4 include($strRel . 'config.php');
5 include($DIR_LIBS . 'PLUGINADMIN.php');
6 include('template.php');
8 // Send out Content-type
9 header('Pragma: no-cache');
10 header("Content-Type: text/xml");
11 sendContentType('text/xml', 'admin-trackback', _CHARSET);
13 $oPluginAdmin = new PluginAdmin('TrackBack');
15 if ( ! $member->isLoggedIn() )
17 $oPluginAdmin->start();
18 echo '<p>' . _ERROR_DISALLOWED . '</p>';
24 $action = requestVar('action');
25 $aActionsNotToCheck = array(
28 if (!in_array($action, $aActionsNotToCheck)) {
29 if (!$manager->checkTicket()) doError(_ERROR_BADTICKET);
32 //modify start+++++++++
33 $plug =& $oPluginAdmin->plugin;
34 $tableVersion = $plug->checkTableVersion();
36 // include language file for this plugin
37 $language = ereg_replace( '[\\|/]', '', getLanguageName());
38 if (file_exists($plug->getDirectory().'language/'.$language.'.php'))
39 include_once($plug->getDirectory().'language/'.$language.'.php');
41 include_once($plug->getDirectory().'language/'.'english.php');
44 $oTemplate = new Trackback_Template();
45 $oTemplate->set ('CONF', $CONF);
46 $oTemplate->set ('plugindirurl', $oPluginAdmin->plugin->getAdminURL());
47 $oTemplate->set ('ticket', $manager->_generateTicket());
50 if( ! $member->isAdmin() ){
52 $res = sql_query('SELECT tblog FROM '.sql_table('team').' WHERE tadmin = 1 AND tmember = '.$member->getID() );
54 while ($row = mysql_fetch_array($res)){
55 $adminBlog[] = $row[0];
58 $whereClause = ' i.iblog in (' . implode(', ', $adminBlog) . ') ';
61 $whereClause = ' AND ( i.iauthor = '.$member->getID().' OR ' . $whereClause . ' )';
63 $whereClause = ' AND i.iauthor = '.$member->getID();
66 $requiredItemEditRights = array(
72 if (in_array($action, $requiredItemEditRights)) {
73 $ids = explode(',', requestVar('ids'));
75 foreach( $ids as $id ){
80 if( ! $member->isAdmin() ){
81 $query = 'SELECT t.id FROM ' . sql_table('plugin_tb') . ' t, ' . sql_table('item') . ' i WHERE t.tb_id = i.inumber AND t.id in ( '. implode(',', $safeids) . ' ) '. $whereClause ;
82 $res = sql_query($query);
84 while ($row = mysql_fetch_array($res)){
94 $type = requestVar('type') == 'all' ? 'all' : 'blocked' ;
95 $filter['all'] = ' t.block = 0 ';
96 $filter['blocked'] = ' t.block = 1 ';
98 $start = intRequestVar('offset') ? intRequestVar('offset') : 0;
99 $amount = intRequestVar('page_size') ? intRequestVar('page_size') : 25;
102 $colname['date'] = 'timestamp';
103 $colname['item'] = 'story_id';
104 $colname['title'] = 'title';
106 $sort_col = requestVar('sort_col');
107 $sort_col = $colname[$sort_col];
108 if( !$sort_col ) $sort_col = $colname['date'];
110 $sort_dir = ( requestVar('sort_dir') == 'ASC' ) ? 'ASC' : 'DESC';
116 ".sql_table('plugin_tb')." AS t,
117 ".sql_table('item')." AS i
119 t.tb_id = i.inumber AND
120 ".$filter[$type].$whereClause);
121 $rrow = mysql_fetch_array($rres);
122 $count = $rrow['count'];
127 i.inumber AS story_id,
130 t.blog_name AS blog_name,
131 t.excerpt AS excerpt,
134 UNIX_TIMESTAMP(t.timestamp) AS timestamp
136 ".sql_table('plugin_tb')." AS t,
137 ".sql_table('item')." AS i
139 t.tb_id = i.inumber AND
140 ".$filter[$type].$whereClause."
142 ".$sort_col." ".$sort_dir."
144 ".$start.",".$amount."
149 while ($rrow = mysql_fetch_array($rres))
151 $rrow['title'] = $oPluginAdmin->plugin->_cut_string($rrow['title'], 50);
152 $rrow['title'] = $oPluginAdmin->plugin->_strip_controlchar($rrow['title']);
153 $rrow['title'] = htmlspecialchars($rrow['title']);
154 $rrow['title'] = preg_replace("/-+/","-",$rrow['title']);
156 $rrow['blog_name'] = $oPluginAdmin->plugin->_cut_string($rrow['blog_name'], 50);
157 $rrow['blog_name'] = $oPluginAdmin->plugin->_strip_controlchar($rrow['blog_name']);
158 $rrow['blog_name'] = htmlspecialchars($rrow['blog_name']);
159 $rrow['blog_name'] = preg_replace("/-+/","-",$rrow['blog_name']);
161 $rrow['excerpt'] = $oPluginAdmin->plugin->_cut_string($rrow['excerpt'], 100);
162 $rrow['excerpt'] = $oPluginAdmin->plugin->_strip_controlchar($rrow['excerpt']);
163 $rrow['excerpt'] = htmlspecialchars($rrow['excerpt']);
164 $rrow['excerpt'] = preg_replace("/-+/","-",$rrow['excerpt']);
166 $rrow['url'] = htmlspecialchars($rrow['url'], ENT_QUOTES);
168 $blog = & $manager->getBlog(getBlogIDFromItemID($rrow['story_id']));
169 $rrow['story_url'] = $oPluginAdmin->plugin->_createItemLink($rrow['story_id'], $blog);
170 $rrow['story'] = htmlspecialchars(strip_tags($rrow['story']), ENT_QUOTES);
175 $oTemplate->set ('amount', $amount);
176 $oTemplate->set ('count', $count);
177 $oTemplate->set ('start', $start);
178 $oTemplate->set ('items', $items);
179 $oTemplate->template('templates/response_'.$type.'.xml');
183 if( count($safeids) > 0 ){
184 $safeids = implode(',',$safeids);
188 . sql_table('plugin_tb')
189 . ' WHERE id in (' . $safeids. ')'
191 $oTemplate->set ('message', $safeids . ' deleted.');
193 $oTemplate->set ('message', 'no rows deleted.');
196 $oTemplate->template('templates/response_dodelete.xml');
200 if( count($safeids) > 0 ){
201 $safeids = implode(',',$safeids);
205 . sql_table('plugin_tb')
207 . ' WHERE id in (' . $safeids. ')'
209 $oTemplate->set ('message', $safeids . ' blocked.');
211 $oTemplate->set ('message', 'no rows blocked.');
214 $oTemplate->template('templates/response_doblock.xml');
218 if( count($safeids) > 0 ){
219 $safeids = implode(',',$safeids);
223 . sql_table('plugin_tb')
225 . ' WHERE id in (' . $safeids. ')'
227 $oTemplate->set ('message', $safeids . ' unblocked.');
229 $oTemplate->set ('message', 'no rows unblocked.');
232 $oTemplate->template('templates/response_dounblock.xml');
236 // Create the admin area page
237 echo $oTemplate->fetch();