Location: PHPKode > projects > Yappa-ng > yappa-ng/admin_modules/admin_module_edit.inc.php
<?php

/*
 * ***********************************************************************************************
 * Filename:     admin_module_edit.inc.php
 * Module:       Admin-Module
 * Subcategory:  Edit / Create Albuminfo
 * Description:  Edits the albuminfo  (Language specific)
 * ***********************************************************************************************
 *
 *
 * Project:     yappa-ng : yet another php photo album - next generation
 * Author:      Fritz Berger <hide@address.com>
 * Copyright:   2003 Fritz Berger
 * $Header: /cvsroot/yappa-ng/yappa-ng/admin_modules/admin_module_edit.inc.php,v 1.18 2005/04/25 18:02:06 zirkon13 Exp $
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 *
 * You may contact the author of yappa-ng by e-mail at:
 *    hide@address.com
 *
 * The latest version of yappa-ng can be obtained from:
 *    http://www.zirkon.at/zirkon/scripts/yappa-ng/yappa-ng_main_ger.html (german)
 *    http://www.zirkon.at/zirkon/scripts/yappa-ng/yappa-ng_main_eng.html (english)
 *
 * ***********************************************************************************************
 * ***********************************************************************************************
 * ***                                                                                         ***
 * ***   yappa-ng is based on "YAPPA v1.7 devel - 22.April 2002"                               ***
 * ***                         released on http://sourceforge.net/projects/yappa/              ***
 * ***   YAPPA is Copyright Federico 'pix' Feroldi (hide@address.com)                           ***
 * ***   YAPPA is released under the GNU GPL                                                   ***
 * ***                                                                                         ***
 * ***********************************************************************************************
 * ***********************************************************************************************
 */

?>

<?php

/*
 * Standard Security Check
 */

if (!defined('SecCheck')) {
	die("You Cannot Access This Script Directly - Have a Nice Day.");
}


include_once($config['path_src_include'] . "check_html.inc.php");

function HandleForm () {
	global $config;
	global $lang_akt, $lang_used;


	// in the album-title ALL html-tags are forbidden
	$checkhtml_title = SaveHTML($_POST['admin_form']['title'],$allow_html=false);
	//$checkhtml_title = htmlentities($checkhtml_title);
	//$checkhtml_title = htmlspecialchars($checkhtml_title);

	// in the album-info ALL html-tags are forbidden IF it is a demo-gallery
	// else only a hrefs are forbidden!
	if ($config["demo_gallery"] == "yes") {
		$allow_html=false;
		$allow_a = "0";
	} else {
		$allow_html=true;
		/* if you think you want to permit <a href...> x </a> tags then set it to yes in your config.inc.php ! */
		if ($config['permit_ahref'] != "yes") {
			$allow_a = "0";
		} else {
			$allow_a = "2";
		}
	}
	$checkhtml_comment = SaveHTML($_POST['admin_form']['comment'],$allow_html,$allow_a);
	// $checkhtml_comment = htmlentities($checkhtml_comment);
	$infofilename = singleslash($config["photo_root"] . "/" . rawurldecode($_GET["album"]) . "/" . $config['data_dirname'] . "/" . $lang_akt["info"]);
	$fd = fopen($infofilename, "w");
	if ($fd) {
		flock($fd, 2); // get an exclusive lock
		fwrite($fd, $checkhtml_title . "\n");
		fwrite($fd, $checkhtml_comment);
		flock($fd, 3); // release the lock
		fclose($fd);
		// log level 1: Administration
		if((int)"1" & (int)$config["loglevel"]) {
			$log_msg = date("U") . "|Administration|" . "AlbumAdmin Edit Albumdescription (" . $lang_used . "): '" . $infofilename . "' albuminfo saved.|" . $_SERVER['REMOTE_ADDR'] . "|-|admin_module_edit.inc.php|" . __LINE__ . "\n";
			@error_log($log_msg, 3, "yappa-ng.log");
		}
		return 1;
	} else {
		// log level: Warning
		if((int)"8" & (int)$config["loglevel"]) {
			$log_msg = date("U") . "|Warning|" . "AlbumAdmin Edit Albumdescription (" . $lang_used . "): ERROR in writing albuminfo for album '" . $infofilename . "'|" . $_SERVER['REMOTE_ADDR'] . "|-|admin_module_edit.inc.php|" . __LINE__ . "\n";
			@error_log($log_msg, 3, "yappa-ng.log");
		}
		return 2;
	}


}

$uri_base = str_replace("&admintask=Description","",$global_var['self_url']);

$config['lang_intuitive'] = "no";

if(isset($_POST['BeenSubmitted'])) {
	$answer = HandleForm();

}
$album->clear_album_comment();
$album->read_album_info();
$page["album_title"] = $album->_album_title;
$page["album_comment"] = $album->_album_comment;

?>

<form action="<?php print $global_var['self_url']; ?>" method="post">
<table cellspacing="0" cellpadding="5" border="0" width="100%">
<tr valign="top">
<td class="thumbnailCell">
<table width="100%" border="0" cellspacing="0" cellpadding="3">
	<tr><td colspan=4 align="center" class="adminHeading"><?php print $lang_akt["admin_info_hmain"]; ?></td></tr>
	<tr><td colspan=4 align="center" class="adminLanguage"><?php print $lang_akt["admin_info_expl1"]; ?></td></tr>
	<tr><td colspan=4 align="center" class="adminLanguage"><?php print $lang_akt["admin_info_expl2"]; ?></td></tr>
	<tr><td colspan="4" class="passwdAdminCancel" align="center" >
	[ <b><a href="<?php echo $uri_base ?>"><?php echo $lang_akt["passwd_admin_cancel"]; ?></b></a> ]</td></tr>
	<tr><td width="10%">&nbsp;</td><td width="25%">&nbsp;</td><td width="5%">&nbsp;</td><td>&nbsp;</td></tr>
	<?php if ($config["demo_gallery"] == "yes") { ?>
		<tr><td colspan=4 align="center" class="adminDemo"><?php print $lang_akt["admin_info_demo1"]; ?></td></tr>
		<tr><td colspan=4 align="center" class="adminDemo"><?php print $lang_akt["admin_info_demo2"]; ?></td></tr>
		<tr><td colspan="4">&nbsp;</td></tr>
	<?php } ?>

	<tr><td colspan="4" align="center" class="adminStatus">
	<?php if(isset($_POST['BeenSubmitted'])) {
		switch($answer) {
			case 1:
				print $lang_akt["admin_info_status1"];
				break;
			case 2:
				print $lang_akt["admin_info_status2"];
				break;
			default:
				print "";
				break;
		}
	} ?>
	</td></tr>
	<tr><td colspan="4">&nbsp;</td></tr>

	<tr><td colspan=4 class="adminDescription"><?php print $lang_akt["admin_info_titleh"]; ?></td></tr>
	<tr><td colspan=4 class="adminComments"><?php print $lang_akt["admin_info_titlefull"]; ?></td></tr>
	<tr>
	<td>&nbsp;</td>
	<td colspan="3" class="adminSelection"><input type="text" name="admin_form[title]" size="50" value="<?php print $page["album_title"]; ?>"> <?php print $lang_akt["admin_info_titletext"]; ?></td>
	</tr>
	<tr><td colspan="4">&nbsp;</td></tr>
	<?php 

	/* if it is not a demo gallery give some examples of allowed html-tags */
	if ($config["demo_gallery"] != "yes") { ?>
	<tr><td>&nbsp;</td><td class="adminComments"><?php  print $lang_akt["admin_info_allowed_html"]; ?></td><td class="adminComments"><?php  print $lang_akt["admin_info_allowed_html_br"]; ?></td><td>&nbsp</td></tr>
	<tr><td>&nbsp;</td><td>&nbsp;</td><td class="adminComments"><?php  print $lang_akt["admin_info_allowed_html_bold"]; ?></td><td>&nbsp</td></tr>
	<tr><td>&nbsp;</td><td>&nbsp;</td><td class="adminComments" nowrap="nowrap"><?php  print $lang_akt["admin_info_allowed_html_underline"]; ?></td><td>&nbsp</td></tr>
	<?php } ?>

	<tr><td colspan=4 class="adminDescription"><?php print $lang_akt["admin_info_commenth"]; ?></td></tr>
	<tr><td colspan=4 class="adminComments"><?php print $lang_akt["admin_info_commentfull"]; ?></td></tr>
	<tr>
	<td>&nbsp;</td>
	<?php $admin_form['comment'] = ""; ?>
	<td colspan="3" class="adminSelection"><textarea name="admin_form[comment]" rows="10" cols="50"><?php print $page["album_comment"]; ?></textarea> <?php print $lang_akt["admin_info_commenttext"]; ?></td>
	</tr>
	<tr><td colspan="4">&nbsp;</td></tr>



	<tr><td colspan="4">&nbsp;</td></tr>
	<tr><td colspan="4" align="center">
		<input type="hidden" name="BeenSubmitted" value="true">
		<input type="submit" name="submit" value="<?php print $lang_akt['submit']; ?>">
	</td>
	</tr>


</table>
</td>
</tr>
</table>
</form>


<?php



?>
Return current item: Yappa-ng