<?php
//#################################################################################################
// Helper functions for the modules edit page
//#################################################################################################
// chillyCMS - Content Management System
// Copyright (C) 2008
// Stefanie Wiegand <hide@address.com> & Johannes Cox <hide@address.com>
//
// This program is licensed under the GPL 3.0 license. For more information see LICENSE.txt.
//#################################################################################################
// moduleform($id)
// submod_settingsform($modname,$modsettings)
// save_module($id)
//#################################################################################################
defined('DOIT') or die('Restricted access');
//Moduleform///////////////////////////////////////////////////////////////////////////////////////
function moduleform($id) {
global $l_gen,$allpos,$l_mods,$l_cont,$l_uform,$page,$settings;
if ($id=="") { $id=0; }
$moduleform = "\t<h1>$l_mods[lbl_edit]</h1><br>\n".
"\t<div class='standardmodsettings'>\n";
if ($id>0) {
//Read position and modules from db
$sql="select m.*,s.name as modname from site_modules as m ".
"left join system_modules s on m.modid=s.modid where m.id=$id limit 1";
$page->query($sql);
$mod = $page->db->getdata();
$mod = array_map("escape_html",$mod);
$newmod = false;
$name = $mod["name"];
$modid = intval($mod["modid"]);
$modname = $mod["modname"];
$position = $mod["position"];
$order = intval($mod["order"]);
$active = intval($mod["active"]);
$access = intval($mod["access"]);
$specialaccess = $mod["specialaccess"];
$conditionaldisplay = intval($mod['conditionaldisplay']);
$listtype = intval($mod['listtype']);
$list = $mod['list'];
$modsettings = $mod["settings"];
} else {
$newmod = true;
$name = escape_html($_POST["name"]);
$modid = intval($_POST["module"]);
$page->query("select `name` from system_modules where `modid`=$modid limit 1");
$modname = $page->db->getdata();
$modname = escape_html($modname["name"]);
$position = num_text($_POST["position"]);
$order = 0;
$active = 1;
$access = 0;
$specialaccess = "";
$conditionaldisplay = 0;
$listtype = 0;
$list = '';
$modsettings = "";
$error = false;
if (!$page->query("start transaction")) { $error=true; }
//insert module into database
$sql = "insert into site_modules (`name`,`modid`,`position`,`order`,`active`,`access`,`specialaccess`,".
"`settings`) values ('$name',$modid,'$position',ifnull((select max(`order`)+1 from site_modules as m ".
"where `position`='$position'),1),$active,$access,'$specialaccess','$modsettings')";
if (!$page->query($sql)) { $error=true; }
//Get new ID
$sql="select `id` from site_modules where `name`='$name' and `modid`='$modid' and `position`='$position' ".
"and `order`=(select max(`order`) from site_modules where `position`='$position') limit 1";
if (!$page->query($sql)) { $error=true; }
$result=$page->db->getdata();
if (empty($result)) { $error=true; } else { $id=intval($result["id"]); }
if (!$error) {
$sql = "commit";
} else {
$sql = "rollback";
}
while(1) {
if ($page->query($sql)) { break; }
}
}
//Special module settings
$moduleform .= "<form method='post' action='modulesedit.site.php'><div class='specialmodulesettings'>";
$specialform = submod_settingsform($modname,$modsettings);
$modsettings = escape_html($specialform[0]);
$moduleform .= $specialform[1];
$moduleform .= "<input type='hidden' name='modsettings' value='$modsettings'></input>".
"</div>".
"<table cellspacing='5' class='lists'>".
//id
"<tr><td class='left' width='100'>ID</td>".
"<td class='left'>$id</td></tr>".
//name
"<tr><td class='left'>$l_mods[lbl_name]</td>".
"<td class='left'><input type='text' class=\"textinput\" name='name' value='$name'></input></td></tr>".
//moduletype
"<tr><td class='left'>$l_mods[lbl_type]</td>".
"<td class='left'>$modname</td></tr>".
"<input type='hidden' name='modid' value='$modid'></input>".
//status
"<tr><td class='left'>$l_uform[lbl_status]</td><td class='left'><select name='active' size='1'>";
if ($active==1) {
$moduleform .= "<option value='0'>$l_uform[lbl_inact]</option><option value='1' selected='selected'>$l_uform[lbl_act]</option>";
} else {
$moduleform .= "<option value='0' selected='selected'>$l_uform[lbl_inact]</option><option value='1'>$l_uform[lbl_act]</option>";
}
$moduleform .= "</select></td></tr>".
//access
"<tr><td class='left'>$l_cont[lbl_genacc]</td><td class='left'><select name='access' size='1'>";
//--everybody
$moduleform .= "<option value='0'";
if ($access==0) { $moduleform .= " selected='selected'"; }
$moduleform .= ">$l_cont[lbl_everybody]</option>".
//--users only
"<option value='1'";
if ($access==1) { $moduleform .= " selected='selected'"; }
$moduleform .= ">$l_cont[lbl_users]</option>".
//--admins only
"<option value='2'";
if ($access>1) { $moduleform .= " selected='selected'"; }
$moduleform .= ">$l_cont[lbl_admins]</option>".
"</select></td></tr>";
//Special Access? (only if there are any special groups)
$page->query("select * from system_groups where gid>2 order by name");
$specialgroups = $page->db->getdata_array();
if (!empty($specialgroups)) {
//--checkbox
if ($specialaccess!="") { $checked="checked='checked'"; } else { $checked = ""; }
$moduleform .= "<tr><td class='left'>$l_cont[lbl_spacc]?</td><td class='left'>
<input type='checkbox' class='middle' name='specialaccess' id='specialaccess' ".
"onclick='getspecialrights()' $checked></input></td></tr>";
//--menu
$moduleform .= "<tr><td></td><td class='left'><div id='specialaccessmenu'>";
$spacc=explode(",",$specialaccess);
foreach ($specialgroups as $sg) {
if (in_array($sg["gid"],$spacc)) {
$moduleform .= "<input type='checkbox' name='spacc[]' class='middle' value='$sg[gid]'".
" checked='checked' /><span class='middle'>$sg[name]</span><br />";
} else {
$moduleform .= "<input type='checkbox' name='spacc[]' class='middle' value='$sg[gid]' />".
"<span class='middle'>$sg[name]</span><br />";
}
}
$moduleform .= "</div></td></tr>".
"<script type='text/javascript' language='JavaScript'>getspecialrights();</script>";
} else {
$moduleform .= "<input type='hidden' name='specialaccess' value='$specialaccess'></input>";
}
//old position
$moduleform .= "<input type='hidden' name='oldposition' value='$position'/>".
//new position
"<tr><td class='left'>$l_mods[lbl_position]</td><td class='left'><select size='1' name='newposition'>";
//read positions from template name
require_once(PATH."/templates/".$settings["template"]."/config.php");
sort($allpos);
foreach ($allpos as $pos) {
if ($position==$pos) {
$moduleform .= "<option selected='selected'>$pos</option>";
} else {
if (in_array($pos,$positions)) {
$moduleform .= "<option>$pos</option>";
}
}
}
$moduleform .= "</select></td></tr>".
//order
"<tr><td class='left'>$l_mods[lbl_order]</td><td class='left'>";
if ($position!="inactive" and $position!="content") {
$sql="select m1.*, ifnull(m2.id,0) as prev,ifnull(m3.id,0) as next,s.name as modname from site_modules as m1 ".
"left join site_modules m2 on m2.order=m1.order-1 and m1.position=m2.position ".
"left join site_modules m3 on m3.order=m1.order+1 and m1.position=m3.position ".
"left join system_modules s on s.modid=m1.modid ".
"where m1.position='$position' ".
"order by m1.order";
$page->query($sql);
$result = $page->db->getdata_array();
$moduleform .= "<table cellspacing='0'>";
$activemodules=array();
$style='odd';
//Print moduleinstances in the right order
if (!empty($result)) {
foreach ($result as $row) {
$row=array_map("escape_html",$row);
$mod = new Listitem($row["id"],$row["order"],$row["prev"],$row["next"]);
//Name
$moduleform .= "<tr class='$style'><td class='left' width='140'>".$row["name"]."</td><td width='40'>";
$moveid=$row["id"];
//Up
if ($mod->prev>0) {
$moduleform .= "<a class='up' href='modulesedit.site.php?action=move&".
"direction=up&moveid=$row[id]&id=$id'></a>";
} else {
$moduleform .= "<a class='filler'></a>";
}
//Down
if ($mod->next>0) {
$moduleform .= "<a class='down' href='modulesedit.site.php?action=move&".
"direction=down&moveid=$row[id]&id=$id'></a>";
} else {
$moduleform .= "<a class='filler'></a>";
}
$moduleform .= "</td></tr>";
if ($style=="odd") { $style="even"; } else { $style="odd"; }
}
}
$moduleform .= "</table>";
}
$moduleform .= "<input type='hidden' name='order' value='$order'/></td></tr>";
//conditional display
if ($conditionaldisplay==1) {
$condcheck = ' checked="checked"'; $hidden = '';
} else {
$condcheck = ''; $hidden = ' style="display:none;"';
}
$moduleform .= "<tr><td class='left' width='100'>".$l_mods['lbl_conddisplay']."</td><td class='left'>".
"<input type='checkbox' name='conditionaldisplay' value='on' id='conditionaldisplay' ".
"onclick='toggle_display(\"conditionaldisplay\",\"lists\")'$condcheck /></td></tr></table>".
"<div id='lists' class='lists'$hidden>";
//blacklist/whitelist
$white = $black = '';
if ($listtype==0) { $white = ' checked="checked"'; } else { $black = ' checked="checked"'; }
$moduleform .=' <input type="radio" name="listtype" value="0"'.$white.' /> '.$l_mods['lbl_whitelist'].'<br />'.
'<input type="radio" name="listtype" value="1"'.$black.' /> '.$l_mods['lbl_blacklist'].'<br />'.
'<select name="list[]" multiple="multiple">';
$page->query("select * from site_content where `depth`=0 and `id`=`treeid`");
$result = $page->db->getdata_array();
if (is_array($result) && !empty($result)) {
//print each tree in an own table
foreach ($result as $row) {
$tree = get_tree($row['id']);
foreach ($tree as $item) {
$checklist = explode(',',$list);
$moduleform .= '<option value="'.$item->id.'"';
if (in_array($item->id,$checklist)) { $moduleform .= ' selected="selected"'; }
$moduleform .='>';
for ($i=0;$i<$item->depth;$i++) {
$moduleform .= ' ';
}
$moduleform .= $item->name.'</option>';
}
}
}
$moduleform .= '</select></div>'.
//Submit
"<input type='hidden' name='id' value='$id'></input>".
"<input type='hidden' name='action' value='save'><br /><br />".
"<input class='button' type='submit' value='$l_gen[lbl_save]'></input></form>".
//Reload
"<form action='modulesedit.site.php'><input type='hidden' name='id' value='$id'></input>".
"<input class='button' type='submit' value='$l_gen[lbl_reload]'></form>";
//Cancel
if ($newmod) {
$moduleform .= "<form method='post' action='modules.site.php?action=undo'>".
"<input type='hidden' name='id' value='$id'></input>";
} else {
$moduleform .= "<form method='post' action='modules.site.php'>";
}
$moduleform .= "<input class='button' type='submit' value='$l_gen[lbl_cancel]'></input>".
"</form><br /><br /><div class='clr'></div>".
"\t</div>\n";
return $moduleform;
}
//Modsettings form/////////////////////////////////////////////////////////////////////////////////
function submod_settingsform($modname,$modsettings) {
global $l_mods,$language,$l_gen,$page;
$settingsform = "<h2>$l_mods[txt_spset]</h2>";
$modname=cut_doubledots($modname);
$language=cut_doubledots($language);
$filename=PATH."/modules/$modname/backend.php";
if (file_exists($filename)) {
//look for matching language file of the module
$langfile=PATH."/modules/$modname/languages/$language.php";
$enfile=PATH."/modules/$modname/languages/en.php";
if (is_file($langfile)) { include_once($langfile); }
elseif (is_file($enfile)) { include_once($enfile); }
$editform = "";
//load module file
include_once($filename);
$settingsform .= $editform;
} else {
$settingsform .= $l_mods["txt_nospset"];
$specialsettings = false;
}
return array($specialsettings,$settingsform);
}
//Save Module//////////////////////////////////////////////////////////////////////////////////////
function save_module($id) {
global $l_mods,$page;
//get specialaccess
$spacc = "";
if (isset($_POST["specialaccess"]) && $_POST["specialaccess"]=="on") {
$specialaccessmenu=$_POST["spacc"];
if (!empty($specialaccessmenu)) {
$spacc=implode(",",$specialaccessmenu);
}
}
//special settings
if (isset($_POST["modsettings"]) && $_POST["modsettings"]!="") {
$specialsave = "";
$specialsettings=explode(",",$_POST["modsettings"]);
//Go through each special settings option of the module
if (is_array($specialsettings) && !empty($specialsettings))
foreach ($specialsettings as $spset) {
if (isset($_POST[$spset])) {
$specialsave .= $_POST[$spset].",";
} else {
$specialsave .= ",";
}
}
$specialsave=substr($specialsave,0,-1);
}
//get conditional display list
$conditionaldisplay = $listtype = 0;
$cdlist = "null";
if (isset($_POST["conditionaldisplay"]) && $_POST["conditionaldisplay"]=="on") {
$conditionaldisplay = 1;
$listtype = intval($_POST['listtype']);
if (isset($_POST["list"])) {
$mylist = $_POST["list"];
if (!empty($mylist)) {
$cdlist = "'".implode(",",$mylist)."'";
}
}
}
$error = false;
//escape POST
$post = escape($_POST);
//get values
$name = $post["name"];
$oldposition = num_text($post["oldposition"]);
$newposition = num_text($post["newposition"]);
$order = intval($post["order"]);
$modid = intval($post["modid"]);
$active = intval($post["active"]);
$access = intval($post["access"]);
if (!$page->query("start transaction")) { $error=true; }
//position
//--do not change position
if ($oldposition==$newposition) {
$sql="update site_modules set `name`='$name',`modid`=$modid,`active`=$active,".
"`access`=$access,`specialaccess`='$spacc',`settings`='$specialsave', ".
"`conditionaldisplay`=$conditionaldisplay, `listtype`=$listtype, `list`=$cdlist where `id`=$id";
//--change position
} else {
$sql="select max(`order`) as maxorder from site_modules where `position`='$newposition' limit 1";
if (!$page->query($sql)) { $error=true; }
$maxorder=$page->db->getdata();
$maxorder=$maxorder["maxorder"];
if ($maxorder=="") { $maxorder=0; }
//update order in old position if necessary
$sql="update site_modules set `order`=`order`-1 where `order`>$order and `position`='$oldposition'";
if (!$page->query($sql)) { $error=true; }
//update module
$sql="update site_modules set `name`='$name',`modid`=$modid,`position`='$newposition',`order`=$maxorder+1,".
"`active`=$active,`access`=$access,`specialaccess`='$spacc',`settings`='$specialsave' where `id`=$id";
}
if (!$page->query($sql)) { $error=true; }
if (!$error) {
$msg = array($l_mods["msg_save_ok"],"good");
$sql = "commit";
} else {
$msg = array($l_mods["msg_save_err"],"bad");
$sql = "rollback";
}
while(1) {
if ($page->query($sql)) { break; }
}
return $msg;
}
?>