<?php
//#################################################################################################
// Helper functions for the modules page
//#################################################################################################
// chillyCMS - Content Management System
// Copyright (C) 2008
// Stefanie Wiegand <hide@address.com> & Johannes Cox <hide@address.com>
//
// This program is licensed under the GPL 3.0 license. For more information see LICENSE.txt.
//#################################################################################################
// show_activemodules()
// show_installedmodules()
// uploadform()
// add_module($src_file, $path)
// undo_modcreation($id)
// delete_activemodule($id)
// delete_installedmodule($id)
// switch_status_module($newstatus,$id)
// switch_access_module($id,$access)
//#################################################################################################
defined('DOIT') or die('Restricted access');
//Show active modules//////////////////////////////////////////////////////////////////////////////
function show_activemodules() {
global $l_gen,$l_mods,$l_cont,$allpos,$groups,$page,$settings;
$activemodules = "\t<div class='activemodules'>\n".
"\t\t<h1 style='float:left;'>$l_mods[lbl_active]</h1>\n".
"\t\t<div class='newmodule'>\n";
//possible modules
$page->query("select `name`,`modid` from system_modules where `type`=1 order by `modid`");
$mods = $page->db->getdata_array();
if (!empty($mods)) {
sort($mods);
//"add module"-form
$activemodules .= "\t\t\t<form method='post' action='modulesedit.site.php'>\n".
//moduletype
"\t\t\t\t<select class='floatmargin' name='module'>\n";
foreach ($mods as $mod) {
$activemodules .= "\t\t\t\t\t<option value='$mod[modid]'>$mod[name]</option>\n";
}
//position
$activemodules .= "\t\t\t\t</select>\n".
"\t\t\t\t<select class='floatmargin' name='position'>\n";
//read positions from template
require_once(PATH."/templates/".$settings["template"]."/config.php");
sort($allpos);
foreach ($allpos as $pos) {
if (in_array($pos,$positions)) {
$activemodules .= "\t\t\t\t\t<option>$pos</option>\n";
}
}
$activemodules .= "\t\t\t\t</select>\n".
"\t\t\t\t<input type='hidden' name='id' value='0'></input>\n".
"\t\t\t\t<input type=\"submit\" class=\"button floatright\" value=\"".$l_mods["lbl_addmod"]."\" />\n".
//name
"\t\t\t\t<input type='text' name='name' value='NewModule' class='textinput floatmargin'></input>\n".
"\t\t\t</form>\n";
}
$activemodules .= "\t\t</div><br /><br />\n";
//Read all active modules from database
$sql="select m1.*, ifnull(m2.id,0) as prev,ifnull(m3.id,0) as next,s.name as modname from site_modules as m1 ".
"left join site_modules m2 on m2.order=m1.order-1 and m1.position=m2.position ".
"left join site_modules m3 on m3.order=m1.order+1 and m1.position=m3.position ".
"left join system_modules s on s.modid=m1.modid ".
"order by m1.position,m1.order";
$page->query($sql);
$allactivemodules = $page->db->getdata_array();
$printtable = "\t\t<table class=\"realtable\" cellspacing='0' width='100%' rules='groups'>\n".
"\t\t<thead>\n".
//"<th width='50' class='center'>ID</th>".
"\t\t\t<th class='left'>$l_mods[lbl_name]</th>\n".
"\t\t\t<th class='left'>$l_mods[lbl_modname]</th>\n".
"\t\t\t<th class='left'>$l_gen[lbl_access]</th>\n".
"\t\t\t<th class='left'>$l_mods[lbl_position]</th>\n".
"\t\t\t<th class='left'>$l_gen[lbl_move]</th>\n".
"\t\t\t<th class='center'>$l_gen[lbl_status]</th>\n".
"\t\t\t<th class='center' width='80'>$l_gen[lbl_edit]</th>\n".
"\t\t\t<th class='center' width='80'>$l_gen[lbl_delete]</th>\n".
"\t\t</thead>\n";
$counter="odd";
$lastposition="";
$activemodules_sorted=array();
if (!empty($allactivemodules)) {
//sort modules by position
foreach ($allactivemodules as $am) {
$newmod=new Listitem($am["id"],$am["order"],$am["prev"],$am["next"],
$data=array("name"=>$am["name"],"modid"=>$am["modid"],
"position"=>$am["position"],"active"=>$am["active"],
"access"=>$am["access"],"specialaccess"=>$am["specialaccess"],
"settings"=>$am["settings"],"modname"=>$am["modname"]));
$activemodules_sorted[$am["position"]][]=$newmod;
}
//go through each position
foreach ($activemodules_sorted as $position=>$items) {
//and separate each one in a tbody
if ($lastposition!=$position) {
if ($lastposition!="") {
$printtable .= "\t\t</tbody>\n\t\t<tbody>\n";
} else {
$printtable .= "\t\t<tbody>\n";
}
}
$lastposition=$position;
//sort the modules in this position
if ($position!="inactive") {
//$items=sort_linked_list($items);
}
//print the modules in this position
foreach ($items as $am) {
$am->id = intval($am->id);
$am->data=array(
"name" => escape_html($am->data["name"]),
"modid" => intval($am->data["modid"]),
"position" => escape_html($am->data["position"]),
"active" => intval($am->data["active"]),
"access" => intval($am->data["access"]),
"specialaccess" => escape_html($am->data["specialaccess"]),
"settings" => escape_html($am->data["settings"]),
"modname" => escape_html($am->data["modname"])
);
$printtable .= "\t\t\t<tr class='$counter'>\n".
//"<td>$am[id]</td>".
//name of this module instance
"\t\t\t\t<td class='left' title='$l_gen[lbl_edit]'>\n".
"\t\t\t\t\t<form method='post' action='modulesedit.site.php'>\n".
"\t\t\t\t\t\t<input type='hidden' name='id' value='".$am->id."' />\n".
"\t\t\t\t\t\t<input type='submit' class='linkbutton' ".
"value='".$am->data["name"]."' title='$l_gen[lbl_edit]' />\n".
"\t\t\t\t\t</form>\n".
"\t\t\t\t</td>\n".
//module name
"\t\t\t\t<td class='left'>\n".
"\t\t\t\t\t<form method='post' action='moduleinfo.site.php'>\n".
"\t\t\t\t\t\t<input type='hidden' name='id' value='".$am->data["modid"]."' />\n".
"\t\t\t\t\t\t<input type='submit' class='linkbutton' ".
"value='".$am->data["modname"]."' title='$l_gen[lbl_info]' />\n".
"\t\t\t\t\t</form>\n".
"\t\t\t\t</td>\n";
//Special Access
$spacc="";
if ($am->data["specialaccess"]!="") {
//get groupname of each group that has specialaccess
$sa=explode(",",$am->data["specialaccess"]);
foreach ($groups as $g) {
foreach ($sa as $sg) {
if ($g["gid"]==$sg) {
$specialgroups.=$g["name"].", ";
}
}
}
$specialgroups=substr($specialgroups,0,-2);
//make symbol
$spacc="\t\t\t\t\t\t<a class='special floatright' title='$specialgroups'></a>\n";
}
//access
if ($am->data["access"]==0) { $accesslbl = "everybody"; }
elseif ($am->data["access"]==1) { $accesslbl = "users"; }
elseif ($am->data["access"]==2) { $accesslbl = "admins"; }
$printtable .= "\t\t\t\t<td class='left'>\n".
"\t\t\t\t\t<form method='post' action='modules.site.php'>\n".
"\t\t\t\t\t\t<input type='hidden' name='action' value='switchaccess' />\n".
"\t\t\t\t\t\t<input type='hidden' name='access' value='".$am->data["access"]."' />\n".
"\t\t\t\t\t\t<input type='hidden' name='id' value='".$am->id."' />\n".
"\t\t\t\t\t\t<input type='submit' class='linkbutton' ".
"value='".$l_cont["lbl_$accesslbl"]."' title='$l_cont[tip_switchacc]' />\n".
$spacc.
"\t\t\t\t\t</form>\n".
"\t\t\t\t</td>\n";
//position
$printtable .= "\t\t\t\t<td class='left'>".$am->data["position"]."</td>\n".
//move
"\t\t\t\t<td class='left'>\n";
//--up
if ($am->prev>0) {
$printtable .= "\t\t\t\t\t<form method='post' action='modules.site.php'>\n".
"\t\t\t\t\t\t<input type='hidden' name='action' value='move' />\n".
"\t\t\t\t\t\t<input type='hidden' name='direction' value='up' />\n".
"\t\t\t\t\t\t<input type='hidden' name='id' value='".$am->id."' />\n".
"\t\t\t\t\t\t<input type='submit' class='up' value=\" \" title='$l_gen[tip_movu]' />\n".
"\t\t\t\t\t</form>\n";
} else {
$printtable .= "\t\t\t\t\t<a class='filler'></a>\n";
}
//--down
if ($am->next>0) {
$printtable .= "\t\t\t\t\t<form method='post' action='modules.site.php'>\n".
"\t\t\t\t\t\t<input type='hidden' name='action' value='move' />\n".
"\t\t\t\t\t\t<input type='hidden' name='direction' value='down' />\n".
"\t\t\t\t\t\t<input type='hidden' name='id' value='".$am->id."' />\n".
"\t\t\t\t\t\t<input type='submit' class='down' value=\" \" title='$l_gen[tip_movd]' />\n".
"\t\t\t\t\t</form>\n";
} else {
$printtable .= "\t\t\t\t\t<a class='filler'></a>\n";
}
$printtable .= "\t\t\t\t</td>\n";
//status
if ($am->data["active"]==1) {
$status="off";
$class="useractive";
} else {
$status="on";
$class="userinactive";
}
$printtable .= "\t\t\t\t<td>\n".
"\t\t\t\t\t<form method='post' action='modules.site.php'>\n".
"\t\t\t\t\t\t<input type='hidden' name='action' value='switch' />\n".
"\t\t\t\t\t\t<input type='hidden' name='status' value='$status' />\n".
"\t\t\t\t\t\t<input type='hidden' name='id' value='".$am->id."' />\n".
"\t\t\t\t\t\t<input type='submit' value=\" \" class='$class' title='$l_gen[tip_inact]' />\n".
"\t\t\t\t\t</form>\n".
"\t\t\t\t</td>\n";
//edit link
$printtable .= "\t\t\t\t<td>\n".
"\t\t\t\t\t<form method='post' action='modulesedit.site.php'>\n".
"\t\t\t\t\t\t<input type='hidden' name='id' value='".$am->id."' />\n".
"\t\t\t\t\t\t<input type='submit' value=\" \" class='edit' title='".$l_gen["lbl_edit"]."' />\n".
"\t\t\t\t\t</form>\n".
"\t\t\t\t</td>\n".
"\t\t\t\t<td class='center'>\n".
//delete link
"\t\t\t\t\t<form method='post' action='modules.site.php'>\n".
"\t\t\t\t\t\t<input type='hidden' name='action' value='deleteactive' />\n".
"\t\t\t\t\t\t<input type='hidden' name='id' value='".$am->id."' />\n".
"\t\t\t\t\t\t<input type='submit' value=\" \" class='delete' ".
js_confirm_link($am->data["name"].$l_gen["pop_del"]).
"title='$l_gen[lbl_delete]' />\n".
"\t\t\t\t\t</form>\n".
"\t\t\t\t</td>\n".
"\t\t\t</tr>\n";
if ($counter=="odd") { $counter="even"; } else { $counter="odd"; }
}
}
}
$printtable .= "\t\t</tbody>\n".
"\t\t</table>\n";
$activemodules .= $printtable.
"\t</div><br /><br />\n";
return $activemodules;
}
//Show all installed modules///////////////////////////////////////////////////////////////////////
function show_installedmodules() {
global $l_gen,$l_mods,$page;
$installedmodules = "\t<div class='installedmodules'>\n".
"\t\t<h1>$l_mods[lbl_installed]</h1><br />\n";
$page->query("select `modid`,`name`,`type`,`author`,`version` from system_modules order by `type`,`modid`");
$result = $page->db->getdata_array();
$installedmodules .= "\t\t<table class=\"realtable\" cellspacing='0' width='100%'>\n".
"\t\t<thead>\n".
"\t\t<tr>\n".
//"<th width='50' class='center'>ID</th>".
"\t\t\t<th class='left'>$l_mods[lbl_modname]</th>\n".
"\t\t\t<th class='left'>$l_mods[lbl_type]</th>\n".
"\t\t\t<th class='left'>$l_mods[lbl_author]</th>\n".
"\t\t\t<th class='left'>$l_mods[lbl_version]</th>\n".
"\t\t\t<th class='center' width='80'>$l_gen[lbl_info]</th>\n".
"\t\t\t<th class='center' width='80'>$l_gen[lbl_delete]</th>\n".
"\t\t</tr>\n".
"\t\t</thead>\n";
if (!empty($result)) {
$counter="odd";
$installedmodules .= "\t\t<tbody>\n";
foreach ($result as $row) {
if ($row["type"]==0) { $type=$l_mods["lbl_main"]; }
else if ($row["type"]==1) { $type=$l_mods["lbl_sub"]; }
//modulename
$installedmodules .= "\t\t<tr class='$counter'>\n".
//"<td>$row[modid]</td>".
"\t\t\t<td class='left'>\n".
"\t\t\t\t<form method='post' action='moduleinfo.site.php'>\n".
"\t\t\t\t\t<input type='hidden' name='id' value='$row[modid]' />\n".
"\t\t\t\t\t<input type='submit' class='linkbutton' ".
"title='$l_gen[lbl_info]' value='$row[name]'/>\n".
"\t\t\t\t</form>\n".
"\t\t\t</td>\n".
//type, author, version
"\t\t\t<td class='left'>$type</td>\n".
"\t\t\t<td class='left'>$row[author]</td>\n".
"\t\t\t<td class='left'>$row[version]</td>\n".
//info link
"\t\t\t<td>\n".
"\t\t\t\t<form method='post' action='moduleinfo.site.php'>\n".
"\t\t\t\t\t<input type='hidden' name='id' value='$row[modid]' />\n".
"\t\t\t\t\t<input type='submit' value=\" \" class='info' title='$l_gen[lbl_info]' />\n".
"\t\t\t\t</form>\n".
"\t\t\t</td>\n".
"\t\t\t<td>\n";
//delete link for optional modules
if ($row["modid"]>3) {
$installedmodules .= "\t\t\t\t<form method='post' action='modules.site.php'>\n".
"\t\t\t\t\t<input type='hidden' name='action' value='deleteinstalled' />\n".
"\t\t\t\t\t<input type='hidden' name='id' value='".$row["modid"]."' />\n".
"\t\t\t\t\t<input type='submit' value=\" \" class='delete' value=\" \" ".
js_confirm_link($row["name"].$l_gen["pop_del"]).
"title='$l_gen[lbl_delete]' />\n".
"\t\t\t\t</form>\n";
}
$installedmodules .= "\t\t\t</td>\n".
"\t\t</tr>\n";
if ($counter=="odd") { $counter="even"; } else { $counter="odd"; }
}
$installedmodules .= "\t\t</tbody>\n";
}
$installedmodules .= "\t\t</table><br />\n".
"\t</div>\n";
return $installedmodules;
}
//Uploadform///////////////////////////////////////////////////////////////////////////////////////
function uploadform() {
global $l_mods,$l_gen;
return "\t<div class='moduleupload'>\n".
"\t\t<form action='modules.site.php' method='post' enctype='multipart/form-data'>\n".
"\t\t\t<input name='newmodule' type='file' size='50' accept='application/zip' ".
"title=\"".$l_mods["lbl_upload"]."\" class='button_left floatmargin' />\n".
"\t\t\t<input type='submit' class=\"button\" value='$l_gen[lbl_upload]'></input>\n".
"\t\t</form>\n".
"\t</div>\n";
}
//Add Module///////////////////////////////////////////////////////////////////////////////////////
function add_module($src_file,$path) {
global $l_mods,$page;
$page->debug('Adding module...');
$error = true;
$exit = false;
$modaction = "insert";
$plainname = cut_doubledots(substr($_FILES["newmodule"]["name"], 0, -4));
$coremodules = array("ckeditor","content","menu","login","phpmailer");
if (in_array($plainname,$coremodules)) {
return array($l_mods["msg_owcore_err"],"bad");
}
//extract to temporary dir
$zip=new ZipArchive();
if ($zip->open($src_file) === true) {
if ($zip->extractTo(PATH."/tmp") === true) {
$page->debug('Extraction to tmp successful');
if (file_exists(PATH."/tmp/".$plainname."/config.php")) {
$page->debug('config.php file found');
require(PATH."/tmp/".$plainname."/config.php");
//make module
if ($newmod = new Module()) {
$error=false;
$newmod->fill($name,$author,$version,$type,$outputfile);
if (is_file(PATH."/tmp/".$plainname."/create.sql")) {
$page->debug('create.sql file found');
if (!exec_sql(PATH."/tmp/".$plainname."/create.sql")) {
$page->debug('create.sql file executed');
$error=true;
return array($l_mods["msg_db_err"],"bad");
}
}
}
if (!$error) {
//extract to real dir
$path = cut_doubledots($path);
if (@$zip->extractTo($path)!==true) { $error=true; }
$zip->close();
}
} else {
$page->debug('Module config file missing');
$msg = array($l_mods["msg_invalid_err"],"bad");
$exit=true;
}
delete_recursively(PATH."/tmp/".$plainname);
if ($exit) { return $msg; }
}
}
if (!$error) {
$page->debug('Saving module');
$msg = $newmod->store();
} else {
$msg = array($l_media["msg_upload_err"].$_FILES["newmodule"]["name"],"bad");
}
return $msg;
}
//Undo module creation/////////////////////////////////////////////////////////////////////////////
function undo_modcreation($id) {
delete_activemodule($id);
return array($l_mods["msg_cancel_err"],"bad");
}
//Delete active module/////////////////////////////////////////////////////////////////////////////
function delete_activemodule($id) {
global $l_mods,$page;
$error=false;
$sql="select `order`,`position` from site_modules where `id`=$id limit 1";
if (!$page->query($sql)) { $error=true; }
$deletedmod=$page->db->getdata();
if (!$page->query("start transaction")) { $error=true; }
//delete from site_modules
if (!$page->query("delete from site_modules where `id`=$id")) { $error=true; }
//update order of following elements
$sql="update site_modules set `order`=`order`-1 where `order`>$deletedmod[order] and `position`='$deletedmod[position]'";
if (!$page->query($sql)) { $error=true; }
if (!$error) {
$sql = "commit";
$msg = array($l_mods["msg_del_ok"],"good");
} else {
$sql = "rollback";
$msg = array($l_mods["msg_del_err"],"bad");
}
while(1) {
if ($page->query($sql)) { break; }
}
return $msg;
}
//Delete installed module//////////////////////////////////////////////////////////////////////////
function delete_installedmodule($id) {
global $l_mods,$page;
//is it a core module?
if ($id<4) { return array($l_mods["msg_delcore_err"],"bad"); }
$error=false;
//Are there still active instances?
$sql="select m.id, c.id from site_modules as m, site_content as c where m.modid=$id or c.modid=$id limit 1";
if (!$page->query($sql)) { $error=true; }
if ($page->db->query_count()>0) { $error=true; }
if ($error) {
return array("$l_mods[msg_del_err] $l_mods[msg_active_err]","bad");
}
$page->query("select `name` from system_modules where `modid`=$id limit 1");
$result=$page->db->getdata();
$modname=cut_doubledots($result["name"]);
if (!$page->query("start transaction")) { $error=true; }
//execute drop.sql if it exists
$script=PATH."/modules/$modname/drop.sql";
if (file_exists($script)) {
if (!exec_sql($script)) { $error=true; }
}
//Delete from system_modules
if (!$page->query("delete from system_modules where `modid`=$id")) { $error=true; }
//everything ok?
if (!$error) {
//delete the module folder in /modules
delete_recursively(PATH."/modules/$modname");
$sql = "commit";
$msg = array($l_mods["msg_del_ok"],"good");
} else {
$sql = "rollback";
$msg = array($l_mods["msg_del_err"],"bad");
}
while(1) {
if ($page->query($sql)) { break; }
}
return $msg;
}
//switch module status/////////////////////////////////////////////////////////////////////////////
function switch_status_module($status,$id) {
global $l_mods,$page;
if ($status=="on") { $active=1; $msg="msg_activate_"; }
elseif ($status=="off") { $active=0; $msg="msg_inactivate_"; }
if ($page->query("update site_modules set `active`='$active' where `id`='$id'")) {
$msg = array($l_mods[$msg."ok"],"good");
} else {
$msg = array($l_mods[$msg."err"],"bad");
}
return $msg;
}
//Switch Standard Access///////////////////////////////////////////////////////////////////////////
function switch_access_module($id,$access) {
global $l_cont,$page;
if ($access<2) { $access+=1; } else { $access=0; }
$sql="update site_modules set `access`='$access' where `id`='$id'";
if ($page->query($sql)) {
$msg = array($l_cont["msg_access_ok"],"good");
} else {
$msg = array($l_cont["msg_access_err"],"bad");
}
return $msg;
}
?>