This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
1 | <?php |
||||
2 | |||||
3 | declare(strict_types=1); |
||||
4 | |||||
5 | /** |
||||
6 | * You may not change or alter any portion of this comment or credits |
||||
7 | * of supporting developers from this source code or any supporting source code |
||||
8 | * which is considered copyrighted (c) material of the original comment or credit authors. |
||||
9 | * |
||||
10 | * |
||||
11 | * @category Module |
||||
12 | * @author XOOPS Development Team |
||||
13 | * @copyright XOOPS Project |
||||
14 | * @link https://xoops.org |
||||
15 | * @license GNU GPL 2 or later (https://www.gnu.org/licenses/gpl-2.0.html) |
||||
16 | */ |
||||
17 | |||||
18 | use Xmf\Module\Admin; |
||||
19 | use Xmf\Request; |
||||
20 | use XoopsModules\Lexikon\{ |
||||
21 | Common\Configurator, |
||||
22 | Helper |
||||
23 | }; |
||||
24 | /** @var Admin $adminObject */ |
||||
25 | /** @var Helper $helper */ |
||||
26 | |||||
27 | require __DIR__ . '/admin_header.php'; |
||||
28 | require_once XOOPS_ROOT_PATH . '/kernel/block.php'; |
||||
29 | |||||
30 | $moduleDirName = \basename(\dirname(__DIR__)); |
||||
31 | $moduleDirNameUpper = \mb_strtoupper($moduleDirName); |
||||
32 | |||||
33 | if (!is_object($GLOBALS['xoopsUser']) || !is_object($xoopsModule) |
||||
34 | || !$GLOBALS['xoopsUser']->isAdmin($xoopsModule->mid())) { |
||||
35 | exit(constant('CO_' . $moduleDirNameUpper . '_' . 'ERROR403')); |
||||
36 | } |
||||
37 | if ($GLOBALS['xoopsUser']->isAdmin($xoopsModule->mid())) { |
||||
38 | require_once XOOPS_ROOT_PATH . '/kernel/block.php'; |
||||
39 | $op = 'list'; |
||||
40 | if (isset($_POST)) { |
||||
41 | foreach ($_POST as $k => $v) { |
||||
42 | ${$k} = $v; |
||||
43 | } |
||||
44 | } |
||||
45 | /* |
||||
46 | if (Request::hasVar('op', 'GET')) { |
||||
47 | if ('edit' === $_GET['op'] || 'delete' === $_GET['op'] || 'delete_ok' === $_GET['op'] || 'clone' === $_GET['op'] |
||||
48 | || 'edit' === $_GET['op']) { |
||||
49 | $op = $_GET['op']; |
||||
50 | $bid = Request::getInt('bid', 0, 'GET'); |
||||
51 | } |
||||
52 | */ |
||||
53 | |||||
54 | $op = Request::getString('op', $op); |
||||
55 | if (in_array($op, ['edit', 'delete', 'delete_ok', 'clone'])) { |
||||
56 | $bid = Request::getInt('bid', 0, 'GET'); |
||||
57 | } |
||||
58 | |||||
59 | function listBlocks() |
||||
60 | { |
||||
61 | global $xoopsModule, $pathIcon16; |
||||
62 | // require_once XOOPS_ROOT_PATH . '/class/xoopslists.php'; |
||||
63 | xoops_load('xoopslist'); |
||||
64 | $moduleDirName = \basename(\dirname(__DIR__)); |
||||
65 | $moduleDirNameUpper = \mb_strtoupper($moduleDirName); |
||||
66 | /** @var \XoopsMySQLDatabase $db */ |
||||
67 | $db = \XoopsDatabaseFactory::getDatabaseConnection(); |
||||
68 | |||||
69 | $adminObject = Admin::getInstance(); |
||||
70 | $adminObject->displayNavigation(basename(__FILE__)); |
||||
71 | |||||
72 | xoops_loadLanguage('admin', 'system'); |
||||
73 | xoops_loadLanguage('admin/blocksadmin', 'system'); |
||||
74 | xoops_loadLanguage('admin/groups', 'system'); |
||||
75 | |||||
76 | $configurator = new Configurator(); |
||||
77 | $icons = $configurator->icons; |
||||
78 | |||||
79 | /** @var \XoopsModuleHandler $moduleHandler */ |
||||
80 | $moduleHandler = xoops_getHandler('module'); |
||||
81 | /** @var \XoopsMemberHandler $memberHandler */ |
||||
82 | $memberHandler = xoops_getHandler('member'); |
||||
83 | /** @var \XoopsGroupPermHandler $grouppermHandler */ |
||||
84 | $grouppermHandler = xoops_getHandler('groupperm'); |
||||
85 | $groups = $memberHandler->getGroups(); |
||||
86 | $criteria = new \CriteriaCompo(new \Criteria('hasmain', 1)); |
||||
87 | $criteria->add(new \Criteria('isactive', 1)); |
||||
88 | $moduleList = $moduleHandler->getList($criteria); |
||||
89 | $moduleList[-1] = _AM_SYSTEM_BLOCKS_TOPPAGE; |
||||
90 | $moduleList[0] = _AM_SYSTEM_BLOCKS_ALLPAGES; |
||||
91 | ksort($moduleList); |
||||
92 | echo " |
||||
93 | <h4 style='text-align:left;'>" . constant('CO_' . $moduleDirNameUpper . '_' . 'BADMIN') . '</h4>'; |
||||
94 | echo "<form action='" . Request::getString('SCRIPT_NAME', '', 'SERVER') . "' name='blockadmin' method='post'>"; |
||||
95 | echo $GLOBALS['xoopsSecurity']->getTokenHTML(); |
||||
96 | echo "<table width='100%' class='outer' cellpadding='4' cellspacing='1'> |
||||
97 | <tr valign='middle'><th align='center'>" |
||||
98 | . _AM_SYSTEM_BLOCKS_TITLE |
||||
99 | . "</th><th align='center' nowrap='nowrap'>" |
||||
100 | . constant('CO_' . $moduleDirNameUpper . '_' . 'SIDE') |
||||
101 | . '<br>' |
||||
102 | . _LEFT |
||||
103 | . '-' |
||||
104 | . _CENTER |
||||
105 | . '-' |
||||
106 | . _RIGHT |
||||
107 | . "</th><th align='center'>" |
||||
108 | . constant('CO_' . $moduleDirNameUpper . '_' . 'WEIGHT') |
||||
109 | . "</th><th align='center'>" |
||||
110 | . constant('CO_' . $moduleDirNameUpper . '_' . 'VISIBLE') |
||||
111 | . "</th><th align='center'>" |
||||
112 | . _AM_SYSTEM_BLOCKS_VISIBLEIN |
||||
113 | . "</th><th align='center'>" |
||||
114 | . _AM_SYSTEM_ADGS |
||||
115 | . "</th><th align='center'>" |
||||
116 | . _AM_SYSTEM_BLOCKS_BCACHETIME |
||||
117 | . "</th><th align='center'>" |
||||
118 | . constant('CO_' . $moduleDirNameUpper . '_' . 'ACTION') |
||||
119 | . '</th></tr> |
||||
120 | '; |
||||
121 | $blockArray = \XoopsBlock::getByModule($xoopsModule->mid()); |
||||
122 | $blockCount = count($blockArray); |
||||
0 ignored issues
–
show
Unused Code
introduced
by
Loading history...
|
|||||
123 | $class = 'even'; |
||||
124 | $cachetimes = [ |
||||
125 | 0 => _NOCACHE, |
||||
126 | 30 => sprintf(_SECONDS, 30), |
||||
127 | 60 => _MINUTE, |
||||
128 | 300 => sprintf(_MINUTES, 5), |
||||
129 | 1800 => sprintf(_MINUTES, 30), |
||||
130 | 3600 => _HOUR, |
||||
131 | 18000 => sprintf(_HOURS, 5), |
||||
132 | 86400 => _DAY, |
||||
133 | 259200 => sprintf(_DAYS, 3), |
||||
134 | 604800 => _WEEK, |
||||
135 | 2592000 => _MONTH, |
||||
136 | ]; |
||||
137 | foreach ($blockArray as $i) { |
||||
138 | $groupsPerms = $grouppermHandler->getGroupIds('block_read', $i->getVar('bid')); |
||||
139 | $sql = 'SELECT module_id FROM ' . $db->prefix('block_module_link') . ' WHERE block_id=' . $i->getVar('bid'); |
||||
140 | $result = $db->query($sql); |
||||
141 | $modules = []; |
||||
142 | while (false !== ($row = $db->fetchArray($result))) { |
||||
143 | $modules[] = (int)$row['module_id']; |
||||
144 | } |
||||
145 | |||||
146 | $cachetimeOptions = ''; |
||||
147 | foreach ($cachetimes as $cachetime => $cachetimeName) { |
||||
148 | if ($i->getVar('bcachetime') == $cachetime) { |
||||
149 | $cachetimeOptions .= "<option value='$cachetime' selected='selected'>$cachetimeName</option>\n"; |
||||
150 | } else { |
||||
151 | $cachetimeOptions .= "<option value='$cachetime'>$cachetimeName</option>\n"; |
||||
152 | } |
||||
153 | } |
||||
154 | |||||
155 | $sel0 = $sel1 = $ssel0 = $ssel1 = $ssel2 = $ssel3 = $ssel4 = $ssel5 = $ssel6 = $ssel7 = ''; |
||||
156 | if (1 === $i->getVar('visible')) { |
||||
157 | $sel1 = ' checked'; |
||||
158 | } else { |
||||
159 | $sel0 = ' checked'; |
||||
160 | } |
||||
161 | if (XOOPS_SIDEBLOCK_LEFT === $i->getVar('side')) { |
||||
162 | $ssel0 = ' checked'; |
||||
163 | } elseif (XOOPS_SIDEBLOCK_RIGHT === $i->getVar('side')) { |
||||
164 | $ssel1 = ' checked'; |
||||
165 | } elseif (XOOPS_CENTERBLOCK_LEFT === $i->getVar('side')) { |
||||
166 | $ssel2 = ' checked'; |
||||
167 | } elseif (XOOPS_CENTERBLOCK_RIGHT === $i->getVar('side')) { |
||||
168 | $ssel4 = ' checked'; |
||||
169 | } elseif (XOOPS_CENTERBLOCK_CENTER === $i->getVar('side')) { |
||||
170 | $ssel3 = ' checked'; |
||||
171 | } elseif (XOOPS_CENTERBLOCK_BOTTOMLEFT === $i->getVar('side')) { |
||||
172 | $ssel5 = ' checked'; |
||||
173 | } elseif (XOOPS_CENTERBLOCK_BOTTOMRIGHT === $i->getVar('side')) { |
||||
174 | $ssel6 = ' checked'; |
||||
175 | } elseif (XOOPS_CENTERBLOCK_BOTTOM === $i->getVar('side')) { |
||||
176 | $ssel7 = ' checked'; |
||||
177 | } |
||||
178 | if ('' === $i->getVar('title')) { |
||||
179 | $title = ' '; |
||||
180 | } else { |
||||
181 | $title = $i->getVar('title'); |
||||
182 | } |
||||
183 | $name = $i->getVar('name'); |
||||
0 ignored issues
–
show
|
|||||
184 | echo "<tr valign='top'><td class='$class' align='center'><input type='text' name='title[" |
||||
185 | . $i->getVar('bid') |
||||
186 | . "]' value='" |
||||
187 | . $title |
||||
188 | . "'></td><td class='$class' align='center' nowrap='nowrap'> |
||||
189 | <div align='center' > |
||||
190 | <input type='radio' name='side[" |
||||
191 | . $i->getVar('bid') |
||||
192 | . "]' value='" |
||||
193 | . XOOPS_CENTERBLOCK_LEFT |
||||
194 | . "'$ssel2> |
||||
195 | <input type='radio' name='side[" |
||||
196 | . $i->getVar('bid') |
||||
197 | . "]' value='" |
||||
198 | . XOOPS_CENTERBLOCK_CENTER |
||||
199 | . "'$ssel3> |
||||
200 | <input type='radio' name='side[" |
||||
201 | . $i->getVar('bid') |
||||
202 | . "]' value='" |
||||
203 | . XOOPS_CENTERBLOCK_RIGHT |
||||
204 | . "'$ssel4> |
||||
205 | </div> |
||||
206 | <div> |
||||
207 | <span style='float:right;'><input type='radio' name='side[" |
||||
208 | . $i->getVar('bid') |
||||
209 | . "]' value='" |
||||
210 | . XOOPS_SIDEBLOCK_RIGHT |
||||
211 | . "'$ssel1></span> |
||||
212 | <div align='left'><input type='radio' name='side[" |
||||
213 | . $i->getVar('bid') |
||||
214 | . "]' value='" |
||||
215 | . XOOPS_SIDEBLOCK_LEFT |
||||
216 | . "'$ssel0></div> |
||||
217 | </div> |
||||
218 | <div align='center'> |
||||
219 | <input type='radio' name='side[" |
||||
220 | . $i->getVar('bid') |
||||
221 | . "]' value='" |
||||
222 | . XOOPS_CENTERBLOCK_BOTTOMLEFT |
||||
223 | . "'$ssel5> |
||||
224 | <input type='radio' name='side[" |
||||
225 | . $i->getVar('bid') |
||||
226 | . "]' value='" |
||||
227 | . XOOPS_CENTERBLOCK_BOTTOM |
||||
228 | . "'$ssel7> |
||||
229 | <input type='radio' name='side[" |
||||
230 | . $i->getVar('bid') |
||||
231 | . "]' value='" |
||||
232 | . XOOPS_CENTERBLOCK_BOTTOMRIGHT |
||||
233 | . "'$ssel6> |
||||
234 | </div> |
||||
235 | </td><td class='$class' align='center'><input type='text' name='weight[" |
||||
236 | . $i->getVar('bid') |
||||
237 | . "]' value='" |
||||
238 | . $i->getVar('weight') |
||||
239 | . "' size='5' maxlength='5'></td><td class='$class' align='center' nowrap><input type='radio' name='visible[" |
||||
240 | . $i->getVar('bid') |
||||
241 | . "]' value='1'$sel1>" |
||||
242 | . _YES |
||||
243 | . " <input type='radio' name='visible[" |
||||
244 | . $i->getVar('bid') |
||||
245 | . "]' value='0'$sel0>" |
||||
246 | . _NO |
||||
247 | . '</td>'; |
||||
248 | |||||
249 | echo "<td class='$class' align='center'><select size='5' name='bmodule[" . $i->getVar('bid') . "][]' id='bmodule[" . $i->getVar('bid') . "][]' multiple='multiple'>"; |
||||
250 | foreach ($moduleList as $k => $v) { |
||||
251 | echo "<option value='$k'" . (in_array($k, $modules) ? 'selected' : '') . ">$v</option>"; |
||||
252 | } |
||||
253 | echo '</select></td>'; |
||||
254 | |||||
255 | echo "<td class='$class' align='center'><select size='5' name='groups[" . $i->getVar('bid') . "][]' id='groups[" . $i->getVar('bid') . "][]' multiple='multiple'>"; |
||||
256 | foreach ($groups as $grp) { |
||||
257 | echo "<option value='" . $grp->getVar('groupid') . "' " . (in_array($grp->getVar('groupid'), $groupsPerms) ? 'selected' : '') . '>' . $grp->getVar('name') . '</option>'; |
||||
258 | } |
||||
259 | echo '</select></td>'; |
||||
260 | |||||
261 | // Cache lifetime |
||||
262 | echo '<td class="' . $class . '" align="center"> <select name="bcachetime[' . $i->getVar('bid') . ']" size="1">' . $cachetimeOptions . '</select> |
||||
263 | </td>'; |
||||
264 | |||||
265 | // Actions |
||||
266 | |||||
267 | echo "<td class='$class' align='center'><a href='blocksadmin.php?op=edit&bid=" . $i->getVar('bid') . "'>" . $icons->edit . "</a> <a href='blocksadmin.php?op=clone&bid=" . $i->getVar('bid') . "'><img src=" . $pathIcon16 . '/editcopy.png' . " alt='" . _CLONE . "' title='" . _CLONE . "'> |
||||
268 | </a>"; |
||||
269 | if (!in_array($i->getVar('block_type'), ['S', 'M'])) { |
||||
270 | echo " <a href='" . XOOPS_URL . '/modules/system/admin.php?fct=blocksadmin&op=delete&bid=' . $i->getVar('bid') . "'>" . $icons->delete . '</a>'; |
||||
271 | } |
||||
272 | echo " |
||||
273 | <input type='hidden' name='oldtitle[" . $i->getVar('bid') . "]' value='" . $i->getVar('title') . "'> |
||||
274 | <input type='hidden' name='oldside[" . $i->getVar('bid') . "]' value='" . $i->getVar('side') . "'> |
||||
275 | <input type='hidden' name='oldweight[" . $i->getVar('bid') . "]' value='" . $i->getVar('weight') . "'> |
||||
276 | <input type='hidden' name='oldvisible[" . $i->getVar('bid') . "]' value='" . $i->getVar('visible') . "'> |
||||
277 | <input type='hidden' name='oldgroups[" . $i->getVar('groups') . "]' value='" . $i->getVar('groups') . "'> |
||||
278 | <input type='hidden' name='oldbcachetime[" . $i->getVar('bid') . "]' value='" . $i->getVar('bcachetime') . "'> |
||||
279 | <input type='hidden' name='bid[" . $i->getVar('bid') . "]' value='" . $i->getVar('bid') . "'> |
||||
280 | </td></tr> |
||||
281 | "; |
||||
282 | $class = ('even' === $class) ? 'odd' : 'even'; |
||||
283 | } |
||||
284 | echo "<tr><td class='foot' align='center' colspan='8'> |
||||
285 | <input type='hidden' name='op' value='order'> |
||||
286 | " . $GLOBALS['xoopsSecurity']->getTokenHTML() . " |
||||
287 | <input type='submit' name='submit' value='" . _SUBMIT . "'> |
||||
288 | </td></tr></table> |
||||
289 | </form> |
||||
290 | <br><br>"; |
||||
291 | } |
||||
292 | |||||
293 | /** |
||||
294 | * @param int $bid |
||||
295 | */ |
||||
296 | function cloneBlock($bid) |
||||
297 | { |
||||
298 | |||||
299 | xoops_cp_header(); |
||||
300 | |||||
301 | $adminObject = Admin::getInstance(); |
||||
302 | $adminObject->displayNavigation(basename(__FILE__)); |
||||
303 | $moduleDirName = \basename(\dirname(__DIR__)); |
||||
304 | $moduleDirNameUpper = \mb_strtoupper($moduleDirName); |
||||
305 | xoops_loadLanguage('admin', 'system'); |
||||
306 | xoops_loadLanguage('admin/blocksadmin', 'system'); |
||||
307 | xoops_loadLanguage('admin/groups', 'system'); |
||||
308 | |||||
309 | // mpu_adm_menu(); |
||||
310 | $myblock = new \XoopsBlock($bid); |
||||
311 | $db = \XoopsDatabaseFactory::getDatabaseConnection(); |
||||
312 | $sql = 'SELECT module_id FROM ' . $db->prefix('block_module_link') . ' WHERE block_id=' . (int)$bid; |
||||
313 | $result = $db->query($sql); |
||||
314 | $modules = []; |
||||
315 | while (false !== ($row = $db->fetchArray($result))) { |
||||
316 | $modules[] = (int)$row['module_id']; |
||||
317 | } |
||||
318 | $isCustom = (in_array($myblock->getVar('block_type'), ['C', 'E'])); |
||||
319 | $block = [ |
||||
0 ignored issues
–
show
|
|||||
320 | 'title' => $myblock->getVar('title') . ' Clone', |
||||
321 | 'form_title' => constant('CO_' . $moduleDirNameUpper . '_' . 'BLOCKS_CLONEBLOCK'), |
||||
322 | 'name' => $myblock->getVar('name'), |
||||
323 | 'side' => $myblock->getVar('side'), |
||||
324 | 'weight' => $myblock->getVar('weight'), |
||||
325 | 'visible' => $myblock->getVar('visible'), |
||||
326 | 'content' => $myblock->getVar('content', 'N'), |
||||
327 | 'modules' => $modules, |
||||
328 | 'is_custom' => $isCustom, |
||||
329 | 'ctype' => $myblock->getVar('c_type'), |
||||
330 | 'bcachetime' => $myblock->getVar('bcachetime'), |
||||
331 | 'op' => 'clone_ok', |
||||
332 | 'bid' => $myblock->getVar('bid'), |
||||
333 | 'edit_form' => $myblock->getOptions(), |
||||
334 | 'template' => $myblock->getVar('template'), |
||||
335 | 'options' => $myblock->getVar('options'), |
||||
336 | ]; |
||||
337 | echo '<a href="blocksadmin.php">' . constant('CO_' . $moduleDirNameUpper . '_' . 'BADMIN') . '</a> <span style="font-weight:bold;">»»</span> ' . _AM_SYSTEM_BLOCKS_CLONEBLOCK . '<br><br>'; |
||||
338 | require_once __DIR__ . '/blockform.php'; |
||||
339 | /** @var XoopsThemeForm $form */ |
||||
340 | $form->display(); |
||||
341 | // xoops_cp_footer(); |
||||
342 | require_once __DIR__ . '/admin_footer.php'; |
||||
343 | exit(); |
||||
344 | } |
||||
345 | |||||
346 | /** |
||||
347 | * @param int $bid |
||||
348 | * @param string $bside |
||||
349 | * @param int $bweight |
||||
350 | * @param bool $bvisible |
||||
351 | * @param int $bcachetime |
||||
352 | * @param array $bmodule |
||||
353 | * @param null|array|string $options |
||||
354 | */ |
||||
355 | function isBlockCloned($bid, $bside, $bweight, $bvisible, $bcachetime, $bmodule, $options = null) |
||||
356 | { |
||||
357 | xoops_loadLanguage('admin', 'system'); |
||||
358 | xoops_loadLanguage('admin/blocksadmin', 'system'); |
||||
359 | xoops_loadLanguage('admin/groups', 'system'); |
||||
360 | |||||
361 | $moduleDirName = \basename(\dirname(__DIR__)); |
||||
362 | $moduleDirNameUpper = mb_strtoupper($moduleDirName); |
||||
363 | |||||
364 | $block = new \XoopsBlock($bid); |
||||
365 | $clone = $block->xoopsClone(); |
||||
366 | if (empty($bmodule)) { |
||||
367 | xoops_cp_header(); |
||||
368 | xoops_error(sprintf(constant('CO_' . $moduleDirNameUpper . '_' . 'NOTSELNG'), constant('CO_' . $moduleDirNameUpper . '_' . 'VISIBLEIN'))); |
||||
369 | xoops_cp_footer(); |
||||
370 | exit(); |
||||
371 | } |
||||
372 | $clone->setVar('side', $bside); |
||||
373 | $clone->setVar('weight', $bweight); |
||||
374 | $clone->setVar('visible', $bvisible); |
||||
375 | //$clone->setVar('content', $_POST['bcontent']); |
||||
376 | $clone->setVar('title', Request::getString('btitle', '', 'POST')); |
||||
377 | $clone->setVar('bcachetime', $bcachetime); |
||||
378 | if ($options && is_array($options)) { |
||||
379 | $options = implode('|', $options); |
||||
380 | $clone->setVar('options', $options); |
||||
381 | } |
||||
382 | $clone->setVar('bid', 0); |
||||
383 | if (in_array($block->getVar('block_type'), ['C', 'E'])) { |
||||
384 | $clone->setVar('block_type', 'E'); |
||||
385 | } else { |
||||
386 | $clone->setVar('block_type', 'D'); |
||||
387 | } |
||||
388 | $newid = $clone->store(); |
||||
389 | if (!$newid) { |
||||
390 | xoops_cp_header(); |
||||
391 | $clone->getHtmlErrors(); |
||||
392 | xoops_cp_footer(); |
||||
393 | exit(); |
||||
394 | } |
||||
395 | if ('' !== $clone->getVar('template')) { |
||||
396 | /** @var \XoopsTplfileHandler $tplfileHandler */ |
||||
397 | $tplfileHandler = xoops_getHandler('tplfile'); |
||||
398 | $btemplate = $tplfileHandler->find($GLOBALS['xoopsConfig']['template_set'], 'block', $bid); |
||||
399 | if (count($btemplate) > 0) { |
||||
400 | $tplclone = $btemplate[0]->xoopsClone(); |
||||
401 | $tplclone->setVar('tpl_id', 0); |
||||
402 | $tplclone->setVar('tpl_refid', $newid); |
||||
403 | $tplfileHandler->insert($tplclone); |
||||
404 | } |
||||
405 | } |
||||
406 | $db = \XoopsDatabaseFactory::getDatabaseConnection(); |
||||
407 | foreach ($bmodule as $bmid) { |
||||
408 | $sql = 'INSERT INTO ' . $db->prefix('block_module_link') . ' (block_id, module_id) VALUES (' . $newid . ', ' . $bmid . ')'; |
||||
409 | $db->query($sql); |
||||
410 | } |
||||
411 | $groups = &$GLOBALS['xoopsUser']->getGroups(); |
||||
412 | foreach ($groups as $iValue) { |
||||
413 | $sql = 'INSERT INTO ' . $db->prefix('group_permission') . ' (gperm_groupid, gperm_itemid, gperm_modid, gperm_name) VALUES (' . $iValue . ', ' . $newid . ", 1, 'block_read')"; |
||||
414 | $db->query($sql); |
||||
415 | } |
||||
416 | redirect_header('blocksadmin.php?op=listar', 1, _AM_SYSTEM_BLOCKS_DBUPDATED); |
||||
417 | } |
||||
418 | |||||
419 | /** |
||||
420 | * @param int $bid |
||||
421 | * @param string $title |
||||
422 | * @param int $weight |
||||
423 | * @param bool $visible |
||||
424 | * @param string $side |
||||
425 | * @param int $bcachetime |
||||
426 | * @param null $bmodule |
||||
427 | */ |
||||
428 | function setOrder($bid, $title, $weight, $visible, $side, $bcachetime, $bmodule = null) |
||||
0 ignored issues
–
show
The parameter
$bmodule is not used and could be removed.
(
Ignorable by Annotation
)
If this is a false-positive, you can also ignore this issue in your code via the
This check looks for parameters that have been defined for a function or method, but which are not used in the method body.
Loading history...
|
|||||
429 | { |
||||
430 | $myblock = new \XoopsBlock($bid); |
||||
431 | $myblock->setVar('title', $title); |
||||
432 | $myblock->setVar('weight', $weight); |
||||
433 | $myblock->setVar('visible', $visible); |
||||
434 | $myblock->setVar('side', $side); |
||||
435 | $myblock->setVar('bcachetime', $bcachetime); |
||||
436 | // $myblock->store(); |
||||
437 | /** @var \XoopsBlockHandler $blockHandler */ |
||||
438 | $blockHandler = xoops_getHandler('block'); |
||||
439 | return $blockHandler->insert($myblock); |
||||
440 | } |
||||
441 | |||||
442 | /** |
||||
443 | * @param int $bid |
||||
444 | */ |
||||
445 | function editBlock($bid) |
||||
446 | { |
||||
447 | xoops_cp_header(); |
||||
448 | /** @var \Xmf\Module\Admin $adminObject */ |
||||
449 | $adminObject = Admin::getInstance(); |
||||
450 | $adminObject->displayNavigation(basename(__FILE__)); |
||||
451 | $moduleDirName = \basename(\dirname(__DIR__)); |
||||
452 | $moduleDirNameUpper = \mb_strtoupper($moduleDirName); |
||||
453 | |||||
454 | xoops_loadLanguage('admin', 'system'); |
||||
455 | xoops_loadLanguage('admin/blocksadmin', 'system'); |
||||
456 | xoops_loadLanguage('admin/groups', 'system'); |
||||
457 | // mpu_adm_menu(); |
||||
458 | $myblock = new \XoopsBlock($bid); |
||||
459 | $db = \XoopsDatabaseFactory::getDatabaseConnection(); |
||||
460 | $sql = 'SELECT module_id FROM ' . $db->prefix('block_module_link') . ' WHERE block_id=' . (int)$bid; |
||||
461 | $result = $db->query($sql); |
||||
462 | $modules = []; |
||||
463 | while (false !== ($row = $db->fetchArray($result))) { |
||||
464 | $modules[] = (int)$row['module_id']; |
||||
465 | } |
||||
466 | $isCustom = (in_array($myblock->getVar('block_type'), ['C', 'E'])); |
||||
467 | $block = [ |
||||
0 ignored issues
–
show
|
|||||
468 | 'title' => $myblock->getVar('title'), |
||||
469 | 'form_title' => constant('CO_' . $moduleDirNameUpper . '_' . 'BLOCKS_EDITBLOCK'), |
||||
470 | // 'name' => $myblock->getVar('name'), |
||||
471 | 'side' => $myblock->getVar('side'), |
||||
472 | 'weight' => $myblock->getVar('weight'), |
||||
473 | 'visible' => $myblock->getVar('visible'), |
||||
474 | 'content' => $myblock->getVar('content', 'N'), |
||||
475 | 'modules' => $modules, |
||||
476 | 'is_custom' => $isCustom, |
||||
477 | 'ctype' => $myblock->getVar('c_type'), |
||||
478 | 'bcachetime' => $myblock->getVar('bcachetime'), |
||||
479 | 'op' => 'edit_ok', |
||||
480 | 'bid' => $myblock->getVar('bid'), |
||||
481 | 'edit_form' => $myblock->getOptions(), |
||||
482 | 'template' => $myblock->getVar('template'), |
||||
483 | 'options' => $myblock->getVar('options'), |
||||
484 | ]; |
||||
485 | echo '<a href="blocksadmin.php">' . constant('CO_' . $moduleDirNameUpper . '_' . 'BADMIN') . '</a> <span style="font-weight:bold;">»»</span> ' . _AM_SYSTEM_BLOCKS_EDITBLOCK . '<br><br>'; |
||||
486 | require_once __DIR__ . '/blockform.php'; |
||||
487 | /** @var XoopsThemeForm $form */ |
||||
488 | $form->display(); |
||||
489 | // xoops_cp_footer(); |
||||
490 | require_once __DIR__ . '/admin_footer.php'; |
||||
491 | exit(); |
||||
492 | } |
||||
493 | |||||
494 | /** |
||||
495 | * @param int $bid |
||||
496 | * @param string $btitle |
||||
497 | * @param string $bside |
||||
498 | * @param int $bweight |
||||
499 | * @param bool $bvisible |
||||
500 | * @param int $bcachetime |
||||
501 | * @param array $bmodule |
||||
502 | * @param null|array|string $options |
||||
503 | * @param null|array $groups |
||||
504 | */ |
||||
505 | function updateBlock($bid, $btitle, $bside, $bweight, $bvisible, $bcachetime, $bmodule, $options, $groups) |
||||
506 | { |
||||
507 | $myblock = new \XoopsBlock($bid); |
||||
508 | $myblock->setVar('title', $btitle); |
||||
509 | $myblock->setVar('weight', $bweight); |
||||
510 | $myblock->setVar('visible', $bvisible); |
||||
511 | $myblock->setVar('side', $bside); |
||||
512 | $myblock->setVar('bcachetime', $bcachetime); |
||||
513 | $myblock->setVar('module', $bmodule); |
||||
514 | $myblock->setVar('groups', $groups); |
||||
515 | $helper = Helper::getInstance(); |
||||
516 | $helper->loadLanguage('common'); |
||||
517 | //update block options |
||||
518 | if (is_array($options) && count($options) > 0) { |
||||
519 | //Convert array values to comma-separated |
||||
520 | foreach ($options as $i => $iValue) { |
||||
521 | if (is_array($iValue)) { |
||||
522 | $options[$i] = implode(',', $iValue); |
||||
523 | } |
||||
524 | } |
||||
525 | $options = implode('|', $options); |
||||
526 | $myblock->setVar('options', $options); |
||||
527 | } |
||||
528 | // $myblock->store(); |
||||
529 | /** @var \XoopsBlockHandler $blockHandler */ |
||||
530 | $blockHandler = xoops_getHandler('block'); |
||||
531 | $blockHandler->insert($myblock); |
||||
532 | |||||
533 | global $xoopsDB; |
||||
534 | |||||
535 | $moduleDirName = \basename(\dirname(__DIR__)); |
||||
536 | $moduleDirNameUpper = \mb_strtoupper($moduleDirName); |
||||
537 | |||||
538 | if (!empty($bmodule) && count($bmodule) > 0) { |
||||
539 | $sql = sprintf('DELETE FROM `%s` WHERE block_id = %u', $xoopsDB->prefix('block_module_link'), $bid); |
||||
540 | $xoopsDB->query($sql); |
||||
541 | if (in_array(0, $bmodule)) { |
||||
542 | $sql = sprintf('INSERT INTO `%s` (block_id, module_id) VALUES (%u, %d)', $xoopsDB->prefix('block_module_link'), $bid, 0); |
||||
543 | $xoopsDB->query($sql); |
||||
544 | } else { |
||||
545 | foreach ($bmodule as $bmid) { |
||||
546 | $sql = sprintf('INSERT INTO `%s` (block_id, module_id) VALUES (%u, %d)', $xoopsDB->prefix('block_module_link'), $bid, (int)$bmid); |
||||
547 | $xoopsDB->query($sql); |
||||
548 | } |
||||
549 | } |
||||
550 | } |
||||
551 | $sql = sprintf('DELETE FROM `%s` WHERE gperm_itemid = %u', $xoopsDB->prefix('group_permission'), $bid); |
||||
552 | $xoopsDB->query($sql); |
||||
553 | if (!empty($groups)) { |
||||
554 | foreach ($groups as $grp) { |
||||
555 | $sql = sprintf("INSERT INTO `%s` (gperm_groupid, gperm_itemid, gperm_modid, gperm_name) VALUES (%u, %u, 1, 'block_read')", $xoopsDB->prefix('group_permission'), $grp, $bid); |
||||
556 | $xoopsDB->query($sql); |
||||
557 | } |
||||
558 | } |
||||
559 | redirect_header($_SERVER['SCRIPT_NAME'], 1, constant('CO_' . $moduleDirNameUpper . '_' . 'UPDATE_SUCCESS')); |
||||
560 | } |
||||
561 | |||||
562 | if ('list' === $op) { |
||||
563 | xoops_cp_header(); |
||||
564 | //$adminObject->displayNavigation(basename(__FILE__)); |
||||
565 | listBlocks(); |
||||
566 | require_once __DIR__ . '/admin_footer.php'; |
||||
567 | exit(); |
||||
568 | } |
||||
569 | |||||
570 | if ('order' === $op) { |
||||
571 | if (!$GLOBALS['xoopsSecurity']->check()) { |
||||
572 | redirect_header($_SERVER['SCRIPT_NAME'], 3, implode('<br>', $GLOBALS['xoopsSecurity']->getErrors())); |
||||
573 | } |
||||
574 | foreach (array_keys($bid) as $i) { |
||||
575 | if ($oldtitle[$i] !== $title[$i] || $oldweight[$i] !== $weight[$i] || $oldvisible[$i] !== $visible[$i] |
||||
576 | || $oldside[$i] !== $side[$i] |
||||
577 | || $oldbcachetime[$i] !== $bcachetime[$i]) { |
||||
578 | setOrder($bid[$i], $title[$i], $weight[$i], $visible[$i], $side[$i], $bcachetime[$i], $bmodule[$i]); |
||||
579 | } |
||||
580 | if (!empty($bmodule[$i]) && count($bmodule[$i]) > 0) { |
||||
581 | $sql = sprintf('DELETE FROM `%s` WHERE block_id = %u', $xoopsDB->prefix('block_module_link'), $bid[$i]); |
||||
582 | $xoopsDB->query($sql); |
||||
583 | if (in_array(0, $bmodule[$i])) { |
||||
584 | $sql = sprintf('INSERT INTO `%s` (block_id, module_id) VALUES (%u, %d)', $xoopsDB->prefix('block_module_link'), $bid[$i], 0); |
||||
585 | $xoopsDB->query($sql); |
||||
586 | } else { |
||||
587 | foreach ($bmodule[$i] as $bmid) { |
||||
588 | $sql = sprintf('INSERT INTO `%s` (block_id, module_id) VALUES (%u, %d)', $xoopsDB->prefix('block_module_link'), $bid[$i], (int)$bmid); |
||||
589 | $xoopsDB->query($sql); |
||||
590 | } |
||||
591 | } |
||||
592 | } |
||||
593 | $sql = sprintf('DELETE FROM `%s` WHERE gperm_itemid = %u', $xoopsDB->prefix('group_permission'), $bid[$i]); |
||||
594 | $xoopsDB->query($sql); |
||||
595 | if (!empty($groups[$i])) { |
||||
596 | foreach ($groups[$i] as $grp) { |
||||
597 | $sql = sprintf("INSERT INTO `%s` (gperm_groupid, gperm_itemid, gperm_modid, gperm_name) VALUES (%u, %u, 1, 'block_read')", $xoopsDB->prefix('group_permission'), $grp, $bid[$i]); |
||||
598 | $xoopsDB->query($sql); |
||||
599 | } |
||||
600 | } |
||||
601 | } |
||||
602 | redirect_header($_SERVER['SCRIPT_NAME'], 1, constant('CO_' . $moduleDirNameUpper . '_' . 'UPDATE_SUCCESS')); |
||||
603 | } |
||||
604 | if ('clone' === $op) { |
||||
605 | cloneBlock($bid); |
||||
606 | } |
||||
607 | |||||
608 | if ('edit' === $op) { |
||||
609 | editBlock($bid); |
||||
610 | } |
||||
611 | |||||
612 | if ('edit_ok' === $op) { |
||||
613 | updateBlock($bid, $btitle, $bside, $bweight, $bvisible, $bcachetime, $bmodule, $options, $groups); |
||||
614 | } |
||||
615 | |||||
616 | if ('clone_ok' === $op) { |
||||
617 | isBlockCloned($bid, $bside, $bweight, $bvisible, $bcachetime, $bmodule, $options); |
||||
618 | } |
||||
619 | } else { |
||||
620 | echo constant('CO_' . $moduleDirNameUpper . '_' . 'ERROR403'); |
||||
621 | } |
||||
622 |