<?php
/*
Question2Answer by Gideon Greenspan and contributors
http://www.question2answer.org/
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
More about this license: http://www.question2answer.org/license.php
*/
namespace Q2A\Controllers\Admin;
use Q2A\Controllers\BaseController;
use Q2A\Database\DbConnection;
use Q2A\Middleware\Auth\MinimumUserLevel;
/**
* Controller for admin page for editing custom pages and external links.
*/
class Pages extends BaseController
{
public function __construct(DbConnection $db)
{
require_once QA_INCLUDE_DIR . 'app/admin.php';
require_once QA_INCLUDE_DIR . 'app/format.php';
require_once QA_INCLUDE_DIR . 'db/selects.php';
parent::__construct($db);
$this->addMiddleware(new MinimumUserLevel(QA_USER_LEVEL_ADMIN));
}
public function index()
{
// Get current list of pages and determine the state of this admin page
$pageid = qa_post_text('edit');
if (!isset($pageid))
$pageid = qa_get('edit');
list($pages, $editpage) = qa_db_select_with_pending(
qa_db_pages_selectspec(),
isset($pageid) ? qa_db_page_full_selectspec($pageid, true) : null
);
if ((qa_clicked('doaddpage') || qa_clicked('doaddlink') || qa_get('doaddlink') || qa_clicked('dosavepage')) && !isset($editpage)) {
$editpage = array('title' => qa_get('text'), 'tags' => qa_get('url'), 'nav' => qa_get('nav'), 'position' => 1);
$isexternal = qa_clicked('doaddlink') || qa_get('doaddlink') || qa_post_text('external');
} elseif (isset($editpage)) {
$isexternal = $editpage['flags'] & QA_PAGE_FLAGS_EXTERNAL;
}
// Check admin privileges (do late to allow one DB query)
if (!qa_admin_check_privileges($qa_content))
return $qa_content;
// Define an array of navigation settings we can change, option name => language key
$hascustomhome = qa_has_custom_home();
$navoptions = array(
'nav_home' => 'main/nav_home',
'nav_activity' => 'main/nav_activity',
$hascustomhome ? 'nav_qa_not_home' : 'nav_qa_is_home' => $hascustomhome ? 'main/nav_qa' : 'admin/nav_qa_is_home',
'nav_questions' => 'main/nav_qs',
'nav_hot' => 'main/nav_hot',
'nav_unanswered' => 'main/nav_unanswered',
'nav_tags' => 'main/nav_tags',
'nav_categories' => 'main/nav_categories',
'nav_users' => 'main/nav_users',
'nav_ask' => 'main/nav_ask',
);
$navpaths = array(
'nav_home' => '',
'nav_activity' => 'activity',
'nav_qa_not_home' => 'qa',
'nav_qa_is_home' => '',
'nav_questions' => 'questions',
'nav_hot' => 'hot',
'nav_unanswered' => 'unanswered',
'nav_tags' => 'tags',
'nav_categories' => 'categories',
'nav_users' => 'users',
'nav_ask' => 'ask',
);
if (!qa_opt('show_custom_home'))
unset($navoptions['nav_home']);
if (!qa_using_categories())
unset($navoptions['nav_categories']);
if (!qa_using_tags())
unset($navoptions['nav_tags']);
// Process saving an old or new page
$securityexpired = false;
if (qa_clicked('docancel')) {
$editpage = null;
} elseif (qa_clicked('dosaveoptions') || qa_clicked('doaddpage') || qa_clicked('doaddlink')) {
if (!qa_check_form_security_code('admin/pages', qa_post_text('code')))
$securityexpired = true;
else foreach ($navoptions as $optionname => $langkey)
qa_set_option($optionname, (int)qa_post_text('option_' . $optionname));
} elseif (qa_clicked('dosavepage')) {
require_once QA_INCLUDE_DIR . 'db/admin.php';
require_once QA_INCLUDE_DIR . 'util/string.php';
if (!qa_check_form_security_code('admin/pages', qa_post_text('code'))) {
$securityexpired = true;
} else {
$reloadpages = false;
if (qa_post_text('dodelete')) {
qa_db_page_delete($editpage['pageid']);
$searchmodules = qa_load_modules_with('search', 'unindex_page');
foreach ($searchmodules as $searchmodule)
$searchmodule->unindex_page($editpage['pageid']);
$editpage = null;
$reloadpages = true;
} else {
$inname = qa_post_text('name');
$inposition = qa_post_text('position');
$inpermit = (int)qa_post_text('permit');
$inurl = qa_post_text('url');
$innewwindow = qa_post_text('newwindow');
$inheading = qa_post_text('heading');
$incontent = qa_post_text('content');
$errors = array();
// Verify the name (navigation link) is legitimate
if (empty($inname))
$errors['name'] = qa_lang('main/field_required');
elseif (qa_strlen($inname) > QA_DB_MAX_CAT_PAGE_TITLE_LENGTH)
$errors['name'] = qa_lang_sub('main/max_length_x', QA_DB_MAX_CAT_PAGE_TITLE_LENGTH);
if ($isexternal) {
// Verify the url is legitimate (vaguely)
if (empty($inurl))
$errors['url'] = qa_lang('main/field_required');
elseif (qa_strlen($inurl) > QA_DB_MAX_CAT_PAGE_TAGS_LENGTH)
$errors['url'] = qa_lang_sub('main/max_length_x', QA_DB_MAX_CAT_PAGE_TAGS_LENGTH);
} else {
// Verify the heading is legitimate
if (qa_strlen($inheading) > QA_DB_MAX_TITLE_LENGTH)
$errors['heading'] = qa_lang_sub('main/max_length_x', QA_DB_MAX_TITLE_LENGTH);
// Verify the slug is legitimate (and try some defaults if we're creating a new page, and it's not)
for ($attempt = 0; $attempt < 100; $attempt++) {
switch ($attempt) {
case 0:
$inslug = qa_post_text('slug');
if (!isset($inslug))
$inslug = implode('-', qa_string_to_words($inname));
break;
case 1:
$inslug = qa_lang_sub('admin/page_default_slug', $inslug);
break;
default:
$inslug = qa_lang_sub('admin/page_default_slug', $attempt - 1);
break;
}
list($matchcategoryid, $matchpage) = qa_db_select_with_pending(
qa_db_slugs_to_category_id_selectspec($inslug),
qa_db_page_full_selectspec($inslug, false)
);
if (empty($inslug))
$errors['slug'] = qa_lang('main/field_required');
elseif (qa_strlen($inslug) > QA_DB_MAX_CAT_PAGE_TAGS_LENGTH)
$errors['slug'] = qa_lang_sub('main/max_length_x', QA_DB_MAX_CAT_PAGE_TAGS_LENGTH);
elseif (preg_match('/[\\+\\/]/', $inslug))
$errors['slug'] = qa_lang_sub('admin/slug_bad_chars', '+ /');
elseif (qa_admin_is_slug_reserved($inslug))
$errors['slug'] = qa_lang('admin/slug_reserved');
elseif (isset($matchpage) && ($matchpage['pageid'] != @$editpage['pageid']))
$errors['slug'] = qa_lang('admin/page_already_used');
elseif (isset($matchcategoryid))
$errors['slug'] = qa_lang('admin/category_already_used');
else
unset($errors['slug']);
if (isset($editpage['pageid']) || !isset($errors['slug'])) // don't try other options if editing existing page
break;
}
}
// Perform appropriate database action
if (isset($editpage['pageid'])) { // changing existing page
$title = isset($errors['name']) ? $editpage['title'] : $inname;
if ($isexternal) {
qa_db_page_set_fields(
$editpage['pageid'],
$title,
QA_PAGE_FLAGS_EXTERNAL | ($innewwindow ? QA_PAGE_FLAGS_NEW_WINDOW : 0),
isset($errors['url']) ? $editpage['tags'] : $inurl,
null,
null,
$inpermit
);
} else {
$setheading = isset($errors['heading']) ? $editpage['heading'] : $inheading;
$setslug = isset($errors['slug']) ? $editpage['tags'] : $inslug;
$setcontent = isset($errors['content']) ? $editpage['content'] : $incontent;
qa_db_page_set_fields($editpage['pageid'], $title, 0, $setslug, $setheading, $setcontent, $inpermit);
$searchmodules = qa_load_modules_with('search', 'unindex_page');
foreach ($searchmodules as $searchmodule)
$searchmodule->unindex_page($editpage['pageid']);
$indextext = qa_viewer_text($setcontent, 'html');
$searchmodules = qa_load_modules_with('search', 'index_page');
foreach ($searchmodules as $searchmodule)
$searchmodule->index_page($editpage['pageid'], $setslug, $setheading, $setcontent, 'html', $indextext);
}
qa_db_page_move($editpage['pageid'], substr($inposition, 0, 1), substr($inposition, 1));
$reloadpages = true;
if (empty($errors))
$editpage = null;
else
$editpage = @$pages[$editpage['pageid']];
} else { // creating a new one
if (empty($errors)) {
if ($isexternal) {
$pageid = qa_db_page_create($inname, QA_PAGE_FLAGS_EXTERNAL | ($innewwindow ? QA_PAGE_FLAGS_NEW_WINDOW : 0), $inurl, null, null, $inpermit);
} else {
$pageid = qa_db_page_create($inname, 0, $inslug, $inheading, $incontent, $inpermit);
$indextext = qa_viewer_text($incontent, 'html');
$searchmodules = qa_load_modules_with('search', 'index_page');
foreach ($searchmodules as $searchmodule)
$searchmodule->index_page($pageid, $inslug, $inheading, $incontent, 'html', $indextext);
}
qa_db_page_move($pageid, substr($inposition, 0, 1), substr($inposition, 1));
$editpage = null;
$reloadpages = true;
}
}
if (qa_clicked('dosaveview') && empty($errors) && !$isexternal)
qa_redirect($inslug);
}
if ($reloadpages) {
qa_db_flush_pending_result('navpages');
$pages = qa_db_select_with_pending(qa_db_pages_selectspec());
}
}
}
// Prepare content for theme
$qa_content = qa_content_prepare();
$qa_content['title'] = qa_lang_html('admin/admin_title') . ' - ' . qa_lang_html('admin/pages_title');
$qa_content['error'] = $securityexpired ? qa_lang_html('admin/form_security_expired') : qa_admin_page_error();
if (isset($editpage)) {
$positionoptions = array();
if (!$isexternal)
$positionoptions['_' . max(1, @$editpage['position'])] = qa_lang_html('admin/no_link');
$navlangkey = array(
'B' => 'admin/before_main_menu',
'M' => 'admin/after_main_menu',
'O' => 'admin/opposite_main_menu',
'F' => 'admin/after_footer',
);
foreach ($navlangkey as $nav => $langkey) {
$previous = null;
$passedself = false;
$maxposition = 0;
foreach ($pages as $key => $page) {
if ($page['nav'] == $nav) {
if (isset($previous))
$positionhtml = qa_lang_html_sub('admin/after_x_tab', qa_html($passedself ? $page['title'] : $previous['title']));
else
$positionhtml = qa_lang_html($langkey);
if ($page['pageid'] == @$editpage['pageid'])
$passedself = true;
$maxposition = max($maxposition, $page['position']);
$positionoptions[$nav . $page['position']] = $positionhtml;
$previous = $page;
}
}
if (!isset($editpage['pageid']) || $nav != @$editpage['nav']) {
$positionvalue = isset($previous) ? qa_lang_html_sub('admin/after_x_tab', qa_html($previous['title'])) : qa_lang_html($langkey);
$positionoptions[$nav . (isset($previous) ? (1 + $maxposition) : 1)] = $positionvalue;
}
}
$positionvalue = @$positionoptions[$editpage['nav'] . $editpage['position']];
$permitoptions = qa_admin_permit_options(QA_PERMIT_ALL, QA_PERMIT_ADMINS, false, false);
$permitvalue = @$permitoptions[isset($inpermit) ? $inpermit : $editpage['permit']];
$qa_content['form'] = array(
'tags' => 'method="post" action="' . qa_path_html(qa_request()) . '"',
'style' => 'tall',
'fields' => array(
'name' => array(
'tags' => 'name="name" id="name"',
'label' => qa_lang_html($isexternal ? 'admin/link_name' : 'admin/page_name'),
'value' => qa_html(isset($inname) ? $inname : @$editpage['title']),
'error' => qa_html(@$errors['name']),
),
'delete' => array(
'tags' => 'name="dodelete" id="dodelete"',
'label' => qa_lang_html($isexternal ? 'admin/delete_link' : 'admin/delete_page'),
'value' => 0,
'type' => 'checkbox',
),
'position' => array(
'id' => 'position_display',
'tags' => 'name="position"',
'label' => qa_lang_html('admin/position'),
'type' => 'select',
'options' => $positionoptions,
'value' => $positionvalue,
),
'permit' => array(
'id' => 'permit_display',
'tags' => 'name="permit"',
'label' => qa_lang_html('admin/permit_to_view'),
'type' => 'select',
'options' => $permitoptions,
'value' => $permitvalue,
),
'slug' => array(
'id' => 'slug_display',
'tags' => 'name="slug"',
'label' => qa_lang_html('admin/page_slug'),
'value' => qa_html(isset($inslug) ? $inslug : @$editpage['tags']),
'error' => qa_html(@$errors['slug']),
),
'url' => array(
'id' => 'url_display',
'tags' => 'name="url"',
'label' => qa_lang_html('admin/link_url'),
'value' => qa_html(isset($inurl) ? $inurl : @$editpage['tags']),
'error' => qa_html(@$errors['url']),
),
'newwindow' => array(
'id' => 'newwindow_display',
'tags' => 'name="newwindow"',
'label' => qa_lang_html('admin/link_new_window'),
'value' => (isset($innewwindow) ? $innewwindow : (@$editpage['flags'] & QA_PAGE_FLAGS_NEW_WINDOW)) ? 1 : 0,
'type' => 'checkbox',
),
'heading' => array(
'id' => 'heading_display',
'tags' => 'name="heading"',
'label' => qa_lang_html('admin/page_heading'),
'value' => qa_html(isset($inheading) ? $inheading : @$editpage['heading']),
'error' => qa_html(@$errors['heading']),
),
'content' => array(
'id' => 'content_display',
'tags' => 'name="content"',
'label' => qa_lang_html('admin/page_content_html'),
'value' => qa_html(isset($incontent) ? $incontent : @$editpage['content']),
'error' => qa_html(@$errors['content']),
'rows' => 16,
),
),
'buttons' => array(
'save' => array(
'label' => qa_lang_html(isset($editpage['pageid']) ? 'main/save_button' : ($isexternal ? 'admin/add_link_button' : 'admin/add_page_button')),
),
'saveview' => array(
'tags' => 'name="dosaveview"',
'label' => qa_lang_html('admin/save_view_button'),
),
'cancel' => array(
'tags' => 'name="docancel"',
'label' => qa_lang_html('main/cancel_button'),
),
),
'hidden' => array(
'dosavepage' => '1', // for IE
'edit' => @$editpage['pageid'],
'external' => (int)$isexternal,
'code' => qa_get_form_security_code('admin/pages'),
),
);
if ($isexternal) {
unset($qa_content['form']['fields']['slug']);
unset($qa_content['form']['fields']['heading']);
unset($qa_content['form']['fields']['content']);
} else {
unset($qa_content['form']['fields']['url']);
unset($qa_content['form']['fields']['newwindow']);
}
if (isset($editpage['pageid'])) {
qa_set_display_rules($qa_content, array(
'position_display' => '!dodelete',
'permit_display' => '!dodelete',
($isexternal ? 'url_display' : 'slug_display') => '!dodelete',
($isexternal ? 'newwindow_display' : 'heading_display') => '!dodelete',
'content_display' => '!dodelete',
));
} else {
unset($qa_content['form']['fields']['slug']);
unset($qa_content['form']['fields']['delete']);
}
if ($isexternal || !isset($editpage['pageid']))
unset($qa_content['form']['buttons']['saveview']);
$qa_content['focusid'] = 'name';
} else {
// List of standard navigation links
$qa_content['form'] = array(
'tags' => 'method="post" action="' . qa_self_html() . '"',
'style' => 'tall',
'fields' => array(),
'buttons' => array(
'save' => array(
'tags' => 'name="dosaveoptions"',
'label' => qa_lang_html('main/save_button'),
),
'addpage' => array(
'tags' => 'name="doaddpage"',
'label' => qa_lang_html('admin/add_page_button'),
),
'addlink' => array(
'tags' => 'name="doaddlink"',
'label' => qa_lang_html('admin/add_link_button'),
),
),
'hidden' => array(
'code' => qa_get_form_security_code('admin/pages'),
),
);
$qa_content['form']['fields']['navlinks'] = array(
'label' => qa_lang_html('admin/nav_links_explanation'),
'type' => 'static',
'tight' => true,
);
foreach ($navoptions as $optionname => $langkey) {
$qa_content['form']['fields'][$optionname] = array(
'label' => '<a href="' . qa_path_html($navpaths[$optionname]) . '">' . qa_lang_html($langkey) . '</a>',
'tags' => 'name="option_' . $optionname . '"',
'type' => 'checkbox',
'value' => qa_opt($optionname),
);
}
$qa_content['form']['fields'][] = array(
'type' => 'blank'
);
// List of suggested plugin pages
$listhtml = '';
$pagemodules = qa_load_modules_with('page', 'suggest_requests');
foreach ($pagemodules as $tryname => $trypage) {
$suggestrequests = $trypage->suggest_requests();
foreach ($suggestrequests as $suggestrequest) {
$listhtml .= '<li><b><a href="' . qa_path_html($suggestrequest['request']) . '">' . qa_html($suggestrequest['title']) . '</a></b>';
$listhtml .= qa_lang_html_sub('admin/plugin_module', qa_html($tryname));
$listhtml .= strtr(qa_lang_html('admin/add_link_link'), array(
'^1' => '<a href="' . qa_path_html(qa_request(), array('doaddlink' => 1, 'text' => $suggestrequest['title'], 'url' => $suggestrequest['request'], 'nav' => @$suggestrequest['nav'])) . '">',
'^2' => '</a>',
));
if (method_exists($trypage, 'admin_form'))
$listhtml .= ' - <a href="' . qa_admin_module_options_path('page', $tryname) . '">' . qa_lang_html('admin/options') . '</a>';
$listhtml .= '</li>';
}
}
if (strlen($listhtml)) {
$qa_content['form']['fields']['plugins'] = array(
'label' => qa_lang_html('admin/plugin_pages_explanation'),
'type' => 'custom',
'html' => '<ul style="margin-bottom:0;">' . $listhtml . '</ul>',
);
}
// List of custom pages or links
$listhtml = '';
foreach ($pages as $page) {
$listhtml .= '<li><b><a href="' . qa_custom_page_url($page) . '">' . qa_html($page['title']) . '</a></b>';
$listhtml .= strtr(qa_lang_html(($page['flags'] & QA_PAGE_FLAGS_EXTERNAL) ? 'admin/edit_link' : 'admin/edit_page'), array(
'^1' => '<a href="' . qa_path_html('admin/pages', array('edit' => $page['pageid'])) . '">',
'^2' => '</a>',
));
$listhtml .= '</li>';
}
$qa_content['form']['fields']['pages'] = array(
'label' => strlen($listhtml) ? qa_lang_html('admin/click_name_edit') : qa_lang_html('admin/pages_explanation'),
'type' => 'custom',
'html' => strlen($listhtml) ? '<ul style="margin-bottom:0;">' . $listhtml . '</ul>' : null,
);
}
$qa_content['navigation']['sub'] = qa_admin_sub_navigation();
return $qa_content;
}
}