function getVersion()
{
- return '0.3.5a';
+ return '0.3.5c';
}
function getDescription()
'text', $CONF['CategoryKey']);
$this->createOption('customurl_dfscat', _OP_DEF_SCAT_KEY,
'text', 'subcategory');
+ $this->createOption('customurl_incbname', _OP_INCLUDE_CBNAME,
+ 'yesno', 'no');
$this->createOption('customurl_tabledel', _OP_TABLE_DELETE,
'yesno', 'no');
$this->createOption('customurl_quicklink', _OP_QUICK_LINK,
. 'WHERE inumber = %d';
$tque = sprintf($tque, $table, intval($row[$id]));
$itime = quickQuery($tque);
-// $y = $m = $d = $trush = '';
-// sscanf($itime, '%d-%d-%d %s', $y, $m, $d, $trush);
list($y, $m, $d, $trush) = sscanf($itime, '%d-%d-%d %s');
$param['year'] = sprintf('%04d', $y);
$param['month'] = sprintf('%02d', $m);
$param['day'] = sprintf('%02d', $d);
-// $param = array (
-// 'year' => $y,
-// 'month' => $m,
-// 'day' => $d
-// );
$itplt = $this->getOption('customurl_dfitem');
$ikey = TEMPLATE::fill($itplt, $param);
$newPath = $ikey . '_' . $row[$id] . '.html';
if ($search_q) {
$que_str = getVar('query');
$que_str = htmlspecialchars($que_str);
- $que_str = mb_eregi_replace('/', 'ssslllaaassshhh', $que_str);
- $que_str = mb_eregi_replace("'", 'qqquuuooottt', $que_str);
- $que_str = mb_eregi_replace('&', 'aaammmppp', $que_str);
+ if (extension_loaded('mbstring')) {
+ $que_str = mb_eregi_replace('/', 'ssslllaaassshhh', $que_str);
+ $que_str = mb_eregi_replace("'", 'qqquuuooottt', $que_str);
+ $que_str = mb_eregi_replace('&', 'aaammmppp', $que_str);
+ } else {
+ $que_str = eregi_replace('/', 'ssslllaaassshhh', $que_str);
+ $que_str = eregi_replace("'", 'qqquuuooottt', $que_str);
+ $que_str = eregi_replace('&', 'aaammmppp', $que_str);
+ }
$que_str = urlencode($que_str);
$search_path = '/search/' . $que_str;
$b_url = createBlogidLink($blogid);
// decode path_info
// decode unofficial Page switch '/page_2.html'
- foreach($v_path as $pathName) {
+/* foreach($v_path as $pathName) {
if (preg_match('/^page_/', $pathName)) {
$temp_info = explode('page_', $pathName);
$_GET['page'] = intval($temp_info[1]);
$page = array_pop($v_path);
}
- }
+ }*/
// decode TrackBack URL shorten ver.
$tail = end($v_path);
if (substr($tail, -10, 10) == '.trackback') {
$v_pathName = substr($tail, 0, -10);
-// echo $v_pathName;
if (is_numeric($v_pathName) || substr($v_pathName, -5) == '.html') {
$this->_trackback($blogid, $v_pathName);
} else {
$redURI = createArchiveListLink(intval($v_path[$i]));
}
// Customized URL
- } elseif (isset($v_path[$i])) {
+ } elseif (isset($v_path[$i]) && strpos($v_path[$i], 'page') === FALSE) {
$archivelist = $blogid;
$redURI = createArchiveListLink($archivelist);
} else {
$aarc = ($adarc || $amarc || $ayarc);
$carc = ($darc || $marc || $yarc);
// FancyURL
-// if (is_numeric($v_path[$i]) && !$darc && !$marc && !$yarc && isset($v_path[$ar]) && ($adarc || $amarc || $ayarc)) {
if (is_numeric($v_path[$i]) && $arc && isset($v_path[$ar]) && $aarc) {
sscanf($v_path[$ar], '%d-%d-%d', $y, $m, $d);
if (!empty($d)) {
$redURI = createArchiveLink($blogid, $archive);
}
// Customized URL
-// } elseif ($darc || $marc || $yarc) {
} elseif ($carc) {
sscanf($v_path[$i], '%d-%d-%d', $y, $m, $d);
if (!empty($d)) {
case 'search':
$redirectSerch = ($this->getBlogOption($blogid, 'redirect_search') == 'yes');
if ($redirectSerch) {
- $que_str = urldecode($v_path[$i]);
- $que_str = mb_eregi_replace('ssslllaaassshhh', '/', $que_str);
- $que_str = mb_eregi_replace('qqquuuooottt', "'", $que_str);
- $que_str = mb_eregi_replace('aaammmppp', '&', $que_str);
+ $que_str = urldecode($v_path[$i]);
+ if (extension_loaded('mbstring')) {
+ $que_str = mb_eregi_replace('ssslllaaassshhh', '/', $que_str);
+ $que_str = mb_eregi_replace('qqquuuooottt', "'", $que_str);
+ $que_str = mb_eregi_replace('aaammmppp', '&', $que_str);
+ } else {
+ $que_str = eregi_replace('ssslllaaassshhh', '/', $que_str);
+ $que_str = eregi_replace('qqquuuooottt', "'", $que_str);
+ $que_str = eregi_replace('aaammmppp', '&', $que_str);
+ }
$que_str = htmlspecialchars_decode($que_str);
$_GET['query'] = $que_str;
$query = $que_str;
break;
// for pageswitch
case 'page':
- if (isset($v_path[$i]) && is_numeric($v_path[$i])) {
- $_GET['page'] = intval($v_path[$i]);
+// if (isset($v_path[$i]) && is_numeric($v_path[$i])) {
+// $_GET['page'] = intval($v_path[$i]);
$exLink = TRUE;
- }
+// }
break;
// for tDiarySkin
case 'tdiarydate':
$itemid = intval($item_id);
$iLink = TRUE;
}
-// if (preg_match('/^page_/', $pathName)) {
-// $iLink = TRUE;
-// }
+ if (preg_match('/^page_/', $pathName)) {
+ $iLink = TRUE;
+ }
//var_dump($linkObj);
}
break;
list($trush, $tempQueryString) = explode('?', serverVar('REQUEST_URI'), 2);
}
$tempQueryString = '?' . $tempQueryString;
-// echo $tempQueryString;
-// exit;
header('HTTP/1.1 301 Moved Permanently');
header('Location: ' . $redURI . $tempQueryString);
exit;
'atom.xml',
);
$siteMapPlugin = $this->pluginCheck('GoogleSitemap');
+ if (!$siteMapPlugin) {
+ $siteMapPlugin = $this->pluginCheck('SearchenginesSitemapsGenerator');
+ }
if ($siteMapPlugin) {
$pcSitemaps = $siteMapPlugin->getAllBlogOptions('PcSitemap');
foreach ($pcSitemaps as $pCsitemap) {
} else {
// Found
// setting $CONF['Self'] for other plugins
- $uri = createBlogidLink($blogid);
- $CONF['Self'] = rtrim($uri, '/');
- $complete = TRUE;
+ $uri = createBlogidLink($blogid);
+ $CONF['Self'] = rtrim($uri, '/');
+ $CONF['BlogURL'] = rtrim($uri, '/');
+ $CONF['ItemURL'] = rtrim($uri, '/');
+ $CONF['CategoryURL'] = rtrim($uri, '/');
+ $CONF['ArchiveURL'] = rtrim($uri, '/');
+ $CONF['ArchiveListURL'] = rtrim($uri, '/');
+ $complete = TRUE;
return ;
}
} else {
- $uri = createBlogidLink($blogid);
- $CONF['Self'] = rtrim($uri, '/');
- $complete = TRUE;
- return ;
+ $uri = createBlogidLink($blogid);
+ $CONF['Self'] = rtrim($uri, '/');
+ $CONF['BlogURL'] = rtrim($uri, '/');
+ $CONF['ItemURL'] = rtrim($uri, '/');
+ $CONF['CategoryURL'] = rtrim($uri, '/');
+ $CONF['ArchiveURL'] = rtrim($uri, '/');
+ $CONF['ArchiveListURL'] = rtrim($uri, '/');
+ $complete = TRUE;
+ return ;
}
// Behavior Not Found
if ($notFound) {
$OP_MemberKey = $this->getOption('customurl_member');
$params = $data['params'];
$catParam = $params['extra']['catid'];
-// echo $catParam;
$subcatParam = $params['extra'][$subrequest];
$useCustomURL = $this->getAllBlogOptions('use_customurl');
switch ($data['type']) {
$objPath = $ipath . '.html';
}
}
-// if ($catParam && $subcatid && !$subcatParam) {
-// $params['extra'][$subrequest] = $subcatid;
-// }
if ($bid != $blogid) {
$burl = $this->_generateBlogLink($bid);
} else {
}
$objPath = $OP_ArchivesKey . '/';
$bid = $blogid;
-// if ($catParam && $subcatid && !$subcatParam) {
-// $params['extra'][$subrequest] = $subcatid;
-// }
break;
case 'archive':
if ($useCustomURL[$blogid] == 'no') {
}
$objPath = $OP_ArchiveKey . '/' . $arc . '/';
$bid = $blogid;
-// if ($catParam && $subcatid && !$subcatParam) {
-// $params['extra'][$subrequest] = $subcatid;
-// }
break;
case 'blog':
if (!is_numeric($params['blogid'])) {
if (!$burl) {
$burl = $this->_generateBlogLink($blogid);
}
-
+/*
//NP_Analyze AdminArea check
$aplugin = $this->pluginCheck('Analyze');
if ($aplugin) {
$feedurl = array_unique($feedurl);
$request_path = end($v_path);
$feeds = in_array($request_path, $feedurl, true);
+*/
+
+ $denyPlugins = array(
+ 'np_analyze',
+ 'np_googlesitemap',
+ );
+ $tempdeb=debug_backtrace();
+ foreach($tempdeb as $k => $v){
+ $analyzePlugin = (strtolower($v['class']) == 'np_analyze');
+ $sitemapPlugin = (strtolower($v['class']) == 'np_googlesitemap' ||
+ strtolower($v['class']) == 'np_searchenginessitemapsgenerator');
+ if ($analyzePlugin || $sitemapPlugin) {
+ $denyPlugin = TRUE;
+ }
+ }
- if (!$feeds && $bid != $blogid && !$CONF['UsingAdminArea']) {
+// if (!$feeds && $bid != $blogid && !$CONF['UsingAdminArea']) {
+ if (!$denyPlugin && $bid != $blogid) {
$params['extra'] = array();
}
if ($objPath || $data['type'] == 'blog') {
if (strstr ($data['url'], '//')) {
$link = preg_replace("/([^:])\/\//", "$1/", $data['url']);
}
+ //$tempdeb=debug_backtrace();
+ foreach($tempdeb as $k => $v){
+ if (strtolower($v['class']) == 'np_trackback' && strtolower($v['function']) == 'gettrackbackurl') {
+ $tb = 1;
+ }
+ }
+ if ($tb == 1 && $data['type'] == 'item' && $isItem) {
+ $data['url'] = substr($data['url'], 0, -5);
+ }
return $data;
}
}
function getParents($subid)
{
+ $mcatPlugin = $this->pluginCheck('MultipleCategories');
+ $mcatVarsion = $mcatPlugin->getVersion() * 100;
+ if (intval($mcatVarsion) < 40) {
+ return intval($subid);
+ }
$subcat_id = intval($subid);
$query = 'SELECT '
. 'scatid, '
{
global $manager, $CONF;
$blog_id = intval($bid);
+/*
if ($this->getBlogOption($blog_id, 'use_customurl') == 'no') {
$b =& $manager->getBlog($blog_id);
$burl = $b->getURL();
}
}
}
+//*/
+ $param = array(
+ 'blog',
+ 'bnumber',
+ $blog_id
+ );
+ if (!$this->_isValid($param)) {
+ return _NOT_VALID_BLOG;
+ }
+ $b =& $manager->getBlog($blog_id);
+ $burl = $b->getURL();
+ if ($this->getBlogOption($blog_id, 'use_customurl') == 'yes') {
+ if ($blog_id == $CONF['DefaultBlog'] && $this->getOption('customurl_incbname') == 'no') {
+ if (empty($burl)) {
+ $this->_updateBlogURL($CONF['IndexURL'], $blog_id);
+ }
+ $burl = $CONF['IndexURL'];
+ } else {
+ if (empty($burl)) {
+ $burl = $CONF['IndexURL'];
+ }
+ if (substr($burl, -4) == '.php' || $burl == $CONF['IndexURL']) {
+ $path = $this->getBlogOption($blog_id, 'customurl_bname');
+ if ($path) {
+ $burl = $CONF['IndexURL'] . $path;
+ } else {
+ $query = 'SELECT bshortname as result'
+ . ' FROM %s'
+ . ' WHERE bnumber = %d';
+ $query = sprintf($query, sql_table('blog'), $blog_id);
+ $bpath = quickQuery($query);
+ $this->RegistPath($blog_id, $bpath, 0, 'blog', $bpath, TRUE);
+ $burl = $CONF['IndexURL'] . $bpath . '/';
+ }
+// $burl_update = 'UPDATE %s '
+// . 'SET burl = "%s" '
+// . 'WHERE bnumber = %d';
+// $burl = $this->quote_smart($burl);
+// $bTable = sql_table('blog');
+// sql_query(sprintf($burl_update, $bTable, $burl, $blog_id));
+ $this->_updateBlogURL($burl, $blog_id);
+ }
+ }
+ }
+
return trim($burl, '/');
}
+ function _updateBlogURL($burl, $blogid)
+ {
+ $blogid = intval($blogid);
+ $burl_update = 'UPDATE %s '
+ . 'SET burl = "%s" '
+ . 'WHERE bnumber = %d';
+ $burl = $this->quote_smart($burl);
+ $bTable = sql_table('blog');
+ sql_query(sprintf($burl_update, $bTable, $burl, $blogid));
+ }
+
function _addLinkParams($link, $params)
{
global $CONF, $manager, $catid;
break;
}
}
-// $tagparam = (preg_match('/^tag\//', $link));
if (substr($link, -5, 5) == '.html' || $isArchives) {
-// $link = $catlink . $sublink . $link;
$link = implode('', $paramlink) . $link;
} else {
-// $link .= $catlink . $sublink;
$link .= implode('', $paramlink);
}
}
-// if ($params['tag']) {
-// $link .= 'tag/' . $params['tag'] . '/';
-// }
if ($linkExtra) {
$link .= $linkExtra;
}
return $link;
}
- function _convertAlphabettoXHTMLCharacterEntity($text) //add shizuki
- {
- $alphabetKey = array (
- '/', '@',
- 'A', 'B', 'C', 'D', 'E',
- 'F', 'G', 'H', 'I', 'J',
- 'K', 'L', 'M', 'N', 'O',
- 'P', 'Q', 'R', 'S', 'T',
- 'U', 'V', 'W', 'X', 'Y',
- 'Z',
- 'a', 'b', 'c', 'd', 'e',
- 'f', 'g', 'h', 'i', 'j',
- 'k', 'l', 'm', 'n', 'o',
- 'p', 'q', 'r', 's', 't',
- 'u', 'v', 'w', 'x', 'y',
- 'z',
- '&&'
- );
- $alphabetVal = array (
- '/', '@', 'A', 'B', 'C',
- 'D', 'E', 'F', 'G', 'H',
- 'I', 'J', 'K', 'L', 'M',
- 'N', 'O', 'P', 'Q', 'R',
- 'S', 'T', 'U', 'V', 'W',
- 'X', 'Y', 'Z', 'a', 'b',
- 'c',
- 'd', 'e', 'f', 'g', 'h',
- 'i', 'j', 'k', 'l', 'm',
- 'n', 'o', 'p', 'q', 'r',
- 's', 't', 'u', 'v', 'w',
- 'x', 'y', 'z',
- '&&'
- );
- $retData = str_replace($alphabetKey, $alphabetVal, $text);
- return $retData;
- }
-
function doSkinVar($skinType, $link_type = '', $target = '', $title = '')
{
global $blogid;
$uri = $CONF['ActionURL']
. '?action=plugin&name=TrackBack&tb_id=' . $itemid;
}
- echo $this->_convertAlphabettoXHTMLCharacterEntity($uri);
+ echo $uri;
return;
}
// $data == type / id || name / 'i'd || 'n'ame
$uri = $CONF['ActionURL']
. '?action=plugin&name=TrackBack&tb_id=' . $item_id;
}
- echo $this->_convertAlphabettoXHTMLCharacterEntity($uri);
+ echo $uri;
return;
}
if (!$link_type || $link_type == 'subcategory') {
if (!$this->_isValid($param)) {
$url = _NOT_VALID_CAT;
} else {
-// $bid = intval(getBlogIDFromCatID($cat_id));
-// $blink = $this->_generateBlogLink(intval($bid));
-// $url = $blink . '/' . $this->_generateCategoryLink($cat_id, '');
$url = createCategoryLink($cat_id);
}
break;
header('HTTP/1.0 304 Not Modified');
header('Content-Length: 0');
} else {
- $feed = mb_convert_encoding($feed, 'UTF-8', _CHARSET);
+ if (extension_loaded('mbstring')) {
+ $feed = mb_convert_encoding($feed, 'UTF-8', _CHARSET);
+ }
header('Content-Type: application/xml');
header('Generator: Nucleus CMS ' . $nucleus['version']);
// dump feed
function event_PostAddItem ($data)
{
$item_id = intval($data['itemid']);
-// $item_id = $data['itemid'];
$tpath = requestVar('plug_custom_url_path');
$tque = 'SELECT itime as result FROM %s WHERE inumber = %d';
$itime = quickQuery(sprintf($tque, sql_table('item'), $item_id));
-// $y = $m = $d = $trush = '';
-// sscanf($itime, '%d-%d-%d %s', $y, $m, $d, $trush);
list($y, $m, $d, $trush) = sscanf($itime, '%d-%d-%d %s');
$param['year'] = sprintf('%04d', $y);
$param['month'] = sprintf('%02d', $m);
$param['day'] = sprintf('%02d', $d);
-// $param = array (
-// 'year' => $y,
-// 'month' => $m,
-// 'day' => $d
-// );
$ipath = TEMPLATE::fill($tpath, $param);
$query = 'SELECT ititle as result FROM %s WHERE inumber = %d';
$iname = quickQuery(sprintf($query, sql_table('item'), $item_id));
$blog_id = intval(getBlogIDFromItemID($item_id));
$this->RegistPath($item_id, $ipath, $blog_id, 'item', $iname, TRUE);
+ if ($this->pluginCheck('TrackBack')) {
+ $this->convertLocalTrackbackURL($data);
+ }
}
function event_PostRegister ($data)
$item_id = intval($data['itemid']);
$tque = 'SELECT itime as result FROM %s WHERE inumber = %d';
$itime = quickQuery(sprintf($tque ,sql_table('item'), $item_id));
-// $itimestamp = strtotime($itime);
-// $tt = explode(',', date('Y,m,d', $itimestamp));
-// $y = $m = $d = $trush = '';
-// sscanf($itime, '%d-%d-%d %s', $y, $m, $d, $trush);
list($y, $m, $d, $trush) = sscanf($itime, '%d-%d-%d %s');
$param['year'] = sprintf('%04d', $y);
$param['month'] = sprintf('%02d', $m);
$param['day'] = sprintf('%02d', $d);
-// $param = array (
-// 'year' => $y,
-// 'month' => $m,
-// 'day' => $d
-// );
$ipath = TEMPLATE::fill($tpath, $param);
$query = 'SELECT ititle as result FROM %s WHERE inumber = %d';
$iname = quickQuery(sprintf($query, sql_table('item'), $item_id));
$blog_id = intval(getBlogIDFromItemID($item_id));
$this->RegistPath($item_id, $ipath, $blog_id, 'item', $iname);
+ if ($this->pluginCheck('TrackBack')) {
+ $this->convertLocalTrackbackURL($data);
+ }
}
function createItemForm($item_id = 0)
function event_PostMoveItem($data)
{
-// var_dump($data);
$query = 'UPDATE %s SET obj_bid = %d'
. ' WHERE obj_param = "%s" AND obj_id = %d';
$destblogid = intval($data['destblogid']);
if ($new && $oParam == 'item') {
$tque = 'SELECT itime as result FROM %s WHERE inumber = %d';
$itime = quickQuery(sprintf($tque ,sql_table('item'), $objID));
-// $itimestamp = strtotime($itime);
-// $tt = explode(',', date('Y,m,d', $itimestamp));
-// $y = $m = $d = $trush = '';
-// sscanf($itime, '%d-%d-%d %s', $y, $m, $d, $trush);
list($y, $m, $d, $trush) = sscanf($itime, '%d-%d-%d %s');
$param['year'] = sprintf('%04d', $y);
$param['month'] = sprintf('%02d', $m);
$param['day'] = sprintf('%02d', $d);
-// $param = array (
-// 'year' => $y,
-// 'month' => $m,
-// 'day' => $d
-// );
$ikey = TEMPLATE::fill($template, $param);
if ($path == $ikey) {
$path = $ikey . '_' . $objID;
}
return $value;
}
+
+ function convertLocalTrackbackURL($data)
+ {
+ global $manager, $CONF;
+ $ping_urls_count = 0;
+ $ping_urls = array();
+ $localflag = array();
+ $ping_url = requestVar('trackback_ping_url');
+ if (trim($ping_url)) {
+ $ping_urlsTemp = array();
+ $ping_urlsTemp = preg_split("/[\s,]+/", trim($ping_url));
+ for ($i = 0; $i < count($ping_urlsTemp); $i++) {
+ $ping_urls[] = trim($ping_urlsTemp[$i]);
+ $ping_urls_count++;
+ }
+ }
+ $tb_url_amount = intRequestVar('tb_url_amount');
+ for ($i=0; $i < $tb_url_amount; $i++) {
+ $tb_temp_url = requestVar('tb_url_' . $i);
+ if ($tb_temp_url) {
+ $ping_urls[$ping_urls_count] = $tb_temp_url;
+ $localflag[$ping_urls_count] = (requestVar('tb_url_' . $i . '_local') == 'on') ? 1 : 0;
+ $ping_urls_count++;
+ }
+ }
+ if ($ping_urls_count <= 0) {
+ return;
+ }
+ $blog_id = getBlogidFromItemID(intval($data['itemid']));
+ for ($i=0; $i < count($ping_urls); $i++) {
+ if($localflag[$i]) {
+ $tmp_url = parse_url($ping_urls[$i]);
+ $tmp_url['path'] = trim($tmp_url['path'], '/');
+ $path_arr = explode("/", $tmp_url['path']);
+ $tail = end($path_arr);
+ $linkObj = array (
+ 'linkparam' => 'item',
+ 'bid' => $blog_id,
+ );
+ if (substr($tail, -10) == '.trackback') {
+ $pathName = substr($tail, 0, -10);
+ if (substr($pathName, -5) == '.html') {
+ $linkObj['name'] = $pathName;
+ } else {
+ $linkObj['name'] = $pathName . '.html';
+ }
+ } else {
+ $linkObj['name'] = $tail;
+ }
+ $item_id = $this->getRequestPathInfo($linkObj);
+ if ($item_id) {
+ $ping_urls[$i] = $CONF['ActionURL']
+ . '?action=plugin&name=TrackBack&tb_id=' . $item_id;
+ }
+ }
+ }
+ $_REQUEST['trackback_ping_url'] = implode ("\n", $ping_urls);
+ }
+
}
{
global $manager;
$methodName = 'action_' . $action;
- $this->action = strtolower($action);
+ $this->actions = strtolower($action);
$aActionsNotToCheck = array(
'blogview',
'categoryview',
'itemview',
'pathupdate',
);
- if (!in_array($this->action, $aActionsNotToCheck)) {
+ if (!in_array($this->actions, $aActionsNotToCheck)) {
if (!$manager->checkTicket()) {
$this->error(_ERROR_BADTICKET);
}
. ' </a>'
. ' </li>'
. '</ul>'
- . '<p>' . $msg;
+ . '<p>' . $this->_hsc($msg);
echo $printData;
unset($printData);
$this->print_tablehead(_BLOG_LIST_TITLE, _LISTS_ACTIONS);
$query = sprintf($query, bname, bnumber, bshortname, sql_table('blog'));
$res = sql_query($query);
while ($b = mysql_fetch_object($res)) {
- $forCatURI = $this->adminurl . 'index.php?action=goCategory&blogid=' . $b->bnumber;
- $forItemURI = $this->adminurl . 'index.php?action=goItem&blogid=' . $b->bnumber;
- $data = array (
- 'oid' => $b->bnumber,
- 'obd' => 0,
- 'opr' => 'blog',
- 'name' => $b->bname,
- 'ret' => 'blogview',
- 'ed_URL' => $this->edhiturl . 'index.php?action=blogsettings'
- . '&blogid=' . $b->bnumber,
- 'desc' => '[<a href="' . $forItemURI . '" style="font-size:x-small;">'
- . _FOR_ITEMS_SETTING
- . '</a>]'
- . ' '
- . '[<a href="' . $forCatURI . '" style="font-size:x-small;">'
- . _FOR_CATEGORY_SETTING
- . '</a>]',
- 'path' => $this->plugin->getBlogOption($b->bnumber, 'customurl_bname'),
- 'setting_text' => _BLOG_SETTING
- );
- $this->print_tablerow($data);
+// $forCatURI = $this->adminurl . 'index.php?action=goCategory&blogid=' . $b->bnumber;
+ $forCatURI = $this->adminurl . 'index.php?action=categoryview&blogid=' . $b->bnumber;
+// $forItemURI = $this->adminurl . 'index.php?action=goItem&blogid=' . $b->bnumber;
+ $forItemURI = $this->adminurl . 'index.php?action=itemview&blogid=' . $b->bnumber;
+ $bPath = $this->_hsc($this->plugin->getBlogOption($b->bnumber, 'customurl_bname'));
+ $data = array (
+ 'oid' => intval($b->bnumber),
+ 'obd' => 0,
+ 'opr' => 'blog',
+ 'name' => $this->_hsc($b->bname),
+ 'ret' => 'blogview',
+ 'ed_URL' => $this->editurl . 'index.php?action=blogsettings'
+ . '&blogid=' . intval($b->bnumber),
+ 'desc' => '[<a href="' . $forItemURI . '" style="font-size:x-small;">'
+ . _FOR_ITEMS_SETTING
+ . '</a>]'
+ . ' '
+ . '[<a href="' . $forCatURI . '" style="font-size:x-small;">'
+ . _FOR_CATEGORY_SETTING
+ . '</a>]',
+ 'path' => $bPath,
+ 'setting_text' => _BLOG_SETTING
+ );
+ $this->print_tablerow($data);
}
echo '</tbody></table>';
echo '</p>';
$oPluginAdmin->end();
}
- function action_categoryview($bid, $msg = '')
+ function action_categoryview($bid = '', $msg = '')
{
global $CONF, $oPluginAdmin;
- $bname = getBlognameFromID($bid);
+ if (empty($bid)) {
+ if (getVar('blogid')) {
+ $bid = intGetVar('blogid');
+ } else {
+ $bid = intval($CONF['DefaultBlog']);
+ }
+ } else {
+ $bid = intval($bid);
+ }
+ $bname = $this->_hsc(getBlognameFromID($bid));
$oPluginAdmin->start();
$printData = '<h2><a id="pagetop">'._ADMIN_AREA_TITLE.'</a></h2>'
. ' </a>'
. ' </li>'
. ' <li>'
- . ' <a href="' . $this->adminurl . 'index.php?action=goItem&blogid=' . $bid . '">'
+// . ' <a href="' . $this->adminurl . 'index.php?action=goItem&blogid=' . $bid . '">'
+ . ' <a href="' . $this->adminurl . 'index.php?action=itemview&blogid=' . $bid . '">'
._FOR_ITEMS_SETTING
. ' </a>'
. ' </li>'
. ' </a>'
. ' </li>'
. '</ul>'
- . '<p>' . $msg
+ . '<p>' . $this->_hsc($msg)
. '<h3 style="padding-left: 0px">' . $bname . '</h3>';
echo $printData;
unset($printData);
$query = sprintf($query, sql_table('category'), $bid);
$cnm = sql_query($query);
while ($c = mysql_fetch_object($cnm)) {
- $data = array (
- 'oid' => $c->catid,
- 'obd' => $bid,
- 'opr' => 'category',
- 'name' => $c->cname,
- 'ret' => 'catoverview',
- 'ed_URL' => $this->edhiturl
- . 'index.php?action=categoryedit'
- . '&blogid=' . $bid
- . '&catid=' . $c->catid,
- 'desc' => $c->cdesc,
- 'path' => $this->plugin->getCategoryOption($c->catid, 'customurl_cname')
- );
+ $cPath = $this->_hsc($this->plugin->getCategoryOption($c->catid, 'customurl_cname'));
+ $data = array (
+ 'oid' => intval($c->catid),
+ 'obd' => $bid,
+ 'opr' => 'category',
+ 'name' => $this->_hsc($c->cname),
+ 'ret' => 'catoverview',
+ 'ed_URL' => $this->editurl
+ . 'index.php?action=categoryedit'
+ . '&blogid=' . $bid
+ . '&catid=' . intval($c->catid),
+ 'desc' => $this->_hsc($c->cdesc),
+ 'path' => $cPath
+ );
$this->print_tablerow($data);
if ($this->uScat) {
$query = 'SELECT scatid, sname, sdesc FROM %s WHERE catid = %d';
- $query = sprintf($query, sql_table('plug_multiple_categories_sub'), $c->catid);
+ $query = sprintf($query, sql_table('plug_multiple_categories_sub'), intval($c->catid));
$scnm = sql_query($query);
while ($sc = mysql_fetch_object($scnm)) {
$query = 'SELECT obj_name '
. 'WHERE obj_param = "subcategory" '
. 'AND obj_bid = %d '
. 'AND obj_id = %d';
- $query = sprintf($query, $this->table, $c->catid, $sc->scatid);
+ $query = sprintf($query, $this->table, intval($c->catid), intval($sc->scatid));
$scpt = sql_query($query);
$scp = mysql_fetch_object($scpt);
$data = array (
- 'oid' => $sc->scatid,
- 'obd' => $c->catid,
- 'opr' => 'subcategory',
- 'name' => '»'.$sc->sname,
- 'ret' => 'catoverview',
- 'ed_URL' => $this->mcadmin
- . 'index.php?action=scatedit'
- . '&catid=' . $c->catid
- . '&scatid=' . $sc->scatid,
- 'desc' => $sc->sdesc,
- 'path' => $scp->obj_name
- );
+ 'oid' => intval($sc->scatid),
+ 'obd' => intval($c->catid),
+ 'opr' => 'subcategory',
+ 'name' => '»' . $this->_hsc($sc->sname),
+ 'ret' => 'catoverview',
+ 'ed_URL' => $this->mcadmin
+ . 'index.php?action=scatedit'
+ . '&catid=' . intval($c->catid)
+ . '&scatid=' . intval($sc->scatid),
+ 'desc' => $this->_hsc($sc->sdesc),
+ 'path' => $this->_hsc($scp->obj_name)
+ );
$this->print_tablerow($data);
}
}
}
echo '</tbody></table>';
- echo '<a href="'.$this->adminurl.'index.php" onclick="history.back()">'._BACK.'</a>';
+ echo '<a href="' . $this->adminurl . 'index.php" onclick="history.back()">' . _BACK . '</a>';
echo '</p>';
unset($query);
$oPluginAdmin->end();
global $CONF, $oPluginAdmin;
$oPluginAdmin->start();
- $printData = '<h2>'._ADMIN_AREA_TITLE.'</h2>'
+ $printData = '<h2>' . _ADMIN_AREA_TITLE . '</h2>'
. '<ul style="list-style:none;">'
. ' <li>'
. ' <a href="' . $this->pediturl . '">'
. ' </a>'
. ' </li>'
. '</ul>'
- . '<p>'.$msg;
+ . '<p>' . $this->_hsc($msg);
echo $printData;
unset($printData);
$this->print_tablehead(_LOGIN_NAME, _MEMBERS_REALNAME);
$query = sprintf($query, mname, mnumber, mrealname, sql_table('member'));
$res = sql_query($query);
while ($m = mysql_fetch_object($res)) {
- $data = array (
- 'oid' => $m->mnumber,
- 'obd' => 0,
- 'opr' => 'member',
- 'name' => $m->mname,
- 'ret' => 'memberview',
- 'ed_URL' => $this->edhiturl
- . 'index.php?action=memberedit'
- . '&memberid=' . $m->mnumber,
- 'desc' => $m->mrealname,
- 'path' => $this->plugin->getMemberOption($m->mnumber, 'customurl_mname')
+ $mPpath = $this->_hsc($this->plugin->getMemberOption($m->mnumber, 'customurl_mname'));
+ $data = array (
+ 'oid' => intval($m->mnumber),
+ 'obd' => 0,
+ 'opr' => 'member',
+ 'name' => $this->_hsc($m->mname),
+ 'ret' => 'memberview',
+ 'ed_URL' => $this->editurl
+ . 'index.php?action=memberedit'
+ . '&memberid=' . intval($m->mnumber),
+ 'desc' => $this->_hsc($m->mrealname),
+ 'path' => $mPath
);
$this->print_tablerow($data);
}
$oPluginAdmin->end();
}
- function action_itemview($bid, $msg = '') {
+ function action_itemview($bid = 0, $msg = '') {
global $CONF, $oPluginAdmin;
+ if (empty($bid)) {
+ if (getVar('blogid')) {
+ $bid = intGetVar('blogid');
+ } else {
+ $bid = intval($CONF['DefaultBlog']);
+ }
+ } else {
+ $bid = intval($bid);
+ }
$oPluginAdmin->start();
$printData = '<h2>'._ADMIN_AREA_TITLE.'</h2>'
. '<ul style="list-style:none;">'
. ' </a>'
. ' </li>'
. ' <li>'
- . ' <a href="' . $this->adminurl . 'index.php?action=goCategory&blogid=' . $bid . '">'
+// . ' <a href="' . $this->adminurl . 'index.php?action=goCategory&blogid=' . $bid . '">'
+ . ' <a href="' . $this->adminurl . 'index.php?action=categoryview&blogid=' . $bid . '">'
. _FOR_CATEGORY_SETTING
. ' </a>'
. ' </li>'
. ' </a>'
. ' </li>'
. '</ul>'
- . '<p><h3>'.$msg.'</h3>';
+ . '<p><h3>' . $this->_hsc($msg) . '</h3>';
echo $printData;
unset($printData);
$this->print_tablehead(_LISTS_TITLE, _LISTS_ITEM_DESC);
$query = sprintf($query, ititle, inumber, ibody, sql_table('item'), $bid);
$res = sql_query($query);
while ($i = mysql_fetch_object($res)) {
- $query = 'SELECT obj_name as result FROM %s WHERE obj_param = "item" AND obj_id = %d';
- $query = sprintf($query, sql_table('plug_customurl'), $i->inumber);
+ $query = 'SELECT obj_name as result FROM %s WHERE obj_param = "item" AND obj_id = %d';
+ $query = sprintf($query, sql_table('plug_customurl'), intval($i->inumber));
$temp_res = quickQuery($query);
- $ipath = substr($temp_res, 0, (strlen($temp_res)-5));
- $data = array (
- 'oid' => $i->inumber,
- 'obd' => $bid,
- 'opr' => 'item',
- 'name' => $i->ititle,
- 'ret' => 'itemview',
- 'ed_URL' => $this->edhiturl
- . 'index.php?action=itemedit'
- . '&itemid=' . $i->inumber,
- 'desc' => mb_substr(strip_tags($i->ibody), 0, 80),
- 'path' => $ipath
+ $ipath = $this->_hsc(substr($temp_res, 0, -5));
+ $data = array (
+ 'oid' => intval($i->inumber),
+ 'obd' => $bid,
+ 'opr' => 'item',
+ 'name' => $this->_hsc($i->ititle),
+ 'ret' => 'itemview',
+ 'ed_URL' => $this->editurl
+ . 'index.php?action=itemedit'
+ . '&itemid=' . intval($i->inumber),
+// 'desc' => $this->_hsc(mb_substr(strip_tags($i->ibody), 0, 80)),
+ 'path' => $ipath
);
+ if (extension_loaded('mbstring')) {
+ $data['desc'] = $this->_hsc(mb_substr(strip_tags($i->ibody), 0, 80));
+ } else {
+ $this->_hsc(substr(strip_tags($i->ibody), 0, 80));
+ }
$this->print_tablerow($data);
}
echo '</tbody></table></p>';
TBODY;
$manager->addTicketHidden();
echo <<< TBODY
- <td>{$data['name']} <a href="{$data['ed_URL']}" style="font-size:xx-small;">[{$edit}]</a></td>
+ <td>{$data['name']}
+ <a href="{$data['ed_URL']}" style="font-size:xx-small;">[{$edit}]</a>
+ </td>
<td>{$data['desc']}</td>
<td><input type="text" name="path" size="32" value="{$data['path']}"/></td>
<td><input type="submit" name="update" value="{$updateText}" /></td>
$this->action_categoryview($bid);
}
+ function _hsc($str)
+ {
+ return htmlspecialchars($str, ENT_QUOTES, _CHARSET);
+ }
+
}
$myAdmin = new CustomURL_ADMIN();