Changeset 9312
- Timestamp:
- Feb 20, 2011, 12:21:05 AM (13 years ago)
- Location:
- extensions/AdditionalPages
- Files:
-
- 5 edited
Legend:
- Unmodified
- Added
- Removed
-
extensions/AdditionalPages/additional_page.php
r9310 r9312 5 5 global $template, $user; 6 6 7 $page['section'] = 'additional_page';8 7 $identifier = $page['ap_homepage'] ? $conf['additional_pages']['homepage'] : $tokens[1]; 9 8 … … 21 20 $row = pwg_db_fetch_assoc(pwg_query($query)); 22 21 22 // Page not found 23 23 if (empty($row)) 24 24 { … … 27 27 } 28 28 29 // Redirect with permalink if exist 29 30 if (is_numeric($identifier) and !empty($row['permalink']) and !$page['ap_homepage']) 30 31 { … … 32 33 } 33 34 34 if (!$page['ap_homepage'] and $row['id'] == $conf['additional_pages']['homepage']) 35 // Access controls 36 if (!is_admin() or (!is_admin() xor $page['ap_homepage'])) 35 37 { 36 redirect(make_index_url()); 37 } 38 // authorized level 39 if ($user['level'] < $row['level']) 40 { 41 page_forbidden(l10n('You are not authorized to access the requested page')); 42 } 38 43 39 $page['additional_page'] = array(40 'id' => $row['id'],41 'permalink' => @$row['permalink'],42 'title' => trigger_event('AP_render_content', $row['title']),43 'content' => trigger_event('AP_render_content', $row['content']),44 'standalone' => ($row['standalone'] == 'true')45 );46 47 if (!is_admin() and !$page['ap_homepage'])48 {49 44 // authorized users 50 if ( !empty($row['users']))45 if (isset($row['users'])) 51 46 { 52 47 $authorized_users = explode(',', $row['users']); 53 if (!i s_admin() and $conf['additional_pages']['user_perm'] and !in_array($user['status'], $authorized_users))48 if (!in_array($user['status'], $authorized_users)) 54 49 { 55 50 if ($page['ap_homepage']) return; … … 61 56 if (!empty($row['groups'])) 62 57 { 63 $q = 'SELECT * 64 FROM ' . USER_GROUP_TABLE . ' 65 WHERE user_id = ' . $user['id'] . ' AND group_id IN (' . $row['groups'] . ');'; 66 $array = mysql_fetch_array(pwg_query($q)); 67 if (!is_admin() and $conf['additional_pages']['group_perm'] and empty($array)) 58 $query = 'SELECT group_id 59 FROM ' . USER_GROUP_TABLE . ' 60 WHERE user_id = ' . $user['id'] . ' 61 AND group_id IN (' . $row['groups'] . ') 62 ;'; 63 $groups = array_from_query($query, 'group_id'); 64 if (empty($groups)) 68 65 { 69 66 if ($page['ap_homepage']) return; … … 71 68 } 72 69 } 73 74 // authorized level75 if ($user['level'] < $row['level'])76 {77 page_forbidden(l10n('You are not authorized to access the requested page'));78 }79 70 } 80 71 81 72 // Display standalone page 82 if ($ page['additional_page']['standalone'])73 if ($row['standalone'] == 'true') 83 74 { 84 echo $ page['additional_page']['content'];75 echo $row['content']; 85 76 exit; 86 77 } 78 79 // Page initilization 80 $page['section'] = 'additional_page'; 81 82 $page['additional_page'] = array( 83 'id' => $row['id'], 84 'permalink' => @$row['permalink'], 85 'title' => trigger_event('AP_render_content', $row['title']), 86 'content' => trigger_event('AP_render_content', $row['content']), 87 ); 87 88 88 89 add_event_handler('loc_end_index', 'ap_set_index'); -
extensions/AdditionalPages/admin/add_page.inc.php
r9310 r9312 20 20 } 21 21 22 // Enregistrement22 // Submit form 23 23 if (isset($_POST['save'])) 24 24 { … … 106 106 } 107 107 108 // Enregistrement du fichier de sauvegarde108 // Backup file 109 109 mkgetdir($conf['local_data_dir'], MKGETDIR_DEFAULT&~MKGETDIR_DIE_ON_ERROR); 110 mkgetdir($conf['local_data_dir'].'/additional_pages_backup', MKGETDIR_ DEFAULT&~MKGETDIR_DIE_ON_ERROR);110 mkgetdir($conf['local_data_dir'].'/additional_pages_backup', MKGETDIR_PROTECT_HTACCESS&~MKGETDIR_DIE_ON_ERROR); 111 111 $sav_file = @fopen($conf['local_data_dir'].'/additional_pages_backup/' . $edited_page['id'] . '.txt', "w"); 112 112 @fwrite($sav_file, "Title: ".$_POST['title']."\nPermalink: ".$_POST['permalink']."\nLanguage: ".$_POST['lang']."\n\n" . $_POST['ap_content']); 113 113 @fclose($sav_file); 114 114 115 // Redirect to admin pannel or additional page 115 116 if (isset($_GET['redirect'])) 116 117 { … … 131 132 } 132 133 133 // Selection des langues134 // Language options 134 135 $options['ALL'] = l10n('ap_all_lang'); 135 136 $selected = 'ALL'; -
extensions/AdditionalPages/admin/edit_page.inc.php
r9310 r9312 8 8 } 9 9 10 // Suppression10 // Delete 11 11 if (isset($_REQUEST['delete']) and isset($_GET['edit'])) 12 12 { 13 13 pwg_query('DELETE FROM ' . ADD_PAGES_TABLE . ' WHERE id = ' . $_GET['edit'] . ';'); 14 14 @unlink($conf['local_data_dir'].'/additional_pages_backup/' . $_GET['edit'] . '.txt'); 15 15 16 if ($conf['additional_pages']['homepage'] == $_GET['edit']) 16 17 { … … 18 19 conf_update_param('additional_pages', pwg_db_real_escape_string(serialize($conf['additional_pages']))); 19 20 } 21 20 22 redirect($my_base_url.'&page_deleted='); 21 23 } 22 24 23 $q = 'SELECT id , lang , title , content , users , groups , level , permalink, standalone 25 // Load page data 26 $query = ' 27 SELECT id , lang , title , content , users , groups , level , permalink, standalone 24 28 FROM ' . ADD_PAGES_TABLE . ' 25 WHERE id = '.$_GET['edit'].';'; 29 WHERE id = '.$_GET['edit'].' 30 ;'; 31 $edited_page = pwg_db_fetch_assoc(pwg_query($query)); 26 32 27 $edited_page = pwg_db_fetch_assoc(pwg_query($q));28 $page_title = l10n('ap_modify');29 33 $edited_page['users'] = !empty($edited_page['users']) ? explode(',', $edited_page['users']) : array(); 30 34 $edited_page['groups'] = !empty($edited_page['groups']) ? explode(',', $edited_page['groups']) : array(); … … 32 36 $edited_page['standalone'] = ($edited_page['standalone'] == 'true'); 33 37 34 // Lien de suppression35 38 $template->assign('delete', true); 39 $page_title = l10n('ap_modify'); 36 40 37 41 include(AP_PATH.'admin/add_page.inc.php'); -
extensions/AdditionalPages/admin/template/add_page.tpl
r9310 r9312 94 94 <div> 95 95 <a href="#" onClick="jQuery('input[name^=\'groups\']').attr('checked', 'checked');return false;">{'ap_select_all'|@translate}</a> / 96 <a href="#" onClick="jQuery('input[name^=\'groups\']').attr('checked', '');return false;">{'ap_unselect_all'|@translate}</a> 96 <a href="#" onClick="jQuery('input[name^=\'groups\']').attr('checked', '');return false;">{'ap_unselect_all'|@translate}</a> 97 <i>{'ap_guest'|@translate}</i> 97 98 </div> 98 99 </li> … … 112 113 <input class="submit" type="submit" value="{'ap_save'|@translate}" name="save"> 113 114 {if isset($delete)} 114 <input class="submit" type="submit" value="{'ap_delete'|@translate}" name="delete" onclick="return confirm(' Are you sure?'|@translate);"/>115 <input class="submit" type="submit" value="{'ap_delete'|@translate}" name="delete" onclick="return confirm('{'Are you sure?'|@translate}');"/> 115 116 {/if} 116 117 </tr> -
extensions/AdditionalPages/main.inc.php
r9310 r9312 19 19 $conf['additional_pages'] = @unserialize($conf['additional_pages']); 20 20 21 // Need upgrade? 21 22 if (!isset($conf['additional_pages']['level_perm'])) 22 23 include(AP_PATH.'admin/upgrade.inc.php'); 23 24 25 // Admin menu 24 26 function additional_pages_admin_menu($menu) 25 27 { … … 30 32 } 31 33 34 // Section init 32 35 function section_init_additional_page() 33 36 { … … 43 46 } 44 47 48 // Menubar 45 49 function register_ap_menubar_blocks($menu_ref_arr) 46 50 { … … 58 62 if ( ($block = $menu->get_block( 'mbAdditionalPages' ) ) != null ) 59 63 { 60 $query = 'SELECT DISTINCT id, title, permalink , GROUP_CONCAT(groups)64 $query = 'SELECT DISTINCT id, title, permalink 61 65 FROM ' . ADD_PAGES_TABLE . ' 62 66 LEFT JOIN ' . USER_GROUP_TABLE . ' 63 67 ON user_id = '.$user['id'].' 64 WHERE (lang = "' . $user['language'] . '" OR lang IS NULL)68 WHERE (lang IS NULL OR lang = "'.$user['language'].'") 65 69 AND (users IS NULL OR users LIKE "%'.$user['status'].'%") 66 70 AND (groups IS NULL OR groups REGEXP CONCAT("(^|,)",group_id,"(,|$)"))
Note: See TracChangeset
for help on using the changeset viewer.