3 * Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/)
\r
4 * Copyright (C) 2002-2012 The Nucleus Group
\r
6 * This program is free software; you can redistribute it and/or
\r
7 * modify it under the terms of the GNU General Public License
\r
8 * as published by the Free Software Foundation; either version 2
\r
9 * of the License, or (at your option) any later version.
\r
10 * (see nucleus/documentation/index.html#license for more info)
\r
13 * The code for the Nucleus admin area
\r
15 * @license http://nucleuscms.org/license.txt GNU General Public License
\r
16 * @copyright Copyright (C) 2002-2012 The Nucleus Group
\r
17 * @version $Id: ADMIN.php 1661 2012-02-12 11:55:39Z sakamocchi $
\r
20 if ( !function_exists('requestVar') ) exit;
\r
21 require_once dirname(__FILE__) . '/showlist.php';
\r
25 static private $xml_version_info = '1.0';
\r
26 static private $formal_public_identifier = '-//W3C//DTD XHTML 1.0 Strict//EN';
\r
27 static private $system_identifier = 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd';
\r
28 static private $xhtml_namespace = 'http://www.w3.org/1999/xhtml';
\r
30 static public $headMess;
\r
32 static private $action;
\r
33 static private $skin;
\r
34 static private $extrahead;
\r
35 static private $passvar;
\r
36 static private $aOptions;
\r
39 * Admin::$edit_actions
\r
41 static private $edit_actions = array(
\r
42 'adminskinoverview',
\r
43 'adminskinieoverview',
\r
44 'adminskinedittype',
\r
45 'adminskinremovetype',
\r
48 'adminskinieimport',
\r
49 'adminskiniedoimport',
\r
50 'admintemplateedit',
\r
51 'admintemplateoverview',
\r
52 'admintemplatedelete'
\r
56 * Admin::$skinless_actions
\r
58 static private $skinless_actions = array(
\r
59 'plugindeleteconfirm',
\r
60 'pluginoptionsupdate',
\r
61 'skinremovetypeconfirm',
\r
63 'skindeleteconfirm',
\r
69 'templatedeleteconfirm',
\r
72 'adminskinremovetypeconfirm',
\r
74 'adminskindeleteconfirm',
\r
76 'adminskineditgeneral',
\r
77 'adminskinieexport',
\r
79 'admintemplateupdate',
\r
80 'admintemplatedeleteconfirm',
\r
82 'admintemplateclone',
\r
83 'blogsettingsupdate',
\r
87 'itemdeleteconfirm',
\r
89 'changemembersettings',
\r
94 static private $actions_needless_to_check = array(
\r
104 'editmembersettings',
\r
106 'browseowncomments',
\r
120 'templateoverview',
\r
125 'banlistnewfromitem',
\r
147 static public function initialize()
\r
149 global $CONF, $DIR_LIBS;
\r
151 /* NOTE: 1. decide which skinid to use */
\r
152 $skinid = $CONF['AdminSkin'];
\r
154 * NOTE: this is temporary escaped because not implemented yet
\r
155 if (isset($member) && $member->isLoggedIn())
\r
157 $memskin = $member->getAdminSkin();
\r
160 $skinid = $memskin;
\r
165 /* NOTE: 2. make an instance of skin object */
\r
166 if ( !Skin::existsID($skinid) )
\r
171 /* NOTE: 3. initializing each members */
\r
172 self::$skin = new Skin($skinid, 'AdminActions', 'AdminSkin');
\r
173 self::$action = '';
\r
174 self::$extrahead = '';
\r
175 self::$passvar = '';
\r
176 self::$headMess = '';
\r
177 self::$aOptions = '';
\r
183 * Executes an action
\r
185 * @param string $action action to be performed
\r
188 static public function action($action)
\r
190 global $CONF, $DIR_LIBS, $manager, $member;
\r
192 /* 1. decide action name */
\r
193 $customAction = postvar('customaction');
\r
194 if ( !empty($customAction) )
\r
197 'login' => $customAction,
\r
198 '' => $customAction
\r
204 'login' => 'overview',
\r
208 if ( array_key_exists($action, $alias) && isset($alias[$action]) )
\r
210 $action = $alias[$action];
\r
212 $methodName = "action_{$action}";
\r
213 self::$action = strtolower($action);
\r
215 /* 2. check the action */
\r
216 $synonimActions = array(
\r
217 'banlistnewfromitem',
\r
221 $allowActions = array_merge($synonimActions, self::$skinless_actions);
\r
222 $aActionsNotToCheck = array_merge(self::$actions_needless_to_check, self::$edit_actions, $allowActions);
\r
223 if ( !in_array(self::$action, $aActionsNotToCheck) && !self::existsSkinContents($action) )
\r
225 if (!$manager->checkTicket())
\r
227 self::error(_ERROR_BADTICKET);
\r
231 /* 3. parse according to the action */
\r
232 if ( !method_exists('Admin', $methodName) && !in_array(self::$action, $allowActions) && self::existsSkinContents($action) )
\r
234 /* TODO: what is this?
\r
235 self::action_parseSpecialskin();
\r
238 elseif ( method_exists('Admin', $methodName) )
\r
240 call_user_func(array(__CLASS__, $methodName));
\r
242 else if ( self::existsSkinContents('adminerrorpage') )
\r
244 self::error(_BADACTION . ENTITY::hsc($action));
\r
246 elseif ( $id != $CONF['AdminSkin'] )
\r
248 self::$skin = new Skin($CONF['AdminSkin']);
\r
249 if ( self::$skin && self::existsSkinContents('adminerrorpage') )
\r
251 self::error(_BADACTION . ENTITY::hsc($action));
\r
256 self::error(_BADACTION . ENTITY::hsc($action));
\r
262 * Action::existsSkinContents()
\r
263 * Check skin contents
\r
265 * @param string $action action type
\r
268 static private function existsSkinContents($action)
\r
270 $in_array = in_array($action, self::$skinless_actions);
\r
278 $query = "SELECT scontent as result FROM %s WHERE sdesc=%d AND stype=%s";
\r
279 /* TODO: skinid should be a default */
\r
280 if ( !is_object(self::$skin) )
\r
283 return DB::getValue(sprintf($query, sql_table('skin'), $CONF['AdminSkin'], DB::quoteValue($action)));
\r
287 return DB::getValue(sprintf($query, sql_table('skin'), self::$skin->getID(), DB::quoteValue($action)));
\r
294 * Action::specialActionsAllow()
\r
295 * Check exists specialskinparts
\r
297 * @param string $action action type
\r
300 static private function specialActionsAllow($action)
\r
302 $query = "SELECT sdesc as result FROM %s WHERE sdesc = %d AND stype = %s";
\r
303 $query = sprintf($query, sql_table('skin'), (integer) self::$skin->id, DB::quoteValue($action));
\r
304 return DB::getValue($query);
\r
308 * Action::action_showlogin()
\r
313 static private function action_showlogin()
\r
316 self::action_login($error);
\r
321 * Action::action_login()
\r
323 * @param string $msg message for pageheader
\r
324 * @param integer $passvars ???
\r
326 static private function action_login($msg = '', $passvars = 1)
\r
330 // skip to overview when allowed
\r
331 if ( $member->isLoggedIn() && $member->canLogin() )
\r
333 self::action_overview();
\r
337 /* TODO: needless variable??? */
\r
338 self::$passvar = $passvars;
\r
341 self::$headMess = $msg;
\r
345 self::$skin->parse('showlogin');
\r
350 * Action::action_overview()
\r
351 * provides a screen with the overview of the actions available
\r
353 * @param string $msg message for pageheader
\r
356 static private function action_overview($msg = '')
\r
360 self::$headMess = $msg;
\r
364 self::$skin->parse('overview');
\r
370 * Admin::action_manage()
\r
372 * @param string $msg message for pageheader
\r
375 static private function action_manage($msg = '')
\r
381 self::$headMess = $msg;
\r
383 $member->isAdmin() or self::disallow();
\r
386 self::$skin->parse('manage');
\r
392 * Action::action_itemlist()
\r
394 * @param integer id for weblod
\r
397 static private function action_itemlist($blogid = '')
\r
399 global $member, $manager, $CONF;
\r
401 if ( $blogid == '' )
\r
403 $blogid = intRequestVar('blogid');
\r
406 $member->teamRights($blogid) or $member->isAdmin() or self::disallow();
\r
409 self::$skin->parse('itemlist');
\r
415 * Action::action_batchitem()
\r
420 static private function action_batchitem()
\r
422 global $member, $manager;
\r
424 $member->isLoggedIn() or self::disallow();
\r
426 $selected = requestIntArray('batch');
\r
427 $action = requestVar('batchaction');
\r
429 if ( !is_array($selected) || sizeof($selected) == 0 )
\r
431 self::error(_BATCH_NOSELECTION);
\r
434 // On move: when no destination blog/category chosen, show choice now
\r
435 $destCatid = intRequestVar('destcatid');
\r
436 if ( ($action == 'move') && (!$manager->existsCategory($destCatid)) )
\r
438 self::batchMoveSelectDestination('item', $selected);
\r
441 // On delete: check if confirmation has been given
\r
442 if ( ($action == 'delete') && (requestVar('confirmation') != 'yes') )
\r
444 self::batchAskDeleteConfirmation('item', $selected);
\r
448 self::$skin->parse('batchitem');
\r
454 * Action::action_batchcomment()
\r
459 static private function action_batchcomment()
\r
463 $member->isLoggedIn() or self::disallow();
\r
465 $selected = requestIntArray('batch');
\r
466 $action = requestVar('batchaction');
\r
468 // Show error when no items were selected
\r
469 if ( !is_array($selected) || sizeof($selected) == 0 )
\r
471 self::error(_BATCH_NOSELECTION);
\r
474 // On delete: check if confirmation has been given
\r
475 if ( ($action == 'delete') && (requestVar('confirmation') != 'yes') )
\r
477 self::batchAskDeleteConfirmation('comment', $selected);
\r
481 self::$skin->parse('batchcomment');
\r
487 * Admin::setAdminAction()
\r
489 * @param string $action
\r
492 static public function setAdminAction($action)
\r
494 self::$action = $action;
\r
499 * Admin::action_batchmember()
\r
504 static private function action_batchmember()
\r
508 ($member->isLoggedIn() && $member->isAdmin()) or self::disallow();
\r
510 $selected = requestIntArray('batch');
\r
511 $action = requestVar('batchaction');
\r
513 // Show error when no members selected
\r
514 if ( !is_array($selected) || sizeof($selected) == 0 )
\r
516 self::error(_BATCH_NOSELECTION);
\r
519 // On delete: check if confirmation has been given
\r
520 if ( ($action == 'delete') && (requestVar('confirmation') != 'yes') )
\r
522 self::batchAskDeleteConfirmation('member',$selected);
\r
526 self::$skin->parse('batchmember');
\r
532 * Admin::action_batchteam()
\r
537 static private function action_batchteam()
\r
541 $blogid = intRequestVar('blogid');
\r
543 ($member->isLoggedIn() && $member->blogAdminRights($blogid)) or self::disallow();
\r
545 $selected = requestIntArray('batch');
\r
546 $action = requestVar('batchaction');
\r
548 if ( !is_array($selected) || sizeof($selected) == 0 )
\r
550 self::error(_BATCH_NOSELECTION);
\r
553 // On delete: check if confirmation has been given
\r
554 if ( ($action == 'delete') && (requestVar('confirmation') != 'yes') )
\r
556 self::batchAskDeleteConfirmation('team',$selected);
\r
560 self::$skin->parse('batchteam');
\r
566 * Admin::action_batchcategory()
\r
571 static private function action_batchcategory()
\r
573 global $member, $manager;
\r
575 $member->isLoggedIn() or self::disallow();
\r
577 $selected = requestIntArray('batch');
\r
578 $action = requestVar('batchaction');
\r
580 if ( !is_array($selected) || sizeof($selected) == 0 )
\r
582 self::error(_BATCH_NOSELECTION);
\r
585 // On move: when no destination blog chosen, show choice now
\r
586 $destBlogId = intRequestVar('destblogid');
\r
587 if ( ($action == 'move') && (!$manager->existsBlogID($destBlogId)) )
\r
589 self::batchMoveCategorySelectDestination('category', $selected);
\r
592 // On delete: check if confirmation has been given
\r
593 if ( ($action == 'delete') && (requestVar('confirmation') != 'yes') )
\r
595 self::batchAskDeleteConfirmation('category', $selected);
\r
599 self::$skin->parse('batchcategory');
\r
605 * Admin::batchMoveSelectDestination()
\r
607 * @param string $type type of batch action
\r
608 * @param integer $ids needless???
\r
611 * TODO: remove needless argument
\r
613 static private function batchMoveSelectDestination($type, $ids)
\r
615 $_POST['batchmove'] = $type;
\r
617 self::$skin->parse('batchmove');
\r
623 * Admin::batchMoveCategorySelectDestination()
\r
625 * @param string $type type of batch action
\r
626 * @param integer $ids needless???
\r
629 * TODO: remove needless argument
\r
631 static private function batchMoveCategorySelectDestination($type, $ids)
\r
633 $_POST['batchmove'] = $type;
\r
636 self::$skin->parse('batchmovecat');
\r
642 * Admin::batchAskDeleteConfirmation()
\r
644 * @param string $type type of batch action
\r
645 * @param integer $ids needless???
\r
648 * TODO: remove needless argument
\r
650 static private function batchAskDeleteConfirmation($type, $ids)
\r
653 self::$skin->parse('batchdelete');
\r
659 * Admin::selectBlogCategory()
\r
660 * Inserts a HTML select element with choices for all categories to which the current
\r
661 * member has access
\r
663 * @see function selectBlog
\r
664 * @param string $name name of weblod
\r
665 * @param integer $selected
\r
666 * @param integer $tabindex
\r
667 * @param integer $showNewCat
\r
668 * @param integer $iForcedBlogInclude ID for weblog always included
\r
671 * NOTE: callback from AdminAction
\r
673 static public function selectBlogCategory($name, $selected = 0, $tabindex = 0, $showNewCat = 0, $iForcedBlogInclude = -1)
\r
675 Admin::selectBlog($name, 'category', $selected, $tabindex, $showNewCat, $iForcedBlogInclude);
\r
680 * Admin::selectBlog()
\r
681 * Inserts a HTML select element with choices for all blogs to which the user has access
\r
682 * mode = 'blog' => shows blognames and values are blogids
\r
683 * mode = 'category' => show category names and values are catids
\r
685 * @param string $name name of weblod
\r
686 * @param string $mode
\r
687 * @param integer $selected
\r
688 * @param integer $tabindex
\r
689 * @param integer $showNewCat
\r
690 * @param integer $iForcedBlogInclude ID for weblog always included
\r
691 * @param $iForcedBlogInclude
\r
692 * ID of a blog that always needs to be included, without checking if the
\r
693 * member is on the blog team (-1 = none)
\r
696 static public function selectBlog($name, $mode='blog', $selected = 0, $tabindex = 0, $showNewCat = 0, $iForcedBlogInclude = -1)
\r
698 global $member, $CONF;
\r
700 // 0. get IDs of blogs to which member can post items (+ forced blog)
\r
701 $aBlogIds = array();
\r
702 if ( $iForcedBlogInclude != -1 )
\r
704 $aBlogIds[] = intval($iForcedBlogInclude);
\r
707 if ( $member->isAdmin() && array_key_exists('ShowAllBlogs', $CONF) && $CONF['ShowAllBlogs'] )
\r
709 $query = "SELECT bnumber FROM %s ORDER BY bname;";
\r
710 $query = sprintf($query, sql_table('blog'));
\r
714 $query = "SELECT bnumber FROM %s, %s WHERE tblog=bnumber AND tmember=%d;";
\r
715 $query = sprintf($query, sql_table('blog'), sql_table('team'), (integer) $member->getID());
\r
718 $rblogids = DB::getResult($query);
\r
719 foreach ( $rblogids as $row )
\r
721 if ( $row['bnumber'] != $iForcedBlogInclude )
\r
723 $aBlogIds[] = intval($row['bnumber']);
\r
727 if ( count($aBlogIds) == 0 )
\r
732 /* TODO: we should consider to use the other way instead of this */
\r
733 $_REQUEST['selectData'] = array(
\r
735 'tabindex' => $tabindex,
\r
737 'selected' => $selected,
\r
738 'showNewCat' => $showNewCat,
\r
739 'aBlogIds' => $aBlogIds,
\r
741 self::$skin->parse('blogselectbox');
\r
746 * Admin::action_browseownitems()
\r
751 static private function action_browseownitems()
\r
753 global $member, $manager, $CONF;
\r
756 self::$skin->parse('browseownitems');
\r
762 * Admin::action_itemcommentlist()
\r
763 * Show all the comments for a given item
\r
765 * @param integer $itemid ID for item
\r
768 static private function action_itemcommentlist($itemid = '')
\r
770 global $member, $manager, $CONF;
\r
772 if ( $itemid == '' )
\r
774 $itemid = intRequestVar('itemid');
\r
777 /* TODO: we consider to use the other way insterad of this */
\r
778 $_REQUEST['itemid'] = $itemid;
\r
779 $_REQUEST['blogid'] = getBlogIdFromItemId($itemid);
\r
781 // only allow if user is allowed to alter item
\r
782 $member->canAlterItem($itemid) or self::disallow();
\r
784 $blogid = getBlogIdFromItemId($itemid);
\r
787 self::$skin->parse('itemcommentlist');
\r
793 * Admin::action_browseowncomments()
\r
794 * Browse own comments
\r
799 static private function action_browseowncomments()
\r
802 self::$skin->parse('browseowncomments');
\r
808 * Admin::action_blogcommentlist()
\r
809 * Browse all comments for a weblog
\r
811 * @param integer $blogid ID for weblog
\r
814 static private function action_blogcommentlist($blogid = '')
\r
816 global $member, $manager, $CONF;
\r
818 if ( $blogid == '' )
\r
820 $blogid = intRequestVar('blogid');
\r
824 $blogid = intval($blogid);
\r
827 $member->teamRights($blogid) or $member->isAdmin() or self::disallow();
\r
829 /* TODO: we consider to use the other way insterad of this */
\r
830 $_REQUEST['blogid'] = $blogid;
\r
833 self::$skin->parse('blogcommentlist');
\r
839 * Admin::action_createitem()
\r
840 * Provide a page to item a new item to the given blog
\r
845 static private function action_createitem()
\r
847 global $member, $manager;
\r
849 $blogid = intRequestVar('blogid');
\r
851 // check if allowed
\r
852 $member->teamRights($blogid) or self::disallow();
\r
854 $memberid = $member->getID();
\r
856 $blog =& $manager->getBlog($blogid);
\r
859 self::$skin->parse('createitem');
\r
865 * Admin::action_itemedit()
\r
870 static private function action_itemedit()
\r
872 global $member, $manager;
\r
874 $itemid = intRequestVar('itemid');
\r
876 // only allow if user is allowed to alter item
\r
877 $member->canAlterItem($itemid) or self::disallow();
\r
879 $itemid = intRequestVar('itemid');
\r
880 $blogid = getBlogIDFromItemID($itemid);
\r
881 $item =& $manager->getItem($itemid, 1, 1);
\r
883 'PrepareItemForEdit',
\r
890 self::$skin->parse('itemedit');
\r
896 * Admin::action_itemupdate()
\r
901 static private function action_itemupdate()
\r
903 global $member, $manager, $CONF;
\r
905 $itemid = intRequestVar('itemid');
\r
906 $catid = postVar('catid');
\r
908 // only allow if user is allowed to alter item
\r
909 $member->canUpdateItem($itemid, $catid) or self::disallow();
\r
911 $actiontype = postVar('actiontype');
\r
913 // delete actions are handled by itemdelete (which has confirmation)
\r
914 if ( $actiontype == 'delete' )
\r
916 self::action_itemdelete();
\r
920 $body = postVar('body');
\r
921 $title = postVar('title');
\r
922 $more = postVar('more');
\r
923 $closed = intPostVar('closed');
\r
924 $draftid = intPostVar('draftid');
\r
926 // default action = add now
\r
927 if ( !$actiontype )
\r
929 $actiontype='addnow';
\r
932 // create new category if needed
\r
933 if ( i18n::strpos($catid,'newcat') === 0 )
\r
936 list($blogid) = sscanf($catid,"newcat-%d");
\r
939 $blog =& $manager->getBlog($blogid);
\r
940 $catid = $blog->createNewCategory();
\r
942 // show error when sth goes wrong
\r
945 self::doError(_ERROR_CATCREATEFAIL);
\r
950 set some variables based on actiontype
\r
953 draft items -> addnow, addfuture, adddraft, delete
\r
954 non-draft items -> edit, changedate, delete
\r
957 $timestamp: set to a nonzero value for future dates or date changes
\r
958 $wasdraft: set to 1 when the item used to be a draft item
\r
959 $publish: set to 1 when the edited item is not a draft
\r
961 $blogid = getBlogIDFromItemID($itemid);
\r
962 $blog =& $manager->getBlog($blogid);
\r
964 $wasdrafts = array('adddraft', 'addfuture', 'addnow');
\r
965 $wasdraft = in_array($actiontype, $wasdrafts) ? 1 : 0;
\r
966 $publish = ($actiontype != 'adddraft' && $actiontype != 'backtodrafts') ? 1 : 0;
\r
967 if ( $actiontype == 'addfuture' || $actiontype == 'changedate' )
\r
969 $timestamp = mktime(intPostVar('hour'), intPostVar('minutes'), 0, intPostVar('month'), intPostVar('day'), intPostVar('year'));
\r
976 // edit the item for real
\r
977 Item::update($itemid, $catid, $title, $body, $more, $closed, $wasdraft, $publish, $timestamp);
\r
979 self::updateFuturePosted($blogid);
\r
981 if ( $draftid > 0 )
\r
983 // delete permission is checked inside Item::delete()
\r
984 Item::delete($draftid);
\r
987 if ( $catid != intPostVar('catid') )
\r
989 self::action_categoryedit(
\r
992 $CONF['AdminURL'] . 'index.php?action=itemlist&blogid=' . getBlogIDFromItemID($itemid)
\r
997 // TODO: set start item correctly for itemlist
\r
998 $item = Item::getItem($itemid, 0, 0);
\r
999 $query = "SELECT COUNT(*) FROM %s WHERE unix_timestamp(itime) <= '%s';";
\r
1000 $query = sprintf($query, sql_table('item'), $item['timestamp']);
\r
1001 $cnt = DB::getValue($query);
\r
1002 $_REQUEST['start'] = $cnt + 1;
\r
1003 self::action_itemlist(getBlogIDFromItemID($itemid));
\r
1009 * Admin::action_itemdelete()
\r
1015 static private function action_itemdelete()
\r
1017 global $member, $manager;
\r
1019 $itemid = intRequestVar('itemid');
\r
1021 // only allow if user is allowed to alter item
\r
1022 $member->canAlterItem($itemid) or self::disallow();
\r
1024 if ( !$manager->existsItem($itemid,1,1) )
\r
1026 self::error(_ERROR_NOSUCHITEM);
\r
1030 self::$skin->parse('itemdelete');
\r
1036 * Admin::action_itemdeleteconfirm()
\r
1041 static private function action_itemdeleteconfirm()
\r
1045 $itemid = intRequestVar('itemid');
\r
1047 // only allow if user is allowed to alter item
\r
1048 $member->canAlterItem($itemid) or self::disallow();
\r
1050 // get blogid first
\r
1051 $blogid = getBlogIdFromItemId($itemid);
\r
1053 // delete item (note: some checks will be performed twice)
\r
1054 self::deleteOneItem($itemid);
\r
1056 self::action_itemlist($blogid);
\r
1061 * Admin::deleteOneItem()
\r
1062 * Deletes one item and returns error if something goes wrong
\r
1064 * @param integer $itemid ID for item
\r
1067 static public function deleteOneItem($itemid)
\r
1069 global $member, $manager;
\r
1071 // only allow if user is allowed to alter item (also checks if itemid exists)
\r
1072 if ( !$member->canAlterItem($itemid) )
\r
1074 return _ERROR_DISALLOWED;
\r
1077 // need to get blogid before the item is deleted
\r
1078 $blogid = getBlogIDFromItemId($itemid);
\r
1080 $manager->loadClass('ITEM');
\r
1081 Item::delete($itemid);
\r
1083 // update blog's futureposted
\r
1084 self::updateFuturePosted($blogid);
\r
1089 * Admin::updateFuturePosted()
\r
1090 * Update a blog's future posted flag
\r
1092 * @param integer $blogid
\r
1095 static private function updateFuturePosted($blogid)
\r
1099 $blogid = intval($blogid);
\r
1100 $blog =& $manager->getBlog($blogid);
\r
1101 $currenttime = $blog->getCorrectTime(time());
\r
1103 $query = "SELECT * FROM %s WHERE iblog=%d AND iposted=0 AND itime>'%s'";
\r
1104 $query = sprintf($query, sql_table('item'), (integer) $blogid, i18n::formatted_datetime('mysql', $currenttime));
\r
1105 $result = DB::getResult($query);
\r
1107 if ( $result->rowCount() > 0 )
\r
1109 $blog->setFuturePost();
\r
1113 $blog->clearFuturePost();
\r
1119 * Admin::action_itemmove()
\r
1124 static private function action_itemmove()
\r
1126 global $member, $manager;
\r
1128 $itemid = intRequestVar('itemid');
\r
1130 $member->canAlterItem($itemid) or self::disallow();
\r
1133 self::$skin->parse('itemmove');
\r
1139 * Admin::action_itemmoveto()
\r
1144 static private function action_itemmoveto()
\r
1146 global $member, $manager;
\r
1148 $itemid = intRequestVar('itemid');
\r
1149 $catid = requestVar('catid');
\r
1151 // create new category if needed
\r
1152 if ( i18n::strpos($catid,'newcat') === 0 )
\r
1155 list($blogid) = sscanf($catid,'newcat-%d');
\r
1158 $blog =& $manager->getBlog($blogid);
\r
1159 $catid = $blog->createNewCategory();
\r
1161 // show error when sth goes wrong
\r
1164 self::doError(_ERROR_CATCREATEFAIL);
\r
1168 // only allow if user is allowed to alter item
\r
1169 $member->canUpdateItem($itemid, $catid) or self::disallow();
\r
1171 $old_blogid = getBlogIDFromItemId($itemid);
\r
1173 Item::move($itemid, $catid);
\r
1175 // set the futurePosted flag on the blog
\r
1176 self::updateFuturePosted(getBlogIDFromItemId($itemid));
\r
1178 // reset the futurePosted in case the item is moved from one blog to another
\r
1179 self::updateFuturePosted($old_blogid);
\r
1181 if ( $catid != intRequestVar('catid') )
\r
1183 self::action_categoryedit($catid, $blog->getID());
\r
1187 self::action_itemlist(getBlogIDFromCatID($catid));
\r
1193 * Admin::moveOneItem()
\r
1194 * Moves one item to a given category (category existance should be checked by caller)
\r
1195 * errors are returned
\r
1197 * @param integer $itemid ID for item
\r
1198 * @param integer $destCatid ID for category to which the item will be moved
\r
1201 static private function moveOneItem($itemid, $destCatid)
\r
1205 // only allow if user is allowed to move item
\r
1206 if ( !$member->canUpdateItem($itemid, $destCatid) )
\r
1208 return _ERROR_DISALLOWED;
\r
1211 Item::move($itemid, $destCatid);
\r
1216 * Admin::action_additem()
\r
1217 * Adds a item to the chosen blog
\r
1222 static private function action_additem()
\r
1224 global $manager, $CONF;
\r
1226 $manager->loadClass('ITEM');
\r
1228 $result = Item::createFromRequest();
\r
1230 if ( $result['status'] == 'error' )
\r
1232 self::error($result['message']);
\r
1235 $itemid = (integer) $result['itemid'];
\r
1237 $blogid = (integer) getBlogIDFromItemID($itemid);
\r
1239 if ( $result['status'] == 'newcategory' )
\r
1241 $distURI = $manager->addTicketToUrl($CONF['AdminURL'] . 'index.php?action=itemList&blogid=' . $blogid);
\r
1242 self::action_categoryedit($result['catid'], $blogid, $distURI);
\r
1246 $methodName = 'action_itemlist';
\r
1247 self::action_itemlist($blogid);
\r
1253 * Admin::action_commentedit()
\r
1254 * Allows to edit previously made comments
\r
1259 static private function action_commentedit()
\r
1261 global $member, $manager;
\r
1263 $commentid = intRequestVar('commentid');
\r
1265 $member->canAlterComment($commentid) or self::disallow();
\r
1268 self::$skin->parse('commentedit');
\r
1274 * Admin::action_commentupdate()
\r
1279 static private function action_commentupdate()
\r
1281 global $member, $manager;
\r
1283 $commentid = intRequestVar('commentid');
\r
1285 $member->canAlterComment($commentid) or self::disallow();
\r
1287 $url = postVar('url');
\r
1288 $email = postVar('email');
\r
1289 $body = postVar('body');
\r
1291 // intercept words that are too long
\r
1292 if (preg_match('#[a-zA-Z0-9|\.,;:!\?=\/\\\\]{90,90}#', $body) != FALSE)
\r
1294 self::error(_ERROR_COMMENT_LONGWORD);
\r
1298 if ( i18n::strlen($body) < 3 )
\r
1300 self::error(_ERROR_COMMENT_NOCOMMENT);
\r
1303 if ( i18n::strlen($body) > 5000 )
\r
1305 self::error(_ERROR_COMMENT_TOOLONG);
\r
1309 $body = Comment::prepareBody($body);
\r
1315 $manager->notify('PreUpdateComment', $data);
\r
1317 $query = "UPDATE %s SET cmail=%s, cemail=%s, cbody=%s WHERE cnumber=%d;";
\r
1318 $query = sprintf($query, sql_table('comment'), DB::quoteValue($url), DB::quoteValue($email), DB::quoteValue($body), (integer) $commentid);
\r
1319 DB::execute($query);
\r
1322 $query = "SELECT citem FROM %s WHERE cnumber=%d;";
\r
1323 $query = sprintf($query, sql_table('comment'), (integer) $commentid);
\r
1325 $itemid = DB::getValue($query);
\r
1327 if ( $member->canAlterItem($itemid) )
\r
1329 self::action_itemcommentlist($itemid);
\r
1333 self::action_browseowncomments();
\r
1339 * Admin::action_commentdelete()
\r
1345 static private function action_commentdelete()
\r
1347 global $member, $manager;
\r
1349 $commentid = intRequestVar('commentid');
\r
1350 $member->canAlterComment($commentid) or self::disallow();
\r
1353 self::$skin->parse('commentdelete');
\r
1359 * Admin::action_commentdeleteconfirm()
\r
1364 static private function action_commentdeleteconfirm()
\r
1368 $commentid = intRequestVar('commentid');
\r
1370 // get item id first
\r
1371 $query = "SELECT citem FROM %s WHERE cnumber=%d;";
\r
1372 $query = sprintf($query, sql_table('comment'), (integer) $commentid);
\r
1374 $itemid = DB::getValue($query);
\r
1376 $error = self::deleteOneComment($commentid);
\r
1379 self::doError($error);
\r
1382 if ( $member->canAlterItem($itemid) )
\r
1384 self::action_itemcommentlist($itemid);
\r
1388 self::action_browseowncomments();
\r
1394 * Admin::deleteOneComment()
\r
1396 * @param integer $commentid ID for comment
\r
1399 static public function deleteOneComment($commentid)
\r
1401 global $member, $manager;
\r
1403 $commentid = (integer) $commentid;
\r
1405 if ( !$member->canAlterComment($commentid) )
\r
1407 return _ERROR_DISALLOWED;
\r
1411 'commentid' => $commentid
\r
1414 $manager->notify('PreDeleteComment', $data);
\r
1416 // delete the comments associated with the item
\r
1417 $query = "DELETE FROM %s WHERE cnumber=%d;";
\r
1418 $query = sprintf($query, sql_table('comment'), (integer) $commentid);
\r
1419 DB::execute($query);
\r
1422 'commentid' => $commentid
\r
1425 $manager->notify('PostDeleteComment', $data);
\r
1431 * Admin::action_usermanagement()
\r
1432 * Usermanagement main
\r
1437 static private function action_usermanagement()
\r
1439 global $member, $manager;
\r
1441 // check if allowed
\r
1442 $member->isAdmin() or self::disallow();
\r
1445 self::$skin->parse('usermanagement');
\r
1451 * Admin::action_memberedit()
\r
1452 * Edit member settings
\r
1457 static private function action_memberedit()
\r
1459 self::action_editmembersettings(intRequestVar('memberid'));
\r
1464 * Admin::action_editmembersettings()
\r
1466 * @param integer $memberid ID for member
\r
1470 static private function action_editmembersettings($memberid = '')
\r
1472 global $member, $manager, $CONF;
\r
1474 if ( $memberid == '' )
\r
1476 $memberid = $member->getID();
\r
1479 /* TODO: we should consider to use the other way insterad of this */
\r
1480 $_REQUEST['memberid'] = $memberid;
\r
1482 // check if allowed
\r
1483 ($member->getID() == $memberid) or $member->isAdmin() or self::disallow();
\r
1485 $extrahead = '<script type="text/javascript" src="javascript/numbercheck.js"></script>';
\r
1486 self::pagehead($extrahead);
\r
1487 self::$skin->parse('editmembersettings');
\r
1493 * Admin::action_changemembersettings()
\r
1498 static private function action_changemembersettings()
\r
1500 global $member, $CONF, $manager;
\r
1502 $memberid = intRequestVar('memberid');
\r
1504 // check if allowed
\r
1505 ($member->getID() == $memberid) or $member->isAdmin() or self::disallow();
\r
1507 $name = trim(strip_tags(postVar('name')));
\r
1508 $realname = trim(strip_tags(postVar('realname')));
\r
1509 $password = postVar('password');
\r
1510 $repeatpassword = postVar('repeatpassword');
\r
1511 $email = strip_tags(postVar('email'));
\r
1512 $url = strip_tags(postVar('url'));
\r
1513 $adminskin = intPostVar('adminskin');
\r
1515 // begin if: sometimes user didn't prefix the URL with http:// or https://, this cause a malformed URL. Let's fix it.
\r
1516 if ( !preg_match('#^https?://#', $url) )
\r
1518 $url = 'http://' . $url;
\r
1521 $admin = postVar('admin');
\r
1522 $canlogin = postVar('canlogin');
\r
1523 $notes = strip_tags(postVar('notes'));
\r
1524 $locale = postVar('locale');
\r
1526 $mem = Member::createFromID($memberid);
\r
1528 if ( $CONF['AllowLoginEdit'] || $member->isAdmin() )
\r
1530 if ( !isValidDisplayName($name) )
\r
1532 self::error(_ERROR_BADNAME);
\r
1535 if ( ($name != $mem->getDisplayName()) && Member::exists($name) )
\r
1537 self::error(_ERROR_NICKNAMEINUSE);
\r
1540 if ( $password != $repeatpassword )
\r
1542 self::error(_ERROR_PASSWORDMISMATCH);
\r
1545 if ( $password && (i18n::strlen($password) < 6) )
\r
1547 self::error(_ERROR_PASSWORDTOOSHORT);
\r
1556 'password' => $password,
\r
1557 'errormessage' => &$pwderror,
\r
1558 'valid' => &$pwdvalid
\r
1560 $manager->notify('PrePasswordSet', $data);
\r
1564 self::error($pwderror);
\r
1569 if ( !NOTIFICATION::address_validation($email) )
\r
1571 self::error(_ERROR_BADMAILADDRESS);
\r
1575 self::error(_ERROR_REALNAMEMISSING);
\r
1577 if ( ($locale != '') && (!in_array($locale, i18n::get_available_locale_list())) )
\r
1579 self::error(_ERROR_NOSUCHTRANSLATION);
\r
1582 // check if there will remain at least one site member with both the logon and admin rights
\r
1583 // (check occurs when taking away one of these rights from such a member)
\r
1584 if ( (!$admin && $mem->isAdmin() && $mem->canLogin())
\r
1585 || (!$canlogin && $mem->isAdmin() && $mem->canLogin())
\r
1588 $r = DB::getResult('SELECT * FROM '.sql_table('member').' WHERE madmin=1 and mcanlogin=1');
\r
1589 if ( $r->rowCount() < 2 )
\r
1591 self::error(_ERROR_ATLEASTONEADMIN);
\r
1595 if ( $CONF['AllowLoginEdit'] || $member->isAdmin() )
\r
1597 $mem->setDisplayName($name);
\r
1600 $mem->setPassword($password);
\r
1604 $oldEmail = $mem->getEmail();
\r
1606 $mem->setRealName($realname);
\r
1607 $mem->setEmail($email);
\r
1608 $mem->setURL($url);
\r
1609 $mem->setNotes($notes);
\r
1610 $mem->setLocale($locale);
\r
1612 // only allow super-admins to make changes to the admin status
\r
1613 if ( $member->isAdmin() )
\r
1615 $mem->setAdmin($admin);
\r
1616 $mem->setCanLogin($canlogin);
\r
1619 $autosave = postVar('autosave');
\r
1620 $mem->setAutosave($autosave);
\r
1624 // store plugin options
\r
1625 $aOptions = requestArray('plugoption');
\r
1626 NucleusPlugin::apply_plugin_options($aOptions);
\r
1628 'context' => 'member',
\r
1629 'memberid' => $memberid,
\r
1632 $manager->notify('PostPluginOptionsUpdate', $data);
\r
1634 // if email changed, generate new password
\r
1635 if ( $oldEmail != $mem->getEmail() )
\r
1637 $mem->sendActivationLink('addresschange', $oldEmail);
\r
1639 $mem->newCookieKey();
\r
1641 // only log out if the member being edited is the current member.
\r
1642 if ( $member->getID() == $memberid )
\r
1644 $member->logout();
\r
1646 self::action_login(_MSG_ACTIVATION_SENT, 0);
\r
1650 if ( ($mem->getID() == $member->getID())
\r
1651 && ($mem->getDisplayName() != $member->getDisplayName()) )
\r
1653 $mem->newCookieKey();
\r
1654 $member->logout();
\r
1655 self::action_login(_MSG_LOGINAGAIN, 0);
\r
1659 self::action_overview(_MSG_SETTINGSCHANGED);
\r
1665 * Admin::action_memberadd()
\r
1671 static private function action_memberadd()
\r
1673 global $member, $manager;
\r
1675 // check if allowed
\r
1676 $member->isAdmin() or self::disallow();
\r
1678 if ( postVar('password') != postVar('repeatpassword') )
\r
1680 self::error(_ERROR_PASSWORDMISMATCH);
\r
1683 if ( i18n::strlen(postVar('password')) < 6 )
\r
1685 self::error(_ERROR_PASSWORDTOOSHORT);
\r
1688 $res = Member::create(
\r
1690 postVar('realname'),
\r
1691 postVar('password'),
\r
1695 postVar('canlogin'),
\r
1701 self::error($res);
\r
1704 // fire PostRegister event
\r
1705 $newmem = new Member();
\r
1706 $newmem->readFromName(postVar('name'));
\r
1708 'member' => &$newmem
\r
1710 $manager->notify('PostRegister', $data);
\r
1712 self::action_usermanagement();
\r
1717 * Admin::action_activate()
\r
1718 * Account activation
\r
1723 static private function action_activate()
\r
1725 $key = getVar('key');
\r
1726 self::showActivationPage($key);
\r
1731 * Admin::showActivationPage()
\r
1736 static private function showActivationPage($key, $message = '')
\r
1740 // clean up old activation keys
\r
1741 Member::cleanupActivationTable();
\r
1743 // get activation info
\r
1744 $info = Member::getActivationInfo($key);
\r
1748 self::error(_ERROR_ACTIVATE);
\r
1751 $mem = Member::createFromId($info->vmember);
\r
1755 self::error(_ERROR_ACTIVATE);
\r
1758 /* TODO: we should consider to use the other way insterad of this */
\r
1759 $_POST['ackey'] = $key;
\r
1760 $_POST['bNeedsPasswordChange'] = TRUE;
\r
1762 self::$headMess = $message;
\r
1764 self::$skin->parse('activate');
\r
1770 * Admin::action_activatesetpwd()
\r
1771 * Account activation - set password part
\r
1776 static private function action_activatesetpwd()
\r
1779 $key = postVar('key');
\r
1781 // clean up old activation keys
\r
1782 Member::cleanupActivationTable();
\r
1784 // get activation info
\r
1785 $info = Member::getActivationInfo($key);
\r
1787 if ( !$info || ($info->type == 'addresschange') )
\r
1789 return self::showActivationPage($key, _ERROR_ACTIVATE);
\r
1792 $mem = Member::createFromId($info->vmember);
\r
1796 return self::showActivationPage($key, _ERROR_ACTIVATE);
\r
1799 $password = postVar('password');
\r
1800 $repeatpassword = postVar('repeatpassword');
\r
1802 if ( $password != $repeatpassword )
\r
1804 return self::showActivationPage($key, _ERROR_PASSWORDMISMATCH);
\r
1807 if ( $password && (i18n::strlen($password) < 6) )
\r
1809 return self::showActivationPage($key, _ERROR_PASSWORDTOOSHORT);
\r
1818 'password' => $password,
\r
1819 'errormessage' => &$pwderror,
\r
1820 'valid' => &$pwdvalid
\r
1822 $manager->notify('PrePasswordSet', $data);
\r
1825 return self::showActivationPage($key,$pwderror);
\r
1832 'type' => 'activation',
\r
1834 'error' => &$error
\r
1836 $manager->notify('ValidateForm', $data);
\r
1837 if ( $error != '' )
\r
1839 return self::showActivationPage($key, $error);
\r
1843 $mem->setPassword($password);
\r
1846 // do the activation
\r
1847 Member::activate($key);
\r
1850 self::$skin->parse('activatesetpwd');
\r
1856 * Admin::action_manageteam()
\r
1862 static private function action_manageteam()
\r
1864 global $member, $manager;
\r
1866 $blogid = intRequestVar('blogid');
\r
1868 // check if allowed
\r
1869 $member->blogAdminRights($blogid) or self::disallow();
\r
1872 self::$skin->parse('manageteam');
\r
1878 * Admin::action_teamaddmember()
\r
1879 * Add member to team
\r
1884 static private function action_teamaddmember()
\r
1886 global $member, $manager;
\r
1888 $memberid = intPostVar('memberid');
\r
1889 $blogid = intPostVar('blogid');
\r
1890 $admin = intPostVar('admin');
\r
1892 // check if allowed
\r
1893 $member->blogAdminRights($blogid) or self::disallow();
\r
1895 $blog =& $manager->getBlog($blogid);
\r
1896 if ( !$blog->addTeamMember($memberid, $admin) )
\r
1898 self::error(_ERROR_ALREADYONTEAM);
\r
1901 self::action_manageteam();
\r
1906 * Admin::action_teamdelete()
\r
1911 static private function action_teamdelete()
\r
1913 global $member, $manager;
\r
1915 $memberid = intRequestVar('memberid');
\r
1916 $blogid = intRequestVar('blogid');
\r
1918 // check if allowed
\r
1919 $member->blogAdminRights($blogid) or self::disallow();
\r
1921 $teammem = Member::createFromID($memberid);
\r
1922 $blog =& $manager->getBlog($blogid);
\r
1925 self::$skin->parse('teamdelete');
\r
1931 * Admin::action_teamdeleteconfirm()
\r
1936 static private function action_teamdeleteconfirm()
\r
1940 $memberid = intRequestVar('memberid');
\r
1941 $blogid = intRequestVar('blogid');
\r
1943 $error = self::deleteOneTeamMember($blogid, $memberid);
\r
1946 self::error($error);
\r
1948 self::action_manageteam();
\r
1953 * Admin::deleteOneTeamMember()
\r
1958 static public function deleteOneTeamMember($blogid, $memberid)
\r
1960 global $member, $manager;
\r
1962 $blogid = intval($blogid);
\r
1963 $memberid = intval($memberid);
\r
1965 // check if allowed
\r
1966 if ( !$member->blogAdminRights($blogid) )
\r
1968 return _ERROR_DISALLOWED;
\r
1971 // check if: - there remains at least one blog admin
\r
1972 // - (there remains at least one team member)
\r
1973 $tmem = Member::createFromID($memberid);
\r
1977 'member' => &$tmem,
\r
1978 'blogid' => $blogid
\r
1979 );
\r $manager->notify('PreDeleteTeamMember', $data);
\r
1981 if ( $tmem->isBlogAdmin($blogid) )
\r
1983 /* TODO: why we did double check? */
\r
1984 // check if there are more blog members left and at least one admin
\r
1985 // (check for at least two admins before deletion)
\r
1986 $query = "SELECT * FROM %s WHERE tblog=%d and tadmin=1;";
\r
1987 $query = sprintf($query, sql_table('team'), (integer) $blogid);
\r
1988 $r = DB::getResult($query);
\r
1989 if ( $r->rowCount() < 2 )
\r
1991 return _ERROR_ATLEASTONEBLOGADMIN;
\r
1995 $query = "DELETE FROM %s WHERE tblog=%d AND tmember=%d;";
\r
1996 $query = sprintf($query, sql_table('team'), (integer) $blogid, (integer) $memberid);
\r
1997 DB::execute($query);
\r
2000 'member' => &$tmem,
\r
2001 'blogid' => $blogid
\r
2003 $manager->notify('PostDeleteTeamMember', $data);
\r
2009 * Admin::action_teamchangeadmin()
\r
2014 static private function action_teamchangeadmin()
\r
2018 $blogid = intRequestVar('blogid');
\r
2019 $memberid = intRequestVar('memberid');
\r
2021 // check if allowed
\r
2022 $member->blogAdminRights($blogid) or self::disallow();
\r
2024 $mem = Member::createFromID($memberid);
\r
2026 // don't allow when there is only one admin at this moment
\r
2027 if ( $mem->isBlogAdmin($blogid) )
\r
2029 $query = "SELECT * FROM %s WHERE tblog=%d AND tadmin=1;";
\r
2030 $query = sprintf($query, sql_table('team'), (integer) $blogid);
\r
2031 $r = DB::getResult($query);
\r
2032 if ( $r->rowCount() == 1 )
\r
2034 self::error(_ERROR_ATLEASTONEBLOGADMIN);
\r
2038 if ( $mem->isBlogAdmin($blogid) )
\r
2047 $query = "UPDATE %s SET tadmin=%d WHERE tblog=%d and tmember=%d;";
\r
2048 $query = sprintf($query, (integer) $blogid, (integer) $newval, (integer) $blogid, (integer) $memberid);
\r
2049 DB::execute($query);
\r
2051 // only show manageteam if member did not change its own admin privileges
\r
2052 if ( $member->isBlogAdmin($blogid) )
\r
2054 self::action_manageteam();
\r
2058 self::action_overview(_MSG_ADMINCHANGED);
\r
2064 * Admin::action_blogsettings()
\r
2069 static private function action_blogsettings()
\r
2071 global $member, $manager;
\r
2073 $blogid = intRequestVar('blogid');
\r
2075 // check if allowed
\r
2076 $member->blogAdminRights($blogid) or self::disallow();
\r
2078 $blog =& $manager->getBlog($blogid);
\r
2080 $extrahead = '<script type="text/javascript" src="javascript/numbercheck.js"></script>';
\r
2081 self::pagehead($extrahead);
\r
2082 self::$skin->parse('blogsettings');
\r
2088 * Admin::action_categorynew()
\r
2093 static private function action_categorynew()
\r
2095 global $member, $manager;
\r
2097 $blogid = intRequestVar('blogid');
\r
2099 $member->blogAdminRights($blogid) or self::disallow();
\r
2101 $cname = postVar('cname');
\r
2102 $cdesc = postVar('cdesc');
\r
2104 if ( !isValidCategoryName($cname) )
\r
2106 self::error(_ERROR_BADCATEGORYNAME);
\r
2109 $query = "SELECT * FROM %s WHERE cname=%s AND cblog=%d;";
\r
2110 $query = sprintf($query, sql_table('category'), DB::quoteValue($cname), (integer) $blogid);
\r
2111 $res = DB::getResult($query);
\r
2112 if ( $res->rowCount() > 0 )
\r
2114 self::error(_ERROR_DUPCATEGORYNAME);
\r
2117 $blog =& $manager->getBlog($blogid);
\r
2118 $newCatID = $blog->createNewCategory($cname, $cdesc);
\r
2120 self::action_blogsettings();
\r
2125 * Admin::action_categoryedit()
\r
2130 static private function action_categoryedit($catid = '', $blogid = '', $desturl = '')
\r
2132 global $member, $manager;
\r
2134 if ( $blogid == '' )
\r
2136 $blogid = intGetVar('blogid');
\r
2140 $blogid = intval($blogid);
\r
2142 if ( $catid == '' )
\r
2144 $catid = intGetVar('catid');
\r
2148 $catid = intval($catid);
\r
2151 /* TODO: we should consider to use the other way insterad of this */
\r
2152 $_REQUEST['blogid'] = $blogid;
\r
2153 $_REQUEST['catid'] = $catid;
\r
2154 $_REQUEST['desturl'] = $desturl;
\r
2155 $member->blogAdminRights($blogid) or self::disallow();
\r
2157 $extrahead = '<script type="text/javascript" src="javascript/numbercheck.js"></script>';
\r
2158 self::pagehead($extrahead);
\r
2159 self::$skin->parse('categoryedit');
\r
2165 * Admin::action_categoryupdate()
\r
2170 static private function action_categoryupdate()
\r
2172 global $member, $manager;
\r
2174 $blogid = intPostVar('blogid');
\r
2175 $catid = intPostVar('catid');
\r
2176 $cname = postVar('cname');
\r
2177 $cdesc = postVar('cdesc');
\r
2178 $desturl = postVar('desturl');
\r
2180 $member->blogAdminRights($blogid) or self::disallow();
\r
2182 if ( !isValidCategoryName($cname) )
\r
2184 self::error(_ERROR_BADCATEGORYNAME);
\r
2187 $query = "SELECT * FROM %s WHERE cname=%s AND cblog=%d AND not(catid=%d);";
\r
2188 $query = sprintf($query, sql_table('category'), DB::quoteValue($cname), (integer) $blogid, (integer) $catid);
\r
2189 $res = DB::getResult($query);
\r
2190 if ( $res->rowCount() > 0 )
\r
2192 self::error(_ERROR_DUPCATEGORYNAME);
\r
2195 $query = "UPDATE %s SET cname=%s, cdesc=%s WHERE catid=%d;";
\r
2196 $query = sprintf($query, sql_table('category'), DB::quoteValue($cname), DB::quoteValue($cdesc), (integer) $catid);
\r
2197 DB::execute($query);
\r
2199 // store plugin options
\r
2200 $aOptions = requestArray('plugoption');
\r
2201 NucleusPlugin::apply_plugin_options($aOptions);
\r
2203 'context' => 'category',
\r
2206 $manager->notify('PostPluginOptionsUpdate', $data);
\r
2210 redirect($desturl);
\r
2215 self::action_blogsettings();
\r
2221 * Admin::action_categorydelete()
\r
2226 static private function action_categorydelete()
\r
2228 global $member, $manager;
\r
2230 $blogid = intRequestVar('blogid');
\r
2231 $catid = intRequestVar('catid');
\r
2233 $member->blogAdminRights($blogid) or self::disallow();
\r
2235 $blog =& $manager->getBlog($blogid);
\r
2237 // check if the category is valid
\r
2238 if ( !$blog->isValidCategory($catid) )
\r
2240 self::error(_ERROR_NOSUCHCATEGORY);
\r
2243 // don't allow deletion of default category
\r
2244 if ( $blog->getDefaultCategory() == $catid )
\r
2246 self::error(_ERROR_DELETEDEFCATEGORY);
\r
2249 // check if catid is the only category left for blogid
\r
2250 $query = "SELECT catid FROM %s WHERE cblog=%d;";
\r
2251 $query = sprintf($query, sql_table('category'), $blogid);
\r
2252 $res = DB::getResult($query);
\r
2253 if ( $res->rowCount() == 1 )
\r
2255 self::error(_ERROR_DELETELASTCATEGORY);
\r
2259 self::$skin->parse('categorydelete');
\r
2265 * Admin::action_categorydeleteconfirm()
\r
2270 static private function action_categorydeleteconfirm()
\r
2272 global $member, $manager;
\r
2274 $blogid = intRequestVar('blogid');
\r
2275 $catid = intRequestVar('catid');
\r
2277 $member->blogAdminRights($blogid) or self::disallow();
\r
2279 $error = self::deleteOneCategory($catid);
\r
2282 self::error($error);
\r
2285 self::action_blogsettings();
\r
2290 * Admin::deleteOneCategory()
\r
2291 * Delete a category by its id
\r
2293 * @param String $catid category id for deleting
\r
2296 static public function deleteOneCategory($catid)
\r
2298 global $manager, $member;
\r
2300 $catid = intval($catid);
\r
2301 $blogid = getBlogIDFromCatID($catid);
\r
2303 if ( !$member->blogAdminRights($blogid) )
\r
2305 return ERROR_DISALLOWED;
\r
2309 $blog =& $manager->getBlog($blogid);
\r
2311 // check if the category is valid
\r
2312 if ( !$blog || !$blog->isValidCategory($catid) )
\r
2314 return _ERROR_NOSUCHCATEGORY;
\r
2317 $destcatid = $blog->getDefaultCategory();
\r
2319 // don't allow deletion of default category
\r
2320 if ( $blog->getDefaultCategory() == $catid )
\r
2322 return _ERROR_DELETEDEFCATEGORY;
\r
2325 // check if catid is the only category left for blogid
\r
2326 $query = "SELECT catid FROM %s WHERE cblog=%d;";
\r
2327 $query = sprintf($query, sql_table('category'), (integer) $blogid);
\r
2329 $res = DB::getResult($query);
\r
2330 if ( $res->rowCount() == 1 )
\r
2332 return _ERROR_DELETELASTCATEGORY;
\r
2335 $data = array('catid' => $catid);
\r
2336 $manager->notify('PreDeleteCategory', $data);
\r
2338 // change category for all items to the default category
\r
2339 $query = "UPDATE %s SET icat=%d WHERE icat=%d;";
\r
2340 $query =sprintf($query, sql_table('item'), (integer) $destcatid, (integer) $catid);
\r
2341 DB::execute($query);
\r
2343 // delete all associated plugin options
\r
2344 NucleusPlugin::delete_option_values('category', (integer) $catid);
\r
2346 // delete category
\r
2347 $query = "DELETE FROM %s WHERE catid=%d;";
\r
2348 $query = sprintf($query, sql_table('category'), (integer) $catid);
\r
2349 DB::execute($query);
\r
2351 $data = array('catid' => $catid);
\r
2352 $manager->notify('PostDeleteCategory', $data);
\r
2357 * Admin::moveOneCategory()
\r
2358 * Delete a category by its id
\r
2360 * @param int $catid category id for move
\r
2361 * @param int $destblogid blog id for destination
\r
2364 static public function moveOneCategory($catid, $destblogid)
\r
2366 global $manager, $member;
\r
2367 $catid = intval($catid);
\r
2368 $destblogid = intval($destblogid);
\r
2369 $blogid = getBlogIDFromCatID($catid);
\r
2370 // mover should have admin rights on both blogs
\r
2371 if (!$member->blogAdminRights($blogid)) {
\r
2372 return _ERROR_DISALLOWED;
\r
2374 if (!$member->blogAdminRights($destblogid)) {
\r
2375 return _ERROR_DISALLOWED;
\r
2377 // cannot move to self
\r
2378 if ($blogid == $destblogid) {
\r
2379 return _ERROR_MOVETOSELF;
\r
2382 $blog =& $manager->getBlog($blogid);
\r
2383 $destblog =& $manager->getBlog($destblogid);
\r
2384 // check if the category is valid
\r
2385 if (!$blog || !$blog->isValidCategory($catid)) {
\r
2386 return _ERROR_NOSUCHCATEGORY;
\r
2388 // don't allow default category to be moved
\r
2389 if ($blog->getDefaultCategory() == $catid) {
\r
2390 return _ERROR_MOVEDEFCATEGORY;
\r
2393 'PreMoveCategory',
\r
2395 'catid' => &$catid,
\r
2396 'sourceblog' => &$blog,
\r
2397 'destblog' => &$destblog
\r
2400 // update comments table (cblog)
\r
2401 $query = 'SELECT '
\r
2404 . sql_table('item') . ' '
\r
2407 $items = sql_query(sprintf($query, $catid));
\r
2408 while ($oItem = sql_fetch_object($items)) {
\r
2409 $query = 'UPDATE '
\r
2410 . sql_table('comment') . ' '
\r
2412 . ' cblog = %d' . ' '
\r
2415 sql_query(sprintf($query, $destblogid, $oItem->inumber));
\r
2418 // update items (iblog)
\r
2419 $query = 'UPDATE '
\r
2420 . sql_table('item') . ' '
\r
2425 sql_query(sprintf($query, $destblogid, $catid));
\r
2428 $query = 'UPDATE '
\r
2429 . sql_table('category') . ' '
\r
2431 . ' cblog = %d' . ' '
\r
2434 sql_query(sprintf($query, $destblogid, $catid));
\r
2436 'PostMoveCategory',
\r
2438 'catid' => &$catid,
\r
2439 'sourceblog' => &$blog,
\r
2440 'destblog' => $destblog
\r
2447 * Admin::action_blogsettingsupdate
\r
2448 * Updating blog settings
\r
2453 static private function action_blogsettingsupdate()
\r
2455 global $member, $manager;
\r
2457 $blogid = intRequestVar('blogid');
\r
2459 $member->blogAdminRights($blogid) or self::disallow();
\r
2461 $blog =& $manager->getBlog($blogid);
\r
2463 $notify_address = trim(postVar('notify'));
\r
2464 $shortname = trim(postVar('shortname'));
\r
2465 $updatefile = trim(postVar('update'));
\r
2467 $notifyComment = intPostVar('notifyComment');
\r
2468 $notifyVote = intPostVar('notifyVote');
\r
2469 $notifyNewItem = intPostVar('notifyNewItem');
\r
2471 if ( $notifyComment == 0 )
\r
2473 $notifyComment = 1;
\r
2475 if ( $notifyVote == 0 )
\r
2479 if ( $notifyNewItem == 0 )
\r
2481 $notifyNewItem = 1;
\r
2483 $notifyType = $notifyComment * $notifyVote * $notifyNewItem;
\r
2485 if ( $notify_address && !NOTIFICATION::address_validation($notify_address) )
\r
2487 self::error(_ERROR_BADNOTIFY);
\r
2490 if ( !isValidShortName($shortname) )
\r
2492 self::error(_ERROR_BADSHORTBLOGNAME);
\r
2495 if ( ($blog->getShortName() != $shortname) && $manager->existsBlog($shortname) )
\r
2497 self::error(_ERROR_DUPSHORTBLOGNAME);
\r
2499 // check if update file is writable
\r
2500 if ( $updatefile && !is_writeable($updatefile) )
\r
2502 self::error(_ERROR_UPDATEFILE);
\r
2505 $blog->setName(trim(postVar('name')));
\r
2506 $blog->setShortName($shortname);
\r
2507 $blog->setNotifyAddress($notify_address);
\r
2508 $blog->setNotifyType($notifyType);
\r
2509 $blog->setMaxComments(postVar('maxcomments'));
\r
2510 $blog->setCommentsEnabled(postVar('comments'));
\r
2511 $blog->setTimeOffset(postVar('timeoffset'));
\r
2512 $blog->setUpdateFile($updatefile);
\r
2513 $blog->setURL(trim(postVar('url')));
\r
2514 $blog->setDefaultSkin(intPostVar('defskin'));
\r
2515 $blog->setDescription(trim(postVar('desc')));
\r
2516 $blog->setPublic(postVar('public'));
\r
2517 $blog->setConvertBreaks(intPostVar('convertbreaks'));
\r
2518 $blog->setAllowPastPosting(intPostVar('allowpastposting'));
\r
2519 $blog->setDefaultCategory(intPostVar('defcat'));
\r
2520 $blog->setSearchable(intPostVar('searchable'));
\r
2521 $blog->setEmailRequired(intPostVar('reqemail'));
\r
2522 $blog->writeSettings();
\r
2524 // store plugin options
\r
2525 $aOptions = requestArray('plugoption');
\r
2526 NucleusPlugin::apply_plugin_options($aOptions);
\r
2529 'context' => 'blog',
\r
2530 'blogid' => $blogid,
\r
2533 $manager->notify('PostPluginOptionsUpdate', $data);
\r
2535 self::action_overview(_MSG_SETTINGSCHANGED);
\r
2540 * Admin::action_deleteblog()
\r
2545 static private function action_deleteblog()
\r
2547 global $member, $CONF, $manager;
\r
2549 $blogid = intRequestVar('blogid');
\r
2551 $member->blogAdminRights($blogid) or self::disallow();
\r
2553 // check if blog is default blog
\r
2554 if ( $CONF['DefaultBlog'] == $blogid )
\r
2556 self::error(_ERROR_DELDEFBLOG);
\r
2559 $blog =& $manager->getBlog($blogid);
\r
2562 self::$skin->parse('deleteblog');
\r
2568 * Admin::action_deleteblogconfirm()
\r
2574 static private function action_deleteblogconfirm()
\r
2576 global $member, $CONF, $manager;
\r
2578 $blogid = intRequestVar('blogid');
\r
2580 $data = array('blogid' => $blogid);
\r
2581 $manager->notify('PreDeleteBlog', $data);
\r
2583 $member->blogAdminRights($blogid) or self::disallow();
\r
2585 // check if blog is default blog
\r
2586 if ( $CONF['DefaultBlog'] == $blogid )
\r
2588 self::error(_ERROR_DELDEFBLOG);
\r
2591 // delete all comments
\r
2592 $query = 'DELETE FROM ' . sql_table('comment') . ' WHERE cblog='.$blogid;
\r
2593 DB::execute($query);
\r
2595 // delete all items
\r
2596 $query = 'DELETE FROM ' . sql_table('item') . ' WHERE iblog=' . $blogid;
\r
2597 DB::execute($query);
\r
2599 // delete all team members
\r
2600 $query = 'DELETE FROM ' . sql_table('team') . ' WHERE tblog=' . $blogid;
\r
2601 DB::execute($query);
\r
2603 // delete all bans
\r
2604 $query = 'DELETE FROM ' . sql_table('ban') . ' WHERE blogid=' . $blogid;
\r
2605 DB::execute($query);
\r
2607 // delete all categories
\r
2608 $query = 'DELETE FROM ' . sql_table('category') . ' WHERE cblog=' . $blogid;
\r
2609 DB::execute($query);
\r
2611 // delete all associated plugin options
\r
2612 NucleusPlugin::delete_option_values('blog', $blogid);
\r
2614 // delete the blog itself
\r
2615 $query = 'DELETE FROM ' . sql_table('blog') . ' WHERE bnumber=' . $blogid;
\r
2616 DB::execute($query);
\r
2618 $data = array('blogid' => $blogid);
\r
2619 $manager->notify('PostDeleteBlog', $data);
\r
2621 self::action_overview(_DELETED_BLOG);
\r
2626 * Admin::action_memberdelete()
\r
2631 static private function action_memberdelete()
\r
2633 global $member, $manager;
\r
2635 $memberid = intRequestVar('memberid');
\r
2637 ($member->getID() == $memberid) or $member->isAdmin() or self::disallow();
\r
2639 $mem = Member::createFromID($memberid);
\r
2642 self::$skin->parse('memberdelete');
\r
2648 * Admin::action_memberdeleteconfirm()
\r
2653 static private function action_memberdeleteconfirm()
\r
2657 $memberid = intRequestVar('memberid');
\r
2659 ($member->getID() == $memberid) or $member->isAdmin() or self::disallow();
\r
2661 $error = self::deleteOneMember($memberid);
\r
2664 self::error($error);
\r
2667 if ( $member->isAdmin() )
\r
2669 self::action_usermanagement();
\r
2673 self::action_overview(_DELETED_MEMBER);
\r
2679 * Admin::deleteOneMember()
\r
2680 * Delete a member by id
\r
2683 * @params Integer $memberid member id
\r
2684 * @return String null string or error messages
\r
2686 static public function deleteOneMember($memberid)
\r
2690 $memberid = intval($memberid);
\r
2691 $mem = Member::createFromID($memberid);
\r
2693 if ( !$mem->canBeDeleted() )
\r
2695 return _ERROR_DELETEMEMBER;
\r
2698 $data = array('member' => &$mem);
\r
2699 $manager->notify('PreDeleteMember', $data);
\r
2701 /* unlink comments from memberid */
\r
2704 $query = "UPDATE %s SET cmember=0, cuser=%s WHERE cmember=%d;";
\r
2705 $query = sprintf($query, sql_table('comment'), DB::quoteValue($mem->getDisplayName()), $memberid);
\r
2706 DB::execute($query);
\r
2709 $query = 'DELETE FROM ' . sql_table('member') . ' WHERE mnumber=' . $memberid;
\r
2710 DB::execute($query);
\r
2712 $query = 'DELETE FROM ' . sql_table('team') . ' WHERE tmember=' . $memberid;
\r
2713 DB::execute($query);
\r
2715 $query = 'DELETE FROM ' . sql_table('activation') . ' WHERE vmember=' . $memberid;
\r
2716 DB::execute($query);
\r
2718 // delete all associated plugin options
\r
2719 NucleusPlugin::delete_option_values('member', $memberid);
\r
2721 $data = array('member' => &$mem);
\r
2722 $manager->notify('PostDeleteMember', $data);
\r
2728 * Admin::action_createnewlog()
\r
2733 static private function action_createnewlog()
\r
2735 global $member, $CONF, $manager;
\r
2737 // Only Super-Admins can do this
\r
2738 $member->isAdmin() or self::disallow();
\r
2741 self::$skin->parse('createnewlog');
\r
2747 * Admin::action_addnewlog()
\r
2752 static private function action_addnewlog()
\r
2754 global $member, $manager, $CONF;
\r
2756 // Only Super-Admins can do this
\r
2757 $member->isAdmin() or self::disallow();
\r
2759 $bname = trim(postVar('name'));
\r
2760 $bshortname = trim(postVar('shortname'));
\r
2761 $btimeoffset = postVar('timeoffset');
\r
2762 $bdesc = trim(postVar('desc'));
\r
2763 $bdefskin = postVar('defskin');
\r
2765 if ( !isValidShortName($bshortname) )
\r
2767 self::error(_ERROR_BADSHORTBLOGNAME);
\r
2770 if ( $manager->existsBlog($bshortname) )
\r
2772 self::error(_ERROR_DUPSHORTBLOGNAME);
\r
2776 'name' => &$bname,
\r
2777 'shortname' => &$bshortname,
\r
2778 'timeoffset' => &$btimeoffset,
\r
2779 'description' => &$bdesc,
\r
2780 'defaultskin' => &$bdefskin
\r
2782 $manager->notify('PreAddBlog', $data);
\r
2784 // add slashes for sql queries
\r
2785 $bname = DB::quoteValue($bname);
\r
2786 $bshortname = DB::quoteValue($bshortname);
\r
2787 $btimeoffset = DB::quoteValue($btimeoffset);
\r
2788 $bdesc = DB::quoteValue($bdesc);
\r
2789 $bdefskin = DB::quoteValue($bdefskin);
\r
2792 $query = "INSERT INTO %s (bname, bshortname, bdesc, btimeoffset, bdefskin) VALUES (%s, %s, %s, %s, %s);";
\r
2793 $query = sprintf($query, sql_table('blog'), $bname, $bshortname, $bdesc, $btimeoffset, $bdefskin);
\r
2794 DB::execute($query);
\r
2796 $blogid = DB::getInsertId();
\r
2797 $blog =& $manager->getBlog($blogid);
\r
2799 // create new category
\r
2800 $catdefname = (!defined('_EBLOGDEFAULTCATEGORY_NAME') ? 'General' : _EBLOGDEFAULTCATEGORY_NAME);
\r
2801 $catdefdesc = (!defined('_EBLOGDEFAULTCATEGORY_DESC') ? 'Items that do not fit in other categories' : _EBLOGDEFAULTCATEGORY_DESC);
\r
2803 $query = 'INSERT INTO %s (cblog, cname, cdesc) VALUES (%d, %s, %s)';
\r
2804 DB::execute(sprintf($query, sql_table('category'), (integer) $blogid, DB::quoteValue($catdefname), DB::quoteValue($catdefdesc)));
\r
2805 $catid = DB::getInsertId();
\r
2807 // set as default category
\r
2808 $blog->setDefaultCategory($catid);
\r
2809 $blog->writeSettings();
\r
2811 // create team member
\r
2812 $query = "INSERT INTO %s (tmember, tblog, tadmin) VALUES (%d, %d, 1);";
\r
2813 $query = sprintf($query, sql_table('team'), (integer) $member->getID(), (integer) $blogid);
\r
2814 DB::execute($query);
\r
2816 $itemdeftitle = (defined('_EBLOG_FIRSTITEM_TITLE') ? _EBLOG_FIRSTITEM_TITLE : 'First Item');
\r
2817 $itemdefbody = (defined('_EBLOG_FIRSTITEM_BODY') ? _EBLOG_FIRSTITEM_BODY : 'This is the first item in your weblog. Feel free to delete it.');
\r
2820 $blog->getDefaultCategory(),
\r
2821 $itemdeftitle,$itemdefbody,
\r
2825 $blog->getCorrectTime(),
\r
2831 $data = array('blog' => &$blog);
\r
2832 $manager->notify('PostAddBlog', $data);
\r
2836 'name' => _EBLOGDEFAULTCATEGORY_NAME,
\r
2837 'description' => _EBLOGDEFAULTCATEGORY_DESC,
\r
2840 $manager->notify('PostAddCategory', $data);
\r
2842 /* TODO: we should consider to use the other way insterad of this */
\r
2843 $_REQUEST['blogid'] = $blogid;
\r
2844 $_REQUEST['catid'] = $catid;
\r
2846 self::$skin->parse('addnewlog');
\r
2852 * Admin::action_addnewlog2()
\r
2857 static private function action_addnewlog2()
\r
2859 global $member, $manager;
\r
2860 $blogid = intRequestVar('blogid');
\r
2862 $member->blogAdminRights($blogid) or self::disallow();
\r
2864 $burl = requestVar('url');
\r
2866 $blog =& $manager->getBlog($blogid);
\r
2867 $blog->setURL(trim($burl));
\r
2868 $blog->writeSettings();
\r
2870 self::action_overview(_MSG_NEWBLOG);
\r
2875 * Admin::action_skinieoverview()
\r
2880 static private function action_skinieoverview()
\r
2882 global $member, $DIR_LIBS, $manager;
\r
2884 $member->isAdmin() or self::disallow();
\r
2886 include_once($DIR_LIBS . 'skinie.php');
\r
2889 self::$skin->parse('skinieoverview');
\r
2895 * Admin::action_skinieimport()
\r
2900 static private function action_skinieimport()
\r
2902 global $member, $DIR_LIBS, $DIR_SKINS, $manager;
\r
2904 $member->isAdmin() or self::disallow();
\r
2906 // load skinie class
\r
2907 include_once($DIR_LIBS . 'skinie.php');
\r
2909 $skinFileRaw = postVar('skinfile');
\r
2910 $mode = postVar('mode');
\r
2912 $importer = new SkinImport();
\r
2914 // get full filename
\r
2915 if ( $mode == 'file' )
\r
2917 $skinFile = $DIR_SKINS . $skinFileRaw . '/skinbackup.xml';
\r
2919 /* TODO: remove this
\r
2920 // backwards compatibilty (in v2.0, exports were saved as skindata.xml)
\r
2921 if ( !file_exists($skinFile) )
\r
2923 $skinFile = $DIR_SKINS . $skinFileRaw . '/skindata.xml';
\r
2929 $skinFile = $skinFileRaw;
\r
2932 // read only metadata
\r
2933 $error = $importer->readFile($skinFile, 1);
\r
2935 /* TODO: we should consider to use the other way insterad of this */
\r
2936 $_REQUEST['skininfo'] = $importer->getInfo();
\r
2937 $_REQUEST['skinnames'] = $importer->getSkinNames();
\r
2938 $_REQUEST['tpltnames'] = $importer->getTemplateNames();
\r
2941 $skinNameClashes = $importer->checkSkinNameClashes();
\r
2942 $templateNameClashes = $importer->checkTemplateNameClashes();
\r
2943 $hasNameClashes = (count($skinNameClashes) > 0) || (count($templateNameClashes) > 0);
\r
2945 /* TODO: we should consider to use the other way insterad of this */
\r
2946 $_REQUEST['skinclashes'] = $skinNameClashes;
\r
2947 $_REQUEST['tpltclashes'] = $templateNameClashes;
\r
2948 $_REQUEST['nameclashes'] = $hasNameClashes ? 1 : 0;
\r
2952 self::error($error);
\r
2956 self::$skin->parse('skinieimport');
\r
2962 * Admin::action_skiniedoimport()
\r
2967 static private function action_skiniedoimport()
\r
2969 global $member, $DIR_LIBS, $DIR_SKINS;
\r
2971 $member->isAdmin() or self::disallow();
\r
2973 // load skinie class
\r
2974 include_once($DIR_LIBS . 'skinie.php');
\r
2976 $skinFileRaw = postVar('skinfile');
\r
2977 $mode = postVar('mode');
\r
2979 $allowOverwrite = intPostVar('overwrite');
\r
2981 // get full filename
\r
2982 if ( $mode == 'file' )
\r
2984 $skinFile = $DIR_SKINS . $skinFileRaw . '/skinbackup.xml';
\r
2986 /* TODO: remove this
\r
2987 // backwards compatibilty (in v2.0, exports were saved as skindata.xml)
\r
2988 if ( !file_exists($skinFile) )
\r
2990 $skinFile = $DIR_SKINS . $skinFileRaw . '/skindata.xml';
\r
2996 $skinFile = $skinFileRaw;
\r
2999 $importer = new SkinImport();
\r
3001 $error = $importer->readFile($skinFile);
\r
3005 self::error($error);
\r
3008 $error = $importer->writeToDatabase($allowOverwrite);
\r
3012 self::error($error);
\r
3015 /* TODO: we should consider to use the other way insterad of this */
\r
3016 $_REQUEST['skininfo'] = $importer->getInfo();
\r
3017 $_REQUEST['skinnames'] = $importer->getSkinNames();
\r
3018 $_REQUEST['tpltnames'] = $importer->getTemplateNames();
\r
3021 self::$skin->parse('skiniedoimport');
\r
3027 * Admin::action_skinieexport()
\r
3032 static private function action_skinieexport()
\r
3034 global $member, $DIR_LIBS;
\r
3036 $member->isAdmin() or self::disallow();
\r
3038 // load skinie class
\r
3039 include_once($DIR_LIBS . 'skinie.php');
\r
3041 $aSkins = requestIntArray('skin');
\r
3042 $aTemplates = requestIntArray('template');
\r
3044 if ( !is_array($aTemplates) )
\r
3046 $aTemplates = array();
\r
3048 if ( !is_array($aSkins) )
\r
3050 $aSkins = array();
\r
3053 $skinList = array_keys($aSkins);
\r
3054 $templateList = array_keys($aTemplates);
\r
3056 $info = postVar('info');
\r
3058 $exporter = new SkinExport();
\r
3059 foreach ( $skinList as $skinId )
\r
3061 $exporter->addSkin($skinId);
\r
3063 foreach ($templateList as $templateId)
\r
3065 $exporter->addTemplate($templateId);
\r
3067 $exporter->setInfo($info);
\r
3069 $exporter->export();
\r
3074 * Admin::action_templateoverview()
\r
3079 static private function action_templateoverview()
\r
3081 global $member, $manager;
\r
3083 $member->isAdmin() or self::disallow();
\r
3086 self::$skin->parse('templateoverview');
\r
3092 * Admin::action_templateedit()
\r
3094 * @param string $msg message for pageheader
\r
3097 static private function action_templateedit($msg = '')
\r
3099 global $member, $manager;
\r
3102 self::$headMess = $msg;
\r
3105 $templateid = intRequestVar('templateid');
\r
3107 $member->isAdmin() or self::disallow();
\r
3109 $extrahead = "<script type=\"text/javascript\" src=\"javascript/templateEdit.js\"></script>\n";
\r
3110 $extrahead .= '<script type=\"text/javascript">setTemplateEditText("' . Entity::hsc(_EDITTEMPLATE_EMPTY) . "\");</script>\n";
\r
3112 self::pagehead($extrahead);
\r
3113 self::$skin->parse('templateedit');
\r
3119 * TODO: remove this
\r
3121 static private function _templateEditRow(&$template, $description, $name, $help = '', $tabindex = 0, $big = 0) {
\r
3122 static $count = 1;
\r
3123 if (!isset($template[$name])) $template[$name] = '';
\r
3126 <td><?php echo $description?> <?php if ($help) help('template'.$help); ?></td>
\r
3127 <td id="td<?php echo $count?>"><textarea class="templateedit" name="<?php echo $name?>" tabindex="<?php echo $tabindex?>" cols="50" rows="<?php echo $big?10:5?>" id="textarea<?php echo $count?>"><?php echo Entity::hsc($template[$name]); ?></textarea></td>
\r
3133 * Admin::action_templateupdate()
\r
3138 static private function action_templateupdate()
\r
3140 global $member,$manager;
\r
3142 $templateid = intRequestVar('templateid');
\r
3144 $member->isAdmin() or self::disallow();
\r
3146 $name = postVar('tname');
\r
3147 $desc = postVar('tdesc');
\r
3149 if ( !isValidTemplateName($name) )
\r
3151 self::error(_ERROR_BADTEMPLATENAME);
\r
3154 if ( (Template::getNameFromId($templateid) != $name) && Template::exists($name) )
\r
3156 self::error(_ERROR_DUPTEMPLATENAME);
\r
3159 // 1. Remove all template parts
\r
3160 $query = "DELETE FROM %s WHERE tdesc=%d;";
\r
3161 $query = sprintf($query, sql_table('template'), (integer) $templateid);
\r
3162 DB::execute($query);
\r
3164 // 2. Update description
\r
3165 $query = "UPDATE %s SET tdname=%s, tddesc=%s WHERE tdnumber=%d;";
\r
3166 $query = sprintf($query, sql_table('template_desc'), DB::quoteValue($name), DB::quoteValue($desc), (integer) $templateid);
\r
3167 DB::execute($query);
\r
3169 // 3. Add non-empty template parts
\r
3170 self::addToTemplate($templateid, 'ITEM_HEADER', postVar('ITEM_HEADER'));
\r
3171 self::addToTemplate($templateid, 'ITEM', postVar('ITEM'));
\r
3172 self::addToTemplate($templateid, 'ITEM_FOOTER', postVar('ITEM_FOOTER'));
\r
3173 self::addToTemplate($templateid, 'MORELINK', postVar('MORELINK'));
\r
3174 self::addToTemplate($templateid, 'EDITLINK', postVar('EDITLINK'));
\r
3175 self::addToTemplate($templateid, 'NEW', postVar('NEW'));
\r
3176 self::addToTemplate($templateid, 'COMMENTS_HEADER', postVar('COMMENTS_HEADER'));
\r
3177 self::addToTemplate($templateid, 'COMMENTS_BODY', postVar('COMMENTS_BODY'));
\r
3178 self::addToTemplate($templateid, 'COMMENTS_FOOTER', postVar('COMMENTS_FOOTER'));
\r
3179 self::addToTemplate($templateid, 'COMMENTS_CONTINUED', postVar('COMMENTS_CONTINUED'));
\r
3180 self::addToTemplate($templateid, 'COMMENTS_TOOMUCH', postVar('COMMENTS_TOOMUCH'));
\r
3181 self::addToTemplate($templateid, 'COMMENTS_AUTH', postVar('COMMENTS_AUTH'));
\r
3182 self::addToTemplate($templateid, 'COMMENTS_ONE', postVar('COMMENTS_ONE'));
\r
3183 self::addToTemplate($templateid, 'COMMENTS_MANY', postVar('COMMENTS_MANY'));
\r
3184 self::addToTemplate($templateid, 'COMMENTS_NONE', postVar('COMMENTS_NONE'));
\r
3185 self::addToTemplate($templateid, 'ARCHIVELIST_HEADER', postVar('ARCHIVELIST_HEADER'));
\r
3186 self::addToTemplate($templateid, 'ARCHIVELIST_LISTITEM', postVar('ARCHIVELIST_LISTITEM'));
\r
3187 self::addToTemplate($templateid, 'ARCHIVELIST_FOOTER', postVar('ARCHIVELIST_FOOTER'));
\r
3188 self::addToTemplate($templateid, 'BLOGLIST_HEADER', postVar('BLOGLIST_HEADER'));
\r
3189 self::addToTemplate($templateid, 'BLOGLIST_LISTITEM', postVar('BLOGLIST_LISTITEM'));
\r
3190 self::addToTemplate($templateid, 'BLOGLIST_FOOTER', postVar('BLOGLIST_FOOTER'));
\r
3191 self::addToTemplate($templateid, 'CATLIST_HEADER', postVar('CATLIST_HEADER'));
\r
3192 self::addToTemplate($templateid, 'CATLIST_LISTITEM', postVar('CATLIST_LISTITEM'));
\r
3193 self::addToTemplate($templateid, 'CATLIST_FOOTER', postVar('CATLIST_FOOTER'));
\r
3194 self::addToTemplate($templateid, 'DATE_HEADER', postVar('DATE_HEADER'));
\r
3195 self::addToTemplate($templateid, 'DATE_FOOTER', postVar('DATE_FOOTER'));
\r
3196 self::addToTemplate($templateid, 'FORMAT_DATE', postVar('FORMAT_DATE'));
\r
3197 self::addToTemplate($templateid, 'FORMAT_TIME', postVar('FORMAT_TIME'));
\r
3198 self::addToTemplate($templateid, 'LOCALE', postVar('LOCALE'));
\r
3199 self::addToTemplate($templateid, 'SEARCH_HIGHLIGHT', postVar('SEARCH_HIGHLIGHT'));
\r
3200 self::addToTemplate($templateid, 'SEARCH_NOTHINGFOUND', postVar('SEARCH_NOTHINGFOUND'));
\r
3201 self::addToTemplate($templateid, 'POPUP_CODE', postVar('POPUP_CODE'));
\r
3202 self::addToTemplate($templateid, 'MEDIA_CODE', postVar('MEDIA_CODE'));
\r
3203 self::addToTemplate($templateid, 'IMAGE_CODE', postVar('IMAGE_CODE'));
\r
3205 $data = array('fields' => array());
\r
3206 $manager->notify('TemplateExtraFields', $data);
\r
3207 foreach ( $data['fields'] as $pfkey=>$pfvalue )
\r
3209 foreach ( $pfvalue as $pffield => $pfdesc )
\r
3211 self::addToTemplate($templateid, $pffield, postVar($pffield));
\r
3215 // jump back to template edit
\r
3216 self::action_templateedit(_TEMPLATE_UPDATED);
\r
3221 * Admin::addToTemplate()
\r
3223 * @param Integer $id ID for template
\r
3224 * @param String $partname parts name
\r
3225 * @param String $content template contents
\r
3226 * @return Integer record index
\r
3229 static private function addToTemplate($id, $partname, $content)
\r
3231 // don't add empty parts:
\r
3232 if ( !trim($content) )
\r
3237 $query = "INSERT INTO %s (tdesc, tpartname, tcontent) VALUES (%d, %s, %s);";
\r
3238 $query = sprintf($query, sql_table('template'), (integer) $id, DB::quoteValue($partname), DB::quoteValue($content));
\r
3239 if ( DB::execute($query) === FALSE )
\r
3241 $err = DB::getError();
\r
3242 exit(_ADMIN_SQLDIE_QUERYERROR . $err[2]);
\r
3244 return DB::getInsertId();
\r
3248 * Admin::action_templatedelete()
\r
3253 static private function action_templatedelete()
\r
3255 global $member, $manager;
\r
3257 $member->isAdmin() or self::disallow();
\r
3259 $templateid = intRequestVar('templateid');
\r
3260 // TODO: check if template can be deleted
\r
3263 self::$skin->parse('templatedelete');
\r
3269 * Admin::action_templatedeleteconfirm()
\r
3274 static private function action_templatedeleteconfirm()
\r
3276 global $member, $manager;
\r
3278 $templateid = intRequestVar('templateid');
\r
3280 $member->isAdmin() or self::disallow();
\r
3282 $data = array('templateid' => $templateid);
\r
3283 $manager->notify('PreDeleteTemplate', $data);
\r
3285 // 1. delete description
\r
3286 DB::execute('DELETE FROM ' . sql_table('template_desc') . ' WHERE tdnumber=' . $templateid);
\r
3288 // 2. delete parts
\r
3289 DB::execute('DELETE FROM ' . sql_table('template') . ' WHERE tdesc=' . $templateid);
\r
3292 $data = array('templateid' => $templateid);
\r
3293 $manager->notify('PostDeleteTemplate', $data);
\r
3295 self::action_templateoverview();
\r
3300 * Admin::action_templatenew()
\r
3305 static private function action_templatenew()
\r
3309 $member->isAdmin() or self::disallow();
\r
3311 $name = postVar('name');
\r
3312 $desc = postVar('desc');
\r
3314 if ( !isValidTemplateName($name) )
\r
3316 self::error(_ERROR_BADTEMPLATENAME);
\r
3319 if ( Template::exists($name) )
\r
3321 self::error(_ERROR_DUPTEMPLATENAME);
\r
3324 $newTemplateId = Template::createNew($name, $desc);
\r
3326 self::action_templateoverview();
\r
3331 * Admin::action_templateclone()
\r
3336 static private function action_templateclone()
\r
3340 $templateid = intRequestVar('templateid');
\r
3342 $member->isAdmin() or self::disallow();
\r
3344 // 1. read old template
\r
3345 $name = Template::getNameFromId($templateid);
\r
3346 $desc = Template::getDesc($templateid);
\r
3348 // 2. create desc thing
\r
3349 $name = "cloned" . $name;
\r
3351 // if a template with that name already exists:
\r
3352 if ( Template::exists($name) )
\r
3355 while (Template::exists($name . $i))
\r
3362 $newid = Template::createNew($name, $desc);
\r
3364 // 3. create clone
\r
3365 // go through parts of old template and add them to the new one
\r
3366 $query = "SELECT tpartname, tcontent FROM %s WHERE tdesc=%d;";
\r
3367 $query = sprintf($query, sql_table('template'), (integer) $templateid);
\r
3369 $res = DB::getResult($query);
\r
3370 foreach ( $res as $row)
\r
3372 self::addToTemplate($newid, $row['tpartname'], $row['tcontent']);
\r
3375 self::action_templateoverview();
\r
3380 * Admin::action_admintemplateoverview()
\r
3385 static private function action_admintemplateoverview()
\r
3387 global $member, $manager;
\r
3388 $member->isAdmin() or self::disallow();
\r
3390 self::$skin->parse('admntemplateoverview');
\r
3396 * Admin::action_admintemplateedit()
\r
3398 * @param string $msg message for pageheader
\r
3401 static private function action_admintemplateedit($msg = '')
\r
3403 global $member, $manager;
\r
3406 self::$headMess = $msg;
\r
3408 $member->isAdmin() or self::disallow();
\r
3409 $extrahead = "<script type=\"text/javascript\" src=\"javascript/templateEdit.js\"></script>\n";
\r
3410 $extrahead .= '<script type="text/javascript">setTemplateEditText("' . Entity::hsc(_EDITTEMPLATE_EMPTY) . '");</script>' . "\n";
\r
3411 self::pagehead($extrahead);
\r
3412 self::$skin->parse('admintemplateedit');
\r
3418 * Admin::action_admintemplateupdate()
\r
3423 static private function action_admintemplateupdate()
\r
3425 global $member, $manager;
\r
3426 $templateid = intRequestVar('templateid');
\r
3427 $member->isAdmin() or self::disallow();
\r
3428 $name = postVar('tname');
\r
3429 $desc = postVar('tdesc');
\r
3431 if ( !isValidTemplateName($name) )
\r
3433 self::error(_ERROR_BADTEMPLATENAME);
\r
3436 if ( (Template::getNameFromId($templateid) != $name) && Template::exists($name) )
\r
3438 self::error(_ERROR_DUPTEMPLATENAME);
\r
3441 // 1. Remove all template parts
\r
3442 $query = "DELETE FROM %s WHERE tdesc=%d;";
\r
3443 $query = sprintf($query, sql_table('template'), (integer) $templateid);
\r
3444 DB::execute($query);
\r
3446 // 2. Update description
\r
3447 $query = "UPDATE %s SET tdname=%s, tddesc=%s WHERE tdnumber=%d;";
\r
3448 $query = sprintf($query, sql_table('template_desc'), DB::quoteValue($name), DB::quoteValue($desc), (integer) $templateid);
\r
3449 DB::execute($query);
\r
3451 // 3. Add non-empty template parts
\r
3452 self::addToAdminTemplate($templateid, 'ADMINSKINTYPELIST_HEAD', postVar('ADMINSKINTYPELIST_HEAD'));
\r
3453 self::addToAdminTemplate($templateid, 'ADMINSKINTYPELIST_BODY', postVar('ADMINSKINTYPELIST_BODY'));
\r
3454 self::addToAdminTemplate($templateid, 'ADMINSKINTYPELIST_FOOT', postVar('ADMINSKINTYPELIST_FOOT'));
\r
3455 self::addToAdminTemplate($templateid, 'ADMIN_CUSTOMHELPLINK_ICON', postVar('ADMIN_CUSTOMHELPLINK_ICON'));
\r
3456 self::addToAdminTemplate($templateid, 'ADMIN_CUSTOMHELPLINK_ANCHOR', postVar('ADMIN_CUSTOMHELPLINK_ANCHOR'));
\r
3457 self::addToAdminTemplate($templateid, 'ADMIN_BLOGLINK', postVar('ADMIN_BLOGLINK'));
\r
3458 self::addToAdminTemplate($templateid, 'ADMIN_BATCHLIST', postVar('ADMIN_BATCHLIST'));
\r
3459 self::addToAdminTemplate($templateid, 'ACTIVATE_FORGOT_TITLE', postVar('ACTIVATE_FORGOT_TITLE'));
\r
3460 self::addToAdminTemplate($templateid, 'ACTIVATE_FORGOT_TEXT', postVar('ACTIVATE_FORGOT_TEXT'));
\r
3461 self::addToAdminTemplate($templateid, 'ACTIVATE_REGISTER_TITLE', postVar('ACTIVATE_REGISTER_TITLE'));
\r
3462 self::addToAdminTemplate($templateid, 'ACTIVATE_REGISTER_TEXT', postVar('ACTIVATE_REGISTER_TEXT'));
\r
3463 self::addToAdminTemplate($templateid, 'ACTIVATE_CHANGE_TITLE', postVar('ACTIVATE_CHANGE_TITLE'));
\r
3464 self::addToAdminTemplate($templateid, 'ACTIVATE_CHANGE_TEXT', postVar('ACTIVATE_CHANGE_TEXT'));
\r
3465 self::addToAdminTemplate($templateid, 'TEMPLATE_EDIT_EXPLUGNAME', postVar('TEMPLATE_EDIT_EXPLUGNAME'));
\r
3466 self::addToAdminTemplate($templateid, 'TEMPLATE_EDIT_ROW_HEAD', postVar('TEMPLATE_EDIT_ROW_HEAD'));
\r
3467 self::addToAdminTemplate($templateid, 'TEMPLATE_EDIT_ROW_TAIL', postVar('TEMPLATE_EDIT_ROW_TAIL'));
\r
3468 self::addToAdminTemplate($templateid, 'SPECIALSKINLIST_HEAD', postVar('SPECIALSKINLIST_HEAD'));
\r
3469 self::addToAdminTemplate($templateid, 'SPECIALSKINLIST_BODY', postVar('SPECIALSKINLIST_BODY'));
\r
3470 self::addToAdminTemplate($templateid, 'SPECIALSKINLIST_FOOT', postVar('SPECIALSKINLIST_FOOT'));
\r
3471 self::addToAdminTemplate($templateid, 'SYSTEMINFO_GDSETTINGS', postVar('SYSTEMINFO_GDSETTINGS'));
\r
3472 self::addToAdminTemplate($templateid, 'BANLIST_DELETED_LIST', postVar('BANLIST_DELETED_LIST'));
\r
3473 self::addToAdminTemplate($templateid, 'INSERT_PLUGOPTION_TITLE', postVar('INSERT_PLUGOPTION_TITLE'));
\r
3474 self::addToAdminTemplate($templateid, 'INSERT_PLUGOPTION_BODY', postVar('INSERT_PLUGOPTION_BODY'));
\r
3475 self::addToAdminTemplate($templateid, 'INPUTYESNO_TEMPLATE_ADMIN', postVar('INPUTYESNO_TEMPLATE_ADMIN'));
\r
3476 self::addToAdminTemplate($templateid, 'INPUTYESNO_TEMPLATE_NORMAL', postVar('INPUTYESNO_TEMPLATE_NORMAL'));
\r
3477 self::addToAdminTemplate($templateid, 'ADMIN_SPECIALSKINLIST_HEAD', postVar('ADMIN_SPECIALSKINLIST_HEAD'));
\r
3478 self::addToAdminTemplate($templateid, 'ADMIN_SPECIALSKINLIST_BODY', postVar('ADMIN_SPECIALSKINLIST_BODY'));
\r
3479 self::addToAdminTemplate($templateid, 'ADMIN_SPECIALSKINLIST_FOOT', postVar('ADMIN_SPECIALSKINLIST_FOOT'));
\r
3480 self::addToAdminTemplate($templateid, 'SKINIE_EXPORT_LIST', postVar('SKINIE_EXPORT_LIST'));
\r
3481 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_SELECT_HEAD', postVar('SHOWLIST_LISTPLUG_SELECT_HEAD'));
\r
3482 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_SELECT_BODY', postVar('SHOWLIST_LISTPLUG_SELECT_BODY'));
\r
3483 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_SELECT_FOOT', postVar('SHOWLIST_LISTPLUG_SELECT_FOOT'));
\r
3484 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_HEAD'));
\r
3485 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_BODY'));
\r
3486 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_FOOT'));
\r
3487 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_MEMBLIST_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_MEMBLIST_HEAD'));
\r
3488 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_MEMBLIST_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_MEMBLIST_BODY'));
\r
3489 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_MEMBLIST_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_MEMBLIST_FOOT'));
\r
3490 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_TEAMLIST_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_TEAMLIST_HEAD'));
\r
3491 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_TEAMLIST_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_TEAMLIST_BODY'));
\r
3492 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_TEAMLIST_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_TEAMLIST_FOOT'));
\r
3493 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLUGLIST_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_PLUGLIST_HEAD'));
\r
3494 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLUGLIST_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_PLUGLIST_BODY'));
\r
3495 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLUGLIST_GURL', postVar('SHOWLIST_LISTPLUG_TABLE_PLUGLIST_GURL'));
\r
3496 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLUGEVENTLIST', postVar('SHOWLIST_LISTPLUG_TABLE_PLUGEVENTLIST'));
\r
3497 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLUGNEDUPDATE', postVar('SHOWLIST_LISTPLUG_TABLE_PLUGNEDUPDATE'));
\r
3498 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLUGIN_DEPEND', postVar('SHOWLIST_LISTPLUG_TABLE_PLUGIN_DEPEND'));
\r
3499 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLUGIN_DEPREQ', postVar('SHOWLIST_LISTPLUG_TABLE_PLUGIN_DEPREQ'));
\r
3500 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLUGLISTFALSE', postVar('SHOWLIST_LISTPLUG_TABLE_PLUGLISTFALSE'));
\r
3501 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLUGLIST_ACTN', postVar('SHOWLIST_LISTPLUG_TABLE_PLUGLIST_ACTN'));
\r
3502 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLUGLIST_ADMN', postVar('SHOWLIST_LISTPLUG_TABLE_PLUGLIST_ADMN'));
\r
3503 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLUGLIST_HELP', postVar('SHOWLIST_LISTPLUG_TABLE_PLUGLIST_HELP'));
\r
3504 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLUGOPTSETURL', postVar('SHOWLIST_LISTPLUG_TABLE_PLUGOPTSETURL'));
\r
3505 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLUGLIST_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_PLUGLIST_FOOT'));
\r
3506 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_POPTLIST_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_POPTLIST_HEAD'));
\r
3507 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_POPTLIST_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_POPTLIST_BODY'));
\r
3508 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLGOPT_OYESNO', postVar('SHOWLIST_LISTPLUG_TABLE_PLGOPT_OYESNO'));
\r
3509 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLGOPT_OPWORD', postVar('SHOWLIST_LISTPLUG_TABLE_PLGOPT_OPWORD'));
\r
3510 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLGOPT_OSELEP', postVar('SHOWLIST_LISTPLUG_TABLE_PLGOPT_OSELEP'));
\r
3511 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLGOPT_OSELEO', postVar('SHOWLIST_LISTPLUG_TABLE_PLGOPT_OSELEO'));
\r
3512 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLGOPT_OSELEC', postVar('SHOWLIST_LISTPLUG_TABLE_PLGOPT_OSELEC'));
\r
3513 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLGOPT_OTAREA', postVar('SHOWLIST_LISTPLUG_TABLE_PLGOPT_OTAREA'));
\r
3514 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLGOPT_OITEXT', postVar('SHOWLIST_LISTPLUG_TABLE_PLGOPT_OITEXT'));
\r
3515 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLUGOPTN_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_PLUGOPTN_FOOT'));
\r
3516 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_POPTLIST_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_POPTLIST_FOOT'));
\r
3517 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_ITEMLIST_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_ITEMLIST_HEAD'));
\r
3518 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_ITEMLIST_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_ITEMLIST_BODY'));
\r
3519 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_ITEMLIST_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_ITEMLIST_FOOT'));
\r
3520 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_CMNTLIST_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_CMNTLIST_HEAD'));
\r
3521 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_CMNTLIST_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_CMNTLIST_BODY'));
\r
3522 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_CMNTLIST_ABAN', postVar('SHOWLIST_LISTPLUG_TABLE_CMNTLIST_ABAN'));
\r
3523 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_CMNTLIST_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_CMNTLIST_FOOT'));
\r
3524 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_BLOGLIST_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_BLOGLIST_HEAD'));
\r
3525 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_BLOGLIST_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_BLOGLIST_BODY'));
\r
3526 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_BLIST_BD_TADM', postVar('SHOWLIST_LISTPLUG_TABLE_BLIST_BD_TADM'));
\r
3527 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_BLIST_BD_SADM', postVar('SHOWLIST_LISTPLUG_TABLE_BLIST_BD_SADM'));
\r
3528 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_BLOGLIST_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_BLOGLIST_FOOT'));
\r
3529 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_BLOGSNAM_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_BLOGSNAM_HEAD'));
\r
3530 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_BLOGSNAM_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_BLOGSNAM_BODY'));
\r
3531 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_BLOGSNAM_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_BLOGSNAM_FOOT'));
\r
3532 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_SHORTNAM_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_SHORTNAM_HEAD'));
\r
3533 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_SHORTNAM_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_SHORTNAM_BODY'));
\r
3534 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_SHORTNAM_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_SHORTNAM_FOOT'));
\r
3535 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_CATELIST_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_CATELIST_HEAD'));
\r
3536 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_CATELIST_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_CATELIST_BODY'));
\r
3537 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_CATELIST_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_CATELIST_FOOT'));
\r
3538 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_TPLTLIST_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_TPLTLIST_HEAD'));
\r
3539 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_TPLTLIST_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_TPLTLIST_BODY'));
\r
3540 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_TPLTLIST_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_TPLTLIST_FOOT'));
\r
3541 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_SKINLIST_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_SKINLIST_HEAD'));
\r
3542 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_SKINLIST_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_SKINLIST_BODY'));
\r
3543 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_SKINLIST_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_SKINLIST_FOOT'));
\r
3544 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_DRFTLIST_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_DRFTLIST_HEAD'));
\r
3545 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_DRFTLIST_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_DRFTLIST_BODY'));
\r
3546 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_DRFTLIST_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_DRFTLIST_FOOT'));
\r
3547 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_ACTNLIST_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_ACTNLIST_HEAD'));
\r
3548 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_ACTNLIST_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_ACTNLIST_BODY'));
\r
3549 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_ACTNLIST_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_ACTNLIST_FOOT'));
\r
3550 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_IBANLIST_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_IBANLIST_HEAD'));
\r
3551 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_IBANLIST_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_IBANLIST_BODY'));
\r
3552 self::addToAdminTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_IBANLIST_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_IBANLIST_FOOT'));
\r
3553 self::addToAdminTemplate($templateid, 'PLUGIN_QUICKMENU_TITLE', postVar('PLUGIN_QUICKMENU_TITLE'));
\r
3554 self::addToAdminTemplate($templateid, 'PLUGIN_QUICKMENU_HEAD', postVar('PLUGIN_QUICKMENU_HEAD'));
\r
3555 self::addToAdminTemplate($templateid, 'PLUGIN_QUICKMENU_BODY', postVar('PLUGIN_QUICKMENU_BODY'));
\r
3556 self::addToAdminTemplate($templateid, 'PLUGIN_QUICKMENU_FOOT', postVar('PLUGIN_QUICKMENU_FOOT'));
\r
3558 $data = array('fields' => array());
\r
3559 $manager->notify('TemplateExtraFields', $data);
\r
3560 foreach ( $data['fields'] as $pfkey => $pfvalue )
\r
3562 foreach ( $pfvalue as $pffield => $pfdesc )
\r
3564 self::addToAdminTemplate($templateid, $pffield, postVar($pffield));
\r
3568 // jump back to template edit
\r
3569 self::action_admintemplateedit(_TEMPLATE_UPDATED);
\r
3574 * Admin::addToAdminTemplate()
\r
3576 * @param integer $id ID for template
\r
3577 * @param string $partname name of part for template
\r
3578 * @param void $contents content for part of template
\r
3579 * @return integer ID for newly inserted Template
\r
3581 static private function addToAdminTemplate($id, $partname, $content)
\r
3583 // don't add empty parts:
\r
3584 if ( !trim($content) )
\r
3589 $query = "INSERT INTO %s (tdesc, tpartname, tcontent ) VALUES (%d, %s, %s);";
\r
3590 $query = sprintf($query, sql_table('template'), (integer) $id, DB::quoteValue($partname), DB::quoteValue($content));
\r
3591 if ( DB::execute($query) === FALSE )
\r
3593 $err = DB::getError();
\r
3594 exit(_ADMIN_SQLDIE_QUERYERROR . $err[2]);
\r
3596 return DB::getInsertId();
\r
3600 * Admin::action_admintemplatedelete()
\r
3605 static private function action_admintemplatedelete()
\r
3607 global $member, $manager;
\r
3608 $member->isAdmin() or self::disallow();
\r
3610 // TODO: check if template can be deleted
\r
3612 self::$skin->parse('admintemplatedelete');
\r
3618 * Admin::action_admintemplatedeleteconfirm()
\r
3623 static private function action_admintemplatedeleteconfirm()
\r
3625 global $member, $manager;
\r
3627 $templateid = intRequestVar('templateid');
\r
3628 $member->isAdmin() or self::disallow();
\r
3630 $data = array('templateid' => $templateid);
\r
3631 $manager->notify('PreDeleteAdminTemplate', $data);
\r
3633 // 1. delete description
\r
3634 $query = "DELETE FROM %s WHERE tdnumber=%s;";
\r
3635 $query = sprintf($query, sql_table('template_desc'), (integer) $templateid);
\r
3636 DB::execute($query);
\r
3638 // 2. delete parts
\r
3639 $query = "DELETE FROM %s WHERE tdesc=%d;";
\r
3640 $query = sprintf($query, sql_table('template'), (integer) $templateid);
\r
3641 DB::execute($query);
\r
3643 $data = array('templateid' => $templateid);
\r
3644 $manager->notify('PostDeleteAdminTemplate', $data);
\r
3646 self::action_admintemplateoverview();
\r
3651 * Admin::action_admintemplatenew()
\r
3656 static private function action_admintemplatenew()
\r
3659 $member->isAdmin() or self::disallow();
\r
3660 $name = postVar('name');
\r
3661 $desc = postVar('desc');
\r
3663 if ( !isValidTemplateName($name) )
\r
3665 self::error(_ERROR_BADTEMPLATENAME);
\r
3667 else if ( !preg_match('#^admin/#', $name) )
\r
3669 self::error(_ERROR_BADADMINTEMPLATENAME);
\r
3671 else if ( Template::exists($name) )
\r
3673 self::error(_ERROR_DUPTEMPLATENAME);
\r
3676 $newTemplateId = Template::createNew($name, $desc);
\r
3677 self::action_admintemplateoverview();
\r
3682 * Admin::action_admintemplateclone()
\r
3687 static private function action_admintemplateclone()
\r
3690 $templateid = intRequestVar('templateid');
\r
3691 $member->isAdmin() or self::disallow();
\r
3693 // 1. read old template
\r
3694 $name = Template::getNameFromId($templateid);
\r
3695 $desc = Template::getDesc($templateid);
\r
3697 // 2. create desc thing
\r
3698 $name = $name . "cloned";
\r
3700 // if a template with that name already exists:
\r
3701 if ( Template::exists($name) )
\r
3704 while ( Template::exists($name . $i) )
\r
3711 $newid = Template::createNew($name, $desc);
\r
3713 // 3. create clone
\r
3714 // go through parts of old template and add them to the new one
\r
3715 $query = "SELECT tpartname, tcontent FROM %s WHERE tdesc=%d;";
\r
3716 $query = sprintf($query, sql_table('template'), (integer) $templateid);
\r
3718 $res = DB::getResult($query);
\r
3719 foreach ( $res as $row )
\r
3721 self::addToAdminTemplate($newid, $row['tpartname'], $row['tcontent']);
\r
3724 self::action_admintemplateoverview();
\r
3729 * Admin::action_skinoverview()
\r
3734 static private function action_skinoverview()
\r
3736 global $member, $manager;
\r
3738 $member->isAdmin() or self::disallow();
\r
3741 self::$skin->parse('skinoverview');
\r
3747 * Admin::action_skinnew()
\r
3752 static private function action_skinnew()
\r
3756 $member->isAdmin() or self::disallow();
\r
3758 $name = trim(postVar('name'));
\r
3759 $desc = trim(postVar('desc'));
\r
3761 if ( !isValidSkinName($name) )
\r
3763 self::error(_ERROR_BADSKINNAME);
\r
3766 if ( SKIN::exists($name) )
\r
3768 self::error(_ERROR_DUPSKINNAME);
\r
3771 $newId = SKIN::createNew($name, $desc);
\r
3773 self::action_skinoverview();
\r
3778 * Admin::action_skinedit()
\r
3783 static private function action_skinedit()
\r
3785 global $member, $manager;
\r
3787 $member->isAdmin() or self::disallow();
\r
3790 self::$skin->parse('skinedit');
\r
3796 * Admin::action_skineditgeneral()
\r
3801 static private function action_skineditgeneral()
\r
3805 $skinid = intRequestVar('skinid');
\r
3807 $member->isAdmin() or self::disallow();
\r
3809 $name = postVar('name');
\r
3810 $desc = postVar('desc');
\r
3811 $type = postVar('type');
\r
3812 $inc_mode = postVar('inc_mode');
\r
3813 $inc_prefix = postVar('inc_prefix');
\r
3815 $skin = new Skin($skinid);
\r
3818 if ( !isValidSkinName($name) )
\r
3820 self::error(_ERROR_BADSKINNAME);
\r
3823 if ( ($skin->getName() != $name) && SKIN::exists($name) )
\r
3825 self::error(_ERROR_DUPSKINNAME);
\r
3830 $type = 'text/html';
\r
3834 $inc_mode = 'normal';
\r
3837 // 2. Update description
\r
3838 $skin->updateGeneralInfo($name, $desc, $type, $inc_mode, $inc_prefix);
\r
3840 self::action_skinedit();
\r
3844 static private function action_skinedittype($msg = '')
\r
3846 global $member, $manager;
\r
3848 $member->isAdmin() or self::disallow();
\r
3852 self::$headMess = $msg;
\r
3855 $skinid = intRequestVar('skinid');
\r
3856 $type = requestVar('type');
\r
3857 $type = trim($type);
\r
3858 $type = strtolower($type);
\r
3860 if ( !isValidShortName($type) )
\r
3862 self::error(_ERROR_SKIN_PARTS_SPECIAL_FORMAT);
\r
3866 self::$skin->parse('skinedittype');
\r
3872 * Admin::action_skinupdate()
\r
3877 static private function action_skinupdate()
\r
3881 $skinid = intRequestVar('skinid');
\r
3882 $content = trim(postVar('content'));
\r
3883 $type = postVar('type');
\r
3885 $member->isAdmin() or self::disallow();
\r
3887 $skin = new SKIN($skinid);
\r
3888 $skin->update($type, $content);
\r
3890 self::action_skinedittype(_SKIN_UPDATED);
\r
3895 * Admin::action_skindelete()
\r
3900 static private function action_skindelete()
\r
3902 global $member, $manager, $CONF;
\r
3904 $skinid = intRequestVar('skinid');
\r
3906 $member->isAdmin() or self::disallow();
\r
3908 // don't allow default skin to be deleted
\r
3909 if ( $skinid == $CONF['BaseSkin'] )
\r
3911 self::error(_ERROR_DEFAULTSKIN);
\r
3914 // don't allow deletion of default skins for blogs
\r
3915 $query = "SELECT bname FROM %s WHERE bdefskin=%d";
\r
3916 $query = sprintf($query, sql_table('blog'), (integer) $skinid);
\r
3918 $name = DB::getValue($query);
\r
3921 self::error(_ERROR_SKINDEFDELETE . Entity::hsc($name));
\r
3925 self::$skin->parse('skindelete');
\r
3931 * Admin::action_skindeleteconfirm()
\r
3936 static private function action_skindeleteconfirm()
\r
3938 global $member, $CONF, $manager;
\r
3940 $skinid = intRequestVar('skinid');
\r
3942 $member->isAdmin() or self::disallow();
\r
3944 // don't allow default skin to be deleted
\r
3945 if ( $skinid == $CONF['BaseSkin'] )
\r
3947 self::error(_ERROR_DEFAULTSKIN);
\r
3950 // don't allow deletion of default skins for blogs
\r
3951 $query = "SELECT bname FROM %s WHERE bdefskin=%d;";
\r
3952 $query = sprintf($query, sql_table('blog'), (integer) $skinid);
\r
3954 $name = DB::getValue($query);
\r
3957 self::error(_ERROR_SKINDEFDELETE . Entity::hsc($name));
\r
3960 $data = array('skinid' => $skinid);
\r
3961 $manager->notify('PreDeleteSkin', $data);
\r
3963 // 1. delete description
\r
3964 $query = "DELETE FROM %s WHERE sdnumber=%d;";
\r
3965 $query = sprintf($query, sql_table('skin_desc'), (integer) $skinid);
\r
3966 DB::execute($query);
\r
3968 // 2. delete parts
\r
3969 $query = "DELETE FROM %s WHERE sdesc=%d;";
\r
3970 $query = sprintf($query, sql_table('skin'), (integer) $skinid);
\r
3971 DB::execute($query);
\r
3973 $data = array('skinid' => $skinid);
\r
3974 $manager->notify('PostDeleteSkin', $data);
\r
3976 self::action_skinoverview();
\r
3981 * Admin::action_skinremovetype()
\r
3986 static private function action_skinremovetype()
\r
3988 global $member, $manager, $CONF;
\r
3990 $member->isAdmin() or self::disallow();
\r
3992 $skinid = intRequestVar('skinid');
\r
3993 $skintype = requestVar('type');
\r
3995 if ( !isValidShortName($skintype) )
\r
3997 self::error(_ERROR_SKIN_PARTS_SPECIAL_DELETE);
\r
4000 // don't allow default skinparts to be deleted
\r
4001 /* TODO: this array should be retrieved from Action class */
\r
4002 if ( in_array($skintype, array('index', 'item', 'archivelist', 'archive', 'search', 'error', 'member', 'imagepopup')) )
\r
4004 self::error(_ERROR_SKIN_PARTS_SPECIAL_DELETE);
\r
4008 self::$skin->parse('skinremovetype');
\r
4014 * Admin::action_skinremovetypeconfirm()
\r
4019 static private function action_skinremovetypeconfirm()
\r
4021 global $member, $CONF, $manager;
\r
4023 $member->isAdmin() or self::disallow();
\r
4025 $skinid = intRequestVar('skinid');
\r
4026 $skintype = requestVar('type');
\r
4028 if ( !isValidShortName($skintype) )
\r
4030 self::error(_ERROR_SKIN_PARTS_SPECIAL_DELETE);
\r
4033 // don't allow default skinparts to be deleted
\r
4034 /* TODO: this array should be retrieved from Action class */
\r
4035 if ( in_array($skintype, array('index', 'item', 'archivelist', 'archive', 'search', 'error', 'member', 'imagepopup')) )
\r
4037 self::error(_ERROR_SKIN_PARTS_SPECIAL_DELETE);
\r
4041 'skinid' => $skinid,
\r
4042 'skintype' => $skintype
\r
4044 $manager->notify('PreDeleteSkinPart', $data);
\r
4047 $query = "DELETE FROM %s WHERE sdesc=%d AND stype='%s';";
\r
4048 $query = sprintf($query, sql_table('skin'), (integer) $skinid, (integer) $skintype);
\r
4049 DB::execute($query);
\r
4052 'skinid' => $skinid,
\r
4053 'skintype' => $skintype
\r
4055 $manager->notify('PostDeleteSkinPart', $data);
\r
4057 self::action_skinedit();
\r
4062 * Admin::action_skinclone()
\r
4067 static private function action_skinclone()
\r
4071 $member->isAdmin() or self::disallow();
\r
4073 $skinid = intRequestVar('skinid');
\r
4075 // 1. read skin to clone
\r
4076 $skin = new Skin($skinid);
\r
4078 $name = "{$skin->getName()}_clone";
\r
4080 // if a skin with that name already exists:
\r
4081 if ( Skin::exists($name) )
\r
4084 while ( Skin::exists($name . $i) )
\r
4091 // 2. create skin desc
\r
4092 $newid = Skin::createNew(
\r
4094 $skin->getDescription(),
\r
4095 $skin->getContentType(),
\r
4096 $skin->getIncludeMode(),
\r
4097 $skin->getIncludePrefix()
\r
4101 $query = "SELECT stype FROM %s WHERE sdesc=%d;";
\r
4102 $query = sprintf($query, sql_table('skin'), (integer) $skinid);
\r
4104 $res = DB::getResult($query);
\r
4105 foreach ( $res as $row )
\r
4107 self::skinclonetype($skin, $newid, $row['stype']);
\r
4110 self::action_skinoverview();
\r
4115 * Admin::skinclonetype()
\r
4117 * @param String $skin Skin object
\r
4118 * @param Integer $newid ID for this clone
\r
4119 * @param String $type type of skin
\r
4122 static private function skinclonetype($skin, $newid, $type)
\r
4124 $newid = intval($newid);
\r
4125 $content = $skin->getContentFromDB($type);
\r
4129 $query = "INSERT INTO %s (sdesc, scontent, stype) VALUES (%d, %s, %s)";
\r
4130 $query = sprintf($query, sql_table('skin'), (integer) $newid, DB::quoteValue($content), DB::quoteValue($type));
\r
4131 DB::execute($query);
\r
4137 * Admin::action_adminskinoverview()
\r
4142 static private function action_adminskinoverview()
\r
4144 global $member, $manager;
\r
4146 $member->isAdmin() or self::disallow();
\r
4149 self::$skin->parse('adminskinoverview');
\r
4155 * Admin::action_adminskinnew()
\r
4160 static private function action_adminskinnew()
\r
4163 $member->isAdmin() or self::disallow();
\r
4164 $name = trim(postVar('name'));
\r
4165 $desc = trim(postVar('desc'));
\r
4167 if ( !isValidSkinName($name) )
\r
4169 self::error(_ERROR_BADSKINNAME);
\r
4171 else if ( !preg_match('#^admin/#', $name) )
\r
4173 self::error(_ERROR_BADADMINSKINNAME);
\r
4175 else if ( Skin::exists($name) )
\r
4177 self::error(_ERROR_DUPSKINNAME);
\r
4179 /* TODO: $newId is not reused... */
\r
4180 $newId = Skin::createNew($name, $desc);
\r
4181 self::action_adminskinoverview();
\r
4186 * Admin::action_adminskinedit()
\r
4191 static private function action_adminskinedit()
\r
4193 global $member, $manager;
\r
4195 $member->isAdmin() or self::disallow();
\r
4197 self::$skin->parse('adminskinedit');
\r
4203 * Admin::action_adminskineditgeneral()
\r
4208 static private function action_adminskineditgeneral()
\r
4212 $skinid = intRequestVar('skinid');
\r
4214 $member->isAdmin() or self::disallow();
\r
4216 $name = postVar('name');
\r
4217 $desc = postVar('desc');
\r
4218 $type = postVar('type');
\r
4219 $inc_mode = postVar('inc_mode');
\r
4220 $inc_prefix = postVar('inc_prefix');
\r
4222 $skin = new Skin($skinid, 'AdminActions', 'AdminSkin');
\r
4225 if ( !isValidSkinName($name) )
\r
4227 self::error(_ERROR_BADSKINNAME);
\r
4229 if ( ($skin->getName() != $name) && Skin::exists($name) )
\r
4231 self::error(_ERROR_DUPSKINNAME);
\r
4235 $type = 'text/html';
\r
4239 $inc_mode = 'normal';
\r
4241 // 2. Update description
\r
4242 $skin->updateGeneralInfo($name, $desc, $type, $inc_mode, $inc_prefix);
\r
4243 self::action_adminskinedit();
\r
4248 * Admin::action_adminskinedittype()
\r
4250 * @param string $msg message for pageheader
\r
4253 static private function action_adminskinedittype($msg = '')
\r
4255 global $member, $manager;
\r
4257 $member->isAdmin() or self::disallow();
\r
4261 self::$headMess = $msg;
\r
4263 $type = requestVar('type');
\r
4264 $type = trim($type);
\r
4265 $type = strtolower($type);
\r
4267 if ( !isValidShortName($type) )
\r
4269 self::error(_ERROR_SKIN_PARTS_SPECIAL_FORMAT);
\r
4273 self::$skin->parse('adminskinedittype');
\r
4279 * Admin::action_adminskinupdate()
\r
4284 static private function action_adminskinupdate()
\r
4287 $skinid = intRequestVar('skinid');
\r
4288 $content = trim(postVar('content'));
\r
4289 $type = postVar('type');
\r
4291 $member->isAdmin() or self::disallow();
\r
4293 $skin = new Skin($skinid, 'Admin', 'AdminSkin');
\r
4294 $skin->update($type, $content);
\r
4295 self::action_adminskinedittype(_SKIN_UPDATED);
\r
4300 * Admin::action_adminskindelete()
\r
4305 static private function action_adminskindelete()
\r
4307 global $member, $manager, $CONF;
\r
4308 $member->isAdmin() or self::disallow();
\r
4310 /* TODO: needless variable $skinid... */
\r
4311 $skinid = intRequestVar('skinid');
\r
4313 self::$skin->parse('adminskindelete');
\r
4319 * Admin::action_adminskindeleteconfirm()
\r
4324 static private function action_adminskindeleteconfirm()
\r
4326 global $member, $CONF, $manager;
\r
4328 $member->isAdmin() or self::disallow();
\r
4329 $skinid = intRequestVar('skinid');
\r
4331 // don't allow default skin to be deleted
\r
4332 if ( $skinid == $CONF['AdminSkin'] )
\r
4334 self::error(_ERROR_DEFAULTSKIN);
\r
4338 * TODO: NOT Implemented
\r
4339 * don't allow deletion of default skins for members
\r
4340 $memberDefaults = $member->getAdminSkin();
\r
4341 foreach ( $memberDefaults as $memID => $adminskin )
\r
4343 if ( $skinid == $adminskin )
\r
4345 $mem = MEMBER::createFromID($memID);
\r
4346 self::error(_ERROR_SKINDEFDELETE . $mem->displayname);
\r
4351 $manager->notify('PreDeleteAdminSkin', array('skinid' => (integer) $skinid));
\r
4353 // 1. delete description
\r
4354 $query = "DELETE FROM %s WHERE sdnumber=%d;";
\r
4355 $query = sprintf($query, sql_table('skin_desc'), (integer) $skinid);
\r
4356 DB::execute($query);
\r
4358 // 2. delete parts
\r
4359 $query = "DELETE FROM %s WHERE sdesc=%d;";
\r
4360 $query = sprintf($query, sql_table('skin'), (integer) $skinid);
\r
4362 DB::execute($query);
\r
4364 $manager->notify('PostDeleteAdminSkin', array('skinid' => (integer) $skinid));
\r
4365 self::action_adminskinoverview();
\r
4370 * Admin::action_adminskinremovetype()
\r
4375 static private function action_adminskinremovetype()
\r
4377 global $member, $manager, $CONF;
\r
4379 $member->isAdmin() or self::disallow();
\r
4381 $skinid = intRequestVar('skinid');
\r
4382 $skintype = requestVar('type');
\r
4384 if ( !isValidShortName($skintype) )
\r
4386 self::error(_ERROR_SKIN_PARTS_SPECIAL_DELETE);
\r
4390 self::$skin->parse('adminskinremovetype');
\r
4396 * Admin::action_adminskinremovetypeconfirm()
\r
4401 static private function action_adminskinremovetypeconfirm()
\r
4403 global $member, $CONF, $manager;
\r
4405 $member->isAdmin() or self::disallow();
\r
4407 $skinid = intRequestVar('skinid');
\r
4408 $skintype = requestVar('type');
\r
4410 if ( !isValidShortName($skintype) )
\r
4412 self::error(_ERROR_SKIN_PARTS_SPECIAL_DELETE);
\r
4416 'skinid' => $skinid,
\r
4417 'skintype' => $skintype
\r
4419 $manager->notify('PreDeleteAdminSkinPart', $data);
\r
4422 $query = 'DELETE FROM %s WHERE sdesc = %d AND stype ="%s"';
\r
4423 $query = sprintf($query, sql_table('skin'), (integer) $skinid, $skintype);
\r
4424 DB::execute($query);
\r
4427 'skinid' => $skinid,
\r
4428 'skintype' => $skintype
\r
4430 $manager->notify('PostDeleteAdminSkinPart', $data);
\r
4432 self::action_adminskinedit();
\r
4437 * Admin::action_adminskinclone()
\r
4442 static private function action_adminskinclone()
\r
4446 $member->isAdmin() or self::disallow();
\r
4448 $skinid = intRequestVar('skinid');
\r
4450 // 1. read skin to clone
\r
4451 $skin = new Skin($skinid, 'Admin', 'AdminSkin');
\r
4452 $name = "{$skin->getName()}_clone";
\r
4454 // if a skin with that name already exists:
\r
4455 if ( Skin::exists($name) )
\r
4458 while ( Skin::exists($name . $i) )
\r
4465 // 2. create skin desc
\r
4466 $newid = Skin::createNew(
\r
4468 $skin->getDescription(),
\r
4469 $skin->getContentType(),
\r
4470 $skin->getIncludeMode(),
\r
4471 $skin->getIncludePrefix()
\r
4475 $query = "SELECT stype FROM %s WHERE sdesc=%d;";
\r
4476 $query = sprintf($query, sql_table('skin'), (integer) $skinid);
\r
4478 $res = DB::getResult($query);
\r
4479 foreach ( $res as $row )
\r
4481 self::skinclonetype($skin, $newid, $row['stype']);
\r
4483 self::action_adminskinoverview();
\r
4488 * Admin::adminskinclonetype()
\r
4490 * @param string $skin an instance of Skin class
\r
4491 * @param integer $newid ID for new skin
\r
4492 * @param string $type skin type
\r
4495 static private function adminskinclonetype($skin, $newid, $type)
\r
4497 $content = $skin->getContentFromDB($type);
\r
4501 $query = "INSERT INTO %s (sdesc, scontent, stype) VALUES (%d, %s, %s)";
\r
4502 $query = sprintf($query, sql_table('skin'), (integer) $newid, DB::quoteValue($content), DB::quoteValue($type));
\r
4503 DB::execute($query);
\r
4509 * Admin::action_adminskinieoverview()
\r
4514 static private function action_adminskinieoverview()
\r
4516 global $member, $DIR_LIBS, $manager;
\r
4518 $member->isAdmin() or self::disallow();
\r
4520 // load skinie class
\r
4521 include_once($DIR_LIBS . 'skinie.php');
\r
4524 self::$skin->parse('adminskinieoverview');
\r
4530 * Admin::action_adminskinieimport()
\r
4535 static private function action_adminskinieimport()
\r
4537 global $DIR_LIBS, $DIR_SKINS, $manager, $member;
\r
4539 $member->isAdmin() or self::disallow();
\r
4541 // load skinie class
\r
4542 include_once($DIR_LIBS . 'skinie.php');
\r
4544 $skinFileRaw = postVar('skinfile');
\r
4545 $mode = postVar('mode');
\r
4547 $importer = new SKINIMPORT();
\r
4549 // get full filename
\r
4550 if ( $mode == 'file' )
\r
4552 $skinFile = "{$DIR_SKINS}admin/{$skinFileRaw}/skinbackup.xml";
\r
4554 // backwards compatibilty (in v2.0, exports were saved as skindata.xml)
\r
4555 if ( !file_exists($skinFile) )
\r
4557 $skinFile = "{$DIR_SKINS}admin/{$skinFileRaw}/skindata.xml";
\r
4562 $skinFile = $skinFileRaw;
\r
4565 // read only metadata
\r
4566 $error = $importer->readFile($skinFile, 1);
\r
4569 self::error($error);
\r
4572 /* TODO: we should consider to use the other way instead of this */
\r
4573 $_REQUEST['skininfo'] = $importer->getInfo();
\r
4574 $_REQUEST['skinnames'] = $importer->getSkinNames();
\r
4575 $_REQUEST['tpltnames'] = $importer->getTemplateNames();
\r
4578 $skinNameClashes = $importer->checkSkinNameClashes();
\r
4579 $templateNameClashes = $importer->checkTemplateNameClashes();
\r
4580 $hasNameClashes = (count($skinNameClashes) > 0) || (count($templateNameClashes) > 0);
\r
4581 /* TODO: we should consider to use the other way instead of this */
\r
4582 $_REQUEST['skinclashes'] = $skinNameClashes;
\r
4583 $_REQUEST['tpltclashes'] = $templateNameClashes;
\r
4584 $_REQUEST['nameclashes'] = $hasNameClashes ? 1 : 0;
\r
4587 self::$skin->parse('adminskinieimport');
\r
4593 * Admin::action_adminskiniedoimport()
\r
4598 static private function action_adminskiniedoimport()
\r
4600 global $DIR_LIBS, $DIR_SKINS, $member;
\r
4602 $member->isAdmin() or self::disallow();
\r
4604 // load skinie class
\r
4605 include_once($DIR_LIBS . 'skinie.php');
\r
4607 $skinFileRaw = postVar('skinfile');
\r
4608 $mode = postVar('mode');
\r
4609 $allowOverwrite = intPostVar('overwrite');
\r
4611 // get full filename
\r
4612 if ( $mode == 'file' )
\r
4614 $skinFile = "{$DIR_SKINS}admin/{$skinFileRaw}/skinbackup.xml";
\r
4615 // backwards compatibilty (in v2.0, exports were saved as skindata.xml)
\r
4616 if ( !file_exists($skinFile) )
\r
4618 $skinFile = "{$DIR_SKINS}admin/{$skinFileRaw}/skindata.xml";
\r
4623 $skinFile = $skinFileRaw;
\r
4626 $importer = new SKINIMPORT();
\r
4628 $error = $importer->readFile($skinFile);
\r
4631 self::error($error);
\r
4634 $error = $importer->writeToDatabase($allowOverwrite);
\r
4637 self::error($error);
\r
4640 /* TODO: we should consider to use the other way instead of this */
\r
4641 $_REQUEST['skininfo'] = $importer->getInfo();
\r
4642 $_REQUEST['skinnames'] = $importer->getSkinNames();
\r
4643 $_REQUEST['tpltnames'] = $importer->getTemplateNames();
\r
4646 self::$skin->parse('adminskiniedoimport');
\r
4652 * Admin::action_adminskinieexport()
\r
4657 static private function action_adminskinieexport()
\r
4659 global $member, $DIR_PLUGINS;
\r
4661 $member->isAdmin() or self::disallow();
\r
4663 // load skinie class
\r
4664 $aSkins = requestIntArray('skin');
\r
4665 if (!is_array($aSkins)) {
\r
4666 $aSkins = array();
\r
4668 $skinList = array_keys($aSkins);
\r
4670 $aTemplates = requestIntArray('template');
\r
4671 if (!is_array($aTemplates))
\r
4673 $aTemplates = array();
\r
4675 $templateList = array_keys($aTemplates);
\r
4677 $info = postVar('info');
\r
4679 include_libs('skinie.php');
\r
4680 $exporter = new SkinExport();
\r
4681 foreach ( $skinList as $skinId )
\r
4683 $exporter->addSkin($skinId);
\r
4685 foreach ( $templateList as $templateId )
\r
4687 $exporter->addTemplate($templateId);
\r
4689 $exporter->setInfo($info);
\r
4690 $exporter->export();
\r
4695 * Admin::action_settingsedit()
\r
4700 static private function action_settingsedit()
\r
4702 global $member, $manager, $CONF, $DIR_NUCLEUS, $DIR_MEDIA;
\r
4704 $member->isAdmin() or self::disallow();
\r
4707 self::$skin->parse('settingsedit');
\r
4713 * Admin::action_settingsupdate()
\r
4714 * Update $CONFIG and redirect
\r
4719 static private function action_settingsupdate()
\r
4721 global $member, $CONF;
\r
4723 $member->isAdmin() or self::disallow();
\r
4725 // check if email address for admin is valid
\r
4726 if ( !NOTIFICATION::address_validation(postVar('AdminEmail')) )
\r
4728 self::error(_ERROR_BADMAILADDRESS);
\r
4732 self::updateConfig('DefaultBlog', postVar('DefaultBlog'));
\r
4733 self::updateConfig('BaseSkin', postVar('BaseSkin'));
\r
4734 self::updateConfig('IndexURL', postVar('IndexURL'));
\r
4735 self::updateConfig('AdminURL', postVar('AdminURL'));
\r
4736 self::updateConfig('PluginURL', postVar('PluginURL'));
\r
4737 self::updateConfig('SkinsURL', postVar('SkinsURL'));
\r
4738 self::updateConfig('ActionURL', postVar('ActionURL'));
\r
4739 self::updateConfig('Locale', postVar('Locale'));
\r
4740 self::updateConfig('AdminEmail', postVar('AdminEmail'));
\r
4741 self::updateConfig('SessionCookie', postVar('SessionCookie'));
\r
4742 self::updateConfig('AllowMemberCreate', postVar('AllowMemberCreate'));
\r
4743 self::updateConfig('AllowMemberMail', postVar('AllowMemberMail'));
\r
4744 self::updateConfig('NonmemberMail', postVar('NonmemberMail'));
\r
4745 self::updateConfig('ProtectMemNames', postVar('ProtectMemNames'));
\r
4746 self::updateConfig('SiteName', postVar('SiteName'));
\r
4747 self::updateConfig('NewMemberCanLogon', postVar('NewMemberCanLogon'));
\r
4748 self::updateConfig('DisableSite', postVar('DisableSite'));
\r
4749 self::updateConfig('DisableSiteURL', postVar('DisableSiteURL'));
\r
4750 self::updateConfig('LastVisit', postVar('LastVisit'));
\r
4751 self::updateConfig('MediaURL', postVar('MediaURL'));
\r
4752 self::updateConfig('AllowedTypes', postVar('AllowedTypes'));
\r
4753 self::updateConfig('AllowUpload', postVar('AllowUpload'));
\r
4754 self::updateConfig('MaxUploadSize', postVar('MaxUploadSize'));
\r
4755 self::updateConfig('MediaPrefix', postVar('MediaPrefix'));
\r
4756 self::updateConfig('AllowLoginEdit', postVar('AllowLoginEdit'));
\r
4757 self::updateConfig('DisableJsTools', postVar('DisableJsTools'));
\r
4758 self::updateConfig('CookieDomain', postVar('CookieDomain'));
\r
4759 self::updateConfig('CookiePath', postVar('CookiePath'));
\r
4760 self::updateConfig('CookieSecure', postVar('CookieSecure'));
\r
4761 self::updateConfig('URLMode', postVar('URLMode'));
\r
4762 self::updateConfig('CookiePrefix', postVar('CookiePrefix'));
\r
4763 self::updateConfig('DebugVars', postVar('DebugVars'));
\r
4764 self::updateConfig('DefaultListSize', postVar('DefaultListSize'));
\r
4765 self::updateConfig('AdminCSS', postVar('AdminCSS'));
\r
4767 // load new config and redirect (this way, the new locale will be used is necessary)
\r
4768 // note that when changing cookie settings, this redirect might cause the user
\r
4769 // to have to log in again.
\r
4771 redirect($CONF['AdminURL'] . '?action=manage');
\r
4776 * Admin::action_systemoverview()
\r
4777 * Output system overview
\r
4782 static private function action_systemoverview()
\r
4785 self::$skin->parse('systemoverview');
\r
4791 * Admin::updateConfig()
\r
4793 * @param string $name
\r
4794 * @param string $val
\r
4795 * @return integer return the ID in which the latest query posted
\r
4797 static private function updateConfig($name, $val)
\r
4799 $query = "UPDATE %s SET value=%s WHERE name=%s";
\r
4800 $query = sprintf($query, sql_table('config'), DB::quoteValue($val), DB::quoteValue($name));
\r
4801 if ( DB::execute($query) === FALSE )
\r
4803 $err = DB::getError();
\r
4804 die(_ADMIN_SQLDIE_QUERYERROR . $err[2]);
\r
4806 return DB::getInsertId();
\r
4813 * @param string $msg message that will be shown
\r
4816 static public function error($msg)
\r
4818 self::$headMess = $msg;
\r
4820 self::$skin->parse('adminerrorpage');
\r
4826 * Admin::disallow()
\r
4827 * add error log and show error page
\r
4832 static public function disallow()
\r
4834 ActionLog::add(WARNING, _ACTIONLOG_DISALLOWED . serverVar('REQUEST_URI'));
\r
4835 self::error(_ERROR_DISALLOWED);
\r
4840 * Admin::PluninAdminPagehead()
\r
4841 * Output pluginadmin page head
\r
4843 * @param string $extrahead
\r
4846 static public function PluninAdminPagehead($extrahead = '')
\r
4853 * Admin::PluninAdminPagefoot()
\r
4854 * Output pluginadmin page foot
\r
4859 static public function PluninAdminPagefoot()
\r
4866 * Admin::pagehead()
\r
4867 * Output admin page head
\r
4869 * @param string PluninAdminPagehead
\r
4872 static private function pagehead($extrahead = '')
\r
4874 global $member, $nucleus, $CONF, $manager;
\r
4876 if ( self::existsSkinContents('pagehead') )
\r
4878 if ( isset($extrahead) && !empty($extrahead) )
\r
4880 self::$extrahead = $extrahead;
\r
4882 self::$skin->parse('pagehead');
\r
4887 'extrahead' => &$extrahead,
\r
4888 'action' => self::$action
\r
4891 $manager->notify('AdminPrePageHead', $data);
\r
4893 $baseUrl = Entity::hsc($CONF['SkinsURL']);
\r
4897 if ( !array_key_exists('AdminCSS', $CONF) )
\r
4899 DB::execute("INSERT INTO " . sql_table('config') . " VALUES ('AdminCSS', 'original')");
\r
4900 $CONF['AdminCSS'] = 'original';
\r
4904 /* HTTP 1.1 application for no caching */
\r
4905 header("Cache-Control: no-cache, must-revalidate");
\r
4906 header("Expires: Sat, 26 Jul 1997 05:00:00 GMT");
\r
4908 $root_element = 'html';
\r
4909 $charset = i18n::get_current_charset();
\r
4910 $locale = preg_replace('#_#', '-', i18n::get_current_locale());
\r
4911 $xml_version_info = self::$xml_version_info;
\r
4912 $formal_public_identifier = self::$formal_public_identifier;
\r
4913 $system_identifier = self::$system_identifier;
\r
4914 $xhtml_namespace = self::$xhtml_namespace;
\r
4916 echo "<?xml version=\"{$xml_version_info}\" encoding=\"{$charset}\" ?>\n";
\r
4917 echo "<!DOCTYPE {$root_element} PUBLIC \"{$formal_public_identifier}\" \"{$system_identifier}\">\n";
\r
4918 echo "<{$root_element} xmlns=\"{$xhtml_namespace}\" xml:lang=\"{$locale}\" lang=\"{$locale}\">\n";
\r
4920 echo '<title>' . Entity::hsc($CONF['SiteName']) . " - Admin</title>\n";
\r
4923 echo "<link rel=\"stylesheet\" title=\"Nucleus Admin Default\" type=\"text/css\" href=\"{$baseUrl}admin/defaultadmin/styles/admin_{$CONF["AdminCSS"]}.css\" />\n";
\r
4925 echo "<link rel=\"stylesheet\" title=\"Nucleus Admin Default\" type=\"text/css\" href=\"{$baseUrl}admin/defaultadmin/styles/addedit.css\" />\n";
\r
4926 echo "<script type=\"text/javascript\" src=\"{$baseUrl}javascripts/edit.js\"></script>\n";
\r
4927 echo "<script type=\"text/javascript\" src=\"{$baseUrl}javascripts/admin.js\"></script>\n";
\r
4928 echo "<script type=\"text/javascript\" src=\"{$baseUrl}javascripts/compatibility.js\"></script>\n";
\r
4929 echo "{$extrahead}\n";
\r
4930 echo "</head>\n\n";
\r
4932 echo "<div id=\"adminwrapper\">\n";
\r
4933 echo "<div class=\"header\">\n";
\r
4934 echo '<h1>' . Entity::hsc($CONF['SiteName']) . "</h1>\n";
\r
4936 echo "<div id=\"container\">\n";
\r
4937 echo "<div id=\"content\">\n";
\r
4938 echo "<div class=\"loginname\">\n";
\r
4939 if ( $member->isLoggedIn() )
\r
4941 echo _LOGGEDINAS . ' ' . $member->getDisplayName() ." - <a href='index.php?action=logout'>" . _LOGOUT. "</a><br />\n";
\r
4942 echo "<a href='index.php?action=overview'>" . _ADMINHOME . "</a> - ";
\r
4946 echo '<a href="index.php?action=showlogin" title="Log in">' . _NOTLOGGEDIN . "</a><br />\n";
\r
4948 echo "<a href='".$CONF['IndexURL']."'>"._YOURSITE."</a><br />\n";
\r
4951 if (array_key_exists('codename', $nucleus) && $nucleus['codename'] != '' )
\r
4953 $codenamestring = ' "' . $nucleus['codename'].'"';
\r
4957 $codenamestring = '';
\r
4960 if ( $member->isLoggedIn() && $member->isAdmin() )
\r
4962 $checkURL = sprintf(_ADMIN_SYSTEMOVERVIEW_VERSIONCHECK_URL, getNucleusVersion(), getNucleusPatchLevel());
\r
4963 echo '<a href="' . $checkURL . '" title="' . _ADMIN_SYSTEMOVERVIEW_VERSIONCHECK_TITLE . '">Nucleus CMS ' . $nucleus['version'] . $codenamestring . '</a>';
\r
4965 $newestVersion = getLatestVersion();
\r
4966 $newestCompare = str_replace('/', '.', $newestVersion);
\r
4967 $currentVersion = str_replace(array('/','v'), array('.',''), $nucleus['version']);
\r
4969 if ( $newestVersion && version_compare($newestCompare, $currentVersion) > 0 )
\r
4972 echo '<a style="color:red" href="http://nucleuscms.org/upgrade.php" title="' . _ADMIN_SYSTEMOVERVIEW_LATESTVERSION_TITLE . '">';
\r
4973 echo _ADMIN_SYSTEMOVERVIEW_LATESTVERSION_TEXT . $newestVersion;
\r
4979 echo "Nucleus CMS {$nucleus['version']}{$codenamestring}";
\r
4988 * Admin::pagefoot()
\r
4989 * Output admin page foot include quickmenu
\r
4994 static private function pagefoot()
\r
4996 global $action, $member, $manager;
\r
4998 if ( self::existsSkinContents('pagefoot') )
\r
5000 self::$skin->parse('pagefoot');
\r
5006 'action' => self::$action
\r
5009 $manager->notify('AdminPrePageFoot', $data);
\r
5011 if ( $member->isLoggedIn() && ($action != 'showlogin') )
\r
5013 echo '<h2>' . _LOGOUT . "</h2>\n";
\r
5015 echo '<li><a href="index.php?action=overview">' . _BACKHOME . "</a></li>\n";
\r
5016 echo '<li><a href="index.php?action=logout">' . _LOGOUT . "</a></li>\n";
\r
5020 echo "<div class=\"foot\">\n";
\r
5021 echo '<a href="' . _ADMINPAGEFOOT_OFFICIALURL . '">Nucleus CMS</a> © 2002-' . date('Y') . ' ' . _ADMINPAGEFOOT_COPYRIGHT;
\r
5023 echo '<a href="' . _ADMINPAGEFOOT_DONATEURL . '">' . _ADMINPAGEFOOT_DONATE . "</a>\n";
\r
5026 echo "<div id=\"quickmenu\">\n";
\r
5028 if ( ($action != 'showlogin') && ($member->isLoggedIn()) )
\r
5031 echo '<li><a href="index.php?action=overview">' . _QMENU_HOME . "</a></li>\n";
\r
5034 echo '<h2>' . _QMENU_ADD . "</h2>\n";
\r
5035 echo "<form method=\"get\" action=\"index.php\">\n";
\r
5037 echo "<input type=\"hidden\" name=\"action\" value=\"createitem\" />\n";
\r
5039 $showAll = requestVar('showall');
\r
5041 if ( ($member->isAdmin()) && ($showAll == 'yes') )
\r
5043 // Super-Admins have access to all blogs! (no add item support though)
\r
5044 $query = "SELECT bnumber as value, bname as text FROM %s ORDER BY bname;";
\r
5045 $query = sprintf($query, sql_table('blog'));
\r
5049 $query = "SELECT bnumber as value, bname as text FROM %s, %s WHERE tblog=bnumber and tmember=%d ORDER BY bname;";
\r
5050 $query = sprintf($query, sql_table('blog'), sql_table('team'), (integer) $member->getID());
\r
5052 $template['name'] = 'blogid';
\r
5053 $template['tabindex'] = 15000;
\r
5054 $template['extra'] = _QMENU_ADD_SELECT;
\r
5055 $template['selected'] = -1;
\r
5056 $template['shorten'] = 10;
\r
5057 $template['shortenel'] = '';
\r
5058 $template['javascript'] = 'onchange="return form.submit()"';
\r
5059 showlist($query, 'select', $template);
\r
5064 echo "<h2>{$member->getDisplayName()}</h2>\n";
\r
5066 echo '<li><a href="index.php?action=editmembersettings">' . _QMENU_USER_SETTINGS . "</a></li>\n";
\r
5067 echo '<li><a href="index.php?action=browseownitems">' . _QMENU_USER_ITEMS . "</a></li>\n";
\r
5068 echo '<li><a href="index.php?action=browseowncomments">' . _QMENU_USER_COMMENTS . "</a></li>\n";
\r
5071 if ( $member->isAdmin() )
\r
5073 echo '<h2>' . _QMENU_MANAGE . "</h2>\n";
\r
5075 echo '<li><a href="index.php?action=actionlog">' . _QMENU_MANAGE_LOG . "</a></li>\n";
\r
5076 echo '<li><a href="index.php?action=settingsedit">' . _QMENU_MANAGE_SETTINGS . "</a></li>\n";
\r
5077 echo '<li><a href="index.php?action=systemoverview">' . _QMENU_MANAGE_SYSTEM . "</a></li>\n";
\r
5078 echo '<li><a href="index.php?action=usermanagement">' . _QMENU_MANAGE_MEMBERS . "</a></li>\n";
\r
5079 echo '<li><a href="index.php?action=createnewlog">' . _QMENU_MANAGE_NEWBLOG . "</a></li>\n";
\r
5080 echo '<li><a href="index.php?action=backupoverview">' . _QMENU_MANAGE_BACKUPS . "</a></li>\n";
\r
5081 echo '<li><a href="index.php?action=pluginlist">' . _QMENU_MANAGE_PLUGINS . "</a></li>\n";
\r
5084 echo "<h2>" . _QMENU_LAYOUT . "</h2>\n";
\r
5086 echo '<li><a href="index.php?action=skinoverview">' . _QMENU_LAYOUT_SKINS . "</a></li>\n";
\r
5087 echo '<li><a href="index.php?action=templateoverview">' . _QMENU_LAYOUT_TEMPL . "</a></li>\n";
\r
5088 echo '<li><a href="index.php?action=skinieoverview">' . _QMENU_LAYOUT_IEXPORT . "</a></li>\n";
\r
5092 $data = array('options' => array());
\r
5094 $manager->notify('QuickMenu', $data);
\r
5096 if ( count($data['options']) > 0 )
\r
5098 echo "<h2>" . _QMENU_PLUGINS . "</h2>\n";
\r
5100 foreach ( $data['options'] as $option )
\r
5102 echo '<li><a href="' . Entity::hsc($option['url']) . '" title="' . Entity::hsc($option['tooltip']) . '">' . Entity::hsc($option['title']) . "</a></li>\n";
\r
5107 else if ( ($action == 'activate') || ($action == 'activatesetpwd') )
\r
5110 echo '<h2>' . _QMENU_ACTIVATE . '</h2>' . _QMENU_ACTIVATE_TEXT;
\r
5114 echo '<h2>' . _QMENU_INTRO . '</h2>' . _QMENU_INTRO_TEXT;
\r
5117 echo "<!-- quickmenu -->\n";
\r
5120 echo "<!-- content -->\n";
\r
5123 echo "<!-- container -->\n";
\r
5126 echo "<!-- adminwrapper -->\n";
\r
5136 * Admin::action_bookmarklet()
\r
5141 static private function action_bookmarklet()
\r
5143 global $member, $manager;
\r
5145 $blogid = intRequestVar('blogid');
\r
5146 $member->teamRights($blogid) or self::disallow();
\r
5149 self::$skin->parse('bookmarklet');
\r
5155 * Admin::action_actionlog()
\r
5160 static private function action_actionlog()
\r
5162 global $member, $manager;
\r
5164 $member->isAdmin() or self::disallow();
\r
5167 self::$skin->parse('actionlog');
\r
5173 * Admin::action_banlist()
\r
5178 static private function action_banlist()
\r
5180 global $member, $manager;
\r
5182 $blogid = intRequestVar('blogid');
\r
5183 $member->blogAdminRights($blogid) or self::disallow();
\r
5186 self::$skin->parse('banlist');
\r
5192 * Admin::action_banlistdelete()
\r
5197 static private function action_banlistdelete()
\r
5199 global $member, $manager;
\r
5201 $blogid = intRequestVar('blogid');
\r
5202 $member->blogAdminRights($blogid) or self::disallow();
\r
5205 self::$skin->parse('banlistdelete');
\r
5211 * Admin::action_banlistdeleteconfirm()
\r
5216 static private function action_banlistdeleteconfirm()
\r
5218 global $member, $manager;
\r
5220 $blogid = intPostVar('blogid');
\r
5221 $allblogs = postVar('allblogs');
\r
5222 $iprange = postVar('iprange');
\r
5224 $member->blogAdminRights($blogid) or self::disallow();
\r
5226 $deleted = array();
\r
5230 if ( Ban::removeBan($blogid, $iprange) )
\r
5232 $deleted[] = $blogid;
\r
5237 // get blogs fot which member has admin rights
\r
5238 $adminblogs = $member->getAdminBlogs();
\r
5239 foreach ($adminblogs as $blogje)
\r
5241 if ( Ban::removeBan($blogje, $iprange) )
\r
5243 $deleted[] = $blogje;
\r
5248 if ( sizeof($deleted) == 0 )
\r
5250 self::error(_ERROR_DELETEBAN);
\r
5253 /* TODO: we should use other ways */
\r
5254 $_REQUEST['delblogs'] = $deleted;
\r
5257 self::$skin->parse('banlistdeleteconfirm');
\r
5263 * Admin::action_banlistnewfromitem()
\r
5268 static private function action_banlistnewfromitem()
\r
5270 self::action_banlistnew(getBlogIDFromItemID(intRequestVar('itemid')));
\r
5275 * Admin::action_banlistnew()
\r
5277 * @param integer $blogid ID for weblog
\r
5280 static private function action_banlistnew($blogid = '')
\r
5282 global $member, $manager;
\r
5284 if ( $blogid == '' )
\r
5286 $blogid = intRequestVar('blogid');
\r
5289 $ip = requestVar('ip');
\r
5291 $member->blogAdminRights($blogid) or self::disallow();
\r
5293 /* TODO: we should consider to use the other way instead of this */
\r
5294 $_REQUEST['blogid'] = $blogid;
\r
5297 self::$skin->parse('banlistnew');
\r
5304 * Admin::action_banlistadd()
\r
5309 static private function action_banlistadd()
\r
5313 $blogid = intPostVar('blogid');
\r
5314 $allblogs = postVar('allblogs');
\r
5315 $iprange = postVar('iprange');
\r
5317 if ( $iprange == "custom" )
\r
5319 $iprange = postVar('customiprange');
\r
5321 $reason = postVar('reason');
\r
5323 $member->blogAdminRights($blogid) or self::disallow();
\r
5325 // TODO: check IP range validity
\r
5329 if ( !Ban::addBan($blogid, $iprange, $reason) )
\r
5331 self::error(_ERROR_ADDBAN);
\r
5336 // get blogs fot which member has admin rights
\r
5337 $adminblogs = $member->getAdminBlogs();
\r
5339 foreach ($adminblogs as $blogje)
\r
5341 if ( !Ban::addBan($blogje, $iprange, $reason) )
\r
5348 self::error(_ERROR_ADDBAN);
\r
5351 self::action_banlist();
\r
5356 * Admin::action_clearactionlog()
\r
5361 static private function action_clearactionlog()
\r
5365 $member->isAdmin() or self::disallow();
\r
5367 ActionLog::clear();
\r
5369 self::action_manage(_MSG_ACTIONLOGCLEARED);
\r
5374 * Admin::action_backupoverview()
\r
5379 static private function action_backupoverview()
\r
5381 global $member, $manager;
\r
5383 $member->isAdmin() or self::disallow();
\r
5386 self::$skin->parse('backupoverview');
\r
5392 * Admin::action_backupcreate()
\r
5393 * create file for backup
\r
5399 static private function action_backupcreate()
\r
5401 global $member, $DIR_LIBS;
\r
5403 $member->isAdmin() or self::disallow();
\r
5405 // use compression ?
\r
5406 $useGzip = (integer) postVar('gzip');
\r
5408 include($DIR_LIBS . 'backup.php');
\r
5410 // try to extend time limit
\r
5411 // (creating/restoring dumps might take a while)
\r
5412 @set_time_limit(1200);
\r
5414 Backup::do_backup($useGzip);
\r
5419 * Admin::action_backuprestore()
\r
5420 * restoring from uploaded file
\r
5425 static private function action_backuprestore()
\r
5427 global $member, $DIR_LIBS;
\r
5429 $member->isAdmin() or self::disallow();
\r
5431 if ( intPostVar('letsgo') != 1 )
\r
5433 self::error(_ERROR_BACKUP_NOTSURE);
\r
5436 include($DIR_LIBS . 'backup.php');
\r
5438 // try to extend time limit
\r
5439 // (creating/restoring dumps might take a while)
\r
5440 @set_time_limit(1200);
\r
5442 $message = Backup::do_restore();
\r
5443 if ( $message != '' )
\r
5445 self::error($message);
\r
5448 self::$skin->parse('backuprestore');
\r
5454 * Admin::action_pluginlist()
\r
5455 * output the list of installed plugins
\r
5461 static private function action_pluginlist()
\r
5463 global $DIR_PLUGINS, $member, $manager;
\r
5465 // check if allowed
\r
5466 $member->isAdmin() or self::disallow();
\r
5469 self::$skin->parse('pluginlist');
\r
5475 * Admin::action_pluginhelp()
\r
5480 static private function action_pluginhelp()
\r
5482 global $member, $manager, $DIR_PLUGINS, $CONF;
\r
5484 // check if allowed
\r
5485 $member->isAdmin() or self::disallow();
\r
5487 $plugid = intGetVar('plugid');
\r
5489 if ( !$manager->pidInstalled($plugid) )
\r
5491 self::error(_ERROR_NOSUCHPLUGIN);
\r
5495 self::$skin->parse('pluginhelp');
\r
5501 * Admin::action_pluginadd()
\r
5507 static private function action_pluginadd()
\r
5509 global $member, $manager, $DIR_PLUGINS;
\r
5511 // check if allowed
\r
5512 $member->isAdmin() or self::disallow();
\r
5514 $name = postVar('filename');
\r
5516 if ( $manager->pluginInstalled($name) )
\r
5518 self::error(_ERROR_DUPPLUGIN);
\r
5521 if ( !checkPlugin($name) )
\r
5523 self::error(_ERROR_PLUGFILEERROR . ' (' . Entity::hsc($name) . ')');
\r
5526 // get number of currently installed plugins
\r
5527 $res = DB::getResult('SELECT * FROM ' . sql_table('plugin'));
\r
5528 $numCurrent = $res->rowCount();
\r
5530 // plugin will be added as last one in the list
\r
5531 $newOrder = $numCurrent + 1;
\r
5533 $data = array('file' => &$name);
\r
5534 $manager->notify('PreAddPlugin', $data);
\r
5536 // do this before calling getPlugin (in case the plugin id is used there)
\r
5537 $query = "INSERT INTO %s (porder, pfile) VALUES (%d, %s);";
\r
5538 $query = sprintf($query, sql_table('plugin'), (integer) $newOrder, DB::quoteValue($name));
\r
5539 DB::execute($query);
\r
5540 $iPid = DB::getInsertId();
\r
5542 $manager->clearCachedInfo('installedPlugins');
\r
5544 // Load the plugin for condition checking and instalation
\r
5545 $plugin =& $manager->getPlugin($name);
\r
5547 // check if it got loaded (could have failed)
\r
5550 $query = "DELETE FROM %s WHERE pid=%d;";
\r
5551 $query = sprintf($query, sql_table('plugin'), (integer) $iPid);
\r
5553 DB::execute($query);
\r
5555 $manager->clearCachedInfo('installedPlugins');
\r
5556 self::error(_ERROR_PLUGIN_LOAD);
\r
5559 // check if plugin needs a newer Nucleus version
\r
5560 if ( getNucleusVersion() < $plugin->getMinNucleusVersion() )
\r
5562 // uninstall plugin again...
\r
5563 self::deleteOnePlugin($plugin->getID());
\r
5565 // ...and show error
\r
5566 self::error(_ERROR_NUCLEUSVERSIONREQ . Entity::hsc($plugin->getMinNucleusVersion()));
\r
5569 // check if plugin needs a newer Nucleus version
\r
5570 if ( (getNucleusVersion() == $plugin->getMinNucleusVersion()) && (getNucleusPatchLevel() < $plugin->getMinNucleusPatchLevel()) )
\r
5572 // uninstall plugin again...
\r
5573 self::deleteOnePlugin($plugin->getID());
\r
5575 // ...and show error
\r
5576 self::error(_ERROR_NUCLEUSVERSIONREQ . Entity::hsc( $plugin->getMinNucleusVersion() . ' patch ' . $plugin->getMinNucleusPatchLevel() ) );
\r
5579 $pluginList = $plugin->getPluginDep();
\r
5580 foreach ( $pluginList as $pluginName )
\r
5582 $res = DB::getResult('SELECT * FROM '.sql_table('plugin') . ' WHERE pfile=' . DB::quoteValue($pluginName));
\r
5583 if ($res->rowCount() == 0)
\r
5585 // uninstall plugin again...
\r
5586 self::deleteOnePlugin($plugin->getID());
\r
5587 self::error(sprintf(_ERROR_INSREQPLUGIN, Entity::hsc($pluginName)));
\r
5591 // call the install method of the plugin
\r
5592 $plugin->install();
\r
5594 $data = array('plugin' => &$plugin);
\r
5595 $manager->notify('PostAddPlugin', $data);
\r
5597 // update all events
\r
5598 self::action_pluginupdate();
\r
5603 * ADMIN:action_pluginupdate():
\r
5609 static private function action_pluginupdate()
\r
5611 global $member, $manager, $CONF;
\r
5613 // check if allowed
\r
5614 $member->isAdmin() or self::disallow();
\r
5616 // delete everything from plugin_events
\r
5617 DB::execute('DELETE FROM '.sql_table('plugin_event'));
\r
5619 // loop over all installed plugins
\r
5620 $res = DB::getResult('SELECT pid, pfile FROM '.sql_table('plugin'));
\r
5621 foreach ( $res as $row )
\r
5623 $pid = $row['pid'];
\r
5624 $plug =& $manager->getPlugin($row['pfile']);
\r
5627 $eventList = $plug->getEventList();
\r
5628 foreach ( $eventList as $eventName )
\r
5630 $query = "INSERT INTO %s (pid, event) VALUES (%d, %s)";
\r
5631 $query = sprintf($query, sql_table('plugin_event'), (integer) $pid, DB::quoteValue($eventName));
\r
5632 DB::execute($query);
\r
5636 redirect($CONF['AdminURL'] . '?action=pluginlist');
\r
5641 * Admin::action_plugindelete()
\r
5646 static private function action_plugindelete()
\r
5648 global $member, $manager;
\r
5650 // check if allowed
\r
5651 $member->isAdmin() or self::disallow();
\r
5653 $pid = intGetVar('plugid');
\r
5655 if ( !$manager->pidInstalled($pid) )
\r
5657 self::error(_ERROR_NOSUCHPLUGIN);
\r
5661 self::$skin->parse('plugindelete');
\r
5667 * Admin::action_plugindeleteconfirm()
\r
5672 static private function action_plugindeleteconfirm()
\r
5674 global $member, $manager, $CONF;
\r
5676 // check if allowed
\r
5677 $member->isAdmin() or self::disallow();
\r
5679 $pid = intPostVar('plugid');
\r
5681 $error = self::deleteOnePlugin($pid, 1);
\r
5684 self::error($error);
\r
5687 redirect($CONF['AdminURL'] . '?action=pluginlist');
\r
5697 static public function deleteOnePlugin($pid, $callUninstall = 0)
\r
5701 $pid = intval($pid);
\r
5703 if ( !$manager->pidInstalled($pid) )
\r
5705 return _ERROR_NOSUCHPLUGIN;
\r
5708 $query = "SELECT pfile as result FROM %s WHERE pid=%d;";
\r
5709 $query = sprintf($query, sql_table('plugin'), (integer) $pid);
\r
5710 $name = DB::getValue($query);
\r
5712 // check dependency before delete
\r
5713 $res = DB::getResult('SELECT pfile FROM ' . sql_table('plugin'));
\r
5714 foreach ( $res as $row )
\r
5716 $plug =& $manager->getPlugin($row['pfile']);
\r
5719 $depList = $plug->getPluginDep();
\r
5720 foreach ( $depList as $depName )
\r
5722 if ( $name == $depName )
\r
5724 return sprintf(_ERROR_DELREQPLUGIN, $row['pfile']);
\r
5730 $data = array('plugid' => $pid);
\r
5731 $manager->notify('PreDeletePlugin', $data);
\r
5733 // call the unInstall method of the plugin
\r
5734 if ( $callUninstall )
\r
5736 $plugin =& $manager->getPlugin($name);
\r
5739 $plugin->unInstall();
\r
5743 // delete all subscriptions
\r
5744 DB::execute('DELETE FROM ' . sql_table('plugin_event') . ' WHERE pid=' . $pid);
\r
5746 // delete all options
\r
5747 // get OIDs from plugin_option_desc
\r
5748 $res = DB::getResult('SELECT oid FROM ' . sql_table('plugin_option_desc') . ' WHERE opid=' . $pid);
\r
5750 foreach ( $res as $row )
\r
5752 array_push($aOIDs, $row['oid']);
\r
5755 // delete from plugin_option and plugin_option_desc
\r
5756 DB::execute('DELETE FROM ' . sql_table('plugin_option_desc') . ' WHERE opid=' . $pid);
\r
5757 if (count($aOIDs) > 0)
\r
5759 DB::execute('DELETE FROM ' . sql_table('plugin_option') . ' WHERE oid in (' . implode(',', $aOIDs) . ')');
\r
5762 // update order numbers
\r
5763 $res = DB::getValue('SELECT porder FROM ' . sql_table('plugin') . ' WHERE pid=' . $pid);
\r
5764 DB::execute('UPDATE ' . sql_table('plugin') . ' SET porder=(porder - 1) WHERE porder>' . $res);
\r
5767 DB::execute('DELETE FROM ' . sql_table('plugin') . ' WHERE pid=' . $pid);
\r
5769 $manager->clearCachedInfo('installedPlugins');
\r
5770 $data = array('plugid' => $pid);
\r
5771 $manager->notify('PostDeletePlugin', $data);
\r
5777 * Admin::action_pluginup()
\r
5782 static private function action_pluginup()
\r
5784 global $member, $manager, $CONF;
\r
5786 // check if allowed
\r
5787 $member->isAdmin() or self::disallow();
\r
5789 $plugid = intGetVar('plugid');
\r
5791 if ( !$manager->pidInstalled($plugid) )
\r
5793 self::error(_ERROR_NOSUCHPLUGIN);
\r
5796 // 1. get old order number
\r
5797 $oldOrder = DB::getValue('SELECT porder FROM ' . sql_table('plugin') . ' WHERE pid=' . $plugid);
\r
5799 // 2. calculate new order number
\r
5800 $newOrder = ($oldOrder > 1) ? ($oldOrder - 1) : 1;
\r
5802 // 3. update plug numbers
\r
5803 DB::execute('UPDATE ' . sql_table('plugin') . ' SET porder=' . $oldOrder . ' WHERE porder=' . $newOrder);
\r
5804 DB::execute('UPDATE ' . sql_table('plugin') . ' SET porder=' . $newOrder . ' WHERE pid=' . $plugid);
\r
5806 //self::action_pluginlist();
\r
5807 // To avoid showing ticket in the URL, redirect to pluginlist, instead.
\r
5808 redirect($CONF['AdminURL'] . '?action=pluginlist');
\r
5813 * Admin::action_plugindown()
\r
5818 static private function action_plugindown()
\r
5820 global $member, $manager, $CONF;
\r
5822 // check if allowed
\r
5823 $member->isAdmin() or self::disallow();
\r
5825 $plugid = intGetVar('plugid');
\r
5826 if ( !$manager->pidInstalled($plugid) )
\r
5828 self::error(_ERROR_NOSUCHPLUGIN);
\r
5831 // 1. get old order number
\r
5832 $oldOrder = DB::getValue('SELECT porder FROM ' . sql_table('plugin') . ' WHERE pid=' . $plugid);
\r
5834 $res = DB::getResult('SELECT * FROM ' . sql_table('plugin'));
\r
5835 $maxOrder = $res->rowCount();
\r
5837 // 2. calculate new order number
\r
5838 $newOrder = ($oldOrder < $maxOrder) ? ($oldOrder + 1) : $maxOrder;
\r
5840 // 3. update plug numbers
\r
5841 DB::execute('UPDATE ' . sql_table('plugin') . ' SET porder=' . $oldOrder . ' WHERE porder=' . $newOrder);
\r
5842 DB::execute('UPDATE ' . sql_table('plugin') . ' SET porder=' . $newOrder . ' WHERE pid=' . $plugid);
\r
5844 //self::action_pluginlist();
\r
5845 // To avoid showing ticket in the URL, redirect to pluginlist, instead.
\r
5846 redirect($CONF['AdminURL'] . '?action=pluginlist');
\r
5851 * Admin::action_pluginoptions()
\r
5853 * Output Plugin option page
\r
5856 * @param string $message message when fallbacked
\r
5860 static private function action_pluginoptions($message = '')
\r
5862 global $member, $manager;
\r
5864 // check if allowed
\r
5865 $member->isAdmin() or self::disallow();
\r
5867 $pid = intRequestVar('plugid');
\r
5868 if ( !$manager->pidInstalled($pid) )
\r
5870 self::error(_ERROR_NOSUCHPLUGIN);
\r
5873 if ( isset($message) )
\r
5875 self::$headMess = $message;
\r
5877 $extrahead = "<script type=\"text/javascript\" src=\"javascript/numbercheck.js\"></script>\n";
\r
5878 self::pagehead($extrahead);
\r
5879 self::$skin->parse('pluginoptions');
\r
5885 * Admin::action_pluginoptionsupdate()
\r
5887 * Update plugin options and fallback to plugin option page
\r
5893 static private function action_pluginoptionsupdate()
\r
5895 global $member, $manager;
\r
5897 // check if allowed
\r
5898 $member->isAdmin() or self::disallow();
\r
5900 $pid = intRequestVar('plugid');
\r
5902 if ( !$manager->pidInstalled($pid) )
\r
5904 self::error(_ERROR_NOSUCHPLUGIN);
\r
5907 $aOptions = requestArray('plugoption');
\r
5908 NucleusPlugin::apply_plugin_options($aOptions);
\r
5911 'context' => 'global',
\r
5914 $manager->notify('PostPluginOptionsUpdate', $data);
\r
5916 self::action_pluginoptions(_PLUGS_OPTIONS_UPDATED);
\r
5921 * Admin::insertPluginOptions()
\r
5923 * Output plugin option field
\r
5926 * @param string $context plugin option context
\r
5927 * @param integer $contextid plugin option context id
\r
5930 static public function insertPluginOptions($context, $contextid = 0)
\r
5934 // get all current values for this contextid
\r
5935 // (note: this might contain doubles for overlapping contextids)
\r
5936 $aIdToValue = array();
\r
5938 $query = "SELECT oid, ovalue FROM %s WHERE ocontextid=%d;";
\r
5939 $query = sprintf($query, sql_table('plugin_option'), (integer) $contextid);
\r
5941 $res = DB::getResult($query);
\r
5942 foreach ( $res as $row )
\r
5944 $aIdToValue[$row['oid']] = $row['ovalue'];
\r
5947 // get list of oids per pid
\r
5948 $query = "SELECT * FROM %s, %s WHERE opid=pid and ocontext= %s ORDER BY porder, oid ASC;";
\r
5949 $query = sprintf($query, sql_table('plugin_option_desc'), sql_table('plugin'), DB::quoteValue($context));
\r
5950 $res = DB::getResult($query);
\r
5952 $aOptions = array();
\r
5953 foreach ($res as $row )
\r
5955 if ( !in_array($row['oid'], array_keys($aIdToValue)) )
\r
5957 $value = $row['odef'];
\r
5961 $value = $aIdToValue[$row['oid']];
\r
5967 'pid' => $row['pid'],
\r
5968 'pfile' => $row['pfile'],
\r
5969 'oid' => $row['oid'],
\r
5970 'value' => $value,
\r
5971 'name' => $row['oname'],
\r
5972 'description' => $row['odesc'],
\r
5973 'type' => $row['otype'],
\r
5974 'typeinfo' => $row['oextra'],
\r
5975 'contextid' => $contextid,
\r
5982 'context' => $context,
\r
5983 'contextid' => $contextid,
\r
5984 'options' =>& $aOptions
\r
5986 $manager->notify('PrePluginOptionsEdit', $data);
\r
5988 self::$aOptions = $aOptions;
\r
5989 self::$skin->parse('insertpluginoptions');
\r
5994 * Admin::action_parseSpecialskin()
\r
5999 static private function action_parseSpecialskin()
\r
6002 self::$skin->parse(self::$action);
\r
6008 * Admin::getAdminskinIDFromName()
\r
6010 * @param string $skinname name of skin
\r
6011 * @return integer ID for skin
\r
6013 static private function getAdminskinIDFromName($skinname)
\r
6015 $query = "SELECT 'sdnumber' as result FROM %s WHERE sdname = %s;";
\r
6016 $query = sprintf($query, sql_table('skin_desc'), DB::quoteValue($skinname));
\r
6017 $admnSknID = DB::getValue($query);
\r
6018 return (integer) $adminSkinID;
\r
6022 * Admin::getAdminskinNameFromID()
\r
6024 * @param integer $skinid ID for skin
\r
6025 * @return integer ID for skin
\r
6027 static private function getAdminskinNameFromID($skinid)
\r
6029 $query = "SELECT sdname as result FROM %s WHERE sdnumber = %d;";
\r
6030 $query = sprintf($query, sql_table('skin_desc'), (integer) $skinid);
\r
6031 $admnSknID = DB::getValue($query);
\r
6032 return (integer) $adminSkinID;
\r
6036 * Admin::getAdminextrahead()
\r
6038 static public function getAdminextrahead()
\r
6040 return self::$extrahead;
\r
6044 * Admin::getAdminpassvar()
\r
6046 static public function getAdminpassvar()
\r
6048 return self::$passvar;
\r
6052 * Admin::getAdminAction()
\r
6054 static public function getAdminAction()
\r
6056 return self::$action;
\r
6060 * Admin::getAdminaOption()
\r
6062 static public function getAdminaOption()
\r
6064 return self::$aOptions;
\r
6068 * Admin::action_importAdmin()
\r
6073 static private function action_importAdmin()
\r
6075 global $DIR_ADMINSKINS, $action;
\r
6076 if ( $action == 'adminskinieimport' )
\r
6078 self::doAdminskinimport();
\r
6081 if ( $action == 'showlogin' )
\r
6083 $skinName = 'showlogin';
\r
6084 $actnName = 'showlogin';
\r
6088 $skinName = 'defaultimporter';
\r
6089 $actnName = 'importAdmin';
\r
6092 /* TODO: why??? */
\r
6093 $contents = file_get_contents($DIR_ADMINSKINS . $skinName . '.skn');
\r
6095 $skn['description'] = $skinName;
\r
6096 $skn['contentType'] = 'importAdmin';
\r
6097 $skn['includeMode'] = 'normal';
\r
6098 $skn['includePrefix'] = '';
\r
6099 $skn['name'] = 'defaultinporter';
\r
6101 self::$skin = (object) $skn;
\r
6102 $handler = new AdminActions($actnName, self::$skin, $this);
\r
6103 $handler->setSkin(self::$skin);
\r
6105 $parser = new PARSER($handler);
\r
6106 $parser->parse($contents);
\r
6112 * Admin::doAdminskinimport()
\r
6117 static private function doAdminskinimport()
\r
6119 global $DIR_LIBS, $DIR_ADMINSKINS, $CONF, $member;
\r
6121 $member->isAdmin() or self::disallow();
\r
6123 include_once($DIR_LIBS . 'Skinie.php');
\r
6124 $skinFileRaw = postVar('skinfile');
\r
6125 $mode = postVar('mode');
\r
6126 $allowOverwrite = intPostVar('overwrite');
\r
6128 if ( $mode == 'file' )
\r
6130 $skinFile = $DIR_ADMINSKINS . $skinFileRaw . '/skinbackup.xml';
\r
6134 $skinFile = $skinFileRaw;
\r
6137 $importer = new SKINIMPORT();
\r
6138 $error = $importer->readFile($skinFile);
\r
6141 self::error($error);
\r
6143 $error = $importer->writeToDatabase($allowOverwrite);
\r
6146 self::error($error);
\r
6149 $_REQUEST['skininfo'] = $importer->getInfo();
\r
6150 $_REQUEST['skinnames'] = $importer->getSkinNames();
\r
6151 $_REQUEST['tpltnames'] = $importer->getTemplateNames();
\r
6153 header('Location: ' . $CONF['AdminURL']);
\r