This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
1 | <?php |
||
2 | |||
3 | declare(strict_types=1); |
||
4 | |||
5 | /** |
||
6 | * You may not change or alter any portion of this comment or credits |
||
7 | * of supporting developers from this source code or any supporting source code |
||
8 | * which is considered copyrighted (c) material of the original comment or credit authors. |
||
9 | * |
||
10 | * |
||
11 | * @category Module |
||
12 | * @author XOOPS Development Team |
||
13 | * @copyright XOOPS Project |
||
14 | * @link https://xoops.org |
||
15 | * @license GNU GPL 2 or later (https://www.gnu.org/licenses/gpl-2.0.html) |
||
16 | */ |
||
17 | |||
18 | use Xmf\Module\Admin; |
||
19 | use Xmf\Request; |
||
20 | use XoopsModules\Lexikon\{ |
||
21 | Common\Configurator, |
||
22 | Helper |
||
23 | }; |
||
24 | /** @var Admin $adminObject */ |
||
25 | /** @var Helper $helper */ |
||
26 | |||
27 | require __DIR__ . '/admin_header.php'; |
||
28 | require_once XOOPS_ROOT_PATH . '/kernel/block.php'; |
||
29 | |||
30 | $moduleDirName = \basename(\dirname(__DIR__)); |
||
31 | $moduleDirNameUpper = \mb_strtoupper($moduleDirName); |
||
32 | |||
33 | if (!is_object($GLOBALS['xoopsUser']) || !is_object($xoopsModule) |
||
34 | || !$GLOBALS['xoopsUser']->isAdmin($xoopsModule->mid())) { |
||
35 | exit(constant('CO_' . $moduleDirNameUpper . '_' . 'ERROR403')); |
||
36 | } |
||
37 | if ($GLOBALS['xoopsUser']->isAdmin($xoopsModule->mid())) { |
||
38 | require_once XOOPS_ROOT_PATH . '/kernel/block.php'; |
||
39 | $op = 'list'; |
||
40 | if (isset($_POST)) { |
||
41 | foreach ($_POST as $k => $v) { |
||
42 | ${$k} = $v; |
||
43 | } |
||
44 | } |
||
45 | /* |
||
46 | if (Request::hasVar('op', 'GET')) { |
||
47 | if ('edit' === $_GET['op'] || 'delete' === $_GET['op'] || 'delete_ok' === $_GET['op'] || 'clone' === $_GET['op'] |
||
48 | || 'edit' === $_GET['op']) { |
||
49 | $op = $_GET['op']; |
||
50 | $bid = Request::getInt('bid', 0, 'GET'); |
||
51 | } |
||
52 | */ |
||
53 | |||
54 | $op = Request::getString('op', $op); |
||
55 | if (in_array($op, ['edit', 'delete', 'delete_ok', 'clone'])) { |
||
56 | $bid = Request::getInt('bid', 0, 'GET'); |
||
57 | } |
||
58 | |||
59 | function listBlocks() |
||
60 | { |
||
61 | global $xoopsModule, $pathIcon16; |
||
62 | // require_once XOOPS_ROOT_PATH . '/class/xoopslists.php'; |
||
63 | xoops_load('xoopslist'); |
||
64 | $moduleDirName = \basename(\dirname(__DIR__)); |
||
65 | $moduleDirNameUpper = \mb_strtoupper($moduleDirName); |
||
66 | /** @var \XoopsMySQLDatabase $db */ |
||
67 | $db = \XoopsDatabaseFactory::getDatabaseConnection(); |
||
68 | |||
69 | $adminObject = Admin::getInstance(); |
||
70 | $adminObject->displayNavigation(basename(__FILE__)); |
||
71 | |||
72 | xoops_loadLanguage('admin', 'system'); |
||
73 | xoops_loadLanguage('admin/blocksadmin', 'system'); |
||
74 | xoops_loadLanguage('admin/groups', 'system'); |
||
75 | |||
76 | $configurator = new Configurator(); |
||
77 | $icons = $configurator->icons; |
||
78 | |||
79 | /** @var \XoopsModuleHandler $moduleHandler */ |
||
80 | $moduleHandler = xoops_getHandler('module'); |
||
81 | /** @var \XoopsMemberHandler $memberHandler */ |
||
82 | $memberHandler = xoops_getHandler('member'); |
||
83 | /** @var \XoopsGroupPermHandler $grouppermHandler */ |
||
84 | $grouppermHandler = xoops_getHandler('groupperm'); |
||
85 | $groups = $memberHandler->getGroups(); |
||
86 | $criteria = new \CriteriaCompo(new \Criteria('hasmain', 1)); |
||
87 | $criteria->add(new \Criteria('isactive', 1)); |
||
88 | $moduleList = $moduleHandler->getList($criteria); |
||
89 | $moduleList[-1] = _AM_SYSTEM_BLOCKS_TOPPAGE; |
||
90 | $moduleList[0] = _AM_SYSTEM_BLOCKS_ALLPAGES; |
||
91 | ksort($moduleList); |
||
92 | echo " |
||
93 | <h4 style='text-align:left;'>" . constant('CO_' . $moduleDirNameUpper . '_' . 'BADMIN') . '</h4>'; |
||
94 | echo "<form action='" . Request::getString('SCRIPT_NAME', '', 'SERVER') . "' name='blockadmin' method='post'>"; |
||
95 | echo $GLOBALS['xoopsSecurity']->getTokenHTML(); |
||
96 | echo "<table width='100%' class='outer' cellpadding='4' cellspacing='1'> |
||
97 | <tr valign='middle'><th align='center'>" |
||
98 | . _AM_SYSTEM_BLOCKS_TITLE |
||
99 | . "</th><th align='center' nowrap='nowrap'>" |
||
100 | . constant('CO_' . $moduleDirNameUpper . '_' . 'SIDE') |
||
101 | . '<br>' |
||
102 | . _LEFT |
||
103 | . '-' |
||
104 | . _CENTER |
||
105 | . '-' |
||
106 | . _RIGHT |
||
107 | . "</th><th align='center'>" |
||
108 | . constant('CO_' . $moduleDirNameUpper . '_' . 'WEIGHT') |
||
109 | . "</th><th align='center'>" |
||
110 | . constant('CO_' . $moduleDirNameUpper . '_' . 'VISIBLE') |
||
111 | . "</th><th align='center'>" |
||
112 | . _AM_SYSTEM_BLOCKS_VISIBLEIN |
||
113 | . "</th><th align='center'>" |
||
114 | . _AM_SYSTEM_ADGS |
||
115 | . "</th><th align='center'>" |
||
116 | . _AM_SYSTEM_BLOCKS_BCACHETIME |
||
117 | . "</th><th align='center'>" |
||
118 | . constant('CO_' . $moduleDirNameUpper . '_' . 'ACTION') |
||
119 | . '</th></tr> |
||
120 | '; |
||
121 | $blockArray = \XoopsBlock::getByModule($xoopsModule->mid()); |
||
122 | $blockCount = count($blockArray); |
||
123 | $class = 'even'; |
||
124 | $cachetimes = [ |
||
125 | 0 => _NOCACHE, |
||
126 | 30 => sprintf(_SECONDS, 30), |
||
127 | 60 => _MINUTE, |
||
128 | 300 => sprintf(_MINUTES, 5), |
||
129 | 1800 => sprintf(_MINUTES, 30), |
||
130 | 3600 => _HOUR, |
||
131 | 18000 => sprintf(_HOURS, 5), |
||
132 | 86400 => _DAY, |
||
133 | 259200 => sprintf(_DAYS, 3), |
||
134 | 604800 => _WEEK, |
||
135 | 2592000 => _MONTH, |
||
136 | ]; |
||
137 | foreach ($blockArray as $i) { |
||
138 | $groupsPerms = $grouppermHandler->getGroupIds('block_read', $i->getVar('bid')); |
||
139 | $sql = 'SELECT module_id FROM ' . $db->prefix('block_module_link') . ' WHERE block_id=' . $i->getVar('bid'); |
||
140 | $result = $db->query($sql); |
||
141 | $modules = []; |
||
142 | while (false !== ($row = $db->fetchArray($result))) { |
||
143 | $modules[] = (int)$row['module_id']; |
||
144 | } |
||
145 | |||
146 | $cachetimeOptions = ''; |
||
147 | foreach ($cachetimes as $cachetime => $cachetimeName) { |
||
148 | if ($i->getVar('bcachetime') == $cachetime) { |
||
149 | $cachetimeOptions .= "<option value='$cachetime' selected='selected'>$cachetimeName</option>\n"; |
||
150 | } else { |
||
151 | $cachetimeOptions .= "<option value='$cachetime'>$cachetimeName</option>\n"; |
||
152 | } |
||
153 | } |
||
154 | |||
155 | $sel0 = $sel1 = $ssel0 = $ssel1 = $ssel2 = $ssel3 = $ssel4 = $ssel5 = $ssel6 = $ssel7 = ''; |
||
156 | if (1 === $i->getVar('visible')) { |
||
157 | $sel1 = ' checked'; |
||
158 | } else { |
||
159 | $sel0 = ' checked'; |
||
160 | } |
||
161 | if (XOOPS_SIDEBLOCK_LEFT === $i->getVar('side')) { |
||
162 | $ssel0 = ' checked'; |
||
163 | } elseif (XOOPS_SIDEBLOCK_RIGHT === $i->getVar('side')) { |
||
164 | $ssel1 = ' checked'; |
||
165 | } elseif (XOOPS_CENTERBLOCK_LEFT === $i->getVar('side')) { |
||
166 | $ssel2 = ' checked'; |
||
167 | } elseif (XOOPS_CENTERBLOCK_RIGHT === $i->getVar('side')) { |
||
168 | $ssel4 = ' checked'; |
||
169 | } elseif (XOOPS_CENTERBLOCK_CENTER === $i->getVar('side')) { |
||
170 | $ssel3 = ' checked'; |
||
171 | } elseif (XOOPS_CENTERBLOCK_BOTTOMLEFT === $i->getVar('side')) { |
||
172 | $ssel5 = ' checked'; |
||
173 | } elseif (XOOPS_CENTERBLOCK_BOTTOMRIGHT === $i->getVar('side')) { |
||
174 | $ssel6 = ' checked'; |
||
175 | } elseif (XOOPS_CENTERBLOCK_BOTTOM === $i->getVar('side')) { |
||
176 | $ssel7 = ' checked'; |
||
177 | } |
||
178 | if ('' === $i->getVar('title')) { |
||
179 | $title = ' '; |
||
180 | } else { |
||
181 | $title = $i->getVar('title'); |
||
182 | } |
||
183 | $name = $i->getVar('name'); |
||
184 | echo "<tr valign='top'><td class='$class' align='center'><input type='text' name='title[" |
||
185 | . $i->getVar('bid') |
||
186 | . "]' value='" |
||
187 | . $title |
||
188 | . "'></td><td class='$class' align='center' nowrap='nowrap'> |
||
189 | <div align='center' > |
||
190 | <input type='radio' name='side[" |
||
191 | . $i->getVar('bid') |
||
192 | . "]' value='" |
||
193 | . XOOPS_CENTERBLOCK_LEFT |
||
194 | . "'$ssel2> |
||
195 | <input type='radio' name='side[" |
||
196 | . $i->getVar('bid') |
||
197 | . "]' value='" |
||
198 | . XOOPS_CENTERBLOCK_CENTER |
||
199 | . "'$ssel3> |
||
200 | <input type='radio' name='side[" |
||
201 | . $i->getVar('bid') |
||
202 | . "]' value='" |
||
203 | . XOOPS_CENTERBLOCK_RIGHT |
||
204 | . "'$ssel4> |
||
205 | </div> |
||
206 | <div> |
||
207 | <span style='float:right;'><input type='radio' name='side[" |
||
208 | . $i->getVar('bid') |
||
209 | . "]' value='" |
||
210 | . XOOPS_SIDEBLOCK_RIGHT |
||
211 | . "'$ssel1></span> |
||
212 | <div align='left'><input type='radio' name='side[" |
||
213 | . $i->getVar('bid') |
||
214 | . "]' value='" |
||
215 | . XOOPS_SIDEBLOCK_LEFT |
||
216 | . "'$ssel0></div> |
||
217 | </div> |
||
218 | <div align='center'> |
||
219 | <input type='radio' name='side[" |
||
220 | . $i->getVar('bid') |
||
221 | . "]' value='" |
||
222 | . XOOPS_CENTERBLOCK_BOTTOMLEFT |
||
223 | . "'$ssel5> |
||
224 | <input type='radio' name='side[" |
||
225 | . $i->getVar('bid') |
||
226 | . "]' value='" |
||
227 | . XOOPS_CENTERBLOCK_BOTTOM |
||
228 | . "'$ssel7> |
||
229 | <input type='radio' name='side[" |
||
230 | . $i->getVar('bid') |
||
231 | . "]' value='" |
||
232 | . XOOPS_CENTERBLOCK_BOTTOMRIGHT |
||
233 | . "'$ssel6> |
||
234 | </div> |
||
235 | </td><td class='$class' align='center'><input type='text' name='weight[" |
||
236 | . $i->getVar('bid') |
||
237 | . "]' value='" |
||
238 | . $i->getVar('weight') |
||
239 | . "' size='5' maxlength='5'></td><td class='$class' align='center' nowrap><input type='radio' name='visible[" |
||
240 | . $i->getVar('bid') |
||
241 | . "]' value='1'$sel1>" |
||
242 | . _YES |
||
243 | . " <input type='radio' name='visible[" |
||
244 | . $i->getVar('bid') |
||
245 | . "]' value='0'$sel0>" |
||
246 | . _NO |
||
247 | . '</td>'; |
||
248 | |||
249 | echo "<td class='$class' align='center'><select size='5' name='bmodule[" . $i->getVar('bid') . "][]' id='bmodule[" . $i->getVar('bid') . "][]' multiple='multiple'>"; |
||
250 | foreach ($moduleList as $k => $v) { |
||
251 | echo "<option value='$k'" . (in_array($k, $modules) ? 'selected' : '') . ">$v</option>"; |
||
252 | } |
||
253 | echo '</select></td>'; |
||
254 | |||
255 | echo "<td class='$class' align='center'><select size='5' name='groups[" . $i->getVar('bid') . "][]' id='groups[" . $i->getVar('bid') . "][]' multiple='multiple'>"; |
||
256 | foreach ($groups as $grp) { |
||
257 | echo "<option value='" . $grp->getVar('groupid') . "' " . (in_array($grp->getVar('groupid'), $groupsPerms) ? 'selected' : '') . '>' . $grp->getVar('name') . '</option>'; |
||
258 | } |
||
259 | echo '</select></td>'; |
||
260 | |||
261 | // Cache lifetime |
||
262 | echo '<td class="' . $class . '" align="center"> <select name="bcachetime[' . $i->getVar('bid') . ']" size="1">' . $cachetimeOptions . '</select> |
||
263 | </td>'; |
||
264 | |||
265 | // Actions |
||
266 | |||
267 | echo "<td class='$class' align='center'><a href='blocksadmin.php?op=edit&bid=" . $i->getVar('bid') . "'>" . $icons->edit . "</a> <a href='blocksadmin.php?op=clone&bid=" . $i->getVar('bid') . "'><img src=" . $pathIcon16 . '/editcopy.png' . " alt='" . _CLONE . "' title='" . _CLONE . "'> |
||
268 | </a>"; |
||
269 | if (!in_array($i->getVar('block_type'), ['S', 'M'])) { |
||
270 | echo " <a href='" . XOOPS_URL . '/modules/system/admin.php?fct=blocksadmin&op=delete&bid=' . $i->getVar('bid') . "'>" . $icons->delete . '</a>'; |
||
271 | } |
||
272 | echo " |
||
273 | <input type='hidden' name='oldtitle[" . $i->getVar('bid') . "]' value='" . $i->getVar('title') . "'> |
||
274 | <input type='hidden' name='oldside[" . $i->getVar('bid') . "]' value='" . $i->getVar('side') . "'> |
||
275 | <input type='hidden' name='oldweight[" . $i->getVar('bid') . "]' value='" . $i->getVar('weight') . "'> |
||
276 | <input type='hidden' name='oldvisible[" . $i->getVar('bid') . "]' value='" . $i->getVar('visible') . "'> |
||
277 | <input type='hidden' name='oldgroups[" . $i->getVar('groups') . "]' value='" . $i->getVar('groups') . "'> |
||
278 | <input type='hidden' name='oldbcachetime[" . $i->getVar('bid') . "]' value='" . $i->getVar('bcachetime') . "'> |
||
279 | <input type='hidden' name='bid[" . $i->getVar('bid') . "]' value='" . $i->getVar('bid') . "'> |
||
280 | </td></tr> |
||
281 | "; |
||
282 | $class = ('even' === $class) ? 'odd' : 'even'; |
||
283 | } |
||
284 | echo "<tr><td class='foot' align='center' colspan='8'> |
||
285 | <input type='hidden' name='op' value='order'> |
||
286 | " . $GLOBALS['xoopsSecurity']->getTokenHTML() . " |
||
287 | <input type='submit' name='submit' value='" . _SUBMIT . "'> |
||
288 | </td></tr></table> |
||
289 | </form> |
||
290 | <br><br>"; |
||
291 | } |
||
292 | |||
293 | /** |
||
294 | * @param int $bid |
||
295 | */ |
||
296 | function cloneBlock($bid) |
||
297 | { |
||
298 | |||
299 | xoops_cp_header(); |
||
300 | |||
301 | $adminObject = Admin::getInstance(); |
||
302 | $adminObject->displayNavigation(basename(__FILE__)); |
||
303 | $moduleDirName = \basename(\dirname(__DIR__)); |
||
304 | $moduleDirNameUpper = \mb_strtoupper($moduleDirName); |
||
305 | xoops_loadLanguage('admin', 'system'); |
||
306 | xoops_loadLanguage('admin/blocksadmin', 'system'); |
||
307 | xoops_loadLanguage('admin/groups', 'system'); |
||
308 | |||
309 | // mpu_adm_menu(); |
||
310 | $myblock = new \XoopsBlock($bid); |
||
311 | $db = \XoopsDatabaseFactory::getDatabaseConnection(); |
||
312 | $sql = 'SELECT module_id FROM ' . $db->prefix('block_module_link') . ' WHERE block_id=' . (int)$bid; |
||
313 | $result = $db->query($sql); |
||
314 | $modules = []; |
||
315 | while (false !== ($row = $db->fetchArray($result))) { |
||
316 | $modules[] = (int)$row['module_id']; |
||
317 | } |
||
318 | $isCustom = (in_array($myblock->getVar('block_type'), ['C', 'E'])); |
||
319 | $block = [ |
||
320 | 'title' => $myblock->getVar('title') . ' Clone', |
||
321 | 'form_title' => constant('CO_' . $moduleDirNameUpper . '_' . 'BLOCKS_CLONEBLOCK'), |
||
322 | 'name' => $myblock->getVar('name'), |
||
323 | 'side' => $myblock->getVar('side'), |
||
324 | 'weight' => $myblock->getVar('weight'), |
||
325 | 'visible' => $myblock->getVar('visible'), |
||
326 | 'content' => $myblock->getVar('content', 'N'), |
||
327 | 'modules' => $modules, |
||
328 | 'is_custom' => $isCustom, |
||
329 | 'ctype' => $myblock->getVar('c_type'), |
||
330 | 'bcachetime' => $myblock->getVar('bcachetime'), |
||
331 | 'op' => 'clone_ok', |
||
332 | 'bid' => $myblock->getVar('bid'), |
||
333 | 'edit_form' => $myblock->getOptions(), |
||
334 | 'template' => $myblock->getVar('template'), |
||
335 | 'options' => $myblock->getVar('options'), |
||
336 | ]; |
||
337 | echo '<a href="blocksadmin.php">' . constant('CO_' . $moduleDirNameUpper . '_' . 'BADMIN') . '</a> <span style="font-weight:bold;">»»</span> ' . _AM_SYSTEM_BLOCKS_CLONEBLOCK . '<br><br>'; |
||
338 | require_once __DIR__ . '/blockform.php'; |
||
339 | /** @var XoopsThemeForm $form */ |
||
340 | $form->display(); |
||
341 | // xoops_cp_footer(); |
||
342 | require_once __DIR__ . '/admin_footer.php'; |
||
343 | exit(); |
||
344 | } |
||
345 | |||
346 | /** |
||
347 | * @param int $bid |
||
348 | * @param string $bside |
||
349 | * @param int $bweight |
||
350 | * @param bool $bvisible |
||
351 | * @param int $bcachetime |
||
352 | * @param array $bmodule |
||
353 | * @param null|array|string $options |
||
354 | */ |
||
355 | function isBlockCloned($bid, $bside, $bweight, $bvisible, $bcachetime, $bmodule, $options = null) |
||
356 | { |
||
357 | xoops_loadLanguage('admin', 'system'); |
||
358 | xoops_loadLanguage('admin/blocksadmin', 'system'); |
||
359 | xoops_loadLanguage('admin/groups', 'system'); |
||
360 | |||
361 | $moduleDirName = \basename(\dirname(__DIR__)); |
||
362 | $moduleDirNameUpper = mb_strtoupper($moduleDirName); |
||
363 | |||
364 | $block = new \XoopsBlock($bid); |
||
365 | $clone = $block->xoopsClone(); |
||
366 | if (empty($bmodule)) { |
||
367 | xoops_cp_header(); |
||
368 | xoops_error(sprintf(constant('CO_' . $moduleDirNameUpper . '_' . 'NOTSELNG'), constant('CO_' . $moduleDirNameUpper . '_' . 'VISIBLEIN'))); |
||
369 | xoops_cp_footer(); |
||
370 | exit(); |
||
371 | } |
||
372 | $clone->setVar('side', $bside); |
||
373 | $clone->setVar('weight', $bweight); |
||
374 | $clone->setVar('visible', $bvisible); |
||
375 | //$clone->setVar('content', $_POST['bcontent']); |
||
376 | $clone->setVar('title', Request::getString('btitle', '', 'POST')); |
||
377 | $clone->setVar('bcachetime', $bcachetime); |
||
378 | if ($options && is_array($options)) { |
||
379 | $options = implode('|', $options); |
||
380 | $clone->setVar('options', $options); |
||
381 | } |
||
382 | $clone->setVar('bid', 0); |
||
383 | if (in_array($block->getVar('block_type'), ['C', 'E'])) { |
||
384 | $clone->setVar('block_type', 'E'); |
||
385 | } else { |
||
386 | $clone->setVar('block_type', 'D'); |
||
387 | } |
||
388 | $newid = $clone->store(); |
||
389 | if (!$newid) { |
||
390 | xoops_cp_header(); |
||
391 | $clone->getHtmlErrors(); |
||
392 | xoops_cp_footer(); |
||
393 | exit(); |
||
394 | } |
||
395 | if ('' !== $clone->getVar('template')) { |
||
396 | /** @var \XoopsTplfileHandler $tplfileHandler */ |
||
397 | $tplfileHandler = xoops_getHandler('tplfile'); |
||
398 | $btemplate = $tplfileHandler->find($GLOBALS['xoopsConfig']['template_set'], 'block', $bid); |
||
399 | if (count($btemplate) > 0) { |
||
400 | $tplclone = $btemplate[0]->xoopsClone(); |
||
401 | $tplclone->setVar('tpl_id', 0); |
||
402 | $tplclone->setVar('tpl_refid', $newid); |
||
403 | $tplfileHandler->insert($tplclone); |
||
404 | } |
||
405 | } |
||
406 | $db = \XoopsDatabaseFactory::getDatabaseConnection(); |
||
407 | foreach ($bmodule as $bmid) { |
||
408 | $sql = 'INSERT INTO ' . $db->prefix('block_module_link') . ' (block_id, module_id) VALUES (' . $newid . ', ' . $bmid . ')'; |
||
409 | $db->query($sql); |
||
410 | } |
||
411 | $groups = &$GLOBALS['xoopsUser']->getGroups(); |
||
412 | foreach ($groups as $iValue) { |
||
413 | $sql = 'INSERT INTO ' . $db->prefix('group_permission') . ' (gperm_groupid, gperm_itemid, gperm_modid, gperm_name) VALUES (' . $iValue . ', ' . $newid . ", 1, 'block_read')"; |
||
414 | $db->query($sql); |
||
415 | } |
||
416 | redirect_header('blocksadmin.php?op=listar', 1, _AM_SYSTEM_BLOCKS_DBUPDATED); |
||
417 | } |
||
418 | |||
419 | /** |
||
420 | * @param int $bid |
||
421 | * @param string $title |
||
422 | * @param int $weight |
||
423 | * @param bool $visible |
||
424 | * @param string $side |
||
425 | * @param int $bcachetime |
||
426 | * @param null $bmodule |
||
0 ignored issues
–
show
Documentation
Bug
introduced
by
Loading history...
|
|||
427 | */ |
||
428 | function setOrder($bid, $title, $weight, $visible, $side, $bcachetime, $bmodule = null) |
||
429 | { |
||
430 | $myblock = new \XoopsBlock($bid); |
||
431 | $myblock->setVar('title', $title); |
||
432 | $myblock->setVar('weight', $weight); |
||
433 | $myblock->setVar('visible', $visible); |
||
434 | $myblock->setVar('side', $side); |
||
435 | $myblock->setVar('bcachetime', $bcachetime); |
||
436 | // $myblock->store(); |
||
437 | /** @var \XoopsBlockHandler $blockHandler */ |
||
438 | $blockHandler = xoops_getHandler('block'); |
||
439 | return $blockHandler->insert($myblock); |
||
440 | } |
||
441 | |||
442 | /** |
||
443 | * @param int $bid |
||
444 | */ |
||
445 | function editBlock($bid) |
||
446 | { |
||
447 | xoops_cp_header(); |
||
448 | /** @var \Xmf\Module\Admin $adminObject */ |
||
449 | $adminObject = Admin::getInstance(); |
||
450 | $adminObject->displayNavigation(basename(__FILE__)); |
||
451 | $moduleDirName = \basename(\dirname(__DIR__)); |
||
452 | $moduleDirNameUpper = \mb_strtoupper($moduleDirName); |
||
453 | |||
454 | xoops_loadLanguage('admin', 'system'); |
||
455 | xoops_loadLanguage('admin/blocksadmin', 'system'); |
||
456 | xoops_loadLanguage('admin/groups', 'system'); |
||
457 | // mpu_adm_menu(); |
||
458 | $myblock = new \XoopsBlock($bid); |
||
459 | $db = \XoopsDatabaseFactory::getDatabaseConnection(); |
||
460 | $sql = 'SELECT module_id FROM ' . $db->prefix('block_module_link') . ' WHERE block_id=' . (int)$bid; |
||
461 | $result = $db->query($sql); |
||
462 | $modules = []; |
||
463 | while (false !== ($row = $db->fetchArray($result))) { |
||
464 | $modules[] = (int)$row['module_id']; |
||
465 | } |
||
466 | $isCustom = (in_array($myblock->getVar('block_type'), ['C', 'E'])); |
||
467 | $block = [ |
||
468 | 'title' => $myblock->getVar('title'), |
||
469 | 'form_title' => constant('CO_' . $moduleDirNameUpper . '_' . 'BLOCKS_EDITBLOCK'), |
||
470 | // 'name' => $myblock->getVar('name'), |
||
471 | 'side' => $myblock->getVar('side'), |
||
472 | 'weight' => $myblock->getVar('weight'), |
||
473 | 'visible' => $myblock->getVar('visible'), |
||
474 | 'content' => $myblock->getVar('content', 'N'), |
||
475 | 'modules' => $modules, |
||
476 | 'is_custom' => $isCustom, |
||
477 | 'ctype' => $myblock->getVar('c_type'), |
||
478 | 'bcachetime' => $myblock->getVar('bcachetime'), |
||
479 | 'op' => 'edit_ok', |
||
480 | 'bid' => $myblock->getVar('bid'), |
||
481 | 'edit_form' => $myblock->getOptions(), |
||
482 | 'template' => $myblock->getVar('template'), |
||
483 | 'options' => $myblock->getVar('options'), |
||
484 | ]; |
||
485 | echo '<a href="blocksadmin.php">' . constant('CO_' . $moduleDirNameUpper . '_' . 'BADMIN') . '</a> <span style="font-weight:bold;">»»</span> ' . _AM_SYSTEM_BLOCKS_EDITBLOCK . '<br><br>'; |
||
486 | require_once __DIR__ . '/blockform.php'; |
||
487 | /** @var XoopsThemeForm $form */ |
||
488 | $form->display(); |
||
489 | // xoops_cp_footer(); |
||
490 | require_once __DIR__ . '/admin_footer.php'; |
||
491 | exit(); |
||
492 | } |
||
493 | |||
494 | /** |
||
495 | * @param int $bid |
||
496 | * @param string $btitle |
||
497 | * @param string $bside |
||
498 | * @param int $bweight |
||
499 | * @param bool $bvisible |
||
500 | * @param int $bcachetime |
||
501 | * @param array $bmodule |
||
502 | * @param null|array|string $options |
||
503 | * @param null|array $groups |
||
504 | */ |
||
505 | function updateBlock($bid, $btitle, $bside, $bweight, $bvisible, $bcachetime, $bmodule, $options, $groups) |
||
506 | { |
||
507 | $myblock = new \XoopsBlock($bid); |
||
508 | $myblock->setVar('title', $btitle); |
||
509 | $myblock->setVar('weight', $bweight); |
||
510 | $myblock->setVar('visible', $bvisible); |
||
511 | $myblock->setVar('side', $bside); |
||
512 | $myblock->setVar('bcachetime', $bcachetime); |
||
513 | $myblock->setVar('module', $bmodule); |
||
514 | $myblock->setVar('groups', $groups); |
||
515 | $helper = Helper::getInstance(); |
||
516 | $helper->loadLanguage('common'); |
||
517 | //update block options |
||
518 | if (is_array($options) && count($options) > 0) { |
||
519 | //Convert array values to comma-separated |
||
520 | foreach ($options as $i => $iValue) { |
||
521 | if (is_array($iValue)) { |
||
522 | $options[$i] = implode(',', $iValue); |
||
523 | } |
||
524 | } |
||
525 | $options = implode('|', $options); |
||
526 | $myblock->setVar('options', $options); |
||
527 | } |
||
528 | // $myblock->store(); |
||
529 | /** @var \XoopsBlockHandler $blockHandler */ |
||
530 | $blockHandler = xoops_getHandler('block'); |
||
531 | $blockHandler->insert($myblock); |
||
532 | |||
533 | global $xoopsDB; |
||
534 | |||
535 | $moduleDirName = \basename(\dirname(__DIR__)); |
||
536 | $moduleDirNameUpper = \mb_strtoupper($moduleDirName); |
||
537 | |||
538 | if (!empty($bmodule) && count($bmodule) > 0) { |
||
539 | $sql = sprintf('DELETE FROM `%s` WHERE block_id = %u', $xoopsDB->prefix('block_module_link'), $bid); |
||
540 | $xoopsDB->query($sql); |
||
541 | if (in_array(0, $bmodule)) { |
||
542 | $sql = sprintf('INSERT INTO `%s` (block_id, module_id) VALUES (%u, %d)', $xoopsDB->prefix('block_module_link'), $bid, 0); |
||
543 | $xoopsDB->query($sql); |
||
544 | } else { |
||
545 | foreach ($bmodule as $bmid) { |
||
546 | $sql = sprintf('INSERT INTO `%s` (block_id, module_id) VALUES (%u, %d)', $xoopsDB->prefix('block_module_link'), $bid, (int)$bmid); |
||
547 | $xoopsDB->query($sql); |
||
548 | } |
||
549 | } |
||
550 | } |
||
551 | $sql = sprintf('DELETE FROM `%s` WHERE gperm_itemid = %u', $xoopsDB->prefix('group_permission'), $bid); |
||
552 | $xoopsDB->query($sql); |
||
553 | if (!empty($groups)) { |
||
554 | foreach ($groups as $grp) { |
||
555 | $sql = sprintf("INSERT INTO `%s` (gperm_groupid, gperm_itemid, gperm_modid, gperm_name) VALUES (%u, %u, 1, 'block_read')", $xoopsDB->prefix('group_permission'), $grp, $bid); |
||
556 | $xoopsDB->query($sql); |
||
557 | } |
||
558 | } |
||
559 | redirect_header($_SERVER['SCRIPT_NAME'], 1, constant('CO_' . $moduleDirNameUpper . '_' . 'UPDATE_SUCCESS')); |
||
560 | } |
||
561 | |||
562 | if ('list' === $op) { |
||
563 | xoops_cp_header(); |
||
564 | //$adminObject->displayNavigation(basename(__FILE__)); |
||
565 | listBlocks(); |
||
566 | require_once __DIR__ . '/admin_footer.php'; |
||
567 | exit(); |
||
568 | } |
||
569 | |||
570 | if ('order' === $op) { |
||
571 | if (!$GLOBALS['xoopsSecurity']->check()) { |
||
572 | redirect_header($_SERVER['SCRIPT_NAME'], 3, implode('<br>', $GLOBALS['xoopsSecurity']->getErrors())); |
||
573 | } |
||
574 | foreach (array_keys($bid) as $i) { |
||
575 | if ($oldtitle[$i] !== $title[$i] || $oldweight[$i] !== $weight[$i] || $oldvisible[$i] !== $visible[$i] |
||
576 | || $oldside[$i] !== $side[$i] |
||
577 | || $oldbcachetime[$i] !== $bcachetime[$i]) { |
||
578 | setOrder($bid[$i], $title[$i], $weight[$i], $visible[$i], $side[$i], $bcachetime[$i], $bmodule[$i]); |
||
579 | } |
||
580 | if (!empty($bmodule[$i]) && count($bmodule[$i]) > 0) { |
||
581 | $sql = sprintf('DELETE FROM `%s` WHERE block_id = %u', $xoopsDB->prefix('block_module_link'), $bid[$i]); |
||
582 | $xoopsDB->query($sql); |
||
583 | if (in_array(0, $bmodule[$i])) { |
||
584 | $sql = sprintf('INSERT INTO `%s` (block_id, module_id) VALUES (%u, %d)', $xoopsDB->prefix('block_module_link'), $bid[$i], 0); |
||
585 | $xoopsDB->query($sql); |
||
586 | } else { |
||
587 | foreach ($bmodule[$i] as $bmid) { |
||
588 | $sql = sprintf('INSERT INTO `%s` (block_id, module_id) VALUES (%u, %d)', $xoopsDB->prefix('block_module_link'), $bid[$i], (int)$bmid); |
||
589 | $xoopsDB->query($sql); |
||
590 | } |
||
591 | } |
||
592 | } |
||
593 | $sql = sprintf('DELETE FROM `%s` WHERE gperm_itemid = %u', $xoopsDB->prefix('group_permission'), $bid[$i]); |
||
594 | $xoopsDB->query($sql); |
||
595 | if (!empty($groups[$i])) { |
||
596 | foreach ($groups[$i] as $grp) { |
||
597 | $sql = sprintf("INSERT INTO `%s` (gperm_groupid, gperm_itemid, gperm_modid, gperm_name) VALUES (%u, %u, 1, 'block_read')", $xoopsDB->prefix('group_permission'), $grp, $bid[$i]); |
||
598 | $xoopsDB->query($sql); |
||
599 | } |
||
600 | } |
||
601 | } |
||
602 | redirect_header($_SERVER['SCRIPT_NAME'], 1, constant('CO_' . $moduleDirNameUpper . '_' . 'UPDATE_SUCCESS')); |
||
603 | } |
||
604 | if ('clone' === $op) { |
||
605 | cloneBlock($bid); |
||
606 | } |
||
607 | |||
608 | if ('edit' === $op) { |
||
609 | editBlock($bid); |
||
610 | } |
||
611 | |||
612 | if ('edit_ok' === $op) { |
||
613 | updateBlock($bid, $btitle, $bside, $bweight, $bvisible, $bcachetime, $bmodule, $options, $groups); |
||
614 | } |
||
615 | |||
616 | if ('clone_ok' === $op) { |
||
617 | isBlockCloned($bid, $bside, $bweight, $bvisible, $bcachetime, $bmodule, $options); |
||
618 | } |
||
619 | } else { |
||
620 | echo constant('CO_' . $moduleDirNameUpper . '_' . 'ERROR403'); |
||
621 | } |
||
622 |