3 * Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/)
4 * Copyright (C) 2002-2012 The Nucleus Group
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version 2
9 * of the License, or (at your option) any later version.
10 * (see nucleus/documentation/index.html#license for more info)
13 * @license http://nucleuscms.org/license.txt GNU General Public License
14 * @copyright Copyright (C) 2002-2012 The Nucleus Group
15 * @version $Id: AdminActions.php 1661 2012-02-12 11:55:39Z sakamocchi $
18 class AdminActions extends BaseActions
23 * AdminActions::$default_actions
24 * list of whole action names with which this class can deal
26 static private $default_actions = array(
50 * AdminActions::$normal_skin_types
51 * friendly name for wrapped page types
53 static private $normal_skin_types = array(
54 'actionlog' => _ADM_SKPRT_ACTIONLOG,
55 'activate' => _ADM_SKPRT_ACTIVATE,
56 'activatesetpwd' => _ADM_SKPRT_ACTIVATESETPWD,
57 'addnewlog' => _ADM_SKPRT_ADDNEWLOG,
58 'adminerrorpage' => _ADM_SKPRT_ADMINERRORPAGE,
59 'adminskindelete' => _ADM_SKPRT_ADMINSKINDELETE,
60 'adminskinedit' => _ADM_SKPRT_ADMINSKINEDIT,
61 'adminskinedittype' => _ADM_SKPRT_ADMINSKINEDITTYPE,
62 'adminskiniedoimport' => _ADM_SKPRT_ADMINSKINIEDOIMPORT,
63 'adminskinieimport' => _ADM_SKPRT_ADMINSKINIEIMPORT,
64 'adminskinieoverview' => _ADM_SKPRT_ADMINSKINIEOVERVIEW,
65 'adminskinoverview' => _ADM_SKPRT_ADMINSKINOVERVIEW,
66 'adminskinremovetype' => _ADM_SKPRT_ADMINSKINREMOVETYPE,
67 'admintemplatedelete' => _ADM_SKPRT_ADMINTEMPLATEDELETE,
68 'admintemplateedit' => _ADM_SKPRT_ADMINTEMPLATEEDIT,
69 'admintemplateoverview' => _ADM_SKPRT_ADMINTEMPLATEOVERVIEW,
70 'backupoverview' => _ADM_SKPRT_BACKUPOVERVIEW,
71 'backuprestore' => _ADM_SKPRT_BACKUPRESTORE,
72 'banlist' => _ADM_SKPRT_BANLIST,
73 'banlistdelete' => _ADM_SKPRT_BANLISTDELETE,
74 'banlistdeleteconfirm' => _ADM_SKPRT_BANLISTDELETECONFIRM,
75 'banlistnew' => _ADM_SKPRT_BANLISTNEW,
76 'batchcategory' => _ADM_SKPRT_BATCHCATEGORY,
77 'batchcomment' => _ADM_SKPRT_BATCHCOMMENT,
78 'batchdelete' => _ADM_SKPRT_BATCHDELETE,
79 'batchitem' => _ADM_SKPRT_BATCHITEM,
80 'batchmember' => _ADM_SKPRT_BATCHMEMBER,
81 'batchmove' => _ADM_SKPRT_BATCHMOVE,
82 'batchmovecat' => _ADM_SKPRT_BATCHMOVECAT,
83 'batchteam' => _ADM_SKPRT_BATCHTEAM,
84 'blogcommentlist' => _ADM_SKPRT_BLOGCOMMENTLIST,
85 'blogsettings' => _ADM_SKPRT_BLOGSETTINGS,
86 'bookmarklet' => _ADM_SKPRT_BOOKMARKLET,
87 'browseowncomments' => _ADM_SKPRT_BROWSEOWNCOMMENTS,
88 'browseownitems' => _ADM_SKPRT_BROWSEOWNITEMS,
89 'categorydelete' => _ADM_SKPRT_CATEGORYDELETE,
90 'categoryedit' => _ADM_SKPRT_CATEGORYEDIT,
91 'commentdelete' => _ADM_SKPRT_COMMENTDELETE,
92 'commentedit' => _ADM_SKPRT_COMMENTEDIT,
93 'createitem' => _ADM_SKPRT_CREATEITEM,
94 'createnewlog' => _ADM_SKPRT_CREATENEWLOG,
95 'createaccountinput' => _ADM_SKPRT_CREATEACCOUNTINPUT,
96 'createaccountsuccess' => _ADM_SKPRT_CREATEACCOUNTSUCCESS,
97 'createaccountdisable' => _ADM_SKPRT_CREATEACCOUNTDISALLOWED,
98 'deleteblog' => _ADM_SKPRT_DELETEBLOG,
99 'editmembersettings' => _ADM_SKPRT_EDITMEMBERSETTINGS,
100 'forgotpassword' => _ADM_SKPRT_FORGOTPASSWORD,
101 'itemcommentlist' => _ADM_SKPRT_ITEMCOMMENTLIST,
102 'itemdelete' => _ADM_SKPRT_ITEMDELETE,
103 'itemedit' => _ADM_SKPRT_ITEMEDIT,
104 'itemlist' => _ADM_SKPRT_ITEMLIST,
105 'itemmove' => _ADM_SKPRT_ITEMMOVE,
106 'manage' => _ADM_SKPRT_MANAGE,
107 'manageteam' => _ADM_SKPRT_MANAGETEAM,
108 'memberdelete' => _ADM_SKPRT_MEMBERDELETE,
109 'overview' => _ADM_SKPRT_OVERVIEW,
110 'pagefoot' => _ADM_SKPRT_PAGEFOOT,
111 'pagehead' => _ADM_SKPRT_PAGEHEAD,
112 'plugindelete' => _ADM_SKPRT_PLUGINDELETE,
113 'pluginhelp' => _ADM_SKPRT_PLUGINHELP,
114 'pluginlist' => _ADM_SKPRT_PLUGINLIST,
115 'pluginoptions' => _ADM_SKPRT_PLUGINOPTIONS,
116 'settingsedit' => _ADM_SKPRT_SETTINGSEDIT,
117 'showlogin' => _ADM_SKPRT_SHOWLOGIN,
118 'skindelete' => _ADM_SKPRT_SKINDELETE,
119 'skinedit' => _ADM_SKPRT_SKINEDIT,
120 'skinedittype' => _ADM_SKPRT_SKINEDITTYPE,
121 'skiniedoimport' => _ADM_SKPRT_SKINIEDOIMPORT,
122 'skinieimport' => _ADM_SKPRT_SKINIEIMPORT,
123 'skinieoverview' => _ADM_SKPRT_SKINIEOVERVIEW,
124 'skinoverview' => _ADM_SKPRT_SKINOVERVIEW,
125 'skinremovetype' => _ADM_SKPRT_SKINREMOVETYPE,
126 'systemoverview' => _ADM_SKPRT_SYSTEMOVERVIEW,
127 'teamdelete' => _ADM_SKPRT_TEAMDELETE,
128 'templatedelete' => _ADM_SKPRT_TEMPLATEDELETE,
129 'templateedit' => _ADM_SKPRT_TEMPLATEEDIT,
130 'templateoverview' => _ADM_SKPRT_TEMPLATEOVERVIEW,
131 'usermanagement' => _ADM_SKPRT_USERMANAGEMENT
135 * AdminActions::getNormalSkinTypes()
139 * @return array list of friendly names for page actions
141 static public function getNormalSkinTypes()
143 return self::$normal_skin_types;
147 * AdminActions::__construct()
148 * Constructor for a new Actions object
150 * @param string $type
153 public function __construct($type)
155 // call constructor of superclass first
156 parent::__construct();
159 if ( $type == 'admntemplateoverview' )
161 $this->skintype = 'admintemplateoverview';
165 $this->skintype = $type;
172 * AdminActions::getAvailableActions()
175 * @return array allowed actions for the page type
177 public function getAvailableActions()
179 $extra_actions = array();
181 switch ( $this->skintype )
184 $extra_actions = array(
189 $extra_actions = array(
194 case 'activatesetpwd':
195 $extra_actions = array(
196 /* nothing special */
200 $extra_actions = array(
206 case 'adminerrorpage':
207 $extra_actions = array(
208 /* nothing special */
211 case 'adminskindelete':
212 $extra_actions = array(
216 case 'adminskinedit':
217 $extra_actions = array(
223 case 'adminskinedittype':
224 $extra_actions = array(
227 'allowedskinactions',
228 'skineditallowedlist',
231 case 'adminskiniedoimport':
232 $extra_actions = array(
236 case 'adminskinieimport':
237 $extra_actions = array(
241 case 'adminskinieoverview':
242 $extra_actions = array(
243 'selectlocalskinfiles',
247 case 'adminskinoverview':
248 $extra_actions = array(
252 case 'adminskinremovetype':
253 $extra_actions = array(
257 case 'admintemplatedelete':
258 $extra_actions = array(
259 'editadmintemplateinfo',
261 case 'admintemplateedit':
262 $extra_actions = array(
266 case 'admintemplateoverview':
267 $extra_actions = array(
271 case 'backupoverview':
272 $extra_actions = array(
273 /* nothing special */
276 case 'backuprestore':
277 $extra_actions = array(
278 /* nothing special */
282 $extra_actions = array(
288 case 'banlistdelete':
289 $extra_actions = array(
294 case 'banlistdeleteconfirm':
295 $extra_actions = array(
296 'banlistdeletedlist',
301 $extra_actions = array(
307 case 'batchcategory':
308 $extra_actions = array(
314 $extra_actions = array(
320 $extra_actions = array(
326 $extra_actions = array(
332 $extra_actions = array(
338 $extra_actions = array(
347 $extra_actions = array(
356 $extra_actions = array(
362 case 'blogcommentlist':
363 $extra_actions = array(
370 $extra_actions = array(
386 $extra_actions = array(
390 case 'browseowncomments':
391 $extra_actions = array(
395 case 'browseownitems':
396 $extra_actions = array(
400 case 'categorydelete':
401 $extra_actions = array(
407 $extra_actions = array(
414 case 'commentdelete':
415 $extra_actions = array(
420 $extra_actions = array(
424 case 'createaccountinput':
425 $extra_actions = array(
431 case 'createaccountsuccess':
432 $extra_actions = array(
436 case 'createaccountdisable':
437 $extra_actions = array(
438 /* nothing special */
442 $extra_actions = array(
454 $extra_actions = array(
460 $extra_actions = array(
465 case 'editmembersettings':
466 $extra_actions = array(
469 'localeselectoptions',
471 'defadminskinselect',
472 'defbookmarkletselect',
476 case 'forgotpassword':
477 $extra_actions = array(
478 /* nothing special */
481 case 'itemcommentlist':
482 $extra_actions = array(
488 $extra_actions = array(
495 $extra_actions = array(
507 $extra_actions = array(
514 $extra_actions = array(
520 $extra_actions = array(
521 /* nothing special */
525 $extra_actions = array(
534 $extra_actions = array(
539 $extra_actions = array(
544 $extra_actions = array(
549 $extra_actions = array(
555 $extra_actions = array(
560 case 'pluginoptions':
561 $extra_actions = array(
563 'editplugoptionslist',
567 $extra_actions = array(
570 'configsettingsedit',
571 'configsettingsyesno',
574 'localeselectoptions',
577 'defadminskinselect',
578 'defbookmarkletselect',
582 $extra_actions = array(
587 $extra_actions = array(
592 $extra_actions = array(
599 $extra_actions = array(
602 'allowedskinactions',
603 'skineditallowedlist'
606 case 'skiniedoimport':
607 $extra_actions = array(
612 $extra_actions = array(
616 case 'skinieoverview':
617 $extra_actions = array(
618 'selectlocalskinfiles',
623 $extra_actions = array(
627 case 'skinremovetype':
628 $extra_actions = array(
632 case 'systemoverview':
633 $extra_actions = array(
638 $extra_actions = array(
644 case 'templatedelete':
645 $extra_actions = array(
650 $extra_actions = array(
654 case 'templateoverview':
655 $extra_actions = array(
659 case 'usermanagement':
660 $extra_actions = array(
666 $extra_actions = array(
675 'selectlocalskinfiles',
683 $defined_actions = array_merge(self::$default_actions, $extra_actions);
685 return array_merge($defined_actions, parent::getAvailableActions());
689 * AdminActions::parse_actionloglist()
690 * Parse skinvar actionloglist
692 * @param string $template_name name of template to use
695 public function parse_actionloglist($template_name = '')
697 $query = "SELECT * FROM %s ORDER BY timestamp DESC;";
698 $query = sprintf($query, sql_table('actionlog'));
700 $resource = DB::getResult($query);
701 if ( $resource->rowCount() > 0 )
703 $template['content'] = 'actionlist';
704 $action_list = showlist($resource, 'table', $template, $template_name);
705 $this->parser->parse($action_list);
709 /* TODO: nothing to be shown */
715 * AdminActions::parse_activationmessage()
716 * Parse skinvar activationmessage
718 * @param string $type type of message
719 * @param string $template_name name of template to use
722 public function parse_activationmessage($type, $template_name = '')
724 global $CONF, $manager;
728 if ( !empty($template_name))
730 $template =& $manager->getTemplate($template_name);
733 $key = postVar('ackey');
736 Admin::error(_ERROR_ACTIVATE);
739 $info = MEMBER::getActivationInfo($key);
742 Admin::error(_ERROR_ACTIVATE);
745 $mem =& $manager->getMember($info->vmember);
748 Admin::error(_ERROR_ACTIVATE);
750 switch ( $info->vtype )
753 if ( array_key_exists('ACTIVATE_FORGOT_TITLE', $template) && !empty($template['ACTIVATE_FORGOT_TITLE']) )
755 $title = $template['ACTIVATE_FORGOT_TITLE'];
759 $title = _ACTIVATE_FORGOT_TITLE;
761 if ( array_key_exists('ACTIVATE_FORGOT_TEXT', $template) && !empty($template['ACTIVATE_FORGOT_TEXT']) )
763 $text = $template['ACTIVATE_FORGOT_TEXT'];
767 $text = _ACTIVATE_FORGOT_TEXT;
771 if ( array_key_exists('ACTIVATE_REGISTER_TITLE', $template) && !empty($template['ACTIVATE_REGISTER_TITLE']) )
773 $title = $template['ACTIVATE_REGISTER_TITLE'];
777 $title = _ACTIVATE_REGISTER_TITLE;
779 if ( array_key_exists('ACTIVATE_REGISTER_TEXT', $template) && !empty($template['ACTIVATE_REGISTER_TEXT']) )
781 $text = $template['ACTIVATE_REGISTER_TEXT'];
785 $text = _ACTIVATE_REGISTER_TEXT;
788 case 'addresschange':
789 if ( array_key_exists('ACTIVATE_CHANGE_TITLE', $template) && !empty($template['ACTIVATE_CHANGE_TITLE']) )
791 $title = $template['ACTIVATE_CHANGE_TITLE'];
795 $title = _ACTIVATE_CHANGE_TITLE;
797 if (array_key_exists('ACTIVATE_CHANGE_TEXT', $template) && !empty($template['ACTIVATE_CHANGE_TEXT']))
799 $text = $template['ACTIVATE_CHANGE_TEXT'];
803 $text = _ACTIVATE_CHANGE_TEXT;
808 'memberName' => Entity::hsc($mem->getDisplayName()),
809 'realName' => Entity::hsc($mem->getRealName()),
814 echo Template::fill($title, $aVars);
817 echo Template::fill($text, $aVars);
820 echo Entity::hsc($key);
827 * AdminActions::parse_addtickettourl()
828 * Parse skinvar addtickettourl
830 * @param string $url URI for ticket
833 public function parse_addtickettourl($url)
836 $url = $manager->addTicketToUrl($url);
837 echo Entity::hsc($url);
842 * AdminActions::parse_adminbanlist()
843 * Parse skinvar adminbanlist
845 * @param string $template_name name of template to use
848 public function parse_adminbanlist($template_name = '')
850 $blogid = intRequestVar('blogid');
852 $query = "SELECT * FROM %s WHERE blogid=%d ORDER BY iprange;";
853 $query = sprintf($query, sql_table('ban'), (integer) $blogid);
855 $resource = DB::getResult($query);
856 if ( $resource->rowCount() > 0 )
858 $template['content'] = 'banlist';
859 $ban_list = showlist($resource, 'table', $template, $template_name);
860 $this->parser-parse($ban_list);
870 * AdminActions::parse_adminbatchaction()
871 * Parse skinvar adminbatchaction
876 public function parse_adminbatchaction()
878 echo Entity::hsc(requestVar('batchaction'));
883 * AdminActions::parse_adminbatchlist()
884 * Parse skinvar adminbatchlist
886 * @param string $template_name name of template to use
889 public function parse_adminbatchlist($template_name = '')
892 $templates = array();
894 if ( !empty($template_name) )
896 $templates =& $manager->getTemplate($template_name);
899 if ( !array_key_exists('ADMIN_BATCHLIST', $templates) || empty($templates['ADMIN_BATCHLIST']) )
901 $template = '<li><%text(_BATCH_EXECUTING)%> '
902 . '<b><%adminbatchaction%></b> '
903 . '<%batchlisttype%> '
904 . '<b><%batchid%></b>... '
905 . '<b><%batchlistmsg%></b>'
910 $template = $templates['ADMIN_BATCHLIST'];
913 $selected = requestIntArray('batch');
914 $action = requestVar('batchaction');
916 switch ( $this->skintype )
919 $batchlisttype = _BATCH_ONITEM;
920 $deleteaction = 'deleteOneItem';
921 $moveaction = 'moveOneItem';
922 $destid = intRequestVar('destcatid');
925 $batchlisttype = _BATCH_ONCOMMENT;
926 $deleteaction = 'deleteOneComment';
929 $batchlisttype = _BATCH_ONMEMBER;
930 $deleteaction = 'deleteOneMember';
931 $setadminsql = sql_table('member') . ' SET madmin = 1 WHERE mnumber = ';
932 $unsetchksql = 'SELECT * FROM ' . sql_table('member') . ' WHERE madmin = 1 AND mcanlogin = 1';
933 $unsetupsql = sql_table('member') . ' SET madmin = 0 WHERE mnumber = ';
934 $unseterrmsg = _ERROR_ATLEASTONEADMIN;
937 $blogid = intRequestVar('blogid');
938 $batchlisttype = _BATCH_ONTEAM;
939 $deleteaction = 'deleteOneTeamMember';
940 $setadminsql = sql_table('team') . ' SET tadmin = 1 WHERE tblog = ' . $blogid . ' AND tmember = ';
941 $unsetchksql = 'SELECT * FROM ' . sql_table('team') . ' WHERE tadmin = 1 AND tblog = ' . $blogid;
942 $unseterrmsg = _ERROR_ATLEASTONEBLOGADMIN;
943 $unsetupsql = sql_table('team') . ' SET tadmin = 0 WHERE tblog = ' . $blogid . ' AND tmember = ';
945 case 'batchcategory':
946 $batchlisttype = _BATCH_ONCATEGORY;
947 $deleteaction = 'deleteOneCategory';
948 $moveaction = 'moveOneCategory';
949 $destid = intRequestVar('destblogid');
953 // walk over all selectedids and perform action
954 foreach ( $selected as $selectedid )
957 $selectedid = intval($selectedid);
961 if ( $this->skintype != 'batchteam' )
963 $params = array($selectedid);
964 $error = call_user_func_array(array('Admin', $deleteaction), $params);
968 $error = Admin::deleteOneTeamMember($blogid, $selectedid);
972 $params = array($selectedid, $destid);
973 $error = call_user_func_array(array('Admin', $moveaction), $params);
977 DB::execute("UPDATE {$setadminsql} {$selectedid};");
981 // there should always remain at least one super-admin
982 $r = DB::getResult($unsetchksql);
983 if ( $r->rowCount() < 2 )
985 $error = $unseterrmsg;
989 DB::execute("UPDATE {$unsetupsql} {$selectedid};");
993 $error = _BATCH_UNKNOWN . Entity::hsc($action);
997 'batchid' => $selectedid,
998 'batchlisttype' => Entity::hsc($batchlisttype),
999 'adminbatchaction' => Entity::hsc($action),
1000 'batchlistmsg' => $error ? $error : _BATCH_SUCCESS,
1003 $this->parser->parse(Template::fill($template, $data));
1010 * AdminActions::parse_adminbloglink()
1011 * Parse skinvar adminbloglink
1013 * @param string $template_name name of template to use
1016 public function parse_adminbloglink($template_name = '')
1019 $blogid = intRequestVar('blogid');
1020 $blog =& $manager->getBlog($blogid);
1021 $templates = array();
1023 if ( !empty($template_name) )
1025 $templates =& $manager->getTemplate($template_name);
1028 if ( !array_key_exists('ADMIN_BLOGLINK', $templates) || empty($templates['ADMIN_BLOGLINK']) )
1030 $template = '<a href="<%url%>" title="<%adminbloglinktitle%>"><%blogname%></a>';
1034 $template = $templates['ADMIN_BLOGLINK'];
1038 'url' => Entity::hsc($blog->getURL()),
1039 'adminbloglinktitle' => _BLOGLIST_TT_VISIT,
1040 'blogname' => Entity::hsc($blog->getName())
1043 echo Template::fill($template, $data);
1048 * AdminActions::parse_adminerrormesg()
1049 * Parse skinvar adminerrormesg
1054 public function parse_adminerrormesg()
1059 if ( requestVar('errormessage') )
1061 $message = requestVar('errormessage');
1063 elseif ( cookieVar($CONF['CookiePrefix'] . 'errormessage') )
1065 $message = cookieVar($CONF['CookiePrefix'] . 'errormessage');
1067 elseif ( Admin::sessionVar($CONF['CookiePrefix'] . 'errormessage') )
1069 $message = Admin::sessionVar($CONF['CookiePrefix'] . 'errormessage');
1071 echo Entity::hsc($message);
1076 * AdminActions::parse_allowedskinactions()
1077 * Parse skinvar allowedskinactions
1082 public function parse_allowedskinactions()
1086 $type = strtolower(trim(requestVar('type')));
1087 $skinid = intRequestVar('skinid');
1089 if ( !in_array($this->skintype, Admin::$adminskin_actions) )
1091 $skin =& $manager->getSkin($skinid);
1096 $skin =& $manager->getSkin($skinid, 'AdminActions');
1097 $tag = 'adminskinvar';
1100 $actions = $skin->getAllowedActionsForType($type);
1103 while ( $current = array_shift($actions) )
1105 echo helplink("{$tag}-{$current}") . "$current</a>\n";
1107 if ( count($actions) != 0 )
1116 * AdminActions::parse_banlistdeletedlist()
1117 * Parse skinvar banlistdeletedlist
1119 * @param string $template_name name of template to use
1122 public function parse_banlistdeletedlist($template_name = '')
1126 $templates = array();
1127 if ( $template_name )
1129 $templates =& $manager->getTemplate($template_name);
1132 if ( !array_key_exists('BANLIST_DELETED_LIST', $templates) || empty($templates['BANLIST_DELETED_LIST']) )
1134 $template = "<li><%blogname%></li>\n";
1138 $template = $templates['BANLIST_DELETED_LIST'];
1141 $deleted = requestArray('delblogs');
1142 foreach ( $deleted as $delblog )
1144 $blog =& $manager->getBlog($delblog);
1146 'blogname' => Entity::hsc($blog->getName())
1148 echo Template::fill($template, $data);
1155 * AdminActions::parse_batchdeletelist()
1156 * Parse skinvar batchdeletelist
1161 public function parse_batchdeletelist()
1163 $selected = requestIntArray('batch');
1166 foreach ( $selected as $select )
1168 echo '<input type="hidden" name="batch[' . ($index++) . ']" value="' . intval($select) . "\" />\n";
1170 // add hidden vars for team & comment
1171 if ( requestVar('action') == 'batchteam' )
1173 echo '<input type="hidden" name="blogid" value="' . intRequestVar('blogid') . "\" />\n";
1175 if ( requestVar('action') == 'batchcomment' )
1177 echo '<input type="hidden" name="itemid" value="' . intRequestVar('itemid') . "\" />\n";
1183 * AdminActions::parse_defadminskinselect()
1184 * Parse skinvar defadminskinselect
1186 * @param string $template_name name of template to use
1189 public function parse_defadminskinselect($template_name)
1191 global $CONF, $action, $manager;
1193 if ( $action == 'editmembersettings' )
1196 $default = $member->adminskin;
1198 elseif ( $action == 'memberedit' )
1200 $mem = $manager->getMember(intRequestVar('memberid'));
1201 $default = $mem->adminskin;
1205 $default = $CONF['AdminSkin'];
1208 $query = "SELECT sdname as text, sdnumber as value FROM %s WHERE sdname LIKE 'admin/%%'";
1209 $query = sprintf($query, sql_table('skin_desc'));
1211 'name' => 'adminskin',
1212 'tabindex' => 10080,
1213 'selected' => $default
1216 if ( $this->skintype != 'settingsedit' )
1218 $template['extra'] = Entity::hsc(_MEMBERS_USESITELANG);
1221 $skin_select = showlist($query, 'select', $template, $template_name);
1222 $this->parser->parse($skin_select);
1227 * AdminActions::parse_defbookmarkletselect()
1228 * Parse skinvar defbookmarkletselect
1230 * @param string $template_name name of template to use
1233 public function parse_defbookmarkletselect($template_name)
1235 global $CONF, $action, $manager;
1237 if ( $action == 'editmembersettings' )
1240 $default = $member->bookmarklet;
1242 elseif ( $action == 'memberedit' )
1244 $mem = $manager->getMember(intRequestVar('memberid'));
1245 $default = $mem->bookmarklet;
1249 $default = $CONF['BookmarkletSkin'];
1252 $query = "SELECT sdname as text, sdnumber as value FROM %s WHERE sdname LIKE 'admin/%%'";
1253 $query = sprintf($query, sql_table('skin_desc'));
1256 'name' => 'bookmarklet',
1257 'tabindex' => 10085,
1258 'selected' => $default
1261 if ( $this->skintype != 'settingsedit' )
1263 $template['extra'] = Entity::hsc(_MEMBERS_USESITELANG);
1266 $bookmarklet_select = showlist($query, 'select', $template, $template_name);
1267 $this->parser->parse($bookmarklet_select);
1272 * AdminActions::parse_batchdeletetype()
1273 * Parse skinvar batchdeletetype
1278 public function parse_batchdeletetype()
1280 echo Entity::hsc(requestVar('action'));
1285 * AdminActions::parse_batchmovebtn()
1286 * Parse skinvar batchmovebtn
1291 public function parse_batchmovebtn()
1293 $actionType = requestVar('action');
1294 switch ( $actionType )
1299 case 'batchcategory':
1307 * AdminActions::parse_batchmovelist()
1308 * Parse skinvar batchmovelist
1313 public function parse_batchmovelist()
1315 $selected = requestIntArray('batch');
1317 foreach ( $selected as $select )
1319 echo '<input type="hidden" name="batch[' . ($count) . ']" value="' . intval($select) . "\" />\n";
1326 * AdminActions::parse_batchmovetitle()
1327 * Parse skinvar batchmovetitle
1332 public function parse_batchmovetitle()
1334 $actionType = requestVar('action');
1335 switch ( $actionType )
1340 case 'batchcategory':
1341 echo _MOVECAT_TITLE;
1348 * AdminActions::parse_batchmovetype()
1349 * Parse skinvar batchmovetype
1354 public function parse_batchmovetype()
1356 echo Entity::hsc(requestVar('action'));
1361 * AdminActions::parse_blogcatlist()
1362 * Parse skinvar blogcatlist
1367 public function parse_blogcatlist($template_name = '')
1370 $blogid = intRequestVar('blogid');
1371 $query = "SELECT * FROM %s WHERE cblog = %d ORDER BY cname;";
1372 $query = sprintf($query, sql_table('category'), (integer) $blogid);
1374 $resource = DB::getResult($query);
1375 if ( $resource->rowCount() > 0 )
1377 $template['content'] = 'categorylist';
1378 $template['tabindex'] = 200;
1379 $category_list = listplug_batchlist('category', $resource, 'table', $template, $template_name);
1380 $this->parser->parse($category_list);
1384 /* TODO: nothing to be shown */
1386 $resource->closeCursor();
1392 * AdminActions::parse_blogid()
1393 * Parse skinvar blogid
1398 public function parse_blogid()
1400 echo intRequestVar('blogid');
1405 * AdminActions::parse_blognotifysetting()
1406 * Parse skinvar blognotifysetting
1411 public function parse_blognotifysetting($type)
1414 $blogid = intRequestVar('blogid');
1415 $blog =& $manager->getBlog($blogid);
1420 if ( !$blog->notifyOnComment() )
1426 if ( !$blog->notifyOnVote() )
1432 if ( !$blog->notifyOnNewItem() )
1438 echo ' checked="checked"';
1443 * AdminActions::parse_blogsetting()
1444 * Parse skinvar blogsetting
1446 * @param string $which name of weblog setting
1449 public function parse_blogsetting($which)
1451 echo $this->parse_getblogsetting($which);
1456 * AdminActions::parse_blogsettingyesno()
1457 * Parse skinvar blogsettingyesno
1459 * @param string $type type of weblog setting
1460 * @param string $template_name name of template to use
1463 public function parse_blogsettingyesno($type, $template_name = '')
1467 $blogid = intRequestVar('blogid');
1468 $blog =& $manager->getBlog($blogid);
1472 case 'convertbreaks':
1473 $checkedval = $blog->convertBreaks();
1476 case 'allowpastposting':
1477 $checkedval = $blog->allowPastPosting();
1481 $checkedval = $blog->commentsEnabled();
1485 $checkedval = $blog->isPublic();
1489 $checkedval = $blog->emailRequired();
1493 $checkedval = $blog->getSearchable();
1497 $this->parse_inputyesno($type, $checkedval, $tabindex, 1, 0, _YES, _NO, 0, $template_name);
1502 * AdminActions::parse_blogteamlist()
1503 * Parse skinvar blogteamlist
1505 * @param string $template_name name of template to use
1508 public function parse_blogteamlist($template_name = '')
1511 $blogid = intRequestVar('blogid');
1512 $query = "SELECT tblog, tmember, mname, mrealname, memail, tadmin "
1514 . "WHERE tmember=mnumber AND tblog= %d";
1515 $query = sprintf($query, sql_table('member'), sql_table('team'), (integer) $blogid);
1517 $resource = DB::getResult($query);
1518 if ( $resource->rowCount() > 0 )
1520 $template['content'] = 'teamlist';
1521 $template['tabindex'] = 10;
1523 $team_list = listplug_batchlist('team', $resource, 'table', $template, $template_name);
1524 $this->parser->parse($team_list);
1530 $resource->closeCursor();
1536 * AdminActions::parse_blogteammembers()
1537 * Parse skinvar blogteammembers
1542 public function parse_blogteammembers()
1544 $blogid = intRequestVar('blogid');
1545 $query = "SELECT mname, mrealname "
1547 . "WHERE mnumber=tmember AND tblog=%d;";
1548 $query = sprintf($query, sql_table('member'), sql_table('team'), (integer) $blogid);
1549 $res = DB::getResult($query);
1550 $memberNames = array();
1551 foreach ( $res as $row )
1553 $memberNames[] = Entity::hsc($row['mname']) . ' (' . Entity::hsc($row['mrealname']). ')';
1555 echo implode(',', $memberNames);
1559 * AdminActions::parse_blogtime()
1560 * Parse skinvar blogtime
1562 * @param string $type type of time
1563 * @param string $format format for time expression
1564 * @param integer $offset offset of time
1567 public function parse_blogtime($type, $format = '%H:%M', $offset = 0)
1571 if ( $type != 'blogtime' )
1573 /* return server time */
1574 $timestamp = time() + $offset;
1578 $bid = intRequestVar('blogid');
1579 $b =& $manager->getBlog($bid);
1580 $timestamp = $b->getCorrectTime() + $offset;
1583 echo i18n::formatted_datetime($format, $timestamp);
1588 * AdminActions::parse_bookmarkletadmin()
1589 * Parse skinvar bookmarkletadmin
1594 public function parse_bookmarkletadmin()
1598 $blogid = intRequestVar('blogid');
1600 echo Entity::hsc('javascript:' . getBookmarklet($blogid));
1605 * AdminActions::parse_categories()
1606 * Parse skinvar categories
1608 * create category dropdown box
1610 * @param string $type name of setting for category
1613 public function parse_categories($startidx = 0)
1617 if ( !array_key_exists('catid', Admin::$contents) || empty(Admin::$contents['catid']) )
1619 $catid = Admin::$blog->getDefaultCategory();
1623 $catid = Admin::$contents['catid'];
1626 $this->selectBlog('catid', 'category', $catid, $startidx, 1, Admin::$blog->getID());
1632 * AdminActions::parse_categorysetting()
1633 * Parse skinvar categorysetting
1635 * @param string $type type in category setting
1638 public function parse_categorysetting($type)
1640 $catid = intRequestVar('catid');
1641 if ( $type == 'id' )
1646 $blogid = intRequestVar('blogid');
1647 $query = "SELECT * FROM %s WHERE cblog = %d AND catid = %d;";
1648 $query = sprintf($query, sql_table('category'), (integer) $blogid, (integer) $catid);
1649 $row = DB::getRow($query);
1651 if ( $type != 'name' )
1653 echo Entity::hsc($row['cdesc']);
1657 echo Entity::hsc($row['cname']);
1664 * AdminActions::parse_codename()
1665 * Parse templatevar codename
1671 public function parse_checkedonval($value, $name)
1676 $itemid = intRequestVar('itemid');
1677 $item =& $manager->getItem($itemid, 1, 1);
1681 $blog =& $manager->getBlog($item['blogid']);
1683 if ( $blog->convertBreaks() && requestVar('action') == 'itemedit' )
1685 $item['body'] = removeBreaks($item['body']);
1686 $item['more'] = removeBreaks($item['more']);
1690 $contents = array();
1691 if ( requestVar('action') == 'itemedit' )
1695 if ( !isset($contents[$name]) )
1697 $contents[$name] = '';
1699 if ($contents[$name] == $value)
1701 echo 'checked="checked"';
1707 * AdminActions::parse_codename()
1708 * Parse templatevar codename
1713 * TODO: is this need???
1715 public function parse_codename()
1718 echo $nucleus['codename'];
1723 * AdminActions::parse_commentnavlist()
1724 * Parse skinvar commentnavlist
1726 * @param string $template_name name of template to use
1729 public function parse_commentnavlist($template_name = '')
1731 global $CONF, $manager, $member;
1734 if ( postVar('start') )
1736 $start = intPostVar('start');
1743 // amount of items to show
1744 if ( postVar('amount') )
1746 $amount = intPostVar('amount');
1750 $amount = (integer) $CONF['DefaultListSize'];
1756 $query = 'SELECT cbody, cuser, cmail, cemail, mname, ctime, chost, cnumber, cip, citem '
1758 . 'LEFT OUTER JOIN %s ON mnumber=cmember '
1760 $query = sprintf($query, sql_table('comment'), sql_table('member'));
1762 if ( $this->skintype == 'itemcommentlist' )
1764 $itemid = intRequestVar('itemid');
1765 $query .= " citem={$itemid}";
1766 $template['canAddBan'] = $member->blogAdminRights(intRequestVar('blogid'));
1768 $nonComments = _NOCOMMENTS;
1770 elseif ( $this->skintype == 'browseowncomments' )
1773 $query .= ' cmember=' . $member->getID();
1774 $template['canAddBan'] = 0;
1776 $nonComments = _NOCOMMENTS_YOUR;
1778 elseif ( $this->skintype == 'blogcommentlist' )
1781 $query .= ' cblog=' . intRequestVar('blogid');
1782 $template['canAddBan'] = $member->blogAdminRights(intRequestVar('blogid'));
1783 $bid = intRequestVar('blogid');
1784 $nonComments = _NOCOMMENTS_BLOG;
1787 $search = postVar('search');
1788 if ( !empty($search) )
1790 $query .= ' and cbody LIKE ' . DB::quoteValue('%'.$search.'%');
1793 $query .= " ORDER BY ctime ASC LIMIT {$start},{$amount}";
1795 $resource = DB::getResult($query);
1796 if ( $resource->rowCount() > 0 )
1798 $template['action'] = $this->skintype;
1799 $template['start'] = $start;
1800 $template['amount'] = $amount;
1801 $template['minamount'] = 0;
1802 $template['maxamount'] = 1000;
1803 $template['blogid'] = $bid;
1804 $template['search'] = $search;
1805 $template['itemid'] = $itemid;
1807 $template['content'] = 'commentlist';
1809 $navlist = listplug_navlist('comment', $resource, 'table', $template, $template_name);
1810 $this->parser->parse($navlist);
1814 /* TODO: nothing to be shown */
1816 $resource->closeCursor();
1822 * AdminActions::parse_configsettingsedit()
1823 * Parse skinvar configsettingsedit
1825 * @param string $type type of global configuration
1828 public function parse_configsettingsedit($type)
1833 case 'DefaultListSize':
1834 if ( !array_key_exists('DefaultListSize', $CONF) )
1836 $query = "INSERT INTO %s VALUES (DefaultListSize, 10);";
1837 $query = sprintf($query, sql_table('config'));
1838 DB::execute($query);
1839 $CONF['DefaultListSize'] = 10;
1841 elseif ( intval($CONF['DefaultListSize']) < 1 )
1843 $CONF['DefaultListSize'] = 10;
1845 echo intval($CONF['DefaultListSize']);
1847 case 'SessionCookie':
1848 $value = $CONF['SessionCookie'];
1849 $txt1 = _SETTINGS_COOKIESESSION;
1850 $txt2 = _SETTINGS_COOKIEMONTH;
1851 $this->parse_inputyesno('SessionCookie', $value, 10190, 1, 0, $txt1, $txt2);
1854 $value = $CONF['URLMode'];
1855 $txt1 = _SETTINGS_URLMODE_NORMAL;
1856 $txt2 = _SETTINGS_URLMODE_PATHINFO;
1857 $this->parse_inputyesno('URLMode', $value, 10077, 'normal', 'pathinfo', $txt1, $txt2);
1860 if ( array_key_exists($type, $CONF) && is_string($CONF[$type]) )
1862 echo Entity::hsc($CONF[$type]);
1870 * AdminActions::parse_configsettingsyesno()
1871 * Parse skinvar configsettingsyesno
1873 * @param string $type type of global setting
1874 * @param integer $tabindex tabindex attribute of input element
1877 public function parse_configsettingsyesno($type, $tabindex)
1880 if ( array_key_exists($type, $CONF) )
1882 $this->parse_inputyesno($type, $CONF[$type], $tabindex);
1888 * AdminActions::parse_contents()
1889 * Parse skinvar contents
1891 * @param string $which part for item
1894 public function parse_contents($which)
1896 if ( !array_key_exists($which, Admin::$contents) )
1898 Admin::$contents[$which] = '';
1900 echo Entity::hsc(Admin::$contents[$which]);
1904 * AdminActions::parse_currenttime()
1905 * Parse skinvar currenttime
1907 * @param string $what
1910 public function parse_currenttime($what)
1912 $nu = getdate(Admin::$blog->getCorrectTime());
1917 * AdminActions::parse_customhelplink()
1918 * Parse skinvar customhelplink
1920 * @param string $topic name of topic
1921 * @param string $tplName name of template
1922 * @param string $url string as URI
1923 * @param string $iconURL string as URI for icon
1924 * @param string $alt alternative text for image element
1925 * @param string $title title for anchor element
1928 public function parse_customhelplink($topic, $tplName = '', $url = '', $iconURL = '', $alt = '', $title = '', $onclick = '')
1930 $this->customHelp($topic, $url, $iconURL);
1935 * AdminActions::parse_date()
1936 * Parse skinvar date
1938 public function parse_date($format = 'c')
1940 global $CONF, $manager;
1941 /* TODO: offset is based on i18n::get_current_locale()? */
1942 echo i18n::formatted_datetime($format, time());
1947 * AdminActions::parse_normalskinlist()
1948 * Parse skinvar defaultadminskintypes
1950 * @param string $template_name name of template
1953 public function parse_normalskinlist($template_name = '')
1955 global $CONF, $manager;
1957 if ( !in_array($this->skintype, Admin::$adminskin_actions) )
1959 $skin =& $manager->getSkin($CONF['BaseSkin']);
1960 /* TODO: removeaction? */
1961 $template['editaction'] = 'skinedittype';
1965 $skin =& $manager->getSkin($CONF['AdminSkin'], 'AdminActions');
1966 $template['editaction'] = 'adminskinedittype';
1967 /* TODO: removeaction? */
1970 $temporary = $skin->getNormalTypes();
1971 $normal_skintype = array();
1972 foreach ( $temporary as $type => $label )
1974 $normal_skintype[] = array(
1975 'skintype' => $type,
1976 'skintypename' => $label
1980 $template['tabindex'] = 10;
1981 $template['skinid'] = intRequestVar('skinid');
1982 $template['skinname'] = $skin->getName();
1983 $skin_list = showlist($normal_skintype, 'list_normalskinlist', $template, $template_name);
1984 $this->parser->parse($skin_list);
1990 * AdminActions::parse_defblogselect()
1991 * Parse skinvar defblogselect
1993 * @param string $template_name name of template
1996 public function parse_defblogselect($template_name = '')
2000 $query = "SELECT bname as text, bnumber as value FROM %s;";
2001 $query = sprintf($query, sql_table('blog'));
2003 $template['name'] = 'DefaultBlog';
2004 $template['selected'] = $CONF['DefaultBlog'];
2005 $template['tabindex'] = 10;
2006 $blog_select = showlist($query, 'select', $template, $template_name);
2007 $this->parser->parse($blog_select);
2013 * AdminActions::parse_defcatselect()
2014 * Parse skinvar defcatselect
2016 * @param string $template_name name of template
2019 public function parse_defcatselect($template_name = '')
2023 $blogid = intRequestVar('blogid');
2024 $blog =& $manager->getBlog($blogid);
2026 $query = "SELECT cname as text, catid as value FROM %s WHERE cblog=%d;";
2027 $query = sprintf($query, sql_table('category'), (integer) $blog->getID());
2029 $template['name'] = 'defcat';
2030 $template['selected'] = $blog->getDefaultCategory();
2031 $template['tabindex'] = 110;
2033 $category_select = showlist($query, 'select', $template, $template_name);
2034 $this->parser->parse($category_select);
2040 * AdminActions::parse_defskinselect()
2041 * Parse skinvar defskinselect
2043 * @param string $type type of skin
2044 * @param string $template_name name of template
2047 public function parse_defskinselect($type = 'blog', $template_name = '')
2049 global $CONF, $manager, $member;
2051 if ( !in_array($this->skintype, Admin::$adminskin_actions) )
2053 $blogid = intRequestVar('blogid');
2056 $template['selected'] = $CONF['BaseSkin'];
2060 $blog =& $manager->getBlog($blogid);
2061 $template['selected'] = $blog->getDefaultSkin();
2064 if ( $type != 'blog' )
2066 $template['name'] = 'BaseSkin';
2070 $template['name'] = 'defskin';
2073 $query = "SELECT sdname as text, sdnumber as value FROM %s WHERE sdname NOT LIKE 'admin/%%';";
2077 /* TODO: member object will have its own adminskin id */
2078 $template['selected'] = $CONF['AdminSkin'];
2079 $template['name'] = 'AdminSkin';
2080 $query = "SELECT sdname as text, sdnumber as value FROM %s WHERE sdname LIKE 'admin/%%';";
2083 $query = sprintf($query, sql_table('skin_desc'));
2084 $template['tabindex'] = 50;
2086 $skin_select = showlist($query, 'select', $template, $template_name);
2087 $this->parser->parse($skin_select);
2093 * AdminActions::parse_deletecomment()
2094 * Parse skinvar deletecomment
2096 * @param string $type type of infomation for comment
2099 public function parse_deletecomment($type = 'id')
2101 $commentid = intRequestVar('commentid');
2102 $comment = COMMENT::getComment($commentid);
2107 echo intRequestVar('commentid');
2110 if ( array_key_exists('member', $comment) && !empty($comment['member']) )
2112 echo $comment['member'];
2116 echo $comment['user'];
2120 $body = strip_tags($comment['body']);
2121 echo Entity::hsc(shorten($body, 300, '...'));
2127 * AdminActions::parse_deleteitembody()
2128 * Parse skinvar deleteitembody
2133 public function parse_deleteitembody()
2137 $itemid = intRequestVar('itemid');
2138 $item =& $manager->getItem($itemid, 1, 1);
2140 $body = strip_tags($item['body']);
2142 echo Entity::hsc(shorten($body, 300, '...'));
2148 * AdminActions::parse_deleteitemid()
2149 * Parse skinvar deleteitemid
2154 public function parse_deleteitemid()
2156 echo (integer) intRequestVar('itemid');
2161 * AdminActions::parse_deleteitemtitle()
2162 * Parse skinvar deleteitemtitle
2167 public function parse_deleteitemtitle()
2171 $itemid = intRequestVar('itemid');
2172 $item =& $manager->getItem($itemid, 1, 1);
2174 echo Entity::hsc(strip_tags($item['title']));
2180 * AdminActions::parse_editcomment()
2181 * Parse skinvar editcomment
2183 * @param string $type type of comment setting
2186 public function parse_editcomment($type = 'id')
2190 $comment = Admin::$contents;
2195 echo intRequestVar('commentid');
2198 if ( !array_key_exists('member', $comment) || empty($comment['member']) )
2200 echo $comment['user'] . " (" . _EDITC_NONMEMBER . ")";
2204 echo $comment['member'] . " (" . _EDITC_MEMBER . ")";
2208 echo date("Y-m-d @ H:i", $comment['timestamp']);
2211 $comment['body'] = str_replace('<br />', '', $comment['body']);
2212 $comment['body'] = preg_replace("#<a href=['\"]([^'\"]+)['\"]( rel=\"nofollow\")?>[^<]*</a>#", "\\1", $comment['body']);
2213 echo $comment['body'];
2216 echo $comment['userid'];
2219 echo $comment['userid'];
2222 if ( array_key_exists($type, $comment) && !empty($comment[$type]) )
2224 echo $comment[$type];
2232 * AdminActions::parse_editdesturl()
2233 * Parse skinvar editdesturl
2235 public function parse_editdesturl()
2237 if ( requestVar('desturl') )
2239 echo Entity::hsc(requestVar('desturl'));
2245 * AdminActions::parse_editmemberlist()
2246 * Parse skinvar editmemberlist
2248 * @param string $template_name name of template
2251 public function parse_editmemberlist($template_name = '')
2254 // show list of members with actions
2255 $query = 'SELECT * FROM %s;';
2256 $query = sprintf($query, sql_table('member'));
2258 $resource = DB::getResult($query);
2259 if ( $resource->rowCount() > 0 )
2261 $template['content'] = 'memberlist';
2262 $template['tabindex'] = 10;
2264 $member_list = listplug_batchlist('member', $resource, 'table', $template, $template_name);
2265 $this->parser->parse($member_list);
2271 $resource->closeCursor();
2277 * AdminActions::parse_editmember()
2278 * Parse skinvar editmember
2280 * @param string $type type of information for member
2281 * @return string $tempateName name of template to use
2284 public function parse_editmember($type = 'id', $template_name = '')
2286 global $CONF, $manager, $member;
2288 $memberid = intRequestVar('memberid');
2289 $mem =& $manager->getMember($memberid);
2294 echo intRequestVar('memberid');
2297 if ( $this->skintype == 'teamdelete' || $this->skintype == 'memberdelete' )
2299 echo Entity::hsc($mem->getDisplayName());
2303 $dispName = Entity::hsc($mem->getDisplayName());
2304 if ( $CONF['AllowLoginEdit'] || $member->isAdmin() )
2306 echo '<input name="name" tabindex="10" maxlength="32" size="32" value="' . $dispName . "\" />\n";
2315 echo Entity::hsc($mem->getRealName());
2318 echo Entity::hsc($mem->getEmail());
2321 echo Entity::hsc($mem->getURL());
2324 $this->parse_inputyesno('admin', $mem->isAdmin(), 60, 1, 0, _YES, _NO, 0, $template_name);
2327 $this->parse_inputyesno('canlogin', $mem->canLogin(), 70, 1, 0, _YES, _NO, $mem->isAdmin(), $template_name);
2330 echo Entity::hsc($mem->getNotes());
2333 $this->parse_inputyesno('autosave', $mem->getAutosave(), 87, 1, 0, _YES, _NO, 0, $template_name);
2342 * AdminActions::parse_editpluginfo()
2343 * Parse skinvar editpluginfo
2345 * @param string $type type of plugin info
2348 public function parse_editpluginfo($type)
2352 $pid = intRequestVar('plugid');
2359 echo Entity::hsc($manager->getPluginNameFromPid($pid));
2366 * AdminActions::parse_editplugoptionslist()
2367 * Parse skinvar editplugoptionslist
2369 * @param string $template_name name of template
2372 public function parse_editplugoptionslist($template_name = '')
2376 $pid = intRequestVar('plugid');
2377 $aOptions = array();
2380 $query = "SELECT * FROM %s WHERE ocontext='global' AND opid=%d ORDER BY oid ASC;";
2381 $query = sprintf($query, sql_table('plugin_option_desc'), (integer) $pid);
2382 $resource = DB::getResult($query);
2384 foreach ( $resource as $row )
2386 $aOIDs[] = $row['oid'];
2387 $aOptions[$row['oid']] = array(
2388 'oid' => $row['oid'],
2389 'value' => $row['odef'],
2390 'name' => $row['oname'],
2391 'description' => $row['odesc'],
2392 'type' => $row['otype'],
2393 'typeinfo' => $row['oextra'],
2398 // fill out actual values
2399 if ( count($aOIDs) > 0 )
2401 $query = 'SELECT oid, ovalue FROM %s WHERE oid in (%s)';
2402 $query = sprintf($query, sql_table('plugin_option'), implode(',', $aOIDs));
2404 $result = DB::getResult($query);
2405 foreach ( $result as $row )
2407 $aOptions[$row['oid']]['value'] = $row['ovalue'];
2413 'context' => 'global',
2415 'options' => &$aOptions
2417 $manager->notify('PrePluginOptionsEdit', $data);
2419 if ( sizeof($aOptions) > 0 )
2421 $template['content'] = 'plugoptionlist';
2422 $option_list = showlist($aOptions, 'table', $template, $template_name);
2423 $this->parser->parse($option_list);
2427 echo '<p>' . _ERROR_NOPLUGOPTIONS . "</p>\n";
2433 * AdminActions::parse_editskin()
2434 * Parse skinvar editskin
2436 * @param string $type type of skin
2439 public function parse_editskin($type = 'id')
2443 $skinid = intRequestVar('skinid');
2445 if ( !in_array($this->skintype, Admin::$adminskin_actions) )
2447 $skin =& $manager->getSKIN($skinid);
2451 $skin =& $manager->getSKIN($skinid, 'AdminActions');
2457 echo intRequestVar('skinid');
2460 echo Entity::hsc($skin->getName());
2463 echo Entity::hsc($skin->getDescription());
2466 echo Entity::hsc($skin->getContentType());
2469 echo Entity::hsc($skin->getIncludePrefix());
2472 $this->parse_inputyesno('inc_mode', $skin->getIncludeMode(), 120, 'skindir', 'normal', _PARSER_INCMODE_SKINDIR, _PARSER_INCMODE_NORMAL);
2480 * AdminActions::parse_editskintype()
2481 * Parse skinvar editskintype
2483 * @param string $type name of type for skin type
2486 public function parse_editskintype($stype = 'id')
2490 static $skin = NULL;
2491 static $types = array();
2493 if ( $skin == NULL )
2495 $skinid = intRequestVar('skinid');
2497 if ( !in_array($this->skintype, Admin::$adminskin_actions) )
2499 $skin =& $manager->getSkin($skinid);
2503 $skin =& $manager->getSkin($skinid, 'AdminActions');
2506 $types = $skin->getNormalTypes();
2509 $type = strtolower(trim(requestVar('type')));
2514 echo $skin->getID();
2517 echo Entity::hsc($skin->getName());
2520 echo Entity::hsc($skin->getDescription());
2523 echo Entity::hsc($skin->getContentType());
2526 echo Entity::hsc($skin->getContentFromDB($type));
2529 if ( !array_key_exists($type, $types) )
2531 $skinType = ucfirst($type);
2535 $skinType = $types[$type];
2537 echo Entity::hsc($skinType);
2540 echo Entity::hsc($type);
2543 echo Entity::hsc($skin->getIncludePrefix());
2546 if ( !$skin->getIncludeMode() != 'skindir' )
2548 $incMode = _PARSER_INCMODE_NORMAL;
2552 $incMode = _PARSER_INCMODE_SKINDIR;
2554 echo Entity::hsc($incMode);
2563 * AdminActions::parse_adminurl()
2564 * Parse skinvar adminurl
2565 * (shortcut for admin url)
2570 public function parse_adminurl()
2572 $this->parse_sitevar('adminurl');
2577 * AdminActions::parse_edittemplateinfo()
2578 * Parse skinvar edittemplateinfo
2580 * @param string $format format to output
2581 * @param string $typedesc type of template
2582 * @param string $typename type name of template
2583 * @param string $help help text
2584 * @param string $tabindex index value for tabindex attribute of input element
2585 * @param string $big textarea size
2586 * @param string $tplt name of template to be filled
2589 public function parse_edittemplateinfo($format, $typedesc = '', $typename = '', $help = '', $tabindex = 0, $big = 0, $template_name = '')
2593 static $name = NULL;
2594 static $desc = NULL;
2598 $id = intRequestVar('templateid');
2601 if ( $name == NULL )
2603 $name = Template::getNameFromId($id);
2606 if ( $desc == NULL )
2608 $desc = Template::getDesc($id);
2611 $template =& $manager->getTemplate($name);
2619 echo Entity::hsc($name);
2622 echo Entity::hsc($desc);
2624 case 'extratemplate':
2626 $pluginfields = array();
2627 if ( !in_array($this->skintype, Admin::$adminskin_actions) )
2629 $data = array('fields' => &$pluginfields);
2630 $manager->notify('TemplateExtraFields', $data);
2634 $data = array('fields' => &$pluginfields);
2635 $manager->notify('AdminTemplateExtraFields', $data);
2638 foreach ( $pluginfields as $ptkey => $ptvalue )
2643 $tmplt =& $manager->getTemplate($desc);
2646 /* extra plugin field */
2647 if ( !array_key_exists('TEMPLATE_EDIT_EXPLUGNAME', $tmplt) || empty($tmplt['TEMPLATE_EDIT_EXPLUGNAME']) )
2650 . "<th colspan=\"2\"><%explugtplname%></th>\n"
2655 $base = $tmplt['TEMPLATE_EDIT_EXPLUGNAME'];
2658 'explugtplname' => Entity::hsc($ptkey)
2660 echo Template::fill($base, $data);
2662 foreach ( $ptvalue as $ptname => $ptdesc )
2664 if ( !array_key_exists($ptname, $template) )
2670 $content = $template[$ptname];
2672 $tempate_textarea = listplug_templateEditRow($content, $ptdesc, $ptname, $help, $tabidx++, $big, $template_name);
2673 $this->parser->parse($tempate_textarea);
2679 $typedesc = defined($typedesc) ? constant($typedesc) : $typedesc;
2680 $typename = defined($typename) ? constant($typename) : $typename;
2682 if ( !array_key_exists($typename, $template) )
2688 $content = $template[$typename];
2690 $tempate_textarea = listplug_templateEditRow($content, $typedesc, $typename, $help, $tabindex, $big, $template_name);
2691 $this->parser->parse($tempate_textarea);
2699 * AdminActions::parse_eventformextra()
2700 * Parse skinvar eventformextra
2702 * @param string $type name of type for event form extra
2705 public function parse_eventformextra($type = 'activation')
2714 $key = requestVar('ackey');
2717 Admin::error(_ERROR_ACTIVATE);
2719 $info = MEMBER::getActivationInfo($key);
2722 Admin::error(_ERROR_ACTIVATE);
2724 $mem =& $manager->getMember($info->vmember);
2727 Admin::error(_ERROR_ACTIVATE);
2730 'type' => 'activation',
2734 case 'membermailform-notloggedin':
2735 $data = array('type' => 'membermailform-notloggedin',);
2738 $manager->notify('FormExtra', $data);
2743 * AdminActions::parse_extrahead()
2744 * Parse skinvar extrahead
2746 public function parse_extrahead()
2751 'extrahead' => &Admin::$extrahead,
2752 'action' => Admin::$action
2755 $manager->notify('AdminPrePageHead', $data);
2757 $this->parser->parse(Admin::$extrahead);
2762 * AdminActions::parse_member()
2763 * Parse skinvar member
2764 * (includes a member info thingie)
2766 * @param string $what which memberdata is needed
2769 public function parse_member($what)
2771 global $memberinfo, $member, $CONF;
2773 // 1. only allow the member-details-page specific variables on member pages
2774 if ( $this->skintype == 'member' )
2779 echo Entity::hsc($memberinfo->getDisplayName());
2782 echo Entity::hsc($memberinfo->getRealName());
2785 echo Entity::hsc($memberinfo->getNotes());
2788 echo Entity::hsc($memberinfo->getURL());
2791 echo Entity::hsc($memberinfo->getEmail());
2794 echo Entity::hsc($memberinfo->getID());
2799 // 2. the next bunch of options is available everywhere, as long as the user is logged in
2800 if ( $member->isLoggedIn() )
2805 echo $member->getDisplayName();
2807 case 'yourrealname':
2808 echo $member->getRealName();
2811 echo $member->getNotes();
2814 echo $member->getURL();
2817 echo $member->getEmail();
2820 echo $member->getID();
2822 case 'yourprofileurl':
2823 if ( $CONF['URLMode'] == 'pathinfo' )
2825 echo Link::create_member_link($member->getID());
2829 echo $CONF['IndexURL'] . Link::create_member_link($member->getID());
2838 * AdminActions::parse_version()
2839 * Parse skinvar version
2840 * (include nucleus versionnumber)
2845 public function parse_version()
2848 echo 'Nucleus CMS ' . $nucleus['version'];
2853 * AdminActions::parse_sitevar()
2854 * Parse skinvar sitevar
2855 * (include a sitevar)
2857 * @param string $which
2860 public function parse_sitevar($which)
2866 echo $CONF['IndexURL'];
2869 echo $CONF['SiteName'];
2872 echo $CONF['AdminEmail'];
2875 echo $CONF['AdminURL'];
2882 * AdminActions::parse_actionurl()
2888 public function parse_actionurl()
2891 echo Entity::hsc($CONF['ActionURL']);
2896 * AdminActions::parse_getblogsetting()
2897 * Parse skinvar getblogsetting
2899 public function parse_getblogsetting($which)
2901 global $blog, $manager;
2907 elseif ( $bid = intRequestVar('blogid') )
2909 $b =& $manager->getBlog($bid);
2919 return Entity::hsc($b->getID());
2922 return Entity::hsc($b->getURL());
2925 return Entity::hsc($b->getName());
2928 return Entity::hsc($b->getDescription());
2931 return Entity::hsc($b->getShortName());
2933 case 'notifyaddress':
2934 return Entity::hsc($b->getNotifyAddress());
2937 return Entity::hsc($b->getMaxComments());
2940 return Entity::hsc($b->getUpdateFile());
2943 return Entity::hsc($b->getTimeOffset());
2950 * AdminActions::parse_geteditpluginfo()
2951 * Parse skinvar geteditpluginfo
2953 * @param string $type name of setting for edit plugin info
2956 public function parse_geteditpluginfo($type)
2959 $pid = intRequestVar('plugid');
2966 return Entity::hsc($manager->getPluginNameFromPid($pid));
2973 * AdminActions::parse_getmember()
2974 * Parse skinvar getmember
2975 * (includes a member info thingie)
2977 * @param string $what name of setting for member
2980 public function parse_getmember($what)
2982 global $memberinfo, $member;
2983 // 1. only allow the member-details-page specific variables on member pages
2984 if ( $this->skintype == 'member' )
2989 return Entity::hsc($memberinfo->getDisplayName());
2992 return Entity::hsc($memberinfo->getRealName());
2995 return Entity::hsc($memberinfo->getNotes());
2998 return Entity::hsc($memberinfo->getURL());
3001 return Entity::hsc($memberinfo->getEmail());
3004 return Entity::hsc($memberinfo->getID());
3008 // 2. the next bunch of options is available everywhere, as long as the user is logged in
3009 if ( $member->isLoggedIn() )
3014 return $member->getDisplayName();
3016 case 'yourrealname':
3017 return $member->getRealName();
3020 return $member->getNotes();
3023 return $member->getURL();
3026 return $member->getEmail();
3029 return $member->getID();
3037 * AdminActions::parse_headmessage()
3038 * Parse skinvar headmessage
3043 public function parse_headmessage()
3045 if ( !empty(Admin::$headMess) )
3047 echo '<p>' . _MESSAGE . ': ' . Entity::hsc(Admin::$headMess) . "</p>\n";
3053 * AdminActions::parse_helplink()
3054 * Parse skinvar helplink
3056 * @param string $topic name of topic for help
3059 public function parse_helplink($topic = '')
3061 if ( !empty($topic) )
3069 * AdminActions::parse_helpplugname()
3070 * Parse skinvar helpplugname
3075 public function parse_helpplugname()
3077 $plugid = intGetVar('plugid');
3078 Entity::hsc($manager->getPluginNameFromPid($plugid));
3083 * AdminActions::parse_ilistaddnew()
3084 * Parse skinvar ilistaddnew
3089 public function parse_ilistaddnew()
3091 $blogid = intRequestVar('blogid');
3092 if ( intPostVar('start') == 0 )
3094 echo '<p><a href="index.php?action=createitem&blogid=' . $blogid . '">' . _ITEMLIST_ADDNEW . "</a></p>\n";
3100 * AdminActions::parse_importskininfo()
3101 * Parse skinvar importskininfo
3103 * @param string $type name of information for imported skin
3106 public function parse_importskininfo($type)
3111 echo Entity::hsc(Admin::$contents['skininfo']);
3114 $dataArr = Admin::$contents['skinnames'];
3115 echo implode(' <em>' . _AND . '</em> ', $dataArr);
3118 $dataArr = Admin::$contents['tpltnames'];
3119 echo implode(' <em>' . _AND . '</em> ', $dataArr);
3122 $dataArr = Admin::$contents['skinclashes'];
3123 echo implode(' <em>' . _AND . '</em> ', $dataArr);
3126 $dataArr = Admin::$contents['tpltclashes'];
3127 echo implode(' <em>' . _AND . '</em> ', $dataArr);
3130 echo Entity::hsc(Admin::$contents['skinfile']);
3133 echo Entity::hsc(Admin::$contents['mode']);
3140 * AdminActions::parse_init()
3141 * some init stuff for all forms
3146 public function parse_init()
3151 if ( requestVar('action') == 'itemedit' )
3153 $authorid = Admin::$contents['authorid'];
3156 Admin::$blog->insertJavaScriptInfo($authorid);
3161 * AdminActions::parse_inputyesno()
3162 * Parse skinvar inputyesno
3164 * @param string $name
3165 * @param string $checkedval
3166 * @param string $tabindex
3167 * @param string $value1
3168 * @param string $value2
3169 * @param string $yesval
3170 * @param string $noval
3171 * @param string $isAdmin
3172 * @param string $template_name
3175 public function parse_inputyesno($name, $checkedval, $tabindex = 0, $value1 = 1, $value2 = 0, $yesval = _YES, $noval = _NO, $isAdmin = 0, $template_name = '')
3177 $input_yesno = listplug_input_yesno($name, $checkedval, $tabindex, $value1, $value2, $yesval, $noval, $isAdmin, $template_name);
3178 $this->parser->parse($input_yesno);
3183 * AdminActions::parse_insertpluginfo()
3184 * Parse templatevar insertpluginfo
3186 public function parse_insertpluginfo($type)
3191 return Admin::$aOptions['pid'];
3194 return Entity::hsc(Admin::$aOptions['pfile']);
3201 * AdminActions::parse_insplugoptcontent()
3202 * Parse skinvar insplugoptcontent
3207 public function parse_insplugoptcontent()
3209 $meta = NucleusPlugin::getOptionMeta(Admin::$aOptions['typeinfo']);
3210 if ( array_key_exists('access', $meta) && $meta['access'] != 'hidden' )
3213 listplug_plugOptionRow(Admin::$aOptions);
3220 * AdminActions::parse_iprangeinput()
3221 * Parse skinvar iprangeinput
3226 public function parse_iprangeinput()
3228 if ( requestVar('ip') )
3230 $iprangeVal = Entity::hsc(requestVar('ip'));
3231 echo "<input name=\"iprange\" type=\"radio\" value=\"{$iprangeVal}\" checked=\"checked\" id=\"ip_fixed\" />\n";
3232 echo "<label for=\"ip_fixed\">{$iprangeVal}</label><br />\n";
3233 echo '<input name="iprange" type="radio" value="custom" id="ip_custom" />' . "\n";
3234 echo '<label for="ip_custom">' . _BAN_IP_CUSTOM . '</label>' . "\n";
3235 echo "<input name=\"customiprange\" value=\"{$iprangeVal}\" maxlength=\"15\" size=\"15\" />\n";
3239 echo '<input name="iprange" value="custom" type="hidden" />' . "\n";
3240 echo '<input name="customiprange" value="" maxlength="15" size="15" />' . "\n";
3246 * AdminActions::parse_itemnavlist()
3247 * Parse skinvar itemnavlist
3249 * @param string $template_name name of template to use
3252 public function parse_itemnavlist($template_name = '')
3254 global $CONF, $manager, $member;
3256 $query = "SELECT bshortname, cname, mname, ititle, ibody, inumber, idraft, itime"
3257 . " FROM %s, %s, %s, %s"
3258 . " WHERE iblog=bnumber AND iauthor=mnumber AND icat=catid";
3260 $query = sprintf($query, sql_table('item'), sql_table('blog'), sql_table('member'), sql_table('category'));
3262 if ( $this->skintype == 'itemlist' )
3265 if ( array_key_exists('blogid', $_REQUEST) )
3267 $blogid = intRequestVar('blogid');
3269 else if ( array_key_exists('itemid', $_REQUEST) )
3271 $itemid = intRequestVar('itemid');
3272 $item = &$manager->getItem($itemid, 1, 1);
3273 $blogid = (integer) $item['blogid'];
3275 $blog =& $manager->getBlog($blogid);
3277 $query .= " AND iblog={$blogid}";
3278 $template['now'] = $blog->getCorrectTime(time());
3280 // non-blog-admins can only edit/delete their own items
3281 if ( !$member->blogAdminRights($blogid) )
3283 $query .= ' AND iauthor = ' . $member->getID();
3286 elseif ( $this->skintype == 'browseownitems' )
3288 $query .= ' AND iauthor = ' . $member->getID();
3290 $template['now'] = time();
3293 // search through items
3294 $search = postVar('search');
3296 if ( !empty($search) )
3298 $query .= ' AND ((ititle LIKE ' . DB::quoteValue('%'.$search.'%') . ') '
3299 . ' OR (ibody LIKE ' . DB::quoteValue('%'.$search.'%') . ') '
3300 . ' OR (imore LIKE ' . DB::quoteValue('%'.$search.'%') . '))';
3303 if ( postVar('start') )
3305 $start = intPostVar('start');
3312 // amount of items to show
3313 if ( postVar('amount') )
3315 $amount = intPostVar('amount');
3319 $amount = (integer) $CONF['DefaultListSize'];
3326 $query .= ' ORDER BY itime DESC'
3327 . " LIMIT {$start},{$amount}";
3329 $resource = DB::getResult($query);
3330 if ( $resource->rowCount() > 0 )
3332 $template['action'] = $this->skintype;
3333 $template['start'] = $start;
3334 $template['amount'] = $amount;
3335 $template['minamount'] = 0;
3336 $template['maxamount'] = 1000;
3337 $template['blogid'] = $blogid;
3338 $template['search'] = $search;
3339 $template['itemid'] = 0;
3341 $template['content'] = 'itemlist';
3343 $navlist = listplug_navlist('item', $query, 'table', $template, $template_name);
3344 $this->parser->parse($navlist);
3348 /* TODO: nothing to be shown */
3350 $resource->closeCursor();
3356 * AdminActions::parse_itemtime()
3357 * date change on edit item
3359 * @param string $key key of PHP's getDate()
3362 public function parse_itemtime($key)
3366 $contents = Admin::$contents;
3367 $itemtime = getdate($contents['timestamp']);
3368 echo $itemtime[$key];
3373 * AdminActions::parse_jstoolbaroptions()
3374 * Parse skinvar jstoolbaroptions
3379 public function parse_jstoolbaroptions()
3383 _SETTINGS_JSTOOLBAR_NONE,
3384 _SETTINGS_JSTOOLBAR_SIMPLE,
3385 _SETTINGS_JSTOOLBAR_FULL
3389 foreach ( $options as $option )
3391 $text = "<option value=\"%d\"%s>%s</option>\n";
3392 $extra = ($CONF['DisableJsTools'] == $i) ? ' selected="selected"' : '';
3393 echo sprintf($text, $i, $extra, $option);
3399 * AdminActions::parse_localeselectoptions()
3400 * Parse skinvar localeselectoptions
3405 public function parse_localeselectoptions()
3407 global $CONF, $member;
3409 $locales = i18n::get_available_locale_list();
3411 /* default option */
3412 if ( $this->skintype == 'editmembersettings' )
3414 if ( !$member->getLocale() )
3416 echo "<option value=\"\" selected=\"selected\">" . Entity::hsc(_MEMBERS_USESITELANG) . "</option>\n";
3420 echo "<option value=\"\">" . Entity::hsc(_MEMBERS_USESITELANG) . "</option>\n";
3425 if ( $CONF['Locale'] == 'en_Latn_US' )
3427 echo "<option value=\"\" selected=\"selected\">" . Entity::hsc(_LOCALE_EN_LATN_US) . "</option>\n";
3431 echo "<option value=\"\">" . Entity::hsc(_LOCALE_EN_LATN_US) . "</option>\n";
3435 /* optional options */
3436 foreach ( $locales as $locale )
3438 if ( $this->skintype == 'editmembersettings' )
3440 if ( $locale != $member->getLocale() )
3442 echo "<option value=\"{$locale}\">";
3446 echo "<option value=\"{$locale}\" selected=\"selected\">";
3451 if ( $locale == 'en_Latn_US' )
3453 /* already output */
3456 else if ( $locale != $CONF['Locale'] )
3458 echo "<option value=\"{$locale}\">";
3462 echo "<option value=\"{$locale}\" selected=\"selected\">";
3465 $label = '_LOCALE_' . strtoupper($locale);
3466 if ( !defined($label) )
3472 echo constant($label);
3480 * AdminActions::parse_listplugplugoptionrow()
3481 * Parse templatevar listplugplugoptionrow
3483 * @param string $template_name name of template
3486 public function parse_listplugplugoptionrow($template_name = '')
3488 echo listplug_plugOptionRow(Admin::$aOptions, $template_name);
3493 * AdminActions::parse_mediadirwarning()
3494 * Parse skinvar mediadirwarning
3499 public function parse_mediadirwarning()
3502 if ( !is_dir($DIR_MEDIA) )
3504 echo "<br /><b>" . _WARNING_NOTADIR . "</b>\n";
3506 if ( !is_readable($DIR_MEDIA) )
3508 echo "<br /><b>" . _WARNING_NOTREADABLE . "</b>\n";
3510 if ( !is_writeable($DIR_MEDIA) )
3512 echo "<br /><b>" . _WARNING_NOTWRITABLE . "</b>\n";
3518 * AdminActions::parse_movedistselect()
3519 * Parse skinvar movedistselect
3521 public function parse_movedistselect()
3523 $actionType = requestVar('action');
3524 switch ( $actionType )
3527 $this->selectBlog('destcatid', 'category');
3529 case 'batchcategory':
3530 $this->selectBlog('destblogid');
3533 if ( $this->skintype == 'itemmove' )
3535 $query = "SELECT icat as result FROM %s WHERE inumber=%d;";
3536 $query = sprintf($query, sql_table('item'), intRequestVar('itemid'));
3537 $catid = DB::getValue(sprintf($query, intRequestVar('itemid')));
3538 $this->selectBlog('catid', 'category', $catid, 10, 1);
3546 * AdminActions::parse_moveitemid()
3547 * Parse skinvar moveitemid
3552 public function parse_moveitemid()
3554 echo intRequestVar('itemid');
3559 * AdminActions::parse_newestcompare()
3560 * Parse skinvar newestcompare
3565 public function parse_newestcompare()
3569 $newestVersion = getLatestVersion();
3570 $newestCompare = str_replace('/', '.', $newestVersion);
3571 $currentVersion = str_replace(array('/', 'v'), array('.', ''), $nucleus['version']);
3573 if ( $newestVersion && version_compare($newestCompare, $currentVersion, '>') )
3575 echo '<br /><a style="color:red" href="http://nucleuscms.org/upgrade.php" title="' . _ADMIN_SYSTEMOVERVIEW_LATESTVERSION_TITLE . '">';
3576 echo _ADMIN_SYSTEMOVERVIEW_LATESTVERSION_TEXT . $newestVersion . '</a>';
3580 echo _ADMIN_SYSTEMOVERVIEW_VERSION_LATEST;
3586 * AdminActions::parse_newmemberselect()
3587 * Parse skinvar newmemberselect
3589 * @param string $template_name name of template to use
3592 public function parse_newmemberselect($template_name = '')
3594 $blogid = intRequestVar('blogid');
3596 $query = "SELECT tmember FROM %s WHERE tblog=%d;";
3597 $query = sprintf($query, sql_table('team'), (integer) $blogid);
3598 $res = DB::getResult($query);
3601 foreach ( $res as $row )
3603 $tmem[] = intval($row['tmember']);
3606 $query = "SELECT mname as text, mnumber as value FROM %s WHERE mnumber NOT IN (%s);";
3607 $query = sprintf($query, sql_table('member'), implode(', ', $tmem));
3610 'name' => 'memberid',
3611 'tabindex' => 10000,
3614 $member_select = showlist($query, 'select', $template, $template_name);
3615 $this->parser->parse($member_select);
3620 * AdminActions::parse_newpluginlist()
3621 * Parse skinvar newpluginlist
3626 public function parse_newpluginlist()
3628 $candidates = $this->newPlugCandidates;
3629 foreach ( $candidates as $name )
3631 echo '<option value="NP_' . $name . '">' . Entity::hsc($name) . "</option>\n";
3637 * AdminActions::parse_outputspecialdirs()
3638 * Parse skinvar outputspecialdirs
3640 * @param string $type type of setting for directory
3643 public function parse_outputspecialdirs($type)
3645 global $DIR_MEDIA, $DIR_NUCLEUS;
3650 echo Entity::hsc($DIR_NUCLEUS);
3653 echo Entity::hsc($DIR_MEDIA);
3660 * AdminActions::parse_passrequestvars()
3661 * Parse skinvar passrequestvars
3666 public function parse_passrequestvars()
3668 $passvar = Admin::$passvar;
3669 $oldaction = postVar('oldaction');
3671 if ( ($oldaction != 'logout')
3672 && ($oldaction != 'login')
3674 && !postVar('customaction') )
3682 * AdminActions::parse_pluginextras()
3683 * Parse skinvar pluginextras
3685 * @param string $type type of plugin context
3688 public function parse_pluginextras($type = 'global')
3695 $id = intRequestVar('memberid');
3696 $mem =& $manager->getMember($id);
3697 $data = array('member' => &$mem);
3698 $manager->notify('MemberSettingsFormExtras', $data);
3701 $id = intRequestVar('blogid');
3702 $blg =& $manager->getBlog($id);
3703 $data = array('member' => &$blg);
3704 $manager->notify('BlogSettingsFormExtras', $data);
3706 case 'createaccount':
3708 'type' => 'createaccount.php',
3710 'postlabel' => '<br />',
3712 'postfield' => '<br /><br />'
3714 $manager->notify('RegistrationFormExtraFields', $data);
3718 $manager->notify('GeneralSettingsFormExtras', $data);
3725 * AdminActions::parse_pluginhelp()
3726 * Parse skinvar pluginhelp
3731 public function parse_pluginhelp()
3733 global $manager, $DIR_PLUGINS;
3735 $plugid = intGetVar('plugid');
3736 $plugName = $manager->getPluginNameFromPid($plugid);
3737 $plug =& $manager->getPlugin($plugName);
3739 if ( $plug->supportsFeature('HelpPage') > 0 )
3741 $helpfile = $DIR_PLUGINS . $plug->getShortName() . '/help.';
3742 if ( @file_exists($helpfile . 'php') )
3744 @include($helpfile . 'php');
3747 elseif ( @file_exists($helpfile . 'html') )
3749 @include($helpfile . 'html');
3753 echo '<p>' . _ERROR . ': ' . _ERROR_PLUGNOHELPFILE . "</p>\n";
3754 echo '<p><a href="index.php?action=pluginlist">(' . _BACK . ")</a></p>\n";
3759 * AdminActions::parse_pluginlistlist()
3760 * Parse skinvar pluginlistlist
3762 * @param string $template_name name of template to use
3765 public function parse_pluginlistlist($template_name = '')
3767 $query = "SELECT * FROM %s ORDER BY porder ASC;";
3768 $query = sprintf($query, sql_table('plugin'));
3770 $template['content'] = 'pluginlist';
3771 $template['tabindex'] = 10;
3773 $plugin_list = showlist($query, 'table', $template, $template_name);
3774 $this->parser->parse($plugin_list);
3780 * AdminActions::parse_pluginoptions()
3781 * Parse skinvar pluginoptions
3783 * @param string $type type of plugin option
3786 public function parse_pluginoptions($context='global', $template_name='')
3788 global $itemid, $manager;
3793 $contextid = intRequestVar('memberid');
3796 $contextid = intRequestVar('blogid');
3799 $contextid = intRequestVar('catid');
3802 $contextid = $itemid;
3806 /* Actually registererd plugin options */
3807 $aIdToValue = array();
3808 $query = "SELECT oid, ovalue FROM %s WHERE ocontextid=%d;";
3809 $query = sprintf($query, sql_table('plugin_option'), (integer) $contextid);
3810 $res = DB::getResult($query);
3811 foreach ( $res as $row )
3813 $aIdToValue[$row['oid']] = $row['ovalue'];
3816 /* Currently available plugin options */
3817 $query = "SELECT * FROM %s, %s WHERE opid=pid and ocontext= %s ORDER BY porder, oid ASC;";
3818 $query = sprintf($query, sql_table('plugin_option_desc'), sql_table('plugin'), DB::quoteValue($context));
3819 $res = DB::getResult($query);
3822 foreach ($res as $row )
3824 if ( !array_key_exists($row['oid'], $aIdToValue) )
3826 $value = $row['odef'];
3830 $value = $aIdToValue[$row['oid']];
3834 'pid' => $row['pid'],
3835 'pfile' => $row['pfile'],
3836 'oid' => $row['oid'],
3838 'name' => $row['oname'],
3839 'description' => $row['odesc'],
3840 'type' => $row['otype'],
3841 'typeinfo' => $row['oextra'],
3842 'contextid' => $contextid,
3848 'context' => $context,
3849 'contextid' => $contextid,
3850 'options' => &$options
3852 $manager->notify('PrePluginOptionsEdit', $data);
3854 $template = array();
3855 if ( $template_name )
3857 $templates =& $manager->getTemplate($template_name);
3858 if ( !array_key_exists('INSERT_PLUGOPTION_TITLE', $templates) || empty($templates['INSERT_PLUGOPTION_TITLE']) )
3860 $template['title'] = "<tr>"
3861 . "<th colspan=\"2\"><%sprinttext(_PLUGIN_OPTIONS_TITLE, <|%insertpluginfo(name)%|>)%></th>"
3866 $template['title'] = $templates['INSERT_PLUGOPTION_TITLE'];
3869 if ( !array_key_exists('INSERT_PLUGOPTION_BODY', $templates) || empty($templates['INSERT_PLUGOPTION_BODY']) )
3871 $template['body'] = "<tr>"
3872 . "<%listplugplugoptionrow%>"
3877 $template['body'] = $templates['INSERT_PLUGOPTION_BODY'];
3883 foreach ( $options as $option )
3886 if ( $prevPid != $option['pid'] )
3888 $prevPid = $option['pid'];
3889 $this->parser->parse($template['title']);
3892 $meta = NucleusPlugin::getOptionMeta($option['typeinfo']);
3894 if ( @$meta['access'] != 'hidden' )
3896 $parsed = $this->parser->parse($template['body']);
3904 * AdminActions::parse_qmenuaddselect()
3905 * Parse skinvar qmanuaddselect
3907 * @param string $template_name name of template to use
3910 public function parse_qmenuaddselect($template_name = '')
3912 global $member, $blogid;
3913 $showAll = requestVar('showall');
3914 if ( $member->isAdmin() && ($showAll == 'yes') )
3916 // Super-Admins have access to all blogs! (no add item support though)
3917 $query = 'SELECT bnumber as value, bname as text FROM %s ORDER BY bname;';
3918 $query = sprintf($query, sql_table('blog'));
3922 $query = 'SELECT bnumber as value, bname as text FROM %s, %s WHERE tblog=bnumber and tmember=%d ORDER BY bname;';
3923 $query = sprintf($query, sql_table('blog'), sql_table('team'), (integer) $member->getID());
3926 $template['name'] = 'blogid';
3927 $template['tabindex'] = 15000;
3928 $template['extra'] = _QMENU_ADD_SELECT;
3929 $template['selected'] = 0;
3930 $template['shorten'] = 10;
3931 $template['shortenel'] = '';
3932 $template['javascript'] = 'onchange="return form.submit()"';
3934 $selectlist = showlist($query, 'select', $template, $template_name);
3935 $this->parser->parse($selectlist);
3941 * AdminActions::parse_quickmenu()
3942 * Parse skinvar quickmenu
3944 * @param string $template_name name of template to use
3947 public function parse_quickmenu($template_name = '')
3950 $templates = array();
3952 if ( !empty($template_name) )
3954 $templates = & $manager->getTemplate($template_name);
3956 $pluginExtras = array();
3957 $data = array('options' => &$pluginExtras);
3958 $manager->notify('QuickMenu', $data);
3960 $template = array();
3961 if ( count($pluginExtras) > 0 )
3963 if ( !array_key_exists('PLUGIN_QUICKMENU_HEAD', $templates) || empty($templates['PLUGIN_QUICKMENU_HEAD']) )
3965 $template['head'] = "<h2><%text(_QMENU_PLUGINS)%></h2>\n"
3970 $template['head'] = $templates['PLUGIN_QUICKMENU_HEAD'];
3973 if ( !array_key_exists('PLUGIN_QUICKMENU_BODY', $templates) && empty($templates['PLUGIN_QUICKMENU_BODY']) )
3975 $template['body'] = "<li><a href=\"<%plugadminurl%>\" title=\"<%plugadmintooltip%>\"><%plugadmintitle%></a></li>\n";
3979 $template['body'] = $templates['PLUGIN_QUICKMENU_BODY'];
3982 if ( !array_key_exists('PLUGIN_QUICKMENU_FOOT', $templates) || empty($templates['PLUGIN_QUICKMENU_FOOT']) )
3984 $template['foot'] = "</ul>\n";
3988 $template['foot'] = $templates['PLUGIN_QUICKMENU_FOOT'];
3991 $this->parser->parse($template['head']);
3992 foreach ( $pluginExtras as $aInfo )
3995 'plugadminurl' => Entity::hsc($aInfo['url']),
3996 'plugadmintooltip' => Entity::hsc($aInfo['tooltip']),
3997 'plugadmintitle' => Entity::hsc($aInfo['title']),
3999 $body = Template::fill($template['body'], $data);
4000 $this->parser->parse($body);
4002 $this->parser->parse($template['foot']);
4008 * AdminActions::parse_requestblogid()
4009 * Parse skinvar requestblogid
4014 public function parse_requestblogid()
4016 echo intRequestVar('blogid');
4021 * AdminActions::parse_requestiprange()
4022 * Parse skinvar requestiprange
4027 public function parse_requestiprange()
4029 if ( requestVar('iprange') )
4031 echo Entity::hsc(requestVar('iprange'));
4033 elseif ( requestVar('ip') )
4035 echo Entity::hsc(requestVar('ip'));
4041 * AdminActions::parse_selectlocalskinfiles()
4042 * Parse skinvar selectlocalskinfiles
4047 public function parse_selectlocalskinfiles()
4051 if ( !class_exists('SkinImport', FALSE) )
4053 include_libs('skinie.php');
4056 if ( !in_array($this->skintype, Admin::$adminskin_actions) && $this->skintype != 'importAdmin' )
4058 $skindir = $DIR_SKINS;
4062 $skindir = "{$DIR_SKINS}admin/";
4065 $candidates = SkinImport::searchForCandidates($skindir);
4066 foreach ( $candidates as $skinname => $skinfile )
4068 $skinname = Entity::hsc($skinname);
4069 if ( !in_array($this->skintype, Admin::$adminskin_actions) && $this->skintype != 'importAdmin' )
4071 $skinfile = Entity::hsc($skinfile);
4075 $skinfile = Entity::hsc("admin/$skinfile");
4077 echo "<option value=\"{$skinfile}\">{$skinname}</option>\n";
4084 * AdminActions::parse_skineditallowedlist()
4085 * Parse skinvar skineditallowedlist
4087 * @param string $type type of skin
4088 * @param string $template_name name of template
4091 public function parse_skineditallowedlist($type, $template_name = '')
4096 $query = "SELECT bshortname, bname FROM %s;";
4098 'content' => 'shortblognames'
4100 $query = sprintf($query, sql_table('blog'));
4103 if ( !in_array($this->skintype, Admin::$adminskin_actions) )
4105 $query = "SELECT tdname as name, tddesc as description FROM %s WHERE tdname NOT LIKE 'admin/%%';";
4109 $query = "SELECT tdname as name, tddesc as description FROM %s WHERE tdname LIKE 'admin/%%';";
4112 'content' => 'shortnames'
4114 $query = sprintf($query, sql_table('template_desc'));
4118 $skin_list = showlist($query, 'table', $show, $template_name);
4119 $this->parser->parse($skin_list);
4124 * AdminActions::parse_skinielist()
4125 * Parse skinvar skinielist
4127 * @param string $type type of skin
4128 * @param string $template_name name of template to use
4131 public function parse_skinielist($type, $template_name = '')
4135 $templates = array();
4136 if ( $template_name )
4138 $templates =& $manager->getTemplate($template_name);
4140 if ( !array_key_exists('SKINIE_EXPORT_LIST', $templates) || empty($templates['SKINIE_EXPORT_LIST']) )
4142 $template = "<tr>\n"
4144 . "<input type=\"checkbox\" name=\"<%typeid%>\" id=\"<%expid%>\" />\n"
4145 . "<label for=\"<%expid%>\"><%expname%></label>\n"
4147 . "<td><%expdesc%></td>\n"
4152 $template = $templates['SKINIE_EXPORT_LIST'];
4158 if ( !in_array($this->skintype, Admin::$adminskin_actions) )
4160 $res = DB::getResult('SELECT * FROM ' . sql_table('skin_desc'). " WHERE sdname NOT LIKE 'admin/%%';");
4164 $res = DB::getResult('SELECT * FROM ' . sql_table('skin_desc'). " WHERE sdname LIKE 'admin/%%';");
4166 foreach ( $res as $row )
4169 'typeid' => 'skin[' . $row['sdnumber'] . ']',
4170 'expid' => 'skinexp' . $row['sdnumber'],
4171 'expname' => Entity::hsc($row['sdname']),
4172 'expdesc' => Entity::hsc($row['sddesc'])
4174 echo Template::fill($template, $data);
4178 if ( !in_array($this->skintype, Admin::$adminskin_actions) )
4180 $res = DB::getResult('SELECT * FROM '.sql_table('template_desc'). " WHERE tdname NOT LIKE 'admin/%%';");
4184 $res = DB::getResult('SELECT * FROM '.sql_table('template_desc'). " WHERE tdname LIKE 'admin/%%';");
4186 foreach ( $res as $row )
4189 'typeid' => 'template[' . $row['tdnumber'] . ']',
4190 'expid' => 'templateexp' . $row['tdnumber'],
4191 'expname' => Entity::hsc($row['tdname']),
4192 'expdesc' => Entity::hsc($row['tddesc'])
4194 echo Template::fill($template, $data);
4202 * AdminActions::parse_skinoverview()
4203 * Parse skinvar skinoverview
4205 * @param string $template_name name of template to use
4208 public function parse_skinoverview($template_name = '')
4212 $template = array();
4213 if ( !in_array($this->skintype, Admin::$adminskin_actions) )
4215 $query = "SELECT * FROM %s WHERE sdname NOT LIKE 'admin/%%' ORDER BY sdname;";
4216 $template['handler'] = 'Actions';
4217 $template['editaction'] = 'skinedit';
4218 $template['cloneaction'] = 'skinclone';
4219 $template['deleteaction'] = 'skindelete';
4220 $template['edittypeaction'] = 'skinedittype';
4221 $template['default'] = $CONF['BaseSkin'];
4225 $query = "SELECT * FROM %s WHERE sdname LIKE 'admin/%%' ORDER BY sdname;";
4226 $template['handler'] = 'AdminActions';
4227 $template['editaction'] = 'adminskinedit';
4228 $template['cloneaction'] = 'adminskinclone';
4229 $template['deleteaction'] = 'adminskindelete';
4230 $template['edittypeaction'] = 'adminskinedittype';
4231 $template['default'] = $CONF['AdminSkin'];
4233 $query = sprintf($query, sql_table('skin_desc'));
4235 $template['tabindex'] = 10;
4236 $template['content'] = 'skinlist';
4238 $skin_list = showlist($query, 'table', $template, $template_name);
4239 $this->parser->parse($skin_list);
4245 * AdminActions::parse_skintypehelp()
4246 * Check editing skintypehelp
4251 public function parse_skintypehelp()
4253 $surrent_skin_type = strtolower(trim(requestVar('type')));
4254 $page_action = strtolower(trim(requestVar('action')));
4255 if ( in_array($page_action, Admin::$adminskin_actions) )
4257 $normal_types = array_keys(self::$normal_skin_types);
4261 $normal_types = array_keys(Actions::getNormalSkinTypes());
4264 if ( in_array($surrent_skin_type, $normal_types) )
4266 help('skinpart' . $surrent_skin_type);
4270 help('skinpartspecial');
4276 * AdminActions::parse_specialskinlist()
4277 * Parse skinvar specialskinlist
4279 * @param string $template_name name of template to use
4282 public function parse_specialskinlist($template_name = '')
4284 global $CONF, $manager;
4286 $template = array();
4288 $skinid = intRequestVar('skinid');
4290 if ( !in_array($this->skintype, Admin::$adminskin_actions) )
4292 $skin =& $manager->getSkin($skinid);
4293 $template['editaction'] = 'skinedittype';
4294 $template['removeaction'] = 'skinremovetype';
4298 $skin =& $manager->getSkin($skinid, 'AdminActions');
4299 $template['editaction'] = 'adminskinedittype';
4300 $template['removeaction'] = 'adminskinremovetype';
4302 $normal_types = $skin->getNormalTypes();
4303 $available_types = $skin->getAvailableTypes();
4305 $special_skintypes = array();
4306 foreach( $available_types as $skintype => $skinname )
4308 if ( !array_key_exists($skintype, $normal_types) )
4310 $special_skintypes[] = array(
4311 'skintype' => $skintype,
4312 'skintypename' => $skinname
4317 if ( sizeof($special_skintypes) > 0 )
4319 $template['tabindex'] = 75;
4320 $template['skinid'] = $skin->getID();
4321 $template['skinname'] = $skin->getName();
4322 $skin_list = showlist($special_skintypes, 'list_specialskinlist', $template, $template_name);
4323 $this->parser->parse($skin_list);
4327 /* TODO: nothing to be shown */
4334 * AdminActions::parse_sprinttext()
4337 * @param string $which
4338 * @param string $val
4341 public function parse_sprinttext($which, $val)
4343 if ( !defined($which) )
4349 $base = constant($which);
4352 if ( preg_match('#[^<|%].*[^%|>]#', $val, $matchies) )
4354 if ( !preg_match('#[(].*[^)]#', $matchies[0], $args) )
4356 $met = 'parse_' . $matchies[0];
4360 $arg = trim($args[0], '()');
4361 $met = 'parse_' . substr($matchies[0], 0, strpos($matchies[0], '('));
4364 if ( method_exists($this, $met) )
4366 $value = call_user_func(array($this, $met), $arg);
4370 if ( !isset($value) || empty($value) )
4374 echo sprintf($base, $value);
4379 * AdminActions::parse_systemsettings()
4380 * Parse skinvar systemsettings
4382 * @param string $type type of settings for system
4383 * @param string $template_name name of template to use
4386 public function parse_systemsettings($type = 'phpinfo', $template_name = '')
4388 global $manager, $member, $CONF, $nucleus;
4390 $member->isAdmin() or Admin::disallow();
4392 $enable = _ADMIN_SYSTEMOVERVIEW_ENABLE;
4393 $disable = _ADMIN_SYSTEMOVERVIEW_DISABLE;
4400 case 'sqlserverinfo':
4401 echo DB::getAttribute(PDO::ATTR_SERVER_VERSION);
4403 case 'sqlclientinfo':
4404 echo DB::getAttribute(PDO::ATTR_CLIENT_VERSION);
4406 case 'magicquotesgpc':
4407 echo ini_get('magic_quotes_gpc') ? 'On' : 'Off';
4409 case 'magicquotesruntime':
4410 echo ini_get('magic_quotes_runtime') ? 'On' : 'Off';
4412 case 'registerglobals':
4413 echo ini_get('register_globals') ? 'On' : 'Off';
4416 $templates = array();
4417 if ( $template_name )
4419 $templates =& $manager->getTemplate($template_name);
4421 if ( !array_key_exists('SYSTEMINFO_GDSETTINGS', $templates) || empty($templates['SYSTEMINFO_GDSETTINGS']) )
4423 $template = "<tr>\n"
4424 . "<td><%key%></td>\n"
4425 . "<td><%value%></td>\n"
4430 $template = $templates['SYSTEMINFO_GDSETTINGS'];
4433 $gdinfo = gd_info();
4435 foreach ( $gdinfo as $key => $value )
4437 if ( is_bool($value) )
4439 $value = $value ? $enable : $disable;
4443 $value = Entity::hsc($value);
4449 echo Template::fill($template, $data);
4453 if ( function_exists('apache_get_modules') && in_array('mod_rewrite', apache_get_modules()) )
4460 phpinfo(INFO_MODULES);
4461 $im = ob_get_contents();
4463 if ( i18n::strpos($im, 'mod_rewrite') !== FALSE )
4473 case 'nucleusversion':
4474 echo getNucleusVersion() / 100 . '(' . $nucleus['version'] . ')';
4476 case 'nucleuspatchlevel':
4477 echo getNucleusPatchLevel();
4483 echo $CONF['ItemURL'];
4485 case 'alertonheaderssent':
4486 echo $CONF['alertOnHeadersSent'] ? $enable : $disable;
4488 case 'nucleuscodename':
4489 if ( $nucleus['codename'] != '' )
4491 echo ' "' . $nucleus['codename'] . '"';
4494 case 'versioncheckurl':
4495 echo sprintf(_ADMIN_SYSTEMOVERVIEW_VERSIONCHECK_URL, getNucleusVersion(), getNucleusPatchLevel());
4502 * AdminActions::parse_templateoverview()
4503 * Parse skinvar templateoverview
4505 * @param string $template_name name of template to use
4508 public function parse_templateoverview($template_name = '')
4510 if ( !in_array($this->skintype, Admin::$adminskin_actions) )
4512 $query = "SELECT * FROM %s WHERE tdname NOT LIKE 'admin/%%' ORDER BY tdname;";
4513 $template['deleteaction'] = 'templatedelete';
4514 $template['editaction'] = 'templateedit';
4515 $template['cloneaction'] = 'templateclone';
4519 $query = "SELECT * FROM %s WHERE tdname LIKE 'admin/%%' ORDER BY tdname;";
4520 $template['deleteaction'] = 'admintemplatedelete';
4521 $template['editaction'] = 'admintemplateedit';
4522 $template['cloneaction'] = 'admintemplateclone';
4524 $query = sprintf($query, sql_table('template_desc'));
4526 $template['tabindex'] = 10;
4527 $template['content'] = 'templatelist';
4529 $template_list = showlist($query, 'table', $template, $template_name);
4530 $this->parser->parse($template_list);
4536 * AdminActions::parse_ticket()
4542 public function parse_ticket()
4545 $manager->addTicketHidden();
4550 * AdminActions::parse_versioncheckurl()
4551 * Parse skinvar versioncheckurl
4556 public function parse_versioncheckurl()
4558 echo sprintf(_ADMIN_SYSTEMOVERVIEW_VERSIONCHECK_URL, getNucleusVersion(), getNucleusPatchLevel());
4563 * AdminActions::parse_yrbloglist()
4564 * Parse skinvar yrbloglist
4566 * @param string $template_name name of template to use
4569 public function parse_yrbloglist($template_name = '')
4572 $showAll = requestVar('showall');
4574 if ( $member->isAdmin() && ($showAll == 'yes') )
4576 // Super-Admins have access to all blogs! (no add item support though)
4577 $query = "SELECT bnumber, bname, 1 as tadmin, burl, bshortname"
4579 . " ORDER BY bnumber;";
4580 $query = sprintf($query, sql_table('blog'));
4584 $query = "SELECT bnumber, bname, tadmin, burl, bshortname"
4586 . " WHERE tblog=bnumber and tmember=%d"
4587 . " ORDER BY bnumber;";
4588 $query = sprintf($query, sql_table('blog'), sql_table('team'), (integer) $member->getID());
4591 $resource = DB::getResult($query);
4592 if ( ($showAll != 'yes') && $member->isAdmin() )
4594 $query = 'SELECT COUNT(*) as result FROM ' . sql_table('blog');
4595 $total = DB::getValue($query);
4597 if ( $total > $resource->rowCount() )
4599 echo '<p><a href="index.php?action=overview&showall=yes">' . _OVERVIEW_SHOWALL . '</a></p>';
4603 if ( $resource->rowCount() > 0 )
4605 $template['content'] = 'bloglist';
4606 $template['superadmin'] = $member->isAdmin();
4608 $list_resource_table = showlist($resource, 'table', $template, $template_name);
4609 $this->parser->parse($list_resource_table);
4610 $resource->closeCursor();
4612 echo '<h2>' . _OVERVIEW_YRDRAFTS . '</h2>';
4614 $query = 'SELECT ititle, inumber, bshortname FROM %s, %s '
4615 . 'WHERE iauthor=%d AND iblog=bnumber AND idraft=1;';
4616 $query = sprintf($query, sql_table('item'), sql_table('blog'), (integer) $member->getID());
4618 $resource = DB::getResult($query);
4619 if ( $resource->rowCount() > 0 )
4621 $template['content'] = 'draftlist';
4622 $draft_list = showlist($resource, 'table', $template, $template_name);
4623 $this->parser->parse($draft_list);
4627 echo _OVERVIEW_NODRAFTS;
4632 echo _OVERVIEW_NOBLOGS;
4634 $resource->closeCursor();
4640 * AdminActions::checkCondition()
4641 * Checks conditions for if statements
4643 * @param string $field type of <%if%>
4644 * @param string $name property of field
4645 * @param string $value value of property
4646 * @return boolean condition
4648 protected function checkCondition($field, $name='', $value = '')
4650 global $CONF, $archiveprevexists, $archivenextexists, $blog, $catid, $itemidnext, $itemidprev, $manager, $member;
4660 $blog =& $manager->getBlog($blogid);
4664 $blogid = getBlogIDFromCatID($catid);
4665 $blog =& $manager->getBlog($blogid);
4667 elseif ( intRequestVar('catid') )
4669 $catid = intRequestVar('catid');
4670 $blogid = getBlogIDFromCatID($catid);
4671 $blog =& $manager->getBlog($blogid);
4678 $condition = ($blog && $this->ifCategory($name, $value));
4681 $condition = $member->isLoggedIn();
4684 $condition = $member->isLoggedIn() && $this->ifOnTeam($name);
4687 $condition = $member->isLoggedIn() && $this->ifAdmin($name);
4690 $condition = $member->isLoggedIn() && $member->isAdmin();
4692 case 'allowloginedit':
4693 $condition = $member->isLoggedIn() && ($CONF['AllowLoginEdit'] || $member->isAdmin());
4696 $condition = ($itemidnext != '');
4699 $condition = ($itemidprev != '');
4701 case 'archiveprevexists':
4702 $condition = ($archiveprevexists == true);
4704 case 'archivenextexists':
4705 $condition = ($archivenextexists == true);
4708 $condition = (($name == $this->skintype) || ($name == requestVar('action')));
4711 $condition = $this->ifHasPlugin($name, $value);
4714 $condition = (Admin::$action == $name);
4716 case 'adminoldaction':
4717 $condition = (Admin::$action == $name);
4719 case 'addresschange':
4720 $condition = ($this->ifAddresscange());
4722 case 'bechangepass':
4723 $condition = ($this->beChangePassword());
4725 case 'skincandidates':
4726 $condition = ($this->ifSkincandidates());
4729 $condition = Admin::$contents['nameclashes'];
4731 case 'existsnewplugin':
4732 $condition = ($this->existsNewPlugin());
4739 $condition = (boolean) ($member->getAutosave() == $value);
4746 $condition = (Admin::$blog->getSetting($name) == $value);
4748 case 'itemproperty':
4753 if ( array_key_exists($name, Admin::$contents) )
4755 $condition = (boolean) (Admin::$contents[$name] == $value);
4759 $condition = $manager->pluginInstalled("NP_{$field}") && $this->ifPlugin($field, $name, $value);
4766 * AdminActions::_ifHasPlugin()
4767 * hasplugin,PlugName
4768 * -> checks if plugin exists
4769 * hasplugin,PlugName,OptionName
4770 * -> checks if the option OptionName from plugin PlugName is not set to 'no'
4771 * hasplugin,PlugName,OptionName=value
4772 * -> checks if the option OptionName from plugin PlugName is set to value
4774 * @param string $name name of plugin
4775 * @param string $value
4778 private function ifHasPlugin($name, $value)
4782 // (pluginInstalled method won't write a message in the actionlog on failure)
4783 if ( $manager->pluginInstalled("NP_{$name}") )
4785 $plugin =& $manager->getPlugin("NP_{$name}");
4786 if ( $plugin != NULL )
4794 list($name2, $value2) = preg_split('#=#', $value, 2);
4795 if ( $value2 == "" && $plugin->getOption($name2) != 'no' )
4799 else if ( $plugin->getOption($name2) == $value2 )
4810 * AdminActions::beChangePassword()
4815 private function beChangePassword()
4817 return intRequestVar('bNeedsPasswordChange');
4821 * AdminActions::ifSkincandidates()
4822 * Checks if a plugin exists and call its doIf function
4828 private function ifSkincandidates()
4831 $candidates = SKINIMPORT::searchForCandidates($DIR_SKINS);
4832 return (count($candidates) > 0);
4836 * AdminActions::ifPlugin()
4837 * Checks if a plugin exists and call its doIf function
4839 * @param string $name name of plugin
4840 * @param string $key
4841 * @param string $value
4844 private function ifPlugin($name, $key = '', $value = '')
4848 $plugin =& $manager->getPlugin("NP_{$name}");
4854 $params = func_get_args();
4855 array_shift($params);
4857 return call_user_func_array(array($plugin, 'doIf'), $params);
4861 * AdminActions::ifCategory()
4862 * Different checks for a category
4864 * @param string $key key for information of category
4865 * @param string $value value for information of category
4868 private function ifCategory($key = '', $value='')
4870 global $blog, $catid;
4872 // when no parameter is defined, just check if a category is selected
4873 if (($key != 'catname' && $key != 'catid') || ($value == ''))
4875 return $blog->isValidCategory($catid);
4878 // check category name
4879 if ( $key == 'catname' )
4881 $value = $blog->getCategoryIdFromName($value);
4882 if ($value == $catid)
4884 return $blog->isValidCategory($catid);
4888 // check category id
4889 if (($key == 'catid') && ($value == $catid))
4891 return $blog->isValidCategory($catid);
4898 * AdminActions::ifOnTeam()
4899 * Checks if a member is on the team of a blog and return his rights
4901 * @param string $blogName name of weblog
4904 private function ifOnTeam($blogName = '')
4906 global $blog, $member, $manager;
4908 // when no blog found
4909 if ( ($blogName == '') && !is_object($blog) )
4914 // explicit blog selection
4915 if ($blogName != '')
4917 $blogid = getBlogIDFromName($blogName);
4920 if (($blogName == '') || !$manager->existsBlogID($blogid))
4923 $blogid = $blog->getID();
4925 return $member->teamRights($blogid);
4929 * AdminActions::ifAdmin()
4930 * Checks if a member is admin of a blog
4932 * @param string $blogName name of weblog
4935 private function ifAdmin($blogName = '')
4937 global $blog, $member, $manager;
4939 // when no blog found
4940 if (($blogName == '') && (!is_object($blog)))
4945 // explicit blog selection
4946 if ($blogName != '')
4948 $blogid = getBlogIDFromName($blogName);
4951 if (($blogName == '') || !$manager->existsBlogID($blogid))
4954 $blogid = $blog->getID();
4957 return $member->isBlogAdmin($blogid);
4961 * AdminActions::ifAddresscange()
4962 * Check e-Mail address is changed
4967 private function ifAddresscange()
4971 $key = $this->objAdmin->sessionVar("{$CONF['CookiePrefix']}ackey");
4976 $info = MEMBER::getActivationInfo($key);
4981 $mem =& $manager->getMember($info->vmember);
4986 if ( $info->vtype == 'addresschange' )
4995 * AdminActions::customHelp()
4996 * shows a link to custom help file
4999 * @param string $tplName
5000 * @param string $url
5001 * @param string $iconURL
5002 * @param string $alt
5003 * @param string $title
5007 private function customHelp($id, $tplName = '', $url = '', $iconURL = '', $alt = '', $title = '', $onclick = '')
5009 echo $this->customHelpHtml($id, $tplName, $url, $iconURL, $alt, $title, $onclick);
5014 * AdminActions::customHelp()
5015 * shows a link to custom help file
5018 * @param string $tplName
5019 * @param string $url
5020 * @param string $iconURL
5021 * @param string $alt
5022 * @param string $title
5026 static function customHelplink($id, $tplName = '', $url = '', $title = '', $onclick = '')
5028 global $CONF, $manager;
5030 $templates = array();
5034 $templates =& $manager->getTemplate($tplName);
5037 if ( !array_key_exists('ADMIN_CUSTOMHELPLINK_ANCHOR', $templates) || empty($templates['ADMIN_CUSTOMHELPLINK_ANCHOR']) )
5039 $template = "<a href=\"<%helpurl%>#<%helptarget%>\" title=\"<%title%>\" <%onclick%>>\n";
5043 $template = $templates['ADMIN_CUSTOMHELPLINK_ANCHOR'];
5048 $url = $CONF['AdminURL'] . 'documentation/customHelp.html';
5051 if ( empty($onclick) )
5053 $onclick = 'onclick="if (event && event.preventDefault) event.preventDefault(); return help(this.href);"';
5055 elseif ( preg_match('#^onclick#', $onclick) )
5057 $onclick = $onclick;
5061 $onclick = 'onclick="' . $onclick . '"';
5066 'helptarget' => $id,
5067 'onclick' => $onclick,
5068 'title' => (isset($title) && !empty($title)) ? $title : _HELP_TT,
5070 return Template::fill($template, $data);
5075 * AdminActions::customHelpHtml()
5077 private function customHelpHtml($id, $tplName = '', $url = '', $iconURL = '', $alt = '', $title = '', $onclick = '')
5079 global $CONF, $manager;
5081 $templates = array();
5085 $templates =& $manager->getTemplate($tplName);
5087 if ( !array_key_exists('ADMIN_CUSTOMHELPLINK_ICON', $templates) || !empty($templates['ADMIN_CUSTOMHELPLINK_ICON']) )
5089 $template = "<img src=\"<%iconurl%>\" <%width%><%height%>alt=\"<%alt%>\" title=\"<%title%>\" /></a>\n";
5093 $template = $templates['ADMIN_CUSTOMHELPLINK_ICON'];
5096 if ( empty($iconURL) )
5098 $iconURL = $CONF['AdminURL'] . 'documentation/icon-help.gif';
5101 if ( function_exists('getimagesize') )
5103 $size = getimagesize($iconURL);
5104 $width = 'width="' . $size[0] . '" ';
5105 $height = 'height="' . $size[1] . '" ';
5109 'iconurl' => $iconURL,
5111 'height' => $height,
5112 'alt' => (isset($alt) && !empty($alt)) ? $alt : _HELP_TT,
5113 'title' => (isset($title) && !empty($title)) ? $title : _HELP_TT,
5116 $icon = Template::fill($template, $data);
5117 $help = $this->customHelplink($id, $tplName, $url, $title, $onclick);
5119 return $help . $icon;
5123 * AdminActions::existsNewPlugin()
5124 * Check exists new plugin
5127 * @return boolean exists or not
5129 private function existsNewPlugin()
5131 global $DIR_PLUGINS;
5133 $query = "SELECT * FROM %s;";
5134 $query = sprintf($query, sql_table('plugin'));
5135 $res = DB::getResult($query);
5137 $installed = array();
5138 foreach( $res as $row )
5140 $installed[] = $row['pfile'];
5143 $files = scandir($DIR_PLUGINS);
5145 $candidates = array();
5146 foreach ( $files as $file )
5148 if ( preg_match("#^(NP_.*)\.php$#", $file, $matches) )
5150 if ( !in_array($matches[1], $installed) )
5152 $candidates[] = preg_replace("#^NP_#", "", $matches[1]);
5156 $this->newPlugCandidates = $candidates;
5157 return (count($candidates) > 0);
5161 * AdminActions::pagehead()
5162 * Output admin page head
5167 public function parse_pagehead()
5169 global $member, $nucleus, $CONF, $manager;
5171 /* HTTP 1.1 application for no caching */
5172 header("Cache-Control: no-cache, must-revalidate");
5173 header("Expires: Sat, 26 Jul 1997 05:00:00 GMT");
5175 $content = $this->parser->skin->getContentFromDB('pagehead');
5178 $root_element = 'html';
5179 $charset = i18n::get_current_charset();
5180 $locale = preg_replace('#_#', '-', i18n::get_current_locale());
5181 $xml_version_info = '1.0';
5182 $formal_public_identifier = '-//W3C//DTD XHTML 1.0 Strict//EN';
5183 $system_identifier = 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd';
5184 $xhtml_namespace = 'http://www.w3.org/1999/xhtml';
5186 $content = "<?xml version=\"{$xml_version_info}\" encoding=\"{$charset}\" ?>\n"
5187 . "<!DOCTYPE {$root_element} PUBLIC \"{$formal_public_identifier}\" \"{$system_identifier}\">\n"
5188 . "<{$root_element} xmlns=\"{$xhtml_namespace}\" xml:lang=\"{$locale}\" lang=\"{$locale}\">\n"
5190 . "<title><%sitevar(name)%> - Admin</title>\n"
5191 . "<script type=\"text/javascript\" src=\"<%skinfile(/javascripts/edit.js)%>\"></script>"
5192 . "<script type=\"text/javascript\" src=\"<%skinfile(/javascripts/admin.js)%>\"></script>"
5193 . "<script type=\"text/javascript\" src=\"<%skinfile(/javascripts/compatibility.js)%>\"></script>"
5197 . "<div id=\"adminwrapper\">"
5198 . "<div class=\"header\">"
5199 . "<h1><%sitevar(name)%></h1>"
5201 . "<div id=\"container\">"
5202 . "<div id=\"content\">"
5203 . "<div class=\"loginname\">"
5204 . "<link rel=\"stylesheet\" title=\"Nucleus Admin Default\" type=\"text/css\" href=\"<%skinfile(admin/defaultadmin/styles/addedit.css%>\" />\n"
5205 . "<script type=\"text/javascript\" src=\"<%skinfile(/javascripts/edit.js)%>\"></script>\n"
5206 . "<script type=\"text/javascript\" src=\"<%skinfile(/javascripts/admin.js)%>\"></script>\n"
5207 . "<script type=\"text/javascript\" src=\"<%skinfile(/javascripts/compatibility.js)%>\"></script>\n"
5212 . "<div id=\"adminwrapper\">\n"
5213 . "<div class=\"header\">\n"
5214 . "<h1><%sitevar(name)%></h1>\n"
5216 . "<div id=\"container\">\n"
5217 . "<div id=\"content\">\n"
5218 . "<div class=\"loginname\">\n"
5219 . "<%if(loggedin)%>"
5220 . "<%text(_LOGGEDINAS)%> <%member(yourrealname)%> - <a href=\"<%adminurl%>index.php?action=logout\"><%text(_LOGOUT)%></a><br />"
5221 . "<a href=\"<%adminurl%>index.php?action=overview\"><%text(_ADMINHOME)%></a> - "
5223 . "<a href=\"<%adminurl%>index.php?action=showlogin\" title=\"Log in\"><%text(_NOTLOGGEDIN)%></a><br />"
5225 . "<a href=\"<%sitevar(url)%>\"><%text(_YOURSITE)%></a><br />"
5227 . "<%if(superadmin)%>"
5228 . "<a href=\"<%versioncheckurl%>\" title=\"<%text(_ADMIN_SYSTEMOVERVIEW_VERSIONCHECK_TITLE)%>\"><%version%><%codename%></a>"
5229 . "<%newestcompare%><%else%><%version%><%codename%>"
5235 $this->parser->parse($content);
5240 * AdminActionss::pagefoot()
5241 * Output admin page foot include quickmenu
5246 public function parse_pagefoot()
5248 global $action, $member, $manager, $blogid;
5250 $data = array('action' => Admin::$action);
5251 $manager->notify('AdminPrePageFoot', $data);
5253 $content = $this->parser->skin->getContentFromDB('pagefoot');
5256 $content = "<%if(loggedin)%>"
5257 . "<%ifnot(adminaction,showlogin)%>"
5258 . "<h2><%text(_LOGOUT)%></h2>"
5260 . "<li><a href=\"<%adminurl%>index.php?action=overview\"><%text(_BACKHOME)%></a></li>"
5261 . "<li><a href=\"<%adminurl%>index.php?action=logout\"><%text(_LOGOUT)%></a></li>"
5265 . "<div class=\"foot\">"
5266 . "<a href=\"<%text(_ADMINPAGEFOOT_OFFICIALURL)%>\">Nucleus CMS</a> © 2002- <%date(%Y)%> <%text(_ADMINPAGEFOOT_COPYRIGHT)%>"
5267 . " - <a href=\"<%text(_ADMINPAGEFOOT_DONATEURL)%>\"><%text(_ADMINPAGEFOOT_DONATE)%></a>"
5270 . "<!-- content -->"
5271 . "<div id=\"quickmenu\">"
5272 . "<%if(loggedin)%>"
5273 . "<%ifnot(adminaction,showlogin)%>"
5275 . "<li><a href=\"<%adminurl%>index.php?action=overview\"><%text(_QMENU_HOME)%></a></li>"
5277 . "<h2><%text(_QMENU_ADD)%></h2>"
5278 . "<form method=\"get\" action=\"<%adminurl%>index.php\">"
5280 . "<input type=\"hidden\" name=\"action\" value=\"createitem\" />"
5281 . "<%qmenuaddselect(admin/default)%>"
5284 . "<h2><%member(yourrealname)%></h2>"
5286 . "<li><a href=\"<%adminurl%>index.php?action=editmembersettings\"><%text(_QMENU_USER_SETTINGS)%></a></li>"
5287 . "<li><a href=\"<%adminurl%>index.php?action=browseownitems\"><%text(_QMENU_USER_ITEMS)%></a></li>"
5288 . "<li><a href=\"<%adminurl%>index.php?action=browseowncomments\"><%text(_QMENU_USER_COMMENTS)%></a></li>"
5290 . "<%if(superadmin)%>"
5291 . "<h2><%text(_QMENU_MANAGE)%></h2>"
5293 . "<li><a href=\"<%adminurl%>index.php?action=actionlog\"><%text(_QMENU_MANAGE_LOG)%></a></li>"
5294 . "<li><a href=\"<%adminurl%>index.php?action=settingsedit\"><%text(_QMENU_MANAGE_SETTINGS)%></a></li>"
5295 . "<li><a href=\"<%adminurl%>index.php?action=systemoverview\"><%text(_QMENU_MANAGE_SYSTEM)%></a></li>"
5296 . "<li><a href=\"<%adminurl%>index.php?action=usermanagement\"><%text(_QMENU_MANAGE_MEMBERS)%></a></li>"
5297 . "<li><a href=\"<%adminurl%>index.php?action=createnewlog\"><%text(_QMENU_MANAGE_NEWBLOG)%></a></li>"
5298 . "<li><a href=\"<%adminurl%>index.php?action=backupoverview\"><%text(_QMENU_MANAGE_BACKUPS)%></a></li>"
5299 . "<li><a href=\"<%adminurl%>index.php?action=pluginlist\"><%text(_QMENU_MANAGE_PLUGINS)%></a></li>"
5301 . "<h2><%text(_QMENU_LAYOUT)%></h2>"
5303 . "<li><a href=\"<%adminurl%>index.php?action=skinoverview\"><%text(_QMENU_LAYOUT_SKINS)%></a></li>"
5304 . "<li><a href=\"<%adminurl%>index.php?action=templateoverview\"><%text(_QMENU_LAYOUT_TEMPL)%></a></li>"
5305 . "<li><a href=\"<%adminurl%>index.php?action=skinieoverview\"><%text(_QMENU_LAYOUT_IEXPORT)%></a></li>"
5307 . "<h2><%text(_SKINABLEADMIN_QMENU_LAYOUT)%></h2>"
5309 . "<li><a href=\"<%adminurl%>index.php?action=adminskinoverview\"><%text(_QMENU_LAYOUT_SKINS)%></a></li>"
5310 . "<li><a href=\"<%adminurl%>index.php?action=admintemplateoverview\"><%text(_QMENU_LAYOUT_TEMPL)%></a></li>"
5311 . "<li><a href=\"<%adminurl%>index.php?action=adminskinieoverview\"><%text(_QMENU_LAYOUT_IEXPORT)%></a></li>"
5314 . "<%quickmenu(admin/default)%>"
5316 . "<%elseif(adminaction,activate)%>"
5317 . "<h2><%text(_QMENU_ACTIVATE)%></h2>"
5318 . "<%text(_QMENU_ACTIVATE_TEXT)%>"
5319 . "<%elseif(adminaction,activatesetpwd)%>"
5320 . "<h2><%text(_QMENU_ACTIVATE)%></h2><%text(_QMENU_ACTIVATE_TEXT)%>"
5322 . "<h2><%text(_QMENU_INTRO)%></h2><%text(_QMENU_INTRO_TEXT)%>"
5325 . "<!-- content / quickmenu container -->"
5326 . "<div class=\"clear\"></div>"
5329 . "<!-- adminwrapper -->"
5333 . "<p style=\"text-align:right;\"><%benchmark%></p>"
5338 $this->parser->parse($content);
5342 * AdminActions::selectBlog()
5343 * Inserts a HTML select element with choices for all blogs to which the user has access
5344 * mode = 'blog' => shows blognames and values are blogids
5345 * mode = 'category' => show category names and values are catids
5347 * @param string $name
5348 * @param string $mode
5349 * @param integer $selected
5350 * @param integer $tabindex
5351 * @param integer $showNewCat
5352 * @param integer $iForcedBlogInclude ID for weblog always included
5353 * @param $iForcedBlogInclude
5354 * ID of a blog that always needs to be included, without checking if the
5355 * member is on the blog team (-1 = none)
5358 private function selectBlog($name, $mode='blog', $selected = 0, $tabindex = 0, $showNewCat = 0, $iForcedBlogInclude = -1)
5360 global $member, $CONF;
5362 // 0. get IDs of blogs to which member can post items (+ forced blog)
5363 $aBlogIds = array();
5364 if ( $iForcedBlogInclude != -1 )
5366 $aBlogIds[] = intval($iForcedBlogInclude);
5369 if ( $member->isAdmin() && array_key_exists('ShowAllBlogs', $CONF) && $CONF['ShowAllBlogs'] )
5371 $query = "SELECT bnumber FROM %s ORDER BY bname;";
5372 $query = sprintf($query, sql_table('blog'));
5376 $query = "SELECT bnumber FROM %s, %s WHERE tblog=bnumber AND tmember=%d;";
5377 $query = sprintf($query, sql_table('blog'), sql_table('team'), (integer) $member->getID());
5380 $rblogids = DB::getResult($query);
5381 foreach ( $rblogids as $row )
5383 if ( $row['bnumber'] != $iForcedBlogInclude )
5385 $aBlogIds[] = intval($row['bnumber']);
5389 if ( count($aBlogIds) == 0 )
5394 echo "<select name=\"{$name}\" tabindex=\"{$tabindex}\">\n";
5396 // 1. select blogs (we'll create optiongroups)
5397 // (only select those blogs that have the user on the team)
5398 $queryBlogs = "SELECT bnumber, bname FROM %s WHERE bnumber in (%s) ORDER BY bname;";
5399 $queryBlogs = sprintf($queryBlogs, sql_table('blog'), implode(',', $aBlogIds));
5400 $blogs = DB::getResult($queryBlogs);
5402 if ( $mode == 'category' )
5404 if ( $blogs->rowCount() > 1 )
5408 foreach ( $blogs as $rBlog )
5410 if ( isset($multipleBlogs) && !empty($multipleBlogs) )
5412 echo '<optgroup label="' . Entity::hsc($rBlog['bname']) . "\">\n";
5415 // show selection to create new category when allowed/wanted
5418 // check if allowed to do so
5419 if ( $member->blogAdminRights($rBlog['bnumber']) )
5421 echo '<option value="newcat-' . $rBlog['bnumber'] . '">' . _ADD_NEWCAT . "</option>\n";
5425 // 2. for each category in that blog
5426 $catQuery = "SELECT cname, catid FROM %s WHERE cblog=%d ORDER BY cname ASC;";
5427 $catQuery = sprintf($catQuery, sql_table('category'), (integer) $rBlog['bnumber']);
5428 $categories = DB::getResult($catQuery);
5429 foreach ( $categories as $rCat )
5431 if ( $rCat['catid'] == $selected )
5433 $selectText = ' selected="selected" ';
5439 echo '<option value="' . $rCat['catid'] . '" ' . $selectText . '>' . Entity::hsc($rCat['cname']) . "</option>\n";
5442 if ( isset($multipleBlogs) && !empty($multipleBlogs) )
5450 foreach ( $blogs as $rBlog )
5452 echo '<option value="' . $rBlog['bnumber'] . '"';
5453 if ( $rBlog['bnumber'] == $selected )
5455 echo '<option value="' . $rBlog['bnumber'] . '" selected="selected">' . Entity::hsc($rBlog['bname']) . "</option>\n";
5459 echo '<option value="' . $rBlog['bnumber'] . '">' . Entity::hsc($rBlog['bname']) . "</option>\n";