3 /* Reminder: always indent with 4 spaces (no tabs). */
4 // +---------------------------------------------------------------------------+
6 // +---------------------------------------------------------------------------+
9 // | Admin-related functions needed in more than one place. |
10 // +---------------------------------------------------------------------------+
11 // | Copyright (C) 2000-2009 by the following authors: |
13 // | Authors: Tony Bibbs - tony AT tonybibbs DOT com |
14 // | Mark Limburg - mlimburg AT users DOT sourceforge DOT net |
15 // | Jason Whittenburg - jwhitten AT securitygeeks DOT com |
16 // | Dirk Haun - dirk AT haun-online DOT de |
17 // | Oliver Spiesshofer - oliver AT spiesshofer DOT com |
18 // +---------------------------------------------------------------------------+
20 // | This program is free software; you can redistribute it and/or |
21 // | modify it under the terms of the GNU General Public License |
22 // | as published by the Free Software Foundation; either version 2 |
23 // | of the License, or (at your option) any later version. |
25 // | This program is distributed in the hope that it will be useful, |
26 // | but WITHOUT ANY WARRANTY; without even the implied warranty of |
27 // | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
28 // | GNU General Public License for more details. |
30 // | You should have received a copy of the GNU General Public License |
31 // | along with this program; if not, write to the Free Software Foundation, |
32 // | Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
34 // +---------------------------------------------------------------------------+
37 * This file contains functions used in the admin panels (mostly for the
38 * various lists of stories, users, etc.).
42 if (strpos(strtolower($_SERVER['PHP_SELF']), 'lib-admin.php') !== false) {
43 die('This file can not be used on its own!');
47 * Common function used in Admin scripts to display a list of items
49 * @param string $fieldfunction Name of a function used to display the list item row details
50 * @param array $header_arr array of header fields with sortables and table fields
51 * @param array $text_arr array with different text strings
52 * @param array $data_arr array with sql query data - array of list records
53 * @param array $options array of options - intially just used for the Check-All feature
54 * @param array $form_arr optional extra forms at top or bottom
55 * @return string HTML output of function
58 function ADMIN_simpleList($fieldfunction, $header_arr, $text_arr,
59 $data_arr, $options = '', $form_arr='')
61 global $_CONF, $_TABLES, $LANG01, $LANG_ADMIN, $LANG_ACCESS, $MESSAGE,
67 if (!empty($text_arr['help_url'])) {
68 $help_url = $text_arr['help_url'];
72 if (!empty($text_arr['title'])) {
73 $title = $text_arr['title'];
77 if (!empty($text_arr['form_url'])) {
78 $form_url = $text_arr['form_url'];
81 $admin_templates = new Template($_CONF['path_layout'] . 'admin/lists');
82 $admin_templates->set_file (
84 'list' => 'list.thtml',
85 'header' => 'header.thtml',
86 'row' => 'listitem.thtml',
87 'field' => 'field.thtml'
90 $admin_templates->set_var( 'xhtml', XHTML );
91 $admin_templates->set_var('site_url', $_CONF['site_url']);
92 $admin_templates->set_var('site_admin_url', $_CONF['site_admin_url']);
93 $admin_templates->set_var('layout_url', $_CONF['layout_url']);
94 $admin_templates->set_var('form_url', $form_url);
95 $admin_templates->set_var('lang_edit', $LANG_ADMIN['edit']);
96 $admin_templates->set_var('lang_deleteall', $LANG01[124]);
97 $admin_templates->set_var('lang_delconfirm', $LANG01[125]);
98 if (isset($form_arr['top'])) {
99 $admin_templates->set_var('formfields_top', $form_arr['top']);
101 if (isset($form_arr['bottom'])) {
102 $admin_templates->set_var('formfields_bottom', $form_arr['bottom']);
105 # define icon paths. Those will be transmitted to $fieldfunction.
106 $icons_type_arr = array('edit', 'copy', 'list', 'addchild');
108 foreach ($icons_type_arr as $icon_type) {
109 $icon_url = "{$_CONF['layout_url']}/images/$icon_type.$_IMAGE_TYPE";
110 $icon_arr[$icon_type] = COM_createImage($icon_url, $LANG_ADMIN[$icon_type]);
113 // Check if the delete checkbox and support for the delete all feature should be displayed
115 if (is_array($options) && isset($options['chkminimum'])) {
116 $min_data = $options['chkminimum'];
118 if (count($data_arr) > $min_data AND is_array($options) AND $options['chkdelete']) {
119 $admin_templates->set_var('header_text', '<input type="checkbox" name="chk_selectall" title="'.$LANG01[126].'" onclick="caItems(this.form);"' . XHTML . '>');
120 $admin_templates->set_var('class', "admin-list-field");
121 $admin_templates->set_var('show_deleteimage', '');
122 $admin_templates->parse('header_row', 'header', true);
123 $admin_templates->clear_var('on_click');
125 $admin_templates->set_var('show_deleteimage','display:none;');
128 # HEADER FIELDS array(text, field, sort)
129 for ($i=0; $i < count( $header_arr ); $i++) {
130 $admin_templates->set_var('header_text', $header_arr[$i]['text']);
131 if (!empty($header_arr[$i]['header_class'])) {
132 $admin_templates->set_var('class', $header_arr[$i]['header_class']);
134 $admin_templates->set_var('class', "admin-list-headerfield");
136 $admin_templates->parse('header_row', 'header', true);
139 if (count($data_arr) == 0) {
140 if (isset($text_arr['no_data'])) {
141 $message = $text_arr['no_data'];
143 $message = $LANG_ADMIN['no_results'];
145 $admin_templates->set_var('message', $message);
146 } else if ($data_arr === false) {
147 $admin_templates->set_var('message', $LANG_ADMIN['data_error']);
149 $admin_templates->set_var('show_message', 'display:none;');
150 for ($i = 0; $i < count($data_arr); $i++) {
151 if (count($data_arr) > $min_data AND is_array($options) AND $options['chkdelete']) {
152 $admin_templates->set_var('itemtext', '<input type="checkbox" name="delitem[]" value="' . $data_arr[$i][$options['chkfield']].'"' . XHTML . '>');
153 $admin_templates->set_var('class', "admin-list-field");
154 $admin_templates->parse('item_field', 'field', true);
156 for ($j = 0; $j < count($header_arr); $j++) {
157 $fieldname = $header_arr[$j]['field'];
159 if (!empty($data_arr[$i][$fieldname])) {
160 $fieldvalue = $data_arr[$i][$fieldname];
162 if (!empty($fieldfunction)) {
163 $fieldvalue = $fieldfunction($fieldname, $fieldvalue, $data_arr[$i], $icon_arr);
165 $fieldvalue = $fieldvalue;
167 if (!empty($header_arr[$j]['field_class'])) {
168 $admin_templates->set_var('class', $header_arr[$j]['field_class']);
170 $admin_templates->set_var('class', "admin-list-field");
172 if ($fieldvalue !== false) {
173 $admin_templates->set_var('itemtext', $fieldvalue);
174 $admin_templates->parse('item_field', 'field', true);
177 $admin_templates->set_var('cssid', ($i%2)+1);
178 $admin_templates->parse('item_row', 'row', true);
179 $admin_templates->clear_var('item_field');
183 $admin_templates->parse('output', 'list');
185 if (!empty($title)) {
186 $retval .= COM_startBlock($title, $help_url,
187 COM_getBlockTemplate('_admin_block', 'header'));
189 $retval .= $admin_templates->finish($admin_templates->get_var('output'));
190 if (!empty($title)) {
191 $retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
198 * Creates a list of data with a search, filter, clickable headers etc.
200 * @param string $component name of the list
201 * @param string $fieldfunction name of the function that handles special entries
202 * @param array $header_arr array of header fields with sortables and table fields
203 * @param array $text_arr array with different text strings
204 * @param array $query_arr array with sql-options
205 * @param array $defsort_arr default sorting values
206 * @param string $filter additional drop-down filters
207 * @param string $extra additional values passed to fieldfunction
208 * @param array $options array of options - intially just used for the Check-All feature
209 * @param array $form_arr optional extra forms at top or bottom
210 * @return string HTML output of function
213 function ADMIN_list($component, $fieldfunction, $header_arr, $text_arr,
214 $query_arr, $defsort_arr, $filter = '', $extra = '',
215 $options = '', $form_arr='')
217 global $_CONF, $_TABLES, $LANG_ADMIN, $LANG_ACCESS, $LANG01, $_IMAGE_TYPE, $MESSAGE;
219 // set all variables to avoid warnings
225 if (isset ($_GET['prevorder'])) { # what was the last sorting?
226 $prevorder = COM_applyFilter ($_GET['prevorder']);
230 if (isset ($_REQUEST['q'])) { // get query (text-search)
231 $query = strip_tags(COM_stripslashes($_REQUEST['q']));
235 if (isset($_REQUEST['query_limit'])) { // get query-limit (list-length)
236 $query_limit = COM_applyFilter($_REQUEST['query_limit'], true);
237 if ($query_limit == 0) {
242 // we assume that the current page is 1 to set it.
245 // get the current page from the interface. The variable is linked to the
246 // component, i.e. the plugin/function calling this here to avoid overlap
247 if (isset ($_REQUEST[$component . 'listpage'])) {
248 $page = COM_applyFilter ($_REQUEST[$component . 'listpage'], true);
252 $curpage = 1; #current page has to be larger 0
255 $help_url = ''; # do we have a help url for the block-header?
256 if (!empty ($text_arr['help_url'])) {
257 $help_url = $text_arr['help_url'];
260 $form_url = ''; # what is the form-url for the search button and list sorters?
261 if (!empty ($text_arr['form_url'])) {
262 $form_url = $text_arr['form_url'];
265 $title = ''; # what is the title of the page?
266 if (!empty ($text_arr['title'])) {
267 $title = $text_arr['title'];
270 $inline_form = false;
271 if (isset($text_arr['inline'])) {
272 $inline_form = $text_arr['inline'];
275 # get all template fields.
276 $admin_templates = new Template($_CONF['path_layout'] . 'admin/lists');
277 $admin_templates->set_file (array (
278 'search' => 'searchmenu.thtml',
279 'list' => ($inline_form ? 'inline.thtml' : 'list.thtml'),
280 'header' => 'header.thtml',
281 'row' => 'listitem.thtml',
282 'field' => 'field.thtml'
285 # insert std. values into the template
286 $admin_templates->set_var( 'xhtml', XHTML );
287 $admin_templates->set_var('site_url', $_CONF['site_url']);
288 $admin_templates->set_var('site_admin_url', $_CONF['site_admin_url']);
289 $admin_templates->set_var('layout_url', $_CONF['layout_url']);
290 $admin_templates->set_var('form_url', $form_url);
291 $admin_templates->set_var('lang_edit', $LANG_ADMIN['edit']);
292 $admin_templates->set_var('lang_deleteall', $LANG01[124]);
293 $admin_templates->set_var('lang_delconfirm', $LANG01[125]);
294 if (isset($form_arr['top'])) {
295 $admin_templates->set_var('formfields_top', $form_arr['top']);
297 if (isset($form_arr['bottom'])) {
298 $admin_templates->set_var('formfields_bottom', $form_arr['bottom']);
300 // Check if the delete checkbox and support for the delete all feature should be displayed
301 if (is_array($options) AND $options['chkdelete']) {
302 $admin_templates->set_var('header_text', '<input type="checkbox" name="chk_selectall" title="'.$LANG01[126].'" onclick="caItems(this.form);"' . XHTML . '>');
303 $admin_templates->set_var('class', "admin-list-field");
304 $admin_templates->set_var('show_deleteimage', '');
305 $admin_templates->parse('header_row', 'header', true);
306 $admin_templates->clear_var('on_click');
308 $admin_templates->set_var('show_deleteimage','display:none;');
311 # define icon paths. Those will be transmitted to $fieldfunction.
312 $icons_type_arr = array('edit', 'copy', 'list', 'addchild');
314 foreach ($icons_type_arr as $icon_type) {
315 $icon_url = "{$_CONF['layout_url']}/images/$icon_type.$_IMAGE_TYPE";
316 $icon_arr[$icon_type] = COM_createImage($icon_url, $LANG_ADMIN[$icon_type]);
320 if (isset($text_arr['has_extras'])) { # does this one use extras? (search, google paging)
321 $has_extras = $text_arr['has_extras'];
323 if ($has_extras) { // show search
324 $admin_templates->set_var('lang_search', $LANG_ADMIN['search']);
325 $admin_templates->set_var('lang_submit', $LANG_ADMIN['submit']);
326 $admin_templates->set_var('lang_limit_results',
327 $LANG_ADMIN['limit_results']);
328 $admin_templates->set_var('last_query', htmlspecialchars($query));
329 $admin_templates->set_var('filter', $filter);
332 $sql_query = addslashes($query); // replace quotes etc for security
333 $sql = $query_arr['sql']; // get sql from array that builds data
335 $order_var = ''; # number that is displayed in URL
336 $order = ''; # field that is used in SQL
337 $order_var_link = ''; # Variable for google paging.
339 // is the order set in the link (when sorting the list)
340 if (!isset ($_GET['order'])) {
341 $order = $defsort_arr['field']; // no, get the default
343 $order_var = COM_applyFilter ($_GET['order'], true);
344 $order_var_link = "&order=$order_var"; # keep the variable for the google paging
345 $order = $header_arr[$order_var]['field']; # current order field name
347 $order_for_query = $order;
348 // this code sorts only by the field if its in table.field style.
349 // removing this however makes match for arrow-display impossible, so removed it.
350 // maybe now for more fields the table has to be added to the sortfield?
351 //$order = explode ('.', $order);
352 //if (count ($order) > 1) {
353 // $order = $order[1];
355 // $order = $order[0];
359 if (!isset ($_GET['direction'])) { # get direction to sort after
360 $direction = $defsort_arr['direction'];
362 $direction = COM_applyFilter ($_GET['direction']);
364 $direction = strtoupper ($direction);
365 if ($order == $prevorder) { #reverse direction if prev. order was the same
366 $direction = ($direction == 'DESC') ? 'ASC' : 'DESC';
368 $direction = ($direction == 'DESC') ? 'DESC' : 'ASC';
371 if ($direction == 'ASC') { # assign proper arrow img name dep. on sort order
372 $arrow = 'bararrowdown';
374 $arrow = 'bararrowup';
376 # make actual order arrow image
377 $img_arrow_url = "{$_CONF['layout_url']}/images/$arrow.$_IMAGE_TYPE";
378 $img_arrow = ' ' . COM_createImage($img_arrow_url, $arrow);
380 if (!empty ($order_for_query)) { # concat order string
381 $order_sql = "ORDER BY $order_for_query $direction";
383 $th_subtags = ''; // other tags in the th, such as onclick and mouseover
384 $header_text = ''; // title as displayed to the user
385 // HEADER FIELDS array(text, field, sort, class)
386 // this part defines the contents & format of the header fields
388 for ($i=0; $i < count( $header_arr ); $i++) { #iterate through all headers
389 $header_text = $header_arr[$i]['text'];
391 if ($header_arr[$i]['sort'] != false) { # is this sortable?
392 if ($order==$header_arr[$i]['field']) { # is this currently sorted?
393 $header_text .= $img_arrow;
395 # make the mouseover effect is sortable
396 $th_subtags = " onmouseover=\"this.style.cursor='pointer';\"";
397 $order_var = $i; # assign number to field so we know what to sort
398 if (strpos ($form_url, '?') > 0) {
399 $separator = '&';
403 $th_subtags .= " onclick=\"window.location.href='$form_url$separator" // onclick action
404 ."order=$order_var&prevorder=$order&direction=$direction";
406 $th_subtags .= '&' . $component . 'listpage=' . $page;
408 if (!empty($query)) {
409 $th_subtags .= '&q=' . urlencode($query);
411 if (!empty($query_limit)) {
412 $th_subtags .= '&query_limit=' . $query_limit;
414 $th_subtags .= "';\"";
417 if (!empty($header_arr[$i]['header_class'])) {
418 $admin_templates->set_var('class', $header_arr[$i]['header_class']);
420 $admin_templates->set_var('class', "admin-list-headerfield");
422 $admin_templates->set_var('header_text', $header_text);
423 $admin_templates->set_var('th_subtags', $th_subtags);
424 $admin_templates->parse('header_row', 'header', true);
425 $admin_templates->clear_var('th_subtags'); // clear all for next header
426 $admin_templates->clear_var('class');
427 $admin_templates->clear_var('header_text');
431 $limit = 50; # default query limit if not other chosen.
432 # maybe this could be a setting from the list?
433 if (!empty($query_limit)) {
434 $limit = $query_limit;
436 if ($query != '') { # set query into form after search
437 $admin_templates->set_var ('query', urlencode($query) );
439 $admin_templates->set_var ('query', '');
441 $admin_templates->set_var ('query_limit', $query_limit);
442 # choose proper dropdown field for query limit
443 $admin_templates->set_var($limit . '_selected', 'selected="selected"');
445 if (!empty($query_arr['default_filter'])){ # add default filter to sql
446 $filter_str = " {$query_arr['default_filter']}";
448 if (!empty ($query)) { # add query fields with search term
449 $filter_str .= " AND (";
450 for ($f = 0; $f < count($query_arr['query_fields']); $f++) {
451 $filter_str .= $query_arr['query_fields'][$f]
452 . " LIKE '%$sql_query%'";
453 if ($f < (count($query_arr['query_fields']) - 1)) {
454 $filter_str .= " OR ";
459 $num_pages_sql = $sql . $filter_str;
460 $num_pages_result = DB_query($num_pages_sql);
461 $num_rows = DB_numRows($num_pages_result);
462 $num_pages = ceil ($num_rows / $limit);
463 if ($num_pages < $curpage) { # make sure we dont go beyond possible results
466 $offset = (($curpage - 1) * $limit);
467 $limit = "LIMIT $offset,$limit"; # get only current page data
468 $admin_templates->set_var ('lang_records_found',
469 $LANG_ADMIN['records_found']);
470 $admin_templates->set_var ('records_found',
471 COM_numberFormat ($num_rows));
472 $admin_templates->parse('search_menu', 'search', true);
476 $sql .= "$filter_str $order_sql $limit;";
478 $result = DB_query($sql);
479 $nrows = DB_numRows($result);
480 $r = 1; # r is the counter for the actual displayed rows for correct coloring
481 for ($i = 0; $i < $nrows; $i++) { # now go through actual data
482 $A = DB_fetchArray($result);
483 $this_row = false; # as long as no fields are returned, dont print row
484 if (is_array($options) AND $options['chkdelete']) {
485 $admin_templates->set_var('class', "admin-list-field");
486 $admin_templates->set_var('itemtext', '<input type="checkbox" name="delitem[]" value="' . $A[$options['chkfield']].'"' . XHTML . '>');
487 $admin_templates->parse('item_field', 'field', true);
489 for ($j = 0; $j < count($header_arr); $j++) {
490 $fieldname = $header_arr[$j]['field']; # get field name from headers
492 if (!empty($A[$fieldname])) { # is there a field in data like that?
493 $fieldvalue = $A[$fieldname]; # yes, get its data
495 if (!empty ($fieldfunction) && !empty ($extra)) {
496 $fieldvalue = $fieldfunction ($fieldname, $fieldvalue, $A, $icon_arr, $extra);
497 } else if (!empty ($fieldfunction)) { # do we have a fieldfunction?
498 $fieldvalue = $fieldfunction ($fieldname, $fieldvalue, $A, $icon_arr);
499 } else { # if not just take the value
500 $fieldvalue = $fieldvalue;
502 if ($fieldvalue !== false) { # return was there, so write line
505 $fieldvalue = ''; // dont give emtpy fields
507 if (!empty($header_arr[$j]['field_class'])) {
508 $admin_templates->set_var('class', $header_arr[$j]['field_class']);
510 $admin_templates->set_var('class', "admin-list-field");
512 $admin_templates->set_var('itemtext', $fieldvalue); # write field
513 $admin_templates->parse('item_field', 'field', true);
515 if ($this_row) { # there was data in at least one field, so print line
516 $r++; # switch to next color
517 $admin_templates->set_var('cssid', ($r%2)+1); # make alternating table color
518 $admin_templates->parse('item_row', 'row', true); # process the complete row
520 $admin_templates->clear_var('item_field'); # clear field
523 if ($nrows==0) { # there is no data. return notification message.
524 if (isset($text_arr['no_data'])) {
525 $message = $text_arr['no_data']; # there is a user-message
527 $message = $LANG_ADMIN['no_results']; # take std.
529 $admin_templates->set_var('message', $message);
532 if ($has_extras) { # now make google-paging
533 $hasargs = strstr( $form_url, '?' );
539 if (!empty($query)) { # port query to next page
540 $base_url = $form_url . $sep . 'q=' . urlencode($query) . "&query_limit=$query_limit$order_var_link&direction=$direction";
542 $base_url = $form_url . $sep ."query_limit=$query_limit$order_var_link&direction=$direction";
545 if ($num_pages > 1) { # print actual google-paging
546 $admin_templates->set_var('google_paging',COM_printPageNavigation($base_url,$curpage,$num_pages, $component . 'listpage='));
548 $admin_templates->set_var('google_paging', '');
552 $admin_templates->parse('output', 'list');
554 // Do the actual output
555 if (!empty($title)) {
556 $retval .= COM_startBlock($title, $help_url,
557 COM_getBlockTemplate('_admin_block', 'header'));
559 $retval .= $admin_templates->finish($admin_templates->get_var('output'));
560 if (!empty($title)) {
561 $retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
568 * Creates a menu with an optional icon and optional text below
569 * this is used in the admin screens but may be used elsewhere also.
571 * @param array $menu_arr array of text & URL of the menu entries
572 * @param string $text instructions to be displayed
573 * @param string icon url of an icon that will be displayed
574 * @return string HTML output of function
577 function ADMIN_createMenu($menu_arr, $text, $icon = '')
581 $admin_templates = new Template($_CONF['path_layout'] . 'admin/lists');
582 $admin_templates->set_file (
583 array ('top_menu' => 'topmenu.thtml')
587 $attr = array('class' => 'admin-menu-item');
588 for ($i = 0; $i < count($menu_arr); $i++) { # iterate through menu
589 $menu_fields .= COM_createLink($menu_arr[$i]['text'], $menu_arr[$i]['url'], $attr);
590 if ($i < (count($menu_arr) -1)) {
591 $menu_fields .= ' | '; # add separator
594 if (!empty ($icon)) {
595 $attr = array('class' => 'admin-menu-icon');
596 $icon = COM_createImage($icon, '', $attr);
597 $admin_templates->set_var('icon', $icon);
599 $admin_templates->set_var('menu_fields', $menu_fields);
600 $admin_templates->set_var('lang_instructions', $text);
601 $admin_templates->set_var('xhtml', XHTML);
602 $admin_templates->set_var('site_url', $_CONF['site_url']);
603 $admin_templates->set_var('site_admin_url', $_CONF['site_admin_url']);
604 $admin_templates->set_var('layout_url', $_CONF['layout_url']);
605 $admin_templates->parse('top_menu', 'top_menu');
606 $retval = $admin_templates->finish($admin_templates->get_var('top_menu'));
612 * The following functions are helper functions used as $fieldfunction with
613 * ADMIN_list and ADMIN_simpleList (see above)
619 * used for the list of blocks in admin/block.php
622 function ADMIN_getListField_blocks($fieldname, $fieldvalue, $A, $icon_arr, $token)
624 global $_CONF, $LANG_ADMIN, $LANG21, $_IMAGE_TYPE;
628 $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'],
629 $A['perm_group'], $A['perm_members'], $A['perm_anon']);
631 if (($access > 0) && (hasBlockTopicAccess($A['tid']) > 0)) {
632 switch ($fieldname) {
635 $retval = COM_createLink($icon_arr['edit'],
636 "{$_CONF['site_admin_url']}/block.php?mode=edit&bid={$A['bid']}");
641 $retval = stripslashes($A['title']);
642 if (empty($retval)) {
643 $retval = '(' . $A['name'] . ')';
648 $retval .= $A['blockorder'];
653 if ($A['is_enabled'] == 1) {
654 $switch = ' checked="checked"';
658 $retval = "<input type=\"checkbox\" name=\"enabledblocks[{$A['bid']}]\" "
659 . "onclick=\"submit()\" value=\"{$A['onleft']}\"$switch" . XHTML . ">";
660 $retval .= "<input type=\"hidden\" name=\"" . CSRF_TOKEN . "\" value=\"{$token}\"" . XHTML . ">";
666 if ($A['onleft'] == 1) {
668 $blockcontrol_image = 'block-right.' . $_IMAGE_TYPE;
669 $moveTitleMsg = $LANG21[59];
672 $blockcontrol_image = 'block-left.' . $_IMAGE_TYPE;
673 $moveTitleMsg = $LANG21[60];
676 $csrftoken = '&' . CSRF_TOKEN . '=' . $token;
677 $retval.="<img src=\"{$_CONF['layout_url']}/images/admin/$blockcontrol_image\" width=\"45\" height=\"20\" usemap=\"#arrow{$A['bid']}\" alt=\"\"" . XHTML . ">"
678 ."<map id=\"arrow{$A['bid']}\" name=\"arrow{$A['bid']}\">"
679 ."<area coords=\"0,0,12,20\" title=\"{$LANG21[58]}\" href=\"{$_CONF['site_admin_url']}/block.php?mode=move&bid={$A['bid']}&where=up{$csrftoken}\" alt=\"{$LANG21[58]}\"" . XHTML . ">"
680 ."<area coords=\"13,0,29,20\" title=\"$moveTitleMsg\" href=\"{$_CONF['site_admin_url']}/block.php?mode=move&bid={$A['bid']}&where=$switchside{$csrftoken}\" alt=\"$moveTitleMsg\"" . XHTML . ">"
681 ."<area coords=\"30,0,43,20\" title=\"{$LANG21[57]}\" href=\"{$_CONF['site_admin_url']}/block.php?mode=move&bid={$A['bid']}&where=dn${csrftoken}\" alt=\"{$LANG21[57]}\"" . XHTML . ">"
687 $retval = $fieldvalue;
696 * used for the list of groups and in the group editor in admin/group.php
699 function ADMIN_getListField_groups($fieldname, $fieldvalue, $A, $icon_arr, $selected = '')
701 global $_CONF, $LANG_ACCESS, $LANG_ADMIN, $thisUsersGroups;
705 if(! is_array($thisUsersGroups)) {
706 $thisUsersGroups = SEC_getUserGroups();
709 $show_all_groups = false;
710 if (isset($_REQUEST['chk_showall']) && ($_REQUEST['chk_showall'] == 1)) {
711 $show_all_groups = true;
714 if (in_array($A['grp_id'], $thisUsersGroups) ||
715 SEC_groupIsRemoteUserAndHaveAccess($A['grp_id'], $thisUsersGroups)) {
718 $url = $_CONF['site_admin_url'] . '/group.php?mode=edit&grp_id='
720 if ($show_all_groups) {
721 $url .= '&chk_showall=1';
723 $retval = COM_createLink($icon_arr['edit'], $url);
727 if ($A['grp_gl_core'] == 1) {
728 $retval = $LANG_ACCESS['yes'];
730 $retval = $LANG_ACCESS['no'];
735 $url = $_CONF['site_admin_url'] . '/group.php?mode=';
736 if ($show_all_groups) {
737 $param = '&grp_id=' . $A['grp_id'] . '&chk_showall=1';
739 $param = '&grp_id=' . $A['grp_id'];
742 $retval = COM_createLink($icon_arr['list'],
743 $url . 'listusers' . $param);
744 if (($A['grp_name'] != 'All Users') &&
745 ($A['grp_name'] != 'Logged-in Users')) {
746 $retval .= ' ' . COM_createLink($icon_arr['edit'],
747 $url . 'editusers' . $param);
752 $retval = '<input type="checkbox" name="groups[]" value="'
753 . $A['grp_id'] . '"';
754 if (is_array($selected) && in_array($A['grp_id'], $selected)) {
755 $retval .= ' checked="checked"';
757 $retval .= XHTML . '>';
760 case 'disabled-checkbox':
761 $retval = '<input type="checkbox" checked="checked" '
762 . 'disabled="disabled"' . XHTML . '>'
763 . '<input type="hidden" name="groups[]" value="'
764 . $A['grp_id'] . '"' . XHTML . '>';
768 $retval = ucwords($fieldvalue);
772 $retval = $fieldvalue;
781 * used for the list of users in admin/user.php
784 function ADMIN_getListField_users($fieldname, $fieldvalue, $A, $icon_arr)
786 global $_CONF, $_TABLES, $LANG_ADMIN, $LANG04, $LANG28, $_IMAGE_TYPE;
790 switch ($fieldname) {
792 $retval = '<input type="checkbox" name="delitem[]" checked="checked"' . XHTML . '>';
795 $retval = COM_createLink($icon_arr['edit'],
796 "{$_CONF['site_admin_url']}/user.php?mode=edit&uid={$A['uid']}");
800 if (!empty ($A['photo'])) {
801 $photoico = " <img src=\"{$_CONF['layout_url']}/images/smallcamera."
802 . $_IMAGE_TYPE . '" alt="{$LANG04[77]}"' . XHTML . '>';
806 $retval = COM_createLink($fieldvalue, $_CONF['site_url']
807 . '/users.php?mode=profile&uid=' . $A['uid']) . $photoico;
810 if ($fieldvalue < 1) {
811 // if the user never logged in, show the registration date
812 $regdate = strftime ($_CONF['shortdate'], strtotime($A['regdate']));
813 $retval = "({$LANG28[36]}, {$LANG28[53]} $regdate)";
815 $retval = strftime ($_CONF['shortdate'], $fieldvalue);
818 case 'lastlogin_short':
819 if ($fieldvalue < 1) {
820 // if the user never logged in, show the registration date
821 $regdate = strftime ($_CONF['shortdate'], strtotime($A['regdate']));
822 $retval = "({$LANG28[36]})";
824 $retval = strftime ($_CONF['shortdate'], $fieldvalue);
828 if ($fieldvalue < 0){
829 // users that never logged in, would have a negative online days
830 $retval = $LANG_ADMIN['na'];
832 $retval = $fieldvalue;
836 case 'offline_months':
837 $retval = COM_numberFormat(round($fieldvalue / 2592000));
840 $retval = COM_numberFormat(round($fieldvalue / 3600, 3));
843 $retval = strftime ($_CONF['shortdate'], strtotime($fieldvalue));
845 case $_TABLES['users'] . '.uid':
849 $retval = $fieldvalue;
853 if (isset($A['status']) && ($A['status'] == USER_ACCOUNT_DISABLED)) {
854 if (($fieldname != 'edit') && ($fieldname != 'username')) {
855 $retval = sprintf ('<span class="strike" title="%s">%s</span>',
856 $LANG28[42], $retval);
864 * used for the list of stories in admin/story.php
867 function ADMIN_getListField_stories($fieldname, $fieldvalue, $A, $icon_arr)
869 global $_CONF, $_TABLES, $LANG_ADMIN, $LANG24, $LANG_ACCESS, $_IMAGE_TYPE;
871 static $topics, $topic_access, $topic_anon;
873 if (!isset($topics)) {
876 if (!isset($topic_access)) {
877 $topic_access = array();
882 switch ($fieldname) {
884 $curtime = COM_getUserDateTimeFormat($A['unixdate']);
885 $retval = strftime($_CONF['daytime'], $curtime[1]);
889 $A['title'] = str_replace('$', '$', $A['title']);
890 $article_url = COM_buildUrl($_CONF['site_url'] . '/article.php?story='
892 $retval = COM_createLink(stripslashes($A['title']), $article_url);
896 if ($A['draft_flag'] == 1) {
897 $retval = $LANG24[35];
899 $retval = $LANG24[36];
906 $access = SEC_hasAccess($A['owner_id'], $A['group_id'],
907 $A['perm_owner'], $A['perm_group'],
908 $A['perm_members'], $A['perm_anon']);
910 if (!isset($topic_access[$A['tid']])) {
911 $topic_access[$A['tid']] = SEC_hasTopicAccess($A['tid']);
913 if ($topic_access[$A['tid']] == 3) {
914 $access = $LANG_ACCESS['edit'];
916 $access = $LANG_ACCESS['readonly'];
919 $access = $LANG_ACCESS['readonly'];
921 if ($fieldname == 'access') {
923 } elseif ($access == $LANG_ACCESS['edit']) {
924 if ($fieldname == 'edit_adv') {
926 } elseif ($fieldname == 'edit') {
929 $editurl = $_CONF['site_admin_url']
930 . '/story.php?mode=edit&editor=' . $editmode
931 . '&sid=' . $A['sid'];
932 $retval = COM_createLink($icon_arr['edit'], $editurl);
937 if ($A['featured'] == 1) {
938 $retval = $LANG24[35];
940 $retval = $LANG24[36];
945 if (!isset($topic_anon[$A['tid']])) {
946 $topic_anon[$A['tid']] = DB_getItem($_TABLES['topics'], 'perm_anon',
947 "tid = '" . addslashes($A['tid']) . "'");
949 if (($A['draft_flag'] == 0) && ($A['unixdate'] < time()) &&
950 ($A['perm_anon'] != 0) && ($topic_anon[$A['tid']] != 0)) {
951 $pingico = '<img src="' . $_CONF['layout_url'] . '/images/sendping.'
952 . $_IMAGE_TYPE . '" alt="' . $LANG24[21] . '" title="'
953 . $LANG24[21] . '"' . XHTML . '>';
954 $url = $_CONF['site_admin_url']
955 . '/trackback.php?mode=sendall&id=' . $A['sid'];
956 $retval = COM_createLink($pingico, $url);
963 if (!isset($topics[$A['tid']])) {
964 $topics[$A['tid']] = DB_getItem($_TABLES['topics'], 'topic',
965 "tid = '{$A['tid']}'");
967 $retval = $topics[$A['tid']];
971 $retval = COM_getDisplayName($A['uid'], $A['username'], $A['fullname']);
975 $retval = $fieldvalue;
983 * used for the list of feeds in admin/syndication.php
986 function ADMIN_getListField_syndication($fieldname, $fieldvalue, $A, $icon_arr, $token)
988 global $_CONF, $_TABLES, $LANG_ADMIN, $LANG33, $_IMAGE_TYPE;
994 switch ($fieldname) {
996 $retval = COM_createLink($icon_arr['edit'],
997 "{$_CONF['site_admin_url']}/syndication.php?mode=edit&fid={$A['fid']}");
1001 if ($A['type'] == 'article') {
1002 $retval = $LANG33[55];
1004 $retval = ucwords($A['type']);
1009 $retval = str_replace('-' , ' ', ucwords($A['format']));
1013 $retval = strftime($_CONF['daytime'], $A['date']);
1017 if ($A['is_enabled'] == 1) {
1018 $switch = ' checked="checked"';
1022 $retval = "<input type=\"checkbox\" name=\"enabledfeeds[]\" "
1023 . "onclick=\"submit()\" value=\"{$A['fid']}\"$switch" . XHTML . ">";
1024 if (! isset($added_token)) {
1025 $retval .= "<input type=\"hidden\" name=\"" . CSRF_TOKEN . "\" value=\"{$token}\"" . XHTML . ">";
1026 $added_token = true;
1031 if ($A['header_tid'] == 'all') {
1032 $retval = $LANG33[43];
1033 } elseif ($A['header_tid'] == 'none') {
1034 $retval = $LANG33[44];
1036 $retval = DB_getItem($_TABLES['topics'], 'topic',
1037 "tid = '{$A['header_tid']}'");
1042 $url = SYND_getFeedUrl();
1043 $retval = COM_createLink($A['filename'], $url . $A['filename']);
1047 $retval = $fieldvalue;
1055 * used for the list of plugins in admin/plugins.php
1058 function ADMIN_getListField_plugins($fieldname, $fieldvalue, $A, $icon_arr, $token)
1060 global $_CONF, $LANG_ADMIN, $LANG32;
1062 static $added_token;
1066 switch($fieldname) {
1068 $retval = COM_createLink($icon_arr['edit'],
1069 "{$_CONF['site_admin_url']}/plugins.php?mode=edit&pi_name={$A['pi_name']}");
1072 $retval = plugin_get_pluginname($A['pi_name']);
1075 $plugin_code_version = PLG_chkVersion ($A['pi_name']);
1076 if (empty ($plugin_code_version)) {
1077 $code_version = $LANG_ADMIN['na'];
1079 $code_version = $plugin_code_version;
1081 $pi_installed_version = $A['pi_version'];
1082 if (empty ($plugin_code_version) ||
1083 ($pi_installed_version == $code_version)) {
1084 $retval = $pi_installed_version;
1086 $retval = "{$LANG32[37]}: $pi_installed_version, {$LANG32[36]}: $plugin_code_version";
1087 if ($A['pi_enabled'] == 1) {
1088 $retval .= " <b>{$LANG32[38]}</b>";
1093 $not_present = false;
1094 if ($A['pi_enabled'] == 1) {
1095 $switch = ' checked="checked"';
1098 if (! file_exists($_CONF['path'] . 'plugins/' . $A['pi_name']
1099 . '/functions.inc')) {
1100 $not_present = true;
1104 $retval = '<input type="checkbox" name="enabledplugins['
1105 . $A['pi_name'] . ']" disabled="disabled"' . XHTML . '>';
1107 $retval = '<input type="checkbox" name="enabledplugins['
1108 . $A['pi_name'] . ']" onclick="submit()" value="1"'
1109 . $switch . XHTML . '>';
1110 if (! isset($added_token)) {
1111 $retval .= '<input type="hidden" name="' . CSRF_TOKEN . '" '
1112 . 'value="' . $token . '"' . XHTML . '>';
1113 $added_token = true;
1118 $retval = $fieldvalue;
1125 * used for the lists of submissions and draft stories in admin/moderation.php
1128 function ADMIN_getListField_moderation($fieldname, $fieldvalue, $A, $icon_arr)
1130 global $_CONF, $_TABLES, $LANG_ADMIN;
1135 if (isset($A['_moderation_type'])) {
1136 $type = $A['_moderation_type'];
1138 switch ($fieldname) {
1140 $retval = COM_createLink($icon_arr['edit'], $A['edit']);
1144 $retval = "<input type=\"radio\" name=\"action[{$A['row']}]\" value=\"delete\"" . XHTML . ">";
1148 $retval = "<input type=\"radio\" name=\"action[{$A['row']}]\" value=\"approve\"" . XHTML . ">"
1149 ."<input type=\"hidden\" name=\"id[{$A['row']}]\" value=\"{$A[0]}\"" . XHTML . ">";
1153 $retval = strftime($_CONF['daytime'], $A['day']);
1157 $retval = DB_getItem($_TABLES['topics'], 'topic',
1158 "tid = '{$A['tid']}'");
1163 if ($A['uid'] == 1) {
1164 $name = htmlspecialchars(COM_stripslashes(DB_getItem($_TABLES['commentsubmissions'], 'name', "cid = '{$A['id']}'")));
1167 $name = COM_getDisplayName($A['uid']);
1169 if ($A['uid'] == 1) {
1172 $retval = COM_createLink($name, $_CONF['site_url']
1173 . '/users.php?mode=profile&uid=' . $A['uid']);
1177 case 'publishfuture':
1178 if (!SEC_inGroup('Comment Submitters', $A['uid']) && ($A['uid'] > 1)) {
1179 $retval = "<input type=\"checkbox\" name=\"publishfuture[]\" value=\"{$A['uid']}\"" . XHTML . ">";
1181 $retval = $LANG_ADMIN['na'];
1186 if (($fieldname == 3) && ($type == 'story')) {
1187 $retval = DB_getItem($_TABLES['topics'], 'topic',
1189 } elseif (($fieldname == 2) && ($type == 'comment')) {
1190 $commenttext = COM_getTextContent($A['comment']);
1191 $excerpt = htmlspecialchars(COM_truncate($commenttext, 140, '...'));
1193 // try to provide a link to the parent item (e.g. article, poll)
1194 $info = PLG_getItemInfo($A['type'], $A['sid'], 'title,url');
1195 if (empty($info) || empty($info[0]) || empty($info[1])) {
1196 // if not available, display excerpt from the comment
1197 $retval = htmlspecialchars(COM_truncate($commenttext, 40,
1199 if (strlen($commenttext) > 40) {
1200 $retval = '<span title="' . $excerpt . '">' . $retval
1204 $retval = COM_createLink($info[0], $info[1],
1205 array('title' => $excerpt));
1208 $retval = COM_makeClickableLinks(stripslashes($fieldvalue));
1217 * used for the list of ping services in admin/trackback.php
1220 function ADMIN_getListField_trackback($fieldname, $fieldvalue, $A, $icon_arr, $token)
1222 global $_CONF, $LANG_TRB;
1224 static $added_token;
1228 switch($fieldname) {
1230 $retval = COM_createLink($icon_arr['edit'],
1231 "{$_CONF['site_admin_url']}/trackback.php?mode=editservice&service_id={$A['pid']}");
1235 $retval = COM_createLink($A['name'], $A['site_url']);
1239 if ($A['method'] == 'weblogUpdates.ping') {
1240 $retval = $LANG_TRB['ping_standard'];
1241 } else if ($A['method'] == 'weblogUpdates.extendedPing') {
1242 $retval = $LANG_TRB['ping_extended'];
1244 $retval = '<span class="warningsmall">' . $LANG_TRB['ping_unknown']
1250 if ($A['is_enabled'] == 1) {
1251 $switch = ' checked="checked"';
1255 $retval = "<input type=\"checkbox\" name=\"changedservices[]\" "
1256 . "onclick=\"submit()\" value=\"{$A['pid']}\"$switch" . XHTML . ">";
1257 if (! isset($added_token)) {
1258 $retval .= "<input type=\"hidden\" name=\"" . CSRF_TOKEN
1259 . "\" value=\"{$token}\"" . XHTML . ">";
1260 $added_token = true;
1265 $retval = $fieldvalue;
1273 * used in the user editor in admin/user.php
1276 function ADMIN_getListField_usergroups($fieldname, $fieldvalue, $A, $icon_arr, $selected = '')
1278 global $thisUsersGroups;
1282 if(! is_array($thisUsersGroups)) {
1283 $thisUsersGroups = SEC_getUserGroups();
1286 if (in_array($A['grp_id'], $thisUsersGroups ) ||
1287 SEC_groupIsRemoteUserAndHaveAccess($A['grp_id'], $thisUsersGroups)) {
1288 switch($fieldname) {
1291 if (is_array($selected) && in_array($A['grp_id'], $selected)) {
1292 $checked = ' checked="checked"';
1294 if (($A['grp_name'] == 'All Users') ||
1295 ($A['grp_name'] == 'Logged-in Users') ||
1296 ($A['grp_name'] == 'Remote Users')) {
1297 $retval = '<input type="checkbox" disabled="disabled"'
1298 . $checked . XHTML . '>'
1299 . '<input type="hidden" name="groups[]" value="'
1300 . $A['grp_id'] . '"' . $checked . XHTML . '>';
1302 $retval = '<input type="checkbox" name="groups[]" value="'
1303 . $A['grp_id'] . '"' . $checked . XHTML . '>';
1308 $retval = ucwords($fieldvalue);
1312 $retval = $fieldvalue;