lib.pager.php @ 3746:0cae5565cdc8

Visit:

Revision 3746:0cae5565cdc8, 34.2 KB checked in by franck <carnet.franck.paul@…>, 7 years ago (diff)
Fix potential reflective XSS, thank's Zekvan Arslan for report (via Daniel Bishtawi from https://www.netsparker.com/)

Rev	Line
[0]	1	<?php
[3731]	2	/**
	3	* @package Dotclear
	4	* @subpackage Backend
	5	*
	6	* @copyright Olivier Meunier & Association Dotclear
	7	* @copyright GPL-2.0-only
	8	*/
	9
[3707]	10	if (!defined('DC_RC_PATH')) {return;}
[0]	11
[1909]	12	class dcPager extends pager
	13	{
[3707]	14	protected $form_action;
	15	protected $form_hidden;
[2566]	16
[3707]	17	protected function getLink($li_class, $href, $img_src, $img_src_nolink, $img_alt, $enable_link)
	18	{
	19	if ($enable_link) {
	20	$formatter = '<li class="%s btn"><a href="%s"><img src="%s" alt="%s"/></a><span class="hidden">%s</span></li>';
	21	return sprintf($formatter,
	22	$li_class, $href, $img_src, $img_alt, $img_alt);
	23	} else {
	24	$formatter = '<li class="%s no-link btn"><img src="%s" alt="%s"/></li>';
	25	return sprintf($formatter,
	26	$li_class, $img_src_nolink, $img_alt, $img_alt);
	27	}
	28	}
	29	public function setURL()
	30	{
	31	parent::setURL();
	32	$url = parse_url($_SERVER['REQUEST_URI']);
	33	if (isset($url['query'])) {
	34	parse_str($url['query'], $args);
	35	} else {
	36	$args = array();
	37	}
	38	# Removing session information
	39	if (session_id()) {
	40	if (isset($args[session_name()])) {
	41	unset($args[session_name()]);
	42	}
[2566]	43
[3707]	44	}
	45	if (isset($args[$this->var_page])) {
	46	unset($args[$this->var_page]);
	47	}
	48	if (isset($args['ok'])) {
	49	unset($args['ok']);
	50	}
[3746]	51
[3707]	52	$this->form_hidden = '';
	53	foreach ($args as $k => $v) {
[3746]	54	// Check parameter key (will prevent some forms of XSS)
	55	if ($k === preg_replace('`[^A-Za-z0-9_-]`', '', $k)) {
	56	if (is_array($v)) {
	57	foreach ($v as $k2 => $v2) {
	58	$this->form_hidden .= form::hidden(array($k . '[]'), html::escapeHTML($v2));
	59	}
	60	} else {
	61	$this->form_hidden .= form::hidden(array($k), html::escapeHTML($v));
[3707]	62	}
	63	}
	64	}
	65	$this->form_action = $url['path'];
	66	}
[2566]	67
[3707]	68	/**
	69	* Pager Links
	70	*
	71	* Returns pager links
	72	*
	73	* @return string
	74	*/
	75	public function getLinks()
	76	{
	77	$this->setURL();
	78	$htmlFirst = $this->getLink(
	79	"first",
	80	sprintf($this->page_url, 1),
	81	"images/pagination/first.png",
	82	"images/pagination/no-first.png",
	83	__('First page'),
	84	($this->env > 1)
	85	);
	86	$htmlPrev = $this->getLink(
	87	"prev",
	88	sprintf($this->page_url, $this->env - 1),
	89	"images/pagination/previous.png",
	90	"images/pagination/no-previous.png",
	91	__('Previous page'),
	92	($this->env > 1)
	93	);
	94	$htmlNext = $this->getLink(
	95	"next",
	96	sprintf($this->page_url, $this->env + 1),
	97	"images/pagination/next.png",
	98	"images/pagination/no-next.png",
	99	__('Next page'),
	100	($this->env < $this->nb_pages)
	101	);
	102	$htmlLast = $this->getLink(
	103	"last",
	104	sprintf($this->page_url, $this->nb_pages),
	105	"images/pagination/last.png",
	106	"images/pagination/no-last.png",
	107	__('Last page'),
	108	($this->env < $this->nb_pages)
	109	);
	110	$htmlCurrent =
	111	'<li class="active"><strong>' .
	112	sprintf(__('Page %s / %s'), $this->env, $this->nb_pages) .
	113	'</strong></li>';
[2566]	114
[3707]	115	$htmlDirect =
	116	($this->nb_pages > 1 ?
	117	sprintf('<li class="direct-access">' . __('Direct access page %s'),
[3725]	118	form::number(array($this->var_page), 1, $this->nb_pages)) .
[3707]	119	'<input type="submit" value="' . __('ok') . '" class="reset" ' .
	120	'name="ok" />' . $this->form_hidden . '</li>' : '');
[2566]	121
[3707]	122	$res =
	123	'<form action="' . $this->form_action . '" method="get">' .
	124	'<div class="pager"><ul>' .
	125	$htmlFirst .
	126	$htmlPrev .
	127	$htmlCurrent .
	128	$htmlNext .
	129	$htmlLast .
	130	$htmlDirect .
	131	'</ul>' .
	132	'</div>' .
	133	'</form>'
	134	;
	135
	136	return $this->nb_elements > 0 ? $res : '';
	137	}
[1909]	138	}
	139
[0]	140	class adminGenericList
	141	{
[3707]	142	protected $core;
	143	protected $rs;
	144	protected $rs_count;
[2566]	145
[3707]	146	public function __construct($core, $rs, $rs_count)
	147	{
	148	$this->core = &$core;
	149	$this->rs = &$rs;
	150	$this->rs_count = $rs_count;
	151	$this->html_prev = __('« prev.');
	152	$this->html_next = __('next »');
	153	}
[3265]	154
[3707]	155	public function userColumns($type, $cols)
	156	{
	157	$cols_user = @$this->core->auth->user_prefs->interface->cols;
	158	if (is_array($cols_user)) {
	159	if (isset($cols_user[$type])) {
	160	foreach ($cols_user[$type] as $cn => $cd) {
	161	if (!$cd && isset($cols[$cn])) {
	162	unset($cols[$cn]);
	163	}
	164	}
	165	}
	166	}
	167	}
[0]	168	}
	169
	170	class adminPostList extends adminGenericList
	171	{
[3707]	172	public function display($page, $nb_per_page, $enclose_block = '', $filter = false)
	173	{
	174	if ($this->rs->isEmpty()) {
	175	if ($filter) {
	176	echo '<p><strong>' . __('No entry matches the filter') . '</strong></p>';
	177	} else {
	178	echo '<p><strong>' . __('No entry') . '</strong></p>';
	179	}
	180	} else {
	181	$pager = new dcPager($page, $this->rs_count, $nb_per_page, 10);
	182	$entries = array();
	183	if (isset($_REQUEST['entries'])) {
	184	foreach ($_REQUEST['entries'] as $v) {
	185	$entries[(integer) $v] = true;
	186	}
	187	}
	188	$html_block =
	189	'<div class="table-outer">' .
	190	'<table>';
[2566]	191
[3707]	192	if ($filter) {
	193	$html_block .= '<caption>' . sprintf(__('List of %s entries matching the filter.'), $this->rs_count) . '</caption>';
	194	} else {
	195	$nb_published = $this->core->blog->getPosts(array('post_status' => 1), true)->f(0);
	196	$nb_pending = $this->core->blog->getPosts(array('post_status' => -2), true)->f(0);
	197	$nb_programmed = $this->core->blog->getPosts(array('post_status' => -1), true)->f(0);
	198	$nb_unpublished = $this->core->blog->getPosts(array('post_status' => 0), true)->f(0);
	199	$html_block .= '<caption>' .
	200	sprintf(__('List of entries (%s)'), $this->rs_count) .
	201	($nb_published ?
	202	sprintf(
	203	__(', <a href="%s">published</a> (1)', ', <a href="%s">published</a> (%s)', $nb_published),
	204	$this->core->adminurl->get('admin.posts', array('status' => 1)),
	205	$nb_published) : '') .
	206	($nb_pending ?
	207	sprintf(
	208	__(', <a href="%s">pending</a> (1)', ', <a href="%s">pending</a> (%s)', $nb_pending),
	209	$this->core->adminurl->get('admin.posts', array('status' => -2)),
	210	$nb_pending) : '') .
	211	($nb_programmed ?
	212	sprintf(__(', <a href="%s">programmed</a> (1)', ', <a href="%s">programmed</a> (%s)', $nb_programmed),
	213	$this->core->adminurl->get('admin.posts', array('status' => -1)),
	214	$nb_programmed) : '') .
	215	($nb_unpublished ?
	216	sprintf(__(', <a href="%s">unpublished</a> (1)', ', <a href="%s">unpublished</a> (%s)', $nb_unpublished),
	217	$this->core->adminurl->get('admin.posts', array('status' => 0)),
	218	$nb_unpublished) : '') .
	219	'</caption>';
	220	}
[2566]	221
[3707]	222	$cols = array(
	223	'title' => '<th colspan="2" class="first">' . __('Title') . '</th>',
	224	'date' => '<th scope="col">' . __('Date') . '</th>',
	225	'category' => '<th scope="col">' . __('Category') . '</th>',
	226	'author' => '<th scope="col">' . __('Author') . '</th>',
	227	'comments' => '<th scope="col"><img src="images/comments.png" alt="" title="' . __('Comments') .
	228	'" /><span class="hidden">' . __('Comments') . '</span></th>',
	229	'trackbacks' => '<th scope="col"><img src="images/trackbacks.png" alt="" title="' . __('Trackbacks') .
	230	'" /><span class="hidden">' . __('Trackbacks') . '</span></th>',
	231	'status' => '<th scope="col">' . __('Status') . '</th>'
	232	);
	233	$cols = new ArrayObject($cols);
	234	$this->core->callBehavior('adminPostListHeader', $this->core, $this->rs, $cols);
[2566]	235
[3707]	236	// Cope with optional columns
	237	$this->userColumns('posts', $cols);
[3265]	238
[3707]	239	$html_block .= '<tr>' . implode(iterator_to_array($cols)) . '</tr>%s</table></div>';
	240	if ($enclose_block) {
	241	$html_block = sprintf($enclose_block, $html_block);
	242	}
[2566]	243
[3707]	244	echo $pager->getLinks();
[2566]	245
[3707]	246	$blocks = explode('%s', $html_block);
[2566]	247
[3707]	248	echo $blocks[0];
[2566]	249
[3707]	250	while ($this->rs->fetch()) {
	251	echo $this->postLine(isset($entries[$this->rs->post_id]));
	252	}
[2566]	253
[3707]	254	echo $blocks[1];
[2566]	255
[3707]	256	echo $pager->getLinks();
	257	}
	258	}
[2566]	259
[3707]	260	private function postLine($checked)
	261	{
	262	if ($this->core->auth->check('categories', $this->core->blog->id)) {
	263	$cat_link = '<a href="' . $this->core->adminurl->get('admin.category', array('id' => '%s'), '&', true) . '">%s</a>';
	264	} else {
	265	$cat_link = '%2$s';
	266	}
[2566]	267
[3707]	268	if ($this->rs->cat_title) {
	269	$cat_title = sprintf($cat_link, $this->rs->cat_id,
	270	html::escapeHTML($this->rs->cat_title));
	271	} else {
	272	$cat_title = __('(No cat)');
	273	}
[2566]	274
[3707]	275	$img = '<img alt="%1$s" title="%1$s" src="images/%2$s" />';
	276	$sts_class = '';
	277	switch ($this->rs->post_status) {
	278	case 1:
	279	$img_status = sprintf($img, __('Published'), 'check-on.png');
	280	$sts_class = 'sts-online';
	281	break;
	282	case 0:
	283	$img_status = sprintf($img, __('Unpublished'), 'check-off.png');
	284	$sts_class = 'sts-offline';
	285	break;
	286	case -1:
	287	$img_status = sprintf($img, __('Scheduled'), 'scheduled.png');
	288	$sts_class = 'sts-scheduled';
	289	break;
	290	case -2:
	291	$img_status = sprintf($img, __('Pending'), 'check-wrn.png');
	292	$sts_class = 'sts-pending';
	293	break;
	294	}
[2566]	295
[3707]	296	$protected = '';
	297	if ($this->rs->post_password) {
	298	$protected = sprintf($img, __('Protected'), 'locker.png');
	299	}
[2566]	300
[3707]	301	$selected = '';
	302	if ($this->rs->post_selected) {
	303	$selected = sprintf($img, __('Selected'), 'selected.png');
	304	}
[2566]	305
[3707]	306	$attach = '';
	307	$nb_media = $this->rs->countMedia();
	308	if ($nb_media > 0) {
	309	$attach_str = $nb_media == 1 ? __('%d attachment') : __('%d attachments');
	310	$attach = sprintf($img, sprintf($attach_str, $nb_media), 'attach.png');
	311	}
[2566]	312
[3707]	313	$res = '<tr class="line ' . ($this->rs->post_status != 1 ? 'offline ' : '') . $sts_class . '"' .
	314	' id="p' . $this->rs->post_id . '">';
[2566]	315
[3707]	316	$cols = array(
	317	'check' => '<td class="nowrap">' .
	318	form::checkbox(array('entries[]'), $this->rs->post_id,
	319	array(
	320	'checked' => $checked,
	321	'disabled' => !$this->rs->isEditable()
	322	)) .
	323	'</td>',
	324	'title' => '<td class="maximal" scope="row"><a href="' .
	325	$this->core->getPostAdminURL($this->rs->post_type, $this->rs->post_id) . '">' .
	326	html::escapeHTML($this->rs->post_title) . '</a></td>',
	327	'date' => '<td class="nowrap count">' . dt::dt2str(__('%Y-%m-%d %H:%M'), $this->rs->post_dt) . '</td>',
	328	'category' => '<td class="nowrap">' . $cat_title . '</td>',
	329	'author' => '<td class="nowrap">' . html::escapeHTML($this->rs->user_id) . '</td>',
	330	'comments' => '<td class="nowrap count">' . $this->rs->nb_comment . '</td>',
	331	'trackbacks' => '<td class="nowrap count">' . $this->rs->nb_trackback . '</td>',
	332	'status' => '<td class="nowrap status">' . $img_status . ' ' . $selected . ' ' . $protected . ' ' . $attach . '</td>'
	333	);
	334	$cols = new ArrayObject($cols);
	335	$this->core->callBehavior('adminPostListValue', $this->core, $this->rs, $cols);
[3089]	336
[3707]	337	// Cope with optional columns
	338	$this->userColumns('posts', $cols);
[3265]	339
[3707]	340	$res .= implode(iterator_to_array($cols));
	341	$res .= '</tr>';
[2566]	342
[3707]	343	return $res;
	344	}
[0]	345	}
	346
	347	class adminPostMiniList extends adminGenericList
	348	{
[3707]	349	public function display($page, $nb_per_page, $enclose_block = '')
	350	{
	351	if ($this->rs->isEmpty()) {
	352	echo '<p><strong>' . __('No entry') . '</strong></p>';
	353	} else {
	354	$pager = new dcPager($page, $this->rs_count, $nb_per_page, 10);
[2566]	355
[3707]	356	$html_block =
	357	'<div class="table-outer clear">' .
	358	'<table><caption class="hidden">' . __('Entries list') . '</caption><tr>';
[2566]	359
[3707]	360	$cols = array(
	361	'title' => '<th scope="col">' . __('Title') . '</th>',
	362	'date' => '<th scope="col">' . __('Date') . '</th>',
	363	'author' => '<th scope="col">' . __('Author') . '</th>',
	364	'status' => '<th scope="col">' . __('Status') . '</th>'
	365	);
[3089]	366
[3707]	367	$cols = new ArrayObject($cols);
	368	$this->core->callBehavior('adminPostMiniListHeader', $this->core, $this->rs, $cols);
[3089]	369
[3707]	370	// Cope with optional columns
	371	$this->userColumns('posts', $cols);
[3265]	372
[3707]	373	$html_block .= '<tr>' . implode(iterator_to_array($cols)) . '</tr>%s</table></div>';
	374	if ($enclose_block) {
	375	$html_block = sprintf($enclose_block, $html_block);
	376	}
[2566]	377
[3707]	378	echo $pager->getLinks();
[2566]	379
[3707]	380	$blocks = explode('%s', $html_block);
[2566]	381
[3707]	382	echo $blocks[0];
[2566]	383
[3707]	384	while ($this->rs->fetch()) {
	385	echo $this->postLine();
	386	}
[2566]	387
[3707]	388	echo $blocks[1];
[2566]	389
[3707]	390	echo $pager->getLinks();
	391	}
	392	}
[2566]	393
[3707]	394	private function postLine()
	395	{
	396	$img = '<img alt="%1$s" title="%1$s" src="images/%2$s" />';
	397	$sts_class = '';
	398	switch ($this->rs->post_status) {
	399	case 1:
	400	$img_status = sprintf($img, __('Published'), 'check-on.png');
	401	$sts_class = 'sts-online';
	402	break;
	403	case 0:
	404	$img_status = sprintf($img, __('Unpublished'), 'check-off.png');
	405	$sts_class = 'sts-offline';
	406	break;
	407	case -1:
	408	$img_status = sprintf($img, __('Scheduled'), 'scheduled.png');
	409	$sts_class = 'sts-scheduled';
	410	break;
	411	case -2:
	412	$img_status = sprintf($img, __('Pending'), 'check-wrn.png');
	413	$sts_class = 'sts-pending';
	414	break;
	415	}
[2566]	416
[3707]	417	$protected = '';
	418	if ($this->rs->post_password) {
	419	$protected = sprintf($img, __('Protected'), 'locker.png');
	420	}
[2566]	421
[3707]	422	$selected = '';
	423	if ($this->rs->post_selected) {
	424	$selected = sprintf($img, __('Selected'), 'selected.png');
	425	}
[2566]	426
[3707]	427	$attach = '';
	428	$nb_media = $this->rs->countMedia();
	429	if ($nb_media > 0) {
	430	$attach_str = $nb_media == 1 ? __('%d attachment') : __('%d attachments');
	431	$attach = sprintf($img, sprintf($attach_str, $nb_media), 'attach.png');
	432	}
[2566]	433
[3707]	434	$res = '<tr class="line ' . ($this->rs->post_status != 1 ? 'offline ' : '') . $sts_class . '"' .
	435	' id="p' . $this->rs->post_id . '">';
[2566]	436
[3707]	437	$cols = array(
	438	'title' => '<td scope="row" class="maximal"><a href="' .
	439	$this->core->getPostAdminURL($this->rs->post_type, $this->rs->post_id) . '" ' .
	440	'title="' . html::escapeHTML($this->rs->getURL()) . '">' .
	441	html::escapeHTML($this->rs->post_title) . '</a></td>',
	442	'date' => '<td class="nowrap count">' . dt::dt2str(__('%Y-%m-%d %H:%M'), $this->rs->post_dt) . '</td>',
	443	'author' => '<td class="nowrap">' . html::escapeHTML($this->rs->user_id) . '</td>',
	444	'status' => '<td class="nowrap status">' . $img_status . ' ' . $selected . ' ' . $protected . ' ' . $attach . '</td>'
	445	);
[3089]	446
[3707]	447	$cols = new ArrayObject($cols);
	448	$this->core->callBehavior('adminPostMiniListValue', $this->core, $this->rs, $cols);
[3089]	449
[3707]	450	// Cope with optional columns
	451	$this->userColumns('posts', $cols);
[3265]	452
[3707]	453	$res .= implode(iterator_to_array($cols));
	454	$res .= '</tr>';
[2566]	455
[3707]	456	return $res;
	457	}
[0]	458	}
	459
	460	class adminCommentList extends adminGenericList
	461	{
[3707]	462	public function display($page, $nb_per_page, $enclose_block = '', $filter = false, $spam = false)
	463	{
	464	if ($this->rs->isEmpty()) {
	465	if ($filter) {
	466	echo '<p><strong>' . __('No comments or trackbacks matches the filter') . '</strong></p>';
	467	} else {
	468	echo '<p><strong>' . __('No comments') . '</strong></p>';
	469	}
	470	} else {
	471	// Get antispam filters' name
	472	$filters = array();
	473	if ($spam) {
	474	if (class_exists('dcAntispam')) {
	475	dcAntispam::initFilters();
	476	$fs = dcAntispam::$filters->getFilters();
	477	foreach ($fs as $fid => $f) {
	478	$filters[$fid] = $f->name;
	479	}
	480	}
	481	}
[3044]	482
[3707]	483	$pager = new dcPager($page, $this->rs_count, $nb_per_page, 10);
[2566]	484
[3707]	485	$comments = array();
	486	if (isset($_REQUEST['comments'])) {
	487	foreach ($_REQUEST['comments'] as $v) {
	488	$comments[(integer) $v] = true;
	489	}
	490	}
	491	$html_block =
	492	'<div class="table-outer">' .
	493	'<table>';
[2566]	494
[3707]	495	if ($filter) {
	496	$html_block .= '<caption>' .
	497	sprintf(__(
	498	'Comment or trackback matching the filter.',
	499	'List of %s comments or trackbacks matching the filter.',
	500	$this->rs_count), $this->rs_count) .
	501	'</caption>';
	502	} else {
	503	$nb_published = $this->core->blog->getComments(array('comment_status' => 1), true)->f(0);
	504	$nb_spam = $this->core->blog->getComments(array('comment_status' => -2), true)->f(0);
	505	$nb_pending = $this->core->blog->getComments(array('comment_status' => -1), true)->f(0);
	506	$nb_unpublished = $this->core->blog->getComments(array('comment_status' => 0), true)->f(0);
	507	$html_block .= '<caption>' .
	508	sprintf(__('List of comments and trackbacks (%s)'), $this->rs_count) .
	509	($nb_published ?
	510	sprintf(
	511	__(', <a href="%s">published</a> (1)', ', <a href="%s">published</a> (%s)', $nb_published),
	512	$this->core->adminurl->get('admin.comments', array('status' => 1)),
	513	$nb_published) : '') .
	514	($nb_spam ?
	515	sprintf(
	516	__(', <a href="%s">spam</a> (1)', ', <a href="%s">spam</a> (%s)', $nb_spam),
	517	$this->core->adminurl->get('admin.comments', array('status' => -2)),
	518	$nb_spam) : '') .
	519	($nb_pending ?
	520	sprintf(__(', <a href="%s">pending</a> (1)', ', <a href="%s">pending</a> (%s)', $nb_pending),
	521	$this->core->adminurl->get('admin.comments', array('status' => -1)),
	522	$nb_pending) : '') .
	523	($nb_unpublished ?
	524	sprintf(__(', <a href="%s">unpublished</a> (1)', ', <a href="%s">unpublished</a> (%s)', $nb_unpublished),
	525	$this->core->adminurl->get('admin.comments', array('status' => 0)),
	526	$nb_unpublished) : '') .
	527	'</caption>';
	528	}
[2566]	529
[3707]	530	$cols = array(
	531	'type' => '<th colspan="2" scope="col" abbr="comm" class="first">' . __('Type') . '</th>',
	532	'author' => '<th scope="col">' . __('Author') . '</th>',
	533	'date' => '<th scope="col">' . __('Date') . '</th>',
	534	'status' => '<th scope="col" class="txt-center">' . __('Status') . '</th>'
	535	);
	536	if ($spam) {
	537	$cols['ip'] = '<th scope="col">' . __('IP') . '</th>';
	538	$cols['spam_filter'] = '<th scope="col">' . __('Spam filter') . '</th>';
	539	}
	540	$cols['entry'] = '<th scope="col" abbr="entry">' . __('Entry') . '</th>';
[3089]	541
[3707]	542	$cols = new ArrayObject($cols);
	543	$this->core->callBehavior('adminCommentListHeader', $this->core, $this->rs, $cols);
[3089]	544
[3707]	545	$html_block .= '<tr>' . implode(iterator_to_array($cols)) . '</tr>%s</table></div>';
[1587]	546
[3707]	547	if ($enclose_block) {
	548	$html_block = sprintf($enclose_block, $html_block);
	549	}
[2566]	550
[3707]	551	echo $pager->getLinks();
[2566]	552
[3707]	553	$blocks = explode('%s', $html_block);
[2566]	554
[3707]	555	echo $blocks[0];
[2566]	556
[3707]	557	while ($this->rs->fetch()) {
	558	echo $this->commentLine(isset($comments[$this->rs->comment_id]), $spam, $filters);
	559	}
[2566]	560
[3707]	561	echo $blocks[1];
[2566]	562
[3707]	563	echo $pager->getLinks();
	564	}
	565	}
[2566]	566
[3707]	567	private function commentLine($checked = false, $spam = false, $filters = array())
	568	{
	569	global $core, $author, $status, $sortby, $order, $nb_per_page;
[2566]	570
[3707]	571	$author_url =
	572	$this->core->adminurl->get('admin.comments', array(
	573	'n' => $nb_per_page,
	574	'status' => $status,
	575	'sortby' => $sortby,
	576	'order' => $order,
	577	'author' => $this->rs->comment_author
	578	));
[2566]	579
[3707]	580	$post_url = $this->core->getPostAdminURL($this->rs->post_type, $this->rs->post_id);
[2566]	581
[3707]	582	$comment_url = $this->core->adminurl->get('admin.comment', array('id' => $this->rs->comment_id));
[2566]	583
[3707]	584	$comment_dt =
	585	dt::dt2str($this->core->blog->settings->system->date_format . ' - ' .
	586	$this->core->blog->settings->system->time_format, $this->rs->comment_dt);
[2566]	587
[3707]	588	$img = '<img alt="%1$s" title="%1$s" src="images/%2$s" />';
	589	$sts_class = '';
	590	switch ($this->rs->comment_status) {
	591	case 1:
	592	$img_status = sprintf($img, __('Published'), 'check-on.png');
	593	$sts_class = 'sts-online';
	594	break;
	595	case 0:
	596	$img_status = sprintf($img, __('Unpublished'), 'check-off.png');
	597	$sts_class = 'sts-offline';
	598	break;
	599	case -1:
	600	$img_status = sprintf($img, __('Pending'), 'check-wrn.png');
	601	$sts_class = 'sts-pending';
	602	break;
	603	case -2:
	604	$img_status = sprintf($img, __('Junk'), 'junk.png');
	605	$sts_class = 'sts-junk';
	606	break;
	607	}
[2566]	608
[3707]	609	$post_title = html::escapeHTML($this->rs->post_title);
	610	if (mb_strlen($post_title) > 70) {
	611	$post_title = mb_strcut($post_title, 0, 67) . '...';
	612	}
	613	$comment_title = sprintf(__('Edit the %1$s from %2$s'),
	614	$this->rs->comment_trackback ? __('trackback') : __('comment'),
	615	html::escapeHTML($this->rs->comment_author));
[2566]	616
[3707]	617	$res = '<tr class="line ' . ($this->rs->comment_status != 1 ? 'offline ' : '') . $sts_class . '"' .
	618	' id="c' . $this->rs->comment_id . '">';
[2566]	619
[3707]	620	$cols = array(
	621	'check' => '<td class="nowrap">' .
	622	form::checkbox(array('comments[]'), $this->rs->comment_id, $checked) .
	623	'</td>',
	624	'type' => '<td class="nowrap" abbr="' . __('Type and author') . '" scope="row">' .
	625	'<a href="' . $comment_url . '" title="' . $comment_title . '">' .
	626	'<img src="images/edit-mini.png" alt="' . __('Edit') . '"/> ' .
	627	($this->rs->comment_trackback ? __('trackback') : __('comment')) . ' ' . '</a></td>',
	628	'author' => '<td class="nowrap maximal"><a href="' . $author_url . '">' .
	629	html::escapeHTML($this->rs->comment_author) . '</a></td>',
	630	'date' => '<td class="nowrap count">' . dt::dt2str(__('%Y-%m-%d %H:%M'), $this->rs->comment_dt) . '</td>',
	631	'status' => '<td class="nowrap status txt-center">' . $img_status . '</td>'
	632	);
[3089]	633
[3707]	634	if ($spam) {
	635	$filter_name = '';
	636	if ($this->rs->comment_spam_filter) {
	637	if (isset($filters[$this->rs->comment_spam_filter])) {
	638	$filter_name = $filters[$this->rs->comment_spam_filter];
	639	} else {
	640	$filter_name = $this->rs->comment_spam_filter;
	641	}
	642	}
	643	$cols['ip'] = '<td class="nowrap"><a href="' .
	644	$core->adminurl->get("admin.comments", array('ip' => $this->rs->comment_ip)) . '">' .
	645	$this->rs->comment_ip . '</a></td>';
	646	$cols['spam_filter'] = '<td class="nowrap">' . $filter_name . '</td>';
	647	}
	648	$cols['entry'] = '<td class="nowrap discrete"><a href="' . $post_url . '">' . $post_title . '</a>' .
	649	($this->rs->post_type != 'post' ? ' (' . html::escapeHTML($this->rs->post_type) . ')' : '') . '</td>';
[2566]	650
[3707]	651	$cols = new ArrayObject($cols);
	652	$this->core->callBehavior('adminCommentListValue', $this->core, $this->rs, $cols);
[3089]	653
[3707]	654	$res .= implode(iterator_to_array($cols));
	655	$res .= '</tr>';
[2566]	656
[3707]	657	return $res;
	658	}
[0]	659	}
	660
[3402]	661	class adminBlogList extends adminGenericList
	662	{
[3707]	663	public function display($page, $nb_per_page, $enclose_block = '', $filter = false)
	664	{
	665	if ($this->rs->isEmpty()) {
	666	if ($filter) {
	667	echo '<p><strong>' . __('No blog matches the filter') . '</strong></p>';
	668	} else {
	669	echo '<p><strong>' . __('No blog') . '</strong></p>';
	670	}
	671	} else {
	672	$blogs = array();
	673	if (isset($_REQUEST['blogs'])) {
	674	foreach ($_REQUEST['blogs'] as $v) {
	675	$blogs[$v] = true;
	676	}
	677	}
[3402]	678
[3707]	679	$pager = new dcPager($page, $this->rs_count, $nb_per_page, 10);
[3402]	680
[3707]	681	$cols = array(
	682	'blog' => '<th' .
	683	($this->core->auth->isSuperAdmin() ? ' colspan="2"' : '') .
	684	' scope="col" abbr="comm" class="first nowrap">' . __('Blog id') . '</th>',
	685	'name' => '<th scope="col" abbr="name">' . __('Blog name') . '</th>',
	686	'url' => '<th scope="col" class="nowrap">' . __('URL') . '</th>',
	687	'posts' => '<th scope="col" class="nowrap">' . __('Entries (all types)') . '</th>',
	688	'upddt' => '<th scope="col" class="nowrap">' . __('Last update') . '</th>',
	689	'status' => '<th scope="col" class="txt-center">' . __('Status') . '</th>'
	690	);
[3402]	691
[3707]	692	$cols = new ArrayObject($cols);
	693	$this->core->callBehavior('adminBlogListHeader', $this->core, $this->rs, $cols);
[3402]	694
[3707]	695	$html_block =
	696	'<div class="table-outer"><table>' .
	697	($filter ?
	698	'<caption>' .
	699	sprintf(__('%d blog matches the filter.', '%d blogs match the filter.', $this->rs_count), $this->rs_count) .
	700	'</caption>'
	701	:
	702	'<caption class="hidden">' . __('Blogs list') . '</caption>'
	703	) .
	704	'<tr>' . implode(iterator_to_array($cols)) . '</tr>%s</table></div>';
[3402]	705
[3707]	706	if ($enclose_block) {
	707	$html_block = sprintf($enclose_block, $html_block);
	708	}
[3402]	709
[3707]	710	$blocks = explode('%s', $html_block);
[3402]	711
[3707]	712	echo $pager->getLinks();
[3402]	713
[3707]	714	echo $blocks[0];
[3402]	715
[3707]	716	while ($this->rs->fetch()) {
	717	echo $this->blogLine(isset($blogs[$this->rs->blog_id]));
	718	}
[3402]	719
[3707]	720	echo $blocks[1];
[3402]	721
[3707]	722	echo $pager->getLinks();
	723	}
	724	}
[3402]	725
[3707]	726	private function blogLine($checked = false)
	727	{
	728	$blog_id = html::escapeHTML($this->rs->blog_id);
[3402]	729
[3707]	730	$cols = array(
	731	'check' =>
	732	($this->core->auth->isSuperAdmin() ?
	733	'<td class="nowrap">' .
	734	form::checkbox(array('blogs[]'), $this->rs->blog_id, $checked) .
	735	'</td>' : ''),
	736	'blog' =>
	737	'<td class="nowrap">' .
	738	($this->core->auth->isSuperAdmin() ?
	739	'<a href="' . $this->core->adminurl->get("admin.blog", array('id' => $blog_id)) . '" ' .
	740	'title="' . sprintf(__('Edit blog settings for %s'), $blog_id) . '">' .
	741	'<img src="images/edit-mini.png" alt="' . __('Edit blog settings') . '" /> ' . $blog_id . '</a> ' :
	742	$blog_id . ' ') .
	743	'</td>',
	744	'name' =>
	745	'<td class="maximal">' .
	746	'<a href="' . $this->core->adminurl->get("admin.home", array('switchblog' => $this->rs->blog_id)) . '" ' .
	747	'title="' . sprintf(__('Switch to blog %s'), $this->rs->blog_id) . '">' .
	748	html::escapeHTML($this->rs->blog_name) . '</a>' .
	749	'</td>',
	750	'url' =>
	751	'<td class="nowrap">' .
	752	'<a class="outgoing" href="' .
	753	html::escapeHTML($this->rs->blog_url) . '">' . html::escapeHTML($this->rs->blog_url) .
	754	' <img src="images/outgoing-blue.png" alt="" /></a></td>',
	755	'posts' =>
	756	'<td class="nowrap count">' .
	757	$this->core->countBlogPosts($this->rs->blog_id) .
	758	'</td>',
	759	'upddt' =>
	760	'<td class="nowrap count">' .
	761	dt::str(__('%Y-%m-%d %H:%M'), strtotime($this->rs->blog_upddt) + dt::getTimeOffset($this->core->auth->getInfo('user_tz'))) .
	762	'</td>',
	763	'status' =>
	764	'<td class="nowrap status txt-center">' .
	765	sprintf(
	766	'<img src="images/%1$s.png" alt="%2$s" title="%2$s" />',
	767	($this->rs->blog_status == 1 ? 'check-on' : ($this->rs->blog_status == 0 ? 'check-off' : 'check-wrn')),
	768	$this->core->getBlogStatus($this->rs->blog_status)
	769	) .
	770	'</td>'
	771	);
[3402]	772
[3707]	773	$cols = new ArrayObject($cols);
	774	$this->core->callBehavior('adminBlogListValue', $this->core, $this->rs, $cols);
[3402]	775
[3707]	776	return
	777	'<tr class="line" id="b' . $blog_id . '">' .
	778	implode(iterator_to_array($cols)) .
	779	'</tr>';
	780	}
[3402]	781	}
	782
[0]	783	class adminUserList extends adminGenericList
	784	{
[3707]	785	public function display($page, $nb_per_page, $enclose_block = '', $filter = false)
	786	{
	787	if ($this->rs->isEmpty()) {
	788	if ($filter) {
	789	echo '<p><strong>' . __('No user matches the filter') . '</strong></p>';
	790	} else {
	791	echo '<p><strong>' . __('No user') . '</strong></p>';
	792	}
	793	} else {
	794	$pager = new dcPager($page, $this->rs_count, $nb_per_page, 10);
[2566]	795
[3707]	796	$html_block =
	797	'<div class="table-outer clear">' .
	798	'<table>';
[2566]	799
[3707]	800	if ($filter) {
	801	$html_block .= '<caption>' . sprintf(__('List of %s users match the filter.'), $this->rs_count) . '</caption>';
	802	} else {
	803	$html_block .= '<caption class="hidden">' . __('Users list') . '</caption>';
	804	}
[2566]	805
[3707]	806	$cols = array(
	807	'username' => '<th colspan="2" scope="col" class="first">' . __('Username') . '</th>',
	808	'first_name' => '<th scope="col">' . __('First Name') . '</th>',
	809	'last_name' => '<th scope="col">' . __('Last Name') . '</th>',
	810	'display_name' => '<th scope="col">' . __('Display name') . '</th>',
	811	'entries' => '<th scope="col" class="nowrap">' . __('Entries (all types)') . '</th>'
	812	);
[2566]	813
[3707]	814	$cols = new ArrayObject($cols);
	815	$this->core->callBehavior('adminUserListHeader', $this->core, $this->rs, $cols);
[3089]	816
[3707]	817	$html_block .= '<tr>' . implode(iterator_to_array($cols)) . '</tr>%s</table></div>';
	818	if ($enclose_block) {
	819	$html_block = sprintf($enclose_block, $html_block);
	820	}
[2566]	821
[3707]	822	echo $pager->getLinks();
[2566]	823
[3707]	824	$blocks = explode('%s', $html_block);
[2566]	825
[3707]	826	echo $blocks[0];
[2566]	827
[3707]	828	while ($this->rs->fetch()) {
	829	echo $this->userLine();
	830	}
[2566]	831
[3707]	832	echo $blocks[1];
[2566]	833
[3707]	834	echo $pager->getLinks();
	835	}
	836	}
[2566]	837
[3707]	838	private function userLine()
	839	{
	840	$img = '<img alt="%1$s" title="%1$s" src="images/%2$s" />';
	841	$img_status = '';
[2566]	842
[3707]	843	$p = $this->core->getUserPermissions($this->rs->user_id);
[2566]	844
[3707]	845	if (isset($p[$this->core->blog->id]['p']['admin'])) {
	846	$img_status = sprintf($img, __('admin'), 'admin.png');
	847	}
	848	if ($this->rs->user_super) {
	849	$img_status = sprintf($img, __('superadmin'), 'superadmin.png');
	850	}
[3089]	851
[3707]	852	$res = '<tr class="line">';
[3089]	853
[3707]	854	$cols = array(
	855	'check' => '<td class="nowrap">' . form::hidden(array('nb_post[]'), (integer) $this->rs->nb_post) .
	856	form::checkbox(array('users[]'), $this->rs->user_id) . '</td>',
	857	'username' => '<td class="maximal" scope="row"><a href="' .
	858	$this->core->adminurl->get('admin.user', array('id' => $this->rs->user_id)) . '">' .
	859	$this->rs->user_id . '</a> ' . $img_status . '</td>',
	860	'first_name' => '<td class="nowrap">' . html::escapeHTML($this->rs->user_firstname) . '</td>',
	861	'last_name' => '<td class="nowrap">' . html::escapeHTML($this->rs->user_name) . '</td>',
	862	'display_name' => '<td class="nowrap">' . html::escapeHTML($this->rs->user_displayname) . '</td>',
	863	'entries' => '<td class="nowrap count"><a href="' .
	864	$this->core->adminurl->get('admin.posts', array('user_id' => $this->rs->user_id)) . '">' .
	865	$this->rs->nb_post . '</a></td>'
	866	);
[3089]	867
[3707]	868	$cols = new ArrayObject($cols);
	869	$this->core->callBehavior('adminUserListValue', $this->core, $this->rs, $cols);
[3089]	870
[3707]	871	$res .= implode(iterator_to_array($cols));
	872	$res .= '</tr>';
[3089]	873
[3707]	874	return $res;
	875	}
[0]	876	}

Note: See TracBrowser for help on using the repository browser.

Dotclear

Context Navigation

source: inc/admin/lib.pager.php @ 3746:0cae5565cdc8

Download in other formats:

Sites map