Project

General

Profile

« Previous | Next » 

Revision 1868

Added by Dietmar over 11 years ago

! change mysql_esc_string to WbDatabase::getInstance()->escapeStrinng()

View differences:

add.php
16 16
 */
17 17

  
18 18
// Create new admin object and print admin header
19
require('../../config.php');
20
require_once(WB_PATH.'/framework/class.admin.php');
19
//require('../../config.php');
20
//require_once(WB_PATH.'/framework/class.admin.php');
21
// Create new admin object and print admin header
22
if(!defined('WB_URL'))
23
{
24
    $config_file = realpath('../../config.php');
25
    if(file_exists($config_file) && !defined('WB_URL'))
26
    {
27
    	require($config_file);
28
    }
29
}
30
if(!class_exists('admin', false)){ include(WB_PATH.'/framework/class.admin.php'); }
21 31
// suppress to print the header, so no new FTAN will be set
22 32
$admin = new admin('Pages', 'pages_add', false);
23 33
if (!$admin->checkFTAN())
......
178 188
$sql .= '`viewing_groups` = "'.$viewing_groups.'"';
179 189

  
180 190
$database->query($sql);
181
/*
182
$query = "INSERT INTO ".TABLE_PREFIX."pages
183
(page_title,menu_title,parent,template,target,position,visibility,searching,menu,language,admin_groups,viewing_groups,modified_when,modified_by) VALUES
184
('$title','$title','$parent','$template','_top','$position','$visibility','1','1','$language','$admin_groups','$viewing_groups','".time()."','".$admin->get_user_id()."')";
185
$database->query($query);
186
*/
191

  
187 192
if($database->is_error())
188 193
{
189 194
	$admin->print_error($database->get_error());
......
205 210
$sql .= '`level` = '.$level.', ';
206 211
$sql .= '`link` = "'.$link.'", ';
207 212
$sql .= '`page_trail` = "'.$page_trail.'"';
208
$sql .= (defined('PAGE_LANGUAGES') && PAGE_LANGUAGES)
213
$sql .= ((defined('PAGE_LANGUAGES') && PAGE_LANGUAGES)
209 214
         && $field_set
210 215
         && ($language == DEFAULT_LANGUAGE)
211
         && (file_exists(WB_PATH.'/modules/mod_multilingual/update_keys.php')
212
         )
213
         ? ', `page_code` = '.(int)$page_id.' ' : ' ';
216
         && class_exists('m_MultiLingual_Lib')
217
         ? ', `page_code` = '.(int)$page_id.' ' : ' ');
214 218
$sql .= 'WHERE `page_id` = '.$page_id;
215 219
$database->query($sql);
216 220
/*
......
220 224
{
221 225
	$admin->print_error($database->get_error());
222 226
}
223
// Create a new file in the /pages dir
224
create_access_file($filename, $page_id, $level);
225 227

  
226
if(!file_exists($filename)) {
227
	$admin->print_error($MESSAGE['PAGES_CANNOT_CREATE_ACCESS_FILE']);
228
}
229

  
230
// add position 1 to new page
228
// add position 1 to new page section
231 229
$position = 1;
232 230

  
233 231
// Add new record into the sections table
234
//$database->query("INSERT INTO ".TABLE_PREFIX."sections (page_id,position,module,block) VALUES ('$page_id','$position', '$module','1')");
235

  
236 232
// Insert module into DB
237 233
$sql  = 'INSERT INTO `'.TABLE_PREFIX.'sections` SET ';
238 234
$sql .= '`page_id` = '.(int)$page_id.', ';
......
251 247
	}
252 248
}
253 249

  
250
// Create a new file in the /pages dir
251
create_access_file($filename, $page_id, $level);
252

  
253
if(!file_exists($filename)) {
254
	$admin->print_error($MESSAGE['PAGES_CANNOT_CREATE_ACCESS_FILE']);
255
}
256

  
254 257
// Check if there is a db error, otherwise say successful
255 258
if($database->is_error()) {
256 259
	$admin->print_error($database->get_error().' (sections)');

Also available in: Unified diff