Location: PHPKode > projects > Gregarius > gregarius/admin/tags.php
<?php
###############################################################################
# Gregarius - A PHP based RSS aggregator.
# Copyright (C) 2003 - 2006 Marco Bonetti
#
###############################################################################
# This program is free software and open source software; you can redistribute
# it and/or modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation; either version 2 of the License,
# or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE.	 See the GNU General Public License for
# more details.
#
# You should have received a copy of the GNU General Public License along
# with this program; if not, write to the Free Software Foundation, Inc.,
# 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA  or visit
# http://www.gnu.org/licenses/gpl.html
#
###############################################################################
# E-mail:	   mbonetti at gmail dot com
# Web page:	 http://gregarius.net/
#
###############################################################################

function tags_admin(){
	return CST_ADMIN_DOMAIN_TAGS;
}

function tags(){

	// Fix for #16: Admin (et al.) should not rely on l10n labels for actions:
	// Look for a meta-action first, which should be the (untranslated) *name* of
	// the (translated) action constant.

	// Fixme: should replace 'action's with a constant
	if (array_key_exists(CST_ADMIN_METAACTION,$_REQUEST)) {
		$__action__ = $_REQUEST[CST_ADMIN_METAACTION];
	} elseif (array_key_exists('action',$_REQUEST)) {
		$__action__ = $_REQUEST['action'];
	} else {
		$__action__ = "";
	}

	if (isset($_REQUEST['id'])) {
		$tid = sanitize($_REQUEST['id'],RSS_SANITIZER_NUMERIC);
	}

	$ret__ = CST_ADMIN_DOMAIN_TAGS;
	switch ($__action__) {

	case CST_ADMIN_EDIT_ACTION:
		tag_edit($tid);
		$ret__ = CST_ADMIN_DOMAIN_NONE;
		break;

	case CST_ADMIN_DELETE_ACTION:
		if (array_key_exists(CST_ADMIN_CONFIRMED,$_POST) && $_POST[CST_ADMIN_CONFIRMED] == __('Yes')) {
			$sql = "delete from " . getTable("tag") ." where id=$tid";
			rss_query($sql);
			$sql = "delete from " . getTable("metatag") ." where tid=$tid";
			rss_query($sql);
			rss_invalidate_cache();
		} elseif (array_key_exists(CST_ADMIN_CONFIRMED,$_REQUEST) && $_REQUEST[CST_ADMIN_CONFIRMED] == __('No')) {
			// nop;
		} elseif (array_key_exists('me_delete', $_REQUEST)) {
			if(array_key_exists('me_do_delete', $_REQUEST) && "1" == $_REQUEST['me_do_delete']) {
				$ids = array();
				foreach($_REQUEST as $key => $val) {
					if(preg_match('/^tcb([0-9]+)$/', $key, $match)) {
						if(($id = (int) $_REQUEST[$key]) > 0) {
							$ids[] = $id;
						}
					}
				}

				if(count($ids) > 0)  {
					$sql = "delete from " . getTable("tag") . " where id in (".implode(',', $ids) . ")";
					rss_query($sql);
					$sql = "delete from " . getTable("metatag") . " where tid in (".implode(',', $ids) . ")";
					rss_query($sql);
					rss_invalidate_cache();
				}
			}
		} else {

			list($tname) = rss_fetch_row(rss_query("select tag from " .getTable("tag") ." where id = $tid"));

			echo "<form class=\"box\" method=\"post\" action=\"" .$_SERVER['PHP_SELF'] ."\">\n"
			."<p class=\"error\">";
			printf(__("Are you sure you wish to delete '%s'?"),$tname);
			echo "</p>\n"
			."<p><input type=\"submit\" name=\"".CST_ADMIN_CONFIRMED."\" value=\"". __('No') ."\"/>\n"
			."<input type=\"submit\" name=\"".CST_ADMIN_CONFIRMED."\" value=\"". __('Yes') ."\"/>\n"
			."<input type=\"hidden\" name=\"id\" value=\"$tid\"/>\n"
			."<input type=\"hidden\" name=\"".CST_ADMIN_DOMAIN."\" value=\"".CST_ADMIN_DOMAIN_TAGS."\"/>\n"
			."<input type=\"hidden\" name=\"action\" value=\"". CST_ADMIN_DELETE_ACTION ."\"/>\n"
			."</p>\n</form>\n";
			$ret__ = CST_ADMIN_DOMAIN_NONE;
		}
		break;
	case CST_ADMIN_SUBMIT_EDIT:
		// TBD
		$new_label = preg_replace(ALLOWED_TAGS_REGEXP,'', $_REQUEST['t_name']);
		// also replace whitespaces
		$new_label = str_replace(' ','',$new_label);
		if (is_numeric($tid) && strlen($new_label) > 0) {
			$res = rss_query("select count(*) as cnt from " . getTable("tag") ." where binary tag='".rss_real_escape_string($new_label)."'");
			list($cnt) = rss_fetch_row($res);
			if ($cnt > 0) {
				rss_error(sprintf(__("You can't rename this item '%s' because such an item already exists."),$new_label), RSS_ERROR_ERROR,true);
				break;
			}
			rss_query("update " .getTable("tag") ." set tag='".rss_real_escape_string($new_label)."' where id=$tid");
			rss_invalidate_cache();
		}
		break;
	default:
		break;
	}
  echo "<script type=\"text/javascript\">\n"
    ."//<!--\n"
    ."function cbtoggle() {\n"
    ."var c=document.getElementById('mastercb').checked;\n"
    ."var cs=document.getElementById('tagtable').getElementsByTagName('input');\n"
    ."for(i=0;i<cs.length;i++) {\n"
    ."if (cs[i].type == 'checkbox') cs[i].checked = c;\n"
    ."}\n"  
    ."}\n" 
		."</script>\n";

	echo "<form method=\"post\" action=\"" . $_SERVER['PHP_SELF'] . "\">\n"
	."<h2 class=\"trigger\">".__('Tags')."</h2>\n"
	."<div id=\"admin_tags\" class=\"trigger\">"
	."<table id=\"tagtable\">\n"
	."<tr>\n"
  ."\t<th><input type=\"checkbox\" id=\"mastercb\" onclick=\"cbtoggle();\" /></th>\n"
	."\t<th class=\"cntr\">". __('Tags') ."</th>\n"
	."\t<th>". __('Action') ."</th>\n"
	."</tr>\n";

	$sql = sprintf("select id, tag from %s t left join %s m on (t.id = m.tid) where m.ttype = 'item'", getTable("tag"), getTable("metatag"));
	$res = rss_query($sql);
	$cntr = 0;
	while (list($id, $tag) = rss_fetch_row($res)) {
		$class_ = (($cntr++ % 2 == 0)?"even":"odd");
		echo "<tr class=\"$class_\">\n"
    ."\t<td><input type=\"checkbox\" name=\"tcb$id\" value=\"$id\" id=\"scb_$id\" /></td>\n"
		."\t<td><label for=\"scb_$id\">".htmlspecialchars($tag)."</label></td>\n"
		."\t<td><a href=\"".$_SERVER['PHP_SELF']. "?".CST_ADMIN_DOMAIN."=". CST_ADMIN_DOMAIN_TAGS
		."&amp;action=". CST_ADMIN_EDIT_ACTION. "&amp;id=$id\">" . __('edit')
		."</a>\n"
		."|<a href=\"".$_SERVER['PHP_SELF']. "?".CST_ADMIN_DOMAIN."=". CST_ADMIN_DOMAIN_TAGS
		."&amp;action=". CST_ADMIN_DELETE_ACTION ."&amp;id=$id\">" . __('delete') ."</a>\n"
		."|<a href=\"".getPath('tag/'.htmlspecialchars($tag))."\">" . __('view') ."</a>\n"		
		."</td>\n"
		."</tr>\n";
	}
	echo "</table>\n";
	echo "<fieldset>\n"
	."<legend>".__('Selected')."...</legend>\n"
	."<p>\n"
	."<input type=\"submit\" id=\"me_delete\" name=\"me_delete\" value=\"".__('Delete')."\" />\n"
	."<input type=\"checkbox\" name=\"me_do_delete\" id=\"me_do_delete\" value=\"1\" />\n"
	."<label for=\"me_do_delete\">".__("I'm sure!")."</label>\n"
	."<input type=\"hidden\" name=\"action\" value=\"".CST_ADMIN_DELETE_ACTION."\" />\n"
	."<input type=\"hidden\" name=\"".CST_ADMIN_DOMAIN."\" value=\"".CST_ADMIN_DOMAIN_TAGS."\" />\n"
	."</fieldset>\n"
	."</form>\n"
	."</div>\n";
}

function tag_edit($tid){
	$sql = "select id, tag from " . getTable("tag") ." where id=$tid";
	$res = rss_query($sql);
	list ($id, $tag) = rss_fetch_row($res);

	echo "<div>\n"
	."<h2>".ucfirst(__('edit'))." '$tag'</h2>\n"
	."<form method=\"post\" action=\"" .$_SERVER['PHP_SELF'] ."\" id=\"tagedit\">\n"

	."<div style=\"inline\"><input type=\"hidden\" name=\"".CST_ADMIN_DOMAIN."\" value=\"". CST_ADMIN_DOMAIN_TAGS."\"/>\n"
	."<input type=\"hidden\" name=\"action\" value=\"".CST_ADMIN_SUBMIT_EDIT."\"/>\n"
	."<input type=\"hidden\" name=\"id\" value=\"$tid\"/>\n"
	."<label for=\"t_name\">". __('Rename to...') ."</label>\n"
	."<input type=\"text\" id=\"t_name\" name=\"t_name\" value=\"$tag\"/>\n"
	."<input type=\"submit\" name=\"action_\" value=\"". __('Submit Changes') ."\"/></div>"
	."</form></div>\n";
}
Return current item: Gregarius