75
+ − 1
<?php
+ − 2
+ − 3
/*
+ − 4
* Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between
+ − 5
* Version 1.0.1 (Loch Ness)
+ − 6
* Copyright (C) 2006-2007 Dan Fuhry
+ − 7
*
+ − 8
* This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License
+ − 9
* as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
+ − 10
*
+ − 11
* This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+ − 12
* warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details.
+ − 13
*/
+ − 14
+ − 15
function page_Admin_PageGroups()
+ − 16
{
+ − 17
global $db, $session, $paths, $template, $plugins; // Common objects
+ − 18
if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN )
+ − 19
{
+ − 20
echo '<h3>Error: Not authenticated</h3><p>It looks like your administration session is invalid or you are not authorized to access this administration page. Please <a href="' . makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true) . '">re-authenticate</a> to continue.</p>';
+ − 21
return;
+ − 22
}
+ − 23
+ − 24
if ( isset($_POST['action']) )
+ − 25
{
+ − 26
if ( isset($_POST['action']['create']) || isset($_POST['action']['create_stage2']) )
+ − 27
{
+ − 28
switch ( isset($_POST['action']['create_stage2']) )
+ − 29
{
+ − 30
case true:
+ − 31
if ( empty($_POST['pg_name']) || empty($_POST['group_type']) )
+ − 32
{
+ − 33
echo '<div class="error-box">Please enter a name for the page group.</div>';
+ − 34
return;
+ − 35
}
+ − 36
if ( $_POST['group_type'] == PAGE_GRP_TAGGED && empty($_POST['member_tag']) )
+ − 37
{
+ − 38
echo '<div class="error-box">Please enter a page tag.</div>';
+ − 39
return;
+ − 40
}
+ − 41
if ( $_POST['group_type'] == PAGE_GRP_CATLINK && empty($_POST['member_cat']) )
+ − 42
{
+ − 43
echo '<div class="error-box">Please create a category page before linking a page group to a category.</div>';
+ − 44
return;
+ − 45
}
+ − 46
if ( $_POST['group_type'] == PAGE_GRP_NORMAL && empty($_POST['member_page_0']) )
+ − 47
{
+ − 48
echo '<div class="error-box">Please specify at least one page to place in this group.</div>';
+ − 49
return;
+ − 50
}
+ − 51
if ( $_POST['group_type'] != PAGE_GRP_TAGGED && $_POST['group_type'] != PAGE_GRP_CATLINK && $_POST['group_type'] != PAGE_GRP_NORMAL )
+ − 52
{
+ − 53
echo '<div class="error-box">Umm, you sent an invalid group type. I\'d put a real error message here but this will only be shown if you try to hack the system.</div>';
+ − 54
return;
+ − 55
}
+ − 56
// All checks passed, create the group
+ − 57
switch($_POST['group_type'])
+ − 58
{
+ − 59
case PAGE_GRP_TAGGED:
+ − 60
$name = $db->escape($_POST['pg_name']);
+ − 61
$tag = $db->escape($_POST['member_tag']);
+ − 62
$sql = 'INSERT INTO '.table_prefix.'page_groups(pg_type,pg_name,pg_target) VALUES(' . PAGE_GRP_TAGGED . ', \'' . $name . '\', \'' . $tag . '\');';
+ − 63
$q = $db->sql_query($sql);
+ − 64
if ( !$q )
+ − 65
$db->_die();
+ − 66
break;
+ − 67
case PAGE_GRP_CATLINK:
+ − 68
$name = $db->escape($_POST['pg_name']);
+ − 69
$cat = $db->escape($_POST['member_cat']);
+ − 70
$sql = 'INSERT INTO '.table_prefix.'page_groups(pg_type,pg_name,pg_target) VALUES(' . PAGE_GRP_CATLINK . ', \'' . $name . '\', \'' . $cat . '\');';
+ − 71
$q = $db->sql_query($sql);
+ − 72
if ( !$q )
+ − 73
$db->_die();
+ − 74
break;
+ − 75
case PAGE_GRP_NORMAL:
+ − 76
$name = $db->escape($_POST['pg_name']);
+ − 77
$sql = 'INSERT INTO '.table_prefix.'page_groups(pg_type,pg_name) VALUES(' . PAGE_GRP_NORMAL . ', \'' . $name . '\');';
+ − 78
$q = $db->sql_query($sql);
+ − 79
if ( !$q )
+ − 80
$db->_die();
+ − 81
+ − 82
$ins_id = $db->insert_id();
+ − 83
+ − 84
// Page list
+ − 85
$keys = array_keys($_POST);
+ − 86
$arr_pages = array();
+ − 87
foreach ( $keys as $val )
+ − 88
{
+ − 89
if ( preg_match('/^member_page_([0-9]+?)$/', $val) && !empty($_POST[$val]) && isPage($_POST[$val]) )
+ − 90
{
+ − 91
$arr_pages[] = $_POST[$val];
+ − 92
}
+ − 93
}
+ − 94
$arr_sql = array();
+ − 95
foreach ( $arr_pages as $page )
+ − 96
{
+ − 97
list($id, $ns) = RenderMan::strToPageID($page);
+ − 98
$id = sanitize_page_id($id);
+ − 99
$arr_sql[] = '(' . $ins_id . ',\'' . $db->escape($id) . '\', \'' . $ns . '\')';
+ − 100
}
+ − 101
$sql = 'INSERT INTO '.table_prefix.'page_group_members(pg_id,page_id,namespace) VALUES' . implode(',', $arr_sql) . ';';
+ − 102
$q = $db->sql_query($sql);
+ − 103
if ( !$q )
+ − 104
$db->_die();
+ − 105
break;
+ − 106
}
+ − 107
echo '<div class="info-box">The page group "' . htmlspecialchars($_POST['pg_name']) . '" has been created.</div>';
+ − 108
break;
+ − 109
}
+ − 110
// A little Javascript magic
+ − 111
?>
+ − 112
<script language="javascript" type="text/javascript">
+ − 113
function pg_create_typeset(selector)
+ − 114
{
+ − 115
var pg_normal = <?php echo PAGE_GRP_NORMAL; ?>;
+ − 116
var pg_tagged = <?php echo PAGE_GRP_TAGGED; ?>;
+ − 117
var pg_catlink = <?php echo PAGE_GRP_CATLINK; ?>;
+ − 118
var selection = false;
+ − 119
// Get selection
+ − 120
for ( var i = 0; i < selector.childNodes.length; i++ )
+ − 121
{
+ − 122
var child = selector.childNodes[i];
+ − 123
if ( !child || child.tagName != 'OPTION' )
+ − 124
{
+ − 125
continue;
+ − 126
}
+ − 127
if ( child.selected )
+ − 128
{
+ − 129
selection = child.value;
+ − 130
}
+ − 131
}
+ − 132
if ( !selection )
+ − 133
{
+ − 134
alert('Cannot get field value');
+ − 135
return true;
+ − 136
}
+ − 137
selection = parseInt(selection);
+ − 138
if ( selection != pg_normal && selection != pg_tagged && selection != pg_catlink )
+ − 139
{
+ − 140
alert('Invalid field value');
+ − 141
return true;
+ − 142
}
+ − 143
+ − 144
// We have the selection and it's validated; show the appropriate field group
+ − 145
+ − 146
if ( selection == pg_normal )
+ − 147
{
+ − 148
document.getElementById('pg_create_title_catlink').style.display = 'none';
+ − 149
document.getElementById('pg_create_catlink_1').style.display = 'none';
+ − 150
document.getElementById('pg_create_catlink_2').style.display = 'none';
+ − 151
+ − 152
document.getElementById('pg_create_title_tagged').style.display = 'none';
+ − 153
document.getElementById('pg_create_tagged_1').style.display = 'none';
+ − 154
document.getElementById('pg_create_tagged_2').style.display = 'none';
+ − 155
+ − 156
document.getElementById('pg_create_title_normal').style.display = 'inline';
+ − 157
document.getElementById('pg_create_normal_1').style.display = 'block';
+ − 158
document.getElementById('pg_create_normal_2').style.display = 'block';
+ − 159
}
+ − 160
else if ( selection == pg_catlink )
+ − 161
{
+ − 162
document.getElementById('pg_create_title_catlink').style.display = 'inline';
+ − 163
document.getElementById('pg_create_catlink_1').style.display = 'block';
+ − 164
document.getElementById('pg_create_catlink_2').style.display = 'block';
+ − 165
+ − 166
document.getElementById('pg_create_title_tagged').style.display = 'none';
+ − 167
document.getElementById('pg_create_tagged_1').style.display = 'none';
+ − 168
document.getElementById('pg_create_tagged_2').style.display = 'none';
+ − 169
+ − 170
document.getElementById('pg_create_title_normal').style.display = 'none';
+ − 171
document.getElementById('pg_create_normal_1').style.display = 'none';
+ − 172
document.getElementById('pg_create_normal_2').style.display = 'none';
+ − 173
}
+ − 174
else if ( selection == pg_tagged )
+ − 175
{
+ − 176
document.getElementById('pg_create_title_catlink').style.display = 'none';
+ − 177
document.getElementById('pg_create_catlink_1').style.display = 'none';
+ − 178
document.getElementById('pg_create_catlink_2').style.display = 'none';
+ − 179
+ − 180
document.getElementById('pg_create_title_tagged').style.display = 'inline';
+ − 181
document.getElementById('pg_create_tagged_1').style.display = 'block';
+ − 182
document.getElementById('pg_create_tagged_2').style.display = 'block';
+ − 183
+ − 184
document.getElementById('pg_create_title_normal').style.display = 'none';
+ − 185
document.getElementById('pg_create_normal_1').style.display = 'none';
+ − 186
document.getElementById('pg_create_normal_2').style.display = 'none';
+ − 187
}
+ − 188
+ − 189
}
+ − 190
+ − 191
// Set to pg_normal on page load
+ − 192
var pg_createform_init = function()
+ − 193
{
+ − 194
document.getElementById('pg_create_title_catlink').style.display = 'none';
+ − 195
document.getElementById('pg_create_catlink_1').style.display = 'none';
+ − 196
document.getElementById('pg_create_catlink_2').style.display = 'none';
+ − 197
+ − 198
document.getElementById('pg_create_title_tagged').style.display = 'none';
+ − 199
document.getElementById('pg_create_tagged_1').style.display = 'none';
+ − 200
document.getElementById('pg_create_tagged_2').style.display = 'none';
+ − 201
+ − 202
document.getElementById('pg_create_title_normal').style.display = 'inline';
+ − 203
document.getElementById('pg_create_normal_1').style.display = 'block';
+ − 204
document.getElementById('pg_create_normal_2').style.display = 'block';
+ − 205
}
+ − 206
+ − 207
addOnloadHook(pg_createform_init);
+ − 208
+ − 209
function pg_create_more_fields()
+ − 210
{
+ − 211
var targettd = document.getElementById('pg_create_normal_2');
+ − 212
var id = 0;
+ − 213
for ( var i = 0; i < targettd.childNodes.length; i++ )
+ − 214
{
+ − 215
var child = targettd.childNodes[i];
+ − 216
if ( child.tagName == 'INPUT' )
+ − 217
{
+ − 218
if ( child.type == 'button' )
+ − 219
{
+ − 220
var newInp = document.createElement('input');
+ − 221
// <input type="text" name="member_page_1" id="pg_create_member_1" onkeyup="return ajaxPageNameComplete(this);" size="30" /><br />
+ − 222
newInp.type = 'text';
+ − 223
newInp.name = 'member_page_' + id;
+ − 224
newInp.id = 'pg_create_member_' + id;
+ − 225
newInp.onkeyup = function(e) { return ajaxPageNameComplete(this); };
+ − 226
newInp.size = '30';
+ − 227
newInp.style.marginTop = '3px';
+ − 228
targettd.insertBefore(newInp, child);
+ − 229
targettd.insertBefore(document.createElement('br'), child);
+ − 230
break;
+ − 231
}
+ − 232
else // if ( child.type == 'text' )
+ − 233
{
+ − 234
id++;
+ − 235
}
+ − 236
}
+ − 237
}
+ − 238
}
+ − 239
+ − 240
</script>
+ − 241
<?php
+ − 242
+ − 243
// Build category list
+ − 244
$q = $db->sql_query('SELECT name,urlname FROM '.table_prefix.'pages WHERE namespace=\'Category\';');
+ − 245
if ( !$q )
+ − 246
$db->_die();
+ − 247
+ − 248
if ( $db->numrows() < 1 )
+ − 249
{
+ − 250
$catlist = 'There aren\'t any categories on this site.';
+ − 251
}
+ − 252
else
+ − 253
{
+ − 254
$catlist = '<select name="member_cat">';
+ − 255
while ( $row = $db->fetchrow() )
+ − 256
{
+ − 257
$catlist .= '<option value="' . htmlspecialchars($row['urlname']) . '">' . htmlspecialchars($row['name']) . '</option>';
+ − 258
}
+ − 259
$catlist .= '</select>';
+ − 260
}
+ − 261
117
+ − 262
echo '<script type="text/javascript">
+ − 263
var __pg_edit_submitAuthorized = true;
+ − 264
</script>';
+ − 265
75
+ − 266
echo '<form action="'.makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module']).'" method="post" onsubmit="if(!submitAuthorized || !__pg_edit_submitAuthorized) return false;" enctype="multipart/form-data">';
+ − 267
+ − 268
echo '<div class="tblholder">
+ − 269
<table border="0" cellspacing="1" cellpadding="4">
+ − 270
<tr>
+ − 271
<th colspan="2">Create page group</th>
+ − 272
</tr>';
+ − 273
+ − 274
// Name
+ − 275
echo '<tr>
+ − 276
<td class="row2">
+ − 277
Group name:<br />
+ − 278
<small>This should be short, descriptive, and human-readable.</small>
+ − 279
</td>
+ − 280
<td class="row1">
+ − 281
<input type="text" name="pg_name" size="30" />
+ − 282
</td>
+ − 283
</tr>';
+ − 284
+ − 285
// Group type
+ − 286
echo '<tr>
+ − 287
<td class="row2">
+ − 288
Group type:
+ − 289
</td>
+ − 290
<td class="row1">
+ − 291
<select name="group_type" onchange="pg_create_typeset(this);">
+ − 292
<option value="' . PAGE_GRP_NORMAL . '" selected="selected">Static group of pages</option>
+ − 293
<option value="' . PAGE_GRP_TAGGED . '">Group of pages with one tag</option>
+ − 294
<option value="' . PAGE_GRP_CATLINK . '">Link to category</option>
+ − 295
</select>
+ − 296
</td>
+ − 297
</tr>';
+ − 298
+ − 299
// Titles
+ − 300
echo '<tr>
+ − 301
<th colspan="2">
+ − 302
<span id="pg_create_title_normal">
+ − 303
Static group of pages
+ − 304
</span>
+ − 305
<span id="pg_create_title_tagged">
+ − 306
Group of commonly tagged pages
+ − 307
</span>
+ − 308
<span id="pg_create_title_catlink">
+ − 309
Mirror a category
+ − 310
</span>
+ − 311
</th>
+ − 312
</tr>';
+ − 313
+ − 314
echo '<tr>
+ − 315
<td class="row2">
+ − 316
<div id="pg_create_normal_1">
+ − 317
Member pages:<br />
+ − 318
<small>Click the "plus" button to add more fields.</small>
+ − 319
</div>
+ − 320
<div id="pg_create_catlink_1">
+ − 321
Include pages in this category:<br />
+ − 322
<small>Pages in subcategories are <u>not</u> included, however subcategory pages themselves are.</small>
+ − 323
</div>
+ − 324
<div id="pg_create_tagged_1">
+ − 325
Include pages with this tag:
+ − 326
</div>
+ − 327
</td>';
+ − 328
+ − 329
echo ' <td class="row1">
+ − 330
<div id="pg_create_normal_2" />
+ − 331
<input type="text" style="margin-top: 3px;" name="member_page_0" id="pg_create_member_0" onkeyup="return ajaxPageNameComplete(this);" size="30" /><br />
+ − 332
<input type="text" style="margin-top: 3px;" name="member_page_1" id="pg_create_member_1" onkeyup="return ajaxPageNameComplete(this);" size="30" /><br />
+ − 333
<input type="text" style="margin-top: 3px;" name="member_page_2" id="pg_create_member_2" onkeyup="return ajaxPageNameComplete(this);" size="30" /><br />
+ − 334
<input type="text" style="margin-top: 3px;" name="member_page_3" id="pg_create_member_3" onkeyup="return ajaxPageNameComplete(this);" size="30" /><br />
+ − 335
<input type="text" style="margin-top: 3px;" name="member_page_4" id="pg_create_member_4" onkeyup="return ajaxPageNameComplete(this);" size="30" /><br />
+ − 336
<input type="button" onclick="pg_create_more_fields(); return false;" style="margin-top: 5px;" value=" + " />
+ − 337
</div>
+ − 338
<div id="pg_create_tagged_2">
+ − 339
<input type="text" name="member_tag" size="30" />
+ − 340
</div>
+ − 341
<div id="pg_create_catlink_2">
+ − 342
' . $catlist . '
+ − 343
</div>
+ − 344
</td>
+ − 345
</tr>';
+ − 346
+ − 347
// Submit button
+ − 348
echo '<tr>
+ − 349
<th class="subhead" colspan="2"><input type="submit" name="action[create_stage2]" value="Create page group" style="font-weight: bold;" /> <input type="submit" name="action[noop]" value="Cancel" style="font-weight: normal;" /></th>
+ − 350
</tr>';
+ − 351
+ − 352
echo '</table>
+ − 353
</div>';
+ − 354
+ − 355
echo '</form>';
+ − 356
return;
+ − 357
}
+ − 358
else if ( isset($_POST['action']['del']) )
+ − 359
{
+ − 360
// Confirmation to delete a group (this is really only a stub)
+ − 361
+ − 362
$delete_id = array_keys($_POST['action']['del']);
+ − 363
$delete_id = intval($delete_id[0]);
+ − 364
+ − 365
if ( !empty($delete_id) )
+ − 366
{
+ − 367
echo '<form action="'.makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module']).'" method="post" onsubmit="if(!submitAuthorized) return false;" enctype="multipart/form-data">';
+ − 368
echo '<input type="hidden" name="delete_id" value="' . $delete_id . '" />';
+ − 369
echo '<div class="tblholder">';
+ − 370
echo ' <table border="0" cellspacing="1" cellpadding="4">';
+ − 371
echo ' <tr><th>Confirm deletion</th></tr>';
+ − 372
echo ' <tr><td class="row2" style="text-align: center; padding: 20px 0;">Are you sure you want to delete this page group?</td></tr>';
+ − 373
echo ' <tr><td class="row1" style="text-align: center;">';
+ − 374
echo ' <input type="submit" name="action[del_confirm]" value="Yes, delete group" style="font-weight: bold;" />';
+ − 375
echo ' <input type="submit" name="action[noop]" value="Cancel" style="font-weight: normal;" />';
+ − 376
echo ' </td></tr>';
+ − 377
echo ' </table>';
+ − 378
echo '</form>';
+ − 379
+ − 380
return;
+ − 381
}
+ − 382
}
+ − 383
else if ( isset($_POST['action']['del_confirm']) )
+ − 384
{
+ − 385
$delete_id = intval($_POST['delete_id']);
+ − 386
if ( empty($delete_id) )
+ − 387
{
+ − 388
echo 'Hack attempt';
+ − 389
return;
+ − 390
}
+ − 391
// Obtain group name
+ − 392
$q = $db->sql_query('SELECT pg_name FROM '.table_prefix.'page_groups WHERE pg_id=' . $delete_id . ';');
+ − 393
if ( !$q )
+ − 394
$db->_die();
+ − 395
if ( $db->numrows() < 1 )
+ − 396
{
+ − 397
echo 'Page group dun exist.';
+ − 398
return;
+ − 399
}
+ − 400
$row = $db->fetchrow();
+ − 401
$db->free_result();
+ − 402
$pg_name = $row['pg_name'];
+ − 403
unset($row);
+ − 404
// Delete the group
+ − 405
$q = $db->sql_query('DELETE FROM '.table_prefix.'page_groups WHERE pg_id=' . $delete_id . ';');
+ − 406
if ( !$q )
+ − 407
$db->_die();
+ − 408
$q = $db->sql_query('DELETE FROM '.table_prefix.'page_group_members WHERE pg_id=' . $delete_id . ';');
+ − 409
if ( !$q )
+ − 410
$db->_die();
81
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 411
echo "<div class='info-box'>The group ".'"'.htmlspecialchars("$pg_name").'"'." has been deleted.</div>";
75
+ − 412
}
+ − 413
else if ( isset($_POST['action']['edit']) && !isset($_POST['action']['noop']) )
+ − 414
{
+ − 415
if ( isset($_POST['action']['edit_save']) )
+ − 416
{
+ − 417
}
+ − 418
+ − 419
if ( isset($_POST['action']['edit']['add_page']) && isset($_GET['src']) && $_GET['src'] == 'ajax' )
+ − 420
{
+ − 421
$json = new Services_JSON(SERVICES_JSON_LOOSE_TYPE);
+ − 422
$return = array('successful' => false);
+ − 423
+ − 424
//
+ − 425
// Add the specified page to the group
+ − 426
//
+ − 427
+ − 428
// Get ID of the group
+ − 429
$edit_id = intval($_POST['pg_id']);
+ − 430
if ( !$edit_id )
+ − 431
{
+ − 432
$return = array('mode' => 'error', 'text' => 'Hack attempt');
+ − 433
echo $json->encode($return);
+ − 434
return;
+ − 435
}
+ − 436
+ − 437
// Run some validation - check that page exists and that it's not already in the group
+ − 438
$page = $_POST['new_page'];
+ − 439
if ( empty($page) )
+ − 440
{
+ − 441
$return = array('mode' => 'error', 'text' => 'Please enter a page title.');
+ − 442
echo $json->encode($return);
+ − 443
return;
+ − 444
}
+ − 445
81
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 446
/*
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 447
// We're gonna allow adding nonexistent pages for now
75
+ − 448
if ( !isPage($page) )
+ − 449
{
+ − 450
$return = array('mode' => 'error', 'text' => 'The page you are trying to add (' . htmlspecialchars($page) . ') does not exist.');
+ − 451
echo $json->encode($return);
+ − 452
return;
+ − 453
}
81
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 454
*/
75
+ − 455
+ − 456
list($page_id, $namespace) = RenderMan::strToPageID($page);
+ − 457
$page_id = sanitize_page_id($page_id);
+ − 458
81
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 459
if ( !isset($paths->namespace[$namespace]) )
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 460
{
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 461
$return = array('mode' => 'error', 'text' => 'Invalid namespace return from RenderMan::strToPageID()');
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 462
echo $json->encode($return);
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 463
return;
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 464
}
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 465
75
+ − 466
$q = $db->sql_query('SELECT "x" FROM '.table_prefix.'page_group_members WHERE pg_id=' . $edit_id . ' AND page_id=\'' . $db->escape($page_id) . '\' AND namespace=\'' . $namespace . '\';');
+ − 467
if ( !$q )
+ − 468
{
+ − 469
$return = array('mode' => 'error', 'text' => $db->get_error());
+ − 470
echo $json->encode($return);
+ − 471
return;
+ − 472
}
+ − 473
if ( $db->numrows() > 0 )
+ − 474
{
+ − 475
$return = array('mode' => 'error', 'text' => 'The page you are trying to add is already in this group.');
+ − 476
echo $json->encode($return);
+ − 477
return;
+ − 478
}
+ − 479
+ − 480
$q = $db->sql_query('INSERT INTO '.table_prefix.'page_group_members(pg_id, page_id, namespace) VALUES(' . $edit_id . ', \'' . $db->escape($page_id) . '\', \'' . $namespace . '\');');
+ − 481
if ( !$q )
+ − 482
{
+ − 483
$return = array('mode' => 'error', 'text' => $db->get_error());
+ − 484
echo $json->encode($return);
+ − 485
return;
+ − 486
}
+ − 487
+ − 488
$title = "($namespace) " . get_page_title($paths->nslist[$namespace] . $page_id);
+ − 489
+ − 490
$return = array('mode' => 'info', 'text' => 'The page has been added to the specified group.', 'successful' => true, 'title' => $title, 'member_id' => $db->insert_id());
+ − 491
+ − 492
echo $json->encode($return);
+ − 493
return;
+ − 494
}
+ − 495
81
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 496
if ( isset($_POST['action']['edit_save']) && isset($_POST['pg_name']) )
75
+ − 497
{
+ − 498
$edit_id = $_POST['action']['edit'];
81
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 499
$edit_id = intval($edit_id);
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 500
if ( !empty($edit_id) )
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 501
{
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 502
// Update group name
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 503
$new_name = $_POST['pg_name'];
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 504
if ( empty($new_name) )
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 505
{
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 506
echo '<div class="error-box">Please enter a valid name for this group.</div>';
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 507
}
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 508
else
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 509
{
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 510
$q = $db->sql_query('SELECT pg_name FROM '.table_prefix.'page_groups WHERE pg_id=' . $edit_id . ';');
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 511
if ( !$q )
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 512
$db->_die();
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 513
$row = $db->fetchrow();
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 514
$db->free_result();
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 515
if ( $new_name != $row['pg_name'] )
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 516
{
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 517
$new_name = $db->escape(trim($new_name));
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 518
$q = $db->sql_query('UPDATE '.table_prefix.'page_groups SET pg_name=\'' . $new_name . '\' WHERE pg_id=' . $edit_id . ';');
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 519
if ( !$q )
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 520
$db->_die();
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 521
else
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 522
echo '<div class="info-box">The group name was updated successfully.</div>';
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 523
}
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 524
if ( $_POST['pg_type'] == PAGE_GRP_TAGGED )
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 525
{
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 526
$target = $_POST['pg_target'];
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 527
$target = sanitize_tag($target);
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 528
if ( empty($target) )
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 529
{
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 530
echo '<div class="error-box">Please enter a valid tag.</div>';
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 531
}
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 532
else
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 533
{
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 534
$target = $db->escape($target);
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 535
$q = $db->sql_query('UPDATE '.table_prefix.'page_groups SET pg_target=\'' . $target . '\' WHERE pg_id=' . $edit_id . ';');
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 536
if ( !$q )
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 537
$db->_die();
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 538
else
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 539
echo '<div class="info-box">The affecting tag was updated.</div>';
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 540
}
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 541
}
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 542
else if ( $_POST['pg_type'] == PAGE_GRP_CATLINK )
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 543
{
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 544
$target = $_POST['pg_target'];
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 545
if ( empty($target) )
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 546
{
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 547
echo '<div class="error-box">No category ID specified on POST URI.</div>';
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 548
}
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 549
else
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 550
{
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 551
$target = $db->escape($target);
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 552
$q = $db->sql_query('UPDATE '.table_prefix.'page_groups SET pg_target=\'' . $target . '\' WHERE pg_id=' . $edit_id . ';');
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 553
if ( !$q )
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 554
$db->_die();
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 555
else
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 556
echo '<div class="info-box">The affecting category was updated.</div>';
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 557
}
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 558
}
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 559
}
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 560
}
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 561
}
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 562
else if ( isset($_POST['action']['edit_save']) )
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 563
{
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 564
$edit_id = $_POST['action']['edit'];
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 565
$edit_id = intval($edit_id);
75
+ − 566
}
+ − 567
else
+ − 568
{
+ − 569
$edit_id = array_keys($_POST['action']['edit']);
+ − 570
$edit_id = intval($edit_id[0]);
+ − 571
}
+ − 572
+ − 573
if ( empty($edit_id) )
+ − 574
{
+ − 575
echo 'Hack attempt';
+ − 576
return;
+ − 577
}
+ − 578
81
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 579
if ( isset($_POST['action']['edit_save']['do_rm']) && !isset($_POST['pg_name']) )
75
+ − 580
{
+ − 581
$vals = array_keys($_POST['action']['edit_save']['rm']);
+ − 582
$good = array();
+ − 583
foreach ( $vals as $id )
+ − 584
{
+ − 585
if ( strval(intval($id)) == $id )
+ − 586
$good[] = $id;
+ − 587
}
81
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 588
$subquery = ( count($good) > 0 ) ? 'pg_member_id=' . implode(' OR pg_member_id=', $good) : "'foo'='bar'";
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 589
if ( $subquery == "'foo'='bar'" )
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 590
{
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 591
echo '<div class="warning-box">No pages were selected for deletion, and thus none were deleted.</div>';
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 592
}
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 593
else
75
+ − 594
{
81
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 595
$sql = 'DELETE FROM '.table_prefix."page_group_members WHERE ( $subquery ) AND pg_id=$edit_id;";
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 596
if ( !$db->sql_query($sql) )
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 597
{
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 598
$db->_die();
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 599
}
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 600
echo '<div class="info-box">The requested page group members have been deleted.</div>';
75
+ − 601
}
+ − 602
}
+ − 603
+ − 604
// Fetch information about page group
+ − 605
$q = $db->sql_query('SELECT pg_name, pg_type, pg_target FROM '.table_prefix.'page_groups WHERE pg_id=' . $edit_id . ';');
+ − 606
if ( !$q )
+ − 607
$db->_die();
+ − 608
+ − 609
if ( $db->numrows() < 1 )
+ − 610
{
+ − 611
echo 'Bad request - can\'t load page group from database.';
+ − 612
return;
+ − 613
}
+ − 614
+ − 615
$row = $db->fetchrow();
+ − 616
$db->free_result();
+ − 617
+ − 618
echo '<form name="pg_edit_frm" action="'.makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module']).'" method="post" onsubmit="if(!submitAuthorized) return false;" enctype="multipart/form-data">';
+ − 619
echo '<input type="hidden" name="action[edit]" value="' . $edit_id . '" />';
81
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 620
echo '<input type="hidden" name="pg_type" value="' . $row['pg_type'] . '" />';
75
+ − 621
echo '<div class="tblholder">
+ − 622
<table border="0" cellspacing="1" cellpadding="4">
+ − 623
<tr>
+ − 624
<th colspan="3">Editing page group: ' . htmlspecialchars($row['pg_name']) . '</th>
+ − 625
</tr>';
+ − 626
// Group name
+ − 627
+ − 628
echo ' <tr>
+ − 629
<td class="row2">Group name:</td>
+ − 630
<td class="row1" colspan="2"><input type="text" name="pg_name" value="' . htmlspecialchars($row['pg_name']) . '" size="30" /></td>
+ − 631
</tr>';
+ − 632
+ − 633
$ajax_page_add = false;
+ − 634
+ − 635
// This is where the going gets tricky.
+ − 636
// For static groups, we need to have each page listed out with a removal button, and a form to add new pages.
+ − 637
// For category links, we need a select box with each category in it, and
+ − 638
// For tag sets, just a text box to enter a new tag.
+ − 639
+ − 640
// You can guess which one I dreaded.
+ − 641
+ − 642
switch ( $row['pg_type'] )
+ − 643
{
+ − 644
case PAGE_GRP_NORMAL:
81
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 645
75
+ − 646
// You have guessed correct.
+ − 647
// *Sits in chair for 10 minutes listening to the radio in an effort to put off writing the code you see below*
+ − 648
+ − 649
echo '<tr><th colspan="3" class="subhead"><input type="submit" name="action[edit_save]" value="Save group name" /></th></tr>';
81
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 650
echo '</table></div>';
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 651
echo '</form>';
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 652
echo '<form name="pg_static_rm_frm" action="'.makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module']).'" method="post" enctype="multipart/form-data">';
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 653
echo '<input type="hidden" name="action[edit]" value="' . $edit_id . '" />';
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 654
echo '<div class="tblholder">
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 655
<table border="0" cellspacing="1" cellpadding="4">
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 656
<tr>
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 657
<th colspan="3">Remove pages from this group</th>
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 658
</tr>';
75
+ − 659
+ − 660
$q = $db->sql_query('SELECT m.pg_member_id,m.page_id,m.namespace FROM '.table_prefix.'page_group_members AS m
+ − 661
LEFT JOIN '.table_prefix.'pages AS p
+ − 662
ON ( p.urlname = m.page_id AND p.namespace = m.namespace )
+ − 663
WHERE m.pg_id=' . $edit_id . ';');
+ − 664
+ − 665
if ( !$q )
+ − 666
$db->_die();
+ − 667
+ − 668
$delim = ceil( $db->numrows() / 2 );
+ − 669
if ( $delim < 5 )
+ − 670
{
+ − 671
$delim = 0xFFFFFFFE;
+ − 672
// stupid hack
+ − 673
$colspan = '2" id="pg_edit_tackon2me';
+ − 674
}
+ − 675
else
+ − 676
{
+ − 677
$colspan = "1";
+ − 678
}
+ − 679
+ − 680
echo '<tr><td class="row2" rowspan="2"><b>Remove</b> pages:</td><td class="row1" colspan="' . $colspan . '">';
+ − 681
$i = 0;
+ − 682
+ − 683
while ( $row = $db->fetchrow() )
+ − 684
{
+ − 685
$i++;
+ − 686
if ( $i == $delim )
+ − 687
{
+ − 688
echo '</td><td class="row1" id="pg_edit_tackon2me">';
+ − 689
}
+ − 690
$page_name = '(' . $row['namespace'] . ') ' . get_page_title($paths->nslist[$row['namespace']] . $row['page_id']);
+ − 691
echo '<label><input type="checkbox" name="action[edit_save][rm][' . $row['pg_member_id'] . ']" /> ' . htmlspecialchars($page_name) . '</label><br />';
+ − 692
}
+ − 693
+ − 694
echo '</td></tr>';
+ − 695
echo '<tr><th colspan="2" class="subhead" style="width: 70%;"><input type="submit" name="action[edit_save][do_rm]" value="Remove selected" /></th></tr>';
+ − 696
+ − 697
// More javascript magic!
+ − 698
?>
+ − 699
<script type="text/javascript">
80
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
diff
changeset
+ − 700
var __pg_edit_submitAuthorized = true;
75
+ − 701
var __ol_pg_edit_setup = function()
+ − 702
{
+ − 703
var input = document.getElementById('inptext_pg_add_member');
+ − 704
input.onkeyup = function(e) { ajaxPageNameComplete(this); };
+ − 705
input.onkeypress = function(e) { if ( e.keyCode == 13 ) { setTimeout('__pg_edit_ajaxadd(document.getElementById(\'' + this.id + '\'));', 500); } };
+ − 706
}
+ − 707
addOnloadHook(__ol_pg_edit_setup);
+ − 708
var __pg_edit_objcache = false;
+ − 709
function __pg_edit_ajaxadd(obj)
+ − 710
{
+ − 711
if ( __pg_edit_objcache )
+ − 712
return false;
+ − 713
__pg_edit_objcache = obj;
+ − 714
+ − 715
if ( obj.nextSibling )
+ − 716
{
+ − 717
if ( obj.nextSibling.tagName == 'DIV' )
+ − 718
{
+ − 719
obj.parentNode.removeChild(obj.nextSibling);
+ − 720
}
+ − 721
}
+ − 722
+ − 723
// set width on parent, to prevent wrapping of ajax loading image
+ − 724
var w = $(obj).Width();
+ − 725
w = w + 24;
+ − 726
obj.parentNode.style.width = w + 'px';
+ − 727
+ − 728
// append the ajaxy loading image
+ − 729
var img = document.createElement('img');
+ − 730
img.src = scriptPath + '/images/loading.gif';
+ − 731
img.style.marginLeft = '4px';
+ − 732
insertAfter(obj.parentNode, img, obj);
+ − 733
+ − 734
var url = makeUrlNS('Admin', 'PageGroups', 'src=ajax');
+ − 735
var page_add = escape(obj.value);
+ − 736
var pg_id = document.forms.pg_edit_frm['action[edit]'].value;
+ − 737
ajaxPost(url, 'action[edit][add_page]=&pg_id=' + pg_id + '&new_page=' + page_add, function()
+ − 738
{
+ − 739
if ( ajax.readyState == 4 )
+ − 740
{
+ − 741
var obj = __pg_edit_objcache;
+ − 742
__pg_edit_objcache = false;
+ − 743
+ − 744
// kill the loading graphic
+ − 745
obj.parentNode.removeChild(obj.nextSibling);
+ − 746
+ − 747
var resptext = String(ajax.responseText + '');
+ − 748
if ( resptext.substr(0, 1) != '{' )
+ − 749
{
+ − 750
// This ain't JSON baby.
+ − 751
alert('Invalid JSON response:\n' + resptext);
+ − 752
return false;
+ − 753
}
+ − 754
var json = parseJSON(resptext);
+ − 755
+ − 756
var div = document.createElement('div');
+ − 757
if ( json.mode == 'info' )
+ − 758
{
+ − 759
div.className = 'info-box-mini';
+ − 760
}
+ − 761
else if ( json.mode == 'error' )
+ − 762
{
+ − 763
div.className = 'error-box-mini';
+ − 764
}
+ − 765
div.appendChild(document.createTextNode(json.text));
+ − 766
insertAfter(obj.parentNode, div, obj);
+ − 767
+ − 768
if ( json.successful )
+ − 769
{
+ − 770
var td = document.getElementById('pg_edit_tackon2me');
+ − 771
var lbl = document.createElement('label');
+ − 772
var check = document.createElement('input');
+ − 773
check.type = 'checkbox';
+ − 774
check.name = 'action[edit_save][rm][' + json.member_id + ']';
+ − 775
lbl.appendChild(check);
+ − 776
lbl.appendChild(document.createTextNode(' ' + json.title));
+ − 777
td.appendChild(lbl);
+ − 778
td.appendChild(document.createElement('br'));
+ − 779
}
+ − 780
+ − 781
}
+ − 782
});
+ − 783
}
+ − 784
</script>
+ − 785
<?php
+ − 786
+ − 787
$ajax_page_add = true;
+ − 788
+ − 789
break;
80
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
diff
changeset
+ − 790
case PAGE_GRP_TAGGED:
81
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 791
echo '<tr>
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 792
<td class="row2">
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 793
Include pages with this tag:
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 794
</td>
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 795
<td class="row1">
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 796
<input type="text" name="pg_target" value="' . htmlspecialchars($row['pg_target']) . '" size="30" />
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 797
</td>
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 798
</tr>';
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 799
break;
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 800
case PAGE_GRP_CATLINK:
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 801
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 802
// Build category list
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 803
$q = $db->sql_query('SELECT name,urlname FROM '.table_prefix.'pages WHERE namespace=\'Category\';');
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 804
if ( !$q )
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 805
$db->_die();
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 806
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 807
if ( $db->numrows() < 1 )
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 808
{
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 809
$catlist = 'There aren\'t any categories on this site.';
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 810
}
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 811
else
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 812
{
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 813
$catlist = '<select name="pg_target">';
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 814
while ( $catrow = $db->fetchrow() )
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 815
{
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 816
$selected = ( $catrow['urlname'] == $row['pg_target'] ) ? ' selected="selected"' : '';
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 817
$catlist .= '<option value="' . htmlspecialchars($catrow['urlname']) . '"' . $selected . '>' . htmlspecialchars($catrow['name']) . '</option>';
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 818
}
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 819
$catlist .= '</select>';
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 820
}
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 821
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 822
echo '<tr>
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 823
<td class="row2">
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 824
Include pages that are in this category:<br />
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 825
<small><b>Reminder:</b> Enano does not automatically place any access controls on the category. If you
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 826
don\'t want users to be able to freely add and remove pages from the category (assuming Wiki Mode is enabled
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 827
for the category) then you need to enable protection on the category using the button on the more options menu.
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 828
</small>
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 829
</td>
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 830
<td class="row1">
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 831
' . $catlist . '
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 832
</td>
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 833
</tr>';
d7fc25acd3f3
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan
diff
changeset
+ − 834
80
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
diff
changeset
+ − 835
break;
75
+ − 836
}
+ − 837
+ − 838
if ( $ajax_page_add )
+ − 839
{
+ − 840
echo '<tr><th colspan="3"><input type="submit" name="action[noop]" value="Cancel all changes" /></th></tr>';
+ − 841
}
+ − 842
else
+ − 843
{
80
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
diff
changeset
+ − 844
echo '<tr><th colspan="3" class="subhead">
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
diff
changeset
+ − 845
<input type="submit" name="action[edit_save]" value="Save and update" />
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
diff
changeset
+ − 846
<input type="submit" name="action[noop]" value="Cancel all changes" />
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
diff
changeset
+ − 847
</th></tr>';
75
+ − 848
}
+ − 849
+ − 850
echo ' </table>
+ − 851
</div>';
+ − 852
echo '</form>';
+ − 853
80
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
diff
changeset
+ − 854
if ( $ajax_page_add )
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
diff
changeset
+ − 855
{
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
diff
changeset
+ − 856
// This needs to be outside of the form.
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
diff
changeset
+ − 857
echo '<div class="tblholder"><table border="0" cellspacing="1" cellpadding="4"><tr>';
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
diff
changeset
+ − 858
echo '<th colspan="2">On-the-fly tools</th></tr>';
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
diff
changeset
+ − 859
echo '<tr>';
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
diff
changeset
+ − 860
// Add pages AJAX form
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
diff
changeset
+ − 861
echo '<td class="row2">Add page:<br /><small>You can add multiple pages by entering part of a page title, and it will be auto-completed. Press Enter to quickly add the page. This only works if you a really up-to-date browser.</small></td>';
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
diff
changeset
+ − 862
echo '<td class="row1"><input type="text" size="30" name="pg_add_member" id="inptext_pg_add_member" /></td>';
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
diff
changeset
+ − 863
echo '</tr></table></div>';
cb7dde69c301
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan
diff
changeset
+ − 864
}
75
+ − 865
+ − 866
return;
+ − 867
}
+ − 868
else if ( isset($_POST['action']['noop']) )
+ − 869
{
+ − 870
// Do nothing - skip to main form (noop is usually invoked by a cancel button in a form above)
+ − 871
}
+ − 872
else
+ − 873
{
+ − 874
echo '<div class="error-box">Invalid format of $_POST[action].</div>';
+ − 875
}
+ − 876
}
+ − 877
// No action defined - show default menu
+ − 878
+ − 879
echo '<h2>Manage page groups</h2>';
+ − 880
echo '<p>Enano\'s page grouping system allows you to build sets of pages that can be controlled by a single ACL rule. This makes managing features such as a members-only section of your site a lot easier. If you don\'t use the ACL system, you probably don\'t need to use page groups.</p>';
+ − 881
+ − 882
$q = $db->sql_query('SELECT pg_id, pg_type, pg_name, pg_target FROM '.table_prefix.'page_groups;');
+ − 883
if ( !$q )
+ − 884
$db->_die();
+ − 885
+ − 886
echo '<form action="'.makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module']).'" method="post" onsubmit="if(!submitAuthorized) return false;" enctype="multipart/form-data">';
+ − 887
+ − 888
echo '<div class="tblholder">
+ − 889
<table border="0" cellspacing="1" cellpadding="4">
+ − 890
<tr>
+ − 891
<th>Group name</th>
+ − 892
<th>Type</th>
+ − 893
<th>Target</th>
+ − 894
<th colspan="2">Actions</th>
+ − 895
</tr>';
+ − 896
+ − 897
if ( $row = $db->fetchrow() )
+ − 898
{
+ − 899
do
+ − 900
{
+ − 901
$name = htmlspecialchars($row['pg_name']);
+ − 902
$type = 'Invalid';
+ − 903
switch ( $row['pg_type'] )
+ − 904
{
+ − 905
case PAGE_GRP_CATLINK:
+ − 906
$type = 'Link to category';
+ − 907
break;
+ − 908
case PAGE_GRP_TAGGED:
+ − 909
$type = 'Set of tagged pages';
+ − 910
break;
+ − 911
case PAGE_GRP_NORMAL:
+ − 912
$type = 'Static set of pages';
+ − 913
break;
+ − 914
}
+ − 915
$target = '';
+ − 916
if ( $row['pg_type'] == PAGE_GRP_TAGGED )
+ − 917
{
+ − 918
$target = 'Tag: ' . htmlspecialchars($row['pg_target']);
+ − 919
}
+ − 920
else if ( $row['pg_type'] == PAGE_GRP_CATLINK )
+ − 921
{
+ − 922
$target = 'Category: ' . htmlspecialchars(get_page_title($paths->nslist['Category'] . sanitize_page_id($row['pg_target'])));
+ − 923
}
+ − 924
$btn_edit = '<input type="submit" name="action[edit][' . $row['pg_id'] . ']" value="Edit" />';
+ − 925
$btn_del = '<input type="submit" name="action[del][' . $row['pg_id'] . ']" value="Delete" />';
+ − 926
// stupid jEdit bug/hack
+ − 927
$quot = '"';
+ − 928
echo "<tr>
+ − 929
<td class={$quot}row1{$quot}>$name</td>
+ − 930
<td class={$quot}row2{$quot}>$type</td>
+ − 931
<td class={$quot}row1{$quot}>$target</td>
+ − 932
<td class={$quot}row3{$quot} style={$quot}text-align: center;{$quot}>$btn_edit</td>
+ − 933
<td class={$quot}row3{$quot} style={$quot}text-align: center;{$quot}>$btn_del</td>
+ − 934
</tr>";
+ − 935
}
+ − 936
while ( $row = $db->fetchrow() );
+ − 937
}
+ − 938
else
+ − 939
{
+ − 940
echo ' <tr><td class="row3" colspan="5" style="text-align: center;">No page groups defined.</td></tr>';
+ − 941
}
+ − 942
+ − 943
echo ' <tr>
+ − 944
<th class="subhead" colspan="5">
+ − 945
<input type="submit" name="action[create]" value="Create new group" />
+ − 946
</th>
+ − 947
</tr>';
+ − 948
+ − 949
echo ' </table>
+ − 950
</div>';
+ − 951
+ − 952
echo '</form>';
+ − 953
+ − 954
}
+ − 955
+ − 956
?>