<?php /* Question2Answer by Gideon Greenspan and contributors http://www.question2answer.org/ Description: Controller for admin page for editing custom pages and external links This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. More about this license: http://www.question2answer.org/license.php */ if (!defined('QA_VERSION')) { // don't allow this page to be requested directly from browser header('Location: ../../../'); exit; } require_once QA_INCLUDE_DIR . 'app/admin.php'; require_once QA_INCLUDE_DIR . 'app/format.php'; require_once QA_INCLUDE_DIR . 'db/selects.php'; // Get current list of pages and determine the state of this admin page $pageid = qa_post_text('edit'); if (!isset($pageid)) $pageid = qa_get('edit'); list($pages, $editpage) = qa_db_select_with_pending( qa_db_pages_selectspec(), isset($pageid) ? qa_db_page_full_selectspec($pageid, true) : null ); if ((qa_clicked('doaddpage') || qa_clicked('doaddlink') || qa_get('doaddlink') || qa_clicked('dosavepage')) && !isset($editpage)) { $editpage = array('title' => qa_get('text'), 'tags' => qa_get('url'), 'nav' => qa_get('nav'), 'position' => 1); $isexternal = qa_clicked('doaddlink') || qa_get('doaddlink') || qa_post_text('external'); } elseif (isset($editpage)) $isexternal = $editpage['flags'] & QA_PAGE_FLAGS_EXTERNAL; // Check admin privileges (do late to allow one DB query) if (!qa_admin_check_privileges($qa_content)) return $qa_content; // Define an array of navigation settings we can change, option name => language key $hascustomhome = qa_has_custom_home(); $navoptions = array( 'nav_home' => 'main/nav_home', 'nav_activity' => 'main/nav_activity', $hascustomhome ? 'nav_qa_not_home' : 'nav_qa_is_home' => $hascustomhome ? 'main/nav_qa' : 'admin/nav_qa_is_home', 'nav_questions' => 'main/nav_qs', 'nav_hot' => 'main/nav_hot', 'nav_unanswered' => 'main/nav_unanswered', 'nav_tags' => 'main/nav_tags', 'nav_categories' => 'main/nav_categories', 'nav_users' => 'main/nav_users', 'nav_ask' => 'main/nav_ask', ); $navpaths = array( 'nav_home' => '', 'nav_activity' => 'activity', 'nav_qa_not_home' => 'qa', 'nav_qa_is_home' => '', 'nav_questions' => 'questions', 'nav_hot' => 'hot', 'nav_unanswered' => 'unanswered', 'nav_tags' => 'tags', 'nav_categories' => 'categories', 'nav_users' => 'users', 'nav_ask' => 'ask', ); if (!qa_opt('show_custom_home')) unset($navoptions['nav_home']); if (!qa_using_categories()) unset($navoptions['nav_categories']); if (!qa_using_tags()) unset($navoptions['nav_tags']); // Process saving an old or new page $securityexpired = false; if (qa_clicked('docancel')) $editpage = null; elseif (qa_clicked('dosaveoptions') || qa_clicked('doaddpage') || qa_clicked('doaddlink')) { if (!qa_check_form_security_code('admin/pages', qa_post_text('code'))) $securityexpired = true; else foreach ($navoptions as $optionname => $langkey) qa_set_option($optionname, (int)qa_post_text('option_' . $optionname)); } elseif (qa_clicked('dosavepage')) { require_once QA_INCLUDE_DIR . 'db/admin.php'; require_once QA_INCLUDE_DIR . 'util/string.php'; if (!qa_check_form_security_code('admin/pages', qa_post_text('code'))) $securityexpired = true; else { $reloadpages = false; if (qa_post_text('dodelete')) { qa_db_page_delete($editpage['pageid']); $searchmodules = qa_load_modules_with('search', 'unindex_page'); foreach ($searchmodules as $searchmodule) $searchmodule->unindex_page($editpage['pageid']); $editpage = null; $reloadpages = true; } else { $inname = qa_post_text('name'); $inposition = qa_post_text('position'); $inpermit = (int)qa_post_text('permit'); $inurl = qa_post_text('url'); $innewwindow = qa_post_text('newwindow'); $inheading = qa_post_text('heading'); $incontent = qa_post_text('content'); $errors = array(); // Verify the name (navigation link) is legitimate if (empty($inname)) $errors['name'] = qa_lang('main/field_required'); elseif (qa_strlen($inname) > QA_DB_MAX_CAT_PAGE_TITLE_LENGTH) $errors['name'] = qa_lang_sub('main/max_length_x', QA_DB_MAX_CAT_PAGE_TITLE_LENGTH); if ($isexternal) { // Verify the url is legitimate (vaguely) if (empty($inurl)) $errors['url'] = qa_lang('main/field_required'); elseif (qa_strlen($inurl) > QA_DB_MAX_CAT_PAGE_TAGS_LENGTH) $errors['url'] = qa_lang_sub('main/max_length_x', QA_DB_MAX_CAT_PAGE_TAGS_LENGTH); } else { // Verify the heading is legitimate if (qa_strlen($inheading) > QA_DB_MAX_TITLE_LENGTH) $errors['heading'] = qa_lang_sub('main/max_length_x', QA_DB_MAX_TITLE_LENGTH); // Verify the slug is legitimate (and try some defaults if we're creating a new page, and it's not) for ($attempt = 0; $attempt < 100; $attempt++) { switch ($attempt) { case 0: $inslug = qa_post_text('slug'); if (!isset($inslug)) $inslug = implode('-', qa_string_to_words($inname)); break; case 1: $inslug = qa_lang_sub('admin/page_default_slug', $inslug); break; default: $inslug = qa_lang_sub('admin/page_default_slug', $attempt - 1); break; } list($matchcategoryid, $matchpage) = qa_db_select_with_pending( qa_db_slugs_to_category_id_selectspec($inslug), qa_db_page_full_selectspec($inslug, false) ); if (empty($inslug)) $errors['slug'] = qa_lang('main/field_required'); elseif (qa_strlen($inslug) > QA_DB_MAX_CAT_PAGE_TAGS_LENGTH) $errors['slug'] = qa_lang_sub('main/max_length_x', QA_DB_MAX_CAT_PAGE_TAGS_LENGTH); elseif (preg_match('/[\\+\\/]/', $inslug)) $errors['slug'] = qa_lang_sub('admin/slug_bad_chars', '+ /'); elseif (qa_admin_is_slug_reserved($inslug)) $errors['slug'] = qa_lang('admin/slug_reserved'); elseif (isset($matchpage) && ($matchpage['pageid'] != @$editpage['pageid'])) $errors['slug'] = qa_lang('admin/page_already_used'); elseif (isset($matchcategoryid)) $errors['slug'] = qa_lang('admin/category_already_used'); else unset($errors['slug']); if (isset($editpage['pageid']) || !isset($errors['slug'])) // don't try other options if editing existing page break; } } // Perform appropriate database action if (isset($editpage['pageid'])) { // changing existing page if ($isexternal) { qa_db_page_set_fields($editpage['pageid'], isset($errors['name']) ? $editpage['title'] : $inname, QA_PAGE_FLAGS_EXTERNAL | ($innewwindow ? QA_PAGE_FLAGS_NEW_WINDOW : 0), isset($errors['url']) ? $editpage['tags'] : $inurl, null, null, $inpermit); } else { $setheading = isset($errors['heading']) ? $editpage['heading'] : $inheading; $setslug = isset($errors['slug']) ? $editpage['tags'] : $inslug; $setcontent = isset($errors['content']) ? $editpage['content'] : $incontent; qa_db_page_set_fields($editpage['pageid'], isset($errors['name']) ? $editpage['title'] : $inname, 0, $setslug, $setheading, $setcontent, $inpermit); $searchmodules = qa_load_modules_with('search', 'unindex_page'); foreach ($searchmodules as $searchmodule) $searchmodule->unindex_page($editpage['pageid']); $indextext = qa_viewer_text($setcontent, 'html'); $searchmodules = qa_load_modules_with('search', 'index_page'); foreach ($searchmodules as $searchmodule) $searchmodule->index_page($editpage['pageid'], $setslug, $setheading, $setcontent, 'html', $indextext); } qa_db_page_move($editpage['pageid'], substr($inposition, 0, 1), substr($inposition, 1)); $reloadpages = true; if (empty($errors)) $editpage = null; else $editpage = @$pages[$editpage['pageid']]; } else { // creating a new one if (empty($errors)) { if ($isexternal) { $pageid = qa_db_page_create($inname, QA_PAGE_FLAGS_EXTERNAL | ($innewwindow ? QA_PAGE_FLAGS_NEW_WINDOW : 0), $inurl, null, null, $inpermit); } else { $pageid = qa_db_page_create($inname, 0, $inslug, $inheading, $incontent, $inpermit); $indextext = qa_viewer_text($incontent, 'html'); $searchmodules = qa_load_modules_with('search', 'index_page'); foreach ($searchmodules as $searchmodule) $searchmodule->index_page($pageid, $inslug, $inheading, $incontent, 'html', $indextext); } qa_db_page_move($pageid, substr($inposition, 0, 1), substr($inposition, 1)); $editpage = null; $reloadpages = true; } } if (qa_clicked('dosaveview') && empty($errors) && !$isexternal) qa_redirect($inslug); } if ($reloadpages) { qa_db_flush_pending_result('navpages'); $pages = qa_db_select_with_pending(qa_db_pages_selectspec()); } } } // Prepare content for theme $qa_content = qa_content_prepare(); $qa_content['title'] = qa_lang_html('admin/admin_title') . ' - ' . qa_lang_html('admin/pages_title'); $qa_content['error'] = $securityexpired ? qa_lang_html('admin/form_security_expired') : qa_admin_page_error(); if (isset($editpage)) { $positionoptions = array(); if (!$isexternal) $positionoptions['_' . max(1, @$editpage['position'])] = qa_lang_html('admin/no_link'); $navlangkey = array( 'B' => 'admin/before_main_menu', 'M' => 'admin/after_main_menu', 'O' => 'admin/opposite_main_menu', 'F' => 'admin/after_footer', ); foreach ($navlangkey as $nav => $langkey) { $previous = null; $passedself = false; $maxposition = 0; foreach ($pages as $key => $page) { if ($page['nav'] == $nav) { if (isset($previous)) $positionhtml = qa_lang_html_sub('admin/after_x_tab', qa_html($passedself ? $page['title'] : $previous['title'])); else $positionhtml = qa_lang_html($langkey); if ($page['pageid'] == @$editpage['pageid']) $passedself = true; $maxposition = max($maxposition, $page['position']); $positionoptions[$nav . $page['position']] = $positionhtml; $previous = $page; } } if (!isset($editpage['pageid']) || $nav != @$editpage['nav']) { $positionvalue = isset($previous) ? qa_lang_html_sub('admin/after_x_tab', qa_html($previous['title'])) : qa_lang_html($langkey); $positionoptions[$nav . (isset($previous) ? (1 + $maxposition) : 1)] = $positionvalue; } } $positionvalue = @$positionoptions[$editpage['nav'] . $editpage['position']]; $permitoptions = qa_admin_permit_options(QA_PERMIT_ALL, QA_PERMIT_ADMINS, false, false); $permitvalue = @$permitoptions[isset($inpermit) ? $inpermit : $editpage['permit']]; $qa_content['form'] = array( 'tags' => 'method="post" action="' . qa_path_html(qa_request()) . '"', 'style' => 'tall', 'fields' => array( 'name' => array( 'tags' => 'name="name" id="name"', 'label' => qa_lang_html($isexternal ? 'admin/link_name' : 'admin/page_name'), 'value' => qa_html(isset($inname) ? $inname : @$editpage['title']), 'error' => qa_html(@$errors['name']), ), 'delete' => array( 'tags' => 'name="dodelete" id="dodelete"', 'label' => qa_lang_html($isexternal ? 'admin/delete_link' : 'admin/delete_page'), 'value' => 0, 'type' => 'checkbox', ), 'position' => array( 'id' => 'position_display', 'tags' => 'name="position"', 'label' => qa_lang_html('admin/position'), 'type' => 'select', 'options' => $positionoptions, 'value' => $positionvalue, ), 'permit' => array( 'id' => 'permit_display', 'tags' => 'name="permit"', 'label' => qa_lang_html('admin/permit_to_view'), 'type' => 'select', 'options' => $permitoptions, 'value' => $permitvalue, ), 'slug' => array( 'id' => 'slug_display', 'tags' => 'name="slug"', 'label' => qa_lang_html('admin/page_slug'), 'value' => qa_html(isset($inslug) ? $inslug : @$editpage['tags']), 'error' => qa_html(@$errors['slug']), ), 'url' => array( 'id' => 'url_display', 'tags' => 'name="url"', 'label' => qa_lang_html('admin/link_url'), 'value' => qa_html(isset($inurl) ? $inurl : @$editpage['tags']), 'error' => qa_html(@$errors['url']), ), 'newwindow' => array( 'id' => 'newwindow_display', 'tags' => 'name="newwindow"', 'label' => qa_lang_html('admin/link_new_window'), 'value' => (isset($innewwindow) ? $innewwindow : (@$editpage['flags'] & QA_PAGE_FLAGS_NEW_WINDOW)) ? 1 : 0, 'type' => 'checkbox', ), 'heading' => array( 'id' => 'heading_display', 'tags' => 'name="heading"', 'label' => qa_lang_html('admin/page_heading'), 'value' => qa_html(isset($inheading) ? $inheading : @$editpage['heading']), 'error' => qa_html(@$errors['heading']), ), 'content' => array( 'id' => 'content_display', 'tags' => 'name="content"', 'label' => qa_lang_html('admin/page_content_html'), 'value' => qa_html(isset($incontent) ? $incontent : @$editpage['content']), 'error' => qa_html(@$errors['content']), 'rows' => 16, ), ), 'buttons' => array( 'save' => array( 'label' => qa_lang_html(isset($editpage['pageid']) ? 'main/save_button' : ($isexternal ? 'admin/add_link_button' : 'admin/add_page_button')), ), 'saveview' => array( 'tags' => 'name="dosaveview"', 'label' => qa_lang_html('admin/save_view_button'), ), 'cancel' => array( 'tags' => 'name="docancel"', 'label' => qa_lang_html('main/cancel_button'), ), ), 'hidden' => array( 'dosavepage' => '1', // for IE 'edit' => @$editpage['pageid'], 'external' => (int)$isexternal, 'code' => qa_get_form_security_code('admin/pages'), ), ); if ($isexternal) { unset($qa_content['form']['fields']['slug']); unset($qa_content['form']['fields']['heading']); unset($qa_content['form']['fields']['content']); } else { unset($qa_content['form']['fields']['url']); unset($qa_content['form']['fields']['newwindow']); } if (isset($editpage['pageid'])) { qa_set_display_rules($qa_content, array( 'position_display' => '!dodelete', 'permit_display' => '!dodelete', ($isexternal ? 'url_display' : 'slug_display') => '!dodelete', ($isexternal ? 'newwindow_display' : 'heading_display') => '!dodelete', 'content_display' => '!dodelete', )); } else { unset($qa_content['form']['fields']['slug']); unset($qa_content['form']['fields']['delete']); } if ($isexternal || !isset($editpage['pageid'])) unset($qa_content['form']['buttons']['saveview']); $qa_content['focusid'] = 'name'; } else { // List of standard navigation links $qa_content['form'] = array( 'tags' => 'method="post" action="' . qa_self_html() . '"', 'style' => 'tall', 'fields' => array(), 'buttons' => array( 'save' => array( 'tags' => 'name="dosaveoptions"', 'label' => qa_lang_html('main/save_button'), ), 'addpage' => array( 'tags' => 'name="doaddpage"', 'label' => qa_lang_html('admin/add_page_button'), ), 'addlink' => array( 'tags' => 'name="doaddlink"', 'label' => qa_lang_html('admin/add_link_button'), ), ), 'hidden' => array( 'code' => qa_get_form_security_code('admin/pages'), ), ); $qa_content['form']['fields']['navlinks'] = array( 'label' => qa_lang_html('admin/nav_links_explanation'), 'type' => 'static', 'tight' => true, ); foreach ($navoptions as $optionname => $langkey) { $qa_content['form']['fields'][$optionname] = array( 'label' => '<a href="' . qa_path_html($navpaths[$optionname]) . '">' . qa_lang_html($langkey) . '</a>', 'tags' => 'name="option_' . $optionname . '"', 'type' => 'checkbox', 'value' => qa_opt($optionname), ); } $qa_content['form']['fields'][] = array( 'type' => 'blank' ); // List of suggested plugin pages $listhtml = ''; $pagemodules = qa_load_modules_with('page', 'suggest_requests'); foreach ($pagemodules as $tryname => $trypage) { $suggestrequests = $trypage->suggest_requests(); foreach ($suggestrequests as $suggestrequest) { $listhtml .= '<li><b><a href="' . qa_path_html($suggestrequest['request']) . '">' . qa_html($suggestrequest['title']) . '</a></b>'; $listhtml .= qa_lang_html_sub('admin/plugin_module', qa_html($tryname)); $listhtml .= strtr(qa_lang_html('admin/add_link_link'), array( '^1' => '<a href="' . qa_path_html(qa_request(), array('doaddlink' => 1, 'text' => $suggestrequest['title'], 'url' => $suggestrequest['request'], 'nav' => @$suggestrequest['nav'])) . '">', '^2' => '</a>', )); if (method_exists($trypage, 'admin_form')) $listhtml .= ' - <a href="' . qa_admin_module_options_path('page', $tryname) . '">' . qa_lang_html('admin/options') . '</a>'; $listhtml .= '</li>'; } } if (strlen($listhtml)) { $qa_content['form']['fields']['plugins'] = array( 'label' => qa_lang_html('admin/plugin_pages_explanation'), 'type' => 'custom', 'html' => '<ul style="margin-bottom:0;">' . $listhtml . '</ul>', ); } // List of custom pages or links $listhtml = ''; foreach ($pages as $page) { $listhtml .= '<li><b><a href="' . qa_custom_page_url($page) . '">' . qa_html($page['title']) . '</a></b>'; $listhtml .= strtr(qa_lang_html(($page['flags'] & QA_PAGE_FLAGS_EXTERNAL) ? 'admin/edit_link' : 'admin/edit_page'), array( '^1' => '<a href="' . qa_path_html('admin/pages', array('edit' => $page['pageid'])) . '">', '^2' => '</a>', )); $listhtml .= '</li>'; } $qa_content['form']['fields']['pages'] = array( 'label' => strlen($listhtml) ? qa_lang_html('admin/click_name_edit') : qa_lang_html('admin/pages_explanation'), 'type' => 'custom', 'html' => strlen($listhtml) ? '<ul style="margin-bottom:0;">' . $listhtml . '</ul>' : null, ); } $qa_content['navigation']['sub'] = qa_admin_sub_navigation(); return $qa_content;