Changes in [2910:69efb1571e90:2911:5434e75ad738]
- Files:
-
- 212 added
- 14 edited
-
admin/auth.php (modified) (4 diffs)
-
admin/index.php (modified) (9 diffs)
-
admin/js/filters.js (added)
-
admin/plugin.php (modified) (3 diffs)
-
admin/post.php (modified) (3 diffs)
-
admin/posts.php (modified) (3 diffs)
-
composer.json (added)
-
composer.lock (added)
-
inc/admin/class.dc.admincontext.php (added)
-
inc/admin/class.dc.filter.php (added)
-
inc/admin/class.dc.form.php (added)
-
inc/admin/class.dc.list.php (added)
-
inc/admin/class.dc.menu.php (modified) (5 diffs)
-
inc/admin/class.dc.tab.php (added)
-
inc/admin/default-templates/auth.html.twig (added)
-
inc/admin/default-templates/forms/form_layout.html.twig (added)
-
inc/admin/default-templates/forms/formfilter_layout.html.twig (added)
-
inc/admin/default-templates/forms/lists_layout.html.twig (added)
-
inc/admin/default-templates/images/add.png (added)
-
inc/admin/default-templates/images/admin.png (added)
-
inc/admin/default-templates/images/attach.png (added)
-
inc/admin/default-templates/images/check-off.png (added)
-
inc/admin/default-templates/images/check-on.png (added)
-
inc/admin/default-templates/images/check-wrn.png (added)
-
inc/admin/default-templates/images/date-picker.png (added)
-
inc/admin/default-templates/images/dotclear_pw.png (added)
-
inc/admin/default-templates/images/edit-mini.png (added)
-
inc/admin/default-templates/images/expand.png (added)
-
inc/admin/default-templates/images/favicon.png (added)
-
inc/admin/default-templates/images/help.png (added)
-
inc/admin/default-templates/images/hidden.png (added)
-
inc/admin/default-templates/images/hide.png (added)
-
inc/admin/default-templates/images/junk.png (added)
-
inc/admin/default-templates/images/locker.png (added)
-
inc/admin/default-templates/images/logout.png (added)
-
inc/admin/default-templates/images/media/audio.png (added)
-
inc/admin/default-templates/images/media/blank.png (added)
-
inc/admin/default-templates/images/media/document.png (added)
-
inc/admin/default-templates/images/media/executable.png (added)
-
inc/admin/default-templates/images/media/folder.png (added)
-
inc/admin/default-templates/images/media/html.png (added)
-
inc/admin/default-templates/images/media/image.png (added)
-
inc/admin/default-templates/images/media/package.png (added)
-
inc/admin/default-templates/images/media/presentation.png (added)
-
inc/admin/default-templates/images/media/spreadsheet.png (added)
-
inc/admin/default-templates/images/media/text.png (added)
-
inc/admin/default-templates/images/media/video.png (added)
-
inc/admin/default-templates/images/menu/add_to_favorites.png (added)
-
inc/admin/default-templates/images/menu/blog-pref-b.png (added)
-
inc/admin/default-templates/images/menu/blog-pref.png (added)
-
inc/admin/default-templates/images/menu/blog-theme-b.png (added)
-
inc/admin/default-templates/images/menu/blogs-b.png (added)
-
inc/admin/default-templates/images/menu/blogs.png (added)
-
inc/admin/default-templates/images/menu/categories-b.png (added)
-
inc/admin/default-templates/images/menu/categories.png (added)
-
inc/admin/default-templates/images/menu/comments-b.png (added)
-
inc/admin/default-templates/images/menu/comments.png (added)
-
inc/admin/default-templates/images/menu/dashboard.png (added)
-
inc/admin/default-templates/images/menu/edit-b.png (added)
-
inc/admin/default-templates/images/menu/edit.png (added)
-
inc/admin/default-templates/images/menu/entries-b.png (added)
-
inc/admin/default-templates/images/menu/entries.png (added)
-
inc/admin/default-templates/images/menu/favorite-b.png (added)
-
inc/admin/default-templates/images/menu/favorite.png (added)
-
inc/admin/default-templates/images/menu/langs-b.png (added)
-
inc/admin/default-templates/images/menu/langs.png (added)
-
inc/admin/default-templates/images/menu/media-b.png (added)
-
inc/admin/default-templates/images/menu/media.png (added)
-
inc/admin/default-templates/images/menu/plugins-b.png (added)
-
inc/admin/default-templates/images/menu/plugins.png (added)
-
inc/admin/default-templates/images/menu/search-b.png (added)
-
inc/admin/default-templates/images/menu/search.png (added)
-
inc/admin/default-templates/images/menu/themes.png (added)
-
inc/admin/default-templates/images/menu/update.png (added)
-
inc/admin/default-templates/images/menu/user-pref-b.png (added)
-
inc/admin/default-templates/images/menu/user-pref.png (added)
-
inc/admin/default-templates/images/menu/users-b.png (added)
-
inc/admin/default-templates/images/menu/users.png (added)
-
inc/admin/default-templates/images/menu_off.png (added)
-
inc/admin/default-templates/images/menu_on.png (added)
-
inc/admin/default-templates/images/minus.png (added)
-
inc/admin/default-templates/images/noscreenshot.png (added)
-
inc/admin/default-templates/images/outgoing-blue.png (added)
-
inc/admin/default-templates/images/outgoing.png (added)
-
inc/admin/default-templates/images/picker.png (added)
-
inc/admin/default-templates/images/plus.png (added)
-
inc/admin/default-templates/images/scheduled.png (added)
-
inc/admin/default-templates/images/selected.png (added)
-
inc/admin/default-templates/images/superadmin.png (added)
-
inc/admin/default-templates/images/trash.png (added)
-
inc/admin/default-templates/index.html.twig (added)
-
inc/admin/default-templates/js/_auth.js (added)
-
inc/admin/default-templates/js/_blog_pref.js (added)
-
inc/admin/default-templates/js/_blog_theme.js (added)
-
inc/admin/default-templates/js/_categories.js (added)
-
inc/admin/default-templates/js/_category.js (added)
-
inc/admin/default-templates/js/_comment.js (added)
-
inc/admin/default-templates/js/_comments.js (added)
-
inc/admin/default-templates/js/_index.js (added)
-
inc/admin/default-templates/js/_langs.js (added)
-
inc/admin/default-templates/js/_media.js (added)
-
inc/admin/default-templates/js/_media_item.js (added)
-
inc/admin/default-templates/js/_plugins.js (added)
-
inc/admin/default-templates/js/_post.js (added)
-
inc/admin/default-templates/js/_posts_actions.js (added)
-
inc/admin/default-templates/js/_posts_list.js (added)
-
inc/admin/default-templates/js/_preferences-dragdrop.js (added)
-
inc/admin/default-templates/js/_preferences.js (added)
-
inc/admin/default-templates/js/_trackbacks.js (added)
-
inc/admin/default-templates/js/_users.js (added)
-
inc/admin/default-templates/js/_users_actions.js (added)
-
inc/admin/default-templates/js/color-picker.js (added)
-
inc/admin/default-templates/js/common.js (added)
-
inc/admin/default-templates/js/confirm-close.js (added)
-
inc/admin/default-templates/js/date-picker.js (added)
-
inc/admin/default-templates/js/dragsort-tablerows.js (added)
-
inc/admin/default-templates/js/filter-controls.js (added)
-
inc/admin/default-templates/js/ie7/IE7.js (added)
-
inc/admin/default-templates/js/ie7/IE8.js (added)
-
inc/admin/default-templates/js/ie7/blank.gif (added)
-
inc/admin/default-templates/js/ie7/ie7-recalc.js (added)
-
inc/admin/default-templates/js/ie7/ie7-squish.js (added)
-
inc/admin/default-templates/js/jquery/jquery-ui.custom.js (added)
-
inc/admin/default-templates/js/jquery/jquery.autocomplete.js (added)
-
inc/admin/default-templates/js/jquery/jquery.bgFade.js (added)
-
inc/admin/default-templates/js/jquery/jquery.biscuit.js (added)
-
inc/admin/default-templates/js/jquery/jquery.candyUpload.js (added)
-
inc/admin/default-templates/js/jquery/jquery.constantfooter.js (added)
-
inc/admin/default-templates/js/jquery/jquery.farbtastic.js (added)
-
inc/admin/default-templates/js/jquery/jquery.js (added)
-
inc/admin/default-templates/js/jquery/jquery.modal.js (added)
-
inc/admin/default-templates/js/jquery/jquery.pageTabs.js (added)
-
inc/admin/default-templates/js/jsToolBar/jsToolBar.dotclear.js (added)
-
inc/admin/default-templates/js/jsToolBar/jsToolBar.js (added)
-
inc/admin/default-templates/js/jsToolBar/jsToolBar.wysiwyg.js (added)
-
inc/admin/default-templates/js/jsToolBar/popup_link.js (added)
-
inc/admin/default-templates/js/jsToolBar/popup_media.js (added)
-
inc/admin/default-templates/js/jsToolBar/popup_posts.js (added)
-
inc/admin/default-templates/js/meta-editor.js (added)
-
inc/admin/default-templates/js/prelude.js (added)
-
inc/admin/default-templates/js/tool-man/cookies.js (added)
-
inc/admin/default-templates/js/tool-man/coordinates.js (added)
-
inc/admin/default-templates/js/tool-man/core.js (added)
-
inc/admin/default-templates/js/tool-man/css.js (added)
-
inc/admin/default-templates/js/tool-man/drag.js (added)
-
inc/admin/default-templates/js/tool-man/dragsort.js (added)
-
inc/admin/default-templates/js/tool-man/events.js (added)
-
inc/admin/default-templates/js_helpers.html.twig (added)
-
inc/admin/default-templates/layout.html.twig (added)
-
inc/admin/default-templates/page_layout.html.twig (added)
-
inc/admin/default-templates/plugin.html.twig (added)
-
inc/admin/default-templates/popup.html.twig (added)
-
inc/admin/default-templates/post.html.twig (added)
-
inc/admin/default-templates/posts.html.twig (added)
-
inc/admin/default-templates/posts_cols.html.twig (added)
-
inc/admin/default-templates/style/add.png (added)
-
inc/admin/default-templates/style/candyUpload/cancel.png (added)
-
inc/admin/default-templates/style/candyUpload/loader.png (added)
-
inc/admin/default-templates/style/candyUpload/style.css (added)
-
inc/admin/default-templates/style/date-picker.css (added)
-
inc/admin/default-templates/style/dc_bg.png (added)
-
inc/admin/default-templates/style/dc_logo.png (added)
-
inc/admin/default-templates/style/dc_logo_small.png (added)
-
inc/admin/default-templates/style/default-rtl.css (added)
-
inc/admin/default-templates/style/default.css (added)
-
inc/admin/default-templates/style/dotclear-logo.png (added)
-
inc/admin/default-templates/style/dotclear-logo2.png (added)
-
inc/admin/default-templates/style/drag.png (added)
-
inc/admin/default-templates/style/farbtastic/farbtastic.css (added)
-
inc/admin/default-templates/style/farbtastic/marker.png (added)
-
inc/admin/default-templates/style/farbtastic/mask.png (added)
-
inc/admin/default-templates/style/farbtastic/wheel.png (added)
-
inc/admin/default-templates/style/grid.png (added)
-
inc/admin/default-templates/style/head-bg.png (added)
-
inc/admin/default-templates/style/iesucks.css (added)
-
inc/admin/default-templates/style/info.png (added)
-
inc/admin/default-templates/style/install.css (added)
-
inc/admin/default-templates/style/install/important.png (added)
-
inc/admin/default-templates/style/install/note.png (added)
-
inc/admin/default-templates/style/install/process_warning.png (added)
-
inc/admin/default-templates/style/install/w-logo.png (added)
-
inc/admin/default-templates/style/jsToolBar/bt_bquote.png (added)
-
inc/admin/default-templates/style/jsToolBar/bt_br.png (added)
-
inc/admin/default-templates/style/jsToolBar/bt_clean.png (added)
-
inc/admin/default-templates/style/jsToolBar/bt_code.png (added)
-
inc/admin/default-templates/style/jsToolBar/bt_del.png (added)
-
inc/admin/default-templates/style/jsToolBar/bt_em.png (added)
-
inc/admin/default-templates/style/jsToolBar/bt_img.png (added)
-
inc/admin/default-templates/style/jsToolBar/bt_img_select.png (added)
-
inc/admin/default-templates/style/jsToolBar/bt_ins.png (added)
-
inc/admin/default-templates/style/jsToolBar/bt_link.png (added)
-
inc/admin/default-templates/style/jsToolBar/bt_ol.png (added)
-
inc/admin/default-templates/style/jsToolBar/bt_paragraph.png (added)
-
inc/admin/default-templates/style/jsToolBar/bt_post.png (added)
-
inc/admin/default-templates/style/jsToolBar/bt_pre.png (added)
-
inc/admin/default-templates/style/jsToolBar/bt_quote.png (added)
-
inc/admin/default-templates/style/jsToolBar/bt_strong.png (added)
-
inc/admin/default-templates/style/jsToolBar/bt_ul.png (added)
-
inc/admin/default-templates/style/jsToolBar/jsToolBar.css (added)
-
inc/admin/default-templates/style/jsToolBar/resize.png (added)
-
inc/admin/default-templates/style/loader.gif (added)
-
inc/admin/default-templates/style/magnifier.png (added)
-
inc/admin/default-templates/style/modal/close.png (added)
-
inc/admin/default-templates/style/modal/loader.gif (added)
-
inc/admin/default-templates/style/modal/modal.css (added)
-
inc/admin/default-templates/style/msg-error.png (added)
-
inc/admin/default-templates/style/msg-std.png (added)
-
inc/admin/default-templates/style/package.png (added)
-
inc/admin/default-templates/style/page-bg.png (added)
-
inc/admin/default-templates/style/warning.png (added)
-
inc/admin/default-templates/tab_layout.html.twig (added)
-
inc/admin/lib.dc.page.php (modified) (11 diffs)
-
inc/admin/prepend.php (modified) (15 diffs)
-
inc/core/class.dc.blog.php (modified) (5 diffs)
-
inc/core/class.dc.context.php (added)
-
inc/core/class.dc.core.php (modified) (89 diffs)
-
inc/core/class.dc.template.php (added)
-
inc/core/class.dc.twig.page.php (added)
-
inc/load_plugin_file.php (modified) (1 diff)
-
inc/load_theme_file.php (added)
-
inc/prepend.php (modified) (3 diffs)
-
plugins/aboutConfig/_admin.php (modified) (2 diffs)
-
plugins/aboutConfig/admtpl/index.html.twig (added)
-
plugins/aboutConfig/index.php (modified) (2 diffs)
-
plugins/aboutConfig/js/aboutConfig.js (added)
-
plugins/aboutConfig/style/aboutConfig.css (added)
Legend:
- Unmodified
- Added
- Removed
-
admin/auth.php
r2852 r2911 4 4 # This file is part of Dotclear 2. 5 5 # 6 # Copyright (c) 2003-201 3Olivier Meunier & Association Dotclear6 # Copyright (c) 2003-2011 Olivier Meunier & Association Dotclear 7 7 # Licensed under the GPL version 2.0 license. 8 8 # See LICENSE file or … … 14 14 15 15 # If we have a session cookie, go to index.php 16 if (isset($_SESSION['sess_user_id'])) 17 { 18 $core->adminurl->redirect('admin.home'); 16 if (isset($_SESSION['sess_user_id'])) { 17 http::redirect('index.php'); 19 18 } 20 19 … … 23 22 $dlang = http::getAcceptLanguage(); 24 23 $dlang = ($dlang == '' ? 'en' : $dlang); 25 if ($dlang != 'en' && preg_match('/^[a-z]{2}(-[a-z]{2})?$/',$dlang)) 26 { 27 l10n::lang($dlang); 24 if ($dlang != 'en' && preg_match('/^[a-z]{2}(-[a-z]{2})?$/',$dlang)) { 28 25 l10n::set(dirname(__FILE__).'/../locales/'.$dlang.'/main'); 29 26 } 30 31 $page_url = http::getHost().$_SERVER['REQUEST_URI'];32 33 $change_pwd = $core->auth->allowPassChange() && isset($_POST['new_pwd']) && isset($_POST['new_pwd_c']) && isset($_POST['login_data']);34 $login_data = !empty($_POST['login_data']) ? html::escapeHTML($_POST['login_data']) : null;35 $recover = $core->auth->allowPassChange() && !empty($_REQUEST['recover']);36 $safe_mode = !empty($_REQUEST['safe_mode']);37 $akey = $core->auth->allowPassChange() && !empty($_GET['akey']) ? $_GET['akey'] : null;38 $user_id = $user_pwd = $user_key = $user_email = null;39 $err = $msg = null;40 27 41 28 # Auto upgrade … … 44 31 try { 45 32 if (($changes = dotclearUpgrade($core)) !== false) { 46 $msg = __('Dotclear has been upgraded.').'<!-- '.$changes.' -->'; 47 } 48 } catch (Exception $e) { 49 $err = $e->getMessage(); 50 } 51 } 52 53 # If we have POST login informations, go throug auth process 54 if (!empty($_POST['user_id']) && !empty($_POST['user_pwd'])) 33 $_ctx->setAlert(__('Dotclear has been upgraded.').'<!-- '.$changes.' -->'); 34 } 35 } 36 catch (Exception $e) { 37 $_ctx->addError($e->getMessage()); 38 } 39 } 40 41 /** 42 Actions for authentication on admin pages 43 */ 44 class adminPageAuth 55 45 { 56 $user_id = !empty($_POST['user_id']) ? $_POST['user_id'] : null; 57 $user_pwd = !empty($_POST['user_pwd']) ? $_POST['user_pwd'] : null; 58 } 59 # If we have COOKIE login informations, go throug auth process 60 elseif (isset($_COOKIE['dc_admin']) && strlen($_COOKIE['dc_admin']) == 104) 61 { 46 # Send new password from recover email 47 public static function send($akey) 48 { 49 global $core, $_ctx; 50 51 $_ctx->akey = true; 52 53 try { 54 $recover_res = $core->auth->recoverUserPassword($akey); 55 56 $subject = mb_encode_mimeheader('DotClear '.__('Your new password'),'UTF-8','B'); 57 $message = 58 __('Username:').' '.$recover_res['user_id']."\n". 59 __('Password:').' '.$recover_res['new_pass']."\n\n". 60 preg_replace('/\?(.*)$/','',http::getHost().$_SERVER['REQUEST_URI']); 61 62 $headers[] = 'From: dotclear@'.$_SERVER['HTTP_HOST']; 63 $headers[] = 'Content-Type: text/plain; charset=UTF-8;'; 64 65 mail::sendMail($recover_res['user_email'],$subject,$message,$headers); 66 $_ctx->setAlert(__('Your new password is in your mailbox.')); 67 } 68 catch (Exception $e) { 69 $_ctx->addError($e->getMessage()); 70 } 71 } 72 73 # Authentication process 74 public static function process($form,$user_id,$user_pwd,$user_key=null) 75 { 76 global $core, $_ctx; 77 78 # We check the user 79 $check_user = $core->auth->checkUser($user_id,$user_pwd,$user_key) === true; 80 81 $cookie_admin = http::browserUID(DC_MASTER_KEY.$user_id. 82 crypt::hmac(DC_MASTER_KEY,$user_pwd)).bin2hex(pack('a32',$user_id)); 83 84 if ($check_user && $core->auth->mustChangePassword()) 85 { 86 $form->login_data = join('/',array( 87 base64_encode($user_id), 88 $cookie_admin, 89 $form->user_remember == '' ? '0' : '1' 90 )); 91 92 if (!$core->auth->allowPassChange()) { 93 $_ctx->addError(__('You have to change your password before you can login.')); 94 } else { 95 $_ctx->addError(__('In order to login, you have to change your password now.')); 96 $_ctx->change_pwd = true; 97 } 98 } 99 elseif ($check_user && $form->safe_mode != '' && !$core->auth->isSuperAdmin()) 100 { 101 $_ctx->addError(__('Safe Mode can only be used for super administrators.')); 102 } 103 elseif ($check_user) 104 { 105 $core->session->start(); 106 $_SESSION['sess_user_id'] = $user_id; 107 $_SESSION['sess_browser_uid'] = http::browserUID(DC_MASTER_KEY); 108 109 if ($form->blog != '') { 110 $_SESSION['sess_blog_id'] = $form->blog; 111 } 112 113 if ($form->safe_mode != '' && $core->auth->isSuperAdmin()) { 114 $_SESSION['sess_safe_mode'] = true; 115 } 116 117 if ($form->user_remember != '') { 118 setcookie('dc_admin',$cookie_admin,strtotime('+15 days'),'','',DC_ADMIN_SSL); 119 } 120 121 http::redirect('index.php'); 122 } 123 else 124 { 125 if (isset($_COOKIE['dc_admin'])) { 126 unset($_COOKIE['dc_admin']); 127 setcookie('dc_admin',false,-600,'','',DC_ADMIN_SSL); 128 } 129 $_ctx->addError(__('Wrong username or password')); 130 } 131 } 132 133 # Login form action 134 public static function login($form) 135 { 136 global $_ctx; 137 138 if ($form->user_id != '' && $form->user_pwd != '') { 139 self::process($form,$form->user_id,$form->user_pwd); 140 } 141 142 # Send post values to form 143 $form->user_id = $form->user_id; 144 } 145 146 # Recover password form action 147 public static function recover($form) 148 { 149 global $core, $_ctx; 150 151 if ($form->user_id == '' || $form->user_email == '') { 152 return; 153 } 154 155 $user_id = $form->user_id; 156 $user_email = $form->user_email; 157 $page_url = http::getHost().$_SERVER['REQUEST_URI']; 158 159 try { 160 $recover_key = $core->auth->setRecoverKey($user_id,$user_email); 161 162 $subject = mail::B64Header('DotClear '.__('Password reset')); 163 $message = 164 __('Someone has requested to reset the password for the following site and username.')."\n\n". 165 $page_url."\n".__('Username:').' '.$user_id."\n\n". 166 __('To reset your password visit the following address, otherwise just ignore this email and nothing will happen.')."\n". 167 $page_url.'?akey='.$recover_key; 168 169 $headers[] = 'From: '.(defined('DC_ADMIN_MAILFROM') && DC_ADMIN_MAILFROM ? DC_ADMIN_MAILFROM : 'dotclear@local'); 170 $headers[] = 'Content-Type: text/plain; charset=UTF-8;'; 171 172 mail::sendMail($user_email,$subject,$message,$headers); 173 $_ctx->setAlert(sprintf(__('The e-mail was sent successfully to %s.'),$user_email)); 174 } 175 catch (Exception $e) { 176 $_ctx->addError($e->getMessage()); 177 } 178 179 # Send post values to form 180 $form->user_id = $form->user_id; 181 $form->user_email = $form->user_email; 182 } 183 184 # Change password form action 185 public static function change($form) 186 { 187 global $core, $_ctx; 188 189 if ($form->login_data) { 190 return; 191 } 192 $_ctx->change_pwd = true; 193 194 $new_pwd = (string) $form->new_pwd; 195 $new_pwd_c = (string) $form->new_pwd_c; 196 197 try { 198 $tmp_data = explode('/',$form->login_data); 199 if (count($tmp_data) != 3) { 200 throw new Exception(); 201 } 202 $data = array( 203 'user_id'=>base64_decode($tmp_data[0]), 204 'cookie_admin'=>$tmp_data[1], 205 'user_remember'=>$tmp_data[2]=='1' 206 ); 207 if ($data['user_id'] === false) { 208 throw new Exception(); 209 } 210 211 # Check login informations 212 $check_user = false; 213 if (isset($data['cookie_admin']) && strlen($data['cookie_admin']) == 104) 214 { 215 $user_id = substr($data['cookie_admin'],40); 216 $user_id = @unpack('a32',@pack('H*',$user_id)); 217 if (is_array($user_id)) 218 { 219 $user_id = $user_id[1]; 220 $user_key = substr($data['cookie_admin'],0,40); 221 $check_user = $core->auth->checkUser($user_id,null,$user_key) === true; 222 } 223 } 224 225 if (!$core->auth->allowPassChange() || !$check_user) { 226 $_ctx->change_pwd = false; 227 throw new Exception(); 228 } 229 230 if ($new_pwd != $new_pwd_c) { 231 throw new Exception(__("Passwords don't match")); 232 } 233 234 if ($core->auth->checkUser($user_id,$new_pwd) === true) { 235 throw new Exception(__("You didn't change your password.")); 236 } 237 238 $cur = $core->con->openCursor($core->prefix.'user'); 239 $cur->user_change_pwd = 0; 240 $cur->user_pwd = $new_pwd; 241 $core->updUser($core->auth->userID(),$cur); 242 243 $core->session->start(); 244 $_SESSION['sess_user_id'] = $user_id; 245 $_SESSION['sess_browser_uid'] = http::browserUID(DC_MASTER_KEY); 246 247 if ($data['user_remember']) { 248 setcookie('dc_admin',$data['cookie_admin'],strtotime('+15 days'),'','',DC_ADMIN_SSL); 249 } 250 251 http::redirect('index.php'); 252 } 253 catch (Exception $e) { 254 $_ctx->addError($e->getMessage()); 255 } 256 257 # Send post values to form 258 $form->login_data = $form->login_data; 259 } 260 } 261 262 # Form fields 263 $form = new dcForm($core,'auth','auth.php'); 264 $form 265 ->addField( 266 new dcFieldText('user_id','',array( 267 "label" => __('Username:'), 268 "maxlength" => 32))) 269 ->addField( 270 new dcFieldPassword('user_pwd','',array( 271 "label" => __('Password:')))) 272 ->addField( 273 new dcFieldText('user_email','',array( 274 "label" => __('Email:')))) 275 ->addField( 276 new dcFieldPassword('new_pwd','',array( 277 "label" => __('New password:')))) 278 ->addField( 279 new dcFieldPassword('new_pwd_c','',array( 280 "label" => __('Confirm password:')))) 281 ->addField( 282 new dcFieldCheckbox ('user_remember',1,array( 283 "label" => __('Remember my ID on this computer')))) 284 ->addField( 285 new dcFieldSubmit('auth_login',__('log in'),array( 286 'action' => array('adminPageAuth','login')))) 287 ->addField( 288 new dcFieldSubmit('auth_recover',__('recover'),array( 289 'action' => array('adminPageAuth','recover')))) 290 ->addField( 291 new dcFieldSubmit('auth_change',__('change'),array( 292 'action' => array('adminPageAuth','change')))) 293 ->addField( 294 new dcFieldHidden ('safe_mode','0')) 295 ->addField( 296 new dcFieldHidden ('recover','0')) 297 ->addField( 298 new dcFieldHidden ('login_data','')) 299 ->addField( 300 new dcFieldHidden ('blog','')); 301 302 # Context variables 303 $_ctx->allow_pass_change = $core->auth->allowPassChange(); 304 $_ctx->change_pwd = $core->auth->allowPassChange() && $form->new_pwd != '' && $form->new_pwd_c != '' && $form->login_data != ''; 305 $_ctx->recover = $form->recover = $core->auth->allowPassChange() && !empty($_REQUEST['recover']); 306 $_ctx->setSafeMode(!empty($_REQUEST['safe_mode'])); 307 $form->safe_mode = !empty($_REQUEST['safe_mode']); 308 $_ctx->akey = false; 309 $_ctx->dlang = $dlang; 310 311 # If we have no POST login informations and have COOKIE login informations, go throug auth process 312 if ($form->user_id == '' && $form->user_pwd == '' 313 && isset($_COOKIE['dc_admin']) && strlen($_COOKIE['dc_admin']) == 104) { 314 62 315 # If we have a remember cookie, go through auth process with user_key 63 316 $user_id = substr($_COOKIE['dc_admin'],40); 64 317 $user_id = @unpack('a32',@pack('H*',$user_id)); 65 if (is_array($user_id))66 {318 319 if (is_array($user_id)) { 67 320 $user_id = $user_id[1]; 68 321 $user_key = substr($_COOKIE['dc_admin'],0,40); 69 $user_pwd = null; 70 } 71 else 72 { 73 $user_id = null; 74 } 75 } 76 77 # Recover password 78 if ($recover && !empty($_POST['user_id']) && !empty($_POST['user_email'])) 79 { 80 $user_id = !empty($_POST['user_id']) ? $_POST['user_id'] : null; 81 $user_email = !empty($_POST['user_email']) ? $_POST['user_email'] : ''; 82 try 83 { 84 $recover_key = $core->auth->setRecoverKey($user_id,$user_email); 85 86 $subject = mail::B64Header('DotClear '.__('Password reset')); 87 $message = 88 __('Someone has requested to reset the password for the following site and username.')."\n\n". 89 $page_url."\n".__('Username:').' '.$user_id."\n\n". 90 __('To reset your password visit the following address, otherwise just ignore this email and nothing will happen.')."\n". 91 $page_url.'?akey='.$recover_key; 92 93 $headers[] = 'From: '.(defined('DC_ADMIN_MAILFROM') && DC_ADMIN_MAILFROM ? DC_ADMIN_MAILFROM : 'dotclear@local'); 94 $headers[] = 'Content-Type: text/plain; charset=UTF-8;'; 95 96 mail::sendMail($user_email,$subject,$message,$headers); 97 $msg = sprintf(__('The e-mail was sent successfully to %s.'),$user_email); 98 } 99 catch (Exception $e) 100 { 101 $err = $e->getMessage(); 102 } 103 } 104 # Send new password 105 elseif ($akey) 106 { 107 try 108 { 109 $recover_res = $core->auth->recoverUserPassword($akey); 110 111 $subject = mb_encode_mimeheader('DotClear '.__('Your new password'),'UTF-8','B'); 112 $message = 113 __('Username:').' '.$recover_res['user_id']."\n". 114 __('Password:').' '.$recover_res['new_pass']."\n\n". 115 preg_replace('/\?(.*)$/','',$page_url); 116 117 $headers[] = 'From: dotclear@'.$_SERVER['HTTP_HOST']; 118 $headers[] = 'Content-Type: text/plain; charset=UTF-8;'; 119 120 mail::sendMail($recover_res['user_email'],$subject,$message,$headers); 121 $msg = __('Your new password is in your mailbox.'); 122 } 123 catch (Exception $e) 124 { 125 $err = $e->getMessage(); 126 } 127 } 128 # Change password and retry to log 129 elseif ($change_pwd) 130 { 131 try 132 { 133 $tmp_data = explode('/',$_POST['login_data']); 134 if (count($tmp_data) != 3) { 135 throw new Exception(); 136 } 137 $data = array( 138 'user_id'=>base64_decode($tmp_data[0]), 139 'cookie_admin'=>$tmp_data[1], 140 'user_remember'=>$tmp_data[2]=='1' 141 ); 142 if ($data['user_id'] === false) { 143 throw new Exception(); 144 } 145 146 # Check login informations 147 $check_user = false; 148 if (isset($data['cookie_admin']) && strlen($data['cookie_admin']) == 104) 149 { 150 $user_id = substr($data['cookie_admin'],40); 151 $user_id = @unpack('a32',@pack('H*',$user_id)); 152 if (is_array($user_id)) 153 { 154 $user_id = $user_id[1]; 155 $user_key = substr($data['cookie_admin'],0,40); 156 $check_user = $core->auth->checkUser($user_id,null,$user_key) === true; 157 } 158 } 159 160 if (!$core->auth->allowPassChange() || !$check_user) { 161 $change_pwd = false; 162 throw new Exception(); 163 } 164 165 if ($_POST['new_pwd'] != $_POST['new_pwd_c']) { 166 throw new Exception(__("Passwords don't match")); 167 } 168 169 if ($core->auth->checkUser($user_id,$_POST['new_pwd']) === true) { 170 throw new Exception(__("You didn't change your password.")); 171 } 172 173 $cur = $core->con->openCursor($core->prefix.'user'); 174 $cur->user_change_pwd = 0; 175 $cur->user_pwd = $_POST['new_pwd']; 176 $core->updUser($core->auth->userID(),$cur); 177 178 $core->session->start(); 179 $_SESSION['sess_user_id'] = $user_id; 180 $_SESSION['sess_browser_uid'] = http::browserUID(DC_MASTER_KEY); 181 182 if ($data['user_remember']) 183 { 184 setcookie('dc_admin',$data['cookie_admin'],strtotime('+15 days'),'','',DC_ADMIN_SSL); 185 } 186 187 $core->adminurl->redirect('admin.home'); 188 } 189 catch (Exception $e) 190 { 191 $err = $e->getMessage(); 192 } 193 } 194 # Try to log 195 elseif ($user_id !== null && ($user_pwd !== null || $user_key !== null)) 196 { 197 # We check the user 198 $check_user = $core->auth->checkUser($user_id,$user_pwd,$user_key,false) === true; 199 if ($check_user) { 200 $check_perms = $core->auth->findUserBlog() !== false; 201 } else { 202 $check_perms = false; 203 } 204 205 $cookie_admin = http::browserUID(DC_MASTER_KEY.$user_id. 206 crypt::hmac(DC_MASTER_KEY,$user_pwd)).bin2hex(pack('a32',$user_id)); 207 208 if ($check_perms && $core->auth->mustChangePassword()) 209 { 210 $login_data = join('/',array( 211 base64_encode($user_id), 212 $cookie_admin, 213 empty($_POST['user_remember'])?'0':'1' 214 )); 215 216 if (!$core->auth->allowPassChange()) { 217 $err = __('You have to change your password before you can login.'); 218 } else { 219 $err = __('In order to login, you have to change your password now.'); 220 $change_pwd = true; 221 } 222 } 223 elseif ($check_perms && !empty($_POST['safe_mode']) && !$core->auth->isSuperAdmin()) 224 { 225 $err = __('Safe Mode can only be used for super administrators.'); 226 } 227 elseif ($check_perms) 228 { 229 $core->session->start(); 230 $_SESSION['sess_user_id'] = $user_id; 231 $_SESSION['sess_browser_uid'] = http::browserUID(DC_MASTER_KEY); 232 233 if (!empty($_POST['blog'])) { 234 $_SESSION['sess_blog_id'] = $_POST['blog']; 235 } 236 237 if (!empty($_POST['safe_mode']) && $core->auth->isSuperAdmin()) { 238 $_SESSION['sess_safe_mode'] = true; 239 } 240 241 if (!empty($_POST['user_remember'])) { 242 setcookie('dc_admin',$cookie_admin,strtotime('+15 days'),'','',DC_ADMIN_SSL); 243 } 244 245 $core->adminurl->redirect('admin.home'); 246 } 247 else 248 { 249 if (isset($_COOKIE['dc_admin'])) { 250 unset($_COOKIE['dc_admin']); 251 setcookie('dc_admin',false,-600,'','',DC_ADMIN_SSL); 252 } 253 if ($check_user) { 254 $err = __('Insufficient permissions'); 255 } else { 256 $err = __('Wrong username or password'); 257 } 258 } 322 $user_pwd = ''; 323 324 adminPageAuth::process($form,$user_id,$user_pwd,$user_key); 325 } 326 } 327 # If we have an akey, go throug send password process 328 elseif ($core->auth->allowPassChange() && !empty($_GET['akey'])) { 329 adminPageAuth::send($_GET['akey']); 259 330 } 260 331 261 332 if (isset($_GET['user'])) { 262 $user_id = $_GET['user']; 263 } 264 265 header('Content-Type: text/html; charset=UTF-8'); 266 267 // Prevents Clickjacking as far as possible 268 header('X-Frame-Options: SAMEORIGIN'); // FF 3.6.9+ Chrome 4.1+ IE 8+ Safari 4+ Opera 10.5+ 269 333 $form->user_id = $_GET['user']; 334 } 335 336 $form->setup(); 337 338 $core->tpl->display('auth.html.twig'); 270 339 ?> 271 <!DOCTYPE html>272 <html lang="<?php echo $dlang; ?>">273 <head>274 <meta charset="UTF-8" />275 <meta http-equiv="Content-Script-Type" content="text/javascript" />276 <meta http-equiv="Content-Style-Type" content="text/css" />277 <meta http-equiv="Content-Language" content="<?php echo $dlang; ?>" />278 <meta name="ROBOTS" content="NOARCHIVE,NOINDEX,NOFOLLOW" />279 <meta name="GOOGLEBOT" content="NOSNIPPET" />280 <meta name="viewport" content="width=device-width, initial-scale=1.0" />281 <title><?php echo html::escapeHTML(DC_VENDOR_NAME); ?></title>282 <link rel="icon" type="image/png" href="images/favicon96-logout.png" />283 <link rel="shortcut icon" href="../favicon.ico" type="image/x-icon" />284 285 286 <?php287 echo dcPage::jsLoadIE7();288 echo dcPage::jsCommon();289 ?>290 291 <link rel="stylesheet" href="style/default.css" type="text/css" media="screen" />292 293 <?php294 # --BEHAVIOR-- loginPageHTMLHead295 $core->callBehavior('loginPageHTMLHead');296 ?>297 298 <script type="text/javascript">299 //<![CDATA[300 $(window).load(function() {301 var uid = $('input[name=user_id]');302 var upw = $('input[name=user_pwd]');303 uid.focus();304 305 if (upw.length == 0) { return; }306 307 uid.keypress(processKey);308 309 function processKey(evt) {310 if (evt.which == 13 && upw.val() == '') {311 upw.focus();312 return false;313 }314 return true;315 };316 $.cookie('dc_admin_test_cookie',true);317 if ($.cookie('dc_admin_test_cookie')) {318 $('#cookie_help').hide();319 $.cookie('dc_admin_test_cookie', '', {'expires': -1});320 } else {321 $('#cookie_help').show();322 }323 $('#issue #more').toggleWithLegend($('#issue').children().not('#more'));324 });325 //]]>326 </script>327 </head>328 329 <body id="dotclear-admin" class="auth">330 331 <form action="<?php echo $core->adminurl->get('admin.auth'); ?>" method="post" id="login-screen">332 <h1 role="banner"><?php echo html::escapeHTML(DC_VENDOR_NAME); ?></h1>333 334 <?php335 if ($err) {336 echo '<div class="error" role="alert">'.$err.'</div>';337 }338 if ($msg) {339 echo '<p class="success" role="alert">'.$msg.'</p>';340 }341 342 if ($akey)343 {344 echo '<p><a href="'.$core->adminurl->get('admin.auth').'">'.__('Back to login screen').'</a></p>';345 }346 elseif ($recover)347 {348 echo349 '<div class="fieldset" role="main"><h2>'.__('Request a new password').'</h2>'.350 '<p><label for="user_id">'.__('Username:').'</label> '.351 form::field(array('user_id','user_id'),20,32,html::escapeHTML($user_id)).'</p>'.352 353 '<p><label for="user_email">'.__('Email:').'</label> '.354 form::field(array('user_email','user_email'),20,255,html::escapeHTML($user_email)).'</p>'.355 356 '<p><input type="submit" value="'.__('recover').'" />'.357 form::hidden(array('recover'),1).'</p>'.358 '</div>'.359 360 '<div id="issue">'.361 '<p><a href="'.$core->adminurl->get('admin.auth').'">'.__('Back to login screen').'</a></p>'.362 '</div>';363 }364 elseif ($change_pwd)365 {366 echo367 '<div class="fieldset"><h2>'.__('Change your password').'</h2>'.368 '<p><label for="new_pwd">'.__('New password:').'</label> '.369 form::password(array('new_pwd','new_pwd'),20,255).'</p>'.370 371 '<p><label for="new_pwd_c">'.__('Confirm password:').'</label> '.372 form::password(array('new_pwd_c','new_pwd_c'),20,255).'</p>'.373 '</div>'.374 375 '<p><input type="submit" value="'.__('change').'" />'.376 form::hidden('login_data',$login_data).'</p>';377 }378 else379 {380 if (is_callable(array($core->auth,'authForm')))381 {382 echo $core->auth->authForm($user_id);383 }384 else385 {386 if ($safe_mode) {387 echo '<div class="fieldset" role="main">';388 echo '<h2>'.__('Safe mode login').'</h2>';389 echo390 '<p class="form-note">'.391 __('This mode allows you to login without activating any of your plugins. This may be useful to solve compatibility problems').' </p>'.392 '<p class="form-note">'.__('Disable or delete any plugin suspected to cause trouble, then log out and log back in normally.').393 '</p>';394 }395 else {396 echo '<div class="fieldset" role="main">';397 }398 399 echo400 '<p><label for="user_id">'.__('Username:').'</label> '.401 form::field(array('user_id','user_id'),20,32,html::escapeHTML($user_id)).'</p>'.402 403 '<p><label for="user_pwd">'.__('Password:').'</label> '.404 form::password(array('user_pwd','user_pwd'),20,255).'</p>'.405 406 '<p>'.407 form::checkbox(array('user_remember','user_remember'),1).408 '<label for="user_remember" class="classic">'.409 __('Remember my ID on this computer').'</label></p>'.410 411 '<p><input type="submit" value="'.__('log in').'" class="login" /></p>';412 413 if (!empty($_REQUEST['blog'])) {414 echo form::hidden('blog',html::escapeHTML($_REQUEST['blog']));415 }416 if($safe_mode) {417 echo418 form::hidden('safe_mode',1).419 '</div>';420 }421 else {422 echo '</div>';423 }424 echo425 '<p id="cookie_help" class="error">'.__('You must accept cookies in order to use the private area.').'</p>';426 427 echo '<div id="issue">';428 429 if ($safe_mode) {430 echo431 '<p><a href="'.$core->adminurl->get('admin.auth').'" id="normal_mode_link">'.__('Get back to normal authentication').'</a></p>';432 } else {433 echo '<p id="more"><strong>'.__('Connection issue?').'</strong></p>';434 if ($core->auth->allowPassChange()) {435 echo '<p><a href="'.$core->adminurl->get('admin.auth',array('recover' => 1)).'">'.__('I forgot my password').'</a></p>';436 }437 echo '<p><a href="'.$core->adminurl->get('admin.auth',array('safe_mode' => 1)).'" id="safe_mode_link">'.__('I want to log in in safe mode').'</a></p>';438 }439 440 echo '</div>';441 }442 }443 ?>444 </form>445 </body>446 </html> -
admin/index.php
r2854 r2911 15 15 exit; 16 16 } 17 if (!empty($_GET['tf'])) { 18 define('DC_CONTEXT_ADMIN',true); 19 require dirname(__FILE__).'/../inc/load_theme_file.php'; 20 exit; 21 } 17 22 18 23 require dirname(__FILE__).'/../inc/admin/prepend.php'; … … 21 26 try { 22 27 $core->setUserDefaultBlog($core->auth->userID(),$core->blog->id); 23 $core->adminurl->redirect("admin.home");28 http::redirect('index.php'); 24 29 } catch (Exception $e) { 25 30 $core->error->add($e->getMessage()); … … 36 41 setcookie('dc_admin',false,-600,'','',DC_ADMIN_SSL); 37 42 } 38 $core->adminurl->redirect("admin.auth");43 http::redirect('auth.php'); 39 44 exit; 40 45 } … … 43 48 $plugins_install = $core->plugins->installModules(); 44 49 50 # Send plugins install messages to templates 51 if (!empty($plugins_install['success'])) { 52 $_ctx->addMessagesList(__('Following plugins have been installed:'),$plugins_install['success']); 53 } 54 if (!empty($plugins_install['failure'])) { 55 $_ctx->addMessagesList(__('Following plugins have not been installed:'),$plugins_install['failure']); 56 } 57 58 # Send plugins errors messages to templates 59 $_ctx->modules_errors = $core->auth->isSuperAdmin() ? $core->plugins->getErrors() : array(); 60 61 # Send Dotclear updates notifications to tempaltes 62 $_ctx->updater = array(); 63 if ($core->auth->isSuperAdmin() && is_readable(DC_DIGESTS)) { 64 65 $updater = new dcUpdate(DC_UPDATE_URL,'dotclear',DC_UPDATE_VERSION,DC_TPL_CACHE.'/versions'); 66 $new_v = $updater->check(DC_VERSION); 67 $version_info = $new_v ? $updater->getInfoURL() : ''; 68 69 if ($updater->getNotify() && $new_v) { 70 $_ctx->updater = array( 71 'new_version' => $new_v, 72 'version_info' => $version_info 73 ); 74 } 75 } 76 45 77 # Check dashboard module prefs 46 78 $ws = $core->auth->user_prefs->addWorkspace('dashboard'); 79 80 # Doclinks prefs 47 81 if (!$core->auth->user_prefs->dashboard->prefExists('doclinks')) { 48 82 if (!$core->auth->user_prefs->dashboard->prefExists('doclinks',true)) { … … 51 85 $core->auth->user_prefs->dashboard->put('doclinks',true,'boolean'); 52 86 } 87 88 # Send doclinks to templates 89 $_ctx->dashboard_doclinks = array(); 90 if ($core->auth->user_prefs->dashboard->doclinks && !empty($__resources['doc'])) { 91 $_ctx->dashboard_doclinks = $__resources['doc']; 92 } 93 94 # Dcnews prefs 53 95 if (!$core->auth->user_prefs->dashboard->prefExists('dcnews')) { 54 96 if (!$core->auth->user_prefs->dashboard->prefExists('dcnews',true)) { … … 57 99 $core->auth->user_prefs->dashboard->put('dcnews',true,'boolean'); 58 100 } 101 102 # Send dcnews to templates 103 $_ctx->dashboard_dcnews = array(); 104 if ($core->auth->user_prefs->dashboard->dcnews && !empty($__resources['rss_news'])) { 105 try 106 { 107 $feed_reader = new feedReader; 108 $feed_reader->setCacheDir(DC_TPL_CACHE); 109 $feed_reader->setTimeout(2); 110 $feed_reader->setUserAgent('Dotclear - http://www.dotclear.org/'); 111 $feed = $feed_reader->parse($__resources['rss_news']); 112 if ($feed) { 113 $items = array(); 114 $i = 1; 115 foreach ($feed->items as $item) { 116 $items[] = array( 117 'title' => $item->title, 118 'link' => isset($item->link) ? $item->link : '', 119 'date' => dt::dt2str(__('%d %B %Y'),$item->pubdate,'Europe/Paris'), 120 'content' => html::clean($item->content) 121 ); 122 $i++; 123 if ($i > 3) { break; } 124 } 125 $_ctx->dashboard_dcnews = $items; 126 } 127 } 128 catch (Exception $e) {} 129 } 130 131 # Quick entry prefs 59 132 if (!$core->auth->user_prefs->dashboard->prefExists('quickentry')) { 60 133 if (!$core->auth->user_prefs->dashboard->prefExists('quickentry',true)) { 61 $core->auth->user_prefs->dashboard->put('quickentry',false,'boolean','',null,true); 62 } 63 $core->auth->user_prefs->dashboard->put('quickentry',false,'boolean'); 64 } 65 66 // Handle folded/unfolded sections in admin from user preferences 67 $ws = $core->auth->user_prefs->addWorkspace('toggles'); 68 if (!$core->auth->user_prefs->toggles->prefExists('unfolded_sections')) { 69 $core->auth->user_prefs->toggles->put('unfolded_sections','','string','Folded sections in admin',null,true); 70 } 71 134 $core->auth->user_prefs->dashboard->put('quickentry',true,'boolean','',null,true); 135 } 136 $core->auth->user_prefs->dashboard->put('quickentry',true,'boolean'); 137 } 138 139 # Send quick entry to templates 140 $_ctx->dashboard_quickentry = false; 141 if ($core->auth->user_prefs->dashboard->quickentry &&$core->auth->check('usage,contentadmin',$core->blog->id)) 142 { 143 $categories_combo = array(' ' => ''); 144 try { 145 $categories = $core->blog->getCategories(array('post_type'=>'post')); 146 while ($categories->fetch()) { 147 $categories_combo[$categories->cat_id] = 148 str_repeat(' ',$categories->level-1). 149 ($categories->level-1 == 0 ? '' : '• '). 150 html::escapeHTML($categories->cat_title); 151 } 152 } catch (Exception $e) { } 153 154 $form = new dcForm($core,array('quickentry','quick-entry'),'post.php'); 155 $form 156 ->addField( 157 new dcFieldText('post_title','', array( 158 'size' => 20, 159 'required' => true, 160 'label' => __('Title')))) 161 ->addField( 162 new dcFieldTextArea('post_content','', array( 163 'required' => true, 164 'label' => __("Content:")))) 165 ->addField( 166 new dcFieldCombo('cat_id','',$categories_combo,array( 167 "label" => __('Category:')))) 168 ->addField( 169 new dcFieldSubmit('save',__('Save'),array( 170 'action' => 'savePost'))) 171 ->addField( 172 new dcFieldHidden ('post_status',-2)) 173 ->addField( 174 new dcFieldHidden ('post_format',$core->auth->getOption('post_format'))) 175 ->addField( 176 new dcFieldHidden ('post_excerpt','')) 177 ->addField( 178 new dcFieldHidden ('post_lang',$core->auth->getInfo('user_lang'))) 179 ->addField( 180 new dcFieldHidden ('post_notes','')) 181 ; 182 if ($core->auth->check('publish',$core->blog->id)) { 183 $form->addField( 184 new dcFieldHidden ('save-publish',__('Save and publish'))); 185 } 186 187 $_ctx->dashboard_quickentry = true; 188 } 72 189 73 190 # Dashboard icons … … 76 193 $favs = $core->favs->getUserFavorites(); 77 194 $core->favs->appendDashboardIcons($__dashboard_icons); 195 78 196 79 197 # Check plugins and themes update from repository … … 101 219 102 220 $dashboardItem = 0; 221 103 222 104 223 if ($core->auth->user_prefs->dashboard->dcnews) { … … 168 287 $core->callBehavior('adminDashboardContents', $core, $__dashboard_contents); 169 288 170 # Editor stuff 171 $admin_post_behavior = ''; 172 if ($core->auth->user_prefs->dashboard->quickentry) { 173 if ($core->auth->check('usage,contentadmin',$core->blog->id)) 174 { 175 $post_format = $core->auth->getOption('post_format'); 176 $post_editor = $core->auth->getOption('editor'); 177 if ($post_editor && !empty($post_editor[$post_format])) { 178 // context is not post because of tags not available 179 $admin_post_behavior = $core->callBehavior('adminPostEditor', $post_editor[$post_format], 'quickentry', array('#post_content')); 180 } 181 } 182 } 183 184 /* DISPLAY 185 -------------------------------------------------------- */ 186 dcPage::open(__('Dashboard'), 187 dcPage::jsLoad('js/_index.js'). 188 $admin_post_behavior. 189 # --BEHAVIOR-- adminDashboardHeaders 190 $core->callBehavior('adminDashboardHeaders'), 191 dcPage::breadcrumb( 192 array( 193 __('Dashboard').' : '.html::escapeHTML($core->blog->name) => '' 194 ), 195 array('home_link' =>false) 196 ) 197 ); 198 199 # Dotclear updates notifications 200 if ($core->auth->isSuperAdmin() && is_readable(DC_DIGESTS)) 201 { 202 $updater = new dcUpdate(DC_UPDATE_URL,'dotclear',DC_UPDATE_VERSION,DC_TPL_CACHE.'/versions'); 203 $new_v = $updater->check(DC_VERSION); 204 $version_info = $new_v ? $updater->getInfoURL() : ''; 205 206 if ($updater->getNotify() && $new_v) { 207 echo 208 '<div class="dc-update"><h3>'.sprintf(__('Dotclear %s is available!'),$new_v).'</h3> '. 209 '<p><a class="button submit" href="'.$core->adminurl->get("admin.update").'">'.sprintf(__('Upgrade now'),$new_v).'</a> '. 210 '<a class="button" href="'.$core->adminurl->get("admin.update", array('hide_msg' => 1)).'">'.__('Remind me later').'</a>'. 211 ($version_info ? ' </p>'. 212 '<p class="updt-info"><a href="'.$version_info.'">'.__('Information about this version').'</a>' : '').'</p>'. 213 '</div>'; 214 } 215 } 216 217 if ($core->auth->getInfo('user_default_blog') != $core->blog->id && $core->auth->getBlogCount() > 1) { 218 echo 219 '<p><a href="'.$core->adminurl->get("admin.home",array('default_blog' => 1)).'" class="button">'.__('Make this blog my default blog').'</a></p>'; 220 } 221 289 # Blog status message 222 290 if ($core->blog->status == 0) { 223 echo '<p class="static-msg">'.__('This blog is offline').'.</p>';291 $_ctx->addMessageStatic(__('This blog is offline')); 224 292 } elseif ($core->blog->status == -1) { 225 echo '<p class="static-msg">'.__('This blog is removed').'.</p>'; 226 } 227 293 $_ctx->addMessageStatic(__('This blog is removed')); 294 } 295 296 # Config errors messages 228 297 if (!defined('DC_ADMIN_URL') || !DC_ADMIN_URL) { 229 echo 230 '<p class="static-msg">'. 231 sprintf(__('%s is not defined, you should edit your configuration file.'),'DC_ADMIN_URL'). 232 ' '.__('See <a href="http://dotclear.org/documentation/2.0/admin/config">documentation</a> for more information.'). 233 '</p>'; 234 } 235 298 $_ctx->addMessageStatic( 299 sprintf(__('%s is not defined, you should edit your configuration file.'),'DC_ADMIN_URL').' '. 300 __('See <a href="http://dotclear.org/documentation/2.0/admin/config">documentation</a> for more information.') 301 ); 302 } 236 303 if (!defined('DC_ADMIN_MAILFROM') || !DC_ADMIN_MAILFROM) { 237 echo 238 '<p class="static-msg">'. 239 sprintf(__('%s is not defined, you should edit your configuration file.'),'DC_ADMIN_MAILFROM'). 240 ' '.__('See <a href="http://dotclear.org/documentation/2.0/admin/config">documentation</a> for more information.'). 241 '</p>'; 242 } 243 244 $err = array(); 245 246 # Check cache directory 247 if ( $core->auth->isSuperAdmin() ) { 248 if (!is_dir(DC_TPL_CACHE) || !is_writable(DC_TPL_CACHE)) { 249 $err[] = '<p>'.__("The cache directory does not exist or is not writable. You must create this directory with sufficient rights and affect this location to \"DC_TPL_CACHE\" in inc/config.php file.").'</p>'; 250 } 251 } else { 252 if (!is_dir(DC_TPL_CACHE) || !is_writable(DC_TPL_CACHE)) { 253 $err[] = '<p>'.__("The cache directory does not exist or is not writable. You should contact your administrator.").'</p>'; 254 } 255 } 256 257 # Check public directory 258 if ( $core->auth->isSuperAdmin() ) { 259 if (!is_dir($core->blog->public_path) || !is_writable($core->blog->public_path)) { 260 $err[] = '<p>'.__("There is no writable directory /public/ at the location set in about:config \"public_path\". You must create this directory with sufficient rights (or change this setting).").'</p>'; 261 } 262 } else { 263 if (!is_dir($core->blog->public_path) || !is_writable($core->blog->public_path)) { 264 $err[] = '<p>'.__("There is no writable root directory for the media manager. You should contact your administrator.").'</p>'; 265 } 266 } 267 268 # Error list 269 if (count($err) > 0) { 270 echo '<div class="error"><p><strong>'.__('Error:').'</strong></p>'. 271 '<ul><li>'.implode("</li><li>",$err).'</li></ul></div>'; 272 } 273 274 # Plugins install messages 275 if (!empty($plugins_install['success'])) 276 { 277 echo '<div class="success">'.__('Following plugins have been installed:').'<ul>'; 278 foreach ($plugins_install['success'] as $k => $v) { 279 echo '<li>'.$k.'</li>'; 280 } 281 echo '</ul></div>'; 282 } 283 if (!empty($plugins_install['failure'])) 284 { 285 echo '<div class="error">'.__('Following plugins have not been installed:').'<ul>'; 286 foreach ($plugins_install['failure'] as $k => $v) { 287 echo '<li>'.$k.' ('.$v.')</li>'; 288 } 289 echo '</ul></div>'; 290 } 291 # Errors modules notifications 292 if ($core->auth->isSuperAdmin()) 293 { 294 $list = $core->plugins->getErrors(); 295 if (!empty($list)) { 296 echo 297 '<div class="error" id="module-errors" class="error"><p>'.__('Errors have occured with following plugins:').'</p> '. 298 '<ul><li>'.implode("</li>\n<li>", $list).'</li></ul></div>'; 299 } 300 } 301 302 # Dashboard columns (processed first, as we need to know the result before displaying the icons.) 303 $dashboardItems = ''; 304 305 foreach ($__dashboard_items as $i) 306 { 307 if ($i->count() > 0) 308 { 309 $dashboardItems .= ''; 310 foreach ($i as $v) { 311 $dashboardItems .= $v; 312 } 313 $dashboardItems .= ''; 314 } 315 } 316 317 # Dashboard elements 318 echo '<div id="dashboard-main">'; 319 320 # Dashboard icons 321 echo '<div id="icons">'; 322 foreach ($__dashboard_icons as $i) 323 { 324 echo 325 '<p><a href="'.$i[1].'"><img src="'.dc_admin_icon_url($i[2]).'" alt="" />'. 326 '<br /><span>'.$i[0].'</span></a></p>'; 327 } 328 echo '</div>'; 329 330 if ($core->auth->user_prefs->dashboard->quickentry) { 331 if ($core->auth->check('usage,contentadmin',$core->blog->id)) 332 { 333 # Getting categories 334 $categories_combo = dcAdminCombos::getCategoriesCombo( 335 $core->blog->getCategories(array('post_type'=>'post')) 336 ); 337 338 echo 339 '<div id="quick">'. 340 '<h3>'.__('Quick entry').'</h3>'. 341 '<form id="quick-entry" action="'.$core->adminurl->get('admin.post').'" method="post" class="fieldset">'. 342 '<h4>'.__('New entry').'</h4>'. 343 '<p class="col"><label for="post_title" class="required"><abbr title="'.__('Required field').'">*</abbr> '.__('Title:').'</label>'. 344 form::field('post_title',20,255,'','maximal'). 345 '</p>'. 346 '<p class="area"><label class="required" '. 347 'for="post_content"><abbr title="'.__('Required field').'">*</abbr> '.__('Content:').'</label> '. 348 form::textarea('post_content',50,10). 349 '</p>'. 350 '<p><label for="cat_id" class="classic">'.__('Category:').'</label> '. 351 form::combo('cat_id',$categories_combo).'</p>'. 352 ($core->auth->check('categories', $core->blog->id) 353 ? '<div>'. 354 '<p id="new_cat" class="q-cat">'.__('Add a new category').'</p>'. 355 '<p class="q-cat"><label for="new_cat_title">'.__('Title:').'</label> '. 356 form::field('new_cat_title',30,255,'','').'</p>'. 357 '<p class="q-cat"><label for="new_cat_parent">'.__('Parent:').'</label> '. 358 form::combo('new_cat_parent',$categories_combo,'',''). 359 '</p>'. 360 '<p class="form-note info clear">'.__('This category will be created when you will save your post.').'</p>'. 361 '</div>' 362 : ''). 363 '<p><input type="submit" value="'.__('Save').'" name="save" /> '. 364 ($core->auth->check('publish',$core->blog->id) 365 ? '<input type="hidden" value="'.__('Save and publish').'" name="save-publish" />' 366 : ''). 367 $core->formNonce(). 368 form::hidden('post_status',-2). 369 form::hidden('post_format',$core->auth->getOption('post_format')). 370 form::hidden('post_excerpt',''). 371 form::hidden('post_lang',$core->auth->getInfo('user_lang')). 372 form::hidden('post_notes',''). 373 '</p>'. 374 '</form>'. 375 '</div>'; 376 } 377 } 378 379 foreach ($__dashboard_contents as $i) 380 { 381 if ($i->count() > 0) 382 { 383 $dashboardContents .= ''; 384 foreach ($i as $v) { 385 $dashboardContents .= $v; 386 } 387 $dashboardContents .= ''; 388 } 389 } 390 391 if ($dashboardContents != '' || $dashboardItems != '') { 392 echo 393 '<div id="dashboard-boxes">'. 394 '<div class="db-items">'.$dashboardItems.$dashboardContents.'</div>'. 395 '</div>'; 396 } 397 398 echo '</div>'; #end dashboard-main 399 dcPage::helpBlock('core_dashboard'); 400 dcPage::close(); 304 $_ctx->addMessageStatic( 305 sprintf(__('%s is not defined, you should edit your configuration file.'),'DC_ADMIN_MAILFROM').' '. 306 __('See <a href="http://dotclear.org/documentation/2.0/admin/config">documentation</a> for more information.') 307 ); 308 } 309 $_ctx->dashboard_icons = $__dashboard_icons; 310 //print_r($__dashboard_icons);exit; 311 $_ctx->setBreadCrumb(__('Dashboard').' : '.html::escapeHTML($core->blog->name), false); 312 $core->tpl->display('index.html.twig'); 313 ?> -
admin/plugin.php
r2708 r2715 4 4 # This file is part of Dotclear 2. 5 5 # 6 # Copyright (c) 2003-201 3Olivier Meunier & Association Dotclear6 # Copyright (c) 2003-2011 Olivier Meunier & Association Dotclear 7 7 # Licensed under the GPL version 2.0 license. 8 8 # See LICENSE file or … … 15 15 dcPage::check('usage,contentadmin'); 16 16 17 $has_content = false; 17 18 $p_file = ''; 18 19 $p = !empty($_REQUEST['p']) ? $_REQUEST['p'] : null; 19 $popup = (integer) !empty($_REQUEST['popup']); 20 21 if ($popup) { 22 $open_f = array('dcPage','openPopup'); 23 $close_f = array('dcPage','closePopup'); 24 } else { 25 $open_f = array('dcPage','open'); 26 $close_f = array('dcPage','close'); 27 } 20 $popup = $_ctx->popup = (integer) !empty($_REQUEST['popup']); 28 21 29 22 if ($core->plugins->moduleExists($p)) { 30 23 $p_file = $core->plugins->moduleRoot($p).'/index.php'; 31 24 } 25 if (file_exists($p_file)) { 32 26 33 if (file_exists($p_file)) 34 { 35 # Loading plugin 27 //* Keep this for old style plugins using dcPage 28 if ($popup) { 29 $open_f = array('dcPage','openPopup'); 30 $close_f = array('dcPage','closePopup'); 31 } else { 32 $open_f = array('dcPage','open'); 33 $close_f = array('dcPage','close'); 34 } 35 36 36 $p_info = $core->plugins->getModules($p); 37 38 37 $p_name = $p; 39 38 $p_url = 'plugin.php?p='.$p; 40 41 $p_title = 'no content - plugin'; 42 $p_head = ''; 43 $p_content = '<p>'.__('No content found on this plugin.').'</p>'; 44 39 $p_title = $p_head = $p_content = ''; 40 //*/ 41 # Get page content 45 42 ob_start(); 46 43 include $p_file; … … 48 45 ob_end_clean(); 49 46 50 if (preg_match('|<head>(.*?)</head|ms',$res,$m)) { 51 if (preg_match('|<title>(.*?)</title>|ms',$m[1],$mt)) { 52 $p_title = $mt[1]; 53 } 54 55 if (preg_match_all('|(<script.*?>.*?</script>)|ms',$m[1],$ms)) { 56 foreach ($ms[1] as $v) { 57 $p_head .= $v."\n"; 47 # Check context and display 48 if ($_ctx->hasPageTitle() && !empty($res)) { 49 $has_content = true; 50 echo $res; 51 } 52 //* Keep this for old style plugins using dcPage 53 elseif (!$_ctx->hasPageTitle()) { 54 55 if (preg_match('|<head>(.*?)</head|ms',$res,$m)) { 56 if (preg_match('|<title>(.*?)</title>|ms',$m[1],$mt)) { 57 $p_title = $mt[1]; 58 } 59 60 if (preg_match_all('|(<script.*?>.*?</script>)|ms',$m[1],$ms)) { 61 foreach ($ms[1] as $v) { 62 $p_head .= $v."\n"; 63 } 64 } 65 66 if (preg_match_all('|(<style.*?>.*?</style>)|ms',$m[1],$ms)) { 67 foreach ($ms[1] as $v) { 68 $p_head .= $v."\n"; 69 } 70 } 71 72 if (preg_match_all('|(<link.*?/>)|ms',$m[1],$ms)) { 73 foreach ($ms[1] as $v) { 74 $p_head .= $v."\n"; 75 } 58 76 } 59 77 } 60 61 if (preg_match_all('|(<style.*?>.*?</style>)|ms',$m[1],$ms)) { 62 foreach ($ms[1] as $v) { 63 $p_head .= $v."\n"; 64 } 65 } 66 67 if (preg_match_all('|(<link.*?/>)|ms',$m[1],$ms)) { 68 foreach ($ms[1] as $v) { 69 $p_head .= $v."\n"; 70 } 78 79 if (preg_match('|<body.*?>(.+)</body>|ms',$res,$m)) { 80 $p_content = $m[1]; 81 82 call_user_func($open_f,$p_title,$p_head); 83 echo $p_content; 84 call_user_func($close_f); 85 86 $has_content = true; 71 87 } 72 88 } 73 74 if (preg_match('|<body.*?>(.+)</body>|ms',$res,$m)) { 75 $p_content = $m[1]; 76 } 77 78 call_user_func($open_f,$p_title,$p_head); 79 echo $p_content; 80 call_user_func($close_f); 89 //*/ 81 90 } 82 else 83 { 84 call_user_func($open_f,__('Plugin not found'),'', 85 dcPage::breadcrumb( 86 array( 87 __('System') => '', 88 __('Plugin not found') => '' 89 )) 90 ); 91 92 echo '<p>'.__('The plugin you reached does not exist or does not have an admin page.').'</p>'; 93 94 call_user_func($close_f); 91 # No plugin or content found 92 if (!$has_content) { 93 $_ctx->setBreadcrumb(__('Plugin not found')); 94 $_ctx->addError(__('The plugin you reached does not exist or does not have an admin page.')); 95 $core->tpl->display('plugin.html.twig'); 95 96 } 97 ?> -
admin/post.php
r2907 r2911 15 15 dcPage::check('usage,contentadmin'); 16 16 17 $post_id = ''; 18 $cat_id = ''; 19 $post_dt = ''; 20 $post_format = $core->auth->getOption('post_format'); 21 $post_editor = $core->auth->getOption('editor'); 22 $post_password = ''; 23 $post_url = ''; 24 $post_lang = $core->auth->getInfo('user_lang'); 25 $post_title = ''; 26 $post_excerpt = ''; 27 $post_excerpt_xhtml = ''; 28 $post_content = ''; 29 $post_content_xhtml = ''; 30 $post_notes = ''; 31 $post_status = $core->auth->getInfo('user_post_status'); 32 $post_selected = false; 33 $post_open_comment = $core->blog->settings->system->allow_comments; 34 $post_open_tb = $core->blog->settings->system->allow_trackbacks; 17 class PostActions 18 { 19 public static function savePost($form) { 20 global $_ctx, $core; 21 if (!$form->can_edit_post) { 22 return; 23 } 24 try { 25 $form->check($_ctx); 26 $form->cat_id = (integer) $form->cat_id; 27 28 if (!empty($form->post_dt)) { 29 try 30 { 31 $post_dt = strtotime($form->post_dt); 32 if ($post_dt == false || $post_dt == -1) { 33 $bad_dt = true; 34 throw new Exception(__('Invalid publication date')); 35 } 36 $form->post_dt = date('Y-m-d H:i',$post_dt); 37 } 38 catch (Exception $e) 39 { 40 $core->error->add($e->getMessage()); 41 } 42 } 43 $post_excerpt = $form->post_excerpt; 44 $post_content = $form->post_content; 45 $post_excerpt_xhtml = ''; 46 $post_content_xhtml = ''; 47 $core->blog->setPostContent( 48 $form->id,$form->post_format,$form->post_lang, 49 $post_excerpt,$post_excerpt_xhtml,$post_content,$post_content_xhtml 50 ); 51 $form->post_excerpt = $post_excerpt; 52 $form->post_content = $post_content; 53 $form->post_excerpt_xhtml = $post_excerpt_xhtml; 54 $form->post_content_xhtml = $post_content_xhtml; 55 56 $cur = $core->con->openCursor($core->prefix.'post'); 57 58 $cur->post_title = $form->post_title; 59 $cur->cat_id = $form->cat_id ? $form->cat_id : null; 60 $cur->post_dt = $form->post_dt ? date('Y-m-d H:i:00',strtotime($form->post_dt)) : ''; 61 $cur->post_format = $form->post_format; 62 $cur->post_password = $form->post_password; 63 $cur->post_lang = $form->post_lang; 64 $cur->post_title = $form->post_title; 65 $cur->post_excerpt = $form->post_excerpt; 66 $cur->post_excerpt_xhtml = $form->post_excerpt_xhtml; 67 $cur->post_content = $form->post_content; 68 $cur->post_content_xhtml = $form->post_content_xhtml; 69 $cur->post_notes = $form->post_notes; 70 $cur->post_status = $form->post_status; 71 $cur->post_selected = (integer) $form->post_selected; 72 $cur->post_open_comment = (integer) $form->post_open_comment; 73 $cur->post_open_tb = (integer) $form->post_open_tb; 74 75 if (!empty($form->post_url)) { 76 $cur->post_url = $form->post_url; 77 } 78 79 # Update post 80 if ($form->id) 81 { 82 # --BEHAVIOR-- adminBeforePostUpdate 83 $core->callBehavior('adminBeforePostUpdate',$cur,$form->id); 84 85 $core->blog->updPost($form->id,$cur); 86 87 # --BEHAVIOR-- adminAfterPostUpdate 88 $core->callBehavior('adminAfterPostUpdate',$cur,$form->id); 89 http::redirect('post.php?id='.$form->id.'&upd=1'); 90 } 91 else 92 { 93 $cur->user_id = $core->auth->userID(); 94 # --BEHAVIOR-- adminBeforePostCreate 95 $core->callBehavior('adminBeforePostCreate',$cur); 96 97 $return_id = $core->blog->addPost($cur); 98 99 # --BEHAVIOR-- adminAfterPostCreate 100 $core->callBehavior('adminAfterPostCreate',$cur,$return_id); 101 102 http::redirect('post.php?id='.$return_id.'&crea=1'); 103 } 104 105 } catch (Exception $e) { 106 $_ctx->addError($e->getMessage()); 107 } 108 } 109 public static function deletePost($form) { 110 global $core,$_ctx; 111 if ($form->can_delete) { 112 try { 113 $post_id = $form->id; 114 $core->callBehavior('adminBeforePostDelete',$post_id); 115 $core->blog->delPost($post_id); 116 http::redirect('posts.php'); 117 exit; 118 } catch (Exception $e) { 119 $_ctx->addError($e->getMessage()); 120 } 121 } 122 } 123 } 35 124 36 125 $page_title = __('New entry'); 37 126 $post_id=''; 38 127 $can_view_page = true; 39 128 $can_edit_post = $core->auth->check('usage,contentadmin',$core->blog->id); … … 41 130 $can_delete = false; 42 131 43 $post_headlink = '<link rel="%s" title="%s" href="'.$core->adminurl->get('admin.post',array('id' => "%s"),'&',true).'" />'; 44 $post_link = '<a href="'.$core->adminurl->get('admin.post',array('id' => "%s"),'&',true).'" title="%s">%s</a>'; 132 $post_headlink = '<link rel="%s" title="%s" href="post.php?id=%s" />'; 133 $post_link = '<a href="post.php?id=%s" title="%s">%s</a>'; 134 45 135 $next_link = $prev_link = $next_headlink = $prev_headlink = null; 46 136 47 137 # If user can't publish 48 138 if (!$can_publish) { 49 $ post_status = -2;139 $form->post_status = -2; 50 140 } 51 141 52 142 # Getting categories 53 $categories_combo = dcAdminCombos::getCategoriesCombo( 54 $core->blog->getCategories(array('post_type'=>'post')) 55 ); 56 57 $status_combo = dcAdminCombos::getPostStatusesCombo(); 58 59 $img_status_pattern = '<img class="img_select_option" alt="%1$s" title="%1$s" src="images/%2$s" />'; 60 61 # Formats combo 62 $core_formaters = $core->getFormaters(); 63 $available_formats = array('' => ''); 64 foreach ($core_formaters as $editor => $formats) { 65 foreach ($formats as $format) { 66 $available_formats[$format] = $format; 67 } 143 $categories_combo = array(' ' => ''); 144 try { 145 $categories = $core->blog->getCategories(array('post_type'=>'post')); 146 while ($categories->fetch()) { 147 $categories_combo[$categories->cat_id] = 148 str_repeat(' ',$categories->level-1). 149 ($categories->level-1 == 0 ? '' : '• '). 150 html::escapeHTML($categories->cat_title); 151 } 152 } catch (Exception $e) { } 153 154 # Status combo 155 foreach ($core->blog->getAllPostStatus() as $k => $v) { 156 $status_combo[$k] = $v; 157 } 158 159 # Formaters combo 160 foreach ($core->getFormaters() as $v) { 161 $formaters_combo[$v] = $v; 68 162 } 69 163 70 164 # Languages combo 71 165 $rs = $core->blog->getLangs(array('order'=>'asc')); 72 $lang_combo = dcAdminCombos::getLangsCombo($rs,true); 73 74 # Validation flag 75 $bad_dt = false; 76 77 # Trackbacks 78 $TB = new dcTrackback($core); 79 $tb_urls = $tb_excerpt = ''; 80 166 $all_langs = l10n::getISOcodes(0,1); 167 $lang_combo = array('' => '', __('Most used') => array(), __('Available') => l10n::getISOcodes(0,1)); 168 while ($rs->fetch()) { 169 if (isset($all_langs[$rs->post_lang])) { 170 $lang_combo[__('Most used')][$rs->post_lang] = $all_langs[$rs->post_lang]; 171 unset($lang_combo[__('Available')][$rs->post_lang]); 172 } else { 173 $lang_combo[__('Most used')][$rs->post_lang] = $all_langs[$rs->post_lang]; 174 } 175 } 176 unset($all_langs); 177 unset($rs); 178 179 $form = new dcForm($core,'post','post.php'); 180 $form 181 ->addField( 182 new dcFieldText('post_title','', array( 183 'maxlength' => 255, 184 'required' => true, 185 'label' => __('Title:')))) 186 ->addField( 187 new dcFieldTextArea('post_excerpt','', array( 188 'cols' => 50, 189 'rows' => 5, 190 'label' => __("Excerpt:").'<span class="form-note">'. 191 __('Add an introduction to the post.').'</span>'))) 192 ->addField( 193 new dcFieldTextArea('post_content','', array( 194 'required' => true, 195 'label' => __("Content:")))) 196 ->addField( 197 new dcFieldTextArea('post_notes','', array( 198 'label' => __("Notes")))) 199 ->addField( 200 new dcFieldSubmit('save',__('Save'),array( 201 'action' => array('PostActions','savePost')))) 202 ->addField( 203 new dcFieldSubmit('delete',__('Delete'),array( 204 'action' => array('PostActions','deletePost')))) 205 ->addField( 206 new dcFieldCombo('post_status',$core->auth->getInfo('user_post_status'),$status_combo,array( 207 'disabled' => !$can_publish, 208 'label' => __('Entry status')))) 209 ->addField( 210 new dcFieldCombo('cat_id','',$categories_combo,array( 211 "label" => __('Category')))) 212 ->addField( 213 new dcFieldCombo('new_cat_parent','',$categories_combo,array( 214 "label" => __('Parent:')))) 215 ->addField( 216 new dcFieldText('new_cat_title','', array( 217 'maxlength' => 255, 218 'label' => __('Title')))) 219 220 ->addField( 221 new dcFieldText('post_dt','',array( 222 "label" => __('Publication date and hour')))) 223 ->addField( 224 new dcFieldCombo('post_format',$core->auth->getOption('post_format'),$formaters_combo,array( 225 "label" => __('Text formating')))) 226 ->addField( 227 new dcFieldCheckbox ('post_open_comment',$core->blog->settings->system->allow_comments,array( 228 "label" => __('Accept comments')))) 229 ->addField( 230 new dcFieldCheckbox ('post_open_tb',$core->blog->settings->system->allow_trackbacks,array( 231 "label" => __('Accept trackbacks')))) 232 ->addField( 233 new dcFieldCheckbox ('post_selected',array(1=>false),array( 234 "label" => __('Selected entry')))) 235 ->addField( 236 new dcFieldCombo ('post_lang',$core->auth->getInfo('user_lang'),$lang_combo, array( 237 "label" => __('Entry lang:')))) 238 ->addField( 239 new dcFieldText('post_password','',array( 240 "maxlength" => 32, 241 "label" => __('Entry password:')))) 242 ->addField( 243 new dcFieldText('post_url','',array( 244 "maxlength" => 255, 245 "label" => __('Basename:')))) 246 ->addField( 247 new dcFieldHidden ('id','')) 248 ; 81 249 # Get entry informations 82 if (!empty($_REQUEST['id'])) { 83 $page_title = __('Edit entry'); 84 250 if (!empty($_REQUEST['id'])) 251 { 85 252 $params['post_id'] = $_REQUEST['id']; 86 253 87 254 $post = $core->blog->getPosts($params); 88 89 if ($post->isEmpty()) { 255 256 if ($post->isEmpty()) 257 { 90 258 $core->error->add(__('This entry does not exist.')); 91 259 $can_view_page = false; 92 } else {93 $post_id = $post->post_id;94 $cat_id = $post->cat_id;95 $ post_dt = date('Y-m-d H:i',strtotime($post->post_dt));96 $ post_format = $post->post_format;97 $ post_password = $post->post_password;98 $ post_url = $post->post_url;99 $ post_lang = $post->post_lang;100 $ post_title = $post->post_title;101 $ post_excerpt = $post->post_excerpt;102 $ post_excerpt_xhtml = $post->post_excerpt_xhtml;103 $ post_content = $post->post_content;104 $ post_content_xhtml = $post->post_content_xhtml;105 $ post_notes = $post->post_notes;106 $ post_status = $post->post_status;107 $ post_selected = (boolean) $post->post_selected;108 $ post_open_comment = (boolean) $post->post_open_comment;109 $ post_open_tb = (boolean) $post->post_open_tb;110 111 $ can_edit_post = $post->isEditable();112 $ can_delete= $post->isDeletable();113 260 } 261 else 262 { 263 $form->id = $post_id = $post->post_id; 264 $form->cat_id = $post->cat_id; 265 $form->post_dt = date('Y-m-d H:i',strtotime($post->post_dt)); 266 $form->post_format = $post->post_format; 267 $form->post_password = $post->post_password; 268 $form->post_url = $post->post_url; 269 $form->post_lang = $post->post_lang; 270 $form->post_title = $post->post_title; 271 $form->post_excerpt = $post->post_excerpt; 272 $form->post_excerpt_xhtml = $post->post_excerpt_xhtml; 273 $form->post_content = $post->post_content; 274 $form->post_content_xhtml = $post->post_content_xhtml; 275 $form->post_notes = $post->post_notes; 276 $form->post_status = $post->post_status; 277 $form->post_selected = (boolean) $post->post_selected; 278 $form->post_open_comment = (boolean) $post->post_open_comment; 279 $form->post_open_tb = (boolean) $post->post_open_tb; 280 $form->can_edit_post = $post->isEditable(); 281 $form->can_delete= $post->isDeletable(); 114 282 $next_rs = $core->blog->getNextPost($post,1); 115 283 $prev_rs = $core->blog->getNextPost($post,-1); 116 284 117 285 if ($next_rs !== null) { 118 $next_link = sprintf($post_link,$next_rs->post_id, 119 html::escapeHTML($next_rs->post_title),__('Next entry').' »'); 120 $next_headlink = sprintf($post_headlink,'next', 121 html::escapeHTML($next_rs->post_title),$next_rs->post_id); 122 } 123 286 $_ctx->next_post = array('id' => $next_rs->post_id,'title' => $next_rs->post_title); 287 } 124 288 if ($prev_rs !== null) { 125 $prev_link = sprintf($post_link,$prev_rs->post_id, 126 html::escapeHTML($prev_rs->post_title),'« '.__('Previous entry')); 127 $prev_headlink = sprintf($post_headlink,'previous', 128 html::escapeHTML($prev_rs->post_title),$prev_rs->post_id); 129 } 130 131 try { 132 $core->media = new dcMedia($core); 133 } catch (Exception $e) { 134 $core->error->add($e->getMessage()); 135 } 136 137 # Sanitize trackbacks excerpt 138 $tb_excerpt = empty($_POST['tb_excerpt']) ? 139 $post_excerpt_xhtml.' '.$post_content_xhtml : 140 $_POST['tb_excerpt']; 141 $tb_excerpt = html::decodeEntities(html::clean($tb_excerpt)); 142 $tb_excerpt = text::cutString(html::escapeHTML($tb_excerpt), 255); 143 $tb_excerpt = preg_replace('/\s+/ms', ' ', $tb_excerpt); 144 } 145 } 146 if (isset($_REQUEST['section']) && $_REQUEST['section']=='trackbacks') { 147 $anchor = 'trackbacks'; 148 } else { 149 $anchor = 'comments'; 150 } 151 152 $comments_actions_page = new dcCommentsActionsPage($core,$core->adminurl->get('admin.post'),array('id' => $post_id, '_ANCHOR'=>$anchor,'section' => $anchor)); 153 154 if ($comments_actions_page->process()) { 155 return; 156 } 157 158 # Ping blogs 159 if (!empty($_POST['ping'])) 160 { 161 if (!empty($_POST['tb_urls']) && $post_id && $post_status == 1 && $can_edit_post) 162 { 163 $tb_urls = $_POST['tb_urls']; 164 $tb_urls = str_replace("\r", '', $tb_urls); 165 $tb_post_title = html::escapeHTML(trim(html::clean($post_title))); 166 $tb_post_url = $post->getURL(); 167 168 foreach (explode("\n", $tb_urls) as $tb_url) 169 { 170 try { 171 $TB->ping($tb_url, $post_id, $tb_post_title, $tb_excerpt, $tb_post_url); 172 } catch (Exception $e) { 173 $core->error->add($e->getMessage()); 174 } 175 } 176 177 if (!$core->error->flag()) { 178 dcPage::addSuccessNotice(__('All pings sent.')); 179 $core->adminurl->redirect( 180 'admin.post', 181 array('id' => $post_id, 'tb'=> '1') 182 ); 183 } 184 } 185 } 186 187 # Format excerpt and content 188 elseif (!empty($_POST) && $can_edit_post) { 189 $post_format = $_POST['post_format']; 190 $post_excerpt = $_POST['post_excerpt']; 191 $post_content = $_POST['post_content']; 192 193 $post_title = $_POST['post_title']; 194 195 $cat_id = (integer) $_POST['cat_id']; 196 197 if (isset($_POST['post_status'])) { 198 $post_status = (integer) $_POST['post_status']; 199 } 200 201 if (empty($_POST['post_dt'])) { 202 $post_dt = ''; 203 } else { 204 try 205 { 206 $post_dt = strtotime($_POST['post_dt']); 207 if ($post_dt == false || $post_dt == -1) { 208 $bad_dt = true; 209 throw new Exception(__('Invalid publication date')); 210 } 211 $post_dt = date('Y-m-d H:i',$post_dt); 212 } 213 catch (Exception $e) 214 { 215 $core->error->add($e->getMessage()); 216 } 217 } 218 219 $post_open_comment = !empty($_POST['post_open_comment']); 220 $post_open_tb = !empty($_POST['post_open_tb']); 221 $post_selected = !empty($_POST['post_selected']); 222 $post_lang = $_POST['post_lang']; 223 $post_password = !empty($_POST['post_password']) ? $_POST['post_password'] : null; 224 225 $post_notes = $_POST['post_notes']; 226 227 if (isset($_POST['post_url'])) { 228 $post_url = $_POST['post_url']; 229 } 230 231 $core->blog->setPostContent( 232 $post_id,$post_format,$post_lang, 233 $post_excerpt,$post_excerpt_xhtml,$post_content,$post_content_xhtml 234 ); 235 } 236 237 # Delete post 238 if (!empty($_POST['delete']) && $can_delete) 239 { 240 try { 241 # --BEHAVIOR-- adminBeforePostDelete 242 $core->callBehavior('adminBeforePostDelete',$post_id); 243 $core->blog->delPost($post_id); 244 $core->adminurl->redirect("admin.posts"); 245 } catch (Exception $e) { 246 $core->error->add($e->getMessage()); 247 } 248 } 249 250 # Create or update post 251 if (!empty($_POST) && !empty($_POST['save']) && $can_edit_post && !$bad_dt) 252 { 253 # Create category 254 if (!empty($_POST['new_cat_title']) && $core->auth->check('categories', $core->blog->id)) { 255 256 $cur_cat = $core->con->openCursor($core->prefix.'category'); 257 $cur_cat->cat_title = $_POST['new_cat_title']; 258 $cur_cat->cat_url = ''; 259 260 $parent_cat = !empty($_POST['new_cat_parent']) ? $_POST['new_cat_parent'] : ''; 261 262 # --BEHAVIOR-- adminBeforeCategoryCreate 263 $core->callBehavior('adminBeforeCategoryCreate', $cur_cat); 264 265 $cat_id = $core->blog->addCategory($cur_cat, (integer) $parent_cat); 266 267 # --BEHAVIOR-- adminAfterCategoryCreate 268 $core->callBehavior('adminAfterCategoryCreate', $cur_cat, $cat_id); 269 } 270 271 $cur = $core->con->openCursor($core->prefix.'post'); 272 273 $cur->post_title = $post_title; 274 $cur->cat_id = ($cat_id ? $cat_id : null); 275 $cur->post_dt = $post_dt ? date('Y-m-d H:i:00',strtotime($post_dt)) : ''; 276 $cur->post_format = $post_format; 277 $cur->post_password = $post_password; 278 $cur->post_lang = $post_lang; 279 $cur->post_title = $post_title; 280 $cur->post_excerpt = $post_excerpt; 281 $cur->post_excerpt_xhtml = $post_excerpt_xhtml; 282 $cur->post_content = $post_content; 283 $cur->post_content_xhtml = $post_content_xhtml; 284 $cur->post_notes = $post_notes; 285 $cur->post_status = $post_status; 286 $cur->post_selected = (integer) $post_selected; 287 $cur->post_open_comment = (integer) $post_open_comment; 288 $cur->post_open_tb = (integer) $post_open_tb; 289 290 if (isset($_POST['post_url'])) { 291 $cur->post_url = $post_url; 292 } 293 294 # Update post 295 if ($post_id) { 296 try { 297 # --BEHAVIOR-- adminBeforePostUpdate 298 $core->callBehavior('adminBeforePostUpdate',$cur,$post_id); 299 300 $core->blog->updPost($post_id,$cur); 301 302 # --BEHAVIOR-- adminAfterPostUpdate 303 $core->callBehavior('adminAfterPostUpdate',$cur,$post_id); 304 dcPage::addSuccessNotice (sprintf(__('The post "%s" has been successfully updated'),html::escapeHTML($cur->post_title))); 305 $core->adminurl->redirect( 306 'admin.post', 307 array('id' => $post_id) 308 ); 309 } catch (Exception $e) { 310 $core->error->add($e->getMessage()); 311 } 312 } else { 313 $cur->user_id = $core->auth->userID(); 314 315 try { 316 # --BEHAVIOR-- adminBeforePostCreate 317 $core->callBehavior('adminBeforePostCreate',$cur); 318 319 $return_id = $core->blog->addPost($cur); 320 321 # --BEHAVIOR-- adminAfterPostCreate 322 $core->callBehavior('adminAfterPostCreate',$cur,$return_id); 323 324 dcPage::addSuccessNotice(__('Entry has been successfully created.')); 325 $core->adminurl->redirect( 326 'admin.post', 327 array('id' => $return_id) 328 ); 329 } catch (Exception $e) { 330 $core->error->add($e->getMessage()); 331 } 332 } 333 } 334 335 # Getting categories 336 $categories_combo = dcAdminCombos::getCategoriesCombo( 337 $core->blog->getCategories(array('post_type'=>'post')) 338 ); 289 $_ctx->prev_post = array('id' => $prev_rs->post_id,'title' => $prev_rs->post_title); 290 } 291 $page_title = __('Edit entry'); 292 293 } 294 } 295 if ($post_id) { 296 $_ctx->post_id = $post->post_id; 297 298 $_ctx->preview_url = 299 $core->blog->url.$core->url->getURLFor('preview',$core->auth->userID().'/'. 300 http::browserUID(DC_MASTER_KEY.$core->auth->userID().$core->auth->getInfo('user_pwd')). 301 '/'.$post->post_url); 302 303 304 $form_comment = new dcForm($core,'add-comment','comment.php'); 305 $form_comment 306 ->addField( 307 new dcFieldText('comment_author','', array( 308 'maxlength' => 255, 309 'required' => true, 310 'label' => __('Name:')))) 311 ->addField( 312 new dcFieldText('comment_email','', array( 313 'maxlength' => 255, 314 'required' => true, 315 'label' => __('Email:')))) 316 ->addField( 317 new dcFieldText('comment_site','', array( 318 'maxlength' => 255, 319 'label' => __('Web site:')))) 320 ->addField( 321 new dcFieldTextArea('comment_content','', array( 322 'required' => true, 323 'label' => __('Comment:')))) 324 ->addField( 325 new dcFieldHidden('post_id',$post_id)) 326 ->addField( 327 new dcFieldSubmit('add',__('Save'),array( 328 'action' => 'addComment'))) 329 ; 330 331 332 } 333 334 $form->setup(); 335 336 $sidebar_blocks = new ArrayObject(array( 337 'status-box' => array( 338 'title' => __('Status'), 339 'items' => array('post_status','post_dt','post_lang','post_format')), 340 'metas-box' => array( 341 'title' => __('Ordering'), 342 'items' => array('post_selected','cat_id')), 343 'options-box' => array( 344 'title' => __('Options'), 345 'items' => array('post_open_comment','post_open_tb','post_password','post_url')) 346 )); 347 348 $main_blocks = new ArrayObject(array( 349 "post_title","post_excerpt","post_content","post_notes" 350 )); 351 352 353 $_ctx->sidebar_blocks = $sidebar_blocks; 354 $_ctx->main_blocks = $main_blocks; 355 339 356 /* DISPLAY 340 357 -------------------------------------------------------- */ … … 346 363 $default_tab = 'comments'; 347 364 } 348 elseif (!empty($_GET['tb'])) { 349 $default_tab = 'trackbacks'; 350 } 351 352 if ($post_id) { 353 switch ($post_status) { 354 case 1: 355 $img_status = sprintf($img_status_pattern,__('Published'),'check-on.png'); 356 break; 357 case 0: 358 $img_status = sprintf($img_status_pattern,__('Unpublished'),'check-off.png'); 359 break; 360 case -1: 361 $img_status = sprintf($img_status_pattern,__('Scheduled'),'scheduled.png'); 362 break; 363 case -2: 364 $img_status = sprintf($img_status_pattern,__('Pending'),'check-wrn.png'); 365 break; 366 default: 367 $img_status = ''; 368 } 369 $edit_entry_str = __('“%s”'); 370 $page_title_edit = sprintf($edit_entry_str, html::escapeHTML($post_title)).' '.$img_status; 371 } else { 372 $img_status = ''; 373 } 374 375 376 $admin_post_behavior = ''; 377 if ($post_editor) { 378 $p_edit = $c_edit = ''; 379 if (!empty($post_editor[$post_format])) { 380 $p_edit = $post_editor[$post_format]; 381 } 382 if (!empty($post_editor['xhtml'])) { 383 $c_edit = $post_editor['xhtml']; 384 } 385 if ($p_edit == $c_edit) { 386 $admin_post_behavior .= $core->callBehavior('adminPostEditor', 387 $p_edit,'post',array('#post_excerpt','#post_content','#comment_content')); 388 } else { 389 $admin_post_behavior .= $core->callBehavior('adminPostEditor', 390 $p_edit,'post',array('#post_excerpt','#post_content')); 391 $admin_post_behavior .= $core->callBehavior('adminPostEditor', 392 $c_edit,'comment',array('#comment_content')); 393 } 394 } 395 396 dcPage::open($page_title.' - '.__('Entries'), 397 dcPage::jsDatePicker(). 398 dcPage::jsModal(). 399 dcPage::jsMetaEditor(). 400 $admin_post_behavior. 401 dcPage::jsLoad('js/_post.js'). 402 dcPage::jsConfirmClose('entry-form','comment-form'). 403 # --BEHAVIOR-- adminPostHeaders 404 $core->callBehavior('adminPostHeaders'). 405 dcPage::jsPageTabs($default_tab). 406 $next_headlink."\n".$prev_headlink, 407 dcPage::breadcrumb( 365 $page_title_edit = __('Edit entry'); 366 $_ctx 367 ->setBreadCrumb( 408 368 array( 409 369 html::escapeHTML($core->blog->name) => '', 410 __('Entries') => $core->adminurl->get("admin.posts"),370 __('Entries') => 'posts.php', 411 371 ($post_id ? $page_title_edit : $page_title) => '' 412 )) 413 , array( 414 'x-frame-allow' => $core->blog->url 415 ) 416 ); 372 )) 373 ->default_tab = $default_tab; 374 $_ctx->post_status = $form->post_status; 375 $_ctx->post_title = $form->post_title; 376 if ($form->post_status == 1) { 377 $_ctx->post_url = $post->getURL(); 378 } 417 379 418 380 if (!empty($_GET['upd'])) { 419 dcPage::success(__('Entry has been successfully updated.'));381 $_ctx->setAlert(__('Entry has been successfully updated.')); 420 382 } 421 383 elseif (!empty($_GET['crea'])) { 422 dcPage::success(__('Entry has been successfully created.'));384 $_ctx->setAlert(__('Entry has been successfully created.')); 423 385 } 424 386 elseif (!empty($_GET['attached'])) { 425 dcPage::success(__('File has been successfully attached.'));387 $_ctx->setAlert(__('File has been successfully attached.')); 426 388 } 427 389 elseif (!empty($_GET['rmattach'])) { 428 dcPage::success(__('Attachment has been successfully removed.')); 429 } 430 390 $_ctx->setAlert(__('Attachment has been successfully removed.')); 391 } 431 392 if (!empty($_GET['creaco'])) { 432 dcPage::success(__('Comment has been successfully created.')); 433 } 434 if (!empty($_GET['tbsent'])) { 435 dcPage::success(__('All pings sent.')); 436 } 437 438 # XHTML conversion 439 if (!empty($_GET['xconv'])) 440 { 441 $post_excerpt = $post_excerpt_xhtml; 442 $post_content = $post_content_xhtml; 443 $post_format = 'xhtml'; 444 445 dcPage::message(__('Don\'t forget to validate your XHTML conversion by saving your post.')); 446 } 447 448 if ($post_id && $post->post_status == 1) { 449 echo '<p><a class="onblog_link outgoing" href="'.$post->getURL().'" title="'.$post_title.'">'.__('Go to this entry on the site').' <img src="images/outgoing-blue.png" alt="" /></a></p>'; 450 } 451 if ($post_id) 452 { 453 echo '<p class="nav_prevnext">'; 454 if ($prev_link) { echo $prev_link; } 455 if ($next_link && $prev_link) { echo ' | '; } 456 if ($next_link) { echo $next_link; } 457 458 # --BEHAVIOR-- adminPostNavLinks 459 $core->callBehavior('adminPostNavLinks',isset($post) ? $post : null); 460 461 echo '</p>'; 462 } 463 464 # Exit if we cannot view page 465 if (!$can_view_page) { 466 dcPage::helpBlock('core_post'); 467 dcPage::close(); 468 exit; 469 } 470 /* Post form if we can edit post 471 -------------------------------------------------------- */ 472 if ($can_edit_post) { 473 $sidebar_items = new ArrayObject(array( 474 'status-box' => array( 475 'title' => __('Status'), 476 'items' => array( 477 'post_status' => 478 '<p class="entry-status"><label for="post_status">'.__('Entry status').' '.$img_status.'</label>'. 479 form::combo('post_status',$status_combo,$post_status,'maximal','',!$can_publish). 480 '</p>', 481 'post_dt' => 482 '<p><label for="post_dt">'.__('Publication date and hour').'</label>'. 483 form::field('post_dt',16,16,$post_dt,($bad_dt ? 'invalid' : '')). 484 '</p>', 485 'post_lang' => 486 '<p><label for="post_lang">'.__('Entry language').'</label>'. 487 form::combo('post_lang',$lang_combo,$post_lang). 488 '</p>', 489 'post_format' => 490 '<div>'. 491 '<h5 id="label_format"><label for="post_format" class="classic">'.__('Text formatting').'</label></h5>'. 492 '<p>'.form::combo('post_format',$available_formats,$post_format,'maximal').'</p>'. 493 '<p class="format_control control_no_xhtml">'. 494 '<a id="convert-xhtml" class="button'.($post_id && $post_format != 'wiki' ? ' hide' : '').'" href="'. 495 $core->adminurl->get('admin.post',array('id'=> $post_id,'xconv'=> '1')). 496 '">'. 497 __('Convert to XHTML').'</a></p></div>')), 498 'metas-box' => array( 499 'title' => __('Filing'), 500 'items' => array( 501 'post_selected' => 502 '<p><label for="post_selected" class="classic">'. 503 form::checkbox('post_selected',1,$post_selected).' '. 504 __('Selected entry').'</label></p>', 505 'cat_id' => 506 '<div>'. 507 '<h5 id="label_cat_id">'.__('Category').'</h5>'. 508 '<p><label for="cat_id">'.__('Category:').'</label>'. 509 form::combo('cat_id',$categories_combo,$cat_id,'maximal'). 510 '</p>'. 511 ($core->auth->check('categories', $core->blog->id) ? 512 '<div>'. 513 '<h5 id="create_cat">'.__('Add a new category').'</h5>'. 514 '<p><label for="new_cat_title">'.__('Title:').' '. 515 form::field('new_cat_title',30,255,'','maximal').'</label></p>'. 516 '<p><label for="new_cat_parent">'.__('Parent:').' '. 517 form::combo('new_cat_parent',$categories_combo,'','maximal'). 518 '</label></p>'. 519 '</div>' 520 : ''). 521 '</div>')), 522 'options-box' => array( 523 'title' => __('Options'), 524 'items' => array( 525 'post_open_comment_tb' => 526 '<div>'. 527 '<h5 id="label_comment_tb">'.__('Comments and trackbacks list').'</h5>'. 528 '<p><label for="post_open_comment" class="classic">'. 529 form::checkbox('post_open_comment',1,$post_open_comment).' '. 530 __('Accept comments').'</label></p>'. 531 ($core->blog->settings->system->allow_comments ? 532 (isContributionAllowed($post_id,strtotime($post_dt),true) ? 533 '' : 534 '<p class="form-note warn">'. 535 __('Warning: Comments are not more accepted for this entry.').'</p>') : 536 '<p class="form-note warn">'. 537 __('Comments are not accepted on this blog so far.').'</p>'). 538 '<p><label for="post_open_tb" class="classic">'. 539 form::checkbox('post_open_tb',1,$post_open_tb).' '. 540 __('Accept trackbacks').'</label></p>'. 541 ($core->blog->settings->system->allow_trackbacks ? 542 (isContributionAllowed($post_id,strtotime($post_dt),false) ? 543 '' : 544 '<p class="form-note warn">'. 545 __('Warning: Trackbacks are not more accepted for this entry.').'</p>') : 546 '<p class="form-note warn">'.__('Trackbacks are not accepted on this blog so far.').'</p>'). 547 '</div>', 548 'post_password' => 549 '<p><label for="post_password">'.__('Password').'</label>'. 550 form::field('post_password',10,32,html::escapeHTML($post_password),'maximal'). 551 '</p>', 552 'post_url' => 553 '<div class="lockable">'. 554 '<p><label for="post_url">'.__('Edit basename').'</label>'. 555 form::field('post_url',10,255,html::escapeHTML($post_url),'maximal'). 556 '</p>'. 557 '<p class="form-note warn">'. 558 __('Warning: If you set the URL manually, it may conflict with another entry.'). 559 '</p></div>' 560 )))); 561 562 $main_items = new ArrayObject(array( 563 "post_title" => 564 '<p class="col">'. 565 '<label class="required no-margin bold" for="post_title"><abbr title="'.__('Required field').'">*</abbr> '.__('Title:').'</label>'. 566 form::field('post_title',20,255,html::escapeHTML($post_title),'maximal'). 567 '</p>', 568 569 "post_excerpt" => 570 '<p class="area" id="excerpt-area"><label for="post_excerpt" class="bold">'.__('Excerpt:').' <span class="form-note">'. 571 __('Introduction to the post.').'</span></label> '. 572 form::textarea('post_excerpt',50,5,html::escapeHTML($post_excerpt)). 573 '</p>', 574 575 "post_content" => 576 '<p class="area" id="content-area"><label class="required bold" '. 577 'for="post_content"><abbr title="'.__('Required field').'">*</abbr> '.__('Content:').'</label> '. 578 form::textarea('post_content',50,$core->auth->getOption('edit_size'),html::escapeHTML($post_content)). 579 '</p>', 580 581 "post_notes" => 582 '<p class="area" id="notes-area"><label for="post_notes" class="bold">'.__('Personal notes:').' <span class="form-note">'. 583 __('Unpublished notes.').'</span></label>'. 584 form::textarea('post_notes',50,5,html::escapeHTML($post_notes)). 585 '</p>' 586 ) 587 ); 588 589 # --BEHAVIOR-- adminPostFormItems 590 $core->callBehavior('adminPostFormItems',$main_items,$sidebar_items, isset($post) ? $post : null); 591 592 echo '<div class="multi-part" title="'.($post_id ? __('Edit entry') : __('New entry')).'" id="edit-entry">'; 593 echo '<form action="'.$core->adminurl->get('admin.post').'" method="post" id="entry-form">'; 594 echo '<div id="entry-wrapper">'; 595 echo '<div id="entry-content"><div class="constrained">'; 596 597 echo '<h3 class="out-of-screen-if-js">'.__('Edit post').'</h3>'; 598 599 foreach ($main_items as $id => $item) { 600 echo $item; 601 } 602 603 # --BEHAVIOR-- adminPostForm (may be deprecated) 604 $core->callBehavior('adminPostForm',isset($post) ? $post : null); 605 606 echo 607 '<p class="border-top">'. 608 ($post_id ? form::hidden('id',$post_id) : ''). 609 '<input type="submit" value="'.__('Save').' (s)" '. 610 'accesskey="s" name="save" /> '; 611 if ($post_id) { 612 $preview_url = 613 $core->blog->url.$core->url->getURLFor('preview',$core->auth->userID().'/'. 614 http::browserUID(DC_MASTER_KEY.$core->auth->userID().$core->auth->getInfo('user_pwd')). 615 '/'.$post->post_url); 616 echo '<a id="post-preview" href="'.$preview_url.'" class="button modal" accesskey="p">'.__('Preview').' (p)'.'</a> '; 617 } else { 618 echo 619 '<a id="post-cancel" href="'.$core->adminurl->get("admin.home").'" class="button" accesskey="c">'.__('Cancel').' (c)</a>'; 620 } 621 622 echo 623 ($can_delete ? '<input type="submit" class="delete" value="'.__('Delete').'" name="delete" />' : ''). 624 $core->formNonce(). 625 '</p>'; 626 627 echo '</div></div>'; // End #entry-content 628 echo '</div>'; // End #entry-wrapper 629 630 echo '<div id="entry-sidebar" role="complementary">'; 631 632 foreach ($sidebar_items as $id => $c) { 633 echo '<div id="'.$id.'" class="sb-box">'. 634 '<h4>'.$c['title'].'</h4>'; 635 foreach ($c['items'] as $e_name=>$e_content) { 636 echo $e_content; 637 } 638 echo '</div>'; 639 } 640 641 642 # --BEHAVIOR-- adminPostFormSidebar (may be deprecated) 643 $core->callBehavior('adminPostFormSidebar',isset($post) ? $post : null); 644 echo '</div>'; // End #entry-sidebar 645 646 echo '</form>'; 647 648 # --BEHAVIOR-- adminPostForm 649 $core->callBehavior('adminPostAfterForm',isset($post) ? $post : null); 650 651 echo '</div>'; 652 } 653 654 if ($post_id) 655 { 656 /* Comments 657 -------------------------------------------------------- */ 658 659 $params = array('post_id' => $post_id, 'order' => 'comment_dt ASC'); 660 661 $comments = $core->blog->getComments(array_merge($params,array('comment_trackback'=>0))); 662 663 echo 664 '<div id="comments" class="clear multi-part" title="'.__('Comments').'">'; 665 $combo_action = $comments_actions_page->getCombo(); 666 $has_action = !empty($combo_action) && !$comments->isEmpty(); 667 echo 668 '<p class="top-add"><a class="button add" href="#comment-form">'.__('Add a comment').'</a></p>'; 669 670 if ($has_action) { 671 echo '<form action="'.$core->adminurl->get('admin.post').'" id="form-comments" method="post">'; 672 } 673 674 echo '<h3>'.__('Comments').'</h3>'; 675 if (!$comments->isEmpty()) { 676 showComments($comments,$has_action); 677 } else { 678 echo '<p>'.__('No comments').'</p>'; 679 } 680 681 if ($has_action) { 682 echo 683 '<div class="two-cols">'. 684 '<p class="col checkboxes-helpers"></p>'. 685 686 '<p class="col right"><label for="action" class="classic">'.__('Selected comments action:').'</label> '. 687 form::combo('action',$combo_action). 688 form::hidden(array('section'),'comments'). 689 form::hidden(array('id'),$post_id). 690 $core->formNonce(). 691 '<input type="submit" value="'.__('ok').'" /></p>'. 692 '</div>'. 693 '</form>'; 694 } 695 /* Add a comment 696 -------------------------------------------------------- */ 697 698 echo 699 '<div class="fieldset clear">'. 700 '<h3>'.__('Add a comment').'</h3>'. 701 702 '<form action="'.$core->adminurl->get("admin.comment").'" method="post" id="comment-form">'. 703 '<div class="constrained">'. 704 '<p><label for="comment_author" class="required"><abbr title="'.__('Required field').'">*</abbr> '.__('Name:').'</label>'. 705 form::field('comment_author',30,255,html::escapeHTML($core->auth->getInfo('user_cn'))). 706 '</p>'. 707 708 '<p><label for="comment_email">'.__('Email:').'</label>'. 709 form::field('comment_email',30,255,html::escapeHTML($core->auth->getInfo('user_email'))). 710 '</p>'. 711 712 '<p><label for="comment_site">'.__('Web site:').'</label>'. 713 form::field('comment_site',30,255,html::escapeHTML($core->auth->getInfo('user_url'))). 714 '</p>'. 715 716 '<p class="area"><label for="comment_content" class="required"><abbr title="'.__('Required field').'">*</abbr> '. 717 __('Comment:').'</label> '. 718 form::textarea('comment_content',50,8,html::escapeHTML('')). 719 '</p>'. 720 721 '<p>'. 722 form::hidden('post_id',$post_id). 723 $core->formNonce(). 724 '<input type="submit" name="add" value="'.__('Save').'" /></p>'. 725 '</div>'. #constrained 726 727 '</form>'. 728 '</div>'. #add comment 729 '</div>'; #comments 730 } 731 732 if ($post_id && $post_status == 1) 733 { 734 /* Trackbacks 735 -------------------------------------------------------- */ 736 737 $params = array('post_id' => $post_id, 'order' => 'comment_dt ASC'); 738 $trackbacks = $core->blog->getComments(array_merge($params, array('comment_trackback' => 1))); 739 740 # Actions combo box 741 $combo_action = $comments_actions_page->getCombo(); 742 $has_action = !empty($combo_action) && !$trackbacks->isEmpty(); 743 744 if (!empty($_GET['tb_auto'])) { 745 $tb_urls = implode("\n", $TB->discover($post_excerpt_xhtml.' '.$post_content_xhtml)); 746 } 747 748 # Display tab 749 echo 750 '<div id="trackbacks" class="clear multi-part" title="'.__('Trackbacks').'">'; 751 752 # tracbacks actions 753 if ($has_action) { 754 echo '<form action="'.$core->adminurl->get("admin.post").'" id="form-trackbacks" method="post">'; 755 } 756 757 echo '<h3>'.__('Trackbacks received').'</h3>'; 758 759 if (!$trackbacks->isEmpty()) { 760 showComments($trackbacks, $has_action, true); 761 } else { 762 echo '<p>'.__('No trackback').'</p>'; 763 } 764 765 if ($has_action) { 766 echo 767 '<div class="two-cols">'. 768 '<p class="col checkboxes-helpers"></p>'. 769 770 '<p class="col right"><label for="action" class="classic">'.__('Selected trackbacks action:').'</label> '. 771 form::combo('action', $combo_action). 772 form::hidden('id',$post_id). 773 form::hidden(array('section'),'trackbacks'). 774 $core->formNonce(). 775 '<input type="submit" value="'.__('ok').'" /></p>'. 776 '</div>'. 777 '</form>'; 778 } 779 780 /* Add trackbacks 781 -------------------------------------------------------- */ 782 if ($can_edit_post && $post->post_status) { 783 echo 784 '<div class="fieldset clear">'; 785 786 echo 787 '<h3>'.__('Ping blogs').'</h3>'. 788 '<form action="'.$core->adminurl->get("admin.post",array('id' => $post_id)).'" id="trackback-form" method="post">'. 789 '<p><label for="tb_urls" class="area">'.__('URLs to ping:').'</label>'. 790 form::textarea('tb_urls', 60, 5, $tb_urls). 791 '</p>'. 792 793 '<p><label for="tb_excerpt" class="area">'.__('Excerpt to send:').'</label>'. 794 form::textarea('tb_excerpt', 60, 5, $tb_excerpt).'</p>'. 795 796 '<p>'. 797 $core->formNonce(). 798 '<input type="submit" name="ping" value="'.__('Ping blogs').'" />'. 799 (empty($_GET['tb_auto']) ? 800 ' <a class="button" href="'. 801 $core->adminurl->get("admin.post",array('id'=> $post_id,'tb_auto' => 1,'tb' => 1)). 802 '">'.__('Auto discover ping URLs').'</a>' 803 : ''). 804 '</p>'. 805 '</form>'; 806 807 $pings = $TB->getPostPings($post_id); 808 809 if (!$pings->isEmpty()) 810 { 811 echo '<h3>'.__('Previously sent pings').'</h3>'; 812 813 echo '<ul class="nice">'; 814 while ($pings->fetch()) { 815 echo 816 '<li>'.dt::dt2str(__('%Y-%m-%d %H:%M'), $pings->ping_dt).' - '. 817 $pings->ping_url.'</li>'; 818 } 819 echo '</ul>'; 820 } 821 822 echo '</div>'; 823 } 824 825 echo '</div>'; #trackbacks 826 } 827 828 # Controls comments or trakbacks capabilities 829 function isContributionAllowed($id,$dt,$com=true) 830 { 831 global $core; 832 833 if (!$id) { 834 return true; 835 } 836 if ($com) { 837 if (($core->blog->settings->system->comments_ttl == 0) || 838 (time() - $core->blog->settings->system->comments_ttl*86400 < $dt)) { 839 return true; 840 } 841 } else { 842 if (($core->blog->settings->system->trackbacks_ttl == 0) || 843 (time() - $core->blog->settings->system->trackbacks_ttl*86400 < $dt)) { 844 return true; 845 } 846 } 847 return false; 848 } 849 850 # Show comments or trackbacks 851 function showComments($rs,$has_action,$tb=false) 852 { 853 global $core; 854 echo 855 '<div class="table-outer">'. 856 '<table class="comments-list"><tr>'. 857 '<th colspan="2" class="first">'.__('Author').'</th>'. 858 '<th>'.__('Date').'</th>'. 859 '<th class="nowrap">'.__('IP address').'</th>'. 860 '<th>'.__('Status').'</th>'. 861 '<th>'.__('Edit').'</th>'. 862 '</tr>'; 863 $comments = array(); 864 if (isset($_REQUEST['comments'])) { 865 foreach ($_REQUEST['comments'] as $v) { 866 $comments[(integer)$v]=true; 867 } 868 } 869 870 while($rs->fetch()) 871 { 872 $comment_url = $core->adminurl->get("admin.comment",array('id' => $rs->comment_id)); 873 874 $img = '<img alt="%1$s" title="%1$s" src="images/%2$s" />'; 875 switch ($rs->comment_status) { 876 case 1: 877 $img_status = sprintf($img,__('Published'),'check-on.png'); 878 break; 879 case 0: 880 $img_status = sprintf($img,__('Unpublished'),'check-off.png'); 881 break; 882 case -1: 883 $img_status = sprintf($img,__('Pending'),'check-wrn.png'); 884 break; 885 case -2: 886 $img_status = sprintf($img,__('Junk'),'junk.png'); 887 break; 888 } 889 890 echo 891 '<tr class="line'.($rs->comment_status != 1 ? ' offline' : '').'"'. 892 ' id="c'.$rs->comment_id.'">'. 893 894 '<td class="nowrap">'. 895 ($has_action ? form::checkbox(array('comments[]'),$rs->comment_id,isset($comments[$rs->comment_id]),'','',0,'title="'.($tb ? __('select this trackback') : __('select this comment')).'"') : '').'</td>'. 896 '<td class="maximal">'.html::escapeHTML($rs->comment_author).'</td>'. 897 '<td class="nowrap">'.dt::dt2str(__('%Y-%m-%d %H:%M'),$rs->comment_dt).'</td>'. 898 '<td class="nowrap"><a href="'.$core->adminurl->get("admin.comments",array('ip' => $rs->comment_ip)).'">'.$rs->comment_ip.'</a></td>'. 899 '<td class="nowrap status">'.$img_status.'</td>'. 900 '<td class="nowrap status"><a href="'.$comment_url.'">'. 901 '<img src="images/edit-mini.png" alt="" title="'.__('Edit this comment').'" /> '.__('Edit').'</a></td>'. 902 903 '</tr>'; 904 } 905 906 echo '</table></div>'; 907 } 908 909 dcPage::helpBlock('core_post','core_trackbacks','core_wiki'); 910 dcPage::close(); 393 $_ctx->setAlert(__('Comment has been successfully created.')); 394 } 395 396 $core->tpl->display('post.html.twig'); 397 ?> -
admin/posts.php
r2720 r2911 4 4 # This file is part of Dotclear 2. 5 5 # 6 # Copyright (c) 2003-201 3Olivier Meunier & Association Dotclear6 # Copyright (c) 2003-2011 Olivier Meunier & Association Dotclear 7 7 # Licensed under the GPL version 2.0 license. 8 8 # See LICENSE file or … … 12 12 13 13 require dirname(__FILE__).'/../inc/admin/prepend.php'; 14 14 global $_ctx; 15 15 dcPage::check('usage,contentadmin'); 16 16 … … 47 47 { 48 48 # Filter form we'll put in html_block 49 $users_combo = array_merge( 50 array('-' => ''), 51 dcAdminCombos::getUsersCombo($users) 49 $users_combo = $categories_combo = array(); 50 while ($users->fetch()) 51 { 52 $user_cn = dcUtils::getUserCN($users->user_id,$users->user_name, 53 $users->user_firstname,$users->user_displayname); 54 55 if ($user_cn != $users->user_id) { 56 $user_cn .= ' ('.$users->user_id.')'; 57 } 58 59 $users_combo[$user_cn] = $users->user_id; 60 } 61 62 63 # Getting categories 64 $categories_combo = array(); 65 try { 66 $categories = $core->blog->getCategories(array('post_type'=>'post')); 67 while ($categories->fetch()) { 68 $categories_combo[$categories->cat_id] = 69 str_repeat(' ',$categories->level-1). 70 ($categories->level-1 == 0 ? '' : '• '). 71 html::escapeHTML($categories->cat_title); 72 } 73 } catch (Exception $e) { } 74 $status_combo = array( 52 75 ); 76 foreach ($core->blog->getAllPostStatus() as $k => $v) { 77 $status_combo[(string) $k] = (string)$v; 78 } 79 80 $selected_combo = array( 81 '1' => __('is selected'), 82 '0' => __('is not selected') 83 ); 84 85 # Months array 86 while ($dates->fetch()) { 87 $dt_m_combo[$dates->year().$dates->month()] = dt::str('%B %Y',$dates->ts()); 88 } 89 90 while ($langs->fetch()) { 91 $lang_combo[$langs->post_lang] = $langs->post_lang; 92 } 93 } 94 $form = new dcForm($core,'post','post.php'); 53 95 54 $categories_combo = array_merge( 55 array( 56 new formSelectOption('-',''), 57 new formSelectOption(__('(No cat)'),'NULL')), 58 dcAdminCombos::getCategoriesCombo($categories,false) 96 97 # Actions combo box 98 $combo_action = array(); 99 if ($core->auth->check('publish,contentadmin',$core->blog->id)) 100 { 101 $combo_action[__('Status')] = array( 102 __('Publish') => 'publish', 103 __('Unpublish') => 'unpublish', 104 __('Schedule') => 'schedule', 105 __('Mark as pending') => 'pending' 59 106 ); 60 $categories_values = array(); 61 foreach ($categories_combo as $cat) { 62 if (isset($cat->value)) { 63 $categories_values[$cat->value]=true; 64 } 107 } 108 $combo_action[__('Mark')] = array( 109 __('Mark as selected') => 'selected', 110 __('Mark as unselected') => 'unselected' 111 ); 112 $combo_action[__('Change')] = array( 113 __('Change category') => 'category', 114 __('Change language') => 'lang'); 115 if ($core->auth->check('admin',$core->blog->id)) 116 { 117 $combo_action[__('Change')] = array_merge($combo_action[__('Change')], 118 array(__('Change author') => 'author')); 119 } 120 if ($core->auth->check('delete,contentadmin',$core->blog->id)) 121 { 122 $combo_action[__('Delete')] = array(__('Delete') => 'delete'); 123 } 124 125 # --BEHAVIOR-- adminPostsActionsCombo 126 $core->callBehavior('adminPostsActionsCombo',array(&$combo_action)); 127 128 129 130 class monthdcFilterCombo extends dcFilterCombo { 131 public function applyFilter($params) { 132 $month=$this->avalues['values'][0]; 133 $params['post_month'] = substr($month,4,2); 134 $params['post_year'] = substr($month,0,4); 135 } 136 } 137 138 class PostsFetcher extends dcListFetcher { 139 140 public function getEntries($params,$offset,$limit) { 141 $params['limit'] = array($offset,$limit); 142 return $this->core->blog->getPosts($params); 65 143 } 66 144 67 $status_combo = array_merge( 68 array('-' => ''), 69 dcAdminCombos::getPostStatusesCombo() 70 ); 71 72 $selected_combo = array( 73 '-' => '', 74 __('Selected') => '1', 75 __('Not selected') => '0' 76 ); 77 78 $attachment_combo = array( 79 '-' => '', 80 __('With attachments') => '1', 81 __('Without attachments') => '0' 82 ); 83 84 # Months array 85 $dt_m_combo = array_merge( 86 array('-' => ''), 87 dcAdminCombos::getDatesCombo($dates) 88 ); 89 90 $lang_combo = array_merge( 91 array('-' => ''), 92 dcAdminCombos::getLangsCombo($langs,false) 93 ); 94 95 $sortby_combo = array( 96 __('Date') => 'post_dt', 97 __('Title') => 'post_title', 98 __('Category') => 'cat_title', 99 __('Author') => 'user_id', 100 __('Status') => 'post_status', 101 __('Selected') => 'post_selected', 102 __('Number of comments') => 'nb_comment', 103 __('Number of trackbacks') => 'nb_trackback' 104 ); 105 106 $order_combo = array( 107 __('Descending') => 'desc', 108 __('Ascending') => 'asc' 109 ); 110 } 111 112 # Actions combo box 113 114 $posts_actions_page = new dcPostsActionsPage($core,$core->adminurl->get("admin.posts")); 115 116 if ($posts_actions_page->process()) { 117 return; 118 } 119 120 /* Get posts 121 -------------------------------------------------------- */ 122 $user_id = !empty($_GET['user_id']) ? $_GET['user_id'] : ''; 123 $cat_id = !empty($_GET['cat_id']) ? $_GET['cat_id'] : ''; 124 $status = isset($_GET['status']) ? $_GET['status'] : ''; 125 $selected = isset($_GET['selected']) ? $_GET['selected'] : ''; 126 $attachment = isset($_GET['attachment']) ? $_GET['attachment'] : ''; 127 $month = !empty($_GET['month']) ? $_GET['month'] : ''; 128 $lang = !empty($_GET['lang']) ? $_GET['lang'] : ''; 129 $sortby = !empty($_GET['sortby']) ? $_GET['sortby'] : 'post_dt'; 130 $order = !empty($_GET['order']) ? $_GET['order'] : 'desc'; 131 132 $show_filters = false; 133 134 $page = !empty($_GET['page']) ? max(1,(integer) $_GET['page']) : 1; 135 $nb_per_page = 30; 136 137 if (!empty($_GET['nb']) && (integer) $_GET['nb'] > 0) { 138 if ($nb_per_page != $_GET['nb']) { 139 $show_filters = true; 145 public function getEntriesCount($params) { 146 $count = $this->core->blog->getPosts($params,true); 147 return $count->f(0); 140 148 } 141 $nb_per_page = (integer) $_GET['nb'];142 }143 144 $params['limit'] = array((($page-1)*$nb_per_page),$nb_per_page);145 $params['no_content'] = true;146 147 # - User filter148 if ($user_id !== '' && in_array($user_id,$users_combo)) {149 $params['user_id'] = $user_id;150 $show_filters = true;151 } else {152 $user_id='';153 }154 155 # - Categories filter156 if ($cat_id !== '' && isset($categories_values[$cat_id])) {157 $params['cat_id'] = $cat_id;158 $show_filters = true;159 } else {160 $cat_id='';161 }162 163 # - Status filter164 if ($status !== '' && in_array($status,$status_combo)) {165 $params['post_status'] = $status;166 $show_filters = true;167 } else {168 $status='';169 }170 171 # - Selected filter172 if ($selected !== '' && in_array($selected,$selected_combo)) {173 $params['post_selected'] = $selected;174 $show_filters = true;175 } else {176 $selected='';177 }178 179 # - Selected filter180 if ($attachment !== '' && in_array($attachment,$attachment_combo)) {181 $params['media'] = $attachment;182 $params['link_type'] = 'attachment';183 $show_filters = true;184 } else {185 $attachment='';186 }187 188 # - Month filter189 if ($month !== '' && in_array($month,$dt_m_combo)) {190 $params['post_month'] = substr($month,4,2);191 $params['post_year'] = substr($month,0,4);192 $show_filters = true;193 } else {194 $month='';195 }196 197 # - Lang filter198 if ($lang !== '' && in_array($lang,$lang_combo)) {199 $params['post_lang'] = $lang;200 $show_filters = true;201 } else {202 $lang='';203 }204 205 # - Sortby and order filter206 if ($sortby !== '' && in_array($sortby,$sortby_combo)) {207 if ($order !== '' && in_array($order,$order_combo)) {208 $params['order'] = $sortby.' '.$order;209 } else {210 $order='desc';211 }212 213 if ($sortby != 'post_dt' || $order != 'desc') {214 $show_filters = true;215 }216 } else {217 $sortby='post_dt';218 $order='desc';219 }220 221 # Get posts222 try {223 $posts = $core->blog->getPosts($params);224 $counter = $core->blog->getPosts($params,true);225 $post_list = new adminPostList($core,$posts,$counter->f(0));226 } catch (Exception $e) {227 $core->error->add($e->getMessage());228 149 } 229 150 230 151 /* DISPLAY 231 152 -------------------------------------------------------- */ 153 $filterSet = new dcFilterSet($core,'fposts','posts.php'); 232 154 233 $form_filter_title = __('Show filters and display options'); 234 $starting_script = dcPage::jsLoad('js/_posts_list.js'); 235 $starting_script .= dcPage::jsLoad('js/filter-controls.js'); 236 $starting_script .= 237 '<script type="text/javascript">'."\n". 238 "//<![CDATA["."\n". 239 dcPage::jsVar('dotclear.msg.show_filters', $show_filters ? 'true':'false')."\n". 240 dcPage::jsVar('dotclear.msg.filter_posts_list',$form_filter_title)."\n". 241 dcPage::jsVar('dotclear.msg.cancel_the_filter',__('Cancel filters and display options'))."\n". 242 "//]]>". 243 "</script>"; 155 $filterSet 156 ->addFilter(new dcFilterRichCombo( 157 'users',__('Author'), __('Author'), 'user_id', $users_combo,array( 158 'multiple' => true))) 159 ->addFilter(new dcFilterRichCombo( 160 'category',__('Category'), __('Category'), 'cat_id', $categories_combo,array( 161 'multiple' => true))) 162 ->addFilter(new dcFilterRichCombo( 163 'post_status',__('Status'), __('Status'), 'post_status', $status_combo)) 164 ->addFilter(new dcFilterRichCombo( 165 'lang',__('Lang'), __('Lang'), 'post_lang', $lang_combo)) 166 ->addFilter(new dcFilterCombo( 167 'selected',__('Selected'), __('The post : '),'post_selected', $selected_combo)) 168 ->addFilter(new monthdcFilterCombo( 169 'month',__('Month'),__('Month'), 'post_month', $dt_m_combo,array('singleval' => 1))) 170 ->addFilter(new dcFilterText( 171 'search',__('Contains'),__('The entry contains'), 'search',20,255)); 244 172 245 dcPage::open(__('Entries'),$starting_script,246 dcPage::breadcrumb(247 array(248 html::escapeHTML($core->blog->name) => '',249 __('Entries') => ''250 ))251 );252 if (!empty($_GET['upd'])) {253 dcPage::success(__('Selected entries have been successfully updated.'));254 } elseif (!empty($_GET['del'])) {255 dcPage::success(__('Selected entries have been successfully deleted.'));256 }257 if (!$core->error->flag())258 {259 echo260 '<p class="top-add"><a class="button add" href="'.$core->adminurl->get("admin.post").'">'.__('New entry').'</a></p>'.261 '<form action="'.$core->adminurl->get("admin.posts").'" method="get" id="filters-form">'.262 '<h3 class="out-of-screen-if-js">'.$form_filter_title.'</h3>'.263 173 264 '<div class="table">'. 265 '<div class="cell">'. 266 '<h4>'.__('Filters').'</h4>'. 267 '<p><label for="user_id" class="ib">'.__('Author:').'</label> '. 268 form::combo('user_id',$users_combo,$user_id).'</p>'. 269 '<p><label for="cat_id" class="ib">'.__('Category:').'</label> '. 270 form::combo('cat_id',$categories_combo,$cat_id).'</p>'. 271 '<p><label for="status" class="ib">'.__('Status:').'</label> ' . 272 form::combo('status',$status_combo,$status).'</p> '. 273 '</div>'. 174 $lfetcher = new PostsFetcher($core); 175 $lposts = new dcItemList ($core,array('lposts','form-entries'),$lfetcher,'posts_actions.php'); 176 $lposts->setFilterSet($filterSet); 177 $lposts->addTemplate('posts_cols.html.twig'); 274 178 275 '<div class="cell filters-sibling-cell">'. 276 '<p><label for="selected" class="ib">'.__('Selected:').'</label> '. 277 form::combo('selected',$selected_combo,$selected).'</p>'. 278 '<p><label for="attachment" class="ib">'.__('Attachments:').'</label> '. 279 form::combo('attachment',$attachment_combo,$attachment).'</p>'. 280 '<p><label for="month" class="ib">'.__('Month:').'</label> '. 281 form::combo('month',$dt_m_combo,$month).'</p>'. 282 '<p><label for="lang" class="ib">'.__('Lang:').'</label> '. 283 form::combo('lang',$lang_combo,$lang).'</p> '. 284 '</div>'. 179 $lposts 180 ->addColumn(new dcColumn('title',__('Title'),'post_title')) 181 ->addColumn(new dcColumn('cat',__('Category'),'cat_title')) 182 ->addColumn(new dcColumn('date',__('Date'),'post_date')) 183 ->addColumn(new dcColumn('datetime',__('Date and Time'),'post_dt')) 184 ->addColumn(new dcColumn('author',__('Author'),'user_id')) 185 ->addColumn(new dcColumn('status',__('Status'),'post_status')); 285 186 286 '<div class="cell filters-options">'.287 '<h4>'.__('Display options').'</h4>'.288 '<p><label for="sortby" class="ib">'.__('Order by:').'</label> '.289 form::combo('sortby',$sortby_combo,$sortby).'</p>'.290 '<p><label for="order" class="ib">'.__('Sort:').'</label> '.291 form::combo('order',$order_combo,$order).'</p>'.292 '<p><span class="label ib">'.__('Show').'</span> <label for="nb" class="classic">'.293 form::field('nb',3,3,$nb_per_page).' '.294 __('entries per page').'</label></p>'.295 '</div>'.296 '</div>'.297 187 298 '<p><input type="submit" value="'.__('Apply filters and display options').'" />'. 299 '<br class="clear" /></p>'. //Opera sucks 300 '</form>'; 188 $lposts->setup(); 301 189 302 # Show posts 303 $post_list->display($page,$nb_per_page, 304 '<form action="'.$core->adminurl->get("admin.posts").'" method="post" id="form-entries">'. 190 $_ctx 191 ->setBreadCrumb(array(__('Entries') => 'posts.php')); 305 192 306 '%s'.307 193 308 '<div class="two-cols">'. 309 '<p class="col checkboxes-helpers"></p>'. 194 $core->tpl->display('posts.html.twig'); 310 195 311 '<p class="col right"><label for="action" class="classic">'.__('Selected entries action:').'</label> '.312 form::combo('action',$posts_actions_page->getCombo()).313 '<input type="submit" value="'.__('ok').'" /></p>'.314 form::hidden(array('user_id'),$user_id).315 form::hidden(array('cat_id'),$cat_id).316 form::hidden(array('status'),$status).317 form::hidden(array('selected'),$selected).318 form::hidden(array('attachment'),$attachment).319 form::hidden(array('month'),$month).320 form::hidden(array('lang'),$lang).321 form::hidden(array('sortby'),$sortby).322 form::hidden(array('order'),$order).323 form::hidden(array('page'),$page).324 form::hidden(array('nb'),$nb_per_page).325 $core->formNonce().326 '</div>'.327 '</form>',328 $show_filters329 );330 }331 196 332 dcPage::helpBlock('core_posts'); 333 dcPage::close(); 197 ?> -
inc/admin/class.dc.menu.php
r2566 r2593 4 4 # This file is part of Dotclear 2. 5 5 # 6 # Copyright (c) 2003-201 3Olivier Meunier & Association Dotclear6 # Copyright (c) 2003-2011 Olivier Meunier & Association Dotclear 7 7 # Licensed under the GPL version 2.0 license. 8 8 # See LICENSE file or … … 14 14 class dcMenu 15 15 { 16 private $items; 16 17 private $id; 17 18 public $title; 18 19 public function __construct($id,$title,$itemSpace='') 19 public $separator; 20 21 public function __construct($id,$title,$separator='') 20 22 { 21 23 $this->id = $id; 22 24 $this->title = $title; 23 $this-> itemSpace = $itemSpace;25 $this->separator = $separator; 24 26 $this->items = array(); 25 27 } 26 28 29 public function getID() 30 { 31 return $this->id; 32 } 33 34 public function getTitle() 35 { 36 return $this->title; 37 } 38 39 public function getSeparator() 40 { 41 return $this->separator; 42 } 43 44 public function getItems() 45 { 46 return $this->items; 47 } 48 27 49 public function addItem($title,$url,$img,$active,$show=true,$id=null,$class=null) 28 50 { … … 31 53 } 32 54 } 33 55 34 56 public function prependItem($title,$url,$img,$active,$show=true,$id=null,$class=null) 35 57 { … … 38 60 } 39 61 } 40 41 public function draw() 42 { 43 if (count($this->items) == 0) { 44 return ''; 45 } 46 47 $res = 48 '<div id="'.$this->id.'">'. 49 ($this->title ? '<h3>'.$this->title.'</h3>' : ''). 50 '<ul>'."\n"; 51 52 for ($i=0; $i<count($this->items); $i++) 53 { 54 if ($i+1 < count($this->items) && $this->itemSpace != '') { 55 $res .= preg_replace('|</li>$|',$this->itemSpace.'</li>',$this->items[$i]); 56 $res .= "\n"; 57 } else { 58 $res .= $this->items[$i]."\n"; 59 } 60 } 61 62 $res .= '</ul></div>'."\n"; 63 64 return $res; 65 } 66 62 67 63 protected function itemDef($title,$url,$img,$active,$id=null,$class=null) 68 64 { … … 74 70 $ahtml = ''; 75 71 } 76 77 $img = dc_admin_icon_url($img); 78 72 73 return array( 74 'title' => $title, 75 'link' => $link, 76 'ahtml' => $ahtml, 77 'img' => dc_admin_icon_url($img), 78 'active' => (boolean) $active, 79 'id' => $id, 80 'class' => $class 81 ); 82 } 83 84 /** 85 @deprecated Use Template engine instead 86 */ 87 public function draw() 88 { 89 if (count($this->items) == 0) { 90 return ''; 91 } 92 93 $res = 94 '<div id="'.$this->id.'">'. 95 ($this->title ? '<h3>'.$this->title.'</h3>' : ''). 96 '<ul>'."\n"; 97 98 for ($i=0; $i<count($this->items); $i++) 99 { 100 if ($i+1 < count($this->items) && $this->separator != '') { 101 $res .= preg_replace('|</li>$|',$this->separator.'</li>',$this->drawItem($this->items[$i])); 102 $res .= "\n"; 103 } else { 104 $res .= $this->drawItem($this->items[$i])."\n"; 105 } 106 } 107 108 $res .= '</ul></div>'."\n"; 109 110 return $res; 111 } 112 113 /** 114 @deprecated Use Template engine instead 115 */ 116 protected function drawItem($item) 117 { 79 118 return 80 '<li'.(($ active || $class) ? ' class="'.(($active) ? 'active ' : '').(($class) ? $class: '').'"' : '').81 (($i d) ? ' id="'.$id.'"' : '').82 (($i mg) ? ' style="background-image: url('.$img.');"' : '').119 '<li'.(($item['active'] || $item['class']) ? ' class="'.(($item['active']) ? 'active ' : '').(($item['class']) ? $item['class'] : '').'"' : ''). 120 (($item['id']) ? ' id="'.$item['id'].'"' : ''). 121 (($item['img']) ? ' style="background-image: url('.$item['img'].');"' : ''). 83 122 '>'. 84 85 '<a href="'.$ link.'"'.$ahtml.'>'.$title.'</a></li>'."\n";123 124 '<a href="'.$item['link'].'"'.$item['ahtml'].'>'.$item['title'].'</a></li>'."\n"; 86 125 } 87 126 } 127 ?> -
inc/admin/lib.dc.page.php
r2909 r2911 19 19 private static $xframe_loaded = false; 20 20 private static $N_TYPES = array( 21 "success" => "success", 22 "warning" => "warning-msg", 23 "error" => "error", 24 "message" => "message", 21 "success" => "success", 22 "warning" => "warning-msg", 23 "error" => "error", 24 "message" => "message", 25 25 "static" => "static-msg"); 26 26 … … 109 109 110 110 self::jsLoadIE7(). 111 ' <link rel="stylesheet" href="style/default.css" type="text/css" media="screen" />'."\n";111 ' <link rel="stylesheet" href="style/default.css" type="text/css" media="screen" />'."\n"; 112 112 if (l10n::getTextDirection($GLOBALS['_lang']) == 'rtl') { 113 113 echo 114 ' <link rel="stylesheet" href="style/default-rtl.css" type="text/css" media="screen" />'."\n";114 ' <link rel="stylesheet" href="style/default-rtl.css" type="text/css" media="screen" />'."\n"; 115 115 } 116 116 … … 118 118 $user_ui_hide_std_favicon = $core->auth->user_prefs->interface->hide_std_favicon; 119 119 if (!$user_ui_hide_std_favicon) { 120 echo 120 echo 121 121 '<link rel="icon" type="image/png" href="images/favicon96-login.png" />'. 122 122 '<link rel="shortcut icon" href="images/favicon.ico" type="image/x-icon" />'; 123 123 } 124 124 125 echo 125 126 self::jsCommon(). … … 217 218 $notifications = array(); 218 219 } 219 220 220 221 $n = array_merge($options,array('class' => $class,'ts' => time(), 'text' => $message)); 221 222 if ($type != "static") { … … 339 340 340 341 self::jsLoadIE7(). 341 ' <link rel="stylesheet" href="style/default.css" type="text/css" media="screen" />'."\n";342 ' <link rel="stylesheet" href="style/default.css" type="text/css" media="screen" />'."\n"; 342 343 if (l10n::getTextDirection($GLOBALS['_lang']) == 'rtl') { 343 344 echo 344 ' <link rel="stylesheet" href="style/default-rtl.css" type="text/css" media="screen" />'."\n";345 ' <link rel="stylesheet" href="style/default-rtl.css" type="text/css" media="screen" />'."\n"; 345 346 } 346 347 … … 580 581 "</script>\n"; 581 582 } 582 583 583 584 public static function jsCommon() 584 585 { … … 606 607 'jsToolBar = {}, jsToolBar.prototype = { elements : {} };'."\n". 607 608 self::jsVar('dotclear.nonce',$GLOBALS['core']->getNonce()). 609 608 610 self::jsVar('dotclear.img_plus_src','images/expand.png'). 609 611 self::jsVar('dotclear.img_plus_alt',__('uncover')). … … 725 727 self::jsVar('dotclear.msg.module_tags', 726 728 __('Tags:')). 727 729 "\n//]]>\n". 728 730 "</script>\n"; 729 731 } … … 787 789 public static function jsModal() 788 790 { 789 790 791 792 793 794 795 796 797 791 return 792 '<link rel="stylesheet" type="text/css" href="style/modal/modal.css" />'."\n". 793 self::jsLoad('js/jquery/jquery.modal.js'). 794 '<script type="text/javascript">'."\n". 795 "//<![CDATA[\n". 796 self::jsVar('$.modal.prototype.params.loader_img','style/modal/loader.gif'). 797 self::jsVar('$.modal.prototype.params.close_img','style/modal/close.png'). 798 "\n//]]>\n". 799 "</script>\n"; 798 800 } 799 801 800 802 public static function jsColorPicker() 801 803 { 802 803 804 805 804 return 805 '<link rel="stylesheet" type="text/css" href="style/farbtastic/farbtastic.css" />'."\n". 806 self::jsLoad('js/jquery/jquery.farbtastic.js'). 807 self::jsLoad('js/color-picker.js'); 806 808 } 807 809 808 810 public static function jsDatePicker() 809 811 { 810 811 812 813 814 815 816 817 818 819 820 821 822 823 824 825 826 827 828 829 830 831 832 833 834 835 836 837 812 return 813 '<link rel="stylesheet" type="text/css" href="style/date-picker.css" />'."\n". 814 self::jsLoad('js/date-picker.js'). 815 '<script type="text/javascript">'."\n". 816 "//<![CDATA[\n". 817 818 "datePicker.prototype.months[0] = '".html::escapeJS(__('January'))."'; ". 819 "datePicker.prototype.months[1] = '".html::escapeJS(__('February'))."'; ". 820 "datePicker.prototype.months[2] = '".html::escapeJS(__('March'))."'; ". 821 "datePicker.prototype.months[3] = '".html::escapeJS(__('April'))."'; ". 822 "datePicker.prototype.months[4] = '".html::escapeJS(__('May'))."'; ". 823 "datePicker.prototype.months[5] = '".html::escapeJS(__('June'))."'; ". 824 "datePicker.prototype.months[6] = '".html::escapeJS(__('July'))."'; ". 825 "datePicker.prototype.months[7] = '".html::escapeJS(__('August'))."'; ". 826 "datePicker.prototype.months[8] = '".html::escapeJS(__('September'))."'; ". 827 "datePicker.prototype.months[9] = '".html::escapeJS(__('October'))."'; ". 828 "datePicker.prototype.months[10] = '".html::escapeJS(__('November'))."'; ". 829 "datePicker.prototype.months[11] = '".html::escapeJS(__('December'))."'; ". 830 831 "datePicker.prototype.days[0] = '".html::escapeJS(__('Monday'))."'; ". 832 "datePicker.prototype.days[1] = '".html::escapeJS(__('Tuesday'))."'; ". 833 "datePicker.prototype.days[2] = '".html::escapeJS(__('Wednesday'))."'; ". 834 "datePicker.prototype.days[3] = '".html::escapeJS(__('Thursday'))."'; ". 835 "datePicker.prototype.days[4] = '".html::escapeJS(__('Friday'))."'; ". 836 "datePicker.prototype.days[5] = '".html::escapeJS(__('Saturday'))."'; ". 837 "datePicker.prototype.days[6] = '".html::escapeJS(__('Sunday'))."'; ". 838 839 "datePicker.prototype.img_src = 'images/date-picker.png'; ". 838 840 "datePicker.prototype.img_alt = '".html::escapeJS(__('Choose date'))."'; ". 839 841 840 841 842 843 844 845 } 846 847 842 "datePicker.prototype.close_msg = '".html::escapeJS(__('close'))."'; ". 843 "datePicker.prototype.now_msg = '".html::escapeJS(__('now'))."'; ". 844 845 "\n//]]>\n". 846 "</script>\n"; 847 } 848 849 848 850 public static function jsToolBar() 849 851 { … … 853 855 public static function jsUpload($params=array(),$base_url=null) 854 856 { 855 856 857 858 859 860 861 862 857 if (!$base_url) { 858 $base_url = path::clean(dirname(preg_replace('/(\?.*$)?/','',$_SERVER['REQUEST_URI']))).'/'; 859 } 860 861 $params = array_merge($params,array( 862 'sess_id='.session_id(), 863 'sess_uid='.$_SESSION['sess_browser_uid'], 864 'xd_check='.$GLOBALS['core']->getNonce() 863 865 )); 864 866 865 866 867 868 869 870 871 872 873 874 875 876 877 878 879 880 881 867 return 868 '<script type="text/javascript">'."\n". 869 "//<![CDATA[\n". 870 "dotclear.jsUpload = {};\n". 871 "dotclear.jsUpload.msg = {};\n". 872 self::jsVar('dotclear.msg.enhanced_uploader_activate',__('Temporarily activate enhanced uploader')). 873 self::jsVar('dotclear.msg.enhanced_uploader_disable',__('Temporarily disable enhanced uploader')). 874 self::jsVar('dotclear.jsUpload.msg.limit_exceeded',__('Limit exceeded.')). 875 self::jsVar('dotclear.jsUpload.msg.size_limit_exceeded',__('File size exceeds allowed limit.')). 876 self::jsVar('dotclear.jsUpload.msg.canceled',__('Canceled.')). 877 self::jsVar('dotclear.jsUpload.msg.http_error',__('HTTP Error:')). 878 self::jsVar('dotclear.jsUpload.msg.error',__('Error:')). 879 self::jsVar('dotclear.jsUpload.msg.choose_file',__('Choose file')). 880 self::jsVar('dotclear.jsUpload.msg.choose_files',__('Choose files')). 881 self::jsVar('dotclear.jsUpload.msg.cancel',__('Cancel')). 882 self::jsVar('dotclear.jsUpload.msg.clean',__('Clean')). 883 self::jsVar('dotclear.jsUpload.msg.upload',__('Upload')). 882 884 self::jsVar('dotclear.jsUpload.msg.send',__('Send')). 883 885 self::jsVar('dotclear.jsUpload.msg.file_successfully_uploaded',__('File successfully uploaded.')). 884 885 886 887 888 889 886 self::jsVar('dotclear.jsUpload.msg.no_file_in_queue',__('No file in queue.')). 887 self::jsVar('dotclear.jsUpload.msg.file_in_queue',__('1 file in queue.')). 888 self::jsVar('dotclear.jsUpload.msg.files_in_queue',__('%d files in queue.')). 889 self::jsVar('dotclear.jsUpload.msg.queue_error',__('Queue error:')). 890 self::jsVar('dotclear.jsUpload.base_url',$base_url). 891 "\n//]]>\n". 890 892 "</script>\n". 891 893 … … 904 906 public static function jsToolMan() 905 907 { 906 907 908 909 910 911 912 913 908 return 909 '<script type="text/javascript" src="js/tool-man/core.js"></script>'. 910 '<script type="text/javascript" src="js/tool-man/events.js"></script>'. 911 '<script type="text/javascript" src="js/tool-man/css.js"></script>'. 912 '<script type="text/javascript" src="js/tool-man/coordinates.js"></script>'. 913 '<script type="text/javascript" src="js/tool-man/drag.js"></script>'. 914 '<script type="text/javascript" src="js/tool-man/dragsort.js"></script>'. 915 '<script type="text/javascript" src="js/dragsort-tablerows.js"></script>'; 914 916 } 915 917 916 918 public static function jsMetaEditor() 917 919 { 918 919 920 return 921 '<script type="text/javascript" src="js/meta-editor.js"></script>'; 920 922 } 921 923 -
inc/admin/prepend.php
r2815 r2911 24 24 function dc_load_locales() { 25 25 global $_lang, $core; 26 26 27 27 $_lang = $core->auth->getInfo('user_lang'); 28 28 $_lang = preg_match('/^[a-z]{2}(-[a-z]{2})?$/',$_lang) ? $_lang : 'en'; 29 29 30 30 l10n::lang($_lang); 31 31 if (l10n::set(dirname(__FILE__).'/../../locales/'.$_lang.'/date') === false && $_lang != 'en') { … … 40 40 { 41 41 global $core; 42 42 43 43 $core->auth->user_prefs->addWorkspace('interface'); 44 44 $user_ui_iconset = @$core->auth->user_prefs->interface->iconset; 45 45 if (($user_ui_iconset) && ($img)) { 46 46 $icon = false; 47 if ((preg_match('/^images\/menu\/(.+)$/',$img,$m)) || 47 if ((preg_match('/^images\/menu\/(.+)$/',$img,$m)) || 48 48 (preg_match('/^index\.php\?pf=(.+)$/',$img,$m))) { 49 49 if ($m[1]) { … … 73 73 # We have session information in constants 74 74 $_COOKIE[DC_SESSION_NAME] = DC_AUTH_SESS_ID; 75 75 76 76 if (!$core->auth->checkSession(DC_AUTH_SESS_UID)) { 77 77 throw new Exception('Invalid session data.'); 78 78 } 79 79 80 80 # Check nonce from POST requests 81 81 if (!empty($_POST)) … … 85 85 } 86 86 } 87 87 88 88 if (empty($_SESSION['sess_blog_id'])) { 89 89 throw new Exception('Permission denied.'); 90 90 } 91 91 92 92 # Loading locales 93 93 dc_load_locales(); 94 94 95 95 $core->setBlog($_SESSION['sess_blog_id']); 96 96 if (!$core->blog->id) { … … 108 108 $p[3] = '/'; 109 109 call_user_func_array('setcookie',$p); 110 110 111 111 http::redirect('auth.php'); 112 112 } … … 116 116 ,20); 117 117 } 118 118 119 119 # Check nonce from POST requests 120 120 if (!empty($_POST)) … … 127 127 } 128 128 } 129 129 130 130 if (!empty($_REQUEST['switchblog']) 131 131 && $core->auth->getPermissions($_REQUEST['switchblog']) !== false) … … 138 138 unset($_SESSION['media_manager_page']); 139 139 } 140 140 141 141 # Removing switchblog from URL 142 142 $redir = $_SERVER['REQUEST_URI']; … … 146 146 exit; 147 147 } 148 148 149 149 # Check blog to use and log out if no result 150 150 if (isset($_SESSION['sess_blog_id'])) … … 161 161 } 162 162 } 163 163 164 164 # Loading locales 165 165 dc_load_locales(); 166 166 167 167 if (isset($_SESSION['sess_blog_id'])) { 168 168 $core->setBlog($_SESSION['sess_blog_id']); … … 214 214 } 215 215 unset($f); 216 216 217 217 if (($hfiles = @scandir($locales_root.$_lang.'/help')) !== false) 218 218 { … … 232 232 $core->favs = new dcFavorites($core); 233 233 234 234 235 # [] : Title, URL, small icon, large icon, permissions, id, class 235 236 # NB : '*' in permissions means any, null means super admin only 236 237 237 238 # Menus creation 238 239 $_menu = new ArrayObject(); … … 253 254 254 255 # Set menu titles 255 256 256 257 $_menu['System']->title = __('System settings'); 257 258 $_menu['Blog']->title = __('Blog'); … … 274 275 addMenuItem('Blog',__('New entry'),'admin.post','images/menu/edit.png', 275 276 $core->auth->check('usage,contentadmin',$core->blog->id)); 276 277 277 278 addMenuItem('System',__('Update'),'admin.update','images/menu/update.png', 278 279 $core->auth->isSuperAdmin() && is_readable(DC_DIGESTS)); … … 292 293 } 293 294 295 # Add admin default templates path 296 $core->tpl->getLoader()->addPath(dirname(__FILE__).'/default-templates'); 297 # Set admin context 298 $_ctx = new dcAdminContext($core); 299 $core->tpl->addExtension($_ctx); 300 301 # --BEHAVIOR-- adminPrepend 302 $core->callBehavior('adminPrepend',$core,$_ctx); 303 ?> -
inc/core/class.dc.blog.php
r2800 r2911 877 877 878 878 if (!empty($params['user_id'])) { 879 $strReq .= "AND U.user_id = '".$this->con->escape($params['user_id'])."' "; 879 $not=""; 880 if (!empty($params['user_id_not'])) { 881 $not=" not"; 882 } 883 $strReq .= "AND U.user_id ".$not.$this->con->in($params['user_id'])." "; 880 884 } 881 885 … … 978 982 979 983 if (!$count_only && !empty($params['limit'])) { 980 $strReq .= $this->con->limit($params['limit']);981 }984 $strReq .= $this->con->limit($params['limit']); 985 } 982 986 983 987 if (!empty($params['sql_only'])) { … … 2218 2222 'UPDATE '.$this->prefix.'comment '. 2219 2223 'SET comment_status = '.$status.' '; 2220 $strReq .=2224 $strReq .= 2221 2225 'WHERE comment_id'.$this->con->in($co_ids). 2222 2226 'AND post_id in (SELECT tp.post_id '. … … 2275 2279 } 2276 2280 2277 $strReq =2281 $strReq = 2278 2282 'DELETE FROM '.$this->prefix.'comment '. 2279 2283 'WHERE comment_id'.$this->con->in($co_ids).' '. … … 2299 2303 } 2300 2304 2301 $strReq =2305 $strReq = 2302 2306 'DELETE FROM '.$this->prefix.'comment '. 2303 2307 'WHERE comment_status = -2 '. -
inc/core/class.dc.core.php
r2753 r2911 39 39 public $rest; ///< <b>dcRestServer</b> dcRestServer object 40 40 public $log; ///< <b>dcLog</b> dcLog object 41 public $tpl; ///< <b>Twig_Environment</b> Twig_Environment object 41 42 public $stime; ///< <b>float</b> starting time 42 43 43 44 private $versions = null; 44 45 private $formaters = array(); 45 46 private $behaviors = array(); 46 47 private $post_types = array(); 47 48 48 49 /** 49 50 dcCore constructor inits everything related to Dotclear. It takes arguments 50 51 to init database connection. 51 52 52 53 @param driver <b>string</b> Database driver name 53 54 @param host <b>string</b> Database hostname … … 67 68 68 69 $this->con = dbLayer::init($driver,$host,$db,$user,$password,$persist); 69 70 70 71 # define weak_locks for mysql 71 72 if ($this->con instanceof mysqlConnection) { … … 74 75 mysqliConnection::$weak_locks = true; 75 76 } 76 77 77 78 # define searchpath for postgresql 78 79 if ($this->con instanceof pgsqlConnection) … … 86 87 } 87 88 } 88 89 89 90 $this->prefix = $prefix; 90 91 91 92 $this->error = new dcError(); 92 93 $this->auth = $this->authInstance(); 93 94 $this->session = new sessionDB($this->con,$this->prefix.'session',DC_SESSION_NAME,'',null,DC_ADMIN_SSL); 94 95 $this->url = new dcUrlHandlers(); 95 96 96 97 $this->plugins = new dcPlugins($this); 97 98 98 99 $this->rest = new dcRestServer($this); 99 100 100 101 $this->meta = new dcMeta($this); 101 102 102 103 $this->log = new dcLog($this); 103 104 } 104 105 105 106 private function authInstance() 106 107 { … … 112 113 $c = DC_AUTH_CLASS; 113 114 } 114 115 115 116 if (!class_exists($c)) { 116 117 throw new Exception('Authentication class '.$c.' does not exist.'); 117 118 } 118 119 119 120 if ($c != 'dcAuth' && !is_subclass_of($c,'dcAuth')) { 120 121 throw new Exception('Authentication class '.$c.' does not inherit dcAuth.'); 121 122 } 122 123 123 124 return new $c($this); 124 125 } 125 126 126 127 /** 128 Create template environment (Twig_Environment instance) 129 130 default-templates path must be added from admin|public/prepend.php with: 131 $core->tpl->getLoader()->addPath('PATH_TO/default-templates'); 132 Selected theme path must be added with: 133 $core->tpl->getLoader()->prependPath('PATH_TO/MY_THEME'); 134 */ 135 public function loadTemplateEnvironment() 136 { 137 $cache_dir = path::real(DC_TPL_CACHE.'/twtpl',false); 138 if (!is_dir($cache_dir)) { 139 try { 140 files::makeDir($cache_dir); 141 } catch (Exception $e) { 142 $cache_dir = false; 143 } 144 } 145 146 $this->tpl = new Twig_Environment( 147 new Twig_Loader_Filesystem(dirname(__FILE__).'/../swf'), 148 array( 149 'auto_reload' => true, 150 'autoescape' => false, 151 'base_template_class' => 'Twig_Template', 152 'cache' => $cache_dir, 153 'charset' => 'UTF-8', 154 'debug' => DC_DEBUG, 155 'optimizations' => -1, 156 'strict_variables' => 0 //DC_DEBUG // Please fix undefined variables! 157 ) 158 ); 159 $this->tpl->addExtension(new dcFormExtension($this)); 160 $this->tpl->addExtension(new dcTabExtension($this)); 161 } 162 127 163 /// @name Blog init methods 128 164 //@{ 129 165 /** 130 166 Sets a blog to use in <var>blog</var> property. 131 167 132 168 @param id <b>string</b> Blog ID 133 169 */ … … 136 172 $this->blog = new dcBlog($this, $id); 137 173 } 138 174 139 175 /** 140 176 Unsets <var>blog</var> property. … … 145 181 } 146 182 //@} 147 148 183 184 149 185 /// @name Blog status methods 150 186 //@{ 151 187 /** 152 188 Returns an array of available blog status codes and names. 153 189 154 190 @return <b>array</b> Simple array with codes in keys and names in value 155 191 */ … … 162 198 ); 163 199 } 164 200 165 201 /** 166 202 Returns a blog status name given to a code. This is intended to be 167 203 human-readable and will be translated, so never use it for tests. 168 204 If status code does not exist, returns <i>offline</i>. 169 205 170 206 @param s <b>integer</b> Status code 171 207 @return <b>string</b> Blog status name … … 180 216 } 181 217 //@} 182 218 183 219 /// @name Admin nonce secret methods 184 220 //@{ 185 221 186 222 public function getNonce() 187 223 { 188 224 return crypt::hmac(DC_MASTER_KEY,session_id()); 189 225 } 190 226 191 227 public function checkNonce($secret) 192 228 { … … 194 230 return false; 195 231 } 196 232 197 233 return $secret == crypt::hmac(DC_MASTER_KEY,session_id()); 198 234 } 199 235 200 236 public function formNonce() 201 237 { … … 203 239 return; 204 240 } 205 241 206 242 return form::hidden(array('xd_check'),$this->getNonce()); 207 243 } 208 244 //@} 209 245 210 246 /// @name Text Formatters methods 211 247 //@{ … … 225 261 } 226 262 } 227 263 228 264 /// @name Text Formatters methods 229 265 //@{ … … 232 268 transform text. The function must be a valid callback and takes one 233 269 argument: the string to transform. It returns the transformed string. 234 270 235 271 @param name <b>string</b> Formater name 236 272 @param func <b>callback</b> Function to use, must be a valid and callable callback … … 256 292 return $editors; 257 293 } 258 294 259 295 /** 260 296 Returns formaters list by editor 261 297 262 298 @param editor_id <b>string</b> Editor id (dcLegacyEditor, dcCKEditor, ...) 263 299 @return <b>array</b> An array of formaters names in values. … … 288 324 return $formaters_list; 289 325 } 290 326 291 327 /** 292 328 If <var>$name</var> is a valid formater, it returns <var>$str</var> 293 329 transformed using that formater. 294 330 295 331 @param editor_id <b>string</b> Editor id (dcLegacyEditor, dcCKEditor, ...) 296 332 @param name <b>string</b> Formater name … … 303 339 return call_user_func($this->formaters[$editor_id][$name],$str); 304 340 } 305 341 306 342 return $str; 307 343 } 308 344 //@} 309 345 310 346 /** 311 347 If <var>$name</var> is a valid formater, it returns <var>$str</var> … … 322 358 //@} 323 359 324 360 325 361 /// @name Behaviors methods 326 362 //@{ … … 328 364 Adds a new behavior to behaviors stack. <var>$func</var> must be a valid 329 365 and callable callback. 330 366 331 367 @param behavior <b>string</b> Behavior name 332 368 @param func <b>callback</b> Function to call … … 338 374 } 339 375 } 340 376 341 377 /** 342 378 Tests if a particular behavior exists in behaviors stack. 343 379 344 380 @param behavior <b>string</b> Behavior name 345 381 @return <b>boolean</b> … … 349 385 return isset($this->behaviors[$behavior]); 350 386 } 351 387 352 388 /** 353 389 Get behaviors stack (or part of). 354 390 355 391 @param behavior <b>string</b> Behavior name 356 392 @return <b>array</b> … … 359 395 { 360 396 if (empty($this->behaviors)) return null; 361 397 362 398 if ($behavior == '') { 363 399 return $this->behaviors; … … 365 401 return $this->behaviors[$behavior]; 366 402 } 367 403 368 404 return array(); 369 405 } 370 406 371 407 /** 372 408 Calls every function in behaviors stack for a given behavior and returns 373 409 concatened result of each function. 374 410 375 411 Every parameters added after <var>$behavior</var> will be pass to 376 412 behavior calls. 377 413 378 414 @param behavior <b>string</b> Behavior name 379 415 @return <b>string</b> Behavior concatened result … … 385 421 $args = func_get_args(); 386 422 array_shift($args); 387 423 388 424 $res = ''; 389 425 390 426 foreach ($this->behaviors[$behavior] as $f) { 391 427 $res .= call_user_func_array($f,$args); 392 428 } 393 429 394 430 return $res; 395 431 } 396 432 } 397 433 //@} 398 434 399 435 /// @name Post types URLs management 400 436 //@{ … … 404 440 $type = 'post'; 405 441 } 406 442 407 443 $url = sprintf($this->post_types[$type]['admin_url'],$post_id); 408 444 return $escaped ? html::escapeURL($url) : $url; 409 445 } 410 446 411 447 public function getPostPublicURL($type,$post_url,$escaped=true) 412 448 { … … 414 450 $type = 'post'; 415 451 } 416 452 417 453 $url = sprintf($this->post_types[$type]['public_url'],$post_url); 418 454 return $escaped ? html::escapeURL($url) : $url; 419 455 } 420 456 421 457 public function setPostType($type,$admin_url,$public_url,$label='') 422 458 { … … 427 463 ); 428 464 } 429 465 430 466 public function getPostTypes() 431 467 { … … 433 469 } 434 470 //@} 435 471 436 472 /// @name Versions management methods 437 473 //@{ 438 474 /** 439 475 Returns a given $module version. 440 476 441 477 @param module <b>string</b> Module name 442 478 @return <b>string</b> Module version … … 449 485 $strReq = 'SELECT module, version FROM '.$this->prefix.'version'; 450 486 $rs = $this->con->select($strReq); 451 487 452 488 while ($rs->fetch()) { 453 489 $this->versions[$rs->module] = $rs->version; 454 490 } 455 491 } 456 492 457 493 if (isset($this->versions[$module])) { 458 494 return $this->versions[$module]; … … 461 497 } 462 498 } 463 499 464 500 /** 465 501 Sets $version to given $module. 466 502 467 503 @param module <b>string</b> Module name 468 504 @param version <b>string</b> Module version … … 471 507 { 472 508 $cur_version = $this->getVersion($module); 473 509 474 510 $cur = $this->con->openCursor($this->prefix.'version'); 475 511 $cur->module = (string) $module; 476 512 $cur->version = (string) $version; 477 513 478 514 if ($cur_version === null) { 479 515 $cur->insert(); … … 481 517 $cur->update("WHERE module='".$this->con->escape($module)."'"); 482 518 } 483 519 484 520 $this->versions[$module] = $version; 485 521 } 486 522 487 523 /** 488 524 Removes given $module version entry. 489 525 490 526 @param module <b>string</b> Module name 491 527 */ … … 495 531 'DELETE FROM '.$this->prefix.'version '. 496 532 "WHERE module = '".$this->con->escape($module)."' "; 497 533 498 534 $this->con->execute($strReq); 499 535 500 536 if (is_array($this->versions)) { 501 537 unset($this->versions[$module]); 502 538 } 503 539 } 504 540 505 541 //@} 506 542 507 543 /// @name Users management methods 508 544 //@{ 509 545 /** 510 546 Returns a user by its ID. 511 547 512 548 @param id <b>string</b> User ID 513 549 @return <b>record</b> … … 516 552 { 517 553 $params['user_id'] = $id; 518 554 519 555 return $this->getUsers($params); 520 556 } 521 557 522 558 /** 523 559 Returns a users list. <b>$params</b> is an array with the following 524 560 optionnal parameters: 525 561 526 562 - <var>q</var>: search string (on user_id, user_name, user_firstname) 527 563 - <var>user_id</var>: user ID 528 564 - <var>order</var>: ORDER BY clause (default: user_id ASC) 529 565 - <var>limit</var>: LIMIT clause (should be an array ![limit,offset]) 530 566 531 567 @param params <b>array</b> Parameters 532 568 @param count_only <b>boolean</b> Only counts results … … 553 589 'WHERE NULL IS NULL '; 554 590 } 555 591 556 592 if (!empty($params['q'])) { 557 593 $q = $this->con->escape(str_replace('*','%',strtolower($params['q']))); … … 562 598 ') '; 563 599 } 564 600 565 601 if (!empty($params['user_id'])) { 566 602 $strReq .= "AND U.user_id = '".$this->con->escape($params['user_id'])."' "; 567 603 } 568 604 569 605 if (!$count_only) { 570 606 $strReq .= 'GROUP BY U.user_id,user_super,user_status,user_pwd,user_change_pwd,'. 571 607 'user_name,user_firstname,user_displayname,user_email,user_url,'. 572 608 'user_desc, user_lang,user_tz,user_post_status,user_options '; 573 609 574 610 if (!empty($params['order']) && !$count_only) { 575 611 $strReq .= 'ORDER BY '.$this->con->escape($params['order']).' '; … … 578 614 } 579 615 } 580 616 581 617 if (!$count_only && !empty($params['limit'])) { 582 618 $strReq .= $this->con->limit($params['limit']); 583 619 } 584 620 585 621 $rs = $this->con->select($strReq); 586 622 $rs->extend('rsExtUser'); 587 623 return $rs; 588 624 } 589 625 590 626 /** 591 627 Create a new user. Takes a cursor as input and returns the new user ID. 592 628 593 629 @param cur <b>cursor</b> User cursor 594 630 @return <b>string</b> … … 599 635 throw new Exception(__('You are not an administrator')); 600 636 } 601 637 602 638 if ($cur->user_id == '') { 603 639 throw new Exception(__('No user ID given')); 604 640 } 605 641 606 642 if ($cur->user_pwd == '') { 607 643 throw new Exception(__('No password given')); 608 644 } 609 645 610 646 $this->getUserCursor($cur); 611 647 612 648 if ($cur->user_creadt === null) { 613 649 $cur->user_creadt = date('Y-m-d H:i:s'); 614 650 } 615 651 616 652 $cur->insert(); 617 653 618 654 $this->auth->afterAddUser($cur); 619 655 620 656 return $cur->user_id; 621 657 } 622 658 623 659 /** 624 660 Updates an existing user. Returns the user ID. 625 661 626 662 @param id <b>string</b> User ID 627 663 @param cur <b>cursor</b> User cursor … … 631 667 { 632 668 $this->getUserCursor($cur); 633 669 634 670 if (($cur->user_id !== null || $id != $this->auth->userID()) && 635 671 !$this->auth->isSuperAdmin()) { 636 672 throw new Exception(__('You are not an administrator')); 637 673 } 638 674 639 675 $cur->update("WHERE user_id = '".$this->con->escape($id)."' "); 640 676 641 677 $this->auth->afterUpdUser($id,$cur); 642 678 643 679 if ($cur->user_id !== null) { 644 680 $id = $cur->user_id; 645 681 } 646 682 647 683 # Updating all user's blogs 648 684 $rs = $this->con->select( … … 650 686 "WHERE user_id = '".$this->con->escape($id)."' " 651 687 ); 652 688 653 689 while ($rs->fetch()) { 654 690 $b = new dcBlog($this,$rs->blog_id); … … 656 692 unset($b); 657 693 } 658 694 659 695 return $id; 660 696 } 661 697 662 698 /** 663 699 Deletes a user. 664 700 665 701 @param id <b>string</b> User ID 666 702 */ … … 670 706 throw new Exception(__('You are not an administrator')); 671 707 } 672 708 673 709 if ($id == $this->auth->userID()) { 674 710 return; 675 711 } 676 712 677 713 $rs = $this->getUser($id); 678 714 679 715 if ($rs->nb_post > 0) { 680 716 return; 681 717 } 682 718 683 719 $strReq = 'DELETE FROM '.$this->prefix.'user '. 684 720 "WHERE user_id = '".$this->con->escape($id)."' "; 685 721 686 722 $this->con->execute($strReq); 687 723 688 724 $this->auth->afterDelUser($id); 689 725 } 690 726 691 727 /** 692 728 Checks whether a user exists. 693 729 694 730 @param id <b>string</b> User ID 695 731 @return <b>boolean</b> … … 700 736 'FROM '.$this->prefix.'user '. 701 737 "WHERE user_id = '".$this->con->escape($id)."' "; 702 738 703 739 $rs = $this->con->select($strReq); 704 740 705 741 return !$rs->isEmpty(); 706 742 } 707 743 708 744 /** 709 745 Returns all user permissions as an array which looks like: 710 746 711 747 - [blog_id] 712 748 - [name] => Blog name 713 749 - [url] => Blog URL 714 750 - [p] 715 - [permission] => true751 - [permission] => true 716 752 - ... 717 753 718 754 @param id <b>string</b> User ID 719 755 @return <b>array</b> … … 725 761 'INNER JOIN '.$this->prefix.'blog B ON P.blog_id = B.blog_id '. 726 762 "WHERE user_id = '".$this->con->escape($id)."' "; 727 763 728 764 $rs = $this->con->select($strReq); 729 765 730 766 $res = array(); 731 767 732 768 while ($rs->fetch()) 733 769 { … … 738 774 ); 739 775 } 740 776 741 777 return $res; 742 778 } 743 779 744 780 /** 745 781 Sets user permissions. The <var>$perms</var> array looks like: 746 782 747 783 - [blog_id] => '|perm1|perm2|' 748 784 - ... 749 785 750 786 @param id <b>string</b> User ID 751 787 @param perms <b>array</b> Permissions array … … 756 792 throw new Exception(__('You are not an administrator')); 757 793 } 758 794 759 795 $strReq = 'DELETE FROM '.$this->prefix.'permissions '. 760 796 "WHERE user_id = '".$this->con->escape($id)."' "; 761 797 762 798 $this->con->execute($strReq); 763 799 764 800 foreach ($perms as $blog_id => $p) { 765 801 $this->setUserBlogPermissions($id, $blog_id, $p, false); 766 802 } 767 803 } 768 804 769 805 /** 770 806 Sets user permissions for a given blog. <var>$perms</var> is an array with 771 807 permissions in values 772 808 773 809 @param id <b>string</b> User ID 774 810 @param blog_id <b>string</b> Blog ID … … 781 817 throw new Exception(__('You are not an administrator')); 782 818 } 783 819 784 820 $no_perm = empty($perms); 785 821 786 822 $perms = '|'.implode('|',array_keys($perms)).'|'; 787 823 788 824 $cur = $this->con->openCursor($this->prefix.'permissions'); 789 825 790 826 $cur->user_id = (string) $id; 791 827 $cur->blog_id = (string) $blog_id; 792 828 $cur->permissions = $perms; 793 829 794 830 if ($delete_first || $no_perm) 795 831 { … … 797 833 "WHERE blog_id = '".$this->con->escape($blog_id)."' ". 798 834 "AND user_id = '".$this->con->escape($id)."' "; 799 835 800 836 $this->con->execute($strReq); 801 837 } 802 838 803 839 if (!$no_perm) { 804 840 $cur->insert(); 805 841 } 806 842 } 807 843 808 844 /** 809 845 Sets a user default blog. This blog will be selected when user log in. 810 846 811 847 @param id <b>string</b> User ID 812 848 @param blog_id <b>string</b> Blog ID … … 815 851 { 816 852 $cur = $this->con->openCursor($this->prefix.'user'); 817 853 818 854 $cur->user_default_blog = (string) $blog_id; 819 855 820 856 $cur->update("WHERE user_id = '".$this->con->escape($id)."'"); 821 857 } 822 858 823 859 private function getUserCursor($cur) 824 860 { … … 827 863 throw new Exception(__('User ID must contain at least 2 characters using letters, numbers or symbols.')); 828 864 } 829 865 830 866 if ($cur->user_url !== null && $cur->user_url != '') { 831 867 if (!preg_match('|^http(s?)://|',$cur->user_url)) { … … 833 869 } 834 870 } 835 871 836 872 if ($cur->isField('user_pwd')) { 837 873 if (strlen($cur->user_pwd) < 6) { … … 840 876 $cur->user_pwd = crypt::hmac(DC_MASTER_KEY,$cur->user_pwd); 841 877 } 842 878 843 879 if ($cur->user_lang !== null && !preg_match('/^[a-z]{2}(-[a-z]{2})?$/',$cur->user_lang)) { 844 880 throw new Exception(__('Invalid user language code')); 845 881 } 846 882 847 883 if ($cur->user_upddt === null) { 848 884 $cur->user_upddt = date('Y-m-d H:i:s'); 849 885 } 850 886 851 887 if ($cur->user_options !== null) { 852 888 $cur->user_options = serialize((array) $cur->user_options); 853 889 } 854 890 } 855 891 856 892 /** 857 893 Returns user default settings in an associative array with setting names in 858 894 keys. 859 895 860 896 @return <b>array</b> 861 897 */ … … 870 906 } 871 907 //@} 872 908 873 909 /// @name Blog management methods 874 910 //@{ 875 911 /** 876 912 Returns all blog permissions (users) as an array which looks like: 877 913 878 914 - [user_id] 879 915 - [name] => User name … … 882 918 - [super] => (true|false) super admin 883 919 - [p] 884 - [permission] => true920 - [permission] => true 885 921 - ... 886 922 887 923 @param id <b>string</b> Blog ID 888 924 @param with_super <b>boolean</b> Includes super admins in result … … 897 933 'JOIN '.$this->prefix.'permissions P ON U.user_id = P.user_id '. 898 934 "WHERE blog_id = '".$this->con->escape($id)."' "; 899 935 900 936 if ($with_super) { 901 937 $strReq .= … … 906 942 'WHERE user_super = 1 '; 907 943 } 908 944 909 945 $rs = $this->con->select($strReq); 910 946 911 947 $res = array(); 912 948 913 949 while ($rs->fetch()) 914 950 { … … 922 958 ); 923 959 } 924 960 925 961 return $res; 926 962 } 927 963 928 964 /** 929 965 Returns a blog of given ID. 930 966 931 967 @param id <b>string</b> Blog ID 932 968 @return <b>record</b> … … 935 971 { 936 972 $blog = $this->getBlogs(array('blog_id'=>$id)); 937 973 938 974 if ($blog->isEmpty()) { 939 975 return false; 940 976 } 941 977 942 978 return $blog; 943 979 } 944 980 945 981 /** 946 982 Returns a record of blogs. <b>$params</b> is an array with the following 947 983 optionnal parameters: 948 984 949 985 - <var>blog_id</var>: Blog ID 950 986 - <var>q</var>: Search string on blog_id, blog_name and blog_url 951 987 - <var>limit</var>: limit results 952 988 953 989 @param params <b>array</b> Parameters 954 990 @param count_only <b>boolean</b> Count only results … … 959 995 $join = ''; // %1$s 960 996 $where = ''; // %2$s 961 997 962 998 if ($count_only) 963 999 { … … 977 1013 'WHERE NULL IS NULL '. 978 1014 '%2$s '; 979 1015 980 1016 if (!empty($params['order'])) { 981 1017 $strReq .= 'ORDER BY '.$this->con->escape($params['order']).' '; … … 983 1019 $strReq .= 'ORDER BY B.blog_id ASC '; 984 1020 } 985 1021 986 1022 if (!empty($params['limit'])) { 987 1023 $strReq .= $this->con->limit($params['limit']); 988 1024 } 989 1025 } 990 1026 991 1027 if ($this->auth->userID() && !$this->auth->isSuperAdmin()) 992 1028 { … … 999 1035 $where = 'AND blog_status IN (1,0) '; 1000 1036 } 1001 1037 1002 1038 if (!empty($params['blog_id'])) { 1003 1039 $where .= "AND B.blog_id = '".$this->con->escape($params['blog_id'])."' "; 1004 1040 } 1005 1041 1006 1042 if (!empty($params['q'])) { 1007 1043 $params['q'] = strtolower(str_replace('*','%',$params['q'])); … … 1013 1049 ') '; 1014 1050 } 1015 1051 1016 1052 $strReq = sprintf($strReq,$join,$where); 1017 1053 return $this->con->select($strReq); 1018 1054 } 1019 1055 1020 1056 /** 1021 1057 Creates a new blog. 1022 1058 1023 1059 @param cur <b>cursor</b> Blog cursor 1024 1060 */ … … 1028 1064 throw new Exception(__('You are not an administrator')); 1029 1065 } 1030 1066 1031 1067 $this->getBlogCursor($cur); 1032 1068 1033 1069 $cur->blog_creadt = date('Y-m-d H:i:s'); 1034 1070 $cur->blog_upddt = date('Y-m-d H:i:s'); 1035 1071 $cur->blog_uid = md5(uniqid()); 1036 1072 1037 1073 $cur->insert(); 1038 1074 } 1039 1075 1040 1076 /** 1041 1077 Updates a given blog. 1042 1078 1043 1079 @param id <b>string</b> Blog ID 1044 1080 @param cur <b>cursor</b> Blog cursor … … 1047 1083 { 1048 1084 $this->getBlogCursor($cur); 1049 1085 1050 1086 $cur->blog_upddt = date('Y-m-d H:i:s'); 1051 1087 1052 1088 $cur->update("WHERE blog_id = '".$this->con->escape($id)."'"); 1053 1089 } 1054 1090 1055 1091 private function getBlogCursor($cur) 1056 1092 { … … 1058 1094 && !preg_match('/^[A-Za-z0-9._-]{2,}$/',$cur->blog_id)) || 1059 1095 (!$cur->blog_id)) { 1060 throw new Exception(__('Blog ID must contain at least 2 characters using letters, numbers or symbols.')); 1061 } 1062 1096 throw new Exception(__('Blog ID must contain at least 2 characters using letters, numbers or symbols.')); 1097 } 1098 1063 1099 if (($cur->blog_name !== null && $cur->blog_name == '') || 1064 1100 (!$cur->blog_name)) { 1065 1101 throw new Exception(__('No blog name')); 1066 1102 } 1067 1103 1068 1104 if (($cur->blog_url !== null && $cur->blog_url == '') || 1069 1105 (!$cur->blog_url)) { 1070 1106 throw new Exception(__('No blog URL')); 1071 1107 } 1072 1108 1073 1109 if ($cur->blog_desc !== null) { 1074 1110 $cur->blog_desc = html::clean($cur->blog_desc); 1075 1111 } 1076 1112 } 1077 1113 1078 1114 /** 1079 1115 Removes a given blog. 1080 1116 @warning This will remove everything related to the blog (posts, 1081 1117 categories, comments, links...) 1082 1118 1083 1119 @param id <b>string</b> Blog ID 1084 1120 */ … … 1088 1124 throw new Exception(__('You are not an administrator')); 1089 1125 } 1090 1126 1091 1127 $strReq = 'DELETE FROM '.$this->prefix.'blog '. 1092 1128 "WHERE blog_id = '".$this->con->escape($id)."' "; 1093 1129 1094 1130 $this->con->execute($strReq); 1095 1131 } 1096 1132 1097 1133 /** 1098 1134 Checks if a blog exist. 1099 1135 1100 1136 @param id <b>string</b> Blog ID 1101 1137 @return <b>boolean</b> … … 1106 1142 'FROM '.$this->prefix.'blog '. 1107 1143 "WHERE blog_id = '".$this->con->escape($id)."' "; 1108 1144 1109 1145 $rs = $this->con->select($strReq); 1110 1146 1111 1147 return !$rs->isEmpty(); 1112 1148 } 1113 1149 1114 1150 /** 1115 1151 Count posts on a blog 1116 1152 1117 1153 @param id <b>string</b> Blog ID 1118 1154 @param type <b>string</b> Post type … … 1124 1160 'FROM '.$this->prefix.'post '. 1125 1161 "WHERE blog_id = '".$this->con->escape($id)."' "; 1126 1162 1127 1163 if ($type) { 1128 1164 $strReq .= "AND post_type = '".$this->con->escape($type)."' "; 1129 1165 } 1130 1166 1131 1167 return $this->con->select($strReq)->f(0); 1132 1168 } 1133 1169 //@} 1134 1170 1135 1171 /// @name HTML Filter methods 1136 1172 //@{ … … 1139 1175 tidy extension is present). If <b>enable_html_filter</b> blog setting is 1140 1176 false, returns not filtered string. 1141 1177 1142 1178 @param str <b>string</b> String to filter 1143 1179 @return <b>string</b> Filtered string. … … 1148 1184 return $str; 1149 1185 } 1150 1186 1151 1187 $filter = new htmlFilter; 1152 1188 $str = trim($filter->apply($str)); … … 1154 1190 } 1155 1191 //@} 1156 1192 1157 1193 /// @name wiki2xhtml methods 1158 1194 //@{ … … 1161 1197 $this->wiki2xhtml = new wiki2xhtml; 1162 1198 } 1163 1199 1164 1200 /** 1165 1201 Returns a transformed string with wiki2xhtml. 1166 1202 1167 1203 @param str <b>string</b> String to transform 1168 1204 @return <b>string</b> Transformed string … … 1175 1211 return $this->wiki2xhtml->transform($str); 1176 1212 } 1177 1213 1178 1214 /** 1179 1215 Inits <var>wiki2xhtml</var> property for blog post. … … 1182 1218 { 1183 1219 $this->initWiki(); 1184 1220 1185 1221 $this->wiki2xhtml->setOpts(array( 1186 1222 'active_title' => 1, … … 1214 1250 'note_str' => '<div class="footnotes"><h4>Notes</h4>%s</div>' 1215 1251 )); 1216 1252 1217 1253 $this->wiki2xhtml->registerFunction('url:post',array($this,'wikiPostLink')); 1218 1254 1219 1255 # --BEHAVIOR-- coreWikiPostInit 1220 1256 $this->callBehavior('coreInitWikiPost',$this->wiki2xhtml); 1221 1257 } 1222 1258 1223 1259 /** 1224 1260 Inits <var>wiki2xhtml</var> property for simple blog comment (basic syntax). … … 1227 1263 { 1228 1264 $this->initWiki(); 1229 1265 1230 1266 $this->wiki2xhtml->setOpts(array( 1231 1267 'active_title' => 0, … … 1256 1292 'active_fr_syntax' => 0 1257 1293 )); 1258 1294 1259 1295 # --BEHAVIOR-- coreInitWikiSimpleComment 1260 1296 $this->callBehavior('coreInitWikiSimpleComment',$this->wiki2xhtml); 1261 1297 } 1262 1298 1263 1299 /** 1264 1300 Inits <var>wiki2xhtml</var> property for blog comment. … … 1267 1303 { 1268 1304 $this->initWiki(); 1269 1305 1270 1306 $this->wiki2xhtml->setOpts(array( 1271 1307 'active_title' => 0, … … 1296 1332 'active_fr_syntax' => 0 1297 1333 )); 1298 1334 1299 1335 # --BEHAVIOR-- coreInitWikiComment 1300 1336 $this->callBehavior('coreInitWikiComment',$this->wiki2xhtml); 1301 1337 } 1302 1338 1303 1339 public function wikiPostLink($url,$content) 1304 1340 { 1305 if (!($this->blog instanceof dcBlog)) { 1341 if (!($this->blog instanceof dcBlog)) { 1306 1342 return array(); 1307 1343 } 1308 1344 1309 1345 $post_id = abs((integer) substr($url,5)); 1310 1346 if (!$post_id) { 1311 1347 return array(); 1312 1348 } 1313 1349 1314 1350 $post = $this->blog->getPosts(array('post_id'=>$post_id)); 1315 1351 if ($post->isEmpty()) { 1316 1352 return array(); 1317 1353 } 1318 1354 1319 1355 $res = array('url' => $post->getURL()); 1320 1356 $post_title = $post->post_title; 1321 1357 1322 1358 if ($content != $url) { 1323 1359 $res['title'] = html::escapeHTML($post->post_title); 1324 1360 } 1325 1361 1326 1362 if ($content == '' || $content == $url) { 1327 1363 $res['content'] = html::escapeHTML($post->post_title); 1328 1364 } 1329 1365 1330 1366 if ($post->post_lang) { 1331 1367 $res['lang'] = $post->post_lang; 1332 1368 } 1333 1369 1334 1370 return $res; 1335 1371 } 1336 1372 //@} 1337 1373 1338 1374 /// @name Maintenance methods 1339 1375 //@{ … … 1341 1377 Creates default settings for active blog. Optionnal parameter 1342 1378 <var>defaults</var> replaces default params while needed. 1343 1379 1344 1380 @param defaults <b>array</b> Default parameters 1345 1381 */ … … 1426 1462 ); 1427 1463 } 1428 1464 1429 1465 $settings = new dcSettings($this,null); 1430 1466 $settings->addNamespace('system'); 1431 1467 1432 1468 foreach ($defaults as $v) { 1433 1469 $settings->system->put($v[0],$v[2],$v[1],$v[3],false,true); 1434 1470 } 1435 1471 } 1436 1472 1437 1473 /** 1438 1474 Recreates entries search engine index. 1439 1475 1440 1476 @param start <b>integer</b> Start entry index 1441 1477 @param limit <b>integer</b> Number of entry to index 1442 1478 1443 1479 @return <b>integer</b> <var>$start</var> and <var>$limit</var> sum 1444 1480 */ … … 1449 1485 $rs = $this->con->select($strReq); 1450 1486 $count = $rs->f(0); 1451 1487 1452 1488 $strReq = 'SELECT post_id, post_title, post_excerpt_xhtml, post_content_xhtml '. 1453 1489 'FROM '.$this->prefix.'post '; 1454 1490 1455 1491 if ($start !== null && $limit !== null) { 1456 1492 $strReq .= $this->con->limit($start,$limit); 1457 1493 } 1458 1494 1459 1495 $rs = $this->con->select($strReq,true); 1460 1496 1461 1497 $cur = $this->con->openCursor($this->prefix.'post'); 1462 1498 1463 1499 while ($rs->fetch()) 1464 1500 { 1465 1501 $words = $rs->post_title.' '. $rs->post_excerpt_xhtml.' '. 1466 1502 $rs->post_content_xhtml; 1467 1503 1468 1504 $cur->post_words = implode(' ',text::splitWords($words)); 1469 1505 $cur->update('WHERE post_id = '.(integer) $rs->post_id); 1470 1506 $cur->clean(); 1471 1507 } 1472 1508 1473 1509 if ($start+$limit > $count) { 1474 1510 return null; … … 1476 1512 return $start+$limit; 1477 1513 } 1478 1514 1479 1515 /** 1480 1516 Recreates comments search engine index. 1481 1517 1482 1518 @param start <b>integer</b> Start comment index 1483 1519 @param limit <b>integer</b> Number of comments to index 1484 1520 1485 1521 @return <b>integer</b> <var>$start</var> and <var>$limit</var> sum 1486 1522 */ … … 1491 1527 $rs = $this->con->select($strReq); 1492 1528 $count = $rs->f(0); 1493 1529 1494 1530 $strReq = 'SELECT comment_id, comment_content '. 1495 1531 'FROM '.$this->prefix.'comment '; 1496 1532 1497 1533 if ($start !== null && $limit !== null) { 1498 1534 $strReq .= $this->con->limit($start,$limit); 1499 1535 } 1500 1536 1501 1537 $rs = $this->con->select($strReq); 1502 1538 1503 1539 $cur = $this->con->openCursor($this->prefix.'comment'); 1504 1540 1505 1541 while ($rs->fetch()) 1506 1542 { … … 1509 1545 $cur->clean(); 1510 1546 } 1511 1547 1512 1548 if ($start+$limit > $count) { 1513 1549 return null; … … 1515 1551 return $start+$limit; 1516 1552 } 1517 1553 1518 1554 /** 1519 1555 Reinits nb_comment and nb_trackback in post table. … … 1521 1557 public function countAllComments() 1522 1558 { 1523 1559 1524 1560 $updCommentReq = 'UPDATE '.$this->prefix.'post P '. 1525 1561 'SET nb_comment = ('. … … 1537 1573 $this->con->execute($updTrackbackReq); 1538 1574 } 1539 1575 1540 1576 /** 1541 1577 Empty templates cache directory … … 1550 1586 /** 1551 1587 Return elapsed time since script has been started 1552 @param 1553 1554 @return <b>float</b> 1588 @param $mtime <b>float</b> timestamp (microtime format) to evaluate delta from 1589 current time is taken if null 1590 @return <b>float</b> elapsed time 1555 1591 */ 1556 1592 public function getElapsedTime ($mtime=null) { -
inc/load_plugin_file.php
r2804 r2911 14 14 if (@is_dir('/usr/lib/clearbricks')) { 15 15 define('CLEARBRICKS_PATH','/usr/lib/clearbricks'); 16 } elseif (is_dir(dirname(__FILE__).'/ libs/clearbricks')) {17 define('CLEARBRICKS_PATH',dirname(__FILE__).'/ libs/clearbricks');16 } elseif (is_dir(dirname(__FILE__).'/../vendor/dotclear/clearbricks')) { 17 define('CLEARBRICKS_PATH',dirname(__FILE__).'/../vendor/dotclear/clearbricks'); 18 18 } elseif (isset($_SERVER['CLEARBRICKS_PATH']) && is_dir($_SERVER['CLEARBRICKS_PATH'])) { 19 19 define('CLEARBRICKS_PATH',$_SERVER['CLEARBRICKS_PATH']); -
inc/prepend.php
r2903 r2911 15 15 16 16 /* ------------------------------------------------------------------------------------------- */ 17 # ClearBricks, DotClear classes auto-loader17 # ClearBricks, Twig, DotClear classes auto-loader 18 18 if (@is_dir('/usr/lib/clearbricks')) { 19 19 define('CLEARBRICKS_PATH','/usr/lib/clearbricks'); 20 } elseif (is_dir(dirname(__FILE__).'/ libs/clearbricks')) {21 define('CLEARBRICKS_PATH',dirname(__FILE__).'/ libs/clearbricks');20 } elseif (is_dir(dirname(__FILE__).'/../vendor/dotclear/clearbricks')) { 21 define('CLEARBRICKS_PATH',dirname(__FILE__).'/../vendor/dotclear/clearbricks'); 22 22 } elseif (isset($_SERVER['CLEARBRICKS_PATH']) && is_dir($_SERVER['CLEARBRICKS_PATH'])) { 23 23 define('CLEARBRICKS_PATH',$_SERVER['CLEARBRICKS_PATH']); … … 29 29 30 30 require CLEARBRICKS_PATH.'/_common.php'; 31 $__autoload['dcCore'] = dirname(__FILE__).'/core/class.dc.core.php'; 32 $__autoload['dcAuth'] = dirname(__FILE__).'/core/class.dc.auth.php'; 33 $__autoload['dcBlog'] = dirname(__FILE__).'/core/class.dc.blog.php'; 34 $__autoload['dcCategories'] = dirname(__FILE__).'/core/class.dc.categories.php'; 35 $__autoload['dcError'] = dirname(__FILE__).'/core/class.dc.error.php'; 36 $__autoload['dcMeta'] = dirname(__FILE__).'/core/class.dc.meta.php'; 37 $__autoload['dcMedia'] = dirname(__FILE__).'/core/class.dc.media.php'; 38 $__autoload['dcPostMedia'] = dirname(__FILE__).'/core/class.dc.postmedia.php'; 39 $__autoload['dcModules'] = dirname(__FILE__).'/core/class.dc.modules.php'; 40 $__autoload['dcPlugins'] = dirname(__FILE__).'/core/class.dc.plugins.php'; 41 $__autoload['dcThemes'] = dirname(__FILE__).'/core/class.dc.themes.php'; 42 $__autoload['dcRestServer'] = dirname(__FILE__).'/core/class.dc.rest.php'; 43 $__autoload['dcNamespace'] = dirname(__FILE__).'/core/class.dc.namespace.php'; 44 $__autoload['dcSettings'] = dirname(__FILE__).'/core/class.dc.settings.php'; 45 $__autoload['dcTrackback'] = dirname(__FILE__).'/core/class.dc.trackback.php'; 46 $__autoload['dcUpdate'] = dirname(__FILE__).'/core/class.dc.update.php'; 47 $__autoload['dcUtils'] = dirname(__FILE__).'/core/class.dc.utils.php'; 48 $__autoload['dcXmlRpc'] = dirname(__FILE__).'/core/class.dc.xmlrpc.php'; 49 $__autoload['dcLog'] = dirname(__FILE__).'/core/class.dc.log.php'; 50 $__autoload['dcWorkspace'] = dirname(__FILE__).'/core/class.dc.workspace.php'; 51 $__autoload['dcPrefs'] = dirname(__FILE__).'/core/class.dc.prefs.php'; 52 $__autoload['dcStore'] = dirname(__FILE__).'/core/class.dc.store.php'; 53 $__autoload['dcStoreReader'] = dirname(__FILE__).'/core/class.dc.store.reader.php'; 54 $__autoload['dcStoreParser'] = dirname(__FILE__).'/core/class.dc.store.parser.php'; 55 $__autoload['dcFavorites'] = dirname(__FILE__).'/admin/class.dc.favorites.php'; 56 57 $__autoload['rsExtPost'] = dirname(__FILE__).'/core/class.dc.rs.extensions.php'; 58 $__autoload['rsExtComment'] = dirname(__FILE__).'/core/class.dc.rs.extensions.php'; 59 $__autoload['rsExtDates'] = dirname(__FILE__).'/core/class.dc.rs.extensions.php'; 60 $__autoload['rsExtUser'] = dirname(__FILE__).'/core/class.dc.rs.extensions.php'; 61 62 $__autoload['dcMenu'] = dirname(__FILE__).'/admin/class.dc.menu.php'; 63 $__autoload['dcPage'] = dirname(__FILE__).'/admin/lib.dc.page.php'; 64 $__autoload['adminGenericList'] = dirname(__FILE__).'/admin/lib.pager.php'; 65 $__autoload['adminPostList'] = dirname(__FILE__).'/admin/lib.pager.php'; 66 $__autoload['adminPostMiniList'] = dirname(__FILE__).'/admin/lib.pager.php'; 67 $__autoload['adminCommentList'] = dirname(__FILE__).'/admin/lib.pager.php'; 68 $__autoload['adminUserList'] = dirname(__FILE__).'/admin/lib.pager.php'; 69 $__autoload['dcPager'] = dirname(__FILE__).'/admin/lib.pager.php'; 70 $__autoload['dcAdminCombos'] = dirname(__FILE__).'/admin/lib.admincombos.php'; 71 $__autoload['adminModulesList'] = dirname(__FILE__).'/admin/lib.moduleslist.php'; 72 $__autoload['adminThemesList'] = dirname(__FILE__).'/admin/lib.moduleslist.php'; 31 $__autoload['dcCore'] = dirname(__FILE__).'/core/class.dc.core.php'; 32 $__autoload['dcAuth'] = dirname(__FILE__).'/core/class.dc.auth.php'; 33 $__autoload['dcBlog'] = dirname(__FILE__).'/core/class.dc.blog.php'; 34 $__autoload['dcCategories'] = dirname(__FILE__).'/core/class.dc.categories.php'; 35 $__autoload['dcError'] = dirname(__FILE__).'/core/class.dc.error.php'; 36 $__autoload['dcMeta'] = dirname(__FILE__).'/core/class.dc.meta.php'; 37 $__autoload['dcMedia'] = dirname(__FILE__).'/core/class.dc.media.php'; 38 $__autoload['dcPostMedia'] = dirname(__FILE__).'/core/class.dc.postmedia.php'; 39 $__autoload['dcModules'] = dirname(__FILE__).'/core/class.dc.modules.php'; 40 $__autoload['dcPlugins'] = dirname(__FILE__).'/core/class.dc.plugins.php'; 41 $__autoload['dcThemes'] = dirname(__FILE__).'/core/class.dc.themes.php'; 42 $__autoload['dcRestServer'] = dirname(__FILE__).'/core/class.dc.rest.php'; 43 $__autoload['dcNamespace'] = dirname(__FILE__).'/core/class.dc.namespace.php'; 44 $__autoload['dcSettings'] = dirname(__FILE__).'/core/class.dc.settings.php'; 45 $__autoload['dcTrackback'] = dirname(__FILE__).'/core/class.dc.trackback.php'; 46 $__autoload['dcUpdate'] = dirname(__FILE__).'/core/class.dc.update.php'; 47 $__autoload['dcUtils'] = dirname(__FILE__).'/core/class.dc.utils.php'; 48 $__autoload['dcXmlRpc'] = dirname(__FILE__).'/core/class.dc.xmlrpc.php'; 49 $__autoload['dcLog'] = dirname(__FILE__).'/core/class.dc.log.php'; 50 $__autoload['dcWorkspace'] = dirname(__FILE__).'/core/class.dc.workspace.php'; 51 $__autoload['dcPrefs'] = dirname(__FILE__).'/core/class.dc.prefs.php'; 52 $__autoload['dcTwigPage'] = dirname(__FILE__).'/core/class.dc.twig.page.php'; 53 $__autoload['dcStore'] = dirname(__FILE__).'/core/class.dc.store.php'; 54 $__autoload['dcStoreReader'] = dirname(__FILE__).'/core/class.dc.store.reader.php'; 55 $__autoload['dcStoreParser'] = dirname(__FILE__).'/core/class.dc.store.parser.php'; 56 $__autoload['dcFavorites'] = dirname(__FILE__).'/admin/class.dc.favorites.php'; 57 58 $__autoload['rsExtPost'] = dirname(__FILE__).'/core/class.dc.rs.extensions.php'; 59 $__autoload['rsExtComment'] = dirname(__FILE__).'/core/class.dc.rs.extensions.php'; 60 $__autoload['rsExtDates'] = dirname(__FILE__).'/core/class.dc.rs.extensions.php'; 61 $__autoload['rsExtUser'] = dirname(__FILE__).'/core/class.dc.rs.extensions.php'; 62 63 $__autoload['dcAdminContext'] = dirname(__FILE__).'/admin/class.dc.admincontext.php'; 64 $__autoload['dcMenu'] = dirname(__FILE__).'/admin/class.dc.menu.php'; 65 $__autoload['dcPage'] = dirname(__FILE__).'/admin/lib.dc.page.php'; 66 $__autoload['adminGenericList'] = dirname(__FILE__).'/admin/lib.pager.php'; 67 $__autoload['adminPostList'] = dirname(__FILE__).'/admin/lib.pager.php'; 68 $__autoload['adminPostMiniList'] = dirname(__FILE__).'/admin/lib.pager.php'; 69 $__autoload['adminCommentList'] = dirname(__FILE__).'/admin/lib.pager.php'; 70 $__autoload['adminUserList'] = dirname(__FILE__).'/admin/lib.pager.php'; 71 $__autoload['dcPager'] = dirname(__FILE__).'/admin/lib.pager.php'; 72 $__autoload['dcAdminCombos'] = dirname(__FILE__).'/admin/lib.admincombos.php'; 73 $__autoload['adminModulesList'] = dirname(__FILE__).'/admin/lib.moduleslist.php'; 74 $__autoload['adminThemesList'] = dirname(__FILE__).'/admin/lib.moduleslist.php'; 73 75 $__autoload['dcThemeConfig'] = dirname(__FILE__).'/admin/lib.themeconfig.php'; 74 76 75 $__autoload['dcTemplate'] 76 $__autoload['context'] 77 $__autoload['dcUrlHandlers'] 77 $__autoload['dcTemplate'] = dirname(__FILE__).'/public/class.dc.template.php'; 78 $__autoload['context'] = dirname(__FILE__).'/public/lib.tpl.context.php'; 79 $__autoload['dcUrlHandlers'] = dirname(__FILE__).'/public/lib.urlhandlers.php'; 78 80 $__autoload['dcAdminURL'] = dirname(__FILE__).'/admin/lib.dc.adminurl.php'; 79 $__autoload['dcPostsActionsPage'] = dirname(__FILE__).'/admin/actions/class.dcactionposts.php'; 80 $__autoload['dcCommentsActionsPage'] = dirname(__FILE__).'/admin/actions/class.dcactioncomments.php'; 81 $__autoload['dcActionsPage'] = dirname(__FILE__).'/admin/actions/class.dcaction.php'; 81 $__autoload['dcPostsActionsPage'] = dirname(__FILE__).'/admin/actions/class.dcactionposts.php'; 82 $__autoload['dcCommentsActionsPage'] = dirname(__FILE__).'/admin/actions/class.dcactioncomments.php'; 83 $__autoload['dcActionsPage'] = dirname(__FILE__).'/admin/actions/class.dcaction.php'; 84 $__autoload['dcForm'] = dirname(__FILE__).'/admin/class.dc.form.php'; 85 $__autoload['dcFormExtension'] = dirname(__FILE__).'/admin/class.dc.form.php'; 86 $__autoload['dcTabExtension'] = dirname(__FILE__).'/admin/class.dc.tab.php'; 87 $__autoload['dcItemList'] = dirname(__FILE__).'/admin/class.dc.list.php'; 88 $__autoload['dcListFetcher'] = dirname(__FILE__).'/admin/class.dc.list.php'; 89 90 foreach (array('dcFilterSet', 'dcFilter','dcFilterCombo','dcFilterText','dcFilterBoolean') as $c) { 91 $__autoload[$c] = dirname(__FILE__).'/admin/class.dc.filter.php'; 92 } 82 93 83 94 # Clearbricks extensions 84 95 html::$absolute_regs[] = '/(<param\s+name="movie"\s+value=")(.*?)(")/msu'; 85 96 html::$absolute_regs[] = '/(<param\s+name="FlashVars"\s+value=".*?(?:mp3|flv)=)(.*?)(&|")/msu'; 97 98 if (@is_dir('/usr/lib/twig')) { 99 define('TWIG_PATH','/usr/lib/Twig'); 100 } elseif (is_dir(dirname(__FILE__).'/../vendor/twig/twig/lib/Twig')) { 101 define('TWIG_PATH',dirname(__FILE__).'/../vendor/twig/twig/lib/Twig'); 102 } elseif (isset($_SERVER['TWIG_PATH']) && is_dir($_SERVER['TWIG_PATH'])) { 103 define('TWIG_PATH',$_SERVER['TWIG_PATH']); 104 } 105 106 if (!defined('TWIG_PATH') || !is_dir(TWIG_PATH)) { 107 exit('No Twig path defined'); 108 } 109 require TWIG_PATH.'/Autoloader.php'; 110 Twig_Autoloader::register(); 111 86 112 /* ------------------------------------------------------------------------------------------- */ 87 113 … … 140 166 # Constants 141 167 define('DC_ROOT',path::real(dirname(__FILE__).'/..')); 142 define('DC_VERSION','2. 8-dev');168 define('DC_VERSION','2.99-dev'); 143 169 define('DC_DIGESTS',dirname(__FILE__).'/digests'); 144 170 define('DC_L10N_ROOT',dirname(__FILE__).'/../locales'); -
plugins/aboutConfig/_admin.php
r2849 r2911 4 4 # This file is part of Dotclear 2. 5 5 # 6 # Copyright (c) 2003-201 3Olivier Meunier & Association Dotclear6 # Copyright (c) 2003-2011 Olivier Meunier & Association Dotclear 7 7 # Licensed under the GPL version 2.0 license. 8 8 # See LICENSE file or … … 16 16 dcPage::getPF('aboutConfig/icon.png'), 17 17 preg_match('/'.preg_quote($core->adminurl->get('admin.plugin.aboutConfig')).'(&.*)?$/',$_SERVER['REQUEST_URI']), 18 $core->auth->isSuperAdmin()); 18 $core->auth->isSuperAdmin()); 19 20 $core->tpl->getLoader()->addPath(dirname(__FILE__).'/admtpl/','aboutConfig'); -
plugins/aboutConfig/index.php
r2824 r2911 4 4 # This file is part of Dotclear 2. 5 5 # 6 # Copyright (c) 2003-201 3Olivier Meunier & Association Dotclear6 # Copyright (c) 2003-2011 Olivier Meunier & Association Dotclear 7 7 # Licensed under the GPL version 2.0 license. 8 8 # See LICENSE file or … … 12 12 if (!defined('DC_CONTEXT_ADMIN')) { return; } 13 13 14 # Local navigation 15 if (!empty($_POST['gs_nav'])) { 16 http::redirect($p_url.$_POST['gs_nav']); 17 exit; 18 } 19 if (!empty($_POST['ls_nav'])) { 20 http::redirect($p_url.$_POST['ls_nav']); 21 exit; 22 } 23 24 # Local settings update 25 if (!empty($_POST['s']) && is_array($_POST['s'])) 14 class adminPageAboutConfig 26 15 { 27 try 16 public static $p_url = 'plugin.php?p=aboutConfig'; 17 18 # Update local settings 19 public static function updLocal($form) 28 20 { 29 foreach ($_POST['s'] as $ns => $s) 30 { 31 $core->blog->settings->addNamespace($ns); 32 33 foreach ($s as $k => $v) { 34 $core->blog->settings->$ns->put($k,$v); 21 self::updSettings($form); 22 } 23 24 # Update global settings 25 public static function updGlobal($form) 26 { 27 self::updSettings($form,true); 28 } 29 30 # Update settings 31 protected static function updSettings($form,$global=false) 32 { 33 global $core,$_ctx; 34 35 $part = $global ? 'global' : 'local'; 36 $prefix = $part.'_'; 37 38 try { 39 foreach ($core->blog->settings->dumpNamespaces() as $ns => $namespace) { 40 $core->blog->settings->addNamespace($ns); 41 $ns_settings = $global ? 42 $namespace->dumpGlobalSettings() : $namespace->dumpSettings(); 43 44 foreach ($ns_settings as $k => $v) { 45 // need to cast type 46 $f = (string) $form->{$prefix.$ns.'_'.$k}; 47 settype($f,$v['type']); 48 49 $core->blog->settings->$ns->put($k,$f,null,null,true,$global); 50 $form->{$prefix.$ns.'_'.$k} = $f; 51 } 35 52 } 36 37 53 $core->blog->triggerBlog(); 54 55 http::redirect(self::$p_url.'&upd=1&part='.$part); 38 56 } 39 40 dcPage::addSuccessNotice(__('Configuration successfully updated'));41 http::redirect($p_url);57 catch (Exception $e) { 58 $_ctx->addError($e->getMessage()); 59 } 42 60 } 43 catch (Exception $e) 61 62 # Set nav and settings forms 63 public static function setForms($global=false) 44 64 { 45 $core->error->add($e->getMessage()); 65 global $core, $_ctx; 66 67 $prefix = $global ? 'global_' : 'local_'; 68 $action = $global ? 'updGlobal' : 'updLocal'; 69 70 if (!empty($_POST[$prefix.'nav'])) { 71 http::redirect(self::$p_url.$_POST[$prefix.'nav']); 72 exit; 73 } 74 75 $nav_form = new dcForm($core,$prefix.'nav_form','plugin.php'); 76 $settings_form = new dcForm($core,$prefix.'settings_form','plugin.php'); 77 78 $settings = $combo = array(); 79 foreach ($core->blog->settings->dumpNamespaces() as $ns => $namespace) { 80 $ns_settings = $global ? 81 $namespace->dumpGlobalSettings() : $namespace->dumpSettings(); 82 83 foreach ($ns_settings as $k => $v) { 84 $settings[$ns][$k] = $v; 85 } 86 } 87 88 ksort($settings); 89 foreach ($settings as $ns => $s) { 90 $combo['#'.$prefix.$ns] = $ns; 91 ksort($s); 92 foreach ($s as $k => $v) { 93 if ($v['type'] == 'boolean') { 94 $settings_form->addField( 95 new dcFieldCombo($prefix.$ns.'_'.$k, 96 '',array(1 => __('yes'),0 => __('no')))); 97 } 98 else { 99 $settings_form->addField( 100 new dcFieldText($prefix.$ns.'_'.$k,'')); 101 } 102 $settings_form->{$prefix.$ns.'_'.$k} = $v['value']; 103 } 104 } 105 106 $nav_form 107 ->addField( 108 new dcFieldCombo($prefix.'nav','',$combo,array( 109 "label" => __('Goto:')))) 110 ->addField( 111 new dcFieldSubmit($prefix.'nav_submit',__('OK'))) 112 ->addField( 113 new dcFieldHidden ('p','aboutConfig')) 114 ; 115 116 $settings_form 117 ->addField( 118 new dcFieldSubmit($prefix.'submit',__('Save'),array( 119 'action' => array('adminPageAboutConfig',$action)))) 120 ->addField( 121 new dcFieldHidden ('p','aboutConfig')) 122 ; 123 124 $_ctx->{$prefix.'settings'} = $settings; 125 126 $nav_form->setup(); 127 $settings_form->setup(); 46 128 } 47 129 } 48 130 49 # Global settings update 50 if (!empty($_POST['gs']) && is_array($_POST['gs'])) 51 { 52 try 53 { 54 foreach ($_POST['gs'] as $ns => $s) 55 { 56 $core->blog->settings->addNamespace($ns); 131 # Local settings forms 132 adminPageAboutConfig::setForms(); 57 133 58 foreach ($s as $k => $v) { 59 $core->blog->settings->$ns->put($k,$v,null,null,true,true); 60 } 134 # Global settings forms 135 adminPageAboutConfig::setForms(true); 61 136 62 $core->blog->triggerBlog(); 63 } 64 65 dcPage::addSuccessNotice(__('Configuration successfully updated')); 66 http::redirect($p_url.'&part=global'); 67 } 68 catch (Exception $e) 69 { 70 $core->error->add($e->getMessage()); 71 } 137 # Commons 138 if (!empty($_GET['upd'])) { 139 $_ctx->setAlert(__('Configuration successfully updated')); 72 140 } 73 74 $part = !empty($_GET['part']) && $_GET['part'] == 'global' ? 'global' : 'local'; 75 76 function settingLine($id,$s,$ns,$field_name,$strong_label) 77 { 78 if ($s['type'] == 'boolean') { 79 $field = form::combo(array($field_name.'['.$ns.']['.$id.']',$field_name.'_'.$ns.'_'.$id), 80 array(__('yes') => 1, __('no') => 0),$s['value'] ? 1 : 0); 81 } else { 82 $field = form::field(array($field_name.'['.$ns.']['.$id.']',$field_name.'_'.$ns.'_'.$id),40,null, 83 html::escapeHTML($s['value'])); 84 } 85 86 $slabel = $strong_label ? '<strong>%s</strong>' : '%s'; 87 88 return 89 '<tr class="line">'. 90 '<td scope="row"><label for="'.$field_name.'_'.$ns.'_'.$id.'">'.sprintf($slabel,html::escapeHTML($id)).'</label></td>'. 91 '<td>'.$field.'</td>'. 92 '<td>'.$s['type'].'</td>'. 93 '<td>'.html::escapeHTML($s['label']).'</td>'. 94 '</tr>'; 141 if (!empty($_GET['upda'])) { 142 $_ctx->setAlert(__('Settings definition successfully updated')); 95 143 } 144 $_ctx->default_tab = !empty($_GET['part']) && $_GET['part'] == 'global' ? 'global' : 'local'; 145 $_ctx->setBreadCrumb('about:config'); 146 $core->tpl->display('@aboutConfig/index.html.twig'); 96 147 ?> 97 <html>98 <head>99 <title>about:config</title>100 <?php echo dcPage::jsPageTabs($part); ?>101 <script type="text/javascript">102 //<![CDATA[103 $(function() {104 $("#gs_submit").hide();105 $("#ls_submit").hide();106 $("#gs_nav").change(function() {107 window.location = $("#gs_nav option:selected").val();108 })109 $("#ls_nav").change(function() {110 window.location = $("#ls_nav option:selected").val();111 })112 });113 //]]>114 </script>115 </head>116 117 <body>118 <?php119 echo dcPage::breadcrumb(120 array(121 __('System') => '',122 html::escapeHTML($core->blog->name) => '',123 __('about:config') => ''124 )).125 dcPage::notices();126 ?>127 128 <div id="local" class="multi-part" title="<?php echo sprintf(__('Settings for %s'),html::escapeHTML($core->blog->name)); ?>">129 <h3 class="out-of-screen-if-js"><?php echo sprintf(__('Settings for %s'),html::escapeHTML($core->blog->name)); ?></h3>130 131 <?php132 $table_header = '<div class="table-outer"><table class="settings" id="%s"><caption class="as_h3">%s</caption>'.133 '<thead>'.134 '<tr>'."\n".135 ' <th class="nowrap">Setting ID</th>'."\n".136 ' <th>'.__('Value').'</th>'."\n".137 ' <th>'.__('Type').'</th>'."\n".138 ' <th class="maximalx">'.__('Description').'</th>'."\n".139 '</tr>'."\n".140 '</thead>'."\n".141 '<tbody>';142 $table_footer = '</tbody></table></div>';143 144 $settings = array();145 foreach ($core->blog->settings->dumpNamespaces() as $ns => $namespace) {146 foreach ($namespace->dumpSettings() as $k => $v) {147 $settings[$ns][$k] = $v;148 }149 }150 ksort($settings);151 if (count($settings) > 0) {152 $ns_combo = array();153 foreach ($settings as $ns => $s) {154 $ns_combo[$ns] = '#l_'.$ns;155 }156 echo157 '<form action="'.$core->adminurl->get('admin.plugin').'" method="post">'.158 '<p class="anchor-nav">'.159 '<label for="ls_nav" class="classic">'.__('Goto:').'</label> '.form::combo('ls_nav',$ns_combo).160 ' <input type="submit" value="'.__('Ok').'" id="ls_submit" />'.161 '<input type="hidden" name="p" value="aboutConfig" />'.162 $core->formNonce().'</p></form>';163 }164 ?>165 166 <form action="<?php echo $core->adminurl->get('admin.plugin'); ?>" method="post">167 168 <?php169 foreach ($settings as $ns => $s)170 {171 ksort($s);172 echo sprintf($table_header,'l_'.$ns,$ns);173 foreach ($s as $k => $v)174 {175 echo settingLine($k,$v,$ns,'s',!$v['global']);176 }177 echo $table_footer;178 }179 ?>180 181 <p><input type="submit" value="<?php echo __('Save'); ?>" />182 <input type="hidden" name="p" value="aboutConfig" />183 <?php echo $core->formNonce(); ?></p>184 </form>185 </div>186 187 <div id="global" class="multi-part" title="<?php echo __('Global settings'); ?>">188 <h3 class="out-of-screen-if-js"><?php echo __('Global settings'); ?></h3>189 190 <?php191 $settings = array();192 193 foreach ($core->blog->settings->dumpNamespaces() as $ns => $namespace) {194 foreach ($namespace->dumpGlobalSettings() as $k => $v) {195 $settings[$ns][$k] = $v;196 }197 }198 199 ksort($settings);200 201 if (count($settings) > 0) {202 $ns_combo = array();203 foreach ($settings as $ns => $s) {204 $ns_combo[$ns] = '#g_'.$ns;205 }206 echo207 '<form action="'.$core->adminurl->get('admin.plugin').'" method="post">'.208 '<p class="anchor-nav">'.209 '<label for="gs_nav" class="classic">'.__('Goto:').'</label> '.form::combo('gs_nav',$ns_combo).' '.210 '<input type="submit" value="'.__('Ok').'" id="gs_submit" />'.211 '<input type="hidden" name="p" value="aboutConfig" />'.212 $core->formNonce().'</p></form>';213 }214 ?>215 216 <form action="<?php echo $core->adminurl->get('admin.plugin'); ?>" method="post">217 218 <?php219 foreach ($settings as $ns => $s)220 {221 ksort($s);222 echo sprintf($table_header,'g_'.$ns,$ns);223 foreach ($s as $k => $v)224 {225 echo settingLine($k,$v,$ns,'gs',false);226 }227 echo $table_footer;228 }229 ?>230 231 <p><input type="submit" value="<?php echo __('Save'); ?>" />232 <input type="hidden" name="p" value="aboutConfig" />233 <?php echo $core->formNonce(); ?></p>234 </form>235 </div>236 237 <?php dcPage::helpBlock('aboutConfig'); ?>238 239 </body>240 </html>
Note: See TracChangeset
for help on using the changeset viewer.