| 1 | <?php |
|---|
| 2 | |
|---|
| 3 | if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!'); |
|---|
| 4 | |
|---|
| 5 | global $template, $conf, $user; |
|---|
| 6 | |
|---|
| 7 | load_language('plugin.lang.php', AP_PATH); |
|---|
| 8 | |
|---|
| 9 | $ap_id = explode('additional_page/' , $_SERVER['REQUEST_URI']); |
|---|
| 10 | $ap_id = explode('&' , $ap_id[1]); |
|---|
| 11 | $ap_conf = explode ("," , $conf['additional_pages']); |
|---|
| 12 | |
|---|
| 13 | // Récupération des données de la page |
|---|
| 14 | $q = 'SELECT title , pos , text |
|---|
| 15 | FROM ' . ADD_PAGES_TABLE . ' |
|---|
| 16 | WHERE id = ' . $ap_id[0] . ';'; |
|---|
| 17 | $result = mysql_fetch_assoc(pwg_query($q)); |
|---|
| 18 | |
|---|
| 19 | if (empty($result)) |
|---|
| 20 | { |
|---|
| 21 | page_not_found('This page does not exist', 'index.php?'); |
|---|
| 22 | } |
|---|
| 23 | |
|---|
| 24 | // Utilisateurs autorisés |
|---|
| 25 | if (strpos($result['title'] , 'user_id=')) |
|---|
| 26 | { |
|---|
| 27 | $array = explode('/user_id=' , $result['title']); |
|---|
| 28 | $result['title'] = $array[0]; |
|---|
| 29 | $authorized_users = explode(',', $array[1]); |
|---|
| 30 | if (!is_admin() and $ap_conf[7] == 'on' and !in_array($user['status'], $authorized_users)) |
|---|
| 31 | { |
|---|
| 32 | page_not_found('User not allowed', 'index.php?'); |
|---|
| 33 | } |
|---|
| 34 | } |
|---|
| 35 | |
|---|
| 36 | // Groupe autorisé |
|---|
| 37 | if (strpos($result['title'] , 'group_id=')) |
|---|
| 38 | { |
|---|
| 39 | $array = explode('/group_id=' , $result['title']); |
|---|
| 40 | $result['title'] = $array[0]; |
|---|
| 41 | $authorized_groups = $array[1]; |
|---|
| 42 | |
|---|
| 43 | $q = 'SELECT * |
|---|
| 44 | FROM ' . USER_GROUP_TABLE . ' |
|---|
| 45 | WHERE user_id = ' . $user['id'] . ' AND group_id IN (' . $authorized_groups . ');'; |
|---|
| 46 | $array = mysql_fetch_array(pwg_query($q)); |
|---|
| 47 | if (!is_admin() and $ap_conf[6] == 'on' and empty($array)) |
|---|
| 48 | { |
|---|
| 49 | page_not_found('User not allowed', 'index.php?'); |
|---|
| 50 | } |
|---|
| 51 | } |
|---|
| 52 | |
|---|
| 53 | // Envoi de la page |
|---|
| 54 | $template->assign(array( |
|---|
| 55 | 'TITLE' => $result['title'], |
|---|
| 56 | 'PLUGIN_INDEX_CONTENT_BEGIN' => $result['text'])); |
|---|
| 57 | if (isset($ap_conf[2]) and $ap_conf[2] == 'on') |
|---|
| 58 | { |
|---|
| 59 | $template->assign('PLUGIN_INDEX_ACTIONS' , ' |
|---|
| 60 | <li><a href="' . make_index_url() . '" title="' . l10n('return to homepage') . '"> |
|---|
| 61 | <img src="' . $template->get_themeconf('icon_dir') . '/home.png" class="button" alt="' . l10n('home') . '"/></a> |
|---|
| 62 | </li>'); |
|---|
| 63 | } |
|---|
| 64 | if (is_admin()) |
|---|
| 65 | { |
|---|
| 66 | $template->assign('U_EDIT', PHPWG_ROOT_PATH . 'admin.php?page=plugin&section=' . AP_DIR . '%2Fadmin%2Fadd_page.php&edit=' . $ap_id[0]); |
|---|
| 67 | } |
|---|
| 68 | |
|---|
| 69 | $template->clear_assign(array('U_MODE_POSTED', 'U_MODE_CREATED')); |
|---|
| 70 | |
|---|
| 71 | ?> |
|---|
