Changeset 9312


Ignore:
Timestamp:
Feb 20, 2011, 12:21:05 AM (10 years ago)
Author:
patdenice
Message:

Code comment.

Location:
extensions/AdditionalPages
Files:
5 edited

Legend:

Unmodified
Added
Removed
  • extensions/AdditionalPages/additional_page.php

    r9310 r9312  
    55global $template, $user;
    66
    7 $page['section'] = 'additional_page';
    87$identifier = $page['ap_homepage'] ? $conf['additional_pages']['homepage'] : $tokens[1];
    98
     
    2120$row = pwg_db_fetch_assoc(pwg_query($query));
    2221
     22// Page not found
    2323if (empty($row))
    2424{
     
    2727}
    2828
     29// Redirect with permalink if exist
    2930if (is_numeric($identifier) and !empty($row['permalink']) and !$page['ap_homepage'])
    3031{
     
    3233}
    3334
    34 if (!$page['ap_homepage'] and $row['id'] == $conf['additional_pages']['homepage'])
     35// Access controls
     36if (!is_admin() or (!is_admin() xor $page['ap_homepage']))
    3537{
    36   redirect(make_index_url());
    37 }
     38  // authorized level
     39  if ($user['level'] < $row['level'])
     40  {
     41    page_forbidden(l10n('You are not authorized to access the requested page'));
     42  }
    3843
    39 $page['additional_page'] = array(
    40   'id' => $row['id'],
    41   'permalink' => @$row['permalink'],
    42   'title' => trigger_event('AP_render_content', $row['title']),
    43   'content' => trigger_event('AP_render_content', $row['content']),
    44   'standalone' => ($row['standalone'] == 'true')
    45 );
    46 
    47 if (!is_admin() and !$page['ap_homepage'])
    48 {
    4944  // authorized users
    50   if (!empty($row['users']))
     45  if (isset($row['users']))
    5146  {
    5247    $authorized_users = explode(',', $row['users']);
    53     if (!is_admin() and $conf['additional_pages']['user_perm'] and !in_array($user['status'], $authorized_users))
     48    if (!in_array($user['status'], $authorized_users))
    5449    {
    5550      if ($page['ap_homepage']) return;
     
    6156  if (!empty($row['groups']))
    6257  {
    63     $q = 'SELECT *
    64   FROM ' . USER_GROUP_TABLE . '
    65   WHERE user_id = ' . $user['id'] . ' AND group_id IN (' . $row['groups'] . ');';
    66     $array = mysql_fetch_array(pwg_query($q));
    67     if (!is_admin() and $conf['additional_pages']['group_perm'] and empty($array))
     58    $query = 'SELECT group_id
     59FROM ' . USER_GROUP_TABLE . '
     60WHERE user_id = ' . $user['id'] . '
     61  AND group_id IN (' . $row['groups'] . ')
     62;';
     63    $groups = array_from_query($query, 'group_id');
     64    if (empty($groups))
    6865    {
    6966      if ($page['ap_homepage']) return;
     
    7168    }
    7269  }
    73 
    74   // authorized level
    75   if ($user['level'] < $row['level'])
    76   {
    77     page_forbidden(l10n('You are not authorized to access the requested page'));
    78   }
    7970}
    8071
    8172// Display standalone page
    82 if ($page['additional_page']['standalone'])
     73if ($row['standalone'] == 'true')
    8374{
    84   echo $page['additional_page']['content'];
     75  echo $row['content'];
    8576  exit;
    8677}
     78
     79// Page initilization
     80$page['section'] = 'additional_page';
     81
     82$page['additional_page'] = array(
     83  'id' => $row['id'],
     84  'permalink' => @$row['permalink'],
     85  'title' => trigger_event('AP_render_content', $row['title']),
     86  'content' => trigger_event('AP_render_content', $row['content']),
     87);
    8788
    8889add_event_handler('loc_end_index', 'ap_set_index');
  • extensions/AdditionalPages/admin/add_page.inc.php

    r9310 r9312  
    2020}
    2121
    22 // Enregistrement
     22// Submit form
    2323if (isset($_POST['save']))
    2424{
     
    106106    }
    107107
    108     // Enregistrement du fichier de sauvegarde
     108    // Backup file
    109109    mkgetdir($conf['local_data_dir'], MKGETDIR_DEFAULT&~MKGETDIR_DIE_ON_ERROR);
    110     mkgetdir($conf['local_data_dir'].'/additional_pages_backup', MKGETDIR_DEFAULT&~MKGETDIR_DIE_ON_ERROR);
     110    mkgetdir($conf['local_data_dir'].'/additional_pages_backup', MKGETDIR_PROTECT_HTACCESS&~MKGETDIR_DIE_ON_ERROR);
    111111    $sav_file = @fopen($conf['local_data_dir'].'/additional_pages_backup/' . $edited_page['id'] . '.txt', "w");
    112112    @fwrite($sav_file, "Title: ".$_POST['title']."\nPermalink: ".$_POST['permalink']."\nLanguage: ".$_POST['lang']."\n\n" . $_POST['ap_content']);
    113113    @fclose($sav_file);
    114114
     115    // Redirect to admin pannel or additional page
    115116    if (isset($_GET['redirect']))
    116117    {
     
    131132}
    132133
    133 // Selection des langues
     134// Language options
    134135$options['ALL'] = l10n('ap_all_lang');
    135136$selected = 'ALL';
  • extensions/AdditionalPages/admin/edit_page.inc.php

    r9310 r9312  
    88}
    99
    10 // Suppression
     10// Delete
    1111if (isset($_REQUEST['delete']) and isset($_GET['edit']))
    1212{
    1313        pwg_query('DELETE FROM ' . ADD_PAGES_TABLE . ' WHERE id = ' . $_GET['edit'] . ';');
    1414  @unlink($conf['local_data_dir'].'/additional_pages_backup/' . $_GET['edit'] . '.txt');
     15
    1516  if ($conf['additional_pages']['homepage'] == $_GET['edit'])
    1617  {
     
    1819    conf_update_param('additional_pages', pwg_db_real_escape_string(serialize($conf['additional_pages'])));
    1920  }
     21
    2022  redirect($my_base_url.'&page_deleted=');
    2123}
    2224
    23 $q = 'SELECT id , lang , title , content , users , groups , level , permalink, standalone
     25// Load page data
     26$query = '
     27SELECT id , lang , title , content , users , groups , level , permalink, standalone
    2428FROM ' . ADD_PAGES_TABLE . '
    25 WHERE id = '.$_GET['edit'].';';
     29WHERE id = '.$_GET['edit'].'
     30;';
     31$edited_page = pwg_db_fetch_assoc(pwg_query($query));
    2632
    27 $edited_page = pwg_db_fetch_assoc(pwg_query($q));
    28 $page_title = l10n('ap_modify');
    2933$edited_page['users'] = !empty($edited_page['users']) ? explode(',', $edited_page['users']) : array();
    3034$edited_page['groups'] = !empty($edited_page['groups']) ? explode(',', $edited_page['groups']) : array();
     
    3236$edited_page['standalone'] = ($edited_page['standalone'] == 'true');
    3337
    34 // Lien de suppression
    3538$template->assign('delete', true);
     39$page_title = l10n('ap_modify');
    3640
    3741include(AP_PATH.'admin/add_page.inc.php');
  • extensions/AdditionalPages/admin/template/add_page.tpl

    r9310 r9312  
    9494      <div>
    9595        <a href="#" onClick="jQuery('input[name^=\'groups\']').attr('checked', 'checked');return false;">{'ap_select_all'|@translate}</a> /
    96         <a href="#" onClick="jQuery('input[name^=\'groups\']').attr('checked', '');return false;">{'ap_unselect_all'|@translate}</a>
     96        <a href="#" onClick="jQuery('input[name^=\'groups\']').attr('checked', '');return false;">{'ap_unselect_all'|@translate}</a> &nbsp;
     97        <i>{'ap_guest'|@translate}</i>
    9798      </div>
    9899    </li>
     
    112113                <input class="submit" type="submit" value="{'ap_save'|@translate}" name="save">
    113114                {if isset($delete)}
    114                 <input class="submit" type="submit" value="{'ap_delete'|@translate}" name="delete" onclick="return confirm('Are you sure?'|@translate);"/>
     115                <input class="submit" type="submit" value="{'ap_delete'|@translate}" name="delete" onclick="return confirm('{'Are you sure?'|@translate}');"/>
    115116                {/if}
    116117                </tr>
  • extensions/AdditionalPages/main.inc.php

    r9310 r9312  
    1919$conf['additional_pages'] = @unserialize($conf['additional_pages']);
    2020
     21// Need upgrade?
    2122if (!isset($conf['additional_pages']['level_perm']))
    2223  include(AP_PATH.'admin/upgrade.inc.php');
    2324
     25// Admin menu
    2426function additional_pages_admin_menu($menu)
    2527{
     
    3032}
    3133
     34// Section init
    3235function section_init_additional_page()
    3336{
     
    4346}
    4447
     48// Menubar
    4549function register_ap_menubar_blocks($menu_ref_arr)
    4650{
     
    5862  if ( ($block = $menu->get_block( 'mbAdditionalPages' ) ) != null )
    5963  {
    60     $query = 'SELECT DISTINCT id, title, permalink, GROUP_CONCAT(groups)
     64    $query = 'SELECT DISTINCT id, title, permalink
    6165FROM ' . ADD_PAGES_TABLE . '
    6266LEFT JOIN ' . USER_GROUP_TABLE . '
    6367  ON user_id = '.$user['id'].'
    64 WHERE (lang = "' . $user['language'] . '" OR lang IS NULL)
     68WHERE (lang IS NULL OR lang = "'.$user['language'].'")
    6569  AND (users IS NULL OR users LIKE "%'.$user['status'].'%")
    6670  AND (groups IS NULL OR groups REGEXP CONCAT("(^|,)",group_id,"(,|$)"))
Note: See TracChangeset for help on using the changeset viewer.