This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
1 | <?php |
||||
2 | |||||
3 | declare(strict_types=1); |
||||
4 | |||||
5 | /** |
||||
6 | * You may not change or alter any portion of this comment or credits |
||||
7 | * of supporting developers from this source code or any supporting source code |
||||
8 | * which is considered copyrighted (c) material of the original comment or credit authors. |
||||
9 | * |
||||
10 | * |
||||
11 | * @category Module |
||||
12 | * @author XOOPS Development Team |
||||
13 | * @copyright XOOPS Project |
||||
14 | * @link https://xoops.org |
||||
15 | * @license GNU GPL 2 or later (https://www.gnu.org/licenses/gpl-2.0.html) |
||||
16 | */ |
||||
17 | |||||
18 | use Xmf\Module\Admin; |
||||
19 | use Xmf\Request; |
||||
20 | use XoopsModules\Lexikon\{ |
||||
21 | Common\Configurator, |
||||
22 | Helper |
||||
23 | }; |
||||
24 | /** @var Admin $adminObject */ |
||||
25 | /** @var Helper $helper */ |
||||
26 | |||||
27 | require __DIR__ . '/admin_header.php'; |
||||
28 | require_once XOOPS_ROOT_PATH . '/kernel/block.php'; |
||||
29 | |||||
30 | $moduleDirName = \basename(\dirname(__DIR__)); |
||||
31 | $moduleDirNameUpper = \mb_strtoupper($moduleDirName); |
||||
32 | |||||
33 | if (!is_object($GLOBALS['xoopsUser']) || !is_object($xoopsModule) |
||||
34 | || !$GLOBALS['xoopsUser']->isAdmin($xoopsModule->mid())) { |
||||
35 | exit(constant('CO_' . $moduleDirNameUpper . '_' . 'ERROR403')); |
||||
36 | } |
||||
37 | if ($GLOBALS['xoopsUser']->isAdmin($xoopsModule->mid())) { |
||||
38 | require_once XOOPS_ROOT_PATH . '/kernel/block.php'; |
||||
39 | $op = 'list'; |
||||
40 | if (isset($_POST)) { |
||||
41 | foreach ($_POST as $k => $v) { |
||||
42 | ${$k} = $v; |
||||
43 | } |
||||
44 | } |
||||
45 | /* |
||||
46 | if (Request::hasVar('op', 'GET')) { |
||||
47 | if ('edit' === $_GET['op'] || 'delete' === $_GET['op'] || 'delete_ok' === $_GET['op'] || 'clone' === $_GET['op'] |
||||
48 | || 'edit' === $_GET['op']) { |
||||
49 | $op = $_GET['op']; |
||||
50 | $bid = Request::getInt('bid', 0, 'GET'); |
||||
51 | } |
||||
52 | */ |
||||
53 | |||||
54 | $op = Request::getString('op', $op); |
||||
55 | if (in_array($op, ['edit', 'delete', 'delete_ok', 'clone'])) { |
||||
56 | $bid = Request::getInt('bid', 0, 'GET'); |
||||
57 | } |
||||
58 | |||||
59 | function listBlocks() |
||||
60 | { |
||||
61 | global $xoopsModule, $pathIcon16; |
||||
62 | // require_once XOOPS_ROOT_PATH . '/class/xoopslists.php'; |
||||
63 | xoops_load('xoopslist'); |
||||
64 | $moduleDirName = \basename(\dirname(__DIR__)); |
||||
65 | $moduleDirNameUpper = \mb_strtoupper($moduleDirName); |
||||
66 | /** @var \XoopsMySQLDatabase $db */ |
||||
67 | $db = \XoopsDatabaseFactory::getDatabaseConnection(); |
||||
68 | |||||
69 | $adminObject = Admin::getInstance(); |
||||
70 | $adminObject->displayNavigation(basename(__FILE__)); |
||||
71 | |||||
72 | xoops_loadLanguage('admin', 'system'); |
||||
73 | xoops_loadLanguage('admin/blocksadmin', 'system'); |
||||
74 | xoops_loadLanguage('admin/groups', 'system'); |
||||
75 | |||||
76 | $configurator = new Configurator(); |
||||
77 | $icons = $configurator->icons; |
||||
78 | |||||
79 | /** @var \XoopsModuleHandler $moduleHandler */ |
||||
80 | $moduleHandler = xoops_getHandler('module'); |
||||
81 | /** @var \XoopsMemberHandler $memberHandler */ |
||||
82 | $memberHandler = xoops_getHandler('member'); |
||||
83 | /** @var \XoopsGroupPermHandler $grouppermHandler */ |
||||
84 | $grouppermHandler = xoops_getHandler('groupperm'); |
||||
85 | $groups = $memberHandler->getGroups(); |
||||
86 | $criteria = new \CriteriaCompo(new \Criteria('hasmain', 1)); |
||||
87 | $criteria->add(new \Criteria('isactive', 1)); |
||||
88 | $moduleList = $moduleHandler->getList($criteria); |
||||
89 | $moduleList[-1] = _AM_SYSTEM_BLOCKS_TOPPAGE; |
||||
90 | $moduleList[0] = _AM_SYSTEM_BLOCKS_ALLPAGES; |
||||
91 | ksort($moduleList); |
||||
92 | echo " |
||||
93 | <h4 style='text-align:left;'>" . constant('CO_' . $moduleDirNameUpper . '_' . 'BADMIN') . '</h4>'; |
||||
94 | echo "<form action='" . Request::getString('SCRIPT_NAME', '', 'SERVER') . "' name='blockadmin' method='post'>"; |
||||
95 | echo $GLOBALS['xoopsSecurity']->getTokenHTML(); |
||||
96 | echo "<table width='100%' class='outer' cellpadding='4' cellspacing='1'> |
||||
97 | <tr valign='middle'><th align='center'>" |
||||
98 | . _AM_SYSTEM_BLOCKS_TITLE |
||||
99 | . "</th><th align='center' nowrap='nowrap'>" |
||||
100 | . constant('CO_' . $moduleDirNameUpper . '_' . 'SIDE') |
||||
101 | . '<br>' |
||||
102 | . _LEFT |
||||
103 | . '-' |
||||
104 | . _CENTER |
||||
105 | . '-' |
||||
106 | . _RIGHT |
||||
107 | . "</th><th align='center'>" |
||||
108 | . constant('CO_' . $moduleDirNameUpper . '_' . 'WEIGHT') |
||||
109 | . "</th><th align='center'>" |
||||
110 | . constant('CO_' . $moduleDirNameUpper . '_' . 'VISIBLE') |
||||
111 | . "</th><th align='center'>" |
||||
112 | . _AM_SYSTEM_BLOCKS_VISIBLEIN |
||||
113 | . "</th><th align='center'>" |
||||
114 | . _AM_SYSTEM_ADGS |
||||
115 | . "</th><th align='center'>" |
||||
116 | . _AM_SYSTEM_BLOCKS_BCACHETIME |
||||
117 | . "</th><th align='center'>" |
||||
118 | . constant('CO_' . $moduleDirNameUpper . '_' . 'ACTION') |
||||
119 | . '</th></tr> |
||||
120 | '; |
||||
121 | $blockArray = \XoopsBlock::getByModule($xoopsModule->mid()); |
||||
0 ignored issues
–
show
|
|||||
122 | $blockCount = count($blockArray); |
||||
0 ignored issues
–
show
|
|||||
123 | $class = 'even'; |
||||
124 | $cachetimes = [ |
||||
125 | 0 => _NOCACHE, |
||||
126 | 30 => sprintf(_SECONDS, 30), |
||||
127 | 60 => _MINUTE, |
||||
128 | 300 => sprintf(_MINUTES, 5), |
||||
129 | 1800 => sprintf(_MINUTES, 30), |
||||
130 | 3600 => _HOUR, |
||||
131 | 18000 => sprintf(_HOURS, 5), |
||||
132 | 86400 => _DAY, |
||||
133 | 259200 => sprintf(_DAYS, 3), |
||||
134 | 604800 => _WEEK, |
||||
135 | 2592000 => _MONTH, |
||||
136 | ]; |
||||
137 | foreach ($blockArray as $i) { |
||||
138 | $groupsPerms = $grouppermHandler->getGroupIds('block_read', $i->getVar('bid')); |
||||
139 | $sql = 'SELECT module_id FROM ' . $db->prefix('block_module_link') . ' WHERE block_id=' . $i->getVar('bid'); |
||||
140 | $result = $db->query($sql); |
||||
141 | $modules = []; |
||||
142 | while (false !== ($row = $db->fetchArray($result))) { |
||||
0 ignored issues
–
show
It seems like
$result can also be of type boolean ; however, parameter $result of XoopsMySQLDatabase::fetchArray() does only seem to accept mysqli_result , maybe add an additional type check?
(
Ignorable by Annotation
)
If this is a false-positive, you can also ignore this issue in your code via the
Loading history...
|
|||||
143 | $modules[] = (int)$row['module_id']; |
||||
144 | } |
||||
145 | |||||
146 | $cachetimeOptions = ''; |
||||
147 | foreach ($cachetimes as $cachetime => $cachetimeName) { |
||||
148 | if ($i->getVar('bcachetime') == $cachetime) { |
||||
149 | $cachetimeOptions .= "<option value='$cachetime' selected='selected'>$cachetimeName</option>\n"; |
||||
150 | } else { |
||||
151 | $cachetimeOptions .= "<option value='$cachetime'>$cachetimeName</option>\n"; |
||||
152 | } |
||||
153 | } |
||||
154 | |||||
155 | $sel0 = $sel1 = $ssel0 = $ssel1 = $ssel2 = $ssel3 = $ssel4 = $ssel5 = $ssel6 = $ssel7 = ''; |
||||
156 | if (1 === $i->getVar('visible')) { |
||||
157 | $sel1 = ' checked'; |
||||
158 | } else { |
||||
159 | $sel0 = ' checked'; |
||||
160 | } |
||||
161 | if (XOOPS_SIDEBLOCK_LEFT === $i->getVar('side')) { |
||||
162 | $ssel0 = ' checked'; |
||||
163 | } elseif (XOOPS_SIDEBLOCK_RIGHT === $i->getVar('side')) { |
||||
164 | $ssel1 = ' checked'; |
||||
165 | } elseif (XOOPS_CENTERBLOCK_LEFT === $i->getVar('side')) { |
||||
166 | $ssel2 = ' checked'; |
||||
167 | } elseif (XOOPS_CENTERBLOCK_RIGHT === $i->getVar('side')) { |
||||
168 | $ssel4 = ' checked'; |
||||
169 | } elseif (XOOPS_CENTERBLOCK_CENTER === $i->getVar('side')) { |
||||
170 | $ssel3 = ' checked'; |
||||
171 | } elseif (XOOPS_CENTERBLOCK_BOTTOMLEFT === $i->getVar('side')) { |
||||
172 | $ssel5 = ' checked'; |
||||
173 | } elseif (XOOPS_CENTERBLOCK_BOTTOMRIGHT === $i->getVar('side')) { |
||||
174 | $ssel6 = ' checked'; |
||||
175 | } elseif (XOOPS_CENTERBLOCK_BOTTOM === $i->getVar('side')) { |
||||
176 | $ssel7 = ' checked'; |
||||
177 | } |
||||
178 | if ('' === $i->getVar('title')) { |
||||
179 | $title = ' '; |
||||
180 | } else { |
||||
181 | $title = $i->getVar('title'); |
||||
182 | } |
||||
183 | $name = $i->getVar('name'); |
||||
0 ignored issues
–
show
|
|||||
184 | echo "<tr valign='top'><td class='$class' align='center'><input type='text' name='title[" |
||||
185 | . $i->getVar('bid') |
||||
186 | . "]' value='" |
||||
187 | . $title |
||||
188 | . "'></td><td class='$class' align='center' nowrap='nowrap'> |
||||
189 | <div align='center' > |
||||
190 | <input type='radio' name='side[" |
||||
191 | . $i->getVar('bid') |
||||
192 | . "]' value='" |
||||
193 | . XOOPS_CENTERBLOCK_LEFT |
||||
194 | . "'$ssel2> |
||||
195 | <input type='radio' name='side[" |
||||
196 | . $i->getVar('bid') |
||||
197 | . "]' value='" |
||||
198 | . XOOPS_CENTERBLOCK_CENTER |
||||
199 | . "'$ssel3> |
||||
200 | <input type='radio' name='side[" |
||||
201 | . $i->getVar('bid') |
||||
202 | . "]' value='" |
||||
203 | . XOOPS_CENTERBLOCK_RIGHT |
||||
204 | . "'$ssel4> |
||||
205 | </div> |
||||
206 | <div> |
||||
207 | <span style='float:right;'><input type='radio' name='side[" |
||||
208 | . $i->getVar('bid') |
||||
209 | . "]' value='" |
||||
210 | . XOOPS_SIDEBLOCK_RIGHT |
||||
211 | . "'$ssel1></span> |
||||
212 | <div align='left'><input type='radio' name='side[" |
||||
213 | . $i->getVar('bid') |
||||
214 | . "]' value='" |
||||
215 | . XOOPS_SIDEBLOCK_LEFT |
||||
216 | . "'$ssel0></div> |
||||
217 | </div> |
||||
218 | <div align='center'> |
||||
219 | <input type='radio' name='side[" |
||||
220 | . $i->getVar('bid') |
||||
221 | . "]' value='" |
||||
222 | . XOOPS_CENTERBLOCK_BOTTOMLEFT |
||||
223 | . "'$ssel5> |
||||
224 | <input type='radio' name='side[" |
||||
225 | . $i->getVar('bid') |
||||
226 | . "]' value='" |
||||
227 | . XOOPS_CENTERBLOCK_BOTTOM |
||||
228 | . "'$ssel7> |
||||
229 | <input type='radio' name='side[" |
||||
230 | . $i->getVar('bid') |
||||
231 | . "]' value='" |
||||
232 | . XOOPS_CENTERBLOCK_BOTTOMRIGHT |
||||
233 | . "'$ssel6> |
||||
234 | </div> |
||||
235 | </td><td class='$class' align='center'><input type='text' name='weight[" |
||||
236 | . $i->getVar('bid') |
||||
237 | . "]' value='" |
||||
238 | . $i->getVar('weight') |
||||
239 | . "' size='5' maxlength='5'></td><td class='$class' align='center' nowrap><input type='radio' name='visible[" |
||||
240 | . $i->getVar('bid') |
||||
241 | . "]' value='1'$sel1>" |
||||
242 | . _YES |
||||
243 | . " <input type='radio' name='visible[" |
||||
244 | . $i->getVar('bid') |
||||
245 | . "]' value='0'$sel0>" |
||||
246 | . _NO |
||||
247 | . '</td>'; |
||||
248 | |||||
249 | echo "<td class='$class' align='center'><select size='5' name='bmodule[" . $i->getVar('bid') . "][]' id='bmodule[" . $i->getVar('bid') . "][]' multiple='multiple'>"; |
||||
250 | foreach ($moduleList as $k => $v) { |
||||
251 | echo "<option value='$k'" . (in_array($k, $modules) ? 'selected' : '') . ">$v</option>"; |
||||
252 | } |
||||
253 | echo '</select></td>'; |
||||
254 | |||||
255 | echo "<td class='$class' align='center'><select size='5' name='groups[" . $i->getVar('bid') . "][]' id='groups[" . $i->getVar('bid') . "][]' multiple='multiple'>"; |
||||
256 | foreach ($groups as $grp) { |
||||
257 | echo "<option value='" . $grp->getVar('groupid') . "' " . (in_array($grp->getVar('groupid'), $groupsPerms) ? 'selected' : '') . '>' . $grp->getVar('name') . '</option>'; |
||||
258 | } |
||||
259 | echo '</select></td>'; |
||||
260 | |||||
261 | // Cache lifetime |
||||
262 | echo '<td class="' . $class . '" align="center"> <select name="bcachetime[' . $i->getVar('bid') . ']" size="1">' . $cachetimeOptions . '</select> |
||||
263 | </td>'; |
||||
264 | |||||
265 | // Actions |
||||
266 | |||||
267 | echo "<td class='$class' align='center'><a href='blocksadmin.php?op=edit&bid=" . $i->getVar('bid') . "'>" . $icons->edit . "</a> <a href='blocksadmin.php?op=clone&bid=" . $i->getVar('bid') . "'><img src=" . $pathIcon16 . '/editcopy.png' . " alt='" . _CLONE . "' title='" . _CLONE . "'> |
||||
268 | </a>"; |
||||
269 | if (!in_array($i->getVar('block_type'), ['S', 'M'])) { |
||||
270 | echo " <a href='" . XOOPS_URL . '/modules/system/admin.php?fct=blocksadmin&op=delete&bid=' . $i->getVar('bid') . "'>" . $icons->delete . '</a>'; |
||||
271 | } |
||||
272 | echo " |
||||
273 | <input type='hidden' name='oldtitle[" . $i->getVar('bid') . "]' value='" . $i->getVar('title') . "'> |
||||
274 | <input type='hidden' name='oldside[" . $i->getVar('bid') . "]' value='" . $i->getVar('side') . "'> |
||||
275 | <input type='hidden' name='oldweight[" . $i->getVar('bid') . "]' value='" . $i->getVar('weight') . "'> |
||||
276 | <input type='hidden' name='oldvisible[" . $i->getVar('bid') . "]' value='" . $i->getVar('visible') . "'> |
||||
277 | <input type='hidden' name='oldgroups[" . $i->getVar('groups') . "]' value='" . $i->getVar('groups') . "'> |
||||
278 | <input type='hidden' name='oldbcachetime[" . $i->getVar('bid') . "]' value='" . $i->getVar('bcachetime') . "'> |
||||
279 | <input type='hidden' name='bid[" . $i->getVar('bid') . "]' value='" . $i->getVar('bid') . "'> |
||||
280 | </td></tr> |
||||
281 | "; |
||||
282 | $class = ('even' === $class) ? 'odd' : 'even'; |
||||
283 | } |
||||
284 | echo "<tr><td class='foot' align='center' colspan='8'> |
||||
285 | <input type='hidden' name='op' value='order'> |
||||
286 | " . $GLOBALS['xoopsSecurity']->getTokenHTML() . " |
||||
287 | <input type='submit' name='submit' value='" . _SUBMIT . "'> |
||||
288 | </td></tr></table> |
||||
289 | </form> |
||||
290 | <br><br>"; |
||||
291 | } |
||||
292 | |||||
293 | /** |
||||
294 | * @param int $bid |
||||
295 | */ |
||||
296 | function cloneBlock($bid) |
||||
297 | { |
||||
298 | |||||
299 | xoops_cp_header(); |
||||
300 | |||||
301 | $adminObject = Admin::getInstance(); |
||||
302 | $adminObject->displayNavigation(basename(__FILE__)); |
||||
303 | $moduleDirName = \basename(\dirname(__DIR__)); |
||||
304 | $moduleDirNameUpper = \mb_strtoupper($moduleDirName); |
||||
305 | xoops_loadLanguage('admin', 'system'); |
||||
306 | xoops_loadLanguage('admin/blocksadmin', 'system'); |
||||
307 | xoops_loadLanguage('admin/groups', 'system'); |
||||
308 | |||||
309 | // mpu_adm_menu(); |
||||
310 | $myblock = new \XoopsBlock($bid); |
||||
311 | $db = \XoopsDatabaseFactory::getDatabaseConnection(); |
||||
312 | $sql = 'SELECT module_id FROM ' . $db->prefix('block_module_link') . ' WHERE block_id=' . (int)$bid; |
||||
313 | $result = $db->query($sql); |
||||
314 | $modules = []; |
||||
315 | while (false !== ($row = $db->fetchArray($result))) { |
||||
316 | $modules[] = (int)$row['module_id']; |
||||
317 | } |
||||
318 | $isCustom = (in_array($myblock->getVar('block_type'), ['C', 'E'])); |
||||
319 | $block = [ |
||||
0 ignored issues
–
show
|
|||||
320 | 'title' => $myblock->getVar('title') . ' Clone', |
||||
321 | 'form_title' => constant('CO_' . $moduleDirNameUpper . '_' . 'BLOCKS_CLONEBLOCK'), |
||||
322 | 'name' => $myblock->getVar('name'), |
||||
323 | 'side' => $myblock->getVar('side'), |
||||
324 | 'weight' => $myblock->getVar('weight'), |
||||
325 | 'visible' => $myblock->getVar('visible'), |
||||
326 | 'content' => $myblock->getVar('content', 'N'), |
||||
327 | 'modules' => $modules, |
||||
328 | 'is_custom' => $isCustom, |
||||
329 | 'ctype' => $myblock->getVar('c_type'), |
||||
330 | 'bcachetime' => $myblock->getVar('bcachetime'), |
||||
331 | 'op' => 'clone_ok', |
||||
332 | 'bid' => $myblock->getVar('bid'), |
||||
333 | 'edit_form' => $myblock->getOptions(), |
||||
334 | 'template' => $myblock->getVar('template'), |
||||
335 | 'options' => $myblock->getVar('options'), |
||||
336 | ]; |
||||
337 | echo '<a href="blocksadmin.php">' . constant('CO_' . $moduleDirNameUpper . '_' . 'BADMIN') . '</a> <span style="font-weight:bold;">»»</span> ' . _AM_SYSTEM_BLOCKS_CLONEBLOCK . '<br><br>'; |
||||
338 | require_once __DIR__ . '/blockform.php'; |
||||
339 | /** @var XoopsThemeForm $form */ |
||||
340 | $form->display(); |
||||
0 ignored issues
–
show
Comprehensibility
Best Practice
introduced
by
|
|||||
341 | // xoops_cp_footer(); |
||||
342 | require_once __DIR__ . '/admin_footer.php'; |
||||
343 | exit(); |
||||
0 ignored issues
–
show
|
|||||
344 | } |
||||
345 | |||||
346 | /** |
||||
347 | * @param int $bid |
||||
348 | * @param string $bside |
||||
349 | * @param int $bweight |
||||
350 | * @param bool $bvisible |
||||
351 | * @param int $bcachetime |
||||
352 | * @param array $bmodule |
||||
353 | * @param null|array|string $options |
||||
354 | */ |
||||
355 | function isBlockCloned($bid, $bside, $bweight, $bvisible, $bcachetime, $bmodule, $options = null) |
||||
356 | { |
||||
357 | xoops_loadLanguage('admin', 'system'); |
||||
358 | xoops_loadLanguage('admin/blocksadmin', 'system'); |
||||
359 | xoops_loadLanguage('admin/groups', 'system'); |
||||
360 | |||||
361 | $moduleDirName = \basename(\dirname(__DIR__)); |
||||
362 | $moduleDirNameUpper = mb_strtoupper($moduleDirName); |
||||
363 | |||||
364 | $block = new \XoopsBlock($bid); |
||||
365 | $clone = $block->xoopsClone(); |
||||
366 | if (empty($bmodule)) { |
||||
367 | xoops_cp_header(); |
||||
368 | xoops_error(sprintf(constant('CO_' . $moduleDirNameUpper . '_' . 'NOTSELNG'), constant('CO_' . $moduleDirNameUpper . '_' . 'VISIBLEIN'))); |
||||
369 | xoops_cp_footer(); |
||||
370 | exit(); |
||||
0 ignored issues
–
show
|
|||||
371 | } |
||||
372 | $clone->setVar('side', $bside); |
||||
373 | $clone->setVar('weight', $bweight); |
||||
374 | $clone->setVar('visible', $bvisible); |
||||
375 | //$clone->setVar('content', $_POST['bcontent']); |
||||
376 | $clone->setVar('title', Request::getString('btitle', '', 'POST')); |
||||
377 | $clone->setVar('bcachetime', $bcachetime); |
||||
378 | if ($options && is_array($options)) { |
||||
379 | $options = implode('|', $options); |
||||
380 | $clone->setVar('options', $options); |
||||
381 | } |
||||
382 | $clone->setVar('bid', 0); |
||||
383 | if (in_array($block->getVar('block_type'), ['C', 'E'])) { |
||||
384 | $clone->setVar('block_type', 'E'); |
||||
385 | } else { |
||||
386 | $clone->setVar('block_type', 'D'); |
||||
387 | } |
||||
388 | $newid = $clone->store(); |
||||
389 | if (!$newid) { |
||||
390 | xoops_cp_header(); |
||||
391 | $clone->getHtmlErrors(); |
||||
392 | xoops_cp_footer(); |
||||
393 | exit(); |
||||
0 ignored issues
–
show
|
|||||
394 | } |
||||
395 | if ('' !== $clone->getVar('template')) { |
||||
396 | /** @var \XoopsTplfileHandler $tplfileHandler */ |
||||
397 | $tplfileHandler = xoops_getHandler('tplfile'); |
||||
398 | $btemplate = $tplfileHandler->find($GLOBALS['xoopsConfig']['template_set'], 'block', $bid); |
||||
399 | if (count($btemplate) > 0) { |
||||
400 | $tplclone = $btemplate[0]->xoopsClone(); |
||||
401 | $tplclone->setVar('tpl_id', 0); |
||||
402 | $tplclone->setVar('tpl_refid', $newid); |
||||
403 | $tplfileHandler->insert($tplclone); |
||||
404 | } |
||||
405 | } |
||||
406 | $db = \XoopsDatabaseFactory::getDatabaseConnection(); |
||||
407 | foreach ($bmodule as $bmid) { |
||||
408 | $sql = 'INSERT INTO ' . $db->prefix('block_module_link') . ' (block_id, module_id) VALUES (' . $newid . ', ' . $bmid . ')'; |
||||
409 | $db->query($sql); |
||||
410 | } |
||||
411 | $groups = &$GLOBALS['xoopsUser']->getGroups(); |
||||
412 | foreach ($groups as $iValue) { |
||||
413 | $sql = 'INSERT INTO ' . $db->prefix('group_permission') . ' (gperm_groupid, gperm_itemid, gperm_modid, gperm_name) VALUES (' . $iValue . ', ' . $newid . ", 1, 'block_read')"; |
||||
414 | $db->query($sql); |
||||
415 | } |
||||
416 | redirect_header('blocksadmin.php?op=listar', 1, _AM_SYSTEM_BLOCKS_DBUPDATED); |
||||
417 | } |
||||
418 | |||||
419 | /** |
||||
420 | * @param int $bid |
||||
421 | * @param string $title |
||||
422 | * @param int $weight |
||||
423 | * @param bool $visible |
||||
424 | * @param string $side |
||||
425 | * @param int $bcachetime |
||||
426 | * @param null $bmodule |
||||
0 ignored issues
–
show
|
|||||
427 | */ |
||||
428 | function setOrder($bid, $title, $weight, $visible, $side, $bcachetime, $bmodule = null) |
||||
0 ignored issues
–
show
The parameter
$bmodule is not used and could be removed.
(
Ignorable by Annotation
)
If this is a false-positive, you can also ignore this issue in your code via the
This check looks for parameters that have been defined for a function or method, but which are not used in the method body.
Loading history...
|
|||||
429 | { |
||||
430 | $myblock = new \XoopsBlock($bid); |
||||
431 | $myblock->setVar('title', $title); |
||||
432 | $myblock->setVar('weight', $weight); |
||||
433 | $myblock->setVar('visible', $visible); |
||||
434 | $myblock->setVar('side', $side); |
||||
435 | $myblock->setVar('bcachetime', $bcachetime); |
||||
436 | // $myblock->store(); |
||||
437 | /** @var \XoopsBlockHandler $blockHandler */ |
||||
438 | $blockHandler = xoops_getHandler('block'); |
||||
439 | return $blockHandler->insert($myblock); |
||||
440 | } |
||||
441 | |||||
442 | /** |
||||
443 | * @param int $bid |
||||
444 | */ |
||||
445 | function editBlock($bid) |
||||
446 | { |
||||
447 | xoops_cp_header(); |
||||
448 | /** @var \Xmf\Module\Admin $adminObject */ |
||||
449 | $adminObject = Admin::getInstance(); |
||||
450 | $adminObject->displayNavigation(basename(__FILE__)); |
||||
451 | $moduleDirName = \basename(\dirname(__DIR__)); |
||||
452 | $moduleDirNameUpper = \mb_strtoupper($moduleDirName); |
||||
453 | |||||
454 | xoops_loadLanguage('admin', 'system'); |
||||
455 | xoops_loadLanguage('admin/blocksadmin', 'system'); |
||||
456 | xoops_loadLanguage('admin/groups', 'system'); |
||||
457 | // mpu_adm_menu(); |
||||
458 | $myblock = new \XoopsBlock($bid); |
||||
459 | $db = \XoopsDatabaseFactory::getDatabaseConnection(); |
||||
460 | $sql = 'SELECT module_id FROM ' . $db->prefix('block_module_link') . ' WHERE block_id=' . (int)$bid; |
||||
461 | $result = $db->query($sql); |
||||
462 | $modules = []; |
||||
463 | while (false !== ($row = $db->fetchArray($result))) { |
||||
464 | $modules[] = (int)$row['module_id']; |
||||
465 | } |
||||
466 | $isCustom = (in_array($myblock->getVar('block_type'), ['C', 'E'])); |
||||
467 | $block = [ |
||||
0 ignored issues
–
show
|
|||||
468 | 'title' => $myblock->getVar('title'), |
||||
469 | 'form_title' => constant('CO_' . $moduleDirNameUpper . '_' . 'BLOCKS_EDITBLOCK'), |
||||
470 | // 'name' => $myblock->getVar('name'), |
||||
471 | 'side' => $myblock->getVar('side'), |
||||
472 | 'weight' => $myblock->getVar('weight'), |
||||
473 | 'visible' => $myblock->getVar('visible'), |
||||
474 | 'content' => $myblock->getVar('content', 'N'), |
||||
475 | 'modules' => $modules, |
||||
476 | 'is_custom' => $isCustom, |
||||
477 | 'ctype' => $myblock->getVar('c_type'), |
||||
478 | 'bcachetime' => $myblock->getVar('bcachetime'), |
||||
479 | 'op' => 'edit_ok', |
||||
480 | 'bid' => $myblock->getVar('bid'), |
||||
481 | 'edit_form' => $myblock->getOptions(), |
||||
482 | 'template' => $myblock->getVar('template'), |
||||
483 | 'options' => $myblock->getVar('options'), |
||||
484 | ]; |
||||
485 | echo '<a href="blocksadmin.php">' . constant('CO_' . $moduleDirNameUpper . '_' . 'BADMIN') . '</a> <span style="font-weight:bold;">»»</span> ' . _AM_SYSTEM_BLOCKS_EDITBLOCK . '<br><br>'; |
||||
486 | require_once __DIR__ . '/blockform.php'; |
||||
487 | /** @var XoopsThemeForm $form */ |
||||
488 | $form->display(); |
||||
0 ignored issues
–
show
Comprehensibility
Best Practice
introduced
by
|
|||||
489 | // xoops_cp_footer(); |
||||
490 | require_once __DIR__ . '/admin_footer.php'; |
||||
491 | exit(); |
||||
0 ignored issues
–
show
|
|||||
492 | } |
||||
493 | |||||
494 | /** |
||||
495 | * @param int $bid |
||||
496 | * @param string $btitle |
||||
497 | * @param string $bside |
||||
498 | * @param int $bweight |
||||
499 | * @param bool $bvisible |
||||
500 | * @param int $bcachetime |
||||
501 | * @param array $bmodule |
||||
502 | * @param null|array|string $options |
||||
503 | * @param null|array $groups |
||||
504 | */ |
||||
505 | function updateBlock($bid, $btitle, $bside, $bweight, $bvisible, $bcachetime, $bmodule, $options, $groups) |
||||
506 | { |
||||
507 | $myblock = new \XoopsBlock($bid); |
||||
508 | $myblock->setVar('title', $btitle); |
||||
509 | $myblock->setVar('weight', $bweight); |
||||
510 | $myblock->setVar('visible', $bvisible); |
||||
511 | $myblock->setVar('side', $bside); |
||||
512 | $myblock->setVar('bcachetime', $bcachetime); |
||||
513 | $myblock->setVar('module', $bmodule); |
||||
514 | $myblock->setVar('groups', $groups); |
||||
515 | $helper = Helper::getInstance(); |
||||
516 | $helper->loadLanguage('common'); |
||||
517 | //update block options |
||||
518 | if (is_array($options) && count($options) > 0) { |
||||
519 | //Convert array values to comma-separated |
||||
520 | foreach ($options as $i => $iValue) { |
||||
521 | if (is_array($iValue)) { |
||||
522 | $options[$i] = implode(',', $iValue); |
||||
523 | } |
||||
524 | } |
||||
525 | $options = implode('|', $options); |
||||
526 | $myblock->setVar('options', $options); |
||||
527 | } |
||||
528 | // $myblock->store(); |
||||
529 | /** @var \XoopsBlockHandler $blockHandler */ |
||||
530 | $blockHandler = xoops_getHandler('block'); |
||||
531 | $blockHandler->insert($myblock); |
||||
532 | |||||
533 | global $xoopsDB; |
||||
534 | |||||
535 | $moduleDirName = \basename(\dirname(__DIR__)); |
||||
536 | $moduleDirNameUpper = \mb_strtoupper($moduleDirName); |
||||
537 | |||||
538 | if (!empty($bmodule) && count($bmodule) > 0) { |
||||
539 | $sql = sprintf('DELETE FROM `%s` WHERE block_id = %u', $xoopsDB->prefix('block_module_link'), $bid); |
||||
540 | $xoopsDB->query($sql); |
||||
541 | if (in_array(0, $bmodule)) { |
||||
542 | $sql = sprintf('INSERT INTO `%s` (block_id, module_id) VALUES (%u, %d)', $xoopsDB->prefix('block_module_link'), $bid, 0); |
||||
543 | $xoopsDB->query($sql); |
||||
544 | } else { |
||||
545 | foreach ($bmodule as $bmid) { |
||||
546 | $sql = sprintf('INSERT INTO `%s` (block_id, module_id) VALUES (%u, %d)', $xoopsDB->prefix('block_module_link'), $bid, (int)$bmid); |
||||
547 | $xoopsDB->query($sql); |
||||
548 | } |
||||
549 | } |
||||
550 | } |
||||
551 | $sql = sprintf('DELETE FROM `%s` WHERE gperm_itemid = %u', $xoopsDB->prefix('group_permission'), $bid); |
||||
552 | $xoopsDB->query($sql); |
||||
553 | if (!empty($groups)) { |
||||
554 | foreach ($groups as $grp) { |
||||
555 | $sql = sprintf("INSERT INTO `%s` (gperm_groupid, gperm_itemid, gperm_modid, gperm_name) VALUES (%u, %u, 1, 'block_read')", $xoopsDB->prefix('group_permission'), $grp, $bid); |
||||
556 | $xoopsDB->query($sql); |
||||
557 | } |
||||
558 | } |
||||
559 | redirect_header($_SERVER['SCRIPT_NAME'], 1, constant('CO_' . $moduleDirNameUpper . '_' . 'UPDATE_SUCCESS')); |
||||
560 | } |
||||
561 | |||||
562 | if ('list' === $op) { |
||||
563 | xoops_cp_header(); |
||||
564 | //$adminObject->displayNavigation(basename(__FILE__)); |
||||
565 | listBlocks(); |
||||
566 | require_once __DIR__ . '/admin_footer.php'; |
||||
567 | exit(); |
||||
568 | } |
||||
569 | |||||
570 | if ('order' === $op) { |
||||
571 | if (!$GLOBALS['xoopsSecurity']->check()) { |
||||
572 | redirect_header($_SERVER['SCRIPT_NAME'], 3, implode('<br>', $GLOBALS['xoopsSecurity']->getErrors())); |
||||
573 | } |
||||
574 | foreach (array_keys($bid) as $i) { |
||||
575 | if ($oldtitle[$i] !== $title[$i] || $oldweight[$i] !== $weight[$i] || $oldvisible[$i] !== $visible[$i] |
||||
576 | || $oldside[$i] !== $side[$i] |
||||
577 | || $oldbcachetime[$i] !== $bcachetime[$i]) { |
||||
578 | setOrder($bid[$i], $title[$i], $weight[$i], $visible[$i], $side[$i], $bcachetime[$i], $bmodule[$i]); |
||||
579 | } |
||||
580 | if (!empty($bmodule[$i]) && count($bmodule[$i]) > 0) { |
||||
581 | $sql = sprintf('DELETE FROM `%s` WHERE block_id = %u', $xoopsDB->prefix('block_module_link'), $bid[$i]); |
||||
582 | $xoopsDB->query($sql); |
||||
583 | if (in_array(0, $bmodule[$i])) { |
||||
584 | $sql = sprintf('INSERT INTO `%s` (block_id, module_id) VALUES (%u, %d)', $xoopsDB->prefix('block_module_link'), $bid[$i], 0); |
||||
585 | $xoopsDB->query($sql); |
||||
586 | } else { |
||||
587 | foreach ($bmodule[$i] as $bmid) { |
||||
588 | $sql = sprintf('INSERT INTO `%s` (block_id, module_id) VALUES (%u, %d)', $xoopsDB->prefix('block_module_link'), $bid[$i], (int)$bmid); |
||||
589 | $xoopsDB->query($sql); |
||||
590 | } |
||||
591 | } |
||||
592 | } |
||||
593 | $sql = sprintf('DELETE FROM `%s` WHERE gperm_itemid = %u', $xoopsDB->prefix('group_permission'), $bid[$i]); |
||||
594 | $xoopsDB->query($sql); |
||||
595 | if (!empty($groups[$i])) { |
||||
596 | foreach ($groups[$i] as $grp) { |
||||
597 | $sql = sprintf("INSERT INTO `%s` (gperm_groupid, gperm_itemid, gperm_modid, gperm_name) VALUES (%u, %u, 1, 'block_read')", $xoopsDB->prefix('group_permission'), $grp, $bid[$i]); |
||||
598 | $xoopsDB->query($sql); |
||||
599 | } |
||||
600 | } |
||||
601 | } |
||||
602 | redirect_header($_SERVER['SCRIPT_NAME'], 1, constant('CO_' . $moduleDirNameUpper . '_' . 'UPDATE_SUCCESS')); |
||||
603 | } |
||||
604 | if ('clone' === $op) { |
||||
605 | cloneBlock($bid); |
||||
606 | } |
||||
607 | |||||
608 | if ('edit' === $op) { |
||||
609 | editBlock($bid); |
||||
610 | } |
||||
611 | |||||
612 | if ('edit_ok' === $op) { |
||||
613 | updateBlock($bid, $btitle, $bside, $bweight, $bvisible, $bcachetime, $bmodule, $options, $groups); |
||||
614 | } |
||||
615 | |||||
616 | if ('clone_ok' === $op) { |
||||
617 | isBlockCloned($bid, $bside, $bweight, $bvisible, $bcachetime, $bmodule, $options); |
||||
618 | } |
||||
619 | } else { |
||||
620 | echo constant('CO_' . $moduleDirNameUpper . '_' . 'ERROR403'); |
||||
621 | } |
||||
622 |
This function has been deprecated. The supplier of the function has supplied an explanatory message.
The explanatory message should give you some clue as to whether and when the function will be removed and what other function to use instead.