2023 self::action_overview(_MSG_ADMINCHANGED);
2029 * Admin::action_blogsettings()
2034 static private function action_blogsettings()
2036 global $member, $manager;
2038 $blogid = intRequestVar('blogid');
2041 $member->blogAdminRights($blogid) or self::disallow();
2043 $blog =& $manager->getBlog($blogid);
2045 self::$extrahead .= "<script type=\"text/javascript\" src=\"<%skinfile(/javascripts/numbercheck.js)%>\"></script>\n";
2047 self::$skin->parse('blogsettings');
2052 * Admin::action_categorynew()
2057 static private function action_categorynew()
2059 global $member, $manager;
2061 $blogid = intRequestVar('blogid');
2063 $member->blogAdminRights($blogid) or self::disallow();
2065 $cname = postVar('cname');
2066 $cdesc = postVar('cdesc');
2068 if ( !isValidCategoryName($cname) )
2070 self::error(_ERROR_BADCATEGORYNAME);
2074 $query = "SELECT * FROM %s WHERE cname=%s AND cblog=%d;";
2075 $query = sprintf($query, sql_table('category'), DB::quoteValue($cname), (integer) $blogid);
2076 $res = DB::getResult($query);
2077 if ( $res->rowCount() > 0 )
2079 self::error(_ERROR_DUPCATEGORYNAME);
2083 $blog =& $manager->getBlog($blogid);
2084 $newCatID = $blog->createNewCategory($cname, $cdesc);
2086 self::action_blogsettings();
2091 * Admin::action_categoryedit()
2096 static private function action_categoryedit($catid = '', $blogid = '', $desturl = '')
2098 global $member, $manager;
2100 if ( $blogid == '' )
2102 $blogid = intGetVar('blogid');
2106 $blogid = intval($blogid);
2110 $catid = intGetVar('catid');
2114 $catid = intval($catid);
2117 /* TODO: we should consider to use the other way insterad of this */
2118 $_REQUEST['blogid'] = $blogid;
2119 $_REQUEST['catid'] = $catid;
2120 $_REQUEST['desturl'] = $desturl;
2121 $member->blogAdminRights($blogid) or self::disallow();
2123 self::$extrahead .= "<script type=\"text/javascript\" src=\"<%skinfile(/javascripts/numbercheck.js)%>\"></script>\n";
2125 self::$skin->parse('categoryedit');
2130 * Admin::action_categoryupdate()
2135 static private function action_categoryupdate()
2137 global $member, $manager;
2139 $blogid = intPostVar('blogid');
2140 $catid = intPostVar('catid');
2141 $cname = postVar('cname');
2142 $cdesc = postVar('cdesc');
2143 $desturl = postVar('desturl');
2145 $member->blogAdminRights($blogid) or self::disallow();
2147 if ( !isValidCategoryName($cname) )
2149 self::error(_ERROR_BADCATEGORYNAME);
2153 $query = "SELECT * FROM %s WHERE cname=%s AND cblog=%d AND not(catid=%d);";
2154 $query = sprintf($query, sql_table('category'), DB::quoteValue($cname), (integer) $blogid, (integer) $catid);
2155 $res = DB::getResult($query);
2156 if ( $res->rowCount() > 0 )
2158 self::error(_ERROR_DUPCATEGORYNAME);
2162 $query = "UPDATE %s SET cname=%s, cdesc=%s WHERE catid=%d;";
2163 $query = sprintf($query, sql_table('category'), DB::quoteValue($cname), DB::quoteValue($cdesc), (integer) $catid);
2164 DB::execute($query);
2166 // store plugin options
2167 $aOptions = requestArray('plugoption');
2168 NucleusPlugin::apply_plugin_options($aOptions);
2170 'context' => 'category',
2173 $manager->notify('PostPluginOptionsUpdate', $data);
2181 self::action_blogsettings();
2187 * Admin::action_categorydelete()
2192 static private function action_categorydelete()
2194 global $member, $manager;
2196 $blogid = intRequestVar('blogid');
2197 $catid = intRequestVar('catid');
2199 $member->blogAdminRights($blogid) or self::disallow();
2201 $blog =& $manager->getBlog($blogid);
2203 // check if the category is valid
2204 if ( !$blog->isValidCategory($catid) )
2206 self::error(_ERROR_NOSUCHCATEGORY);
2210 // don't allow deletion of default category
2211 if ( $blog->getDefaultCategory() == $catid )
2213 self::error(_ERROR_DELETEDEFCATEGORY);
2217 // check if catid is the only category left for blogid
2218 $query = "SELECT catid FROM %s WHERE cblog=%d;";
2219 $query = sprintf($query, sql_table('category'), $blogid);
2220 $res = DB::getResult($query);
2221 if ( $res->rowCount() == 1 )
2223 self::error(_ERROR_DELETELASTCATEGORY);
2227 self::$skin->parse('categorydelete');
2232 * Admin::action_categorydeleteconfirm()
2237 static private function action_categorydeleteconfirm()
2239 global $member, $manager;
2241 $blogid = intRequestVar('blogid');
2242 $catid = intRequestVar('catid');
2244 $member->blogAdminRights($blogid) or self::disallow();
2246 $error = self::deleteOneCategory($catid);
2249 self::error($error);
2253 self::action_blogsettings();
2258 * Admin::deleteOneCategory()
2259 * Delete a category by its id
2261 * @param String $catid category id for deleting
2264 static public function deleteOneCategory($catid)
2266 global $manager, $member;
2268 $catid = intval($catid);
2269 $blogid = getBlogIDFromCatID($catid);
2271 if ( !$member->blogAdminRights($blogid) )
2273 return ERROR_DISALLOWED;
2277 $blog =& $manager->getBlog($blogid);
2279 // check if the category is valid
2280 if ( !$blog || !$blog->isValidCategory($catid) )
2282 return _ERROR_NOSUCHCATEGORY;
2285 $destcatid = $blog->getDefaultCategory();
2287 // don't allow deletion of default category
2288 if ( $blog->getDefaultCategory() == $catid )
2290 return _ERROR_DELETEDEFCATEGORY;
2293 // check if catid is the only category left for blogid
2294 $query = "SELECT catid FROM %s WHERE cblog=%d;";
2295 $query = sprintf($query, sql_table('category'), (integer) $blogid);
2297 $res = DB::getResult($query);
2298 if ( $res->rowCount() == 1 )
2300 return _ERROR_DELETELASTCATEGORY;
2303 $data = array('catid' => $catid);
2304 $manager->notify('PreDeleteCategory', $data);
2306 // change category for all items to the default category
2307 $query = "UPDATE %s SET icat=%d WHERE icat=%d;";
2308 $query =sprintf($query, sql_table('item'), (integer) $destcatid, (integer) $catid);
2309 DB::execute($query);
2311 // delete all associated plugin options
2312 NucleusPlugin::delete_option_values('category', (integer) $catid);
2315 $query = "DELETE FROM %s WHERE catid=%d;";
2316 $query = sprintf($query, sql_table('category'), (integer) $catid);
2317 DB::execute($query);
2319 $data = array('catid' => $catid);
2320 $manager->notify('PostDeleteCategory', $data);
2325 * Admin::moveOneCategory()
2326 * Delete a category by its id
2328 * @param int $catid category id for move
2329 * @param int $destblogid blog id for destination
2332 static public function moveOneCategory($catid, $destblogid)
2334 global $manager, $member;
2335 $catid = intval($catid);
2336 $destblogid = intval($destblogid);
2337 $blogid = getBlogIDFromCatID($catid);
2338 // mover should have admin rights on both blogs
2339 if (!$member->blogAdminRights($blogid)) {
2340 return _ERROR_DISALLOWED;
2342 if (!$member->blogAdminRights($destblogid)) {
2343 return _ERROR_DISALLOWED;
2345 // cannot move to self
2346 if ($blogid == $destblogid) {
2347 return _ERROR_MOVETOSELF;
2350 $blog =& $manager->getBlog($blogid);
2351 $destblog =& $manager->getBlog($destblogid);
2352 // check if the category is valid
2353 if (!$blog || !$blog->isValidCategory($catid)) {
2354 return _ERROR_NOSUCHCATEGORY;
2356 // don't allow default category to be moved
2357 if ($blog->getDefaultCategory() == $catid) {
2358 return _ERROR_MOVEDEFCATEGORY;
2362 'sourceblog' => &$blog,
2363 'destblog' => &$destblog
2365 $manager->notify('PreMoveCategory', $data);
2366 // update comments table (cblog)
2370 . sql_table('item') . ' '
2373 $items = sql_query(sprintf($query, $catid));
2374 while ($oItem = sql_fetch_object($items)) {
2376 . sql_table('comment') . ' '
2378 . ' cblog = %d' . ' '
2381 sql_query(sprintf($query, $destblogid, $oItem->inumber));
2384 // update items (iblog)
2386 . sql_table('item') . ' '
2391 sql_query(sprintf($query, $destblogid, $catid));
2395 . sql_table('category') . ' '
2397 . ' cblog = %d' . ' '
2400 sql_query(sprintf($query, $destblogid, $catid));
2404 'sourceblog' => &$blog,
2405 'destblog' => $destblog
2407 $manager->notify('PostMoveCategory', $data);
2412 * Admin::action_blogsettingsupdate
2413 * Updating blog settings
2418 static private function action_blogsettingsupdate()
2420 global $member, $manager;
2422 $blogid = intRequestVar('blogid');
2424 $member->blogAdminRights($blogid) or self::disallow();
2426 $blog =& $manager->getBlog($blogid);
2428 $notify_address = trim(postVar('notify'));
2429 $shortname = trim(postVar('shortname'));
2430 $updatefile = trim(postVar('update'));
2432 $notifyComment = intPostVar('notifyComment');
2433 $notifyVote = intPostVar('notifyVote');
2434 $notifyNewItem = intPostVar('notifyNewItem');
2436 if ( $notifyComment == 0 )
2440 if ( $notifyVote == 0 )
2444 if ( $notifyNewItem == 0 )
2448 $notifyType = $notifyComment * $notifyVote * $notifyNewItem;
2450 if ( $notify_address && !NOTIFICATION::address_validation($notify_address) )
2452 self::error(_ERROR_BADNOTIFY);
2456 if ( !isValidShortName($shortname) )
2458 self::error(_ERROR_BADSHORTBLOGNAME);
2462 if ( ($blog->getShortName() != $shortname) && $manager->existsBlog($shortname) )
2464 self::error(_ERROR_DUPSHORTBLOGNAME);
2467 // check if update file is writable
2468 if ( $updatefile && !is_writeable($updatefile) )
2470 self::error(_ERROR_UPDATEFILE);
2474 $blog->setName(trim(postVar('name')));
2475 $blog->setShortName($shortname);
2476 $blog->setNotifyAddress($notify_address);
2477 $blog->setNotifyType($notifyType);
2478 $blog->setMaxComments(postVar('maxcomments'));
2479 $blog->setCommentsEnabled(postVar('comments'));
2480 $blog->setTimeOffset(postVar('timeoffset'));
2481 $blog->setUpdateFile($updatefile);
2482 $blog->setURL(trim(postVar('url')));
2483 $blog->setDefaultSkin(intPostVar('defskin'));
2484 $blog->setDescription(trim(postVar('desc')));
2485 $blog->setPublic(postVar('public'));
2486 $blog->setConvertBreaks(intPostVar('convertbreaks'));
2487 $blog->setAllowPastPosting(intPostVar('allowpastposting'));
2488 $blog->setDefaultCategory(intPostVar('defcat'));
2489 $blog->setSearchable(intPostVar('searchable'));
2490 $blog->setEmailRequired(intPostVar('reqemail'));
2491 $blog->writeSettings();
2493 // store plugin options
2494 $aOptions = requestArray('plugoption');
2495 NucleusPlugin::apply_plugin_options($aOptions);
2498 'context' => 'blog',
2499 'blogid' => $blogid,
2502 $manager->notify('PostPluginOptionsUpdate', $data);
2504 self::action_overview(_MSG_SETTINGSCHANGED);
2509 * Admin::action_deleteblog()
2514 static private function action_deleteblog()
2516 global $member, $CONF, $manager;
2518 $blogid = intRequestVar('blogid');
2520 $member->blogAdminRights($blogid) or self::disallow();
2522 // check if blog is default blog
2523 if ( $CONF['DefaultBlog'] == $blogid )
2525 self::error(_ERROR_DELDEFBLOG);
2529 $blog =& $manager->getBlog($blogid);
2531 self::$skin->parse('deleteblog');
2536 * Admin::action_deleteblogconfirm()
2542 static private function action_deleteblogconfirm()
2544 global $member, $CONF, $manager;
2546 $blogid = intRequestVar('blogid');
2548 $data = array('blogid' => $blogid);
2549 $manager->notify('PreDeleteBlog', $data);
2551 $member->blogAdminRights($blogid) or self::disallow();
2553 // check if blog is default blog
2554 if ( $CONF['DefaultBlog'] == $blogid )
2556 self::error(_ERROR_DELDEFBLOG);
2560 // delete all comments
2561 $query = 'DELETE FROM ' . sql_table('comment') . ' WHERE cblog='.$blogid;
2562 DB::execute($query);
2565 $query = 'DELETE FROM ' . sql_table('item') . ' WHERE iblog=' . $blogid;
2566 DB::execute($query);
2568 // delete all team members
2569 $query = 'DELETE FROM ' . sql_table('team') . ' WHERE tblog=' . $blogid;
2570 DB::execute($query);
2573 $query = 'DELETE FROM ' . sql_table('ban') . ' WHERE blogid=' . $blogid;
2574 DB::execute($query);
2576 // delete all categories
2577 $query = 'DELETE FROM ' . sql_table('category') . ' WHERE cblog=' . $blogid;
2578 DB::execute($query);
2580 // delete all associated plugin options
2581 NucleusPlugin::delete_option_values('blog', $blogid);
2583 // delete the blog itself
2584 $query = 'DELETE FROM ' . sql_table('blog') . ' WHERE bnumber=' . $blogid;
2585 DB::execute($query);
2587 $data = array('blogid' => $blogid);
2588 $manager->notify('PostDeleteBlog', $data);
2590 self::action_overview(_DELETED_BLOG);
2595 * Admin::action_memberdelete()
2600 static private function action_memberdelete()
2602 global $member, $manager;
2604 $memberid = intRequestVar('memberid');
2606 ($member->getID() == $memberid) or $member->isAdmin() or self::disallow();
2608 $mem =& $manager->getMember($memberid);
2610 self::$skin->parse('memberdelete');
2615 * Admin::action_memberdeleteconfirm()
2620 static private function action_memberdeleteconfirm()
2624 $memberid = intRequestVar('memberid');
2626 ($member->getID() == $memberid) or $member->isAdmin() or self::disallow();
2628 $error = self::deleteOneMember($memberid);
2631 self::error($error);
2635 if ( $member->isAdmin() )
2637 self::action_usermanagement();
2642 self::action_overview(_DELETED_MEMBER);
2649 * Admin::deleteOneMember()
2650 * Delete a member by id
2653 * @params Integer $memberid member id
2654 * @return String null string or error messages
2656 static public function deleteOneMember($memberid)
2660 $memberid = intval($memberid);
2661 $mem =& $manager->getMember($memberid);
2663 if ( !$mem->canBeDeleted() )
2665 return _ERROR_DELETEMEMBER;
2668 $data = array('member' => &$mem);
2669 $manager->notify('PreDeleteMember', $data);
2671 /* unlink comments from memberid */
2674 $query = "UPDATE %s SET cmember=0, cuser=%s WHERE cmember=%d;";
2675 $query = sprintf($query, sql_table('comment'), DB::quoteValue($mem->getDisplayName()), $memberid);
2676 DB::execute($query);
2679 $query = 'DELETE FROM ' . sql_table('member') . ' WHERE mnumber=' . $memberid;
2680 DB::execute($query);
2682 $query = 'DELETE FROM ' . sql_table('team') . ' WHERE tmember=' . $memberid;
2683 DB::execute($query);
2685 $query = 'DELETE FROM ' . sql_table('activation') . ' WHERE vmember=' . $memberid;
2686 DB::execute($query);
2688 // delete all associated plugin options
2689 NucleusPlugin::delete_option_values('member', $memberid);
2691 $data = array('member' => &$mem);
2692 $manager->notify('PostDeleteMember', $data);
2698 * Admin::action_createnewlog()
2703 static private function action_createnewlog()
2705 global $member, $CONF, $manager;
2707 // Only Super-Admins can do this
2708 $member->isAdmin() or self::disallow();
2710 self::$skin->parse('createnewlog');
2715 * Admin::action_addnewlog()
2720 static private function action_addnewlog()
2722 global $member, $manager, $CONF;
2724 // Only Super-Admins can do this
2725 $member->isAdmin() or self::disallow();
2727 $bname = trim(postVar('name'));
2728 $bshortname = trim(postVar('shortname'));
2729 $btimeoffset = postVar('timeoffset');
2730 $bdesc = trim(postVar('desc'));
2731 $bdefskin = postVar('defskin');
2733 if ( !isValidShortName($bshortname) )
2735 self::error(_ERROR_BADSHORTBLOGNAME);
2739 if ( $manager->existsBlog($bshortname) )
2741 self::error(_ERROR_DUPSHORTBLOGNAME);
2747 'shortname' => &$bshortname,
2748 'timeoffset' => &$btimeoffset,
2749 'description' => &$bdesc,
2750 'defaultskin' => &$bdefskin
2752 $manager->notify('PreAddBlog', $data);
2754 // add slashes for sql queries
2755 $bname = DB::quoteValue($bname);
2756 $bshortname = DB::quoteValue($bshortname);
2757 $btimeoffset = DB::quoteValue($btimeoffset);
2758 $bdesc = DB::quoteValue($bdesc);
2759 $bdefskin = DB::quoteValue($bdefskin);
2762 $query = "INSERT INTO %s (bname, bshortname, bdesc, btimeoffset, bdefskin) VALUES (%s, %s, %s, %s, %s);";
2763 $query = sprintf($query, sql_table('blog'), $bname, $bshortname, $bdesc, $btimeoffset, $bdefskin);
2764 DB::execute($query);
2766 $blogid = DB::getInsertId();
2767 $blog =& $manager->getBlog($blogid);
2769 // create new category
2770 $catdefname = (!defined('_EBLOGDEFAULTCATEGORY_NAME') ? 'General' : _EBLOGDEFAULTCATEGORY_NAME);
2771 $catdefdesc = (!defined('_EBLOGDEFAULTCATEGORY_DESC') ? 'Items that do not fit in other categories' : _EBLOGDEFAULTCATEGORY_DESC);
2773 $query = 'INSERT INTO %s (cblog, cname, cdesc) VALUES (%d, %s, %s)';
2774 DB::execute(sprintf($query, sql_table('category'), (integer) $blogid, DB::quoteValue($catdefname), DB::quoteValue($catdefdesc)));
2775 $catid = DB::getInsertId();
2777 // set as default category
2778 $blog->setDefaultCategory($catid);
2779 $blog->writeSettings();
2781 // create team member
2782 $query = "INSERT INTO %s (tmember, tblog, tadmin) VALUES (%d, %d, 1);";
2783 $query = sprintf($query, sql_table('team'), (integer) $member->getID(), (integer) $blogid);
2784 DB::execute($query);
2786 $itemdeftitle = (defined('_EBLOG_FIRSTITEM_TITLE') ? _EBLOG_FIRSTITEM_TITLE : 'First Item');
2787 $itemdefbody = (defined('_EBLOG_FIRSTITEM_BODY') ? _EBLOG_FIRSTITEM_BODY : 'This is the first item in your weblog. Feel free to delete it.');
2790 $blog->getDefaultCategory(),
2791 $itemdeftitle,$itemdefbody,
2795 $blog->getCorrectTime(),
2801 $data = array('blog' => &$blog);
2802 $manager->notify('PostAddBlog', $data);
2806 'name' => _EBLOGDEFAULTCATEGORY_NAME,
2807 'description' => _EBLOGDEFAULTCATEGORY_DESC,
2810 $manager->notify('PostAddCategory', $data);
2812 /* TODO: we should consider to use the other way insterad of this */
2813 $_REQUEST['blogid'] = $blogid;
2814 $_REQUEST['catid'] = $catid;
2815 self::$skin->parse('addnewlog');
2820 * Admin::action_addnewlog2()
2825 static private function action_addnewlog2()
2827 global $member, $manager;
2828 $blogid = intRequestVar('blogid');
2830 $member->blogAdminRights($blogid) or self::disallow();
2832 $burl = requestVar('url');
2834 $blog =& $manager->getBlog($blogid);
2835 $blog->setURL(trim($burl));
2836 $blog->writeSettings();
2838 self::action_overview(_MSG_NEWBLOG);
2843 * Admin::action_skinieoverview()
2848 static private function action_skinieoverview()
2850 global $member, $DIR_LIBS, $manager;
2852 $member->isAdmin() or self::disallow();
2854 include_once($DIR_LIBS . 'skinie.php');
2856 self::$skin->parse('skinieoverview');
2861 * Admin::action_skinieimport()
2866 static private function action_skinieimport()
2870 $member->isAdmin() or self::disallow();
2872 $skinFileRaw = postVar('skinfile');
2873 $mode = postVar('mode');
2875 $error = self::skinieimport($mode, $skinFileRaw);
2878 self::error($error);
2882 self::$skin->parse('skinieimport');
2887 * Admin::action_skiniedoimport()
2892 static private function action_skiniedoimport()
2894 global $member, $DIR_LIBS, $DIR_SKINS;
2896 $member->isAdmin() or self::disallow();
2898 // load skinie class
2899 include_once($DIR_LIBS . 'skinie.php');
2901 $mode = postVar('mode');
2902 $skinFileRaw = postVar('skinfile');
2903 $allowOverwrite = intPostVar('overwrite');
2905 $error = self::skiniedoimport($mode, $skinFileRaw, $allowOverwrite);
2912 self::$skin->parse('skiniedoimport');
2917 * Admin::action_skinieexport()
2922 static private function action_skinieexport()
2926 $member->isAdmin() or self::disallow();
2928 $aSkins = requestIntArray('skin');
2929 $aTemplates = requestIntArray('template');
2930 $info = postVar('info');
2932 self::skinieexport($aSkins, $aTemplates, $info);
2938 * Admin::action_templateoverview()
2943 static private function action_templateoverview()
2945 global $member, $manager;
2947 $member->isAdmin() or self::disallow();
2949 self::$skin->parse('templateoverview');
2954 * Admin::action_templateedit()
2956 * @param string $msg message for pageheader
2959 static private function action_templateedit($msg = '')
2961 global $member, $manager;
2964 self::$headMess = $msg;
2967 $templateid = intRequestVar('templateid');
2969 $member->isAdmin() or self::disallow();
2971 self::$extrahead .= "<script type=\"text/javascript\" src=\"<%skinfile(/javascripts/templateEdit.js)%>\"></script>\n";
2972 self::$extrahead .= "<script type=\"text/javascript\">setTemplateEditText('" . Entity::hsc(_EDITTEMPLATE_EMPTY) . "');</script>\n";
2974 self::$skin->parse('templateedit');
2979 * Admin::action_templateupdate()
2984 static private function action_templateupdate()
2986 global $member,$manager;
2988 $templateid = intRequestVar('templateid');
2990 $member->isAdmin() or self::disallow();
2992 $name = postVar('tname');
2993 $desc = postVar('tdesc');
2995 if ( !isValidTemplateName($name) )
2997 self::error(_ERROR_BADTEMPLATENAME);
3001 if ( (Template::getNameFromId($templateid) != $name) && Template::exists($name) )
3003 self::error(_ERROR_DUPTEMPLATENAME);
3007 // 1. Remove all template parts
3008 $query = "DELETE FROM %s WHERE tdesc=%d;";
3009 $query = sprintf($query, sql_table('template'), (integer) $templateid);
3010 DB::execute($query);
3012 // 2. Update description
3013 $query = "UPDATE %s SET tdname=%s, tddesc=%s WHERE tdnumber=%d;";
3014 $query = sprintf($query, sql_table('template_desc'), DB::quoteValue($name), DB::quoteValue($desc), (integer) $templateid);
3015 DB::execute($query);
3017 // 3. Add non-empty template parts
3018 self::addToTemplate($templateid, 'ITEM_HEADER', postVar('ITEM_HEADER'));
3019 self::addToTemplate($templateid, 'ITEM', postVar('ITEM'));
3020 self::addToTemplate($templateid, 'ITEM_FOOTER', postVar('ITEM_FOOTER'));
3021 self::addToTemplate($templateid, 'MORELINK', postVar('MORELINK'));
3022 self::addToTemplate($templateid, 'EDITLINK', postVar('EDITLINK'));
3023 self::addToTemplate($templateid, 'NEW', postVar('NEW'));
3024 self::addToTemplate($templateid, 'COMMENTS_HEADER', postVar('COMMENTS_HEADER'));
3025 self::addToTemplate($templateid, 'COMMENTS_BODY', postVar('COMMENTS_BODY'));
3026 self::addToTemplate($templateid, 'COMMENTS_FOOTER', postVar('COMMENTS_FOOTER'));
3027 self::addToTemplate($templateid, 'COMMENTS_CONTINUED', postVar('COMMENTS_CONTINUED'));
3028 self::addToTemplate($templateid, 'COMMENTS_TOOMUCH', postVar('COMMENTS_TOOMUCH'));
3029 self::addToTemplate($templateid, 'COMMENTS_AUTH', postVar('COMMENTS_AUTH'));
3030 self::addToTemplate($templateid, 'COMMENTS_ONE', postVar('COMMENTS_ONE'));
3031 self::addToTemplate($templateid, 'COMMENTS_MANY', postVar('COMMENTS_MANY'));
3032 self::addToTemplate($templateid, 'COMMENTS_NONE', postVar('COMMENTS_NONE'));
3033 self::addToTemplate($templateid, 'ARCHIVELIST_HEADER', postVar('ARCHIVELIST_HEADER'));
3034 self::addToTemplate($templateid, 'ARCHIVELIST_LISTITEM', postVar('ARCHIVELIST_LISTITEM'));
3035 self::addToTemplate($templateid, 'ARCHIVELIST_FOOTER', postVar('ARCHIVELIST_FOOTER'));
3036 self::addToTemplate($templateid, 'BLOGLIST_HEADER', postVar('BLOGLIST_HEADER'));
3037 self::addToTemplate($templateid, 'BLOGLIST_LISTITEM', postVar('BLOGLIST_LISTITEM'));
3038 self::addToTemplate($templateid, 'BLOGLIST_FOOTER', postVar('BLOGLIST_FOOTER'));
3039 self::addToTemplate($templateid, 'CATLIST_HEADER', postVar('CATLIST_HEADER'));
3040 self::addToTemplate($templateid, 'CATLIST_LISTITEM', postVar('CATLIST_LISTITEM'));
3041 self::addToTemplate($templateid, 'CATLIST_FOOTER', postVar('CATLIST_FOOTER'));
3042 self::addToTemplate($templateid, 'DATE_HEADER', postVar('DATE_HEADER'));
3043 self::addToTemplate($templateid, 'DATE_FOOTER', postVar('DATE_FOOTER'));
3044 self::addToTemplate($templateid, 'FORMAT_DATE', postVar('FORMAT_DATE'));
3045 self::addToTemplate($templateid, 'FORMAT_TIME', postVar('FORMAT_TIME'));
3046 self::addToTemplate($templateid, 'SEARCH_HIGHLIGHT', postVar('SEARCH_HIGHLIGHT'));
3047 self::addToTemplate($templateid, 'SEARCH_NOTHINGFOUND', postVar('SEARCH_NOTHINGFOUND'));
3048 self::addToTemplate($templateid, 'POPUP_CODE', postVar('POPUP_CODE'));
3049 self::addToTemplate($templateid, 'MEDIA_CODE', postVar('MEDIA_CODE'));
3050 self::addToTemplate($templateid, 'IMAGE_CODE', postVar('IMAGE_CODE'));
3052 $data = array('fields' => array());
3053 $manager->notify('TemplateExtraFields', $data);
3054 foreach ( $data['fields'] as $pfkey=>$pfvalue )
3056 foreach ( $pfvalue as $pffield => $pfdesc )
3058 self::addToTemplate($templateid, $pffield, postVar($pffield));
3062 // jump back to template edit
3063 self::action_templateedit(_TEMPLATE_UPDATED);
3068 * Admin::addToTemplate()
3070 * @param Integer $id ID for template
3071 * @param String $partname parts name
3072 * @param String $content template contents
3073 * @return Integer record index
3076 static private function addToTemplate($id, $partname, $content)
3078 // don't add empty parts:
3079 if ( !trim($content) )
3084 $query = "INSERT INTO %s (tdesc, tpartname, tcontent) VALUES (%d, %s, %s);";
3085 $query = sprintf($query, sql_table('template'), (integer) $id, DB::quoteValue($partname), DB::quoteValue($content));
3086 if ( DB::execute($query) === FALSE )
3088 $err = DB::getError();
3089 exit(_ADMIN_SQLDIE_QUERYERROR . $err[2]);
3091 return DB::getInsertId();
3095 * Admin::action_templatedelete()
3100 static private function action_templatedelete()
3102 global $member, $manager;
3104 $member->isAdmin() or self::disallow();
3106 $templateid = intRequestVar('templateid');
3107 // TODO: check if template can be deleted
3109 self::$skin->parse('templatedelete');
3114 * Admin::action_templatedeleteconfirm()
3119 static private function action_templatedeleteconfirm()
3121 global $member, $manager;
3123 $templateid = intRequestVar('templateid');
3125 $member->isAdmin() or self::disallow();
3127 $data = array('templateid' => $templateid);
3128 $manager->notify('PreDeleteTemplate', $data);
3130 // 1. delete description
3131 DB::execute('DELETE FROM ' . sql_table('template_desc') . ' WHERE tdnumber=' . $templateid);
3134 DB::execute('DELETE FROM ' . sql_table('template') . ' WHERE tdesc=' . $templateid);
3137 $data = array('templateid' => $templateid);
3138 $manager->notify('PostDeleteTemplate', $data);
3140 self::action_templateoverview();
3145 * Admin::action_templatenew()
3150 static private function action_templatenew()
3154 $member->isAdmin() or self::disallow();
3156 $name = postVar('name');
3157 $desc = postVar('desc');
3159 if ( !isValidTemplateName($name) )
3161 self::error(_ERROR_BADTEMPLATENAME);
3165 if ( Template::exists($name) )
3167 self::error(_ERROR_DUPTEMPLATENAME);
3171 $newTemplateId = Template::createNew($name, $desc);
3173 self::action_templateoverview();
3178 * Admin::action_templateclone()
3183 static private function action_templateclone()
3187 $templateid = intRequestVar('templateid');
3189 $member->isAdmin() or self::disallow();
3191 // 1. read old template
3192 $name = Template::getNameFromId($templateid);
3193 $desc = Template::getDesc($templateid);
3195 // 2. create desc thing
3196 $name = "cloned" . $name;
3198 // if a template with that name already exists:
3199 if ( Template::exists($name) )
3202 while (Template::exists($name . $i))
3209 $newid = Template::createNew($name, $desc);
3212 // go through parts of old template and add them to the new one
3213 $query = "SELECT tpartname, tcontent FROM %s WHERE tdesc=%d;";
3214 $query = sprintf($query, sql_table('template'), (integer) $templateid);
3216 $res = DB::getResult($query);
3217 foreach ( $res as $row)
3219 self::addToTemplate($newid, $row['tpartname'], $row['tcontent']);
3222 self::action_templateoverview();
3227 * Admin::action_admintemplateoverview()
3232 static private function action_admintemplateoverview()
3235 $member->isAdmin() or self::disallow();
3236 self::$skin->parse('admntemplateoverview');
3241 * Admin::action_admintemplateedit()
3243 * @param string $msg message for pageheader
3246 static private function action_admintemplateedit($msg = '')
3248 global $member, $manager;
3251 self::$headMess = $msg;
3253 $member->isAdmin() or self::disallow();
3255 self::$extrahead .= "<script type=\"text/javascript\" src=\"<%skinfile(/javascripts/templateEdit.js)%>\"></script>\n";
3256 self::$extrahead .= '<script type="text/javascript">setTemplateEditText("' . Entity::hsc(_EDITTEMPLATE_EMPTY) . '");</script>' . "\n";
3258 self::$skin->parse('admintemplateedit');
3263 * Admin::action_admintemplateupdate()
3268 static private function action_admintemplateupdate()
3270 global $member, $manager;
3271 $templateid = intRequestVar('templateid');
3272 $member->isAdmin() or self::disallow();
3273 $name = postVar('tname');
3274 $desc = postVar('tdesc');
3276 if ( !isValidTemplateName($name) )
3278 self::error(_ERROR_BADTEMPLATENAME);
3282 if ( (Template::getNameFromId($templateid) != $name) && Template::exists($name) )
3284 self::error(_ERROR_DUPTEMPLATENAME);
3288 // 1. Remove all template parts
3289 $query = "DELETE FROM %s WHERE tdesc=%d;";
3290 $query = sprintf($query, sql_table('template'), (integer) $templateid);
3291 DB::execute($query);
3293 // 2. Update description
3294 $query = "UPDATE %s SET tdname=%s, tddesc=%s WHERE tdnumber=%d;";
3295 $query = sprintf($query, sql_table('template_desc'), DB::quoteValue($name), DB::quoteValue($desc), (integer) $templateid);
3296 DB::execute($query);
3298 // 3. Add non-empty template parts
3299 self::addToTemplate($templateid, 'NORMALSKINLIST_HEAD', postVar('NORMALSKINLIST_HEAD'));
3300 self::addToTemplate($templateid, 'NORMALSKINLIST_BODY', postVar('NORMALSKINLIST_BODY'));
3301 self::addToTemplate($templateid, 'NORMALSKINLIST_FOOT', postVar('NORMALSKINLIST_FOOT'));
3302 self::addToTemplate($templateid, 'ADMIN_CUSTOMHELPLINK_ICON', postVar('ADMIN_CUSTOMHELPLINK_ICON'));
3303 self::addToTemplate($templateid, 'ADMIN_CUSTOMHELPLINK_ANCHOR', postVar('ADMIN_CUSTOMHELPLINK_ANCHOR'));
3304 self::addToTemplate($templateid, 'ADMIN_BLOGLINK', postVar('ADMIN_BLOGLINK'));
3305 self::addToTemplate($templateid, 'ADMIN_BATCHLIST', postVar('ADMIN_BATCHLIST'));
3306 self::addToTemplate($templateid, 'ACTIVATE_FORGOT_TITLE', postVar('ACTIVATE_FORGOT_TITLE'));
3307 self::addToTemplate($templateid, 'ACTIVATE_FORGOT_TEXT', postVar('ACTIVATE_FORGOT_TEXT'));
3308 self::addToTemplate($templateid, 'ACTIVATE_REGISTER_TITLE', postVar('ACTIVATE_REGISTER_TITLE'));
3309 self::addToTemplate($templateid, 'ACTIVATE_REGISTER_TEXT', postVar('ACTIVATE_REGISTER_TEXT'));
3310 self::addToTemplate($templateid, 'ACTIVATE_CHANGE_TITLE', postVar('ACTIVATE_CHANGE_TITLE'));
3311 self::addToTemplate($templateid, 'ACTIVATE_CHANGE_TEXT', postVar('ACTIVATE_CHANGE_TEXT'));
3312 self::addToTemplate($templateid, 'TEMPLATE_EDIT_EXPLUGNAME', postVar('TEMPLATE_EDIT_EXPLUGNAME'));
3313 self::addToTemplate($templateid, 'TEMPLATE_EDIT_ROW_HEAD', postVar('TEMPLATE_EDIT_ROW_HEAD'));
3314 self::addToTemplate($templateid, 'TEMPLATE_EDIT_ROW_TAIL', postVar('TEMPLATE_EDIT_ROW_TAIL'));
3315 self::addToTemplate($templateid, 'SPECIALSKINLIST_HEAD', postVar('SPECIALSKINLIST_HEAD'));
3316 self::addToTemplate($templateid, 'SPECIALSKINLIST_BODY', postVar('SPECIALSKINLIST_BODY'));
3317 self::addToTemplate($templateid, 'SPECIALSKINLIST_FOOT', postVar('SPECIALSKINLIST_FOOT'));
3318 self::addToTemplate($templateid, 'SYSTEMINFO_GDSETTINGS', postVar('SYSTEMINFO_GDSETTINGS'));
3319 self::addToTemplate($templateid, 'BANLIST_DELETED_LIST', postVar('BANLIST_DELETED_LIST'));
3320 self::addToTemplate($templateid, 'INSERT_PLUGOPTION_TITLE', postVar('INSERT_PLUGOPTION_TITLE'));
3321 self::addToTemplate($templateid, 'INSERT_PLUGOPTION_BODY', postVar('INSERT_PLUGOPTION_BODY'));
3322 self::addToTemplate($templateid, 'INPUTYESNO_TEMPLATE_ADMIN', postVar('INPUTYESNO_TEMPLATE_ADMIN'));
3323 self::addToTemplate($templateid, 'INPUTYESNO_TEMPLATE_NORMAL', postVar('INPUTYESNO_TEMPLATE_NORMAL'));
3324 self::addToTemplate($templateid, 'ADMIN_SPECIALSKINLIST_HEAD', postVar('ADMIN_SPECIALSKINLIST_HEAD'));
3325 self::addToTemplate($templateid, 'ADMIN_SPECIALSKINLIST_BODY', postVar('ADMIN_SPECIALSKINLIST_BODY'));
3326 self::addToTemplate($templateid, 'ADMIN_SPECIALSKINLIST_FOOT', postVar('ADMIN_SPECIALSKINLIST_FOOT'));
3327 self::addToTemplate($templateid, 'SKINIE_EXPORT_LIST', postVar('SKINIE_EXPORT_LIST'));
3328 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_SELECT_HEAD', postVar('SHOWLIST_LISTPLUG_SELECT_HEAD'));
3329 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_SELECT_BODY', postVar('SHOWLIST_LISTPLUG_SELECT_BODY'));
3330 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_SELECT_FOOT', postVar('SHOWLIST_LISTPLUG_SELECT_FOOT'));
3331 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_HEAD'));
3332 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_BODY'));
3333 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_FOOT'));
3334 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_MEMBLIST_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_MEMBLIST_HEAD'));
3335 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_MEMBLIST_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_MEMBLIST_BODY'));
3336 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_MEMBLIST_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_MEMBLIST_FOOT'));
3337 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_TEAMLIST_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_TEAMLIST_HEAD'));
3338 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_TEAMLIST_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_TEAMLIST_BODY'));
3339 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_TEAMLIST_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_TEAMLIST_FOOT'));
3340 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLUGLIST_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_PLUGLIST_HEAD'));
3341 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLUGLIST_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_PLUGLIST_BODY'));
3342 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLUGLIST_GURL', postVar('SHOWLIST_LISTPLUG_TABLE_PLUGLIST_GURL'));
3343 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLUGEVENTLIST', postVar('SHOWLIST_LISTPLUG_TABLE_PLUGEVENTLIST'));
3344 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLUGNEDUPDATE', postVar('SHOWLIST_LISTPLUG_TABLE_PLUGNEDUPDATE'));
3345 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLUGIN_DEPEND', postVar('SHOWLIST_LISTPLUG_TABLE_PLUGIN_DEPEND'));
3346 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLUGIN_DEPREQ', postVar('SHOWLIST_LISTPLUG_TABLE_PLUGIN_DEPREQ'));
3347 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLUGLISTFALSE', postVar('SHOWLIST_LISTPLUG_TABLE_PLUGLISTFALSE'));
3348 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLUGLIST_ACTN', postVar('SHOWLIST_LISTPLUG_TABLE_PLUGLIST_ACTN'));
3349 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLUGLIST_ADMN', postVar('SHOWLIST_LISTPLUG_TABLE_PLUGLIST_ADMN'));
3350 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLUGLIST_HELP', postVar('SHOWLIST_LISTPLUG_TABLE_PLUGLIST_HELP'));
3351 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLUGOPTSETURL', postVar('SHOWLIST_LISTPLUG_TABLE_PLUGOPTSETURL'));
3352 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLUGLIST_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_PLUGLIST_FOOT'));
3353 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_POPTLIST_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_POPTLIST_HEAD'));
3354 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_POPTLIST_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_POPTLIST_BODY'));
3355 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLGOPT_OYESNO', postVar('SHOWLIST_LISTPLUG_TABLE_PLGOPT_OYESNO'));
3356 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLGOPT_OPWORD', postVar('SHOWLIST_LISTPLUG_TABLE_PLGOPT_OPWORD'));
3357 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLGOPT_OSELEP', postVar('SHOWLIST_LISTPLUG_TABLE_PLGOPT_OSELEP'));
3358 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLGOPT_OSELEO', postVar('SHOWLIST_LISTPLUG_TABLE_PLGOPT_OSELEO'));
3359 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLGOPT_OSELEC', postVar('SHOWLIST_LISTPLUG_TABLE_PLGOPT_OSELEC'));
3360 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLGOPT_OTAREA', postVar('SHOWLIST_LISTPLUG_TABLE_PLGOPT_OTAREA'));
3361 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLGOPT_OITEXT', postVar('SHOWLIST_LISTPLUG_TABLE_PLGOPT_OITEXT'));
3362 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLUGOPTN_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_PLUGOPTN_FOOT'));
3363 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_POPTLIST_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_POPTLIST_FOOT'));
3364 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_ITEMLIST_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_ITEMLIST_HEAD'));
3365 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_ITEMLIST_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_ITEMLIST_BODY'));
3366 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_ITEMLIST_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_ITEMLIST_FOOT'));
3367 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_CMNTLIST_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_CMNTLIST_HEAD'));
3368 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_CMNTLIST_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_CMNTLIST_BODY'));
3369 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_CMNTLIST_ABAN', postVar('SHOWLIST_LISTPLUG_TABLE_CMNTLIST_ABAN'));
3370 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_CMNTLIST_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_CMNTLIST_FOOT'));
3371 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_BLOGLIST_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_BLOGLIST_HEAD'));
3372 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_BLOGLIST_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_BLOGLIST_BODY'));
3373 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_BLIST_BD_TADM', postVar('SHOWLIST_LISTPLUG_TABLE_BLIST_BD_TADM'));
3374 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_BLIST_BD_SADM', postVar('SHOWLIST_LISTPLUG_TABLE_BLIST_BD_SADM'));
3375 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_BLOGLIST_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_BLOGLIST_FOOT'));
3376 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_BLOGSNAM_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_BLOGSNAM_HEAD'));
3377 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_BLOGSNAM_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_BLOGSNAM_BODY'));
3378 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_BLOGSNAM_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_BLOGSNAM_FOOT'));
3379 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_SHORTNAM_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_SHORTNAM_HEAD'));
3380 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_SHORTNAM_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_SHORTNAM_BODY'));
3381 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_SHORTNAM_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_SHORTNAM_FOOT'));
3382 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_CATELIST_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_CATELIST_HEAD'));
3383 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_CATELIST_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_CATELIST_BODY'));
3384 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_CATELIST_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_CATELIST_FOOT'));
3385 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_TPLTLIST_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_TPLTLIST_HEAD'));
3386 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_TPLTLIST_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_TPLTLIST_BODY'));
3387 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_TPLTLIST_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_TPLTLIST_FOOT'));
3388 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_SKINLIST_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_SKINLIST_HEAD'));
3389 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_SKINLIST_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_SKINLIST_BODY'));
3390 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_SKINLIST_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_SKINLIST_FOOT'));
3391 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_DRFTLIST_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_DRFTLIST_HEAD'));
3392 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_DRFTLIST_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_DRFTLIST_BODY'));
3393 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_DRFTLIST_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_DRFTLIST_FOOT'));
3394 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_ACTNLIST_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_ACTNLIST_HEAD'));
3395 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_ACTNLIST_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_ACTNLIST_BODY'));
3396 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_ACTNLIST_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_ACTNLIST_FOOT'));
3397 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_IBANLIST_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_IBANLIST_HEAD'));
3398 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_IBANLIST_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_IBANLIST_BODY'));
3399 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_IBANLIST_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_IBANLIST_FOOT'));
3400 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_NAVILIST', postVar('SHOWLIST_LISTPLUG_TABLE_NAVILIST'));
3401 self::addToTemplate($templateid, 'PLUGIN_QUICKMENU_TITLE', postVar('PLUGIN_QUICKMENU_TITLE'));
3402 self::addToTemplate($templateid, 'PLUGIN_QUICKMENU_HEAD', postVar('PLUGIN_QUICKMENU_HEAD'));
3403 self::addToTemplate($templateid, 'PLUGIN_QUICKMENU_BODY', postVar('PLUGIN_QUICKMENU_BODY'));
3404 self::addToTemplate($templateid, 'PLUGIN_QUICKMENU_FOOT', postVar('PLUGIN_QUICKMENU_FOOT'));
3406 $data = array('fields' => array());
3407 $manager->notify('AdminTemplateExtraFields', $data);
3408 foreach ( $data['fields'] as $pfkey => $pfvalue )
3410 foreach ( $pfvalue as $pffield => $pfdesc )
3412 self::addToTemplate($templateid, $pffield, postVar($pffield));
3416 // jump back to template edit
3417 self::action_admintemplateedit(_TEMPLATE_UPDATED);
3422 * Admin::action_admintemplatedelete()
3427 static private function action_admintemplatedelete()
3429 global $member, $manager;
3430 $member->isAdmin() or self::disallow();
3432 // TODO: check if template can be deleted
3433 self::$skin->parse('admintemplatedelete');
3438 * Admin::action_admintemplatedeleteconfirm()
3443 static private function action_admintemplatedeleteconfirm()
3445 global $member, $manager;
3447 $templateid = intRequestVar('templateid');
3448 $member->isAdmin() or self::disallow();
3450 $data = array('templateid' => $templateid);
3451 $manager->notify('PreDeleteAdminTemplate', $data);
3453 // 1. delete description
3454 $query = "DELETE FROM %s WHERE tdnumber=%s;";
3455 $query = sprintf($query, sql_table('template_desc'), (integer) $templateid);
3456 DB::execute($query);
3459 $query = "DELETE FROM %s WHERE tdesc=%d;";
3460 $query = sprintf($query, sql_table('template'), (integer) $templateid);
3461 DB::execute($query);
3463 $data = array('templateid' => $templateid);
3464 $manager->notify('PostDeleteAdminTemplate', $data);
3466 self::action_admintemplateoverview();
3471 * Admin::action_admintemplatenew()
3476 static private function action_admintemplatenew()
3479 $member->isAdmin() or self::disallow();
3480 $name = postVar('name');
3481 $desc = postVar('desc');
3483 if ( !isValidTemplateName($name) )
3485 self::error(_ERROR_BADTEMPLATENAME);
3488 else if ( !preg_match('#^admin/#', $name) )
3490 self::error(_ERROR_BADADMINTEMPLATENAME);
3493 else if ( Template::exists($name) )
3495 self::error(_ERROR_DUPTEMPLATENAME);
3499 $newTemplateId = Template::createNew($name, $desc);
3500 self::action_admintemplateoverview();
3505 * Admin::action_admintemplateclone()
3510 static private function action_admintemplateclone()
3513 $templateid = intRequestVar('templateid');
3514 $member->isAdmin() or self::disallow();
3516 // 1. read old template
3517 $name = Template::getNameFromId($templateid);
3518 $desc = Template::getDesc($templateid);
3520 // 2. create desc thing
3521 $name = $name . "cloned";
3523 // if a template with that name already exists:
3524 if ( Template::exists($name) )
3527 while ( Template::exists($name . $i) )
3534 $newid = Template::createNew($name, $desc);
3537 // go through parts of old template and add them to the new one
3538 $query = "SELECT tpartname, tcontent FROM %s WHERE tdesc=%d;";
3539 $query = sprintf($query, sql_table('template'), (integer) $templateid);
3541 $res = DB::getResult($query);
3542 foreach ( $res as $row )
3544 self::addToTemplate($newid, $row['tpartname'], $row['tcontent']);
3547 self::action_admintemplateoverview();
3552 * Admin::action_skinoverview()
3557 static private function action_skinoverview()
3559 global $member, $manager;
3561 $member->isAdmin() or self::disallow();
3563 self::$skin->parse('skinoverview');
3568 * Admin::action_skinnew()
3573 static private function action_skinnew()
3577 $member->isAdmin() or self::disallow();
3579 $name = trim(postVar('name'));
3580 $desc = trim(postVar('desc'));
3582 if ( !isValidSkinName($name) )
3584 self::error(_ERROR_BADSKINNAME);
3587 else if ( SKIN::exists($name) )
3589 self::error(_ERROR_DUPSKINNAME);
3593 SKIN::createNew($name, $desc);
3595 self::action_skinoverview();
3600 * Admin::action_skinedit()
3605 static private function action_skinedit()
3609 $member->isAdmin() or self::disallow();
3611 self::$skin->parse('skinedit');
3616 * Admin::action_skineditgeneral()
3621 static private function action_skineditgeneral()
3625 $skinid = intRequestVar('skinid');
3627 $member->isAdmin() or self::disallow();
3629 $error = self::skineditgeneral($skinid);
3632 self::error($error);
3636 self::action_skinedit();
3640 static private function action_skinedittype($msg = '')
3644 $member->isAdmin() or self::disallow();
3648 self::$headMess = $msg;
3651 $type = requestVar('type');
3652 $type = trim($type);
3653 $type = strtolower($type);
3655 if ( !isValidShortName($type) )
3657 self::error(_ERROR_SKIN_PARTS_SPECIAL_FORMAT);
3661 self::$skin->parse('skinedittype');
3666 * Admin::action_skinupdate()
3671 static private function action_skinupdate()
3673 global $manager, $member;
3675 $skinid = intRequestVar('skinid');
3676 $content = trim(postVar('content'));
3677 $type = postVar('type');
3679 $member->isAdmin() or self::disallow();
3681 $skin =& $manager->getSKIN($skinid);
3682 $skin->update($type, $content);
3684 self::action_skinedittype(_SKIN_UPDATED);
3689 * Admin::action_skindelete()
3694 static private function action_skindelete()
3696 global $CONF, $member;
3698 $member->isAdmin() or self::disallow();
3700 $skinid = intRequestVar('skinid');
3702 // don't allow default skin to be deleted
3703 if ( $skinid == $CONF['BaseSkin'] )
3705 self::error(_ERROR_DEFAULTSKIN);
3709 // don't allow deletion of default skins for blogs
3710 $query = "SELECT bname FROM %s WHERE bdefskin=%d";
3711 $query = sprintf($query, sql_table('blog'), (integer) $skinid);
3713 $name = DB::getValue($query);
3716 self::error(_ERROR_SKINDEFDELETE . Entity::hsc($name));
3720 self::$skin->parse('skindelete');
3725 * Admin::action_skindeleteconfirm()
3730 static private function action_skindeleteconfirm()
3732 global $member, $CONF;
3734 $member->isAdmin() or self::disallow();
3736 $skinid = intRequestVar('skinid');
3738 // don't allow default skin to be deleted
3739 if ( $skinid == $CONF['BaseSkin'] )
3741 self::error(_ERROR_DEFAULTSKIN);
3745 // don't allow deletion of default skins for blogs
3746 $query = "SELECT bname FROM %s WHERE bdefskin=%d;";
3747 $query = sprintf($query, sql_table('blog'), (integer) $skinid);
3749 $name = DB::getValue($query);
3752 self::error(_ERROR_SKINDEFDELETE . Entity::hsc($name));
3756 self::skindeleteconfirm($skinid);
3758 self::action_skinoverview();
3763 * Admin::action_skinremovetype()
3768 static private function action_skinremovetype()
3770 global $member, $CONF;
3772 $member->isAdmin() or self::disallow();
3774 $skinid = intRequestVar('skinid');
3775 $skintype = requestVar('type');
3777 if ( !isValidShortName($skintype) )
3779 self::error(_ERROR_SKIN_PARTS_SPECIAL_DELETE);
3783 self::$skin->parse('skinremovetype');
3788 * Admin::action_skinremovetypeconfirm()
3793 static private function action_skinremovetypeconfirm()
3797 $member->isAdmin() or self::disallow();
3799 $skinid = intRequestVar('skinid');
3800 $skintype = requestVar('type');
3802 $error = self::skinremovetypeconfirm($skinid, $skintype);
3805 self::error($error);
3809 self::action_skinedit();
3814 * Admin::action_skinclone()
3819 static private function action_skinclone()
3823 $member->isAdmin() or self::disallow();
3825 $skinid = intRequestVar('skinid');
3827 self::skinclone($skinid);
3829 self::action_skinoverview();
3834 * Admin::action_adminskinoverview()
3839 static private function action_adminskinoverview()
3843 $member->isAdmin() or self::disallow();
3845 self::$skin->parse('adminskinoverview');
3850 * Admin::action_adminskinnew()
3855 static private function action_adminskinnew()
3859 $member->isAdmin() or self::disallow();
3861 $name = trim(postVar('name'));
3862 $desc = trim(postVar('desc'));
3864 if ( !isValidSkinName($name) )
3866 self::error(_ERROR_BADSKINNAME);
3869 else if ( !preg_match('#^admin/#', $name) )
3871 self::error(_ERROR_BADADMINSKINNAME);
3874 else if ( Skin::exists($name) )
3876 self::error(_ERROR_DUPSKINNAME);
3880 Skin::createNew($name, $desc);
3882 self::action_adminskinoverview();
3887 * Admin::action_adminskinedit()
3892 static private function action_adminskinedit()
3896 $member->isAdmin() or self::disallow();
3898 self::$skin->parse('adminskinedit');
3904 * Admin::action_adminskineditgeneral()
3909 static private function action_adminskineditgeneral()
3913 $skinid = intRequestVar('skinid');
3915 $member->isAdmin() or self::disallow();
3917 $error = self::skineditgeneral($skinid, 'AdminActions');
3920 self::error($error);
3924 self::action_adminskinedit();
3929 * Admin::action_adminskinedittype()
3931 * @param string $msg message for pageheader
3934 static private function action_adminskinedittype($msg = '')
3938 $member->isAdmin() or self::disallow();
3942 self::$headMess = $msg;
3944 $type = requestVar('type');
3945 $type = trim($type);
3946 $type = strtolower($type);
3948 if ( !isValidShortName($type) )
3950 self::error(_ERROR_SKIN_PARTS_SPECIAL_FORMAT);
3954 self::$skin->parse('adminskinedittype');
3959 * Admin::action_adminskinupdate()
3964 static private function action_adminskinupdate()
3966 global $manager, $member;
3968 $skinid = intRequestVar('skinid');
3969 $content = trim(postVar('content'));
3970 $type = postVar('type');
3972 $member->isAdmin() or self::disallow();
3974 $skin =& $manager->getSkin($skinid, 'AdminActions', 'AdminSkin');
3975 $skin->update($type, $content);
3977 self::action_adminskinedittype(_SKIN_UPDATED);
3982 * Admin::action_adminskindelete()
3987 static private function action_adminskindelete()
3989 global $CONF, $member;
3991 $member->isAdmin() or self::disallow();
3993 $skinid = intRequestVar('skinid');
3995 // don't allow default skin to be deleted
3996 if ( $skinid == $CONF['AdminSkin'] || $skinid == $CONF['BookmarkletSkin'] )
3998 self::error(_ERROR_DEFAULTSKIN);
4002 /* don't allow if someone use it as a default*/
4003 $query = 'SELECT * FROM %s WHERE madminskin = %d or mbkmklt = %d;';
4004 $res = DB::getResult(sprintf($query, sql_table('member'), $skinid, $skinid));
4007 while ( $row = $res->fetch() ) {
4008 $members[] = $row['mrealname'];
4010 if ( count($members) )
4012 self::error(_ERROR_SKINDEFDELETE . implode(' ' . _AND . ' ', $members));
4016 self::$skin->parse('adminskindelete');
4021 * Admin::action_adminskindeleteconfirm()
4026 static private function action_adminskindeleteconfirm()
4028 global $member, $CONF;
4030 $member->isAdmin() or self::disallow();
4032 $skinid = intRequestVar('skinid');
4034 // don't allow default skin to be deleted
4035 if ( $skinid == $CONF['AdminSkin'] || $skinid == $CONF['BookmarkletSkin'] )
4037 self::error(_ERROR_DEFAULTSKIN);
4041 /* don't allow if someone use it as a default*/
4042 $query = 'SELECT * FROM %s WHERE madminskin = %d or mbkmklt = %d;';
4043 $res = DB::getResult(sprintf($query, sql_table('member'), $skinid, $skinid));
4046 while ( $row = $res->fetch() ) {
4047 $members[] = $row['mrealname'];
4049 if ( count($members) )
4051 self::error(_ERROR_SKINDEFDELETE . implode(' ' . _AND . ' ', $members));
4055 self::skindeleteconfirm($skinid);
4057 self::action_adminskinoverview();
4062 * Admin::action_adminskinremovetype()
4067 static private function action_adminskinremovetype()
4069 global $member, $CONF;
4071 $member->isAdmin() or self::disallow();
4073 $skinid = intRequestVar('skinid');
4074 $skintype = requestVar('type');
4076 if ( !isValidShortName($skintype) )
4078 self::error(_ERROR_SKIN_PARTS_SPECIAL_DELETE);
4082 self::$skin->parse('adminskinremovetype');
4087 * Admin::action_adminskinremovetypeconfirm()
4092 static private function action_adminskinremovetypeconfirm()
4096 $member->isAdmin() or self::disallow();
4098 $skinid = intRequestVar('skinid');
4099 $skintype = requestVar('type');
4101 $error = self::skinremovetypeconfirm($skinid, $skintype);
4104 self::error($error);
4108 self::action_adminskinedit();
4113 * Admin::action_adminskinclone()
4118 static private function action_adminskinclone()
4122 $member->isAdmin() or self::disallow();
4124 $skinid = intRequestVar('skinid');
4126 self::skinclone($skinid, 'AdminActions');
4128 self::action_adminskinoverview();
4133 * Admin::action_adminskinieoverview()
4138 static private function action_adminskinieoverview()
4142 $member->isAdmin() or self::disallow();
4144 self::$skin->parse('adminskinieoverview');
4149 * Admin::action_adminskinieimport()
4154 static private function action_adminskinieimport()
4158 $member->isAdmin() or self::disallow();
4160 $skinFileRaw = postVar('skinfile');
4161 $mode = postVar('mode');
4163 $error = self::skinieimport($mode, $skinFileRaw);
4166 self::error($error);
4170 if ( !is_object(self::$skin) )
4172 self::action_adminskiniedoimport();
4176 self::$skin->parse('adminskinieimport');
4182 * Admin::action_adminskiniedoimport()
4187 static private function action_adminskiniedoimport()
4189 global $DIR_SKINS, $member, $CONF;
4191 $member->isAdmin() or self::disallow();
4193 $mode = postVar('mode');
4194 $skinFileRaw = postVar('skinfile');
4195 $allowOverwrite = intPostVar('overwrite');
4197 $error = self::skiniedoimport($mode, $skinFileRaw, $allowOverwrite);
4200 self::error($error);
4204 if ( !is_object(self::$skin) )
4207 $query = "SELECT min(sdnumber) FROM %s WHERE sdname != 'admin/bookmarklet' AND sdname LIKE 'admin/%%'";
4208 $query = sprintf($query, sql_table('skin_desc'));
4209 $res = intval(DB::getValue($query));
4210 $query = "UPDATE %s SET value = %d WHERE name = 'AdminSkin'";
4211 $query = sprintf($query, sql_table('config'), $res);
4212 DB::execute($query);
4215 redirect($CONF['AdminURL']);
4218 $skin = new Skin(0, 'AdminActions', 'AdminSkin');
4219 $skin->parse('importAdmin', $DIR_SKINS . 'admin/defaultimporter.skn');
4223 self::$skin->parse('adminskiniedoimport');
4229 * Admin::action_adminskinieexport()
4234 static private function action_adminskinieexport()
4238 $member->isAdmin() or self::disallow();
4240 // load skinie class
4241 $aSkins = requestIntArray('skin');
4242 $aTemplates = requestIntArray('template');
4243 $info = postVar('info');
4245 self::skinieexport($aSkins, $aTemplates, $info);
4251 * Admin::action_settingsedit()
4256 static private function action_settingsedit()
4258 global $member, $manager, $CONF, $DIR_NUCLEUS, $DIR_MEDIA;
4260 $member->isAdmin() or self::disallow();
4262 self::$skin->parse('settingsedit');
4267 * Admin::action_settingsupdate()
4268 * Update $CONFIG and redirect
4273 static private function action_settingsupdate()
4275 global $member, $CONF;
4277 $member->isAdmin() or self::disallow();
4279 // check if email address for admin is valid
4280 if ( !NOTIFICATION::address_validation(postVar('AdminEmail')) )
4282 self::error(_ERROR_BADMAILADDRESS);
4287 self::updateConfig('DefaultBlog', postVar('DefaultBlog'));
4288 self::updateConfig('BaseSkin', postVar('BaseSkin'));
4289 self::updateConfig('IndexURL', postVar('IndexURL'));
4290 self::updateConfig('AdminURL', postVar('AdminURL'));
4291 self::updateConfig('PluginURL', postVar('PluginURL'));
4292 self::updateConfig('SkinsURL', postVar('SkinsURL'));
4293 self::updateConfig('ActionURL', postVar('ActionURL'));
4294 self::updateConfig('Locale', postVar('Locale'));
4295 self::updateConfig('AdminEmail', postVar('AdminEmail'));
4296 self::updateConfig('SessionCookie', postVar('SessionCookie'));
4297 self::updateConfig('AllowMemberCreate', postVar('AllowMemberCreate'));
4298 self::updateConfig('AllowMemberMail', postVar('AllowMemberMail'));
4299 self::updateConfig('NonmemberMail', postVar('NonmemberMail'));
4300 self::updateConfig('ProtectMemNames', postVar('ProtectMemNames'));
4301 self::updateConfig('SiteName', postVar('SiteName'));
4302 self::updateConfig('NewMemberCanLogon', postVar('NewMemberCanLogon'));
4303 self::updateConfig('DisableSite', postVar('DisableSite'));
4304 self::updateConfig('DisableSiteURL', postVar('DisableSiteURL'));
4305 self::updateConfig('LastVisit', postVar('LastVisit'));
4306 self::updateConfig('MediaURL', postVar('MediaURL'));
4307 self::updateConfig('AllowedTypes', postVar('AllowedTypes'));
4308 self::updateConfig('AllowUpload', postVar('AllowUpload'));
4309 self::updateConfig('MaxUploadSize', postVar('MaxUploadSize'));
4310 self::updateConfig('MediaPrefix', postVar('MediaPrefix'));
4311 self::updateConfig('AllowLoginEdit', postVar('AllowLoginEdit'));
4312 self::updateConfig('DisableJsTools', postVar('DisableJsTools'));
4313 self::updateConfig('CookieDomain', postVar('CookieDomain'));
4314 self::updateConfig('CookiePath', postVar('CookiePath'));
4315 self::updateConfig('CookieSecure', postVar('CookieSecure'));
4316 self::updateConfig('URLMode', postVar('URLMode'));
4317 self::updateConfig('CookiePrefix', postVar('CookiePrefix'));
4318 self::updateConfig('DebugVars', postVar('DebugVars'));
4319 self::updateConfig('DefaultListSize', postVar('DefaultListSize'));
4320 self::updateConfig('AdminCSS', postVar('AdminCSS'));
4321 self::updateConfig('AdminSkin', postVar('adminskin'));
4322 self::updateConfig('BookmarkletSkin', postVar('bookmarklet'));
4324 // load new config and redirect (this way, the new locale will be used is necessary)
4325 // note that when changing cookie settings, this redirect might cause the user
4326 // to have to log in again.
4328 redirect($CONF['AdminURL'] . '?action=manage');
4333 * Admin::action_systemoverview()
4334 * Output system overview
4339 static private function action_systemoverview()
4341 self::$skin->parse('systemoverview');
4346 * Admin::updateConfig()
4348 * @param string $name
4349 * @param string $val
4350 * @return integer return the ID in which the latest query posted
4352 static private function updateConfig($name, $val)
4354 $query = "UPDATE %s SET value=%s WHERE name=%s";
4355 $query = sprintf($query, sql_table('config'), DB::quoteValue($val), DB::quoteValue($name));
4356 if ( DB::execute($query) === FALSE )
4358 $err = DB::getError();
4359 die(_ADMIN_SQLDIE_QUERYERROR . $err[2]);
4361 return DB::getInsertId();
4368 * @param string $msg message that will be shown
4371 static public function error($msg)
4373 self::$headMess = $msg;
4374 self::$skin->parse('adminerrorpage');
4380 * add error log and show error page
4385 static public function disallow()
4387 ActionLog::add(WARNING, _ACTIONLOG_DISALLOWED . serverVar('REQUEST_URI'));
4388 self::error(_ERROR_DISALLOWED);
4393 * Admin::action_PluginAdmin()
4394 * Output pluginadmin
4396 * @param string $skinContents
4397 * @param string $extrahead
4400 static public function action_PluginAdmin($skinContents, $extrahead = '')
4402 self::$extrahead .= $extrahead;
4403 self::$skin->parse('pluginadmin', $skinContents);
4408 * Admin::action_bookmarklet()
4413 static private function action_bookmarklet()
4415 global $member, $manager;
4417 $blogid = intRequestVar('blogid');
4418 $member->teamRights($blogid) or self::disallow();
4420 self::$skin->parse('bookmarklet');
4425 * Admin::action_actionlog()
4430 static private function action_actionlog()
4432 global $member, $manager;
4434 $member->isAdmin() or self::disallow();
4436 self::$skin->parse('actionlog');
4441 * Admin::action_banlist()
4446 static private function action_banlist()
4448 global $member, $manager;
4450 $blogid = intRequestVar('blogid');
4451 $member->blogAdminRights($blogid) or self::disallow();
4453 self::$skin->parse('banlist');
4458 * Admin::action_banlistdelete()
4463 static private function action_banlistdelete()
4465 global $member, $manager;
4467 $blogid = intRequestVar('blogid');
4468 $member->blogAdminRights($blogid) or self::disallow();
4470 self::$skin->parse('banlistdelete');
4475 * Admin::action_banlistdeleteconfirm()
4480 static private function action_banlistdeleteconfirm()
4482 global $member, $manager;
4484 $blogid = intPostVar('blogid');
4485 $allblogs = postVar('allblogs');
4486 $iprange = postVar('iprange');
4488 $member->blogAdminRights($blogid) or self::disallow();
4494 if ( Ban::removeBan($blogid, $iprange) )
4496 $deleted[] = $blogid;
4501 // get blogs fot which member has admin rights
4502 $adminblogs = $member->getAdminBlogs();
4503 foreach ($adminblogs as $blogje)
4505 if ( Ban::removeBan($blogje, $iprange) )
4507 $deleted[] = $blogje;
4512 if ( sizeof($deleted) == 0 )
4514 self::error(_ERROR_DELETEBAN);
4518 /* TODO: we should use other ways */
4519 $_REQUEST['delblogs'] = $deleted;
4521 self::$skin->parse('banlistdeleteconfirm');
4526 * Admin::action_banlistnewfromitem()
4531 static private function action_banlistnewfromitem()
4535 $itemid = intRequestVar('itemid');
4536 $item =& $manager->getItem($itemid, 1, 1);
4537 self::action_banlistnew($item['blogid']);
4542 * Admin::action_banlistnew()
4544 * @param integer $blogid ID for weblog
4547 static private function action_banlistnew($blogid = '')
4549 global $member, $manager;
4551 if ( $blogid == '' )
4553 $blogid = intRequestVar('blogid');
4556 $ip = requestVar('ip');
4558 $member->blogAdminRights($blogid) or self::disallow();
4560 /* TODO: we should consider to use the other way instead of this */
4561 $_REQUEST['blogid'] = $blogid;
4563 self::$skin->parse('banlistnew');
4569 * Admin::action_banlistadd()
4574 static private function action_banlistadd()
4578 $blogid = intPostVar('blogid');
4579 $allblogs = postVar('allblogs');
4580 $iprange = postVar('iprange');
4582 if ( $iprange == "custom" )
4584 $iprange = postVar('customiprange');
4586 $reason = postVar('reason');
4588 $member->blogAdminRights($blogid) or self::disallow();
4590 // TODO: check IP range validity
4594 if ( !Ban::addBan($blogid, $iprange, $reason) )
4596 self::error(_ERROR_ADDBAN);
4602 // get blogs fot which member has admin rights
4603 $adminblogs = $member->getAdminBlogs();
4605 foreach ($adminblogs as $blogje)
4607 if ( !Ban::addBan($blogje, $iprange, $reason) )
4614 self::error(_ERROR_ADDBAN);
4618 self::action_banlist();
4623 * Admin::action_clearactionlog()
4628 static private function action_clearactionlog()
4632 $member->isAdmin() or self::disallow();
4636 self::action_manage(_MSG_ACTIONLOGCLEARED);
4641 * Admin::action_backupoverview()
4646 static private function action_backupoverview()
4648 global $member, $manager;
4650 $member->isAdmin() or self::disallow();
4652 self::$skin->parse('backupoverview');
4657 * Admin::action_backupcreate()
4658 * create file for backup
4664 static private function action_backupcreate()
4666 global $member, $DIR_LIBS;
4668 $member->isAdmin() or self::disallow();
4670 // use compression ?
4671 $useGzip = (integer) postVar('gzip');
4673 include($DIR_LIBS . 'backup.php');
4675 // try to extend time limit
4676 // (creating/restoring dumps might take a while)
4677 @set_time_limit(1200);
4679 Backup::do_backup($useGzip);
4684 * Admin::action_backuprestore()
4685 * restoring from uploaded file
4690 static private function action_backuprestore()
4692 global $member, $DIR_LIBS;
4694 $member->isAdmin() or self::disallow();
4696 if ( intPostVar('letsgo') != 1 )
4698 self::error(_ERROR_BACKUP_NOTSURE);
4702 include($DIR_LIBS . 'backup.php');
4704 // try to extend time limit
4705 // (creating/restoring dumps might take a while)
4706 @set_time_limit(1200);
4708 $message = Backup::do_restore();
4709 if ( $message != '' )
4711 self::error($message);
4714 self::$skin->parse('backuprestore');
4719 * Admin::action_pluginlist()
4720 * output the list of installed plugins
4726 static private function action_pluginlist()
4728 global $DIR_PLUGINS, $member, $manager;
4731 $member->isAdmin() or self::disallow();
4733 self::$skin->parse('pluginlist');
4738 * Admin::action_pluginhelp()
4743 static private function action_pluginhelp()
4745 global $member, $manager, $DIR_PLUGINS, $CONF;
4748 $member->isAdmin() or self::disallow();
4750 $plugid = intGetVar('plugid');
4752 if ( !$manager->pidInstalled($plugid) )
4754 self::error(_ERROR_NOSUCHPLUGIN);
4758 self::$skin->parse('pluginhelp');
4763 * Admin::action_pluginadd()
4769 static private function action_pluginadd()
4771 global $member, $manager, $DIR_PLUGINS;
4774 $member->isAdmin() or self::disallow();
4776 $name = postVar('filename');
4778 if ( $manager->pluginInstalled($name) )
4780 self::error(_ERROR_DUPPLUGIN);
4784 if ( !checkPlugin($name) )
4786 self::error(_ERROR_PLUGFILEERROR . ' (' . Entity::hsc($name) . ')');
4790 // get number of currently installed plugins
4791 $res = DB::getResult('SELECT * FROM ' . sql_table('plugin'));
4792 $numCurrent = $res->rowCount();
4794 // plugin will be added as last one in the list
4795 $newOrder = $numCurrent + 1;
4797 $data = array('file' => &$name);
4798 $manager->notify('PreAddPlugin', $data);
4800 // do this before calling getPlugin (in case the plugin id is used there)
4801 $query = "INSERT INTO %s (porder, pfile) VALUES (%d, %s);";
4802 $query = sprintf($query, sql_table('plugin'), (integer) $newOrder, DB::quoteValue($name));
4803 DB::execute($query);
4804 $iPid = DB::getInsertId();
4806 $manager->clearCachedInfo('installedPlugins');
4808 // Load the plugin for condition checking and instalation
4809 $plugin =& $manager->getPlugin($name);
4811 // check if it got loaded (could have failed)
4814 $query = "DELETE FROM %s WHERE pid=%d;";
4815 $query = sprintf($query, sql_table('plugin'), (integer) $iPid);
4817 DB::execute($query);
4819 $manager->clearCachedInfo('installedPlugins');
4820 self::error(_ERROR_PLUGIN_LOAD);
4824 // check if plugin needs a newer Nucleus version
4825 if ( getNucleusVersion() < $plugin->getMinNucleusVersion() )
4827 // uninstall plugin again...
4828 self::deleteOnePlugin($plugin->getID());
4830 // ...and show error
4831 self::error(_ERROR_NUCLEUSVERSIONREQ . Entity::hsc($plugin->getMinNucleusVersion()));
4835 // check if plugin needs a newer Nucleus version
4836 if ( (getNucleusVersion() == $plugin->getMinNucleusVersion()) && (getNucleusPatchLevel() < $plugin->getMinNucleusPatchLevel()) )
4838 // uninstall plugin again...
4839 self::deleteOnePlugin($plugin->getID());
4841 // ...and show error
4842 self::error(_ERROR_NUCLEUSVERSIONREQ . Entity::hsc( $plugin->getMinNucleusVersion() . ' patch ' . $plugin->getMinNucleusPatchLevel() ) );
4846 $pluginList = $plugin->getPluginDep();
4847 foreach ( $pluginList as $pluginName )
4849 $res = DB::getResult('SELECT * FROM '.sql_table('plugin') . ' WHERE pfile=' . DB::quoteValue($pluginName));
4850 if ($res->rowCount() == 0)
4852 // uninstall plugin again...
4853 self::deleteOnePlugin($plugin->getID());
4854 self::error(sprintf(_ERROR_INSREQPLUGIN, Entity::hsc($pluginName)));
4859 // call the install method of the plugin
4862 $data = array('plugin' => &$plugin);
4863 $manager->notify('PostAddPlugin', $data);
4865 // update all events
4866 self::action_pluginupdate();
4871 * ADMIN:action_pluginupdate():
4877 static private function action_pluginupdate()
4879 global $member, $manager, $CONF;
4882 $member->isAdmin() or self::disallow();
4884 // delete everything from plugin_events
4885 DB::execute('DELETE FROM '.sql_table('plugin_event'));
4887 // loop over all installed plugins
4888 $res = DB::getResult('SELECT pid, pfile FROM '.sql_table('plugin'));
4889 foreach ( $res as $row )
4892 $plug =& $manager->getPlugin($row['pfile']);
4895 $eventList = $plug->getEventList();
4896 foreach ( $eventList as $eventName )
4898 $query = "INSERT INTO %s (pid, event) VALUES (%d, %s)";
4899 $query = sprintf($query, sql_table('plugin_event'), (integer) $pid, DB::quoteValue($eventName));
4900 DB::execute($query);
4904 redirect($CONF['AdminURL'] . '?action=pluginlist');
4909 * Admin::action_plugindelete()
4914 static private function action_plugindelete()
4916 global $member, $manager;
4919 $member->isAdmin() or self::disallow();
4921 $pid = intGetVar('plugid');
4923 if ( !$manager->pidInstalled($pid) )
4925 self::error(_ERROR_NOSUCHPLUGIN);
4929 self::$skin->parse('plugindelete');
4934 * Admin::action_plugindeleteconfirm()
4939 static private function action_plugindeleteconfirm()
4941 global $member, $manager, $CONF;
4944 $member->isAdmin() or self::disallow();
4946 $pid = intPostVar('plugid');
4948 $error = self::deleteOnePlugin($pid, 1);
4951 self::error($error);
4955 redirect($CONF['AdminURL'] . '?action=pluginlist');
4960 * Admin::deleteOnePlugin()
4962 * @param integer $pid
4963 * @param boolean $callUninstall
4964 * @return string empty or message if failed
4966 static public function deleteOnePlugin($pid, $callUninstall = 0)
4970 $pid = intval($pid);
4972 if ( !$manager->pidInstalled($pid) )
4974 return _ERROR_NOSUCHPLUGIN;
4977 $query = "SELECT pfile as result FROM %s WHERE pid=%d;";
4978 $query = sprintf($query, sql_table('plugin'), (integer) $pid);
4979 $name = DB::getValue($query);
4981 // check dependency before delete
4982 $res = DB::getResult('SELECT pfile FROM ' . sql_table('plugin'));
4983 foreach ( $res as $row )
4985 $plug =& $manager->getPlugin($row['pfile']);
4988 $depList = $plug->getPluginDep();
4989 foreach ( $depList as $depName )
4991 if ( $name == $depName )
4993 return sprintf(_ERROR_DELREQPLUGIN, $row['pfile']);
4999 $data = array('plugid' => $pid);
5000 $manager->notify('PreDeletePlugin', $data);
5002 // call the unInstall method of the plugin
5003 if ( $callUninstall )
5005 $plugin =& $manager->getPlugin($name);
5008 $plugin->unInstall();
5012 // delete all subscriptions
5013 DB::execute('DELETE FROM ' . sql_table('plugin_event') . ' WHERE pid=' . $pid);
5015 // delete all options
5016 // get OIDs from plugin_option_desc
5017 $res = DB::getResult('SELECT oid FROM ' . sql_table('plugin_option_desc') . ' WHERE opid=' . $pid);
5019 foreach ( $res as $row )
5021 array_push($aOIDs, $row['oid']);
5024 // delete from plugin_option and plugin_option_desc
5025 DB::execute('DELETE FROM ' . sql_table('plugin_option_desc') . ' WHERE opid=' . $pid);
5026 if (count($aOIDs) > 0)
5028 DB::execute('DELETE FROM ' . sql_table('plugin_option') . ' WHERE oid in (' . implode(',', $aOIDs) . ')');
5031 // update order numbers
5032 $res = DB::getValue('SELECT porder FROM ' . sql_table('plugin') . ' WHERE pid=' . $pid);
5033 DB::execute('UPDATE ' . sql_table('plugin') . ' SET porder=(porder - 1) WHERE porder>' . $res);
5036 DB::execute('DELETE FROM ' . sql_table('plugin') . ' WHERE pid=' . $pid);
5038 $manager->clearCachedInfo('installedPlugins');
5039 $data = array('plugid' => $pid);
5040 $manager->notify('PostDeletePlugin', $data);
5046 * Admin::action_pluginup()
5051 static private function action_pluginup()
5053 global $member, $manager, $CONF;
5056 $member->isAdmin() or self::disallow();
5058 $plugid = intGetVar('plugid');
5060 if ( !$manager->pidInstalled($plugid) )
5062 self::error(_ERROR_NOSUCHPLUGIN);
5066 // 1. get old order number
5067 $oldOrder = DB::getValue('SELECT porder FROM ' . sql_table('plugin') . ' WHERE pid=' . $plugid);
5069 // 2. calculate new order number
5070 $newOrder = ($oldOrder > 1) ? ($oldOrder - 1) : 1;
5072 // 3. update plug numbers
5073 DB::execute('UPDATE ' . sql_table('plugin') . ' SET porder=' . $oldOrder . ' WHERE porder=' . $newOrder);
5074 DB::execute('UPDATE ' . sql_table('plugin') . ' SET porder=' . $newOrder . ' WHERE pid=' . $plugid);
5076 //self::action_pluginlist();
5077 // To avoid showing ticket in the URL, redirect to pluginlist, instead.
5078 redirect($CONF['AdminURL'] . '?action=pluginlist');
5083 * Admin::action_plugindown()
5088 static private function action_plugindown()
5090 global $member, $manager, $CONF;
5093 $member->isAdmin() or self::disallow();
5095 $plugid = intGetVar('plugid');
5096 if ( !$manager->pidInstalled($plugid) )
5098 self::error(_ERROR_NOSUCHPLUGIN);
5102 // 1. get old order number
5103 $oldOrder = DB::getValue('SELECT porder FROM ' . sql_table('plugin') . ' WHERE pid=' . $plugid);
5105 $res = DB::getResult('SELECT * FROM ' . sql_table('plugin'));
5106 $maxOrder = $res->rowCount();
5108 // 2. calculate new order number
5109 $newOrder = ($oldOrder < $maxOrder) ? ($oldOrder + 1) : $maxOrder;
5111 // 3. update plug numbers
5112 DB::execute('UPDATE ' . sql_table('plugin') . ' SET porder=' . $oldOrder . ' WHERE porder=' . $newOrder);
5113 DB::execute('UPDATE ' . sql_table('plugin') . ' SET porder=' . $newOrder . ' WHERE pid=' . $plugid);
5115 //self::action_pluginlist();
5116 // To avoid showing ticket in the URL, redirect to pluginlist, instead.
5117 redirect($CONF['AdminURL'] . '?action=pluginlist');
5122 * Admin::action_pluginoptions()
5124 * Output Plugin option page
5127 * @param string $message message when fallbacked
5131 static private function action_pluginoptions($message = '')
5133 global $member, $manager;
5136 $member->isAdmin() or self::disallow();
5138 $pid = intRequestVar('plugid');
5139 if ( !$manager->pidInstalled($pid) )
5141 self::error(_ERROR_NOSUCHPLUGIN);
5145 if ( isset($message) )
5147 self::$headMess = $message;
5149 $plugname = $manager->getPluginNameFromPid($pid);
5150 $plugin = $manager->getPlugin($plugname);
5151 self::$extrahead .= "<script type=\"text/javascript\" src=\"<%skinfile(/javascripts/numbercheck.js)%>\"></script>\n";
5153 self::$skin->parse('pluginoptions');
5158 * Admin::action_pluginoptionsupdate()
5160 * Update plugin options and fallback to plugin option page
5166 static private function action_pluginoptionsupdate()
5168 global $member, $manager;
5171 $member->isAdmin() or self::disallow();
5173 $pid = intRequestVar('plugid');
5175 if ( !$manager->pidInstalled($pid) )
5177 self::error(_ERROR_NOSUCHPLUGIN);
5181 $aOptions = requestArray('plugoption');
5182 NucleusPlugin::apply_plugin_options($aOptions);
5185 'context' => 'global',
5188 $manager->notify('PostPluginOptionsUpdate', $data);
5190 self::action_pluginoptions(_PLUGS_OPTIONS_UPDATED);
5195 * Admin::skineditgeneral()
5197 * @param integer $skinid
5198 * @param string $handler
5199 * @return string empty or message if failed
5201 static private function skineditgeneral($skinid, $handler='')
5205 $name = postVar('name');
5206 $desc = postVar('desc');
5207 $type = postVar('type');
5208 $inc_mode = postVar('inc_mode');
5209 $inc_prefix = postVar('inc_prefix');
5211 $skin =& $manager->getSkin($skinid, $handler);
5214 if ( !isValidSkinName($name) )
5216 return _ERROR_BADSKINNAME;
5219 if ( ($skin->getName() != $name) && SKIN::exists($name) )
5221 return _ERROR_DUPSKINNAME;
5226 $type = 'text/html';
5231 $inc_mode = 'normal';
5234 // 2. Update description
5235 $skin->updateGeneralInfo($name, $desc, $type, $inc_mode, $inc_prefix);
5240 * Admin::skindeleteconfirm()
5242 * @param integer $skinid
5245 static private function skindeleteconfirm($skinid)
5249 if ( !in_array(self::$action, self::$adminskin_actions) )
5251 $event_identifier = 'Skin';
5255 $event_identifier = 'AdminSkin';
5258 $data = array('skinid' => $skinid);
5259 $manager->notify("PreDelete{$event_identifier}", $data);
5261 // 1. delete description
5262 $query = "DELETE FROM %s WHERE sdnumber=%d;";
5263 $query = sprintf($query, sql_table('skin_desc'), (integer) $skinid);
5264 DB::execute($query);
5267 $query = "DELETE FROM %s WHERE sdesc=%d;";
5268 $query = sprintf($query, sql_table('skin'), (integer) $skinid);
5269 DB::execute($query);
5271 $manager->notify("PostDelete{$event_identifier}", $data);
5277 * Admin::skinremovetypeconfirm()
5279 * @param integer $skinid
5280 * @param string $skintype
5281 * @return string empty or message if failed
5283 static private function skinremovetypeconfirm($skinid, $skintype)
5287 if ( !in_array(self::$action, self::$adminskin_actions) )
5289 $event_identifier = 'Skin';
5293 $event_identifier = 'AdminSkin';
5296 if ( !isValidShortName($skintype) )
5298 return _ERROR_SKIN_PARTS_SPECIAL_DELETE;
5302 'skinid' => $skinid,
5303 'skintype' => $skintype
5305 $manager->notify("PreDelete{$event_identifier}Part", $data);
5308 $query = 'DELETE FROM %s WHERE sdesc = %d AND stype = %s;';
5309 $query = sprintf($query, sql_table('skin'), (integer) $skinid, DB::quoteValue($skintype) );
5310 DB::execute($query);
5313 'skinid' => $skinid,
5314 'skintype' => $skintype
5316 $manager->notify("PostDelete{$event_identifier}Part", $data);
5322 * Admin::skinclone()
5324 * @param integer $skinid
5325 * @param string $handler
5328 static private function skinclone($skinid, $handler='')
5332 // 1. read skin to clone
5333 $skin =& $manager->getSkin($skinid, $handler);
5334 $name = "{$skin->getName()}_clone";
5336 // if a skin with that name already exists:
5337 if ( Skin::exists($name) )
5340 while ( Skin::exists($name . $i) )
5347 // 2. create skin desc
5348 $newid = Skin::createNew(
5350 $skin->getDescription(),
5351 $skin->getContentType(),
5352 $skin->getIncludeMode(),
5353 $skin->getIncludePrefix()
5357 $query = "SELECT stype FROM %s WHERE sdesc=%d;";
5358 $query = sprintf($query, sql_table('skin'), (integer) $skinid);
5360 $res = DB::getResult($query);
5361 foreach ( $res as $row )
5363 $content = $skin->getContentFromDB($row['stype']);
5366 $query = "INSERT INTO %s (sdesc, scontent, stype) VALUES (%d, %s, %s)";
5367 $query = sprintf($query, sql_table('skin'), (integer) $newid, DB::quoteValue($content), DB::quoteValue($row['stype']));
5368 DB::execute($query);
5375 * Admin::skinieimport()
5377 * @param string $mode
5378 * @param string $skinFileRaw
5379 * @return string empty or message if failed
5381 static private function skinieimport($mode, $skinFileRaw)
5383 global $DIR_LIBS, $DIR_SKINS;
5385 // load skinie class
5386 include_once($DIR_LIBS . 'skinie.php');
5388 $importer = new SkinImport();
5390 // get full filename
5391 if ( $mode == 'file' )
5393 $skinFile = $DIR_SKINS . $skinFileRaw . '/skinbackup.xml';
5397 $skinFile = $skinFileRaw;
5400 // read only metadata
5401 $error = $importer->readFile($skinFile, 1);
5408 self::$contents['mode'] = $mode;
5409 self::$contents['skinfile'] = $skinFileRaw;
5410 self::$contents['skininfo'] = $importer->getInfo();
5411 self::$contents['skinnames'] = $importer->getSkinNames();
5412 self::$contents['tpltnames'] = $importer->getTemplateNames();
5415 $skinNameClashes = $importer->checkSkinNameClashes();
5416 $templateNameClashes = $importer->checkTemplateNameClashes();
5417 $hasNameClashes = (count($skinNameClashes) > 0) || (count($templateNameClashes) > 0);
5419 self::$contents['skinclashes'] = $skinNameClashes;
5420 self::$contents['tpltclashes'] = $templateNameClashes;
5421 self::$contents['nameclashes'] = $hasNameClashes ? 1 : 0;
5428 * Admin::skinieedoimport()
5430 * @param string $mode
5431 * @param string $skinFileRaw
5432 * @param boolean $allowOverwrite
5433 * @return string empty or message if failed
5435 static private function skiniedoimport($mode, $skinFileRaw, $allowOverwrite)
5437 global $DIR_LIBS, $DIR_SKINS;
5439 // load skinie class
5440 include_once($DIR_LIBS . 'skinie.php');
5442 $importer = new SkinImport();
5444 // get full filename
5445 if ( $mode == 'file' )
5447 $skinFile = $DIR_SKINS . $skinFileRaw . '/skinbackup.xml';
5451 $skinFile = $skinFileRaw;
5454 $error = $importer->readFile($skinFile);
5461 $error = $importer->writeToDatabase($allowOverwrite);
5468 self::$contents['mode'] = $mode;
5469 self::$contents['skinfile'] = $skinFileRaw;
5470 self::$contents['skininfo'] = $importer->getInfo();
5471 self::$contents['skinnames'] = $importer->getSkinNames();
5472 self::$contents['tpltnames'] = $importer->getTemplateNames();
5479 * Admin::skinieexport()
5481 * @param array $aSkins
5482 * @param array $aTemplates
5483 * @param string $info
5486 static private function skinieexport($aSkins, $aTemplates, $info)
5490 // load skinie class
5491 include_once($DIR_LIBS . 'skinie.php');
5493 if ( !is_array($aSkins) )
5498 if (!is_array($aTemplates))
5500 $aTemplates = array();
5503 $skinList = array_keys($aSkins);
5504 $templateList = array_keys($aTemplates);
5506 $exporter = new SkinExport();
5507 foreach ( $skinList as $skinId )
5509 $exporter->addSkin($skinId);
5511 foreach ( $templateList as $templateId )
5513 $exporter->addTemplate($templateId);
5515 $exporter->setInfo($info);
5516 $exporter->export();
5522 * Admin::action_parseSpecialskin()
5527 static private function action_parseSpecialskin()
5529 self::$skin->parse(self::$action);