Revision 1299
Added by Luisehahne over 15 years ago
| sections.php | ||
|---|---|---|
| 20 | 20 |
require('../../config.php');
|
| 21 | 21 |
|
| 22 | 22 |
// Make sure people are allowed to access this page |
| 23 |
if(MANAGE_SECTIONS != 'enabled') {
|
|
| 23 |
if(MANAGE_SECTIONS != 'enabled') |
|
| 24 |
{
|
|
| 24 | 25 |
header('Location: '.ADMIN_URL.'/pages/index.php');
|
| 25 | 26 |
exit(0); |
| 26 | 27 |
} |
| 27 | 28 |
|
| 28 | 29 |
// Get page id |
| 29 |
if(!isset($_GET['page_id']) OR !is_numeric($_GET['page_id'])) {
|
|
| 30 |
if(!isset($_GET['page_id']) OR !is_numeric($_GET['page_id'])) |
|
| 31 |
{
|
|
| 30 | 32 |
header("Location: index.php");
|
| 31 | 33 |
exit(0); |
| 32 | 34 |
} else {
|
| ... | ... | |
| 34 | 36 |
} |
| 35 | 37 |
|
| 36 | 38 |
$debug = false; // to show position and section_id |
| 37 |
|
|
| 39 |
If(!defined('DEBUG')) { define('DEBUG',$debug);}
|
|
| 38 | 40 |
// Create new admin object |
| 39 | 41 |
require_once(WB_PATH.'/framework/class.admin.php'); |
| 40 | 42 |
$admin = new admin('Pages', 'pages_modify');
|
| 41 | 43 |
|
| 42 | 44 |
// Check if we are supposed to add or delete a section |
| 43 |
if(isset($_GET['section_id']) AND is_numeric($_GET['section_id'])) {
|
|
| 45 |
if(isset($_GET['section_id']) AND is_numeric($_GET['section_id'])) |
|
| 46 |
{
|
|
| 44 | 47 |
// Get more information about this section |
| 45 | 48 |
$section_id = $_GET['section_id']; |
| 46 |
$query_section = $database->query("SELECT module FROM ".TABLE_PREFIX."sections WHERE section_id = '$section_id'");
|
|
| 47 |
if($query_section->numRows() == 0) {
|
|
| 49 |
$sql = 'SELECT `module` FROM `'.TABLE_PREFIX.'sections` '; |
|
| 50 |
$sql .= 'WHERE `section_id` ='.$section_id; |
|
| 51 |
$query_section = $database->query($sql); |
|
| 52 |
|
|
| 53 |
if($query_section->numRows() == 0) |
|
| 54 |
{
|
|
| 48 | 55 |
$admin->print_error('Section not found');
|
| 49 | 56 |
} |
| 50 | 57 |
$section = $query_section->fetchRow(); |
| 51 | 58 |
// Include the modules delete file if it exists |
| 52 |
if(file_exists(WB_PATH.'/modules/'.$section['module'].'/delete.php')) {
|
|
| 59 |
if(file_exists(WB_PATH.'/modules/'.$section['module'].'/delete.php')) |
|
| 60 |
{
|
|
| 53 | 61 |
require(WB_PATH.'/modules/'.$section['module'].'/delete.php'); |
| 54 | 62 |
} |
| 55 |
$sql = ''; |
|
| 56 |
$database->query("DELETE FROM ".TABLE_PREFIX."sections WHERE section_id = '$section_id' LIMIT 1");
|
|
| 57 |
if($database->is_error()) {
|
|
| 63 |
$sql = 'DELETE FROM `'.TABLE_PREFIX.'sections` '; |
|
| 64 |
$sql .= 'WHERE `section_id` ='.$section_id.' LIMIT 1'; |
|
| 65 |
$query_section = $database->query($sql); |
|
| 66 |
|
|
| 67 |
if($database->is_error()) |
|
| 68 |
{
|
|
| 58 | 69 |
$admin->print_error($database->get_error()); |
| 59 | 70 |
} else {
|
| 60 | 71 |
require(WB_PATH.'/framework/class.order.php'); |
| ... | ... | |
| 64 | 75 |
$admin->print_footer(); |
| 65 | 76 |
exit(); |
| 66 | 77 |
} |
| 67 |
} elseif(isset($_POST['module']) AND $_POST['module'] != '') {
|
|
| 78 |
} elseif(isset($_POST['module']) AND $_POST['module'] != '') |
|
| 79 |
{
|
|
| 68 | 80 |
// Get section info |
| 69 | 81 |
$module = $admin->add_slashes($_POST['module']); |
| 70 | 82 |
// Include the ordering class |
| ... | ... | |
| 73 | 85 |
$order = new order(TABLE_PREFIX.'sections', 'position', 'section_id', 'page_id'); |
| 74 | 86 |
$position = $order->get_new($page_id); |
| 75 | 87 |
// Insert module into DB |
| 76 |
$database->query("INSERT INTO ".TABLE_PREFIX."sections (page_id,module,position,block) VALUES ('$page_id','$module','$position','1')");
|
|
| 88 |
$sql = 'INSERT INTO `'.TABLE_PREFIX.'sections` SET '; |
|
| 89 |
$sql .= '`page_id` = '.$page_id.', '; |
|
| 90 |
$sql .= '`module` = "'.$module.'", '; |
|
| 91 |
$sql .= '`position` = '.$position.', '; |
|
| 92 |
$sql .= '`block`=1'; |
|
| 93 |
$database->query($sql); |
|
| 77 | 94 |
// Get the section id |
| 78 | 95 |
$section_id = $database->get_one("SELECT LAST_INSERT_ID()");
|
| 79 | 96 |
// Include the selected modules add file if it exists |
| 80 |
if(file_exists(WB_PATH.'/modules/'.$module.'/add.php')) {
|
|
| 97 |
if(file_exists(WB_PATH.'/modules/'.$module.'/add.php')) |
|
| 98 |
{
|
|
| 81 | 99 |
require(WB_PATH.'/modules/'.$module.'/add.php'); |
| 82 | 100 |
} |
| 83 | 101 |
} |
| 84 | 102 |
|
| 85 | 103 |
// Get perms |
| 86 |
$database = new database(); |
|
| 87 |
$results = $database->query("SELECT admin_groups,admin_users FROM ".TABLE_PREFIX."pages WHERE page_id = '$page_id'");
|
|
| 104 |
// $database = new database(); |
|
| 105 |
$sql = 'SELECT `admin_groups`,`admin_users` FROM `'.TABLE_PREFIX.'pages` '; |
|
| 106 |
$sql .= 'WHERE `page_id` = '.$page_id; |
|
| 107 |
$results = $database->query($sql); |
|
| 108 |
|
|
| 88 | 109 |
$results_array = $results->fetchRow(); |
| 89 | 110 |
$old_admin_groups = explode(',', $results_array['admin_groups']);
|
| 90 | 111 |
$old_admin_users = explode(',', $results_array['admin_users']);
|
| 91 | 112 |
$in_old_group = FALSE; |
| 92 |
foreach($admin->get_groups_id() as $cur_gid){
|
|
| 93 |
if (in_array($cur_gid, $old_admin_groups)) {
|
|
| 113 |
foreach($admin->get_groups_id() as $cur_gid) |
|
| 114 |
{
|
|
| 115 |
if (in_array($cur_gid, $old_admin_groups)) |
|
| 116 |
{
|
|
| 94 | 117 |
$in_old_group = TRUE; |
| 95 | 118 |
} |
| 96 | 119 |
} |
| 97 |
if((!$in_old_group) AND !is_numeric(array_search($admin->get_user_id(), $old_admin_users))) {
|
|
| 120 |
if((!$in_old_group) AND !is_numeric(array_search($admin->get_user_id(), $old_admin_users))) |
|
| 121 |
{
|
|
| 98 | 122 |
$admin->print_error($MESSAGE['PAGES']['INSUFFICIENT_PERMISSIONS']); |
| 99 | 123 |
} |
| 100 | 124 |
|
| 101 | 125 |
// Get page details |
| 102 |
$database = new database(); |
|
| 103 |
$query = "SELECT * FROM ".TABLE_PREFIX."pages WHERE page_id = '$page_id'"; |
|
| 104 |
$results = $database->query($query); |
|
| 105 |
if($database->is_error()) {
|
|
| 126 |
// $database = new database(); |
|
| 127 |
$sql = 'SELECT * FROM `'.TABLE_PREFIX.'pages` '; |
|
| 128 |
$sql .= 'WHERE `page_id` = '.$page_id; |
|
| 129 |
$results = $database->query($sql); |
|
| 130 |
|
|
| 131 |
if($database->is_error()) |
|
| 132 |
{
|
|
| 106 | 133 |
$admin->print_header(); |
| 107 | 134 |
$admin->print_error($database->get_error()); |
| 108 | 135 |
} |
| 109 |
if($results->numRows() == 0) {
|
|
| 136 |
if($results->numRows() == 0) |
|
| 137 |
{
|
|
| 110 | 138 |
$admin->print_header(); |
| 111 | 139 |
$admin->print_error($MESSAGE['PAGES']['NOT_FOUND']); |
| 112 | 140 |
} |
| ... | ... | |
| 118 | 146 |
// Unset block var |
| 119 | 147 |
unset($block); |
| 120 | 148 |
// Include template info file (if it exists) |
| 121 |
if($results_array['template'] != '') {
|
|
| 149 |
if($results_array['template'] != '') |
|
| 150 |
{
|
|
| 122 | 151 |
$template_location = WB_PATH.'/templates/'.$results_array['template'].'/info.php'; |
| 123 | 152 |
} else {
|
| 124 | 153 |
$template_location = WB_PATH.'/templates/'.DEFAULT_TEMPLATE.'/info.php'; |
| 125 | 154 |
} |
| 126 |
if(file_exists($template_location)) {
|
|
| 155 |
if(file_exists($template_location)) |
|
| 156 |
{
|
|
| 127 | 157 |
require($template_location); |
| 128 | 158 |
} |
| 129 | 159 |
// Check if $menu is set |
| 130 |
if(!isset($block[1]) OR $block[1] == '') {
|
|
| 160 |
if(!isset($block[1]) OR $block[1] == '') |
|
| 161 |
{
|
|
| 131 | 162 |
// Make our own menu list |
| 132 | 163 |
$block[1] = $TEXT['MAIN']; |
| 133 | 164 |
} |
| ... | ... | |
| 178 | 209 |
) |
| 179 | 210 |
); |
| 180 | 211 |
|
| 181 |
$query_sections = $database->query("SELECT section_id,module,position,block,publ_start,publ_end FROM ".TABLE_PREFIX."sections WHERE page_id = '$page_id' ORDER BY position ASC");
|
|
| 182 |
if($query_sections->numRows() > 0) {
|
|
| 212 |
$sql = 'SELECT `section_id`,`module`,`position`,`block`,`publ_start`,`publ_end` '; |
|
| 213 |
$sql .= 'FROM `'.TABLE_PREFIX.'sections` '; |
|
| 214 |
$sql .= 'WHERE `page_id` = '.$page_id.' '; |
|
| 215 |
$sql .= 'ORDER BY `position` ASC'; |
|
| 216 |
$query_sections = $database->query($sql); |
|
| 217 |
|
|
| 218 |
if($query_sections->numRows() > 0) |
|
| 219 |
{
|
|
| 183 | 220 |
$num_sections = $query_sections->numRows(); |
| 184 |
while($section = $query_sections->fetchRow()) {
|
|
| 185 |
if(!is_numeric(array_search($section['module'], $module_permissions))) {
|
|
| 221 |
while($section = $query_sections->fetchRow()) |
|
| 222 |
{
|
|
| 223 |
if(!is_numeric(array_search($section['module'], $module_permissions))) |
|
| 224 |
{
|
|
| 186 | 225 |
// Get the modules real name |
| 187 |
$module_name=$database->get_one("SELECT name FROM ".TABLE_PREFIX."addons WHERE directory='".$section['module']."'");
|
|
| 226 |
$sql = 'SELECT `name` FROM `'.TABLE_PREFIX.'addons` '; |
|
| 227 |
$sql .= 'WHERE `directory` = "'.$section['module'].'"'; |
|
| 228 |
$module_name = $database->get_one($sql); |
|
| 229 |
// if(DEBUG && $database->is_error()) { $admin->print_error($database->get_error()); }
|
|
| 230 |
|
|
| 188 | 231 |
$template->set_var(array( |
| 189 | 232 |
) ); |
| 190 |
if(SECTION_BLOCKS) {
|
|
| 233 |
|
|
| 234 |
if(SECTION_BLOCKS) |
|
| 235 |
{
|
|
| 191 | 236 |
if(defined('EDIT_ONE_SECTION') and EDIT_ONE_SECTION)
|
| 192 | 237 |
{
|
| 193 | 238 |
$edit_page ='<a name="'.$section['section_id'].'" href="'.ADMIN_URL.'/pages/modify.php?page_id='.$page_id.'&wysiwyg='.$section['section_id'] .'">'.$module_name.'</a>'; |
| 194 |
} |
|
| 195 |
else |
|
| 196 |
{
|
|
| 239 |
} else {
|
|
| 197 | 240 |
$edit_page ='<a name="'.$section['section_id'].'" href="'.ADMIN_URL.'/pages/modify.php?page_id='.$page_id.'#wb'.$section['section_id'].'">'.$module_name.'</a>'; |
| 198 | 241 |
} |
| 199 | 242 |
|
| ... | ... | |
| 211 | 254 |
); |
| 212 | 255 |
// Add block options to the section_list |
| 213 | 256 |
$template->clear_var('block_list');
|
| 214 |
foreach($block AS $number => $name) {
|
|
| 257 |
foreach($block AS $number => $name) |
|
| 258 |
{
|
|
| 215 | 259 |
$template->set_var('NAME', htmlentities(strip_tags($name)));
|
| 216 | 260 |
$template->set_var('VALUE', $number);
|
| 217 | 261 |
$template->set_var('SIZE', 1);
|
| 218 |
if($section['block'] == $number) {
|
|
| 262 |
if($section['block'] == $number) |
|
| 263 |
{
|
|
| 219 | 264 |
$template->set_var('SELECTED', ' selected="selected"');
|
| 220 | 265 |
} else {
|
| 221 | 266 |
$template->set_var('SELECTED', '');
|
| ... | ... | |
| 246 | 291 |
) |
| 247 | 292 |
); |
| 248 | 293 |
// set calendar start values |
| 249 |
if($section['publ_start']==0) {
|
|
| 294 |
if($section['publ_start']==0) |
|
| 295 |
{
|
|
| 250 | 296 |
$template->set_var('VALUE_PUBL_START', '');
|
| 251 | 297 |
} else {
|
| 252 | 298 |
$template->set_var('VALUE_PUBL_START', date($jscal_format, $section['publ_start']));
|
| 253 | 299 |
} |
| 254 | 300 |
// set calendar start values |
| 255 |
if($section['publ_end']==0) {
|
|
| 301 |
if($section['publ_end']==0) |
|
| 302 |
{
|
|
| 256 | 303 |
$template->set_var('VALUE_PUBL_END', '');
|
| 257 | 304 |
} else {
|
| 258 | 305 |
$template->set_var('VALUE_PUBL_END', date($jscal_format, $section['publ_end']));
|
| 259 | 306 |
} |
| 260 | 307 |
// Insert icons up and down |
| 261 |
if($section['position'] != 1 ) {
|
|
| 308 |
if($section['position'] != 1 ) |
|
| 309 |
{
|
|
| 262 | 310 |
$template->set_var( |
| 263 | 311 |
'VAR_MOVE_UP_URL', |
| 264 | 312 |
'<a href="'.ADMIN_URL.'/pages/move_up.php?page_id='.$page_id.'&section_id='.$section['section_id'].'"> |
| ... | ... | |
| 282 | 330 |
) |
| 283 | 331 |
); |
| 284 | 332 |
} |
| 333 |
} else {
|
|
| 334 |
continue; |
|
| 285 | 335 |
} |
| 336 |
|
|
| 286 | 337 |
$template->set_var(array( |
| 287 | 338 |
'DISPLAY_DEBUG' => ' style="visibility="visible;"', |
| 288 | 339 |
'TEXT_SID' => 'SID', |
| 289 | 340 |
'DEBUG_COLSPAN_SIZE' => 9 |
| 290 | 341 |
) |
| 291 | 342 |
); |
| 292 |
if($debug) {
|
|
| 343 |
if($debug) |
|
| 344 |
{
|
|
| 293 | 345 |
$template->set_var(array( |
| 294 | 346 |
'DISPLAY_DEBUG' => ' style="visibility="visible;"', |
| 295 | 347 |
'TEXT_PID' => 'PID', |
| ... | ... | |
| 311 | 363 |
|
| 312 | 364 |
// now add the calendars -- remember to to set the range to [1970, 2037] if the date is used as timestamp! |
| 313 | 365 |
// the loop is simply a copy from above. |
| 314 |
$query_sections = $database->query("SELECT section_id,module FROM ".TABLE_PREFIX."sections WHERE page_id = '$page_id' ORDER BY position ASC");
|
|
| 315 |
if($query_sections->numRows() > 0) {
|
|
| 366 |
$sql = 'SELECT `section_id`,`module` FROM `'.TABLE_PREFIX.'sections` '; |
|
| 367 |
$sql .= 'WHERE page_id = '.$page_id.' '; |
|
| 368 |
$sql .= 'ORDER BY `position` ASC'; |
|
| 369 |
$query_sections = $database->query($sql); |
|
| 370 |
|
|
| 371 |
if($query_sections->numRows() > 0) |
|
| 372 |
{
|
|
| 316 | 373 |
$num_sections = $query_sections->numRows(); |
| 317 |
while($section = $query_sections->fetchRow()) {
|
|
| 374 |
while($section = $query_sections->fetchRow()) |
|
| 375 |
{
|
|
| 318 | 376 |
// Get the modules real name |
| 319 |
$module_name=$database->get_one("SELECT name FROM ".TABLE_PREFIX."addons WHERE directory='".$section['module']."'");
|
|
| 320 |
if(!is_numeric(array_search($section['module'], $module_permissions))) {
|
|
| 377 |
$sql = 'SELECT `name` FROM `'.TABLE_PREFIX.'addons` '; |
|
| 378 |
$sql .= 'WHERE `directory` = "'.$section['module'].'"'; |
|
| 379 |
$module_name = $database->get_one($sql); |
|
| 380 |
|
|
| 381 |
if(!is_numeric(array_search($section['module'], $module_permissions))) |
|
| 382 |
{
|
|
| 321 | 383 |
$template->set_var(array( |
| 322 | 384 |
'jscal_ifformat' => $jscal_ifformat, |
| 323 | 385 |
'jscal_firstday' => $jscal_firstday, |
| ... | ... | |
| 347 | 409 |
} |
| 348 | 410 |
|
| 349 | 411 |
// Work-out if we should show the "Add Section" form |
| 350 |
$query_sections = $database->query("SELECT section_id FROM ".TABLE_PREFIX."sections WHERE page_id = '$page_id' AND module = 'menu_link'");
|
|
| 351 |
if($query_sections->numRows() == 0) {
|
|
| 412 |
$sql = 'SELECT `section_id` FROM `'.TABLE_PREFIX.'sections` '; |
|
| 413 |
$sql .= 'WHERE `page_id` = '.$page_id.' AND `module` = "menu_link"'; |
|
| 414 |
$query_sections = $database->query($sql); |
|
| 415 |
if($query_sections->numRows() == 0) |
|
| 416 |
{
|
|
| 352 | 417 |
// Modules list |
| 353 |
$result = $database->query("SELECT * FROM ".TABLE_PREFIX."addons WHERE type = 'module' AND function = 'page' AND directory != 'menu_link' order by name");
|
|
| 354 |
if($result->numRows() > 0) {
|
|
| 355 |
while ($module = $result->fetchRow()) {
|
|
| 418 |
$sql = 'SELECT `name`,`directory`,`type` FROM `'.TABLE_PREFIX.'addons` '; |
|
| 419 |
$sql .= 'WHERE `type` = "module" AND `function` = "page" AND `directory` != "menu_link" '; |
|
| 420 |
$sql .= 'ORDER BY `name`'; |
|
| 421 |
$result = $database->query($sql); |
|
| 422 |
// if(DEBUG && $database->is_error()) { $admin->print_error($database->get_error()); }
|
|
| 423 |
|
|
| 424 |
if($result->numRows() > 0) |
|
| 425 |
{
|
|
| 426 |
while ($module = $result->fetchRow()) |
|
| 427 |
{
|
|
| 356 | 428 |
// Check if user is allowed to use this module echo $module['directory'],'<br />'; |
| 357 |
if(!is_numeric(array_search($module['directory'], $module_permissions))) {
|
|
| 429 |
if(!is_numeric(array_search($module['directory'], $module_permissions))) |
|
| 430 |
{
|
|
| 358 | 431 |
$template->set_var('VALUE', $module['directory']);
|
| 359 | 432 |
$template->set_var('NAME', $module['name']);
|
| 360 |
if($module['directory'] == 'wysiwyg') {
|
|
| 433 |
if($module['directory'] == 'wysiwyg') |
|
| 434 |
{
|
|
| 361 | 435 |
$template->set_var('SELECTED', ' selected="selected"');
|
| 362 | 436 |
} else {
|
| 363 | 437 |
$template->set_var('SELECTED', '');
|
| 364 | 438 |
} |
| 365 | 439 |
$template->parse('module_list', 'module_block', true);
|
| 440 |
} else {
|
|
| 441 |
continue; |
|
| 366 | 442 |
} |
| 367 | 443 |
} |
| 368 | 444 |
} |
| ... | ... | |
| 380 | 456 |
'TEXT_ADD_SECTION' => $TEXT['ADD_SECTION'], |
| 381 | 457 |
'TEXT_MOVE_UP' => $TEXT['MOVE_UP'], |
| 382 | 458 |
'TEXT_MOVE_DOWN' => $TEXT['MOVE_DOWN'] |
| 383 |
)
|
|
| 459 |
) |
|
| 384 | 460 |
); |
| 385 | 461 |
$template->parse('main', 'main_block', false);
|
| 386 | 462 |
$template->pparse('output', 'page');
|
Also available in: Unified diff
Ticket #944 fixed double sections, with registered User