Location: PHPKode > projects > WB News > admin/edit-theme.php
<?php

/*========================================================*\
||########################################################||
||#                                                      #||
||#     WB News v2.0.0                                   #||
||# ---------------------------------------------------- #||
||#     Copyright (c) 2004-2007                          #||
||#     Created: 9th June 2007                           #||
||#     Filename: theme.php                              #||
||#                                                      #||
||########################################################||
/*========================================================*/

/**
 *  @author $Author: pmcilwaine $
 *	@version $Id: edit-theme.php,v 1.1.2.5.2.1 2008/07/14 11:02:37 pmcilwaine Exp $
 */

require_once( "global.php" );
$auth->login_if( !isset($_GET["id"]) ? !$auth->has_perm( "addtheme" ) : !$auth->has_perm( "modifytheme" ) );

$myform = "edit-theme";
if ( !isset($_SESSION["return_page"]) )
{
	$_SESSION["return_page"] = MAIN_SERVER . "/admin/theme.php";
}

$page = new PageTemplateEngine( BuildPath("admin/main-page.ihtml") );
$tmpl->SetFilename( BuildPath("admin/edit-theme.ihtml") );

$params = array(
	"entry" => "\t<li>%s</li>\n\t",
	"separator" => FALSE,
	"class_open" => "open",
	"links" => toolbarmenu()
	);
$toolbar = include( INCDIR . "/page-menu.php" );

$page->AddParam( "toolbar", $toolbar );
$page->AddParam( "userinfo", $userinfo );

$id = isset($_REQUEST["id"]) ? $DB->escape( $_REQUEST["id"] ) : NULL;

$cond = array();
$cond[] = "\"themeid\"='$id'";
$cond = join( " AND ", $cond );

$DB->query( "SELECT * FROM " . TBL_THEMES . " WHERE $cond" );
$is_new = !$DB->next_record();

$formdata =& $tmpl->AddParam( "formdata", array() );

if ( $_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST["form"]) && $_POST["form"] == $myform )
{

	$err_msg = array();

	switch ( Submit() )
	{
	case "Create":
	case "Ok":
		
		$title = sanitize_post( "title" );
		$themepath = sanitize_post( "themepath" );
		
		if ( "" == $title )
		{
			$err_msg["title"] = "You must enter a title";
		}
		if ( "" == $themepath )
		{
			$err_msg["themepath"] = "You must enter a theme path";
		}
		
		$cond = array();
		$cond[] = "\"themepath\"='$themepath'";
		if ( !$is_new )
		{
			$cond[] = "\"themeid\"!='$id'";
		}
		$cond = join( " AND ", $cond );
		
		$DB->query( "SELECT \"themeid\" FROM " . TBL_THEMES . " WHERE $cond" );
		if ( $DB->next_record() )
		{
			$err_msg["themepath"] = "You must use a different theme directory, already in use";
		}
		
		if ( count($err_msg) > 0 )
		{
			$_SESSION["formdata"] = $_POST;
			$_SESSION["err_msg"] = $err_msg;
			redirect( make_url() );
			exit;
		}
		
		$title = $DB->escape( $title );
		$themepath = $DB->escape( $themepath );
		
		$query = array();
		if ( $is_new )
		{
			$new_id = $DB->NewID( SEQ_PREFIX . "seq_themes" );
			
			$query[] = "INSERT INTO " . TBL_THEMES;
			$query[] = "(themeid,title,themepath)";
			$query[] = "VALUES($new_id,'$title','$themepath')";
		}
		else
		{
			$query[] = "UPDATE " . TBL_THEMES . " SET";
			$query[] = "title='$title',";
			$query[] = "themepath='$themepath'";
			$query[] = "WHERE themeid='$id'";
		}

		if ( !$DB->query( join( " ", $query ) ) )
		{
			Message( "Couldn't commit data" );
			$_SESSION["formdata"] = $_POST;
			$_SESSION["err_msg"][$myform] = $err_msg;
			redirect( make_url() );
			exit;
		}

		switch ( Submit() )
		{
		case "Create":
			Message( "Created new theme" );
			break;
		case "Ok":
			Message( "Updated theme \"$title\"" );
			break;
		default:
			Message( "Unknown action" );
			break;
		}
		
		redirect( $_SESSION["return_page"] );
		exit;
	case "Delete":
		$auth->login_if( !$auth->has_perm( "deletetheme" ) );
		$DB->query( "DELETE FROM " . TBL_THEMES . " WHERE themeid='$id'");
		Message( "Deleted theme " . htmlspecialchars( $_POST["title"] ) );
		redirect( $_SESSION["return_page"] );
		exit;
	case "Cancel":
		if ( $is_new )
		{
			Message( "Cancelled creating theme" );
		}
		else
		{
			Message( "Cancelled updating \"" . htmlspecialchars( $_POST["title"] ) . "\"" );
		}
		redirect( $_SESSION["return_page"] );
		exit;
	default:
		Message( "Unknown action" );
		exit;
	}

}

$tmpl->AddParam( "caption", !$is_new ? "Edit Theme" : "Create Theme" );

$formdata["hidden"] = array(
	"form" => $myform,
	"id" => $id
	);

$formdata["title"] = htmlspecialchars( $DB->field("title") );
$formdata["themepath"] = htmlspecialchars( $DB->field("themepath") );

if ( $is_new )
{
	$tmpl->AddParam( "buttons", "Cancel,Create" );
}
else
{
	$tmpl->AddParam( "buttons", "Cancel,Delete,Ok" );
}

if ( isset($_SESSION["formdata"]) )
{
	if ( isset($_SESSION["err_msg"][$myform]) )
	{
		$tmpl->AddParam( "msg", $_SESSION["err_msg"][$myform] );
	}

	$formdata["title"] = sanitize_post_html( "title", NULL , $_SESSION["formdata"] );
	$formdata["themepath"] = sanitize_post_html( "themepath", NULL , $_SESSION["formdata"] );

	unset( $_SESSION["formdata"], $_SESSION["err_msg"][$myform] );
}

$pagemenu =& $tmpl->AddParam( "pagemenu", array() );
$page->BindParam( "pagemenu", $tmpl );

$params = array(
	"entry" => "\t<li>%s</li>\n\t",
	"separator" => "\t<li>|</li>\n\t",
	"links" => buildmenu( $theme_info["pagemenu_build"] )
	);
$params = array_merge( $params, $theme_info["pagemenu"] );
$pagemenu = include( INCDIR . "/page-menu.php" );

$page->ParseContent( $tmpl->GetHTML() );
$page->ShowPage();

?>
Return current item: WB News