Index: trunk/kernel/action.php
===================================================================
diff -u -N
--- trunk/kernel/action.php (revision 8796)
+++ trunk/kernel/action.php (revision 0)
@@ -1,2070 +0,0 @@
-HasSystemPermission("SYSTEM_ACCESS.READONLY");
-
- // ====== Debugger related: begin ======
- $script = basename($_SERVER['PHP_SELF']);
- $skipDebug = Array('index.php', 'credits.php');
- if (admin_login() && !in_array($script, $skipDebug)) {
- if (IsDebugMode() && $Action) {
- $debugger->setHTMLByIndex(1, 'Kernel Action: '.$Action.'', 'append');
- }
- }
- unset($script, $skipDebug);
- // ====== Debugger related: end ======
-
- require_login( !admin_login() && $Action, 'expired=1', true );
-
- // permission checking: begin
- $action_mapping = Array(
- 'm_add_user' => 'in-portal:user_list.add',
- 'm_edit_user' => 'in-portal:user_list.edit',
- 'm_delete_user' => 'in-portal:user_list.delete',
- 'm_user_primarygroup' => 'in-portal:user_list.add|in-portal:user_list.edit',
- 'm_approve_user' => 'in-portal:user_list.add|in-portal:user_list.edit',
- 'm_deny_user' => 'in-portal:user_list.add|in-portal:user_list.edit',
- 'm_clear_searchlog' => 'in-portal:searchlog.delete',
- 'm_keyword_reset' => 'in-portal:searchlog.delete',
- 'm_themes_rescan' => 'in-portal:configure_themes.add|in-portal:configure_themes.edit',
- 'm_theme_primary' => 'in-portal:configure_themes.add|in-portal:configure_themes.edit',
- 'm_theme_add' => 'in-portal:configure_themes.add',
- 'm_theme_edit' => 'in-portal:configure_themes.edit',
- 'm_theme_delete' => 'in-portal:configure_themes.delete',
- 'm_sql_query' => 'in-portal:sql_query.edit',
- 'm_purge_email_log' => 'in-portal:emaillog.delete',
- 'm_session_delete' => 'in-portal:sessionlog.delete',
- 'm_add_rule' => 'in-portal:user_banlist.add',
- 'm_edit_rule' => 'in-portal:user_banlist.edit',
- 'm_rule_move_up' => 'in-portal:user_banlist.add|in-portal:user_banlist.edit',
- 'm_rule_move_down' => 'in-portal:user_banlist.add|in-portal:user_banlist.edit',
- 'm_rule_delete' => 'in-portal:user_banlist.delete',
- 'm_ban_user' => 'in-portal:user_list.add|in-portal:user_list.edit',
- );
- checkActionPermission($action_mapping, $Action, 1);
- // permission checking: end
-
- switch($Action)
- {
- case "m_save_import_config":
- // Set New Import Category
- if( GetVar('categorylist', true) !== false )
- {
- $cat_id = $_POST['categorylist'];
- $objSession->SetVariable('categoryid', $cat_id);
-
- if($cat_id > 0)
- {
- $cat = $objCatList->GetByResource($cat_id);
- if(is_object($cat))
- {
- $ml_formatter =& $application->recallObject('kMultiLanguage');
- $navbar = $cat->Get( $ml_formatter->LangFieldName('CachedNavbar') );
- $objSession->SetVariable('catnavbar', $navbar);
- $objSession->SetVariable('import_category_id', $cat->UniqueId() );
- }
- }elseif($cat_id == 0)
- {
- global $objConfig;
- $objSession->SetVariable('import_category_id', 0);
- }
-
- $objSession->SetVariable('categorylist', $_POST['categorylist']);
- }
-
- // Set Import Admin Group
- if( GetVar('grouplist1', true) )
- {
- $group_id = $_POST['grouplist1'];
- $group = $objGroups->GetItemByField('ResourceId',$group_id);
- $objSession->SetVariable('user_admin_names', $group->Get('Name'));
- $objSession->SetVariable('user_admin_values', $group->Get('GroupId'));
- $objSession->SetVariable('grouplist1', $_POST['grouplist1']);
- }
-
- // Set Import User Group
- if( GetVar('grouplist2', true) )
- {
- $group_id = $_POST['grouplist2'];
- $group = $objGroups->GetItemByField('ResourceId', $group_id);
- $objSession->SetVariable('user_regular_names', $group->Get('Name'));
- $objSession->SetVariable('user_regular_values', $group->Get('GroupId'));
- $objSession->SetVariable('grouplist2', $_POST['grouplist2']);
- }
- break;
-
- case "m_add_user":
- $application =& kApplication::Instance();
- $application->SetVar('u_mode', 't');
- $dupe_user = '';
- //$user_pending = (int)$_POST["user_pending"];
- //$user_enabled = (int)$_POST["user_enabled"];
- $CreatedOn = DateTimestamp($_POST["user_date"],GetDateFormat(0, true));
- $CreatedOn += SecondsSinceMidnight($_POST["user_time"]);
-
- $dob = DateTimestamp($_POST["user_dob"],GetDateFormat(0, true));
-
- $objEditItems = new clsUserManager();
- $objEditItems->SourceTable = $objSession->GetEditTable("PortalUser");
-
- if(strlen($_POST["user_login"]))
- {
- if (strtolower($_POST["user_login"]) == "root")
- $id = 1;
- else
- $id = $objUsers->GetUserId($_POST["user_login"]);
- }
- else
- $dob = 0;
-
- if(!empty($id))
- {
- $lvErrorString = language('la_error_duplicate_username');
- $dupe_user = $_POST["user_login"];
- $_POST["user_login"] = '';
- }
- else
- {
- $fields_hash = Array( 'Login' => $_POST['user_login'],
- 'Password' => md5($_POST['password']),
- 'FirstName' => $_POST['user_firstname'],
- 'LastName' => $_POST['user_lastname'],
- 'Company' => $_POST['user_company'],
- 'Email' => $_POST['user_email'],
- 'Phone' => $_POST['user_phone'],
- 'Fax' => $_POST['user_fax'],
- 'Street' => $_POST['user_street'],
- 'Street2' => $_POST['user_street2'],
- 'City' => $_POST['user_city'],
- 'State' => $_POST['user_state'],
- 'Country' => $_POST['user_country'],
- 'Zip' => $_POST['user_zip'],
- 'Status' => $_POST['status'],
- 'CreatedOn' => $CreatedOn,
- 'dob' => $dob,
-
- // customizaton Vana
- // 'Accredited' => $_POST['accredited_status'],
- );
-
- $u =& $objEditItems->Add_User_NEW($fields_hash);
- saveCustomFields('u', $u->Get('ResourceId'), 6);
- }
-
- break;
-
- case "m_edit_user":
- $application =& kApplication::Instance();
- $application->SetVar('u_mode', 't');
- //$CreatedOn = DateTimestamp($_POST["user_date"],GetDateFormat(0, true));
- //$CreatedOn += SecondsSinceMidnight($_POST["user_time"]);
- $dob = DateTimestamp($_POST["user_dob"],GetDateFormat(0, true));
- $objEditItems = new clsUserManager();
- $objEditItems->SourceTable = $objSession->GetEditTable("PortalUser");
- //$user_pending = (int)$_POST["user_pending"];
- //$user_enabled = (int)$_POST["user_enabled"];
- $UserId = (int)$_POST["user_id"];
- //echo $UserId."
\n";
- if (!GetVar('user_login')) {
- $dob = 0;
- }
-
- $fields_hash = Array( 'Login' => $_POST['user_login'],
- 'Password' => GetVar('password') ? md5(GetVar('password')) : '',
- 'FirstName' => $_POST['user_firstname'],
- 'LastName' => $_POST['user_lastname'],
- 'Company' => $_POST['user_company'],
- 'Email' => $_POST['user_email'],
- 'Street' => $_POST['user_street'],
- 'Street2' => $_POST['user_street2'],
- 'City' => $_POST['user_city'],
- 'State' => $_POST['user_state'],
- 'Country' => $_POST['user_country'], // note: should issue some conversion from name to ISO code
- 'Zip' => $_POST['user_zip'],
- 'Phone' => $_POST['user_phone'],
- 'Fax' => $_POST['user_fax'],
- 'Status' => $_POST['status'],
- 'dob' => $dob,
-
- // customizaton Vana
- //'Accredited' => $_POST['accredited_status'],
- );
- $u =& $objEditItems->Edit_User_NEW($UserId, $fields_hash);
- saveCustomFields('u', $u->Get('ResourceId'), 6);
- break;
-
- case "m_user_primarygroup":
- if($ro_perm) break;
- $users = explode(',', $_POST["userlist"]);
- $GroupResourceId = $_POST['grouplist'];
- $g = $objGroups->GetItemByField("ResourceId", $GroupResourceId);
- $GroupId = $g->UniqueId();
-
- if( is_array($users) )
- foreach($users as $user_id)
- {
- $u = $objUsers->GetItemByField("ResourceId", $user_id);
- $g->AddUser($u->Get("PortalUserId"),1,false);
- }
- break;
-
- case 'm_group_edit': // when editing user membership in group
- $membership_expires = DateTimestamp( $_POST['membership_expires_date'], GetDateFormat(0, true) );
- $membership_expires += SecondsSinceMidnight( $_POST['membership_expires_time'] );
-
- $objEditItems = new clsUserGroupList();
- $objEditItems->SourceTable = $objSession->GetEditTable('UserGroup');
- $objEditItems->Edit_UserGroup($_POST['GroupId'], $_POST['PortalUserId'], $membership_expires);
- break;
-
- case "m_user_sysperm":
- if($ro_perm) break;
- if($_POST["UserEditStatus"]==0)
- {
- $UserId = $_POST["ItemId"];
- if($UserId)
- {
- $objEditItems = new clsUserManager();
- $objEditItems->SourceTable = $objSession->GetEditTable("PortalUser");
- $u = $objEditItems->GetItemByField("ResourceId",$UserId);
- unset($g);
- if(is_object($u))
- {
- $objSession->ResetSysPermCache();
- $g = $u->GetPersonalGroup(FALSE);
- $PermList = explode(",",$_POST["PermList"]);
- for($i=0;$iGetPersonalGroup(TRUE);
-
- $value = 0;
- if(is_array($_POST["permvalue"]))
- {
- if(in_array($PermList[$i],$_POST["permvalue"]))
- $value =1;
- $g->SetSystemPermission($PermList[$i],$value);
- }
- else {
- $g->SetSystemPermission($PermList[$i], 0);
- }
- }
- else
- {
- if(is_object($g))
- $g->SetSystemPermission($PermList[$i],-1);
- }
- }
- }
- }
- }
- break;
-
- case "m_approve_user":
- if($ro_perm) break;
- foreach($_POST["itemlist"] as $userid)
- {
- $user = $objUsers->GetItemByField("ResourceId",$userid);
- /* @var $user clsPortalUser */
-
- $user->Approve();
- }
- $objUsers->Clear();
- break;
-
- case "m_deny_user":
- if($ro_perm) break;
- foreach($_POST["itemlist"] as $userid)
- {
- $user = $objUsers->GetItemByField("ResourceId",$userid);
- /* @var $user clsPortalUser */
-
- $user->Deny();
- }
- $objUsers->Clear();
- break;
-
- case "m_delete_user":
- if($ro_perm) break;
- foreach($_POST["itemlist"] as $userid)
- $objUsers->Delete_User($userid);
- break;
-
- case "m_user_assign": // not sure if action is used anywhere
- if($ro_perm) break;
- $useridlist = implode("-", $userlist);
- $objSession->SetUserStatus($useridlist, "g_usergroup_status");
- $g_usergroup_status = $useridlist;
- break;
-
- case "m_group_assign": // not sure if action is used anywhere
- if($ro_perm) break;
- foreach($grouplist as $group) $objGroups->Add_Users_To_Group($group);
- break;
-
- case "m_remove_group":
- if($ro_perm) break;
- $adodbConnection = &GetADODBConnection();
- $adodbConnection->Execute("DELETE FROM UserGroup where UserId='$UserId' AND GroupId='$GroupId'");
- break;
-
- case "m_SetVariable":
- $objSession->SetPersistantVariable($_POST["fieldname"], $_POST["varvalue"]);
- break;
-
- case "m_SetSessionVariable":
- $objSession->SetVariable($_POST["fieldname"], $_POST["varvalue"]);
- //echo "Setting $fieldname to $varvalue
\n";
- if($_POST["fieldname"]=="SearchType")
- $objSession->SetVariable("SearchWord","");
- break;
-
- case "m_edit_permissions":
- if($ro_perm) break;
-
- if($_POST["CatEditStatus"] != -1)
- {
- $objSession->SetVariable('PermCache_UpdateRequired', 1);
- $GroupId = $_POST["GroupId"];
- $CatId = $_POST["CategoryId"];
- $Module = $_POST["Module"];
- $ado = &GetADODBConnection();
- $sql = "SELECT * FROM ".GetTablePrefix()."PermissionConfig WHERE ModuleId='$Module'";
- $rs = $ado->Execute($sql);
- $PermNames = array();
- while($rs && !$rs->EOF)
- {
- $data = $rs->fields;
- $PermNames[] = $data["PermissionName"];
- $rs->MoveNext();
- }
-
- $inherit = array();
- if(is_array($_POST["inherit"]))
- {
- foreach($_POST["inherit"] as $perm)
- {
- $inherit[$perm] = 1;
- }
- }
- $access = array();
- if(is_array($_POST["permvalue"]))
- {
- foreach($_POST["permvalue"] as $perm)
- {
- $access[$perm] = 1;
- }
- }
- $objPermList = new clsPermList($CatId,$GroupId);
- $objPermList->LoadCategory($CatId);
-
- for($i=0;$iGetPermByName($PermNames[$i]);
- if($Perm)
- {
- $Id = $Perm->Get("PermissionId");
- //echo "Editing $Id
\n";
- $objPermList->Edit_Permission($Id,$CatId,$GroupId,$PermNames[$i],$PermValue,0);
- }
- else
- {
- //echo "Adding ".$PermNames[$i];
- $objPermList->Add_Permission($CatId,$GroupId,$PermNames[$i],$PermValue,0);
- }
- }
- else
- {
- $Perm = $objPermList->GetPermByName($PermNames[$i]);
- if($Perm)
- {
- $Id = $Perm->Get("PermissionId");
- $objPermList->Delete_Permission($Id);
- }
- }
- }
- //$c = $objCatList->GetItem($CatId);
- //$glist = $objGroups->GetAllGroupList();
- //$ViewList = $objPermList->GetGroupPermList($c,"CATEGORY.VIEW",$glist );
- //$c->SetViewPerms("CATEGORY.VIEW",$ViewList,$glist);
- //$c->Update();
- }
- break;
- case "m_perm_delete_group":
- if($ro_perm) break;
- $ado = &GetADODBConnection();
- $CatId = $_POST["CategoryId"];
- foreach($_POST["itemlist"] as $groupid)
- {
- $g = $objGroups->GetItemByField("ResourceId",$groupid);
- if(is_object($g))
- {
- $sql = "DELETE FROM ".GetTablePrefix()."Permissions WHERE CatId=$CatId AND GroupId=".$g->Get("GroupId");
- if($objSession->HasSystemPermission("DEBUG.LIST"))
- echo $sql."
\n";
- $ado->Execute($sql);
- }
- }
- break;
-
- case "m_user_addto_group":
- if($ro_perm) break;
- $objSession->SetVariable("HasChanges", 1);
- $user = $_POST["UserId"];
- if(is_numeric($user))
- {
- if(strlen($_POST["grouplist"]))
- {
- $groups = explode(",",$_POST["grouplist"]);
- if(is_array($groups))
- {
- for($i=0; $iGetItemByField("ResourceId",$groups[$i]);
- $g->AddUser($user);
- }
- }
- else
- {
- $g = $objGroups->GetItem($groups);
- $g->AddUser($user);
- }
- }
- }
- break;
-
- case "m_group_removeuser":
- if($ro_perm) break;
- $objSession->SetVariable("HasChanges", 1);
- $group = $_POST["GroupId"];
- $g = $objGroups->GetItem($group);
- //if($group>0)
- //{
- foreach($_POST["itemlist"] as $user_id)
- {
- $u = $objUsers->GetItemByField("ResourceId",$user_id);
- $g->DeleteUser($u->Get("PortalUserId"));
- }
- //}
- break;
- case "m_user_removegroup":
- if($ro_perm) break;
- $objSession->SetVariable("HasChanges", 1);
- $user = $_POST["UserId"];
- //if($user>0)
- //{
- foreach($_POST["itemlist"] as $groupid)
- {
- $g = $objGroups->GetItem($groupid);
- $g->DeleteUser($user);
- }
- //}
- break;
- case "m_sendmail":
- if($ro_perm) break;
- $idlist = explode(",",$_POST["idlist"]);
- $html = (int)$_POST["html_enable"];
- $body = inp_escape($_POST["email_body"],$html);
- $subject = inp_escape($_POST["email_body"],$html);
- $Email = new clsEmailMessage();
- $Email->Set("Subject",$subject);
- $Email->Set("Template",$body);
- if($html)
- $Email->Set("MessageType","HTML");
- if(count($idlist)>0)
- {
- switch($_POST["IdType"])
- {
- case "group":
- foreach($idlist as $id)
- $Email->SendToGroup($id);
- break;
- case "user":
- foreach($idlist as $id)
- $Email->SendToUser($id);
- break;
- }/*switch*/
- }
- break;
-
- // not used anywhere
-/* case "m_item_recount":
- if($ro_perm) break;
- RunDown($m_var_list["cat"],"UpdateCacheCounts");
- break; */
-
- case "m_cat_delete":
- if($ro_perm) break;
- if(isset($_POST["catlist"]))
- {
- if(is_array($_POST["catlist"]))
- foreach ($_POST["catlist"] as $catid) {
- $objCatList->Delete_Category($catid, true);
- }
- $application->StoreVar('refresh_tree', 1);
- }
- break;
-
- case "m_cat_cut":
- if($ro_perm) break;
- if(isset($_POST["catlist"]))
- {
- if($objSession->HasCatPermission("CATEGORY.DELETE",$catid))
- {
- $objCatList->CopyToClipboard("CUT","CategoryId",$_POST["catlist"]);
- }
- else
- $objCatList->CopyToClipboard("COPY","CategoryId",$_POST["catlist"]);
- }
- break;
-
- case "m_cat_copy":
- if($ro_perm) break;
- if(isset($_POST["catlist"]))
- {
- $objCatList->CopyToClipboard("COPY","CategoryId",$_POST["catlist"]);
- }
- break;
-
- case "m_paste":
- if($ro_perm) break;
- if($objCatList->ItemsOnClipboard()>0)
- {
- /* category's paste function populates a sparse array where array[old_id]=new_id */
- $PastedCatIds = array();
- $objCatList->PasteFromClipboard($objCatList->CurrentCategoryID(), $objCatList->TitleField);
- }
- else
- {
- $clip = $objSession->GetVariable("ClipBoard");
- if(strlen($clip))
- {
- $ClipBoard = ParseClipboard($clip);
- $Action= strtolower($ClipBoard["table"])."_paste";
- }
- }
- break;
-
- case "m_cat_move_up":
- if($ro_perm) break;
- if (isset($_POST["catlist"]))
- {
- foreach($_POST["catlist"] as $catid)
- {
- $cat =& $objCatList->GetCategory($catid);
- $cat->MoveUp();
- }
- }
- break;
-
- case "m_cat_move_down":
- if($ro_perm) break;
- if (isset($_POST["catlist"]))
- {
- $catlist=array_reverse($_POST["catlist"]);
- foreach($catlist as $catid)
- {
- $cat =& $objCatList->GetCategory($catid);
- $cat->MoveDown();
- }
- }
- break;
- case "m_cat_approve":
- if($ro_perm) break;
- if (isset($_POST["catlist"]))
- {
- foreach($_POST["catlist"] as $catid)
- {
- $cat =& $objCatList->GetCategory($catid);
- $cat->Approve();
- }
- }
- break;
- case "m_cat_decline":
- if($ro_perm) break;
- if (isset($_POST["catlist"]))
- {
- foreach($_POST["catlist"] as $catid)
- {
- $cat =& $objCatList->GetCategory($catid);
- //$cat->Deny();
- RunDown($catid,"Deny");
- }
- }
- break;
-
- case "m_rel_delete":
- $adodbConnection= &GetADODBConnection();
- $table = $objSession->GetEditTable("Relationship");
- if(isset($_POST["itemlist"]))
- {
- if(is_array($_POST["itemlist"]))
- {
- foreach($_POST["itemlist"] as $id)
- {
- $sql = "DELETE FROM ".$table." WHERE RelationshipId=".$id;
- $adodbConnection->Execute($sql);
- if($objSession->HasSystemPermission("DEBUG.LIST"))
- echo $sql."
\n";
- }
- }
- else
- {
- $sql = "DELETE FROM ".$table." WHERE RelationshipId=".$_POST["itemlist"];
- $adodbConnection->Execute($sql);
- if($objSession->HasSystemPermission("DEBUG.LIST"))
- echo $sql."
\n";
- }
- }
- break;
- case "m_add_relation":
- $RelList = new clsRelationshipList();
- $RelList->SourceTable = $objSession->GetEditTable("Relationship");
-
- //$r = $RelList->Add($_POST["SourceId"],$_POST["SourceType"],$_POST["TargetId"],$_POST["TargetType"],
- // 0,(int)$_POST["Enabled"],$_POST["RelType"], $Rel);
- $ado = &GetADODBConnection();
- $NewId = intval($ado->GetOne('SELECT MIN(RelationshipId) as MinValue FROM '.$RelList->SourceTable));
- if($NewId > 0) $NewId = 0;
- $NewId--;
-
- $priority = (int)GetVar('priority');
- $r = $RelList->Add($_POST["SourceId"],$_POST["SourceType"],$_POST["TargetId"],$_POST["TargetType"],
- $priority,(int)$_POST["Enabled"],$_POST["RelType"], $NewId);
-
- $sql = "UPDATE ".$RelList->SourceTable." SET RelationshipId=".$NewId." WHERE RelationshipId=".$r->Get("RelationshipId");
- if($objSession->HasSystemPermission("DEBUG.LIST"))
- echo $sql."
\n";
- $ado->Execute($sql);
-
- break;
- case "m_edit_relation":
- if($_POST["CatEditStatus"]==0)
- {
- $RelList = new clsRelationshipList();
- $RelList->SourceTable = $objSession->GetEditTable("Relationship");
-
- $r = $RelList->GetItem($_POST["RelationshipId"]);
- if(is_object($r))
- {
- $r->Set("Enabled",(int)$_POST["Enabled"]);
- $r->Set("Type",(int)$_POST["RelType"]);
- $r->Set("Priority",(int)$_POST["priority"]);
- $r->Update();
- }
- }
- break;
- case "m_rel_move_up":
- $objRelList = new clsRelationshipList();
- $objRelList->SourceTable = $objSession->GetEditTable("Relationship");
- if (isset($_POST["itemlist"]))
- {
- foreach($_POST["itemlist"] as $id)
- {
- $r = $objRelList->GetItem($id);
- $r->MoveUp($_POST["SourceId"]);
- }
- }
- break;
- case "m_rel_move_down":
- $objRelList = new clsRelationshipList();
- $objRelList->SourceTable = $objSession->GetEditTable("Relationship");
- if (isset($_POST["itemlist"]))
- {
- $itemlist=array_reverse($_POST["itemlist"]);
- foreach($itemlist as $id)
- {
- $r = $objRelList->GetItem($id);
- $r->MoveDown($_POST["SourceId"]);
- }
- }
- break;
-
-
- case "m_add_category":
- $application =& kApplication::Instance();
- $application->SetVar('c_mode', 't');
-
- $created_on = GetVar('cat_date');
- if (ValidDate($created_on, GetDateFormat(0, true))) {
- $created_on = DateTimestamp($created_on, GetDateFormat(0, true));
- }
- else {
- $created_on = adodb_mktime();
- }
-
- $objEditItems = new clsCatList();
- $objEditItems->SourceTable = $objSession->GetEditTable("Category");
-
- $fields_hash = Array( 'ParentId' => GetVar('ParentId'),
- $objCatList->TitleField => inp_escape(GetVar('cat_name'), (int)GetVar('html_enable')),
- $objCatList->DescriptionField => inp_escape(GetVar('cat_desc'), (int)GetVar('html_enable')),
- 'CreatedOn' => $created_on,
- 'EditorsPick' => GetVar('cat_pick'),
- 'Status' => (int)GetVar('status'),
-// 'HotItem' => (int)GetVar('itemhot'),
- 'NewItem' => (int)GetVar('itemnew'),
-// 'PopItem' => (int)GetVar('itempop'),
- 'Priority' => GetVar('Priority'),
- 'MetaKeywords' => GetVar('meta_keywords'),
- 'MetaDescription' => GetVar('meta_desc'),
- 'AutomaticFilename' => GetVar('auto_filename'),
- 'Filename' => GetVar('filename'),
- 'CategoryTemplate' => GetVar('category_template'),
- 'ItemTemplate' => GetVar('item_template'),
- );
-
- $objSession->SetVariable('PermCache_UpdateRequired', 1);
- $cat =& $objEditItems->Add_NEW($fields_hash);
- saveCustomFields('c', $cat->Get('ResourceId'), 1);
- break;
-
- case 'm_edit_category':
- $application =& kApplication::Instance();
- $application->SetVar('c_mode', 't');
-
- $objEditItems = new clsCatList();
- $objEditItems->SourceTable = $objSession->GetEditTable('Category');
-
- // check if name of cat isn't changed: begin
- if (GetVar('CategoryId') > 0) {
- $original_cats = new clsCatList();
- $original_cat = $original_cats->GetItemByField('CategoryId', GetVar('CategoryId'));
-
- $match_fields = Array( $objCatList->TitleField => 'cat_name',
- 'Filename' => 'filename',
- 'CategoryTemplate' => 'category_template',
- 'ItemTemplate' => 'item_template');
-
- foreach ($match_fields as $db_field => $submit_field) {
- if ($original_cat->Get($db_field) != stripslashes( GetVar($submit_field) )) {
- $objSession->SetVariable('PermCache_UpdateRequired', 1);
- break;
- }
- }
- unset($original_cat, $original_cats);
- }
- else {
- $objSession->SetVariable('PermCache_UpdateRequired', 1);
- }
- // check if name of cat isn't changed: end
-
- $fields_hash = Array( $objCatList->TitleField => inp_escape(GetVar('cat_name'), (int)GetVar('html_enable')),
- $objCatList->DescriptionField => inp_escape(GetVar('cat_desc'), (int)GetVar('html_enable')),
- 'CreatedOn' => DateTimestamp(GetVar('cat_date'), GetDateFormat(0, true)),
- 'EditorsPick' => GetVar('cat_pick'),
- 'Status' => (int)GetVar('status'),
-// 'HotItem' => (int)GetVar('itemhot'),
- 'NewItem' => (int)GetVar('itemnew'),
-// 'PopItem' => (int)GetVar('itempop'),
- 'Priority' => GetVar('Priority'),
- 'MetaKeywords' => GetVar('meta_keywords'),
- 'MetaDescription' => GetVar('meta_desc'),
- 'AutomaticFilename' => GetVar('auto_filename'),
- 'Filename' => GetVar('filename'),
- 'CategoryTemplate' => GetVar('category_template'),
- 'ItemTemplate' => GetVar('item_template'),
- );
-
- $cat =& $objEditItems->Edit_Category(GetVar('CategoryId'), $fields_hash);
- saveCustomFields('c', $cat->Get('ResourceId'), 1);
- break;
-
- case "m_edit_custom_data":
- $resource_id = $_POST['ItemId'];
- $db =& GetADODBConnection(true);
- $sql = 'SELECT Prefix
- FROM '.TABLE_PREFIX.'ItemTypes
- WHERE ItemType = '.GetVar('CustomType');
- $main_prefix = $db->GetOne($sql);
- $application->SetVar($main_prefix.'_mode', 't');
-
- saveCustomFields($main_prefix, $resource_id, $_POST['CustomType']);
- break;
-
-
- case 'm_save_custom_data':
- $main_prefix = $application->GetVar('prefix');
- $application->SetVar($main_prefix.'_mode', 't');
- $event = new kEvent($main_prefix.':OnUpdate');
- $application->HandleEvent($event);
- break;
-
- case "m_keyword_reset":
- if($ro_perm) break;
- $objSearchList = new clsSearchLogList();
- foreach($_POST["itemlist"] as $k)
- {
- $c = $objSearchList->GetItem($k);
- $c->Delete();
- }
- break;
-
- case 'm_clear_searchlog':
- if($ro_perm) break;
- $objSearchList = new clsSearchLogList();
- $db =& GetADODBConnection();
- $db->Execute('DELETE FROM '.$objSearchList->SourceTable );
- break;
-
- case "m_review_add":
- $post_info = GetSubmitVariable($_POST, 'EditStatus');
- if($post_info['variable'] > -1)
- {
- $objReviews = new clsItemReviewList();
- $objReviews->SourceTable = $objSession->GetEditTable("ItemReview");
- $Pending = (int)$_POST["review_pending"];
- $Enabled = (int)$_POST["review_enabled"];
- $Status = (int)$_POST["status"];
- $CreatedOn = DateTimestamp($_POST["review_date"],GetDateFormat(0, true));
- $CreatedOn += SecondsSinceMidnight($_POST["review_time"]);
- $html = (int)$_POST["html_enable"];
- $ReviewText = inp_escape($_POST["review_body"],1);
-
- $CreatedById = 0;
- if(strlen($_POST["createdby"])>0)
- {
- if(strtolower($_POST["createdby"])=="root")
- {
- $CreatedById = -1;
- }
- else
- {
- $u = $objUsers->GetItemByField("Login",$_POST["createdby"]);
- if(is_object($u))
- {
- $CreatedById = $u->Get("PortalUserId");
- if($CreatedById<1)
- {
- $CreatedById = $objSession->Get("PortalUserId");
- }
- }
- else
- $CreatedById = $objSession->Get("PortalUserId");
- }
- }
- else
- $CreatedById = $objSession->Get("PortalUserId");
-
- $r = $objReviews->AddReview($CreatedOn,$ReviewText,$Status, $IPAddress,
- (int)$_POST["review_priority"], $_POST["ItemId"],$_POST["ItemType"],
- $CreatedById,$html, $post_info['Module']);
- $ado = &GetADODBConnection();
- $rs = $ado->Execute("SELECT MIN(ReviewId) as MinValue FROM ".$objReviews->SourceTable);
- $NewId = $rs->fields["MinValue"]-1;
- $sql = "UPDATE ".$objReviews->SourceTable." SET ReviewId=".$NewId." WHERE ReviewId=".(int)$r->Get("ReviewId");
- if($objSession->HasSystemPermission("DEBUG.LIST"))
- echo $sql."
\n";
- $ado->Execute($sql);
- }
- break;
- case "m_review_edit":
- case 'm_review_direct_edit';
- $post_info = GetSubmitVariable($_POST, 'EditStatus');
- if($post_info['variable'] > -1)
- {
- $objReviews = new clsItemReviewList();
- $objReviews->SourceTable = $objSession->GetEditTable("ItemReview");
- $Status = (int)$_POST["status"];
- $CreatedOn = DateTimestamp($_POST["review_date"],GetDateFormat(0, true));
- $CreatedOn += SecondsSinceMidnight($_POST["review_time"]);
- $html = (int)$_POST["html_enable"];
- $ReviewText = inp_escape($_POST["review_body"],1);
- $ReviewId = $_POST["ReviewId"];
- $CreatedById = 0;
- if(strlen($_POST["createdby"])>0)
- {
- if(strtolower($_POST["createdby"])=="root")
- {
- $CreatedById = -1;
- }
- else
- {
- $u = $objUsers->GetItemByField("Login",$_POST["createdby"]);
- if(is_object($u))
- {
- $CreatedById = $u->Get("PortalUserId");
- if($CreatedById<1)
- {
- $CreatedById = $objSession->Get("PortalUserId");
- }
- }
- else
- $CreatedById = $objSession->Get("PortalUserId");
- }
- }
- $r = $objReviews->EditReview($ReviewId,$CreatedOn,$ReviewText,$Status, $IPAddress,
- (int)$_POST["review_priority"],$_POST["ItemId"],$_POST["ItemType"],
- $CreatedById,$html);
- }
- break;
-
-
-
-
- case "m_review_delete":
- $objReviews = new clsItemReviewList();
- $objReviews->SourceTable = $objSession->GetEditTable("ItemReview");
- foreach($_POST["itemlist"] as $id)
- {
- $objReviews->DeleteReview($id);
- }
- break;
-
-
- case 'm_review_direct_delete':
- $objReviews = new clsItemReviewList();
- foreach($_POST['reviewlist'] as $id)
- {
- $objReviews->DeleteReview($id);
- }
- break;
-
-
- case "m_review_approve":
- if (isset($_POST["itemlist"]))
- {
- $objReviews = new clsItemReviewList();
- $objReviews->SourceTable = $objSession->GetEditTable("ItemReview");
- foreach($_POST["itemlist"] as $id)
- {
- $i = $objReviews->GetItem($id);
- $i->Set("Status",1);
- $i->Update();
- }
- }
- break;
-
- case 'm_review_direct_approve':
- if(isset($_POST["reviewlist"]))
- {
- $objReviews = new clsItemReviewList();
- foreach($_POST["reviewlist"] as $id)
- {
- $i = $objReviews->GetItem($id);
- $i->Set("Status",1);
- $i->Update();
- }
- }
- break;
-
- case "m_review_deny":
- if (isset($_POST["itemlist"]))
- {
- $objReviews = new clsItemReviewList();
- $objReviews->SourceTable = $objSession->GetEditTable("ItemReview");
- foreach($_POST["itemlist"] as $id)
- {
- $i = $objReviews->GetItem($id);
- $i->Set("Status",0);
- $i->Update();
- }
- }
- break;
-
- case 'm_review_direct_decline':
- if (isset($_POST["reviewlist"]))
- {
- $objReviews = new clsItemReviewList();
- foreach($_POST["reviewlist"] as $id)
- {
- $i = $objReviews->GetItem($id);
- $i->Set("Status",0);
- $i->Update();
- }
- }
- break;
-
- case "m_review_move_up":
- if (isset($_POST["itemlist"]))
- {
- $objReviews = new clsItemReviewList();
- $objReviews->SourceTable = $objSession->GetEditTable("ItemReview");
- foreach($_POST["itemlist"] as $id)
- {
- $i = $objReviews->GetItem($id);
- $i->MoveUp();
- }
- }
- break;
- case "m_review_move_down":
- if (isset($_POST["itemlist"]))
- {
- $objReviews = new clsItemReviewList();
- $objReviews->SourceTable = $objSession->GetEditTable("ItemReview");
- $itemlist=array_reverse($_POST["itemlist"]);
- foreach($itemlist as $id)
- {
- $i = $objReviews->GetItem($id);
- $i->MoveDown();
- }
- }
- break;
-
- case 'm_themes_rescan':
- $objThemes->CreateMissingThemes();
- if (!$objThemes->Items)
- {
- $objThemes->Query_Item('SELECT * FROM '.$objThemes->SourceTable);
- }
-
- $keys = array_keys($objThemes->Items);
- foreach ($keys as $theme_index)
- {
- $theme =& $objThemes->Items[$theme_index];
- $theme->VerifyTemplates();
- }
-
- break;
-
- case "m_theme_add":
- $ado = &GetADODBConnection();
- $rs = $ado->Execute("SELECT COUNT(*) as c FROM ".GetTablePrefix().'Theme WHERE Name="'.$_POST["name"].'"');
- if(!$rs->fields["c"])
- {
- $objEditItems = new clsThemeList();
- $objEditItems->SourceTable = $objSession->GetEditTable("Theme");
- $Primary = (int)$_POST["primary"];
- if(!(int)$_POST["enabled"])
- $Primary = 0;
- $t = $objEditItems->AddTheme($_POST["name"],$_POST["description"],(int)$_POST["enabled"],$Primary,
- (int)$_POST["CacheTimeout"],GetVar('StylesheetId'));
- $t->Files->ThemeId=$t->Get("ThemeId");
-
- $rs = $ado->Execute("SELECT MIN(ThemeId) as MinValue FROM ".$objEditItems->SourceTable);
- $NewId = $rs->fields["MinValue"]-1;
- $sql = "UPDATE ".$objEditItems->SourceTable." SET ThemeId=".$NewId." WHERE ThemeId=".$t->Get("ThemeId");
- if($objSession->HasSystemPermission("DEBUG.LIST"))
- echo $sql."
\n";
- $ado->Execute($sql);
-// $t->Files->FindMissingFiles(strtolower($t->Get('name')));
- }
- break;
- case "m_theme_edit":
- $objEditItems = new clsThemeList();
- $objEditItems->SourceTable = $objSession->GetEditTable("Theme");
- $Primary = (int)$_POST["primary"];
- if(!(int)$_POST["enabled"])
- $Primary = 0;
-
- $objEditItems->EditTheme($_POST["ThemeId"],$_POST["name"],$_POST["description"],
- (int)$_POST["enabled"],$Primary,(int)$_POST["CacheTimeout"], GetVar('StylesheetId'));
-// if ($Primary==1)
-// {
-// $objEditItems->SetPrimaryTheme($_POST["ThemeId"]);
-// }
-
- break;
- case "m_theme_delete":
- if($ro_perm) break;
- if (isset($_POST["itemlist"]))
- {
- $Themes = new clsThemeList();
- foreach($_POST["itemlist"] as $id)
- {
- $deleting_primary = (!$Themes->DeleteTheme($id));
- }
- }
- break;
- case "m_theme_primary":
- if($ro_perm) break;
- if( count($_POST['itemlist']) )
- {
- $ThemeId = array_shift( $_POST['itemlist'] );
- $t = new clsThemeList();
- $t->SetPrimaryTheme($ThemeId);
- }
- break;
-
- case "m_template_edit":
- if($ro_perm) break;
- $objSession->SetVariable("HasChanges", 1);
- $ThemeId = $_POST["ThemeId"];
- $FileId = $_POST["FileId"];
- $f = new clsThemeFile($FileId);
-
- $f->Set("Description", $_POST["Description"] );
- $f->Update();
- $c = stripslashes($_POST["contents"]);
- $f->SaveFileContents($c);
- break;
- case "m_template_add":
- if($ro_perm) break;
- $objSession->SetVariable("HasChanges", 1);
- $ThemeId = $_POST["ThemeId"];
- if( !is_object($f) ) $f = new clsThemeFile();
-
- $FilePath = $_POST['name'];
-
- if(!$FilePath)
- {
- $f->SetError('Template Name is required',3);
- break;
- }
- else
- {
- if( substr($FilePath,1) != '/' ) $FilePath = '/'.$FilePath;
- if( substr($FilePath,-3) != '.tpl' ) $FilePath .= '.tpl';
- $FileName = basename($FilePath);
- $FilePath = dirname($FilePath);
-
- // test if such file not already created
-
- $f->LoadFromDataBase( Array($FilePath,$FileName), Array('FilePath','FileName') );
- if( !$f->Get('FileId') )
- {
- $f->Set( Array('FilePath','FileName','ThemeId', 'Description'),
- Array($FilePath, $FileName,$_POST['ThemeId'], $_POST["Description"])
- );
-
- if( $f->IsWriteablePath(true) )
- {
- $f->Create();
- $c = stripslashes($_POST["contents"]);
- $f->SaveFileContents($c, true);
- }
- }
- else
- $f->SetError('Template with this name already exists',4);
- }
- break;
- case "m_template_delete":
- if($ro_perm) break;
- $objSession->SetVariable("HasChanges", 1);
- $dummy = new clsThemeFile();
- foreach($_POST["itemlist"] as $FileId)
- {
- $dummy->LoadFromDatabase($FileId);
- $dummy->Delete();
- }
- break;
-
- case "m_lang_select":
- if($ro_perm) break;
- $LangId = (int)$_POST["langselect"];
- if($LangId)
- {
- if($objSession->Get("PortalUserId")>0)
- {
- //echo "$LangId";
- $objSession->SetPersistantVariable("Language",$LangId);
- }
- $objSession->Set("Language",$LangId);
- $objSession->Update();
- $m_var_list_update["lang"] = $LangId;
- $m_var_list["lang"] = $LangId;
- }
- break;
-
- case "m_phrase_edit":
- if( !GetVar('direct') ) $objSession->SetVariable("HasChanges", 1);
- $objPhraseList = new clsPhraseList();
- if((int)$_POST["direct"] != 1)
- $objPhraseList->SourceTable = $objSession->GetEditTable("Phrase");
- $Phrases = $_POST["name"];
- foreach($Phrases as $PhraseId =>$name)
- {
- if($PhraseId>0)
- {
- $objPhraseList->EditPhrase($PhraseId,$_POST["name"][$PhraseId],$_POST["LanguageId"],$_POST["translation"][$PhraseId],$_POST["phrasetype"][$PhraseId]);
- }
- }
-
- if(strlen($_POST["name"][0]) && strlen($_POST["translation"][0]) && $_POST['Action1'] == "new")
- {
- $r = $objPhraseList->AddPhrase($_POST["name"][0],$_POST["LanguageId"],$_POST["translation"][0],$_POST["phrasetype"][0]);
- if ($r != "Error") {
- $ado = &GetADODBConnection();
- $rs = $ado->Execute("SELECT MIN(PhraseId) as MinValue FROM ".$objPhraseList->SourceTable);
- $NewId = $rs->fields["MinValue"]-1;
- $sql = "UPDATE ".$objPhraseList->SourceTable." SET PhraseId=".$NewId." WHERE PhraseId=$PhraseId";
- if($objSession->HasSystemPermission("DEBUG.LIST"))
- echo $sql."
\n";
- $ado->Execute($sql);
- }
- else {
- $add_error = "Language tag with the same name already exists!";
- }
- }
- else if ($_POST['Action1'] == "new") {
- $add_error = "Fields name and translation are required!";
- }
- unset($objPhraseList);
- break;
- case "m_config_missing_phrase":
- if($ro_perm) break;
- $LangId = $_POST["LangId"];
- $ThemeId = $_POST["ThemeId"];
- if(is_array($_POST["Phrase"]))
- {
- $objPhraseList = new clsPhraseList();
- $objPhraseList->SourceTable = $objSession->GetSessionKey()."_".$ThemeId."_labels";
-
- foreach($_POST["Phrase"] as $p => $value)
- {
- if(strlen($value))
- {
- $obj = $objPhraseList->GetItemByField("Phrase",$p,TRUE);
- if(is_object($obj))
- {
- if($obj->Get("Phrase")==$p)
- {
- $obj->Set("Translation",$value);
- $obj->Update();
- }
- else
- $objPhraseList->AddPhrase($p,$LangId,$value,1);
- }
- else
- $objPhraseList->AddPhrase($p,$LangId,$value,1);
- }
- }
- }
- break;
- case "m_phrase_delete":
- $objSession->SetVariable("HasChanges", 1);
- if (isset($_POST["itemlist"]))
- {
- foreach($_POST["itemlist"] as $id)
- {
- $sql = "UPDATE ".$objSession->GetEditTable("Phrase")." SET LanguageId = 0 WHERE PhraseId = ".$id;
- $ado = &GetADODBConnection();
- $ado->Execute($sql);
- }
- }
- unset($objPhraseList);
- break;
-
- case "m_dlid":
- echo $Action.":".$DownloadId;
- die();
- break;
-
- case "m_emailevent_user":
- if($ro_perm) break;
- $objEvents = new clsEventList();
- //phpinfo(INFO_VARIABLES);
- //$objEvents->SourceTable = $objSession->GetEditTable("Events");
- $ids = $_POST["EventId"];
- $ids = str_replace("[","",$ids);
- $ids = str_replace("]","",$ids);
- $ids = str_replace("\"","",$ids);
- $ids = str_replace("\\","",$ids);
-
-
- $idlist = explode(",",$ids);
- foreach($idlist as $EventId)
- {
- $id = (int)stripslashes($EventId);
- $e =& $objEvents->GetItem((int)$EventId);
- $e->Set("FromUserId", $_POST["FromUserId"]);
- $e->Update();
- }
- $objEvents->Clear();
- unset($objEvents);
- break;
- case "m_emailevent_edit":
- $Template = $_POST["headers"];
- if(strlen($Template))
- {
- $Template .= "\n";
- }
- $Template = str_replace("\n\n","",$Template);
- $Template .= "Subject: "._unhtmlentities($_POST['subject'])."\n\n";
- $Template .= $_POST["messageBody"];
- $objMessages = new clsEmailMessageList();
- $objMessages->SourceTable = $objSession->GetEditTable("EmailMessage");
- $m =& $objMessages->GetItem($_POST["MessageId"]);
- if(is_object($m))
- {
- if($_POST["sendhtml"]==1)
- {
- $m->Set("MessageType","html");
- }
- else
- $m->Set("MessageType","text");
-
- $m->Set("Template",$Template);
- $m->Update();
- }
- break;
-
- case "m_mod_enable":
- if($ro_perm) break;
- if (isset($_POST["itemlist"]))
- {
- foreach($_POST["itemlist"] as $id)
- {
- $m =& $objModules->GetItemByField("Name",$id);
- if(is_object($m))
- {
- $m->Set("Loaded",1);
- $m->Update();
- }
- }
- $_GET["Refresh"] = 1;
- }
- break;
- case "m_mod_disable":
- if($ro_perm) break;
- if (isset($_POST["itemlist"]))
- {
- foreach($_POST["itemlist"] as $id)
- {
- if($id != "In-Portal")
- {
- $m =& $objModules->GetItemByField("Name",$id);
- if(is_object($m))
- {
- $m->Set("Loaded",0);
- $m->Update();
- }
- }
- }
- $_GET["Refresh"] = 1;
- }
- break;
-
- case "m_img_add":
- $objImageList = new clsImageList();
- $objImageList->SourceTable = $objSession->GetEditTable("Images");
- $LocalImage=0;
- $LocalThumb=0;
- $DestDir = 'kernel/images/';
-
- $UserThumbSource = (int)$_POST["imgLocalThumb"];
- $LocalThumb = $UserThumbSource;
-
- $thumb_url = !$LocalThumb? $_POST["imgThumbUrl"] : "";
-
- if($_POST["imgSameImages"])
- {
- $LocalImage = $LocalThumb;
- $full_url = $thumb_url;
- }
- else
- {
- $LocalImage = (int)$_POST["imgLocalFull"];
- $file = $_FILES["imgFullFile"];
- $full_url = $LocalImage? "" : $_POST["imgFullUrl"];
- }
-
- if((!strlen($thumb_url) && !$LocalThumb) || (!strlen($full_url) && !$LocalImage))
- {
- break;
- }
-
- $ado = &GetADODBConnection();
- $NewId = $ado->GetOne('SELECT MIN(ImageId) as MinValue FROM '.$objImageList->SourceTable);
- if($NewId > 0) $NewId = 0;
- $NewId--;
- $img = $objImageList->Add($_POST["imgName"], $_POST["imgAlt"], $_POST["ResourceId"], $LocalImage, $LocalThumb, $full_url, $thumb_url, (int)$_POST["imgEnabled"], 0, (int)$_POST["imgDefault"], 0,(int)$_POST["imgSameImages"], $NewId);
- $img->Set("ImageId", $NewId);
-
-// $img->debuglevel=1;
-
- /*
- $sql = "UPDATE ".$objImageList->SourceTable." SET ImageId=".$NewId." WHERE ImageId=0";
- $ado->Execute($sql);
-
-// $img->Update();
- */
-// echo "SL: $sql $NewId
";
-
-// $img->debuglevel=1;
-
- $img->Pending = true;
- if($LocalImage)
- {
- $file = $_FILES["imgFullFile"];
- if(is_array($file))
- {
- if($file["size"]>0)
- {
- $img->Set("LocalPath",$img->StoreUploadedImage($file,1, $DestDir,0));
- $uploaded=1;
- }
- }
- }
-
- if($LocalThumb)
- {
- $thumb = $_FILES["imgThumbFile"];
- if(is_array($thumb))
- {
- if($thumb["size"]>0)
- {
- $img->Set("ThumbPath",$img->StoreUploadedImage($thumb,1, $DestDir,1));
- $uploaded=1;
- }
- }
- }
- if($uploaded==1)
- $img->Update();
-
- break;
-
- case "m_img_edit":
-
- $objImageList = new clsImageList();
- $objImageList->SourceTable = $objSession->GetEditTable("Images");
-
-// $img->debuglevel=1;
-
- $img = $objImageList->GetItem($_POST["ImageId"]);
-
- ## Get original values
- $LocalImage = $img->Get("LocalImage");
- $LocalThumb = $img->Get("LocalThumb");
- $SameImages = $img->Get("SameImages");
- $ThumbPath = $img->Get("ThumbPath");
-
- ## New values
- $LocalThumbN = (int)$_POST["imgLocalThumb"];
- $LocalImageN = (int)$_POST["imgLocalFull"];
-
- $FULLFile = $_FILES["imgFullFile"];
- $THFile = $_FILES["imgThumbFile"];
-
- $DestDir = 'kernel/images/';
- $img->Pending = FALSE;
-
- $SameImagesN = 0;
- $uploaded = 0;
-
- ## Images were the same, but not any more
- if ($SameImages && !$_POST["imgSameImages"])
- {
- ## TH was a local file
- if ($LocalThumb)
- {
- ## TH image
- {
- ## Try to Delete OLD FULL
- $img->DeleteLocalImage(FALSE, TRUE);
-
- ## FULL image select, but field EMPTY - make a copy of old TH as FULL
- if ($LocalImageN && !(int)$FULLFile["size"])
- {
-// echo $pathToPending = $img->GetImageDir();
- if (!eregi("pending/$", $pathToPending))
- $pathToPending.= "pending/";
-
- $LocalThumb_File = $img->GetFileName(1);
-
-// echo "CAN'T FIND FILE: ".$pathToPending.$LocalThumb_File."
";
-
- if (file_exists($pathToPending.$LocalThumb_File))
- {
- $LocalThumb_FileN = eregi_replace("^th_", "", $LocalThumb_File);
- $LocalThumb_FullFileN = $pathToPending.$LocalThumb_FileN;
- @unlink($LocalThumb_FullFileN);
- @copy($pathToPending.$LocalThumb_File, $LocalThumb_FullFileN);
-
- $uploaded = 1;
- $copied = 1;
-// echo "COPING: ".$DestDir."pending/".$LocalThumb_FileN."
";
- }
- else
- {
-// echo "CAN'T FIND FILE: ".$pathToPending.$LocalThumb_File."
";
- }
- }
- ## Upload new FULL image
- elseif ($LocalImageN && (int)$FULLFile['size'])
- {
- $FULL_FileToUpload = $FULLFile;
- $FULL_URL = "";
-
-// echo " Upload new FULL image";
- }
- ## Full is URL
- elseif (!$LocalImageN)
- {
- $img->DeleteLocalImage(FALSE, TRUE);
- $FULL_URL = $_POST['imgFullUrl'];
- $FULL_FileToUpload = "";
- }
- else
- {
-// echo " ## Unknow condition";
- }
-
- ## Take care of Thumbnail here
- if ($LocalThumbN)
- {
- ## Delete old if NEW TH image selected
- if ((int)$THFile['size'])
- {
- $img->DeleteLocalImage(TRUE, FALSE);
- $TH_FileToUpload = $THFile;
- }
- else
- $TH_FileToUpload = "";
- }
- else
- {
- $img->DeleteLocalImage(TRUE, FALSE);
- $TH_FileToUpload = "";
- $TH_URL = $_POST['imgThumbUrl'];
- }
- }
- }
- ## TH was URL
- else
- {
- ## Take care of FULL image here
- if ($LocalImageN && (int)$FULLFile["size"])
- {
- $FULL_FileToUpload = $FULLFile;
- $FULL_URL = "";
- }
- ## Full is URL (or image size 0)
- else
- {
- $FULL_FileToUpload = "";
- $FULL_URL = $_POST['imgFullUrl'];
- }
-
- ## Take care of Thumbnail here
- if ($LocalThumbN)
- {
- $TH_FileToUpload = (int)$THFile['size']? $THFile : "";
- $TH_URL = "";
- }
- else
- {
- $TH_FileToUpload = "";
- $TH_URL = $_POST['imgThumbUrl'];
- }
- }
- }
- ## Images were the same, and still the same
- elseif ($SameImages && $_POST['imgSameImages'])
- {
- ## Take care of Thumbnail & FULL here
- if ($LocalThumbN)
- {
- if ((int)$THFile['size'])
- {
- $img->DeleteLocalImage(TRUE, FALSE);
- $TH_FileToUpload = $THFile;
- }
- else
- $TH_FileToUpload = "";
-
- $FULL_URL = $TH_URL = "";
- }
- else
- {
- $TH_FileToUpload = $FULL_FileToUpload = "";
- $FULL_URL = $TH_URL = $_POST['imgThumbUrl'];
- }
-
- ## Delete old FULL image
- $img->DeleteLocalImage(FALSE,TRUE);
-
- $SameImagesN = 1;
- }
- ## Images were NOT the same, and selected as the same now
- elseif (!$SameImages && $_POST["imgSameImages"])
- {
- ## Take care of Thumbnail & FULL here
- if ($LocalThumbN)
- {
- if ((int)$THFile['size'])
- {
- $img->DeleteLocalImage(TRUE, FALSE);
- $TH_FileToUpload = $THFile;
- }
- else
- $TH_FileToUpload = "";
-
-
- $FULL_URL = $TH_URL = "";
- }
- else
- {
- $img->DeleteLocalImage(TRUE, FALSE);
- $TH_FileToUpload = $FULL_FileToUpload = "";
- $FULL_URL = $TH_URL = $_POST['imgThumbUrl'];
- }
-
- ## Clean up FULL image
- $img->DeleteLocalImage(FALSE, TRUE);
-
- $SameImagesN = 1;
- }
- ## Images were NOT the same, and selected as NOT the same
- elseif (!$SameImages && !$_POST["imgSameImages"])
- {
- ## Take care of Thumbnail
- if ($LocalThumbN)
- {
- if ((int)$THFile['size'])
- {
- $img->DeleteLocalImage(TRUE, FALSE);
- $TH_FileToUpload = $THFile;
- }
- else
- $TH_FileToUpload = "";
-
- $TH_URL = "";
- }
- else
- {
- $img->DeleteLocalImage(TRUE, FALSE);
- $TH_FileToUpload = "";
- $TH_URL = $_POST['imgThumbUrl'];
- }
-
- ## Take care of FULL here
- if ($LocalImageN)
- {
- if ((int)$FULLFile['size'])
- {
- $img->DeleteLocalImage(FALSE, TRUE);
- $FULL_FileToUpload = $FULLFile;
- }
- else
- $FULL_FileToUpload = "";
-
- $FULL_URL = "";
- }
- else
- {
- $img->DeleteLocalImage(FALSE, TRUE);
- $FULL_FileToUpload = "";
- $FULL_URL = $_POST['imgFullUrl'];
- }
- }
- ## Unknow condition
- else
- {
- ;
- }
-
- $img = $objImageList->Edit($_POST["ImageId"],$_POST["imgName"], $_POST["imgAlt"], $_POST["ResourceId"], $LocalImageN, $LocalThumbN, $FULL_URL, $TH_URL, (int)$_POST["imgEnabled"], (int)$_POST["imgPriority"], (int)$_POST["imgDefault"], 0, $SameImagesN);
-
-// echo "DATA:
LocalImageN: $LocalImageN, LocalThumbN: $LocalThumbN, FULL_URL: $FULL_URL, TH_URL: $TH_URL, SameImagesN: $SameImagesN
";
-
-
- $img->Pending = TRUE;
-
- if (!empty($FULL_FileToUpload))
- {
- $img->Set("LocalPath",$img->StoreUploadedImage($FULL_FileToUpload, 1, $DestDir, 0));
- $uploaded = 1;
- }
- /*
- elseif (!$LocalImageN)
- {
- $img->Set("LocalPath", "");
- $uploaded = 1;
- }
- */
-
- if (!empty($TH_FileToUpload))
- {
- $img->Set("ThumbPath", $img->StoreUploadedImage($TH_FileToUpload, 1, $DestDir, 1));
- $uploaded = 1;
- }
-
- if ($copied)
- {
- $img->Set("LocalPath", $DestDir."pending/".$LocalThumb_FileN);
- $uploaded = 1;
- }
-
- if($uploaded==1)
- $img->Update();
-
- break;
- case "m_img_move_up":
- if (isset($_POST["itemlist"]))
- {
- $objImageList = new clsImageList();
- $objImageList->SourceTable = $objSession->GetEditTable("Images");
- foreach($_POST["itemlist"] as $id)
- {
- $img = $objImageList->GetItem($id);
- $img->MoveUp();
- }
- }
- break;
- case "m_img_move_down":
- if (isset($_POST["itemlist"]))
- {
- $objImageList = new clsImageList();
- $objImageList->SourceTable = $objSession->GetEditTable("Images");
- $itemlist=array_reverse($_POST["itemlist"]);
- foreach($itemlist as $id)
- {
- $img = $objImageList->GetItem($id);
- $img->MoveDown();
- }
- }
- break;
-
- case "m_img_delete":
- if(isset($_POST["itemlist"]))
- {
- $objImageList = new clsImageList();
- $objImageList->SourceTable = $objSession->GetEditTable("Images");
- foreach($_POST["itemlist"] as $id)
- {
- $img = $objImageList->GetItem($id);
- $img->Set("ResourceId", 0);
- $img->Update();
- //$img->Delete();
- }
- }
- break;
- case "m_restore_delete":
- if($ro_perm) break;
- $bdate = $_POST["backupdate"];
- if($bdate>0)
- {
- $BackupFile = $objConfig->Get("Backup_Path")."/dump".$bdate.".txt";
- if(file_exists($BackupFile))
- unlink($BackupFile);
- }
- break;
-
- case "m_taglib":
- include($pathtoroot."kernel/include/tag-class.php");
- ParseTagLibrary();
- break;
-
- case "m_sql_query":
- if($ro_perm) break;
- $sql_query = $application->GetVar('sql');
- $ado =& GetADODBConnection();
- if ($sql_query) {
- $SqlResult = $ado->Execute($sql_query);
- $SqlError = $ado->ErrorMsg();
- $SqlErrorNum = $ado->ErrorNo();
- }
- break;
-
- case 'm_purge_email_log':
- $conn =& $application->GetADODBConnection();
- $conn->Query('DELETE FROM '.TABLE_PREFIX.'EmailLog');
- break;
-
- case "m_session_delete":
- if($ro_perm) break;
- $ado = &GetADODBConnection();
- if (count($_POST['itemlist']) > 0) {
- foreach($_POST["itemlist"] as $id)
- {
- $sql = "DELETE FROM ".GetTablePrefix()."UserSession WHERE SessionKey='$id'";
- $ado->Execute($sql);
- $sql = "DELETE FROM ".GetTablePrefix()."SessionData WHERE SessionKey = '$id'";
- $ado->Execute($sql);
- }
- }
- else {
- $sql = "DELETE FROM ".GetTablePrefix()."UserSession WHERE Status='0'";
- $ado->Execute($sql);
- }
- break;
-
- case "m_add_rule":
- $objEditItems = new clsBanRuleList();
- $objEditItems->SourceTable = $objSession->GetEditTable("BanRules");
- //$ItemType,$RuleType,$ItemField,$ItemVerb,$ItemValue,$Priority,$Status;
- $objEditItems->AddRule($_POST["rule_itemtype"],$_POST["rule_type"],$_POST["rule_field"],
- $_POST["rule_verb"],$_POST["rule_value"],(int)$_POST["rule_priority"],
- (int)$_POST["rule_status"], $_POST['rule_error']);
- break;
- case "m_edit_rule":
- $objEditItems = new clsBanRuleList();
- $objEditItems->SourceTable = $objSession->GetEditTable("BanRules");
- //$ItemType,$RuleType,$ItemField,$ItemVerb,$ItemValue,$Priority,$Status;
- $objEditItems->EditRule($_POST["rule_id"],$_POST["rule_itemtype"],$_POST["rule_type"],$_POST["rule_field"],
- $_POST["rule_verb"],$_POST["rule_value"],(int)$_POST["rule_priority"],
- (int)$_POST["rule_status"], $_POST['rule_error']);
- break;
- case "m_rule_move_up":
- if($ro_perm) break;
- if(isset($_POST["itemlist"]))
- {
- foreach($_POST["itemlist"] as $id)
- {
- $i = $objBanList->GetItem($id);
- $i->Increment("Priority");
- }
- }
- break;
- case "m_rule_move_down":
- if($ro_perm) break;
- if(isset($_POST["itemlist"]))
- {
- foreach($_POST["itemlist"] as $id)
- {
- $i = $objBanList->GetItem($id);
- $i->Decrement("Priority");
- }
- }
- break;
-
- case "m_rule_delete":
- if($ro_perm) break;
- if(isset($_POST["itemlist"]))
- {
- foreach($_POST["itemlist"] as $id)
- {
- $i = $objBanList->GetItem($id);
- $i->Delete();
- }
- }
- break;
- case "m_ban_user":
- if($ro_perm) break;
- if($_POST["UserEditStatus"]==1)
- {
- $UserId = $_POST["user_id"];
- $objUsers->SetTable('edit');
- $u = $objUsers->GetItem($UserId);
- if(is_object($u))
- {
- if((int)$_POST["ban_login"])
- {
- if(strlen($_POST["user_login"]))
- $objBanList->AddRule(6,0,"Login",3,$_POST["user_login"],0,1);
- }
- if((int)$_POST["ban_email"])
- {
- if(strlen($_POST["user_email"]))
- $objBanList->AddRule(6,0,"Email",3,$_POST["user_email"],0,1);
- }
- if((int)$_POST["ban_ip"])
- {
- if(strlen($_POST["user_ip"]))
- $objBanList->AddRule(6,0,"ip",3,$_POST["user_ip"],0,1);
- }
- $u->Deny();
- }
- $objUsers->SetTable('restore');
- }
- break;
-
-
- case 'm_rebuild_cache':
- $objSession->SetVariable('PermCache_UpdateRequired', 1);
- break;
-
- }
-
-/* image upload management */
-if( isset($_POST['img']) && $_POST['img'] == 1 )
-{
- foreach($_FILES as $img => $FILE)
- {
- $name = $_POST["img_Name_$img"];
- $alt = $_POST["img_Alt_$img"];
- $url = $_POST["img_Url_$img"];
- $res_id = $_POST["img_Res_$img"];
- $relvalue = $_POST["img_Rel_$img"];
- $thumb = (int)$_POST["img_Thumb_$img"];
- $dest = AddSlash($_POST["img_DestDir_$img"]);
- if($_POST["img_Del_$img"]=="Delete")
- {
- $img = $objImageList->GetImageByResource($res_id,$relvalue);
- $img->Delete();
- unset($img);
- $objImageList->Clear();
- }
- else
- {
- if($FILE["size"]>0)
- {
- /* an image was uploaded */
- $objImageList->HandleImageUpload($FILE,$res_id,$relvalue,$dest, $name,$alt,$thumb);
- }
- else
- { /* remote images handled here */
- if(strlen($url)>0)
- {
- if($relvalue>0)
- {
- $img = $objImageList->GetImageByResource($res_id,$relvalue);
- $img->Set("Name",$name);
- $img->Set("AltName", $alt);
- $img->Set("IsThumbnail",$thumb);
- $img->Set("Url",$url);
- $img->Update();
- }
- else
- {
- $relvalue = $objImageList->GetNextRelateValue($res_id);
- $objImageList->NewRemoteImage($url,$res_id,$relvalue, $name, $alt, $thumb);
- }
- }
- }
- }
- }
-}
-
-// ALL Saving Stuff From Temp Tables Heppens Here
-
-//echo "==== BEGIN ====
";
-$has_perm = $objSession->HasSystemPermission("SYSTEM_ACCESS.READONLY");
-
-if (!$has_perm) {
- if( GetVar('ReviewEditStatus') == 1 )
- {
- $objReviews=new clsItemReviewList();
- $objReviews->CopyFromEditTable_Direct();
- }
-
- if( GetVar('ReviewEditStatus') == -1 )
- {
- $objReviews=new clsItemReviewList();
- $objReviews->PurgeEditTable();
- }
-
- /* category Edit */
- if( GetVar('CatEditStatus') == 1 )
- {
- $adodbConnection = &GetADODBConnection();
- // $sql = "SELECT * FROM ".$objSession->GetEditTable("Category")." WHERE CategoryId=0";
- $category_table = $objSession->GetVariable('IsHomeCategory') ? TABLE_PREFIX.'Category' : $objSession->GetEditTable('Category');
- $sql = 'SELECT ParentId
- FROM '.$category_table.'
- WHERE CategoryId = -1';
-
- $rs = $adodbConnection->Execute($sql);
- while ($rs && !$rs->EOF)
- {
- if($rs->fields["ParentId"] > 0) RunUp($rs->fields["ParentId"],"Increment_Count");
- $rs->MoveNext();
- }
-
- if (!$objSession->GetVariable('IsHomeCategory')) {
- $cat_ids = $objCatList->CopyFromEditTable("CategoryId");
- if ($cat_ids) {
- $objCustomDataList->CopyFromEditTable('c');
- }
- $objCatList->Clear();
-
- $objImages = new clsImageList();
- $objImages->CopyFromEditTable("ImageId");
- }
- else {
- $objCatList->Clear();
- }
- }
-
- if( GetVar('CatEditStatus') == 2 )
- {
- $objCatList->PurgeEditTable("CategoryId");
- $objCustomDataList->PurgeEditTable('c');
- if($_REQUEST['CategoryId'] > 0) // not root category is updated
- {
- $objImages = new clsImageList();
- //$objImages->CopyFromEditTable("ImageId");
- $objImages->PurgeEditTable("ImageId");
- }
- $objCatList->Clear();
- }
-
- /* User Edit */
- if( GetVar('UserEditStatus') == 1 )
- {
- $objUserGroupsList = new clsUserGroupList();
- $objUserGroupsList->CopyFromEditTable("PortalUserId");
-
- $user_ids = $objUsers->CopyFromEditTable("PortalUserId");
- if ($user_ids) {
- $objCustomDataList->CopyFromEditTable('u');
- }
-
- $objGroups->Clear();
- $objImages = new clsImageList();
- $objImages->CopyFromEditTable("ImageId");
- }
- if( GetVar('UserEditStatus') == 2 )
- {
- $objUserGroupsList = new clsUserGroupList();
- $objGroups->PurgeEditTable("PortalUserId");
- $objUserGroupsList->PurgeEditTable("PortalUserId");
- $objCustomDataList->PurgeEditTable('u');
- $objGroups->Clear();
- }
-
- /* Theme Edit */
- if( GetVar('ThemeEditStatus') == 1 )
- {
- $objThemes->CopyFromEditTable();
- $objThemes->Clear();
- }
-
- if( GetVar('ThemeEditStatus') == 2 )
- {
- $objThemes->PurgeEditTable();
- $objThemes->Clear();
- }
-
- if( GetVar('MissingLangEditStatus') == 1 )
- {
- $objPhraseList = new clsPhraseList();
- $objPhraseList->SourceTable = $objSession->GetSessionKey()."_".$ThemeId."_labels";
-
- $objEditList = new clsPhraseList();
- $objEditList->SourceTable = $objSession->GetEditTable("Phrase");
-
- $ado = &GetADODBConnection();
- $rs = $ado->Execute("SELECT MIN(PhraseId) as MinValue FROM ".$objEditList->SourceTable);
- $NewId = $rs->fields["MinValue"]-1;
-
- $objPhraseList->Query_Item("SELECT * FROM ".$objPhraseList->SourceTable);
- foreach($objPhraseList->Items as $p)
- {
- if(strlen($p->Get("Translation"))>0)
- {
- $p->tablename = $objEditList->SourceTable;
- $p->Dirty();
- $p->UnsetIDField();
- $p->Set("PhraseId",$NewId);
- $NewId--;
- $p->Create();
- }
- }
- $ado->Execute("DROP TABLE IF EXISTS ".$objPhraseList->SourceTable);
- }
-
- if( GetVar('MissingLangEditStatus') == 2 )
- {
- $table = $objSession->GetSessionKey()."_".$ThemeId."_labels";
- $ado = &GetADODBConnection();
- $ado->Execute("DROP TABLE IF EXISTS ".$table);
- }
-
- /* Ban Rule Edit */
- if( GetVar('RuleEditStatus') == 1 )
- {
- $objBanList->CopyFromEditTable("RuleId");
- $objBanList->Clear();
- }
- if( GetVar('RuleEditStatus') == 2 )
- {
- $objBanList->PurgeEditTable("RuleId");
- $objBanList->Clear();
- }
-}
-elseif( defined('DEBUG_ACTIONS') )
-{
- if( isset($_REQUEST['Action']) && $_REQUEST['Action'] )
- echo "USER HAS RO-ACCESS on action [".$_REQUEST['Action']."]
";
-}
-
-//echo "==== END ====
";
-
-?>
\ No newline at end of file