1 | <?php |
---|
2 | |
---|
3 | if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!'); |
---|
4 | |
---|
5 | if (!isset($edited_page)) |
---|
6 | { |
---|
7 | $page_title = l10n('ap_create'); |
---|
8 | $default_user = get_default_user_info(true); |
---|
9 | $edited_page = array( |
---|
10 | 'id' => 0, |
---|
11 | 'title' => '', |
---|
12 | 'permalink' => '', |
---|
13 | 'homepage' => false, |
---|
14 | 'standalone' => false, |
---|
15 | 'level' => $default_user['level'], |
---|
16 | 'users' => array('guest', 'generic', 'normal', 'admin', 'webmaster'), |
---|
17 | 'groups' => array(), |
---|
18 | 'content' => '', |
---|
19 | ); |
---|
20 | } |
---|
21 | |
---|
22 | // Submit form |
---|
23 | if (isset($_POST['save'])) |
---|
24 | { |
---|
25 | if (empty($_POST['title'])) |
---|
26 | { |
---|
27 | array_push($page['errors'], l10n('ap_no_name')); |
---|
28 | } |
---|
29 | if (!empty($_POST['permalink'])) |
---|
30 | { |
---|
31 | $permalink = trim($_POST['permalink'], ' /'); |
---|
32 | $permalink = str_replace(array(' ', '/'), '_',$permalink); |
---|
33 | |
---|
34 | $query =' |
---|
35 | SELECT id FROM '.ADD_PAGES_TABLE.' |
---|
36 | WHERE permalink = "'.$permalink.'" |
---|
37 | AND id <> '.$edited_page['id'].' |
---|
38 | ;'; |
---|
39 | $ids = array_from_query($query, 'id'); |
---|
40 | if (!empty($ids)) |
---|
41 | { |
---|
42 | array_push($page['errors'], sprintf(l10n('ap_permalink_already_used'), $permalink, $ids[0])); |
---|
43 | } |
---|
44 | $permalink = '"'.$permalink.'"'; |
---|
45 | } |
---|
46 | else |
---|
47 | { |
---|
48 | $permalink = 'NULL'; |
---|
49 | } |
---|
50 | |
---|
51 | $language = $_POST['lang'] != 'ALL' ? '"'.$_POST['lang'].'"' : 'NULL'; |
---|
52 | $group_access = !empty($_POST['groups']) ? '"'.implode(',', $_POST['groups']).'"' : 'NULL'; |
---|
53 | $standalone = isset($_POST['standalone']) ? '"true"' : '"false"'; |
---|
54 | |
---|
55 | $user_access = 'NULL'; |
---|
56 | if ($conf['additional_pages']['user_perm']) |
---|
57 | { |
---|
58 | $user_access = !empty($_POST['users']) ? '"'.implode(',', $_POST['users']).'"' : '""'; |
---|
59 | } |
---|
60 | |
---|
61 | $level_access = !empty($_POST['level']) ? $_POST['level'] : 'NULL'; |
---|
62 | |
---|
63 | if (empty($page['errors'])) |
---|
64 | { |
---|
65 | if ($page['tab'] == 'edit_page') |
---|
66 | { |
---|
67 | $query = ' |
---|
68 | UPDATE '.ADD_PAGES_TABLE.' |
---|
69 | SET lang = '.$language.', |
---|
70 | title = "'.$_POST['title'].'", |
---|
71 | content = "'.$_POST['ap_content'].'", |
---|
72 | users = '.$user_access.', |
---|
73 | groups = '.$group_access.', |
---|
74 | level = '.$level_access.', |
---|
75 | permalink = '.$permalink.', |
---|
76 | standalone = '.$standalone.' |
---|
77 | WHERE id = '.$edited_page['id'] .' |
---|
78 | ;'; |
---|
79 | pwg_query($query); |
---|
80 | } |
---|
81 | else |
---|
82 | { |
---|
83 | $query = 'SELECT MAX(ABS(pos)) AS pos FROM ' . ADD_PAGES_TABLE . ';'; |
---|
84 | list($position) = array_from_query($query, 'pos'); |
---|
85 | |
---|
86 | $query = ' |
---|
87 | INSERT INTO '.ADD_PAGES_TABLE.' ( pos , lang , title , content , users , groups , level , permalink, standalone) |
---|
88 | VALUES ( |
---|
89 | '.($position+1).', |
---|
90 | '.$language.', |
---|
91 | "'.$_POST['title'].'", |
---|
92 | "'.$_POST['ap_content'].'", |
---|
93 | '.$user_access.', |
---|
94 | '.$group_access.', |
---|
95 | '.$level_access.', |
---|
96 | '.$permalink.', |
---|
97 | '.$standalone.' |
---|
98 | );'; |
---|
99 | pwg_query($query); |
---|
100 | $edited_page['id'] = mysql_insert_id(); |
---|
101 | } |
---|
102 | |
---|
103 | // Homepage |
---|
104 | if (isset($_POST['homepage']) xor $conf['additional_pages']['homepage'] == $edited_page['id']) |
---|
105 | { |
---|
106 | $conf['additional_pages']['homepage'] = isset($_POST['homepage']) ? $edited_page['id'] : null; |
---|
107 | conf_update_param('additional_pages', pwg_db_real_escape_string(serialize($conf['additional_pages']))); |
---|
108 | } |
---|
109 | |
---|
110 | // Backup file |
---|
111 | mkgetdir($conf['local_data_dir'], MKGETDIR_DEFAULT&~MKGETDIR_DIE_ON_ERROR); |
---|
112 | mkgetdir($conf['local_data_dir'].'/additional_pages_backup', MKGETDIR_PROTECT_HTACCESS&~MKGETDIR_DIE_ON_ERROR); |
---|
113 | $sav_file = @fopen($conf['local_data_dir'].'/additional_pages_backup/' . $edited_page['id'] . '.txt', "w"); |
---|
114 | @fwrite($sav_file, "Title: ".$_POST['title']."\nPermalink: ".$_POST['permalink']."\nLanguage: ".$_POST['lang']."\n\n" . $_POST['ap_content']); |
---|
115 | @fclose($sav_file); |
---|
116 | |
---|
117 | // Redirect to admin pannel or additional page |
---|
118 | if (isset($_GET['redirect'])) |
---|
119 | { |
---|
120 | redirect(make_index_url() . '/page/' . $edited_page['id']); |
---|
121 | } |
---|
122 | redirect($my_base_url.'&page_saved='); |
---|
123 | } |
---|
124 | |
---|
125 | $edited_page['title'] = stripslashes($_POST['title']); |
---|
126 | $edited_page['permalink'] = stripslashes($_POST['permalink']); |
---|
127 | $edited_page['lang'] = $_POST['lang']; |
---|
128 | $edited_page['content'] = stripslashes($_POST['ap_content']); |
---|
129 | $edited_page['groups'] = !empty($_POST['groups']) ? $_POST['groups'] : array(); |
---|
130 | $edited_page['users'] = !empty($_POST['users']) ? $_POST['users'] : array(); |
---|
131 | $edited_page['level'] = $_POST['level']; |
---|
132 | $edited_page['homepage'] = isset($_POST['homepage']); |
---|
133 | $edited_page['standalone'] = isset($_POST['standalone']); |
---|
134 | } |
---|
135 | |
---|
136 | // Language options |
---|
137 | $options['ALL'] = l10n('ap_all_lang'); |
---|
138 | $selected = 'ALL'; |
---|
139 | foreach (get_languages() as $language_code => $language_name) |
---|
140 | { |
---|
141 | $options[$language_code] = $language_name; |
---|
142 | if (isset($edited_page['lang']) and $edited_page['lang'] == $language_code) |
---|
143 | { |
---|
144 | $selected = $language_code; |
---|
145 | } |
---|
146 | } |
---|
147 | $template->assign('lang', array( |
---|
148 | 'OPTIONS' => $options, |
---|
149 | 'SELECTED' => $selected)); |
---|
150 | |
---|
151 | // Groups options |
---|
152 | if ($conf['additional_pages']['group_perm']) |
---|
153 | { |
---|
154 | $query = 'SELECT id, name FROM '.GROUPS_TABLE.' ORDER BY name ASC;'; |
---|
155 | $result = pwg_query($query); |
---|
156 | $groups = array(); |
---|
157 | while ($row = pwg_db_fetch_assoc($result)) |
---|
158 | { |
---|
159 | $groups[$row['id']] = $row['name']; |
---|
160 | } |
---|
161 | $template->assign(array( |
---|
162 | 'groups' => $groups, |
---|
163 | 'selected_groups' => $edited_page['groups'], |
---|
164 | ) |
---|
165 | ); |
---|
166 | } |
---|
167 | |
---|
168 | // Users options |
---|
169 | if ($conf['additional_pages']['user_perm']) |
---|
170 | { |
---|
171 | $users_id = array('guest', 'generic', 'normal', 'admin', 'webmaster'); |
---|
172 | $users = array(); |
---|
173 | foreach ($users_id as $id) |
---|
174 | { |
---|
175 | $users[$id] = l10n('user_status_'.$id); |
---|
176 | } |
---|
177 | $template->assign(array( |
---|
178 | 'users' => $users, |
---|
179 | 'selected_users' => $edited_page['users'], |
---|
180 | ) |
---|
181 | ); |
---|
182 | } |
---|
183 | |
---|
184 | // User level options |
---|
185 | if ($conf['additional_pages']['level_perm']) |
---|
186 | { |
---|
187 | foreach ($conf['available_permission_levels'] as $level) |
---|
188 | { |
---|
189 | $level_options[$level] = l10n(sprintf('Level %d', $level)); |
---|
190 | } |
---|
191 | $template->assign(array( |
---|
192 | 'level_perm' => $level_options, |
---|
193 | 'level_selected' => $edited_page['level'] |
---|
194 | ) |
---|
195 | ); |
---|
196 | } |
---|
197 | |
---|
198 | // template output |
---|
199 | $template->assign(array( |
---|
200 | 'AP_TITLE' => $page_title, |
---|
201 | 'NAME' => $edited_page['title'], |
---|
202 | 'PERMALINK' => $edited_page['permalink'], |
---|
203 | 'HOMEPAGE' => $edited_page['homepage'], |
---|
204 | 'STANDALONE' => $edited_page['standalone'], |
---|
205 | 'CONTENT' => $edited_page['content'])); |
---|
206 | |
---|
207 | $template->set_filename('plugin_admin_content', dirname(__FILE__) . '/template/add_page.tpl'); |
---|
208 | $template->assign_var_from_handle('ADMIN_CONTENT', 'plugin_admin_content'); |
---|
209 | |
---|
210 | ?> |
---|