Project

General

Profile

1
<?php
2
/**
3
 *
4
 * @category        admin
5
 * @package         pages
6
 * @author          WebsiteBaker Project
7
 * @copyright       2004-2009, Ryan Djurovich
8
 * @copyright       2009-2011, Website Baker Org. e.V.
9
 * @link			http://www.websitebaker2.org/
10
 * @license         http://www.gnu.org/licenses/gpl.html
11
 * @platform        WebsiteBaker 2.8.x
12
 * @requirements    PHP 5.2.2 and higher and higher
13
 * @version         $Id: save.php 1457 2011-06-25 17:18:50Z Luisehahne $
14
 * @filesource		$HeadURL: svn://isteam.dynxs.de/wb-archiv/branches/2.8.x/wb/admin/pages/save.php $
15
 * @lastmodified    $Date: 2011-06-25 19:18:50 +0200 (Sat, 25 Jun 2011) $
16
 *
17
 */
18
/*
19
*/
20
// Create new admin object
21
require('../../config.php');
22
require_once(WB_PATH.'/framework/class.admin.php');
23

    
24
// suppress to print the header, so no new FTAN will be set
25
$admin = new admin('Pages', 'pages_modify', false);
26

    
27
// Get page & section id
28
if(!isset($_POST['page_id']) || !is_numeric($_POST['page_id'])) {
29
	header("Location: index.php");
30
	exit(0);
31
} else {
32
	$page_id = intval($_POST['page_id']);
33
}
34

    
35
if(!isset($_POST['section_id']) || !is_numeric($_POST['section_id'])) {
36
	header("Location: index.php");
37
	exit(0);
38
} else {
39
	$section_id = intval($_POST['section_id']);
40
}
41

    
42
// $js_back = "javascript: history.go(-1);";
43
$js_back = ADMIN_URL.'/pages/modify.php?page_id='.$page_id;
44

    
45
if (!$admin->checkFTAN())
46
{
47
	$admin->print_header();
48
	$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'],$js_back );
49
}
50
// After check print the header
51
$admin->print_header();
52

    
53
/*
54
if( (!($page_id = $admin->checkIDKEY('page_id', 0, $_SERVER['REQUEST_METHOD']))) )
55
{
56
	$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS']);
57
}
58

    
59
if( (!($section_id= $admin->checkIDKEY('section_id', 0, $_SERVER['REQUEST_METHOD']))) )
60
{
61
	$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS']);
62
}
63
*/
64

    
65
// Get perms
66
$sql  = 'SELECT `admin_groups`,`admin_users` FROM `'.TABLE_PREFIX.'pages` ';
67
$sql .= 'WHERE `page_id` = '.$page_id;
68
$results = $database->query($sql);
69
$results_array = $results->fetchRow();
70
$old_admin_groups = explode(',', str_replace('_', '', $results_array['admin_groups']));
71
$old_admin_users = explode(',', str_replace('_', '', $results_array['admin_users']));
72
$in_old_group = FALSE;
73
foreach($admin->get_groups_id() as $cur_gid)
74
{
75
    if (in_array($cur_gid, $old_admin_groups))
76
    {
77
        $in_old_group = TRUE;
78
    }
79
}
80
if((!$in_old_group) && !is_numeric(array_search($admin->get_user_id(), $old_admin_users)))
81
{
82
	$admin->print_error($MESSAGE['PAGES']['INSUFFICIENT_PERMISSIONS']);
83
}
84
// Get page module
85
$sql  = 'SELECT `module` FROM `'.TABLE_PREFIX.'sections` ';
86
$sql .= 'WHERE `page_id`='.$page_id.' AND `section_id`='.$section_id;
87
$module = $database->get_one($sql);
88
if(!$module)
89
{
90
	$admin->print_error( $database->is_error() ? $database->get_error() : $MESSAGE['PAGES']['NOT_FOUND']);
91
}
92
//$results = $database->query($sql);
93
//if($database->is_error()) {
94
//	$admin->print_error($database->get_error());
95
//}
96
//if($results->numRows() == 0) {
97
//	$admin->print_error($MESSAGE['PAGES']['NOT_FOUND']);
98
//}
99
//$results_array = $results->fetchRow();
100
//$module = $results_array['module'];
101

    
102
// Update the pages table
103
$now = time();
104
$sql  = 'UPDATE `'.TABLE_PREFIX.'pages` SET ';
105
$sql .= '`modified_when` = '.$now.', `modified_by` = '.$admin->get_user_id().' ';
106
$sql .= 'WHERE `page_id` = '.$page_id;
107
$database->query($sql);
108

    
109
// Include the modules saving script if it exists
110
if(file_exists(WB_PATH.'/modules/'.$module.'/save.php'))
111
{
112
	include_once(WB_PATH.'/modules/'.$module.'/save.php');
113
}
114
// Check if there is a db error, otherwise say successful
115
if($database->is_error())
116
{
117
	$admin->print_error($database->get_error(), ADMIN_URL.'/pages/modify.php?page_id='.$results_array['page_id'] );
118
} else {
119
	$admin->print_success($MESSAGE['PAGES']['SAVED'], ADMIN_URL.'/pages/modify.php?page_id='.$results_array['page_id'] );
120
}
121

    
122
// Print admin footer
123
$admin->print_footer();
124

    
125
?>
(17-17/22)