 mambax7    /
                    wflinks
                      mambax7    /
                    wflinks
                
                            This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include, or for example
                                via PHP's auto-loading mechanism.
                                                    | 1 | <?php | ||
| 2 | /** | ||
| 3 | * You may not change or alter any portion of this comment or credits | ||
| 4 | * of supporting developers from this source code or any supporting source code | ||
| 5 | * which is considered copyrighted (c) material of the original comment or credit authors. | ||
| 6 | * | ||
| 7 | * PHP version 5 | ||
| 8 | * | ||
| 9 | * @category Module | ||
| 10 | * @author XOOPS Development Team | ||
| 11 | * @copyright XOOPS Project | ||
| 12 | * @link https://www.xoops.org | ||
| 13 | * @license GNU GPL 2 or later (http://www.gnu.org/licenses/gpl-2.0.html) | ||
| 14 | */ | ||
| 15 | |||
| 16 | use Xmf\Request; | ||
| 17 | use XoopsModules\Wflinks\{Helper | ||
| 18 | }; | ||
| 19 | |||
| 20 | /** @var Helper $helper */ | ||
| 21 | |||
| 22 | require __DIR__ . '/admin_header.php'; | ||
| 23 | |||
| 24 | $moduleDirName = basename(dirname(__DIR__)); | ||
| 25 | $moduleDirNameUpper = mb_strtoupper($moduleDirName); //$capsDirName | ||
| 26 | |||
| 27 | $helper->loadLanguage('blocksadmin'); | ||
| 28 | |||
| 29 | if (!is_object($GLOBALS['xoopsUser']) || !is_object($xoopsModule) | ||
| 30 |     || !$GLOBALS['xoopsUser']->isAdmin($xoopsModule->mid())) { | ||
| 31 |     exit(constant('CO_' . $moduleDirNameUpper . '_' . 'ERROR403')); | ||
| 32 | } | ||
| 33 | if ($GLOBALS['xoopsUser']->isAdmin($xoopsModule->mid())) { | ||
| 34 | require_once XOOPS_ROOT_PATH . '/class/xoopsblock.php'; | ||
| 35 | $op = 'list'; | ||
| 36 |     if (isset($_POST)) { | ||
| 37 |         foreach ($_POST as $k => $v) { | ||
| 38 |             ${$k} = $v; | ||
| 39 | } | ||
| 40 | } | ||
| 41 | /* | ||
| 42 |     if (\Xmf\Request::hasVar('op', 'GET')) { | ||
| 43 |         if ('edit' === $_GET['op'] || 'delete' === $_GET['op'] || 'delete_ok' === $_GET['op'] || 'clone' === $_GET['op'] | ||
| 44 |             || 'edit' === $_GET['op']) { | ||
| 45 | $op = $_GET['op']; | ||
| 46 |             $bid = \Xmf\Request::getInt('bid', 0, 'GET'); | ||
| 47 | } | ||
| 48 | */ | ||
| 49 | |||
| 50 |     $op = Request::getString('op', $op); | ||
| 51 |     if (in_array($op, ['edit', 'delete', 'delete_ok', 'clone'])) { | ||
| 52 |         $bid = Request::getInt('bid', 0, 'GET'); | ||
| 53 | } | ||
| 54 | |||
| 55 | function listBlocks() | ||
| 56 |     { | ||
| 57 | global $xoopsModule, $pathIcon16; | ||
| 58 | require_once XOOPS_ROOT_PATH . '/class/xoopslists.php'; | ||
| 59 | $moduleDirName = basename(dirname(__DIR__)); | ||
| 60 | $moduleDirNameUpper = mb_strtoupper($moduleDirName); //$capsDirName | ||
| 61 | $db = \XoopsDatabaseFactory::getDatabaseConnection(); | ||
| 62 |         xoops_loadLanguage('admin', 'system'); | ||
| 63 |         xoops_loadLanguage('admin/blocksadmin', 'system'); | ||
| 64 |         xoops_loadLanguage('admin/groups', 'system'); | ||
| 65 | |||
| 66 | /** @var \XoopsModuleHandler $moduleHandler */ | ||
| 67 |         $moduleHandler = xoops_getHandler('module'); | ||
| 68 | /** @var \XoopsMemberHandler $memberHandler */ | ||
| 69 |         $memberHandler = xoops_getHandler('member'); | ||
| 70 | /** @var \XoopsGroupPermHandler $grouppermHandler */ | ||
| 71 |         $grouppermHandler = xoops_getHandler('groupperm'); | ||
| 72 | $groups = $memberHandler->getGroups(); | ||
| 73 |         $criteria         = new \CriteriaCompo(new \Criteria('hasmain', 1)); | ||
| 74 |         $criteria->add(new \Criteria('isactive', 1)); | ||
| 75 | $module_list = $moduleHandler->getList($criteria); | ||
| 76 | $module_list[-1] = _AM_SYSTEM_BLOCKS_TOPPAGE; | ||
| 77 | $module_list[0] = _AM_SYSTEM_BLOCKS_ALLPAGES; | ||
| 78 | ksort($module_list); | ||
| 79 | echo " | ||
| 80 |         <h4 style='text-align:left;'>" . constant('CO_' . $moduleDirNameUpper . '_' . 'BADMIN') . '</h4>'; | ||
| 81 | /** @var \XoopsModuleHandler $moduleHandler */ | ||
| 82 |         $moduleHandler = xoops_getHandler('module'); | ||
| 83 | echo "<form action='" . $_SERVER['SCRIPT_NAME'] . "' name='blockadmin' method='post'>"; | ||
| 84 | echo $GLOBALS['xoopsSecurity']->getTokenHTML(); | ||
| 85 | echo "<table width='100%' class='outer' cellpadding='4' cellspacing='1'> | ||
| 86 | <tr valign='middle'><th align='center'>" | ||
| 87 |              . constant('CO_' . $moduleDirNameUpper . '_' . 'TITLE') | ||
| 88 | . "</th><th align='center' nowrap='nowrap'>" | ||
| 89 |              . constant('CO_' . $moduleDirNameUpper . '_' . 'SIDE') | ||
| 90 | . '<br>' | ||
| 91 | . _LEFT | ||
| 92 | . '-' | ||
| 93 | . _CENTER | ||
| 94 | . '-' | ||
| 95 | . _RIGHT | ||
| 96 | . "</th><th align='center'>" | ||
| 97 | . constant( | ||
| 98 | 'CO_' . $moduleDirNameUpper . '_' . 'WEIGHT' | ||
| 99 | ) | ||
| 100 | . "</th><th align='center'>" | ||
| 101 |              . constant('CO_' . $moduleDirNameUpper . '_' . 'VISIBLE') | ||
| 102 | . "</th><th align='center'>" | ||
| 103 | . _AM_SYSTEM_BLOCKS_VISIBLEIN | ||
| 104 | . "</th><th align='center'>" | ||
| 105 | . _AM_SYSTEM_ADGS | ||
| 106 | . "</th><th align='center'>" | ||
| 107 | . _AM_SYSTEM_BLOCKS_BCACHETIME | ||
| 108 | . "</th><th align='center'>" | ||
| 109 |              . constant('CO_' . $moduleDirNameUpper . '_' . 'ACTION') | ||
| 110 | . '</th></tr> | ||
| 111 | '; | ||
| 112 | $block_arr = \XoopsBlock::getByModule($xoopsModule->mid()); | ||
| 113 | $block_count = count($block_arr); | ||
| 114 | $class = 'even'; | ||
| 115 | $cachetimes = [ | ||
| 116 | '0' => _NOCACHE, | ||
| 117 | '30' => sprintf(_SECONDS, 30), | ||
| 118 | '60' => _MINUTE, | ||
| 119 | '300' => sprintf(_MINUTES, 5), | ||
| 120 | '1800' => sprintf(_MINUTES, 30), | ||
| 121 | '3600' => _HOUR, | ||
| 122 | '18000' => sprintf(_HOURS, 5), | ||
| 123 | '86400' => _DAY, | ||
| 124 | '259200' => sprintf(_DAYS, 3), | ||
| 125 | '604800' => _WEEK, | ||
| 126 | '2592000' => _MONTH, | ||
| 127 | ]; | ||
| 128 |         foreach ($block_arr as $i) { | ||
| 129 |             $groups_perms = $grouppermHandler->getGroupIds('block_read', $i->getVar('bid')); | ||
| 130 |             $sql          = 'SELECT module_id FROM ' . $db->prefix('block_module_link') . ' WHERE block_id=' . $i->getVar('bid'); | ||
| 131 | $result = $db->query($sql); | ||
| 132 | $modules = []; | ||
| 133 |             while (false !== ($row = $db->fetchArray($result))) { | ||
| 134 | $modules[] = (int)$row['module_id']; | ||
| 135 | } | ||
| 136 | |||
| 137 | $cachetime_options = ''; | ||
| 138 |             foreach ($cachetimes as $cachetime => $cachetime_name) { | ||
| 139 |                 if ($i->getVar('bcachetime') == $cachetime) { | ||
| 140 | $cachetime_options .= "<option value='$cachetime' selected>$cachetime_name</option>\n"; | ||
| 141 |                 } else { | ||
| 142 | $cachetime_options .= "<option value='$cachetime'>$cachetime_name</option>\n"; | ||
| 143 | } | ||
| 144 | } | ||
| 145 | |||
| 146 | $sel0 = $sel1 = $ssel0 = $ssel1 = $ssel2 = $ssel3 = $ssel4 = $ssel5 = $ssel6 = $ssel7 = ''; | ||
| 147 |             if (1 === $i->getVar('visible')) { | ||
| 148 | $sel1 = ' checked'; | ||
| 149 |             } else { | ||
| 150 | $sel0 = ' checked'; | ||
| 151 | } | ||
| 152 |             if (XOOPS_SIDEBLOCK_LEFT === $i->getVar('side')) { | ||
| 153 | $ssel0 = ' checked'; | ||
| 154 |             } elseif (XOOPS_SIDEBLOCK_RIGHT === $i->getVar('side')) { | ||
| 155 | $ssel1 = ' checked'; | ||
| 156 |             } elseif (XOOPS_CENTERBLOCK_LEFT === $i->getVar('side')) { | ||
| 157 | $ssel2 = ' checked'; | ||
| 158 |             } elseif (XOOPS_CENTERBLOCK_RIGHT === $i->getVar('side')) { | ||
| 159 | $ssel4 = ' checked'; | ||
| 160 |             } elseif (XOOPS_CENTERBLOCK_CENTER === $i->getVar('side')) { | ||
| 161 | $ssel3 = ' checked'; | ||
| 162 |             } elseif (XOOPS_CENTERBLOCK_BOTTOMLEFT === $i->getVar('side')) { | ||
| 163 | $ssel5 = ' checked'; | ||
| 164 |             } elseif (XOOPS_CENTERBLOCK_BOTTOMRIGHT === $i->getVar('side')) { | ||
| 165 | $ssel6 = ' checked'; | ||
| 166 |             } elseif (XOOPS_CENTERBLOCK_BOTTOM === $i->getVar('side')) { | ||
| 167 | $ssel7 = ' checked'; | ||
| 168 | } | ||
| 169 |             if ('' === $i->getVar('title')) { | ||
| 170 | $title = ' '; | ||
| 171 |             } else { | ||
| 172 |                 $title = $i->getVar('title'); | ||
| 173 | } | ||
| 174 |             $name = $i->getVar('name'); | ||
| 175 | echo "<tr valign='top'><td class='$class' align='center'><input type='text' name='title[" | ||
| 176 |                  . $i->getVar('bid') | ||
| 177 | . "]' value='" | ||
| 178 | . $title | ||
| 179 | . "'></td><td class='$class' align='center' nowrap='nowrap'> | ||
| 180 | <div align='center' > | ||
| 181 | <input type='radio' name='side[" | ||
| 182 |                  . $i->getVar('bid') | ||
| 183 | . "]' value='" | ||
| 184 | . XOOPS_CENTERBLOCK_LEFT | ||
| 185 | . "'$ssel2> | ||
| 186 | <input type='radio' name='side[" | ||
| 187 |                  . $i->getVar('bid') | ||
| 188 | . "]' value='" | ||
| 189 | . XOOPS_CENTERBLOCK_CENTER | ||
| 190 | . "'$ssel3> | ||
| 191 | <input type='radio' name='side[" | ||
| 192 |                  . $i->getVar('bid') | ||
| 193 | . "]' value='" | ||
| 194 | . XOOPS_CENTERBLOCK_RIGHT | ||
| 195 | . "'$ssel4> | ||
| 196 | </div> | ||
| 197 | <div> | ||
| 198 | <span style='float:right;'><input type='radio' name='side[" | ||
| 199 |                  . $i->getVar('bid') | ||
| 200 | . "]' value='" | ||
| 201 | . XOOPS_SIDEBLOCK_RIGHT | ||
| 202 | . "'$ssel1></span> | ||
| 203 | <div align='left'><input type='radio' name='side[" | ||
| 204 |                  . $i->getVar('bid') | ||
| 205 | . "]' value='" | ||
| 206 | . XOOPS_SIDEBLOCK_LEFT | ||
| 207 | . "'$ssel0></div> | ||
| 208 | </div> | ||
| 209 | <div align='center'> | ||
| 210 | <input type='radio' name='side[" | ||
| 211 |                  . $i->getVar('bid') | ||
| 212 | . "]' value='" | ||
| 213 | . XOOPS_CENTERBLOCK_BOTTOMLEFT | ||
| 214 | . "'$ssel5> | ||
| 215 | <input type='radio' name='side[" | ||
| 216 |                  . $i->getVar('bid') | ||
| 217 | . "]' value='" | ||
| 218 | . XOOPS_CENTERBLOCK_BOTTOM | ||
| 219 | . "'$ssel7> | ||
| 220 | <input type='radio' name='side[" | ||
| 221 |                  . $i->getVar('bid') | ||
| 222 | . "]' value='" | ||
| 223 | . XOOPS_CENTERBLOCK_BOTTOMRIGHT | ||
| 224 | . "'$ssel6> | ||
| 225 | </div> | ||
| 226 | </td><td class='$class' align='center'><input type='text' name='weight[" | ||
| 227 |                  . $i->getVar('bid') | ||
| 228 | . "]' value='" | ||
| 229 |                  . $i->getVar('weight') | ||
| 230 | . "' size='5' maxlength='5'></td><td class='$class' align='center' nowrap><input type='radio' name='visible[" | ||
| 231 |                  . $i->getVar('bid') | ||
| 232 | . "]' value='1'$sel1>" | ||
| 233 | . _YES | ||
| 234 | . " <input type='radio' name='visible[" | ||
| 235 |                  . $i->getVar('bid') | ||
| 236 | . "]' value='0'$sel0>" | ||
| 237 | . _NO | ||
| 238 | . '</td>'; | ||
| 239 | |||
| 240 |             echo "<td class='$class' align='center'><select size='5' name='bmodule[" . $i->getVar('bid') . "][]' id='bmodule[" . $i->getVar('bid') . "][]' multiple='multiple'>"; | ||
| 241 |             foreach ($module_list as $k => $v) { | ||
| 242 | echo "<option value='$k'" . (in_array($k, $modules) ? 'selected' : '') . ">$v</option>"; | ||
| 243 | } | ||
| 244 | echo '</select></td>'; | ||
| 245 | |||
| 246 |             echo "<td class='$class' align='center'><select size='5' name='groups[" . $i->getVar('bid') . "][]' id='groups[" . $i->getVar('bid') . "][]' multiple='multiple'>"; | ||
| 247 |             foreach ($groups as $grp) { | ||
| 248 |                 echo "<option value='" . $grp->getVar('groupid') . "' " . (in_array($grp->getVar('groupid'), $groups_perms) ? 'selected' : '') . '>' . $grp->getVar('name') . '</option>'; | ||
| 249 | } | ||
| 250 | echo '</select></td>'; | ||
| 251 | |||
| 252 | // Cache lifetime | ||
| 253 |             echo '<td class="' . $class . '" align="center"> <select name="bcachetime[' . $i->getVar('bid') . ']" size="1">' . $cachetime_options . '</select> | ||
| 254 | </td>'; | ||
| 255 | |||
| 256 | // Actions | ||
| 257 | |||
| 258 |             echo "<td class='$class' align='center'><a href='blocksadmin.php?op=edit&bid=" . $i->getVar('bid') . "'><img src=" . $pathIcon16 . '/edit.png' . " alt='" . _EDIT . "' title='" . _EDIT . "'> | ||
| 259 |                  </a> <a href='blocksadmin.php?op=clone&bid=" . $i->getVar('bid') . "'><img src=" . $pathIcon16 . '/editcopy.png' . " alt='" . _CLONE . "' title='" . _CLONE . "'> | ||
| 260 | </a>"; | ||
| 261 |             if ('S' !== $i->getVar('block_type') && 'M' !== $i->getVar('block_type')) { | ||
| 262 |                 echo " <a href='" . XOOPS_URL . '/modules/system/admin.php?fct=blocksadmin&op=delete&bid=' . $i->getVar('bid') . "'><img src=" . $pathIcon16 . '/delete.png' . " alt='" . _DELETE . "' title='" . _DELETE . "'> | ||
| 263 | </a>"; | ||
| 264 | } | ||
| 265 | echo " | ||
| 266 |             <input type='hidden' name='oldtitle[" . $i->getVar('bid') . "]' value='" . $i->getVar('title') . "'> | ||
| 267 |             <input type='hidden' name='oldside[" . $i->getVar('bid') . "]' value='" . $i->getVar('side') . "'> | ||
| 268 |             <input type='hidden' name='oldweight[" . $i->getVar('bid') . "]' value='" . $i->getVar('weight') . "'> | ||
| 269 |             <input type='hidden' name='oldvisible[" . $i->getVar('bid') . "]' value='" . $i->getVar('visible') . "'> | ||
| 270 |             <input type='hidden' name='oldgroups[" . $i->getVar('groups') . "]' value='" . $i->getVar('groups') . "'> | ||
| 271 |             <input type='hidden' name='oldbcachetime[" . $i->getVar('bid') . "]' value='" . $i->getVar('bcachetime') . "'> | ||
| 272 |             <input type='hidden' name='bid[" . $i->getVar('bid') . "]' value='" . $i->getVar('bid') . "'> | ||
| 273 | </td></tr> | ||
| 274 | "; | ||
| 275 |             $class = ('even' === $class) ? 'odd' : 'even'; | ||
| 276 | } | ||
| 277 | echo "<tr><td class='foot' align='center' colspan='8'> | ||
| 278 | <input type='hidden' name='op' value='order'> | ||
| 279 | " . $GLOBALS['xoopsSecurity']->getTokenHTML() . " | ||
| 280 | <input type='submit' name='submit' value='" . _SUBMIT . "'> | ||
| 281 | </td></tr></table> | ||
| 282 | </form> | ||
| 283 | <br><br>"; | ||
| 284 | } | ||
| 285 | |||
| 286 | /** | ||
| 287 | * @param int $bid | ||
| 288 | */ | ||
| 289 | function cloneBlock($bid) | ||
| 290 |     { | ||
| 291 | require_once __DIR__ . '/admin_header.php'; | ||
| 292 | //require_once __DIR__ . '/admin_header.php'; | ||
| 293 | xoops_cp_header(); | ||
| 294 | |||
| 295 |         xoops_loadLanguage('admin', 'system'); | ||
| 296 |         xoops_loadLanguage('admin/blocksadmin', 'system'); | ||
| 297 |         xoops_loadLanguage('admin/groups', 'system'); | ||
| 298 | |||
| 299 | // mpu_adm_menu(); | ||
| 300 | $myblock = new XoopsBlock($bid); | ||
| 301 | $db = \XoopsDatabaseFactory::getDatabaseConnection(); | ||
| 302 |         $sql     = 'SELECT module_id FROM ' . $db->prefix('block_module_link') . ' WHERE block_id=' . (int)$bid; | ||
| 303 | $result = $db->query($sql); | ||
| 304 | $modules = []; | ||
| 305 |         while (false !== ($row = $db->fetchArray($result))) { | ||
| 306 | $modules[] = (int)$row['module_id']; | ||
| 307 | } | ||
| 308 |         $is_custom = ('C' === $myblock->getVar('block_type') || 'E' === $myblock->getVar('block_type')); | ||
| 309 | $block = [ | ||
| 310 |             'title'      => $myblock->getVar('title') . ' Clone', | ||
| 311 |             'form_title' => constant('CO_' . $moduleDirNameUpper . '_' . 'BLOCKS_CLONEBLOCK'), | ||
| 0 ignored issues–
                            show             Comprehensibility
            Best Practice
    
    
    
        introduced 
                            by  
  Loading history... | |||
| 312 |             'name'       => $myblock->getVar('name'), | ||
| 313 |             'side'       => $myblock->getVar('side'), | ||
| 314 |             'weight'     => $myblock->getVar('weight'), | ||
| 315 |             'visible'    => $myblock->getVar('visible'), | ||
| 316 |             'content'    => $myblock->getVar('content', 'N'), | ||
| 317 | 'modules' => $modules, | ||
| 318 | 'is_custom' => $is_custom, | ||
| 319 |             'ctype'      => $myblock->getVar('c_type'), | ||
| 320 |             'bcachetime' => $myblock->getVar('bcachetime'), | ||
| 321 | 'op' => 'clone_ok', | ||
| 322 |             'bid'        => $myblock->getVar('bid'), | ||
| 323 | 'edit_form' => $myblock->getOptions(), | ||
| 324 |             'template'   => $myblock->getVar('template'), | ||
| 325 |             'options'    => $myblock->getVar('options'), | ||
| 326 | ]; | ||
| 327 | echo '<a href="blocksadmin.php">' . _AM_BADMIN . '</a> <span style="font-weight:bold;">»»</span> ' . _AM_SYSTEM_BLOCKS_CLONEBLOCK . '<br><br>'; | ||
| 328 | require_once __DIR__ . '/blockform.php'; | ||
| 329 | $form->display(); | ||
| 0 ignored issues–
                            show             Comprehensibility
            Best Practice
    
    
    
        introduced 
                            by  | |||
| 330 | // xoops_cp_footer(); | ||
| 331 | require_once __DIR__ . '/admin_footer.php'; | ||
| 332 | exit(); | ||
| 333 | } | ||
| 334 | |||
| 335 | /** | ||
| 336 | * @param int $bid | ||
| 337 | * @param string $bside | ||
| 338 | * @param int $bweight | ||
| 339 | * @param bool $bvisible | ||
| 340 | * @param int $bcachetime | ||
| 341 | * @param array $bmodule | ||
| 342 | * @param null|array|string $options | ||
| 343 | */ | ||
| 344 | function isBlockCloned($bid, $bside, $bweight, $bvisible, $bcachetime, $bmodule, $options) | ||
| 345 |     { | ||
| 346 |         xoops_loadLanguage('admin', 'system'); | ||
| 347 |         xoops_loadLanguage('admin/blocksadmin', 'system'); | ||
| 348 |         xoops_loadLanguage('admin/groups', 'system'); | ||
| 349 | |||
| 350 | $block = new XoopsBlock($bid); | ||
| 351 | $clone = $block->xoopsClone(); | ||
| 352 |         if (empty($bmodule)) { | ||
| 353 | xoops_cp_header(); | ||
| 354 | xoops_error(sprintf(_AM_NOTSELNG, _AM_VISIBLEIN)); | ||
| 355 | xoops_cp_footer(); | ||
| 356 | exit(); | ||
| 357 | } | ||
| 358 |         $clone->setVar('side', $bside); | ||
| 359 |         $clone->setVar('weight', $bweight); | ||
| 360 |         $clone->setVar('visible', $bvisible); | ||
| 361 |         //$clone->setVar('content', $_POST['bcontent']); | ||
| 362 |         $clone->setVar('title', Request::getString('btitle', '', 'POST')); | ||
| 363 |         $clone->setVar('bcachetime', $bcachetime); | ||
| 364 |         if (isset($options) && (count($options) > 0)) { | ||
| 365 |             $options = implode('|', $options); | ||
| 366 |             $clone->setVar('options', $options); | ||
| 367 | } | ||
| 368 |         $clone->setVar('bid', 0); | ||
| 369 |         if ('C' === $block->getVar('block_type') || 'E' === $block->getVar('block_type')) { | ||
| 370 |             $clone->setVar('block_type', 'E'); | ||
| 371 |         } else { | ||
| 372 |             $clone->setVar('block_type', 'D'); | ||
| 373 | } | ||
| 374 | $newid = $clone->store(); | ||
| 375 |         if (!$newid) { | ||
| 376 | xoops_cp_header(); | ||
| 377 | $clone->getHtmlErrors(); | ||
| 378 | xoops_cp_footer(); | ||
| 379 | exit(); | ||
| 380 | } | ||
| 381 |         if ('' !== $clone->getVar('template')) { | ||
| 382 | /** @var \XoopsTplfileHandler $tplfileHandler */ | ||
| 383 |             $tplfileHandler = xoops_getHandler('tplfile'); | ||
| 384 | $btemplate = $tplfileHandler->find($GLOBALS['xoopsConfig']['template_set'], 'block', $bid); | ||
| 385 |             if (count($btemplate) > 0) { | ||
| 386 | $tplclone = $btemplate[0]->xoopsClone(); | ||
| 387 |                 $tplclone->setVar('tpl_id', 0); | ||
| 388 |                 $tplclone->setVar('tpl_refid', $newid); | ||
| 389 | $tplfileHandler->insert($tplclone); | ||
| 390 | } | ||
| 391 | } | ||
| 392 | $db = \XoopsDatabaseFactory::getDatabaseConnection(); | ||
| 393 |         foreach ($bmodule as $bmid) { | ||
| 394 |             $sql = 'INSERT INTO ' . $db->prefix('block_module_link') . ' (block_id, module_id) VALUES (' . $newid . ', ' . $bmid . ')'; | ||
| 395 | $db->query($sql); | ||
| 396 | } | ||
| 397 | $groups = &$GLOBALS['xoopsUser']->getGroups(); | ||
| 398 | $count = count($groups); | ||
| 399 |         for ($i = 0; $i < $count; ++$i) { | ||
| 400 |             $sql = 'INSERT INTO ' . $db->prefix('group_permission') . ' (gperm_groupid, gperm_itemid, gperm_modid, gperm_name) VALUES (' . $groups[$i] . ', ' . $newid . ", 1, 'block_read')"; | ||
| 401 | $db->query($sql); | ||
| 402 | } | ||
| 403 |         redirect_header('blocksadmin.php?op=listar', 1, _AM_DBUPDATED); | ||
| 404 | } | ||
| 405 | |||
| 406 | /** | ||
| 407 | * @param int $bid | ||
| 408 | * @param string $title | ||
| 409 | * @param int $weight | ||
| 410 | * @param bool $visible | ||
| 411 | * @param string $side | ||
| 412 | * @param int $bcachetime | ||
| 413 | */ | ||
| 414 | function setOrder($bid, $title, $weight, $visible, $side, $bcachetime) | ||
| 415 |     { | ||
| 416 | $myblock = new XoopsBlock($bid); | ||
| 417 |         $myblock->setVar('title', $title); | ||
| 418 |         $myblock->setVar('weight', $weight); | ||
| 419 |         $myblock->setVar('visible', $visible); | ||
| 420 |         $myblock->setVar('side', $side); | ||
| 421 |         $myblock->setVar('bcachetime', $bcachetime); | ||
| 422 | $myblock->store(); | ||
| 423 | } | ||
| 424 | |||
| 425 | /** | ||
| 426 | * @param int $bid | ||
| 427 | */ | ||
| 428 | function editBlock($bid) | ||
| 429 |     { | ||
| 430 | require_once __DIR__ . '/admin_header.php'; | ||
| 431 | //require_once __DIR__ . '/admin_header.php'; | ||
| 432 | xoops_cp_header(); | ||
| 433 | $moduleDirName = basename(dirname(__DIR__)); | ||
| 434 | $moduleDirNameUpper = mb_strtoupper($moduleDirName); //$capsDirName | ||
| 435 |         xoops_loadLanguage('admin', 'system'); | ||
| 436 |         xoops_loadLanguage('admin/blocksadmin', 'system'); | ||
| 437 |         xoops_loadLanguage('admin/groups', 'system'); | ||
| 438 | // mpu_adm_menu(); | ||
| 439 | $myblock = new XoopsBlock($bid); | ||
| 440 | $db = \XoopsDatabaseFactory::getDatabaseConnection(); | ||
| 441 |         $sql     = 'SELECT module_id FROM ' . $db->prefix('block_module_link') . ' WHERE block_id=' . (int)$bid; | ||
| 442 | $result = $db->query($sql); | ||
| 443 | $modules = []; | ||
| 444 |         while (false !== ($row = $db->fetchArray($result))) { | ||
| 445 | $modules[] = (int)$row['module_id']; | ||
| 446 | } | ||
| 447 |         $is_custom = ('C' === $myblock->getVar('block_type') || 'E' === $myblock->getVar('block_type')); | ||
| 448 | $block = [ | ||
| 449 |             'title'      => $myblock->getVar('title'), | ||
| 450 |             'form_title' => constant('CO_' . $moduleDirNameUpper . '_' . 'BLOCKS_EDITBLOCK'), | ||
| 451 |             //        'name'       => $myblock->getVar('name'), | ||
| 452 |             'side'       => $myblock->getVar('side'), | ||
| 453 |             'weight'     => $myblock->getVar('weight'), | ||
| 454 |             'visible'    => $myblock->getVar('visible'), | ||
| 455 |             'content'    => $myblock->getVar('content', 'N'), | ||
| 456 | 'modules' => $modules, | ||
| 457 | 'is_custom' => $is_custom, | ||
| 458 |             'ctype'      => $myblock->getVar('c_type'), | ||
| 459 |             'bcachetime' => $myblock->getVar('bcachetime'), | ||
| 460 | 'op' => 'edit_ok', | ||
| 461 |             'bid'        => $myblock->getVar('bid'), | ||
| 462 | 'edit_form' => $myblock->getOptions(), | ||
| 463 |             'template'   => $myblock->getVar('template'), | ||
| 464 |             'options'    => $myblock->getVar('options'), | ||
| 465 | ]; | ||
| 466 | echo '<a href="blocksadmin.php">' . _AM_BADMIN . '</a> <span style="font-weight:bold;">»»</span> ' . _AM_SYSTEM_BLOCKS_EDITBLOCK . '<br><br>'; | ||
| 467 | require_once __DIR__ . '/blockform.php'; | ||
| 468 | $form->display(); | ||
| 0 ignored issues–
                            show             Comprehensibility
            Best Practice
    
    
    
        introduced 
                            by  | |||
| 469 | // xoops_cp_footer(); | ||
| 470 | require_once __DIR__ . '/admin_footer.php'; | ||
| 471 | exit(); | ||
| 472 | } | ||
| 473 | |||
| 474 | /** | ||
| 475 | * @param int $bid | ||
| 476 | * @param $btitle | ||
| 477 | * @param $bside | ||
| 478 | * @param $bweight | ||
| 479 | * @param $bvisible | ||
| 480 | * @param $bcachetime | ||
| 481 | * @param $bmodule | ||
| 482 | * @param $options | ||
| 483 | * @param $groups | ||
| 484 | */ | ||
| 485 | function updateBlock($bid, $btitle, $bside, $bweight, $bvisible, $bcachetime, $bmodule, $options, $groups) | ||
| 486 |     { | ||
| 487 | $myblock = new XoopsBlock($bid); | ||
| 488 |         $myblock->setVar('title', $btitle); | ||
| 489 |         $myblock->setVar('weight', $bweight); | ||
| 490 |         $myblock->setVar('visible', $bvisible); | ||
| 491 |         $myblock->setVar('side', $bside); | ||
| 492 |         $myblock->setVar('bcachetime', $bcachetime); | ||
| 493 | //update block options | ||
| 494 |         if (isset($options)) { | ||
| 495 | $options_count = count($options); | ||
| 496 |             if ($options_count > 0) { | ||
| 497 | //Convert array values to comma-separated | ||
| 498 |                 for ($i = 0; $i < $options_count; ++$i) { | ||
| 499 |                     if (is_array($options[$i])) { | ||
| 500 |                         $options[$i] = implode(',', $options[$i]); | ||
| 501 | } | ||
| 502 | } | ||
| 503 |                 $options = implode('|', $options); | ||
| 504 |                 $myblock->setVar('options', $options); | ||
| 505 | } | ||
| 506 | } | ||
| 507 | $myblock->store(); | ||
| 508 | |||
| 509 | global $xoopsDB; | ||
| 510 | |||
| 511 | $moduleDirName = basename(dirname(__DIR__)); | ||
| 512 | $moduleDirNameUpper = mb_strtoupper($moduleDirName); //$capsDirName | ||
| 513 | |||
| 514 |         if (!empty($bmodule) && count($bmodule) > 0) { | ||
| 515 |             $sql = sprintf('DELETE FROM `%s` WHERE block_id = %u', $xoopsDB->prefix('block_module_link'), $bid); | ||
| 516 | $xoopsDB->query($sql); | ||
| 517 |             if (in_array(0, $bmodule)) { | ||
| 518 |                 $sql = sprintf('INSERT INTO `%s` (block_id, module_id) VALUES (%u, %d)', $xoopsDB->prefix('block_module_link'), $bid, 0); | ||
| 519 | $xoopsDB->query($sql); | ||
| 520 |             } else { | ||
| 521 |                 foreach ($bmodule as $bmid) { | ||
| 522 |                     $sql = sprintf('INSERT INTO `%s` (block_id, module_id) VALUES (%u, %d)', $xoopsDB->prefix('block_module_link'), $bid, (int)$bmid); | ||
| 523 | $xoopsDB->query($sql); | ||
| 524 | } | ||
| 525 | } | ||
| 526 | } | ||
| 527 |         $sql = sprintf('DELETE FROM `%s` WHERE gperm_itemid = %u', $xoopsDB->prefix('group_permission'), $bid); | ||
| 528 | $xoopsDB->query($sql); | ||
| 529 |         if (!empty($groups)) { | ||
| 530 |             foreach ($groups as $grp) { | ||
| 531 |                 $sql = sprintf("INSERT INTO `%s` (gperm_groupid, gperm_itemid, gperm_modid, gperm_name) VALUES (%u, %u, 1, 'block_read')", $xoopsDB->prefix('group_permission'), $grp, $bid); | ||
| 532 | $xoopsDB->query($sql); | ||
| 533 | } | ||
| 534 | } | ||
| 535 |         redirect_header($_SERVER['PHP_SELF'], 1, constant('CO_' . $moduleDirNameUpper . '_' . 'UPDATE_SUCCESS')); | ||
| 536 | } | ||
| 537 | |||
| 538 |     if ('list' === $op) { | ||
| 539 | xoops_cp_header(); | ||
| 540 | // mpu_adm_menu(); | ||
| 541 | listBlocks(); | ||
| 542 | require_once __DIR__ . '/admin_footer.php'; | ||
| 543 | exit(); | ||
| 544 | } | ||
| 545 | |||
| 546 |     if ('order' === $op) { | ||
| 547 |         if (!$GLOBALS['xoopsSecurity']->check()) { | ||
| 548 |             redirect_header($_SERVER['PHP_SELF'], 3, implode('<br>', $GLOBALS['xoopsSecurity']->getErrors())); | ||
| 549 | } | ||
| 550 |         foreach (array_keys($bid) as $i) { | ||
| 551 | if ($oldtitle[$i] != $title[$i] || $oldweight[$i] != $weight[$i] || $oldvisible[$i] != $visible[$i] | ||
| 552 | || $oldside[$i] != $side[$i] | ||
| 553 |                 || $oldbcachetime[$i] != $bcachetime[$i]) { | ||
| 554 | setOrder($bid[$i], $title[$i], $weight[$i], $visible[$i], $side[$i], $bcachetime[$i], $bmodule[$i]); | ||
| 555 | } | ||
| 556 |             if (!empty($bmodule[$i]) && count($bmodule[$i]) > 0) { | ||
| 557 |                 $sql = sprintf('DELETE FROM `%s` WHERE block_id = %u', $xoopsDB->prefix('block_module_link'), $bid[$i]); | ||
| 558 | $xoopsDB->query($sql); | ||
| 559 |                 if (in_array(0, $bmodule[$i])) { | ||
| 560 |                     $sql = sprintf('INSERT INTO `%s` (block_id, module_id) VALUES (%u, %d)', $xoopsDB->prefix('block_module_link'), $bid[$i], 0); | ||
| 561 | $xoopsDB->query($sql); | ||
| 562 |                 } else { | ||
| 563 |                     foreach ($bmodule[$i] as $bmid) { | ||
| 564 |                         $sql = sprintf('INSERT INTO `%s` (block_id, module_id) VALUES (%u, %d)', $xoopsDB->prefix('block_module_link'), $bid[$i], (int)$bmid); | ||
| 565 | $xoopsDB->query($sql); | ||
| 566 | } | ||
| 567 | } | ||
| 568 | } | ||
| 569 |             $sql = sprintf('DELETE FROM `%s` WHERE gperm_itemid = %u', $xoopsDB->prefix('group_permission'), $bid[$i]); | ||
| 570 | $xoopsDB->query($sql); | ||
| 571 |             if (!empty($groups[$i])) { | ||
| 572 |                 foreach ($groups[$i] as $grp) { | ||
| 573 |                     $sql = sprintf("INSERT INTO `%s` (gperm_groupid, gperm_itemid, gperm_modid, gperm_name) VALUES (%u, %u, 1, 'block_read')", $xoopsDB->prefix('group_permission'), $grp, $bid[$i]); | ||
| 574 | $xoopsDB->query($sql); | ||
| 575 | } | ||
| 576 | } | ||
| 577 | } | ||
| 578 |         redirect_header($_SERVER['PHP_SELF'], 1, constant('CO_' . $moduleDirNameUpper . '_' . 'UPDATE_SUCCESS')); | ||
| 579 | } | ||
| 580 |     if ('clone' === $op) { | ||
| 581 | cloneBlock($bid); | ||
| 582 | } | ||
| 583 | |||
| 584 |     if ('edit' === $op) { | ||
| 585 | editBlock($bid); | ||
| 586 | } | ||
| 587 | |||
| 588 |     if ('edit_ok' === $op) { | ||
| 589 | updateBlock($bid, $btitle, $bside, $bweight, $bvisible, $bcachetime, $bmodule, $options, $groups); | ||
| 590 | } | ||
| 591 | |||
| 592 |     if ('clone_ok' === $op) { | ||
| 593 | isBlockCloned($bid, $bside, $bweight, $bvisible, $bcachetime, $bmodule, $options); | ||
| 594 | } | ||
| 595 | } else { | ||
| 596 |     echo constant('CO_' . $moduleDirNameUpper . '_' . 'ERROR403'); | ||
| 597 | } | ||
| 598 | 
