4 * Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/)
\r
5 * Copyright (C) 2002-2009 The Nucleus Group
\r
7 * This program is free software; you can redistribute it and/or
\r
8 * modify it under the terms of the GNU General Public License
\r
9 * as published by the Free Software Foundation; either version 2
\r
10 * of the License, or (at your option) any later version.
\r
11 * (see nucleus/documentation/index.html#license for more info)
\r
14 * code to make it easier to create plugin admin areas
\r
16 * @license http://nucleuscms.org/license.txt GNU General Public License
\r
17 * @copyright Copyright (C) 2002-2009 The Nucleus Group
\r
18 * @version $Id: PLUGINADMIN.php 1626 2012-01-09 15:46:54Z sakamocchi $
\r
23 var $strFullName; // NP_SomeThing
\r
24 var $plugin; // ref. to plugin object
\r
25 var $bValid; // evaluates to true when object is considered valid
\r
26 var $admin; // ref to an admin object
\r
28 function PluginAdmin($pluginName)
\r
31 include_once($DIR_LIBS . 'ADMIN.php');
\r
32 include_libs('ADMIN.php',true,true);
\r
34 $this->strFullName = 'NP_' . $pluginName;
\r
36 // check if plugin exists and is installed
\r
37 if ( !$manager->pluginInstalled($this->strFullName) )
\r
39 doError(_ERROR_INVALID_PLUGIN);
\r
42 $this->plugin =& $manager->getPlugin($this->strFullName);
\r
43 $this->bValid = $this->plugin;
\r
45 if ( !$this->bValid )
\r
47 doError(_ERROR_INVALID_PLUGIN);
\r
50 $this->admin = new Admin();
\r
51 $this->admin->action = 'plugin_' . $pluginName;
\r
54 function start($extraHead = '')
\r
57 $strBaseHref = '<base href="' . Entity::hsc($CONF['AdminURL']) . '" />';
\r
58 $extraHead .= $strBaseHref;
\r
60 $this->admin->pagehead($extraHead);
\r
65 $this->_AddTicketByJS();
\r
66 $this->admin->pagefoot();
\r
70 * Add ticket when not used in plugin's admin page
\r
73 function _AddTicketByJS(){
\r
74 global $CONF,$ticketforplugin;
\r
75 if ( !($ticket=$ticketforplugin['ticket']) )
\r
77 //echo "\n<!--TicketForPlugin skipped-->\n";
\r
80 $ticket=Entity::hsc($ticket);
\r
82 ?><script type="text/javascript">
\r
84 /* Add tickets for available links (outside blog excluded) */
\r
85 for (i=0;document.links[i];i++){
\r
86 if (document.links[i].href.indexOf('<?php echo $CONF['PluginURL']; ?>',0)<0
\r
87 && !(document.links[i].href.indexOf('//',0)<0)) continue;
\r
88 if ((j=document.links[i].href.indexOf('?',0))<0) continue;
\r
89 if (document.links[i].href.indexOf('ticket=',j)>=0) continue;
\r
90 document.links[i].href=document.links[i].href.substring(0,j+1)+'ticket=<?php echo $ticket; ?>&'+document.links[i].href.substring(j+1);
\r
92 /* Add tickets for forms (outside blog excluded) */
\r
93 for (i=0;document.forms[i];i++){
\r
94 /* check if ticket is already used */
\r
95 for (j=0;document.forms[i].elements[j];j++) {
\r
96 if (document.forms[i].elements[j].name=='ticket') {
\r
101 if (j==-1) continue;
\r
103 /* check if the modification works */
\r
104 try{document.forms[i].innerHTML+='';}catch(e){
\r
105 /* Modificaion falied: this sometime happens on IE */
\r
106 if (!document.forms[i].action.name && document.forms[i].method.toUpperCase()=="POST") {
\r
107 /* <input name="action"/> is not used for POST method*/
\r
108 if (document.forms[i].action.indexOf('<?php echo $CONF['PluginURL']; ?>',0)<0
\r
109 && !(document.forms[i].action.indexOf('//',0)<0)) continue;
\r
110 if (0<(j=document.forms[i].action.indexOf('?',0))) if (0<document.forms[i].action.indexOf('ticket=',j)) continue;
\r
111 if (j<0) document.forms[i].action+='?'+'ticket=<?php echo $ticket; ?>';
\r
112 else document.forms[i].action+='&'+'ticket=<?php echo $ticket; ?>';
\r
115 document.write('<?php echo _PLUGINADMIN_TICKETS_JAVASCRIPT ?>');
\r
116 j=document.forms[i].outerHTML;
\r
117 while (j!=j.replace('<','<')) j=j.replace('<','<');
\r
118 document.write('<p>'+j+'</p>');
\r
121 /* check the action paramer in form tag */
\r
122 /* note that <input name="action"/> may be used here */
\r
123 j=document.forms[i].innerHTML;
\r
124 document.forms[i].innerHTML='';
\r
125 if ((document.forms[i].action+'').indexOf('<?php echo $CONF['PluginURL']; ?>',0)<0
\r
126 && !((document.forms[i].action+'').indexOf('//',0)<0)) {
\r
127 document.forms[i].innerHTML=j;
\r
131 document.forms[i].innerHTML=j+'<input type="hidden" name="ticket" value="<?php echo $ticket; ?>"/>';
\r