Changeset 9312


Ignore:
Timestamp:
02/20/11 00:21:05 (9 years ago)
Author:
patdenice
Message:

Code comment.

Location:
extensions/AdditionalPages
Files:
5 edited

Legend:

Unmodified
Added
Removed
  • extensions/AdditionalPages/additional_page.php

    r9310 r9312  
    55global $template, $user; 
    66 
    7 $page['section'] = 'additional_page'; 
    87$identifier = $page['ap_homepage'] ? $conf['additional_pages']['homepage'] : $tokens[1]; 
    98 
     
    2120$row = pwg_db_fetch_assoc(pwg_query($query)); 
    2221 
     22// Page not found 
    2323if (empty($row)) 
    2424{ 
     
    2727} 
    2828 
     29// Redirect with permalink if exist 
    2930if (is_numeric($identifier) and !empty($row['permalink']) and !$page['ap_homepage']) 
    3031{ 
     
    3233} 
    3334 
    34 if (!$page['ap_homepage'] and $row['id'] == $conf['additional_pages']['homepage']) 
     35// Access controls 
     36if (!is_admin() or (!is_admin() xor $page['ap_homepage'])) 
    3537{ 
    36   redirect(make_index_url()); 
    37 } 
     38  // authorized level 
     39  if ($user['level'] < $row['level']) 
     40  { 
     41    page_forbidden(l10n('You are not authorized to access the requested page')); 
     42  } 
    3843 
    39 $page['additional_page'] = array( 
    40   'id' => $row['id'], 
    41   'permalink' => @$row['permalink'], 
    42   'title' => trigger_event('AP_render_content', $row['title']), 
    43   'content' => trigger_event('AP_render_content', $row['content']), 
    44   'standalone' => ($row['standalone'] == 'true') 
    45 ); 
    46  
    47 if (!is_admin() and !$page['ap_homepage']) 
    48 { 
    4944  // authorized users 
    50   if (!empty($row['users'])) 
     45  if (isset($row['users'])) 
    5146  { 
    5247    $authorized_users = explode(',', $row['users']); 
    53     if (!is_admin() and $conf['additional_pages']['user_perm'] and !in_array($user['status'], $authorized_users)) 
     48    if (!in_array($user['status'], $authorized_users)) 
    5449    { 
    5550      if ($page['ap_homepage']) return; 
     
    6156  if (!empty($row['groups'])) 
    6257  { 
    63     $q = 'SELECT * 
    64   FROM ' . USER_GROUP_TABLE . ' 
    65   WHERE user_id = ' . $user['id'] . ' AND group_id IN (' . $row['groups'] . ');'; 
    66     $array = mysql_fetch_array(pwg_query($q)); 
    67     if (!is_admin() and $conf['additional_pages']['group_perm'] and empty($array)) 
     58    $query = 'SELECT group_id 
     59FROM ' . USER_GROUP_TABLE . ' 
     60WHERE user_id = ' . $user['id'] . ' 
     61  AND group_id IN (' . $row['groups'] . ') 
     62;'; 
     63    $groups = array_from_query($query, 'group_id'); 
     64    if (empty($groups)) 
    6865    { 
    6966      if ($page['ap_homepage']) return; 
     
    7168    } 
    7269  } 
    73  
    74   // authorized level 
    75   if ($user['level'] < $row['level']) 
    76   { 
    77     page_forbidden(l10n('You are not authorized to access the requested page')); 
    78   } 
    7970} 
    8071 
    8172// Display standalone page 
    82 if ($page['additional_page']['standalone']) 
     73if ($row['standalone'] == 'true') 
    8374{ 
    84   echo $page['additional_page']['content']; 
     75  echo $row['content']; 
    8576  exit; 
    8677} 
     78 
     79// Page initilization 
     80$page['section'] = 'additional_page'; 
     81 
     82$page['additional_page'] = array( 
     83  'id' => $row['id'], 
     84  'permalink' => @$row['permalink'], 
     85  'title' => trigger_event('AP_render_content', $row['title']), 
     86  'content' => trigger_event('AP_render_content', $row['content']), 
     87); 
    8788 
    8889add_event_handler('loc_end_index', 'ap_set_index'); 
  • extensions/AdditionalPages/admin/add_page.inc.php

    r9310 r9312  
    2020} 
    2121 
    22 // Enregistrement 
     22// Submit form 
    2323if (isset($_POST['save'])) 
    2424{ 
     
    106106    } 
    107107 
    108     // Enregistrement du fichier de sauvegarde 
     108    // Backup file 
    109109    mkgetdir($conf['local_data_dir'], MKGETDIR_DEFAULT&~MKGETDIR_DIE_ON_ERROR); 
    110     mkgetdir($conf['local_data_dir'].'/additional_pages_backup', MKGETDIR_DEFAULT&~MKGETDIR_DIE_ON_ERROR); 
     110    mkgetdir($conf['local_data_dir'].'/additional_pages_backup', MKGETDIR_PROTECT_HTACCESS&~MKGETDIR_DIE_ON_ERROR); 
    111111    $sav_file = @fopen($conf['local_data_dir'].'/additional_pages_backup/' . $edited_page['id'] . '.txt', "w"); 
    112112    @fwrite($sav_file, "Title: ".$_POST['title']."\nPermalink: ".$_POST['permalink']."\nLanguage: ".$_POST['lang']."\n\n" . $_POST['ap_content']); 
    113113    @fclose($sav_file); 
    114114 
     115    // Redirect to admin pannel or additional page 
    115116    if (isset($_GET['redirect'])) 
    116117    { 
     
    131132} 
    132133 
    133 // Selection des langues 
     134// Language options 
    134135$options['ALL'] = l10n('ap_all_lang'); 
    135136$selected = 'ALL'; 
  • extensions/AdditionalPages/admin/edit_page.inc.php

    r9310 r9312  
    88} 
    99 
    10 // Suppression 
     10// Delete 
    1111if (isset($_REQUEST['delete']) and isset($_GET['edit'])) 
    1212{ 
    1313        pwg_query('DELETE FROM ' . ADD_PAGES_TABLE . ' WHERE id = ' . $_GET['edit'] . ';'); 
    1414  @unlink($conf['local_data_dir'].'/additional_pages_backup/' . $_GET['edit'] . '.txt'); 
     15 
    1516  if ($conf['additional_pages']['homepage'] == $_GET['edit']) 
    1617  { 
     
    1819    conf_update_param('additional_pages', pwg_db_real_escape_string(serialize($conf['additional_pages']))); 
    1920  } 
     21 
    2022  redirect($my_base_url.'&page_deleted='); 
    2123} 
    2224 
    23 $q = 'SELECT id , lang , title , content , users , groups , level , permalink, standalone 
     25// Load page data 
     26$query = ' 
     27SELECT id , lang , title , content , users , groups , level , permalink, standalone 
    2428FROM ' . ADD_PAGES_TABLE . ' 
    25 WHERE id = '.$_GET['edit'].';'; 
     29WHERE id = '.$_GET['edit'].' 
     30;'; 
     31$edited_page = pwg_db_fetch_assoc(pwg_query($query)); 
    2632 
    27 $edited_page = pwg_db_fetch_assoc(pwg_query($q)); 
    28 $page_title = l10n('ap_modify'); 
    2933$edited_page['users'] = !empty($edited_page['users']) ? explode(',', $edited_page['users']) : array(); 
    3034$edited_page['groups'] = !empty($edited_page['groups']) ? explode(',', $edited_page['groups']) : array(); 
     
    3236$edited_page['standalone'] = ($edited_page['standalone'] == 'true'); 
    3337 
    34 // Lien de suppression 
    3538$template->assign('delete', true); 
     39$page_title = l10n('ap_modify'); 
    3640 
    3741include(AP_PATH.'admin/add_page.inc.php'); 
  • extensions/AdditionalPages/admin/template/add_page.tpl

    r9310 r9312  
    9494      <div> 
    9595        <a href="#" onClick="jQuery('input[name^=\'groups\']').attr('checked', 'checked');return false;">{'ap_select_all'|@translate}</a> / 
    96         <a href="#" onClick="jQuery('input[name^=\'groups\']').attr('checked', '');return false;">{'ap_unselect_all'|@translate}</a> 
     96        <a href="#" onClick="jQuery('input[name^=\'groups\']').attr('checked', '');return false;">{'ap_unselect_all'|@translate}</a> &nbsp;  
     97        <i>{'ap_guest'|@translate}</i> 
    9798      </div> 
    9899    </li> 
     
    112113                <input class="submit" type="submit" value="{'ap_save'|@translate}" name="save"> 
    113114                {if isset($delete)} 
    114                 <input class="submit" type="submit" value="{'ap_delete'|@translate}" name="delete" onclick="return confirm('Are you sure?'|@translate);"/> 
     115                <input class="submit" type="submit" value="{'ap_delete'|@translate}" name="delete" onclick="return confirm('{'Are you sure?'|@translate}');"/> 
    115116                {/if} 
    116117                </tr> 
  • extensions/AdditionalPages/main.inc.php

    r9310 r9312  
    1919$conf['additional_pages'] = @unserialize($conf['additional_pages']); 
    2020 
     21// Need upgrade? 
    2122if (!isset($conf['additional_pages']['level_perm'])) 
    2223  include(AP_PATH.'admin/upgrade.inc.php'); 
    2324 
     25// Admin menu 
    2426function additional_pages_admin_menu($menu) 
    2527{ 
     
    3032} 
    3133 
     34// Section init 
    3235function section_init_additional_page() 
    3336{ 
     
    4346} 
    4447 
     48// Menubar 
    4549function register_ap_menubar_blocks($menu_ref_arr) 
    4650{ 
     
    5862  if ( ($block = $menu->get_block( 'mbAdditionalPages' ) ) != null ) 
    5963  { 
    60     $query = 'SELECT DISTINCT id, title, permalink, GROUP_CONCAT(groups) 
     64    $query = 'SELECT DISTINCT id, title, permalink 
    6165FROM ' . ADD_PAGES_TABLE . ' 
    6266LEFT JOIN ' . USER_GROUP_TABLE . ' 
    6367  ON user_id = '.$user['id'].' 
    64 WHERE (lang = "' . $user['language'] . '" OR lang IS NULL) 
     68WHERE (lang IS NULL OR lang = "'.$user['language'].'") 
    6569  AND (users IS NULL OR users LIKE "%'.$user['status'].'%") 
    6670  AND (groups IS NULL OR groups REGEXP CONCAT("(^|,)",group_id,"(,|$)")) 
Note: See TracChangeset for help on using the changeset viewer.