This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
1 | <?php |
||
2 | /** |
||
3 | * You may not change or alter any portion of this comment or credits |
||
4 | * of supporting developers from this source code or any supporting source code |
||
5 | * which is considered copyrighted (c) material of the original comment or credit authors. |
||
6 | * |
||
7 | * |
||
8 | * @category Module |
||
9 | * @author XOOPS Development Team |
||
10 | * @copyright XOOPS Project |
||
11 | * @link https://xoops.org |
||
12 | * @license GNU GPL 2 or later (https://www.gnu.org/licenses/gpl-2.0.html) |
||
13 | */ |
||
14 | |||
15 | use Xmf\Request; |
||
16 | |||
17 | require __DIR__ . '/admin_header.php'; |
||
18 | |||
19 | $moduleDirName = \basename(\dirname(__DIR__)); |
||
20 | $moduleDirNameUpper = \mb_strtoupper($moduleDirName); |
||
21 | |||
22 | $helper->loadLanguage('blocksadmin'); |
||
23 | |||
24 | if (!is_object($GLOBALS['xoopsUser']) || !is_object($xoopsModule) |
||
25 | || !$GLOBALS['xoopsUser']->isAdmin($xoopsModule->mid())) { |
||
26 | exit(constant('CO_' . $moduleDirNameUpper . '_' . 'ERROR403')); |
||
27 | } |
||
28 | if ($GLOBALS['xoopsUser']->isAdmin($xoopsModule->mid())) { |
||
29 | require_once XOOPS_ROOT_PATH . '/class/xoopsblock.php'; |
||
30 | $op = 'list'; |
||
31 | if (isset($_POST)) { |
||
32 | foreach ($_POST as $k => $v) { |
||
33 | ${$k} = $v; |
||
34 | } |
||
35 | } |
||
36 | /* |
||
37 | if (Request::hasVar('op')) { |
||
38 | if ($_GET['op'] === "edit" || $_GET['op'] === "delete" || $_GET['op'] === "delete_ok" || $_GET['op'] === "clone" |
||
39 | || $_GET['op'] === "edit" |
||
40 | ) { |
||
41 | $op = $_GET['op']; |
||
42 | $bid = Request::getInt('bid',0 ,'GET'); //isset($_GET['bid']) ? (int) $_GET['bid'] : 0; |
||
43 | } |
||
44 | } |
||
45 | */ |
||
46 | |||
47 | $op = Request::getString('op', $op); |
||
48 | if (in_array($op, ['edit', 'delete', 'delete_ok', 'clone'])) { |
||
49 | $bid = Request::getInt('bid', 0, 'GET'); |
||
50 | } |
||
51 | |||
52 | function listBlocks() |
||
53 | { |
||
54 | global $xoopsModule, $pathIcon16; |
||
55 | require_once XOOPS_ROOT_PATH . '/class/xoopslists.php'; |
||
56 | $moduleDirName = \basename(\dirname(__DIR__)); |
||
57 | $moduleDirNameUpper = \mb_strtoupper($moduleDirName); |
||
58 | $db = \XoopsDatabaseFactory::getDatabaseConnection(); |
||
59 | xoops_loadLanguage('admin', 'system'); |
||
60 | xoops_loadLanguage('admin/blocksadmin', 'system'); |
||
61 | xoops_loadLanguage('admin/groups', 'system'); |
||
62 | |||
63 | /** @var \XoopsModuleHandler $moduleHandler */ |
||
64 | $moduleHandler = xoops_getHandler('module'); |
||
65 | /** @var \XoopsMemberHandler $memberHandler */ |
||
66 | $memberHandler = xoops_getHandler('member'); |
||
67 | /** @var \XoopsGroupPermHandler $grouppermHandler */ |
||
68 | $grouppermHandler = xoops_getHandler('groupperm'); |
||
69 | $groups = $memberHandler->getGroups(); |
||
70 | $criteria = new \CriteriaCompo(new \Criteria('hasmain', 1)); |
||
71 | $criteria->add(new \Criteria('isactive', 1)); |
||
72 | $module_list = $moduleHandler->getList($criteria); |
||
73 | $module_list[-1] = _AM_SYSTEM_BLOCKS_TOPPAGE; |
||
74 | $module_list[0] = _AM_SYSTEM_BLOCKS_ALLPAGES; |
||
75 | ksort($module_list); |
||
76 | echo " |
||
77 | <h4 style='text-align:left;'>" . constant('CO_' . $moduleDirNameUpper . '_' . 'BADMIN') . '</h4>'; |
||
78 | /** @var \XoopsModuleHandler $moduleHandler */ |
||
79 | $moduleHandler = xoops_getHandler('module'); |
||
80 | echo "<form action='" . $_SERVER['SCRIPT_NAME'] . "' name='blockadmin' method='post'>"; |
||
81 | echo $GLOBALS['xoopsSecurity']->getTokenHTML(); |
||
82 | echo "<table width='100%' class='outer' cellpadding='4' cellspacing='1'> |
||
83 | <tr valign='middle'><th align='center'>" |
||
84 | . _AM_SYSTEM_BLOCKS_TITLE |
||
85 | . "</th><th align='center' nowrap='nowrap'>" |
||
86 | . constant('CO_' . $moduleDirNameUpper . '_' . 'SIDE') |
||
87 | . '<br>' |
||
88 | . _LEFT |
||
89 | . '-' |
||
90 | . _CENTER |
||
91 | . '-' |
||
92 | . _RIGHT |
||
93 | . "</th><th align='center'>" |
||
94 | . constant( |
||
95 | 'CO_' . $moduleDirNameUpper . '_' . 'WEIGHT' |
||
96 | ) |
||
97 | . "</th><th align='center'>" |
||
98 | . constant('CO_' . $moduleDirNameUpper . '_' . 'VISIBLE') |
||
99 | . "</th><th align='center'>" |
||
100 | . _AM_SYSTEM_BLOCKS_VISIBLEIN |
||
101 | . "</th><th align='center'>" |
||
102 | . _AM_SYSTEM_ADGS |
||
103 | . "</th><th align='center'>" |
||
104 | . _AM_SYSTEM_BLOCKS_BCACHETIME |
||
105 | . "</th><th align='center'>" |
||
106 | . constant('CO_' . $moduleDirNameUpper . '_' . 'ACTION') |
||
107 | . '</th></tr> |
||
108 | '; |
||
109 | $block_arr = \XoopsBlock::getByModule($xoopsModule->mid()); |
||
0 ignored issues
–
show
|
|||
110 | $block_count = count($block_arr); |
||
111 | $class = 'even'; |
||
112 | $cachetimes = [ |
||
113 | 0 => _NOCACHE, |
||
114 | 30 => sprintf(_SECONDS, 30), |
||
115 | 60 => _MINUTE, |
||
116 | 300 => sprintf(_MINUTES, 5), |
||
117 | 1800 => sprintf(_MINUTES, 30), |
||
118 | 3600 => _HOUR, |
||
119 | 18000 => sprintf(_HOURS, 5), |
||
120 | 86400 => _DAY, |
||
121 | 259200 => sprintf(_DAYS, 3), |
||
122 | 604800 => _WEEK, |
||
123 | 2592000 => _MONTH, |
||
124 | ]; |
||
125 | foreach ($block_arr as $i) { |
||
126 | $groups_perms = $grouppermHandler->getGroupIds('block_read', $i->getVar('bid')); |
||
127 | $sql = 'SELECT module_id FROM ' . $db->prefix('block_module_link') . ' WHERE block_id=' . $i->getVar('bid'); |
||
128 | $result = $db->query($sql); |
||
129 | $modules = []; |
||
130 | while (false !== ($row = $db->fetchArray($result))) { |
||
131 | $modules[] = (int)$row['module_id']; |
||
132 | } |
||
133 | |||
134 | $cachetime_options = ''; |
||
135 | foreach ($cachetimes as $cachetime => $cachetime_name) { |
||
136 | if ($i->getVar('bcachetime') == $cachetime) { |
||
137 | $cachetime_options .= "<option value='$cachetime' selected='selected'>$cachetime_name</option>\n"; |
||
138 | } else { |
||
139 | $cachetime_options .= "<option value='$cachetime'>$cachetime_name</option>\n"; |
||
140 | } |
||
141 | } |
||
142 | |||
143 | $sel0 = $sel1 = $ssel0 = $ssel1 = $ssel2 = $ssel3 = $ssel4 = $ssel5 = $ssel6 = $ssel7 = ''; |
||
144 | if (1 === $i->getVar('visible')) { |
||
145 | $sel1 = ' checked'; |
||
146 | } else { |
||
147 | $sel0 = ' checked'; |
||
148 | } |
||
149 | if (XOOPS_SIDEBLOCK_LEFT === $i->getVar('side')) { |
||
150 | $ssel0 = ' checked'; |
||
151 | } elseif (XOOPS_SIDEBLOCK_RIGHT === $i->getVar('side')) { |
||
152 | $ssel1 = ' checked'; |
||
153 | } elseif (XOOPS_CENTERBLOCK_LEFT === $i->getVar('side')) { |
||
154 | $ssel2 = ' checked'; |
||
155 | } elseif (XOOPS_CENTERBLOCK_RIGHT === $i->getVar('side')) { |
||
156 | $ssel4 = ' checked'; |
||
157 | } elseif (XOOPS_CENTERBLOCK_CENTER === $i->getVar('side')) { |
||
158 | $ssel3 = ' checked'; |
||
159 | } elseif (XOOPS_CENTERBLOCK_BOTTOMLEFT === $i->getVar('side')) { |
||
160 | $ssel5 = ' checked'; |
||
161 | } elseif (XOOPS_CENTERBLOCK_BOTTOMRIGHT === $i->getVar('side')) { |
||
162 | $ssel6 = ' checked'; |
||
163 | } elseif (XOOPS_CENTERBLOCK_BOTTOM === $i->getVar('side')) { |
||
164 | $ssel7 = ' checked'; |
||
165 | } |
||
166 | if ('' === $i->getVar('title')) { |
||
167 | $title = ' '; |
||
168 | } else { |
||
169 | $title = $i->getVar('title'); |
||
170 | } |
||
171 | $name = $i->getVar('name'); |
||
172 | echo "<tr valign='top'><td class='$class' align='center'><input type='text' name='title[" |
||
173 | . $i->getVar('bid') |
||
174 | . "]' value='" |
||
175 | . $title |
||
176 | . "'></td><td class='$class' align='center' nowrap='nowrap'> |
||
177 | <div align='center' > |
||
178 | <input type='radio' name='side[" |
||
179 | . $i->getVar('bid') |
||
180 | . "]' value='" |
||
181 | . XOOPS_CENTERBLOCK_LEFT |
||
182 | . "'$ssel2> |
||
183 | <input type='radio' name='side[" |
||
184 | . $i->getVar('bid') |
||
185 | . "]' value='" |
||
186 | . XOOPS_CENTERBLOCK_CENTER |
||
187 | . "'$ssel3> |
||
188 | <input type='radio' name='side[" |
||
189 | . $i->getVar('bid') |
||
190 | . "]' value='" |
||
191 | . XOOPS_CENTERBLOCK_RIGHT |
||
192 | . "'$ssel4> |
||
193 | </div> |
||
194 | <div> |
||
195 | <span style='float:right;'><input type='radio' name='side[" |
||
196 | . $i->getVar('bid') |
||
197 | . "]' value='" |
||
198 | . XOOPS_SIDEBLOCK_RIGHT |
||
199 | . "'$ssel1></span> |
||
200 | <div align='left'><input type='radio' name='side[" |
||
201 | . $i->getVar('bid') |
||
202 | . "]' value='" |
||
203 | . XOOPS_SIDEBLOCK_LEFT |
||
204 | . "'$ssel0></div> |
||
205 | </div> |
||
206 | <div align='center'> |
||
207 | <input type='radio' name='side[" |
||
208 | . $i->getVar('bid') |
||
209 | . "]' value='" |
||
210 | . XOOPS_CENTERBLOCK_BOTTOMLEFT |
||
211 | . "'$ssel5> |
||
212 | <input type='radio' name='side[" |
||
213 | . $i->getVar('bid') |
||
214 | . "]' value='" |
||
215 | . XOOPS_CENTERBLOCK_BOTTOM |
||
216 | . "'$ssel7> |
||
217 | <input type='radio' name='side[" |
||
218 | . $i->getVar('bid') |
||
219 | . "]' value='" |
||
220 | . XOOPS_CENTERBLOCK_BOTTOMRIGHT |
||
221 | . "'$ssel6> |
||
222 | </div> |
||
223 | </td><td class='$class' align='center'><input type='text' name='weight[" |
||
224 | . $i->getVar('bid') |
||
225 | . "]' value='" |
||
226 | . $i->getVar('weight') |
||
227 | . "' size='5' maxlength='5'></td><td class='$class' align='center' nowrap><input type='radio' name='visible[" |
||
228 | . $i->getVar('bid') |
||
229 | . "]' value='1'$sel1>" |
||
230 | . _YES |
||
231 | . " <input type='radio' name='visible[" |
||
232 | . $i->getVar('bid') |
||
233 | . "]' value='0'$sel0>" |
||
234 | . _NO |
||
235 | . '</td>'; |
||
236 | |||
237 | echo "<td class='$class' align='center'><select size='5' name='bmodule[" . $i->getVar('bid') . "][]' id='bmodule[" . $i->getVar('bid') . "][]' multiple='multiple'>"; |
||
238 | foreach ($module_list as $k => $v) { |
||
239 | echo "<option value='$k'" . (in_array($k, $modules) ? " selected='selected'" : '') . ">$v</option>"; |
||
240 | } |
||
241 | echo '</select></td>'; |
||
242 | |||
243 | echo "<td class='$class' align='center'><select size='5' name='groups[" . $i->getVar('bid') . "][]' id='groups[" . $i->getVar('bid') . "][]' multiple='multiple'>"; |
||
244 | foreach ($groups as $grp) { |
||
245 | echo "<option value='" . $grp->getVar('groupid') . "' " . (in_array($grp->getVar('groupid'), $groups_perms) ? " selected='selected'" : '') . '>' . $grp->getVar('name') . '</option>'; |
||
246 | } |
||
247 | echo '</select></td>'; |
||
248 | |||
249 | // Cache lifetime |
||
250 | echo '<td class="' . $class . '" align="center"> <select name="bcachetime[' . $i->getVar('bid') . ']" size="1">' . $cachetime_options . '</select> |
||
251 | </td>'; |
||
252 | |||
253 | // Actions |
||
254 | |||
255 | echo "<td class='$class' align='center'><a href='blocksadmin.php?op=edit&bid=" . $i->getVar('bid') . "'><img src=" . $pathIcon16 . '/edit.png' . " alt='" . _EDIT . "' title='" . _EDIT . "'> |
||
256 | </a> <a href='blocksadmin.php?op=clone&bid=" . $i->getVar('bid') . "'><img src=" . $pathIcon16 . '/editcopy.png' . " alt='" . _CLONE . "' title='" . _CLONE . "'> |
||
257 | </a>"; |
||
258 | if ('S' !== $i->getVar('block_type') && 'M' !== $i->getVar('block_type')) { |
||
259 | echo " <a href='" . XOOPS_URL . '/modules/system/admin.php?fct=blocksadmin&op=delete&bid=' . $i->getVar('bid') . "'><img src=" . $pathIcon16 . '/delete.png' . " alt='" . _DELETE . "' title='" . _DELETE . "'> |
||
260 | </a>"; |
||
261 | } |
||
262 | echo " |
||
263 | <input type='hidden' name='oldtitle[" . $i->getVar('bid') . "]' value='" . $i->getVar('title') . "'> |
||
264 | <input type='hidden' name='oldside[" . $i->getVar('bid') . "]' value='" . $i->getVar('side') . "'> |
||
265 | <input type='hidden' name='oldweight[" . $i->getVar('bid') . "]' value='" . $i->getVar('weight') . "'> |
||
266 | <input type='hidden' name='oldvisible[" . $i->getVar('bid') . "]' value='" . $i->getVar('visible') . "'> |
||
267 | <input type='hidden' name='oldgroups[" . $i->getVar('groups') . "]' value='" . $i->getVar('groups') . "'> |
||
268 | <input type='hidden' name='oldbcachetime[" . $i->getVar('bid') . "]' value='" . $i->getVar('bcachetime') . "'> |
||
269 | <input type='hidden' name='bid[" . $i->getVar('bid') . "]' value='" . $i->getVar('bid') . "'> |
||
270 | </td></tr> |
||
271 | "; |
||
272 | $class = ('even' === $class) ? 'odd' : 'even'; |
||
273 | } |
||
274 | echo "<tr><td class='foot' align='center' colspan='8'> |
||
275 | <input type='hidden' name='op' value='order'> |
||
276 | " . $GLOBALS['xoopsSecurity']->getTokenHTML() . " |
||
277 | <input type='submit' name='submit' value='" . _SUBMIT . "'> |
||
278 | </td></tr></table> |
||
279 | </form> |
||
280 | <br><br>"; |
||
281 | } |
||
282 | |||
283 | /** |
||
284 | * @param int $bid |
||
285 | */ |
||
286 | function cloneBlock($bid) |
||
287 | { |
||
288 | xoops_cp_header(); |
||
289 | $moduleDirName = \basename(\dirname(__DIR__)); |
||
290 | $moduleDirNameUpper = \mb_strtoupper($moduleDirName); |
||
291 | xoops_loadLanguage('admin', 'system'); |
||
292 | xoops_loadLanguage('admin/blocksadmin', 'system'); |
||
293 | xoops_loadLanguage('admin/groups', 'system'); |
||
294 | |||
295 | $myblock = new \XoopsBlock($bid); |
||
296 | $db = \XoopsDatabaseFactory::getDatabaseConnection(); |
||
297 | $sql = 'SELECT module_id FROM ' . $db->prefix('block_module_link') . ' WHERE block_id=' . (int)$bid; |
||
298 | $result = $db->query($sql); |
||
299 | $modules = []; |
||
300 | while (false !== ($row = $db->fetchArray($result))) { |
||
301 | $modules[] = (int)$row['module_id']; |
||
302 | } |
||
303 | $is_custom = ('C' === $myblock->getVar('block_type') || 'E' === $myblock->getVar('block_type')); |
||
304 | $block = [ |
||
305 | 'title' => $myblock->getVar('title') . ' Clone', |
||
306 | 'form_title' => constant('CO_' . $moduleDirNameUpper . '_' . 'BLOCKS_CLONEBLOCK'), |
||
307 | 'name' => $myblock->getVar('name'), |
||
308 | 'side' => $myblock->getVar('side'), |
||
309 | 'weight' => $myblock->getVar('weight'), |
||
310 | 'visible' => $myblock->getVar('visible'), |
||
311 | 'content' => $myblock->getVar('content', 'N'), |
||
312 | 'modules' => $modules, |
||
313 | 'is_custom' => $is_custom, |
||
314 | 'ctype' => $myblock->getVar('c_type'), |
||
315 | 'bcachetime' => $myblock->getVar('bcachetime'), |
||
316 | 'op' => 'clone_ok', |
||
317 | 'bid' => $myblock->getVar('bid'), |
||
318 | 'edit_form' => $myblock->getOptions(), |
||
319 | 'template' => $myblock->getVar('template'), |
||
320 | 'options' => $myblock->getVar('options'), |
||
321 | ]; |
||
322 | echo '<a href="blocksadmin.php">' . constant('CO_' . $moduleDirNameUpper . '_' . 'BADMIN') . '</a> <span style="font-weight:bold;">»»</span> ' . _AM_SYSTEM_BLOCKS_CLONEBLOCK . '<br><br>'; |
||
323 | require_once __DIR__ . '/blockform.php'; |
||
324 | $form->display(); |
||
325 | // xoops_cp_footer(); |
||
326 | require_once __DIR__ . '/admin_footer.php'; |
||
327 | exit(); |
||
328 | } |
||
329 | |||
330 | /** |
||
331 | * @param int $bid |
||
332 | * @param $bside |
||
333 | * @param $bweight |
||
334 | * @param $bvisible |
||
335 | * @param $bcachetime |
||
336 | * @param $bmodule |
||
337 | * @param $options |
||
338 | */ |
||
339 | function isBlockCloned($bid, $bside, $bweight, $bvisible, $bcachetime, $bmodule, $options) |
||
340 | { |
||
341 | xoops_loadLanguage('admin', 'system'); |
||
342 | xoops_loadLanguage('admin/blocksadmin', 'system'); |
||
343 | xoops_loadLanguage('admin/groups', 'system'); |
||
344 | |||
345 | /** @var \XoopsBlock $block */ |
||
346 | $block = new \XoopsBlock($bid); |
||
347 | $clone = $block->xoopsClone(); |
||
348 | if (empty($bmodule)) { |
||
349 | xoops_cp_header(); |
||
350 | xoops_error(sprintf(_AM_NOTSELNG, _AM_VISIBLEIN)); |
||
351 | xoops_cp_footer(); |
||
352 | exit(); |
||
353 | } |
||
354 | $clone->setVar('side', $bside); |
||
355 | $clone->setVar('weight', $bweight); |
||
356 | $clone->setVar('visible', $bvisible); |
||
357 | //$clone->setVar('content', $_POST['bcontent']); |
||
358 | $clone->setVar('title', Request::getString('btitle', '', 'POST')); |
||
359 | $clone->setVar('bcachetime', $bcachetime); |
||
360 | if (isset($options) && (count($options) > 0)) { |
||
361 | $options = implode('|', $options); |
||
362 | $clone->setVar('options', $options); |
||
363 | } |
||
364 | $clone->setVar('bid', 0); |
||
365 | if ('C' === $block->getVar('block_type') || 'E' === $block->getVar('block_type')) { |
||
366 | $clone->setVar('block_type', 'E'); |
||
367 | } else { |
||
368 | $clone->setVar('block_type', 'D'); |
||
369 | } |
||
370 | $newid = $clone->store(); |
||
371 | if (!$newid) { |
||
372 | xoops_cp_header(); |
||
373 | $clone->getHtmlErrors(); |
||
374 | xoops_cp_footer(); |
||
375 | exit(); |
||
376 | } |
||
377 | if ('' !== $clone->getVar('template')) { |
||
378 | /** @var \XoopsTplfileHandler $tplfileHandler */ |
||
379 | $tplfileHandler = xoops_getHandler('tplfile'); |
||
380 | $btemplate = $tplfileHandler->find($GLOBALS['xoopsConfig']['template_set'], 'block', $bid); |
||
381 | if (count($btemplate) > 0) { |
||
382 | $tplclone = $btemplate[0]->xoopsClone(); |
||
383 | $tplclone->setVar('tpl_id', 0); |
||
384 | $tplclone->setVar('tpl_refid', $newid); |
||
385 | $tplfileHandler->insert($tplclone); |
||
386 | } |
||
387 | } |
||
388 | $db = \XoopsDatabaseFactory::getDatabaseConnection(); |
||
389 | foreach ($bmodule as $bmid) { |
||
390 | $sql = 'INSERT INTO ' . $db->prefix('block_module_link') . ' (block_id, module_id) VALUES (' . $newid . ', ' . $bmid . ')'; |
||
391 | $db->query($sql); |
||
392 | } |
||
393 | $groups = &$GLOBALS['xoopsUser']->getGroups(); |
||
394 | $count = count($groups); |
||
395 | for ($i = 0; $i < $count; ++$i) { |
||
396 | $sql = 'INSERT INTO ' . $db->prefix('group_permission') . ' (gperm_groupid, gperm_itemid, gperm_modid, gperm_name) VALUES (' . $groups[$i] . ', ' . $newid . ", 1, 'block_read')"; |
||
397 | $db->query($sql); |
||
398 | } |
||
399 | redirect_header('blocksadmin.php?op=listar', 1, _AM_SYSTEM_BLOCKS_DBUPDATED); |
||
400 | } |
||
401 | |||
402 | /** |
||
403 | * @param int $bid |
||
404 | * @param string $title |
||
405 | * @param int $weight |
||
406 | * @param bool $visible |
||
407 | * @param string $side |
||
408 | * @param int $bcachetime |
||
409 | */ |
||
410 | function setOrder($bid, $title, $weight, $visible, $side, $bcachetime) |
||
411 | { |
||
412 | $myblock = new \XoopsBlock($bid); |
||
413 | $myblock->setVar('title', $title); |
||
414 | $myblock->setVar('weight', $weight); |
||
415 | $myblock->setVar('visible', $visible); |
||
416 | $myblock->setVar('side', $side); |
||
417 | $myblock->setVar('bcachetime', $bcachetime); |
||
418 | // $myblock->store(); |
||
419 | /** @var \XoopsBlockHandler $blockHandler */ |
||
420 | $blockHandler = xoops_getHandler('block'); |
||
421 | return $blockHandler->insert($myblock); |
||
422 | } |
||
423 | |||
424 | /** |
||
425 | * @param int $bid |
||
426 | */ |
||
427 | function editBlock($bid) |
||
428 | { |
||
429 | //require __DIR__ . '/admin_header.php'; |
||
430 | xoops_cp_header(); |
||
431 | $moduleDirName = \basename(\dirname(__DIR__)); |
||
432 | $moduleDirNameUpper = \mb_strtoupper($moduleDirName); |
||
433 | xoops_loadLanguage('admin', 'system'); |
||
434 | xoops_loadLanguage('admin/blocksadmin', 'system'); |
||
435 | xoops_loadLanguage('admin/groups', 'system'); |
||
436 | $myblock = new \XoopsBlock($bid); |
||
437 | $db = \XoopsDatabaseFactory::getDatabaseConnection(); |
||
438 | $sql = 'SELECT module_id FROM ' . $db->prefix('block_module_link') . ' WHERE block_id=' . (int)$bid; |
||
439 | $result = $db->query($sql); |
||
440 | $modules = []; |
||
441 | while (false !== ($row = $db->fetchArray($result))) { |
||
442 | $modules[] = (int)$row['module_id']; |
||
443 | } |
||
444 | $is_custom = ('C' === $myblock->getVar('block_type') || 'E' === $myblock->getVar('block_type')); |
||
445 | $block = [ |
||
446 | 'title' => $myblock->getVar('title'), |
||
447 | 'form_title' => _AM_SYSTEM_BLOCKS_EDITBLOCK, |
||
448 | // 'name' => $myblock->getVar('name'), |
||
449 | 'side' => $myblock->getVar('side'), |
||
450 | 'weight' => $myblock->getVar('weight'), |
||
451 | 'visible' => $myblock->getVar('visible'), |
||
452 | 'content' => $myblock->getVar('content', 'N'), |
||
453 | 'modules' => $modules, |
||
454 | 'is_custom' => $is_custom, |
||
455 | 'ctype' => $myblock->getVar('c_type'), |
||
456 | 'bcachetime' => $myblock->getVar('bcachetime'), |
||
457 | 'op' => 'edit_ok', |
||
458 | 'bid' => $myblock->getVar('bid'), |
||
459 | 'edit_form' => $myblock->getOptions(), |
||
460 | 'template' => $myblock->getVar('template'), |
||
461 | 'options' => $myblock->getVar('options'), |
||
462 | ]; |
||
463 | echo '<a href="blocksadmin.php">' . constant('CO_' . $moduleDirNameUpper . '_' . 'BADMIN') . '</a> <span style="font-weight:bold;">»»</span> ' . _AM_SYSTEM_BLOCKS_EDITBLOCK . '<br><br>'; |
||
464 | require_once __DIR__ . '/blockform.php'; |
||
465 | $form->display(); |
||
466 | // xoops_cp_footer(); |
||
467 | require_once __DIR__ . '/admin_footer.php'; |
||
468 | exit(); |
||
469 | } |
||
470 | |||
471 | /** |
||
472 | * @param int $bid |
||
473 | * @param string $btitle |
||
474 | * @param string $bside |
||
475 | * @param int $bweight |
||
476 | * @param bool $bvisible |
||
477 | * @param int $bcachetime |
||
478 | * @param array $bmodule |
||
479 | * @param null|array|string $options |
||
480 | * @param null|array $groups |
||
481 | */ |
||
482 | function updateBlock($bid, $btitle, $bside, $bweight, $bvisible, $bcachetime, $bmodule, $options, $groups) |
||
483 | { |
||
484 | $myblock = new \XoopsBlock($bid); |
||
485 | $myblock->setVar('title', $btitle); |
||
486 | $myblock->setVar('weight', $bweight); |
||
487 | $myblock->setVar('visible', $bvisible); |
||
488 | $myblock->setVar('side', $bside); |
||
489 | $myblock->setVar('bcachetime', $bcachetime); |
||
490 | // $myblock->store(); |
||
491 | /** @var \XoopsBlockHandler $blockHandler */ |
||
492 | $blockHandler = xoops_getHandler('block'); |
||
493 | return $blockHandler->insert($myblock); |
||
494 | |||
495 | if (!empty($bmodule) && count($bmodule) > 0) { |
||
496 | $sql = sprintf('DELETE FROM `%s` WHERE block_id = %u', $GLOBALS['xoopsDB']->prefix('block_module_link'), $bid); |
||
497 | $GLOBALS['xoopsDB']->query($sql); |
||
498 | if (in_array(0, $bmodule)) { |
||
499 | $sql = sprintf('INSERT INTO `%s` (block_id, module_id) VALUES (%u, %d)', $GLOBALS['xoopsDB']->prefix('block_module_link'), $bid, 0); |
||
500 | $GLOBALS['xoopsDB']->query($sql); |
||
501 | } else { |
||
502 | foreach ($bmodule as $bmid) { |
||
503 | $sql = sprintf('INSERT INTO `%s` (block_id, module_id) VALUES (%u, %d)', $GLOBALS['xoopsDB']->prefix('block_module_link'), $bid, (int)$bmid); |
||
504 | $GLOBALS['xoopsDB']->query($sql); |
||
505 | } |
||
506 | } |
||
507 | } |
||
508 | $sql = sprintf('DELETE FROM `%s` WHERE gperm_itemid = %u', $GLOBALS['xoopsDB']->prefix('group_permission'), $bid); |
||
509 | $GLOBALS['xoopsDB']->query($sql); |
||
510 | if (!empty($groups)) { |
||
511 | foreach ($groups as $grp) { |
||
512 | $sql = sprintf("INSERT INTO `%s` (gperm_groupid, gperm_itemid, gperm_modid, gperm_name) VALUES (%u, %u, 1, 'block_read')", $GLOBALS['xoopsDB']->prefix('group_permission'), $grp, $bid); |
||
513 | $GLOBALS['xoopsDB']->query($sql); |
||
514 | } |
||
515 | } |
||
516 | redirect_header($_SERVER['SCRIPT_NAME'], 1, constant('CO_' . $moduleDirNameUpper . '_' . 'UPDATE_SUCCESS')); |
||
517 | } |
||
518 | |||
519 | if ('list' === $op) { |
||
520 | xoops_cp_header(); |
||
521 | // mpu_adm_menu(); |
||
522 | listBlocks(); |
||
523 | require_once __DIR__ . '/admin_footer.php'; |
||
524 | exit(); |
||
525 | } |
||
526 | |||
527 | if ('order' === $op) { |
||
528 | if (!$GLOBALS['xoopsSecurity']->check()) { |
||
529 | redirect_header($_SERVER['SCRIPT_NAME'], 3, implode('<br>', $GLOBALS['xoopsSecurity']->getErrors())); |
||
530 | } |
||
531 | foreach (array_keys($bid) as $i) { |
||
532 | if ($oldtitle[$i] !== $title[$i] || $oldweight[$i] !== $weight[$i] || $oldvisible[$i] !== $visible[$i] |
||
533 | || $oldside[$i] !== $side[$i] |
||
534 | || $oldbcachetime[$i] !== $bcachetime[$i]) { |
||
535 | setOrder($bid[$i], $title[$i], $weight[$i], $visible[$i], $side[$i], $bcachetime[$i], $bmodule[$i]); |
||
536 | } |
||
537 | if (!empty($bmodule[$i]) && count($bmodule[$i]) > 0) { |
||
538 | $sql = sprintf('DELETE FROM `%s` WHERE block_id = %u', $GLOBALS['xoopsDB']->prefix('block_module_link'), $bid[$i]); |
||
539 | $GLOBALS['xoopsDB']->query($sql); |
||
540 | if (in_array(0, $bmodule[$i])) { |
||
541 | $sql = sprintf('INSERT INTO `%s` (block_id, module_id) VALUES (%u, %d)', $GLOBALS['xoopsDB']->prefix('block_module_link'), $bid[$i], 0); |
||
542 | $GLOBALS['xoopsDB']->query($sql); |
||
543 | } else { |
||
544 | foreach ($bmodule[$i] as $bmid) { |
||
545 | $sql = sprintf('INSERT INTO `%s` (block_id, module_id) VALUES (%u, %d)', $GLOBALS['xoopsDB']->prefix('block_module_link'), $bid[$i], (int)$bmid); |
||
546 | $GLOBALS['xoopsDB']->query($sql); |
||
547 | } |
||
548 | } |
||
549 | } |
||
550 | $sql = sprintf('DELETE FROM `%s` WHERE gperm_itemid = %u', $GLOBALS['xoopsDB']->prefix('group_permission'), $bid[$i]); |
||
551 | $GLOBALS['xoopsDB']->query($sql); |
||
552 | if (!empty($groups[$i])) { |
||
553 | foreach ($groups[$i] as $grp) { |
||
554 | $sql = sprintf("INSERT INTO `%s` (gperm_groupid, gperm_itemid, gperm_modid, gperm_name) VALUES (%u, %u, 1, 'block_read')", $GLOBALS['xoopsDB']->prefix('group_permission'), $grp, $bid[$i]); |
||
555 | $GLOBALS['xoopsDB']->query($sql); |
||
556 | } |
||
557 | } |
||
558 | } |
||
559 | redirect_header($_SERVER['SCRIPT_NAME'], 1, constant('CO_' . $moduleDirNameUpper . '_' . 'UPDATE_SUCCESS')); |
||
560 | } |
||
561 | if ('clone' === $op) { |
||
562 | cloneBlock($bid); |
||
563 | } |
||
564 | |||
565 | if ('edit' === $op) { |
||
566 | editBlock($bid); |
||
567 | } |
||
568 | |||
569 | if ('edit_ok' === $op) { |
||
570 | updateBlock($bid, $btitle, $bside, $bweight, $bvisible, $bcachetime, $bmodule, $options, $groups); |
||
571 | } |
||
572 | |||
573 | if ('clone_ok' === $op) { |
||
574 | isBlockCloned($bid, $bside, $bweight, $bvisible, $bcachetime, $bmodule, $options); |
||
575 | } |
||
576 | } else { |
||
577 | echo constant('CO_' . $moduleDirNameUpper . '_' . 'ERROR403'); |
||
578 | } |
||
579 |
This function has been deprecated. The supplier of the function has supplied an explanatory message.
The explanatory message should give you some clue as to whether and when the function will be removed and what other function to use instead.