<?php
/* ---
Copyright (C) 2008-2009 Frank Smit
http://shinobu.61924.nl/
This file is part of Shinobu.
Shinobu is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
Shinobu is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with Shinobu. If not, see <http://www.gnu.org/licenses/>.
--- */
(!defined('SHINOBU_ADMIN')) ? exit : null;
if ($sys_user['p_manage_nav'] == 0)
{
// Set page title
$sys_tpl->assign('page_title', $sys_lang['e_error'].' - '.$sys_config['website_title'].' Admin');
?>
<h2><span><?php echo $sys_lang['e_error'] ?></span></h2>
<p>You have no permission to access this page</p>
<?php
}
// Edit navigation item
else if (isset($sys_request[2]) && $sys_request[2] == 'edit')
{
$sys_request[3] = isset($sys_request[3]) && !empty($sys_request[3]) ? intval($sys_request[3]) : 0;
$result = $sys_db->query('SELECT i.* FROM '.DB_PREFIX.'navigation AS i WHERE i.id='.$sys_request[3].' LIMIT 1') or error($sys_db->error(), __FILE__, __LINE__);
// Update navigation item
if ($sys_db->num_rows($result) > 0)
{
$navigation_item = $sys_db->fetch_assoc($result);
if (isset($_POST['frm-submit']) && check_token())
{
$form = array_map('system_trim', $_POST['form']);
$errors = false;
$form['name'] = utf8_htmlencode($form['name']);
$form['url'] = utf8_htmlencode($form['url']);
$form['position'] = intval($form['position']);
// Check name
if (empty($form['name']))
$errors['name'] = 'You must enter a name.';
else if (utf8_strlen($form['name']) > 50)
$errors['name'] = 'The name is too long.';
// Check url
if (empty($form['url']))
$errors['url'] = 'You must enter a url.';
else if (utf8_strlen($form['url']) > 255)
$errors['url'] = 'The url is too long.';
$form['visibility'] = $form['visibility'] == 1 ? 1 : 0;
// Check/filter position
if (empty($form['position']))
$form['position'] = 0;
else if ($form['position'] < 0 || $form['position'] > 100)
$form['position'] = 0;
if ($errors === false)
{
$sys_db->query('UPDATE '.DB_PREFIX.'navigation SET name=\''.$sys_db->escape($form['name']).'\', url=\''.$sys_db->escape($form['url']).'\', visibility='.$form['visibility'].', position='.intval($form['position']).' WHERE id='.$sys_request[3]) or error($sys_db->error(), __FILE__, __LINE__);
generate_navigation(true);
header('location: '.ADMIN_URL.URI_PREFIX.'navigation/edited'.URI_SUFFIX); exit;
}
}
// Set page title
$sys_tpl->assign('page_title', 'Edit navigation item - '.$sys_config['website_title'].' Admin');
?>
<h2>Edit navigation item: <?php echo $navigation_item['name'] ?></h2>
<p>If you would like to make a navigation item that links to an external website - you just have the enter to absolute/full url (something like <strong>http://www.example.com/</strong>). A relative url will link to an internal page. A link to page one will look like this: <strong>p/1.html</strong>.</p>
<form method="post" accept-charset="utf-8" action="<?php echo ADMIN_URL, URI_PREFIX, 'navigation/edit/', $sys_request[3], URI_SUFFIX ?>">
<div>
<input type="hidden" name="token" value="<?php echo SYS_TOKEN ?>" />
</div>
<ul class="frm-vc">
<li class="frm-hr"> </li>
<li class="frm-block<?php echo isset($errors['name']) ? ' form-error' : null ?>">
<div class="fld-label"><label for="fld-0">Name:</label></div>
<div class="fld-input"><input class="text" type="text" name="form[name]" id="fld-0" maxlength="20" value="<?php echo $navigation_item['name'] ?>" /></div>
<?php echo isset($errors['name']) ? '<span class="fld-error-message">'.$errors['groupname'].'</span>' : null ?>
</li>
<li class="frm-block<?php echo isset($errors['url']) ? ' form-error' : null ?>">
<div class="fld-label"><label for="fld-1">Url:</label></div>
<div class="fld-input"><input class="text" type="text" name="form[url]" id="fld-1" maxlength="100" value="<?php echo $navigation_item['url'] ?>" /></div>
</li>
<li class="frm-block">
<div class="fld-label"><label>Visibility:</label></div>
<div class="fld-text">
<div><label for="fld-2"><input type="radio" id="fld-2" name="form[visibility]" value="1" <?php echo $navigation_item['visibility'] == 1 ? 'checked="checked"' : null ?> /> Visible</label></div>
<div><label for="fld-3"><input type="radio" id="fld-3" name="form[visibility]" value="0" <?php echo $navigation_item['visibility'] == 0 ? 'checked="checked"' : null ?> /> Hidden</label></div>
</div>
</li>
<li class="frm-block">
<div class="fld-label"><label for="fld-4">Position:</label></div>
<div class="fld-input">
<select name="form[position]" id="fld-4">
<?php for($i = 0;$i <= 100;++$i) echo "\t\t\t\t\t", '<option value="', $i, '"', ($navigation_item['position'] == $i ? ' selected="selected"' : ''),'>', $i, '</option>', "\n" ?>
</select>
</div>
</li>
<li class="frm-block frm-buttons">
<div class="fld-label"> </div>
<div class="fld-input">
<input type="submit" value="Update Item" name="frm-submit" />
<input type="button" onclick="window.location='<?php echo ADMIN_URL, URI_PREFIX, 'navigation', URI_SUFFIX ?>'" value="Cancel" name="frm-cancel" />
</div>
</li>
</ul>
</form>
<?php
}
else
send_404($sys_lang['e_error'], '<p>The navigation item does not exist.</p>', false);
}
// View navigation items
else
{
if (isset($_POST['frm-update-positions']) && check_token())
{
$form = array_map('system_trim', $_POST['form']);
foreach($form['position'] as $id => $new_position)
$sys_db->query('UPDATE '.DB_PREFIX.'navigation SET position='.intval($new_position).' WHERE id='.intval($id)) or error($sys_db->error(), __FILE__, __LINE__);
generate_navigation(true);
header('location: '.ADMIN_URL.URI_PREFIX.'navigation'.URI_SUFFIX); exit;
}
// Delete navigation item
if (isset($sys_request[2]) && $sys_request[2] == 'delete' && check_token(true))
{
$sys_request[3] = isset($sys_request[3]) ? intval($sys_request[3]) : 0;
$result = $sys_db->query('SELECT id FROM '.DB_PREFIX.'navigation WHERE id='.$sys_request[3]) or error($sys_db->error(), __FILE__, __LINE__);
if ($sys_db->num_rows($result) > 0)
{
$sys_db->query('DELETE FROM '.DB_PREFIX.'navigation WHERE id='.$sys_request[3]) or error($sys_db->error(), __FILE__, __LINE__);
generate_navigation(true);
header('location: '.ADMIN_URL.URI_PREFIX.'navigation/deleted'.URI_SUFFIX); exit;
}
else
{
header('location: '.ADMIN_URL.URI_PREFIX.'navigation'.URI_SUFFIX); exit;
}
}
// Add new navigation item
if (isset($_POST['frm-submit']) && isset($_GET['add']) && check_token())
{
// Set vars
$form = array_map('system_trim', $_POST['form']);
$errors = false;
$form['name'] = utf8_htmlencode($form['name']);
$form['url'] = utf8_htmlencode($form['url']);
$form['position'] = intval($form['position']);
// Check name
if (empty($form['name']))
$errors['name'] = 'You must enter a name.';
else if (utf8_strlen($form['name']) > 50)
$errors['name'] = 'The name is too long.';
// Check url
if (empty($form['url']))
$errors['url'] = 'You must enter a url.';
else if (utf8_strlen($form['url']) > 255)
$errors['url'] = 'The url is too long.';
// Check/filter position
if (empty($form['position']))
$form['position'] = 0;
else if ($form['position'] < 0 || $form['position'] > 100)
$form['position'] = 0;
if ($errors === false)
{
$sys_db->query('INSERT INTO '.DB_PREFIX.'navigation (name, url, position) VALUES(\''.$sys_db->escape($form['name']).'\', \''.$sys_db->escape($form['url']).'\', '.intval($form['position']).')') or error($sys_db->error(), __FILE__, __LINE__);
generate_navigation(true);
header('location: '.ADMIN_URL.URI_PREFIX.'navigation/added'.URI_SUFFIX); exit;
}
}
if (isset($sys_request[2]) && $sys_request[2] === 'added')
$sys_tpl->add('main_content', '<div class="success">Navigation item succesfully added.</div>');
else if (isset($sys_request[2]) && $sys_request[2] === 'edited')
$sys_tpl->add('main_content', '<div class="success">Navigation item succesfully edited.</div>');
else if (isset($sys_request[2]) && $sys_request[2] === 'deleted')
$sys_tpl->add('main_content', '<div class="success">Navigation item succesfully deleted.</div>');
// Set page title
$sys_tpl->assign('page_title', 'Navigation - '.$sys_config['website_title'].' Admin');
?>
<h2>Navigation</h2>
<p>Edit or delete navigation items.</p>
<form method="post" accept-charset="utf-8" action="<?php echo ADMIN_URL, URI_PREFIX, 'navigation', URI_SUFFIX ?>">
<div>
<input type="hidden" name="token" value="<?php echo SYS_TOKEN ?>" />
<input type="hidden" name="frm-update-positions" value="1" />
</div>
<table id="navigation-list">
<thead>
<tr>
<th class="td-name">Name</th>
<th class="td-url">Url</th>
<th class="td-position">Visibility</th>
<th class="td-position">Position</th>
<th class="td-actions">Actions</th>
</tr>
</thead>
<tbody>
<?php
$result = $sys_db->query('SELECT m.* FROM '.DB_PREFIX.'navigation AS m ORDER BY m.position ASC') or error($sys_db->error(), __FILE__, __LINE__);
if ($sys_db->num_rows($result) > 0):
while ($row = $sys_db->fetch_assoc($result)): ?>
<tr>
<td class="td-name"><?php echo $row['name'] ?></td>
<td class="td-url"><?php echo $row['url'] ?></td>
<td class="td-visibility"><?php echo $row['visibility'] == 1 ? 'Visible' : 'Hidden' ?></td>
<td class="td-position">
<select onchange="this.form.submit();" name="form[position][<?php echo $row['id'] ?>]"><?php for($i = 0;$i <= 100;++$i) echo '<option value="', $i, '"', ($row['position'] == $i ? ' selected="selected"' : ''),'>', $i, '</option>'; ?></select>
</td>
<td class="td-actions"><a href="<?php echo ADMIN_URL, URI_PREFIX, 'navigation/edit/', $row['id'], URI_SUFFIX ?>">Edit</a> - <a class="confirm" href="<?php echo ADMIN_URL, '/', URI_PREFIX, 'navigation/delete/', $row['id'], URI_SUFFIX, '&token=', SYS_TOKEN ?>">Delete</a></td>
</tr>
<?php endwhile ?>
<tr class="nojs">
<td colspan="3"> </td>
<td class="td-position">
<input type="submit" value="Update" />
</td>
<td> </td>
</tr>
<?php else: ?>
<tr>
<td colspan="4">There are no items.</td>
</tr>
<?php endif ?>
</tbody>
</table>
</form>
<h3>Add new navigation item</h3>
<p>If you would like to make a navigation item that links to an external website - you just have the enter to absolute/full url (something like <strong>http://www.example.com/</strong>). A relative url will link to an internal page. A link to page one will look like this: <strong>p/1.html</strong>.</p>
<?php
if (isset($errors) && count($errors) > 0)
{
echo '<ul>';
foreach ($errors as $error)
echo '<li>', $error, '</li>';
echo '</ul>';
}
?>
<form method="post" accept-charset="utf-8" action="<?php echo ADMIN_URL, URI_PREFIX, 'navigation', URI_SUFFIX, '&add' ?>">
<div>
<input type="hidden" name="token" value="<?php echo SYS_TOKEN ?>" />
</div>
<ul id="add-usergroup" class="frm-hc hc-box hc-inline-box">
<li class="frm-block<?php echo isset($errors['name']) ? ' form-error' : null ?>">
<div class="fld-label"><label for="fld-0">Name:</label></div>
<div class="fld-input"><input class="text" type="text" name="form[name]" id="fld-0" maxlength="50" /></div>
</li>
<li class="frm-block">
<div class="fld-label"><label for="fld-1">Url:</label></div>
<div class="fld-input">
<input class="text" type="text" name="form[url]" id="fld-1" maxlength="255" />
</div>
</li>
<li class="frm-block">
<div class="fld-label"><label for="fld-2">Position:</label></div>
<div class="fld-input">
<select name="form[position]" id="fld-2">
<?php for($i = 0;$i <= 100;++$i) echo "\t\t\t\t\t", '<option value="', $i, '">', $i, '</option>', "\n" ?>
</select>
</div>
</li>
<li class="frm-block frm-buttons">
<div class="fld-input">
<input type="submit" value="Add Item" name="frm-submit" />
</div>
</li>
</ul>
</form>
<?php } ?>