MercurialGeeklog / file revision
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | raw | help
public_html/admin/plugins/staticpages/index.php
author Dirk Haun <dirk@haun-online.de>
Sat, 03 Oct 2009 21:15:34 +0200
branchHEAD
changeset 7354 82e167a0e3a4
parent 7325 27d076900eaf
child 7413 5db714583481
permissions -rw-r--r--
Made the meta tag handling somewhat more consistent 
     1 <?php

     2 

     3 /* Reminder: always indent with 4 spaces (no tabs). */

     4 // +---------------------------------------------------------------------------+

     5 // | Static Pages Geeklog Plugin 1.6                                           |

     6 // +---------------------------------------------------------------------------+

     7 // | index.php                                                                 |

     8 // |                                                                           |

     9 // | Administration page.                                                      |

    10 // +---------------------------------------------------------------------------+

    11 // | Copyright (C) 2000-2009 by the following authors:                         |

    12 // |                                                                           |

    13 // | Authors: Tony Bibbs       - tony AT tonybibbs DOT com                     |

    14 // |          Phill Gillespie  - phill AT mediaaustralia DOT com DOT au        |

    15 // |          Tom Willett      - twillett AT users DOT sourceforge DOT net     |

    16 // |          Dirk Haun        - dirk AT haun-online DOT de                    |

    17 // +---------------------------------------------------------------------------+

    18 // |                                                                           |

    19 // | This program is free software; you can redistribute it and/or             |

    20 // | modify it under the terms of the GNU General Public License               |

    21 // | as published by the Free Software Foundation; either version 2            |

    22 // | of the License, or (at your option) any later version.                    |

    23 // |                                                                           |

    24 // | This program is distributed in the hope that it will be useful,           |

    25 // | but WITHOUT ANY WARRANTY; without even the implied warranty of            |

    26 // | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the             |

    27 // | GNU General Public License for more details.                              |

    28 // |                                                                           |

    29 // | You should have received a copy of the GNU General Public License         |

    30 // | along with this program; if not, write to the Free Software Foundation,   |

    31 // | Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.           |

    32 // |                                                                           |

    33 // +---------------------------------------------------------------------------+

    34 

    35 /**

    36 * Static Pages plugin administration page

    37 *

    38 * @package StaticPages

    39 * @subpackage admin

    40 */

    41 

    42 /**

    43 * Geeklog common function library and Admin authentication

    44 */

    45 require_once '../../../lib-common.php';

    46 require_once '../../auth.inc.php';

    47 

    48 $display = '';

    49 

    50 if (!SEC_hasRights('staticpages.edit')) {

    51     $display .= COM_siteHeader('menu', $MESSAGE[30])

    52              . COM_showMessageText($MESSAGE[29], $MESSAGE[30])

    53              . COM_siteFooter();

    54     COM_accessLog("User {$_USER['username']} tried to illegally access the static pages administration screen.");

    55     COM_output($display);

    56     exit;

    57 }

    58 

    59 

    60 /**

    61 * Displays the static page editor form

    62 *

    63 * @param    array   $A  Data to display

    64 * @return   string      HTML for the static page editor

    65 *

    66 */

    67 function staticpageeditor_form($A, $error = false)

    68 {

    69     global $_CONF, $_TABLES, $_USER, $_GROUPS, $_SP_CONF, $mode, $sp_id,

    70            $LANG21, $LANG_STATIC, $LANG_ACCESS, $LANG_ADMIN, $LANG24,

    71            $LANG_postmodes, $MESSAGE;

    72 

    73     $template_path = staticpages_templatePath('admin');

    74     if (!empty($sp_id) && $mode=='edit') {

    75         $access = SEC_hasAccess($A['owner_id'],$A['group_id'],$A['perm_owner'],$A['perm_group'],$A['perm_members'],$A['perm_anon']);

    76     } else {

    77         if ($mode != 'clone') {

    78             $A['sp_inblock'] = $_SP_CONF['in_block'];

    79         }

    80         $A['owner_id'] = $_USER['uid'];

    81         if (isset($_GROUPS['Static Page Admin'])) {

    82             $A['group_id'] = $_GROUPS['Static Page Admin'];

    83         } else {

    84             $A['group_id'] = SEC_getFeatureGroup('staticpages.edit');

    85         }

    86         SEC_setDefaultPermissions($A, $_SP_CONF['default_permissions']);

    87         $access = 3;

    88         if (isset($_CONF['advanced_editor']) &&

    89           ($_CONF['advanced_editor'] == 1) &&

    90           file_exists($template_path . '/editor_advanced.thtml'))

    91         {

    92              $A['advanced_editor_mode'] = 1;

    93         }

    94     }

    95     $retval = '';

    96 

    97     $sp_template = new Template($template_path);

    98     if (isset($_CONF['advanced_editor']) &&

    99         ($_CONF['advanced_editor'] == 1) &&

   100         file_exists($template_path . '/editor_advanced.thtml'))

   101     {

   102         $sp_template->set_file('form', 'editor_advanced.thtml');

   103         $sp_template->set_var('lang_expandhelp', $LANG24[67]);

   104         $sp_template->set_var('lang_reducehelp', $LANG24[68]);

   105         $sp_template->set_var('lang_toolbar', $LANG24[70]);

   106         $sp_template->set_var('toolbar1', $LANG24[71]);

   107         $sp_template->set_var('toolbar2', $LANG24[72]);

   108         $sp_template->set_var('toolbar3', $LANG24[73]);

   109         $sp_template->set_var('toolbar4', $LANG24[74]);

   110         $sp_template->set_var('toolbar5', $LANG24[75]);

   111         $sp_template->set_var('lang_nojavascript',$LANG24[77]);

   112         $sp_template->set_var('lang_postmode', $LANG24[4]);

   113         if (isset($A['postmode']) && ($A['postmode'] == 'adveditor')) {

   114             $sp_template->set_var('show_adveditor','');

   115             $sp_template->set_var('show_htmleditor','none');

   116         } else {

   117             $sp_template->set_var('show_adveditor','none');

   118             $sp_template->set_var('show_htmleditor','');

   119         }

   120         $post_options = '<option value="html" selected="selected">'.$LANG_postmodes['html'].'</option>';

   121         if (isset($A['postmode']) && ($A['postmode'] == 'adveditor')) {

   122             $post_options .= '<option value="adveditor" selected="selected">'.$LANG24[86].'</option>';

   123         } else {

   124             $post_options .= '<option value="adveditor">'.$LANG24[86].'</option>';

   125         }

   126         $sp_template->set_var('post_options',$post_options );

   127         $sp_template->set_var('change_editormode', 'onchange="change_editmode(this);"');

   128     } else {

   129         $sp_template->set_file('form', 'editor.thtml');

   130     }

   131     $sp_template->set_var('layout_url', $_CONF['layout_url']);

   132     $sp_template->set_var('lang_mode', $LANG24[3]);

   133     $sp_template->set_var(

   134         'comment_options',

   135         COM_optionList($_TABLES['commentcodes'],

   136         'code,name',

   137         $A['commentcode'])

   138     );

   139 

   140     $sp_template->set_var('lang_accessrights', $LANG_ACCESS['accessrights']);

   141     $sp_template->set_var('lang_owner', $LANG_ACCESS['owner']);

   142     $ownername = COM_getDisplayName($A['owner_id']);

   143     $sp_template->set_var('owner_username', DB_getItem($_TABLES['users'],

   144                           'username',"uid = {$A['owner_id']}"));

   145     $sp_template->set_var('owner_name', $ownername);

   146     $sp_template->set_var('owner', $ownername);

   147     $sp_template->set_var('owner_id', $A['owner_id']);

   148     $sp_template->set_var('lang_group', $LANG_ACCESS['group']);

   149     $sp_template->set_var('group_dropdown',

   150                           SEC_getGroupDropdown($A['group_id'], $access));

   151     $sp_template->set_var('permissions_editor', SEC_getPermissionsHTML($A['perm_owner'],$A['perm_group'],$A['perm_members'],$A['perm_anon']));

   152     $sp_template->set_var('lang_permissions', $LANG_ACCESS['permissions']);

   153     $sp_template->set_var('lang_perm_key', $LANG_ACCESS['permissionskey']);

   154     $sp_template->set_var('permissions_msg', $LANG_ACCESS['permmsg']);

   155     $sp_template->set_var('lang_permissions_msg', $LANG_ACCESS['permmsg']);

   156     $sp_template->set_var('site_url', $_CONF['site_url']);

   157     $sp_template->set_var('site_admin_url', $_CONF['site_admin_url']);

   158     $sp_template->set_var('start_block_editor',

   159             COM_startBlock($LANG_STATIC['staticpageeditor']), '',

   160                     COM_getBlockTemplate('_admin_block', 'header'));

   161     $sp_template->set_var('lang_save', $LANG_ADMIN['save']);

   162     $sp_template->set_var('lang_cancel', $LANG_ADMIN['cancel']);

   163     $sp_template->set_var('lang_preview', $LANG_ADMIN['preview']);

   164     if (SEC_hasRights('staticpages.delete') && ($mode != 'clone') &&

   165             !empty($A['sp_old_id'])) {

   166         $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete']

   167                    . '" name="mode"%s' . XHTML . '>';

   168         $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';

   169         $sp_template->set_var('delete_option',

   170                               sprintf($delbutton, $jsconfirm));

   171         $sp_template->set_var('delete_option_no_confirmation',

   172                               sprintf($delbutton, ''));

   173     } else {

   174         $sp_template->set_var('delete_option','');

   175     }

   176     $sp_template->set_var('lang_writtenby', $LANG_STATIC['writtenby']);

   177     $sp_template->set_var('username', DB_getItem($_TABLES['users'],

   178                           'username', "uid = {$A['sp_uid']}"));

   179     $authorname = COM_getDisplayName($A['sp_uid']);

   180     $sp_template->set_var('name', $authorname);

   181     $sp_template->set_var('author', $authorname);

   182     $sp_template->set_var('lang_url', $LANG_STATIC['url']);

   183     $sp_template->set_var('lang_id', $LANG_STATIC['id']);

   184     $sp_template->set_var('sp_uid', $A['sp_uid']);

   185     $sp_template->set_var('sp_id', $A['sp_id']);

   186     $sp_template->set_var('sp_old_id', $A['sp_old_id']);

   187     $sp_template->set_var('example_url', COM_buildURL($_CONF['site_url']

   188                           . '/staticpages/index.php?page=' . $A['sp_id']));

   189 

   190     $sp_template->set_var('lang_centerblock', $LANG_STATIC['centerblock']);

   191     $sp_template->set_var('lang_centerblock_help', $LANG_ADMIN['help_url']);

   192     $sp_template->set_var('lang_centerblock_include', $LANG21[51]);

   193     $sp_template->set_var('lang_centerblock_desc', $LANG21[52]);

   194     $sp_template->set_var('centerblock_help', $A['sp_help']);

   195     $sp_template->set_var('lang_centerblock_msg', $LANG_STATIC['centerblock_msg']);

   196     if (isset($A['sp_centerblock']) && ($A['sp_centerblock'] == 1)) {

   197         $sp_template->set_var('centerblock_checked', 'checked="checked"');

   198     } else {

   199         $sp_template->set_var('centerblock_checked', '');

   200     }

   201     $sp_template->set_var('lang_topic', $LANG_STATIC['topic']);

   202     $sp_template->set_var('lang_position', $LANG_STATIC['position']);

   203     $current_topic = '';

   204     if (isset($A['sp_tid'])) {

   205         $current_topic = $A['sp_tid'];

   206     }

   207     if (empty($current_topic)) {

   208         $current_topic = 'none';

   209     }

   210     $topics = COM_topicList('tid,topic', $current_topic, 1, true);

   211     $alltopics = '<option value="all"';

   212     if ($current_topic == 'all') {

   213         $alltopics .= ' selected="selected"';

   214     }

   215     $alltopics .= '>' . $LANG_STATIC['all_topics'] . '</option>' . LB;

   216     $notopic = '<option value="none"';

   217     if ($current_topic == 'none') {

   218         $notopic .= ' selected="selected"';

   219     }

   220     $notopic .= '>' . $LANG_STATIC['no_topic'] . '</option>' . LB;

   221     $sp_template->set_var('topic_selection', '<select name="sp_tid">'

   222                           . $alltopics . $notopic . $topics . '</select>');

   223     $position = '<select name="sp_where">';

   224     $position .= '<option value="1"';

   225     if ($A['sp_where'] == 1) {

   226         $position .= ' selected="selected"';

   227     }

   228     $position .= '>' . $LANG_STATIC['position_top'] . '</option>';

   229     $position .= '<option value="2"';

   230     if ($A['sp_where'] == 2) {

   231         $position .= ' selected="selected"';

   232     }

   233     $position .= '>' . $LANG_STATIC['position_feat'] . '</option>';

   234     $position .= '<option value="3"';

   235     if ($A['sp_where'] == 3) {

   236         $position .= ' selected="selected"';

   237     }

   238     $position .= '>' . $LANG_STATIC['position_bottom'] . '</option>';

   239     $position .= '<option value="0"';

   240     if ($A['sp_where'] == 0) {

   241         $position .= ' selected="selected"';

   242     }

   243     $position .= '>' . $LANG_STATIC['position_entire'] . '</option>';

   244     $position .= '</select>';

   245     $sp_template->set_var('pos_selection', $position);

   246 

   247     if (($_SP_CONF['allow_php'] == 1) && SEC_hasRights('staticpages.PHP')) {

   248         if (!isset($A['sp_php'])) {

   249             $A['sp_php'] = 0;

   250         }

   251         $selection = '<select name="sp_php">' . LB;

   252         $selection .= '<option value="0"';

   253         if (($A['sp_php'] <= 0) || ($A['sp_php'] > 2)) {

   254             $selection .= ' selected="selected"';

   255         }

   256         $selection .= '>' . $LANG_STATIC['select_php_none'] . '</option>' . LB;

   257         $selection .= '<option value="1"';

   258         if ($A['sp_php'] == 1) {

   259             $selection .= ' selected="selected"';

   260         }

   261         $selection .= '>' . $LANG_STATIC['select_php_return'] . '</option>' . LB;

   262         $selection .= '<option value="2"';

   263         if ($A['sp_php'] == 2) {

   264             $selection .= ' selected="selected"';

   265         }

   266         $selection .= '>' . $LANG_STATIC['select_php_free'] . '</option>' . LB;

   267         $selection .= '</select>';

   268         $sp_template->set_var('php_selector', $selection);

   269         $sp_template->set_var('php_warn', $LANG_STATIC['php_warn']);

   270     } else {

   271         $sp_template->set_var('php_selector', '');

   272         $sp_template->set_var('php_warn', $LANG_STATIC['php_not_activated']);

   273     }

   274     $sp_template->set_var('php_msg', $LANG_STATIC['php_msg']);

   275 

   276     // old variables (for the 1.3-type checkbox)

   277     $sp_template->set_var('php_checked', '');

   278     $sp_template->set_var('php_type', 'hidden');

   279 

   280     if (isset($A['sp_nf']) && ($A['sp_nf'] == 1)) {

   281         $sp_template->set_var('exit_checked','checked="checked"');

   282     } else {

   283         $sp_template->set_var('exit_checked','');

   284     }

   285     $sp_template->set_var('exit_msg',$LANG_STATIC['exit_msg']);

   286     $sp_template->set_var('exit_info',$LANG_STATIC['exit_info']);

   287 

   288     if ($A['sp_inblock'] == 1) {

   289         $sp_template->set_var('inblock_checked', 'checked="checked"');

   290     } else {

   291         $sp_template->set_var('inblock_checked', '');

   292     }

   293     $sp_template->set_var('inblock_msg', $LANG_STATIC['inblock_msg']);

   294     $sp_template->set_var('inblock_info', $LANG_STATIC['inblock_info']);

   295 

   296     $curtime = COM_getUserDateTimeFormat($A['unixdate']);

   297     $sp_template->set_var('lang_lastupdated', $LANG_STATIC['date']);

   298     $sp_template->set_var('sp_formateddate', $curtime[0]);

   299     $sp_template->set_var('sp_date', $curtime[1]);

   300 

   301     $sp_template->set_var('lang_title', $LANG_STATIC['title']);

   302     $title = '';

   303     if (isset($A['sp_title'])) {

   304         $title = htmlspecialchars(stripslashes($A['sp_title']));

   305     }

   306     $sp_template->set_var('sp_title', $title);

   307     $sp_template->set_var('lang_metadescription', $LANG_ADMIN['meta_description']);

   308     $sp_template->set_var('lang_metakeywords', $LANG_ADMIN['meta_keywords']);

   309     if (!empty($A['meta_description'])) {

   310         $sp_template->set_var('meta_description', $A['meta_description']);

   311     }

   312     if (!empty($A['meta_keywords'])) {

   313         $sp_template->set_var('meta_keywords', $A['meta_keywords']);        

   314     }

   315     $sp_template->set_var('lang_addtomenu', $LANG_STATIC['addtomenu']);

   316     if (isset($A['sp_onmenu']) && ($A['sp_onmenu'] == 1)) {

   317         $sp_template->set_var('onmenu_checked', 'checked="checked"');

   318     } else {

   319         $sp_template->set_var('onmenu_checked', '');

   320     }

   321     $sp_template->set_var('lang_label', $LANG_STATIC['label']);

   322     if (isset($A['sp_label'])) {

   323         $sp_template->set_var('sp_label', $A['sp_label']);

   324     } else {

   325         $sp_template->set_var('sp_label', '');

   326     }

   327     $sp_template->set_var('lang_pageformat', $LANG_STATIC['pageformat']);

   328     $sp_template->set_var('lang_blankpage', $LANG_STATIC['blankpage']);

   329     $sp_template->set_var('lang_noblocks', $LANG_STATIC['noblocks']);

   330     $sp_template->set_var('lang_leftblocks', $LANG_STATIC['leftblocks']);

   331     $sp_template->set_var('lang_leftrightblocks', $LANG_STATIC['leftrightblocks']);

   332     if (!isset($A['sp_format'])) {

   333         $A['sp_format'] = '';

   334     }

   335     if ($A['sp_format'] == 'noblocks') {

   336         $sp_template->set_var('noblock_selected', 'selected="selected"');

   337     } else {

   338         $sp_template->set_var('noblock_selected', '');

   339     }

   340     if ($A['sp_format'] == 'leftblocks') {

   341         $sp_template->set_var('leftblocks_selected', 'selected="selected"');

   342     } else {

   343         $sp_template->set_var('leftblocks_selected', '');

   344     }

   345     if ($A['sp_format'] == 'blankpage') {

   346         $sp_template->set_var('blankpage_selected', 'selected="selected"');

   347     } else {

   348         $sp_template->set_var('blankpage_selected', '');

   349     }

   350     if (($A['sp_format'] == 'allblocks') OR empty($A['sp_format'])) {

   351         $sp_template->set_var('allblocks_selected', 'selected="selected"');

   352     } else {

   353         $sp_template->set_var('allblocks_selected', '');

   354     }

   355 

   356     $sp_template->set_var('lang_content', $LANG_STATIC['content']);

   357     $content = '';

   358     if (isset($A['sp_content'])) {

   359         $content = htmlspecialchars(stripslashes($A['sp_content']));

   360     }

   361     $sp_template->set_var('sp_content', $content);

   362     if ($_SP_CONF['filter_html'] == 1) {

   363         $allowed = COM_allowedHTML('staticpages.edit');

   364         $sp_template->set_var('lang_allowedhtml', $allowed);

   365         $sp_template->set_var('lang_allowed_html', $allowed);

   366     } else {

   367         $sp_template->set_var('lang_allowedhtml',

   368                               $LANG_STATIC['all_html_allowed']);

   369         $allowed = '<span class="warningsmall">'

   370                  . $LANG_STATIC['all_html_allowed'] . ',</span>' . LB

   371                  . '<div dir="ltr" class="warningsmall">';

   372         $autotags = array_keys(PLG_collectTags());

   373         $allowed .= '[' . implode(':], [', $autotags) . ':]';

   374         $allowed .= '</div>';

   375         $sp_template->set_var('lang_allowed_html', $allowed);

   376     }

   377     $sp_template->set_var('lang_hits', $LANG_STATIC['hits']);

   378     if (empty($A['sp_hits'])) {

   379         $sp_template->set_var('sp_hits', '0');

   380         $sp_template->set_var('sp_hits_formatted', '0');

   381     } else {

   382         $sp_template->set_var('sp_hits', $A['sp_hits']);

   383         $sp_template->set_var('sp_hits_formatted',

   384                                COM_numberFormat($A['sp_hits']));

   385     }

   386     $sp_template->set_var('end_block',

   387             COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer')));

   388     $sp_template->set_var('xhtml', XHTML);

   389     $sp_template->set_var('gltoken_name', CSRF_TOKEN);

   390     $sp_template->set_var('gltoken', SEC_createToken());

   391     $sp_template->parse('output', 'form');

   392         $retval .= $sp_template->finish($sp_template->get_var('output'));

   393 

   394     return $retval;

   395 }

   396 

   397 /**

   398 * List all static pages that the user has access to

   399 *

   400 * @retun    string      HTML for the list

   401 *

   402 */

   403 function liststaticpages()

   404 {

   405     global $_CONF, $_TABLES, $_IMAGE_TYPE, $LANG_ADMIN, $LANG_STATIC;

   406 

   407     require_once $_CONF['path_system'] . 'lib-admin.php';

   408 

   409     $retval = '';

   410 

   411     $header_arr = array(      // display 'text' and use table field 'field'

   412         array('text' => $LANG_ADMIN['edit'], 'field' => 'edit', 'sort' => false),

   413         array('text' => $LANG_ADMIN['copy'], 'field' => 'copy', 'sort' => false),

   414         array('text' => $LANG_STATIC['id'], 'field' => 'sp_id', 'sort' => true),

   415         array('text' => $LANG_ADMIN['title'], 'field' => 'sp_title', 'sort' => true),

   416         array('text' => $LANG_STATIC['writtenby'], 'field' => 'sp_uid', 'sort' => true),

   417         array('text' => $LANG_STATIC['head_centerblock'], 'field' => 'sp_centerblock', 'sort' => true),

   418         array('text' => $LANG_STATIC['date'], 'field' => 'unixdate', 'sort' => true)

   419     );

   420     $defsort_arr = array('field' => 'sp_title', 'direction' => 'asc');

   421 

   422     $menu_arr = array (

   423         array('url' => $_CONF['site_admin_url'] . '/plugins/staticpages/index.php?mode=edit',

   424               'text' => $LANG_ADMIN['create_new']),

   425         array('url' => $_CONF['site_admin_url'],

   426               'text' => $LANG_ADMIN['admin_home'])

   427     );

   428 

   429     $retval .= COM_startBlock($LANG_STATIC['staticpagelist'], '',

   430                               COM_getBlockTemplate('_admin_block', 'header'));

   431 

   432     $retval .= ADMIN_createMenu($menu_arr, $LANG_STATIC['instructions'], plugin_geticon_staticpages());

   433 

   434     $text_arr = array(

   435         'has_extras' => true,

   436         'form_url' => $_CONF['site_admin_url'] . '/plugins/staticpages/index.php'

   437     );

   438 

   439     $query_arr = array(

   440         'table' => 'staticpage',

   441         'sql' => "SELECT *,UNIX_TIMESTAMP(sp_date) AS unixdate "

   442                 ."FROM {$_TABLES['staticpage']} WHERE 1=1 ",

   443         'query_fields' => array('sp_title', 'sp_id'),

   444         'default_filter' => COM_getPermSQL ('AND', 0, 3)

   445     );

   446 

   447     $retval .= ADMIN_list('static_pages', 'plugin_getListField_staticpages',

   448                           $header_arr, $text_arr, $query_arr, $defsort_arr);

   449     $retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));

   450 

   451     return $retval;

   452 }

   453 

   454 /**

   455 * Displays the Static Page Editor

   456 *

   457 * @param    string  $sp_id      ID of static page to edit

   458 * @param    string  $mode       Mode

   459 * @param    string  $editor     Editor mode? (unused?)

   460 * @return   string              HTML for static pages editor

   461 *

   462 */

   463 function staticpageeditor($sp_id, $mode = '', $editor = '')

   464 {

   465     global $_CONF, $_TABLES, $_USER, $LANG_ACCESS, $LANG_STATIC;

   466 

   467     $retval = '';

   468 

   469     if (!empty($sp_id) && $mode == 'edit') {

   470         $result = DB_query("SELECT *,UNIX_TIMESTAMP(sp_date) AS unixdate FROM {$_TABLES['staticpage']} WHERE sp_id = '$sp_id'" . COM_getPermSQL('AND', 0, 3));

   471         if (DB_numRows($result) == 1) {

   472             $A = DB_fetchArray($result);

   473             $A['sp_old_id'] = $A['sp_id'];

   474         }

   475     } elseif ($mode == 'edit') {

   476         $A['sp_id'] = COM_makesid();

   477         $A['sp_uid'] = $_USER['uid'];

   478         $A['unixdate'] = time();

   479         $A['sp_help'] = '';

   480         $A['sp_old_id'] = '';

   481         $A['commentcode'] = $_CONF['comment_code'];

   482         $A['sp_where'] = 1; // default new pages to "top of page"

   483     } elseif (!empty($sp_id) && $mode == 'clone') {

   484         $result = DB_query("SELECT *,UNIX_TIMESTAMP(sp_date) AS unixdate FROM {$_TABLES['staticpage']} WHERE sp_id = '$sp_id'" . COM_getPermSQL('AND', 0, 3));

   485         if (DB_numRows($result) == 1) {

   486             $A = DB_fetchArray($result);

   487             $A['sp_id'] = COM_makesid();

   488             $A['sp_uid'] = $_USER['uid'];

   489             $A['unixdate'] = time();

   490             $A['sp_hits'] = 0;

   491             $A['sp_old_id'] = '';

   492             $A['commentcode'] = $_CONF['comment_code'];

   493         }

   494     } else {

   495         $A = $_POST;

   496         if (empty($A['unixdate'])) {

   497             $A['unixdate'] = time();

   498         }

   499         $A['sp_content'] = COM_checkHTML(COM_checkWords($A['sp_content']),

   500                                          'staticpages.edit');

   501     }

   502 

   503     if (isset($A)) {

   504         if (isset($A['sp_title'])) {

   505             $A['sp_title'] = strip_tags($A['sp_title']);

   506         }

   507         if (isset($A['meta_description'])) {

   508             $A['meta_description'] = strip_tags($A['meta_description']);

   509         }

   510         if (isset ($A['meta_keywords'])) {

   511             $A['meta_keywords'] = strip_tags($A['meta_keywords']);

   512         }    

   513 

   514         $A['editor'] = $editor;

   515 

   516         $retval = staticpageeditor_form($A);

   517     } else {

   518         $retval = COM_startBlock($LANG_ACCESS['accessdenied'], '',

   519                         COM_getBlockTemplate('_msg_block', 'header'))

   520                 . $LANG_STATIC['deny_msg']

   521                 . COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));

   522     }

   523 

   524     return $retval;

   525 }

   526 

   527 /**

   528 * Saves a Static Page to the database

   529 *

   530 * @param sp_id           string  ID of static page

   531 * @param sp_uid          string  ID of user that created page

   532 * @param sp_title        string  title of page

   533 * @param sp_content      string  page content

   534 * @param sp_hits         int     Number of page views

   535 * @param sp_format       string  HTML or plain text

   536 * @param sp_onmenu       string  Flag to place entry on menu

   537 * @param sp_label        string  Menu Entry

   538 * @param commentcode     int     Comment Code

   539 * @param owner_id        int     Permission bits

   540 * @param group_id        int

   541 * @param perm_owner      int

   542 * @param perm_members    int

   543 * @param perm_anon       int

   544 * @param sp_php          int     Flag to indicate PHP usage

   545 * @param sp_nf           string  Flag to indicate type of not found message

   546 * @param sp_old_id       string  original ID of this static page

   547 * @param sp_centerblock  string  Flag to indicate display as a center block

   548 * @param sp_help         string  Help URL that displays in the block

   549 * @param sp_tid          string  topid id (for center block)

   550 * @param sp_where        int     position of center block

   551 * @param sp_inblock      string  Flag: wrap page in a block (or not)

   552 *

   553 */

   554 function submitstaticpage($sp_id, $sp_uid, $sp_title, $sp_content, $sp_hits,

   555                           $sp_format, $sp_onmenu, $sp_label, $commentcode,

   556                           $owner_id, $group_id, $perm_owner, $perm_group,

   557                           $perm_members, $perm_anon, $sp_php, $sp_nf,

   558                           $sp_old_id, $sp_centerblock, $sp_help, $sp_tid,

   559                           $sp_where, $sp_inblock, $postmode, $meta_description,

   560                           $meta_keywords)

   561 {

   562     global $_CONF, $_TABLES, $LANG12, $LANG_STATIC, $_SP_CONF;

   563 

   564     $retval = '';

   565 

   566     $args = array(

   567                 'sp_id' => $sp_id,

   568                 'sp_uid' => $sp_uid,

   569                 'sp_title' => $sp_title,

   570                 'sp_content' => $sp_content,

   571                 'sp_hits' => $sp_hits,

   572                 'sp_format' => $sp_format,

   573                 'sp_onmenu' => $sp_onmenu,

   574                 'sp_label' => $sp_label,

   575                 'commentcode' => $commentcode,

   576                 'meta_description' => $meta_description,

   577                 'meta_keywords' => $meta_keywords,                

   578                 'owner_id' => $owner_id,

   579                 'group_id' => $group_id,

   580                 'perm_owner' => $perm_owner,

   581                 'perm_group' => $perm_group,

   582                 'perm_members' => $perm_members,

   583                 'perm_anon' => $perm_anon,

   584                 'sp_php' => $sp_php,

   585                 'sp_nf' => $sp_nf,

   586                 'sp_old_id' => $sp_old_id,

   587                 'sp_centerblock' => $sp_centerblock,

   588                 'sp_help' => $sp_help,

   589                 'sp_tid' => $sp_tid,

   590                 'sp_where' => $sp_where,

   591                 'sp_inblock' => $sp_inblock,

   592                 'postmode' => $postmode

   593                  );

   594 

   595     PLG_invokeService('staticpages', 'submit', $args, $retval, $svc_msg);

   596 

   597     return $retval;

   598 }

   599 

   600 

   601 // MAIN

   602 $mode = '';

   603 if (isset($_REQUEST['mode'])) {

   604     $mode = COM_applyFilter ($_REQUEST['mode']);

   605 }

   606 $sp_id = '';

   607 if (isset($_REQUEST['sp_id'])) {

   608     $sp_id = COM_applyFilter ($_REQUEST['sp_id']);

   609 }

   610 

   611 $display = '';

   612 

   613 if (($mode == $LANG_ADMIN['delete']) && !empty ($LANG_ADMIN['delete']) && SEC_checkToken()) {

   614     if (empty ($sp_id) || (is_numeric ($sp_id) && ($sp_id == 0))) {

   615         COM_errorLog ('Attempted to delete static page sp_id=' . $sp_id);

   616     } else {

   617         $args = array(

   618                     'sp_id' => $sp_id

   619                      );

   620         PLG_invokeService('staticpages', 'delete', $args, $display, $svc_msg);

   621     }

   622 } else if ($mode == 'edit') {

   623     $display .= COM_siteHeader ('menu', $LANG_STATIC['staticpageeditor']);

   624     if (isset($_GET['msg'])) {

   625         $msg = COM_applyFilter($_GET['msg'], true);

   626         if ($msg > 0) {

   627             $display .= COM_showMessage($msg, 'staticpages');

   628         }

   629     }

   630     $editor = '';

   631     if (isset ($_GET['editor'])) {

   632         $editor = COM_applyFilter ($_GET['editor']);

   633     }

   634     $display .= staticpageeditor ($sp_id, $mode, $editor);

   635     $display .= COM_siteFooter ();

   636 } else if ($mode == 'clone') {

   637     if (!empty ($sp_id)) {

   638         $display .= COM_siteHeader('menu', $LANG_STATIC['staticpageeditor']);

   639         $display .= staticpageeditor($sp_id,$mode);

   640         $display .= COM_siteFooter();

   641     } else {

   642         $display = COM_refresh ($_CONF['site_admin_url'] . '/index.php');

   643     }

   644 } else if (($mode == $LANG_ADMIN['save']) && !empty ($LANG_ADMIN['save']) && SEC_checkToken()) {

   645     if (!empty ($sp_id)) {

   646         if (!isset ($_POST['sp_onmenu'])) {

   647             $_POST['sp_onmenu'] = '';

   648         }

   649         if (!isset ($_POST['sp_php'])) {

   650             $_POST['sp_php'] = '';

   651         }

   652         if (!isset ($_POST['sp_nf'])) {

   653             $_POST['sp_nf'] = '';

   654         }

   655         if (!isset ($_POST['sp_centerblock'])) {

   656             $_POST['sp_centerblock'] = '';

   657         }

   658         $help = '';

   659         if (isset ($_POST['sp_help'])) {

   660             $sp_help = COM_sanitizeUrl ($_POST['sp_help'], array ('http', 'https'));

   661         }

   662         if (!isset ($_POST['sp_inblock'])) {

   663             $_POST['sp_inblock'] = '';

   664         }

   665         $sp_uid = COM_applyFilter ($_POST['sp_uid'], true);

   666         if ($sp_uid == 0) {

   667             $sp_uid = $_USER['uid'];

   668         }

   669         if (!isset ($_POST['postmode'])) {

   670             $_POST['postmode'] = '';

   671         }

   672         $display .= submitstaticpage ($sp_id, $sp_uid, $_POST['sp_title'],

   673             $_POST['sp_content'], COM_applyFilter ($_POST['sp_hits'], true),

   674             COM_applyFilter ($_POST['sp_format']), $_POST['sp_onmenu'],

   675             $_POST['sp_label'], COM_applyFilter ($_POST['commentcode'], true),

   676             COM_applyFilter ($_POST['owner_id'], true),

   677             COM_applyFilter ($_POST['group_id'], true), $_POST['perm_owner'],

   678             $_POST['perm_group'], $_POST['perm_members'], $_POST['perm_anon'],

   679             $_POST['sp_php'], $_POST['sp_nf'],

   680             COM_applyFilter ($_POST['sp_old_id']), $_POST['sp_centerblock'],

   681             $sp_help, COM_applyFilter ($_POST['sp_tid']),

   682             COM_applyFilter ($_POST['sp_where'], true), $_POST['sp_inblock'],

   683             COM_applyFilter ($_POST['postmode']), 

   684             $_POST['meta_description'], $_POST['meta_keywords']); 

   685     } else {

   686         $display = COM_refresh ($_CONF['site_admin_url'] . '/index.php');

   687     }

   688 } else {

   689     $display .= COM_siteHeader('menu', $LANG_STATIC['staticpagelist']);

   690     if (isset($_REQUEST['msg'])) {

   691         $msg = COM_applyFilter($_REQUEST['msg'], true);

   692         if ($msg > 0) {

   693             $display .= COM_showMessage($msg, 'staticpages');

   694         }

   695     }

   696     $display .= liststaticpages();

   697     $display .= COM_siteFooter ();

   698 }

   699 

   700 COM_output($display);

   701 

   702 ?>
Geeklog