Project

General

Profile

1
<?php
2
/**
3
 *
4
 * @category        admin
5
 * @package         pages
6
 * @author          WebsiteBaker Project
7
 * @copyright       2004-2009, Ryan Djurovich
8
 * @copyright       2009-2011, Website Baker Org. e.V.
9
 * @link			http://www.websitebaker2.org/
10
 * @license         http://www.gnu.org/licenses/gpl.html
11
 * @platform        WebsiteBaker 2.8.x
12
 * @requirements    PHP 5.2.2 and higher
13
 * @version         $Id: sections.php 1388 2011-01-16 12:18:02Z Luisehahne $
14
 * @filesource		$HeadURL: svn://isteam.dynxs.de/wb-archiv/branches/2.8.x/wb/admin/pages/sections.php $
15
 * @lastmodified    $Date: 2011-01-16 13:18:02 +0100 (Sun, 16 Jan 2011) $
16
 *
17
 */
18

    
19
// Include config file
20
require('../../config.php');
21

    
22
// Make sure people are allowed to access this page
23
if(MANAGE_SECTIONS != 'enabled')
24
{
25
	header('Location: '.ADMIN_URL.'/pages/index.php');
26
	exit(0);
27
}
28

    
29
// Get page id
30
if(!isset($_GET['page_id']) || !is_numeric($_GET['page_id']))
31
{
32
	header("Location: index.php");
33
	exit(0);
34
} else {
35
	$page_id = $_GET['page_id'];
36
}
37

    
38
$debug = false; // to show position and section_id
39
If(!defined('DEBUG')) { define('DEBUG',$debug);}
40
// Create new admin object
41
require_once(WB_PATH.'/framework/class.admin.php');
42
$admin = new admin('Pages', 'pages_modify');
43

    
44
// Check if we are supposed to add or delete a section
45
if(isset($_GET['section_id']) && is_numeric($_GET['section_id']))
46
{
47
	// Get more information about this section
48
	$section_id = $_GET['section_id'];
49
    $sql  = 'SELECT `module` FROM `'.TABLE_PREFIX.'sections` ';
50
    $sql .= 'WHERE `section_id` ='.$section_id;
51
    $query_section = $database->query($sql);
52

    
53
	if($query_section->numRows() == 0)
54
    {
55
		$admin->print_error('Section not found');
56
	}
57
	$section = $query_section->fetchRow();
58
	// Include the modules delete file if it exists
59
	if(file_exists(WB_PATH.'/modules/'.$section['module'].'/delete.php'))
60
    {
61
		require(WB_PATH.'/modules/'.$section['module'].'/delete.php');
62
	}
63
    $sql  = 'DELETE FROM `'.TABLE_PREFIX.'sections` ';
64
    $sql .= 'WHERE `section_id` ='.$section_id.' LIMIT 1';
65
    $query_section = $database->query($sql);
66

    
67
	if($database->is_error())
68
    {
69
		$admin->print_error($database->get_error());
70
	} else {
71
		require(WB_PATH.'/framework/class.order.php');
72
		$order = new order(TABLE_PREFIX.'sections', 'position', 'section_id', 'page_id');
73
		$order->clean($page_id);
74
		$admin->print_success($TEXT['SUCCESS'], ADMIN_URL.'/pages/sections.php?page_id='.$page_id);
75
		$admin->print_footer();
76
		exit();
77
	}
78
} elseif(isset($_POST['module']) && $_POST['module'] != '')
79
{
80
	// Get section info
81
	$module = preg_replace("/\W/", "", $admin->add_slashes($_POST['module']));  // fix secunia 2010-91-4
82
	// Include the ordering class
83
	require(WB_PATH.'/framework/class.order.php');
84
	// Get new order
85
	$order = new order(TABLE_PREFIX.'sections', 'position', 'section_id', 'page_id');
86
	$position = $order->get_new($page_id);	
87
	// Insert module into DB
88
    $sql  = 'INSERT INTO `'.TABLE_PREFIX.'sections` SET ';
89
    $sql .= '`page_id` = '.$page_id.', ';
90
    $sql .= '`module` = "'.$module.'", ';
91
    $sql .= '`position` = '.$position.', ';
92
    $sql .= '`block`=1';
93
    $database->query($sql);
94
	// Get the section id
95
	$section_id = $database->get_one("SELECT LAST_INSERT_ID()");	
96
	// Include the selected modules add file if it exists
97
	if(file_exists(WB_PATH.'/modules/'.$module.'/add.php'))
98
    {
99
		require(WB_PATH.'/modules/'.$module.'/add.php');
100
	}
101
}
102

    
103
// Get perms
104
// $database = new database();
105
$sql  = 'SELECT `admin_groups`,`admin_users` FROM `'.TABLE_PREFIX.'pages` ';
106
$sql .= 'WHERE `page_id` = '.$page_id;
107
$results = $database->query($sql);
108

    
109
$results_array = $results->fetchRow();
110
$old_admin_groups = explode(',', $results_array['admin_groups']);
111
$old_admin_users = explode(',', $results_array['admin_users']);
112
$in_old_group = FALSE;
113
foreach($admin->get_groups_id() as $cur_gid)
114
{
115
	if (in_array($cur_gid, $old_admin_groups))
116
    {
117
		$in_old_group = TRUE;
118
	}
119
}
120
if((!$in_old_group) && !is_numeric(array_search($admin->get_user_id(), $old_admin_users)))
121
{
122
	$admin->print_error($MESSAGE['PAGES']['INSUFFICIENT_PERMISSIONS']);
123
}
124

    
125
// Get page details
126
// $database = new database();
127
$sql  = 'SELECT * FROM `'.TABLE_PREFIX.'pages` ';
128
$sql .= 'WHERE `page_id` = '.$page_id;
129
$results = $database->query($sql);
130

    
131
if($database->is_error())
132
{
133
	// $admin->print_header();
134
	$admin->print_error($database->get_error());
135
}
136
if($results->numRows() == 0)
137
{
138
	// $admin->print_header();
139
	$admin->print_error($MESSAGE['PAGES']['NOT_FOUND']);
140
}
141
$results_array = $results->fetchRow();
142

    
143
// Set module permissions
144
$module_permissions = $_SESSION['MODULE_PERMISSIONS'];
145

    
146
// Unset block var
147
unset($block);
148
// Include template info file (if it exists)
149
if($results_array['template'] != '')
150
{
151
	$template_location = WB_PATH.'/templates/'.$results_array['template'].'/info.php';
152
} else {
153
	$template_location = WB_PATH.'/templates/'.DEFAULT_TEMPLATE.'/info.php';
154
}
155
if(file_exists($template_location))
156
{
157
	require($template_location);
158
}
159
// Check if $menu is set
160
if(!isset($block[1]) || $block[1] == '')
161
{
162
	// Make our own menu list
163
	$block[1] = $TEXT['MAIN'];
164
}
165

    
166
/*-- load css files with jquery --*/
167
// include jscalendar-setup
168
$jscal_use_time = true; // whether to use a clock, too
169
require_once(WB_PATH."/include/jscalendar/wb-setup.php");
170

    
171
// Setup template object
172
$template = new Template(THEME_PATH.'/templates');
173
$template->set_file('page', 'pages_sections.htt');
174
$template->set_block('page', 'main_block', 'main');
175
$template->set_block('main_block', 'module_block', 'module_list');
176
$template->set_block('main_block', 'section_block', 'section_list');
177
$template->set_block('section_block', 'block_block', 'block_list');
178
$template->set_block('main_block', 'calendar_block', 'calendar_list');
179
$template->set_var('FTAN', $admin->getFTAN());
180

    
181
// set first defaults and messages
182
$template->set_var(array(
183
				'PAGE_ID' => $results_array['page_id'],
184
				'TEXT_PAGE' => $TEXT['PAGE'],
185
				'PAGE_TITLE' => ($results_array['page_title']),
186
				'MENU_TITLE' => ($results_array['menu_title']),
187
				'TEXT_CURRENT_PAGE' => $TEXT['CURRENT_PAGE'],
188
				'HEADING_MANAGE_SECTIONS' => $HEADING['MANAGE_SECTIONS'],
189
				'HEADING_MODIFY_PAGE' => $HEADING['MODIFY_PAGE'],
190
				'TEXT_CHANGE_SETTINGS' => $TEXT['CHANGE_SETTINGS'],
191
				'TEXT_ADD_SECTION' => $TEXT['ADD_SECTION'],
192
				'TEXT_ID' => 'ID',
193
				'TEXT_TYPE' => $TEXT['TYPE'],
194
				'TEXT_BLOCK' => $TEXT['BLOCK'],
195
				'TEXT_PUBL_START_DATE' => $TEXT{'PUBL_START_DATE'},
196
				'TEXT_PUBL_END_DATE' => $TEXT['PUBL_END_DATE'],
197
				'TEXT_ACTIONS' => $TEXT['ACTIONS'],
198
				'ADMIN_URL' => ADMIN_URL,
199
				'WB_URL' => WB_URL,
200
				'THEME_URL' => THEME_URL
201
				) 
202
			);
203

    
204
// Insert variables
205
$template->set_var(array(
206
				'VAR_PAGE_ID' => $results_array['page_id'],
207
				'VAR_PAGE_TITLE' => $results_array['page_title'],
208
				'SETTINGS_LINK' => ADMIN_URL.'/pages/settings.php?page_id='.$results_array['page_id'],
209
				'MODIFY_LINK' => ADMIN_URL.'/pages/modify.php?page_id='.$results_array['page_id']
210
				) 
211
			);
212

    
213
$sql  = 'SELECT `section_id`,`module`,`position`,`block`,`publ_start`,`publ_end` ';
214
$sql .= 'FROM `'.TABLE_PREFIX.'sections` ';
215
$sql .= 'WHERE `page_id` = '.$page_id.' ';
216
$sql .= 'ORDER BY `position` ASC';
217
$query_sections = $database->query($sql);
218

    
219
if($query_sections->numRows() > 0)
220
{
221
	$num_sections = $query_sections->numRows();
222
	while($section = $query_sections->fetchRow())
223
    {
224
		if(!is_numeric(array_search($section['module'], $module_permissions)))
225
        {
226
			// Get the modules real name
227
            $sql = 'SELECT `name` FROM `'.TABLE_PREFIX.'addons` ';
228
            $sql .= 'WHERE `directory` = "'.$section['module'].'"';
229
            if(!$database->get_one($sql) || !file_exists(WB_PATH.'/modules/'.$section['module']))
230
			{
231
				$edit_page = '<span class="module_disabled">'.$section['module'].'</span>';
232
			}else
233
			{
234
				$edit_page = '';
235
			}
236
			$edit_page_0 = '<a id="sid'.$section['section_id'].'" href="'.ADMIN_URL.'/pages/modify.php?page_id='.$page_id;
237
			$edit_page_1 = $section['section_id'].'">'.$section['module'].'</a>';
238
			if(SECTION_BLOCKS)
239
            {
240
				if($edit_page == '')
241
				{
242
					if(defined('EDIT_ONE_SECTION') && EDIT_ONE_SECTION)
243
					{
244
						$edit_page = $edit_page_0.'&amp;wysiwyg='.$edit_page_1;
245
					} else {
246
						$edit_page = $edit_page_0.'#wb_'.$edit_page_1;
247
					}
248
				}
249
				$input_attribute = 'input_normal';
250
				$template->set_var(array(
251
						'STYLE_DISPLAY_SECTION_BLOCK' => ' style="visibility:visible;"',
252
						'NAME_SIZE' => 300,
253
						'INPUT_ATTRIBUTE' => $input_attribute,
254
						'VAR_SECTION_ID' => $section['section_id'],
255
						'VAR_POSITION' => $section['position'],
256
						'LINK_MODIFY_URL_VAR_MODUL_NAME' => $edit_page,
257
						'SELECT' => '',
258
						'SET_NONE_DISPLAY_OPTION' => ''
259
						)
260
					);
261
				// Add block options to the section_list
262
				$template->clear_var('block_list');
263
				foreach($block AS $number => $name)
264
                {
265
					$template->set_var('NAME', htmlentities(strip_tags($name)));
266
					$template->set_var('VALUE', $number);
267
					$template->set_var('SIZE', 1);
268
					if($section['block'] == $number)
269
                    {
270
						$template->set_var('SELECTED', ' selected="selected"');
271
					} else {
272
						$template->set_var('SELECTED', '');
273
					}
274
					$template->parse('block_list', 'block_block', true);
275
				}
276
			} else {
277
				if($edit_page == '')
278
				{
279
					$edit_page = $edit_page_0.'#wb_'.$edit_page_1;
280
				}
281
				$input_attribute = 'input_normal';
282
				$template->set_var(array(
283
						'STYLE_DISPLAY_SECTION_BLOCK' => ' style="visibility:hidden;"',
284
						'NAME_SIZE' => 300,
285
						'INPUT_ATTRIBUTE' => $input_attribute,
286
						'VAR_SECTION_ID' => $section['section_id'],
287
						'VAR_POSITION' => $section['position'],
288
						'LINK_MODIFY_URL_VAR_MODUL_NAME' => $edit_page,
289
						'NAME' => htmlentities(strip_tags($block[1])),
290
						'VALUE' => 1,
291
						'SET_NONE_DISPLAY_OPTION' => ''
292
						)
293
					);
294
			}
295
			// Insert icon and images
296
			$template->set_var(array(
297
						'CLOCK_16_PNG' => 'clock_16.png',
298
						'CLOCK_DEL_16_PNG' => 'clock_del_16.png',
299
						'DELETE_16_PNG' => 'delete_16.png'
300
						) 
301
					);
302
			// set calendar start values
303
			if($section['publ_start']==0)
304
            {
305
				$template->set_var('VALUE_PUBL_START', '');
306
			} else {
307
				$template->set_var('VALUE_PUBL_START', date($jscal_format, $section['publ_start']));
308
			}
309
			// set calendar start values
310
			if($section['publ_end']==0)
311
            {
312
				$template->set_var('VALUE_PUBL_END', '');
313
			} else {
314
				$template->set_var('VALUE_PUBL_END', date($jscal_format, $section['publ_end']));
315
			}
316
			// Insert icons up and down
317
			if($section['position'] != 1 )
318
            {
319
				$template->set_var(
320
							'VAR_MOVE_UP_URL',
321
							'<a href="'.ADMIN_URL.'/pages/move_up.php?page_id='.$page_id.'&amp;section_id='.$section['section_id'].'">
322
							<img src="'.THEME_URL.'/images/up_16.png" alt="{TEXT_MOVE_UP}" />
323
							</a>' );
324
			} else {
325
				$template->set_var(array(
326
							'VAR_MOVE_UP_URL' => ''
327
							) 
328
						);
329
			}
330
			if($section['position'] != $num_sections ) {
331
				$template->set_var(
332
							'VAR_MOVE_DOWN_URL',
333
							'<a href="'.ADMIN_URL.'/pages/move_down.php?page_id='.$page_id.'&amp;section_id='.$section['section_id'].'">
334
							<img src="'.THEME_URL.'/images/down_16.png" alt="{TEXT_MOVE_DOWN}" />
335
							</a>' );
336
			} else {
337
				$template->set_var(array(
338
							'VAR_MOVE_DOWN_URL' => ''
339
							) 
340
						);
341
			}
342
		} else {
343
		  continue;
344
		}
345

    
346
			$template->set_var(array(
347
							'DISPLAY_DEBUG' => ' style="visibility="visible;"',
348
							'TEXT_SID' => 'SID',
349
							'DEBUG_COLSPAN_SIZE' => 9
350
							) 
351
						);
352
		if($debug)
353
        {
354
			$template->set_var(array(
355
							'DISPLAY_DEBUG' => ' style="visibility="visible;"',
356
							'TEXT_PID' => 'PID',
357
							'TEXT_SID' => 'SID',
358
							'POSITION' => $section['position']
359
							) 
360
						);
361
		} else {
362
			$template->set_var(array(
363
							'DISPLAY_DEBUG' => ' style="display:none;"',
364
							'TEXT_PID' => '',
365
							'POSITION' => ''
366
							) 
367
						);
368
		}
369
		$template->parse('section_list', 'section_block', true);
370
	}
371
}
372

    
373
// now add the calendars -- remember to to set the range to [1970, 2037] if the date is used as timestamp!
374
// the loop is simply a copy from above.
375
$sql  = 'SELECT `section_id`,`module` FROM `'.TABLE_PREFIX.'sections` ';
376
$sql .= 'WHERE page_id = '.$page_id.' ';
377
$sql .= 'ORDER BY `position` ASC';
378
$query_sections = $database->query($sql);
379

    
380
if($query_sections->numRows() > 0)
381
{
382
	$num_sections = $query_sections->numRows();
383
	while($section = $query_sections->fetchRow())
384
    {
385
		// Get the modules real name
386
        $sql  = 'SELECT `name` FROM `'.TABLE_PREFIX.'addons` ';
387
        $sql .= 'WHERE `directory` = "'.$section['module'].'"';
388
        $module_name = $database->get_one($sql);
389

    
390
		if(!is_numeric(array_search($section['module'], $module_permissions)))
391
        {
392
			$template->set_var(array(
393
						'jscal_ifformat' => $jscal_ifformat,
394
						'jscal_firstday' => $jscal_firstday,
395
						'jscal_today' => $jscal_today,
396
						'start_date' => 'start_date'.$section['section_id'],
397
						'end_date' => 'end_date'.$section['section_id'],
398
						'trigger_start' => 'trigger_start'.$section['section_id'],
399
						'trigger_end' => 'trigger_stop'.$section['section_id']
400
						) 
401
					);
402
			if(isset($jscal_use_time) && $jscal_use_time==TRUE) {
403
				$template->set_var(array(
404
						'showsTime' => "true",
405
						'timeFormat' => "24"
406
						) 
407
					);
408
			}  else {
409
				$template->set_var(array(
410
						'showsTime' => "false",
411
						'timeFormat' => "24"
412
						) 
413
					);
414
			}
415
		}
416
		$template->parse('calendar_list', 'calendar_block', true);
417
	}
418
}
419

    
420
// Work-out if we should show the "Add Section" form
421
$sql  = 'SELECT `section_id` FROM `'.TABLE_PREFIX.'sections` ';
422
$sql .= 'WHERE `page_id` = '.$page_id.' AND `module` = "menu_link"';
423
$query_sections = $database->query($sql);
424
if($query_sections->numRows() == 0)
425
{
426
	// Modules list
427
    $sql  = 'SELECT `name`,`directory`,`type` FROM `'.TABLE_PREFIX.'addons` ';
428
    $sql .= 'WHERE `type` = "module" AND `function` = "page" AND `directory` != "menu_link" ';
429
    $sql .= 'ORDER BY `name`';
430
    $result = $database->query($sql);
431
// if(DEBUG && $database->is_error()) { $admin->print_error($database->get_error()); }
432

    
433
	if($result->numRows() > 0)
434
    {
435
		while ($module = $result->fetchRow())
436
        {
437
			// Check if user is allowed to use this module   echo  $module['directory'],'<br />';
438
			if(!is_numeric(array_search($module['directory'], $module_permissions)))
439
            {
440
				$template->set_var('VALUE', $module['directory']);
441
				$template->set_var('NAME', $module['name']);
442
				if($module['directory'] == 'wysiwyg')
443
                {
444
					$template->set_var('SELECTED', ' selected="selected"');
445
				} else {
446
					$template->set_var('SELECTED', '');
447
				}
448
				$template->parse('module_list', 'module_block', true);
449
			} else {
450
			  continue;
451
			}
452
		}
453
	}
454
}
455
// Insert language text and messages
456
$template->set_var(array(
457
					'TEXT_MANAGE_SECTIONS' => $HEADING['MANAGE_SECTIONS'],
458
					'TEXT_ARE_YOU_SURE' => $TEXT['ARE_YOU_SURE'],
459
					'TEXT_TYPE' => $TEXT['TYPE'],
460
					'TEXT_ADD' => $TEXT['ADD'],
461
					'TEXT_SAVE' =>  $TEXT['SAVE'],
462
					'TEXTLINK_MODIFY_PAGE' => $HEADING['MODIFY_PAGE'],
463
					'TEXT_CALENDAR' => $TEXT['CALENDAR'],
464
					'TEXT_DELETE_DATE' => $TEXT['DELETE_DATE'],
465
					'TEXT_ADD_SECTION' => $TEXT['ADD_SECTION'],
466
					'TEXT_MOVE_UP' => $TEXT['MOVE_UP'],
467
					'TEXT_MOVE_DOWN' => $TEXT['MOVE_DOWN']
468
					)
469
				);
470
$template->parse('main', 'main_block', false);
471
$template->pparse('output', 'page');
472

    
473
// include the required file for Javascript admin
474
if(file_exists(WB_PATH.'/modules/jsadmin/jsadmin_backend_include.php'))
475
{
476
	include(WB_PATH.'/modules/jsadmin/jsadmin_backend_include.php');
477
}
478

    
479
// Print admin footer
480
$admin->print_footer();
481

    
482
?>
(17-17/21)