Revision 1503
Added by Luisehahne over 14 years ago
| tool.php | ||
|---|---|---|
| 16 | 16 |
* @lastmodified $Date$ |
| 17 | 17 |
* |
| 18 | 18 |
*/ |
| 19 |
/* -------------------------------------------------------- */ |
|
| 20 |
// Must include code to stop this file being accessed directly |
|
| 21 |
if(!defined('WB_PATH')) {
|
|
| 19 | 22 |
|
| 20 |
// Must include code to stop this file being access directly |
|
| 21 |
if(defined('WB_PATH') == false) { die("Cannot access this file directly"); }
|
|
| 23 |
require_once(dirname(dirname(dirname(__FILE__))).'/framework/globalExceptionHandler.php'); |
|
| 24 |
throw new IllegalFileException(); |
|
| 25 |
} |
|
| 26 |
/* -------------------------------------------------------- */ |
|
| 22 | 27 |
|
| 23 | 28 |
// Load Language file |
| 24 | 29 |
if(LANGUAGE_LOADED) {
|
| ... | ... | |
| 37 | 42 |
} |
| 38 | 43 |
|
| 39 | 44 |
// Get userid for showing admin only droplets or not |
| 40 |
$loggedin_user = $admin->get_user_id();
|
|
| 45 |
$loggedin_user = ($admin->ami_group_member('1') ? 1 : $admin->user_id());
|
|
| 41 | 46 |
$loggedin_group = $admin->get_groups_id(); |
| 42 | 47 |
$admin_user = ( ($admin->get_home_folder() == '') && ($admin->ami_group_member('1') ) || ($loggedin_user == '1'));
|
| 43 | 48 |
|
| ... | ... | |
| 45 | 50 |
$admintool_url = ADMIN_URL .'/admintools/index.php'; |
| 46 | 51 |
|
| 47 | 52 |
//removes empty entries from the table so they will not be displayed |
| 48 |
$database->query("DELETE FROM ".TABLE_PREFIX."mod_droplets WHERE name=''");
|
|
| 53 |
$sql = 'DELETE FROM '.TABLE_PREFIX.'mod_droplets '; |
|
| 54 |
$sql .= 'WHERE name = \'\' '; |
|
| 55 |
$database->query($sql); |
|
| 56 |
|
|
| 49 | 57 |
?> |
| 50 | 58 |
|
| 51 | 59 |
<br /> |
| ... | ... | |
| 68 | 76 |
|
| 69 | 77 |
<h2><?php echo $TEXT['MODIFY'].'/'.$TEXT['DELETE'].' '.$DR_TEXT['DROPLETS']; ?></h2> |
| 70 | 78 |
<?php |
| 71 |
// if ($loggedin_user == '1') {
|
|
| 72 |
if ($admin_user) {
|
|
| 73 |
$query_droplets = $database->query("SELECT * FROM ".TABLE_PREFIX."mod_droplets ORDER BY modified_when DESC");
|
|
| 74 |
} else {
|
|
| 75 |
$query_droplets = $database->query("SELECT * FROM ".TABLE_PREFIX."mod_droplets WHERE admin_view <> '1' ORDER BY modified_when DESC");
|
|
| 79 |
|
|
| 80 |
$sql = 'SELECT * FROM `'.TABLE_PREFIX.'mod_droplets` '; |
|
| 81 |
if (!$admin_user) {
|
|
| 82 |
$sql .= 'WHERE `admin_view` <> 1 '; |
|
| 76 | 83 |
} |
| 84 |
$sql .= 'ORDER BY `modified_when` DESC'; |
|
| 85 |
$query_droplets = $database->query($sql); |
|
| 77 | 86 |
$num_droplets = $query_droplets->numRows(); |
| 78 | 87 |
if($num_droplets > 0) {
|
| 79 | 88 |
?> |
| ... | ... | |
| 99 | 108 |
$modified_user = $TEXT['UNKNOWN']; |
| 100 | 109 |
$modified_userid = 0; |
| 101 | 110 |
} |
| 111 |
$iDropletIdKey = $admin->getIDKEY($droplet['id']); |
|
| 102 | 112 |
$comments = str_replace(array("\r\n", "\n", "\r"), '<br />', $droplet['comments']);
|
| 103 | 113 |
if (!strpos($comments,"[[")) $comments = "Use: [[".$droplet['name']."]]<br />".$comments; |
| 104 | 114 |
$comments = str_replace(array("[[", "]]"), array('<b>[[',']]</b>'), $comments);
|
| 105 | 115 |
$valid_code = check_syntax($droplet['code']); |
| 106 | 116 |
if (!$valid_code === true) $comments = '<font color=\'red\'><strong>'.$DR_TEXT['INVALIDCODE'].'</strong></font><br /><br />'.$comments; |
| 107 | 117 |
$unique_droplet = check_unique ($droplet['name']); |
| 108 |
if ($unique_droplet === false) $comments = '<font color=\'red\'><strong>'.$DR_TEXT['NOTUNIQUE'].'</strong></font><br /><br />'.$comments;
|
|
| 118 |
if ($unique_droplet === false ) {$comments = '<font color=\'red\'><strong>'.$DR_TEXT['NOTUNIQUE'].'</strong></font><br /><br />'.$comments;}
|
|
| 109 | 119 |
$comments = '<span>'.$comments.'</span>'; |
| 110 | 120 |
?> |
| 111 |
|
|
| 121 |
|
|
| 112 | 122 |
<tr class="row_<?php echo $row; ?>" > |
| 113 | 123 |
<td > |
| 114 |
<a href="<?php echo WB_URL; ?>/modules/droplets/modify_droplet.php?droplet_id=<?php echo $admin->getIDKEY($droplet['id']); ?>" title="<?php echo $TEXT['MODIFY']; ?>">
|
|
| 115 |
<img src="<?php echo THEME_URL; ?>/images/modify_16.png" border="0" alt="Modify" />
|
|
| 124 |
<a href="<?php echo WB_URL; ?>/modules/droplets/modify_droplet.php?droplet_id=<?php echo $iDropletIdKey; ?>" title="<?php echo $TEXT['MODIFY']; ?>">
|
|
| 125 |
<img src="<?php echo THEME_URL; ?>/images/modify_16.png" border="0" alt="Modify" /> |
|
| 116 | 126 |
</a> |
| 117 | 127 |
</td> |
| 118 | 128 |
<td > |
| 119 |
<a href="<?php echo WB_URL; ?>/modules/droplets/modify_droplet.php?droplet_id=<?php echo $admin->getIDKEY($droplet['id']); ?>" class="tooltip">
|
|
| 129 |
<a href="<?php echo WB_URL; ?>/modules/droplets/modify_droplet.php?droplet_id=<?php echo $iDropletIdKey; ?>" class="tooltip">
|
|
| 120 | 130 |
<?php if ($valid_code && $unique_droplet) { ?><img src="<?php echo WB_URL; ?>/modules/droplets/img/droplet.png" border="0" alt=""/>
|
| 121 | 131 |
<?php } else { ?><img src="<?php echo WB_URL; ?>/modules/droplets/img/invalid.gif" border="0" title="" alt=""/><?php } ?>
|
| 122 | 132 |
<?php echo $droplet['name']; ?><?php echo $comments; ?> |
| ... | ... | |
| 129 | 139 |
<b><?php if($droplet['active'] == 1){ echo '<span style="color: green;">'. $TEXT['YES']. '</span>'; } else { echo '<span style="color: red;">'.$TEXT['NO'].'</span>'; } ?></b>
|
| 130 | 140 |
</td> |
| 131 | 141 |
<td > |
| 132 |
<a href="javascript: confirm_link('<?php echo $TEXT['ARE_YOU_SURE']; ?>', '<?php echo WB_URL; ?>/modules/droplets/delete_droplet.php?droplet_id=<?php echo $admin->getIDKEY($droplet['id']); ?>');" title="<?php echo $TEXT['DELETE']; ?>">
|
|
| 142 |
<a href="javascript: confirm_link('<?php echo $TEXT['ARE_YOU_SURE']; ?>', '<?php echo WB_URL; ?>/modules/droplets/delete_droplet.php?droplet_id=<?php echo $iDropletIdKey; ?>');" title="<?php echo $TEXT['DELETE']; ?>">
|
|
| 133 | 143 |
<img src="<?php echo THEME_URL; ?>/images/delete_16.png" border="0" alt="X" /> |
| 134 | 144 |
</a> |
| 135 | 145 |
</td> |
| ... | ... | |
| 153 | 163 |
|
| 154 | 164 |
function check_unique($name) {
|
| 155 | 165 |
global $database; |
| 156 |
$query_droplets = $database->query("SELECT name FROM ".TABLE_PREFIX."mod_droplets WHERE name = '$name'");
|
|
| 157 |
return ($query_droplets->numRows() == 1); |
|
| 166 |
$retVal = 0; |
|
| 167 |
$sql = 'SELECT COUNT(*) FROM `'.TABLE_PREFIX.'mod_droplets` '; |
|
| 168 |
$sql .= 'WHERE `name` = \''.$name.'\''; |
|
| 169 |
$retVal = intval($database->get_one($sql)); |
|
| 170 |
return ($retVal == 1); |
|
| 158 | 171 |
} |
Also available in: Unified diff
change sql statements to strict in module droplets
fix vars in compatibility mode for versions before 2.8.1 in frontend.functions.php