Project

General

Profile

1 1358 Luisehahne
<?php
2
/**
3
 *
4
 * @category        admin
5
 * @package         pages
6 1703 Luisehahne
 * @author          Ryan Djurovich, WebsiteBaker Project
7
 * @copyright       2009-2012, WebsiteBaker Org. e.V.
8 1358 Luisehahne
 * @link			http://www.websitebaker2.org/
9
 * @license         http://www.gnu.org/licenses/gpl.html
10
 * @platform        WebsiteBaker 2.8.x
11 1373 Luisehahne
 * @requirements    PHP 5.2.2 and higher and higher
12 1358 Luisehahne
 * @version         $Id$
13
 * @filesource		$HeadURL$
14
 * @lastmodified    $Date$
15
 *
16
 */
17 1402 Luisehahne
/*
18
*/
19
// Create new admin object
20
require('../../config.php');
21
require_once(WB_PATH.'/framework/class.admin.php');
22 1358 Luisehahne
23 1457 Luisehahne
// suppress to print the header, so no new FTAN will be set
24
$admin = new admin('Pages', 'pages_modify', false);
25
26 1358 Luisehahne
// Get page & section id
27 1384 Luisehahne
if(!isset($_POST['page_id']) || !is_numeric($_POST['page_id'])) {
28 1358 Luisehahne
	header("Location: index.php");
29
	exit(0);
30
} else {
31
	$page_id = intval($_POST['page_id']);
32
}
33 1402 Luisehahne
34 1384 Luisehahne
if(!isset($_POST['section_id']) || !is_numeric($_POST['section_id'])) {
35 1358 Luisehahne
	header("Location: index.php");
36
	exit(0);
37
} else {
38
	$section_id = intval($_POST['section_id']);
39
}
40
41 1425 Luisehahne
// $js_back = "javascript: history.go(-1);";
42 1457 Luisehahne
$js_back = ADMIN_URL.'/pages/modify.php?page_id='.$page_id;
43 1425 Luisehahne
44
if (!$admin->checkFTAN())
45
{
46 1457 Luisehahne
	$admin->print_header();
47 1425 Luisehahne
	$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'],$js_back );
48
}
49 1457 Luisehahne
// After check print the header
50
$admin->print_header();
51 1425 Luisehahne
52 1402 Luisehahne
/*
53
if( (!($page_id = $admin->checkIDKEY('page_id', 0, $_SERVER['REQUEST_METHOD']))) )
54
{
55
	$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS']);
56
}
57 1384 Luisehahne
58 1402 Luisehahne
if( (!($section_id= $admin->checkIDKEY('section_id', 0, $_SERVER['REQUEST_METHOD']))) )
59 1358 Luisehahne
{
60 1402 Luisehahne
	$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS']);
61 1358 Luisehahne
}
62 1402 Luisehahne
*/
63
64 1358 Luisehahne
// Get perms
65
$sql  = 'SELECT `admin_groups`,`admin_users` FROM `'.TABLE_PREFIX.'pages` ';
66
$sql .= 'WHERE `page_id` = '.$page_id;
67
$results = $database->query($sql);
68
$results_array = $results->fetchRow();
69 1703 Luisehahne
if(!$admin->ami_group_member($results_array['admin_users']) &&
70 1692 darkviper
   !$admin->is_group_match($admin->get_groups_id(), $results_array['admin_groups']))
71 1358 Luisehahne
{
72 1703 Luisehahne
	$admin->print_error($MESSAGE['PAGES_INSUFFICIENT_PERMISSIONS']);
73 1358 Luisehahne
}
74
// Get page module
75
$sql  = 'SELECT `module` FROM `'.TABLE_PREFIX.'sections` ';
76
$sql .= 'WHERE `page_id`='.$page_id.' AND `section_id`='.$section_id;
77
$module = $database->get_one($sql);
78 1692 darkviper
if(!$module) {
79 1703 Luisehahne
	$admin->print_error( $database->is_error() ? $database->get_error() : $MESSAGE['PAGES_NOT_FOUND']);
80 1358 Luisehahne
}
81
// Update the pages table
82
$now = time();
83
$sql  = 'UPDATE `'.TABLE_PREFIX.'pages` SET ';
84
$sql .= '`modified_when` = '.$now.', `modified_by` = '.$admin->get_user_id().' ';
85
$sql .= 'WHERE `page_id` = '.$page_id;
86
$database->query($sql);
87
88
// Include the modules saving script if it exists
89
if(file_exists(WB_PATH.'/modules/'.$module.'/save.php'))
90
{
91
	include_once(WB_PATH.'/modules/'.$module.'/save.php');
92
}
93
// Check if there is a db error, otherwise say successful
94
if($database->is_error())
95
{
96 1692 darkviper
	$admin->print_error($database->get_error(), ADMIN_URL.'/pages/modify.php?page_id='.$page_id );
97 1358 Luisehahne
} else {
98 1703 Luisehahne
	$admin->print_success($MESSAGE['PAGES_SAVED'], ADMIN_URL.'/pages/modify.php?page_id='.$page_id );
99 1358 Luisehahne
}
100
101
// Print admin footer
102
$admin->print_footer();