1 | <?php |
---|
2 | |
---|
3 | if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!'); |
---|
4 | |
---|
5 | if (!isset($edited_page)) |
---|
6 | { |
---|
7 | $page_title = l10n('ap_create'); |
---|
8 | |
---|
9 | $edited_page = array( |
---|
10 | 'id' => 0, |
---|
11 | 'title' => '', |
---|
12 | 'permalink' => '', |
---|
13 | 'lang' => 'ALL', |
---|
14 | 'homepage' => false, |
---|
15 | 'standalone' => false, |
---|
16 | 'level' => 0, |
---|
17 | 'users' => array('guest', 'generic', 'normal', 'admin', 'webmaster'), |
---|
18 | 'groups' => array(), |
---|
19 | 'content' => '', |
---|
20 | ); |
---|
21 | } |
---|
22 | |
---|
23 | // Submit form |
---|
24 | if (isset($_POST['save'])) |
---|
25 | { |
---|
26 | if (empty($_POST['title'])) |
---|
27 | { |
---|
28 | array_push($page['errors'], l10n('ap_no_name')); |
---|
29 | } |
---|
30 | if (!empty($_POST['permalink'])) |
---|
31 | { |
---|
32 | $permalink = trim($_POST['permalink'], ' /'); |
---|
33 | $permalink = str_replace(array(' ', '/'), '_',$permalink); |
---|
34 | |
---|
35 | $query =' |
---|
36 | SELECT id FROM '.ADD_PAGES_TABLE.' |
---|
37 | WHERE permalink = "'.$permalink.'" |
---|
38 | AND id <> '.$edited_page['id'].' |
---|
39 | ;'; |
---|
40 | $ids = array_from_query($query, 'id'); |
---|
41 | if (!empty($ids)) |
---|
42 | { |
---|
43 | array_push($page['errors'], sprintf(l10n('ap_permalink_already_used'), $permalink, $ids[0])); |
---|
44 | } |
---|
45 | $permalink = '"'.$permalink.'"'; |
---|
46 | } |
---|
47 | else |
---|
48 | { |
---|
49 | $permalink = 'NULL'; |
---|
50 | } |
---|
51 | |
---|
52 | $language = (empty($_POST['lang']) or $_POST['lang'] == 'ALL') ? 'NULL' : '"'.$_POST['lang'].'"'; |
---|
53 | $group_access = !empty($_POST['groups']) ? '"'.implode(',', $_POST['groups']).'"' : 'NULL'; |
---|
54 | $standalone = isset($_POST['standalone']) ? '"true"' : '"false"'; |
---|
55 | |
---|
56 | $user_access = 'NULL'; |
---|
57 | if ($conf['AP']['user_perm']) |
---|
58 | { |
---|
59 | $user_access = !empty($_POST['users']) ? '"'.implode(',', $_POST['users']).'"' : '""'; |
---|
60 | } |
---|
61 | |
---|
62 | $level_access = !empty($_POST['level']) ? $_POST['level'] : 0; |
---|
63 | |
---|
64 | if (empty($page['errors'])) |
---|
65 | { |
---|
66 | if ($page['tab'] == 'edit_page') |
---|
67 | { |
---|
68 | $query = ' |
---|
69 | UPDATE '.ADD_PAGES_TABLE.' |
---|
70 | SET lang = '.$language.', |
---|
71 | title = "'.$_POST['title'].'", |
---|
72 | content = "'.$_POST['ap_content'].'", |
---|
73 | users = '.$user_access.', |
---|
74 | groups = '.$group_access.', |
---|
75 | level = '.$level_access.', |
---|
76 | permalink = '.$permalink.', |
---|
77 | standalone = '.$standalone.' |
---|
78 | WHERE id = '.$edited_page['id'] .' |
---|
79 | ;'; |
---|
80 | pwg_query($query); |
---|
81 | } |
---|
82 | else |
---|
83 | { |
---|
84 | $query = 'SELECT MAX(ABS(pos)) AS pos FROM ' . ADD_PAGES_TABLE . ';'; |
---|
85 | list($position) = array_from_query($query, 'pos'); |
---|
86 | |
---|
87 | $query = ' |
---|
88 | INSERT INTO '.ADD_PAGES_TABLE.' ( pos , lang , title , content , users , groups , level , permalink, standalone) |
---|
89 | VALUES ( |
---|
90 | '.($position+1).', |
---|
91 | '.$language.', |
---|
92 | "'.$_POST['title'].'", |
---|
93 | "'.$_POST['ap_content'].'", |
---|
94 | '.$user_access.', |
---|
95 | '.$group_access.', |
---|
96 | '.$level_access.', |
---|
97 | '.$permalink.', |
---|
98 | '.$standalone.' |
---|
99 | );'; |
---|
100 | pwg_query($query); |
---|
101 | $edited_page['id'] = pwg_db_insert_id(ADD_PAGES_TABLE, 'id'); |
---|
102 | } |
---|
103 | |
---|
104 | // Homepage |
---|
105 | if (isset($_POST['homepage']) xor $conf['AP']['homepage'] == $edited_page['id']) |
---|
106 | { |
---|
107 | $conf['AP']['homepage'] = isset($_POST['homepage']) ? $edited_page['id'] : null; |
---|
108 | conf_update_param('additional_pages', pwg_db_real_escape_string(serialize($conf['AP']))); |
---|
109 | } |
---|
110 | |
---|
111 | // Backup file |
---|
112 | mkgetdir($conf['local_data_dir'], MKGETDIR_DEFAULT&~MKGETDIR_DIE_ON_ERROR); |
---|
113 | mkgetdir($conf['local_data_dir'].'/additional_pages_backup', MKGETDIR_PROTECT_HTACCESS&~MKGETDIR_DIE_ON_ERROR); |
---|
114 | $sav_file = @fopen($conf['local_data_dir'].'/additional_pages_backup/' . $edited_page['id'] . '.txt', "w"); |
---|
115 | @fwrite($sav_file, "Title: ".stripslashes($_POST['title'])."\nPermalink: ".stripslashes($_POST['permalink'])."\n\n".stripslashes($_POST['ap_content'])); |
---|
116 | @fclose($sav_file); |
---|
117 | |
---|
118 | // Redirect to admin pannel or additional page |
---|
119 | if (isset($_GET['redirect'])) |
---|
120 | { |
---|
121 | redirect(make_index_url() . '/page/' . $edited_page['id']); |
---|
122 | } |
---|
123 | redirect($my_base_url.'&page_saved='); |
---|
124 | } |
---|
125 | |
---|
126 | $edited_page['title'] = stripslashes($_POST['title']); |
---|
127 | $edited_page['permalink'] = stripslashes($_POST['permalink']); |
---|
128 | $edited_page['content'] = stripslashes($_POST['ap_content']); |
---|
129 | $edited_page['lang'] = !empty($_POST['lang']) ? $_POST['lang'] : 'ALL'; |
---|
130 | $edited_page['groups'] = !empty($_POST['groups']) ? $_POST['groups'] : array(); |
---|
131 | $edited_page['users'] = !empty($_POST['users']) ? $_POST['users'] : array(); |
---|
132 | $edited_page['level'] = !empty($_POST['level']) ? $_POST['level'] : 0; |
---|
133 | $edited_page['homepage'] = isset($_POST['homepage']); |
---|
134 | $edited_page['standalone'] = isset($_POST['standalone']); |
---|
135 | } |
---|
136 | |
---|
137 | // Language options |
---|
138 | if ($conf['AP']['language_perm']) |
---|
139 | { |
---|
140 | $languages = get_languages(); |
---|
141 | $options = array('ALL' => l10n('ap_all_lang')); |
---|
142 | foreach ($languages as $language_code => $language_name) |
---|
143 | { |
---|
144 | $options[$language_code] = $language_name; |
---|
145 | } |
---|
146 | $template->assign(array( |
---|
147 | 'lang' => $options, |
---|
148 | 'selected_lang' => $edited_page['lang'], |
---|
149 | ) |
---|
150 | ); |
---|
151 | } |
---|
152 | |
---|
153 | // Groups options |
---|
154 | if ($conf['AP']['group_perm']) |
---|
155 | { |
---|
156 | $query = 'SELECT id, name FROM '.GROUPS_TABLE.' ORDER BY name ASC;'; |
---|
157 | $result = pwg_query($query); |
---|
158 | $groups = array(); |
---|
159 | while ($row = pwg_db_fetch_assoc($result)) |
---|
160 | { |
---|
161 | $groups[$row['id']] = $row['name']; |
---|
162 | } |
---|
163 | $template->assign(array( |
---|
164 | 'groups' => $groups, |
---|
165 | 'selected_groups' => $edited_page['groups'], |
---|
166 | ) |
---|
167 | ); |
---|
168 | } |
---|
169 | |
---|
170 | // Users options |
---|
171 | if ($conf['AP']['user_perm']) |
---|
172 | { |
---|
173 | $users_id = array('guest', 'generic', 'normal', 'admin', 'webmaster'); |
---|
174 | $users = array(); |
---|
175 | foreach ($users_id as $id) |
---|
176 | { |
---|
177 | $users[$id] = l10n('user_status_'.$id); |
---|
178 | } |
---|
179 | $template->assign(array( |
---|
180 | 'users' => $users, |
---|
181 | 'selected_users' => $edited_page['users'], |
---|
182 | ) |
---|
183 | ); |
---|
184 | } |
---|
185 | |
---|
186 | // User level options |
---|
187 | if ($conf['AP']['level_perm']) |
---|
188 | { |
---|
189 | foreach ($conf['available_permission_levels'] as $level) |
---|
190 | { |
---|
191 | $level_options[$level] = l10n(sprintf('Level %d', $level)); |
---|
192 | } |
---|
193 | $template->assign(array( |
---|
194 | 'level_perm' => $level_options, |
---|
195 | 'level_selected' => $edited_page['level'] |
---|
196 | ) |
---|
197 | ); |
---|
198 | } |
---|
199 | |
---|
200 | // template output |
---|
201 | $template->assign(array( |
---|
202 | 'AP_TITLE' => $page_title, |
---|
203 | 'NAME' => htmlspecialchars($edited_page['title']), |
---|
204 | 'PERMALINK' => htmlspecialchars($edited_page['permalink']), |
---|
205 | 'HOMEPAGE' => $edited_page['homepage'], |
---|
206 | 'STANDALONE' => $edited_page['standalone'], |
---|
207 | 'CONTENT' => htmlspecialchars($edited_page['content']) |
---|
208 | ) |
---|
209 | ); |
---|
210 | |
---|
211 | $template->set_filename('plugin_admin_content', dirname(__FILE__) . '/template/add_page.tpl'); |
---|
212 | $template->assign_var_from_handle('ADMIN_CONTENT', 'plugin_admin_content'); |
---|
213 | |
---|
214 | ?> |
---|