1
|
<?php
|
2
|
/**
|
3
|
*
|
4
|
* @category admin
|
5
|
* @package pages
|
6
|
* @author WebsiteBaker Project
|
7
|
* @copyright 2004-2009, Ryan Djurovich
|
8
|
* @copyright 2009-2011, Website Baker Org. e.V.
|
9
|
* @link http://www.websitebaker2.org/
|
10
|
* @license http://www.gnu.org/licenses/gpl.html
|
11
|
* @platform WebsiteBaker 2.8.x
|
12
|
* @requirements PHP 5.2.2 and higher
|
13
|
* @version $Id: sections.php 1388 2011-01-16 12:18:02Z Luisehahne $
|
14
|
* @filesource $HeadURL: svn://isteam.dynxs.de/wb-archiv/branches/2.8.x/wb/admin/pages/sections.php $
|
15
|
* @lastmodified $Date: 2011-01-16 13:18:02 +0100 (Sun, 16 Jan 2011) $
|
16
|
*
|
17
|
*/
|
18
|
|
19
|
// Include config file
|
20
|
require('../../config.php');
|
21
|
|
22
|
// Make sure people are allowed to access this page
|
23
|
if(MANAGE_SECTIONS != 'enabled')
|
24
|
{
|
25
|
header('Location: '.ADMIN_URL.'/pages/index.php');
|
26
|
exit(0);
|
27
|
}
|
28
|
|
29
|
// Get page id
|
30
|
if(!isset($_GET['page_id']) || !is_numeric($_GET['page_id']))
|
31
|
{
|
32
|
header("Location: index.php");
|
33
|
exit(0);
|
34
|
} else {
|
35
|
$page_id = $_GET['page_id'];
|
36
|
}
|
37
|
|
38
|
$debug = false; // to show position and section_id
|
39
|
If(!defined('DEBUG')) { define('DEBUG',$debug);}
|
40
|
// Create new admin object
|
41
|
require_once(WB_PATH.'/framework/class.admin.php');
|
42
|
$admin = new admin('Pages', 'pages_modify');
|
43
|
|
44
|
// Check if we are supposed to add or delete a section
|
45
|
if(isset($_GET['section_id']) && is_numeric($_GET['section_id']))
|
46
|
{
|
47
|
// Get more information about this section
|
48
|
$section_id = $_GET['section_id'];
|
49
|
$sql = 'SELECT `module` FROM `'.TABLE_PREFIX.'sections` ';
|
50
|
$sql .= 'WHERE `section_id` ='.$section_id;
|
51
|
$query_section = $database->query($sql);
|
52
|
|
53
|
if($query_section->numRows() == 0)
|
54
|
{
|
55
|
$admin->print_error('Section not found');
|
56
|
}
|
57
|
$section = $query_section->fetchRow();
|
58
|
// Include the modules delete file if it exists
|
59
|
if(file_exists(WB_PATH.'/modules/'.$section['module'].'/delete.php'))
|
60
|
{
|
61
|
require(WB_PATH.'/modules/'.$section['module'].'/delete.php');
|
62
|
}
|
63
|
$sql = 'DELETE FROM `'.TABLE_PREFIX.'sections` ';
|
64
|
$sql .= 'WHERE `section_id` ='.$section_id.' LIMIT 1';
|
65
|
$query_section = $database->query($sql);
|
66
|
|
67
|
if($database->is_error())
|
68
|
{
|
69
|
$admin->print_error($database->get_error());
|
70
|
} else {
|
71
|
require(WB_PATH.'/framework/class.order.php');
|
72
|
$order = new order(TABLE_PREFIX.'sections', 'position', 'section_id', 'page_id');
|
73
|
$order->clean($page_id);
|
74
|
$admin->print_success($TEXT['SUCCESS'], ADMIN_URL.'/pages/sections.php?page_id='.$page_id);
|
75
|
$admin->print_footer();
|
76
|
exit();
|
77
|
}
|
78
|
} elseif(isset($_POST['module']) && $_POST['module'] != '')
|
79
|
{
|
80
|
// Get section info
|
81
|
$module = preg_replace("/\W/", "", $admin->add_slashes($_POST['module'])); // fix secunia 2010-91-4
|
82
|
// Include the ordering class
|
83
|
require(WB_PATH.'/framework/class.order.php');
|
84
|
// Get new order
|
85
|
$order = new order(TABLE_PREFIX.'sections', 'position', 'section_id', 'page_id');
|
86
|
$position = $order->get_new($page_id);
|
87
|
// Insert module into DB
|
88
|
$sql = 'INSERT INTO `'.TABLE_PREFIX.'sections` SET ';
|
89
|
$sql .= '`page_id` = '.$page_id.', ';
|
90
|
$sql .= '`module` = "'.$module.'", ';
|
91
|
$sql .= '`position` = '.$position.', ';
|
92
|
$sql .= '`block`=1';
|
93
|
$database->query($sql);
|
94
|
// Get the section id
|
95
|
$section_id = $database->get_one("SELECT LAST_INSERT_ID()");
|
96
|
// Include the selected modules add file if it exists
|
97
|
if(file_exists(WB_PATH.'/modules/'.$module.'/add.php'))
|
98
|
{
|
99
|
require(WB_PATH.'/modules/'.$module.'/add.php');
|
100
|
}
|
101
|
}
|
102
|
|
103
|
// Get perms
|
104
|
// $database = new database();
|
105
|
$sql = 'SELECT `admin_groups`,`admin_users` FROM `'.TABLE_PREFIX.'pages` ';
|
106
|
$sql .= 'WHERE `page_id` = '.$page_id;
|
107
|
$results = $database->query($sql);
|
108
|
|
109
|
$results_array = $results->fetchRow();
|
110
|
$old_admin_groups = explode(',', $results_array['admin_groups']);
|
111
|
$old_admin_users = explode(',', $results_array['admin_users']);
|
112
|
$in_old_group = FALSE;
|
113
|
foreach($admin->get_groups_id() as $cur_gid)
|
114
|
{
|
115
|
if (in_array($cur_gid, $old_admin_groups))
|
116
|
{
|
117
|
$in_old_group = TRUE;
|
118
|
}
|
119
|
}
|
120
|
if((!$in_old_group) && !is_numeric(array_search($admin->get_user_id(), $old_admin_users)))
|
121
|
{
|
122
|
$admin->print_error($MESSAGE['PAGES']['INSUFFICIENT_PERMISSIONS']);
|
123
|
}
|
124
|
|
125
|
// Get page details
|
126
|
// $database = new database();
|
127
|
$sql = 'SELECT * FROM `'.TABLE_PREFIX.'pages` ';
|
128
|
$sql .= 'WHERE `page_id` = '.$page_id;
|
129
|
$results = $database->query($sql);
|
130
|
|
131
|
if($database->is_error())
|
132
|
{
|
133
|
// $admin->print_header();
|
134
|
$admin->print_error($database->get_error());
|
135
|
}
|
136
|
if($results->numRows() == 0)
|
137
|
{
|
138
|
// $admin->print_header();
|
139
|
$admin->print_error($MESSAGE['PAGES']['NOT_FOUND']);
|
140
|
}
|
141
|
$results_array = $results->fetchRow();
|
142
|
|
143
|
// Set module permissions
|
144
|
$module_permissions = $_SESSION['MODULE_PERMISSIONS'];
|
145
|
|
146
|
// Unset block var
|
147
|
unset($block);
|
148
|
// Include template info file (if it exists)
|
149
|
if($results_array['template'] != '')
|
150
|
{
|
151
|
$template_location = WB_PATH.'/templates/'.$results_array['template'].'/info.php';
|
152
|
} else {
|
153
|
$template_location = WB_PATH.'/templates/'.DEFAULT_TEMPLATE.'/info.php';
|
154
|
}
|
155
|
if(file_exists($template_location))
|
156
|
{
|
157
|
require($template_location);
|
158
|
}
|
159
|
// Check if $menu is set
|
160
|
if(!isset($block[1]) || $block[1] == '')
|
161
|
{
|
162
|
// Make our own menu list
|
163
|
$block[1] = $TEXT['MAIN'];
|
164
|
}
|
165
|
|
166
|
/*-- load css files with jquery --*/
|
167
|
// include jscalendar-setup
|
168
|
$jscal_use_time = true; // whether to use a clock, too
|
169
|
require_once(WB_PATH."/include/jscalendar/wb-setup.php");
|
170
|
|
171
|
// Setup template object
|
172
|
$template = new Template(THEME_PATH.'/templates');
|
173
|
$template->set_file('page', 'pages_sections.htt');
|
174
|
$template->set_block('page', 'main_block', 'main');
|
175
|
$template->set_block('main_block', 'module_block', 'module_list');
|
176
|
$template->set_block('main_block', 'section_block', 'section_list');
|
177
|
$template->set_block('section_block', 'block_block', 'block_list');
|
178
|
$template->set_block('main_block', 'calendar_block', 'calendar_list');
|
179
|
$template->set_var('FTAN', $admin->getFTAN());
|
180
|
|
181
|
// set first defaults and messages
|
182
|
$template->set_var(array(
|
183
|
'PAGE_ID' => $results_array['page_id'],
|
184
|
'TEXT_PAGE' => $TEXT['PAGE'],
|
185
|
'PAGE_TITLE' => ($results_array['page_title']),
|
186
|
'MENU_TITLE' => ($results_array['menu_title']),
|
187
|
'TEXT_CURRENT_PAGE' => $TEXT['CURRENT_PAGE'],
|
188
|
'HEADING_MANAGE_SECTIONS' => $HEADING['MANAGE_SECTIONS'],
|
189
|
'HEADING_MODIFY_PAGE' => $HEADING['MODIFY_PAGE'],
|
190
|
'TEXT_CHANGE_SETTINGS' => $TEXT['CHANGE_SETTINGS'],
|
191
|
'TEXT_ADD_SECTION' => $TEXT['ADD_SECTION'],
|
192
|
'TEXT_ID' => 'ID',
|
193
|
'TEXT_TYPE' => $TEXT['TYPE'],
|
194
|
'TEXT_BLOCK' => $TEXT['BLOCK'],
|
195
|
'TEXT_PUBL_START_DATE' => $TEXT{'PUBL_START_DATE'},
|
196
|
'TEXT_PUBL_END_DATE' => $TEXT['PUBL_END_DATE'],
|
197
|
'TEXT_ACTIONS' => $TEXT['ACTIONS'],
|
198
|
'ADMIN_URL' => ADMIN_URL,
|
199
|
'WB_URL' => WB_URL,
|
200
|
'THEME_URL' => THEME_URL
|
201
|
)
|
202
|
);
|
203
|
|
204
|
// Insert variables
|
205
|
$template->set_var(array(
|
206
|
'VAR_PAGE_ID' => $results_array['page_id'],
|
207
|
'VAR_PAGE_TITLE' => $results_array['page_title'],
|
208
|
'SETTINGS_LINK' => ADMIN_URL.'/pages/settings.php?page_id='.$results_array['page_id'],
|
209
|
'MODIFY_LINK' => ADMIN_URL.'/pages/modify.php?page_id='.$results_array['page_id']
|
210
|
)
|
211
|
);
|
212
|
|
213
|
$sql = 'SELECT `section_id`,`module`,`position`,`block`,`publ_start`,`publ_end` ';
|
214
|
$sql .= 'FROM `'.TABLE_PREFIX.'sections` ';
|
215
|
$sql .= 'WHERE `page_id` = '.$page_id.' ';
|
216
|
$sql .= 'ORDER BY `position` ASC';
|
217
|
$query_sections = $database->query($sql);
|
218
|
|
219
|
if($query_sections->numRows() > 0)
|
220
|
{
|
221
|
$num_sections = $query_sections->numRows();
|
222
|
while($section = $query_sections->fetchRow())
|
223
|
{
|
224
|
if(!is_numeric(array_search($section['module'], $module_permissions)))
|
225
|
{
|
226
|
// Get the modules real name
|
227
|
$sql = 'SELECT `name` FROM `'.TABLE_PREFIX.'addons` ';
|
228
|
$sql .= 'WHERE `directory` = "'.$section['module'].'"';
|
229
|
if(!$database->get_one($sql) || !file_exists(WB_PATH.'/modules/'.$section['module']))
|
230
|
{
|
231
|
$edit_page = '<span class="module_disabled">'.$section['module'].'</span>';
|
232
|
}else
|
233
|
{
|
234
|
$edit_page = '';
|
235
|
}
|
236
|
$edit_page_0 = '<a id="sid'.$section['section_id'].'" href="'.ADMIN_URL.'/pages/modify.php?page_id='.$page_id;
|
237
|
$edit_page_1 = $section['section_id'].'">'.$section['module'].'</a>';
|
238
|
if(SECTION_BLOCKS)
|
239
|
{
|
240
|
if($edit_page == '')
|
241
|
{
|
242
|
if(defined('EDIT_ONE_SECTION') && EDIT_ONE_SECTION)
|
243
|
{
|
244
|
$edit_page = $edit_page_0.'&wysiwyg='.$edit_page_1;
|
245
|
} else {
|
246
|
$edit_page = $edit_page_0.'#wb_'.$edit_page_1;
|
247
|
}
|
248
|
}
|
249
|
$input_attribute = 'input_normal';
|
250
|
$template->set_var(array(
|
251
|
'STYLE_DISPLAY_SECTION_BLOCK' => ' style="visibility:visible;"',
|
252
|
'NAME_SIZE' => 300,
|
253
|
'INPUT_ATTRIBUTE' => $input_attribute,
|
254
|
'VAR_SECTION_ID' => $section['section_id'],
|
255
|
'VAR_POSITION' => $section['position'],
|
256
|
'LINK_MODIFY_URL_VAR_MODUL_NAME' => $edit_page,
|
257
|
'SELECT' => '',
|
258
|
'SET_NONE_DISPLAY_OPTION' => ''
|
259
|
)
|
260
|
);
|
261
|
// Add block options to the section_list
|
262
|
$template->clear_var('block_list');
|
263
|
foreach($block AS $number => $name)
|
264
|
{
|
265
|
$template->set_var('NAME', htmlentities(strip_tags($name)));
|
266
|
$template->set_var('VALUE', $number);
|
267
|
$template->set_var('SIZE', 1);
|
268
|
if($section['block'] == $number)
|
269
|
{
|
270
|
$template->set_var('SELECTED', ' selected="selected"');
|
271
|
} else {
|
272
|
$template->set_var('SELECTED', '');
|
273
|
}
|
274
|
$template->parse('block_list', 'block_block', true);
|
275
|
}
|
276
|
} else {
|
277
|
if($edit_page == '')
|
278
|
{
|
279
|
$edit_page = $edit_page_0.'#wb_'.$edit_page_1;
|
280
|
}
|
281
|
$input_attribute = 'input_normal';
|
282
|
$template->set_var(array(
|
283
|
'STYLE_DISPLAY_SECTION_BLOCK' => ' style="visibility:hidden;"',
|
284
|
'NAME_SIZE' => 300,
|
285
|
'INPUT_ATTRIBUTE' => $input_attribute,
|
286
|
'VAR_SECTION_ID' => $section['section_id'],
|
287
|
'VAR_POSITION' => $section['position'],
|
288
|
'LINK_MODIFY_URL_VAR_MODUL_NAME' => $edit_page,
|
289
|
'NAME' => htmlentities(strip_tags($block[1])),
|
290
|
'VALUE' => 1,
|
291
|
'SET_NONE_DISPLAY_OPTION' => ''
|
292
|
)
|
293
|
);
|
294
|
}
|
295
|
// Insert icon and images
|
296
|
$template->set_var(array(
|
297
|
'CLOCK_16_PNG' => 'clock_16.png',
|
298
|
'CLOCK_DEL_16_PNG' => 'clock_del_16.png',
|
299
|
'DELETE_16_PNG' => 'delete_16.png'
|
300
|
)
|
301
|
);
|
302
|
// set calendar start values
|
303
|
if($section['publ_start']==0)
|
304
|
{
|
305
|
$template->set_var('VALUE_PUBL_START', '');
|
306
|
} else {
|
307
|
$template->set_var('VALUE_PUBL_START', date($jscal_format, $section['publ_start']));
|
308
|
}
|
309
|
// set calendar start values
|
310
|
if($section['publ_end']==0)
|
311
|
{
|
312
|
$template->set_var('VALUE_PUBL_END', '');
|
313
|
} else {
|
314
|
$template->set_var('VALUE_PUBL_END', date($jscal_format, $section['publ_end']));
|
315
|
}
|
316
|
// Insert icons up and down
|
317
|
if($section['position'] != 1 )
|
318
|
{
|
319
|
$template->set_var(
|
320
|
'VAR_MOVE_UP_URL',
|
321
|
'<a href="'.ADMIN_URL.'/pages/move_up.php?page_id='.$page_id.'&section_id='.$section['section_id'].'">
|
322
|
<img src="'.THEME_URL.'/images/up_16.png" alt="{TEXT_MOVE_UP}" />
|
323
|
</a>' );
|
324
|
} else {
|
325
|
$template->set_var(array(
|
326
|
'VAR_MOVE_UP_URL' => ''
|
327
|
)
|
328
|
);
|
329
|
}
|
330
|
if($section['position'] != $num_sections ) {
|
331
|
$template->set_var(
|
332
|
'VAR_MOVE_DOWN_URL',
|
333
|
'<a href="'.ADMIN_URL.'/pages/move_down.php?page_id='.$page_id.'&section_id='.$section['section_id'].'">
|
334
|
<img src="'.THEME_URL.'/images/down_16.png" alt="{TEXT_MOVE_DOWN}" />
|
335
|
</a>' );
|
336
|
} else {
|
337
|
$template->set_var(array(
|
338
|
'VAR_MOVE_DOWN_URL' => ''
|
339
|
)
|
340
|
);
|
341
|
}
|
342
|
} else {
|
343
|
continue;
|
344
|
}
|
345
|
|
346
|
$template->set_var(array(
|
347
|
'DISPLAY_DEBUG' => ' style="visibility="visible;"',
|
348
|
'TEXT_SID' => 'SID',
|
349
|
'DEBUG_COLSPAN_SIZE' => 9
|
350
|
)
|
351
|
);
|
352
|
if($debug)
|
353
|
{
|
354
|
$template->set_var(array(
|
355
|
'DISPLAY_DEBUG' => ' style="visibility="visible;"',
|
356
|
'TEXT_PID' => 'PID',
|
357
|
'TEXT_SID' => 'SID',
|
358
|
'POSITION' => $section['position']
|
359
|
)
|
360
|
);
|
361
|
} else {
|
362
|
$template->set_var(array(
|
363
|
'DISPLAY_DEBUG' => ' style="display:none;"',
|
364
|
'TEXT_PID' => '',
|
365
|
'POSITION' => ''
|
366
|
)
|
367
|
);
|
368
|
}
|
369
|
$template->parse('section_list', 'section_block', true);
|
370
|
}
|
371
|
}
|
372
|
|
373
|
// now add the calendars -- remember to to set the range to [1970, 2037] if the date is used as timestamp!
|
374
|
// the loop is simply a copy from above.
|
375
|
$sql = 'SELECT `section_id`,`module` FROM `'.TABLE_PREFIX.'sections` ';
|
376
|
$sql .= 'WHERE page_id = '.$page_id.' ';
|
377
|
$sql .= 'ORDER BY `position` ASC';
|
378
|
$query_sections = $database->query($sql);
|
379
|
|
380
|
if($query_sections->numRows() > 0)
|
381
|
{
|
382
|
$num_sections = $query_sections->numRows();
|
383
|
while($section = $query_sections->fetchRow())
|
384
|
{
|
385
|
// Get the modules real name
|
386
|
$sql = 'SELECT `name` FROM `'.TABLE_PREFIX.'addons` ';
|
387
|
$sql .= 'WHERE `directory` = "'.$section['module'].'"';
|
388
|
$module_name = $database->get_one($sql);
|
389
|
|
390
|
if(!is_numeric(array_search($section['module'], $module_permissions)))
|
391
|
{
|
392
|
$template->set_var(array(
|
393
|
'jscal_ifformat' => $jscal_ifformat,
|
394
|
'jscal_firstday' => $jscal_firstday,
|
395
|
'jscal_today' => $jscal_today,
|
396
|
'start_date' => 'start_date'.$section['section_id'],
|
397
|
'end_date' => 'end_date'.$section['section_id'],
|
398
|
'trigger_start' => 'trigger_start'.$section['section_id'],
|
399
|
'trigger_end' => 'trigger_stop'.$section['section_id']
|
400
|
)
|
401
|
);
|
402
|
if(isset($jscal_use_time) && $jscal_use_time==TRUE) {
|
403
|
$template->set_var(array(
|
404
|
'showsTime' => "true",
|
405
|
'timeFormat' => "24"
|
406
|
)
|
407
|
);
|
408
|
} else {
|
409
|
$template->set_var(array(
|
410
|
'showsTime' => "false",
|
411
|
'timeFormat' => "24"
|
412
|
)
|
413
|
);
|
414
|
}
|
415
|
}
|
416
|
$template->parse('calendar_list', 'calendar_block', true);
|
417
|
}
|
418
|
}
|
419
|
|
420
|
// Work-out if we should show the "Add Section" form
|
421
|
$sql = 'SELECT `section_id` FROM `'.TABLE_PREFIX.'sections` ';
|
422
|
$sql .= 'WHERE `page_id` = '.$page_id.' AND `module` = "menu_link"';
|
423
|
$query_sections = $database->query($sql);
|
424
|
if($query_sections->numRows() == 0)
|
425
|
{
|
426
|
// Modules list
|
427
|
$sql = 'SELECT `name`,`directory`,`type` FROM `'.TABLE_PREFIX.'addons` ';
|
428
|
$sql .= 'WHERE `type` = "module" AND `function` = "page" AND `directory` != "menu_link" ';
|
429
|
$sql .= 'ORDER BY `name`';
|
430
|
$result = $database->query($sql);
|
431
|
// if(DEBUG && $database->is_error()) { $admin->print_error($database->get_error()); }
|
432
|
|
433
|
if($result->numRows() > 0)
|
434
|
{
|
435
|
while ($module = $result->fetchRow())
|
436
|
{
|
437
|
// Check if user is allowed to use this module echo $module['directory'],'<br />';
|
438
|
if(!is_numeric(array_search($module['directory'], $module_permissions)))
|
439
|
{
|
440
|
$template->set_var('VALUE', $module['directory']);
|
441
|
$template->set_var('NAME', $module['name']);
|
442
|
if($module['directory'] == 'wysiwyg')
|
443
|
{
|
444
|
$template->set_var('SELECTED', ' selected="selected"');
|
445
|
} else {
|
446
|
$template->set_var('SELECTED', '');
|
447
|
}
|
448
|
$template->parse('module_list', 'module_block', true);
|
449
|
} else {
|
450
|
continue;
|
451
|
}
|
452
|
}
|
453
|
}
|
454
|
}
|
455
|
// Insert language text and messages
|
456
|
$template->set_var(array(
|
457
|
'TEXT_MANAGE_SECTIONS' => $HEADING['MANAGE_SECTIONS'],
|
458
|
'TEXT_ARE_YOU_SURE' => $TEXT['ARE_YOU_SURE'],
|
459
|
'TEXT_TYPE' => $TEXT['TYPE'],
|
460
|
'TEXT_ADD' => $TEXT['ADD'],
|
461
|
'TEXT_SAVE' => $TEXT['SAVE'],
|
462
|
'TEXTLINK_MODIFY_PAGE' => $HEADING['MODIFY_PAGE'],
|
463
|
'TEXT_CALENDAR' => $TEXT['CALENDAR'],
|
464
|
'TEXT_DELETE_DATE' => $TEXT['DELETE_DATE'],
|
465
|
'TEXT_ADD_SECTION' => $TEXT['ADD_SECTION'],
|
466
|
'TEXT_MOVE_UP' => $TEXT['MOVE_UP'],
|
467
|
'TEXT_MOVE_DOWN' => $TEXT['MOVE_DOWN']
|
468
|
)
|
469
|
);
|
470
|
$template->parse('main', 'main_block', false);
|
471
|
$template->pparse('output', 'page');
|
472
|
|
473
|
// include the required file for Javascript admin
|
474
|
if(file_exists(WB_PATH.'/modules/jsadmin/jsadmin_backend_include.php'))
|
475
|
{
|
476
|
include(WB_PATH.'/modules/jsadmin/jsadmin_backend_include.php');
|
477
|
}
|
478
|
|
479
|
// Print admin footer
|
480
|
$admin->print_footer();
|
481
|
|
482
|
?>
|