This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
1 | <?php |
||
2 | /** |
||
3 | * Module: Lexikon - glossary module |
||
4 | * Author: hsalazar |
||
5 | * Modifs: Yerres |
||
6 | * Licence: GNU |
||
7 | */ |
||
8 | |||
9 | use Xmf\Module\Admin; |
||
10 | use Xmf\Request; |
||
11 | //use XoopsModules\Tag; |
||
12 | use XoopsModules\Lexikon\{ |
||
13 | Helper, |
||
14 | Utility, |
||
15 | LexikonTree |
||
16 | }; |
||
17 | /** @var Helper $helper */ |
||
18 | |||
19 | require_once __DIR__ . '/admin_header.php'; |
||
20 | $myts = \MyTextSanitizer::getInstance(); |
||
21 | |||
22 | $helper = Helper::getInstance(); |
||
23 | |||
24 | xoops_cp_header(); |
||
25 | $adminObject = Admin::getInstance(); |
||
26 | $adminObject->displayNavigation(basename(__FILE__)); |
||
27 | $adminObject->addItemButton(_AM_LEXIKON_CREATEENTRY, 'entry.php?op=add', 'add'); |
||
28 | $adminObject->displayButton('left'); |
||
29 | |||
30 | $op = ''; |
||
31 | error_reporting(E_ALL); |
||
32 | error_reporting(E_ERROR | E_WARNING | E_PARSE); |
||
33 | /* -- Available operations -- */ |
||
34 | /** |
||
35 | * |
||
36 | */ |
||
37 | function entryDefault() |
||
38 | { |
||
39 | global $xoopsUser, $xoopsConfig, $xoopsDB, $xoopsModule, $entryID, $pathIcon16; |
||
40 | $helper = Helper::getInstance(); |
||
41 | require_once XOOPS_ROOT_PATH . '/class/xoopslists.php'; |
||
42 | require_once XOOPS_ROOT_PATH . '/class/pagenav.php'; |
||
43 | xoops_load('XoopsUserUtility'); |
||
44 | // lx_adminMenu(2, _AM_LEXIKON_ENTRIES); |
||
45 | |||
46 | $startentry = \Xmf\Request::getInt('startentry', 0, 'GET'); |
||
47 | $startcat = \Xmf\Request::getInt('startcat', 0, 'GET'); |
||
0 ignored issues
–
show
Unused Code
introduced
by
Loading history...
|
|||
48 | $startsub = \Xmf\Request::getInt('startsub', 0, 'GET'); |
||
0 ignored issues
–
show
|
|||
49 | $datesub = \Xmf\Request::getInt('datesub', 0, 'GET'); |
||
0 ignored issues
–
show
|
|||
50 | |||
51 | $myts = \MyTextSanitizer::getInstance(); |
||
0 ignored issues
–
show
|
|||
52 | |||
53 | $result01 = $xoopsDB->query( |
||
54 | 'SELECT COUNT(*) |
||
55 | FROM ' . $xoopsDB->prefix('lxcategories') . ' ' |
||
56 | ); |
||
57 | [$totalcategories] = $xoopsDB->fetchRow($result01); |
||
58 | |||
59 | $result02 = $xoopsDB->query( |
||
60 | 'SELECT COUNT(*) |
||
61 | FROM ' . $xoopsDB->prefix('lxentries') . ' |
||
62 | WHERE submit = 0' |
||
63 | ); |
||
64 | [$totalpublished] = $xoopsDB->fetchRow($result02); |
||
65 | |||
66 | $result03 = $xoopsDB->query( |
||
67 | 'SELECT COUNT(*) |
||
68 | FROM ' . $xoopsDB->prefix('lxentries') . " |
||
69 | WHERE submit = '1' AND request = '0' " |
||
70 | ); |
||
71 | [$totalsubmitted] = $xoopsDB->fetchRow($result03); |
||
72 | |||
73 | $result04 = $xoopsDB->query( |
||
74 | 'SELECT COUNT(*) |
||
75 | FROM ' . $xoopsDB->prefix('lxentries') . " |
||
76 | WHERE submit = '1' AND request = '1' " |
||
77 | ); |
||
78 | [$totalrequested] = $xoopsDB->fetchRow($result04); |
||
79 | |||
80 | /** |
||
81 | * Code to show existing terms |
||
82 | **/ |
||
83 | |||
84 | // create existing terms table |
||
85 | $resultA1 = $xoopsDB->query( |
||
86 | 'SELECT COUNT(*) |
||
87 | FROM ' . $xoopsDB->prefix('lxentries') . ' |
||
88 | WHERE submit = 0' |
||
89 | ); |
||
90 | [$numrows] = $xoopsDB->fetchRow($resultA1); |
||
91 | |||
92 | $sql = 'SELECT entryID, categoryID, term, uid, datesub, offline |
||
93 | FROM ' . $xoopsDB->prefix('lxentries') . ' |
||
94 | WHERE submit = 0 |
||
95 | ORDER BY entryID DESC'; |
||
96 | $resultA2 = $xoopsDB->query($sql, $helper->getConfig('perpage'), $startentry); |
||
97 | $result = $xoopsDB->query($sql, $helper->getConfig('perpage')); |
||
0 ignored issues
–
show
|
|||
98 | |||
99 | echo " <table class='outer' width='100%' border='0'> |
||
100 | <tr> |
||
101 | <td colspan='7' class='odd'> |
||
102 | <strong>" . _AM_LEXIKON_SHOWENTRIES . ' (' . $totalpublished . ')' . '</strong></td></tr>'; |
||
103 | echo '<tr>'; |
||
104 | |||
105 | echo "<th style='width:40px; text-align:center;'>" . _AM_LEXIKON_ENTRYID . '</td>'; |
||
106 | if (1 == $helper->getConfig('multicats')) { |
||
107 | echo "<th style='width:20%; text-align:center;'>" . _AM_LEXIKON_ENTRYCATNAME . '</td>'; |
||
108 | } |
||
109 | echo "<th style='width:*; text-align:center;'>" . _AM_LEXIKON_ENTRYTERM . "</td> |
||
110 | <th style='width:90px; text-align:center;'>" . _AM_LEXIKON_SUBMITTER . "</td> |
||
111 | <th style='width:90px; text-align:center;'>" . _AM_LEXIKON_ENTRYCREATED . "</td> |
||
112 | <th style='width:30px; text-align:center;'>" . _AM_LEXIKON_STATUS . "</td> |
||
113 | <th style='width:60px; text-align:center;'>" . _AM_LEXIKON_ACTION . '</td> |
||
114 | </tr>'; |
||
115 | $class = 'odd'; |
||
116 | if ($numrows > 0) { |
||
117 | // That is, if there ARE entries in the system |
||
118 | |||
119 | while (list($entryID, $categoryID, $term, $uid, $created, $offline) = $xoopsDB->fetchRow($resultA2)) { |
||
120 | $resultA3 = $xoopsDB->query( |
||
121 | 'SELECT name |
||
122 | FROM ' . $xoopsDB->prefix('lxcategories') . " |
||
123 | WHERE categoryID = '$categoryID'" |
||
124 | ); |
||
125 | [$name] = $xoopsDB->fetchRow($resultA3); |
||
126 | |||
127 | $sentby = \XoopsUserUtility::getUnameFromId($uid); |
||
128 | $catname = htmlspecialchars($name, ENT_QUOTES | ENT_HTML5); |
||
129 | $term = htmlspecialchars($term, ENT_QUOTES | ENT_HTML5); |
||
130 | $created = formatTimestamp($created, 's'); |
||
131 | $modify = "<a href='entry.php?op=mod&entryID=" . $entryID . "'><img src=" . $pathIcon16 . "/edit.png alt='" . _AM_LEXIKON_EDITENTRY . "'></a>"; |
||
132 | $delete = "<a href='entry.php?op=del&entryID=" . $entryID . "'><img src=" . $pathIcon16 . "/delete.png alt='" . _AM_LEXIKON_DELETEENTRY . "'></a>"; |
||
133 | |||
134 | if (0 == $offline) { |
||
135 | $status = '<img src=' . XOOPS_URL . '/modules/' . $xoopsModule->dirname() . "/assets/images/icon/on.gif alt='" . _AM_LEXIKON_ENTRYISON . "'>"; |
||
136 | } else { |
||
137 | $status = '<img src=' . XOOPS_URL . '/modules/' . $xoopsModule->dirname() . "/assets/images/icon/off.gif alt='" . _AM_LEXIKON_ENTRYISOFF . "'>"; |
||
138 | } |
||
139 | echo "<div><tr class='" . $class . "'>"; |
||
140 | $class = ('even' === $class) ? 'odd' : 'even'; |
||
141 | |||
142 | echo "<td align='center'>" . $entryID . '</td>'; |
||
143 | |||
144 | if (1 == $helper->getConfig('multicats')) { |
||
145 | echo "<td class='odd' style='text-align:left;'>" . $catname . '</td>'; |
||
146 | } |
||
147 | echo "<td class='odd' style='text-align:left;'><a href='../entry.php?entryID=" . $entryID . "'>" . $term . "</a></td> |
||
148 | <td class='odd' style='text-align:center;'>" . $sentby . "</td> |
||
149 | <td class='odd' style='text-align:center;'>" . $created . "</td> |
||
150 | <td class='odd' style='text-align:center;'>" . $status . "</td> |
||
151 | <td class='even' style='text-align:center;'>" . $modify . '-' . $delete . '</td> |
||
152 | </tr></div>'; |
||
153 | } |
||
154 | } else { // that is, $numrows = 0, there's no entries yet |
||
155 | echo '<div><tr>'; |
||
156 | echo "<td class='odd' align='center' colspan= '7'>" . _AM_LEXIKON_NOTERMS . '</td>'; |
||
157 | echo '</tr></div>'; |
||
158 | } |
||
159 | echo "</table>\n"; |
||
160 | $pagenav = new \XoopsPageNav($numrows, $helper->getConfig('perpage'), $startentry, 'startentry'); |
||
161 | echo '<div style="text-align:right;">' . $pagenav->renderNav(8) . '</div>'; |
||
162 | echo "<br>\n"; |
||
163 | echo '</div>'; |
||
164 | } |
||
165 | |||
166 | // -- Edit function -- |
||
167 | /** |
||
168 | * @param string $entryID |
||
169 | */ |
||
170 | function entryEdit($entryID = '') |
||
171 | { |
||
172 | global $xoopsUser, $xoopsConfig, $xoopsDB, $xoopsModule, $init; |
||
173 | $helper = Helper::getInstance(); |
||
174 | |||
175 | $myts = \MyTextSanitizer::getInstance(); |
||
0 ignored issues
–
show
|
|||
176 | $utility = new Utility(); |
||
177 | /** |
||
178 | * Clear all variables before we start |
||
179 | */ |
||
180 | if (!isset($block)) { |
||
181 | $block = 1; |
||
182 | } |
||
183 | if (!isset($html)) { |
||
184 | $html = 1; |
||
185 | } |
||
186 | if (!isset($smiley)) { |
||
187 | $smiley = 1; |
||
188 | } |
||
189 | if (!isset($xcodes)) { |
||
190 | $xcodes = 1; |
||
191 | } |
||
192 | if (!isset($breaks)) { |
||
193 | $breaks = 1; |
||
194 | } |
||
195 | if (!isset($offline)) { |
||
196 | $offline = 0; |
||
197 | } |
||
198 | if (!isset($submit)) { |
||
199 | $submit = 0; |
||
200 | } |
||
201 | if (!isset($request)) { |
||
202 | $request = 0; |
||
0 ignored issues
–
show
|
|||
203 | } |
||
204 | if (!isset($notifypub)) { |
||
205 | $notifypub = 1; |
||
206 | } |
||
207 | if (!isset($categoryID)) { |
||
208 | $categoryID = 1; |
||
209 | } |
||
210 | if (!isset($term)) { |
||
211 | $term = ''; |
||
212 | } |
||
213 | if (!isset($init)) { |
||
214 | $init = ''; |
||
215 | } |
||
216 | if (!isset($definition)) { |
||
217 | $definition = _AM_LEXIKON_WRITEHERE; |
||
218 | } |
||
219 | if (!isset($ref)) { |
||
220 | $ref = ''; |
||
221 | } |
||
222 | if (!isset($url)) { |
||
223 | $url = ''; |
||
224 | } |
||
225 | if (!isset($datesub)) { |
||
226 | $datesub = 0; |
||
0 ignored issues
–
show
|
|||
227 | } |
||
228 | |||
229 | // If there is a parameter, and the id exists, retrieve data: we're editing an entry |
||
230 | if ($entryID) { |
||
231 | $result = $xoopsDB->query( |
||
232 | ' |
||
233 | SELECT categoryID, term, init, definition, ref, url, uid, submit, datesub, html, smiley, xcodes, breaks, block, offline, notifypub, request |
||
234 | FROM ' . $xoopsDB->prefix('lxentries') . " |
||
235 | WHERE entryID = '$entryID'" |
||
236 | ); |
||
237 | [$categoryID, $term, $init, $definition, $ref, $url, $uid, $submit, $datesub, $html, $smiley, $xcodes, $breaks, $block, $offline, $notifypub, $request] = $xoopsDB->fetchRow($result); |
||
238 | |||
239 | if (!$xoopsDB->getRowsNum($result)) { |
||
240 | redirect_header('index.php', 1, _AM_LEXIKON_NOENTRYTOEDIT); |
||
241 | } |
||
242 | $term = (htmlspecialchars($term, ENT_QUOTES | ENT_HTML5)); |
||
243 | |||
244 | echo "<strong style='color: #2F5376; margin-top:6px; font-size:medium'>" . _AM_LEXIKON_ADMINENTRYMNGMT . '</strong>'; |
||
245 | $sform = new \XoopsThemeForm(_AM_LEXIKON_MODENTRY . ": $term", 'op', xoops_getenv('SCRIPT_NAME'), 'post', true); |
||
246 | } else { // there's no parameter, so we're adding an entry |
||
247 | $result01 = $xoopsDB->query('SELECT COUNT(*) FROM ' . $xoopsDB->prefix('lxcategories') . ' '); |
||
248 | [$totalcats] = $xoopsDB->fetchRow($result01); |
||
249 | if (0 == $totalcats && 1 == $helper->getConfig('multicats')) { |
||
250 | redirect_header('index.php', 1, _AM_LEXIKON_NEEDONECOLUMN); |
||
251 | } |
||
252 | $uid = $xoopsUser->getVar('uid'); |
||
253 | echo "<strong style='color: #2F5376; margin-top:6px; font-size:medium'>" . _AM_LEXIKON_ADMINENTRYMNGMT . '</strong>'; |
||
254 | $sform = new \XoopsThemeForm(_AM_LEXIKON_NEWENTRY, 'op', xoops_getenv('SCRIPT_NAME'), 'post', true); |
||
255 | } |
||
256 | |||
257 | $sform->setExtra('enctype="multipart/form-data"'); |
||
258 | // Category selector |
||
259 | if (1 == $helper->getConfig('multicats')) { |
||
260 | $mytree = new LexikonTree($xoopsDB->prefix('lxcategories'), 'categoryID', '0'); |
||
261 | $categoryselect = new \XoopsFormSelect(_AM_LEXIKON_CATNAME, 'categoryID', $categoryID); |
||
262 | $tbl = []; |
||
0 ignored issues
–
show
|
|||
263 | $tbl = $mytree->getChildTreeArray(0, 'name'); |
||
264 | foreach ($tbl as $oneline) { |
||
265 | if ('.' === $oneline['prefix']) { |
||
266 | $oneline['prefix'] = ''; |
||
267 | } |
||
268 | $oneline['prefix'] = str_replace('.', '-', $oneline['prefix']); |
||
269 | $categoryselect->addOption($oneline['categoryID'], $oneline['prefix'] . ' ' . $oneline['name']); |
||
270 | } |
||
271 | $sform->addElement($categoryselect, true); |
||
272 | } |
||
273 | |||
274 | // Author selector |
||
275 | ob_start(); |
||
276 | $utility::getUserForm((int)$uid); |
||
277 | $sform->addElement(new \XoopsFormLabel(_AM_LEXIKON_AUTHOR, ob_get_clean())); |
||
278 | |||
279 | // Initial selector |
||
280 | ob_start(); |
||
281 | lx_getinit((int)$init); |
||
282 | $sform->addElement(new \XoopsFormLabel(_AM_LEXIKON_INIT, ob_get_clean())); |
||
283 | |||
284 | // Term, definition, reference and related URL |
||
285 | $sform->addElement(new \XoopsFormText(_AM_LEXIKON_ENTRYTERM, 'term', 50, 80, $term), true); |
||
286 | |||
287 | // set editor according to the module's option "form_options" |
||
288 | $editor = $utility::getWysiwygForm(_AM_LEXIKON_ENTRYDEF, 'definition', $definition, 15, 60); |
||
289 | if (_MD_LEXIKON_WRITEHERE == $definition) { |
||
290 | $editor->setExtra('onfocus="this.select()"'); |
||
291 | } |
||
292 | $sform->addElement($editor, true); |
||
293 | unset($editor); |
||
294 | |||
295 | $sform->addElement(new \XoopsFormTextArea(_AM_LEXIKON_ENTRYREFERENCE, 'ref', $ref, 5, 60), false); |
||
296 | $sform->addElement(new \XoopsFormText(_AM_LEXIKON_ENTRYURL, 'url', 50, 80, $url), false); |
||
297 | |||
298 | // tags of this term - for module 'Tag' |
||
299 | /** @var \XoopsModuleHandler $moduleHandler */ |
||
300 | $moduleHandler = xoops_getHandler('module'); |
||
301 | $tagsModule = $moduleHandler->getByDirname('tag'); |
||
0 ignored issues
–
show
|
|||
302 | // if (is_object($tagsModule)) { |
||
303 | // require_once XOOPS_ROOT_PATH . '/modules/tag/include/formtag.php'; |
||
304 | // $sform->addElement(new \TagFormTag('item_tag', 60, 255, $entryID, $catid = 0)); |
||
305 | // } |
||
306 | |||
307 | // if (class_exists('TagFormTag')) { |
||
308 | // $formobj['tags'] = new FormTag('tags', 60, 255, $xcontent['xcontent']->getVar('storyid'), $xcontent['xcontent']->getVar('catid')); |
||
309 | // } else { |
||
310 | // $formobj['tags'] = new \XoopsFormHidden('tags', $xcontent['xcontent']->getVar('tags')); |
||
311 | // } |
||
312 | |||
313 | |||
314 | // Code to take entry offline, for maintenance purposes |
||
315 | $offline_radio = new \XoopsFormRadioYN(_AM_LEXIKON_SWITCHOFFLINE, 'offline', $offline, ' ' . _AM_LEXIKON_YES . '', ' ' . _AM_LEXIKON_NO . ''); |
||
316 | $sform->addElement($offline_radio); |
||
317 | |||
318 | // Code to put entry in block |
||
319 | $block_radio = new \XoopsFormRadioYN(_AM_LEXIKON_BLOCK, 'block', $block, ' ' . _AM_LEXIKON_YES . '', ' ' . _AM_LEXIKON_NO . ''); |
||
320 | $sform->addElement($block_radio); |
||
321 | |||
322 | // VARIOUS OPTIONS |
||
323 | $options_tray = new \XoopsFormElementTray(_AM_LEXIKON_OPTIONS, '<br>'); |
||
324 | if ($submit) { |
||
325 | $notify_checkbox = new \XoopsFormCheckBox('', 'notifypub', $notifypub); |
||
326 | $notify_checkbox->addOption(1, _AM_LEXIKON_NOTIFYPUBLISH); |
||
327 | $options_tray->addElement($notify_checkbox); |
||
328 | } else { |
||
329 | $notifypub = 0; |
||
0 ignored issues
–
show
|
|||
330 | } |
||
331 | $html_checkbox = new \XoopsFormCheckBox('', 'html', $html); |
||
332 | $html_checkbox->addOption(1, _AM_LEXIKON_DOHTML); |
||
333 | $options_tray->addElement($html_checkbox); |
||
334 | |||
335 | $smiley_checkbox = new \XoopsFormCheckBox('', 'smiley', $smiley); |
||
336 | $smiley_checkbox->addOption(1, _AM_LEXIKON_DOSMILEY); |
||
337 | $options_tray->addElement($smiley_checkbox); |
||
338 | |||
339 | $xcodes_checkbox = new \XoopsFormCheckBox('', 'xcodes', $xcodes); |
||
340 | $xcodes_checkbox->addOption(1, _AM_LEXIKON_DOXCODE); |
||
341 | $options_tray->addElement($xcodes_checkbox); |
||
342 | |||
343 | $breaks_checkbox = new \XoopsFormCheckBox('', 'breaks', $breaks); |
||
344 | $breaks_checkbox->addOption(1, _AM_LEXIKON_BREAKS); |
||
345 | $options_tray->addElement($breaks_checkbox); |
||
346 | |||
347 | $sform->addElement($options_tray); |
||
348 | |||
349 | $sform->addElement(new \XoopsFormHidden('entryID', $entryID)); |
||
350 | |||
351 | $buttonTray = new \XoopsFormElementTray('', ''); |
||
352 | $hidden = new \XoopsFormHidden('op', 'addentry'); |
||
353 | $buttonTray->addElement($hidden); |
||
354 | |||
355 | if (!$entryID) { // there's no entryID? Then it's a new entry |
||
356 | $butt_create = new \XoopsFormButton('', '', _AM_LEXIKON_CREATE, 'submit'); |
||
357 | $butt_create->setExtra('onclick="this.form.elements.op.value=\'addentry\'"'); |
||
358 | $buttonTray->addElement($butt_create); |
||
359 | |||
360 | $butt_clear = new \XoopsFormButton('', '', _AM_LEXIKON_CLEAR, 'reset'); |
||
361 | $buttonTray->addElement($butt_clear); |
||
362 | |||
363 | $butt_cancel = new \XoopsFormButton('', '', _AM_LEXIKON_CANCEL, 'button'); |
||
364 | $butt_cancel->setExtra('onclick="history.go(-1)"'); |
||
365 | $buttonTray->addElement($butt_cancel); |
||
366 | } else { // else, we're editing an existing entry |
||
367 | $butt_create = new \XoopsFormButton('', '', _AM_LEXIKON_MODIFY, 'submit'); |
||
368 | $butt_create->setExtra('onclick="this.form.elements.op.value=\'addentry\'"'); |
||
369 | $buttonTray->addElement($butt_create); |
||
370 | |||
371 | $butt_cancel = new \XoopsFormButton('', '', _AM_LEXIKON_CANCEL, 'button'); |
||
372 | $butt_cancel->setExtra('onclick="history.go(-1)"'); |
||
373 | $buttonTray->addElement($butt_cancel); |
||
374 | } |
||
375 | |||
376 | $sform->addElement($buttonTray); |
||
377 | $sform->display(); |
||
378 | unset($hidden); |
||
379 | } |
||
380 | |||
381 | /* Save */ |
||
382 | /** |
||
383 | * @param string $entryID |
||
384 | */ |
||
385 | function entrySave($entryID = '') |
||
386 | { |
||
387 | global $xoopsUser, $xoopsConfig, $xoopsModule, $xoopsDB; |
||
388 | $helper = Helper::getInstance(); |
||
389 | $utility = new Utility(); |
||
390 | $myts = \MyTextSanitizer::getInstance(); |
||
391 | $entryID = \Xmf\Request::getInt('entryID', \Xmf\Request::getInt('entryID', 0, 'GET'), 'POST'); |
||
392 | if (1 == $helper->getConfig('multicats')) { |
||
393 | $categoryID = Request::getInt('categoryID', 0); |
||
394 | } else { |
||
395 | $categoryID = 1; |
||
396 | } |
||
397 | $block = \Xmf\Request::getInt('block', \Xmf\Request::getInt('block', 0, 'GET'), 'POST'); |
||
398 | $breaks = \Xmf\Request::getInt('breaks', \Xmf\Request::getInt('breaks', 0, 'GET'), 'POST'); |
||
399 | |||
400 | $html = \Xmf\Request::getInt('html', \Xmf\Request::getInt('html', 0, 'GET'), 'POST'); |
||
401 | $smiley = \Xmf\Request::getInt('smiley', \Xmf\Request::getInt('smiley', 0, 'GET'), 'POST'); |
||
402 | $xcodes = \Xmf\Request::getInt('xcodes', \Xmf\Request::getInt('xcodes', 0, 'GET'), 'POST'); |
||
403 | $offline = \Xmf\Request::getInt('offline', \Xmf\Request::getInt('offline', 0, 'GET'), 'POST'); |
||
404 | $term = $myts->addSlashes(xoops_trim($_POST['term'])); |
||
405 | // LionHell pour initiale automatique |
||
406 | $init = mb_substr($term, 0, 1); |
||
407 | $init = preg_match('/[a-zA-Zа-яА-Я0-9]/', $init) ? mb_strtoupper($init) : '#'; |
||
408 | // Fin LionHell |
||
409 | |||
410 | $definition = $myts->xoopsCodeDecode($myts->censorString($_POST['definition']), $allowimage = 1); |
||
411 | $ref = isset($_POST['ref']) ? $myts->addSlashes($myts->censorString($_POST['ref'])) : ''; |
||
412 | $url = isset($_POST['url']) ? $myts->addSlashes($_POST['url']) : ''; |
||
413 | |||
414 | $date = time(); |
||
415 | $submit = 0; |
||
416 | $notifypub = \Xmf\Request::getInt('notifypub', \Xmf\Request::getInt('notifypub', 0, 'GET'), 'POST'); |
||
417 | $request = 0; |
||
418 | $uid = \Xmf\Request::getInt('author', $xoopsUser->uid(), 'POST'); |
||
419 | |||
420 | //-- module Tag |
||
421 | /** @var \XoopsModuleHandler $moduleHandler */ |
||
422 | $moduleHandler = xoops_getHandler('module'); |
||
0 ignored issues
–
show
|
|||
423 | // $tagsModule = $moduleHandler->getByDirname('tag'); |
||
424 | // if (is_object($tagsModule)) { |
||
425 | // $tagHandler = Tag\Helper::getInstance()->getHandler('Tag'); // xoops_getModuleHandler('tag', 'tag'); |
||
426 | // $tagHandler->updateByItem($_POST['item_tag'], $entryID, $xoopsModule->getVar('dirname'), $catid = 0); |
||
427 | // } |
||
428 | // Save to database |
||
429 | if (!$entryID) { |
||
430 | // verify that the term does not exists |
||
431 | if ($utility::isTermPresent($term, $xoopsDB->prefix('lxentries'))) { |
||
432 | redirect_header('<script>javascript:history.go(-1)</script>', 2, _AM_LEXIKON_ITEMEXISTS . '<br>' . $term); |
||
433 | } |
||
434 | if ($xoopsDB->query( |
||
435 | 'INSERT INTO ' |
||
436 | . $xoopsDB->prefix('lxentries') |
||
437 | . " (entryID, categoryID, term, init, definition, ref, url, uid, submit, datesub, html, smiley, xcodes, breaks, block, offline, notifypub, request ) VALUES (0, '$categoryID', '$term', '$init', '$definition', '$ref', '$url', '$uid', '$submit', '$date', '$html', '$smiley', '$xcodes', '$breaks', '$block', '$offline', '$notifypub', '$request' )" |
||
438 | )) { |
||
439 | $newid = $xoopsDB->getInsertId(); |
||
440 | // Increment author's posts count (only if it's a new definition) |
||
441 | if (is_object($xoopsUser) && empty($entryID)) { |
||
442 | /** @var \XoopsMemberHandler $memberHandler */ |
||
443 | $memberHandler = xoops_getHandler('member'); |
||
444 | $submitter = $memberHandler->getUser($uid); |
||
445 | if (is_object($submitter)) { |
||
446 | $submitter->setVar('posts', $submitter->getVar('posts') + 1); |
||
447 | $res = $memberHandler->insertUser($submitter, true); |
||
0 ignored issues
–
show
|
|||
448 | unset($submitter); |
||
449 | } |
||
450 | } |
||
451 | // trigger Notification only if its a new definition |
||
452 | if (!empty($helper->getConfig('notification_enabled'))) { |
||
453 | global $xoopsModule; |
||
454 | if (0 == $newid) { |
||
455 | $newid = $xoopsDB->getInsertId(); |
||
456 | } |
||
457 | /** @var XoopsNotificationHandler $notificationHandler */ |
||
458 | $notificationHandler = xoops_getHandler('notification'); |
||
459 | $tags = []; |
||
460 | $shortdefinition = htmlspecialchars(xoops_substr(strip_tags($definition), 0, 45), ENT_QUOTES | ENT_HTML5); |
||
461 | $tags['ITEM_NAME'] = $term; |
||
462 | $tags['ITEM_BODY'] = $shortdefinition; |
||
463 | $tags['DATESUB'] = formatTimestamp($date, 'd M Y'); |
||
464 | $tags['ITEM_URL'] = XOOPS_URL . '/modules/' . $xoopsModule->getVar('dirname') . '/entry.php?entryID=' . $newid; |
||
465 | $sql = 'SELECT name FROM ' . $xoopsDB->prefix('lxcategories') . ' WHERE categoryID=' . $categoryID; |
||
466 | $result = $xoopsDB->query($sql); |
||
467 | $row = $xoopsDB->fetchArray($result); |
||
468 | $tags['CATEGORY_NAME'] = $row['name']; |
||
469 | $tags['CATEGORY_URL'] = XOOPS_URL . '/modules/' . $xoopsModule->getVar('dirname') . '/category.php?categoryID=' . $categoryID; |
||
470 | $notificationHandler->triggerEvent('global', 0, 'new_post', $tags); |
||
471 | $notificationHandler->triggerEvent('category', $categoryID, 'new_post', $tags); |
||
472 | } |
||
473 | $utility::calculateTotals(); |
||
474 | redirect_header('entry.php', 1, _AM_LEXIKON_ENTRYCREATEDOK); |
||
475 | } else { |
||
476 | redirect_header('index.php', 1, _AM_LEXIKON_ENTRYNOTCREATED); |
||
477 | } |
||
478 | } else { // That is, $entryID exists, thus we're editing an entry |
||
479 | if ($xoopsDB->query( |
||
480 | 'UPDATE ' |
||
481 | . $xoopsDB->prefix('lxentries') |
||
482 | . " SET term = '$term', categoryID = '$categoryID', init = '$init', definition = '$definition', ref = '$ref', url = '$url', uid = '$uid', submit = '$submit', datesub = '$date', html = '$html', smiley = '$smiley', xcodes = '$xcodes', breaks = '$breaks', block = '$block', offline = '$offline', notifypub = '$notifypub', request = '$request' WHERE entryID = '$entryID'" |
||
483 | )) { |
||
484 | // trigger Notification only if its a new submission |
||
485 | if (!empty($helper->getConfig('notification_enabled'))) { |
||
486 | global $xoopsModule; |
||
487 | /** @var \XoopsNotificationHandler $notificationHandler */ |
||
488 | $notificationHandler = xoops_getHandler('notification'); |
||
489 | $tags = []; |
||
490 | $shortdefinition = htmlspecialchars(xoops_substr(strip_tags($definition), 0, 45), ENT_QUOTES | ENT_HTML5); |
||
491 | $tags['ITEM_NAME'] = $term; |
||
492 | $tags['ITEM_BODY'] = $shortdefinition; |
||
493 | $tags['DATESUB'] = formatTimestamp($date, 'd M Y'); |
||
494 | $tags['ITEM_URL'] = XOOPS_URL . '/modules/' . $xoopsModule->getVar('dirname') . '/entry.php?entryID=' . $entryID; |
||
495 | $sql = 'SELECT name FROM ' . $xoopsDB->prefix('lxcategories') . ' WHERE categoryID=' . $categoryID; |
||
496 | $result = $xoopsDB->query($sql); |
||
497 | $row = $xoopsDB->fetchArray($result); |
||
498 | $tags['CATEGORY_NAME'] = $row['name']; |
||
499 | $tags['CATEGORY_URL'] = XOOPS_URL . '/modules/' . $xoopsModule->getVar('dirname') . '/category.php?categoryID=' . $categoryID; |
||
500 | $notificationHandler->triggerEvent('global', 0, 'new_post', $tags); |
||
501 | $notificationHandler->triggerEvent('category', $categoryID, 'new_post', $tags); |
||
502 | $notificationHandler->triggerEvent('term', $entryID, 'approve', $tags); |
||
503 | } |
||
504 | |||
505 | $utility::calculateTotals(); |
||
506 | if ('0' == $notifypub) { |
||
507 | redirect_header('entry.php', 1, _AM_LEXIKON_ENTRYMODIFIED); |
||
508 | } else { |
||
509 | $user = new \XoopsUser($uid); |
||
510 | $userMessage = sprintf(_MD_LEXIKON_GOODDAY2, $user->getVar('uname')); |
||
511 | $userMessage .= "\n\n"; |
||
512 | if ('1' == $request) { |
||
513 | $userMessage .= sprintf(_MD_LEXIKON_CONFREQ, $xoopsConfig['sitename']); |
||
514 | } else { |
||
515 | $userMessage .= sprintf(_MD_LEXIKON_CONFSUB); |
||
516 | } |
||
517 | $userMessage .= "\n"; |
||
518 | $userMessage .= sprintf(_MD_LEXIKON_APPROVED, $xoopsConfig['sitename']); |
||
519 | $userMessage .= "\n\n"; |
||
520 | $userMessage .= sprintf(_MD_LEXIKON_REGARDS); |
||
521 | $userMessage .= "\n"; |
||
522 | $userMessage .= "__________________\n"; |
||
523 | $userMessage .= '' . $xoopsConfig['sitename'] . ' ' . _MD_LEXIKON_WEBMASTER . "\n"; |
||
524 | $userMessage .= '' . $xoopsConfig['adminmail'] . ''; |
||
525 | $xoopsMailer = xoops_getMailer(); |
||
526 | $xoopsMailer->useMail(); |
||
527 | $xoopsMailer->setToEmails($user->getVar('email')); |
||
528 | $xoopsMailer->setFromEmail($xoopsConfig['adminmail']); |
||
529 | $xoopsMailer->setFromName($xoopsConfig['sitename'] . ' - ' . $xoopsModule->name()); |
||
530 | if ('1' == $request) { |
||
531 | $conf_subject = sprintf(_MD_LEXIKON_SUBJECTREQ, $xoopsConfig['sitename']); |
||
532 | } else { |
||
533 | $conf_subject = sprintf(_MD_LEXIKON_SUBJECTSUB, $xoopsConfig['sitename']); |
||
534 | } |
||
535 | $xoopsMailer->setSubject($conf_subject); |
||
536 | $xoopsMailer->setBody($userMessage); |
||
537 | $xoopsMailer->send(); |
||
538 | $messagesent = sprintf(_AM_LEXIKON_SENTCONFIRMMAIL, $user->getVar('uname')); |
||
539 | |||
540 | redirect_header('entry.php', 1, $messagesent); |
||
541 | } |
||
542 | redirect_header('entry.php', 1, _AM_LEXIKON_ENTRYMODIFIED); |
||
543 | } else { |
||
544 | redirect_header('index.php', 1, _AM_LEXIKON_ENTRYNOTUPDATED); |
||
545 | } |
||
546 | } |
||
547 | } |
||
548 | |||
549 | /** |
||
550 | * @param string $entryID |
||
551 | */ |
||
552 | function entryDelete($entryID = '') |
||
553 | { |
||
554 | global $xoopsDB, $xoopsModule; |
||
555 | $entryID = \Xmf\Request::getInt('entryID', \Xmf\Request::getInt('entryID', 0, 'GET'), 'POST'); |
||
556 | $ok = \Xmf\Request::getInt('ok', 0, 'POST'); |
||
557 | $result = $xoopsDB->query('SELECT entryID, term, uid FROM ' . $xoopsDB->prefix('lxentries') . " WHERE entryID = $entryID"); |
||
558 | [$entryID, $term, $uid] = $xoopsDB->fetchRow($result); |
||
559 | |||
560 | // confirmed, so delete |
||
561 | if (1 == $ok) { |
||
562 | $result = $xoopsDB->query('DELETE FROM ' . $xoopsDB->prefix('lxentries') . " WHERE entryID = $entryID"); |
||
0 ignored issues
–
show
|
|||
563 | xoops_comment_delete($xoopsModule->getVar('mid'), $entryID); |
||
564 | // delete notifications |
||
565 | xoops_notification_deletebyitem($xoopsModule->getVar('mid'), 'term', $entryID); |
||
566 | // update user posts |
||
567 | if (!empty($uid)) { |
||
568 | $submitter = new \XoopsUser($uid); |
||
569 | /** @var \XoopsMemberHandler $memberHandler */ |
||
570 | $memberHandler = xoops_getHandler('member'); |
||
571 | $memberHandler->updateUserByField($submitter, 'posts', $submitter->getVar('posts') - 1); |
||
572 | } |
||
573 | redirect_header('entry.php', 1, sprintf(_AM_LEXIKON_ENTRYISDELETED, $term)); |
||
574 | } else { |
||
575 | xoops_confirm(['op' => 'del', 'entryID' => $entryID, 'ok' => 1, 'term' => $term], 'entry.php', _AM_LEXIKON_DELETETHISENTRY . '<br>' . $term, _AM_LEXIKON_DELETE); |
||
576 | require_once __DIR__ . '/admin_footer.php'; |
||
577 | } |
||
578 | exit(); |
||
579 | } |
||
580 | |||
581 | /* -- Available operations -- */ |
||
582 | $op = 'default'; |
||
583 | if (\Xmf\Request::hasVar('op', 'POST')) { |
||
584 | $op = $_POST['op']; |
||
585 | } else { |
||
586 | if (\Xmf\Request::hasVar('op', 'GET')) { |
||
587 | $op = $_GET['op']; |
||
588 | } |
||
589 | } |
||
590 | switch ($op) { |
||
591 | case 'mod': |
||
592 | $entryID = \Xmf\Request::getInt('entryID', \Xmf\Request::getInt('entryID', 0, 'POST'), 'GET'); |
||
593 | entryEdit($entryID); |
||
594 | break; |
||
595 | case 'add': |
||
596 | entryEdit(); |
||
597 | break; |
||
598 | case 'addentry': |
||
599 | entrySave(); |
||
600 | break; |
||
601 | case 'del': |
||
602 | entryDelete(); |
||
603 | break; |
||
604 | case 'default': |
||
605 | default: |
||
606 | entryDefault(); |
||
607 | break; |
||
608 | } |
||
609 | require_once __DIR__ . '/admin_footer.php'; |
||
610 |