FIX: コメントの編集・削除、アクセス禁止の追加と削除が行えないバグの修正

[nucleus-jp/nucleus-next.git] / nucleus / libs / AdminActions.php
diff --git a/nucleus/libs/AdminActions.php b/nucleus/libs/AdminActions.php

index 847cfb6..ff3c888 100644 (file)
--- a/nucleus/libs/AdminActions.php
+++ b/nucleus/libs/AdminActions.php
@@ -90,8 +90,8 @@ class AdminActions extends BaseActions
                 'iprangeinput',
                 'itemnavlist',
                 'jstoolbaroptions',
-               'languageselectoptions',
                 'listplugplugoptionrow',
+               'localeselectoptions',
                 'mediadirwarning',
                 'movedistselect',
                 'moveitemid',
@@ -132,12 +132,12 @@ class AdminActions extends BaseActions
          */
         static private $default_actions = array(
                 'addtickettourl',
+               'adminurl',
+               'customhelplink',
                 'headmessage',
-               'ticket',
-               'sprinttext',
                 'helplink',
-               'customhelplink',
-               'adminurl'
+               'sprinttext',
+               'ticket'
         );
         
         /**
@@ -353,6 +353,10 @@ class AdminActions extends BaseActions
                                         'editadminskintype',
                                 );
                                 break;
+                       case 'admintemplatedelete':
+                               $extra_actions = array(
+                                       'editadmintemplateinfo',
+                               );
                         case 'admintemplateedit':
                                 $extra_actions = array(
                                         'editadmintemplateinfo',
@@ -467,16 +471,17 @@ class AdminActions extends BaseActions
                         case 'blogsettings':
                                 $extra_actions = array(
                                         'adminbloglink',
-                                       'blogteammembers',
-                                       'requestblogid',
-                                       'blogsetting',
+                                       'blogcatlist',
                                         'blognotifysetting',
-                                       'defcatselect',
-                                       'blogtime',
+                                       'blogsetting',
                                         'blogsettingyesno',
-                                       'pluginoptions',
-                                       'blogcatlist',
+                                       'blogteammembers',
+                                       'blogtime',
+                                       'defcatselect',
+                                       'defskinselect',
                                         'pluginextras',
+                                       'pluginoptions',
+                                       'requestblogid',
                                 );
                                 break;
                         case 'bookmarklet':
@@ -505,6 +510,7 @@ class AdminActions extends BaseActions
                                         'requestblogid',
                                         'categorysetting',
                                         'editdesturl',
+                                       'pluginoptions'
                                 );
                                 break;
                         case 'commentdelete':
@@ -524,8 +530,9 @@ class AdminActions extends BaseActions
                                         'contents',
                                         'categories',
                                         'currenttime',
-                                       'pluginextras',
-                                       'itemoptions'
+                                       'init',
+                                       'itemoptions',
+                                       'pluginextras'
                                 );
                                 break;
                         case 'createnewlog':
@@ -542,9 +549,9 @@ class AdminActions extends BaseActions
                                 break;
                         case 'editmembersettings':
                                 $extra_actions = array(
-                                       'editmember',
-                                       'languageselectoptions',
                                         'adminskinselectoptions',
+                                       'editmember',
+                                       'localeselectoptions',
                                         'pluginoptions',
                                 );
                                 break;
@@ -663,10 +670,10 @@ class AdminActions extends BaseActions
                                         'defblogselect',
                                         'defskinselect',
                                         'configsettingsedit',
-                                       'languageselectoptions',
                                         'configsettingsyesno',
                                         'outputspecialdirs',
                                         'jstoolbaroptions',
+                                       'localeselectoptions',
                                         'mediadirwarning',
                                         'pluginextras',
                                 );
@@ -1192,6 +1199,7 @@ class AdminActions extends BaseActions
                                 $show  = array(
                                         'content' => 'shortblognames'
                                 );
+                               Showlist($query, 'table', $show, $templateName);
                                 break;
                         case 'template':
                                 $query = "SELECT tdname as name, tddesc as description FROM %s WHERE tdname LIKE 'admin/%%'";
@@ -1199,9 +1207,9 @@ class AdminActions extends BaseActions
                                 $show  = array(
                                         'content' => 'shortnames'
                                 );
+                               Showlist($query, 'table', $show, $templateName);
                                 break;
                 }
-               Showlist($query, 'table', $show, $templateName);
                 return;
         }
         
@@ -1298,7 +1306,7 @@ class AdminActions extends BaseActions
          * 
          * @param       void
          * @return      void
-        */
+        */     
         public function parse_adminskinselectoptions()
         {
                 global $CONF;
@@ -1486,12 +1494,13 @@ class AdminActions extends BaseActions
         public function parse_banlistdeletedlist($templateName = '')
         {
                 global $manager;
-               $templates = array();
                 
+               $templates = array();
                 if ( $templateName )
                 {
                         $templates = Template::read($templateName);
                 }
+               
                 if ( !array_key_exists('BANLIST_DELETED_LIST', $templates) || empty($templates['BANLIST_DELETED_LIST']) )
                 {
                         $template = "<li><%blogname%></li>\n";
@@ -1506,10 +1515,11 @@ class AdminActions extends BaseActions
                 {
                         $blog =& $manager->getBlog($delblog);
                         $data =  array(
-                               Entity::hsc($blog->getName())
+                               'blogname' => Entity::hsc($blog->getName())
                         );
-                       Template::fill($template, $data);
+                       echo Template::fill($template, $data);
                 }
+               
                 return;
         }
         
@@ -1645,7 +1655,7 @@ class AdminActions extends BaseActions
                 $template['content']  = 'categorylist';
                 $template['tabindex'] = 200;
                 
-               $batch = new Batch('member');
+               $batch = new Batch('category');
                 $batch->showlist($query, 'table', $template);
                 return;
         }
@@ -1738,7 +1748,7 @@ class AdminActions extends BaseActions
                         {
                                 if ( isset($multipleBlogs) && !empty($multipleBlogs) )
                                 {
-                                       echo '<optgroup label="' . Entity::hsc($oBlog->bname) . "\>\n";
+                                       echo '<optgroup label="' . Entity::hsc($oBlog->bname) . "\">\n";
                                 }
                                 
                                 // show selection to create new category when allowed/wanted
@@ -1959,11 +1969,20 @@ class AdminActions extends BaseActions
         {
                 global $manager;
                 
-               $item = false;
-               $itemid = intRequestVar('itemid');
+               $item = FALSE;
+               $itemid =  intRequestVar('itemid');
+               $item   = &$manager->getItem($itemid, 1, 1);
                 
-               $item =& $manager->getItem($itemid, 1, 1);
-               $blog =& $manager->getBlog(getBlogIDFromItemID($itemid));
+               $blog = FALSE;
+               if ( !$item )
+               {
+                       $blogid =  intRequestVar('blogid');
+               }
+               else
+               {
+                       $blogid =  $item['blogid'];
+               }
+               $blog   = &$manager->getBlog($blogid);
                 
                 if ( $item && $blog->convertBreaks() && requestVar('action') == 'itemedit' )
                 {
@@ -1976,15 +1995,20 @@ class AdminActions extends BaseActions
                 {
                         $contents = $item;
                 }
-               if ( isset($contents['catid']) && $contents['catid'] )
+               
+               if ( !array_key_exists('catid', $contents) || empty($contents['catid']) )
                 {
-                       $catid = $contents['catid'];    // on edit item
+                       // on add item
+                       $catid = $blog->getDefaultCategory();
                 }
                 else
                 {
-                       $catid = $blog->getDefaultCategory();   // on add item
+                       // on edit item
+                       $catid = $contents['catid'];
                 }
+               
                 Admin::selectBlogCategory('catid', $catid, $startidx, 1, $blog->getID());
+               
                 return;
         }
         
@@ -2022,7 +2046,7 @@ class AdminActions extends BaseActions
                 $res    = sql_query($query);
                 $obj    = sql_fetch_object($res);
                 
-               if ( $type != desc )
+               if ( $type != 'name' )
                 {
                         echo Entity::hsc($obj->cdesc);
                 }
@@ -2466,16 +2490,15 @@ class AdminActions extends BaseActions
          */
         public function parse_defskinselect($type = 'blog', $templateName = '')
         {
-               global $manager;
+               global $CONF, $manager;
                 
-               $query  = "SELECT sdname as text, sdnumber as value FROM %s;";
+               $query  = "SELECT sdname as text, sdnumber as value FROM %s WHERE sdname NOT LIKE 'admin/%%';";
                 $query = sprintf($query, sql_table('skin_desc'));
                 
                 $blogid = intRequestVar('blogid');
                 
                 if ( !$blogid )
                 {
-                       global $CONF;
                         $template['selected'] = $CONF['BaseSkin'];
                 }
                 else
@@ -2713,6 +2736,13 @@ class AdminActions extends BaseActions
                                 $comment['body'] = str_replace('<br />', '', $comment['body']);
                                 $comment['body'] = preg_replace("#<a href=['\"]([^'\"]+)['\"]( rel=\"nofollow\")?>[^<]*</a>#", "\\1", $comment['body']);
                                 echo $comment['body'];
+                               break;
+                       case 'cmail':
+                               echo $comment['userid'];
+                               break;
+                       case 'url':
+                               echo $comment['userid'];
+                               break;
                         default:
                                 echo $comment[$type];
                                 break;
@@ -3021,7 +3051,7 @@ class AdminActions extends BaseActions
          * @param       string  $tplt                   name of template
          * @return      boolean 
          */
-       public function parse_edittemplateinfo($type, $description = '', $name = '', $help = '', $tabindex = 0, $big = 0, $tplt = '')
+       public function parse_edittemplateinfo($type, $desc = '', $name = '', $help = '', $tabindex = 0, $big = 0, $tplt = '')
         {
                 global $manager;
                 
@@ -3359,7 +3389,7 @@ class AdminActions extends BaseActions
          */
         public function parse_getblogsetting($which)
         {
-               global $blog;
+               global $blog, $manager;
                 
                 if ( $blog )
                 {
@@ -3367,7 +3397,6 @@ class AdminActions extends BaseActions
                 }
                 elseif ( $bid = intRequestVar('blogid') )
                 {
-                       global $manager;
                         $b = $manager->getBlog($bid);
                 }
                 else
@@ -3604,11 +3633,13 @@ class AdminActions extends BaseActions
          * some init stuff for all forms
          * 
          * @param       void
+        * @return      void
          */
         function parse_init()
         {
                 global $manager;
-               $item   = false;
+               
+               $item = false;
                 if ( requestVar('action') == 'itemedit' )
                 {
                         $itemid = intRequestVar('itemid');
@@ -3625,10 +3656,12 @@ class AdminActions extends BaseActions
                 }
                 elseif ( requestVar('action') == 'createitem' )
                 {
-                       $blog =& $manager->getBlog(intRequestVar($blogid));
+                       $blogid = intRequestVar('blogid');
+                       $blog =& $manager->getBlog($blogid);
                         $authorid = '';
                 }
                 $blog->insertJavaScriptInfo($authorid);
+               return;
         }
         
         /**
@@ -3711,6 +3744,7 @@ class AdminActions extends BaseActions
                 
                 $prevPid = -1;
                 
+               include_libs('ACTIONS.php');
                 $handler = new Actions($this->skintype);
                 $parser = new PARSER($handler);
                         
@@ -3791,33 +3825,7 @@ class AdminActions extends BaseActions
         public function parse_itemnavlist()
         {
                 global $CONF, $manager, $member;
-               if ( $this->skintype == 'itemlist' )
-               {
-                       $blogid =  intRequestVar('blogid');
-                       $blog   =& $manager->getBlog($blogid);
-               }
-               if ( postVar('start') )
-               {
-                       $start = intPostVar('start');
-               }
-               else
-               {
-                       $start = 0;
-               }
                 
-               // amount of items to show
-               if ( postVar('amount') )
-               {
-                       $amount = intPostVar('amount');
-               }
-               else
-               {
-                       $amount = intval($CONF['DefaultListSize']);
-                       if ( $amount < 1 )
-                       {
-                               $amount = 10;
-                       }
-               }
                 $query  = "SELECT bshortname, cname, mname, ititle, ibody, inumber, idraft, itime"
                         . " FROM %s, %s, %s, %s"
                         . " WHERE iblog=bnumber AND iauthor=mnumber AND icat=catid";
@@ -3826,7 +3834,20 @@ class AdminActions extends BaseActions
                 
                 if ( $this->skintype == 'itemlist' )
                 {
-                       $query .= ' AND iblog   = ' . $blogid;
+                       $blog = FALSE;
+                       if ( array_key_exists('blogid', $_REQUEST) )
+                       {
+                               $blogid = intRequestVar('blogid');
+                       }
+                       else if ( array_key_exists('itemid', $_REQUEST) )
+                       {
+                               $itemid =  intRequestVar('itemid');
+                               $item   = &$manager->getItem($itemid, 1, 1);
+                               $blogid =  (integer) $item['blogid'];
+                       }
+                       $blog =& $manager->getBlog($blogid);
+                       
+                       $query .= " AND iblog={$blogid}";
                         $template['now'] = $blog->getCorrectTime(time());
                         
                         // non-blog-admins can only edit/delete their own items
@@ -3851,6 +3872,30 @@ class AdminActions extends BaseActions
                                 . '  OR  (ibody LIKE "%' . sql_real_escape_string($search) . '%") '
                                 . '  OR  (imore LIKE "%' . sql_real_escape_string($search) . '%"))';
                 }
+               
+               if ( postVar('start') )
+               {
+                       $start = intPostVar('start');
+               }
+               else
+               {
+                       $start = 0;
+               }
+               
+               // amount of items to show
+               if ( postVar('amount') )
+               {
+                       $amount = intPostVar('amount');
+               }
+               else
+               {
+                       $amount = (integer) $CONF['DefaultListSize'];
+                       if ( $amount < 1 )
+                       {
+                               $amount = 10;
+                       }
+               }
+               
                 $query .= ' ORDER BY itime DESC'
                         . " LIMIT {$start},{$amount}";
                 
@@ -3943,61 +3988,6 @@ class AdminActions extends BaseActions
                 return;
         }
         /**
-        * Parse skinvar languageselectoptions
-        */
-       function parse_languageselectoptions()
-       {
-               $locales = i18n::get_available_locale_list();
-               $memid = intRequestVar('memberid');
-               
-               if ($memid)
-               {
-                       $mem = MEMBER::createFromID($memid);
-                       if ( !$mem->getLocale() || !in_array($mem->getLocale(), $locales) )
-                       {
-                               echo "<option value=\"\" selected=\"selected\">" . ENTITY::hsc(_MEMBERS_USESITELANG) . "</option>\n";
-                       }
-                       else
-                       {
-                               echo "<option value=\"\">" . ENTITY::hsc(_MEMBERS_USESITELANG) . "</option>\n";
-                       }
-               }
-               else
-               {
-                       if ( !i18n::get_current_locale() || !in_array(i18n::get_current_locale(), $locales) )
-                       {
-                               echo "<option value=\"\" selected=\"selected\">en_Latn_US</option>\n";
-                       }
-               }
-               foreach ( $locales as $locale )
-               {
-                       if ($memid)
-                       {
-                               if ( $locale == $mem->getLocale() )
-                               {
-                                       echo "<option value=\"{$locale}\" selected=\"selected\">{$locale}</option>\n";
-                               }
-                               else
-                               {
-                                       echo "<option value=\"{$locale}\">{$locale}</option>\n";
-                               }
-                       }
-                       else
-                       {
-                               if ( $locale == i18n::get_current_locale() )
-                               {
-                                       echo "<option value=\"{$locale}\" selected=\"selected\">{$locale}</option>\n";
-                               }
-                               else
-                               {
-                                       echo "<option value=\"{$locale}\">{$locale}</option>\n";
-                               }
-                       }
-               }
-               return;
-       }
-       
-       /**
          * AdminActions::parse_localeselectoptions()
          * Parse skinvar localeselectoptions
          * 
@@ -4027,10 +4017,18 @@ class AdminActions extends BaseActions
                         {
                                 echo "<option value=\"\" selected=\"selected\">en_Latn_US</option>\n";
                         }
+                       else
+                       {
+                               echo "<option value=\"\">en_Latn_US</option>\n";
+                       }
                 }
                 foreach ( $locales as $locale )
                 {
-                       if ($memid)
+                       if ( $locale == 'en_Latn_US' )
+                       {
+                               continue;
+                       }
+                       else if ($memid)
                         {
                                 if ( $locale == $mem->getLocale() )
                                 {
@@ -4113,7 +4111,7 @@ class AdminActions extends BaseActions
                                 if ( $this->skintype == 'itemmove' )
                                 {
                                         $query  = "SELECT icat as result FROM %s WHERE inumber=%d;";
-                                       $query = spriintf($query, sql_table('item'), intRequestVar('itemid'));
+                                       $query = sprintf($query, sql_table('item'), intRequestVar('itemid'));
                                         $catid  = quickQuery(sprintf($query, intRequestVar('itemid')));
                                         Admin::selectBlogCategory('catid', $catid, 10, 1);
                                 }
@@ -4455,7 +4453,7 @@ class AdminActions extends BaseActions
                         {
                                 $template['body'] = $templates['PLUGIN_QUICKMENU_BODY'];
                         }
-                       if ( array_key_exists('PLUGIN_QUICKMENU_FOOT', $templates) || !empty($templates['PLUGIN_QUICKMENU_FOOT']) )
+                       if ( !array_key_exists('PLUGIN_QUICKMENU_FOOT', $templates) || empty($templates['PLUGIN_QUICKMENU_FOOT']) )
                         {
                                 $template['foot'] = "</ul>\n";
                         }
@@ -5505,7 +5503,7 @@ class AdminActions extends BaseActions
                         $templates = Template::read($tplName);
                 }
                 
-               if ( !array_key_exists($templates['ADMIN_CUSTOMHELPLINK_ANCHOR']) || empty($templates['ADMIN_CUSTOMHELPLINK_ANCHOR']) )
+               if ( !array_key_exists('ADMIN_CUSTOMHELPLINK_ANCHOR', $templates) || empty($templates['ADMIN_CUSTOMHELPLINK_ANCHOR']) )
                 {
                         $template = "<a href=\"<%helpurl%>#<%helptarget%>\" title=\"<%title%>\" <%onclick%>>\n";
                 }