This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
1 | <?php declare(strict_types=1); |
||||
2 | |||||
3 | /** |
||||
4 | * You may not change or alter any portion of this comment or credits |
||||
5 | * of supporting developers from this source code or any supporting source code |
||||
6 | * which is considered copyrighted (c) material of the original comment or credit authors. |
||||
7 | * |
||||
8 | * |
||||
9 | * @category Module |
||||
10 | * @author XOOPS Development Team |
||||
11 | * @copyright XOOPS Project |
||||
12 | * @link https://xoops.org |
||||
13 | * @license GNU GPL 2.0 or later (https://www.gnu.org/licenses/gpl-2.0.html) |
||||
14 | */ |
||||
15 | |||||
16 | use Xmf\Module\Admin; |
||||
17 | use Xmf\Request; |
||||
18 | use XoopsModules\Contact\{ |
||||
19 | Helper |
||||
20 | }; |
||||
21 | |||||
22 | /** @var Admin $adminObject */ |
||||
23 | /** @var Helper $helper */ |
||||
24 | require_once __DIR__ . '/admin_header.php'; |
||||
25 | |||||
26 | $moduleDirName = \basename(\dirname(__DIR__)); |
||||
27 | $moduleDirNameUpper = \mb_strtoupper($moduleDirName); |
||||
28 | |||||
29 | $helper = Helper::getInstance(); |
||||
30 | $helper->loadLanguage('blocksadmin'); |
||||
31 | |||||
32 | if (!is_object($GLOBALS['xoopsUser']) || !is_object($xoopsModule) |
||||
33 | || !$GLOBALS['xoopsUser']->isAdmin($xoopsModule->mid())) { |
||||
34 | exit(constant('CO_' . $moduleDirNameUpper . '_' . 'ERROR403')); |
||||
35 | } |
||||
36 | if ($GLOBALS['xoopsUser']->isAdmin($xoopsModule->mid())) { |
||||
37 | require_once XOOPS_ROOT_PATH . '/class/xoopsblock.php'; |
||||
38 | $op = 'list'; |
||||
39 | if (isset($_POST)) { |
||||
40 | foreach ($_POST as $k => $v) { |
||||
41 | ${$k} = $v; |
||||
42 | } |
||||
43 | } |
||||
44 | /* |
||||
45 | if (Request::hasVar('op', 'GET')) { |
||||
46 | if ('edit' === $_GET['op'] || 'delete' === $_GET['op'] || 'delete_ok' === $_GET['op'] || 'clone' === $_GET['op'] |
||||
47 | || 'edit' === $_GET['op']) { |
||||
48 | $op = $_GET['op']; |
||||
49 | $bid = \Xmf\Request::getInt('bid', 0, 'GET'); |
||||
50 | } |
||||
51 | */ |
||||
52 | |||||
53 | $op = Request::getString('op', $op); |
||||
54 | if (in_array($op, ['edit', 'delete', 'delete_ok', 'clone'], true)) { |
||||
55 | $bid = Request::getInt('bid', 0, 'GET'); |
||||
56 | } |
||||
57 | |||||
58 | function listBlocks(): void |
||||
59 | { |
||||
60 | global $xoopsModule, $pathIcon16; |
||||
61 | require_once XOOPS_ROOT_PATH . '/class/xoopslists.php'; |
||||
62 | $moduleDirName = \basename(\dirname(__DIR__)); |
||||
63 | $moduleDirNameUpper = \mb_strtoupper($moduleDirName); |
||||
64 | $db = \XoopsDatabaseFactory::getDatabaseConnection(); |
||||
65 | |||||
66 | $adminObject = Admin::getInstance(); |
||||
67 | $adminObject->displayNavigation(basename(__FILE__)); |
||||
68 | |||||
69 | xoops_loadLanguage('admin', 'system'); |
||||
70 | xoops_loadLanguage('admin/blocksadmin', 'system'); |
||||
71 | xoops_loadLanguage('admin/groups', 'system'); |
||||
72 | |||||
73 | /** @var \XoopsModuleHandler $moduleHandler */ |
||||
74 | $moduleHandler = xoops_getHandler('module'); |
||||
75 | /** @var \XoopsMemberHandler $memberHandler */ |
||||
76 | $memberHandler = xoops_getHandler('member'); |
||||
77 | /** @var \XoopsGroupPermHandler $grouppermHandler */ |
||||
78 | $grouppermHandler = xoops_getHandler('groupperm'); |
||||
79 | $groups = $memberHandler->getGroups(); |
||||
80 | $criteria = new \CriteriaCompo(new \Criteria('hasmain', 1)); |
||||
81 | $criteria->add(new \Criteria('isactive', 1)); |
||||
82 | $moduleList = $moduleHandler->getList($criteria); |
||||
83 | $moduleList[-1] = _AM_SYSTEM_BLOCKS_TOPPAGE; |
||||
84 | $moduleList[0] = _AM_SYSTEM_BLOCKS_ALLPAGES; |
||||
85 | ksort($moduleList); |
||||
86 | echo " |
||||
87 | <h4 style='text-align:left;'>" . constant('CO_' . $moduleDirNameUpper . '_' . 'BADMIN') . '</h4>'; |
||||
88 | echo "<form action='" . $_SERVER['SCRIPT_NAME'] . "' name='blockadmin' method='post'>"; |
||||
89 | echo $GLOBALS['xoopsSecurity']->getTokenHTML(); |
||||
90 | echo "<table width='100%' class='outer' cellpadding='4' cellspacing='1'> |
||||
91 | <tr valign='middle'><th align='center'>" |
||||
92 | . _AM_SYSTEM_BLOCKS_TITLE |
||||
93 | . "</th><th align='center' nowrap='nowrap'>" |
||||
94 | . constant('CO_' . $moduleDirNameUpper . '_' . 'SIDE') |
||||
95 | . '<br>' |
||||
96 | . _LEFT |
||||
97 | . '-' |
||||
98 | . _CENTER |
||||
99 | . '-' |
||||
100 | . _RIGHT |
||||
101 | . "</th><th align='center'>" |
||||
102 | . constant( |
||||
103 | 'CO_' . $moduleDirNameUpper . '_' . 'WEIGHT' |
||||
104 | ) |
||||
105 | . "</th><th align='center'>" |
||||
106 | . constant('CO_' . $moduleDirNameUpper . '_' . 'VISIBLE') |
||||
107 | . "</th><th align='center'>" |
||||
108 | . _AM_SYSTEM_BLOCKS_VISIBLEIN |
||||
109 | . "</th><th align='center'>" |
||||
110 | . _AM_SYSTEM_ADGS |
||||
111 | . "</th><th align='center'>" |
||||
112 | . _AM_SYSTEM_BLOCKS_BCACHETIME |
||||
113 | . "</th><th align='center'>" |
||||
114 | . constant('CO_' . $moduleDirNameUpper . '_' . 'ACTION') |
||||
115 | . '</th></tr> |
||||
116 | '; |
||||
117 | $blockArray = \XoopsBlock::getByModule($xoopsModule->mid()); |
||||
0 ignored issues
–
show
|
|||||
118 | $blockCount = count($blockArray); |
||||
0 ignored issues
–
show
|
|||||
119 | $class = 'even'; |
||||
120 | $cachetimes = [ |
||||
121 | 0 => _NOCACHE, |
||||
122 | 30 => sprintf(_SECONDS, 30), |
||||
123 | 60 => _MINUTE, |
||||
124 | 300 => sprintf(_MINUTES, 5), |
||||
125 | 1800 => sprintf(_MINUTES, 30), |
||||
126 | 3600 => _HOUR, |
||||
127 | 18000 => sprintf(_HOURS, 5), |
||||
128 | 86400 => _DAY, |
||||
129 | 259200 => sprintf(_DAYS, 3), |
||||
130 | 604800 => _WEEK, |
||||
131 | 2592000 => _MONTH, |
||||
132 | ]; |
||||
133 | foreach ($blockArray as $i) { |
||||
134 | $groupsPerms = $grouppermHandler->getGroupIds('block_read', $i->getVar('bid')); |
||||
135 | $sql = 'SELECT module_id FROM ' . $db->prefix('block_module_link') . ' WHERE block_id=' . $i->getVar('bid'); |
||||
136 | $result = $db->query($sql); |
||||
137 | $modules = []; |
||||
138 | while (false !== ($row = $db->fetchArray($result))) { |
||||
139 | $modules[] = (int)$row['module_id']; |
||||
140 | } |
||||
141 | |||||
142 | $cachetimeOptions = ''; |
||||
143 | foreach ($cachetimes as $cachetime => $cachetimeName) { |
||||
144 | if ($i->getVar('bcachetime') == $cachetime) { |
||||
145 | $cachetimeOptions .= "<option value='$cachetime' selected='selected'>$cachetimeName</option>\n"; |
||||
146 | } else { |
||||
147 | $cachetimeOptions .= "<option value='$cachetime'>$cachetimeName</option>\n"; |
||||
148 | } |
||||
149 | } |
||||
150 | |||||
151 | $sel0 = $sel1 = $ssel0 = $ssel1 = $ssel2 = $ssel3 = $ssel4 = $ssel5 = $ssel6 = $ssel7 = ''; |
||||
152 | if (1 === $i->getVar('visible')) { |
||||
153 | $sel1 = ' checked'; |
||||
154 | } else { |
||||
155 | $sel0 = ' checked'; |
||||
156 | } |
||||
157 | if (XOOPS_SIDEBLOCK_LEFT === $i->getVar('side')) { |
||||
158 | $ssel0 = ' checked'; |
||||
159 | } elseif (XOOPS_SIDEBLOCK_RIGHT === $i->getVar('side')) { |
||||
160 | $ssel1 = ' checked'; |
||||
161 | } elseif (XOOPS_CENTERBLOCK_LEFT === $i->getVar('side')) { |
||||
162 | $ssel2 = ' checked'; |
||||
163 | } elseif (XOOPS_CENTERBLOCK_RIGHT === $i->getVar('side')) { |
||||
164 | $ssel4 = ' checked'; |
||||
165 | } elseif (XOOPS_CENTERBLOCK_CENTER === $i->getVar('side')) { |
||||
166 | $ssel3 = ' checked'; |
||||
167 | } elseif (XOOPS_CENTERBLOCK_BOTTOMLEFT === $i->getVar('side')) { |
||||
168 | $ssel5 = ' checked'; |
||||
169 | } elseif (XOOPS_CENTERBLOCK_BOTTOMRIGHT === $i->getVar('side')) { |
||||
170 | $ssel6 = ' checked'; |
||||
171 | } elseif (XOOPS_CENTERBLOCK_BOTTOM === $i->getVar('side')) { |
||||
172 | $ssel7 = ' checked'; |
||||
173 | } |
||||
174 | if ('' === $i->getVar('title')) { |
||||
175 | $title = ' '; |
||||
176 | } else { |
||||
177 | $title = $i->getVar('title'); |
||||
178 | } |
||||
179 | $name = $i->getVar('name'); |
||||
0 ignored issues
–
show
|
|||||
180 | echo "<tr valign='top'><td class='$class' align='center'><input type='text' name='title[" |
||||
181 | . $i->getVar('bid') |
||||
182 | . "]' value='" |
||||
183 | . $title |
||||
184 | . "'></td><td class='$class' align='center' nowrap='nowrap'> |
||||
185 | <div align='center' > |
||||
186 | <input type='radio' name='side[" |
||||
187 | . $i->getVar('bid') |
||||
188 | . "]' value='" |
||||
189 | . XOOPS_CENTERBLOCK_LEFT |
||||
190 | . "'$ssel2> |
||||
191 | <input type='radio' name='side[" |
||||
192 | . $i->getVar('bid') |
||||
193 | . "]' value='" |
||||
194 | . XOOPS_CENTERBLOCK_CENTER |
||||
195 | . "'$ssel3> |
||||
196 | <input type='radio' name='side[" |
||||
197 | . $i->getVar('bid') |
||||
198 | . "]' value='" |
||||
199 | . XOOPS_CENTERBLOCK_RIGHT |
||||
200 | . "'$ssel4> |
||||
201 | </div> |
||||
202 | <div> |
||||
203 | <span style='float:right;'><input type='radio' name='side[" |
||||
204 | . $i->getVar('bid') |
||||
205 | . "]' value='" |
||||
206 | . XOOPS_SIDEBLOCK_RIGHT |
||||
207 | . "'$ssel1></span> |
||||
208 | <div align='left'><input type='radio' name='side[" |
||||
209 | . $i->getVar('bid') |
||||
210 | . "]' value='" |
||||
211 | . XOOPS_SIDEBLOCK_LEFT |
||||
212 | . "'$ssel0></div> |
||||
213 | </div> |
||||
214 | <div align='center'> |
||||
215 | <input type='radio' name='side[" |
||||
216 | . $i->getVar('bid') |
||||
217 | . "]' value='" |
||||
218 | . XOOPS_CENTERBLOCK_BOTTOMLEFT |
||||
219 | . "'$ssel5> |
||||
220 | <input type='radio' name='side[" |
||||
221 | . $i->getVar('bid') |
||||
222 | . "]' value='" |
||||
223 | . XOOPS_CENTERBLOCK_BOTTOM |
||||
224 | . "'$ssel7> |
||||
225 | <input type='radio' name='side[" |
||||
226 | . $i->getVar('bid') |
||||
227 | . "]' value='" |
||||
228 | . XOOPS_CENTERBLOCK_BOTTOMRIGHT |
||||
229 | . "'$ssel6> |
||||
230 | </div> |
||||
231 | </td><td class='$class' align='center'><input type='text' name='weight[" |
||||
232 | . $i->getVar('bid') |
||||
233 | . "]' value='" |
||||
234 | . $i->getVar('weight') |
||||
235 | . "' size='5' maxlength='5'></td><td class='$class' align='center' nowrap><input type='radio' name='visible[" |
||||
236 | . $i->getVar('bid') |
||||
237 | . "]' value='1'$sel1>" |
||||
238 | . _YES |
||||
239 | . " <input type='radio' name='visible[" |
||||
240 | . $i->getVar('bid') |
||||
241 | . "]' value='0'$sel0>" |
||||
242 | . _NO |
||||
243 | . '</td>'; |
||||
244 | |||||
245 | echo "<td class='$class' align='center'><select size='5' name='bmodule[" . $i->getVar('bid') . "][]' id='bmodule[" . $i->getVar('bid') . "][]' multiple='multiple'>"; |
||||
246 | foreach ($moduleList as $k => $v) { |
||||
247 | echo "<option value='$k'" . (in_array($k, $modules, true) ? 'selected' : '') . ">$v</option>"; |
||||
248 | } |
||||
249 | echo '</select></td>'; |
||||
250 | |||||
251 | echo "<td class='$class' align='center'><select size='5' name='groups[" . $i->getVar('bid') . "][]' id='groups[" . $i->getVar('bid') . "][]' multiple='multiple'>"; |
||||
252 | foreach ($groups as $grp) { |
||||
253 | echo "<option value='" . $grp->getVar('groupid') . "' " . (in_array($grp->getVar('groupid'), $groupsPerms, true) ? 'selected' : '') . '>' . $grp->getVar('name') . '</option>'; |
||||
254 | } |
||||
255 | echo '</select></td>'; |
||||
256 | |||||
257 | // Cache lifetime |
||||
258 | echo '<td class="' . $class . '" align="center"> <select name="bcachetime[' . $i->getVar('bid') . ']" size="1">' . $cachetimeOptions . '</select> |
||||
259 | </td>'; |
||||
260 | |||||
261 | // Actions |
||||
262 | |||||
263 | echo "<td class='$class' align='center'> |
||||
264 | <a href='blocksadmin.php?op=edit&bid=" . $i->getVar('bid') . "'><img src=" . $pathIcon16 . '/edit.png' . " alt='" . _EDIT . "' title='" . _EDIT . "'></a> |
||||
265 | <a href='blocksadmin.php?op=clone&bid=" . $i->getVar('bid') . "'><img src=" . $pathIcon16 . '/editcopy.png' . " alt='" . _CLONE . "' title='" . _CLONE . "'></a>"; |
||||
266 | if (!\in_array($i->getVar('block_type'), ['S', 'M'], true)) { |
||||
267 | echo " <a href='" . XOOPS_URL . '/modules/system/admin.php?fct=blocksadmin&op=delete&bid=' . $i->getVar('bid') . "'><img src=" . $pathIcon16 . '/delete.png' . " alt='" . _DELETE . "' title='" . _DELETE . "'> |
||||
268 | </a>"; |
||||
269 | } |
||||
270 | echo " |
||||
271 | <input type='hidden' name='oldtitle[" . $i->getVar('bid') . "]' value='" . $i->getVar('title') . "'> |
||||
272 | <input type='hidden' name='oldside[" . $i->getVar('bid') . "]' value='" . $i->getVar('side') . "'> |
||||
273 | <input type='hidden' name='oldweight[" . $i->getVar('bid') . "]' value='" . $i->getVar('weight') . "'> |
||||
274 | <input type='hidden' name='oldvisible[" . $i->getVar('bid') . "]' value='" . $i->getVar('visible') . "'> |
||||
275 | <input type='hidden' name='oldgroups[" . $i->getVar('groups') . "]' value='" . $i->getVar('groups') . "'> |
||||
276 | <input type='hidden' name='oldbcachetime[" . $i->getVar('bid') . "]' value='" . $i->getVar('bcachetime') . "'> |
||||
277 | <input type='hidden' name='bid[" . $i->getVar('bid') . "]' value='" . $i->getVar('bid') . "'> |
||||
278 | </td></tr> |
||||
279 | "; |
||||
280 | $class = ('even' === $class) ? 'odd' : 'even'; |
||||
281 | } |
||||
282 | echo "<tr><td class='foot' align='center' colspan='8'> |
||||
283 | <input type='hidden' name='op' value='order'> |
||||
284 | " . $GLOBALS['xoopsSecurity']->getTokenHTML() . " |
||||
285 | <input type='submit' name='submit' value='" . _SUBMIT . "'> |
||||
286 | </td></tr></table> |
||||
287 | </form> |
||||
288 | <br><br>"; |
||||
289 | } |
||||
290 | |||||
291 | /** |
||||
292 | * @param int $bid |
||||
293 | */ |
||||
294 | function cloneBlock($bid): void |
||||
295 | { |
||||
296 | require_once __DIR__ . '/admin_header.php'; |
||||
297 | |||||
298 | xoops_cp_header(); |
||||
299 | |||||
300 | $adminObject = Admin::getInstance(); |
||||
301 | $adminObject->displayNavigation(basename(__FILE__)); |
||||
302 | $moduleDirName = \basename(\dirname(__DIR__)); |
||||
303 | $moduleDirNameUpper = \mb_strtoupper($moduleDirName); |
||||
304 | xoops_loadLanguage('admin', 'system'); |
||||
305 | xoops_loadLanguage('admin/blocksadmin', 'system'); |
||||
306 | xoops_loadLanguage('admin/groups', 'system'); |
||||
307 | |||||
308 | $myblock = new \XoopsBlock($bid); |
||||
309 | $db = \XoopsDatabaseFactory::getDatabaseConnection(); |
||||
310 | $sql = 'SELECT module_id FROM ' . $db->prefix('block_module_link') . ' WHERE block_id=' . (int)$bid; |
||||
311 | $result = $db->query($sql); |
||||
312 | $modules = []; |
||||
313 | while (false !== ($row = $db->fetchArray($result))) { |
||||
314 | $modules[] = (int)$row['module_id']; |
||||
315 | } |
||||
316 | $isCustom = (\in_array($myblock->getVar('block_type'), ['C', 'E'], true)); |
||||
317 | $block = [ |
||||
0 ignored issues
–
show
|
|||||
318 | 'title' => $myblock->getVar('title') . ' Clone', |
||||
319 | 'form_title' => constant('CO_' . $moduleDirNameUpper . '_' . 'BLOCKS_CLONEBLOCK'), |
||||
320 | 'name' => $myblock->getVar('name'), |
||||
321 | 'side' => $myblock->getVar('side'), |
||||
322 | 'weight' => $myblock->getVar('weight'), |
||||
323 | 'visible' => $myblock->getVar('visible'), |
||||
324 | 'content' => $myblock->getVar('content', 'N'), |
||||
325 | 'modules' => $modules, |
||||
326 | 'is_custom' => $isCustom, |
||||
327 | 'ctype' => $myblock->getVar('c_type'), |
||||
328 | 'bcachetime' => $myblock->getVar('bcachetime'), |
||||
329 | 'op' => 'clone_ok', |
||||
330 | 'bid' => $myblock->getVar('bid'), |
||||
331 | 'edit_form' => $myblock->getOptions(), |
||||
332 | 'template' => $myblock->getVar('template'), |
||||
333 | 'options' => $myblock->getVar('options'), |
||||
334 | ]; |
||||
335 | echo '<a href="blocksadmin.php">' . constant('CO_' . $moduleDirNameUpper . '_' . 'BADMIN') . '</a> <span style="font-weight:bold;">»»</span> ' . _AM_SYSTEM_BLOCKS_CLONEBLOCK . '<br><br>'; |
||||
336 | require_once __DIR__ . '/blockform.php'; |
||||
337 | /** @var XoopsThemeForm $form */ |
||||
338 | $form->display(); |
||||
0 ignored issues
–
show
Comprehensibility
Best Practice
introduced
by
|
|||||
339 | // xoops_cp_footer(); |
||||
340 | require_once __DIR__ . '/admin_footer.php'; |
||||
341 | exit(); |
||||
0 ignored issues
–
show
|
|||||
342 | } |
||||
343 | |||||
344 | /** |
||||
345 | * @param int $bid |
||||
346 | * @param string $bside |
||||
347 | * @param int $bweight |
||||
348 | * @param bool $bvisible |
||||
349 | * @param int $bcachetime |
||||
350 | * @param array $bmodule |
||||
351 | * @param null|array|string $options |
||||
352 | */ |
||||
353 | function isBlockCloned($bid, $bside, $bweight, $bvisible, $bcachetime, $bmodule, $options = null): void |
||||
354 | { |
||||
355 | xoops_loadLanguage('admin', 'system'); |
||||
356 | xoops_loadLanguage('admin/blocksadmin', 'system'); |
||||
357 | xoops_loadLanguage('admin/groups', 'system'); |
||||
358 | |||||
359 | $block = new \XoopsBlock($bid); |
||||
360 | $clone = $block->xoopsClone(); |
||||
361 | if (empty($bmodule)) { |
||||
362 | xoops_cp_header(); |
||||
363 | xoops_error(sprintf(_AM_NOTSELNG, _AM_VISIBLEIN)); |
||||
364 | xoops_cp_footer(); |
||||
365 | exit(); |
||||
0 ignored issues
–
show
|
|||||
366 | } |
||||
367 | $clone->setVar('side', $bside); |
||||
368 | $clone->setVar('weight', $bweight); |
||||
369 | $clone->setVar('visible', $bvisible); |
||||
370 | //$clone->setVar('content', $_POST['bcontent']); |
||||
371 | $clone->setVar('title', Request::getString('btitle', '', 'POST')); |
||||
372 | $clone->setVar('bcachetime', $bcachetime); |
||||
373 | if ($options && is_array($options)) { |
||||
374 | $options = implode('|', $options); |
||||
375 | $clone->setVar('options', $options); |
||||
376 | } |
||||
377 | $clone->setVar('bid', 0); |
||||
378 | if (\in_array($block->getVar('block_type'), ['C', 'E'], true)) { |
||||
379 | $clone->setVar('block_type', 'E'); |
||||
380 | } else { |
||||
381 | $clone->setVar('block_type', 'D'); |
||||
382 | } |
||||
383 | $newid = $clone->store(); |
||||
384 | if (!$newid) { |
||||
385 | xoops_cp_header(); |
||||
386 | $clone->getHtmlErrors(); |
||||
387 | xoops_cp_footer(); |
||||
388 | exit(); |
||||
0 ignored issues
–
show
|
|||||
389 | } |
||||
390 | if ('' !== $clone->getVar('template')) { |
||||
391 | /** @var \XoopsTplfileHandler $tplfileHandler */ |
||||
392 | $tplfileHandler = xoops_getHandler('tplfile'); |
||||
393 | $btemplate = $tplfileHandler->find($GLOBALS['xoopsConfig']['template_set'], 'block', (string)$bid); |
||||
394 | if (count($btemplate) > 0) { |
||||
395 | $tplclone = $btemplate[0]->xoopsClone(); |
||||
396 | $tplclone->setVar('tpl_id', 0); |
||||
397 | $tplclone->setVar('tpl_refid', $newid); |
||||
398 | $tplfileHandler->insert($tplclone); |
||||
399 | } |
||||
400 | } |
||||
401 | $db = \XoopsDatabaseFactory::getDatabaseConnection(); |
||||
402 | foreach ($bmodule as $bmid) { |
||||
403 | $sql = 'INSERT INTO ' . $db->prefix('block_module_link') . ' (block_id, module_id) VALUES (' . $newid . ', ' . $bmid . ')'; |
||||
404 | $db->query($sql); |
||||
405 | } |
||||
406 | $groups = &$GLOBALS['xoopsUser']->getGroups(); |
||||
407 | $count = count($groups); |
||||
408 | for ($i = 0; $i < $count; ++$i) { |
||||
409 | $sql = 'INSERT INTO ' . $db->prefix('group_permission') . ' (gperm_groupid, gperm_itemid, gperm_modid, gperm_name) VALUES (' . $groups[$i] . ', ' . $newid . ", 1, 'block_read')"; |
||||
410 | $db->query($sql); |
||||
411 | } |
||||
412 | redirect_header('blocksadmin.php?op=listar', 1, _AM_SYSTEM_BLOCKS_DBUPDATED); |
||||
413 | } |
||||
414 | |||||
415 | /** |
||||
416 | * @param int $bid |
||||
417 | * @param string $title |
||||
418 | * @param int $weight |
||||
419 | * @param bool $visible |
||||
420 | * @param string $side |
||||
421 | * @param int $bcachetime |
||||
422 | * @param null|int $bmodule |
||||
423 | */ |
||||
424 | function setOrder($bid, $title, $weight, $visible, $side, $bcachetime, $bmodule = null) |
||||
0 ignored issues
–
show
The parameter
$bmodule is not used and could be removed.
(
Ignorable by Annotation
)
If this is a false-positive, you can also ignore this issue in your code via the
This check looks for parameters that have been defined for a function or method, but which are not used in the method body.
Loading history...
|
|||||
425 | { |
||||
426 | $myblock = new \XoopsBlock($bid); |
||||
427 | $myblock->setVar('title', $title); |
||||
428 | $myblock->setVar('weight', $weight); |
||||
429 | $myblock->setVar('visible', $visible); |
||||
430 | $myblock->setVar('side', $side); |
||||
431 | $myblock->setVar('bcachetime', $bcachetime); |
||||
432 | // $myblock->store(); |
||||
433 | /** @var \XoopsBlockHandler $blockHandler */ |
||||
434 | $blockHandler = xoops_getHandler('block'); |
||||
435 | |||||
436 | return $blockHandler->insert($myblock); |
||||
437 | } |
||||
438 | |||||
439 | /** |
||||
440 | * @param int $bid |
||||
441 | */ |
||||
442 | function editBlock($bid): void |
||||
443 | { |
||||
444 | require_once __DIR__ . '/admin_header.php'; |
||||
445 | xoops_cp_header(); |
||||
446 | $adminObject = Admin::getInstance(); |
||||
447 | $adminObject->displayNavigation(basename(__FILE__)); |
||||
448 | $moduleDirName = \basename(\dirname(__DIR__)); |
||||
449 | $moduleDirNameUpper = \mb_strtoupper($moduleDirName); |
||||
450 | xoops_loadLanguage('admin', 'system'); |
||||
451 | xoops_loadLanguage('admin/blocksadmin', 'system'); |
||||
452 | xoops_loadLanguage('admin/groups', 'system'); |
||||
453 | // mpu_adm_menu(); |
||||
454 | $myblock = new \XoopsBlock($bid); |
||||
455 | $db = \XoopsDatabaseFactory::getDatabaseConnection(); |
||||
456 | $sql = 'SELECT module_id FROM ' . $db->prefix('block_module_link') . ' WHERE block_id=' . (int)$bid; |
||||
457 | $result = $db->query($sql); |
||||
458 | $modules = []; |
||||
459 | while (false !== ($row = $db->fetchArray($result))) { |
||||
460 | $modules[] = (int)$row['module_id']; |
||||
461 | } |
||||
462 | $isCustom = (\in_array($myblock->getVar('block_type'), ['C', 'E'], true)); |
||||
463 | $block = [ |
||||
0 ignored issues
–
show
|
|||||
464 | 'title' => $myblock->getVar('title'), |
||||
465 | 'form_title' => constant('CO_' . $moduleDirNameUpper . '_' . 'BLOCKS_EDITBLOCK'), |
||||
466 | // 'name' => $myblock->getVar('name'), |
||||
467 | 'side' => $myblock->getVar('side'), |
||||
468 | 'weight' => $myblock->getVar('weight'), |
||||
469 | 'visible' => $myblock->getVar('visible'), |
||||
470 | 'content' => $myblock->getVar('content', 'N'), |
||||
471 | 'modules' => $modules, |
||||
472 | 'is_custom' => $isCustom, |
||||
473 | 'ctype' => $myblock->getVar('c_type'), |
||||
474 | 'bcachetime' => $myblock->getVar('bcachetime'), |
||||
475 | 'op' => 'edit_ok', |
||||
476 | 'bid' => $myblock->getVar('bid'), |
||||
477 | 'edit_form' => $myblock->getOptions(), |
||||
478 | 'template' => $myblock->getVar('template'), |
||||
479 | 'options' => $myblock->getVar('options'), |
||||
480 | ]; |
||||
481 | echo '<a href="blocksadmin.php">' . constant('CO_' . $moduleDirNameUpper . '_' . 'BADMIN') . '</a> <span style="font-weight:bold;">»»</span> ' . _AM_SYSTEM_BLOCKS_EDITBLOCK . '<br><br>'; |
||||
482 | require_once __DIR__ . '/blockform.php'; |
||||
483 | /** @var XoopsThemeForm $form */ |
||||
484 | $form->display(); |
||||
0 ignored issues
–
show
Comprehensibility
Best Practice
introduced
by
|
|||||
485 | // xoops_cp_footer(); |
||||
486 | require_once __DIR__ . '/admin_footer.php'; |
||||
487 | exit(); |
||||
0 ignored issues
–
show
|
|||||
488 | } |
||||
489 | |||||
490 | /** |
||||
491 | * @param int $bid |
||||
492 | * @param string $btitle |
||||
493 | * @param string $bside |
||||
494 | * @param int $bweight |
||||
495 | * @param bool $bvisible |
||||
496 | * @param int $bcachetime |
||||
497 | * @param array $bmodule |
||||
498 | * @param null|array|string $options |
||||
499 | * @param null|array $groups |
||||
500 | */ |
||||
501 | function updateBlock($bid, $btitle, $bside, $bweight, $bvisible, $bcachetime, $bmodule, $options, $groups): void |
||||
502 | { |
||||
503 | $myblock = new XoopsBlock($bid); |
||||
504 | $myblock->setVar('title', $btitle); |
||||
505 | $myblock->setVar('weight', $bweight); |
||||
506 | $myblock->setVar('visible', $bvisible); |
||||
507 | $myblock->setVar('side', $bside); |
||||
508 | $myblock->setVar('bcachetime', $bcachetime); |
||||
509 | $helper = Helper::getInstance(); |
||||
510 | $helper->loadLanguage('common'); |
||||
511 | //update block options |
||||
512 | if (isset($options)) { |
||||
513 | $optionsCount = count($options); |
||||
0 ignored issues
–
show
It seems like
$options can also be of type string ; however, parameter $value of count() does only seem to accept Countable|array , maybe add an additional type check?
(
Ignorable by Annotation
)
If this is a false-positive, you can also ignore this issue in your code via the
Loading history...
|
|||||
514 | if ($optionsCount > 0) { |
||||
515 | //Convert array values to comma-separated |
||||
516 | for ($i = 0; $i < $optionsCount; ++$i) { |
||||
517 | if (is_array($options[$i])) { |
||||
518 | $options[$i] = implode(',', $options[$i]); |
||||
519 | } |
||||
520 | } |
||||
521 | $options = implode('|', $options); |
||||
0 ignored issues
–
show
It seems like
$options can also be of type string ; however, parameter $pieces of implode() does only seem to accept array , maybe add an additional type check?
(
Ignorable by Annotation
)
If this is a false-positive, you can also ignore this issue in your code via the
Loading history...
|
|||||
522 | $myblock->setVar('options', $options); |
||||
523 | } |
||||
524 | } |
||||
525 | $myblock->store(); |
||||
0 ignored issues
–
show
The function
XoopsBlock::store() has been deprecated.
(
Ignorable by Annotation
)
If this is a false-positive, you can also ignore this issue in your code via the
Loading history...
|
|||||
526 | |||||
527 | global $xoopsDB; |
||||
528 | |||||
529 | $moduleDirName = \basename(\dirname(__DIR__)); |
||||
530 | $moduleDirNameUpper = \mb_strtoupper($moduleDirName); |
||||
531 | |||||
532 | if (!empty($bmodule) && count($bmodule) > 0) { |
||||
533 | $sql = sprintf('DELETE FROM `%s` WHERE block_id = %u', $xoopsDB->prefix('block_module_link'), $bid); |
||||
534 | $xoopsDB->query($sql); |
||||
535 | if (in_array(0, $bmodule, true)) { |
||||
536 | $sql = sprintf('INSERT INTO `%s` (block_id, module_id) VALUES (%u, %d)', $xoopsDB->prefix('block_module_link'), $bid, 0); |
||||
537 | $xoopsDB->query($sql); |
||||
538 | } else { |
||||
539 | foreach ($bmodule as $bmid) { |
||||
540 | $sql = sprintf('INSERT INTO `%s` (block_id, module_id) VALUES (%u, %d)', $xoopsDB->prefix('block_module_link'), $bid, (int)$bmid); |
||||
541 | $xoopsDB->query($sql); |
||||
542 | } |
||||
543 | } |
||||
544 | } |
||||
545 | $sql = sprintf('DELETE FROM `%s` WHERE gperm_itemid = %u', $xoopsDB->prefix('group_permission'), $bid); |
||||
546 | $xoopsDB->query($sql); |
||||
547 | if (!empty($groups)) { |
||||
548 | foreach ($groups as $grp) { |
||||
549 | $sql = sprintf("INSERT INTO `%s` (gperm_groupid, gperm_itemid, gperm_modid, gperm_name) VALUES (%u, %u, 1, 'block_read')", $xoopsDB->prefix('group_permission'), $grp, $bid); |
||||
550 | $xoopsDB->query($sql); |
||||
551 | } |
||||
552 | } |
||||
553 | redirect_header($_SERVER['SCRIPT_NAME'], 1, constant('CO_' . $moduleDirNameUpper . '_' . 'UPDATE_SUCCESS')); |
||||
554 | } |
||||
555 | |||||
556 | if ('list' === $op) { |
||||
557 | xoops_cp_header(); |
||||
558 | // mpu_adm_menu(); |
||||
559 | listBlocks(); |
||||
560 | require_once __DIR__ . '/admin_footer.php'; |
||||
561 | exit(); |
||||
562 | } |
||||
563 | |||||
564 | if ('order' === $op) { |
||||
565 | if (!$GLOBALS['xoopsSecurity']->check()) { |
||||
566 | redirect_header($_SERVER['SCRIPT_NAME'], 3, implode('<br>', $GLOBALS['xoopsSecurity']->getErrors())); |
||||
567 | } |
||||
568 | foreach (array_keys($bid) as $i) { |
||||
569 | if ($oldtitle[$i] != $title[$i] || $oldweight[$i] != $weight[$i] || $oldvisible[$i] != $visible[$i] |
||||
570 | || $oldside[$i] != $side[$i] |
||||
571 | || $oldbcachetime[$i] != $bcachetime[$i]) { |
||||
572 | setOrder($bid[$i], $title[$i], $weight[$i], $visible[$i], $side[$i], $bcachetime[$i], $bmodule[$i]); |
||||
573 | } |
||||
574 | if (!empty($bmodule[$i]) && count($bmodule[$i]) > 0) { |
||||
575 | $sql = sprintf('DELETE FROM `%s` WHERE block_id = %u', $xoopsDB->prefix('block_module_link'), $bid[$i]); |
||||
576 | $xoopsDB->query($sql); |
||||
577 | if (in_array(0, $bmodule[$i], true)) { |
||||
578 | $sql = sprintf('INSERT INTO `%s` (block_id, module_id) VALUES (%u, %d)', $xoopsDB->prefix('block_module_link'), $bid[$i], 0); |
||||
579 | $xoopsDB->query($sql); |
||||
580 | } else { |
||||
581 | foreach ($bmodule[$i] as $bmid) { |
||||
582 | $sql = sprintf('INSERT INTO `%s` (block_id, module_id) VALUES (%u, %d)', $xoopsDB->prefix('block_module_link'), $bid[$i], (int)$bmid); |
||||
583 | $xoopsDB->query($sql); |
||||
584 | } |
||||
585 | } |
||||
586 | } |
||||
587 | $sql = sprintf('DELETE FROM `%s` WHERE gperm_itemid = %u', $xoopsDB->prefix('group_permission'), $bid[$i]); |
||||
588 | $xoopsDB->query($sql); |
||||
589 | if (!empty($groups[$i])) { |
||||
590 | foreach ($groups[$i] as $grp) { |
||||
591 | $sql = sprintf("INSERT INTO `%s` (gperm_groupid, gperm_itemid, gperm_modid, gperm_name) VALUES (%u, %u, 1, 'block_read')", $xoopsDB->prefix('group_permission'), $grp, $bid[$i]); |
||||
592 | $xoopsDB->query($sql); |
||||
593 | } |
||||
594 | } |
||||
595 | } |
||||
596 | redirect_header($_SERVER['SCRIPT_NAME'], 1, constant('CO_' . $moduleDirNameUpper . '_' . 'UPDATE_SUCCESS')); |
||||
597 | } |
||||
598 | if ('clone' === $op) { |
||||
599 | cloneBlock($bid); |
||||
600 | } |
||||
601 | |||||
602 | if ('edit' === $op) { |
||||
603 | editBlock($bid); |
||||
604 | } |
||||
605 | |||||
606 | if ('edit_ok' === $op) { |
||||
607 | updateBlock($bid, $btitle, $bside, $bweight, $bvisible, $bcachetime, $bmodule, $options, $groups); |
||||
608 | } |
||||
609 | |||||
610 | if ('clone_ok' === $op) { |
||||
611 | isBlockCloned($bid, $bside, $bweight, $bvisible, $bcachetime, $bmodule, $options); |
||||
612 | } |
||||
613 | } else { |
||||
614 | echo constant('CO_' . $moduleDirNameUpper . '_' . 'ERROR403'); |
||||
615 | } |
||||
616 |
This function has been deprecated. The supplier of the function has supplied an explanatory message.
The explanatory message should give you some clue as to whether and when the function will be removed and what other function to use instead.