author | Dan |
Wed, 27 May 2009 09:45:54 -0400 | |
changeset 1006 | ec33f6cb333d |
parent 801 | eb8b23f11744 |
child 1013 | 8626bb38410f |
permissions | -rw-r--r-- |
346 | 1 |
<?php |
2 |
||
3 |
/* |
|
4 |
* Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between |
|
801
eb8b23f11744
Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents:
685
diff
changeset
|
5 |
* Version 1.1.6 (Caoineag beta 1) |
536 | 6 |
* Copyright (C) 2006-2008 Dan Fuhry |
346 | 7 |
* |
8 |
* This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License |
|
9 |
* as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. |
|
10 |
* |
|
11 |
* This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied |
|
12 |
* warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details. |
|
13 |
*/ |
|
14 |
||
15 |
// Page editing portal |
|
16 |
||
17 |
function page_Admin_PageEditor() |
|
18 |
{ |
|
19 |
global $db, $session, $paths, $template, $plugins; // Common objects |
|
20 |
global $lang; |
|
21 |
if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) |
|
22 |
{ |
|
23 |
$login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true); |
|
24 |
echo '<h3>' . $lang->get('adm_err_not_auth_title') . '</h3>'; |
|
25 |
echo '<p>' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '</p>'; |
|
26 |
return; |
|
27 |
} |
|
28 |
||
29 |
echo '<h3>' . $lang->get('acped_heading_main') . '</h3>'; |
|
30 |
$show_select = true; |
|
31 |
||
32 |
if ( isset($_REQUEST['action']) || isset($_REQUEST['source']) ) |
|
33 |
{ |
|
34 |
if ( isset($_REQUEST['action']) ) |
|
35 |
{ |
|
36 |
$act =& $_REQUEST['action']; |
|
37 |
$act = strtolower($act); |
|
38 |
} |
|
39 |
else if ( isset($_REQUEST['source']) && $_REQUEST['source'] == 'ajax' ) |
|
40 |
{ |
|
41 |
$act = 'select'; |
|
42 |
} |
|
43 |
switch ( $act ) |
|
44 |
{ |
|
45 |
case 'save': |
|
46 |
case 'select': |
|
47 |
// First step is to determine the page ID and namespace |
|
48 |
||
49 |
if ( isset($_REQUEST['pid_search']) ) |
|
50 |
{ |
|
51 |
list($page_id, $namespace) = RenderMan::strToPageID($_REQUEST['page_id']); |
|
52 |
$name = $db->escape(dirtify_page_id($page_id)); |
|
53 |
$page_id = $db->escape(sanitize_page_id($page_id)); |
|
54 |
$namespace = $db->escape($namespace); |
|
55 |
$name = strtolower($name); |
|
56 |
$page_id = strtolower($page_id); |
|
57 |
$sql = "SELECT * FROM " . table_prefix . "pages WHERE ( " . ENANO_SQLFUNC_LOWERCASE . "(urlname) LIKE '%$page_id%' OR " . ENANO_SQLFUNC_LOWERCASE . "(name) LIKE '%$name%' ) ORDER BY name ASC;"; |
|
58 |
} |
|
59 |
else |
|
60 |
{ |
|
61 |
// pid_search was not set, assume absolute page ID |
|
62 |
list($page_id, $namespace) = RenderMan::strToPageID($_REQUEST['page_id']); |
|
63 |
$page_id = $db->escape(sanitize_page_id($page_id)); |
|
64 |
$namespace = $db->escape($namespace); |
|
65 |
||
66 |
$sql = "SELECT * FROM " . table_prefix . "pages WHERE urlname = '$page_id' AND namespace = '$namespace';"; |
|
67 |
} |
|
68 |
||
69 |
if ( !($q = $db->sql_query($sql)) ) |
|
70 |
{ |
|
71 |
$db->_die('PageManager selecting dataset for page'); |
|
72 |
} |
|
73 |
||
74 |
if ( $db->numrows() < 1 ) |
|
75 |
{ |
|
76 |
echo '<div class="error-box"> |
|
77 |
' . $lang->get('acped_err_page_not_found') . ' |
|
78 |
</div>'; |
|
79 |
break; |
|
80 |
} |
|
81 |
||
82 |
if ( $db->numrows() > 1 ) |
|
83 |
{ |
|
84 |
// Ambiguous results |
|
85 |
if ( isset($_REQUEST['pid_search']) ) |
|
86 |
{ |
|
87 |
echo '<h3>' . $lang->get('acped_msg_results_ambiguous_title') . '</h3>'; |
|
88 |
echo '<p>' . $lang->get('acped_msg_results_ambiguous_body') . '</p>'; |
|
89 |
echo '<ul>'; |
|
90 |
while ( $row = $db->fetchrow($q) ) |
|
91 |
{ |
|
92 |
echo '<li>'; |
|
93 |
$pathskey = $paths->nslist[$row['namespace']] . $row['urlname']; |
|
94 |
$edit_url = makeUrlNS($row['namespace'], $row['urlname']) . '#do:edit'; |
|
95 |
$view_url = makeUrlNS($row['namespace'], $row['urlname']); |
|
96 |
$page_name = htmlspecialchars(get_page_title_ns( $row['urlname'], $row['namespace'] )); |
|
97 |
$view_link = $lang->get('acped_ambig_btn_viewpage'); |
|
98 |
echo "<a href=\"$edit_url\">$page_name</a> (<a onclick=\"window.open(this.href); return false;\" href=\"$view_url\">$view_link</a>)"; |
|
99 |
echo '</li>'; |
|
100 |
} |
|
101 |
echo '</ul>'; |
|
102 |
$show_select = false; |
|
103 |
break; |
|
104 |
} |
|
105 |
else |
|
106 |
{ |
|
107 |
echo '<p>' . $lang->get('acped_err_ambig_absolute') . '</p>'; |
|
108 |
break; |
|
109 |
} |
|
110 |
} |
|
111 |
||
112 |
// From this point on we can assume that exactly one matching page was found. |
|
113 |
$dataset = $db->fetchrow(); |
|
114 |
$page_id = $dataset['urlname']; |
|
115 |
$namespace = $dataset['namespace']; |
|
116 |
$url = makeUrlNS($namespace, $page_id, false, true) . '#do:edit'; |
|
117 |
$url = addslashes($url); |
|
118 |
echo '<script type="text/javascript"> |
|
119 |
window.location = \'' . $url . '\'; |
|
120 |
</script>'; |
|
121 |
||
122 |
$show_select = false; |
|
123 |
break; |
|
124 |
} |
|
125 |
} |
|
126 |
||
127 |
if ( $show_select ) |
|
128 |
{ |
|
129 |
echo '<p>' . $lang->get('acped_hint') . '</p>'; |
|
130 |
||
131 |
// Show the search form |
|
132 |
||
133 |
$form_action = makeUrlNS('Special', 'Administration', "module={$paths->nslist['Admin']}PageEditor", true); |
|
134 |
echo "<form action=\"$form_action\" method=\"post\">"; |
|
135 |
echo $lang->get('acped_lbl_field_search') . ' '; |
|
136 |
echo $template->pagename_field('page_id') . ' '; |
|
137 |
echo '<input type="hidden" name="action" value="select" />'; |
|
138 |
echo '<input type="submit" name="pid_search" value="' . $lang->get('search_btn_search') . '" />'; |
|
139 |
echo "</form>"; |
|
140 |
||
141 |
// Grab all pages from the database and show a list of pages on the site |
|
142 |
||
143 |
echo '<h3>' . $lang->get('acped_heading_select_page_from_list') . '</h3>'; |
|
144 |
echo '<p>' . $lang->get('acped_hint_select_page_from_list') . '</p>'; |
|
145 |
||
146 |
$q = $db->sql_query('SELECT COUNT(name) AS num_pages FROM ' . table_prefix . 'pages;'); |
|
147 |
if ( !$q ) |
|
148 |
$db->_die('PageManager doing initial page count'); |
|
149 |
list($num_pages) = $db->fetchrow_num(); |
|
150 |
$db->free_result(); |
|
151 |
||
152 |
$pg_start = ( isset($_GET['offset']) ) ? intval($_GET['offset']) : 0; |
|
153 |
||
154 |
$q = $db->sql_unbuffered_query('SELECT urlname, name, namespace, ' . $num_pages . ' AS num_pages, ' . $pg_start . ' AS offset, \'edit\' AS mode FROM ' . table_prefix . 'pages ORDER BY name ASC;'); |
|
155 |
if ( !$q ) |
|
156 |
$db->_die('PageManager doing main select query for page list'); |
|
157 |
||
158 |
// Paginate results |
|
159 |
$html = paginate( |
|
160 |
$q, |
|
161 |
'{urlname}', |
|
162 |
$num_pages, |
|
163 |
makeUrlNS('Special', 'Administration', "module={$paths->nslist['Admin']}PageEditor&offset=%s", false), |
|
164 |
$pg_start, |
|
165 |
99, |
|
166 |
array('urlname' => 'admin_pagemanager_format_listing'), |
|
167 |
'<div class="tblholder" style="height: 300px; clip: rect(0px, auto, auto, 0px); overflow: auto;"> |
|
168 |
<table border="0" cellspacing="1" cellpadding="4">', |
|
169 |
' </table> |
|
170 |
</div>' |
|
171 |
); |
|
172 |
echo $html; |
|
173 |
} |
|
174 |
||
175 |
} |
|
176 |
||
177 |
?> |