Project

General

Profile

1 1140 aldus
<?php
2
3
// $Id$
4
5
/*
6
7
 Website Baker Project <http://www.websitebaker.org/>
8
 Copyright (C) 2004-2009, Ryan Djurovich
9
10
 Website Baker is free software; you can redistribute it and/or modify
11
 it under the terms of the GNU General Public License as published by
12
 the Free Software Foundation; either version 2 of the License, or
13
 (at your option) any later version.
14
15
 Website Baker is distributed in the hope that it will be useful,
16
 but WITHOUT ANY WARRANTY; without even the implied warranty of
17
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18
 GNU General Public License for more details.
19
20
 You should have received a copy of the GNU General Public License
21
 along with Website Baker; if not, write to the Free Software
22
 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
23
24
*/
25
26
// Include config file
27
require('../../config.php');
28
29
// Make sure people are allowed to access this page
30
if(MANAGE_SECTIONS != 'enabled') {
31
	header('Location: '.ADMIN_URL.'/pages/index.php');
32
	exit(0);
33
}
34
35
// Get page id
36
if(!isset($_GET['page_id']) OR !is_numeric($_GET['page_id'])) {
37
	header("Location: index.php");
38
	exit(0);
39
} else {
40
	$page_id = $_GET['page_id'];
41
}
42
43
$debug = false; // to show position and section_id
44
45
// Create new admin object
46
require_once(WB_PATH.'/framework/class.admin.php');
47
$admin = new admin('Pages', 'pages_modify');
48
49
// Check if we are supposed to add or delete a section
50
if(isset($_GET['section_id']) AND is_numeric($_GET['section_id'])) {
51
	// Get more information about this section
52
	$section_id = $_GET['section_id'];
53
	$query_section = $database->query("SELECT module FROM ".TABLE_PREFIX."sections WHERE section_id = '$section_id'");
54
	if($query_section->numRows() == 0) {
55
		$admin->print_error('Section not found');
56
	}
57
	$section = $query_section->fetchRow();
58
	// Include the modules delete file if it exists
59
	if(file_exists(WB_PATH.'/modules/'.$section['module'].'/delete.php')) {
60
		require(WB_PATH.'/modules/'.$section['module'].'/delete.php');
61
	}
62
	$database->query("DELETE FROM ".TABLE_PREFIX."sections WHERE section_id = '$section_id' LIMIT 1");
63
	if($database->is_error()) {
64
		$admin->print_error($database->get_error());
65
	} else {
66
		require(WB_PATH.'/framework/class.order.php');
67
		$order = new order(TABLE_PREFIX.'sections', 'position', 'section_id', 'page_id');
68
		$order->clean($page_id);
69
		$admin->print_success($TEXT['SUCCESS'], ADMIN_URL.'/pages/sections.php?page_id='.$page_id);
70
		$admin->print_footer();
71
		exit();
72
	}
73
} elseif(isset($_POST['module']) AND $_POST['module'] != '') {
74
	// Get section info
75
	$module = $admin->add_slashes($_POST['module']);
76
	// Include the ordering class
77
	require(WB_PATH.'/framework/class.order.php');
78
	// Get new order
79
	$order = new order(TABLE_PREFIX.'sections', 'position', 'section_id', 'page_id');
80
	$position = $order->get_new($page_id);
81
	// Insert module into DB
82
	$database->query("INSERT INTO ".TABLE_PREFIX."sections (page_id,module,position,block) VALUES ('$page_id','$module','$position','1')");
83
	// Get the section id
84
	$section_id = $database->get_one("SELECT LAST_INSERT_ID()");
85
	// Include the selected modules add file if it exists
86
	if(file_exists(WB_PATH.'/modules/'.$module.'/add.php')) {
87
		require(WB_PATH.'/modules/'.$module.'/add.php');
88
	}
89
}
90
91
// Get perms
92
$database = new database();
93
$results = $database->query("SELECT admin_groups,admin_users FROM ".TABLE_PREFIX."pages WHERE page_id = '$page_id'");
94
$results_array = $results->fetchRow();
95
$old_admin_groups = explode(',', $results_array['admin_groups']);
96
$old_admin_users = explode(',', $results_array['admin_users']);
97
$in_old_group = FALSE;
98
foreach($admin->get_groups_id() as $cur_gid){
99
	if (in_array($cur_gid, $old_admin_groups)) {
100
		$in_old_group = TRUE;
101
	}
102
}
103
if((!$in_old_group) AND !is_numeric(array_search($admin->get_user_id(), $old_admin_users))) {
104
	$admin->print_error($MESSAGE['PAGES']['INSUFFICIENT_PERMISSIONS']);
105
}
106
107
// Get page details
108
$database = new database();
109
$query = "SELECT * FROM ".TABLE_PREFIX."pages WHERE page_id = '$page_id'";
110
$results = $database->query($query);
111
if($database->is_error()) {
112
	$admin->print_header();
113
	$admin->print_error($database->get_error());
114
}
115
if($results->numRows() == 0) {
116
	$admin->print_header();
117
	$admin->print_error($MESSAGE['PAGES']['NOT_FOUND']);
118
}
119
$results_array = $results->fetchRow();
120
121
// Set module permissions
122
$module_permissions = $_SESSION['MODULE_PERMISSIONS'];
123
124
// Unset block var
125
unset($block);
126
// Include template info file (if it exists)
127
if($results_array['template'] != '') {
128
	$template_location = WB_PATH.'/templates/'.$results_array['template'].'/info.php';
129
} else {
130
	$template_location = WB_PATH.'/templates/'.DEFAULT_TEMPLATE.'/info.php';
131
}
132
if(file_exists($template_location)) {
133
	require($template_location);
134
}
135
// Check if $menu is set
136
if(!isset($block[1]) OR $block[1] == '') {
137
	// Make our own menu list
138
	$block[1] = $TEXT['MAIN'];
139
}
140
141
/*-- load css files with jquery --*/
142
// include jscalendar-setup
143
$jscal_use_time = true; // whether to use a clock, too
144
require_once(WB_PATH."/include/jscalendar/wb-setup.php");
145
146
// Setup template object
147
$template = new Template(THEME_PATH.'/templates');
148
$template->set_file('page', 'pages_sections.htt');
149
$template->set_block('page', 'main_block', 'main');
150
$template->set_block('main_block', 'module_block', 'module_list');
151
$template->set_block('main_block', 'section_block', 'section_list');
152
$template->set_block('section_block', 'block_block', 'block_list');
153
$template->set_block('main_block', 'calendar_block', 'calendar_list');
154
155
// set first defaults and messages
156
$template->set_var(array(
157
				'PAGE_ID' => $results_array['page_id'],
158
				'PAGE_TITLE' => ($results_array['page_title']),
159
				'MENU_TITLE' => ($results_array['menu_title']),
160
				'TEXT_CURRENT_PAGE' => $TEXT['CURRENT_PAGE'],
161
				'HEADING_MANAGE_SECTIONS' => $HEADING['MANAGE_SECTIONS'],
162
				'HEADING_MODIFY_PAGE' => $HEADING['MODIFY_PAGE'],
163
				'TEXT_CHANGE_SETTINGS' => $TEXT['CHANGE_SETTINGS'],
164
				'TEXT_ADD_SECTION' => $TEXT['ADD_SECTION'],
165
				'TEXT_ID' => 'ID',
166
				'TEXT_TYPE' => $TEXT['TYPE'],
167
				'TEXT_BLOCK' => $TEXT['BLOCK'],
168
				'TEXT_PUBL_START_DATE' => $TEXT{'PUBL_START_DATE'},
169
				'TEXT_PUBL_END_DATE' => $TEXT['PUBL_END_DATE'],
170
				'TEXT_ACTIONS' => $TEXT['ACTIONS'],
171
				'ADMIN_URL' => ADMIN_URL,
172
				'WB_URL' => WB_URL,
173
				'WB_PATH' => WB_PATH,
174
				'THEME_URL' => THEME_URL
175
				)
176
			);
177
178
// Insert variables
179
$template->set_var(array(
180
				'VAR_PAGE_ID' => $results_array['page_id'],
181
				'VAR_PAGE_TITLE' => $results_array['page_title'],
182
				'SETTINGS_LINK' => ADMIN_URL.'/pages/settings.php?page_id='.$results_array['page_id'],
183
				'MODIFY_LINK' => ADMIN_URL.'/pages/modify.php?page_id='.$results_array['page_id']
184
				)
185
			);
186
187
$query_sections = $database->query("SELECT section_id,module,position,block,publ_start,publ_end FROM ".TABLE_PREFIX."sections WHERE page_id = '$page_id' ORDER BY position ASC");
188
if($query_sections->numRows() > 0) {
189
	$num_sections = $query_sections->numRows();
190
	while($section = $query_sections->fetchRow()) {
191
		if(!is_numeric(array_search($section['module'], $module_permissions))) {
192
			// Get the modules real name
193
			$module_name=$database->get_one("SELECT name FROM ".TABLE_PREFIX."addons WHERE directory='".$section['module']."'");
194
			$template->set_var(array(
195
			) );
196
			if(SECTION_BLOCKS) {
197
				$edit_page ='<a name="'.$section['section_id'].'" href="'.ADMIN_URL.'/pages/modify.php?page_id='.$page_id.'#'.$section['section_id'].'">'.$module_name.'</a>';
198
				$input_attribute = 'input_normal';
199
				$template->set_var(array(
200
						'STYLE_DISPLAY_SECTION_BLOCK' => ' style="visibility:visible;"',
201
						'NAME_SIZE' => 180,
202
						'INPUT_ATTRIBUTE' => $input_attribute,
203
						'VAR_SECTION_ID' => $section['section_id'],
204
						'VAR_POSITION' => $section['position'],
205
						'LINK_MODIFY_URL_VAR_MODUL_NAME' => $edit_page,
206
						'SELECT' => '',
207
						'SET_NONE_DISPLAY_OPTION' => ''
208
						)
209
					);
210
				// Add block options to the section_list
211
				$template->clear_var('block_list');
212
				foreach($block AS $number => $name) {
213
					$template->set_var('NAME', htmlentities(strip_tags($name)));
214
					$template->set_var('VALUE', $number);
215
					$template->set_var('SIZE', 1);
216
					if($section['block'] == $number) {
217
						$template->set_var('SELECTED', ' selected="selected"');
218
					} else {
219
						$template->set_var('SELECTED', '');
220
					}
221
					$template->parse('block_list', 'block_block', true);
222
				}
223
			} else {
224
				$edit_page ='<a name="'.$section['section_id'].'" href="'.ADMIN_URL.'/pages/modify.php?page_id='.$page_id.'#'.$section['section_id'].'">'.$module_name.'</a>';
225
				$input_attribute = 'input_small';
226
				$template->set_var(array(
227
						'STYLE_DISPLAY_SECTION_BLOCK' => ' style="display:none;"',
228
						'NAME_SIZE' => 270,
229
						'INPUT_ATTRIBUTE' => $input_attribute,
230
						'VAR_SECTION_ID' => $section['section_id'],
231
						'VAR_POSITION' => $section['position'],
232
						'LINK_MODIFY_URL_VAR_MODUL_NAME' => $edit_page,
233
						'NAME' => htmlentities(strip_tags($block[1])),
234
						'VALUE' => 1,
235
						'SET_NONE_DISPLAY_OPTION' => ''
236
						)
237
					);
238
			}
239
			// Insert icon and images
240
			$template->set_var(array(
241
						'CLOCK_16_PNG' => 'clock_16.png',
242
						'CLOCK_DEL_16_PNG' => 'clock_del_16.png',
243
						'DELETE_16_PNG' => 'delete_16.png'
244
						)
245
					);
246
			// set calendar start values
247
			if($section['publ_start']==0) {
248
				$template->set_var('VALUE_PUBL_START', '');
249
			} else {
250
				$template->set_var('VALUE_PUBL_START', date($jscal_format, $section['publ_start']));
251
			}
252
			// set calendar start values
253
			if($section['publ_end']==0) {
254
				$template->set_var('VALUE_PUBL_END', '');
255
			} else {
256
				$template->set_var('VALUE_PUBL_END', date($jscal_format, $section['publ_end']));
257
			}
258
			// Insert icons up and down
259
			if($section['position'] != 1 ) {
260
				$template->set_var(
261
							'VAR_MOVE_UP_URL',
262
							'<a href="'.ADMIN_URL.'/pages/move_up.php?page_id='.$page_id.'&amp;section_id='.$section['section_id'].'">
263
							<img src="'.THEME_URL.'/images/up_16.png" alt="{TEXT_MOVE_UP}" />
264
							</a>' );
265
			} else {
266
				$template->set_var(array(
267
							'VAR_MOVE_UP_URL' => ''
268
							)
269
						);
270
			}
271
			if($section['position'] != $num_sections ) {
272
				$template->set_var(
273
							'VAR_MOVE_DOWN_URL',
274
							'<a href="'.ADMIN_URL.'/pages/move_down.php?page_id='.$page_id.'&amp;section_id='.$section['section_id'].'">
275
							<img src="'.THEME_URL.'/images/down_16.png" alt="{TEXT_MOVE_DOWN}" />
276
							</a>' );
277
			} else {
278
				$template->set_var(array(
279
							'VAR_MOVE_DOWN_URL' => ''
280
							)
281
						);
282
			}
283
		} else continue; // user have not the right to edit this section/modul
284
			$template->set_var(array(
285
							'DISPLAY_DEBUG' => ' style="visibility="visible;"',
286
							'TEXT_SID' => 'SID',
287
							'DEBUG_COLSPAN_SIZE' => 9
288
							)
289
						);
290
		if($debug) {
291
			$template->set_var(array(
292
							'DISPLAY_DEBUG' => ' style="visibility="visible;"',
293
							'TEXT_PID' => 'PID',
294
							'TEXT_SID' => 'SID',
295
							'POSITION' => $section['position']
296
							)
297
						);
298
		} else {
299
			$template->set_var(array(
300
							'DISPLAY_DEBUG' => ' style="display:none;"',
301
							'TEXT_PID' => '',
302
							'POSITION' => ''
303
							)
304
						);
305
		}
306
		$template->parse('section_list', 'section_block', true);
307
	}
308
}
309
310
// now add the calendars -- remember to to set the range to [1970, 2037] if the date is used as timestamp!
311
// the loop is simply a copy from above.
312
$query_sections = $database->query("SELECT section_id,module FROM ".TABLE_PREFIX."sections WHERE page_id = '$page_id' ORDER BY position ASC");
313
if($query_sections->numRows() > 0) {
314
	$num_sections = $query_sections->numRows();
315
	while($section = $query_sections->fetchRow()) {
316
		// Get the modules real name
317
		$module_name=$database->get_one("SELECT name FROM ".TABLE_PREFIX."addons WHERE directory='".$section['module']."'");
318
		if(!is_numeric(array_search($section['module'], $module_permissions))) {
319
			$template->set_var(array(
320
						'jscal_ifformat' => $jscal_ifformat,
321
						'jscal_firstday' => $jscal_firstday,
322
						'jscal_today' => $jscal_today,
323
						'start_date' => 'start_date'.$section['section_id'],
324
						'end_date' => 'end_date'.$section['section_id'],
325
						'trigger_start' => 'trigger_start'.$section['section_id'],
326
						'trigger_end' => 'trigger_stop'.$section['section_id']
327
						)
328
					);
329
			if(isset($jscal_use_time) && $jscal_use_time==TRUE) {
330
				$template->set_var(array(
331
						'showsTime' => "true",
332
						'timeFormat' => "24"
333
						)
334
					);
335
			}  else {
336
				$template->set_var(array(
337
						'showsTime' => "false",
338
						'timeFormat' => "24"
339
						)
340
					);
341
			}
342
		}
343
		$template->parse('calendar_list', 'calendar_block', true);
344
	}
345
}
346
347
// Work-out if we should show the "Add Section" form
348
$query_sections = $database->query("SELECT section_id FROM ".TABLE_PREFIX."sections WHERE page_id = '$page_id' AND module = 'menu_link'");
349
if($query_sections->numRows() == 0) {
350
	// Modules list
351
	$result = $database->query("SELECT * FROM ".TABLE_PREFIX."addons WHERE type = 'module' AND function = 'page' AND directory != 'menu_link' order by name");
352
	if($result->numRows() > 0) {
353
		while ($module = $result->fetchRow()) {
354
			// Check if user is allowed to use this module   echo  $module['directory'],'<br />';
355
			if(!is_numeric(array_search($module['directory'], $module_permissions))) {
356
				$template->set_var('VALUE', $module['directory']);
357
				$template->set_var('NAME', $module['name']);
358
				if($module['directory'] == 'wysiwyg') {
359
					$template->set_var('SELECTED', ' selected="selected"');
360
				} else {
361
					$template->set_var('SELECTED', '');
362
				}
363
				$template->parse('module_list', 'module_block', true);
364
			}
365
		}
366
	}
367
}
368
// Insert language text and messages
369
$template->set_var(array(
370
					'TEXT_MANAGE_SECTIONS' => $HEADING['MANAGE_SECTIONS'],
371
					'TEXT_ARE_YOU_SURE' => $TEXT['ARE_YOU_SURE'],
372
					'TEXT_TYPE' => $TEXT['TYPE'],
373
					'TEXT_ADD' => $TEXT['ADD'],
374
					'TEXT_SAVE' =>  $TEXT['SAVE'],
375
					'TEXTLINK_MODIFY_PAGE' => $HEADING['MODIFY_PAGE'],
376
					'TEXT_CALENDAR' => $TEXT['CALENDAR'],
377
					'TEXT_DELETE_DATE' => $TEXT['DELETE_DATE'],
378
					'TEXT_ADD_SECTION' => $TEXT['ADD_SECTION'],
379
					'TEXT_MOVE_UP' => $TEXT['MOVE_UP'],
380
					'TEXT_MOVE_DOWN' => $TEXT['MOVE_DOWN']
381
					)
382
				);
383
$template->parse('main', 'main_block', false);
384
$template->pparse('output', 'page');
385
386
// Print admin footer
387
$admin->print_footer();
388
389 1009 Ruebenwurz
?>