3 * Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/)
4 * Copyright (C) 2002-2009 The Nucleus Group
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version 2
9 * of the License, or (at your option) any later version.
10 * (see nucleus/documentation/index.html#license for more info)
13 * The code for the Nucleus admin area
15 * @license http://nucleuscms.org/license.txt GNU General Public License
16 * @copyright Copyright (C) 2002-2009 The Nucleus Group
17 * @version $Id: ADMIN.php 1661 2012-02-12 11:55:39Z sakamocchi $
20 if ( !function_exists('requestVar') ) exit;
21 require_once dirname(__FILE__) . '/showlist.php';
26 private $xml_version_info = '1.0';
27 private $formal_public_identifier = '-//W3C//DTD XHTML 1.0 Strict//EN';
28 private $system_identifier = 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd';
29 private $xhtml_namespace = 'http://www.w3.org/1999/xhtml';
32 * @var string $action action currently being executed ($action=xxxx -> action_xxxx method)
46 * @param string $action action to be performed
48 function action($action) {
49 global $CONF, $manager;
51 // list of action aliases
53 'login' => 'overview',
57 if (isset($alias[$action]))
58 $action = $alias[$action];
60 $methodName = 'action_' . $action;
62 $this->action = strtolower($action);
64 // check ticket. All actions need a ticket, unless they are considered to be safe (a safe action
65 // is an action that requires user interaction before something is actually done)
66 // all safe actions are in this array:
67 $aActionsNotToCheck = array(
119 // the rest of the actions needs to be checked
120 $aActionsToCheck = array('additem', 'itemupdate', 'itemmoveto', 'categoryupdate', 'categorydeleteconfirm', 'itemdeleteconfirm', 'commentdeleteconfirm', 'teamdeleteconfirm', 'memberdeleteconfirm', 'templatedeleteconfirm', 'skindeleteconfirm', 'banlistdeleteconfirm', 'plugindeleteconfirm', 'batchitem', 'batchcomment', 'batchmember', 'batchcategory', 'batchteam', 'commentupdate', 'banlistadd', 'changemembersettings', 'clearactionlog', 'settingsupdate', 'blogsettingsupdate', 'categorynew', 'teamchangeadmin', 'teamaddmember', 'memberadd', 'addnewlog', 'addnewlog2', 'backupcreate', 'backuprestore', 'pluginup', 'plugindown', 'pluginupdate', 'pluginadd', 'pluginoptionsupdate', 'skinupdate', 'skinclone', 'skineditgeneral', 'templateclone', 'templatenew', 'templateupdate', 'skinieimport', 'skinieexport', 'skiniedoimport', 'skinnew', 'deleteblogconfirm', 'activatesetpwd');
122 if (!in_array($this->action, $aActionsNotToCheck))
124 if (!$manager->checkTicket())
125 $this->error(_ERROR_BADTICKET);
128 if (method_exists($this, $methodName))
129 call_user_func(array(&$this, $methodName));
131 $this->error(_BADACTION . Entity::hsc(" ($action)"));
136 * @todo document this
138 function action_showlogin() {
140 $this->action_login($error);
144 * @todo document this
146 function action_login($msg = '', $passvars = 1) {
149 // skip to overview when allowed
150 if ($member->isLoggedIn() && $member->canLogin()) {
151 $this->action_overview();
157 echo '<h2>', _LOGIN ,'</h2>';
158 if ($msg) echo _MESSAGE , ': ', Entity::hsc($msg);
161 <form action="index.php" method="post"><p>
162 <?php echo _LOGIN_NAME; ?> <br /><input name="login" tabindex="10" />
164 <?php echo _LOGIN_PASSWORD; ?> <br /><input name="password" tabindex="20" type="password" />
166 <input name="action" value="login" type="hidden" />
168 <input type="submit" value="<?php echo _LOGIN ?>" tabindex="30" />
171 <input type="checkbox" value="1" name="shared" tabindex="40" id="shared" /><label for="shared"><?php echo _LOGIN_SHARED ?></label>
172 <br /><a href="forgotpassword.html"><?php echo _LOGIN_FORGOT ?></a>
174 <?php // pass through vars
176 $oldaction = postVar('oldaction');
177 if ( ($oldaction != 'logout') && ($oldaction != 'login') && $passvars ) {
184 <?php $this->pagefoot();
189 * provides a screen with the overview of the actions available
190 * @todo document parameter
192 function action_overview($msg = '') {
198 echo _MESSAGE , ': ', $msg;
200 /* ---- add items ---- */
201 echo '<h2>' . _OVERVIEW_YRBLOGS . '</h2>';
203 $showAll = requestVar('showall');
205 if (($member->isAdmin()) && ($showAll == 'yes')) {
206 // Super-Admins have access to all blogs! (no add item support though)
207 $query = 'SELECT bnumber, bname, 1 as tadmin, burl, bshortname'
208 . ' FROM ' . sql_table('blog')
211 $query = 'SELECT bnumber, bname, tadmin, burl, bshortname'
212 . ' FROM ' . sql_table('blog') . ', ' . sql_table('team')
213 . ' WHERE tblog=bnumber and tmember=' . $member->getID()
216 $template['content'] = 'bloglist';
217 $template['superadmin'] = $member->isAdmin();
218 $amount = showlist($query,'table',$template);
220 if (($showAll != 'yes') && ($member->isAdmin())) {
221 $total = DB::getValue('SELECT COUNT(*) as result FROM ' . sql_table('blog'));
222 if ($total > $amount)
223 echo '<p><a href="index.php?action=overview&showall=yes">' . _OVERVIEW_SHOWALL . '</a></p>';
227 echo _OVERVIEW_NOBLOGS;
230 echo '<h2>' . _OVERVIEW_YRDRAFTS . '</h2>';
231 $query = 'SELECT ititle, inumber, bshortname'
232 . ' FROM ' . sql_table('item'). ', ' . sql_table('blog')
233 . ' WHERE iauthor='.$member->getID().' and iblog=bnumber and idraft=1';
234 $template['content'] = 'draftlist';
235 $amountdrafts = showlist($query, 'table', $template);
236 if ($amountdrafts == 0)
237 echo _OVERVIEW_NODRAFTS;
241 $yrBlogs = $member->getAdminBlogs();
242 if ($showAll != 'yes') {
244 foreach ($yrBlogs as $value) {
245 if ($member->isBlogAdmin(intval($value))) {
246 $admBlogs[] = intval($value);
249 $yrBlogs = $admBlogs;
252 if (count($yrBlogs) > 0) {
253 echo '<h2>' . _OVERVIEW_OTHER_DRAFTS . '</h2>';
254 $query = 'SELECT ititle, inumber, bshortname, mname'
255 . ' FROM ' . sql_table('item'). ', ' . sql_table('blog'). ', ' . sql_table('member')
256 . ' WHERE iauthor<>'.$member->getID().' and iblog IN ('.implode(",",$yrBlogs).') and iblog=bnumber and iauthor=mnumber and idraft=1'
257 . ' ORDER BY iblog ASC';
258 $template['content'] = 'otherdraftlist';
259 $amountdrafts = showlist($query, 'table', $template);
260 if ($amountdrafts == 0)
261 echo _OVERVIEW_NODRAFTS;
265 /* ---- user settings ---- */
266 echo '<h2>' . _OVERVIEW_YRSETTINGS . '</h2>';
268 echo '<li><a href="index.php?action=editmembersettings">' . _OVERVIEW_EDITSETTINGS. '</a></li>';
269 echo '<li><a href="index.php?action=browseownitems">' . _OVERVIEW_BROWSEITEMS.'</a></li>';
270 echo '<li><a href="index.php?action=browseowncomments">'._OVERVIEW_BROWSECOMM.'</a></li>';
273 /* ---- general settings ---- */
274 if ($member->isAdmin()) {
275 echo '<h2>' . _OVERVIEW_MANAGEMENT. '</h2>';
277 echo '<li><a href="index.php?action=manage">',_OVERVIEW_MANAGE,'</a></li>';
286 * Returns a link to a weblog
289 function bloglink(&$blog) {
290 return '<a href="'.Entity::hsc($blog->getURL()).'" title="'._BLOGLIST_TT_VISIT.'">'. Entity::hsc( $blog->getName() ) .'</a>';
294 * @todo document this
296 function action_manage($msg = '') {
299 $member->isAdmin() or $this->disallow();
303 echo '<p><a href="index.php?action=overview">(',_BACKHOME,')</a></p>';
306 echo '<p>' , _MESSAGE , ': ', $msg , '</p>';
309 echo '<h2>' . _MANAGE_GENERAL. '</h2>';
312 echo '<li><a href="index.php?action=createnewlog">'._OVERVIEW_NEWLOG.'</a></li>';
313 echo '<li><a href="index.php?action=settingsedit">'._OVERVIEW_SETTINGS.'</a></li>';
314 echo '<li><a href="index.php?action=usermanagement">'._OVERVIEW_MEMBERS.'</a></li>';
315 echo '<li><a href="index.php?action=actionlog">'._OVERVIEW_VIEWLOG.'</a></li>';
318 echo '<h2>' . _MANAGE_SKINS . '</h2>';
320 echo '<li><a href="index.php?action=skinoverview">'._OVERVIEW_SKINS.'</a></li>';
321 echo '<li><a href="index.php?action=templateoverview">'._OVERVIEW_TEMPLATES.'</a></li>';
322 echo '<li><a href="index.php?action=skinieoverview">'._OVERVIEW_SKINIMPORT.'</a></li>';
325 echo '<h2>' . _MANAGE_EXTRA . '</h2>';
327 echo '<li><a href="index.php?action=backupoverview">'._OVERVIEW_BACKUP.'</a></li>';
328 echo '<li><a href="index.php?action=pluginlist">'._OVERVIEW_PLUGINS.'</a></li>';
335 * Admin::action_itemlist()
337 * @param integer $blogid ID for weblog
340 public function action_itemlist($blogid = '')
342 static private $skin;
344 static public $action;
345 static public $aOptions;
347 static public $contents;
348 static public $extrahead;
349 static public $headMess;
350 static public $passvar;
352 static private $skinless_actions = array(
353 'plugindeleteconfirm',
354 'pluginoptionsupdate',
355 'blogsettingsupdate',
359 'banlistnewfromitem',
362 'changemembersettings',
367 'skinremovetypeconfirm',
377 'templatedeleteconfirm',
381 'adminskinremovetypeconfirm',
383 'adminskindeleteconfirm',
385 'adminskineditgeneral',
390 'admintemplateupdate',
391 'admintemplatedeleteconfirm',
396 static private $ticketless_actions = array(
407 'editmembersettings',
427 'banlistnewfromitem',
464 'adminskinremovetype',
466 'adminskinieoverview',
468 'admintemplateoverview',
469 'admintemplateclone',
471 'admintemplatedelete'
475 * NOTE: This is for condition of admin/normal skin actions
477 static public $adminskin_actions = array(
485 'adminskinremovetype',
487 'adminskinieoverview',
489 'admintemplateoverview',
490 'admintemplateclone',
492 'admintemplatedelete',
495 'adminskineditgeneral',
497 'adminskindeleteconfirm',
498 'adminskinremovetypeconfirm',
500 'adminskinieoverview',
501 'adminskiniedoimport',
506 'admintemplatedeleteconfirm',
507 'admintemplateupdate'
510 static public function initialize()
512 global $CONF, $manager, $member;
514 /* NOTE: 1. decide which skinid to use */
515 $skinid = $CONF['AdminSkin'];
516 if ( $member->isLoggedIn() )
518 $memskin = $member->getAdminSkin();
519 if ( $memskin && Skin::existsID($memskin))
525 /* NOTE: 2. make an instance of skin object */
526 if ( !Skin::existsID($skinid) )
531 /* NOTE: 3. initializing each members */
532 self::$skin =& $manager->getSkin($skinid, 'AdminActions', 'AdminSkin');
534 self::$extrahead = '';
536 self::$headMess = '';
537 self::$aOptions = '';
545 * @param string $action action to be performed
548 static public function action($action)
550 global $CONF, $manager, $member;
552 /* 1. decide action name */
553 $customAction = postvar('customaction');
554 if ( empty($customAction) )
557 'login' => 'overview',
564 'login' => $customAction,
568 if ( array_key_exists($action, $alias) && isset($alias[$action]) )
570 $action = $alias[$action];
572 $method_name = "action_{$action}";
573 self::$action = strtolower($action);
575 /* 2. check ticket-needed action */
576 if ( !in_array(self::$action, self::$ticketless_actions) && !$manager->checkTicket() )
578 self::error(_ERROR_BADTICKET);
582 /* 3. parse according to the action */
583 else if ( method_exists('Admin', $method_name) )
585 call_user_func(array(__CLASS__, $method_name));
588 /* 4. parse special admin skin */
589 elseif ( in_array(self::$action, self::$skinless_actions) )
591 /* TODO: need to be implemented or not?
592 self::action_parseSpecialskin();
597 self::error(_BADACTION . ENTITY::hsc($action));
605 * Action::action_showlogin()
610 static private function action_showlogin()
613 self::action_login($error);
618 * Action::action_login()
620 * @param string $msg message for pageheader
621 * @param integer $passvars ???
623 static private function action_login($msg = '', $passvars = 1)
627 // skip to overview when allowed
628 if ( $member->isLoggedIn() && $member->canLogin() )
630 self::action_overview();
634 /* TODO: needless variable??? */
635 self::$passvar = $passvars;
638 self::$headMess = $msg;
641 self::$skin->parse('showlogin');
645 * Action::action_overview()
646 * provides a screen with the overview of the actions available
648 * @param string $msg message for pageheader
651 static private function action_overview($msg = '')
655 self::$headMess = $msg;
658 self::$skin->parse('overview');
663 * Admin::action_manage()
665 * @param string $msg message for pageheader
668 static private function action_manage($msg = '')
674 self::$headMess = $msg;
676 $member->isAdmin() or self::disallow();
678 self::$skin->parse('manage');
683 * Action::action_itemlist()
685 * @param integer id for weblod
688 static private function action_itemlist($blogid = '')
689 >>>>>>> skinnable-master
691 global $member, $manager, $CONF;
695 $blogid = intRequestVar('blogid');
699 $member->teamRights($blogid) or $member->isAdmin() or $this->disallow();
702 $blog =& $manager->getBlog($blogid);
704 echo '<p><a href="index.php?action=overview">(',_BACKHOME,')</a></p>';
705 echo '<h2>' . _ITEMLIST_BLOG . ' ' . $this->bloglink($blog) . '</h2>';
708 if ( postVar('start') )
710 $start = intPostVar('start');
719 echo '<p><a href="index.php?action=createitem&blogid='.$blogid.'">' . _ITEMLIST_ADDNEW . "</a></p>\n";
722 // amount of items to show
723 if ( postVar('amount') )
725 $amount = intPostVar('amount');
729 $amount = intval($CONF['DefaultListSize']);
736 $search = postVar('search'); // search through items
738 $query = 'SELECT bshortname, cname, mname, ititle, ibody, inumber, idraft, itime'
739 . ' FROM ' . sql_table('item') . ', ' . sql_table('blog') . ', ' . sql_table('member') . ', ' . sql_table('category')
740 . ' WHERE iblog=bnumber and iauthor=mnumber and icat=catid and iblog=' . $blogid;
744 $query .= " AND ((ititle LIKE " . DB::quoteValue('%'.$search.'%') . ") OR (ibody LIKE " . DB::quoteValue('%'.$search.'%') . ") OR (imore LIKE " . DB::quoteValue('%'.$search.'%') . "))";
747 // non-blog-admins can only edit/delete their own items
748 if ( !$member->blogAdminRights($blogid) )
750 $query .= ' and iauthor=' . $member->getID();
753 $query .= ' ORDER BY itime DESC'
754 . " LIMIT $start, $amount";
756 $template['content'] = 'itemlist';
757 $template['now'] = $blog->getCorrectTime(time());
759 $manager->loadClass("ENCAPSULATE");
760 $navList = new NavList('itemlist', $start, $amount, 0, 1000, $blogid, $search, 0);
761 $navList->showBatchList('item',$query,'table',$template);
768 * @todo document this
770 function action_batchitem() {
771 global $member, $manager;
773 // check if logged in
774 $member->isLoggedIn() or $this->disallow();
776 // more precise check will be done for each performed operation
778 // get array of itemids from request
779 $selected = requestIntArray('batch');
780 $action = requestVar('batchaction');
782 // Show error when no items were selected
783 if (!is_array($selected) || sizeof($selected) == 0)
784 $this->error(_BATCH_NOSELECTION);
786 // On move: when no destination blog/category chosen, show choice now
787 $destCatid = intRequestVar('destcatid');
788 if (($action == 'move') && (!$manager->existsCategory($destCatid)))
789 $this->batchMoveSelectDestination('item',$selected);
791 // On delete: check if confirmation has been given
792 if (($action == 'delete') && (requestVar('confirmation') != 'yes'))
793 $this->batchAskDeleteConfirmation('item',$selected);
797 echo '<a href="index.php?action=overview">(',_BACKHOME,')</a>';
798 echo '<h2>',_BATCH_ITEMS,'</h2>';
799 echo '<p>',_BATCH_EXECUTING,' <b>',Entity::hsc($action),'</b></p>';
803 // walk over all itemids and perform action
804 foreach ($selected as $itemid) {
805 $itemid = intval($itemid);
806 echo '<li>',_BATCH_EXECUTING,' <b>',Entity::hsc($action),'</b> ',_BATCH_ONITEM,' <b>', $itemid, '</b>...';
808 // perform action, display errors if needed
811 $error = $this->deleteOneItem($itemid);
814 $error = $this->moveOneItem($itemid, $destCatid);
817 $error = _BATCH_UNKNOWN . Entity::hsc($action);
820 echo '<b>',($error ? $error : _BATCH_SUCCESS),'</b>';
825 echo '<b>',_BATCH_DONE,'</b>';
833 * @todo document this
835 function action_batchcomment() {
838 // check if logged in
839 $member->isLoggedIn() or $this->disallow();
841 // more precise check will be done for each performed operation
843 // get array of itemids from request
844 $selected = requestIntArray('batch');
845 $action = requestVar('batchaction');
847 // Show error when no items were selected
848 if (!is_array($selected) || sizeof($selected) == 0)
849 $this->error(_BATCH_NOSELECTION);
851 // On delete: check if confirmation has been given
852 if (($action == 'delete') && (requestVar('confirmation') != 'yes'))
853 $this->batchAskDeleteConfirmation('comment',$selected);
857 echo '<a href="index.php?action=overview">(',_BACKHOME,')</a>';
858 echo '<h2>',_BATCH_COMMENTS,'</h2>';
859 echo '<p>',_BATCH_EXECUTING,' <b>',Entity::hsc($action),'</b></p>';
862 // walk over all itemids and perform action
863 foreach ($selected as $commentid) {
864 $commentid = intval($commentid);
865 echo '<li>',_BATCH_EXECUTING,' <b>',Entity::hsc($action),'</b> ',_BATCH_ONCOMMENT,' <b>', $commentid, '</b>...';
867 // perform action, display errors if needed
870 $error = $this->deleteOneComment($commentid);
873 $error = _BATCH_UNKNOWN . Entity::hsc($action);
876 echo '<b>',($error ? $error : _BATCH_SUCCESS),'</b>';
881 echo '<b>',_BATCH_DONE,'</b>';
889 * @todo document this
891 function action_batchmember() {
894 // check if logged in and admin
895 ($member->isLoggedIn() && $member->isAdmin()) or $this->disallow();
897 // get array of itemids from request
898 $selected = requestIntArray('batch');
899 $action = requestVar('batchaction');
901 // Show error when no members selected
902 if (!is_array($selected) || sizeof($selected) == 0)
903 $this->error(_BATCH_NOSELECTION);
905 // On delete: check if confirmation has been given
906 if (($action == 'delete') && (requestVar('confirmation') != 'yes'))
907 $this->batchAskDeleteConfirmation('member',$selected);
911 echo '<a href="index.php?action=usermanagement">(',_MEMBERS_BACKTOOVERVIEW,')</a>';
912 echo '<h2>',_BATCH_MEMBERS,'</h2>';
913 echo '<p>',_BATCH_EXECUTING,' <b>',Entity::hsc($action),'</b></p>';
916 // walk over all itemids and perform action
917 foreach ($selected as $memberid) {
918 $memberid = intval($memberid);
919 echo '<li>',_BATCH_EXECUTING,' <b>',Entity::hsc($action),'</b> ',_BATCH_ONMEMBER,' <b>', $memberid, '</b>...';
921 // perform action, display errors if needed
924 $error = $this->deleteOneMember($memberid);
928 DB::execute('UPDATE ' . sql_table('member') . ' SET madmin=1 WHERE mnumber='.$memberid);
932 // there should always remain at least one super-admin
933 $r = DB::getResult('SELECT * FROM '.sql_table('member'). ' WHERE madmin=1 and mcanlogin=1');
934 if ($r->rowCount() < 2)
935 $error = _ERROR_ATLEASTONEADMIN;
937 DB::execute('UPDATE ' . sql_table('member') .' SET madmin=0 WHERE mnumber='.$memberid);
940 $error = _BATCH_UNKNOWN . Entity::hsc($action);
943 echo '<b>',($error ? $error : _BATCH_SUCCESS),'</b>';
948 echo '<b>',_BATCH_DONE,'</b>';
956 * @todo document this
958 function action_batchteam() {
961 $blogid = intRequestVar('blogid');
963 // check if logged in and admin
964 ($member->isLoggedIn() && $member->blogAdminRights($blogid)) or $this->disallow();
966 // get array of itemids from request
967 $selected = requestIntArray('batch');
968 $action = requestVar('batchaction');
970 // Show error when no members selected
971 if (!is_array($selected) || sizeof($selected) == 0)
972 $this->error(_BATCH_NOSELECTION);
974 // On delete: check if confirmation has been given
975 if (($action == 'delete') && (requestVar('confirmation') != 'yes'))
976 $this->batchAskDeleteConfirmation('team',$selected);
980 echo '<p><a href="index.php?action=manageteam&blogid=',$blogid,'">(',_BACK,')</a></p>';
982 echo '<h2>',_BATCH_TEAM,'</h2>';
983 echo '<p>',_BATCH_EXECUTING,' <b>',Entity::hsc($action),'</b></p>';
986 // walk over all itemids and perform action
987 foreach ($selected as $memberid) {
988 $memberid = intval($memberid);
989 echo '<li>',_BATCH_EXECUTING,' <b>',Entity::hsc($action),'</b> ',_BATCH_ONTEAM,' <b>', $memberid, '</b>...';
991 // perform action, display errors if needed
994 $error = $this->deleteOneTeamMember($blogid, $memberid);
998 DB::execute('UPDATE '.sql_table('team').' SET tadmin=1 WHERE tblog='.$blogid.' and tmember='.$memberid);
1002 // there should always remain at least one admin
1003 $r = DB::getResult('SELECT * FROM '.sql_table('team').' WHERE tadmin=1 and tblog='.$blogid);
1004 if ($r->rowCount() < 2)
1005 $error = _ERROR_ATLEASTONEBLOGADMIN;
1007 DB::execute('UPDATE '.sql_table('team').' SET tadmin=0 WHERE tblog='.$blogid.' and tmember='.$memberid);
1010 $error = _BATCH_UNKNOWN . Entity::hsc($action);
1013 echo '<b>',($error ? $error : _BATCH_SUCCESS),'</b>';
1018 echo '<b>',_BATCH_DONE,'</b>';
1026 * @todo document this
1028 function action_batchcategory() {
1029 global $member, $manager;
1031 // check if logged in
1032 $member->isLoggedIn() or $this->disallow();
1034 // more precise check will be done for each performed operation
1036 // get array of itemids from request
1037 $selected = requestIntArray('batch');
1038 $action = requestVar('batchaction');
1040 // Show error when no items were selected
1041 if (!is_array($selected) || sizeof($selected) == 0)
1042 $this->error(_BATCH_NOSELECTION);
1044 // On move: when no destination blog chosen, show choice now
1045 $destBlogId = intRequestVar('destblogid');
1046 if (($action == 'move') && (!$manager->existsBlogID($destBlogId)))
1047 $this->batchMoveCategorySelectDestination('category',$selected);
1049 // On delete: check if confirmation has been given
1050 if (($action == 'delete') && (requestVar('confirmation') != 'yes'))
1051 $this->batchAskDeleteConfirmation('category',$selected);
1055 echo '<a href="index.php?action=overview">(',_BACKHOME,')</a>';
1056 echo '<h2>',BATCH_CATEGORIES,'</h2>';
1057 echo '<p>',_BATCH_EXECUTING,' <b>',Entity::hsc($action),'</b></p>';
1060 // walk over all itemids and perform action
1061 foreach ($selected as $catid) {
1062 $catid = intval($catid);
1063 echo '<li>',_BATCH_EXECUTING,' <b>',Entity::hsc($action),'</b> ',_BATCH_ONCATEGORY,' <b>', $catid, '</b>...';
1065 // perform action, display errors if needed
1068 $error = $this->deleteOneCategory($catid);
1071 $error = $this->moveOneCategory($catid, $destBlogId);
1074 $error = _BATCH_UNKNOWN . Entity::hsc($action);
1077 echo '<b>',($error ? _ERROR . ': '.$error : _BATCH_SUCCESS),'</b>';
1082 echo '<b>',_BATCH_DONE,'</b>';
1089 * @todo document this
1091 function batchMoveSelectDestination($type, $ids) {
1095 <h2><?php echo _MOVE_TITLE ?></h2>
1096 <form method="post" action="index.php"><div>
1098 <input type="hidden" name="action" value="batch<?php echo $type ?>" />
1099 <input type="hidden" name="batchaction" value="move" />
1101 $manager->addTicketHidden();
1103 // insert selected item numbers
1105 foreach ($ids as $id)
1106 echo '<input type="hidden" name="batch[',($idx++),']" value="',intval($id),'" />';
1108 // show blog/category selection list
1109 $this->selectBlogCategory('destcatid');
1114 <input type="submit" value="<?php echo _MOVE_BTN ?>" onclick="return checkSubmit();" />
1117 <?php $this->pagefoot();
1122 * @todo document this
1124 function batchMoveCategorySelectDestination($type, $ids) {
1128 <h2><?php echo _MOVECAT_TITLE ?></h2>
1129 <form method="post" action="index.php"><div>
1131 <input type="hidden" name="action" value="batch<?php echo $type ?>" />
1132 <input type="hidden" name="batchaction" value="move" />
1134 $manager->addTicketHidden();
1136 // insert selected item numbers
1138 foreach ($ids as $id)
1139 echo '<input type="hidden" name="batch[',($idx++),']" value="',intval($id),'" />';
1141 // show blog/category selection list
1142 $this->selectBlog('destblogid');
1147 <input type="submit" value="<?php echo _MOVECAT_BTN ?>" onclick="return checkSubmit();" />
1150 <?php $this->pagefoot();
1155 * @todo document this
1157 function batchAskDeleteConfirmation($type, $ids) {
1162 <h2><?php echo _BATCH_DELETE_CONFIRM ?></h2>
1163 <form method="post" action="index.php"><div>
1165 <input type="hidden" name="action" value="batch<?php echo $type ?>" />
1166 <?php $manager->addTicketHidden() ?>
1167 <input type="hidden" name="batchaction" value="delete" />
1168 <input type="hidden" name="confirmation" value="yes" />
1169 <?php // insert selected item numbers
1171 foreach ($ids as $id)
1172 echo '<input type="hidden" name="batch[',($idx++),']" value="',intval($id),'" />';
1174 // add hidden vars for team & comment
1175 if ($type == 'team')
1177 echo '<input type="hidden" name="blogid" value="',intRequestVar('blogid'),'" />';
1179 if ($type == 'comment')
1181 echo '<input type="hidden" name="itemid" value="',intRequestVar('itemid'),'" />';
1186 <input type="submit" value="<?php echo _BATCH_DELETE_CONFIRM_BTN ?>" onclick="return checkSubmit();" />
1189 <?php $this->pagefoot();
1195 * Inserts a HTML select element with choices for all categories to which the current
1197 * @see function selectBlog
1199 function selectBlogCategory($name, $selected = 0, $tabindex = 0, $showNewCat = 0, $iForcedBlogInclude = -1) {
1200 Admin::selectBlog($name, 'category', $selected, $tabindex, $showNewCat, $iForcedBlogInclude);
1204 * Admin::selectBlog()
1205 * Inserts a HTML select element with choices for all blogs to which the user has access
1206 * mode = 'blog' => shows blognames and values are blogids
1207 * mode = 'category' => show category names and values are catids
1209 * @param string $name name of
1210 * @param string $mode blog/category
1211 * @param integer $selected category ID to be selected
1212 * @param integer $tabindex tab index value
1213 * @param integer $showNewCat show category to newly be created
1214 * @param integer $iForcedBlogInclude ID of a blog that always needs to be included,
1215 * without checking if the member is on the blog team (-1 = none)
1218 public function selectBlog($name, $mode='blog', $selected = 0, $tabindex = 0, $showNewCat = 0, $iForcedBlogInclude = -1)
1220 global $member, $CONF;
1222 // 0. get IDs of blogs to which member can post items (+ forced blog)
1223 $aBlogIds = array();
1224 if ( $iForcedBlogInclude != -1 )
1226 $aBlogIds[] = intval($iForcedBlogInclude);
1229 if ( !$member->isAdmin() || !array_key_exists('ShowAllBlogs', $CONF) || !$CONF['ShowAllBlogs'] )
1231 $query = "SELECT bnumber FROM %s,%s WHERE tblog=bnumber and tmember=%d;";
1232 $query = sprintf($query, sql_table('blog'), sql_table('team'), (integer) $member->getID());
1236 $query = "SELECT bnumber FROM %s ORDER BY bname;";
1237 $query = sprintf($query, sql_table('blog'));
1240 $rblogids = DB::getResult($query);
1241 foreach ( $rblogids as $row )
1243 if ( $row['bnumber'] != $iForcedBlogInclude )
1245 $aBlogIds[] = (integer) $row['bnumber'];
1248 if ( count($aBlogIds) == 0 )
1253 echo "<select name=\"{$name}\" tabindex=\"{$tabindex}\">\n";
1255 // 1. select blogs (we'll create optiongroups)
1256 // (only select those blogs that have the user on the team)
1257 $query = "SELECT bnumber, bname FROM %s WHERE bnumber in (%s) ORDER BY bname;";
1258 $query = sprintf($query, sql_table('blog'), implode(',',$aBlogIds));
1259 $blogs = DB::getResult($query);
1261 if ( $mode == 'category' )
1263 $multipleBlogs = ($blogs->rowCount() > 1);
1265 foreach ( $blogs as $row )
1267 if ( $multipleBlogs )
1269 echo '<optgroup label="' . Entity::hsc($row['bname']) . '">' . "\n";
1272 // show selection to create new category when allowed/wanted
1275 // check if allowed to do so
1276 if ( $member->blogAdminRights($row['bnumber']) )
1278 echo "<option value=\"newcat-{$row['bnumber']}\">" . _ADD_NEWCAT . "</option>\n";
1282 // 2. for each category in that blog
1283 $query = "SELECT cname, catid FROM %s WHERE cblog=%d ORDER BY cname ASC;";
1284 $query = sprintf($query, sql_table('category'), (integer) $row['bnumber']);
1285 $categories = DB::getResult($query);
1286 foreach ( $categories as $cat )
1288 if ( $cat['catid'] != $selected )
1290 echo "<option value=\"{$cat['catid']}\" {$selectText} >" . Entity::hsc($cat['cname']) . "</option>\n";
1294 echo "<option value=\"{$cat['catid']}\" selected=\"selected\" >" . Entity::hsc($cat['cname']) . "</option>\n";
1298 if ( $multipleBlogs )
1300 echo "</optgroup>\n";
1307 foreach ( $blogs as $row )
1309 if ( $row['bnumber'] != $selected )
1311 echo "<option value=\"{$row['bnumber']}\">" . Entity::hsc($row['bname']) . "</option>\n";
1315 echo "<option value=\"{$row['bnumber']}\" selected=\"selected\">" . Entity::hsc($row['bname']) . "</option>\n";
1321 $member->teamRights($blogid) or $member->isAdmin() or self::disallow();
1323 self::$skin->parse('itemlist');
1328 * Action::action_batchitem()
1333 static private function action_batchitem()
1335 global $member, $manager;
1337 $member->isLoggedIn() or self::disallow();
1339 $selected = requestIntArray('batch');
1340 $action = requestVar('batchaction');
1342 if ( !is_array($selected) || sizeof($selected) == 0 )
1344 self::error(_BATCH_NOSELECTION);
1348 // On move: when no destination blog/category chosen, show choice now
1349 $destCatid = intRequestVar('destcatid');
1350 if ( ($action == 'move') && (!$manager->existsCategory($destCatid)) )
1352 self::batchMoveSelectDestination('item', $selected);
1355 // On delete: check if confirmation has been given
1356 if ( ($action == 'delete') && (requestVar('confirmation') != 'yes') )
1358 self::batchAskDeleteConfirmation('item', $selected);
1361 self::$skin->parse('batchitem');
1366 * Action::action_batchcomment()
1371 static private function action_batchcomment()
1375 $member->isLoggedIn() or self::disallow();
1377 $selected = requestIntArray('batch');
1378 $action = requestVar('batchaction');
1380 // Show error when no items were selected
1381 if ( !is_array($selected) || sizeof($selected) == 0 )
1383 self::error(_BATCH_NOSELECTION);
1387 // On delete: check if confirmation has been given
1388 if ( ($action == 'delete') && (requestVar('confirmation') != 'yes') )
1390 self::batchAskDeleteConfirmation('comment', $selected);
1393 self::$skin->parse('batchcomment');
1398 * Admin::action_batchmember()
1403 static private function action_batchmember()
1407 ($member->isLoggedIn() && $member->isAdmin()) or self::disallow();
1409 $selected = requestIntArray('batch');
1410 $action = requestVar('batchaction');
1412 // Show error when no members selected
1413 if ( !is_array($selected) || sizeof($selected) == 0 )
1415 self::error(_BATCH_NOSELECTION);
1419 // On delete: check if confirmation has been given
1420 if ( ($action == 'delete') && (requestVar('confirmation') != 'yes') )
1422 self::batchAskDeleteConfirmation('member',$selected);
1425 self::$skin->parse('batchmember');
1430 * Admin::action_batchteam()
1435 static private function action_batchteam()
1439 $blogid = intRequestVar('blogid');
1441 ($member->isLoggedIn() && $member->blogAdminRights($blogid)) or self::disallow();
1443 $selected = requestIntArray('batch');
1444 $action = requestVar('batchaction');
1446 if ( !is_array($selected) || sizeof($selected) == 0 )
1448 self::error(_BATCH_NOSELECTION);
1452 // On delete: check if confirmation has been given
1453 if ( ($action == 'delete') && (requestVar('confirmation') != 'yes') )
1455 self::batchAskDeleteConfirmation('team',$selected);
1458 self::$skin->parse('batchteam');
1463 * Admin::action_batchcategory()
1468 static private function action_batchcategory()
1470 global $member, $manager;
1472 $member->isLoggedIn() or self::disallow();
1474 $selected = requestIntArray('batch');
1475 $action = requestVar('batchaction');
1477 if ( !is_array($selected) || sizeof($selected) == 0 )
1479 self::error(_BATCH_NOSELECTION);
1483 // On move: when no destination blog chosen, show choice now
1484 $destBlogId = intRequestVar('destblogid');
1485 if ( ($action == 'move') && (!$manager->existsBlogID($destBlogId)) )
1487 self::batchMoveCategorySelectDestination('category', $selected);
1490 // On delete: check if confirmation has been given
1491 if ( ($action == 'delete') && (requestVar('confirmation') != 'yes') )
1493 self::batchAskDeleteConfirmation('category', $selected);
1496 self::$skin->parse('batchcategory');
1501 * Admin::batchMoveSelectDestination()
1503 * @param string $type type of batch action
1504 * @param integer $ids needless???
1507 * TODO: remove needless argument
1509 static private function batchMoveSelectDestination($type, $ids)
1511 $_POST['batchmove'] = $type;
1512 self::$skin->parse('batchmove');
1517 * Admin::batchMoveCategorySelectDestination()
1519 * @param string $type type of batch action
1520 * @param integer $ids needless???
1523 * TODO: remove needless argument
1525 static private function batchMoveCategorySelectDestination($type, $ids)
1527 $_POST['batchmove'] = $type;
1529 self::$skin->parse('batchmovecat');
1534 * Admin::batchAskDeleteConfirmation()
1536 * @param string $type type of batch action
1537 * @param integer $ids needless???
1540 * TODO: remove needless argument
1542 static private function batchAskDeleteConfirmation($type, $ids)
1544 self::$skin->parse('batchdelete');
1549 * Admin::action_browseownitems()
1554 static private function action_browseownitems()
1556 global $member, $manager, $CONF;
1558 self::$skin->parse('browseownitems');
1563 * Admin::action_itemcommentlist()
1564 * Show all the comments for a given item
1566 * @param integer $itemid ID for item
1569 static private function action_itemcommentlist($itemid = '')
1571 global $member, $manager, $CONF;
1573 if ( $itemid == '' )
1575 $itemid = intRequestVar('itemid');
1578 // only allow if user is allowed to alter item
1579 $member->canAlterItem($itemid) or self::disallow();
1581 $item =& $manager->getItem($itemid, 1, 1);
1582 $_REQUEST['itemid'] = $item['itemid'];
1583 $_REQUEST['blogid'] = $item['blogid'];
1585 self::$skin->parse('itemcommentlist');
1590 * Admin::action_browseowncomments()
1591 * Browse own comments
1596 static private function action_browseowncomments()
1598 self::$skin->parse('browseowncomments');
1603 * Admin::action_blogcommentlist()
1604 * Browse all comments for a weblog
1606 * @param integer $blogid ID for weblog
1609 static private function action_blogcommentlist($blogid = '')
1611 global $member, $manager, $CONF;
1613 if ( $blogid == '' )
1615 $blogid = intRequestVar('blogid');
1619 $blogid = intval($blogid);
1622 $member->teamRights($blogid) or $member->isAdmin() or self::disallow();
1624 /* TODO: we consider to use the other way insterad of this */
1625 $_REQUEST['blogid'] = $blogid;
1627 self::$skin->parse('blogcommentlist');
1632 * Admin::action_createaccount()
1637 static private function action_createaccount()
1641 if ( $CONF['AllowMemberCreate'] != 1 )
1643 self::$skin->parse('createaccountdisable');
1659 if ( array_key_exists('showform', $_POST) && $_POST['showform'] == 1 )
1661 $action = new Action();
1662 $message = $action->createAccount();
1663 if ( $message === 1 )
1665 self::$headMess = $message;
1666 self::$skin->parse('createaccountsuccess');
1670 /* TODO: validation */
1671 if ( array_key_exists('name', $_POST) )
1673 $contents['name'] = $_POST['name'];
1675 if ( array_key_exists('realname', $_POST) )
1677 $contents['realname'] = $_POST['realname'];
1679 if ( array_key_exists('email', $_POST) )
1681 $contents['email'] = $_POST['email'];
1683 if ( array_key_exists('url', $_POST) )
1685 $contents['url'] = $_POST['url'];
1688 self::$contents = $contents;
1692 self::$skin->parse('createaccountinput');
1697 * Admin::action_createitem()
1698 * Provide a page to item a new item to the given blog
1703 static private function action_createitem()
1705 global $member, $manager;
1707 $blogid = intRequestVar('blogid');
1710 $member->teamRights($blogid) or self::disallow();
1712 $blog =& $manager->getBlog($blogid);
1713 $contents = array();
1717 'contents' => &$contents
1719 $manager->notify('PreAddItemForm', $data);
1721 if ( $blog->convertBreaks() )
1723 if ( array_key_exists('body', $contents) && !empty($contents['body']) )
1725 $contents['body'] = removeBreaks($contents['body']);
1727 if ( array_key_exists('more', $contents) && !empty($contents['more']) )
1729 $contents['more'] = removeBreaks($contents['more']);
1733 self::$blog = &$blog;
1734 self::$contents = &$contents;
1736 self::$skin->parse('createitem');
1741 * Admin::action_itemedit()
1746 static private function action_itemedit()
1748 global $member, $manager;
1750 $itemid = intRequestVar('itemid');
1752 // only allow if user is allowed to alter item
1753 $member->canAlterItem($itemid) or self::disallow();
1755 $item =& $manager->getItem($itemid, 1, 1);
1756 $blog =& $manager->getBlog($item['blogid']);
1757 $data = array('blog'=> &$blog, 'item' => &$item);
1758 $manager->notify('PrepareItemForEdit', $data);
1760 if ( $blog->convertBreaks() )
1762 if ( array_key_exists('body', $item) && !empty($item['body']) )
1764 $item['body'] = removeBreaks($item['body']);
1766 if ( array_key_exists('more', $item) && !empty($item['more']) )
1768 $item['more'] = removeBreaks($item['more']);
1772 self::$blog = &$blog;
1773 self::$contents = &$item;
1775 self::$skin->parse('itemedit');
1780 * Admin::action_itemupdate()
1785 static private function action_itemupdate()
1787 global $member, $manager, $CONF;
1789 $itemid = intRequestVar('itemid');
1790 $catid = postVar('catid');
1792 // only allow if user is allowed to alter item
1793 $member->canUpdateItem($itemid, $catid) or self::disallow();
1795 $actiontype = postVar('actiontype');
1797 // delete actions are handled by itemdelete (which has confirmation)
1798 if ( $actiontype == 'delete' )
1800 self::action_itemdelete();
1804 $body = postVar('body');
1805 $title = postVar('title');
1806 $more = postVar('more');
1807 $closed = intPostVar('closed');
1808 $draftid = intPostVar('draftid');
1810 // default action = add now
1813 $actiontype='addnow';
1816 // create new category if needed
1817 if ( i18n::strpos($catid,'newcat') === 0 )
1820 list($blogid) = sscanf($catid,"newcat-%d");
1823 $blog =& $manager->getBlog($blogid);
1824 $catid = $blog->createNewCategory();
1826 // show error when sth goes wrong
1829 self::doError(_ERROR_CATCREATEFAIL);
1834 * set some variables based on actiontype
1837 * draft items -> addnow, addfuture, adddraft, delete
1838 * non-draft items -> edit, changedate, delete
1841 * $timestamp: set to a nonzero value for future dates or date changes
1842 * $wasdraft: set to 1 when the item used to be a draft item
1843 * $publish: set to 1 when the edited item is not a draft
1845 $blogid = getBlogIDFromItemID($itemid);
1846 $blog =& $manager->getBlog($blogid);
1848 $wasdrafts = array('adddraft', 'addfuture', 'addnow');
1849 $wasdraft = in_array($actiontype, $wasdrafts) ? 1 : 0;
1850 $publish = ($actiontype != 'adddraft' && $actiontype != 'backtodrafts') ? 1 : 0;
1851 if ( $actiontype == 'addfuture' || $actiontype == 'changedate' )
1853 $timestamp = mktime(intPostVar('hour'), intPostVar('minutes'), 0, intPostVar('month'), intPostVar('day'), intPostVar('year'));
1860 // edit the item for real
1861 Item::update($itemid, $catid, $title, $body, $more, $closed, $wasdraft, $publish, $timestamp);
1863 self::updateFuturePosted($blogid);
1867 // delete permission is checked inside Item::delete()
1868 Item::delete($draftid);
1871 if ( $catid != intPostVar('catid') )
1873 self::action_categoryedit(
1876 $CONF['AdminURL'] . 'index.php?action=itemlist&blogid=' . getBlogIDFromItemID($itemid)
1881 // TODO: set start item correctly for itemlist
1882 $item =& $manager->getitem($itemid, 1, 1);
1883 $query = "SELECT COUNT(*) FROM %s WHERE unix_timestamp(itime) <= '%s';";
1884 $query = sprintf($query, sql_table('item'), $item['timestamp']);
1885 $cnt = DB::getValue($query);
1886 $_REQUEST['start'] = $cnt + 1;
1887 self::action_itemlist(getBlogIDFromItemID($itemid));
1893 * Admin::action_itemdelete()
1899 static private function action_itemdelete()
1901 global $member, $manager;
1903 $itemid = intRequestVar('itemid');
1905 // only allow if user is allowed to alter item
1906 $member->canAlterItem($itemid) or self::disallow();
1908 if ( !$manager->existsItem($itemid,1,1) )
1910 self::error(_ERROR_NOSUCHITEM);
1914 self::$skin->parse('itemdelete');
1919 * Admin::action_itemdeleteconfirm()
1924 static private function action_itemdeleteconfirm()
1926 global $member, $manager;
1928 $itemid = intRequestVar('itemid');
1930 // only allow if user is allowed to alter item
1931 $member->canAlterItem($itemid) or self::disallow();
1934 $item =& $manager->getItem($itemid, 1, 1);
1936 // delete item (note: some checks will be performed twice)
1937 self::deleteOneItem($item['itemid']);
1939 self::action_itemlist($item['blogid']);
1944 * Admin::deleteOneItem()
1945 * Deletes one item and returns error if something goes wrong
1947 * @param integer $itemid ID for item
1950 static public function deleteOneItem($itemid)
1952 global $member, $manager;
1954 // only allow if user is allowed to alter item (also checks if itemid exists)
1955 if ( !$member->canAlterItem($itemid) )
1957 return _ERROR_DISALLOWED;
1960 // need to get blogid before the item is deleted
1961 $item =& $manager->getItem($itemid, 1, 1);
1963 $manager->loadClass('ITEM');
1964 Item::delete($item['itemid']);
1966 // update blog's futureposted
1967 self::updateFuturePosted($item['itemid']);
1972 * Admin::updateFuturePosted()
1973 * Update a blog's future posted flag
1975 * @param integer $blogid
1978 static private function updateFuturePosted($blogid)
1982 $blogid = intval($blogid);
1983 $blog =& $manager->getBlog($blogid);
1984 $currenttime = $blog->getCorrectTime(time());
1986 $query = "SELECT * FROM %s WHERE iblog=%d AND iposted=0 AND itime>'%s'";
1987 $query = sprintf($query, sql_table('item'), (integer) $blogid, i18n::formatted_datetime('mysql', $currenttime));
1988 $result = DB::getResult($query);
1990 if ( $result->rowCount() > 0 )
1992 $blog->setFuturePost();
1996 $blog->clearFuturePost();
2002 * Admin::action_itemmove()
2007 static private function action_itemmove()
2009 global $member, $manager;
2011 $itemid = intRequestVar('itemid');
2013 $member->canAlterItem($itemid) or self::disallow();
2015 self::$skin->parse('itemmove');
2020 * Admin::action_itemmoveto()
2025 static private function action_itemmoveto()
2027 global $member, $manager;
2029 $itemid = intRequestVar('itemid');
2030 $catid = requestVar('catid');
2032 // create new category if needed
2033 if ( i18n::strpos($catid,'newcat') === 0 )
2036 list($blogid) = sscanf($catid,'newcat-%d');
2039 $blog =& $manager->getBlog($blogid);
2040 $catid = $blog->createNewCategory();
2042 // show error when sth goes wrong
2045 self::doError(_ERROR_CATCREATEFAIL);
2049 // only allow if user is allowed to alter item
2050 $member->canUpdateItem($itemid, $catid) or self::disallow();
2052 $old_blogid = getBlogIDFromItemId($itemid);
2054 Item::move($itemid, $catid);
2056 // set the futurePosted flag on the blog
2057 self::updateFuturePosted(getBlogIDFromItemId($itemid));
2059 // reset the futurePosted in case the item is moved from one blog to another
2060 self::updateFuturePosted($old_blogid);
2062 if ( $catid != intRequestVar('catid') )
2064 self::action_categoryedit($catid, $blog->getID());
2068 self::action_itemlist(getBlogIDFromCatID($catid));
2074 * Admin::moveOneItem()
2075 * Moves one item to a given category (category existance should be checked by caller)
2076 * errors are returned
2078 * @param integer $itemid ID for item
2079 * @param integer $destCatid ID for category to which the item will be moved
2082 static public function moveOneItem($itemid, $destCatid)
2086 // only allow if user is allowed to move item
2087 if ( !$member->canUpdateItem($itemid, $destCatid) )
2089 return _ERROR_DISALLOWED;
2092 Item::move($itemid, $destCatid);
2097 * Admin::action_additem()
2098 * Adds a item to the chosen blog
2103 static private function action_additem()
2105 global $manager, $CONF;
2107 $manager->loadClass('ITEM');
2109 $result = Item::createFromRequest();
2111 if ( $result['status'] == 'error' )
2113 self::error($result['message']);
2117 $item =& $manager->getItem($result['itemid'], 0, 0);
2119 if ( $result['status'] == 'newcategory' )
2121 $distURI = $manager->addTicketToUrl($CONF['AdminURL'] . 'index.php?action=itemList&blogid=' . $item['blogid']);
2122 self::action_categoryedit($result['catid'], $item['blogid'], $distURI);
2126 $methodName = 'action_itemlist';
2127 self::action_itemlist($item['blogid']);
2133 * Admin::action_commentedit()
2134 * Allows to edit previously made comments
2139 static private function action_commentedit()
2141 global $member, $manager;
2143 $commentid = intRequestVar('commentid');
2145 $member->canAlterComment($commentid) or self::disallow();
2147 $comment = Comment::getComment($commentid);
2148 $data = array('comment' => &$comment);
2149 $manager->notify('PrepareCommentForEdit', $data);
2151 self::$contents = $comment;
2152 self::$skin->parse('commentedit');
2157 * Admin::action_commentupdate()
2162 static private function action_commentupdate()
2164 global $member, $manager;
2166 $commentid = intRequestVar('commentid');
2168 $member->canAlterComment($commentid) or self::disallow();
2170 $url = postVar('url');
2171 $email = postVar('email');
2172 $body = postVar('body');
2174 // intercept words that are too long
2175 if (preg_match('#[a-zA-Z0-9|\.,;:!\?=\/\\\\]{90,90}#', $body) != FALSE)
2177 self::error(_ERROR_COMMENT_LONGWORD);
2182 if ( i18n::strlen($body) < 3 )
2184 self::error(_ERROR_COMMENT_NOCOMMENT);
2188 if ( i18n::strlen($body) > 5000 )
2190 self::error(_ERROR_COMMENT_TOOLONG);
2195 $body = Comment::prepareBody($body);
2201 $manager->notify('PreUpdateComment', $data);
2203 $query = "UPDATE %s SET cmail=%s, cemail=%s, cbody=%s WHERE cnumber=%d;";
2204 $query = sprintf($query, sql_table('comment'), DB::quoteValue($url), DB::quoteValue($email), DB::quoteValue($body), (integer) $commentid);
2205 DB::execute($query);
2208 $query = "SELECT citem FROM %s WHERE cnumber=%d;";
2209 $query = sprintf($query, sql_table('comment'), (integer) $commentid);
2211 $itemid = DB::getValue($query);
2213 if ( $member->canAlterItem($itemid) )
2215 self::action_itemcommentlist($itemid);
2219 self::action_browseowncomments();
2225 * Admin::action_commentdelete()
2231 static private function action_commentdelete()
2233 global $member, $manager;
2235 $commentid = intRequestVar('commentid');
2236 $member->canAlterComment($commentid) or self::disallow();
2238 self::$skin->parse('commentdelete');
2243 * Admin::action_commentdeleteconfirm()
2248 static private function action_commentdeleteconfirm()
2252 $commentid = intRequestVar('commentid');
2254 // get item id first
2255 $query = "SELECT citem FROM %s WHERE cnumber=%d;";
2256 $query = sprintf($query, sql_table('comment'), (integer) $commentid);
2258 $itemid = DB::getValue($query);
2260 $error = self::deleteOneComment($commentid);
2263 self::doError($error);
2266 if ( $member->canAlterItem($itemid) )
2268 self::action_itemcommentlist($itemid);
2272 self::action_browseowncomments();
2278 * Admin::deleteOneComment()
2280 * @param integer $commentid ID for comment
2283 static public function deleteOneComment($commentid)
2285 global $member, $manager;
2287 $commentid = (integer) $commentid;
2289 if ( !$member->canAlterComment($commentid) )
2291 return _ERROR_DISALLOWED;
2295 'commentid' => $commentid
2298 $manager->notify('PreDeleteComment', $data);
2300 // delete the comments associated with the item
2301 $query = "DELETE FROM %s WHERE cnumber=%d;";
2302 $query = sprintf($query, sql_table('comment'), (integer) $commentid);
2303 DB::execute($query);
2306 'commentid' => $commentid
2309 $manager->notify('PostDeleteComment', $data);
2315 * Admin::action_usermanagement()
2316 * Usermanagement main
2321 static private function action_usermanagement()
2323 global $member, $manager;
2326 $member->isAdmin() or self::disallow();
2328 self::$skin->parse('usermanagement');
2333 * Admin::action_memberedit()
2334 * Edit member settings
2339 static private function action_memberedit()
2341 self::action_editmembersettings(intRequestVar('memberid'));
2346 * Admin::action_editmembersettings()
2348 * @param integer $memberid ID for member
2352 static private function action_editmembersettings($memberid = '')
2354 global $member, $manager, $CONF;
2356 if ( $memberid == '' )
2358 $memberid = $member->getID();
2361 /* TODO: we should consider to use the other way insterad of this */
2362 $_REQUEST['memberid'] = $memberid;
2365 ($member->getID() == $memberid) or $member->isAdmin() or self::disallow();
2367 self::$extrahead .= "<script type=\"text/javascript\" src=\"<%skinfile(/javascripts/numbercheck.js)%>\"></script>\n";
2369 self::$skin->parse('editmembersettings');
2374 * Admin::action_changemembersettings()
2379 static private function action_changemembersettings()
2381 global $member, $CONF, $manager;
2383 $memberid = intRequestVar('memberid');
2386 ($member->getID() == $memberid) or $member->isAdmin() or self::disallow();
2388 $name = trim(strip_tags(postVar('name')));
2389 $realname = trim(strip_tags(postVar('realname')));
2390 $password = postVar('password');
2391 $repeatpassword = postVar('repeatpassword');
2392 $email = strip_tags(postVar('email'));
2393 $url = strip_tags(postVar('url'));
2394 $adminskin = intPostVar('adminskin');
2395 $bookmarklet = intPostVar('bookmarklet');
2397 // begin if: sometimes user didn't prefix the URL with http:// or https://, this cause a malformed URL. Let's fix it.
2398 if ( !preg_match('#^https?://#', $url) )
2400 $url = 'http://' . $url;
2403 $admin = postVar('admin');
2404 $canlogin = postVar('canlogin');
2405 $notes = strip_tags(postVar('notes'));
2406 $locale = postVar('locale');
2408 $mem =& $manager->getMember($memberid);
2410 if ( $CONF['AllowLoginEdit'] || $member->isAdmin() )
2412 if ( !isValidDisplayName($name) )
2414 self::error(_ERROR_BADNAME);
2418 if ( ($name != $mem->getDisplayName()) && Member::exists($name) )
2420 self::error(_ERROR_NICKNAMEINUSE);
2424 if ( $password != $repeatpassword )
2426 self::error(_ERROR_PASSWORDMISMATCH);
2430 if ( $password && (i18n::strlen($password) < 6) )
2432 self::error(_ERROR_PASSWORDTOOSHORT);
2442 'password' => $password,
2443 'errormessage' => &$pwderror,
2444 'valid' => &$pwdvalid
2446 $manager->notify('PrePasswordSet', $data);
2450 self::error($pwderror);
2456 if ( !NOTIFICATION::address_validation($email) )
2458 self::error(_ERROR_BADMAILADDRESS);
2463 self::error(_ERROR_REALNAMEMISSING);
2466 if ( ($locale != '') && (!in_array($locale, i18n::get_available_locale_list())) )
2468 self::error(_ERROR_NOSUCHTRANSLATION);
2472 // check if there will remain at least one site member with both the logon and admin rights
2473 // (check occurs when taking away one of these rights from such a member)
2474 if ( (!$admin && $mem->isAdmin() && $mem->canLogin())
2475 || (!$canlogin && $mem->isAdmin() && $mem->canLogin())
2478 $r = DB::getResult('SELECT * FROM '.sql_table('member').' WHERE madmin=1 and mcanlogin=1');
2479 if ( $r->rowCount() < 2 )
2481 self::error(_ERROR_ATLEASTONEADMIN);
2486 if ( $CONF['AllowLoginEdit'] || $member->isAdmin() )
2488 $mem->setDisplayName($name);
2491 $mem->setPassword($password);
2495 $oldEmail = $mem->getEmail();
2497 $mem->setRealName($realname);
2498 $mem->setEmail($email);
2500 $mem->setNotes($notes);
2501 $mem->setLocale($locale);
2502 $mem->setAdminSkin($adminskin);
2503 $mem->setBookmarklet($bookmarklet);
2505 // only allow super-admins to make changes to the admin status
2506 if ( $member->isAdmin() )
2508 $mem->setAdmin($admin);
2509 $mem->setCanLogin($canlogin);
2512 $autosave = postVar('autosave');
2513 $mem->setAutosave($autosave);
2517 // store plugin options
2518 $aOptions = requestArray('plugoption');
2519 NucleusPlugin::apply_plugin_options($aOptions);
2521 'context' => 'member',
2522 'memberid' => $memberid,
2525 $manager->notify('PostPluginOptionsUpdate', $data);
2527 // if email changed, generate new password
2528 if ( $oldEmail != $mem->getEmail() )
2530 $mem->sendActivationLink('addresschange', $oldEmail);
2532 $mem->newCookieKey();
2534 // only log out if the member being edited is the current member.
2535 if ( $member->getID() == $memberid )
2539 self::action_login(_MSG_ACTIVATION_SENT, 0);
2543 if ( ($mem->getID() == $member->getID())
2544 && ($mem->getDisplayName() != $member->getDisplayName()) )
2546 $mem->newCookieKey();
2548 self::action_login(_MSG_LOGINAGAIN, 0);
2552 self::action_overview(_MSG_SETTINGSCHANGED);
2558 * Admin::action_memberadd()
2564 static private function action_memberadd()
2566 global $member, $manager;
2569 $member->isAdmin() or self::disallow();
2571 if ( postVar('password') != postVar('repeatpassword') )
2573 self::error(_ERROR_PASSWORDMISMATCH);
2577 if ( i18n::strlen(postVar('password')) < 6 )
2579 self::error(_ERROR_PASSWORDTOOSHORT);
2583 $res = Member::create(
2585 postVar('realname'),
2586 postVar('password'),
2590 postVar('canlogin'),
2600 // fire PostRegister event
2601 $newmem = new Member();
2602 $newmem->readFromName(postVar('name'));
2604 'member' => &$newmem
2606 $manager->notify('PostRegister', $data);
2608 self::action_usermanagement();
2613 * Admin::action_forgotpassword()
2618 static private function action_forgotpassword()
2620 self::$skin->parse('forgotpassword');
2625 * Admin::action_activate()
2626 * Account activation
2631 static private function action_activate()
2633 $key = getVar('key');
2634 self::showActivationPage($key);
2639 * Admin::showActivationPage()
2644 static private function showActivationPage($key, $message = '')
2648 // clean up old activation keys
2649 Member::cleanupActivationTable();
2651 // get activation info
2652 $info = Member::getActivationInfo($key);
2656 self::error(_ERROR_ACTIVATE);
2660 $mem =& $manager->getMember($info->vmember);
2664 self::error(_ERROR_ACTIVATE);
2668 /* TODO: we should consider to use the other way insterad of this */
2669 $_POST['ackey'] = $key;
2670 $_POST['bNeedsPasswordChange'] = TRUE;
2672 self::$headMess = $message;
2673 self::$skin->parse('activate');
2678 * Admin::action_activatesetpwd()
2679 * Account activation - set password part
2684 static private function action_activatesetpwd()
2687 $key = postVar('key');
2689 // clean up old activation keys
2690 Member::cleanupActivationTable();
2692 // get activation info
2693 $info = Member::getActivationInfo($key);
2695 if ( !$info || ($info->type == 'addresschange') )
2697 return self::showActivationPage($key, _ERROR_ACTIVATE);
2700 $mem =& $manager->getMember($info->vmember);
2704 return self::showActivationPage($key, _ERROR_ACTIVATE);
2707 $password = postVar('password');
2708 $repeatpassword = postVar('repeatpassword');
2710 if ( $password != $repeatpassword )
2712 return self::showActivationPage($key, _ERROR_PASSWORDMISMATCH);
2715 if ( $password && (i18n::strlen($password) < 6) )
2717 return self::showActivationPage($key, _ERROR_PASSWORDTOOSHORT);
2726 'password' => $password,
2727 'errormessage' => &$pwderror,
2728 'valid' => &$pwdvalid
2730 $manager->notify('PrePasswordSet', $data);
2733 return self::showActivationPage($key,$pwderror);
2740 'type' => 'activation',
2744 $manager->notify('ValidateForm', $data);
2747 return self::showActivationPage($key, $error);
2751 $mem->setPassword($password);
2754 // do the activation
2755 Member::activate($key);
2757 self::$skin->parse('activatesetpwd');
2762 * Admin::action_manageteam()
2768 static private function action_manageteam()
2770 global $member, $manager;
2772 $blogid = intRequestVar('blogid');
2775 $member->blogAdminRights($blogid) or self::disallow();
2777 self::$skin->parse('manageteam');
2782 * Admin::action_teamaddmember()
2783 * Add member to team
2788 static private function action_teamaddmember()
2790 global $member, $manager;
2792 $memberid = intPostVar('memberid');
2793 $blogid = intPostVar('blogid');
2794 $admin = intPostVar('admin');
2797 $member->blogAdminRights($blogid) or self::disallow();
2799 $blog =& $manager->getBlog($blogid);
2800 if ( !$blog->addTeamMember($memberid, $admin) )
2802 self::error(_ERROR_ALREADYONTEAM);
2806 self::action_manageteam();
2811 * Admin::action_teamdelete()
2816 static private function action_teamdelete()
2818 global $member, $manager;
2820 $memberid = intRequestVar('memberid');
2821 $blogid = intRequestVar('blogid');
2824 $member->blogAdminRights($blogid) or self::disallow();
2826 $teammem =& $manager->getMember($memberid);
2827 $blog =& $manager->getBlog($blogid);
2829 self::$skin->parse('teamdelete');
2834 * Admin::action_teamdeleteconfirm()
2839 static private function action_teamdeleteconfirm()
2843 $memberid = intRequestVar('memberid');
2844 $blogid = intRequestVar('blogid');
2846 $error = self::deleteOneTeamMember($blogid, $memberid);
2849 self::error($error);
2852 self::action_manageteam();
2857 * Admin::deleteOneTeamMember()
2862 static public function deleteOneTeamMember($blogid, $memberid)
2864 global $member, $manager;
2866 $blogid = intval($blogid);
2867 $memberid = intval($memberid);
2870 if ( !$member->blogAdminRights($blogid) )
2872 return _ERROR_DISALLOWED;
2875 // check if: - there remains at least one blog admin
2876 // - (there remains at least one team member)
2877 $tmem =& $manager->getMember($memberid);
2884 $manager->notify('PreDeleteTeamMember', $data);
2886 if ( $tmem->isBlogAdmin($blogid) )
2888 /* TODO: why we did double check? */
2889 // check if there are more blog members left and at least one admin
2890 // (check for at least two admins before deletion)
2891 $query = "SELECT * FROM %s WHERE tblog=%d and tadmin=1;";
2892 $query = sprintf($query, sql_table('team'), (integer) $blogid);
2893 $r = DB::getResult($query);
2894 if ( $r->rowCount() < 2 )
2896 return _ERROR_ATLEASTONEBLOGADMIN;
2900 $query = "DELETE FROM %s WHERE tblog=%d AND tmember=%d;";
2901 $query = sprintf($query, sql_table('team'), (integer) $blogid, (integer) $memberid);
2902 DB::execute($query);
2908 $manager->notify('PostDeleteTeamMember', $data);
2914 * Admin::action_teamchangeadmin()
2919 static private function action_teamchangeadmin()
2921 global $manager, $member;
2923 $blogid = intRequestVar('blogid');
2924 $memberid = intRequestVar('memberid');
2927 $member->blogAdminRights($blogid) or self::disallow();
2929 $mem =& $manager->getMember($memberid);
2931 // don't allow when there is only one admin at this moment
2932 if ( $mem->isBlogAdmin($blogid) )
2934 $query = "SELECT * FROM %s WHERE tblog=%d AND tadmin=1;";
2935 $query = sprintf($query, sql_table('team'), (integer) $blogid);
2936 $r = DB::getResult($query);
2937 if ( $r->rowCount() == 1 )
2939 self::error(_ERROR_ATLEASTONEBLOGADMIN);
2944 if ( $mem->isBlogAdmin($blogid) )
2953 $query = "UPDATE %s SET tadmin=%d WHERE tblog=%d and tmember=%d;";
2954 $query = sprintf($query, (integer) $blogid, (integer) $newval, (integer) $blogid, (integer) $memberid);
2955 DB::execute($query);
2957 // only show manageteam if member did not change its own admin privileges
2958 if ( $member->isBlogAdmin($blogid) )
2960 self::action_manageteam();
2964 self::action_overview(_MSG_ADMINCHANGED);
2970 * Admin::action_blogsettings()
2975 static private function action_blogsettings()
2977 global $member, $manager;
2979 $blogid = intRequestVar('blogid');
2982 $member->blogAdminRights($blogid) or self::disallow();
2984 $blog =& $manager->getBlog($blogid);
2986 self::$extrahead .= "<script type=\"text/javascript\" src=\"<%skinfile(/javascripts/numbercheck.js)%>\"></script>\n";
2988 self::$skin->parse('blogsettings');
2993 * Admin::action_categorynew()
2998 static private function action_categorynew()
3000 global $member, $manager;
3002 $blogid = intRequestVar('blogid');
3004 $member->blogAdminRights($blogid) or self::disallow();
3006 $cname = postVar('cname');
3007 $cdesc = postVar('cdesc');
3009 if ( !isValidCategoryName($cname) )
3011 self::error(_ERROR_BADCATEGORYNAME);
3015 $query = "SELECT * FROM %s WHERE cname=%s AND cblog=%d;";
3016 $query = sprintf($query, sql_table('category'), DB::quoteValue($cname), (integer) $blogid);
3017 $res = DB::getResult($query);
3018 if ( $res->rowCount() > 0 )
3020 self::error(_ERROR_DUPCATEGORYNAME);
3024 $blog =& $manager->getBlog($blogid);
3025 $newCatID = $blog->createNewCategory($cname, $cdesc);
3027 self::action_blogsettings();
3032 * Admin::action_categoryedit()
3037 static private function action_categoryedit($catid = '', $blogid = '', $desturl = '')
3039 global $member, $manager;
3041 if ( $blogid == '' )
3043 $blogid = intGetVar('blogid');
3047 $blogid = intval($blogid);
3051 $catid = intGetVar('catid');
3055 $catid = intval($catid);
3058 /* TODO: we should consider to use the other way insterad of this */
3059 $_REQUEST['blogid'] = $blogid;
3060 $_REQUEST['catid'] = $catid;
3061 $_REQUEST['desturl'] = $desturl;
3062 $member->blogAdminRights($blogid) or self::disallow();
3064 self::$extrahead .= "<script type=\"text/javascript\" src=\"<%skinfile(/javascripts/numbercheck.js)%>\"></script>\n";
3066 self::$skin->parse('categoryedit');
3071 * Admin::action_categoryupdate()
3076 static private function action_categoryupdate()
3078 global $member, $manager;
3080 $blogid = intPostVar('blogid');
3081 $catid = intPostVar('catid');
3082 $cname = postVar('cname');
3083 $cdesc = postVar('cdesc');
3084 $desturl = postVar('desturl');
3086 $member->blogAdminRights($blogid) or self::disallow();
3088 if ( !isValidCategoryName($cname) )
3090 self::error(_ERROR_BADCATEGORYNAME);
3094 $query = "SELECT * FROM %s WHERE cname=%s AND cblog=%d AND not(catid=%d);";
3095 $query = sprintf($query, sql_table('category'), DB::quoteValue($cname), (integer) $blogid, (integer) $catid);
3096 $res = DB::getResult($query);
3097 if ( $res->rowCount() > 0 )
3099 self::error(_ERROR_DUPCATEGORYNAME);
3103 $query = "UPDATE %s SET cname=%s, cdesc=%s WHERE catid=%d;";
3104 $query = sprintf($query, sql_table('category'), DB::quoteValue($cname), DB::quoteValue($cdesc), (integer) $catid);
3105 DB::execute($query);
3107 // store plugin options
3108 $aOptions = requestArray('plugoption');
3109 NucleusPlugin::apply_plugin_options($aOptions);
3111 'context' => 'category',
3114 $manager->notify('PostPluginOptionsUpdate', $data);
3122 self::action_blogsettings();
3128 * Admin::action_categorydelete()
3133 static private function action_categorydelete()
3135 global $member, $manager;
3137 $blogid = intRequestVar('blogid');
3138 $catid = intRequestVar('catid');
3140 $member->blogAdminRights($blogid) or self::disallow();
3142 $blog =& $manager->getBlog($blogid);
3144 // check if the category is valid
3145 if ( !$blog->isValidCategory($catid) )
3147 self::error(_ERROR_NOSUCHCATEGORY);
3151 // don't allow deletion of default category
3152 if ( $blog->getDefaultCategory() == $catid )
3154 self::error(_ERROR_DELETEDEFCATEGORY);
3158 // check if catid is the only category left for blogid
3159 $query = "SELECT catid FROM %s WHERE cblog=%d;";
3160 $query = sprintf($query, sql_table('category'), $blogid);
3161 $res = DB::getResult($query);
3162 if ( $res->rowCount() == 1 )
3164 self::error(_ERROR_DELETELASTCATEGORY);
3168 self::$skin->parse('categorydelete');
3169 >>>>>>> skinnable-master
3175 * Admin::action_browseownitems()
3177 * Admin::action_categorydeleteconfirm()
3178 >>>>>>> skinnable-master
3184 public function action_browseownitems()
3186 global $member, $manager, $CONF;
3190 echo '<p><a href="index.php?action=overview">(' . _BACKHOME . ")</a></p>\n";
3191 echo '<h2>' . _ITEMLIST_YOUR . "</h2>\n";
3194 if ( postVar('start') )
3196 $start = intPostVar('start');
3203 // amount of items to show
3204 if ( postVar('amount') )
3206 $amount = intPostVar('amount');
3210 $amount = (integer) $CONF['DefaultListSize'];
3217 $search = postVar('search'); // search through items
3219 $query = 'SELECT bshortname, cname, mname, ititle, ibody, idraft, inumber, itime'
3220 . ' FROM '.sql_table('item').', '.sql_table('blog') . ', '.sql_table('member') . ', '.sql_table('category')
3221 . ' WHERE iauthor='. $member->getID() .' and iauthor=mnumber and iblog=bnumber and icat=catid';
3225 $query .= " and ((ititle LIKE " . DB::quoteValue('%'.$search.'%') . ") or (ibody LIKE " . DB::quoteValue('%'.$search.'%') . ") or (imore LIKE " . DB::quoteValue('%'.$search.'%') . "))";
3228 $query .= ' ORDER BY itime DESC'
3229 . " LIMIT $start, $amount";
3231 $template['content'] = 'itemlist';
3232 $template['now'] = time();
3234 $manager->loadClass("ENCAPSULATE");
3235 $navList = new NavList('browseownitems', $start, $amount, 0, 1000, /*$blogid*/ 0, $search, 0);
3236 $navList->showBatchList('item',$query,'table',$template);
3240 static private function action_categorydeleteconfirm()
3242 global $member, $manager;
3244 $blogid = intRequestVar('blogid');
3245 $catid = intRequestVar('catid');
3247 $member->blogAdminRights($blogid) or self::disallow();
3249 $error = self::deleteOneCategory($catid);
3252 self::error($error);
3256 self::action_blogsettings();
3261 * Admin::deleteOneCategory()
3262 * Delete a category by its id
3264 * @param String $catid category id for deleting
3267 static public function deleteOneCategory($catid)
3269 global $manager, $member;
3271 $catid = intval($catid);
3272 $blogid = getBlogIDFromCatID($catid);
3274 if ( !$member->blogAdminRights($blogid) )
3276 return ERROR_DISALLOWED;
3280 $blog =& $manager->getBlog($blogid);
3282 // check if the category is valid
3283 if ( !$blog || !$blog->isValidCategory($catid) )
3285 return _ERROR_NOSUCHCATEGORY;
3288 $destcatid = $blog->getDefaultCategory();
3290 // don't allow deletion of default category
3291 if ( $blog->getDefaultCategory() == $catid )
3293 return _ERROR_DELETEDEFCATEGORY;
3296 // check if catid is the only category left for blogid
3297 $query = "SELECT catid FROM %s WHERE cblog=%d;";
3298 $query = sprintf($query, sql_table('category'), (integer) $blogid);
3300 $res = DB::getResult($query);
3301 if ( $res->rowCount() == 1 )
3303 return _ERROR_DELETELASTCATEGORY;
3306 $data = array('catid' => $catid);
3307 $manager->notify('PreDeleteCategory', $data);
3309 // change category for all items to the default category
3310 $query = "UPDATE %s SET icat=%d WHERE icat=%d;";
3311 $query =sprintf($query, sql_table('item'), (integer) $destcatid, (integer) $catid);
3312 DB::execute($query);
3314 // delete all associated plugin options
3315 NucleusPlugin::delete_option_values('category', (integer) $catid);
3318 $query = "DELETE FROM %s WHERE catid=%d;";
3319 $query = sprintf($query, sql_table('category'), (integer) $catid);
3320 DB::execute($query);
3322 $data = array('catid' => $catid);
3323 $manager->notify('PostDeleteCategory', $data);
3324 >>>>>>> skinnable-master
3330 * Admin::action_itemcommentlist()
3332 * Show all the comments for a given item
3333 * @param integer $itemid ID for item
3336 public function action_itemcommentlist($itemid = '')
3338 global $member, $manager, $CONF;
3340 if ( $itemid == '' )
3342 $itemid = intRequestVar('itemid');
3345 // only allow if user is allowed to alter item
3346 $member->canAlterItem($itemid) or $this->disallow();
3348 $blogid = getBlogIdFromItemId($itemid);
3353 if ( postVar('start') )
3355 $start = intPostVar('start');
3362 // amount of items to show
3363 if ( postVar('amount') )
3365 $amount = intPostVar('amount');
3369 $amount = (integer) $CONF['DefaultListSize'];
3376 $search = postVar('search');
3378 echo '<p>(<a href="index.php?action=itemlist&blogid=' . $blogid . '">' . _BACKTOOVERVIEW . "</a>)</p>\n";
3379 echo '<h2>',_COMMENTS,'</h2>';
3381 $query = 'SELECT cbody, cuser, cmail, cemail, mname, ctime, chost, cnumber, cip, citem FROM ' . sql_table('comment') . ' LEFT OUTER JOIN ' . sql_table('member') . ' ON mnumber = cmember WHERE citem = ' . $itemid;
3385 $query .= " and cbody LIKE " . DB::quoteValue('%'.$search.'%');
3388 $query .= ' ORDER BY ctime ASC'
3389 . " LIMIT $start,$amount";
3391 $template['content'] = 'commentlist';
3392 $template['canAddBan'] = $member->blogAdminRights(getBlogIDFromItemID($itemid));
3394 $manager->loadClass("ENCAPSULATE");
3395 $navList = new NavList('itemcommentlist', $start, $amount, 0, 1000, 0, $search, $itemid);
3396 $navList->showBatchList('comment',$query,'table',$template,_NOCOMMENTS);
3400 * Admin::moveOneCategory()
3401 * Delete a category by its id
3403 * @param int $catid category id for move
3404 * @param int $destblogid blog id for destination
3407 static public function moveOneCategory($catid, $destblogid)
3409 global $manager, $member;
3410 $catid = intval($catid);
3411 $destblogid = intval($destblogid);
3412 $blogid = getBlogIDFromCatID($catid);
3413 // mover should have admin rights on both blogs
3414 if (!$member->blogAdminRights($blogid)) {
3415 return _ERROR_DISALLOWED;
3417 if (!$member->blogAdminRights($destblogid)) {
3418 return _ERROR_DISALLOWED;
3420 // cannot move to self
3421 if ($blogid == $destblogid) {
3422 return _ERROR_MOVETOSELF;
3425 $blog =& $manager->getBlog($blogid);
3426 $destblog =& $manager->getBlog($destblogid);
3427 // check if the category is valid
3428 if (!$blog || !$blog->isValidCategory($catid)) {
3429 return _ERROR_NOSUCHCATEGORY;
3431 // don't allow default category to be moved
3432 if ($blog->getDefaultCategory() == $catid) {
3433 return _ERROR_MOVEDEFCATEGORY;
3437 'sourceblog' => &$blog,
3438 'destblog' => &$destblog
3440 $manager->notify('PreMoveCategory', $data);
3441 // update comments table (cblog)
3445 . sql_table('item') . ' '
3448 $items = sql_query(sprintf($query, $catid));
3449 while ($oItem = sql_fetch_object($items)) {
3451 . sql_table('comment') . ' '
3453 . ' cblog = %d' . ' '
3456 sql_query(sprintf($query, $destblogid, $oItem->inumber));
3459 // update items (iblog)
3461 . sql_table('item') . ' '
3466 sql_query(sprintf($query, $destblogid, $catid));
3470 . sql_table('category') . ' '
3472 . ' cblog = %d' . ' '
3475 sql_query(sprintf($query, $destblogid, $catid));
3479 'sourceblog' => &$blog,
3480 'destblog' => $destblog
3482 $manager->notify('PostMoveCategory', $data);
3487 * Admin::action_blogsettingsupdate
3488 * Updating blog settings
3493 static private function action_blogsettingsupdate()
3495 global $member, $manager;
3497 $blogid = intRequestVar('blogid');
3499 $member->blogAdminRights($blogid) or self::disallow();
3501 $blog =& $manager->getBlog($blogid);
3503 $notify_address = trim(postVar('notify'));
3504 $shortname = trim(postVar('shortname'));
3505 $updatefile = trim(postVar('update'));
3507 $notifyComment = intPostVar('notifyComment');
3508 $notifyVote = intPostVar('notifyVote');
3509 $notifyNewItem = intPostVar('notifyNewItem');
3511 if ( $notifyComment == 0 )
3515 if ( $notifyVote == 0 )
3519 if ( $notifyNewItem == 0 )
3523 $notifyType = $notifyComment * $notifyVote * $notifyNewItem;
3525 if ( $notify_address && !NOTIFICATION::address_validation($notify_address) )
3527 self::error(_ERROR_BADNOTIFY);
3531 if ( !isValidShortName($shortname) )
3533 self::error(_ERROR_BADSHORTBLOGNAME);
3537 if ( ($blog->getShortName() != $shortname) && $manager->existsBlog($shortname) )
3539 self::error(_ERROR_DUPSHORTBLOGNAME);
3542 // check if update file is writable
3543 if ( $updatefile && !is_writeable($updatefile) )
3545 self::error(_ERROR_UPDATEFILE);
3549 $blog->setName(trim(postVar('name')));
3550 $blog->setShortName($shortname);
3551 $blog->setNotifyAddress($notify_address);
3552 $blog->setNotifyType($notifyType);
3553 $blog->setMaxComments(postVar('maxcomments'));
3554 $blog->setCommentsEnabled(postVar('comments'));
3555 $blog->setTimeOffset(postVar('timeoffset'));
3556 $blog->setUpdateFile($updatefile);
3557 $blog->setURL(trim(postVar('url')));
3558 $blog->setDefaultSkin(intPostVar('defskin'));
3559 $blog->setDescription(trim(postVar('desc')));
3560 $blog->setPublic(postVar('public'));
3561 $blog->setConvertBreaks(intPostVar('convertbreaks'));
3562 $blog->setAllowPastPosting(intPostVar('allowpastposting'));
3563 $blog->setDefaultCategory(intPostVar('defcat'));
3564 $blog->setSearchable(intPostVar('searchable'));
3565 $blog->setEmailRequired(intPostVar('reqemail'));
3566 $blog->writeSettings();
3568 // store plugin options
3569 $aOptions = requestArray('plugoption');
3570 NucleusPlugin::apply_plugin_options($aOptions);
3573 'context' => 'blog',
3574 'blogid' => $blogid,
3577 $manager->notify('PostPluginOptionsUpdate', $data);
3579 self::action_overview(_MSG_SETTINGSCHANGED);
3580 >>>>>>> skinnable-master
3586 * Admin::action_browseowncomments()
3587 * Browse own comments
3589 * Admin::action_deleteblog()
3590 >>>>>>> skinnable-master
3596 public function action_browseowncomments()
3598 global $member, $manager, $CONF;
3601 if ( postVar('start') )
3603 $start = intPostVar('start');
3610 // amount of items to show
3611 if ( postVar('amount') )
3613 $amount = intPostVar('amount');
3617 $amount = intval($CONF['DefaultListSize']);
3624 $search = postVar('search');
3626 $query = 'SELECT cbody, cuser, cmail, mname, ctime, chost, cnumber, cip, citem FROM '.sql_table('comment').' LEFT OUTER JOIN '.sql_table('member').' ON mnumber=cmember WHERE cmember=' . $member->getID();
3630 $query .= " and cbody LIKE " . DB::quoteValue('%'.$search.'%');
3633 $query .= ' ORDER BY ctime DESC'
3634 . " LIMIT $start,$amount";
3638 echo '<p><a href="index.php?action=overview">(' . _BACKHOME . ")</a></p>\n";
3639 echo '<h2>' . _COMMENTS_YOUR . "</h2>\n";
3641 $template['content'] = 'commentlist';
3642 $template['canAddBan'] = 0; // doesn't make sense to allow banning yourself
3644 $manager->loadClass("ENCAPSULATE");
3645 $navList = new NavList('browseowncomments', $start, $amount, 0, 1000, 0, $search, 0);
3646 $navList->showBatchList('comment',$query,'table',$template,_NOCOMMENTS_YOUR);
3650 static private function action_deleteblog()
3652 global $member, $CONF, $manager;
3654 $blogid = intRequestVar('blogid');
3656 $member->blogAdminRights($blogid) or self::disallow();
3658 // check if blog is default blog
3659 if ( $CONF['DefaultBlog'] == $blogid )
3661 self::error(_ERROR_DELDEFBLOG);
3665 $blog =& $manager->getBlog($blogid);
3667 self::$skin->parse('deleteblog');
3672 * Admin::action_deleteblogconfirm()
3678 static private function action_deleteblogconfirm()
3680 global $member, $CONF, $manager;
3682 $blogid = intRequestVar('blogid');
3684 $data = array('blogid' => $blogid);
3685 $manager->notify('PreDeleteBlog', $data);
3687 $member->blogAdminRights($blogid) or self::disallow();
3689 // check if blog is default blog
3690 if ( $CONF['DefaultBlog'] == $blogid )
3692 self::error(_ERROR_DELDEFBLOG);
3696 // delete all comments
3697 $query = 'DELETE FROM ' . sql_table('comment') . ' WHERE cblog='.$blogid;
3698 DB::execute($query);
3701 $query = 'DELETE FROM ' . sql_table('item') . ' WHERE iblog=' . $blogid;
3702 DB::execute($query);
3704 // delete all team members
3705 $query = 'DELETE FROM ' . sql_table('team') . ' WHERE tblog=' . $blogid;
3706 DB::execute($query);
3709 $query = 'DELETE FROM ' . sql_table('ban') . ' WHERE blogid=' . $blogid;
3710 DB::execute($query);
3712 // delete all categories
3713 $query = 'DELETE FROM ' . sql_table('category') . ' WHERE cblog=' . $blogid;
3714 DB::execute($query);
3716 // delete all associated plugin options
3717 NucleusPlugin::delete_option_values('blog', $blogid);
3719 // delete the blog itself
3720 $query = 'DELETE FROM ' . sql_table('blog') . ' WHERE bnumber=' . $blogid;
3721 DB::execute($query);
3723 $data = array('blogid' => $blogid);
3724 $manager->notify('PostDeleteBlog', $data);
3726 self::action_overview(_DELETED_BLOG);
3727 >>>>>>> skinnable-master
3733 * Admin::action_blogcommentlist()
3735 * Browse all comments for a weblog
3736 * @param integer $blogid ID for weblog
3739 function action_blogcommentlist($blogid = '')
3741 global $member, $manager, $CONF;
3743 if ( $blogid == '' )
3745 $blogid = intRequestVar('blogid');
3749 $blogid = intval($blogid);
3752 $member->teamRights($blogid) or $member->isAdmin() or $this->disallow();
3755 if ( postVar('start') )
3757 $start = intPostVar('start');
3764 // amount of items to show
3765 if ( postVar('amount') )
3767 $amount = intPostVar('amount');
3771 $amount = intval($CONF['DefaultListSize']);
3778 $search = postVar('search'); // search through comments
3780 $query = 'SELECT cbody, cuser, cemail, cmail, mname, ctime, chost, cnumber, cip, citem FROM '.sql_table('comment').' LEFT OUTER JOIN '.sql_table('member').' ON mnumber=cmember WHERE cblog=' . intval($blogid);
3782 if ( $search != '' )
3784 $query .= " and cbody LIKE " . DB::quoteValue('%'.$search.'%');
3787 $query .= ' ORDER BY ctime DESC'
3788 . " LIMIT $start,$amount";
3790 $blog =& $manager->getBlog($blogid);
3794 echo '<p><a href="index.php?action=overview">(' . _BACKHOME . ")</a></p>\n";
3795 echo '<h2>', _COMMENTS_BLOG , ' ' , $this->bloglink($blog), '</h2>';
3797 $template['content'] = 'commentlist';
3798 $template['canAddBan'] = $member->blogAdminRights($blogid);
3800 $manager->loadClass("ENCAPSULATE");
3801 $navList = new NavList('blogcommentlist', $start, $amount, 0, 1000, $blogid, $search, 0);
3802 $navList->showBatchList('comment',$query,'table',$template, _NOCOMMENTS_BLOG);
3806 * Admin::action_memberdelete()
3811 static private function action_memberdelete()
3813 global $member, $manager;
3815 $memberid = intRequestVar('memberid');
3817 ($member->getID() == $memberid) or $member->isAdmin() or self::disallow();
3819 $mem =& $manager->getMember($memberid);
3821 self::$skin->parse('memberdelete');
3826 * Admin::action_memberdeleteconfirm()
3831 static private function action_memberdeleteconfirm()
3835 $memberid = intRequestVar('memberid');
3837 ($member->getID() == $memberid) or $member->isAdmin() or self::disallow();
3839 $error = self::deleteOneMember($memberid);
3842 self::error($error);
3846 if ( $member->isAdmin() )
3848 self::action_usermanagement();
3853 self::action_overview(_DELETED_MEMBER);
3860 * Admin::deleteOneMember()
3861 * Delete a member by id
3864 * @params Integer $memberid member id
3865 * @return String null string or error messages
3867 static public function deleteOneMember($memberid)
3871 $memberid = intval($memberid);
3872 $mem =& $manager->getMember($memberid);
3874 if ( !$mem->canBeDeleted() )
3876 return _ERROR_DELETEMEMBER;
3879 $data = array('member' => &$mem);
3880 $manager->notify('PreDeleteMember', $data);
3882 /* unlink comments from memberid */
3885 $query = "UPDATE %s SET cmember=0, cuser=%s WHERE cmember=%d;";
3886 $query = sprintf($query, sql_table('comment'), DB::quoteValue($mem->getDisplayName()), $memberid);
3887 DB::execute($query);
3890 $query = 'DELETE FROM ' . sql_table('member') . ' WHERE mnumber=' . $memberid;
3891 DB::execute($query);
3893 $query = 'DELETE FROM ' . sql_table('team') . ' WHERE tmember=' . $memberid;
3894 DB::execute($query);
3896 $query = 'DELETE FROM ' . sql_table('activation') . ' WHERE vmember=' . $memberid;
3897 DB::execute($query);
3899 // delete all associated plugin options
3900 NucleusPlugin::delete_option_values('member', $memberid);
3902 $data = array('member' => &$mem);
3903 $manager->notify('PostDeleteMember', $data);
3909 * Admin::action_createnewlog()
3914 static private function action_createnewlog()
3916 global $member, $CONF, $manager;
3918 // Only Super-Admins can do this
3919 $member->isAdmin() or self::disallow();
3921 self::$skin->parse('createnewlog');
3926 * Admin::action_addnewlog()
3931 static private function action_addnewlog()
3933 global $member, $manager, $CONF;
3935 // Only Super-Admins can do this
3936 $member->isAdmin() or self::disallow();
3938 $bname = trim(postVar('name'));
3939 $bshortname = trim(postVar('shortname'));
3940 $btimeoffset = postVar('timeoffset');
3941 $bdesc = trim(postVar('desc'));
3942 $bdefskin = postVar('defskin');
3944 if ( !isValidShortName($bshortname) )
3946 self::error(_ERROR_BADSHORTBLOGNAME);
3950 if ( $manager->existsBlog($bshortname) )
3952 self::error(_ERROR_DUPSHORTBLOGNAME);
3958 'shortname' => &$bshortname,
3959 'timeoffset' => &$btimeoffset,
3960 'description' => &$bdesc,
3961 'defaultskin' => &$bdefskin
3963 $manager->notify('PreAddBlog', $data);
3965 // add slashes for sql queries
3966 $bname = DB::quoteValue($bname);
3967 $bshortname = DB::quoteValue($bshortname);
3968 $btimeoffset = DB::quoteValue($btimeoffset);
3969 $bdesc = DB::quoteValue($bdesc);
3970 $bdefskin = DB::quoteValue($bdefskin);
3973 $query = "INSERT INTO %s (bname, bshortname, bdesc, btimeoffset, bdefskin) VALUES (%s, %s, %s, %s, %s);";
3974 $query = sprintf($query, sql_table('blog'), $bname, $bshortname, $bdesc, $btimeoffset, $bdefskin);
3975 DB::execute($query);
3977 $blogid = DB::getInsertId();
3978 $blog =& $manager->getBlog($blogid);
3980 // create new category
3981 $catdefname = (!defined('_EBLOGDEFAULTCATEGORY_NAME') ? 'General' : _EBLOGDEFAULTCATEGORY_NAME);
3982 $catdefdesc = (!defined('_EBLOGDEFAULTCATEGORY_DESC') ? 'Items that do not fit in other categories' : _EBLOGDEFAULTCATEGORY_DESC);
3984 $query = 'INSERT INTO %s (cblog, cname, cdesc) VALUES (%d, %s, %s)';
3985 DB::execute(sprintf($query, sql_table('category'), (integer) $blogid, DB::quoteValue($catdefname), DB::quoteValue($catdefdesc)));
3986 $catid = DB::getInsertId();
3988 // set as default category
3989 $blog->setDefaultCategory($catid);
3990 $blog->writeSettings();
3992 // create team member
3993 $query = "INSERT INTO %s (tmember, tblog, tadmin) VALUES (%d, %d, 1);";
3994 $query = sprintf($query, sql_table('team'), (integer) $member->getID(), (integer) $blogid);
3995 DB::execute($query);
3997 $itemdeftitle = (defined('_EBLOG_FIRSTITEM_TITLE') ? _EBLOG_FIRSTITEM_TITLE : 'First Item');
3998 $itemdefbody = (defined('_EBLOG_FIRSTITEM_BODY') ? _EBLOG_FIRSTITEM_BODY : 'This is the first item in your weblog. Feel free to delete it.');
4001 $blog->getDefaultCategory(),
4002 $itemdeftitle,$itemdefbody,
4006 $blog->getCorrectTime(),
4012 $data = array('blog' => &$blog);
4013 $manager->notify('PostAddBlog', $data);
4017 'name' => _EBLOGDEFAULTCATEGORY_NAME,
4018 'description' => _EBLOGDEFAULTCATEGORY_DESC,
4021 $manager->notify('PostAddCategory', $data);
4023 /* TODO: we should consider to use the other way insterad of this */
4024 $_REQUEST['blogid'] = $blogid;
4025 $_REQUEST['catid'] = $catid;
4026 self::$skin->parse('addnewlog');
4027 >>>>>>> skinnable-master
4033 * Admin::action_createitem()
4034 * Provide a page to item a new item to the given blog
4036 * Admin::action_addnewlog2()
4037 >>>>>>> skinnable-master
4043 public function action_createitem()
4045 global $member, $manager;
4047 $blogid = intRequestVar('blogid');
4050 $member->teamRights($blogid) or $this->disallow();
4052 $memberid = $member->getID();
4054 $blog =& $manager->getBlog($blogid);
4056 // generate the add-item form
4057 $handler = new PageFactory($blog);
4059 $contents = $handler->getTemplateFor('admin', 'add');
4060 $manager->notify('PreAddItemForm', array('contents' => &$contents, 'blog' => &$blog));
4062 $parser = new Parser($handler);
4065 $parser->parse($contents);
4069 static private function action_addnewlog2()
4071 global $member, $manager;
4072 $blogid = intRequestVar('blogid');
4074 $member->blogAdminRights($blogid) or self::disallow();
4076 $burl = requestVar('url');
4078 $blog =& $manager->getBlog($blogid);
4079 $blog->setURL(trim($burl));
4080 $blog->writeSettings();
4082 self::action_overview(_MSG_NEWBLOG);
4087 * Admin::action_skinieoverview()
4092 static private function action_skinieoverview()
4094 global $member, $DIR_LIBS, $manager;
4096 $member->isAdmin() or self::disallow();
4098 include_once($DIR_LIBS . 'skinie.php');
4100 self::$skin->parse('skinieoverview');
4101 >>>>>>> skinnable-master
4107 * Admin::action_itemedit()
4109 * Admin::action_skinieimport()
4110 >>>>>>> skinnable-master
4116 public function action_itemedit()
4118 global $member, $manager;
4120 $itemid = intRequestVar('itemid');
4122 // only allow if user is allowed to alter item
4123 $member->canAlterItem($itemid) or $this->disallow();
4125 $variables =& $manager->getItem($itemid, 1, 1);
4126 $blog =& $manager->getBlog(getBlogIDFromItemID($itemid));
4128 $manager->notify('PrepareItemForEdit', array('item' => &$variables));
4130 if ( $blog->convertBreaks() )
4132 $variables['body'] = removeBreaks($variables['body']);
4133 $variables['more'] = removeBreaks($variables['more']);
4136 // form to edit blog items
4137 $handler = new PageFactory($blog);
4138 $handler->setVariables($variables);
4140 $content = $handler->getTemplateFor('admin', 'edit');
4142 $parser = new Parser($handler);
4145 $parser->parse($content);
4151 * @todo document this
4153 function action_itemupdate() {
4154 global $member, $manager, $CONF;
4156 $itemid = intRequestVar('itemid');
4157 $catid = postVar('catid');
4159 // only allow if user is allowed to alter item
4160 $member->canUpdateItem($itemid, $catid) or $this->disallow();
4162 $actiontype = postVar('actiontype');
4164 // delete actions are handled by itemdelete (which has confirmation)
4165 if ($actiontype == 'delete') {
4166 $this->action_itemdelete();
4170 $body = postVar('body');
4171 $title = postVar('title');
4172 $more = postVar('more');
4173 $closed = intPostVar('closed');
4174 $draftid = intPostVar('draftid');
4176 // default action = add now
4178 $actiontype='addnow';
4180 // create new category if needed
4181 if ( i18n::strpos($catid,'newcat') === 0 ) {
4183 list($blogid) = sscanf($catid,"newcat-%d");
4186 $blog =& $manager->getBlog($blogid);
4187 $catid = $blog->createNewCategory();
4189 // show error when sth goes wrong
4191 $this->doError(_ERROR_CATCREATEFAIL);
4195 set some variables based on actiontype
4198 draft items -> addnow, addfuture, adddraft, delete
4199 non-draft items -> edit, changedate, delete
4202 $timestamp: set to a nonzero value for future dates or date changes
4203 $wasdraft: set to 1 when the item used to be a draft item
4204 $publish: set to 1 when the edited item is not a draft
4206 $blogid = getBlogIDFromItemID($itemid);
4207 $blog =& $manager->getBlog($blogid);
4209 $wasdrafts = array('adddraft', 'addfuture', 'addnow');
4210 $wasdraft = in_array($actiontype, $wasdrafts) ? 1 : 0;
4211 $publish = ($actiontype != 'adddraft' && $actiontype != 'backtodrafts') ? 1 : 0;
4212 if ($actiontype == 'addfuture' || $actiontype == 'changedate') {
4213 $timestamp = mktime(intPostVar('hour'), intPostVar('minutes'), 0, intPostVar('month'), intPostVar('day'), intPostVar('year'));
4218 // edit the item for real
4219 Item::update($itemid, $catid, $title, $body, $more, $closed, $wasdraft, $publish, $timestamp);
4221 $this->updateFuturePosted($blogid);
4224 // delete permission is checked inside Item::delete()
4225 Item::delete($draftid);
4228 // show category edit window when we created a new category
4229 // ($catid will then be a new category ID, while postVar('catid') will be 'newcat-x')
4230 if ($catid != intPostVar('catid')) {
4231 $this->action_categoryedit(
4234 $CONF['AdminURL'] . 'index.php?action=itemlist&blogid=' . getBlogIDFromItemID($itemid)
4237 // TODO: set start item correctly for itemlist
4238 $this->action_itemlist(getBlogIDFromItemID($itemid));
4242 static private function action_skinieimport()
4246 $member->isAdmin() or self::disallow();
4248 $skinFileRaw = postVar('skinfile');
4249 $mode = postVar('mode');
4251 $error = self::skinieimport($mode, $skinFileRaw);
4254 self::error($error);
4258 self::$skin->parse('skinieimport');
4263 * Admin::action_skiniedoimport()
4268 static private function action_skiniedoimport()
4270 global $member, $DIR_LIBS, $DIR_SKINS;
4272 $member->isAdmin() or self::disallow();
4274 // load skinie class
4275 include_once($DIR_LIBS . 'skinie.php');
4277 $mode = postVar('mode');
4278 $skinFileRaw = postVar('skinfile');
4279 $allowOverwrite = intPostVar('overwrite');
4281 $error = self::skiniedoimport($mode, $skinFileRaw, $allowOverwrite);
4288 self::$skin->parse('skiniedoimport');
4293 * Admin::action_skinieexport()
4298 static private function action_skinieexport()
4302 $member->isAdmin() or self::disallow();
4304 $aSkins = requestIntArray('skin');
4305 $aTemplates = requestIntArray('template');
4306 $info = postVar('info');
4308 self::skinieexport($aSkins, $aTemplates, $info);
4314 * Admin::action_templateoverview()
4319 static private function action_templateoverview()
4321 global $member, $manager;
4323 $member->isAdmin() or self::disallow();
4325 self::$skin->parse('templateoverview');
4330 * Admin::action_templateedit()
4332 * @param string $msg message for pageheader
4335 static private function action_templateedit($msg = '')
4337 global $member, $manager;
4340 self::$headMess = $msg;
4343 $templateid = intRequestVar('templateid');
4345 $member->isAdmin() or self::disallow();
4347 self::$extrahead .= "<script type=\"text/javascript\" src=\"<%skinfile(/javascripts/templateEdit.js)%>\"></script>\n";
4348 self::$extrahead .= "<script type=\"text/javascript\">setTemplateEditText('" . Entity::hsc(_EDITTEMPLATE_EMPTY) . "');</script>\n";
4350 self::$skin->parse('templateedit');
4355 * Admin::action_templateupdate()
4360 static private function action_templateupdate()
4362 global $member,$manager;
4364 $templateid = intRequestVar('templateid');
4366 $member->isAdmin() or self::disallow();
4368 $name = postVar('tname');
4369 $desc = postVar('tdesc');
4371 if ( !isValidTemplateName($name) )
4373 self::error(_ERROR_BADTEMPLATENAME);
4377 if ( (Template::getNameFromId($templateid) != $name) && Template::exists($name) )
4379 self::error(_ERROR_DUPTEMPLATENAME);
4383 // 1. Remove all template parts
4384 $query = "DELETE FROM %s WHERE tdesc=%d;";
4385 $query = sprintf($query, sql_table('template'), (integer) $templateid);
4386 DB::execute($query);
4388 // 2. Update description
4389 $query = "UPDATE %s SET tdname=%s, tddesc=%s WHERE tdnumber=%d;";
4390 $query = sprintf($query, sql_table('template_desc'), DB::quoteValue($name), DB::quoteValue($desc), (integer) $templateid);
4391 DB::execute($query);
4393 // 3. Add non-empty template parts
4394 self::addToTemplate($templateid, 'ITEM_HEADER', postVar('ITEM_HEADER'));
4395 self::addToTemplate($templateid, 'ITEM', postVar('ITEM'));
4396 self::addToTemplate($templateid, 'ITEM_FOOTER', postVar('ITEM_FOOTER'));
4397 self::addToTemplate($templateid, 'MORELINK', postVar('MORELINK'));
4398 self::addToTemplate($templateid, 'EDITLINK', postVar('EDITLINK'));
4399 self::addToTemplate($templateid, 'NEW', postVar('NEW'));
4400 self::addToTemplate($templateid, 'COMMENTS_HEADER', postVar('COMMENTS_HEADER'));
4401 self::addToTemplate($templateid, 'COMMENTS_BODY', postVar('COMMENTS_BODY'));
4402 self::addToTemplate($templateid, 'COMMENTS_FOOTER', postVar('COMMENTS_FOOTER'));
4403 self::addToTemplate($templateid, 'COMMENTS_CONTINUED', postVar('COMMENTS_CONTINUED'));
4404 self::addToTemplate($templateid, 'COMMENTS_TOOMUCH', postVar('COMMENTS_TOOMUCH'));
4405 self::addToTemplate($templateid, 'COMMENTS_AUTH', postVar('COMMENTS_AUTH'));
4406 self::addToTemplate($templateid, 'COMMENTS_ONE', postVar('COMMENTS_ONE'));
4407 self::addToTemplate($templateid, 'COMMENTS_MANY', postVar('COMMENTS_MANY'));
4408 self::addToTemplate($templateid, 'COMMENTS_NONE', postVar('COMMENTS_NONE'));
4409 self::addToTemplate($templateid, 'ARCHIVELIST_HEADER', postVar('ARCHIVELIST_HEADER'));
4410 self::addToTemplate($templateid, 'ARCHIVELIST_LISTITEM', postVar('ARCHIVELIST_LISTITEM'));
4411 self::addToTemplate($templateid, 'ARCHIVELIST_FOOTER', postVar('ARCHIVELIST_FOOTER'));
4412 self::addToTemplate($templateid, 'BLOGLIST_HEADER', postVar('BLOGLIST_HEADER'));
4413 self::addToTemplate($templateid, 'BLOGLIST_LISTITEM', postVar('BLOGLIST_LISTITEM'));
4414 self::addToTemplate($templateid, 'BLOGLIST_FOOTER', postVar('BLOGLIST_FOOTER'));
4415 self::addToTemplate($templateid, 'CATLIST_HEADER', postVar('CATLIST_HEADER'));
4416 self::addToTemplate($templateid, 'CATLIST_LISTITEM', postVar('CATLIST_LISTITEM'));
4417 self::addToTemplate($templateid, 'CATLIST_FOOTER', postVar('CATLIST_FOOTER'));
4418 self::addToTemplate($templateid, 'DATE_HEADER', postVar('DATE_HEADER'));
4419 self::addToTemplate($templateid, 'DATE_FOOTER', postVar('DATE_FOOTER'));
4420 self::addToTemplate($templateid, 'FORMAT_DATE', postVar('FORMAT_DATE'));
4421 self::addToTemplate($templateid, 'FORMAT_TIME', postVar('FORMAT_TIME'));
4422 self::addToTemplate($templateid, 'SEARCH_HIGHLIGHT', postVar('SEARCH_HIGHLIGHT'));
4423 self::addToTemplate($templateid, 'SEARCH_NOTHINGFOUND', postVar('SEARCH_NOTHINGFOUND'));
4424 self::addToTemplate($templateid, 'POPUP_CODE', postVar('POPUP_CODE'));
4425 self::addToTemplate($templateid, 'MEDIA_CODE', postVar('MEDIA_CODE'));
4426 self::addToTemplate($templateid, 'IMAGE_CODE', postVar('IMAGE_CODE'));
4428 $data = array('fields' => array());
4429 $manager->notify('TemplateExtraFields', $data);
4430 foreach ( $data['fields'] as $pfkey=>$pfvalue )
4432 foreach ( $pfvalue as $pffield => $pfdesc )
4434 self::addToTemplate($templateid, $pffield, postVar($pffield));
4438 // jump back to template edit
4439 self::action_templateedit(_TEMPLATE_UPDATED);
4444 * Admin::addToTemplate()
4446 * @param Integer $id ID for template
4447 * @param String $partname parts name
4448 * @param String $content template contents
4449 * @return Integer record index
4452 static private function addToTemplate($id, $partname, $content)
4454 // don't add empty parts:
4455 if ( !trim($content) )
4460 $query = "INSERT INTO %s (tdesc, tpartname, tcontent) VALUES (%d, %s, %s);";
4461 $query = sprintf($query, sql_table('template'), (integer) $id, DB::quoteValue($partname), DB::quoteValue($content));
4462 if ( DB::execute($query) === FALSE )
4464 $err = DB::getError();
4465 exit(_ADMIN_SQLDIE_QUERYERROR . $err[2]);
4467 return DB::getInsertId();
4471 * Admin::action_templatedelete()
4476 static private function action_templatedelete()
4478 global $member, $manager;
4480 $member->isAdmin() or self::disallow();
4482 $templateid = intRequestVar('templateid');
4483 // TODO: check if template can be deleted
4485 self::$skin->parse('templatedelete');
4488 >>>>>>> skinnable-master
4491 * Admin::action_templatedeleteconfirm()
4496 static private function action_templatedeleteconfirm()
4498 global $member, $manager;
4500 $templateid = intRequestVar('templateid');
4502 $member->isAdmin() or self::disallow();
4504 $data = array('templateid' => $templateid);
4505 $manager->notify('PreDeleteTemplate', $data);
4507 // 1. delete description
4508 DB::execute('DELETE FROM ' . sql_table('template_desc') . ' WHERE tdnumber=' . $templateid);
4511 DB::execute('DELETE FROM ' . sql_table('template') . ' WHERE tdesc=' . $templateid);
4514 $data = array('templateid' => $templateid);
4515 $manager->notify('PostDeleteTemplate', $data);
4517 self::action_templateoverview();
4522 * Admin::action_templatenew()
4527 static private function action_templatenew()
4531 $member->isAdmin() or self::disallow();
4534 $query = "SELECT * FROM %s WHERE iblog=%d AND iposted=0 AND itime>%s";
4535 $query = sprintf($query, sql_table('item'), (integer) $blogid, DB::formatDateTime($currenttime));
4536 $result = DB::getResult($query);
4538 if ( $result->rowCount() > 0 )
4540 $name = postVar('name');
4541 $desc = postVar('desc');
4543 if ( !isValidTemplateName($name) )
4544 >>>>>>> skinnable-master
4546 self::error(_ERROR_BADTEMPLATENAME);
4550 if ( Template::exists($name) )
4552 self::error(_ERROR_DUPTEMPLATENAME);
4556 $newTemplateId = Template::createNew($name, $desc);
4558 self::action_templateoverview();
4564 * @todo document this
4566 function action_itemmove() {
4567 global $member, $manager;
4569 $itemid = intRequestVar('itemid');
4571 // only allow if user is allowed to alter item
4572 $member->canAlterItem($itemid) or $this->disallow();
4574 $item =& $manager->getItem($itemid,1,1);
4578 <h2><?php echo _MOVE_TITLE ?></h2>
4579 <form method="post" action="index.php"><div>
4580 <input type="hidden" name="action" value="itemmoveto" />
4581 <input type="hidden" name="itemid" value="<?php echo $itemid; ?>" />
4585 $manager->addTicketHidden();
4586 $this->selectBlogCategory('catid',$item['catid'],10,1);
4589 <input type="submit" value="<?php echo _MOVE_BTN ?>" tabindex="10000" onclick="return checkSubmit();" />
4596 * @todo document this
4598 function action_itemmoveto() {
4599 global $member, $manager;
4601 $itemid = intRequestVar('itemid');
4602 $catid = requestVar('catid');
4604 // create new category if needed
4605 if ( i18n::strpos($catid,'newcat') === 0 ) {
4607 list($blogid) = sscanf($catid,'newcat-%d');
4610 $blog =& $manager->getBlog($blogid);
4611 $catid = $blog->createNewCategory();
4613 // show error when sth goes wrong
4615 $this->doError(_ERROR_CATCREATEFAIL);
4618 // only allow if user is allowed to alter item
4619 $member->canUpdateItem($itemid, $catid) or $this->disallow();
4621 $old_blogid = getBlogIDFromItemId($itemid);
4623 Item::move($itemid, $catid);
4625 // set the futurePosted flag on the blog
4626 $this->updateFuturePosted(getBlogIDFromItemId($itemid));
4628 // reset the futurePosted in case the item is moved from one blog to another
4629 $this->updateFuturePosted($old_blogid);
4631 if ($catid != intRequestVar('catid'))
4632 $this->action_categoryedit($catid, $blog->getID());
4634 $this->action_itemlist(getBlogIDFromCatID($catid));
4638 * Moves one item to a given category (category existance should be checked by caller)
4639 * errors are returned
4640 * @param int $itemid
4641 * @param int $destCatid category ID to which the item will be moved
4643 function moveOneItem($itemid, $destCatid) {
4646 // only allow if user is allowed to move item
4647 if (!$member->canUpdateItem($itemid, $destCatid))
4648 return _ERROR_DISALLOWED;
4650 Item::move($itemid, $destCatid);
4654 * Adds a item to the chosen blog
4656 function action_additem() {
4657 global $manager, $CONF;
4659 $manager->loadClass('ITEM');
4661 $result = Item::createFromRequest();
4663 if ($result['status'] == 'error')
4664 $this->error($result['message']);
4666 $blogid = getBlogIDFromItemID($result['itemid']);
4667 $blog =& $manager->getBlog($blogid);
4668 $btimestamp = $blog->getCorrectTime();
4669 $item = $manager->getItem(intval($result['itemid']), 1, 1);
4671 if ($result['status'] == 'newcategory') {
4672 $distURI = $manager->addTicketToUrl($CONF['AdminURL'] . 'index.php?action=itemList&blogid=' . intval($blogid));
4673 $this->action_categoryedit($result['catid'], $blogid, $distURI);
4675 $methodName = 'action_itemList';
4676 call_user_func(array(&$this, $methodName), $blogid);
4681 * Allows to edit previously made comments
4683 function action_commentedit() {
4685 global $member, $manager;
4687 $commentid = intRequestVar('commentid');
4689 $member->canAlterComment($commentid) or $this->disallow();
4691 $comment = Comment::getComment($commentid);
4693 $manager->notify('PrepareCommentForEdit', array('comment' => &$comment) );
4695 // change <br /> to \n
4696 $comment['body'] = str_replace('<br />', '', $comment['body']);
4698 // replaced eregi_replace() below with preg_replace(). ereg* functions are deprecated in PHP 5.3.0
4699 /* original eregi_replace: eregi_replace("<a href=['\"]([^'\"]+)['\"]( rel=\"nofollow\") ?>[^<]*</a>", "\\1", $comment['body']) */
4701 $comment['body'] = preg_replace("#<a href=['\"]([^'\"]+)['\"]( rel=\"nofollow\") ?>[^<]*</a>#i", "\\1", $comment['body']);
4706 <h2><?php echo _EDITC_TITLE ?></h2>
4708 <form action="index.php" method="post"><div>
4710 <input type="hidden" name="action" value="commentupdate" />
4711 <?php $manager->addTicketHidden(); ?>
4712 <input type="hidden" name="commentid" value="<?php echo $commentid; ?>" />
4714 <th colspan="2"><?php echo _EDITC_TITLE ?></th>
4716 <td><?php echo _EDITC_WHO ?></td>
4718 <?php if ($comment['member'])
4719 echo $comment['member'] . " (" . _EDITC_MEMBER . ")";
4721 echo $comment['user'] . " (" . _EDITC_NONMEMBER . ")";
4725 <td><?php echo _EDITC_WHEN ?></td>
4726 <td><?php echo date("Y-m-d @ H:i",$comment['timestamp']); ?></td>
4728 <td><?php echo _EDITC_HOST ?></td>
4729 <td><?php echo $comment['host']; ?></td>
4732 <td><?php echo _EDITC_URL; ?></td>
4733 <td><input type="text" name="url" size="30" tabindex="6" value="<?php echo $comment['userid']; ?>" /></td>
4736 <td><?php echo _EDITC_EMAIL; ?></td>
4737 <td><input type="text" name="email" size="30" tabindex="8" value="<?php echo $comment['email']; ?>" /></td>
4740 <td><?php echo _EDITC_TEXT ?></td>
4742 <textarea name="body" tabindex="10" rows="10" cols="50"><?php // htmlspecialchars not needed (things should be escaped already)
4743 echo $comment['body'];
4747 <td><?php echo _EDITC_EDIT ?></td>
4748 <td><input type="submit" tabindex="20" value="<?php echo _EDITC_EDIT ?>" onclick="return checkSubmit();" /></td>
4757 * @todo document this
4759 function action_commentupdate() {
4760 global $member, $manager;
4762 $commentid = intRequestVar('commentid');
4764 $member->canAlterComment($commentid) or $this->disallow();
4766 $url = postVar('url');
4767 $email = postVar('email');
4768 $body = postVar('body');
4770 # replaced eregi() below with preg_match(). ereg* functions are deprecated in PHP 5.3.0
4771 # original eregi: eregi("[a-zA-Z0-9|\.,;:!\?=\/\\]{90,90}", $body) != FALSE
4772 # important note that '\' must be matched with '\\\\' in preg* expressions
4774 // intercept words that are too long
4775 if (preg_match('#[a-zA-Z0-9|\.,;:!\?=\/\\\\]{90,90}#', $body) != FALSE)
4779 * Admin::action_templateclone()
4784 static private function action_templateclone()
4788 $templateid = intRequestVar('templateid');
4790 $member->isAdmin() or self::disallow();
4792 // 1. read old template
4793 $name = Template::getNameFromId($templateid);
4794 $desc = Template::getDesc($templateid);
4796 // 2. create desc thing
4797 $name = "cloned" . $name;
4799 // if a template with that name already exists:
4800 if ( Template::exists($name) )
4801 >>>>>>> skinnable-master
4804 while (Template::exists($name . $i))
4811 $newid = Template::createNew($name, $desc);
4814 // go through parts of old template and add them to the new one
4815 $query = "SELECT tpartname, tcontent FROM %s WHERE tdesc=%d;";
4816 $query = sprintf($query, sql_table('template'), (integer) $templateid);
4818 $res = DB::getResult($query);
4819 foreach ( $res as $row)
4821 self::addToTemplate($newid, $row['tpartname'], $row['tcontent']);
4824 self::action_templateoverview();
4829 * Admin::action_admintemplateoverview()
4834 static private function action_admintemplateoverview()
4837 $member->isAdmin() or self::disallow();
4838 self::$skin->parse('admntemplateoverview');
4843 * Admin::action_admintemplateedit()
4845 * @param string $msg message for pageheader
4848 static private function action_admintemplateedit($msg = '')
4850 global $member, $manager;
4853 self::$headMess = $msg;
4858 $body = Comment::prepareBody($body);
4861 $manager->notify('PreUpdateComment',array('body' => &$body));
4863 $query = 'UPDATE ' . sql_table('comment')
4864 . ' SET cmail = ' . DB::quoteValue($url) . ', cemail = ' . DB::quoteValue($email) . ', cbody = ' . DB::quoteValue($body)
4865 . ' WHERE cnumber = ' . $commentid;
4866 DB::execute($query);
4869 $res = DB::getValue('SELECT citem FROM '.sql_table('comment').' WHERE cnumber=' . $commentid);
4872 if ($member->canAlterItem($itemid))
4873 $this->action_itemcommentlist($itemid);
4875 $this->action_browseowncomments();
4879 $member->isAdmin() or self::disallow();
4881 self::$extrahead .= "<script type=\"text/javascript\" src=\"<%skinfile(/javascripts/templateEdit.js)%>\"></script>\n";
4882 self::$extrahead .= '<script type="text/javascript">setTemplateEditText("' . Entity::hsc(_EDITTEMPLATE_EMPTY) . '");</script>' . "\n";
4884 self::$skin->parse('admintemplateedit');
4887 >>>>>>> skinnable-master
4890 * Admin::action_admintemplateupdate()
4895 static private function action_admintemplateupdate()
4897 global $member, $manager;
4898 $templateid = intRequestVar('templateid');
4899 $member->isAdmin() or self::disallow();
4900 $name = postVar('tname');
4901 $desc = postVar('tdesc');
4903 if ( !isValidTemplateName($name) )
4905 self::error(_ERROR_BADTEMPLATENAME);
4909 if ( (Template::getNameFromId($templateid) != $name) && Template::exists($name) )
4911 self::error(_ERROR_DUPTEMPLATENAME);
4915 // 1. Remove all template parts
4916 $query = "DELETE FROM %s WHERE tdesc=%d;";
4917 $query = sprintf($query, sql_table('template'), (integer) $templateid);
4918 DB::execute($query);
4920 // 2. Update description
4921 $query = "UPDATE %s SET tdname=%s, tddesc=%s WHERE tdnumber=%d;";
4922 $query = sprintf($query, sql_table('template_desc'), DB::quoteValue($name), DB::quoteValue($desc), (integer) $templateid);
4923 DB::execute($query);
4925 // 3. Add non-empty template parts
4926 self::addToTemplate($templateid, 'NORMALSKINLIST_HEAD', postVar('NORMALSKINLIST_HEAD'));
4927 self::addToTemplate($templateid, 'NORMALSKINLIST_BODY', postVar('NORMALSKINLIST_BODY'));
4928 self::addToTemplate($templateid, 'NORMALSKINLIST_FOOT', postVar('NORMALSKINLIST_FOOT'));
4929 self::addToTemplate($templateid, 'ADMIN_CUSTOMHELPLINK_ICON', postVar('ADMIN_CUSTOMHELPLINK_ICON'));
4930 self::addToTemplate($templateid, 'ADMIN_CUSTOMHELPLINK_ANCHOR', postVar('ADMIN_CUSTOMHELPLINK_ANCHOR'));
4931 self::addToTemplate($templateid, 'ADMIN_BLOGLINK', postVar('ADMIN_BLOGLINK'));
4932 self::addToTemplate($templateid, 'ADMIN_BATCHLIST', postVar('ADMIN_BATCHLIST'));
4933 self::addToTemplate($templateid, 'ACTIVATE_FORGOT_TITLE', postVar('ACTIVATE_FORGOT_TITLE'));
4934 self::addToTemplate($templateid, 'ACTIVATE_FORGOT_TEXT', postVar('ACTIVATE_FORGOT_TEXT'));
4935 self::addToTemplate($templateid, 'ACTIVATE_REGISTER_TITLE', postVar('ACTIVATE_REGISTER_TITLE'));
4936 self::addToTemplate($templateid, 'ACTIVATE_REGISTER_TEXT', postVar('ACTIVATE_REGISTER_TEXT'));
4937 self::addToTemplate($templateid, 'ACTIVATE_CHANGE_TITLE', postVar('ACTIVATE_CHANGE_TITLE'));
4938 self::addToTemplate($templateid, 'ACTIVATE_CHANGE_TEXT', postVar('ACTIVATE_CHANGE_TEXT'));
4939 self::addToTemplate($templateid, 'TEMPLATE_EDIT_EXPLUGNAME', postVar('TEMPLATE_EDIT_EXPLUGNAME'));
4940 self::addToTemplate($templateid, 'TEMPLATE_EDIT_ROW_HEAD', postVar('TEMPLATE_EDIT_ROW_HEAD'));
4941 self::addToTemplate($templateid, 'TEMPLATE_EDIT_ROW_TAIL', postVar('TEMPLATE_EDIT_ROW_TAIL'));
4942 self::addToTemplate($templateid, 'SPECIALSKINLIST_HEAD', postVar('SPECIALSKINLIST_HEAD'));
4943 self::addToTemplate($templateid, 'SPECIALSKINLIST_BODY', postVar('SPECIALSKINLIST_BODY'));
4944 self::addToTemplate($templateid, 'SPECIALSKINLIST_FOOT', postVar('SPECIALSKINLIST_FOOT'));
4945 self::addToTemplate($templateid, 'SYSTEMINFO_GDSETTINGS', postVar('SYSTEMINFO_GDSETTINGS'));
4946 self::addToTemplate($templateid, 'BANLIST_DELETED_LIST', postVar('BANLIST_DELETED_LIST'));
4947 self::addToTemplate($templateid, 'INSERT_PLUGOPTION_TITLE', postVar('INSERT_PLUGOPTION_TITLE'));
4948 self::addToTemplate($templateid, 'INSERT_PLUGOPTION_BODY', postVar('INSERT_PLUGOPTION_BODY'));
4949 self::addToTemplate($templateid, 'INPUTYESNO_TEMPLATE_ADMIN', postVar('INPUTYESNO_TEMPLATE_ADMIN'));
4950 self::addToTemplate($templateid, 'INPUTYESNO_TEMPLATE_NORMAL', postVar('INPUTYESNO_TEMPLATE_NORMAL'));
4951 self::addToTemplate($templateid, 'ADMIN_SPECIALSKINLIST_HEAD', postVar('ADMIN_SPECIALSKINLIST_HEAD'));
4952 self::addToTemplate($templateid, 'ADMIN_SPECIALSKINLIST_BODY', postVar('ADMIN_SPECIALSKINLIST_BODY'));
4953 self::addToTemplate($templateid, 'ADMIN_SPECIALSKINLIST_FOOT', postVar('ADMIN_SPECIALSKINLIST_FOOT'));
4954 self::addToTemplate($templateid, 'SKINIE_EXPORT_LIST', postVar('SKINIE_EXPORT_LIST'));
4955 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_SELECT_HEAD', postVar('SHOWLIST_LISTPLUG_SELECT_HEAD'));
4956 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_SELECT_BODY', postVar('SHOWLIST_LISTPLUG_SELECT_BODY'));
4957 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_SELECT_FOOT', postVar('SHOWLIST_LISTPLUG_SELECT_FOOT'));
4958 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_HEAD'));
4959 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_BODY'));
4960 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_FOOT'));
4961 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_MEMBLIST_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_MEMBLIST_HEAD'));
4962 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_MEMBLIST_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_MEMBLIST_BODY'));
4963 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_MEMBLIST_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_MEMBLIST_FOOT'));
4964 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_TEAMLIST_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_TEAMLIST_HEAD'));
4965 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_TEAMLIST_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_TEAMLIST_BODY'));
4966 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_TEAMLIST_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_TEAMLIST_FOOT'));
4967 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLUGLIST_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_PLUGLIST_HEAD'));
4968 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLUGLIST_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_PLUGLIST_BODY'));
4969 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLUGLIST_GURL', postVar('SHOWLIST_LISTPLUG_TABLE_PLUGLIST_GURL'));
4970 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLUGEVENTLIST', postVar('SHOWLIST_LISTPLUG_TABLE_PLUGEVENTLIST'));
4971 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLUGNEDUPDATE', postVar('SHOWLIST_LISTPLUG_TABLE_PLUGNEDUPDATE'));
4972 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLUGIN_DEPEND', postVar('SHOWLIST_LISTPLUG_TABLE_PLUGIN_DEPEND'));
4973 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLUGIN_DEPREQ', postVar('SHOWLIST_LISTPLUG_TABLE_PLUGIN_DEPREQ'));
4974 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLUGLISTFALSE', postVar('SHOWLIST_LISTPLUG_TABLE_PLUGLISTFALSE'));
4975 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLUGLIST_ACTN', postVar('SHOWLIST_LISTPLUG_TABLE_PLUGLIST_ACTN'));
4976 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLUGLIST_ADMN', postVar('SHOWLIST_LISTPLUG_TABLE_PLUGLIST_ADMN'));
4977 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLUGLIST_HELP', postVar('SHOWLIST_LISTPLUG_TABLE_PLUGLIST_HELP'));
4978 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLUGOPTSETURL', postVar('SHOWLIST_LISTPLUG_TABLE_PLUGOPTSETURL'));
4979 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLUGLIST_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_PLUGLIST_FOOT'));
4980 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_POPTLIST_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_POPTLIST_HEAD'));
4981 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_POPTLIST_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_POPTLIST_BODY'));
4982 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLGOPT_OYESNO', postVar('SHOWLIST_LISTPLUG_TABLE_PLGOPT_OYESNO'));
4983 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLGOPT_OPWORD', postVar('SHOWLIST_LISTPLUG_TABLE_PLGOPT_OPWORD'));
4984 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLGOPT_OSELEP', postVar('SHOWLIST_LISTPLUG_TABLE_PLGOPT_OSELEP'));
4985 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLGOPT_OSELEO', postVar('SHOWLIST_LISTPLUG_TABLE_PLGOPT_OSELEO'));
4986 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLGOPT_OSELEC', postVar('SHOWLIST_LISTPLUG_TABLE_PLGOPT_OSELEC'));
4987 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLGOPT_OTAREA', postVar('SHOWLIST_LISTPLUG_TABLE_PLGOPT_OTAREA'));
4988 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLGOPT_OITEXT', postVar('SHOWLIST_LISTPLUG_TABLE_PLGOPT_OITEXT'));
4989 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLUGOPTN_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_PLUGOPTN_FOOT'));
4990 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_POPTLIST_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_POPTLIST_FOOT'));
4991 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_ITEMLIST_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_ITEMLIST_HEAD'));
4992 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_ITEMLIST_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_ITEMLIST_BODY'));
4993 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_ITEMLIST_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_ITEMLIST_FOOT'));
4994 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_CMNTLIST_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_CMNTLIST_HEAD'));
4995 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_CMNTLIST_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_CMNTLIST_BODY'));
4996 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_CMNTLIST_ABAN', postVar('SHOWLIST_LISTPLUG_TABLE_CMNTLIST_ABAN'));
4997 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_CMNTLIST_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_CMNTLIST_FOOT'));
4998 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_BLOGLIST_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_BLOGLIST_HEAD'));
4999 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_BLOGLIST_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_BLOGLIST_BODY'));
5000 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_BLIST_BD_TADM', postVar('SHOWLIST_LISTPLUG_TABLE_BLIST_BD_TADM'));
5001 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_BLIST_BD_SADM', postVar('SHOWLIST_LISTPLUG_TABLE_BLIST_BD_SADM'));
5002 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_BLOGLIST_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_BLOGLIST_FOOT'));
5003 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_BLOGSNAM_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_BLOGSNAM_HEAD'));
5004 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_BLOGSNAM_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_BLOGSNAM_BODY'));
5005 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_BLOGSNAM_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_BLOGSNAM_FOOT'));
5006 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_SHORTNAM_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_SHORTNAM_HEAD'));
5007 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_SHORTNAM_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_SHORTNAM_BODY'));
5008 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_SHORTNAM_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_SHORTNAM_FOOT'));
5009 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_CATELIST_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_CATELIST_HEAD'));
5010 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_CATELIST_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_CATELIST_BODY'));
5011 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_CATELIST_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_CATELIST_FOOT'));
5012 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_TPLTLIST_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_TPLTLIST_HEAD'));
5013 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_TPLTLIST_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_TPLTLIST_BODY'));
5014 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_TPLTLIST_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_TPLTLIST_FOOT'));
5015 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_SKINLIST_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_SKINLIST_HEAD'));
5016 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_SKINLIST_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_SKINLIST_BODY'));
5017 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_SKINLIST_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_SKINLIST_FOOT'));
5018 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_DRFTLIST_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_DRFTLIST_HEAD'));
5019 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_DRFTLIST_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_DRFTLIST_BODY'));
5020 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_DRFTLIST_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_DRFTLIST_FOOT'));
5021 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_ACTNLIST_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_ACTNLIST_HEAD'));
5022 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_ACTNLIST_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_ACTNLIST_BODY'));
5023 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_ACTNLIST_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_ACTNLIST_FOOT'));
5024 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_IBANLIST_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_IBANLIST_HEAD'));
5025 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_IBANLIST_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_IBANLIST_BODY'));
5026 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_IBANLIST_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_IBANLIST_FOOT'));
5027 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_NAVILIST', postVar('SHOWLIST_LISTPLUG_TABLE_NAVILIST'));
5028 self::addToTemplate($templateid, 'PLUGIN_QUICKMENU_TITLE', postVar('PLUGIN_QUICKMENU_TITLE'));
5029 self::addToTemplate($templateid, 'PLUGIN_QUICKMENU_HEAD', postVar('PLUGIN_QUICKMENU_HEAD'));
5030 self::addToTemplate($templateid, 'PLUGIN_QUICKMENU_BODY', postVar('PLUGIN_QUICKMENU_BODY'));
5031 self::addToTemplate($templateid, 'PLUGIN_QUICKMENU_FOOT', postVar('PLUGIN_QUICKMENU_FOOT'));
5033 $data = array('fields' => array());
5034 $manager->notify('AdminTemplateExtraFields', $data);
5035 foreach ( $data['fields'] as $pfkey => $pfvalue )
5037 foreach ( $pfvalue as $pffield => $pfdesc )
5039 self::addToTemplate($templateid, $pffield, postVar($pffield));
5043 // jump back to template edit
5044 self::action_admintemplateedit(_TEMPLATE_UPDATED);
5049 * Admin::action_admintemplatedelete()
5054 static private function action_admintemplatedelete()
5056 global $member, $manager;
5057 $member->isAdmin() or self::disallow();
5059 // TODO: check if template can be deleted
5060 self::$skin->parse('admintemplatedelete');
5066 * @todo document this
5068 function action_commentdeleteconfirm() {
5071 $commentid = intRequestVar('commentid');
5073 // get item id first
5074 $res = DB::getValue('SELECT citem FROM '.sql_table('comment') .' WHERE cnumber=' . $commentid);
5077 $error = $this->deleteOneComment($commentid);
5079 $this->doError($error);
5081 if ($member->canAlterItem($itemid))
5082 $this->action_itemcommentlist($itemid);
5084 $this->action_browseowncomments();
5088 * @todo document this
5090 function deleteOneComment($commentid) {
5091 global $member, $manager;
5093 $commentid = intval($commentid);
5095 if (!$member->canAlterComment($commentid))
5096 return _ERROR_DISALLOWED;
5098 $manager->notify('PreDeleteComment', array('commentid' => $commentid));
5100 // delete the comments associated with the item
5101 $query = 'DELETE FROM '.sql_table('comment').' WHERE cnumber=' . $commentid;
5102 DB::execute($query);
5104 $manager->notify('PostDeleteComment', array('commentid' => $commentid));
5110 * Admin::action_usermanagement()
5112 * Usermanagement main
5116 public function action_usermanagement()
5118 global $member, $manager;
5121 $member->isAdmin() or $this->disallow();
5125 echo '<p><a href="index.php?action=manage">(' . _BACKTOMANAGE . ")</a></p>\n";
5127 echo '<h2>' . _MEMBERS_TITLE . "</h2>\n";
5129 echo '<h3>' . _MEMBERS_CURRENT . "</h3>\n";
5131 // show list of members with actions
5132 $query = 'SELECT * FROM '.sql_table('member');
5133 $template['content'] = 'memberlist';
5134 $template['tabindex'] = 10;
5136 $manager->loadClass("ENCAPSULATE");
5137 $batch = new Batch('member');
5138 $batch->showlist($query,'table',$template);
5140 echo '<h3>' . _MEMBERS_NEW .'</h3>';
5141 echo "<form method=\"post\" action=\"index.php\" name=\"memberedit\">\n";
5143 echo "<input type=\"hidden\" name=\"action\" value=\"memberadd\" />\n";
5144 $manager->addTicketHidden();
5146 echo '<table frame="box" rules="rules" summary="' . _MEMBERS_NEW . '">' ."\n";
5148 echo '<th colspan="2">' . _MEMBERS_NEW . "</th>\n";
5151 echo '<td>' . _MEMBERS_DISPLAY;
5154 echo '<small>' . _MEMBERS_DISPLAY_INFO . '</small>';
5156 echo "<td><input tabindex=\"10010\" name=\"name\" size=\"32\" maxlength=\"32\" /></td>\n";
5159 echo '<td>' . _MEMBERS_REALNAME . "</td>\n";
5160 echo "<td><input name=\"realname\" tabindex=\"10020\" size=\"40\" maxlength=\"60\" /></td>\n";
5163 echo '<td>' . _MEMBERS_PWD . "</td>\n";
5164 echo "<td><input name=\"password\" tabindex=\"10030\" size=\"16\" maxlength=\"40\" type=\"password\" /></td>\n";
5167 echo '<td>' . _MEMBERS_REPPWD . "</td>\n";
5168 echo "<td><input name=\"repeatpassword\" tabindex=\"10035\" size=\"16\" maxlength=\"40\" type=\"password\" /></td>\n";
5171 echo '<td>' . _MEMBERS_EMAIL . "</td>\n";
5172 echo "<td><input name=\"email\" tabindex=\"10040\" size=\"40\" maxlength=\"60\" /></td>\n";
5175 echo '<td>' . _MEMBERS_URL . "</td>\n";
5176 echo "<td><input name=\"url\" tabindex=\"10050\" size=\"40\" maxlength=\"100\" /></td>\n";
5179 echo '<td>' . _MEMBERS_SUPERADMIN;
5183 $this->input_yesno('admin',0,10060);
5187 echo '<td>' . _MEMBERS_CANLOGIN;
5191 $this->input_yesno('canlogin',1,10070);
5195 echo '<td>' . _MEMBERS_NOTES . "</td>\n";
5196 echo "<td><input name=\"notes\" maxlength=\"100\" size=\"40\" tabindex=\"10080\" /></td>\n";
5199 echo '<td>' . _MEMBERS_NEW . "</td>\n";
5200 echo '<td><input type="submit" value="' . _MEMBERS_NEW_BTN . '" tabindex="10090" onclick="return checkSubmit();" />' . "</td>\n";
5210 * Edit member settings
5212 function action_memberedit() {
5213 $this->action_editmembersettings(intRequestVar('memberid'));
5217 >>>>>>> skinnable-master
5219 * Admin::action_admintemplatedeleteconfirm()
5224 static private function action_admintemplatedeleteconfirm()
5226 global $member, $manager;
5228 $templateid = intRequestVar('templateid');
5229 $member->isAdmin() or self::disallow();
5231 $data = array('templateid' => $templateid);
5232 $manager->notify('PreDeleteAdminTemplate', $data);
5234 // 1. delete description
5235 $query = "DELETE FROM %s WHERE tdnumber=%s;";
5236 $query = sprintf($query, sql_table('template_desc'), (integer) $templateid);
5237 DB::execute($query);
5240 // show message to go back to member overview (only for admins)
5241 if ($member->isAdmin())
5243 echo '<a href="index.php?action=usermanagement">(' ._MEMBERS_BACKTOOVERVIEW. ')</a>';
5247 echo '<a href="index.php?action=overview">(' ._BACKHOME. ')</a>';
5249 echo '<h2>' . _MEMBERS_EDIT . '</h2>';
5251 $mem =& $manager->getMember($memberid);
5253 <form method="post" action="index.php" name="memberedit"><div>
5255 <input type="hidden" name="action" value="changemembersettings" />
5256 <input type="hidden" name="memberid" value="<?php echo $memberid; ?>" />
5257 <?php $manager->addTicketHidden() ?>
5260 <th colspan="2"><?php echo _MEMBERS_EDIT ?></th>
5262 <td><?php echo _MEMBERS_DISPLAY ?> <?php help('shortnames'); ?>
5263 <br /><small><?php echo _MEMBERS_DISPLAY_INFO ?></small>
5266 <?php if ($CONF['AllowLoginEdit'] || $member->isAdmin()) { ?>
5267 <input name="name" tabindex="10" maxlength="32" size="32" value="<?php echo Entity::hsc($mem->getDisplayName()); ?>" />
5269 echo Entity::hsc($member->getDisplayName());
5274 <td><?php echo _MEMBERS_REALNAME ?></td>
5275 <td><input name="realname" tabindex="20" maxlength="60" size="40" value="<?php echo Entity::hsc($mem->getRealName()); ?>" /></td>
5277 <?php if ($CONF['AllowLoginEdit'] || $member->isAdmin()) { ?>
5278 <td><?php echo _MEMBERS_PWD ?></td>
5279 <td><input type="password" tabindex="30" maxlength="40" size="16" name="password" /></td>
5281 <td><?php echo _MEMBERS_REPPWD ?></td>
5282 <td><input type="password" tabindex="35" maxlength="40" size="16" name="repeatpassword" /></td>
5285 <td><?php echo _MEMBERS_EMAIL ?>
5286 <br /><small><?php echo _MEMBERS_EMAIL_EDIT ?></small>
5288 <td><input name="email" tabindex="40" size="40" maxlength="60" value="<?php echo Entity::hsc($mem->getEmail()); ?>" /></td>
5290 <td><?php echo _MEMBERS_URL ?></td>
5291 <td><input name="url" tabindex="50" size="40" maxlength="100" value="<?php echo Entity::hsc($mem->getURL()); ?>" /></td>
5292 <?php // only allow to change this by super-admins
5293 // we don't want normal users to 'upgrade' themselves to super-admins, do we? ;-)
5294 if ($member->isAdmin()) {
5297 <td><?php echo _MEMBERS_SUPERADMIN ?> <?php help('superadmin'); ?></td>
5298 <td><?php $this->input_yesno('admin',$mem->isAdmin(),60); ?></td>
5300 <td><?php echo _MEMBERS_CANLOGIN ?> <?php help('canlogin'); ?></td>
5301 <td><?php $this->input_yesno('canlogin',$mem->canLogin(),70,1,0,_YES,_NO,$mem->isAdmin()); ?></td>
5304 <td><?php echo _MEMBERS_NOTES ?></td>
5305 <td><input name="notes" tabindex="80" size="40" maxlength="100" value="<?php echo Entity::hsc($mem->getNotes()); ?>" /></td>
5307 <td><?php echo _MEMBERS_LOCALE ?> <?php help('locale'); ?>
5311 <select name="locale" tabindex="85">
5313 $locales = i18n::get_available_locale_list();
5314 if ( !$mem->getLocale() || !in_array($mem->getLocale(), $locales) )
5316 echo "<option value=\"\" selected=\"selected\">" . Entity::hsc(_MEMBERS_USESITELANG) . "</option>\n";
5320 echo "<option value=\"\">" . Entity::hsc(_MEMBERS_USESITELANG) . "</option>\n";
5323 foreach( $locales as $locale )
5325 if( $locale == $mem->getLocale() )
5327 echo "<option value=\"{$locale}\" selected=\"selected\">{$locale}</option>\n";
5331 echo "<option value=\"{$locale}\">{$locale}</option>\n";
5340 <td><?php echo _MEMBERS_USEAUTOSAVE ?> <?php help('autosave'); ?></td>
5341 <td><?php $this->input_yesno('autosave', $mem->getAutosave(), 87); ?></td>
5345 $this->_insertPluginOptions('member',$memberid);
5348 <th colspan="2"><?php echo _MEMBERS_EDIT ?></th>
5350 <td><?php echo _MEMBERS_EDIT ?></td>
5351 <td><input type="submit" tabindex="90" value="<?php echo _MEMBERS_EDIT_BTN ?>" onclick="return checkSubmit();" /></td>
5357 echo '<h3>',_PLUGINS_EXTRA,'</h3>';
5360 'MemberSettingsFormExtras',
5368 $query = "DELETE FROM %s WHERE tdesc=%d;";
5369 $query = sprintf($query, sql_table('template'), (integer) $templateid);
5370 DB::execute($query);
5372 $data = array('templateid' => $templateid);
5373 $manager->notify('PostDeleteAdminTemplate', $data);
5375 self::action_admintemplateoverview();
5377 >>>>>>> skinnable-master
5381 * Admin::action_admintemplatenew()
5386 static private function action_admintemplatenew()
5389 $member->isAdmin() or self::disallow();
5390 $name = postVar('name');
5391 $desc = postVar('desc');
5393 if ( !isValidTemplateName($name) )
5396 $url = 'http://' . $url;
5399 $admin = postVar('admin');
5400 $canlogin = postVar('canlogin');
5401 $notes = strip_tags(postVar('notes'));
5402 $locale = postVar('locale');
5404 $mem =& $manager->getMember($memberid);
5406 if ($CONF['AllowLoginEdit'] || $member->isAdmin()) {
5408 if (!isValidDisplayName($name))
5409 $this->error(_ERROR_BADNAME);
5411 if (($name != $mem->getDisplayName()) && Member::exists($name))
5412 $this->error(_ERROR_NICKNAMEINUSE);
5414 if ($password != $repeatpassword)
5415 $this->error(_ERROR_PASSWORDMISMATCH);
5417 if ($password && (i18n::strlen($password) < 6))
5418 $this->error(_ERROR_PASSWORDTOOSHORT);
5423 $manager->notify('PrePasswordSet',array('password' => $password, 'errormessage' => &$pwderror, 'valid' => &$pwdvalid));
5425 $this->error($pwderror);
5429 self::error(_ERROR_BADTEMPLATENAME);
5431 >>>>>>> skinnable-master
5433 else if ( !preg_match('#^admin/#', $name) )
5435 self::error(_ERROR_BADADMINTEMPLATENAME);
5438 else if ( Template::exists($name) )
5440 self::error(_ERROR_DUPTEMPLATENAME);
5444 if ( ($locale != '') && (!in_array($locale, i18n::get_available_locale_list())) )
5445 $this->error(_ERROR_NOSUCHTRANSLATION);
5447 // check if there will remain at least one site member with both the logon and admin rights
5448 // (check occurs when taking away one of these rights from such a member)
5449 if ( (!$admin && $mem->isAdmin() && $mem->canLogin())
5450 || (!$canlogin && $mem->isAdmin() && $mem->canLogin())
5453 $r = DB::getResult('SELECT * FROM '.sql_table('member').' WHERE madmin=1 and mcanlogin=1');
5454 if ($r->rowCount() < 2)
5455 $this->error(_ERROR_ATLEASTONEADMIN);
5458 if ($CONF['AllowLoginEdit'] || $member->isAdmin()) {
5459 $mem->setDisplayName($name);
5461 $mem->setPassword($password);
5464 $oldEmail = $mem->getEmail();
5466 $mem->setRealName($realname);
5467 $mem->setEmail($email);
5469 $mem->setNotes($notes);
5470 $mem->setLocale($locale);
5473 // only allow super-admins to make changes to the admin status
5474 if ($member->isAdmin()) {
5475 $mem->setAdmin($admin);
5476 $mem->setCanLogin($canlogin);
5479 $autosave = postVar ('autosave');
5480 $mem->setAutosave($autosave);
5484 // store plugin options
5485 $aOptions = requestArray('plugoption');
5486 NucleusPlugin::apply_plugin_options($aOptions);
5487 $manager->notify('PostPluginOptionsUpdate',array('context' => 'member', 'memberid' => $memberid, 'member' => &$mem));
5489 // if email changed, generate new password
5490 if ($oldEmail != $mem->getEmail())
5492 $mem->sendActivationLink('addresschange', $oldEmail);
5494 $mem->newCookieKey();
5496 // only log out if the member being edited is the current member.
5497 if ($member->getID() == $memberid)
5499 $this->action_login(_MSG_ACTIVATION_SENT, 0);
5504 if ( ( $mem->getID() == $member->getID() )
5505 && ( $mem->getDisplayName() != $member->getDisplayName() )
5507 $mem->newCookieKey();
5509 $this->action_login(_MSG_LOGINAGAIN, 0);
5511 $this->action_overview(_MSG_SETTINGSCHANGED);
5517 $newTemplateId = Template::createNew($name, $desc);
5518 self::action_admintemplateoverview();
5522 >>>>>>> skinnable-master
5524 * Admin::action_admintemplateclone()
5529 static private function action_admintemplateclone()
5532 $templateid = intRequestVar('templateid');
5533 $member->isAdmin() or self::disallow();
5535 // 1. read old template
5536 $name = Template::getNameFromId($templateid);
5537 $desc = Template::getDesc($templateid);
5539 // 2. create desc thing
5540 $name = $name . "cloned";
5542 // if a template with that name already exists:
5543 if ( Template::exists($name) )
5546 while ( Template::exists($name . $i) )
5553 $newid = Template::createNew($name, $desc);
5556 // go through parts of old template and add them to the new one
5557 $query = "SELECT tpartname, tcontent FROM %s WHERE tdesc=%d;";
5558 $query = sprintf($query, sql_table('template'), (integer) $templateid);
5560 $res = DB::getResult($query);
5561 foreach ( $res as $row )
5563 self::addToTemplate($newid, $row['tpartname'], $row['tcontent']);
5566 self::action_admintemplateoverview();
5571 * Admin::action_skinoverview()
5576 static private function action_skinoverview()
5578 global $member, $manager;
5580 $member->isAdmin() or self::disallow();
5582 self::$skin->parse('skinoverview');
5587 * Admin::action_skinnew()
5592 static private function action_skinnew()
5596 $member->isAdmin() or self::disallow();
5598 $name = trim(postVar('name'));
5599 $desc = trim(postVar('desc'));
5601 if ( !isValidSkinName($name) )
5603 self::error(_ERROR_BADSKINNAME);
5606 else if ( SKIN::exists($name) )
5608 self::error(_ERROR_DUPSKINNAME);
5612 SKIN::createNew($name, $desc);
5614 self::action_skinoverview();
5620 * Account activation
5624 function action_activate() {
5626 $key = getVar('key');
5627 $this->_showActivationPage($key);
5631 * @todo document this
5633 function _showActivationPage($key, $message = '')
5637 // clean up old activation keys
5638 Member::cleanupActivationTable();
5640 // get activation info
5641 $info = Member::getActivationInfo($key);
5644 $this->error(_ERROR_ACTIVATE);
5646 $mem =& $manager->getMember($info['vmember']);
5649 $this->error(_ERROR_ACTIVATE);
5653 $bNeedsPasswordChange = true;
5655 switch ($info['vtype'])
5658 $title = _ACTIVATE_FORGOT_TITLE;
5659 $text = _ACTIVATE_FORGOT_TEXT;
5662 $title = _ACTIVATE_REGISTER_TITLE;
5663 $text = _ACTIVATE_REGISTER_TEXT;
5665 case 'addresschange':
5666 $title = _ACTIVATE_CHANGE_TITLE;
5667 $text = _ACTIVATE_CHANGE_TEXT;
5668 $bNeedsPasswordChange = false;
5669 Member::activate($key);
5674 'memberName' => Entity::hsc($mem->getDisplayName())
5676 $title = Template::fill($title, $aVars);
5677 $text = Template::fill($text, $aVars);
5681 echo '<h2>' , $title, '</h2>';
5682 echo '<p>' , $text, '</p>';
5686 echo '<p class="error">',$message,'</p>';
5689 if ($bNeedsPasswordChange)
5692 <div><form action="index.php" method="post">
5694 <input type="hidden" name="action" value="activatesetpwd" />
5695 <?php $manager->addTicketHidden() ?>
5696 <input type="hidden" name="key" value="<?php echo Entity::hsc($key) ?>" />
5699 <td><?php echo _MEMBERS_PWD ?></td>
5700 <td><input type="password" maxlength="40" size="16" name="password" /></td>
5702 <td><?php echo _MEMBERS_REPPWD ?></td>
5703 <td><input type="password" maxlength="40" size="16" name="repeatpassword" /></td>
5707 $manager->notify('FormExtra', array('type' => 'activation', 'member' => $mem));
5711 <td><?php echo _MEMBERS_SETPWD ?></td>
5712 <td><input type='submit' value='<?php echo _MEMBERS_SETPWD_BTN ?>' /></td>
5727 * Account activation - set password part
5731 function action_activatesetpwd()
5734 $key = postVar('key');
5736 // clean up old activation keys
5737 Member::cleanupActivationTable();
5739 // get activation info
5740 $info = Member::getActivationInfo($key);
5742 if (!$info || ($info['type'] == 'addresschange'))
5743 return $this->_showActivationPage($key, _ERROR_ACTIVATE);
5745 $mem =& $manager->getMember($info['vmember']);
5748 return $this->_showActivationPage($key, _ERROR_ACTIVATE);
5750 $password = postVar('password');
5751 $repeatpassword = postVar('repeatpassword');
5753 if ($password != $repeatpassword)
5754 return $this->_showActivationPage($key, _ERROR_PASSWORDMISMATCH);
5756 if ($password && (i18n::strlen($password) < 6))
5757 return $this->_showActivationPage($key, _ERROR_PASSWORDTOOSHORT);
5763 $manager->notify('PrePasswordSet',array('password' => $password, 'errormessage' => &$pwderror, 'valid' => &$pwdvalid));
5765 return $this->_showActivationPage($key,$pwderror);
5771 $manager->notify('ValidateForm', array('type' => 'activation', 'member' => $mem, 'error' => &$error));
5773 return $this->_showActivationPage($key, $error);
5777 $mem->setPassword($password);
5780 // do the activation
5781 Member::activate($key);
5784 echo '<h2>',_ACTIVATE_SUCCESS_TITLE,'</h2>';
5785 echo '<p>',_ACTIVATE_SUCCESS_TEXT,'</p>';
5790 * Admin::action_manageteam()
5796 public function action_manageteam()
5798 global $member, $manager;
5800 $blogid = intRequestVar('blogid');
5803 $member->blogAdminRights($blogid) or $this->disallow();
5807 echo "<p><a href='index.php?action=blogsettings&blogid=$blogid'>(" . _BACK_TO_BLOGSETTINGS . ")</a></p>\n";
5809 echo '<h2>' . _TEAM_TITLE . getBlogNameFromID($blogid) . "</h2>\n";
5811 echo '<h3>' . _TEAM_CURRENT . "</h3>\n";
5813 $query = 'SELECT tblog, tmember, mname, mrealname, memail, tadmin'
5814 . ' FROM '.sql_table('member').', '.sql_table('team')
5815 . ' WHERE tmember=mnumber and tblog=' . $blogid;
5817 $template['content'] = 'teamlist';
5818 $template['tabindex'] = 10;
5820 $manager->loadClass("ENCAPSULATE");
5821 $batch = new Batch('team');
5822 $batch->showlist($query, 'table', $template);
5824 echo '<h3>' . _TEAM_ADDNEW . "</h3>\n";
5826 echo "<form method=\"post\" action=\"index.php\">\n";
5829 echo "<input type=\"hidden\" name=\"action\" value=\"teamaddmember\" />\n";
5830 echo "<input type=\"hidden\" name=\"blogid\" value=\"{$blogid}\" />\n";
5831 $manager->addTicketHidden();
5833 echo '<table frame="box" rules="all" summary="' . _TEAM_ADDNEW . '">' . "\n";
5835 echo '<td>' . _TEAM_CHOOSEMEMBER . "</td>\n";
5837 // TODO: try to make it so only non-team-members are listed
5840 $query = 'SELECT mname as text, mnumber as value FROM '.sql_table('member');
5841 $template['name'] = 'memberid';
5842 $template['tabindex'] = 10000;
5843 showlist($query,'select',$template);
5848 echo '<td>' . _TEAM_ADMIN;
5852 $this->input_yesno('admin',0,10020);
5856 echo '<td>' . _TEAM_ADD . "</td>\n";
5857 echo '<td><input type="submit" value="' . _TEAM_ADD_BTN . '" tabindex="10030" />' . "</td>\n";
5869 * Add member to team
5871 function action_teamaddmember() {
5872 global $member, $manager;
5874 $memberid = intPostVar('memberid');
5875 $blogid = intPostVar('blogid');
5876 $admin = intPostVar('admin');
5879 $member->blogAdminRights($blogid) or $this->disallow();
5881 $blog =& $manager->getBlog($blogid);
5882 if (!$blog->addTeamMember($memberid, $admin))
5883 $this->error(_ERROR_ALREADYONTEAM);
5885 $this->action_manageteam();
5890 * @todo document this
5892 function action_teamdelete() {
5893 global $member, $manager;
5895 $memberid = intRequestVar('memberid');
5896 $blogid = intRequestVar('blogid');
5899 $member->blogAdminRights($blogid) or $this->disallow();
5901 $teammem =& $manager->getMember($memberid);
5902 $blog =& $manager->getBlog($blogid);
5906 <h2><?php echo _DELETE_CONFIRM ?></h2>
5908 <p><?php echo _CONFIRMTXT_TEAM1 ?><b><?php echo Entity::hsc($teammem->getDisplayName()) ?></b><?php echo _CONFIRMTXT_TEAM2 ?><b><?php echo Entity::hsc(strip_tags($blog->getName())) ?></b>
5912 <form method="post" action="index.php"><div>
5913 <input type="hidden" name="action" value="teamdeleteconfirm" />
5914 <?php $manager->addTicketHidden() ?>
5915 <input type="hidden" name="memberid" value="<?php echo $memberid; ?>" />
5916 <input type="hidden" name="blogid" value="<?php echo $blogid; ?>" />
5917 <input type="submit" tabindex="10" value="<?php echo _DELETE_CONFIRM_BTN ?>" />
5924 * @todo document this
5926 function action_teamdeleteconfirm() {
5929 $memberid = intRequestVar('memberid');
5930 $blogid = intRequestVar('blogid');
5932 $error = $this->deleteOneTeamMember($blogid, $memberid);
5934 $this->error($error);
5937 $this->action_manageteam();
5941 * @todo document this
5943 function deleteOneTeamMember($blogid, $memberid) {
5944 global $member, $manager;
5946 $blogid = intval($blogid);
5947 $memberid = intval($memberid);
5950 if (!$member->blogAdminRights($blogid))
5951 return _ERROR_DISALLOWED;
5953 // check if: - there remains at least one blog admin
5954 // - (there remains at least one team member)
5955 $tmem =& $manager->getMember($memberid);
5957 $manager->notify('PreDeleteTeamMember', array('member' => &$tmem, 'blogid' => $blogid));
5959 if ($tmem->isBlogAdmin($blogid)) {
5960 // check if there are more blog members left and at least one admin
5961 // (check for at least two admins before deletion)
5962 $query = 'SELECT * FROM '.sql_table('team') . ' WHERE tblog='.$blogid.' and tadmin=1';
5963 $r = DB::getResult($query);
5964 if ($r->rowCount() < 2)
5965 return _ERROR_ATLEASTONEBLOGADMIN;
5968 $query = 'DELETE FROM '.sql_table('team')." WHERE tblog=$blogid and tmember=$memberid";
5969 DB::execute($query);
5971 $manager->notify('PostDeleteTeamMember', array('member' => &$tmem, 'blogid' => $blogid));
5977 * @todo document this
5979 function action_teamchangeadmin() {
5980 global $manager, $member;
5982 $blogid = intRequestVar('blogid');
5983 $memberid = intRequestVar('memberid');
5986 $member->blogAdminRights($blogid) or $this->disallow();
5988 $mem =& $manager->getMember($memberid);
5990 // don't allow when there is only one admin at this moment
5991 if ($mem->isBlogAdmin($blogid)) {
5992 $r = DB::getResult('SELECT * FROM '.sql_table('team') . " WHERE tblog=$blogid and tadmin=1");
5993 if ($r->rowCount() == 1)
5994 $this->error(_ERROR_ATLEASTONEBLOGADMIN);
5997 if ($mem->isBlogAdmin($blogid))
6002 $query = 'UPDATE '.sql_table('team') ." SET tadmin=$newval WHERE tblog=$blogid and tmember=$memberid";
6003 DB::execute($query);
6005 // only show manageteam if member did not change its own admin privileges
6006 if ($member->isBlogAdmin($blogid))
6007 $this->action_manageteam();
6009 $this->action_overview(_MSG_ADMINCHANGED);
6013 * Admin::action_blogsettings()
6018 public function action_blogsettings()
6020 global $member, $manager;
6022 $blogid = intRequestVar('blogid');
6025 $member->blogAdminRights($blogid) or $this->disallow();
6027 $blog =& $manager->getBlog($blogid);
6029 $extrahead = "<script type=\"text/javascript\" src=\"javascript/numbercheck.js\"></script>\n";
6030 $this->pagehead($extrahead);
6032 echo '<p><a href="index.php?action=overview">(' . _BACKHOME . ")</a></p>\n";
6033 echo '<h2>' . _EBLOG_TITLE . ": '{$this->bloglink($blog)}'</h2>\n";
6035 echo '<h3>' . _EBLOG_TEAM_TITLE . "</h3>\n";
6037 echo '<p>' . _EBLOG_CURRENT_TEAM_MEMBER;
6039 $query = "SELECT mname, mrealname FROM %s, %s WHERE mnumber=tmember AND tblog=%d;";
6040 $query = sprintf($query, sql_table('member'), sql_table('team'), (integer) $blogid);
6041 $res = DB::getResult($query);
6042 $aMemberNames = array();
6043 foreach ( $res as $row )
6045 $aMemberNames[] = Entity::hsc($row['mname']) . ' (' . Entity::hsc($row['mrealname']). ')';
6047 echo implode(',', $aMemberNames);
6051 echo '<a href="index.php?action=manageteam&blogid=' . $blogid . '">' . _EBLOG_TEAM_TEXT . '</a>';
6054 echo '<h3>' . _EBLOG_SETTINGS_TITLE . "</h3>\n";
6056 echo "<form method=\"post\" action=\"index.php\">\n";
6059 echo "<input type=\"hidden\" name=\"action\" value=\"blogsettingsupdate\" />\n";
6060 $manager->addTicketHidden() . "\n";
6061 echo "<input type=\"hidden\" name=\"blogid\" value=\"{$blogid}\" />\n";
6063 echo '<table frame="box" rules="all" summary="' . _EBLOG_SETTINGS_TITLE . '">' . "\n";
6066 echo '<th colspan="2">' . _EBLOG_CHANGE . "</th>\n";
6069 echo '<td>' . _EBLOG_CHANGE . "</td>\n";
6070 echo '<td><input type="submit" tabindex="130" value="' . _EBLOG_CHANGE_BTN . '" onclick="return checkSubmit();" />' . "</td>\n";
6075 echo '<td>' . _EBLOG_NAME . "</td>\n";
6076 echo '<td><input name="name" tabindex="10" size="40" maxlength="60" value="' . Entity::hsc($blog->getName()) . '" />' . "</td>\n";
6079 echo '<td>' . _EBLOG_SHORTNAME;
6080 help('shortblogname');
6081 echo _EBLOG_SHORTNAME_EXTRA;
6083 echo '<td><input name="shortname" tabindex="20" maxlength="15" size="15" value="' . Entity::hsc($blog->getShortName()) .'" />' . "</td>\n";
6086 echo '<td>' . _EBLOG_DESC . "</td>\n";
6087 echo '<td><input name="desc" tabindex="30" maxlength="200" size="40" value="' . Entity::hsc($blog->getDescription()) . '" />' . "</td>\n";
6090 echo '<td>' . _EBLOG_URL . "</td>\n";
6091 echo '<td><input name="url" tabindex="40" size="40" maxlength="100" value="' . Entity::hsc($blog->getURL()) . '" />' . "</td>\n";
6094 echo '<td>' . _EBLOG_DEFSKIN;
6095 help('blogdefaultskin');
6099 $query = 'SELECT sdname as text, sdnumber as value FROM ' . sql_table('skin_desc');
6100 $template['name'] = 'defskin';
6101 $template['selected'] = $blog->getDefaultSkin();
6102 $template['tabindex'] = 50;
6103 showlist($query, 'select', $template);
6108 echo '<td>' . _EBLOG_LINEBREAKS;
6109 help('convertbreaks');
6112 $this->input_yesno('convertbreaks',$blog->convertBreaks(),55);
6117 echo '<td>' . _EBLOG_ALLOWPASTPOSTING;
6118 help('allowpastposting');
6121 $this->input_yesno('allowpastposting',$blog->allowPastPosting(),57);
6125 echo '<td>' . _EBLOG_DISABLECOMMENTS;
6128 $this->input_yesno('comments', $blog->commentsEnabled(), 60);
6132 echo '<td>' . _EBLOG_ANONYMOUS . "</td>\n";
6134 $this->input_yesno('public',$blog->isPublic(),70);
6138 echo '<td>' . _EBLOG_REQUIREDEMAIL . "</td>\n";
6140 $this->input_yesno('reqemail', $blog->emailRequired(),72);
6144 echo '<td>' . _EBLOG_NOTIFY;
6147 echo '<td><input name="notify" tabindex="80" maxlength="128" size="40" value="' . Entity::hsc($blog->getNotifyAddress()) . '" />' . "</td>\n";
6151 echo '<td>' . _EBLOG_NOTIFY_ON . "</td>\n";
6154 if ( !$blog->notifyOnComment() )
6156 echo "<input name=\"notifyComment\" value=\"3\" type=\"checkbox\" tabindex=\"81\" id=\"notifyComment\" />\n";
6160 echo "<input name=\"notifyComment\" value=\"3\" type=\"checkbox\" tabindex=\"81\" id=\"notifyComment\" checked=\"checked\"/>\n";
6162 echo '<label for="notifyComment">' . _EBLOG_NOTIFY_COMMENT . "</label><br />\n";
6164 if ( !$blog->notifyOnVote() )
6166 echo "<input name=\"notifyVote\" value=\"5\" type=\"checkbox\" tabindex=\"82\" id=\"notifyVote\" />\n";
6170 echo "<input name=\"notifyVote\" value=\"5\" type=\"checkbox\" tabindex=\"82\" id=\"notifyVote\" checked=\"checked\" />\n";
6173 echo '<label for="notifyVote">' . _EBLOG_NOTIFY_KARMA . "</label><br />\n";
6175 if ( !$blog->notifyOnNewItem() )
6177 echo "<input name=\"notifyNewItem\" value=\"7\" type=\"checkbox\" tabindex=\"83\" id=\"notifyNewItem\" />\n";
6182 echo "<input name=\"notifyNewItem\" value=\"7\" type=\"checkbox\" tabindex=\"83\" id=\"notifyNewItem\" checked=\"checked\" />\n";
6185 echo '<label for="notifyNewItem">' . _EBLOG_NOTIFY_ITEM . "</label>\n";
6190 echo '<td>' . _EBLOG_MAXCOMMENTS;
6191 help('blogmaxcomments');
6193 echo '<td><input name="maxcomments" tabindex="90" size="3" value="' . Entity::hsc($blog->getMaxComments()) . '" />' . "</td>\n";
6196 echo '<td>' . _EBLOG_UPDATE;
6197 help('blogupdatefile');
6199 echo '<td><input name="update" tabindex="100" size="40" maxlength="60" value="' . Entity::hsc($blog->getUpdateFile()) .'" />' . "</td>\n";
6202 echo '<td>' . _EBLOG_DEFCAT . "</td>\n";
6204 $query = "SELECT cname as text, catid as value FROM %s WHERE cblog=%d;";
6205 $query = sprintf($query, sql_table('category'), (integer) $blog->getID());
6206 $template['name'] = 'defcat';
6207 $template['selected'] = $blog->getDefaultCategory();
6208 $template['tabindex'] = 110;
6209 showlist($query, 'select', $template);
6213 echo '<td>' . _EBLOG_OFFSET;
6214 help('blogtimeoffset');
6217 echo ' <b>' . i18n::formatted_datetime('%H:%M', time()) . '</b><br />';
6219 echo '<b>' . i18n::formatted_datetime('%H:%M', $blog->getCorrectTime()) . '</b>';
6221 echo '<td><input name="timeoffset" tabindex="120" size="3" value="' . Entity::hsc($blog->getTimeOffset()) .'" />' . "</td>\n";
6224 echo '<td>' . _EBLOG_SEARCH;
6225 help('blogsearchable');
6228 $this->input_yesno('searchable', $blog->getSearchable(), 122);
6233 $this->_insertPluginOptions('blog', $blogid);
6241 echo '<h3>' . _EBLOG_CAT_TITLE . "</h3>\n";
6243 $query = 'SELECT * FROM '.sql_table('category').' WHERE cblog='.$blog->getID().' ORDER BY cname';
6244 $template['content'] = 'categorylist';
6245 $template['tabindex'] = 200;
6247 $manager->loadClass("ENCAPSULATE");
6248 $batch = new Batch('category');
6249 $batch->showlist($query,'table',$template);
6251 echo "<form action=\"index.php\" method=\"post\">\n";
6253 echo "<input name=\"action\" value=\"categorynew\" type=\"hidden\" />\n";
6254 $manager->addTicketHidden() . "\n";
6255 echo "<input name=\"blogid\" value=\"{$blog->getID()}\" type=\"hidden\" />\n";
6257 echo '<table frame="box" rules="all" summary="' . _EBLOG_CAT_CREATE . '">' . "\n";
6260 echo '<th colspan="2">' . _EBLOG_CAT_CREATE . "</th>\n";
6265 echo '<td>' . _EBLOG_CAT_NAME . "</td>\n";
6266 echo "<td><input name=\"cname\" size=\"40\" maxlength=\"40\" tabindex=\"300\" /></td>\n";
6269 echo '<td>' . _EBLOG_CAT_DESC . "</td>\n";
6270 echo "<td><input name=\"cdesc\" size=\"40\" maxlength=\"200\" tabindex=\"310\" /></td>\n";
6273 echo '<td>' . _EBLOG_CAT_CREATE . "</td>\n";
6274 echo '<td><input type="submit" value="' . _EBLOG_CAT_CREATE . '" tabindex="320" />' . "</td>\n";
6281 echo '<h3>' . _PLUGINS_EXTRA . "</h3>\n";
6282 $manager->notify('BlogSettingsFormExtras', array('blog' => &$blog));
6289 * @todo document this
6291 function action_categorynew() {
6292 global $member, $manager;
6294 $blogid = intRequestVar('blogid');
6296 $member->blogAdminRights($blogid) or $this->disallow();
6298 $cname = postVar('cname');
6299 $cdesc = postVar('cdesc');
6301 if (!isValidCategoryName($cname))
6302 $this->error(_ERROR_BADCATEGORYNAME);
6304 $query = 'SELECT * FROM '.sql_table('category') . ' WHERE cname=' . DB::quoteValue($cname).' and cblog=' . intval($blogid);
6305 $res = DB::getResult($query);
6306 if ($res->rowCount() > 0)
6307 $this->error(_ERROR_DUPCATEGORYNAME);
6309 $blog =& $manager->getBlog($blogid);
6310 $newCatID = $blog->createNewCategory($cname, $cdesc);
6312 $this->action_blogsettings();
6316 * @todo document this
6318 function action_categoryedit($catid = '', $blogid = '', $desturl = '') {
6319 global $member, $manager;
6322 $blogid = intGetVar('blogid');
6324 $blogid = intval($blogid);
6326 $catid = intGetVar('catid');
6328 $catid = intval($catid);
6330 $member->blogAdminRights($blogid) or $this->disallow();
6332 $res = DB::getRow('SELECT * FROM '.sql_table('category')." WHERE cblog=$blogid AND catid=$catid");
6334 $cname = $res['cname'];
6335 $cdesc = $res['cdesc'];
6337 $extrahead = '<script type="text/javascript" src="javascript/numbercheck.js"></script>';
6338 $this->pagehead($extrahead);
6340 echo "<p><a href='index.php?action=blogsettings&blogid=$blogid'>(",_BACK_TO_BLOGSETTINGS,")</a></p>";
6343 <h2><?php echo _EBLOG_CAT_UPDATE ?> '<?php echo Entity::hsc($cname) ?>'</h2>
6344 <form method='post' action='index.php'><div>
6345 <input name="blogid" type="hidden" value="<?php echo $blogid ?>" />
6346 <input name="catid" type="hidden" value="<?php echo $catid ?>" />
6347 <input name="desturl" type="hidden" value="<?php echo Entity::hsc($desturl) ?>" />
6348 <input name="action" type="hidden" value="categoryupdate" />
6349 <?php $manager->addTicketHidden(); ?>
6352 <th colspan="2"><?php echo _EBLOG_CAT_UPDATE ?></th>
6354 <td><?php echo _EBLOG_CAT_NAME ?></td>
6355 <td><input type="text" name="cname" value="<?php echo Entity::hsc($cname) ?>" size="40" maxlength="40" /></td>
6357 <td><?php echo _EBLOG_CAT_DESC ?></td>
6358 <td><input type="text" name="cdesc" value="<?php echo Entity::hsc($cdesc) ?>" size="40" maxlength="200" /></td>
6361 // insert plugin options
6362 $this->_insertPluginOptions('category',$catid);
6365 <th colspan="2"><?php echo _EBLOG_CAT_UPDATE ?></th>
6367 <td><?php echo _EBLOG_CAT_UPDATE ?></td>
6368 <td><input type="submit" value="<?php echo _EBLOG_CAT_UPDATE_BTN ?>" /></td>
6377 * @todo document this
6379 function action_categoryupdate() {
6380 global $member, $manager;
6382 $blogid = intPostVar('blogid');
6383 $catid = intPostVar('catid');
6384 $cname = postVar('cname');
6385 $cdesc = postVar('cdesc');
6386 $desturl = postVar('desturl');
6388 $member->blogAdminRights($blogid) or $this->disallow();
6390 if (!isValidCategoryName($cname))
6391 $this->error(_ERROR_BADCATEGORYNAME);
6393 $query = 'SELECT * FROM '.sql_table('category').' WHERE cname=' . DB::quoteValue($cname).' and cblog=' . intval($blogid) . " and not(catid=$catid)";
6394 $res = DB::getResult($query);
6395 if ($res->rowCount() > 0)
6396 $this->error(_ERROR_DUPCATEGORYNAME);
6398 $query = 'UPDATE '.sql_table('category').' SET'
6399 . ' cname=' . DB::quoteValue($cname) . ','
6400 . ' cdesc=' . DB::quoteValue($cdesc)
6401 . ' WHERE catid=' . $catid;
6403 DB::execute($query);
6405 // store plugin options
6406 $aOptions = requestArray('plugoption');
6407 NucleusPlugin::apply_plugin_options($aOptions);
6408 $manager->notify('PostPluginOptionsUpdate',array('context' => 'category', 'catid' => $catid));
6415 $this->action_blogsettings();
6420 * @todo document this
6422 function action_categorydelete() {
6423 global $member, $manager;
6425 $blogid = intRequestVar('blogid');
6426 $catid = intRequestVar('catid');
6428 $member->blogAdminRights($blogid) or $this->disallow();
6430 $blog =& $manager->getBlog($blogid);
6432 // check if the category is valid
6433 if (!$blog->isValidCategory($catid))
6434 $this->error(_ERROR_NOSUCHCATEGORY);
6436 // don't allow deletion of default category
6437 if ($blog->getDefaultCategory() == $catid)
6438 $this->error(_ERROR_DELETEDEFCATEGORY);
6440 // check if catid is the only category left for blogid
6441 $query = 'SELECT catid FROM '.sql_table('category').' WHERE cblog=' . $blogid;
6442 $res = DB::getResult($query);
6443 if ($res->rowCount() == 1)
6444 $this->error(_ERROR_DELETELASTCATEGORY);
6449 <h2><?php echo _DELETE_CONFIRM ?></h2>
6452 <?php echo _CONFIRMTXT_CATEGORY ?><b><?php echo Entity::hsc($blog->getCategoryName($catid)) ?></b>
6455 <form method="post" action="index.php"><div>
6456 <input type="hidden" name="action" value="categorydeleteconfirm" />
6457 <?php $manager->addTicketHidden() ?>
6458 <input type="hidden" name="blogid" value="<?php echo $blogid ?>" />
6459 <input type="hidden" name="catid" value="<?php echo $catid ?>" />
6460 <input type="submit" tabindex="10" value="<?php echo _DELETE_CONFIRM_BTN ?>" />
6467 * @todo document this
6469 function action_categorydeleteconfirm() {
6470 global $member, $manager;
6472 $blogid = intRequestVar('blogid');
6473 $catid = intRequestVar('catid');
6475 $member->blogAdminRights($blogid) or $this->disallow();
6477 $error = $this->deleteOneCategory($catid);
6479 $this->error($error);
6481 $this->action_blogsettings();
6486 * Admin::action_skinedit()
6491 static private function action_skinedit()
6495 $member->isAdmin() or self::disallow();
6497 self::$skin->parse('skinedit');
6502 * Admin::action_skineditgeneral()
6507 static private function action_skineditgeneral()
6511 $skinid = intRequestVar('skinid');
6513 $member->isAdmin() or self::disallow();
6515 $error = self::skineditgeneral($skinid);
6518 self::error($error);
6522 self::action_skinedit();
6526 static private function action_skinedittype($msg = '')
6530 $member->isAdmin() or self::disallow();
6534 self::$headMess = $msg;
6537 $type = requestVar('type');
6538 $type = trim($type);
6539 $type = strtolower($type);
6541 if ( !isValidShortName($type) )
6543 self::error(_ERROR_SKIN_PARTS_SPECIAL_FORMAT);
6547 self::$skin->parse('skinedittype');
6550 >>>>>>> skinnable-master
6553 * Admin::action_skinupdate()
6558 static private function action_skinupdate()
6560 global $manager, $member;
6562 $skinid = intRequestVar('skinid');
6563 $content = trim(postVar('content'));
6564 $type = postVar('type');
6566 $member->isAdmin() or self::disallow();
6568 $skin =& $manager->getSKIN($skinid);
6569 $skin->update($type, $content);
6571 self::action_skinedittype(_SKIN_UPDATED);
6576 * Admin::action_skindelete()
6581 static private function action_skindelete()
6583 global $CONF, $member;
6585 $member->isAdmin() or self::disallow();
6587 $skinid = intRequestVar('skinid');
6589 // don't allow default skin to be deleted
6590 if ( $skinid == $CONF['BaseSkin'] )
6592 self::error(_ERROR_DEFAULTSKIN);
6596 // don't allow deletion of default skins for blogs
6597 $query = "SELECT bname FROM %s WHERE bdefskin=%d";
6598 $query = sprintf($query, sql_table('blog'), (integer) $skinid);
6600 $name = DB::getValue($query);
6603 self::error(_ERROR_SKINDEFDELETE . Entity::hsc($name));
6607 self::$skin->parse('skindelete');
6612 * Admin::action_skindeleteconfirm()
6617 static private function action_skindeleteconfirm()
6619 global $member, $CONF;
6621 $member->isAdmin() or self::disallow();
6623 $skinid = intRequestVar('skinid');
6625 // don't allow default skin to be deleted
6626 if ( $skinid == $CONF['BaseSkin'] )
6628 self::error(_ERROR_DEFAULTSKIN);
6633 // check if catid is the only category left for blogid
6634 $query = 'SELECT catid FROM '.sql_table('category').' WHERE cblog=' . $blogid;
6635 $res = DB::getResult($query);
6636 if ( $res->rowCount() == 1 )
6638 // don't allow deletion of default skins for blogs
6639 $query = "SELECT bname FROM %s WHERE bdefskin=%d;";
6640 $query = sprintf($query, sql_table('blog'), (integer) $skinid);
6642 $name = DB::getValue($query);
6645 self::error(_ERROR_SKINDEFDELETE . Entity::hsc($name));
6649 self::skindeleteconfirm($skinid);
6651 self::action_skinoverview();
6656 * Admin::action_skinremovetype()
6661 static private function action_skinremovetype()
6663 global $member, $CONF;
6665 $member->isAdmin() or self::disallow();
6667 $skinid = intRequestVar('skinid');
6668 $skintype = requestVar('type');
6670 if ( !isValidShortName($skintype) )
6671 >>>>>>> skinnable-master
6673 self::error(_ERROR_SKIN_PARTS_SPECIAL_DELETE);
6677 self::$skin->parse('skinremovetype');
6682 * Admin::action_skinremovetypeconfirm()
6687 static private function action_skinremovetypeconfirm()
6692 // change category for all items to the default category
6693 $query = 'UPDATE '.sql_table('item')." SET icat=$destcatid WHERE icat=$catid";
6694 DB::execute($query);
6696 $member->isAdmin() or self::disallow();
6697 >>>>>>> skinnable-master
6699 $skinid = intRequestVar('skinid');
6700 $skintype = requestVar('type');
6704 $query = 'DELETE FROM '.sql_table('category').' WHERE catid=' .$catid;
6705 DB::execute($query);
6707 $error = self::skinremovetypeconfirm($skinid, $skintype);
6710 self::error($error);
6713 >>>>>>> skinnable-master
6715 self::action_skinedit();
6720 * Admin::action_skinclone()
6725 static private function action_skinclone()
6729 $member->isAdmin() or self::disallow();
6731 $skinid = intRequestVar('skinid');
6733 self::skinclone($skinid);
6735 self::action_skinoverview();
6740 * Admin::action_adminskinoverview()
6745 static private function action_adminskinoverview()
6749 $member->isAdmin() or self::disallow();
6751 self::$skin->parse('adminskinoverview');
6756 * Admin::action_adminskinnew()
6761 static private function action_adminskinnew()
6765 $member->isAdmin() or self::disallow();
6767 $name = trim(postVar('name'));
6768 $desc = trim(postVar('desc'));
6770 if ( !isValidSkinName($name) )
6772 self::error(_ERROR_BADSKINNAME);
6775 else if ( !preg_match('#^admin/#', $name) )
6777 self::error(_ERROR_BADADMINSKINNAME);
6780 else if ( Skin::exists($name) )
6782 self::error(_ERROR_DUPSKINNAME);
6786 Skin::createNew($name, $desc);
6788 self::action_adminskinoverview();
6793 * Admin::action_adminskinedit()
6798 static private function action_adminskinedit()
6802 $member->isAdmin() or self::disallow();
6804 self::$skin->parse('adminskinedit');
6810 * Admin::action_adminskineditgeneral()
6815 static private function action_adminskineditgeneral()
6819 $skinid = intRequestVar('skinid');
6821 $member->isAdmin() or self::disallow();
6823 $error = self::skineditgeneral($skinid, 'AdminActions');
6826 self::error($error);
6830 self::action_adminskinedit();
6835 * Admin::action_adminskinedittype()
6837 * @param string $msg message for pageheader
6840 static private function action_adminskinedittype($msg = '')
6844 $member->isAdmin() or self::disallow();
6848 self::$headMess = $msg;
6850 $type = requestVar('type');
6851 $type = trim($type);
6852 $type = strtolower($type);
6854 if ( !isValidShortName($type) )
6856 self::error(_ERROR_SKIN_PARTS_SPECIAL_FORMAT);
6860 self::$skin->parse('adminskinedittype');
6865 * Admin::action_adminskinupdate()
6870 static private function action_adminskinupdate()
6872 global $manager, $member;
6874 $skinid = intRequestVar('skinid');
6875 $content = trim(postVar('content'));
6876 $type = postVar('type');
6878 $member->isAdmin() or self::disallow();
6880 $skin =& $manager->getSkin($skinid, 'AdminActions', 'AdminSkin');
6881 $skin->update($type, $content);
6883 self::action_adminskinedittype(_SKIN_UPDATED);
6888 * Admin::action_adminskindelete()
6893 static private function action_adminskindelete()
6895 global $CONF, $member;
6897 $member->isAdmin() or self::disallow();
6899 $skinid = intRequestVar('skinid');
6901 // don't allow default skin to be deleted
6902 if ( $skinid == $CONF['AdminSkin'] || $skinid == $CONF['BookmarkletSkin'] )
6904 self::error(_ERROR_DEFAULTSKIN);
6908 /* don't allow if someone use it as a default*/
6909 $query = 'SELECT * FROM %s WHERE madminskin = %d or mbkmklt = %d;';
6910 $res = DB::getResult(sprintf($query, sql_table('member'), $skinid, $skinid));
6913 while ( $row = $res->fetch() ) {
6914 $members[] = $row['mrealname'];
6916 if ( count($members) )
6918 self::error(_ERROR_SKINDEFDELETE . implode(' ' . _AND . ' ', $members));
6922 self::$skin->parse('adminskindelete');
6927 * Admin::action_adminskindeleteconfirm()
6932 static private function action_adminskindeleteconfirm()
6934 global $member, $CONF;
6936 $member->isAdmin() or self::disallow();
6938 $skinid = intRequestVar('skinid');
6940 // don't allow default skin to be deleted
6941 if ( $skinid == $CONF['AdminSkin'] || $skinid == $CONF['BookmarkletSkin'] )
6943 self::error(_ERROR_DEFAULTSKIN);
6947 /* don't allow if someone use it as a default*/
6948 $query = 'SELECT * FROM %s WHERE madminskin = %d or mbkmklt = %d;';
6949 $res = DB::getResult(sprintf($query, sql_table('member'), $skinid, $skinid));
6952 while ( $row = $res->fetch() ) {
6953 $members[] = $row['mrealname'];
6955 if ( count($members) )
6957 self::error(_ERROR_SKINDEFDELETE . implode(' ' . _AND . ' ', $members));
6961 self::skindeleteconfirm($skinid);
6963 self::action_adminskinoverview();
6968 * Admin::action_adminskinremovetype()
6973 static private function action_adminskinremovetype()
6975 global $member, $CONF;
6977 $member->isAdmin() or self::disallow();
6979 $skinid = intRequestVar('skinid');
6980 $skintype = requestVar('type');
6982 if ( !isValidShortName($skintype) )
6984 self::error(_ERROR_SKIN_PARTS_SPECIAL_DELETE);
6988 self::$skin->parse('adminskinremovetype');
6994 * @todo document this
6996 function action_deleteblog() {
6997 global $member, $CONF, $manager;
6999 $blogid = intRequestVar('blogid');
7001 $member->blogAdminRights($blogid) or $this->disallow();
7003 // check if blog is default blog
7004 if ($CONF['DefaultBlog'] == $blogid)
7005 $this->error(_ERROR_DELDEFBLOG);
7007 $blog =& $manager->getBlog($blogid);
7011 <h2><?php echo _DELETE_CONFIRM ?></h2>
7013 <p><?php echo _WARNINGTXT_BLOGDEL ?>
7017 <?php echo _CONFIRMTXT_BLOG ?><b><?php echo Entity::hsc($blog->getName()) ?></b>
7020 <form method="post" action="index.php"><div>
7021 <input type="hidden" name="action" value="deleteblogconfirm" />
7022 <?php $manager->addTicketHidden() ?>
7023 <input type="hidden" name="blogid" value="<?php echo $blogid; ?>" />
7024 <input type="submit" tabindex="10" value="<?php echo _DELETE_CONFIRM_BTN ?>" />
7030 >>>>>>> skinnable-master
7033 * Admin::action_adminskinremovetypeconfirm()
7038 static private function action_adminskinremovetypeconfirm()
7042 $member->isAdmin() or self::disallow();
7044 $skinid = intRequestVar('skinid');
7045 $skintype = requestVar('type');
7047 $error = self::skinremovetypeconfirm($skinid, $skintype);
7050 self::error($error);
7055 // delete all comments
7056 $query = 'DELETE FROM '.sql_table('comment').' WHERE cblog='.$blogid;
7057 DB::execute($query);
7060 $query = 'DELETE FROM '.sql_table('item').' WHERE iblog='.$blogid;
7061 DB::execute($query);
7063 // delete all team members
7064 $query = 'DELETE FROM '.sql_table('team').' WHERE tblog='.$blogid;
7065 DB::execute($query);
7068 $query = 'DELETE FROM '.sql_table('ban').' WHERE blogid='.$blogid;
7069 DB::execute($query);
7071 // delete all categories
7072 $query = 'DELETE FROM '.sql_table('category').' WHERE cblog='.$blogid;
7073 DB::execute($query);
7075 self::action_adminskinedit();
7080 * Admin::action_adminskinclone()
7085 static private function action_adminskinclone()
7089 $member->isAdmin() or self::disallow();
7091 $skinid = intRequestVar('skinid');
7092 >>>>>>> skinnable-master
7094 self::skinclone($skinid, 'AdminActions');
7097 // delete the blog itself
7098 $query = 'DELETE FROM '.sql_table('blog').' WHERE bnumber='.$blogid;
7099 DB::execute($query);
7101 self::action_adminskinoverview();
7106 * Admin::action_adminskinieoverview()
7111 static private function action_adminskinieoverview()
7114 >>>>>>> skinnable-master
7116 $member->isAdmin() or self::disallow();
7118 self::$skin->parse('adminskinieoverview');
7124 * @todo document this
7126 function action_memberdelete() {
7127 global $member, $manager;
7129 $memberid = intRequestVar('memberid');
7131 ($member->getID() == $memberid) or $member->isAdmin() or $this->disallow();
7133 $mem =& $manager->getMember($memberid);
7137 <h2><?php echo _DELETE_CONFIRM ?></h2>
7139 <p><?php echo _CONFIRMTXT_MEMBER ?><b><?php echo Entity::hsc($mem->getDisplayName()) ?></b>
7143 <?php echo _WARNINGTXT_NOTDELMEDIAFILES ?>
7146 <form method="post" action="index.php"><div>
7147 <input type="hidden" name="action" value="memberdeleteconfirm" />
7148 <?php $manager->addTicketHidden() ?>
7149 <input type="hidden" name="memberid" value="<?php echo $memberid; ?>" />
7150 <input type="submit" tabindex="10" value="<?php echo _DELETE_CONFIRM_BTN ?>" />
7157 * @todo document this
7159 function action_memberdeleteconfirm() {
7162 >>>>>>> skinnable-master
7165 * Admin::action_adminskinieimport()
7170 static private function action_adminskinieimport()
7175 $memberid = intval($memberid);
7176 $mem =& $manager->getMember($memberid);
7178 if ( !$mem->canBeDeleted() )
7180 return _ERROR_DELETEMEMBER;
7183 $member->isAdmin() or self::disallow();
7184 >>>>>>> skinnable-master
7186 $skinFileRaw = postVar('skinfile');
7187 $mode = postVar('mode');
7189 $error = self::skinieimport($mode, $skinFileRaw);
7193 $query = "UPDATE %s SET cmember=0, cuser=%s WHERE cmember=%d";
7194 $query = sprintf($query, sql_table('comment'), DB::quoteValue($mem->getDisplayName()), $memberid);
7195 DB::execute($query);
7198 $query = 'DELETE FROM '.sql_table('member').' WHERE mnumber='.$memberid;
7199 DB::execute($query);
7201 $query = 'DELETE FROM '.sql_table('team').' WHERE tmember='.$memberid;
7202 DB::execute($query);
7204 $query = 'DELETE FROM '.sql_table('activation').' WHERE vmember='.$memberid;
7205 DB::execute($query);
7207 // delete all associated plugin options
7208 NucleusPlugin::delete_option_values('member', $memberid);
7210 $manager->notify('PostDeleteMember', array('member' => &$mem));
7216 * @todo document this
7218 function action_createnewlog() {
7219 global $member, $CONF, $manager;
7221 // Only Super-Admins can do this
7222 $member->isAdmin() or $this->disallow();
7226 echo '<p><a href="index.php?action=manage">(',_BACKTOMANAGE,')</a></p>';
7228 <h2><?php echo _EBLOG_CREATE_TITLE ?></h2>
7230 <h3><?php echo _ADMIN_NOTABILIA ?></h3>
7232 <p><?php echo _ADMIN_PLEASE_READ ?></p>
7234 <p><?php echo _ADMIN_HOW_TO_ACCESS ?></p>
7237 <li><?php echo _ADMIN_SIMPLE_WAY ?></li>
7238 <li><?php echo _ADMIN_ADVANCED_WAY ?></li>
7241 <h3><?php echo _ADMIN_HOW_TO_CREATE ?></h3>
7244 <?php echo _EBLOG_CREATE_TEXT ?>
7247 <form method="post" action="index.php"><div>
7249 <input type="hidden" name="action" value="addnewlog" />
7250 <?php $manager->addTicketHidden() ?>
7254 <td><?php echo _EBLOG_NAME ?></td>
7255 <td><input name="name" tabindex="10" size="40" maxlength="60" /></td>
7257 <td><?php echo _EBLOG_SHORTNAME ?>
7258 <?php help('shortblogname'); ?>
7260 <td><input name="shortname" tabindex="20" maxlength="15" size="15" /></td>
7262 <td><?php echo _EBLOG_DESC ?></td>
7263 <td><input name="desc" tabindex="30" maxlength="200" size="40" /></td>
7265 <td><?php echo _EBLOG_DEFSKIN ?>
7266 <?php help('blogdefaultskin'); ?>
7270 $query = 'SELECT sdname as text, sdnumber as value'
7271 . ' FROM '.sql_table('skin_desc');
7272 $template['name'] = 'defskin';
7273 $template['tabindex'] = 50;
7274 $template['selected'] = $CONF['BaseSkin']; // set default selected skin to be globally defined base skin
7275 showlist($query,'select',$template);
7279 <td><?php echo _EBLOG_OFFSET ?>
7280 <?php help('blogtimeoffset'); ?>
7281 <br /><?php echo _EBLOG_STIME ?> <b><?php echo i18n::formatted_datetime('%H:%M',time()); ?></b>
7283 <td><input name="timeoffset" tabindex="110" size="3" value="0" /></td>
7285 <td><?php echo _EBLOG_ADMIN ?>
7286 <?php help('teamadmin'); ?>
7288 <td><?php echo _EBLOG_ADMIN_MSG ?></td>
7290 <td><?php echo _EBLOG_CREATE ?></td>
7291 <td><input type="submit" tabindex="120" value="<?php echo _EBLOG_CREATE_BTN ?>" onclick="return checkSubmit();" /></td>
7300 * @todo document this
7302 function action_addnewlog() {
7303 global $member, $manager, $CONF;
7305 // Only Super-Admins can do this
7306 $member->isAdmin() or $this->disallow();
7308 $bname = trim(postVar('name'));
7309 $bshortname = trim(postVar('shortname'));
7310 $btimeoffset = postVar('timeoffset');
7311 $bdesc = trim(postVar('desc'));
7312 $bdefskin = postVar('defskin');
7314 if (!isValidShortName($bshortname))
7315 $this->error(_ERROR_BADSHORTBLOGNAME);
7317 if ($manager->existsBlog($bshortname))
7318 $this->error(_ERROR_DUPSHORTBLOGNAME);
7324 'shortname' => &$bshortname,
7325 'timeoffset' => &$btimeoffset,
7326 'description' => &$bdesc,
7327 'defaultskin' => &$bdefskin
7333 $query = sprintf('INSERT INTO %s (bname, bshortname, bdesc, btimeoffset, bdefskin) VALUES (%s, %s, %s, %s, %s)',
7335 DB::quoteValue($bname),
7336 DB::quoteValue($bshortname),
7337 DB::quoteValue($bdesc),
7338 DB::quoteValue($btimeoffset),
7339 DB::quoteValue($bdefskin)
7341 DB::execute($query);
7342 $blogid = DB::getInsertId();
7343 $blog =& $manager->getBlog($blogid);
7345 // create new category
7346 $catdefname = (defined('_EBLOGDEFAULTCATEGORY_NAME') ? _EBLOGDEFAULTCATEGORY_NAME : 'General');
7347 $catdefdesc = (defined('_EBLOGDEFAULTCATEGORY_DESC') ? _EBLOGDEFAULTCATEGORY_DESC : 'Items that do not fit in other categories');
7348 $query = sprintf('INSERT INTO %s (cblog, cname, cdesc) VALUES (%d, %s, %s)',
7349 sql_table('category'),
7351 DB::quoteValue($catdefname),
7352 DB::quoteValue($catdefdesc)
7354 DB::execute($query);
7355 $catid = DB::getInsertId();
7357 // set as default category
7358 $blog->setDefaultCategory($catid);
7359 $blog->writeSettings();
7361 // create team member
7362 $memberid = $member->getID();
7363 $query = sprintf('INSERT INTO %s (tmember, tblog, tadmin) VALUES (%d, %d, 1)', sql_table('team'), $memberid, $blogid);
7364 DB::execute($query);
7366 $itemdeftitle = (defined('_EBLOG_FIRSTITEM_TITLE') ? _EBLOG_FIRSTITEM_TITLE : 'First Item');
7367 $itemdefbody = (defined('_EBLOG_FIRSTITEM_BODY') ? _EBLOG_FIRSTITEM_BODY : 'This is the first item in your weblog. Feel free to delete it.');
7369 $blog->additem($blog->getDefaultCategory(),$itemdeftitle,$itemdefbody,'',$blogid, $memberid,$blog->getCorrectTime(),0,0,0);
7383 'name' => _EBLOGDEFAULTCATEGORY_NAME,
7384 'description' => _EBLOGDEFAULTCATEGORY_DESC,
7391 <h2><?php echo _BLOGCREATED_TITLE ?></h2>
7393 <p><?php echo sprintf(_BLOGCREATED_ADDEDTXT, Entity::hsc($bname)) ?></p>
7396 <li><a href="#index_php"><?php echo sprintf(_BLOGCREATED_SIMPLEWAY, Entity::hsc($bshortname)) ?></a></li>
7397 <li><a href="#skins"><?php echo _BLOGCREATED_ADVANCEDWAY ?></a></li>
7400 <h3><a id="index_php"><?php echo sprintf(_BLOGCREATED_SIMPLEDESC1, Entity::hsc($bshortname)) ?></a></h3>
7402 <p><?php echo sprintf(_BLOGCREATED_SIMPLEDESC2, Entity::hsc($bshortname)) ?></p>
7405 $CONF['Self'] = '<b><?php echo Entity::hsc($bshortname) ?>.php</b>';
7407 include('<i>./config.php</i>');
7409 selectBlog('<b><?php echo Entity::hsc($bshortname) ?></b>');
7414 <p><?php echo _BLOGCREATED_SIMPLEDESC3 ?></p>
7416 <p><?php echo _BLOGCREATED_SIMPLEDESC4 ?></p>
7418 <form action="index.php" method="post"><div>
7419 <input type="hidden" name="action" value="addnewlog2" />
7420 <?php $manager->addTicketHidden() ?>
7421 <input type="hidden" name="blogid" value="<?php echo intval($blogid) ?>" />
7423 <td><?php echo _EBLOG_URL ?></td>
7424 <td><input name="url" maxlength="100" size="40" value="<?php echo Entity::hsc($CONF['IndexURL'].$bshortname.'.php') ?>" /></td>
7426 <td><?php echo _EBLOG_CREATE ?></td>
7427 <td><input type="submit" value="<?php echo _EBLOG_CREATE_BTN ?>" onclick="return checkSubmit();" /></td>
7431 <h3><a id="skins"><?php echo _BLOGCREATED_ADVANCEDWAY2 ?></a></h3>
7433 <p><?php echo _BLOGCREATED_ADVANCEDWAY3 ?></p>
7435 <form action="index.php" method="post"><div>
7436 <input type="hidden" name="action" value="addnewlog2" />
7437 <?php $manager->addTicketHidden() ?>
7438 <input type="hidden" name="blogid" value="<?php echo intval($blogid) ?>" />
7440 <td><?php echo _EBLOG_URL ?></td>
7441 <td><input name="url" maxlength="100" size="40" /></td>
7443 <td><?php echo _EBLOG_CREATE ?></td>
7444 <td><input type="submit" value="<?php echo _EBLOG_CREATE_BTN ?>" onclick="return checkSubmit();" /></td>
7448 <?php $this->pagefoot();
7453 * @todo document this
7455 function action_addnewlog2() {
7456 global $member, $manager;
7458 $member->blogAdminRights($blogid) or $this->disallow();
7460 $burl = requestVar('url');
7461 $blogid = intRequestVar('blogid');
7463 $blog =& $manager->getBlog($blogid);
7464 $blog->setURL(trim($burl));
7465 $blog->writeSettings();
7467 $this->action_overview(_MSG_NEWBLOG);
7471 * @todo document this
7473 function action_skinieoverview() {
7474 global $member, $DIR_LIBS, $manager;
7476 $member->isAdmin() or $this->disallow();
7478 // load skinie class
7479 include_once($DIR_LIBS . 'skinie.php');
7483 echo '<p><a href="index.php?action=manage">(',_BACKTOMANAGE,')</a></p>';
7486 <h2><?php echo _SKINIE_TITLE_IMPORT ?></h2>
7488 <p><label for="skinie_import_local"><?php echo _SKINIE_LOCAL ?></label>
7489 <?php global $DIR_SKINS;
7491 $candidates = SkinImport::searchForCandidates($DIR_SKINS);
7493 if (sizeof($candidates) > 0) {
7495 <form method="post" action="index.php"><div>
7496 <input type="hidden" name="action" value="skinieimport" />
7497 <?php $manager->addTicketHidden() ?>
7498 <input type="hidden" name="mode" value="file" />
7499 <select name="skinfile" id="skinie_import_local">
7500 <?php foreach ($candidates as $skinname => $skinfile) {
7501 $html = Entity::hsc($skinfile);
7502 echo '<option value="',$html,'">',$skinname,'</option>';
7506 <input type="submit" value="<?php echo _SKINIE_BTN_IMPORT ?>" />
7509 echo _SKINIE_NOCANDIDATES;
7514 <p><em><?php echo _OR ?></em></p>
7516 <form method="post" action="index.php"><p>
7517 <?php $manager->addTicketHidden() ?>
7518 <input type="hidden" name="action" value="skinieimport" />
7519 <input type="hidden" name="mode" value="url" />
7520 <label for="skinie_import_url"><?php echo _SKINIE_FROMURL ?></label>
7521 <input type="text" name="skinfile" id="skinie_import_url" size="60" value="http://" />
7522 <input type="submit" value="<?php echo _SKINIE_BTN_IMPORT ?>" />
7526 <h2><?php echo _SKINIE_TITLE_EXPORT ?></h2>
7527 <form method="post" action="index.php"><div>
7528 <input type="hidden" name="action" value="skinieexport" />
7529 <?php $manager->addTicketHidden() ?>
7531 <p><?php echo _SKINIE_EXPORT_INTRO ?></p>
7534 <th colspan="2"><?php echo _SKINIE_EXPORT_SKINS ?></th>
7536 <?php // show list of skins
7537 $res = DB::getResult('SELECT * FROM '.sql_table('skin_desc'));
7538 foreach ( $res as $row) {
7539 $id = 'skinexp' . $row['sdnumber'];
7540 echo '<td><input type="checkbox" name="skin[',$row['sdnumber'],']" id="',$id,'" />';
7541 echo '<label for="',$id,'">',Entity::hsc($row['sdname']),'</label></td>';
7542 echo '<td>',Entity::hsc($row['sddesc']),'</td>';
7546 echo '<th colspan="2">',_SKINIE_EXPORT_TEMPLATES,'</th></tr><tr>';
7548 // show list of templates
7549 $res = DB::getResult('SELECT * FROM '.sql_table('template_desc'));
7550 foreach ( $res as $row ) {
7551 $id = 'templateexp' . $row['tdnumber'];
7552 echo '<td><input type="checkbox" name="template[',$row['tdnumber'],']" id="',$id,'" />';
7553 echo '<label for="',$id,'">',Entity::hsc($row['tdname']),'</label></td>';
7554 echo '<td>',Entity::hsc($row['tddesc']),'</td>';
7559 <th colspan="2"><?php echo _SKINIE_EXPORT_EXTRA ?></th>
7561 <td colspan="2"><textarea cols="40" rows="5" name="info"></textarea></td>
7563 <th colspan="2"><?php echo _SKINIE_TITLE_EXPORT ?></th>
7565 <td colspan="2"><input type="submit" value="<?php echo _SKINIE_BTN_EXPORT ?>" /></td>
7575 * @todo document this
7577 function action_skinieimport() {
7578 global $member, $DIR_LIBS, $DIR_SKINS, $manager;
7580 $member->isAdmin() or $this->disallow();
7582 // load skinie class
7583 include_once($DIR_LIBS . 'skinie.php');
7585 $skinFileRaw= postVar('skinfile');
7586 $mode = postVar('mode');
7588 $importer = new SkinImport();
7590 // get full filename
7591 if ($mode == 'file')
7593 $skinFile = $DIR_SKINS . $skinFileRaw . '/skinbackup.xml';
7595 // backwards compatibilty (in v2.0, exports were saved as skindata.xml)
7596 if (!file_exists($skinFile))
7597 $skinFile = $DIR_SKINS . $skinFileRaw . '/skindata.xml';
7599 $skinFile = $skinFileRaw;
7602 // read only metadata
7603 $error = $importer->readFile($skinFile, 1);
7606 $skinNameClashes = $importer->checkSkinNameClashes();
7607 $templateNameClashes = $importer->checkTemplateNameClashes();
7608 $hasNameClashes = (count($skinNameClashes) > 0) || (count($templateNameClashes) > 0);
7610 if ($error) $this->error($error);
7614 echo '<p><a href="index.php?action=skinieoverview">(',_BACK,')</a></p>';
7616 <h2><?php echo _SKINIE_CONFIRM_TITLE ?></h2>
7619 <li><p><strong><?php echo _SKINIE_INFO_GENERAL ?></strong> <?php echo Entity::hsc($importer->getInfo()) ?></p></li>
7620 <li><p><strong><?php echo _SKINIE_INFO_SKINS ?></strong> <?php echo implode(' <em>'._AND.'</em> ',$importer->getSkinNames()) ?></p></li>
7621 <li><p><strong><?php echo _SKINIE_INFO_TEMPLATES ?></strong> <?php echo implode(' <em>'._AND.'</em> ',$importer->getTemplateNames()) ?></p></li>
7623 if ($hasNameClashes)
7626 <li><p><strong style="color: red;"><?php echo _SKINIE_INFO_SKINCLASH ?></strong> <?php echo implode(' <em>'._AND.'</em> ',$skinNameClashes) ?></p></li>
7627 <li><p><strong style="color: red;"><?php echo _SKINIE_INFO_TEMPLCLASH ?></strong> <?php echo implode(' <em>'._AND.'</em> ',$templateNameClashes) ?></p></li>
7629 } // if (hasNameClashes)
7633 <form method="post" action="index.php"><div>
7634 <input type="hidden" name="action" value="skiniedoimport" />
7635 <?php $manager->addTicketHidden() ?>
7636 <input type="hidden" name="skinfile" value="<?php echo Entity::hsc(postVar('skinfile')) ?>" />
7637 <input type="hidden" name="mode" value="<?php echo Entity::hsc($mode) ?>" />
7638 <input type="submit" value="<?php echo _SKINIE_CONFIRM_IMPORT ?>" />
7640 if ($hasNameClashes)
7644 <input type="checkbox" name="overwrite" value="1" id="cb_overwrite" /><label for="cb_overwrite"><?php echo _SKINIE_CONFIRM_OVERWRITE ?></label>
7646 } // if (hasNameClashes)
7656 * @todo document this
7658 function action_skiniedoimport() {
7659 global $member, $DIR_LIBS, $DIR_SKINS;
7661 $member->isAdmin() or $this->disallow();
7663 // load skinie class
7664 include_once($DIR_LIBS . 'skinie.php');
7666 $skinFileRaw= postVar('skinfile');
7667 $mode = postVar('mode');
7669 $allowOverwrite = intPostVar('overwrite');
7671 // get full filename
7672 if ($mode == 'file')
7674 $skinFile = $DIR_SKINS . $skinFileRaw . '/skinbackup.xml';
7676 // backwards compatibilty (in v2.0, exports were saved as skindata.xml)
7677 if (!file_exists($skinFile))
7678 $skinFile = $DIR_SKINS . $skinFileRaw . '/skindata.xml';
7681 $skinFile = $skinFileRaw;
7684 $importer = new SkinImport();
7686 $error = $importer->readFile($skinFile);
7689 $this->error($error);
7691 $error = $importer->writeToDatabase($allowOverwrite);
7694 $this->error($error);
7698 echo '<p><a href="index.php?action=manage">(',_BACKTOMANAGE,')</a></p>';
7700 <h2><?php echo _SKINIE_DONE ?></h2>
7703 <li><p><strong><?php echo _SKINIE_INFO_GENERAL ?></strong> <?php echo Entity::hsc($importer->getInfo()) ?></p></li>
7704 <li><p><strong><?php echo _SKINIE_INFO_IMPORTEDSKINS ?></strong> <?php echo implode(' <em>'._AND.'</em> ',$importer->getSkinNames()) ?></p></li>
7705 <li><p><strong><?php echo _SKINIE_INFO_IMPORTEDTEMPLS ?></strong> <?php echo implode(' <em>'._AND.'</em> ',$importer->getTemplateNames()) ?></p></li>
7708 <?php $this->pagefoot();
7713 * @todo document this
7715 function action_skinieexport() {
7716 global $member, $DIR_LIBS;
7718 $member->isAdmin() or $this->disallow();
7720 // load skinie class
7721 include_once($DIR_LIBS . 'skinie.php');
7723 $aSkins = requestIntArray('skin');
7724 $aTemplates = requestIntArray('template');
7726 if (!is_array($aTemplates)) $aTemplates = array();
7727 if (!is_array($aSkins)) $aSkins = array();
7729 $skinList = array_keys($aSkins);
7730 $templateList = array_keys($aTemplates);
7732 $info = postVar('info');
7734 $exporter = new SkinExport();
7735 foreach ($skinList as $skinId) {
7736 $exporter->addSkin($skinId);
7738 foreach ($templateList as $templateId) {
7739 $exporter->addTemplate($templateId);
7741 $exporter->setInfo($info);
7743 $exporter->export();
7747 * @todo document this
7749 function action_templateoverview() {
7750 global $member, $manager;
7752 $member->isAdmin() or $this->disallow();
7756 echo '<p><a href="index.php?action=manage">(',_BACKTOMANAGE,')</a></p>';
7758 echo '<h2>' . _TEMPLATE_TITLE . '</h2>';
7759 echo '<h3>' . _TEMPLATE_AVAILABLE_TITLE . '</h3>';
7761 $query = 'SELECT * FROM '.sql_table('template_desc').' ORDER BY tdname';
7762 $template['content'] = 'templatelist';
7763 $template['tabindex'] = 10;
7764 showlist($query,'table',$template);
7766 echo '<h3>' . _TEMPLATE_NEW_TITLE . '</h3>';
7769 <form method="post" action="index.php"><div>
7771 <input name="action" value="templatenew" type="hidden" />
7772 <?php $manager->addTicketHidden() ?>
7774 <td><?php echo _TEMPLATE_NAME ?> <?php help('shortnames'); ?></td>
7775 <td><input name="name" tabindex="10010" maxlength="20" size="20" /></td>
7777 <td><?php echo _TEMPLATE_DESC ?></td>
7778 <td><input name="desc" tabindex="10020" maxlength="200" size="50" /></td>
7780 <td><?php echo _TEMPLATE_CREATE ?></td>
7781 <td><input type="submit" tabindex="10030" value="<?php echo _TEMPLATE_CREATE_BTN ?>" onclick="return checkSubmit();" /></td>
7791 * @todo document this
7793 function action_templateedit($msg = '') {
7794 global $member, $manager;
7796 $templateid = intRequestVar('templateid');
7798 $member->isAdmin() or $this->disallow();
7800 $extrahead = '<script type="text/javascript" src="javascript/templateEdit.js"></script>';
7801 $extrahead .= '<script type="text/javascript">setTemplateEditText('.DB::quoteValue(_EDITTEMPLATE_EMPTY).');</script>';
7803 $this->pagehead($extrahead);
7805 $templatename = Template::getNameFromId($templateid);
7806 $templatedescription = Template::getDesc($templateid);
7807 $template =& $manager->getTemplate($templatename);
7811 <a href="index.php?action=templateoverview">(<?php echo _TEMPLATE_BACK ?>)</a>
7814 <h2><?php echo _TEMPLATE_EDIT_TITLE ?> '<?php echo Entity::hsc($templatename); ?>'</h2>
7816 <?php if ($msg) echo "<p>"._MESSAGE.": $msg</p>";
7819 <p><?php echo _TEMPLATE_EDIT_MSG ?></p>
7821 <form method="post" action="index.php">
7824 <input type="hidden" name="action" value="templateupdate" />
7825 <?php $manager->addTicketHidden() ?>
7826 <input type="hidden" name="templateid" value="<?php echo $templateid; ?>" />
7829 <th colspan="2"><?php echo _TEMPLATE_SETTINGS ?></th>
7831 <td><?php echo _TEMPLATE_NAME ?> <?php help('shortnames'); ?></td>
7832 <td><input name="tname" tabindex="4" size="20" maxlength="20" value="<?php echo Entity::hsc($templatename) ?>" /></td>
7834 <td><?php echo _TEMPLATE_DESC ?></td>
7835 <td><input name="tdesc" tabindex="5" size="50" maxlength="200" value="<?php echo Entity::hsc($templatedescription) ?>" /></td>
7837 <th colspan="2"><?php echo _TEMPLATE_UPDATE ?></th>
7839 <td><?php echo _TEMPLATE_UPDATE ?></td>
7841 <input type="submit" tabindex="6" value="<?php echo _TEMPLATE_UPDATE_BTN ?>" onclick="return checkSubmit();" />
7842 <input type="reset" tabindex="7" value="<?php echo _TEMPLATE_RESET_BTN ?>" />
7845 <th colspan="2"><?php echo _TEMPLATE_ITEMS ?> <?php help('templateitems'); ?></th>
7846 <?php $this->_templateEditRow($template, _TEMPLATE_ITEMHEADER, 'ITEM_HEADER', '', 8);
7847 $this->_templateEditRow($template, _TEMPLATE_ITEMBODY, 'ITEM', '', 9, 1);
7848 $this->_templateEditRow($template, _TEMPLATE_ITEMFOOTER, 'ITEM_FOOTER', '', 10);
7849 $this->_templateEditRow($template, _TEMPLATE_MORELINK, 'MORELINK', 'morelink', 20);
7850 $this->_templateEditRow($template, _TEMPLATE_EDITLINK, 'EDITLINK', 'editlink', 25);
7851 $this->_templateEditRow($template, _TEMPLATE_NEW, 'NEW', 'new', 30);
7854 <th colspan="2"><?php echo _TEMPLATE_COMMENTS_ANY ?> <?php help('templatecomments'); ?></th>
7855 <?php $this->_templateEditRow($template, _TEMPLATE_CHEADER, 'COMMENTS_HEADER', 'commentheaders', 40);
7856 $this->_templateEditRow($template, _TEMPLATE_CBODY, 'COMMENTS_BODY', 'commentbody', 50, 1);
7857 $this->_templateEditRow($template, _TEMPLATE_CFOOTER, 'COMMENTS_FOOTER', 'commentheaders', 60);
7858 $this->_templateEditRow($template, _TEMPLATE_CONE, 'COMMENTS_ONE', 'commentwords', 70);
7859 $this->_templateEditRow($template, _TEMPLATE_CMANY, 'COMMENTS_MANY', 'commentwords', 80);
7860 $this->_templateEditRow($template, _TEMPLATE_CMORE, 'COMMENTS_CONTINUED', 'commentcontinued', 90);
7861 $this->_templateEditRow($template, _TEMPLATE_CMEXTRA, 'COMMENTS_AUTH', 'memberextra', 100);
7864 <th colspan="2"><?php echo _TEMPLATE_COMMENTS_NONE ?> <?php help('templatecomments'); ?></th>
7866 $this->_templateEditRow($template, _TEMPLATE_CNONE, 'COMMENTS_NONE', '', 110);
7869 <th colspan="2"><?php echo _TEMPLATE_COMMENTS_TOOMUCH ?> <?php help('templatecomments'); ?></th>
7870 <?php $this->_templateEditRow($template, _TEMPLATE_CTOOMUCH, 'COMMENTS_TOOMUCH', '', 120);
7873 <th colspan="2"><?php echo _TEMPLATE_ARCHIVELIST ?> <?php help('templatearchivelists'); ?></th>
7874 <?php $this->_templateEditRow($template, _TEMPLATE_AHEADER, 'ARCHIVELIST_HEADER', '', 130);
7875 $this->_templateEditRow($template, _TEMPLATE_AITEM, 'ARCHIVELIST_LISTITEM', '', 140);
7876 $this->_templateEditRow($template, _TEMPLATE_AFOOTER, 'ARCHIVELIST_FOOTER', '', 150);
7879 <th colspan="2"><?php echo _TEMPLATE_BLOGLIST ?> <?php help('templatebloglists'); ?></th>
7880 <?php $this->_templateEditRow($template, _TEMPLATE_BLOGHEADER, 'BLOGLIST_HEADER', '', 160);
7881 $this->_templateEditRow($template, _TEMPLATE_BLOGITEM, 'BLOGLIST_LISTITEM', '', 170);
7882 $this->_templateEditRow($template, _TEMPLATE_BLOGFOOTER, 'BLOGLIST_FOOTER', '', 180);
7885 <th colspan="2"><?php echo _TEMPLATE_CATEGORYLIST ?> <?php help('templatecategorylists'); ?></th>
7886 <?php $this->_templateEditRow($template, _TEMPLATE_CATHEADER, 'CATLIST_HEADER', '', 190);
7887 $this->_templateEditRow($template, _TEMPLATE_CATITEM, 'CATLIST_LISTITEM', '', 200);
7888 $this->_templateEditRow($template, _TEMPLATE_CATFOOTER, 'CATLIST_FOOTER', '', 210);
7891 <th colspan="2"><?php echo _TEMPLATE_DATETIME ?></th>
7892 <?php $this->_templateEditRow($template, _TEMPLATE_DHEADER, 'DATE_HEADER', 'dateheads', 220);
7893 $this->_templateEditRow($template, _TEMPLATE_DFOOTER, 'DATE_FOOTER', 'dateheads', 230);
7894 $this->_templateEditRow($template, _TEMPLATE_DFORMAT, 'FORMAT_DATE', 'datetime', 240);
7895 $this->_templateEditRow($template, _TEMPLATE_TFORMAT, 'FORMAT_TIME', 'datetime', 250);
7896 $this->_templateEditRow($template, _TEMPLATE_LOCALE, 'LOCALE', 'locale', 260);
7899 <th colspan="2"><?php echo _TEMPLATE_IMAGE ?> <?php help('templatepopups'); ?></th>
7900 <?php $this->_templateEditRow($template, _TEMPLATE_PCODE, 'POPUP_CODE', '', 270);
7901 $this->_templateEditRow($template, _TEMPLATE_ICODE, 'IMAGE_CODE', '', 280);
7902 $this->_templateEditRow($template, _TEMPLATE_MCODE, 'MEDIA_CODE', '', 290);
7905 <th colspan="2"><?php echo _TEMPLATE_SEARCH ?></th>
7906 <?php $this->_templateEditRow($template, _TEMPLATE_SHIGHLIGHT, 'SEARCH_HIGHLIGHT', 'highlight',300);
7907 $this->_templateEditRow($template, _TEMPLATE_SNOTFOUND, 'SEARCH_NOTHINGFOUND', 'nothingfound',310);
7910 <th colspan="2"><?php echo _TEMPLATE_PLUGIN_FIELDS ?></th>
7913 $pluginfields = array();
7914 $manager->notify('TemplateExtraFields',array('fields'=>&$pluginfields));
7916 foreach ($pluginfields as $pfkey=>$pfvalue) {
7918 echo '<th colspan="2">' . Entity::hen($pfkey) . "</th>\n";
7919 foreach ($pfvalue as $pffield=>$pfdesc) {
7920 $this->_templateEditRow($template, $pfdesc, $pffield, '',++$tab,0);
7925 <th colspan="2"><?php echo _TEMPLATE_UPDATE ?></th>
7927 <td><?php echo _TEMPLATE_UPDATE ?></td>
7929 <input type="submit" tabindex="800" value="<?php echo _TEMPLATE_UPDATE_BTN ?>" onclick="return checkSubmit();" />
7930 <input type="reset" tabindex="810" value="<?php echo _TEMPLATE_RESET_BTN ?>" />
7941 * @todo document this
7943 function _templateEditRow(&$template, $description, $name, $help = '', $tabindex = 0, $big = 0) {
7945 if (!isset($template[$name])) $template[$name] = '';
7948 <td><?php echo $description ?> <?php if ($help) help('template'.$help); ?></td>
7949 <td id="td<?php echo $count ?>"><textarea class="templateedit" name="<?php echo $name ?>" tabindex="<?php echo $tabindex ?>" cols="50" rows="<?php echo $big?10:5 ?>" id="textarea<?php echo $count ?>"><?php echo Entity::hsc($template[$name]); ?></textarea></td>
7954 * @todo document this
7956 function action_templateupdate() {
7957 global $member,$manager;
7959 $templateid = intRequestVar('templateid');
7961 $member->isAdmin() or $this->disallow();
7963 $name = postVar('tname');
7964 $desc = postVar('tdesc');
7966 if (!isValidTemplateName($name))
7967 $this->error(_ERROR_BADTEMPLATENAME);
7969 if ((Template::getNameFromId($templateid) != $name) && Template::exists($name))
7970 $this->error(_ERROR_DUPTEMPLATENAME);
7973 $name = DB::quoteValue($name);
7974 $desc = DB::quoteValue($desc);
7976 // 1. Remove all template parts
7977 $query = 'DELETE FROM '.sql_table('template').' WHERE tdesc=' . $templateid;
7978 DB::execute($query);
7980 // 2. Update description
7981 $query = 'UPDATE '.sql_table('template_desc').' SET'
7982 . ' tdname=' . $name . ','
7983 . ' tddesc=' . $desc
7984 . ' WHERE tdnumber=' . $templateid;
7985 DB::execute($query);
7987 // 3. Add non-empty template parts
7988 $this->addToTemplate($templateid, 'ITEM_HEADER', postVar('ITEM_HEADER'));
7989 $this->addToTemplate($templateid, 'ITEM', postVar('ITEM'));
7990 $this->addToTemplate($templateid, 'ITEM_FOOTER', postVar('ITEM_FOOTER'));
7991 $this->addToTemplate($templateid, 'MORELINK', postVar('MORELINK'));
7992 $this->addToTemplate($templateid, 'EDITLINK', postVar('EDITLINK'));
7993 $this->addToTemplate($templateid, 'NEW', postVar('NEW'));
7994 $this->addToTemplate($templateid, 'COMMENTS_HEADER', postVar('COMMENTS_HEADER'));
7995 $this->addToTemplate($templateid, 'COMMENTS_BODY', postVar('COMMENTS_BODY'));
7996 $this->addToTemplate($templateid, 'COMMENTS_FOOTER', postVar('COMMENTS_FOOTER'));
7997 $this->addToTemplate($templateid, 'COMMENTS_CONTINUED', postVar('COMMENTS_CONTINUED'));
7998 $this->addToTemplate($templateid, 'COMMENTS_TOOMUCH', postVar('COMMENTS_TOOMUCH'));
7999 $this->addToTemplate($templateid, 'COMMENTS_AUTH', postVar('COMMENTS_AUTH'));
8000 $this->addToTemplate($templateid, 'COMMENTS_ONE', postVar('COMMENTS_ONE'));
8001 $this->addToTemplate($templateid, 'COMMENTS_MANY', postVar('COMMENTS_MANY'));
8002 $this->addToTemplate($templateid, 'COMMENTS_NONE', postVar('COMMENTS_NONE'));
8003 $this->addToTemplate($templateid, 'ARCHIVELIST_HEADER', postVar('ARCHIVELIST_HEADER'));
8004 $this->addToTemplate($templateid, 'ARCHIVELIST_LISTITEM', postVar('ARCHIVELIST_LISTITEM'));
8005 $this->addToTemplate($templateid, 'ARCHIVELIST_FOOTER', postVar('ARCHIVELIST_FOOTER'));
8006 $this->addToTemplate($templateid, 'BLOGLIST_HEADER', postVar('BLOGLIST_HEADER'));
8007 $this->addToTemplate($templateid, 'BLOGLIST_LISTITEM', postVar('BLOGLIST_LISTITEM'));
8008 $this->addToTemplate($templateid, 'BLOGLIST_FOOTER', postVar('BLOGLIST_FOOTER'));
8009 $this->addToTemplate($templateid, 'CATLIST_HEADER', postVar('CATLIST_HEADER'));
8010 $this->addToTemplate($templateid, 'CATLIST_LISTITEM', postVar('CATLIST_LISTITEM'));
8011 $this->addToTemplate($templateid, 'CATLIST_FOOTER', postVar('CATLIST_FOOTER'));
8012 $this->addToTemplate($templateid, 'DATE_HEADER', postVar('DATE_HEADER'));
8013 $this->addToTemplate($templateid, 'DATE_FOOTER', postVar('DATE_FOOTER'));
8014 $this->addToTemplate($templateid, 'FORMAT_DATE', postVar('FORMAT_DATE'));
8015 $this->addToTemplate($templateid, 'FORMAT_TIME', postVar('FORMAT_TIME'));
8016 $this->addToTemplate($templateid, 'LOCALE', postVar('LOCALE'));
8017 $this->addToTemplate($templateid, 'SEARCH_HIGHLIGHT', postVar('SEARCH_HIGHLIGHT'));
8018 $this->addToTemplate($templateid, 'SEARCH_NOTHINGFOUND', postVar('SEARCH_NOTHINGFOUND'));
8019 $this->addToTemplate($templateid, 'POPUP_CODE', postVar('POPUP_CODE'));
8020 $this->addToTemplate($templateid, 'MEDIA_CODE', postVar('MEDIA_CODE'));
8021 $this->addToTemplate($templateid, 'IMAGE_CODE', postVar('IMAGE_CODE'));
8023 $pluginfields = array();
8024 $manager->notify('TemplateExtraFields',array('fields'=>&$pluginfields));
8025 foreach ($pluginfields as $pfkey=>$pfvalue) {
8026 foreach ($pfvalue as $pffield=>$pfdesc) {
8027 $this->addToTemplate($templateid, $pffield, postVar($pffield));
8031 // jump back to template edit
8032 $this->action_templateedit(_TEMPLATE_UPDATED);
8037 self::error($error);
8041 if ( !is_object(self::$skin) )
8043 self::action_adminskiniedoimport();
8047 self::$skin->parse('adminskinieimport');
8052 >>>>>>> skinnable-master
8054 * Admin::action_adminskiniedoimport()
8059 static private function action_adminskiniedoimport()
8061 global $DIR_SKINS, $member, $CONF;
8063 $member->isAdmin() or self::disallow();
8065 $mode = postVar('mode');
8066 $skinFileRaw = postVar('skinfile');
8067 $allowOverwrite = intPostVar('overwrite');
8069 $error = self::skiniedoimport($mode, $skinFileRaw, $allowOverwrite);
8072 self::error($error);
8077 $partname = DB::quoteValue($partname);
8078 $content = DB::quoteValue($content);
8080 $query = "INSERT INTO %s (tdesc, tpartname, tcontent) VALUES (%d, %s, %s)";
8081 $query = sprintf($query, sql_table('template'), (integer) $id, $partname, $content);
8082 if ( DB::execute($query) === FALSE )
8084 $err = DB::getError();
8085 exit(_ADMIN_SQLDIE_QUERYERROR . $err[2]);
8087 return DB::getInsertId();
8091 * @todo document this
8093 function action_templatedelete() {
8094 global $member, $manager;
8096 $member->isAdmin() or $this->disallow();
8098 $templateid = intRequestVar('templateid');
8099 // TODO: check if template can be deleted
8103 $name = Template::getNameFromId($templateid);
8104 $desc = Template::getDesc($templateid);
8107 <h2><?php echo _DELETE_CONFIRM ?></h2>
8110 <?php echo _CONFIRMTXT_TEMPLATE ?><b><?php echo Entity::hsc($name) ?></b> (<?php echo Entity::hsc($desc) ?>)
8113 <form method="post" action="index.php"><div>
8114 <input type="hidden" name="action" value="templatedeleteconfirm" />
8115 <?php $manager->addTicketHidden() ?>
8116 <input type="hidden" name="templateid" value="<?php echo $templateid ?>" />
8117 <input type="submit" tabindex="10" value="<?php echo _DELETE_CONFIRM_BTN ?>" />
8124 * @todo document this
8126 function action_templatedeleteconfirm() {
8127 global $member, $manager;
8129 $templateid = intRequestVar('templateid');
8131 $member->isAdmin() or $this->disallow();
8133 $manager->notify('PreDeleteTemplate', array('templateid' => $templateid));
8135 // 1. delete description
8136 DB::execute('DELETE FROM '.sql_table('template_desc').' WHERE tdnumber=' . $templateid);
8139 DB::execute('DELETE FROM '.sql_table('template').' WHERE tdesc=' . $templateid);
8141 $manager->notify('PostDeleteTemplate', array('templateid' => $templateid));
8143 $this->action_templateoverview();
8147 * @todo document this
8149 function action_templatenew() {
8152 $member->isAdmin() or $this->disallow();
8154 $name = postVar('name');
8155 $desc = postVar('desc');
8157 if (!isValidTemplateName($name))
8158 $this->error(_ERROR_BADTEMPLATENAME);
8160 if (Template::exists($name))
8161 $this->error(_ERROR_DUPTEMPLATENAME);
8163 $newTemplateId = Template::createNew($name, $desc);
8165 $this->action_templateoverview();
8169 * @todo document this
8171 function action_templateclone() {
8174 $templateid = intRequestVar('templateid');
8176 $member->isAdmin() or $this->disallow();
8178 // 1. read old template
8179 $name = Template::getNameFromId($templateid);
8180 $desc = Template::getDesc($templateid);
8182 // 2. create desc thing
8183 $name = "cloned" . $name;
8185 // if a template with that name already exists:
8186 if (Template::exists($name)) {
8188 while (Template::exists($name . $i))
8193 $newid = Template::createNew($name, $desc);
8196 // go through parts of old template and add them to the new one
8197 $res = DB::getResult('SELECT tpartname, tcontent FROM '.sql_table('template').' WHERE tdesc=' . $templateid);
8198 foreach ( $res as $row ) {
8199 $this->addToTemplate($newid, $row['tpartname'], $row['tcontent']);
8202 $this->action_templateoverview();
8206 * Admin::action_skinoverview()
8211 public function action_skinoverview()
8213 global $member, $manager;
8215 $member->isAdmin() or $this->disallow();
8219 echo '<p><a href="index.php?action=manage">(' . _BACKTOMANAGE . ")</a></p>\n";
8220 echo '<h2>' . _SKIN_EDIT_TITLE . "</h2>\n";
8221 echo '<h3>' . _SKIN_AVAILABLE_TITLE . "</h3>\n";
8223 $query = 'SELECT * FROM '.sql_table('skin_desc').' ORDER BY sdname;';
8224 $template['content'] = 'skinlist';
8225 $template['tabindex'] = 10;
8227 showlist($query,'table',$template);
8229 echo '<h3>' . _SKIN_NEW_TITLE . "</h3>\n";
8230 echo "<form method=\"post\" action=\"index.php\">\n";
8232 echo "<input name=\"action\" value=\"skinnew\" type=\"hidden\" />\n";
8234 $manager->addTicketHidden() . "\n";
8236 echo "<table frame=\"box\" rules=\"all\" summary=\"skinoverview\">\n";
8238 echo "<td>" . _SKIN_NAME;
8239 echo help('shortnames');
8241 echo "<td><input name=\"name\" tabindex=\"10010\" maxlength=\"20\" size=\"20\" /></td>\n";
8244 echo "<td>" . _SKIN_DESC . "</td>\n";
8245 echo "<td><input name=\"desc\" tabindex=\"10020\" maxlength=\"200\" size=\"50\" /></td>\n";
8248 echo '<td>' . _SKIN_CREATE . "</td>\n";
8249 echo '<td><input type="submit" tabindex="10030" value="' . _SKIN_CREATE_BTN . '" onclick="return checkSubmit();" />' . "</td>\n";
8261 * @todo document this
8263 function action_skinnew() {
8266 $member->isAdmin() or $this->disallow();
8268 $name = trim(postVar('name'));
8269 $desc = trim(postVar('desc'));
8271 if (!isValidSkinName($name))
8272 $this->error(_ERROR_BADSKINNAME);
8274 if (Skin::exists($name))
8275 $this->error(_ERROR_DUPSKINNAME);
8277 $newId = Skin::createNew($name, $desc);
8279 $this->action_skinoverview();
8283 * Admin::action_skinedit()
8287 public function action_skinedit()
8289 global $member, $manager;
8291 $skinid = intRequestVar('skinid');
8293 $member->isAdmin() or $this->disallow();
8295 $skin = new SKIN($skinid);
8296 $default_skin_types = $skin->getDefaultTypes();
8297 $available_skin_types = $skin->getAvailableTypes();
8302 echo '( <a href="index.php?action=skinoverview">' . _SKIN_BACK . "</a> )";
8304 echo '<h2>' . _SKIN_EDITONE_TITLE . $skin->getName() . "</h2>\n";
8306 echo '<h3>' . _SKIN_PARTS_TITLE . "</h3>\n";
8307 echo _SKIN_PARTS_MSG . "\n";
8311 foreach ( $default_skin_types as $type => $friendly_name )
8314 echo "<a tabindex=\"{$tabindex}\" href=\"index.php?action=skinedittype&skinid={$skinid}&type={$type}\">";
8315 echo $friendly_name;
8317 help("skinpart{$type}");
8323 echo '<h3>' . _SKIN_PARTS_SPECIAL . '</h3>';
8324 echo "<form method=\"get\" action=\"index.php\">\n";
8325 echo "<input type=\"hidden\" name=\"action\" value=\"skinedittype\" />\n";
8326 echo "<input type=\"hidden\" name=\"skinid\" value=\"{$skinid}\" />\n";
8327 echo "<input type=\"text\" name=\"type\" tabindex=\"89\" size=\"20\" maxlength=\"20\" />\n";
8328 echo '<input type="submit" tabindex="140" value="' . _SKIN_CREATE . "\" onclick=\"return checkSubmit();\" />\n";
8331 /* NOTE: special skin parts has FALSE in its value */
8332 if ( in_array(FALSE, array_values($available_skin_types)) )
8337 foreach ( $available_skin_types as $type => $friendly_name )
8339 if ( !$friendly_name )
8343 echo "<a tabindex=\"{$tabstart}\" href=\"index.php?action=skinedittype&skinid={$skinid}&type=" . Entity::hsc(strtolower($type)) . '">';
8344 echo Entity::hsc(ucfirst($type));
8347 echo "(<a tabindex=\"{$tabstart}\" href=\"index.php?action=skinremovetype&skinid={$skinid}&type=" . Entity::hsc(strtolower($type)) . '">';
8356 echo '<h3>' . _SKIN_GENSETTINGS_TITLE . "</h3>\n";
8357 echo "<form method=\"post\" action=\"index.php\">\n";
8359 echo "<input type=\"hidden\" name=\"action\" value=\"skineditgeneral\" />\n";
8360 $manager->addTicketHidden() . "\n";
8361 echo "<input type=\"hidden\" name=\"skinid\" value=\"{$skinid}\" />\n";
8363 echo '<table frame="box" rules="all" summary="' . _SKIN_GENSETTINGS_TITLE . '">' . "\n";
8369 echo '<td><input type="text" name="name" tabindex="90" value="' . Entity::hsc($skin->getName()) . '" maxlength="20" size="20" />' . "</td>\n";
8372 echo '<td>' . _SKIN_DESC . "</td>\n";
8373 echo '<td><input type="text" name="desc" tabindex="100" value="' . Entity::hsc($skin->getDescription()) . '" maxlength="200" size="50" />' . "</td>\n";
8376 echo '<td>' . _SKIN_TYPE . "</td>\n";
8377 echo '<td><input type="text" name="type" tabindex="110" value="' . Entity::hsc($skin->getContentType()) . '" maxlength="40" size="20" />' . "</td>\n";
8381 echo _SKIN_INCLUDE_MODE;
8382 help('includemode');
8385 $this->input_yesno('inc_mode', $skin->getIncludeMode(), 120, 'skindir', 'normal', _PARSER_INCMODE_SKINDIR, _PARSER_INCMODE_NORMAL);
8390 echo _SKIN_INCLUDE_PREFIX;
8391 help('includeprefix');
8393 echo '<td><input type="text" name="inc_prefix" tabindex="130" value="' . Entity::hsc($skin->getIncludePrefix()) . '" maxlength="40" size="20" />' . "</td>\n";
8396 echo '<td>' . _SKIN_CHANGE . "</td>\n";
8397 echo '<td><input type="submit" tabindex="140" value="' . _SKIN_CHANGE_BTN . '" onclick="return checkSubmit();" />' . "</td>\n";
8408 * @todo document this
8410 function action_skineditgeneral() {
8413 $skinid = intRequestVar('skinid');
8415 $member->isAdmin() or $this->disallow();
8417 $name = postVar('name');
8418 $desc = postVar('desc');
8419 $type = postVar('type');
8420 $inc_mode = postVar('inc_mode');
8421 $inc_prefix = postVar('inc_prefix');
8423 $skin = new SKIN($skinid);
8426 if (!isValidSkinName($name))
8427 $this->error(_ERROR_BADSKINNAME);
8429 if (($skin->getName() != $name) && Skin::exists($name))
8430 $this->error(_ERROR_DUPSKINNAME);
8432 if (!$type) $type = 'text/html';
8433 if (!$inc_mode) $inc_mode = 'normal';
8435 // 2. Update description
8436 $skin->updateGeneralInfo($name, $desc, $type, $inc_mode, $inc_prefix);
8438 $this->action_skinedit();
8443 * Admin::action_skinedittype()
8445 * @param string $msg message for pageheader
8448 public function action_skinedittype($msg = '')
8450 global $member, $manager;
8452 $skinid = intRequestVar('skinid');
8453 $type = requestVar('type');
8455 $member->isAdmin() or $this->disallow();
8457 $type = trim($type);
8458 $type = strtolower($type);
8460 if ( !isValidShortName($type) )
8462 $this->error(_ERROR_SKIN_PARTS_SPECIAL_FORMAT);
8465 $skin = new SKIN($skinid);
8466 $skin_types = $skin->getAvailableTypes();
8467 if ( !array_key_exists($type, $skin_types) || !$skin_types[$type] )
8469 $friendlyName = ucfirst($type);
8473 $friendlyName = $skin_types[$type];
8478 echo '<p>(<a href="index.php?action=skinoverview">' . _SKIN_GOBACK . "</a>)</p>\n";
8480 echo '<h2>' . _SKIN_EDITPART_TITLE . " '" . Entity::hsc($skin->getName()) . "': " . Entity::hsc($friendlyName) . "</h2>\n";
8484 echo "<p>" . _MESSAGE . ": $msg</p>\n";
8487 echo "<form method=\"post\" action=\"index.php\">\n";
8490 echo "<input type=\"hidden\" name=\"action\" value=\"skinupdate\" />\n";
8491 $manager->addTicketHidden() . "\n";
8492 echo "<input type=\"hidden\" name=\"skinid\" value=\"{$skinid}\" />\n";
8493 echo "<input type=\"hidden\" name=\"type\" value=\"{$type}\" />\n";
8495 echo '<input type="submit" value="' . _SKIN_UPDATE_BTN . '" onclick="return checkSubmit();" />' . "\n";
8496 echo '<input type="reset" value="' . _SKIN_RESET_BTN . '" />' . "\n";
8497 echo '(skin type: ' . Entity::hsc($friendlyName) . ")\n";
8499 if ( !array_key_exists($type, $skin_types) || !$skin_types[$type] )
8501 help('skinpartspecial');
8505 help('skinpart' . $type);
8509 echo "<textarea class=\"skinedit\" tabindex=\"10\" rows=\"20\" cols=\"80\" name=\"content\">\n";
8510 echo Entity::hsc($skin->getContentFromDB($type)) . "\n";
8511 echo "</textarea>\n";
8514 echo '<input type="submit" tabindex="20" value="' . _SKIN_UPDATE_BTN . '" onclick="return checkSubmit();" />' . "\n";
8515 echo '<input type="reset" value="' . _SKIN_RESET_BTN . '" />' . "\n";
8516 echo '(skin type: ' . Entity::hsc($friendlyName) . ")\n";
8520 echo _SKIN_ALLOWEDVARS;
8522 $actions = $skin->getAllowedActionsForType($type);
8526 while ( $current = array_shift($actions) )
8528 // skip deprecated vars
8529 if ( in_array($current, array('ifcat', 'imagetext', 'vars')) )
8534 echo helplink("skinvar-{$current}") . "{$current}</a>\n";
8536 if ( count($actions) != 0 )
8544 echo _SKINEDIT_ALLOWEDBLOGS;
8546 $query = 'SELECT bshortname, bname FROM '.sql_table('blog');
8547 showlist($query, 'table', array('content'=>'shortblognames'));
8550 echo _SKINEDIT_ALLOWEDTEMPLATESS;
8552 $query = 'SELECT tdname as name, tddesc as description FROM '.sql_table('template_desc');
8553 showlist($query, 'table', array('content'=>'shortnames'));
8564 * @todo document this
8566 function action_skinupdate() {
8569 $skinid = intRequestVar('skinid');
8570 $content = trim(postVar('content'));
8571 $type = postVar('type');
8573 $member->isAdmin() or $this->disallow();
8575 $skin = new SKIN($skinid);
8576 $skin->update($type, $content);
8578 $this->action_skinedittype(_SKIN_UPDATED);
8582 * @todo document this
8584 function action_skindelete() {
8585 global $member, $manager, $CONF;
8587 $skinid = intRequestVar('skinid');
8589 $member->isAdmin() or $this->disallow();
8591 // don't allow default skin to be deleted
8592 if ($skinid == $CONF['BaseSkin'])
8593 $this->error(_ERROR_DEFAULTSKIN);
8595 // don't allow deletion of default skins for blogs
8596 $query = 'SELECT bname FROM '.sql_table('blog').' WHERE bdefskin=' . $skinid;
8597 $r = DB::getValue($query);
8599 $this->error(_ERROR_SKINDEFDELETE . Entity::hsc($r));
8603 $skin = new SKIN($skinid);
8604 $name = $skin->getName();
8605 $desc = $skin->getDescription();
8608 <h2><?php echo _DELETE_CONFIRM ?></h2>
8611 <?php echo _CONFIRMTXT_SKIN ?><b><?php echo Entity::hsc($name) ?></b> (<?php echo Entity::hsc($desc) ?>)
8614 <form method="post" action="index.php"><div>
8615 <input type="hidden" name="action" value="skindeleteconfirm" />
8616 <?php $manager->addTicketHidden() ?>
8617 <input type="hidden" name="skinid" value="<?php echo $skinid ?>" />
8618 <input type="submit" tabindex="10" value="<?php echo _DELETE_CONFIRM_BTN ?>" />
8625 * @todo document this
8627 function action_skindeleteconfirm() {
8628 global $member, $CONF, $manager;
8630 $skinid = intRequestVar('skinid');
8632 $member->isAdmin() or $this->disallow();
8634 // don't allow default skin to be deleted
8635 if ($skinid == $CONF['BaseSkin'])
8636 $this->error(_ERROR_DEFAULTSKIN);
8638 // don't allow deletion of default skins for blogs
8639 $query = 'SELECT bname FROM '.sql_table('blog').' WHERE bdefskin=' . $skinid;
8640 $r = DB::getValue($query);
8642 $this->error(_ERROR_SKINDEFDELETE .$r);
8644 $manager->notify('PreDeleteSkin', array('skinid' => $skinid));
8646 // 1. delete description
8647 DB::execute('DELETE FROM '.sql_table('skin_desc').' WHERE sdnumber=' . $skinid);
8650 DB::execute('DELETE FROM '.sql_table('skin').' WHERE sdesc=' . $skinid);
8652 $manager->notify('PostDeleteSkin', array('skinid' => $skinid));
8654 $this->action_skinoverview();
8658 * Admin::action_skinremovetype()
8663 public function action_skinremovetype()
8665 global $member, $manager, $CONF;
8667 $skinid = intRequestVar('skinid');
8668 $skintype = requestVar('type');
8670 if ( !isValidShortName($skintype) )
8672 $this->error(_ERROR_SKIN_PARTS_SPECIAL_DELETE);
8675 $member->isAdmin() or $this->disallow();
8677 // don't allow default skinparts to be deleted
8678 $skin = new Skin($skinid);
8679 $default_skin_types = $skin->getDefaultTypes();
8680 if ( array_key_exists($skintype, $default_skin_types) )
8682 $this->error(_ERROR_SKIN_PARTS_SPECIAL_DELETE);
8685 $name = $skin->getName();
8686 $desc = $skin->getDescription();
8690 echo '<h2>' . _DELETE_CONFIRM . "</h2>\n";
8692 echo _CONFIRMTXT_SKIN_PARTS_SPECIAL;
8693 echo Entity::hsc($skintype);
8694 echo '(' . Entity::hsc($name) . ')</b>';
8695 echo ' (' . Entity::hsc($desc) . ')';
8698 echo "<form method=\"post\" action=\"index.php\">\n";
8700 echo "<input type=\"hidden\" name=\"action\" value=\"skinremovetypeconfirm\" />\n";
8701 $manager->addTicketHidden();
8702 echo "<input type=\"hidden\" name=\"skinid\" value=\"{$skinid}\" />\n";
8703 echo '<input type="hidden" name="type" value="' . Entity::hsc($skintype) . '" />' . "\n";
8704 echo '<input type="submit" tabindex="10" value="' . _DELETE_CONFIRM_BTN . '" />' . "\n";
8712 * Admin::action_skinremovetypeconfirm()
8717 public function action_skinremovetypeconfirm()
8719 global $member, $CONF, $manager;
8721 $skinid = intRequestVar('skinid');
8722 $skintype = requestVar('type');
8724 if ( !isValidShortName($skintype) )
8726 $this->error(_ERROR_SKIN_PARTS_SPECIAL_DELETE);
8729 $member->isAdmin() or $this->disallow();
8731 // don't allow default skinparts to be deleted
8732 $skin = new Skin($skinid);
8733 $default_skin_types = $skin->getDefaultTypes();
8734 if ( array_key_exists($skintype, $default_skin_types) )
8736 $this->error(_ERROR_SKIN_PARTS_SPECIAL_DELETE);
8740 'skinid' => $skinid,
8741 'skintype' => $skintype
8743 $manager->notify('PreDeleteSkinPart', $data);
8746 $query = "DELETE FROM %s WHERE sdesc=%d AND stype='%s';";
8747 $query = sprintf($query, sql_table('skin'), (integer) $skinid, $skintype);
8748 DB::execute($query);
8751 'skinid' => $skinid,
8752 'skintype' => $skintype
8754 $manager->notify('PostDeleteSkinPart', $data);
8756 $this->action_skinedit();
8761 * @todo document this
8763 function action_skinclone() {
8766 $skinid = intRequestVar('skinid');
8768 $member->isAdmin() or $this->disallow();
8770 // 1. read skin to clone
8771 $skin = new SKIN($skinid);
8773 $name = "clone_" . $skin->getName();
8775 // if a skin with that name already exists:
8776 if (Skin::exists($name)) {
8778 while (Skin::exists($name . $i))
8783 // 2. create skin desc
8784 $newid = Skin::createNew(
8786 $skin->getDescription(),
8787 $skin->getContentType(),
8788 $skin->getIncludeMode(),
8789 $skin->getIncludePrefix()
8792 $query = "SELECT stype FROM " . sql_table('skin') . " WHERE sdesc = " . $skinid;
8793 $res = DB::getResult($query);
8794 foreach ( $res as $row) {
8795 $this->skinclonetype($skin, $newid, $row['stype']);
8798 $this->action_skinoverview();
8802 if ( !is_object(self::$skin) )
8805 $query = "SELECT min(sdnumber) FROM %s WHERE sdname != 'admin/bookmarklet' AND sdname LIKE 'admin/%%'";
8806 $query = sprintf($query, sql_table('skin_desc'));
8807 $res = intval(DB::getValue($query));
8808 $query = "UPDATE %s SET value = %d WHERE name = 'AdminSkin'";
8809 $query = sprintf($query, sql_table('config'), $res);
8810 DB::execute($query);
8813 redirect($CONF['AdminURL']);
8816 $skin = new Skin(0, 'AdminActions', 'AdminSkin');
8817 $skin->parse('importAdmin', $DIR_SKINS . 'admin/defaultimporter.skn');
8821 self::$skin->parse('adminskiniedoimport');
8825 >>>>>>> skinnable-master
8828 * Admin::action_adminskinieexport()
8833 static private function action_adminskinieexport()
8836 $newid = intval($newid);
8837 $content = $skin->getContentFromDB($type);
8841 $query = "INSERT INTO %s (sdesc, scontent, stype) VALUES (%d, '%s', '%s')";
8842 $query = sprintf($query, sql_table('skin'), (integer) $newid, $content, $type);
8843 DB::execute($query);
8848 $member->isAdmin() or self::disallow();
8850 // load skinie class
8851 $aSkins = requestIntArray('skin');
8852 $aTemplates = requestIntArray('template');
8853 $info = postVar('info');
8855 self::skinieexport($aSkins, $aTemplates, $info);
8857 >>>>>>> skinnable-master
8862 * Admin::action_settingsedit()
8867 static private function action_settingsedit()
8869 global $member, $manager, $CONF, $DIR_NUCLEUS, $DIR_MEDIA;
8872 $member->isAdmin() or $this->disallow();
8876 echo '<p><a href="index.php?action=manage">(',_BACKTOMANAGE,')</a></p>';
8879 <h2><?php echo _SETTINGS_TITLE ?></h2>
8881 <form action="index.php" method="post">
8884 <input type="hidden" name="action" value="settingsupdate" />
8885 <?php $manager->addTicketHidden() ?>
8888 <th colspan="2"><?php echo _SETTINGS_SUB_GENERAL ?></th>
8890 <td><?php echo _SETTINGS_DEFBLOG ?> <?php help('defaultblog'); ?></td>
8893 $query = 'SELECT bname as text, bnumber as value'
8894 . ' FROM '.sql_table('blog');
8895 $template['name'] = 'DefaultBlog';
8896 $template['selected'] = $CONF['DefaultBlog'];
8897 $template['tabindex'] = 10;
8898 showlist($query,'select',$template);
8902 <td><?php echo _SETTINGS_BASESKIN ?> <?php help('baseskin'); ?></td>
8905 $query = 'SELECT sdname as text, sdnumber as value'
8906 . ' FROM '.sql_table('skin_desc');
8907 $template['name'] = 'BaseSkin';
8908 $template['selected'] = $CONF['BaseSkin'];
8909 $template['tabindex'] = 1;
8910 showlist($query,'select',$template);
8914 <td><?php echo _SETTINGS_ADMINMAIL ?></td>
8915 <td><input name="AdminEmail" tabindex="10010" size="40" value="<?php echo Entity::hsc($CONF['AdminEmail']) ?>" /></td>
8917 <td><?php echo _SETTINGS_SITENAME ?></td>
8918 <td><input name="SiteName" tabindex="10020" size="40" value="<?php echo Entity::hsc($CONF['SiteName']) ?>" /></td>
8920 <td><?php echo _SETTINGS_SITEURL ?></td>
8921 <td><input name="IndexURL" tabindex="10030" size="40" value="<?php echo Entity::hsc($CONF['IndexURL']) ?>" /></td>
8923 <td><?php echo _SETTINGS_ADMINURL ?></td>
8924 <td><input name="AdminURL" tabindex="10040" size="40" value="<?php echo Entity::hsc($CONF['AdminURL']) ?>" /></td>
8926 <td><?php echo _SETTINGS_PLUGINURL ?> <?php help('pluginurl'); ?></td>
8927 <td><input name="PluginURL" tabindex="10045" size="40" value="<?php echo Entity::hsc($CONF['PluginURL']) ?>" /></td>
8929 <td><?php echo _SETTINGS_SKINSURL ?> <?php help('skinsurl'); ?></td>
8930 <td><input name="SkinsURL" tabindex="10046" size="40" value="<?php echo Entity::hsc($CONF['SkinsURL']) ?>" /></td>
8932 <td><?php echo _SETTINGS_ACTIONSURL ?> <?php help('actionurl'); ?></td>
8933 <td><input name="ActionURL" tabindex="10047" size="40" value="<?php echo Entity::hsc($CONF['ActionURL']) ?>" /></td>
8935 <td><?php echo _SETTINGS_LOCALE ?> <?php help('locale'); ?>
8938 <select name="Locale" tabindex="10050">
8940 $locales = i18n::get_available_locale_list();
8941 if ( !i18n::get_current_locale() || !in_array(i18n::get_current_locale(), $locales) )
8943 echo "<option value=\"\" selected=\"selected\">en_Latn_US</option>\n";
8947 echo "<option value=\"\">en_Latn_US</option>\n";
8950 foreach ( $locales as $locale )
8952 if ( $locale == 'en_Latn_US' )
8956 if ( $locale == i18n::get_current_locale() )
8958 echo "<option value=\"{$locale}\" selected=\"selected\">{$locale}</option>\n";
8962 echo "<option value=\"{$locale}\">{$locale}</option>\n";
8970 <td><?php echo _SETTINGS_DISABLESITE ?> <?php help('disablesite'); ?>
8972 <td><?php $this->input_yesno('DisableSite',$CONF['DisableSite'],10060); ?>
8974 <?php echo _SETTINGS_DISABLESITEURL ?> <input name="DisableSiteURL" tabindex="10070" size="40" value="<?php echo Entity::hsc($CONF['DisableSiteURL']) ?>" />
8977 <td><?php echo _SETTINGS_DIRS ?></td>
8978 <td><?php echo Entity::hsc($DIR_NUCLEUS) ?>
8979 <i><?php echo _SETTINGS_SEECONFIGPHP ?></i></td>
8981 <td><?php echo _SETTINGS_DBLOGIN ?></td>
8982 <td><i><?php echo _SETTINGS_SEECONFIGPHP ?></i></td>
8986 echo _SETTINGS_JSTOOLBAR
8987 /* =_SETTINGS_DISABLEJS
8989 I temporary changed the meaning of DisableJsTools, until I can find a good
8990 way to select the javascript version to use
8994 1 : all javascript disabled
8995 2 : 'simpler' javascript (for mozilla/opera/mac)
8999 <td><?php /* $this->input_yesno('DisableJsTools',$CONF['DisableJsTools'],10075); */ ?>
9000 <select name="DisableJsTools" tabindex="10075">
9001 <?php $extra = ($CONF['DisableJsTools'] == 1) ? 'selected="selected"' : '';
9002 echo "<option $extra value='1'>",_SETTINGS_JSTOOLBAR_NONE,"</option>";
9003 $extra = ($CONF['DisableJsTools'] == 2) ? 'selected="selected"' : '';
9004 echo "<option $extra value='2'>",_SETTINGS_JSTOOLBAR_SIMPLE,"</option>";
9005 $extra = ($CONF['DisableJsTools'] == 0) ? 'selected="selected"' : '';
9006 echo "<option $extra value='0'>",_SETTINGS_JSTOOLBAR_FULL,"</option>";
9011 <td><?php echo _SETTINGS_URLMODE ?> <?php help('urlmode'); ?></td>
9014 $this->input_yesno('URLMode',$CONF['URLMode'],10077,
9015 'normal','pathinfo',_SETTINGS_URLMODE_NORMAL,_SETTINGS_URLMODE_PATHINFO);
9017 echo ' ', _SETTINGS_URLMODE_HELP;
9023 <td><?php echo _SETTINGS_DEBUGVARS ?> <?php help('debugvars'); ?></td>
9026 $this->input_yesno('DebugVars',$CONF['DebugVars'],10078);
9032 <td><?php echo _SETTINGS_DEFAULTLISTSIZE ?> <?php help('defaultlistsize'); ?></td>
9035 if (!array_key_exists('DefaultListSize',$CONF)) {
9036 DB::execute("INSERT INTO ".sql_table('config')." VALUES ('DefaultListSize', '10')");
9037 $CONF['DefaultListSize'] = 10;
9040 <input name="DefaultListSize" tabindex="10079" size="40" value="<?php echo Entity::hsc((intval($CONF['DefaultListSize']) < 1 ? '10' : $CONF['DefaultListSize'])) ?>" />
9043 <td><?php echo _SETTINGS_ADMINCSS ?>
9047 <select name="AdminCSS" tabindex="10080">
9048 <?php // show a dropdown list of all available admin css files
9049 global $DIR_NUCLEUS;
9051 $dirhandle = opendir($DIR_NUCLEUS."styles/");
9053 while ($filename = readdir($dirhandle) )
9056 # replaced ereg() below with preg_match(). ereg* functions are deprecated in PHP 5.3.0
9057 # original ereg: ereg("^(.*)\.php$",$filename,$matches)
9059 if (preg_match('#^admin_(.*)\.css$#', $filename, $matches) )
9062 $name = $matches[1];
9063 echo "<option value=\"$name\"";
9065 if ($name == $CONF['AdminCSS'])
9067 echo " selected=\"selected\"";
9070 echo ">$name</option>";
9076 closedir($dirhandle);
9083 <th colspan="2"><?php echo _SETTINGS_MEDIA ?> <?php help('media'); ?></th>
9085 <td><?php echo _SETTINGS_MEDIADIR ?></td>
9086 <td><?php echo Entity::hsc($DIR_MEDIA) ?>
9087 <i><?php echo _SETTINGS_SEECONFIGPHP ?></i>
9088 <?php if (!is_dir($DIR_MEDIA))
9089 echo "<br /><b>" . _WARNING_NOTADIR . "</b>";
9090 if (!is_readable($DIR_MEDIA))
9091 echo "<br /><b>" . _WARNING_NOTREADABLE . "</b>";
9092 if (!is_writeable($DIR_MEDIA))
9093 echo "<br /><b>" . _WARNING_NOTWRITABLE . "</b>";
9097 <td><?php echo _SETTINGS_MEDIAURL ?></td>
9099 <input name="MediaURL" tabindex="10090" size="40" value="<?php echo Entity::hsc($CONF['MediaURL']) ?>" />
9102 <td><?php echo _SETTINGS_ALLOWUPLOAD ?></td>
9103 <td><?php $this->input_yesno('AllowUpload',$CONF['AllowUpload'],10090); ?></td>
9105 <td><?php echo _SETTINGS_ALLOWUPLOADTYPES ?></td>
9107 <input name="AllowedTypes" tabindex="10100" size="40" value="<?php echo Entity::hsc($CONF['AllowedTypes']) ?>" />
9110 <td><?php echo _SETTINGS_MAXUPLOADSIZE ?></td>
9112 <input name="MaxUploadSize" tabindex="10105" size="40" value="<?php echo Entity::hsc($CONF['MaxUploadSize']) ?>" />
9115 <td><?php echo _SETTINGS_MEDIAPREFIX ?></td>
9116 <td><?php $this->input_yesno('MediaPrefix',$CONF['MediaPrefix'],10110); ?></td>
9119 <th colspan="2"><?php echo _SETTINGS_MEMBERS ?></th>
9121 <td><?php echo _SETTINGS_CHANGELOGIN ?></td>
9122 <td><?php $this->input_yesno('AllowLoginEdit',$CONF['AllowLoginEdit'],10120); ?></td>
9124 <td><?php echo _SETTINGS_ALLOWCREATE ?>
9125 <?php help('allowaccountcreation'); ?>
9127 <td><?php $this->input_yesno('AllowMemberCreate',$CONF['AllowMemberCreate'],10130); ?>
9130 <td><?php echo _SETTINGS_NEWLOGIN ?> <?php help('allownewmemberlogin'); ?>
9131 <br /><?php echo _SETTINGS_NEWLOGIN2 ?>
9133 <td><?php $this->input_yesno('NewMemberCanLogon',$CONF['NewMemberCanLogon'],10140); ?>
9136 <td><?php echo _SETTINGS_MEMBERMSGS ?>
9137 <?php help('messageservice'); ?>
9139 <td><?php $this->input_yesno('AllowMemberMail',$CONF['AllowMemberMail'],10150); ?>
9142 <td><?php echo _SETTINGS_NONMEMBERMSGS ?>
9143 <?php help('messageservice'); ?>
9145 <td><?php $this->input_yesno('NonmemberMail',$CONF['NonmemberMail'],10155); ?>
9148 <td><?php echo _SETTINGS_PROTECTMEMNAMES ?>
9149 <?php help('protectmemnames'); ?>
9151 <td><?php $this->input_yesno('ProtectMemNames',$CONF['ProtectMemNames'],10156); ?>
9157 <th colspan="2"><?php echo _SETTINGS_COOKIES_TITLE ?> <?php help('cookies'); ?></th>
9159 <td><?php echo _SETTINGS_COOKIEPREFIX ?></td>
9160 <td><input name="CookiePrefix" tabindex="10159" size="40" value="<?php echo Entity::hsc($CONF['CookiePrefix']) ?>" /></td>
9162 <td><?php echo _SETTINGS_COOKIEDOMAIN ?></td>
9163 <td><input name="CookieDomain" tabindex="10160" size="40" value="<?php echo Entity::hsc($CONF['CookieDomain']) ?>" /></td>
9165 <td><?php echo _SETTINGS_COOKIEPATH ?></td>
9166 <td><input name="CookiePath" tabindex="10170" size="40" value="<?php echo Entity::hsc($CONF['CookiePath']) ?>" /></td>
9168 <td><?php echo _SETTINGS_COOKIESECURE ?></td>
9169 <td><?php $this->input_yesno('CookieSecure',$CONF['CookieSecure'],10180); ?></td>
9171 <td><?php echo _SETTINGS_COOKIELIFE ?></td>
9172 <td><?php $this->input_yesno('SessionCookie',$CONF['SessionCookie'],10190,
9173 1,0,_SETTINGS_COOKIESESSION,_SETTINGS_COOKIEMONTH); ?>
9176 <td><?php echo _SETTINGS_LASTVISIT ?></td>
9177 <td><?php $this->input_yesno('LastVisit',$CONF['LastVisit'],10200); ?></td>
9182 <th colspan="2"><?php echo _SETTINGS_UPDATE ?></th>
9184 <td><?php echo _SETTINGS_UPDATE ?></td>
9185 <td><input type="submit" tabindex="10210" value="<?php echo _SETTINGS_UPDATE_BTN ?>" onclick="return checkSubmit();" /></td>
9192 echo '<h2>',_PLUGINS_EXTRA,'</h2>';
9195 'GeneralSettingsFormExtras',
9202 $member->isAdmin() or self::disallow();
9204 self::$skin->parse('settingsedit');
9206 >>>>>>> skinnable-master
9210 * Admin::action_settingsupdate()
9211 * Update $CONFIG and redirect
9216 static private function action_settingsupdate()
9218 global $member, $CONF;
9220 $member->isAdmin() or self::disallow();
9222 // check if email address for admin is valid
9223 if ( !NOTIFICATION::address_validation(postVar('AdminEmail')) )
9225 self::error(_ERROR_BADMAILADDRESS);
9230 self::updateConfig('DefaultBlog', postVar('DefaultBlog'));
9231 self::updateConfig('BaseSkin', postVar('BaseSkin'));
9232 self::updateConfig('IndexURL', postVar('IndexURL'));
9233 self::updateConfig('AdminURL', postVar('AdminURL'));
9234 self::updateConfig('PluginURL', postVar('PluginURL'));
9235 self::updateConfig('SkinsURL', postVar('SkinsURL'));
9236 self::updateConfig('ActionURL', postVar('ActionURL'));
9237 self::updateConfig('Locale', postVar('Locale'));
9238 self::updateConfig('AdminEmail', postVar('AdminEmail'));
9239 self::updateConfig('SessionCookie', postVar('SessionCookie'));
9240 self::updateConfig('AllowMemberCreate', postVar('AllowMemberCreate'));
9241 self::updateConfig('AllowMemberMail', postVar('AllowMemberMail'));
9242 self::updateConfig('NonmemberMail', postVar('NonmemberMail'));
9243 self::updateConfig('ProtectMemNames', postVar('ProtectMemNames'));
9244 self::updateConfig('SiteName', postVar('SiteName'));
9245 self::updateConfig('NewMemberCanLogon', postVar('NewMemberCanLogon'));
9246 self::updateConfig('DisableSite', postVar('DisableSite'));
9247 self::updateConfig('DisableSiteURL', postVar('DisableSiteURL'));
9248 self::updateConfig('LastVisit', postVar('LastVisit'));
9249 self::updateConfig('MediaURL', postVar('MediaURL'));
9250 self::updateConfig('AllowedTypes', postVar('AllowedTypes'));
9251 self::updateConfig('AllowUpload', postVar('AllowUpload'));
9252 self::updateConfig('MaxUploadSize', postVar('MaxUploadSize'));
9253 self::updateConfig('MediaPrefix', postVar('MediaPrefix'));
9254 self::updateConfig('AllowLoginEdit', postVar('AllowLoginEdit'));
9255 self::updateConfig('DisableJsTools', postVar('DisableJsTools'));
9256 self::updateConfig('CookieDomain', postVar('CookieDomain'));
9257 self::updateConfig('CookiePath', postVar('CookiePath'));
9258 self::updateConfig('CookieSecure', postVar('CookieSecure'));
9259 self::updateConfig('URLMode', postVar('URLMode'));
9260 self::updateConfig('CookiePrefix', postVar('CookiePrefix'));
9261 self::updateConfig('DebugVars', postVar('DebugVars'));
9262 self::updateConfig('DefaultListSize', postVar('DefaultListSize'));
9263 self::updateConfig('AdminCSS', postVar('AdminCSS'));
9264 self::updateConfig('AdminSkin', postVar('adminskin'));
9265 self::updateConfig('BookmarkletSkin', postVar('bookmarklet'));
9267 // load new config and redirect (this way, the new locale will be used is necessary)
9268 // note that when changing cookie settings, this redirect might cause the user
9269 // to have to log in again.
9271 redirect($CONF['AdminURL'] . '?action=manage');
9276 * Admin::action_systemoverview()
9277 * Output system overview
9282 static private function action_systemoverview()
9285 global $member, $nucleus, $CONF;
9289 echo '<h2>' . _ADMIN_SYSTEMOVERVIEW_HEADING . "</h2>\n";
9291 if ( $member->isLoggedIn() && $member->isAdmin() )
9293 // Information about the used PHP and MySQL installation
9294 echo '<h3>' . _ADMIN_SYSTEMOVERVIEW_PHPANDMYSQL . "</h3>\n\n";
9296 // Version of PHP MySQL
9297 echo '<table frame="box" rules="all" summary="' . _ADMIN_SYSTEMOVERVIEW_VERSIONS . "\" class=\"systemoverview\">\n";
9300 echo '<th colspan="2">' . _ADMIN_SYSTEMOVERVIEW_VERSIONS . "</th>\n";
9305 echo '<td>' . _ADMIN_SYSTEMOVERVIEW_PHPVERSION . "</td>\n";
9306 echo '<td>' . phpversion() . "</td>\n";
9309 echo '<td>' . _ADMIN_SYSTEMOVERVIEW_MYSQLVERSION . "</td>\n";
9310 echo '<td>' . DB::getAttribute(PDO::ATTR_SERVER_VERSION) . ' (' . DB::getAttribute(PDO::ATTR_CLIENT_VERSION) . ')' . "</td>\n";
9313 echo "</table>\n\n";
9315 // Important PHP settings
9316 echo '<table frame="box" rules="all" summary="' . _ADMIN_SYSTEMOVERVIEW_SETTINGS . "\" class=\"systemoverview\">\n";
9319 echo '<th colspan="2">' . _ADMIN_SYSTEMOVERVIEW_SETTINGS . "</th>\n";
9324 echo '<td>magic_quotes_gpc' . "</td>\n";
9325 $mqg = get_magic_quotes_gpc() ? 'On' : 'Off';
9326 echo '<td>' . $mqg . "</td>\n";
9329 echo '<td>magic_quotes_runtime' . "</td>\n";
9330 $mqr = get_magic_quotes_runtime() ? 'On' : 'Off';
9331 echo '<td>' . $mqr . "</td>\n";
9334 echo '<td>register_globals' . "</td>\n";
9335 $rg = ini_get('register_globals') ? 'On' : 'Off';
9336 echo '<td>' . $rg . "</td>\n";
9339 echo "</table>\n\n";
9341 // Information about GD library
9342 $gdinfo = gd_info();
9343 echo '<table frame="box" rules="all" summary="' . _ADMIN_SYSTEMOVERVIEW_GDLIBRALY . "\" class=\"systemoverview\">\n";
9346 echo '<th colspan="2">' . _ADMIN_SYSTEMOVERVIEW_GDLIBRALY . "</th>\n";
9350 foreach ( $gdinfo as $key=>$value )
9352 if ( is_bool($value) )
9354 $value = $value ? _ADMIN_SYSTEMOVERVIEW_ENABLE : _ADMIN_SYSTEMOVERVIEW_DISABLE;
9358 $value = Entity::hsc($value);
9361 echo '<td>' . $key . "</td>\n";
9362 echo '<td>' . $value . "</td>\n";
9366 echo "</table>\n\n";
9368 // Check if special modules are loaded
9370 phpinfo(INFO_MODULES);
9371 $im = ob_get_contents();
9373 echo '<table frame="box" rules="all" summary="' . _ADMIN_SYSTEMOVERVIEW_MODULES . "\" class=\"systemoverview\">\n";
9376 echo '<th colspan="2">' . _ADMIN_SYSTEMOVERVIEW_MODULES . "</th>\n";
9380 echo '<td>mod_rewrite' . "</td>\n";
9381 $modrewrite = (i18n::strpos($im, 'mod_rewrite') !== FALSE) ?
9382 _ADMIN_SYSTEMOVERVIEW_ENABLE :
9383 _ADMIN_SYSTEMOVERVIEW_DISABLE;
9384 echo '<td>' . $modrewrite . "</td>\n";
9387 echo "</table>\n\n";
9389 // Information about the used Nucleus CMS
9390 echo '<h3>' . _ADMIN_SYSTEMOVERVIEW_NUCLEUSSYSTEM . "</h3>\n";
9392 $nv = getNucleusVersion() / 100 . '(' . $nucleus['version'] . ')';
9393 $np = getNucleusPatchLevel();
9394 echo "<table frame=\"box\" rules=\"all\" summary=\"Nucleus CMS\" class=\"systemoverview\" class=\"systemoverview\">\n";
9397 echo '<th colspan="2">Nucleus CMS' . "</th>\n";
9402 echo '<td>' . _ADMIN_SYSTEMOVERVIEW_NUCLEUSVERSION . "</td>\n";
9403 echo '<td>' . $nv . "</td>\n";
9406 echo '<td>' . _ADMIN_SYSTEMOVERVIEW_NUCLEUSPATCHLEVEL . "</td>\n";
9407 echo '<td>' . $np . "</td>\n";
9410 echo "</table>\n\n";
9412 // Important settings of the installation
9413 echo '<table frame="box" rules="all" summary="' . _ADMIN_SYSTEMOVERVIEW_NUCLEUSSETTINGS . "\" class=\"systemoverview\">\n";
9416 echo '<th colspan="2">' . _ADMIN_SYSTEMOVERVIEW_NUCLEUSSETTINGS . "</th>\n";
9421 echo '<td>' . '$CONF[' . "'Self']</td>\n";
9422 echo '<td>' . $CONF['Self'] . "</td>\n";
9425 echo '<td>' . '$CONF[' . "'ItemURL']</td>\n";
9426 echo '<td>' . $CONF['ItemURL'] . "</td>\n";
9429 echo '<td>' . '$CONF[' . "'alertOnHeadersSent']</td>\n";
9430 $ohs = $CONF['alertOnHeadersSent'] ?
9431 _ADMIN_SYSTEMOVERVIEW_ENABLE :
9432 _ADMIN_SYSTEMOVERVIEW_DISABLE;
9433 echo '<td>' . $ohs . "</td>\n";
9436 echo "<td>i18n::get_current_charset()</td>\n";
9437 echo '<td>' . i18n::get_current_charset() . "</td>\n";
9440 echo "</table>\n\n";
9442 // Link to the online version test at the Nucleus CMS website
9443 echo '<h3>' . _ADMIN_SYSTEMOVERVIEW_VERSIONCHECK . "</h3>\n";
9444 if ( $nucleus['codename'] != '')
9446 $codenamestring = ' "' . $nucleus['codename'] . '"';
9450 $codenamestring = '';
9452 echo _ADMIN_SYSTEMOVERVIEW_VERSIONCHECK_TXT;
9453 $checkURL = sprintf(_ADMIN_SYSTEMOVERVIEW_VERSIONCHECK_URL, getNucleusVersion(), getNucleusPatchLevel());
9454 echo '<a href="' . $checkURL . '" title="' . _ADMIN_SYSTEMOVERVIEW_VERSIONCHECK_TITLE . '">';
9455 echo 'Nucleus CMS ' . $nv . $codenamestring;
9460 echo _ADMIN_SYSTEMOVERVIEW_NOT_ADMIN;
9464 self::$skin->parse('systemoverview');
9466 >>>>>>> skinnable-master
9470 * Admin::updateConfig()
9472 * @param string $name
9473 * @param string $val
9474 * @return integer return the ID in which the latest query posted
9476 static private function updateConfig($name, $val)
9479 $name = DB::quoteValue($name);
9480 $val = DB::quoteValue(trim($val));
9482 $query = "UPDATE %s SET value=%s WHERE name=%s";
9483 $query = sprintf($query, sql_table('config'), $val, $name);
9484 if ( DB::execute($query) === FALSE )
9486 $err = DB::getError();
9487 die("Query error: " . $err[2]);
9489 $query = "UPDATE %s SET value=%s WHERE name=%s";
9490 $query = sprintf($query, sql_table('config'), DB::quoteValue($val), DB::quoteValue($name));
9491 if ( DB::execute($query) === FALSE )
9493 $err = DB::getError();
9494 die(_ADMIN_SQLDIE_QUERYERROR . $err[2]);
9495 >>>>>>> skinnable-master
9497 return DB::getInsertId();
9504 * @param string $msg message that will be shown
9507 static public function error($msg)
9509 self::$headMess = $msg;
9510 self::$skin->parse('adminerrorpage');
9516 * add error log and show error page
9521 static public function disallow()
9523 ActionLog::add(WARNING, _ACTIONLOG_DISALLOWED . serverVar('REQUEST_URI'));
9524 self::error(_ERROR_DISALLOWED);
9529 * Admin::action_PluginAdmin()
9530 * Output pluginadmin
9532 * @param string $skinContents
9533 * @param string $extrahead
9536 static public function action_PluginAdmin($skinContents, $extrahead = '')
9538 self::$extrahead .= $extrahead;
9539 self::$skin->parse('pluginadmin', $skinContents);
9544 * Admin::action_bookmarklet()
9550 function pagehead($extrahead = '')
9552 global $member, $nucleus, $CONF, $manager;
9557 'extrahead' => &$extrahead,
9558 'action' => $this->action));
9560 $baseUrl = Entity::hsc($CONF['AdminURL']);
9561 if ( !array_key_exists('AdminCSS',$CONF) )
9563 DB::execute("INSERT INTO ".sql_table('config')." VALUES ('AdminCSS', 'original')");
9564 $CONF['AdminCSS'] = 'original';
9567 /* HTTP 1.1 application for no caching */
9568 header("Cache-Control: no-cache, must-revalidate");
9569 header("Expires: Sat, 26 Jul 1997 05:00:00 GMT");
9571 $root_element = 'html';
9572 $charset = i18n::get_current_charset();
9573 $locale = preg_replace('#_#', '-', i18n::get_current_locale());
9575 echo "<?xml version=\"{$this->xml_version_info}\" encoding=\"{$charset}\" ?>\n";
9576 echo "<!DOCTYPE {$root_element} PUBLIC \"{$this->formal_public_identifier}\" \"{$this->system_identifier}\">\n";
9577 echo "<{$root_element} xmlns=\"{$this->xhtml_namespace}\" xml:lang=\"{$locale}\" lang=\"{$locale}\">\n";
9579 echo '<title>' . Entity::hsc($CONF['SiteName']) . " - Admin</title>\n";
9580 echo "<link rel=\"stylesheet\" title=\"Nucleus Admin Default\" type=\"text/css\" href=\"{$baseUrl}styles/admin_{$CONF["AdminCSS"]}.css\" />\n";
9581 echo "<link rel=\"stylesheet\" title=\"Nucleus Admin Default\" type=\"text/css\" href=\"{$baseUrl}styles/addedit.css\" />\n";
9582 echo "<script type=\"text/javascript\" src=\"{$baseUrl}javascript/edit.js\"></script>\n";
9583 echo "<script type=\"text/javascript\" src=\"{$baseUrl}javascript/admin.js\"></script>\n";
9584 echo "<script type=\"text/javascript\" src=\"{$baseUrl}javascript/compatibility.js\"></script>\n";
9585 echo "{$extrahead}\n";
9588 echo "<div id=\"adminwrapper\">\n";
9589 echo "<div class=\"header\">\n";
9590 echo '<h1>' . Entity::hsc($CONF['SiteName']) . "</h1>\n";
9592 echo "<div id=\"container\">\n";
9593 echo "<div id=\"content\">\n";
9594 echo "<div class=\"loginname\">\n";
9595 if ( $member->isLoggedIn() )
9597 echo _LOGGEDINAS . ' ' . $member->getDisplayName() ." - <a href='index.php?action=logout'>" . _LOGOUT. "</a><br />\n";
9598 echo "<a href='index.php?action=overview'>" . _ADMINHOME . "</a> - ";
9602 echo '<a href="index.php?action=showlogin" title="Log in">' . _NOTLOGGEDIN . "</a><br />\n";
9604 echo "<a href='".$CONF['IndexURL']."'>"._YOURSITE."</a><br />\n";
9607 static private function action_bookmarklet()
9609 global $member, $manager;
9610 >>>>>>> skinnable-master
9612 $blogid = intRequestVar('blogid');
9613 $member->teamRights($blogid) or self::disallow();
9615 self::$skin->parse('bookmarklet');
9620 * Admin::action_actionlog()
9625 static private function action_actionlog()
9627 global $member, $manager;
9629 $member->isAdmin() or self::disallow();
9631 self::$skin->parse('actionlog');
9636 * Admin::action_banlist()
9641 static private function action_banlist()
9643 global $member, $manager;
9645 $blogid = intRequestVar('blogid');
9646 $member->blogAdminRights($blogid) or self::disallow();
9648 self::$skin->parse('banlist');
9653 * Admin::action_banlistdelete()
9658 static private function action_banlistdelete()
9660 global $member, $manager;
9662 $blogid = intRequestVar('blogid');
9663 $member->blogAdminRights($blogid) or self::disallow();
9665 self::$skin->parse('banlistdelete');
9670 * Admin::action_banlistdeleteconfirm()
9675 static private function action_banlistdeleteconfirm()
9677 global $member, $manager;
9679 $blogid = intPostVar('blogid');
9680 $allblogs = postVar('allblogs');
9681 $iprange = postVar('iprange');
9683 $member->blogAdminRights($blogid) or self::disallow();
9689 if ( Ban::removeBan($blogid, $iprange) )
9691 $deleted[] = $blogid;
9696 // get blogs fot which member has admin rights
9697 $adminblogs = $member->getAdminBlogs();
9698 foreach ($adminblogs as $blogje)
9700 if ( Ban::removeBan($blogje, $iprange) )
9702 $deleted[] = $blogje;
9707 if ( sizeof($deleted) == 0 )
9709 self::error(_ERROR_DELETEBAN);
9713 /* TODO: we should use other ways */
9714 $_REQUEST['delblogs'] = $deleted;
9716 self::$skin->parse('banlistdeleteconfirm');
9722 * Admin::action_bookmarklet()
9724 * Admin::action_banlistnewfromitem()
9725 >>>>>>> skinnable-master
9731 public function action_bookmarklet()
9733 global $member, $manager;
9735 $blogid = intRequestVar('blogid');
9736 $member->teamRights($blogid) or $this->disallow();
9737 $blog =& $manager->getBlog($blogid);
9741 echo '<p><a href="index.php?action=overview">(' . _BACKHOME . ")</a></p>\n";
9743 echo '<h2>' . _BOOKMARKLET_TITLE . "</h2>\n";
9745 echo _BOOKMARKLET_DESC1 . _BOOKMARKLET_DESC2 . _BOOKMARKLET_DESC3 . _BOOKMARKLET_DESC4 . _BOOKMARKLET_DESC5;
9748 echo '<h3>' . _BOOKMARKLET_BOOKARKLET . "</h3>\n";
9750 echo _BOOKMARKLET_BMARKTEXT . '<small>' . _BOOKMARKLET_BMARKTEST . '</small>';
9753 echo '<a href="javascript:' . rawurlencode(getBookmarklet($blogid)) . '">' . sprintf(_BOOKMARKLET_ANCHOR, Entity::hsc($blog->getName())) . '</a>';
9754 echo _BOOKMARKLET_BMARKFOLLOW;
9762 * @todo document this
9764 function action_actionlog() {
9765 global $member, $manager;
9767 $member->isAdmin() or $this->disallow();
9771 echo '<p><a href="index.php?action=manage">(',_BACKTOMANAGE,')</a></p>';
9773 $url = $manager->addTicketToUrl('index.php?action=clearactionlog');
9776 <h2><?php echo _ACTIONLOG_CLEAR_TITLE ?></h2>
9777 <p><a href="<?php echo Entity::hsc($url) ?>"><?php echo _ACTIONLOG_CLEAR_TEXT ?></a></p>
9779 echo '<h2>' . _ACTIONLOG_TITLE . '</h2>';
9781 $query = 'SELECT * FROM '.sql_table('actionlog').' ORDER BY timestamp DESC';
9782 $template['content'] = 'actionlist';
9783 $amount = showlist($query,'table',$template);
9790 * @todo document this
9792 function action_banlist() {
9793 global $member, $manager;
9795 $blogid = intRequestVar('blogid');
9797 $member->blogAdminRights($blogid) or $this->disallow();
9799 $blog =& $manager->getBlog($blogid);
9803 echo '<p><a href="index.php?action=overview">(',_BACKHOME,')</a></p>';
9805 echo '<h2>' . _BAN_TITLE . " '". $this->bloglink($blog) ."'</h2>";
9807 $query = 'SELECT * FROM '.sql_table('ban').' WHERE blogid='.$blogid.' ORDER BY iprange';
9808 $template['content'] = 'banlist';
9809 $amount = showlist($query,'table',$template);
9814 echo '<h2>'._BAN_NEW_TITLE.'</h2>';
9815 echo "<p><a href='index.php?action=banlistnew&blogid=$blogid'>"._BAN_NEW_TEXT."</a></p>";
9823 * @todo document this
9825 function action_banlistdelete() {
9826 global $member, $manager;
9828 $blogid = intRequestVar('blogid');
9829 $iprange = requestVar('iprange');
9831 $member->blogAdminRights($blogid) or $this->disallow();
9833 $blog =& $manager->getBlog($blogid);
9834 $banBlogName = Entity::hsc($blog->getName());
9838 <h2><?php echo _BAN_REMOVE_TITLE ?></h2>
9840 <form method="post" action="index.php">
9842 <h3><?php echo _BAN_IPRANGE ?></h3>
9845 <?php echo _CONFIRMTXT_BAN ?> <?php echo Entity::hsc($iprange) ?>
9846 <input name="iprange" type="hidden" value="<?php echo Entity::hsc($iprange) ?>" />
9849 <h3><?php echo _BAN_BLOGS ?></h3>
9852 <input type="hidden" name="blogid" value="<?php echo $blogid ?>" />
9853 <input name="allblogs" type="radio" value="0" id="allblogs_one" />
9854 <label for="allblogs_one"><?php echo sprintf(_BAN_BANBLOGNAME, $banBlogName) ?></label>
9856 <input name="allblogs" type="radio" value="1" checked="checked" id="allblogs_all" /><label for="allblogs_all"><?php echo _BAN_ALLBLOGS ?></label>
9859 <h3><?php echo _BAN_DELETE_TITLE ?></h3>
9862 <?php $manager->addTicketHidden() ?>
9863 <input type="hidden" name="action" value="banlistdeleteconfirm" />
9864 <input type="submit" value="<?php echo _DELETE_CONFIRM_BTN ?>" />
9873 * @todo document this
9875 function action_banlistdeleteconfirm() {
9876 global $member, $manager;
9878 $blogid = intPostVar('blogid');
9879 $allblogs = postVar('allblogs');
9880 $iprange = postVar('iprange');
9882 $member->blogAdminRights($blogid) or $this->disallow();
9887 if (Ban::removeBan($blogid, $iprange))
9888 array_push($deleted, $blogid);
9890 // get blogs fot which member has admin rights
9891 $adminblogs = $member->getAdminBlogs();
9892 foreach ($adminblogs as $blogje) {
9893 if (Ban::removeBan($blogje, $iprange))
9894 array_push($deleted, $blogje);
9898 if (sizeof($deleted) == 0)
9899 $this->error(_ERROR_DELETEBAN);
9903 echo '<a href="index.php?action=banlist&blogid=',$blogid,'">(',_BACK,')</a>';
9904 echo '<h2>'._BAN_REMOVED_TITLE.'</h2>';
9905 echo "<p>"._BAN_REMOVED_TEXT."</p>";
9908 foreach ($deleted as $delblog) {
9909 $b =& $manager->getBlog($delblog);
9910 echo "<li>" . Entity::hsc($b->getName()). "</li>";
9919 * @todo document this
9921 function action_banlistnewfromitem() {
9922 $this->action_banlistnew(getBlogIDFromItemID(intRequestVar('itemid')));
9926 * @todo document this
9928 function action_banlistnew($blogid = '') {
9929 global $member, $manager;
9932 $blogid = intRequestVar('blogid');
9934 $ip = requestVar('ip');
9936 $member->blogAdminRights($blogid) or $this->disallow();
9938 $blog =& $manager->getBlog($blogid);
9942 <h2><?php echo _BAN_ADD_TITLE ?></h2>
9945 <form method="post" action="index.php">
9947 <h3><?php echo _BAN_IPRANGE ?></h3>
9949 <p><?php echo _BAN_IPRANGE_TEXT ?></p>
9952 <strong><?php echo _BAN_EXAMPLE_TITLE ?></strong>
9953 <?php echo _BAN_EXAMPLE_TEXT ?>
9959 $iprangeVal = Entity::hsc($ip);
9961 <input name="iprange" type="radio" value="<?php echo $iprangeVal ?>" checked="checked" id="ip_fixed" />
9962 <label for="ip_fixed"><?php echo $iprangeVal ?></label>
9964 <input name="iprange" type="radio" value="custom" id="ip_custom" />
9965 <label for="ip_custom"><?php echo _BAN_IP_CUSTOM ?></label>
9966 <input name='customiprange' value='<?php echo $iprangeVal ?>' maxlength='15' size='15' />
9969 echo "<input name='iprange' value='custom' type='hidden' />";
9970 echo "<input name='customiprange' value='' maxlength='15' size='15' />";
9975 <h3><?php echo _BAN_BLOGS ?></h3>
9977 <p><?php echo _BAN_BLOGS_TEXT ?></p>
9980 <input type="hidden" name="blogid" value="<?php echo $blogid ?>" />
9981 <input name="allblogs" type="radio" value="0" id="allblogs_one" /><label for="allblogs_one">'<?php echo Entity::hsc($blog->getName()) ?>'</label>
9983 <input name="allblogs" type="radio" value="1" checked="checked" id="allblogs_all" /><label for="allblogs_all"><?php echo _BAN_ALLBLOGS ?></label>
9986 <h3><?php echo _BAN_REASON_TITLE ?></h3>
9988 <p><?php echo _BAN_REASON_TEXT ?></p>
9990 <div><textarea name="reason" cols="40" rows="5"></textarea></div>
9992 <h3><?php echo _BAN_ADD_TITLE ?></h3>
9995 <input name="action" type="hidden" value="banlistadd" />
9996 <?php $manager->addTicketHidden() ?>
9997 <input type="submit" value="<?php echo _BAN_ADD_BTN ?>" />
10002 <?php $this->pagefoot();
10006 * @todo document this
10008 function action_banlistadd() {
10011 $blogid = intPostVar('blogid');
10012 $allblogs = postVar('allblogs');
10013 $iprange = postVar('iprange');
10014 if ($iprange == "custom")
10015 $iprange = postVar('customiprange');
10016 $reason = postVar('reason');
10018 $member->blogAdminRights($blogid) or $this->disallow();
10020 // TODO: check IP range validity
10023 if (!Ban::addBan($blogid, $iprange, $reason))
10024 $this->error(_ERROR_ADDBAN);
10026 // get blogs fot which member has admin rights
10027 $adminblogs = $member->getAdminBlogs();
10029 foreach ($adminblogs as $blogje) {
10030 if (!Ban::addBan($blogje, $iprange, $reason))
10034 $this->error(_ERROR_ADDBAN);
10037 $this->action_banlist();
10042 * @todo document this
10044 function action_clearactionlog() {
10047 $member->isAdmin() or $this->disallow();
10049 ActionLog::clear();
10051 $this->action_manage(_MSG_ACTIONLOGCLEARED);
10055 * @todo document this
10057 function action_backupoverview() {
10058 global $member, $manager;
10060 $member->isAdmin() or $this->disallow();
10064 echo '<p><a href="index.php?action=manage">(',_BACKTOMANAGE,')</a></p>';
10066 <h2><?php echo _BACKUPS_TITLE ?></h2>
10068 <h3><?php echo _BACKUP_TITLE ?></h3>
10070 <p><?php echo _BACKUP_INTRO ?></p>
10072 <form method="post" action="index.php"><p>
10073 <input type="hidden" name="action" value="backupcreate" />
10074 <?php $manager->addTicketHidden() ?>
10076 <input type="radio" name="gzip" value="1" checked="checked" id="gzip_yes" tabindex="10" /><label for="gzip_yes"><?php echo _BACKUP_ZIP_YES ?></label>
10078 <input type="radio" name="gzip" value="0" id="gzip_no" tabindex="10" /><label for="gzip_no" ><?php echo _BACKUP_ZIP_NO ?></label>
10080 <input type="submit" value="<?php echo _BACKUP_BTN ?>" tabindex="20" />
10084 <div class="note"><?php echo _BACKUP_NOTE ?></div>
10087 <h3><?php echo _RESTORE_TITLE ?></h3>
10089 <div class="note"><?php echo _RESTORE_NOTE ?></div>
10091 <p><?php echo _RESTORE_INTRO ?></p>
10093 <form method="post" action="index.php" enctype="multipart/form-data"><p>
10094 <input type="hidden" name="action" value="backuprestore" />
10095 <?php $manager->addTicketHidden() ?>
10096 <input name="backup_file" type="file" tabindex="30" />
10098 <input type="submit" value="<?php echo _RESTORE_BTN ?>" tabindex="40" />
10099 <br /><input type="checkbox" name="letsgo" value="1" id="letsgo" tabindex="50" /><label for="letsgo"><?php echo _RESTORE_IMSURE ?></label>
10100 <br /><?php echo _RESTORE_WARNING ?>
10103 static private function action_banlistnewfromitem()
10107 $itemid = intRequestVar('itemid');
10108 $item =& $manager->getItem($itemid, 1, 1);
10109 self::action_banlistnew($item['blogid']);
10114 * Admin::action_banlistnew()
10116 * @param integer $blogid ID for weblog
10119 static private function action_banlistnew($blogid = '')
10121 global $member, $manager;
10123 if ( $blogid == '' )
10125 $blogid = intRequestVar('blogid');
10128 $ip = requestVar('ip');
10130 $member->blogAdminRights($blogid) or self::disallow();
10132 /* TODO: we should consider to use the other way instead of this */
10133 $_REQUEST['blogid'] = $blogid;
10135 self::$skin->parse('banlistnew');
10139 >>>>>>> skinnable-master
10142 * Admin::action_banlistadd()
10147 static private function action_banlistadd()
10151 $blogid = intPostVar('blogid');
10152 $allblogs = postVar('allblogs');
10153 $iprange = postVar('iprange');
10155 if ( $iprange == "custom" )
10157 $iprange = postVar('customiprange');
10159 $reason = postVar('reason');
10161 $member->blogAdminRights($blogid) or self::disallow();
10163 // TODO: check IP range validity
10167 if ( !Ban::addBan($blogid, $iprange, $reason) )
10169 self::error(_ERROR_ADDBAN);
10175 // get blogs fot which member has admin rights
10176 $adminblogs = $member->getAdminBlogs();
10178 foreach ($adminblogs as $blogje)
10180 if ( !Ban::addBan($blogje, $iprange, $reason) )
10187 self::error(_ERROR_ADDBAN);
10191 self::action_banlist();
10196 * Admin::action_clearactionlog()
10201 static private function action_clearactionlog()
10205 $member->isAdmin() or self::disallow();
10207 ActionLog::clear();
10209 self::action_manage(_MSG_ACTIONLOGCLEARED);
10214 * Admin::action_backupoverview()
10219 static private function action_backupoverview()
10221 global $member, $manager;
10223 $member->isAdmin() or self::disallow();
10225 self::$skin->parse('backupoverview');
10230 * Admin::action_backupcreate()
10231 * create file for backup
10237 static private function action_backupcreate()
10239 global $member, $DIR_LIBS;
10241 $member->isAdmin() or self::disallow();
10243 // use compression ?
10244 $useGzip = (integer) postVar('gzip');
10246 include($DIR_LIBS . 'backup.php');
10248 // try to extend time limit
10249 // (creating/restoring dumps might take a while)
10250 @set_time_limit(1200);
10252 Backup::do_backup($useGzip);
10257 * Admin::action_backuprestore()
10258 * restoring from uploaded file
10263 static private function action_backuprestore()
10265 global $member, $DIR_LIBS;
10267 $member->isAdmin() or self::disallow();
10269 if ( intPostVar('letsgo') != 1 )
10271 self::error(_ERROR_BACKUP_NOTSURE);
10275 include($DIR_LIBS . 'backup.php');
10277 // try to extend time limit
10278 // (creating/restoring dumps might take a while)
10279 @set_time_limit(1200);
10281 $message = Backup::do_restore();
10282 if ( $message != '' )
10284 self::error($message);
10287 self::$skin->parse('backuprestore');
10292 * Admin::action_pluginlist()
10293 * output the list of installed plugins
10299 static private function action_pluginlist()
10301 global $DIR_PLUGINS, $member, $manager;
10303 // check if allowed
10304 $member->isAdmin() or self::disallow();
10306 self::$skin->parse('pluginlist');
10311 * Admin::action_pluginhelp()
10316 static private function action_pluginhelp()
10318 global $member, $manager, $DIR_PLUGINS, $CONF;
10321 while ( $filename = readdir($dirhandle) )
10323 if ( preg_match('#^NP_(.*)\.php$#', $filename, $matches) )
10325 $name = $matches[1];
10327 // only show in list when not yet installed
10328 $query = 'SELECT * FROM %s WHERE pfile = %s';
10329 $query = sprintf($query, sql_table('plugin'), DB::quoteValue('NP_'.$name));
10330 $res = DB::getResult($query);
10332 if ( $res->rowCount() == 0 )
10334 array_push($candidates, $name);
10339 // check if allowed
10340 $member->isAdmin() or self::disallow();
10341 >>>>>>> skinnable-master
10343 $plugid = intGetVar('plugid');
10345 if ( !$manager->pidInstalled($plugid) )
10347 self::error(_ERROR_NOSUCHPLUGIN);
10351 self::$skin->parse('pluginhelp');
10357 * @todo document this
10359 function action_pluginhelp() {
10360 global $member, $manager, $DIR_PLUGINS, $CONF;
10362 // check if allowed
10363 $member->isAdmin() or $this->disallow();
10365 $plugid = intGetVar('plugid');
10367 if (!$manager->pidInstalled($plugid))
10368 $this->error(_ERROR_NOSUCHPLUGIN);
10370 $plugName = $manager->getPluginNameFromPid($plugid);
10374 echo '<p><a href="index.php?action=pluginlist">(',_PLUGS_BACK,')</a></p>';
10376 echo '<h2>',_PLUGS_HELP_TITLE,': ',Entity::hsc($plugName),'</h2>';
10378 $plug =& $manager->getPlugin($plugName);
10379 $helpFile = $DIR_PLUGINS.$plug->getShortName().'/help.html';
10381 if (($plug->supportsFeature('HelpPage') > 0) && (@file_exists($helpFile))) {
10382 @readfile($helpFile);
10384 echo '<p>Error: ', _ERROR_PLUGNOHELPFILE,'</p>';
10385 echo '<p><a href="index.php?action=pluginlist">(',_BACK,')</a></p>';
10393 >>>>>>> skinnable-master
10395 * Admin::action_pluginadd()
10401 static private function action_pluginadd()
10403 global $member, $manager, $DIR_PLUGINS;
10405 // check if allowed
10406 $member->isAdmin() or self::disallow();
10408 $name = postVar('filename');
10410 if ( $manager->pluginInstalled($name) )
10412 self::error(_ERROR_DUPPLUGIN);
10416 if ( !checkPlugin($name) )
10418 self::error(_ERROR_PLUGFILEERROR . ' (' . Entity::hsc($name) . ')');
10422 // get number of currently installed plugins
10424 $res = DB::getResult('SELECT * FROM '.sql_table('plugin'));
10426 $res = DB::getResult('SELECT * FROM ' . sql_table('plugin'));
10427 >>>>>>> skinnable-master
10428 $numCurrent = $res->rowCount();
10430 // plugin will be added as last one in the list
10431 $newOrder = $numCurrent + 1;
10433 $data = array('file' => &$name);
10434 $manager->notify('PreAddPlugin', $data);
10436 // do this before calling getPlugin (in case the plugin id is used there)
10438 $query = 'INSERT INTO '.sql_table('plugin').' (porder, pfile) VALUES ('.$newOrder.','.DB::quoteValue($name).')';
10440 $query = "INSERT INTO %s (porder, pfile) VALUES (%d, %s);";
10441 $query = sprintf($query, sql_table('plugin'), (integer) $newOrder, DB::quoteValue($name));
10442 >>>>>>> skinnable-master
10443 DB::execute($query);
10444 $iPid = DB::getInsertId();
10446 $manager->clearCachedInfo('installedPlugins');
10448 // Load the plugin for condition checking and instalation
10449 $plugin =& $manager->getPlugin($name);
10451 // check if it got loaded (could have failed)
10455 DB::execute('DELETE FROM ' . sql_table('plugin') . ' WHERE pid='. intval($iPid));
10457 $query = "DELETE FROM %s WHERE pid=%d;";
10458 $query = sprintf($query, sql_table('plugin'), (integer) $iPid);
10460 DB::execute($query);
10462 >>>>>>> skinnable-master
10463 $manager->clearCachedInfo('installedPlugins');
10464 self::error(_ERROR_PLUGIN_LOAD);
10468 // check if plugin needs a newer Nucleus version
10469 if ( getNucleusVersion() < $plugin->getMinNucleusVersion() )
10471 // uninstall plugin again...
10472 self::deleteOnePlugin($plugin->getID());
10474 // ...and show error
10475 self::error(_ERROR_NUCLEUSVERSIONREQ . Entity::hsc($plugin->getMinNucleusVersion()));
10479 // check if plugin needs a newer Nucleus version
10480 if ( (getNucleusVersion() == $plugin->getMinNucleusVersion()) && (getNucleusPatchLevel() < $plugin->getMinNucleusPatchLevel()) )
10482 // uninstall plugin again...
10483 self::deleteOnePlugin($plugin->getID());
10485 // ...and show error
10486 self::error(_ERROR_NUCLEUSVERSIONREQ . Entity::hsc( $plugin->getMinNucleusVersion() . ' patch ' . $plugin->getMinNucleusPatchLevel() ) );
10490 $pluginList = $plugin->getPluginDep();
10491 foreach ( $pluginList as $pluginName )
10493 $res = DB::getResult('SELECT * FROM '.sql_table('plugin') . ' WHERE pfile=' . DB::quoteValue($pluginName));
10494 if ($res->rowCount() == 0)
10496 // uninstall plugin again...
10497 self::deleteOnePlugin($plugin->getID());
10498 self::error(sprintf(_ERROR_INSREQPLUGIN, Entity::hsc($pluginName)));
10503 // call the install method of the plugin
10504 $plugin->install();
10506 $data = array('plugin' => &$plugin);
10507 $manager->notify('PostAddPlugin', $data);
10509 // update all events
10510 self::action_pluginupdate();
10515 * ADMIN:action_pluginupdate():
10521 static private function action_pluginupdate()
10523 global $member, $manager, $CONF;
10525 // check if allowed
10526 $member->isAdmin() or self::disallow();
10528 // delete everything from plugin_events
10529 DB::execute('DELETE FROM '.sql_table('plugin_event'));
10531 // loop over all installed plugins
10532 $res = DB::getResult('SELECT pid, pfile FROM '.sql_table('plugin'));
10533 foreach ( $res as $row )
10535 $pid = $row['pid'];
10536 $plug =& $manager->getPlugin($row['pfile']);
10539 $eventList = $plug->getEventList();
10540 foreach ( $eventList as $eventName )
10542 $query = "INSERT INTO %s (pid, event) VALUES (%d, %s)";
10543 $query = sprintf($query, sql_table('plugin_event'), (integer) $pid, DB::quoteValue($eventName));
10544 DB::execute($query);
10548 redirect($CONF['AdminURL'] . '?action=pluginlist');
10553 * Admin::action_plugindelete()
10558 static private function action_plugindelete()
10560 global $member, $manager;
10562 // check if allowed
10563 $member->isAdmin() or self::disallow();
10565 $pid = intGetVar('plugid');
10567 if ( !$manager->pidInstalled($pid) )
10569 self::error(_ERROR_NOSUCHPLUGIN);
10573 self::$skin->parse('plugindelete');
10578 * Admin::action_plugindeleteconfirm()
10583 static private function action_plugindeleteconfirm()
10585 global $member, $manager, $CONF;
10587 // check if allowed
10588 $member->isAdmin() or self::disallow();
10590 $pid = intPostVar('plugid');
10592 $error = self::deleteOnePlugin($pid, 1);
10595 self::error($error);
10599 redirect($CONF['AdminURL'] . '?action=pluginlist');
10604 * Admin::deleteOnePlugin()
10606 * @param integer $pid
10607 * @param boolean $callUninstall
10608 * @return string empty or message if failed
10610 static public function deleteOnePlugin($pid, $callUninstall = 0)
10614 $pid = intval($pid);
10616 if ( !$manager->pidInstalled($pid) )
10618 return _ERROR_NOSUCHPLUGIN;
10621 $query = "SELECT pfile as result FROM %s WHERE pid=%d;";
10622 $query = sprintf($query, sql_table('plugin'), (integer) $pid);
10623 $name = DB::getValue($query);
10625 // check dependency before delete
10626 $res = DB::getResult('SELECT pfile FROM ' . sql_table('plugin'));
10627 foreach ( $res as $row )
10629 $plug =& $manager->getPlugin($row['pfile']);
10632 $depList = $plug->getPluginDep();
10633 foreach ( $depList as $depName )
10635 if ( $name == $depName )
10637 return sprintf(_ERROR_DELREQPLUGIN, $row['pfile']);
10643 $data = array('plugid' => $pid);
10644 $manager->notify('PreDeletePlugin', $data);
10646 // call the unInstall method of the plugin
10647 if ( $callUninstall )
10649 $plugin =& $manager->getPlugin($name);
10652 $plugin->unInstall();
10656 // delete all subscriptions
10657 DB::execute('DELETE FROM ' . sql_table('plugin_event') . ' WHERE pid=' . $pid);
10659 // delete all options
10660 // get OIDs from plugin_option_desc
10661 $res = DB::getResult('SELECT oid FROM ' . sql_table('plugin_option_desc') . ' WHERE opid=' . $pid);
10663 foreach ( $res as $row )
10665 array_push($aOIDs, $row['oid']);
10668 // delete from plugin_option and plugin_option_desc
10669 DB::execute('DELETE FROM ' . sql_table('plugin_option_desc') . ' WHERE opid=' . $pid);
10670 if (count($aOIDs) > 0)
10672 DB::execute('DELETE FROM ' . sql_table('plugin_option') . ' WHERE oid in (' . implode(',', $aOIDs) . ')');
10675 // update order numbers
10676 $res = DB::getValue('SELECT porder FROM ' . sql_table('plugin') . ' WHERE pid=' . $pid);
10677 DB::execute('UPDATE ' . sql_table('plugin') . ' SET porder=(porder - 1) WHERE porder>' . $res);
10680 DB::execute('DELETE FROM ' . sql_table('plugin') . ' WHERE pid=' . $pid);
10682 $manager->clearCachedInfo('installedPlugins');
10683 $data = array('plugid' => $pid);
10684 $manager->notify('PostDeletePlugin', $data);
10690 * Admin::action_pluginup()
10695 static private function action_pluginup()
10697 global $member, $manager, $CONF;
10699 // check if allowed
10700 $member->isAdmin() or self::disallow();
10702 $plugid = intGetVar('plugid');
10704 if ( !$manager->pidInstalled($plugid) )
10707 $res = DB::getResult('SELECT * FROM '.sql_table('plugin') . ' WHERE pfile=' . DB::quoteValue($pluginName));
10708 if ($res->rowCount() == 0)
10710 // uninstall plugin again...
10711 $this->deleteOnePlugin($plugin->getID());
10712 $this->error(sprintf(_ERROR_INSREQPLUGIN, Entity::hsc($pluginName)));
10715 self::error(_ERROR_NOSUCHPLUGIN);
10717 >>>>>>> skinnable-master
10720 // 1. get old order number
10721 $oldOrder = DB::getValue('SELECT porder FROM ' . sql_table('plugin') . ' WHERE pid=' . $plugid);
10723 // 2. calculate new order number
10724 $newOrder = ($oldOrder > 1) ? ($oldOrder - 1) : 1;
10726 // 3. update plug numbers
10727 DB::execute('UPDATE ' . sql_table('plugin') . ' SET porder=' . $oldOrder . ' WHERE porder=' . $newOrder);
10728 DB::execute('UPDATE ' . sql_table('plugin') . ' SET porder=' . $newOrder . ' WHERE pid=' . $plugid);
10730 //self::action_pluginlist();
10731 // To avoid showing ticket in the URL, redirect to pluginlist, instead.
10732 redirect($CONF['AdminURL'] . '?action=pluginlist');
10737 * Admin::action_plugindown()
10742 static private function action_plugindown()
10744 global $member, $manager, $CONF;
10746 // check if allowed
10748 $member->isAdmin() or $this->disallow();
10750 // delete everything from plugin_events
10751 DB::execute('DELETE FROM '.sql_table('plugin_event'));
10753 // loop over all installed plugins
10754 $res = DB::getResult('SELECT pid, pfile FROM '.sql_table('plugin'));
10755 foreach ( $res as $row )
10757 $pid = $row['pid'];
10758 $plug =& $manager->getPlugin($row['pfile']);
10761 $eventList = $plug->getEventList();
10762 foreach ( $eventList as $eventName )
10764 $query = "INSERT INTO %s (pid, event) VALUES (%d, %s)";
10765 $query = sprintf($query, sql_table('plugin_event'), (integer) $pid, DB::quoteValue($eventName));
10766 DB::execute($query);
10770 $member->isAdmin() or self::disallow();
10772 $plugid = intGetVar('plugid');
10773 if ( !$manager->pidInstalled($plugid) )
10775 self::error(_ERROR_NOSUCHPLUGIN);
10777 >>>>>>> skinnable-master
10780 // 1. get old order number
10781 $oldOrder = DB::getValue('SELECT porder FROM ' . sql_table('plugin') . ' WHERE pid=' . $plugid);
10783 $res = DB::getResult('SELECT * FROM ' . sql_table('plugin'));
10784 $maxOrder = $res->rowCount();
10786 // 2. calculate new order number
10787 $newOrder = ($oldOrder < $maxOrder) ? ($oldOrder + 1) : $maxOrder;
10789 // 3. update plug numbers
10790 DB::execute('UPDATE ' . sql_table('plugin') . ' SET porder=' . $oldOrder . ' WHERE porder=' . $newOrder);
10791 DB::execute('UPDATE ' . sql_table('plugin') . ' SET porder=' . $newOrder . ' WHERE pid=' . $plugid);
10793 //self::action_pluginlist();
10794 // To avoid showing ticket in the URL, redirect to pluginlist, instead.
10795 redirect($CONF['AdminURL'] . '?action=pluginlist');
10801 * @todo document this
10803 function action_plugindelete() {
10804 global $member, $manager;
10806 // check if allowed
10807 $member->isAdmin() or $this->disallow();
10809 $pid = intGetVar('plugid');
10811 if (!$manager->pidInstalled($pid))
10812 $this->error(_ERROR_NOSUCHPLUGIN);
10816 <h2><?php echo _DELETE_CONFIRM ?></h2>
10818 <p><?php echo _CONFIRMTXT_PLUGIN ?> <strong><?php echo $manager->getPluginNameFromPid($pid) ?></strong>?</p>
10820 <form method="post" action="index.php"><div>
10821 <?php $manager->addTicketHidden() ?>
10822 <input type="hidden" name="action" value="plugindeleteconfirm" />
10823 <input type="hidden" name="plugid" value="<?php echo $pid; ?>" />
10824 <input type="submit" tabindex="10" value="<?php echo _DELETE_CONFIRM_BTN ?>" />
10831 * @todo document this
10833 function action_plugindeleteconfirm() {
10834 global $member, $manager, $CONF;
10836 // check if allowed
10837 $member->isAdmin() or $this->disallow();
10839 $pid = intPostVar('plugid');
10841 $error = $this->deleteOnePlugin($pid, 1);
10843 $this->error($error);
10846 redirect($CONF['AdminURL'] . '?action=pluginlist');
10847 // $this->action_pluginlist();
10851 * @todo document this
10853 function deleteOnePlugin($pid, $callUninstall = 0) {
10856 $pid = intval($pid);
10858 if (!$manager->pidInstalled($pid))
10859 return _ERROR_NOSUCHPLUGIN;
10861 $name = DB::getValue('SELECT pfile as result FROM '.sql_table('plugin').' WHERE pid='.$pid);
10863 /* // call the unInstall method of the plugin
10864 if ($callUninstall) {
10865 $plugin =& $manager->getPlugin($name);
10866 if ($plugin) $plugin->unInstall();
10869 // check dependency before delete
10870 $res = DB::getResult('SELECT pfile FROM '.sql_table('plugin'));
10871 foreach ( $res as $row ) {
10872 $plug =& $manager->getPlugin($row['pfile']);
10875 $depList = $plug->getPluginDep();
10876 foreach ($depList as $depName)
10878 if ($name == $depName)
10880 return sprintf(_ERROR_DELREQPLUGIN, $row['pfile']);
10886 $manager->notify('PreDeletePlugin', array('plugid' => $pid));
10888 // call the unInstall method of the plugin
10889 if ($callUninstall) {
10890 $plugin =& $manager->getPlugin($name);
10891 if ($plugin) $plugin->unInstall();
10894 // delete all subscriptions
10895 DB::execute('DELETE FROM '.sql_table('plugin_event').' WHERE pid=' . $pid);
10897 // delete all options
10898 // get OIDs from plugin_option_desc
10899 $res = DB::getResult('SELECT oid FROM ' . sql_table('plugin_option_desc') . ' WHERE opid=' . $pid);
10901 foreach ( $res as $row ) {
10902 array_push($aOIDs, $row['oid']);
10905 // delete from plugin_option and plugin_option_desc
10906 DB::execute('DELETE FROM '.sql_table('plugin_option_desc').' WHERE opid=' . $pid);
10907 if (count($aOIDs) > 0)
10908 DB::execute('DELETE FROM '.sql_table('plugin_option').' WHERE oid in ('.implode(',',$aOIDs).')');
10910 // update order numbers
10911 $res = DB::getValue('SELECT porder FROM '.sql_table('plugin').' WHERE pid=' . $pid);
10912 DB::execute('UPDATE '.sql_table('plugin').' SET porder=(porder - 1) WHERE porder>'.$res);
10915 DB::execute('DELETE FROM '.sql_table('plugin').' WHERE pid='.$pid);
10917 $manager->clearCachedInfo('installedPlugins');
10918 $manager->notify('PostDeletePlugin', array('plugid' => $pid));
10924 * @todo document this
10926 function action_pluginup() {
10927 global $member, $manager, $CONF;
10929 // check if allowed
10930 $member->isAdmin() or $this->disallow();
10932 $plugid = intGetVar('plugid');
10934 if (!$manager->pidInstalled($plugid))
10935 $this->error(_ERROR_NOSUCHPLUGIN);
10937 // 1. get old order number
10938 $oldOrder = DB::getValue('SELECT porder FROM '.sql_table('plugin').' WHERE pid='.$plugid);
10940 // 2. calculate new order number
10941 $newOrder = ($oldOrder > 1) ? ($oldOrder - 1) : 1;
10943 // 3. update plug numbers
10944 DB::execute('UPDATE '.sql_table('plugin').' SET porder='.$oldOrder.' WHERE porder='.$newOrder);
10945 DB::execute('UPDATE '.sql_table('plugin').' SET porder='.$newOrder.' WHERE pid='.$plugid);
10947 //$this->action_pluginlist();
10948 // To avoid showing ticket in the URL, redirect to pluginlist, instead.
10949 redirect($CONF['AdminURL'] . '?action=pluginlist');
10953 * @todo document this
10955 function action_plugindown() {
10956 global $member, $manager, $CONF;
10958 // check if allowed
10959 $member->isAdmin() or $this->disallow();
10961 $plugid = intGetVar('plugid');
10962 if (!$manager->pidInstalled($plugid))
10963 $this->error(_ERROR_NOSUCHPLUGIN);
10965 // 1. get old order number
10966 $oldOrder = DB::getValue('SELECT porder FROM '.sql_table('plugin').' WHERE pid='.$plugid);
10968 $res = DB::getResult('SELECT * FROM '.sql_table('plugin'));
10969 $maxOrder = $res->rowCount();
10971 // 2. calculate new order number
10972 $newOrder = ($oldOrder < $maxOrder) ? ($oldOrder + 1) : $maxOrder;
10974 // 3. update plug numbers
10975 DB::execute('UPDATE '.sql_table('plugin').' SET porder='.$oldOrder.' WHERE porder='.$newOrder);
10976 DB::execute('UPDATE '.sql_table('plugin').' SET porder='.$newOrder.' WHERE pid='.$plugid);
10978 //$this->action_pluginlist();
10979 // To avoid showing ticket in the URL, redirect to pluginlist, instead.
10980 redirect($CONF['AdminURL'] . '?action=pluginlist');
10984 >>>>>>> skinnable-master
10986 * Admin::action_pluginoptions()
10988 * Output Plugin option page
10991 * @param string $message message when fallbacked
10995 static private function action_pluginoptions($message = '')
10997 global $member, $manager;
10999 // check if allowed
11000 $member->isAdmin() or self::disallow();
11002 $pid = intRequestVar('plugid');
11003 if ( !$manager->pidInstalled($pid) )
11005 self::error(_ERROR_NOSUCHPLUGIN);
11010 $pname = $manager->getPluginNameFromPid($pid);
11012 /* NOTE: to include translation file */
11013 $manager->getPlugin($pname);
11015 $extrahead = "<script type=\"text/javascript\" src=\"javascript/numbercheck.js\"></script>\n";
11016 $this->pagehead($extrahead);
11017 echo '<p><a href="index.php?action=pluginlist">(' . _PLUGS_BACK . ")</a></p>\n";
11018 echo '<h2>' . sprintf(_PLUGIN_OPTIONS_TITLE, Entity::hsc($pname)) . "</h2>\n";
11020 if ( isset($message) )
11025 echo "<form action=\"index.php\" method=\"post\">\n";
11027 echo "<input type=\"hidden\" name=\"action\" value=\"pluginoptionsupdate\" />\n";
11028 echo "<input type=\"hidden\" name=\"plugid\" value=\"{$pid}\" />\n";
11029 $manager->addTicketHidden();
11031 $options = array();
11032 $query = "SELECT * FROM %s WHERE ocontext='global' and opid=%d ORDER BY oid ASC";
11033 $query = sprintf($query, sql_table('plugin_option_desc'), $pid);
11034 $result = DB::getResult($query);
11035 foreach ( $result as $row )
11037 $options[$row['oid']] = array(
11038 'oid' => $row['oid'],
11039 'value' => $row['odef'],
11040 'name' => $row['oname'],
11041 'description' => $row['odesc'],
11042 'type' => $row['otype'],
11043 'typeinfo' => $row['oextra'],
11047 // fill out actual values
11048 if ( count($options) > 0 )
11050 $query = "SELECT oid, ovalue FROM %s WHERE oid in (%s)";
11051 $query = sprintf($query, sql_table('plugin_option'), implode(',',array_keys($options)));
11052 $result = DB::getResult($query);
11053 foreach ( $result as $row )
11055 $options[$row['oid']]['value'] = $row['ovalue'];
11060 $data = array('context' => 'global', 'plugid' => $pid, 'options'=>&$options);
11061 $manager->notify('PrePluginOptionsEdit',$data);
11063 $template['content'] = 'plugoptionlist';
11064 $amount = showlist($options,'table', $template);
11065 if ( $amount == 0 )
11067 echo '<p>',_ERROR_NOPLUGOPTIONS,'</p>';
11069 if ( isset($message) )
11071 self::$headMess = $message;
11072 >>>>>>> skinnable-master
11074 $plugname = $manager->getPluginNameFromPid($pid);
11075 $plugin = $manager->getPlugin($plugname);
11076 self::$extrahead .= "<script type=\"text/javascript\" src=\"<%skinfile(/javascripts/numbercheck.js)%>\"></script>\n";
11078 self::$skin->parse('pluginoptions');
11083 * Admin::action_pluginoptionsupdate()
11085 * Update plugin options and fallback to plugin option page
11091 static private function action_pluginoptionsupdate()
11093 global $member, $manager;
11095 // check if allowed
11096 $member->isAdmin() or self::disallow();
11098 $pid = intRequestVar('plugid');
11100 if ( !$manager->pidInstalled($pid) )
11102 self::error(_ERROR_NOSUCHPLUGIN);
11106 $aOptions = requestArray('plugoption');
11107 NucleusPlugin::apply_plugin_options($aOptions);
11110 'context' => 'global',
11113 $manager->notify('PostPluginOptionsUpdate', $data);
11115 self::action_pluginoptions(_PLUGS_OPTIONS_UPDATED);
11120 * Admin::skineditgeneral()
11122 * @param integer $skinid
11123 * @param string $handler
11124 * @return string empty or message if failed
11126 static private function skineditgeneral($skinid, $handler='')
11130 $name = postVar('name');
11131 $desc = postVar('desc');
11132 $type = postVar('type');
11133 $inc_mode = postVar('inc_mode');
11134 $inc_prefix = postVar('inc_prefix');
11136 $skin =& $manager->getSkin($skinid, $handler);
11139 if ( !isValidSkinName($name) )
11141 return _ERROR_BADSKINNAME;
11144 if ( ($skin->getName() != $name) && SKIN::exists($name) )
11146 return _ERROR_DUPSKINNAME;
11151 $type = 'text/html';
11156 $inc_mode = 'normal';
11159 // 2. Update description
11160 $skin->updateGeneralInfo($name, $desc, $type, $inc_mode, $inc_prefix);
11165 * Admin::skindeleteconfirm()
11167 * @param integer $skinid
11170 static private function skindeleteconfirm($skinid)
11174 if ( !in_array(self::$action, self::$adminskin_actions) )
11176 $event_identifier = 'Skin';
11180 $event_identifier = 'AdminSkin';
11183 $data = array('skinid' => $skinid);
11184 $manager->notify("PreDelete{$event_identifier}", $data);
11186 // 1. delete description
11187 $query = "DELETE FROM %s WHERE sdnumber=%d;";
11188 $query = sprintf($query, sql_table('skin_desc'), (integer) $skinid);
11189 DB::execute($query);
11192 $query = "DELETE FROM %s WHERE sdesc=%d;";
11193 $query = sprintf($query, sql_table('skin'), (integer) $skinid);
11194 DB::execute($query);
11196 $manager->notify("PostDelete{$event_identifier}", $data);
11202 * Admin::skinremovetypeconfirm()
11204 * @param integer $skinid
11205 * @param string $skintype
11206 * @return string empty or message if failed
11208 static private function skinremovetypeconfirm($skinid, $skintype)
11213 /* get current registered plugin option list in this context even if it's not used */
11214 $query = 'SELECT * FROM %s AS plugins, %s AS options LEFT OUTER JOIN %s AS added '
11215 . 'ON ( options.oid=added.oid ) '
11216 . 'WHERE plugins.pid=options.opid AND options.ocontext=%s AND added.ocontextid=%d '
11217 . 'ORDER BY options.oid ASC';
11218 $query = sprintf($query, sql_table('plugin'), sql_table('plugin_option_desc'), sql_table('plugin_option'), DB::quoteValue($context), intval($contextid));
11220 $res = DB::getResult($query);
11222 $options = array();
11223 foreach ( $res as $row )
11225 /* NOTE: to include translation file */
11226 $manager->getPlugin($row['pfile']);
11228 $options[] = array(
11229 'pid' => $row['pid'],
11230 'pfile' => $row['pfile'],
11231 'oid' => $row['oid'],
11232 'value' => ( !$row['ovalue'] ) ? $row['odef'] : $row['ovalue'],
11233 'name' => $row['oname'],
11234 'description' => $row['odesc'],
11235 'type' => $row['otype'],
11236 'typeinfo' => $row['oextra'],
11237 'contextid' => $contextid,
11242 $manager->notify('PrePluginOptionsEdit',array('context' => $context, 'contextid' => $contextid, 'options'=>&$options));
11245 foreach ( $options as $option)
11248 if ( $iPrevPid != $option['pid'] )
11250 $iPrevPid = $option['pid'];
11251 if ( !defined('_PLUGIN_OPTIONS_TITLE') )
11253 define('_PLUGIN_OPTIONS_TITLE', 'Options for %s');
11256 echo '<th colspan="2">' . sprintf(_PLUGIN_OPTIONS_TITLE, Entity::hsc($option['pfile'])) . "</th>\n";
11260 $meta = NucleusPlugin::getOptionMeta($option['typeinfo']);
11261 if ( @$meta['access'] != 'hidden' )
11264 listplug_plugOptionRow($option);
11267 if ( !in_array(self::$action, self::$adminskin_actions) )
11269 $event_identifier = 'Skin';
11273 $event_identifier = 'AdminSkin';
11276 if ( !isValidShortName($skintype) )
11278 return _ERROR_SKIN_PARTS_SPECIAL_DELETE;
11282 'skinid' => $skinid,
11283 'skintype' => $skintype
11285 $manager->notify("PreDelete{$event_identifier}Part", $data);
11288 $query = 'DELETE FROM %s WHERE sdesc = %d AND stype = %s;';
11289 $query = sprintf($query, sql_table('skin'), (integer) $skinid, DB::quoteValue($skintype) );
11290 DB::execute($query);
11293 'skinid' => $skinid,
11294 'skintype' => $skintype
11296 $manager->notify("PostDelete{$event_identifier}Part", $data);
11302 * Admin::skinclone()
11304 * @param integer $skinid
11305 * @param string $handler
11308 static private function skinclone($skinid, $handler='')
11312 // 1. read skin to clone
11313 $skin =& $manager->getSkin($skinid, $handler);
11314 $name = "{$skin->getName()}_clone";
11316 // if a skin with that name already exists:
11317 if ( Skin::exists($name) )
11320 while ( Skin::exists($name . $i) )
11327 // 2. create skin desc
11328 $newid = Skin::createNew(
11330 $skin->getDescription(),
11331 $skin->getContentType(),
11332 $skin->getIncludeMode(),
11333 $skin->getIncludePrefix()
11337 $query = "SELECT stype FROM %s WHERE sdesc=%d;";
11338 $query = sprintf($query, sql_table('skin'), (integer) $skinid);
11340 $res = DB::getResult($query);
11341 foreach ( $res as $row )
11343 $content = $skin->getContentFromDB($row['stype']);
11346 $query = "INSERT INTO %s (sdesc, scontent, stype) VALUES (%d, %s, %s)";
11347 $query = sprintf($query, sql_table('skin'), (integer) $newid, DB::quoteValue($content), DB::quoteValue($row['stype']));
11348 DB::execute($query);
11349 >>>>>>> skinnable-master
11356 * Admin::skinieimport()
11358 * @param string $mode
11359 * @param string $skinFileRaw
11360 * @return string empty or message if failed
11362 static private function skinieimport($mode, $skinFileRaw)
11364 global $DIR_LIBS, $DIR_SKINS;
11366 // load skinie class
11367 include_once($DIR_LIBS . 'skinie.php');
11369 $importer = new SkinImport();
11371 // get full filename
11372 if ( $mode == 'file' )
11374 $skinFile = $DIR_SKINS . $skinFileRaw . '/skinbackup.xml';
11378 $skinFile = $skinFileRaw;
11381 // read only metadata
11382 $error = $importer->readFile($skinFile, 1);
11389 self::$contents['mode'] = $mode;
11390 self::$contents['skinfile'] = $skinFileRaw;
11391 self::$contents['skininfo'] = $importer->getInfo();
11392 self::$contents['skinnames'] = $importer->getSkinNames();
11393 self::$contents['tpltnames'] = $importer->getTemplateNames();
11396 $skinNameClashes = $importer->checkSkinNameClashes();
11397 $templateNameClashes = $importer->checkTemplateNameClashes();
11398 $hasNameClashes = (count($skinNameClashes) > 0) || (count($templateNameClashes) > 0);
11400 self::$contents['skinclashes'] = $skinNameClashes;
11401 self::$contents['tpltclashes'] = $templateNameClashes;
11402 self::$contents['nameclashes'] = $hasNameClashes ? 1 : 0;
11409 * Admin::skinieedoimport()
11411 * @param string $mode
11412 * @param string $skinFileRaw
11413 * @param boolean $allowOverwrite
11414 * @return string empty or message if failed
11416 static private function skiniedoimport($mode, $skinFileRaw, $allowOverwrite)
11418 global $DIR_LIBS, $DIR_SKINS;
11420 // load skinie class
11421 include_once($DIR_LIBS . 'skinie.php');
11423 $importer = new SkinImport();
11425 // get full filename
11426 if ( $mode == 'file' )
11428 $skinFile = $DIR_SKINS . $skinFileRaw . '/skinbackup.xml';
11432 $skinFile = $skinFileRaw;
11435 $error = $importer->readFile($skinFile);
11442 $error = $importer->writeToDatabase($allowOverwrite);
11449 self::$contents['mode'] = $mode;
11450 self::$contents['skinfile'] = $skinFileRaw;
11451 self::$contents['skininfo'] = $importer->getInfo();
11452 self::$contents['skinnames'] = $importer->getSkinNames();
11453 self::$contents['tpltnames'] = $importer->getTemplateNames();
11460 * Admin::skinieexport()
11462 * @param array $aSkins
11463 * @param array $aTemplates
11464 * @param string $info
11467 static private function skinieexport($aSkins, $aTemplates, $info)
11471 // load skinie class
11472 include_once($DIR_LIBS . 'skinie.php');
11474 if ( !is_array($aSkins) )
11479 if (!is_array($aTemplates))
11481 $aTemplates = array();
11484 $skinList = array_keys($aSkins);
11485 $templateList = array_keys($aTemplates);
11487 $exporter = new SkinExport();
11488 foreach ( $skinList as $skinId )
11490 $exporter->addSkin($skinId);
11492 foreach ( $templateList as $templateId )
11494 $exporter->addTemplate($templateId);
11496 $exporter->setInfo($info);
11497 $exporter->export();
11503 * Admin::action_parseSpecialskin()
11508 static private function action_parseSpecialskin()
11510 self::$skin->parse(self::$action);