This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
1 | <?php declare(strict_types=1); |
||||
2 | |||||
3 | namespace XoopsModules\Contact\Common; |
||||
4 | |||||
5 | /** |
||||
6 | * You may not change or alter any portion of this comment or credits |
||||
7 | * of supporting developers from this source code or any supporting source code |
||||
8 | * which is considered copyrighted (c) material of the original comment or credit authors. |
||||
9 | * |
||||
10 | * |
||||
11 | * @category Module |
||||
12 | * @author XOOPS Development Team |
||||
13 | * @copyright XOOPS Project |
||||
14 | * @link https://xoops.org |
||||
15 | * @license GNU GPL 2.0 or later (https://www.gnu.org/licenses/gpl-2.0.html) |
||||
16 | */ |
||||
17 | |||||
18 | use Xmf\Request; |
||||
19 | use XoopsModules\Contact\{ |
||||
20 | Helper |
||||
21 | }; |
||||
22 | |||||
23 | //require __DIR__ . '/admin_header.php'; |
||||
24 | |||||
25 | /** |
||||
26 | * class Blocksadmin |
||||
27 | */ |
||||
28 | class Blocksadmin |
||||
29 | { |
||||
30 | /** |
||||
31 | * @var \XoopsMySQLDatabase|null |
||||
32 | */ |
||||
33 | public $db; |
||||
34 | /** |
||||
35 | * @var \XoopsModules\Tag\Helper |
||||
36 | */ |
||||
37 | public $helper; |
||||
38 | /** |
||||
39 | * @var string |
||||
40 | */ |
||||
41 | public $moduleDirName; |
||||
42 | /** |
||||
43 | * @var string |
||||
44 | */ |
||||
45 | public $moduleDirNameUpper; |
||||
46 | |||||
47 | /** |
||||
48 | * Blocksadmin constructor. |
||||
49 | */ |
||||
50 | public function __construct(?\XoopsDatabase $db, Helper $helper) |
||||
51 | { |
||||
52 | if (null === $db) { |
||||
53 | $db = \XoopsDatabaseFactory::getDatabaseConnection(); |
||||
54 | } |
||||
55 | $this->db = $db; |
||||
56 | $this->helper = $helper; |
||||
0 ignored issues
–
show
|
|||||
57 | $this->moduleDirName = \basename(\dirname(__DIR__, 2)); |
||||
58 | $this->moduleDirNameUpper = \mb_strtoupper($this->moduleDirName); |
||||
59 | \xoops_loadLanguage('admin', 'system'); |
||||
60 | \xoops_loadLanguage('admin/blocksadmin', 'system'); |
||||
61 | \xoops_loadLanguage('admin/groups', 'system'); |
||||
62 | \xoops_loadLanguage('common', $this->moduleDirName); |
||||
63 | \xoops_loadLanguage('blocksadmin', $this->moduleDirName); |
||||
64 | } |
||||
65 | |||||
66 | public function listBlocks() |
||||
67 | : void |
||||
68 | { |
||||
69 | global $xoopsModule, $pathIcon16; |
||||
70 | require_once XOOPS_ROOT_PATH . '/class/xoopslists.php'; |
||||
71 | // xoops_loadLanguage('admin', 'system'); |
||||
72 | // xoops_loadLanguage('admin/blocksadmin', 'system'); |
||||
73 | // xoops_loadLanguage('admin/groups', 'system'); |
||||
74 | // xoops_loadLanguage('common', $moduleDirName); |
||||
75 | // xoops_loadLanguage('blocks', $moduleDirName); |
||||
76 | |||||
77 | /** @var \XoopsModuleHandler $moduleHandler */ |
||||
78 | $moduleHandler = \xoops_getHandler('module'); |
||||
79 | /** @var \XoopsMemberHandler $memberHandler */ |
||||
80 | $memberHandler = \xoops_getHandler('member'); |
||||
81 | /** @var \XoopsGroupPermHandler $grouppermHandler */ |
||||
82 | $grouppermHandler = \xoops_getHandler('groupperm'); |
||||
83 | $groups = $memberHandler->getGroups(); |
||||
84 | $criteria = new \CriteriaCompo(new \Criteria('hasmain', '1')); |
||||
85 | $criteria->add(new \Criteria('isactive', '1')); |
||||
86 | $moduleList = $moduleHandler->getList($criteria); |
||||
87 | $moduleList[-1] = \_AM_SYSTEM_BLOCKS_TOPPAGE; |
||||
88 | $moduleList[0] = \_AM_SYSTEM_BLOCKS_ALLPAGES; |
||||
89 | \ksort($moduleList); |
||||
90 | echo " |
||||
91 | <h4 style='text-align:left;'>" . \constant('CO_' . $this->moduleDirNameUpper . '_' . 'BADMIN') . '</h4>'; |
||||
92 | echo "<form action='" . $_SERVER['SCRIPT_NAME'] . "' name='blockadmin' method='post'>"; |
||||
93 | echo $GLOBALS['xoopsSecurity']->getTokenHTML(); |
||||
94 | echo "<table width='100%' class='outer' cellpadding='4' cellspacing='1'> |
||||
95 | <tr valign='middle'><th align='center'>" |
||||
96 | . \_AM_SYSTEM_BLOCKS_TITLE |
||||
97 | . "</th><th align='center' nowrap='nowrap'>" |
||||
98 | . \constant('CO_' . $this->moduleDirNameUpper . '_' . 'SIDE') |
||||
99 | . '<br>' |
||||
100 | . _LEFT |
||||
101 | . '-' |
||||
102 | . _CENTER |
||||
103 | . '-' |
||||
104 | . _RIGHT |
||||
105 | . "</th><th align='center'>" |
||||
106 | . \constant( |
||||
107 | 'CO_' . $this->moduleDirNameUpper . '_' . 'WEIGHT' |
||||
108 | ) |
||||
109 | . "</th><th align='center'>" |
||||
110 | . \constant('CO_' . $this->moduleDirNameUpper . '_' . 'VISIBLE') |
||||
111 | . "</th><th align='center'>" |
||||
112 | . \_AM_SYSTEM_BLOCKS_VISIBLEIN |
||||
113 | . "</th><th align='center'>" |
||||
114 | . \_AM_SYSTEM_ADGS |
||||
115 | . "</th><th align='center'>" |
||||
116 | . \_AM_SYSTEM_BLOCKS_BCACHETIME |
||||
117 | . "</th><th align='center'>" |
||||
118 | . \constant('CO_' . $this->moduleDirNameUpper . '_' . 'ACTION') |
||||
119 | . '</th></tr> |
||||
120 | '; |
||||
121 | $blockArray = \XoopsBlock::getByModule($xoopsModule->mid()); |
||||
0 ignored issues
–
show
The function
XoopsBlock::getByModule() has been deprecated: (This also appears, dead, in XoopsBlockHandler)
(
Ignorable by Annotation
)
If this is a false-positive, you can also ignore this issue in your code via the
This function has been deprecated. The supplier of the function has supplied an explanatory message. The explanatory message should give you some clue as to whether and when the function will be removed and what other function to use instead.
Loading history...
|
|||||
122 | $blockCount = \count($blockArray); |
||||
0 ignored issues
–
show
|
|||||
123 | $class = 'even'; |
||||
124 | $cachetimes = [ |
||||
125 | 0 => _NOCACHE, |
||||
126 | 30 => \sprintf(_SECONDS, 30), |
||||
127 | 60 => _MINUTE, |
||||
128 | 300 => \sprintf(_MINUTES, 5), |
||||
129 | 1800 => \sprintf(_MINUTES, 30), |
||||
130 | 3600 => _HOUR, |
||||
131 | 18000 => \sprintf(_HOURS, 5), |
||||
132 | 86400 => _DAY, |
||||
133 | 259200 => \sprintf(_DAYS, 3), |
||||
134 | 604800 => _WEEK, |
||||
135 | 2592000 => _MONTH, |
||||
136 | ]; |
||||
137 | foreach ($blockArray as $i) { |
||||
138 | $groupsPermissions = $grouppermHandler->getGroupIds('block_read', $i->getVar('bid')); |
||||
139 | $sql = 'SELECT module_id FROM ' . $this->db->prefix('block_module_link') . ' WHERE block_id=' . $i->getVar('bid'); |
||||
0 ignored issues
–
show
The method
prefix() does not exist on null .
(
Ignorable by Annotation
)
If this is a false-positive, you can also ignore this issue in your code via the
This check looks for calls to methods that do not seem to exist on a given type. It looks for the method on the type itself as well as in inherited classes or implemented interfaces. This is most likely a typographical error or the method has been renamed.
Loading history...
|
|||||
140 | $result = $this->db->query($sql); |
||||
141 | $modules = []; |
||||
142 | if (!$result instanceof \mysqli_result) { |
||||
143 | \trigger_error("Query Failed! SQL: $sql Error: " . $this->db->error(), \E_USER_ERROR); |
||||
144 | } |
||||
145 | while (false !== ($row = $this->db->fetchArray($result))) { |
||||
0 ignored issues
–
show
It seems like
$result can also be of type boolean ; however, parameter $result of XoopsMySQLDatabase::fetchArray() does only seem to accept mysqli_result , maybe add an additional type check?
(
Ignorable by Annotation
)
If this is a false-positive, you can also ignore this issue in your code via the
Loading history...
|
|||||
146 | $modules[] = (int)$row['module_id']; |
||||
147 | } |
||||
148 | |||||
149 | $cachetimeOptions = ''; |
||||
150 | foreach ($cachetimes as $cachetime => $cachetimeName) { |
||||
151 | if ($i->getVar('bcachetime') == $cachetime) { |
||||
152 | $cachetimeOptions .= "<option value='$cachetime' selected='selected'>$cachetimeName</option>\n"; |
||||
153 | } |
||||
154 | else { |
||||
155 | $cachetimeOptions .= "<option value='$cachetime'>$cachetimeName</option>\n"; |
||||
156 | } |
||||
157 | } |
||||
158 | |||||
159 | $ssel7 = ''; |
||||
160 | $ssel6 = $ssel7; |
||||
161 | $ssel5 = $ssel6; |
||||
162 | $ssel4 = $ssel5; |
||||
163 | $ssel3 = $ssel4; |
||||
164 | $ssel2 = $ssel3; |
||||
165 | $ssel1 = $ssel2; |
||||
166 | $ssel0 = $ssel1; |
||||
167 | $sel1 = $ssel0; |
||||
168 | $sel0 = $sel1; |
||||
169 | if (1 === $i->getVar('visible')) { |
||||
170 | $sel1 = ' checked'; |
||||
171 | } |
||||
172 | else { |
||||
173 | $sel0 = ' checked'; |
||||
174 | } |
||||
175 | if (\XOOPS_SIDEBLOCK_LEFT === $i->getVar('side')) { |
||||
176 | $ssel0 = ' checked'; |
||||
177 | } |
||||
178 | elseif (\XOOPS_SIDEBLOCK_RIGHT === $i->getVar('side')) { |
||||
179 | $ssel1 = ' checked'; |
||||
180 | } |
||||
181 | elseif (\XOOPS_CENTERBLOCK_LEFT === $i->getVar('side')) { |
||||
182 | $ssel2 = ' checked'; |
||||
183 | } |
||||
184 | elseif (\XOOPS_CENTERBLOCK_RIGHT === $i->getVar('side')) { |
||||
185 | $ssel4 = ' checked'; |
||||
186 | } |
||||
187 | elseif (\XOOPS_CENTERBLOCK_CENTER === $i->getVar('side')) { |
||||
188 | $ssel3 = ' checked'; |
||||
189 | } |
||||
190 | elseif (\XOOPS_CENTERBLOCK_BOTTOMLEFT === $i->getVar('side')) { |
||||
191 | $ssel5 = ' checked'; |
||||
192 | } |
||||
193 | elseif (\XOOPS_CENTERBLOCK_BOTTOMRIGHT === $i->getVar('side')) { |
||||
194 | $ssel6 = ' checked'; |
||||
195 | } |
||||
196 | elseif (\XOOPS_CENTERBLOCK_BOTTOM === $i->getVar('side')) { |
||||
197 | $ssel7 = ' checked'; |
||||
198 | } |
||||
199 | if ('' === $i->getVar('title')) { |
||||
200 | $title = ' '; |
||||
201 | } |
||||
202 | else { |
||||
203 | $title = $i->getVar('title'); |
||||
204 | } |
||||
205 | $name = $i->getVar('name'); |
||||
0 ignored issues
–
show
|
|||||
206 | echo "<tr valign='top'><td class='$class' align='center'><input type='text' name='title[" |
||||
207 | . $i->getVar('bid') |
||||
208 | . "]' value='" |
||||
209 | . $title |
||||
210 | . "'></td><td class='$class' align='center' nowrap='nowrap'> |
||||
211 | <div align='center' > |
||||
212 | <input type='radio' name='side[" |
||||
213 | . $i->getVar('bid') |
||||
214 | . "]' value='" |
||||
215 | . \XOOPS_CENTERBLOCK_LEFT |
||||
216 | . "'$ssel2> |
||||
217 | <input type='radio' name='side[" |
||||
218 | . $i->getVar('bid') |
||||
219 | . "]' value='" |
||||
220 | . \XOOPS_CENTERBLOCK_CENTER |
||||
221 | . "'$ssel3> |
||||
222 | <input type='radio' name='side[" |
||||
223 | . $i->getVar('bid') |
||||
224 | . "]' value='" |
||||
225 | . \XOOPS_CENTERBLOCK_RIGHT |
||||
226 | . "'$ssel4> |
||||
227 | </div> |
||||
228 | <div> |
||||
229 | <span style='float:right;'><input type='radio' name='side[" |
||||
230 | . $i->getVar('bid') |
||||
231 | . "]' value='" |
||||
232 | . \XOOPS_SIDEBLOCK_RIGHT |
||||
233 | . "'$ssel1></span> |
||||
234 | <div align='left'><input type='radio' name='side[" |
||||
235 | . $i->getVar('bid') |
||||
236 | . "]' value='" |
||||
237 | . \XOOPS_SIDEBLOCK_LEFT |
||||
238 | . "'$ssel0></div> |
||||
239 | </div> |
||||
240 | <div align='center'> |
||||
241 | <input type='radio' name='side[" |
||||
242 | . $i->getVar('bid') |
||||
243 | . "]' value='" |
||||
244 | . \XOOPS_CENTERBLOCK_BOTTOMLEFT |
||||
245 | . "'$ssel5> |
||||
246 | <input type='radio' name='side[" |
||||
247 | . $i->getVar('bid') |
||||
248 | . "]' value='" |
||||
249 | . \XOOPS_CENTERBLOCK_BOTTOM |
||||
250 | . "'$ssel7> |
||||
251 | <input type='radio' name='side[" |
||||
252 | . $i->getVar('bid') |
||||
253 | . "]' value='" |
||||
254 | . \XOOPS_CENTERBLOCK_BOTTOMRIGHT |
||||
255 | . "'$ssel6> |
||||
256 | </div> |
||||
257 | </td><td class='$class' align='center'><input type='text' name='weight[" |
||||
258 | . $i->getVar('bid') |
||||
259 | . "]' value='" |
||||
260 | . $i->getVar('weight') |
||||
261 | . "' size='5' maxlength='5'></td><td class='$class' align='center' nowrap><input type='radio' name='visible[" |
||||
262 | . $i->getVar('bid') |
||||
263 | . "]' value='1'$sel1>" |
||||
264 | . _YES |
||||
265 | . " <input type='radio' name='visible[" |
||||
266 | . $i->getVar('bid') |
||||
267 | . "]' value='0'$sel0>" |
||||
268 | . _NO |
||||
269 | . '</td>'; |
||||
270 | |||||
271 | echo "<td class='$class' align='center'><select size='5' name='bmodule[" . $i->getVar('bid') . "][]' id='bmodule[" . $i->getVar('bid') . "][]' multiple='multiple'>"; |
||||
272 | foreach ($moduleList as $k => $v) { |
||||
273 | echo "<option value='$k'" . (\in_array($k, $modules) ? " selected='selected'" : '') . ">$v</option>"; |
||||
274 | } |
||||
275 | echo '</select></td>'; |
||||
276 | |||||
277 | echo "<td class='$class' align='center'><select size='5' name='groups[" . $i->getVar('bid') . "][]' id='groups[" . $i->getVar('bid') . "][]' multiple='multiple'>"; |
||||
278 | foreach ($groups as $grp) { |
||||
279 | echo "<option value='" . $grp->getVar('groupid') . "' " . (\in_array($grp->getVar('groupid'), $groupsPermissions) ? " selected='selected'" : '') . '>' . $grp->getVar('name') . '</option>'; |
||||
280 | } |
||||
281 | echo '</select></td>'; |
||||
282 | |||||
283 | // Cache lifetime |
||||
284 | echo '<td class="' . $class . '" align="center"> <select name="bcachetime[' . $i->getVar('bid') . ']" size="1">' . $cachetimeOptions . '</select> |
||||
285 | </td>'; |
||||
286 | |||||
287 | // Actions |
||||
288 | |||||
289 | echo "<td class='$class' align='center'> |
||||
290 | <a href='blocksadmin.php?op=edit&bid=" . $i->getVar('bid') . "'><img src=" . $pathIcon16 . '/edit.png' . " alt='" . _EDIT . "' title='" . _EDIT . "'></a> |
||||
291 | <a href='blocksadmin.php?op=clone&bid=" . $i->getVar('bid') . "'><img src=" . $pathIcon16 . '/editcopy.png' . " alt='" . _CLONE . "' title='" . _CLONE . "'></a>"; |
||||
292 | // if ('S' !== $i->getVar('block_type') && 'M' !== $i->getVar('block_type')) { |
||||
293 | // echo " <a href='" . XOOPS_URL . '/modules/system/admin.php?fct=blocksadmin&op=delete&bid=' . $i->getVar('bid') . "'><img src=" . $pathIcon16 . '/delete.png' . " alt='" . _DELETE . "' title='" . _DELETE . "'> |
||||
294 | // </a>"; |
||||
295 | // } |
||||
296 | |||||
297 | // if ('S' !== $i->getVar('block_type') && 'M' !== $i->getVar('block_type')) { |
||||
298 | if (!\in_array($i->getVar('block_type'), ['M', 'S'])) { |
||||
299 | echo " |
||||
300 | <a href='blocksadmin.php?op=delete&bid=" . $i->getVar('bid') . "'><img src=" . $pathIcon16 . '/delete.png' . " alt='" . _DELETE . "' title='" . _DELETE . "'> |
||||
301 | </a>"; |
||||
302 | } |
||||
303 | echo " |
||||
304 | <input type='hidden' name='oldtitle[" . $i->getVar('bid') . "]' value='" . $i->getVar('title') . "'> |
||||
305 | <input type='hidden' name='oldside[" . $i->getVar('bid') . "]' value='" . $i->getVar('side') . "'> |
||||
306 | <input type='hidden' name='oldweight[" . $i->getVar('bid') . "]' value='" . $i->getVar('weight') . "'> |
||||
307 | <input type='hidden' name='oldvisible[" . $i->getVar('bid') . "]' value='" . $i->getVar('visible') . "'> |
||||
308 | <input type='hidden' name='oldgroups[" . $i->getVar('groups') . "]' value='" . $i->getVar('groups') . "'> |
||||
309 | <input type='hidden' name='oldbcachetime[" . $i->getVar('bid') . "]' value='" . $i->getVar('bcachetime') . "'> |
||||
310 | <input type='hidden' name='bid[" . $i->getVar('bid') . "]' value='" . $i->getVar('bid') . "'> |
||||
311 | </td></tr> |
||||
312 | "; |
||||
313 | $class = ('even' === $class) ? 'odd' : 'even'; |
||||
314 | } |
||||
315 | echo "<tr><td class='foot' align='center' colspan='8'> |
||||
316 | <input type='hidden' name='op' value='order'> |
||||
317 | " . $GLOBALS['xoopsSecurity']->getTokenHTML() . " |
||||
318 | <input type='submit' name='submit' value='" . _SUBMIT . "'> |
||||
319 | </td></tr></table> |
||||
320 | </form> |
||||
321 | <br><br>"; |
||||
322 | } |
||||
323 | |||||
324 | public function deleteBlock(int $bid) |
||||
325 | : void { |
||||
326 | // \xoops_cp_header(); |
||||
327 | |||||
328 | \xoops_loadLanguage('admin', 'system'); |
||||
329 | \xoops_loadLanguage('admin/blocksadmin', 'system'); |
||||
330 | \xoops_loadLanguage('admin/groups', 'system'); |
||||
331 | |||||
332 | $myblock = new \XoopsBlock($bid); |
||||
0 ignored issues
–
show
|
|||||
333 | |||||
334 | $sql = \sprintf('DELETE FROM %s WHERE bid = %u', $this->db->prefix('newblocks'), $bid); |
||||
335 | $this->db->queryF($sql) or \trigger_error($GLOBALS['xoopsDB']->error()); |
||||
336 | |||||
337 | $sql = \sprintf('DELETE FROM %s WHERE block_id = %u', $this->db->prefix('block_module_link'), $bid); |
||||
338 | $this->db->queryF($sql) or \trigger_error($GLOBALS['xoopsDB']->error()); |
||||
339 | |||||
340 | $this->helper->redirect('admin/blocksadmin.php?op=list', 1, _AM_DBUPDATED); |
||||
341 | } |
||||
342 | |||||
343 | public function cloneBlock(int $bid) |
||||
344 | : void { |
||||
345 | //require __DIR__ . '/admin_header.php'; |
||||
346 | // \xoops_cp_header(); |
||||
347 | |||||
348 | \xoops_loadLanguage('admin', 'system'); |
||||
349 | \xoops_loadLanguage('admin/blocksadmin', 'system'); |
||||
350 | \xoops_loadLanguage('admin/groups', 'system'); |
||||
351 | |||||
352 | $myblock = new \XoopsBlock($bid); |
||||
353 | $sql = 'SELECT module_id FROM ' . $this->db->prefix('block_module_link') . ' WHERE block_id=' . $bid; |
||||
354 | $result = $this->db->query($sql); |
||||
355 | $modules = []; |
||||
356 | if ($result instanceof \mysqli_result) { |
||||
357 | while (false !== ($row = $this->db->fetchArray($result))) { |
||||
358 | $modules[] = (int)$row['module_id']; |
||||
359 | } |
||||
360 | } |
||||
361 | $isCustom = \in_array($myblock->getVar('block_type'), ['C', 'E']); |
||||
362 | $block = [ |
||||
363 | 'title' => $myblock->getVar('title') . ' Clone', |
||||
364 | 'form_title' => \constant('CO_' . $this->moduleDirNameUpper . '_' . 'BLOCKS_CLONEBLOCK'), |
||||
365 | 'name' => $myblock->getVar('name'), |
||||
366 | 'side' => $myblock->getVar('side'), |
||||
367 | 'weight' => $myblock->getVar('weight'), |
||||
368 | 'visible' => $myblock->getVar('visible'), |
||||
369 | 'content' => $myblock->getVar('content', 'N'), |
||||
370 | 'modules' => $modules, |
||||
371 | 'is_custom' => $isCustom, |
||||
372 | 'ctype' => $myblock->getVar('c_type'), |
||||
373 | 'bcachetime' => $myblock->getVar('bcachetime'), |
||||
374 | 'op' => 'clone_ok', |
||||
375 | 'bid' => $myblock->getVar('bid'), |
||||
376 | 'edit_form' => $myblock->getOptions(), |
||||
377 | 'template' => $myblock->getVar('template'), |
||||
378 | 'options' => $myblock->getVar('options'), |
||||
379 | ]; |
||||
380 | echo '<a href="blocksadmin.php">' . \constant('CO_' . $this->moduleDirNameUpper . '_' . 'BADMIN') . '</a> <span style="font-weight:bold;">»»</span> ' . \_AM_SYSTEM_BLOCKS_CLONEBLOCK . '<br><br>'; |
||||
381 | // $form = new Blockform(); |
||||
382 | // $form->render(); |
||||
383 | |||||
384 | echo $this->render($block); |
||||
0 ignored issues
–
show
Are you sure the usage of
$this->render($block) targeting XoopsModules\Contact\Common\Blocksadmin::render() seems to always return null.
This check looks for function or method calls that always return null and whose return value is used. class A
{
function getObject()
{
return null;
}
}
$a = new A();
if ($a->getObject()) {
The method The reason is most likely that a function or method is imcomplete or has been reduced for debug purposes.
Loading history...
|
|||||
385 | // xoops_cp_footer(); |
||||
386 | // require_once __DIR__ . '/admin_footer.php'; |
||||
387 | // exit(); |
||||
388 | } |
||||
389 | |||||
390 | public function isBlockCloned(int $bid, string $bside, string $bweight, string $bvisible, string $bcachetime, ?array $bmodule, ?array $options, ?array $groups): void |
||||
391 | { |
||||
392 | \xoops_loadLanguage('admin', 'system'); |
||||
393 | \xoops_loadLanguage('admin/blocksadmin', 'system'); |
||||
394 | \xoops_loadLanguage('admin/groups', 'system'); |
||||
395 | |||||
396 | $block = new \XoopsBlock($bid); |
||||
397 | $clone = $block->xoopsClone(); |
||||
398 | if (empty($bmodule)) { |
||||
399 | // \xoops_cp_header(); |
||||
400 | \xoops_error(\sprintf(_AM_NOTSELNG, _AM_VISIBLEIN)); |
||||
401 | \xoops_cp_footer(); |
||||
402 | exit(); |
||||
0 ignored issues
–
show
|
|||||
403 | } |
||||
404 | $clone->setVar('side', $bside); |
||||
405 | $clone->setVar('weight', $bweight); |
||||
406 | $clone->setVar('visible', $bvisible); |
||||
407 | //$clone->setVar('content', $_POST['bcontent']); |
||||
408 | $clone->setVar('title', Request::getString('btitle', '', 'POST')); |
||||
409 | $clone->setVar('bcachetime', $bcachetime); |
||||
410 | if (\is_array($options) && (\count($options) > 0)) { |
||||
411 | $options = \implode('|', $options); |
||||
412 | $clone->setVar('options', $options); |
||||
413 | } |
||||
414 | $clone->setVar('bid', 0); |
||||
415 | if (\in_array($block->getVar('block_type'), ['C', 'E'])) { |
||||
416 | $clone->setVar('block_type', 'E'); |
||||
417 | } |
||||
418 | else { |
||||
419 | $clone->setVar('block_type', 'D'); |
||||
420 | } |
||||
421 | // $newid = $clone->store(); //see https://github.com/XOOPS/XoopsCore25/issues/1105 |
||||
422 | if ($clone->store()) { |
||||
423 | $newid = $clone->id(); //get the id of the cloned block |
||||
424 | } |
||||
425 | if (!$newid) { |
||||
0 ignored issues
–
show
Comprehensibility
Best Practice
introduced
by
|
|||||
426 | // \xoops_cp_header(); |
||||
427 | $clone->getHtmlErrors(); |
||||
428 | \xoops_cp_footer(); |
||||
429 | exit(); |
||||
0 ignored issues
–
show
|
|||||
430 | } |
||||
431 | if ('' !== $clone->getVar('template')) { |
||||
432 | /** @var \XoopsTplfileHandler $tplfileHandler */ |
||||
433 | $tplfileHandler = \xoops_getHandler('tplfile'); |
||||
434 | $btemplate = $tplfileHandler->find($GLOBALS['xoopsConfig']['template_set'], 'block', (string)$bid); |
||||
435 | if (\count($btemplate) > 0) { |
||||
436 | $tplclone = $btemplate[0]->xoopsClone(); |
||||
437 | $tplclone->setVar('tpl_id', 0); |
||||
438 | $tplclone->setVar('tpl_refid', $newid); |
||||
439 | $tplfileHandler->insert($tplclone); |
||||
440 | } |
||||
441 | } |
||||
442 | |||||
443 | foreach ($bmodule as $bmid) { |
||||
444 | $sql = 'INSERT INTO ' . $this->db->prefix('block_module_link') . ' (block_id, module_id) VALUES (' . $newid . ', ' . $bmid . ')'; |
||||
445 | $this->db->query($sql); |
||||
446 | } |
||||
447 | //$groups = &$GLOBALS['xoopsUser']->getGroups(); |
||||
448 | foreach ($groups as $iValue) { |
||||
449 | $sql = 'INSERT INTO ' . $this->db->prefix('group_permission') . ' (gperm_groupid, gperm_itemid, gperm_modid, gperm_name) VALUES (' . $iValue . ', ' . $newid . ", 1, 'block_read')"; |
||||
450 | $this->db->query($sql); |
||||
451 | } |
||||
452 | $this->helper->redirect('admin/blocksadmin.php?op=list', 1, _AM_DBUPDATED); |
||||
453 | } |
||||
454 | |||||
455 | public function setOrder(string $bid, string $title, string $weight, string $visible, string $side, string $bcachetime, ?array $bmodule = null) |
||||
0 ignored issues
–
show
The parameter
$bmodule is not used and could be removed.
(
Ignorable by Annotation
)
If this is a false-positive, you can also ignore this issue in your code via the
This check looks for parameters that have been defined for a function or method, but which are not used in the method body.
Loading history...
|
|||||
456 | : void { |
||||
457 | $myblock = new \XoopsBlock($bid); |
||||
458 | $myblock->setVar('title', $title); |
||||
459 | $myblock->setVar('weight', $weight); |
||||
460 | $myblock->setVar('visible', $visible); |
||||
461 | $myblock->setVar('side', $side); |
||||
462 | $myblock->setVar('bcachetime', $bcachetime); |
||||
463 | $myblock->store(); |
||||
0 ignored issues
–
show
The function
XoopsBlock::store() has been deprecated.
(
Ignorable by Annotation
)
If this is a false-positive, you can also ignore this issue in your code via the
Loading history...
|
|||||
464 | // /** @var \XoopsBlockHandler $blockHandler */ |
||||
465 | // $blockHandler = \xoops_getHandler('block'); |
||||
466 | // return $blockHandler->insert($myblock); |
||||
467 | } |
||||
468 | |||||
469 | public function editBlock(int $bid) |
||||
470 | : void { |
||||
471 | // require_once \dirname(__DIR__,2) . '/admin/admin_header.php'; |
||||
472 | // \xoops_cp_header(); |
||||
473 | \xoops_loadLanguage('admin', 'system'); |
||||
474 | \xoops_loadLanguage('admin/blocksadmin', 'system'); |
||||
475 | \xoops_loadLanguage('admin/groups', 'system'); |
||||
476 | // mpu_adm_menu(); |
||||
477 | $myblock = new \XoopsBlock($bid); |
||||
478 | $sql = 'SELECT module_id FROM ' . $this->db->prefix('block_module_link') . ' WHERE block_id=' . $bid; |
||||
479 | $result = $this->db->query($sql); |
||||
480 | $modules = []; |
||||
481 | if ($result instanceof \mysqli_result) { |
||||
482 | while (false !== ($row = $this->db->fetchArray($result))) { |
||||
483 | $modules[] = (int)$row['module_id']; |
||||
484 | } |
||||
485 | } |
||||
486 | $isCustom = \in_array($myblock->getVar('block_type'), ['C', 'E']); |
||||
487 | $block = [ |
||||
488 | 'title' => $myblock->getVar('title'), |
||||
489 | 'form_title' => \_AM_SYSTEM_BLOCKS_EDITBLOCK, |
||||
490 | // 'name' => $myblock->getVar('name'), |
||||
491 | 'side' => $myblock->getVar('side'), |
||||
492 | 'weight' => $myblock->getVar('weight'), |
||||
493 | 'visible' => $myblock->getVar('visible'), |
||||
494 | 'content' => $myblock->getVar('content', 'N'), |
||||
495 | 'modules' => $modules, |
||||
496 | 'is_custom' => $isCustom, |
||||
497 | 'ctype' => $myblock->getVar('c_type'), |
||||
498 | 'bcachetime' => $myblock->getVar('bcachetime'), |
||||
499 | 'op' => 'edit_ok', |
||||
500 | 'bid' => $myblock->getVar('bid'), |
||||
501 | 'edit_form' => $myblock->getOptions(), |
||||
502 | 'template' => $myblock->getVar('template'), |
||||
503 | 'options' => $myblock->getVar('options'), |
||||
504 | ]; |
||||
505 | echo '<a href="blocksadmin.php">' . \constant('CO_' . $this->moduleDirNameUpper . '_' . 'BADMIN') . '</a> <span style="font-weight:bold;">»»</span> ' . \_AM_SYSTEM_BLOCKS_EDITBLOCK . '<br><br>'; |
||||
506 | |||||
507 | echo $this->render($block); |
||||
0 ignored issues
–
show
Are you sure the usage of
$this->render($block) targeting XoopsModules\Contact\Common\Blocksadmin::render() seems to always return null.
This check looks for function or method calls that always return null and whose return value is used. class A
{
function getObject()
{
return null;
}
}
$a = new A();
if ($a->getObject()) {
The method The reason is most likely that a function or method is imcomplete or has been reduced for debug purposes.
Loading history...
|
|||||
508 | } |
||||
509 | |||||
510 | public function updateBlock(int $bid, string $btitle, string $bside, string $bweight, string $bvisible, string $bcachetime, ?array $bmodule, ?array $options, ?array $groups) |
||||
511 | : void { |
||||
512 | $myblock = new \XoopsBlock($bid); |
||||
513 | $myblock->setVar('title', $btitle); |
||||
514 | $myblock->setVar('weight', $bweight); |
||||
515 | $myblock->setVar('visible', $bvisible); |
||||
516 | $myblock->setVar('side', $bside); |
||||
517 | $myblock->setVar('bcachetime', $bcachetime); |
||||
518 | //update block options |
||||
519 | if (isset($options)) { |
||||
520 | $optionsCount = \count($options); |
||||
521 | if ($optionsCount > 0) { |
||||
522 | //Convert array values to comma-separated |
||||
523 | foreach ($options as $i => $iValue) { |
||||
524 | if (\is_array($iValue)) { |
||||
525 | $options[$i] = \implode(',', $iValue); |
||||
526 | } |
||||
527 | } |
||||
528 | $options = \implode('|', $options); |
||||
529 | $myblock->setVar('options', $options); |
||||
530 | } |
||||
531 | } |
||||
532 | $myblock->store(); |
||||
0 ignored issues
–
show
The function
XoopsBlock::store() has been deprecated.
(
Ignorable by Annotation
)
If this is a false-positive, you can also ignore this issue in your code via the
Loading history...
|
|||||
533 | // /** @var \XoopsBlockHandler $blockHandler */ |
||||
534 | // $blockHandler = \xoops_getHandler('block'); |
||||
535 | // $blockHandler->insert($myblock); |
||||
536 | |||||
537 | if (!empty($bmodule) && \count($bmodule) > 0) { |
||||
538 | $sql = \sprintf('DELETE FROM `%s` WHERE block_id = %u', $this->db->prefix('block_module_link'), $bid); |
||||
539 | $this->db->query($sql); |
||||
540 | if (\in_array(0, $bmodule)) { |
||||
541 | $sql = \sprintf('INSERT INTO `%s` (block_id, module_id) VALUES (%u, %d)', $this->db->prefix('block_module_link'), $bid, 0); |
||||
542 | $this->db->query($sql); |
||||
543 | } |
||||
544 | else { |
||||
545 | foreach ($bmodule as $bmid) { |
||||
546 | $sql = \sprintf('INSERT INTO `%s` (block_id, module_id) VALUES (%u, %d)', $this->db->prefix('block_module_link'), $bid, (int)$bmid); |
||||
547 | $this->db->query($sql); |
||||
548 | } |
||||
549 | } |
||||
550 | } |
||||
551 | $sql = \sprintf('DELETE FROM `%s` WHERE gperm_itemid = %u', $this->db->prefix('group_permission'), $bid); |
||||
552 | $this->db->query($sql); |
||||
553 | if (!empty($groups)) { |
||||
554 | foreach ($groups as $grp) { |
||||
555 | $sql = \sprintf("INSERT INTO `%s` (gperm_groupid, gperm_itemid, gperm_modid, gperm_name) VALUES (%u, %u, 1, 'block_read')", $this->db->prefix('group_permission'), $grp, $bid); |
||||
556 | $this->db->query($sql); |
||||
557 | } |
||||
558 | } |
||||
559 | $this->helper->redirect('admin/blocksadmin.php', 1, \constant('CO_' . $this->moduleDirNameUpper . '_' . 'UPDATE_SUCCESS')); |
||||
560 | } |
||||
561 | |||||
562 | public function orderBlock( |
||||
563 | array $bid, |
||||
564 | array $oldtitle, |
||||
565 | array $oldside, |
||||
566 | array $oldweight, |
||||
567 | array $oldvisible, |
||||
568 | array $oldgroups, |
||||
0 ignored issues
–
show
The parameter
$oldgroups is not used and could be removed.
(
Ignorable by Annotation
)
If this is a false-positive, you can also ignore this issue in your code via the
This check looks for parameters that have been defined for a function or method, but which are not used in the method body.
Loading history...
|
|||||
569 | array $oldbcachetime, |
||||
570 | array $oldbmodule, |
||||
571 | array $title, |
||||
572 | array $weight, |
||||
573 | array $visible, |
||||
574 | array $side, |
||||
575 | array $bcachetime, |
||||
576 | array $groups, |
||||
577 | array $bmodule |
||||
578 | ) |
||||
579 | : void { |
||||
580 | if (!$GLOBALS['xoopsSecurity']->check()) { |
||||
581 | \redirect_header($_SERVER['SCRIPT_NAME'], 3, \implode('<br>', $GLOBALS['xoopsSecurity']->getErrors())); |
||||
582 | } |
||||
583 | foreach (\array_keys($bid) as $i) { |
||||
584 | if ($oldtitle[$i] !== $title[$i] |
||||
585 | || $oldweight[$i] !== $weight[$i] |
||||
586 | || $oldvisible[$i] !== $visible[$i] |
||||
587 | || $oldside[$i] !== $side[$i] |
||||
588 | || $oldbcachetime[$i] !== $bcachetime[$i] |
||||
589 | || $oldbmodule[$i] !== $bmodule[$i]) { |
||||
590 | $this->setOrder($bid[$i], $title[$i], $weight[$i], $visible[$i], $side[$i], $bcachetime[$i], $bmodule[$i]); |
||||
591 | } |
||||
592 | if (!empty($bmodule[$i]) && \count($bmodule[$i]) > 0) { |
||||
593 | $sql = \sprintf('DELETE FROM `%s` WHERE block_id = %u', $this->db->prefix('block_module_link'), $bid[$i]); |
||||
594 | $this->db->query($sql); |
||||
595 | if (\in_array(0, $bmodule[$i], true)) { |
||||
596 | $sql = \sprintf('INSERT INTO `%s` (block_id, module_id) VALUES (%u, %d)', $this->db->prefix('block_module_link'), $bid[$i], 0); |
||||
597 | $this->db->query($sql); |
||||
598 | } |
||||
599 | else { |
||||
600 | foreach ($bmodule[$i] as $bmid) { |
||||
601 | $sql = \sprintf('INSERT INTO `%s` (block_id, module_id) VALUES (%u, %d)', $this->db->prefix('block_module_link'), $bid[$i], (int)$bmid); |
||||
602 | $this->db->query($sql); |
||||
603 | } |
||||
604 | } |
||||
605 | } |
||||
606 | $sql = \sprintf('DELETE FROM `%s` WHERE gperm_itemid = %u', $this->db->prefix('group_permission'), $bid[$i]); |
||||
607 | $this->db->query($sql); |
||||
608 | if (!empty($groups[$i])) { |
||||
609 | foreach ($groups[$i] as $grp) { |
||||
610 | $sql = \sprintf("INSERT INTO `%s` (gperm_groupid, gperm_itemid, gperm_modid, gperm_name) VALUES (%u, %u, 1, 'block_read')", $this->db->prefix('group_permission'), $grp, $bid[$i]); |
||||
611 | $this->db->query($sql); |
||||
612 | } |
||||
613 | } |
||||
614 | } |
||||
615 | |||||
616 | $this->helper->redirect('admin/blocksadmin.php', 1, \constant('CO_' . $this->moduleDirNameUpper . '_' . 'UPDATE_SUCCESS')); |
||||
617 | } |
||||
618 | |||||
619 | public function render(?array $block = null) |
||||
620 | { |
||||
621 | \xoops_load('XoopsFormLoader'); |
||||
622 | \xoops_loadLanguage('common', $this->moduleDirNameUpper); |
||||
623 | |||||
624 | $form = new \XoopsThemeForm($block['form_title'], 'blockform', 'blocksadmin.php', 'post', true); |
||||
625 | if (isset($block['name'])) { |
||||
626 | $form->addElement(new \XoopsFormLabel(\_AM_SYSTEM_BLOCKS_NAME, $block['name'])); |
||||
627 | } |
||||
628 | $sideSelect = new \XoopsFormSelect(\_AM_SYSTEM_BLOCKS_TYPE, 'bside', $block['side']); |
||||
629 | $sideSelect->addOptionArray([ |
||||
630 | 0 => \_AM_SYSTEM_BLOCKS_SBLEFT, |
||||
631 | 1 => \_AM_SYSTEM_BLOCKS_SBRIGHT, |
||||
632 | 3 => \_AM_SYSTEM_BLOCKS_CBLEFT, |
||||
633 | 4 => \_AM_SYSTEM_BLOCKS_CBRIGHT, |
||||
634 | 5 => \_AM_SYSTEM_BLOCKS_CBCENTER, |
||||
635 | 7 => \_AM_SYSTEM_BLOCKS_CBBOTTOMLEFT, |
||||
636 | 8 => \_AM_SYSTEM_BLOCKS_CBBOTTOMRIGHT, |
||||
637 | 9 => \_AM_SYSTEM_BLOCKS_CBBOTTOM, |
||||
638 | ]); |
||||
639 | $form->addElement($sideSelect); |
||||
640 | $form->addElement(new \XoopsFormText(\constant('CO_' . $this->moduleDirNameUpper . '_' . 'WEIGHT'), 'bweight', 2, 5, $block['weight'])); |
||||
641 | $form->addElement(new \XoopsFormRadioYN(\constant('CO_' . $this->moduleDirNameUpper . '_' . 'VISIBLE'), 'bvisible', $block['visible'])); |
||||
642 | $modSelect = new \XoopsFormSelect(\constant('CO_' . $this->moduleDirNameUpper . '_' . 'VISIBLEIN'), 'bmodule', $block['modules'], 5, true); |
||||
643 | /** @var \XoopsModuleHandler $moduleHandler */ |
||||
644 | $moduleHandler = \xoops_getHandler('module'); |
||||
645 | $criteria = new \CriteriaCompo(new \Criteria('hasmain', '1')); |
||||
646 | $criteria->add(new \Criteria('isactive', '1')); |
||||
647 | $moduleList = $moduleHandler->getList($criteria); |
||||
648 | $moduleList[-1] = \_AM_SYSTEM_BLOCKS_TOPPAGE; |
||||
649 | $moduleList[0] = \_AM_SYSTEM_BLOCKS_ALLPAGES; |
||||
650 | \ksort($moduleList); |
||||
651 | $modSelect->addOptionArray($moduleList); |
||||
652 | $form->addElement($modSelect); |
||||
653 | $form->addElement(new \XoopsFormText(\_AM_SYSTEM_BLOCKS_TITLE, 'btitle', 50, 255, $block['title']), false); |
||||
654 | if ($block['is_custom']) { |
||||
655 | $textarea = new \XoopsFormDhtmlTextArea(\_AM_SYSTEM_BLOCKS_CONTENT, 'bcontent', $block['content'], 15, 70); |
||||
656 | $textarea->setDescription('<span style="font-size:x-small;font-weight:bold;">' . \_AM_SYSTEM_BLOCKS_USEFULTAGS . '</span><br><span style="font-size:x-small;font-weight:normal;">' . \sprintf(_AM_BLOCKTAG1, '{X_SITEURL}', XOOPS_URL . '/') . '</span>'); |
||||
657 | $form->addElement($textarea, true); |
||||
658 | $ctypeSelect = new \XoopsFormSelect(\_AM_SYSTEM_BLOCKS_CTYPE, 'bctype', $block['ctype']); |
||||
659 | $ctypeSelect->addOptionArray([ |
||||
660 | 'H' => \_AM_SYSTEM_BLOCKS_HTML, |
||||
661 | 'P' => \_AM_SYSTEM_BLOCKS_PHP, |
||||
662 | 'S' => \_AM_SYSTEM_BLOCKS_AFWSMILE, |
||||
663 | 'T' => \_AM_SYSTEM_BLOCKS_AFNOSMILE, |
||||
664 | ]); |
||||
665 | $form->addElement($ctypeSelect); |
||||
666 | } |
||||
667 | else { |
||||
668 | if ('' !== $block['template']) { |
||||
669 | /** @var \XoopsTplfileHandler $tplfileHandler */ |
||||
670 | $tplfileHandler = \xoops_getHandler('tplfile'); |
||||
671 | $btemplate = $tplfileHandler->find($GLOBALS['xoopsConfig']['template_set'], 'block', $block['bid']); |
||||
672 | if (\count($btemplate) > 0) { |
||||
673 | $form->addElement(new \XoopsFormLabel(\_AM_SYSTEM_BLOCKS_CONTENT, '<a href="' . XOOPS_URL . '/modules/system/admin.php?fct=tplsets&op=edittpl&id=' . $btemplate[0]->getVar('tpl_id') . '">' . \_AM_SYSTEM_BLOCKS_EDITTPL . '</a>')); |
||||
674 | } |
||||
675 | else { |
||||
676 | $btemplate2 = $tplfileHandler->find('default', 'block', $block['bid']); |
||||
677 | if (\count($btemplate2) > 0) { |
||||
678 | $form->addElement(new \XoopsFormLabel(\_AM_SYSTEM_BLOCKS_CONTENT, '<a href="' . XOOPS_URL . '/modules/system/admin.php?fct=tplsets&op=edittpl&id=' . $btemplate2[0]->getVar('tpl_id') . '" target="_blank">' . \_AM_SYSTEM_BLOCKS_EDITTPL . '</a>')); |
||||
679 | } |
||||
680 | } |
||||
681 | } |
||||
682 | if (false !== $block['edit_form']) { |
||||
683 | $form->addElement(new \XoopsFormLabel(\_AM_SYSTEM_BLOCKS_OPTIONS, $block['edit_form'])); |
||||
684 | } |
||||
685 | } |
||||
686 | $cache_select = new \XoopsFormSelect(\_AM_SYSTEM_BLOCKS_BCACHETIME, 'bcachetime', $block['bcachetime']); |
||||
687 | $cache_select->addOptionArray([ |
||||
688 | 0 => _NOCACHE, |
||||
689 | 30 => \sprintf(_SECONDS, 30), |
||||
690 | 60 => _MINUTE, |
||||
691 | 300 => \sprintf(_MINUTES, 5), |
||||
692 | 1800 => \sprintf(_MINUTES, 30), |
||||
693 | 3600 => _HOUR, |
||||
694 | 18000 => \sprintf(_HOURS, 5), |
||||
695 | 86400 => _DAY, |
||||
696 | 259200 => \sprintf(_DAYS, 3), |
||||
697 | 604800 => _WEEK, |
||||
698 | 2592000 => _MONTH, |
||||
699 | ]); |
||||
700 | $form->addElement($cache_select); |
||||
701 | |||||
702 | /** @var \XoopsGroupPermHandler $grouppermHandler */ |
||||
703 | $grouppermHandler = \xoops_getHandler('groupperm'); |
||||
704 | $groups = $grouppermHandler->getGroupIds('block_read', $block['bid']); |
||||
705 | |||||
706 | $form->addElement(new \XoopsFormSelectGroup(\_AM_SYSTEM_BLOCKS_GROUP, 'groups', true, $groups, 5, true)); |
||||
707 | |||||
708 | if (isset($block['bid'])) { |
||||
709 | $form->addElement(new \XoopsFormHidden('bid', $block['bid'])); |
||||
710 | } |
||||
711 | $form->addElement(new \XoopsFormHidden('op', $block['op'])); |
||||
712 | $form->addElement(new \XoopsFormHidden('fct', 'blocksadmin')); |
||||
713 | $buttonTray = new \XoopsFormElementTray('', ' '); |
||||
714 | if ($block['is_custom']) { |
||||
715 | $buttonTray->addElement(new \XoopsFormButton('', 'previewblock', _PREVIEW, 'submit')); |
||||
716 | } |
||||
717 | |||||
718 | //Submit buttons |
||||
719 | $buttonTray = new \XoopsFormElementTray('', ''); |
||||
720 | $submitButton = new \XoopsFormButton('', 'submitblock', _SUBMIT, 'submit'); |
||||
721 | $buttonTray->addElement($submitButton); |
||||
722 | |||||
723 | $cancelButton = new \XoopsFormButton('', '', _CANCEL, 'button'); |
||||
724 | $cancelButton->setExtra('onclick="history.go(-1)"'); |
||||
725 | $buttonTray->addElement($cancelButton); |
||||
726 | |||||
727 | $form->addElement($buttonTray); |
||||
728 | $form->display(); |
||||
729 | } |
||||
730 | } |
||||
731 |
Our type inference engine has found an assignment to a property that is incompatible with the declared type of that property.
Either this assignment is in error or the assigned type should be added to the documentation/type hint for that property..