Location: PHPKode > projects > Shinobu > admin/pages/navigation.php
<?php

/* ---

	Copyright (C) 2008-2009 Frank Smit
	http://shinobu.61924.nl/

	This file is part of Shinobu.

	Shinobu is free software: you can redistribute it and/or modify
	it under the terms of the GNU General Public License as published by
	the Free Software Foundation, either version 3 of the License, or
	(at your option) any later version.

	Shinobu is distributed in the hope that it will be useful,
	but WITHOUT ANY WARRANTY; without even the implied warranty of
	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	GNU General Public License for more details.

	You should have received a copy of the GNU General Public License
	along with Shinobu. If not, see <http://www.gnu.org/licenses/>.

--- */

(!defined('SHINOBU_ADMIN')) ? exit : null;

if ($sys_user['p_manage_nav'] == 0)
{
	// Set page title
	$sys_tpl->assign('page_title', $sys_lang['e_error'].' - '.$sys_config['website_title'].' Admin');

	?>

<h2><span><?php echo $sys_lang['e_error'] ?></span></h2>

<p>You have no permission to access this page</p>

	<?php
}

// Edit navigation item
else if (isset($sys_request[2]) && $sys_request[2] == 'edit')
{
	$sys_request[3] = isset($sys_request[3]) && !empty($sys_request[3]) ? intval($sys_request[3]) : 0;
	$result = $sys_db->query('SELECT i.* FROM '.DB_PREFIX.'navigation AS i WHERE i.id='.$sys_request[3].' LIMIT 1') or error($sys_db->error(), __FILE__, __LINE__);

	// Update navigation item
	if ($sys_db->num_rows($result) > 0)
	{
		$navigation_item = $sys_db->fetch_assoc($result);

		if (isset($_POST['frm-submit']) && check_token())
		{
			$form = array_map('system_trim', $_POST['form']);
			$errors = false;

			$form['name'] = utf8_htmlencode($form['name']);
			$form['url'] = utf8_htmlencode($form['url']);
			$form['position'] = intval($form['position']);

			// Check name
			if (empty($form['name']))
				$errors['name'] = 'You must enter a name.';
			else if (utf8_strlen($form['name']) > 50)
				$errors['name'] = 'The name is too long.';

			// Check url
			if (empty($form['url']))
				$errors['url'] = 'You must enter a url.';
			else if (utf8_strlen($form['url']) > 255)
				$errors['url'] = 'The url is too long.';

			$form['visibility'] = $form['visibility'] == 1 ? 1 : 0;

			// Check/filter position
			if (empty($form['position']))
				$form['position'] = 0;
			else if ($form['position'] < 0 || $form['position'] > 100)
				$form['position'] = 0;

			if ($errors === false)
			{
				$sys_db->query('UPDATE '.DB_PREFIX.'navigation SET name=\''.$sys_db->escape($form['name']).'\', url=\''.$sys_db->escape($form['url']).'\', visibility='.$form['visibility'].', position='.intval($form['position']).' WHERE id='.$sys_request[3]) or error($sys_db->error(), __FILE__, __LINE__);
				generate_navigation(true);
				header('location: '.ADMIN_URL.URI_PREFIX.'navigation/edited'.URI_SUFFIX); exit;
			}
		}

		// Set page title
		$sys_tpl->assign('page_title', 'Edit navigation item - '.$sys_config['website_title'].' Admin');
		?>

<h2>Edit navigation item: <?php echo $navigation_item['name'] ?></h2>

<p>If you would like to make a navigation item that links to an external website - you just have the enter to absolute/full url (something like <strong>http://www.example.com/</strong>). A relative url will link to an internal page. A link to page one will look like this: <strong>p/1.html</strong>.</p>

<form method="post" accept-charset="utf-8" action="<?php echo ADMIN_URL, URI_PREFIX, 'navigation/edit/', $sys_request[3], URI_SUFFIX ?>">
	<div>
		<input type="hidden" name="token" value="<?php echo SYS_TOKEN ?>" />
	</div>

	<ul class="frm-vc">
		<li class="frm-hr">&nbsp;</li>

		<li class="frm-block<?php echo isset($errors['name']) ? ' form-error' : null ?>">
			<div class="fld-label"><label for="fld-0">Name:</label></div>
			<div class="fld-input"><input class="text" type="text" name="form[name]" id="fld-0" maxlength="20" value="<?php echo $navigation_item['name'] ?>" /></div>
			<?php echo isset($errors['name']) ? '<span class="fld-error-message">'.$errors['groupname'].'</span>' : null ?>
		</li>

		<li class="frm-block<?php echo isset($errors['url']) ? ' form-error' : null ?>">
			<div class="fld-label"><label for="fld-1">Url:</label></div>
			<div class="fld-input"><input class="text" type="text" name="form[url]" id="fld-1" maxlength="100" value="<?php echo $navigation_item['url'] ?>" /></div>
		</li>

		<li class="frm-block">
			<div class="fld-label"><label>Visibility:</label></div>
			<div class="fld-text">
				<div><label for="fld-2"><input type="radio" id="fld-2" name="form[visibility]" value="1" <?php echo $navigation_item['visibility'] == 1 ? 'checked="checked"' : null ?> /> Visible</label></div>
				<div><label for="fld-3"><input type="radio" id="fld-3" name="form[visibility]" value="0" <?php echo $navigation_item['visibility'] == 0 ? 'checked="checked"' : null ?> /> Hidden</label></div>
			</div>
		</li>

		<li class="frm-block">
			<div class="fld-label"><label for="fld-4">Position:</label></div>
			<div class="fld-input">
				<select name="form[position]" id="fld-4">
<?php for($i = 0;$i <= 100;++$i) echo "\t\t\t\t\t", '<option value="', $i, '"', ($navigation_item['position'] == $i ? ' selected="selected"' : ''),'>', $i, '</option>', "\n" ?>
				</select>
			</div>
		</li>

		<li class="frm-block frm-buttons">
			<div class="fld-label">&nbsp;</div>
			<div class="fld-input">
				<input type="submit" value="Update Item" name="frm-submit" />
				<input type="button" onclick="window.location='<?php echo ADMIN_URL, URI_PREFIX, 'navigation', URI_SUFFIX ?>'" value="Cancel" name="frm-cancel" />
			</div>
		</li>
	</ul>
</form>

		<?php
	}
	else
		send_404($sys_lang['e_error'], '<p>The navigation item does not exist.</p>', false);
}

// View navigation items
else
{
	if (isset($_POST['frm-update-positions']) && check_token())
	{
		$form = array_map('system_trim', $_POST['form']);

		foreach($form['position'] as $id => $new_position)
			$sys_db->query('UPDATE '.DB_PREFIX.'navigation SET position='.intval($new_position).' WHERE id='.intval($id)) or error($sys_db->error(), __FILE__, __LINE__);

		generate_navigation(true);
		header('location: '.ADMIN_URL.URI_PREFIX.'navigation'.URI_SUFFIX); exit;
	}

	// Delete navigation item
	if (isset($sys_request[2]) && $sys_request[2] == 'delete' && check_token(true))
	{
		$sys_request[3] = isset($sys_request[3]) ? intval($sys_request[3]) : 0;

		$result = $sys_db->query('SELECT id FROM '.DB_PREFIX.'navigation WHERE id='.$sys_request[3]) or error($sys_db->error(), __FILE__, __LINE__);

		if ($sys_db->num_rows($result) > 0)
		{
			$sys_db->query('DELETE FROM '.DB_PREFIX.'navigation WHERE id='.$sys_request[3]) or error($sys_db->error(), __FILE__, __LINE__);
			generate_navigation(true);
			header('location: '.ADMIN_URL.URI_PREFIX.'navigation/deleted'.URI_SUFFIX); exit;
		}
		else
		{
			header('location: '.ADMIN_URL.URI_PREFIX.'navigation'.URI_SUFFIX); exit;
		}
	}

	// Add new navigation item
	if (isset($_POST['frm-submit']) && isset($_GET['add']) && check_token())
	{
		// Set vars
		$form = array_map('system_trim', $_POST['form']);
		$errors = false;

		$form['name'] = utf8_htmlencode($form['name']);
		$form['url'] = utf8_htmlencode($form['url']);
		$form['position'] = intval($form['position']);

		// Check name
		if (empty($form['name']))
			$errors['name'] = 'You must enter a name.';
		else if (utf8_strlen($form['name']) > 50)
			$errors['name'] = 'The name is too long.';

		// Check url
		if (empty($form['url']))
			$errors['url'] = 'You must enter a url.';
		else if (utf8_strlen($form['url']) > 255)
			$errors['url'] = 'The url is too long.';

		// Check/filter position
		if (empty($form['position']))
			$form['position'] = 0;
		else if ($form['position'] < 0 || $form['position'] > 100)
			$form['position'] = 0;

		if ($errors === false)
		{
			$sys_db->query('INSERT INTO '.DB_PREFIX.'navigation (name, url, position) VALUES(\''.$sys_db->escape($form['name']).'\', \''.$sys_db->escape($form['url']).'\', '.intval($form['position']).')') or error($sys_db->error(), __FILE__, __LINE__);
			generate_navigation(true);
			header('location: '.ADMIN_URL.URI_PREFIX.'navigation/added'.URI_SUFFIX); exit;
		}
	}

	if (isset($sys_request[2]) && $sys_request[2] === 'added')
		$sys_tpl->add('main_content', '<div class="success">Navigation item succesfully added.</div>');
	else if (isset($sys_request[2]) && $sys_request[2] === 'edited')
		$sys_tpl->add('main_content', '<div class="success">Navigation item succesfully edited.</div>');
	else if (isset($sys_request[2]) && $sys_request[2] === 'deleted')
		$sys_tpl->add('main_content', '<div class="success">Navigation item succesfully deleted.</div>');

	// Set page title
	$sys_tpl->assign('page_title', 'Navigation - '.$sys_config['website_title'].' Admin');

	?>

<h2>Navigation</h2>

<p>Edit or delete navigation items.</p>

<form method="post" accept-charset="utf-8" action="<?php echo ADMIN_URL, URI_PREFIX, 'navigation', URI_SUFFIX ?>">
	<div>
		<input type="hidden" name="token" value="<?php echo SYS_TOKEN ?>" />
		<input type="hidden" name="frm-update-positions" value="1" />
	</div>

	<table id="navigation-list">
		<thead>
			<tr>
				<th class="td-name">Name</th>
				<th class="td-url">Url</th>
				<th class="td-position">Visibility</th>
				<th class="td-position">Position</th>
				<th class="td-actions">Actions</th>
			</tr>
		</thead>
		<tbody>
		<?php

		$result = $sys_db->query('SELECT m.* FROM '.DB_PREFIX.'navigation AS m ORDER BY m.position ASC') or error($sys_db->error(), __FILE__, __LINE__);

		if ($sys_db->num_rows($result) > 0):
			while ($row = $sys_db->fetch_assoc($result)): ?>

				<tr>
					<td class="td-name"><?php echo $row['name'] ?></td>
					<td class="td-url"><?php echo $row['url'] ?></td>
					<td class="td-visibility"><?php echo $row['visibility'] == 1 ? 'Visible' : 'Hidden' ?></td>
					<td class="td-position">
						<select onchange="this.form.submit();" name="form[position][<?php echo $row['id'] ?>]"><?php for($i = 0;$i <= 100;++$i) echo '<option value="', $i, '"', ($row['position'] == $i ? ' selected="selected"' : ''),'>', $i, '</option>'; ?></select>
					</td>
					<td class="td-actions"><a href="<?php echo ADMIN_URL, URI_PREFIX, 'navigation/edit/', $row['id'], URI_SUFFIX ?>">Edit</a> - <a class="confirm" href="<?php echo ADMIN_URL, '/', URI_PREFIX, 'navigation/delete/', $row['id'], URI_SUFFIX, '&amp;token=', SYS_TOKEN ?>">Delete</a></td>
				</tr>

			<?php endwhile ?>

				<tr class="nojs">
					<td colspan="3">&nbsp;</td>
					<td class="td-position">
						<input type="submit" value="Update" />
					</td>
					<td>&nbsp;</td>
				</tr>

		<?php else: ?>

			<tr>
				<td colspan="4">There are no items.</td>
			</tr>

		<?php endif ?>

		</tbody>
	</table>
</form>

<h3>Add new navigation item</h3>

<p>If you would like to make a navigation item that links to an external website - you just have the enter to absolute/full url (something like <strong>http://www.example.com/</strong>). A relative url will link to an internal page. A link to page one will look like this: <strong>p/1.html</strong>.</p>

	<?php

	if (isset($errors) && count($errors) > 0)
	{
		echo '<ul>';
		foreach ($errors as $error)
			echo '<li>', $error, '</li>';
		echo '</ul>';
	}

	?>

<form method="post" accept-charset="utf-8" action="<?php echo ADMIN_URL, URI_PREFIX, 'navigation', URI_SUFFIX, '&amp;add' ?>">

	<div>
		<input type="hidden" name="token" value="<?php echo SYS_TOKEN ?>" />
	</div>

	<ul id="add-usergroup" class="frm-hc hc-box hc-inline-box">
		<li class="frm-block<?php echo isset($errors['name']) ? ' form-error' : null ?>">
			<div class="fld-label"><label for="fld-0">Name:</label></div>
			<div class="fld-input"><input class="text" type="text" name="form[name]" id="fld-0" maxlength="50" /></div>
		</li>

		<li class="frm-block">
			<div class="fld-label"><label for="fld-1">Url:</label></div>
			<div class="fld-input">
				<input class="text" type="text" name="form[url]" id="fld-1" maxlength="255" />
			</div>
		</li>

		<li class="frm-block">
			<div class="fld-label"><label for="fld-2">Position:</label></div>
			<div class="fld-input">
				<select name="form[position]" id="fld-2">
<?php for($i = 0;$i <= 100;++$i) echo "\t\t\t\t\t", '<option value="', $i, '">', $i, '</option>', "\n" ?>
				</select>
			</div>
		</li>

		<li class="frm-block frm-buttons">
			<div class="fld-input">
				<input type="submit" value="Add Item" name="frm-submit" />
			</div>
		</li>
	</ul>
</form>

<?php } ?>
Return current item: Shinobu