Project

General

Profile

1 1358 Luisehahne
<?php
2
/**
3
 *
4
 * @category        admin
5
 * @package         pages
6
 * @author          WebsiteBaker Project
7
 * @copyright       2004-2009, Ryan Djurovich
8 1373 Luisehahne
 * @copyright       2009-2011, Website Baker Org. e.V.
9 1358 Luisehahne
 * @link			http://www.websitebaker2.org/
10
 * @license         http://www.gnu.org/licenses/gpl.html
11
 * @platform        WebsiteBaker 2.8.x
12 1373 Luisehahne
 * @requirements    PHP 5.2.2 and higher and higher
13 1358 Luisehahne
 * @version         $Id$
14
 * @filesource		$HeadURL$
15
 * @lastmodified    $Date$
16
 *
17
 */
18 1402 Luisehahne
/*
19
*/
20
// Create new admin object
21
require('../../config.php');
22
require_once(WB_PATH.'/framework/class.admin.php');
23
$admin = new admin('Pages', 'pages_modify');
24 1358 Luisehahne
25
// Get page & section id
26 1384 Luisehahne
if(!isset($_POST['page_id']) || !is_numeric($_POST['page_id'])) {
27 1358 Luisehahne
	header("Location: index.php");
28
	exit(0);
29
} else {
30
	$page_id = intval($_POST['page_id']);
31
}
32 1402 Luisehahne
33 1384 Luisehahne
if(!isset($_POST['section_id']) || !is_numeric($_POST['section_id'])) {
34 1358 Luisehahne
	header("Location: index.php");
35
	exit(0);
36
} else {
37
	$section_id = intval($_POST['section_id']);
38
}
39
40 1425 Luisehahne
// $js_back = "javascript: history.go(-1);";
41
$js_back = ADMIN_URL.'/pages/modify.php?page_id='.$page_id
42
43
if (!$admin->checkFTAN())
44
{
45
	$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'],$js_back );
46
	exit();
47
}
48
49 1402 Luisehahne
/*
50
if( (!($page_id = $admin->checkIDKEY('page_id', 0, $_SERVER['REQUEST_METHOD']))) )
51
{
52
	$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS']);
53
	exit();
54
}
55 1384 Luisehahne
56 1402 Luisehahne
if( (!($section_id= $admin->checkIDKEY('section_id', 0, $_SERVER['REQUEST_METHOD']))) )
57 1358 Luisehahne
{
58 1402 Luisehahne
	$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS']);
59 1358 Luisehahne
	exit();
60
}
61 1402 Luisehahne
*/
62
63 1358 Luisehahne
// Get perms
64
$sql  = 'SELECT `admin_groups`,`admin_users` FROM `'.TABLE_PREFIX.'pages` ';
65
$sql .= 'WHERE `page_id` = '.$page_id;
66
$results = $database->query($sql);
67
$results_array = $results->fetchRow();
68
$old_admin_groups = explode(',', str_replace('_', '', $results_array['admin_groups']));
69
$old_admin_users = explode(',', str_replace('_', '', $results_array['admin_users']));
70
$in_old_group = FALSE;
71
foreach($admin->get_groups_id() as $cur_gid)
72
{
73
    if (in_array($cur_gid, $old_admin_groups))
74
    {
75
        $in_old_group = TRUE;
76
    }
77
}
78 1384 Luisehahne
if((!$in_old_group) && !is_numeric(array_search($admin->get_user_id(), $old_admin_users)))
79 1358 Luisehahne
{
80
	$admin->print_error($MESSAGE['PAGES']['INSUFFICIENT_PERMISSIONS']);
81
}
82
// Get page module
83
$sql  = 'SELECT `module` FROM `'.TABLE_PREFIX.'sections` ';
84
$sql .= 'WHERE `page_id`='.$page_id.' AND `section_id`='.$section_id;
85
$module = $database->get_one($sql);
86
if(!$module)
87
{
88
	$admin->print_error( $database->is_error() ? $database->get_error() : $MESSAGE['PAGES']['NOT_FOUND']);
89
}
90
//$results = $database->query($sql);
91
//if($database->is_error()) {
92
//	$admin->print_error($database->get_error());
93
//}
94
//if($results->numRows() == 0) {
95
//	$admin->print_error($MESSAGE['PAGES']['NOT_FOUND']);
96
//}
97
//$results_array = $results->fetchRow();
98
//$module = $results_array['module'];
99
100
// Update the pages table
101
$now = time();
102
$sql  = 'UPDATE `'.TABLE_PREFIX.'pages` SET ';
103
$sql .= '`modified_when` = '.$now.', `modified_by` = '.$admin->get_user_id().' ';
104
$sql .= 'WHERE `page_id` = '.$page_id;
105
$database->query($sql);
106
107
// Include the modules saving script if it exists
108
if(file_exists(WB_PATH.'/modules/'.$module.'/save.php'))
109
{
110
	include_once(WB_PATH.'/modules/'.$module.'/save.php');
111
}
112
// Check if there is a db error, otherwise say successful
113
if($database->is_error())
114
{
115 1425 Luisehahne
	$admin->print_error($database->get_error(), ADMIN_URL.'/pages/modify.php?page_id='.$results_array['page_id'] );
116 1358 Luisehahne
} else {
117 1402 Luisehahne
	$admin->print_success($MESSAGE['PAGES']['SAVED'], ADMIN_URL.'/pages/modify.php?page_id='.$results_array['page_id'] );
118 1358 Luisehahne
}
119
120
// Print admin footer
121
$admin->print_footer();
122
123 4 ryan
?>