<?php
/*
	Question2Answer by Gideon Greenspan and contributors
	http://www.question2answer.org/

	Description: Controller for admin page for editing custom pages and external links


	This program is free software; you can redistribute it and/or
	modify it under the terms of the GNU General Public License
	as published by the Free Software Foundation; either version 2
	of the License, or (at your option) any later version.

	This program is distributed in the hope that it will be useful,
	but WITHOUT ANY WARRANTY; without even the implied warranty of
	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
	GNU General Public License for more details.

	More about this license: http://www.question2answer.org/license.php
*/

if (!defined('QA_VERSION')) { // don't allow this page to be requested directly from browser
	header('Location: ../../../');
	exit;
}

require_once QA_INCLUDE_DIR . 'app/admin.php';
require_once QA_INCLUDE_DIR . 'app/format.php';
require_once QA_INCLUDE_DIR . 'db/selects.php';


// Get current list of pages and determine the state of this admin page

$pageid = qa_post_text('edit');
if (!isset($pageid))
	$pageid = qa_get('edit');

list($pages, $editpage) = qa_db_select_with_pending(
	qa_db_pages_selectspec(),
	isset($pageid) ? qa_db_page_full_selectspec($pageid, true) : null
);

if ((qa_clicked('doaddpage') || qa_clicked('doaddlink') || qa_get('doaddlink') || qa_clicked('dosavepage')) && !isset($editpage)) {
	$editpage = array('title' => qa_get('text'), 'tags' => qa_get('url'), 'nav' => qa_get('nav'), 'position' => 1);
	$isexternal = qa_clicked('doaddlink') || qa_get('doaddlink') || qa_post_text('external');

} elseif (isset($editpage))
	$isexternal = $editpage['flags'] & QA_PAGE_FLAGS_EXTERNAL;


// Check admin privileges (do late to allow one DB query)

if (!qa_admin_check_privileges($qa_content))
	return $qa_content;


// Define an array of navigation settings we can change, option name => language key

$hascustomhome = qa_has_custom_home();

$navoptions = array(
	'nav_home' => 'main/nav_home',
	'nav_activity' => 'main/nav_activity',
	$hascustomhome ? 'nav_qa_not_home' : 'nav_qa_is_home' => $hascustomhome ? 'main/nav_qa' : 'admin/nav_qa_is_home',
	'nav_questions' => 'main/nav_qs',
	'nav_hot' => 'main/nav_hot',
	'nav_unanswered' => 'main/nav_unanswered',
	'nav_tags' => 'main/nav_tags',
	'nav_categories' => 'main/nav_categories',
	'nav_users' => 'main/nav_users',
	'nav_ask' => 'main/nav_ask',
);

$navpaths = array(
	'nav_home' => '',
	'nav_activity' => 'activity',
	'nav_qa_not_home' => 'qa',
	'nav_qa_is_home' => '',
	'nav_questions' => 'questions',
	'nav_hot' => 'hot',
	'nav_unanswered' => 'unanswered',
	'nav_tags' => 'tags',
	'nav_categories' => 'categories',
	'nav_users' => 'users',
	'nav_ask' => 'ask',
);

if (!qa_opt('show_custom_home'))
	unset($navoptions['nav_home']);

if (!qa_using_categories())
	unset($navoptions['nav_categories']);

if (!qa_using_tags())
	unset($navoptions['nav_tags']);


// Process saving an old or new page

$securityexpired = false;

if (qa_clicked('docancel'))
	$editpage = null;

elseif (qa_clicked('dosaveoptions') || qa_clicked('doaddpage') || qa_clicked('doaddlink')) {
	if (!qa_check_form_security_code('admin/pages', qa_post_text('code')))
		$securityexpired = true;
	else foreach ($navoptions as $optionname => $langkey)
		qa_set_option($optionname, (int)qa_post_text('option_' . $optionname));

} elseif (qa_clicked('dosavepage')) {
	require_once QA_INCLUDE_DIR . 'db/admin.php';
	require_once QA_INCLUDE_DIR . 'util/string.php';

	if (!qa_check_form_security_code('admin/pages', qa_post_text('code')))
		$securityexpired = true;
	else {
		$reloadpages = false;

		if (qa_post_text('dodelete')) {
			qa_db_page_delete($editpage['pageid']);

			$searchmodules = qa_load_modules_with('search', 'unindex_page');
			foreach ($searchmodules as $searchmodule)
				$searchmodule->unindex_page($editpage['pageid']);

			$editpage = null;
			$reloadpages = true;

		} else {
			$inname = qa_post_text('name');
			$inposition = qa_post_text('position');
			$inpermit = (int)qa_post_text('permit');
			$inurl = qa_post_text('url');
			$innewwindow = qa_post_text('newwindow');
			$inheading = qa_post_text('heading');
			$incontent = qa_post_text('content');

			$errors = array();

			// Verify the name (navigation link) is legitimate

			if (empty($inname))
				$errors['name'] = qa_lang('main/field_required');
			elseif (qa_strlen($inname) > QA_DB_MAX_CAT_PAGE_TITLE_LENGTH)
				$errors['name'] = qa_lang_sub('main/max_length_x', QA_DB_MAX_CAT_PAGE_TITLE_LENGTH);

			if ($isexternal) {
				// Verify the url is legitimate (vaguely)

				if (empty($inurl))
					$errors['url'] = qa_lang('main/field_required');
				elseif (qa_strlen($inurl) > QA_DB_MAX_CAT_PAGE_TAGS_LENGTH)
					$errors['url'] = qa_lang_sub('main/max_length_x', QA_DB_MAX_CAT_PAGE_TAGS_LENGTH);

			} else {
				// Verify the heading is legitimate

				if (qa_strlen($inheading) > QA_DB_MAX_TITLE_LENGTH)
					$errors['heading'] = qa_lang_sub('main/max_length_x', QA_DB_MAX_TITLE_LENGTH);

				// Verify the slug is legitimate (and try some defaults if we're creating a new page, and it's not)

				for ($attempt = 0; $attempt < 100; $attempt++) {
					switch ($attempt) {
						case 0:
							$inslug = qa_post_text('slug');
							if (!isset($inslug))
								$inslug = implode('-', qa_string_to_words($inname));
							break;

						case 1:
							$inslug = qa_lang_sub('admin/page_default_slug', $inslug);
							break;

						default:
							$inslug = qa_lang_sub('admin/page_default_slug', $attempt - 1);
							break;
					}

					list($matchcategoryid, $matchpage) = qa_db_select_with_pending(
						qa_db_slugs_to_category_id_selectspec($inslug),
						qa_db_page_full_selectspec($inslug, false)
					);

					if (empty($inslug))
						$errors['slug'] = qa_lang('main/field_required');
					elseif (qa_strlen($inslug) > QA_DB_MAX_CAT_PAGE_TAGS_LENGTH)
						$errors['slug'] = qa_lang_sub('main/max_length_x', QA_DB_MAX_CAT_PAGE_TAGS_LENGTH);
					elseif (preg_match('/[\\+\\/]/', $inslug))
						$errors['slug'] = qa_lang_sub('admin/slug_bad_chars', '+ /');
					elseif (qa_admin_is_slug_reserved($inslug))
						$errors['slug'] = qa_lang('admin/slug_reserved');
					elseif (isset($matchpage) && ($matchpage['pageid'] != @$editpage['pageid']))
						$errors['slug'] = qa_lang('admin/page_already_used');
					elseif (isset($matchcategoryid))
						$errors['slug'] = qa_lang('admin/category_already_used');
					else
						unset($errors['slug']);

					if (isset($editpage['pageid']) || !isset($errors['slug'])) // don't try other options if editing existing page
						break;
				}
			}

			// Perform appropriate database action

			if (isset($editpage['pageid'])) { // changing existing page
				if ($isexternal) {
					qa_db_page_set_fields($editpage['pageid'],
						isset($errors['name']) ? $editpage['title'] : $inname,
						QA_PAGE_FLAGS_EXTERNAL | ($innewwindow ? QA_PAGE_FLAGS_NEW_WINDOW : 0),
						isset($errors['url']) ? $editpage['tags'] : $inurl,
						null, null, $inpermit);

				} else {
					$setheading = isset($errors['heading']) ? $editpage['heading'] : $inheading;
					$setslug = isset($errors['slug']) ? $editpage['tags'] : $inslug;
					$setcontent = isset($errors['content']) ? $editpage['content'] : $incontent;

					qa_db_page_set_fields($editpage['pageid'],
						isset($errors['name']) ? $editpage['title'] : $inname,
						0,
						$setslug, $setheading, $setcontent, $inpermit);

					$searchmodules = qa_load_modules_with('search', 'unindex_page');
					foreach ($searchmodules as $searchmodule)
						$searchmodule->unindex_page($editpage['pageid']);

					$indextext = qa_viewer_text($setcontent, 'html');

					$searchmodules = qa_load_modules_with('search', 'index_page');
					foreach ($searchmodules as $searchmodule)
						$searchmodule->index_page($editpage['pageid'], $setslug, $setheading, $setcontent, 'html', $indextext);
				}

				qa_db_page_move($editpage['pageid'], substr($inposition, 0, 1), substr($inposition, 1));

				$reloadpages = true;

				if (empty($errors))
					$editpage = null;
				else
					$editpage = @$pages[$editpage['pageid']];

			} else { // creating a new one
				if (empty($errors)) {
					if ($isexternal) {
						$pageid = qa_db_page_create($inname, QA_PAGE_FLAGS_EXTERNAL | ($innewwindow ? QA_PAGE_FLAGS_NEW_WINDOW : 0), $inurl, null, null, $inpermit);
					} else {
						$pageid = qa_db_page_create($inname, 0, $inslug, $inheading, $incontent, $inpermit);

						$indextext = qa_viewer_text($incontent, 'html');

						$searchmodules = qa_load_modules_with('search', 'index_page');
						foreach ($searchmodules as $searchmodule)
							$searchmodule->index_page($pageid, $inslug, $inheading, $incontent, 'html', $indextext);
					}

					qa_db_page_move($pageid, substr($inposition, 0, 1), substr($inposition, 1));

					$editpage = null;
					$reloadpages = true;
				}
			}

			if (qa_clicked('dosaveview') && empty($errors) && !$isexternal)
				qa_redirect($inslug);
		}

		if ($reloadpages) {
			qa_db_flush_pending_result('navpages');
			$pages = qa_db_select_with_pending(qa_db_pages_selectspec());
		}
	}
}


// Prepare content for theme

$qa_content = qa_content_prepare();

$qa_content['title'] = qa_lang_html('admin/admin_title') . ' - ' . qa_lang_html('admin/pages_title');
$qa_content['error'] = $securityexpired ? qa_lang_html('admin/form_security_expired') : qa_admin_page_error();

if (isset($editpage)) {
	$positionoptions = array();

	if (!$isexternal)
		$positionoptions['_' . max(1, @$editpage['position'])] = qa_lang_html('admin/no_link');

	$navlangkey = array(
		'B' => 'admin/before_main_menu',
		'M' => 'admin/after_main_menu',
		'O' => 'admin/opposite_main_menu',
		'F' => 'admin/after_footer',
	);

	foreach ($navlangkey as $nav => $langkey) {
		$previous = null;
		$passedself = false;
		$maxposition = 0;

		foreach ($pages as $key => $page) {
			if ($page['nav'] == $nav) {
				if (isset($previous))
					$positionhtml = qa_lang_html_sub('admin/after_x_tab', qa_html($passedself ? $page['title'] : $previous['title']));
				else
					$positionhtml = qa_lang_html($langkey);

				if ($page['pageid'] == @$editpage['pageid'])
					$passedself = true;

				$maxposition = max($maxposition, $page['position']);
				$positionoptions[$nav . $page['position']] = $positionhtml;

				$previous = $page;
			}
		}

		if (!isset($editpage['pageid']) || $nav != @$editpage['nav']) {
			$positionvalue = isset($previous) ? qa_lang_html_sub('admin/after_x_tab', qa_html($previous['title'])) : qa_lang_html($langkey);
			$positionoptions[$nav . (isset($previous) ? (1 + $maxposition) : 1)] = $positionvalue;
		}
	}

	$positionvalue = @$positionoptions[$editpage['nav'] . $editpage['position']];

	$permitoptions = qa_admin_permit_options(QA_PERMIT_ALL, QA_PERMIT_ADMINS, false, false);
	$permitvalue = @$permitoptions[isset($inpermit) ? $inpermit : $editpage['permit']];

	$qa_content['form'] = array(
		'tags' => 'method="post" action="' . qa_path_html(qa_request()) . '"',

		'style' => 'tall',

		'fields' => array(
			'name' => array(
				'tags' => 'name="name" id="name"',
				'label' => qa_lang_html($isexternal ? 'admin/link_name' : 'admin/page_name'),
				'value' => qa_html(isset($inname) ? $inname : @$editpage['title']),
				'error' => qa_html(@$errors['name']),
			),

			'delete' => array(
				'tags' => 'name="dodelete" id="dodelete"',
				'label' => qa_lang_html($isexternal ? 'admin/delete_link' : 'admin/delete_page'),
				'value' => 0,
				'type' => 'checkbox',
			),

			'position' => array(
				'id' => 'position_display',
				'tags' => 'name="position"',
				'label' => qa_lang_html('admin/position'),
				'type' => 'select',
				'options' => $positionoptions,
				'value' => $positionvalue,
			),

			'permit' => array(
				'id' => 'permit_display',
				'tags' => 'name="permit"',
				'label' => qa_lang_html('admin/permit_to_view'),
				'type' => 'select',
				'options' => $permitoptions,
				'value' => $permitvalue,
			),

			'slug' => array(
				'id' => 'slug_display',
				'tags' => 'name="slug"',
				'label' => qa_lang_html('admin/page_slug'),
				'value' => qa_html(isset($inslug) ? $inslug : @$editpage['tags']),
				'error' => qa_html(@$errors['slug']),
			),

			'url' => array(
				'id' => 'url_display',
				'tags' => 'name="url"',
				'label' => qa_lang_html('admin/link_url'),
				'value' => qa_html(isset($inurl) ? $inurl : @$editpage['tags']),
				'error' => qa_html(@$errors['url']),
			),

			'newwindow' => array(
				'id' => 'newwindow_display',
				'tags' => 'name="newwindow"',
				'label' => qa_lang_html('admin/link_new_window'),
				'value' => (isset($innewwindow) ? $innewwindow : (@$editpage['flags'] & QA_PAGE_FLAGS_NEW_WINDOW)) ? 1 : 0,
				'type' => 'checkbox',
			),

			'heading' => array(
				'id' => 'heading_display',
				'tags' => 'name="heading"',
				'label' => qa_lang_html('admin/page_heading'),
				'value' => qa_html(isset($inheading) ? $inheading : @$editpage['heading']),
				'error' => qa_html(@$errors['heading']),
			),

			'content' => array(
				'id' => 'content_display',
				'tags' => 'name="content"',
				'label' => qa_lang_html('admin/page_content_html'),
				'value' => qa_html(isset($incontent) ? $incontent : @$editpage['content']),
				'error' => qa_html(@$errors['content']),
				'rows' => 16,
			),
		),

		'buttons' => array(
			'save' => array(
				'label' => qa_lang_html(isset($editpage['pageid']) ? 'main/save_button' : ($isexternal ? 'admin/add_link_button' : 'admin/add_page_button')),
			),

			'saveview' => array(
				'tags' => 'name="dosaveview"',
				'label' => qa_lang_html('admin/save_view_button'),
			),

			'cancel' => array(
				'tags' => 'name="docancel"',
				'label' => qa_lang_html('main/cancel_button'),
			),
		),

		'hidden' => array(
			'dosavepage' => '1', // for IE
			'edit' => @$editpage['pageid'],
			'external' => (int)$isexternal,
			'code' => qa_get_form_security_code('admin/pages'),
		),
	);

	if ($isexternal) {
		unset($qa_content['form']['fields']['slug']);
		unset($qa_content['form']['fields']['heading']);
		unset($qa_content['form']['fields']['content']);

	} else {
		unset($qa_content['form']['fields']['url']);
		unset($qa_content['form']['fields']['newwindow']);
	}

	if (isset($editpage['pageid'])) {
		qa_set_display_rules($qa_content, array(
			'position_display' => '!dodelete',
			'permit_display' => '!dodelete',
			($isexternal ? 'url_display' : 'slug_display') => '!dodelete',
			($isexternal ? 'newwindow_display' : 'heading_display') => '!dodelete',
			'content_display' => '!dodelete',
		));

	} else {
		unset($qa_content['form']['fields']['slug']);
		unset($qa_content['form']['fields']['delete']);
	}

	if ($isexternal || !isset($editpage['pageid']))
		unset($qa_content['form']['buttons']['saveview']);

	$qa_content['focusid'] = 'name';

} else {
	// List of standard navigation links
	$qa_content['form'] = array(
		'tags' => 'method="post" action="' . qa_self_html() . '"',

		'style' => 'tall',

		'fields' => array(),

		'buttons' => array(
			'save' => array(
				'tags' => 'name="dosaveoptions"',
				'label' => qa_lang_html('main/save_button'),
			),

			'addpage' => array(
				'tags' => 'name="doaddpage"',
				'label' => qa_lang_html('admin/add_page_button'),
			),

			'addlink' => array(
				'tags' => 'name="doaddlink"',
				'label' => qa_lang_html('admin/add_link_button'),
			),
		),

		'hidden' => array(
			'code' => qa_get_form_security_code('admin/pages'),
		),
	);

	$qa_content['form']['fields']['navlinks'] = array(
		'label' => qa_lang_html('admin/nav_links_explanation'),
		'type' => 'static',
		'tight' => true,
	);

	foreach ($navoptions as $optionname => $langkey) {
		$qa_content['form']['fields'][$optionname] = array(
			'label' => '<a href="' . qa_path_html($navpaths[$optionname]) . '">' . qa_lang_html($langkey) . '</a>',
			'tags' => 'name="option_' . $optionname . '"',
			'type' => 'checkbox',
			'value' => qa_opt($optionname),
		);
	}

	$qa_content['form']['fields'][] = array(
		'type' => 'blank'
	);

	// List of suggested plugin pages

	$listhtml = '';

	$pagemodules = qa_load_modules_with('page', 'suggest_requests');

	foreach ($pagemodules as $tryname => $trypage) {
		$suggestrequests = $trypage->suggest_requests();

		foreach ($suggestrequests as $suggestrequest) {
			$listhtml .= '<li><b><a href="' . qa_path_html($suggestrequest['request']) . '">' . qa_html($suggestrequest['title']) . '</a></b>';

			$listhtml .= qa_lang_html_sub('admin/plugin_module', qa_html($tryname));

			$listhtml .= strtr(qa_lang_html('admin/add_link_link'), array(
				'^1' => '<a href="' . qa_path_html(qa_request(), array('doaddlink' => 1, 'text' => $suggestrequest['title'], 'url' => $suggestrequest['request'], 'nav' => @$suggestrequest['nav'])) . '">',
				'^2' => '</a>',
			));

			if (method_exists($trypage, 'admin_form'))
				$listhtml .= ' - <a href="' . qa_admin_module_options_path('page', $tryname) . '">' . qa_lang_html('admin/options') . '</a>';

			$listhtml .= '</li>';
		}
	}

	if (strlen($listhtml)) {
		$qa_content['form']['fields']['plugins'] = array(
			'label' => qa_lang_html('admin/plugin_pages_explanation'),
			'type' => 'custom',
			'html' => '<ul style="margin-bottom:0;">' . $listhtml . '</ul>',
		);
	}

	// List of custom pages or links

	$listhtml = '';

	foreach ($pages as $page) {
		$listhtml .= '<li><b><a href="' . qa_custom_page_url($page) . '">' . qa_html($page['title']) . '</a></b>';

		$listhtml .= strtr(qa_lang_html(($page['flags'] & QA_PAGE_FLAGS_EXTERNAL) ? 'admin/edit_link' : 'admin/edit_page'), array(
			'^1' => '<a href="' . qa_path_html('admin/pages', array('edit' => $page['pageid'])) . '">',
			'^2' => '</a>',
		));

		$listhtml .= '</li>';
	}

	$qa_content['form']['fields']['pages'] = array(
		'label' => strlen($listhtml) ? qa_lang_html('admin/click_name_edit') : qa_lang_html('admin/pages_explanation'),
		'type' => 'custom',
		'html' => strlen($listhtml) ? '<ul style="margin-bottom:0;">' . $listhtml . '</ul>' : null,
	);
}

$qa_content['navigation']['sub'] = qa_admin_sub_navigation();


return $qa_content;