Author: dgoette Date: Sun Jan 25 05:25:18 2009 New Revision: 39086
URL: http://svn.reactos.org/svn/reactos?rev=39086&view=rev Log: * simplify Smarty Filter backend * show title in entry table again * make preview working again, now don't open a new window per preview, load into an iframe instaed * use vertical written text in admin tables, to get an better overview * use revision copy function only to build new translations * make admin functions working again, after that ACL & APL changes * fix a bug in generator: while updating entries, entries where generated too often * minor bugfixes * simple style changes
Added: branches/danny-web/reactos.org/htdocs/roscms/lib/CMSWebsitePreview.class.php branches/danny-web/reactos.org/htdocs/roscms/lib/Presentation.class.php Modified: branches/danny-web/reactos.org/htdocs/roscms/config.php branches/danny-web/reactos.org/htdocs/roscms/connect.db.php branches/danny-web/reactos.org/htdocs/roscms/css/user.css branches/danny-web/reactos.org/htdocs/roscms/index.php branches/danny-web/reactos.org/htdocs/roscms/js/cms_website.js branches/danny-web/reactos.org/htdocs/roscms/lib/Admin_ACL.class.php branches/danny-web/reactos.org/htdocs/roscms/lib/Admin_Groups.class.php branches/danny-web/reactos.org/htdocs/roscms/lib/Admin_System.class.php branches/danny-web/reactos.org/htdocs/roscms/lib/CMSWebsiteFilter.class.php branches/danny-web/reactos.org/htdocs/roscms/lib/CMSWebsiteLabel.class.php branches/danny-web/reactos.org/htdocs/roscms/lib/Data.class.php branches/danny-web/reactos.org/htdocs/roscms/lib/Editor_Website.class.php branches/danny-web/reactos.org/htdocs/roscms/lib/Export_Page.class.php branches/danny-web/reactos.org/htdocs/roscms/lib/Export_XML.class.php branches/danny-web/reactos.org/htdocs/roscms/lib/Generate.class.php branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_CMS_Website.class.php branches/danny-web/reactos.org/htdocs/roscms/lib/Tag.class.php
Modified: branches/danny-web/reactos.org/htdocs/roscms/config.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/config.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/config.php [iso-8859-1] Sun Jan 25 05:25:18 2009 @@ -17,6 +17,10 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ + +// How much debug by php itself should be showed +error_reporting(E_ALL); +ini_set('error_reporting', E_ALL);
if (!defined('ROSCMS_PATH')) { define('ROSCMS_PATH',''); // relative path to roscms
Modified: branches/danny-web/reactos.org/htdocs/roscms/connect.db.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/connect.db.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/connect.db.php [iso-8859-1] Sun Jan 25 05:25:18 2009 @@ -26,5 +26,6 @@ $db_name = 'roscms';
// vars are unset in DBConnection class +// !!! so be sure to use DBConnection or unset(..) yourself
?>
Modified: branches/danny-web/reactos.org/htdocs/roscms/css/user.css URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/css/user.css [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/css/user.css [iso-8859-1] Sun Jan 25 05:25:18 2009 @@ -26,7 +26,7 @@ /* left menu */ #leftNav { padding: 0px 10px 10px 10px; } #leftNav UL { margin: 0px 0px 1.5em 0px; padding: 0px; list-style-type: none; background-color: #EEEEEE; border-top: #3F3849 0px solid; border-right: #3F3849 1px solid; border-left: #3F3849 1px solid; } -#leftNav UL LI { font-size: 13px; font-weight: bold; border-bottom: 1px solid #3f3849; } +#leftNav UL LI { font-size: 12px; font-weight: bold; border-bottom: 1px solid #3f3849; } #leftNav UL LI A { display: block; padding: 2px 4px; color: #3F3849; text-decoration: none; } #leftNav UL LI A:hover { color: black; background-color: #FFCC33; } #leftNav H2 { margin: 0px; padding-left: 12px; border: #3F3849 1px solid; font-weight: bold; font-size: 14px; color: white; background-color: #5984c3; }
Modified: branches/danny-web/reactos.org/htdocs/roscms/index.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/index.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/index.php [iso-8859-1] Sun Jan 25 05:25:18 2009 @@ -3,7 +3,7 @@ RosCMS - ReactOS Content Management System Copyright (C) 2005-2008 Klemens Friedl frik85@reactos.org 2005 Ge van Geldorp gvg@reactos.org - 2008 Danny Götte dangerground@web.de + 2008-2009 Danny Götte dangerground@web.de
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -19,10 +19,6 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ - -//@MOVEME to config -error_reporting(E_ALL); -ini_set('error_reporting', E_ALL);
if (get_magic_quotes_gpc()) { ini_set('magic_quotes', 'off'); @@ -146,6 +142,9 @@ case 'uqi': // User Quick Info new Export_QuickInfo(); break; + case 'prv': // Preview + new CMSWebsitePreview(); + break; default: die(''); break; @@ -180,8 +179,16 @@ break; } // end $_GET['d_u'] break; - break; } // end switch + break; + + // presentation + case 'presentation': + switch ($_GET['type']) { + case 'vtext': // vertical text + Presentation::verticalText($_GET['text']); + break; + } // end type break;
// No permission
Modified: branches/danny-web/reactos.org/htdocs/roscms/js/cms_website.js URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/js/cms_website.js [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/js/cms_website.js [iso-8859-1] Sun Jan 25 05:25:18 2009 @@ -442,7 +442,7 @@ }
if (uf_name != '' && uf_name.length < 50) { - makeRequest('?page=data_out&d_f=text&d_u=ufs&d_val=add&d_val2='+encodeURIComponent(uf_type)+'&d_val3='+encodeURIComponent(uf_name)+'&d_val4='+encodeURIComponent(uf_str), 'ufs', uf_objid, 'html', 'GET', ''); + makeRequest('?page=data_out&d_f=text&d_u=ufs&action=add&title='+encodeURIComponent(uf_name)+'&setting='+encodeURIComponent(uf_str), 'ufs', uf_objid, 'html', 'GET', ''); } }
@@ -461,7 +461,7 @@ uf_objid = 'labtitel2c';
if (uf_check == true) { - makeRequest('?page=data_out&d_f=text&d_u=ufs&d_val=del&d_val2='+encodeURIComponent(uf_type)+'&d_val3='+encodeURIComponent(uf_id), 'ufs', uf_objid, 'html', 'GET', ''); + makeRequest('?page=data_out&d_f=text&d_u=ufs&action=del&id='+encodeURIComponent(uf_id), 'ufs', uf_objid, 'html', 'GET', ''); } }
@@ -685,6 +685,7 @@ if (document.getElementById('frametable').style.display != 'block') { document.getElementById('frametable').style.display = 'block'; document.getElementById('frameedit').style.display = 'none'; + document.getElementById('previewarea').style.display = 'none';
// deactivate alert-timer window.clearTimeout(alertactiv); @@ -778,6 +779,7 @@ if (document.getElementById('frametable').style.display != 'block') { document.getElementById('frametable').style.display = 'block'; document.getElementById('frameedit').style.display = 'none'; + document.getElementById('previewarea').style.display = 'none'; }
reloadEntryTableWithOffset( offset ); @@ -793,6 +795,7 @@ if (document.getElementById('frametable').style.display != 'block') { document.getElementById('frametable').style.display = 'block'; document.getElementById('frameedit').style.display = 'none'; + document.getElementById('previewarea').style.display = 'none'; }
// deactivate alert-timer @@ -815,6 +818,7 @@ { if (document.getElementById('frameedit').style.display != 'block') { document.getElementById('frametable').style.display = 'none'; + document.getElementById('previewarea').style.display = 'none'; document.getElementById('frameedit').style.display = 'block'; }
@@ -876,7 +880,7 @@ roscms_prev_page = roscms_current_page; roscms_current_page = objevent;
- document.getElementById('frmedithead').innerHTML = '<span class="button" onclick="loadEntryTableWithOffset(roscms_current_tbl_position)"><strong>« Back</strong></span> <b>Edit Entry</b>'; + document.getElementById('frmedithead').innerHTML = '<span class="button" onclick="loadEntryTableWithOffset(roscms_current_tbl_position)"><strong>« Back</strong></span> <strong>Edit Entry</strong>';
// enable autosave autosave_timer = window.setTimeout("tryAutosave()", autosave_coundown); @@ -1787,6 +1791,11 @@ // user quick info case 'uqi': updateQuickinfo(http_request, objid); + break; + + // preview + case 'prv': + showPreview(http_request, objid); break;
default: @@ -2378,13 +2387,31 @@ var tentrs2 = tentrs[1].split("_");
if (tentrs[0] == 1) { - window.open(roscms_intern_page_link+"data_out&d_f=page&d_u=show&d_val="+tentrs2[1]+"&d_val2="+userlang+"&d_val3=", "RosCMSPagePreview"); + makeRequest('?page=data_out&d_f=text&d_u=prv&rev_id='+tentrs2[1], 'prv', 'previewarea', 'html', 'GET', ''); } else { alertbox("Select one entry to preview a page!"); } - - document.getElementById('extraopt').value = 'sel'; +} + + + +/** + * put the previewed page into an iframe and hide other elements like entry table and editor + * + * @param object http_request + * @param string objid + */ +function showPreview( http_request, objid ) +{ + if (document.getElementById('previewarea').style.display != 'block') { + document.getElementById('frametable').style.display = 'none'; + document.getElementById('frameedit').style.display = 'none'; + document.getElementById('previewarea').style.display = 'block'; + } + + document.getElementById('previewzone').innerHTML = http_request.responseText; + document.getElementById('previewhead').innerHTML = '<span class="button" onclick="loadEntryTableWithOffset(roscms_current_tbl_position)"><strong>« Back</strong></span> <strong>Preview</strong>'; }
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/Admin_ACL.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/Admin_ACL.class.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/Admin_ACL.class.php [iso-8859-1] Sun Jan 25 05:25:18 2009 @@ -35,21 +35,25 @@ */ protected function showNew( ) { + $stmt=&DBConnection::getInstance()->prepare("SELECT id, name, description FROM ".ROSCMST_RIGHTS." ORDER BY name ASC"); + $stmt->execute(); + $rights=$stmt->fetchAll(PDO::FETCH_ASSOC); + echo_strip(' <h2>Create new Access Control List (ACL)</h2> <form onsubmit="return false;"> <fieldset> <legend>Access Control List Options</legend> - <label for="acl_name">Name</label> - <input id="acl_name" name="acl_name" maxlength="100" value="" /> + <label for="access_name">Name</label> + <input id="access_name" name="access_name" maxlength="100" value="" /> <br />
- <label for="acl_short">Short Name (Identifier)</label> - <input id="acl_short" name="acl_short" maxlength="50" value="" /> + <label for="access_short">Short Name (Identifier)</label> + <input id="access_short" name="access_short" maxlength="50" value="" /> <br />
- <label for="acl_desc">Description</label> - <input id="acl_desc" name="acl_desc" maxlength="255" value="" /> + <label for="access_desc">Description</label> + <input id="access_desc" name="access_desc" maxlength="255" value="" /> </fieldset> <br /> <fieldset> @@ -57,14 +61,11 @@ <table> <tr> <th title="Security Level">SecLvl</th> - <th>Group Name</th> - <th title="read">R</th> - <th title="write">W</th> - <th title="add">A</th> - <th title="delete">D</th> - <th title="publish">P</th> - <th title="translate">T</th> - </tr>'); + <th>Group Name</th>'); + foreach ($rights as $right) { + echo '<th style="vertical-align:bottom;" title="'.$right['name'].': '.$right['description'].'"><img src="?page=presentation&type=vtext&text='.$right['name'].'" alt="'.$right['name'].'" /></th>'; + } + echo '</tr>';
$stmt=&DBConnection::getInstance()->prepare("SELECT id, name, security_level, description FROM ".ROSCMST_GROUPS." ORDER BY security_level ASC, name ASC"); $stmt->execute(); @@ -72,14 +73,12 @@ echo_strip(' <tr title="'.htmlspecialchars($group['description']).'"> <td>'.$group['security_level'].'</td> - <td>'.htmlspecialchars($group['name']).'</td> - <td title="read entries"><input type="checkbox" name="read'.$group['id'].'" id="read'.$group['id'].'" checked="checked" value="1" /></td> - <td title="edit entries"><input type="checkbox" name="write'.$group['id'].'" id="write'.$group['id'].'" value="1" /></td> - <td title="add new entries"><input type="checkbox" name="add'.$group['id'].'" id="add'.$group['id'].'" value="1" /></td> - <td title="delete entries"><input type="checkbox" name="del'.$group['id'].'" id="del'.$group['id'].'" value="1" /></td> - <td title="make entries stable"><input type="checkbox" name="pub'.$group['id'].'" id="pub'.$group['id'].'" value="1" /></td> - <td title="translate entries"><input type="checkbox" name="trans'.$group['id'].'" id="trans'.$group['id'].'" value="1" /></td> - </tr>'); + <td>'.htmlspecialchars($group['name']).'</td>'); + + foreach ($rights as $right) { + echo '<td title="'.$group['name'].'--'.$right['name'].': '.$right['description'].'"><input type="checkbox" value="1" name="valid'.$group['id'].'_'.$right['id'].'" /></td>'; + } + echo '</tr>'; }
echo_strip(' @@ -103,35 +102,35 @@
// try to insert new access list $stmt=&DBConnection::getInstance()->prepare("INSERT INTO ".ROSCMST_ACCESS." (name, name_short, description) VALUES (:name, :short, :description)"); - $stmt->bindParam('name',$_POST['acl_name'],PDO::PARAM_STR); - $stmt->bindParam('short',$_POST['acl_short'],PDO::PARAM_STR); - $stmt->bindParam('description',$_POST['acl_desc'],PDO::PARAM_STR); + $stmt->bindParam('name',$_POST['access_name'],PDO::PARAM_STR); + $stmt->bindParam('short',$_POST['access_short'],PDO::PARAM_STR); + $stmt->bindParam('description',$_POST['access_desc'],PDO::PARAM_STR); if ($stmt->execute()) {
// check for new access list id $stmt=&DBConnection::getInstance()->prepare("SELECT id FROM ".ROSCMST_ACCESS." WHERE name=:name"); - $stmt->bindParam('name',$_POST['acl_name'],PDO::PARAM_STR); + $stmt->bindParam('name',$_POST['access_name'],PDO::PARAM_STR); $stmt->execute(); $access_id = $stmt->fetchColumn(); if ($access_id !== false) {
- // prepare for usage in loop - $stmt_ins=&DBConnection::getInstance()->prepare("INSERT INTO ".ROSCMST_ENTRY_AREA." (acl_id, group_id, can_read, can_write, can_add, can_delete, can_publish, can_translate) VALUES (:acl_id, :group_id, :read, :write, :add, :delete, :publish, :translate)"); - $stmt_ins->bindParam('acl_id',$access_id,PDO::PARAM_INT); - - // insert access rights for each group - $stmt=&DBConnection::getInstance()->prepare("SELECT id FROM ".ROSCMST_GROUPS); + $stmt=&DBConnection::getInstance()->prepare("SELECT id, name, description FROM ".ROSCMST_RIGHTS." ORDER BY name ASC"); $stmt->execute(); - while ($group = $stmt->fetch(PDO::FETCH_ASSOC)) { - $stmt_ins->bindParam('group_id',$group['id'],PDO::PARAM_INT); - $stmt_ins->bindValue('read',$_POST['read'.$group['id']]=='true',PDO::PARAM_BOOL); - $stmt_ins->bindValue('write',$_POST['write'.$group['id']]=='true',PDO::PARAM_BOOL); - $stmt_ins->bindValue('add',$_POST['add'.$group['id']]=='true',PDO::PARAM_BOOL); - $stmt_ins->bindValue('delete',$_POST['del'.$group['id']]=='true',PDO::PARAM_BOOL); - $stmt_ins->bindValue('publish',$_POST['pub'.$group['id']]=='true',PDO::PARAM_BOOL); - $stmt_ins->bindValue('translate',$_POST['trans'.$group['id']]=='true',PDO::PARAM_BOOL); - $success = $success && $stmt_ins->execute(); - } + $rights=$stmt->fetchAll(PDO::FETCH_ASSOC); + + $stmt=&DBConnection::getInstance()->prepare("INSERT INTO ".ROSCMST_ACL." (access_id, group_id, right_id) VALUES (:access_id,:group_id,:right_id)"); + $stmt->bindParam('access_id',$access_id,PDO::PARAM_INT); + foreach ($_POST as $item=>$val) { + if (strpos($item,'valid')===0) { + $item = substr($item, 5); + $id = explode('_',$item); + if($id[0] > 0 && $id[1] > 0 && $val=='true') { + $stmt->bindParam('right_id',$id[1],PDO::PARAM_INT); + $stmt->bindParam('group_id',$id[0],PDO::PARAM_INT); + $success = $success && $stmt->execute(); + } + } + } // end foreach } // end got list id else { $success = false; @@ -162,7 +161,7 @@ echo_strip(' <h2>Select ACL to '.($_GET['for']=='edit' ? 'edit' : 'delete').'</h2> <form onsubmit="return false;"> - <select name="acl" id="acl"> + <select name="access" id="access"> <option value="0"> </option>');
$stmt=&DBConnection::getInstance()->prepare("SELECT id, name, description FROM ".ROSCMST_ACCESS." ORDER BY name ASC"); @@ -187,7 +186,7 @@ protected function submitSearch( ) { // show edit / delete form, if entry was selected - if ($_POST['acl'] > 0) { + if ($_POST['access'] > 0) { if ($_GET['for'] == 'edit') { self::showEdit(); } @@ -211,8 +210,12 @@ */ protected function showEdit( ) { - $stmt=&DBConnection::getInstance()->prepare("SELECT name, name_short, description, id FROM ".ROSCMST_ACCESS." WHERE id=:acl_id"); - $stmt->bindParam('acl_id',$_POST['acl'],PDO::PARAM_INT); + $stmt=&DBConnection::getInstance()->prepare("SELECT id, name, description FROM ".ROSCMST_RIGHTS." ORDER BY name ASC"); + $stmt->execute(); + $rights=$stmt->fetchAll(PDO::FETCH_ASSOC); + + $stmt=&DBConnection::getInstance()->prepare("SELECT name, name_short, description, id FROM ".ROSCMST_ACCESS." WHERE id=:access_id"); + $stmt->bindParam('access_id',$_POST['access'],PDO::PARAM_INT); $stmt->execute(); $access = $stmt->fetchOnce(PDO::FETCH_ASSOC);
@@ -221,18 +224,18 @@ <form onsubmit="return false;"> <fieldset> <legend>Access Control List Options</legend> - <input type="hidden" name="acl_id" id="acl_id" value="'.$access['id'].'" /> + <input type="hidden" name="access_id" id="access_id" value="'.$access['id'].'" />
- <label for="acl_name">Name</label> - <input id="acl_name" name="acl_name" maxlength="100" value="'.$access['name'].'" /> + <label for="access_name">Name</label> + <input id="access_name" name="access_name" maxlength="100" value="'.$access['name'].'" /> <br />
- <label for="acl_short">Short Name (Identifier)</label> - <input id="acl_short" name="acl_short" maxlength="50" value="'.$access['name_short'].'" /> + <label for="access_short">Short Name (Identifier)</label> + <input id="access_short" name="access_short" maxlength="50" value="'.$access['name_short'].'" /> <br />
- <label for="acl_desc">Description</label> - <input id="acl_desc" name="acl_desc" maxlength="255" value="'.$access['description'].'" /> + <label for="access_desc">Description</label> + <input id="access_desc" name="access_desc" maxlength="255" value="'.$access['description'].'" /> </fieldset> <br /> <fieldset> @@ -240,30 +243,33 @@ <table> <tr> <th title="Security Level">SecLvl</th> - <th>Group Name</th> - <th title="read">R</th> - <th title="write">W</th> - <th title="add">A</th> - <th title="delete">D</th> - <th title="publish">P</th> - <th title="translate">T</th> - </tr>'); - - $stmt=&DBConnection::getInstance()->prepare("SELECT g.id, g.name, g.security_level, g.description, a.can_read, a.can_write, a.can_add, a.can_delete, a.can_publish, a.can_translate FROM ".ROSCMST_ENTRY_AREA." a JOIN ".ROSCMST_GROUPS." g ON g.id=a.group_id WHERE a.acl_id=:acl_id ORDER BY g.security_level ASC, g.name ASC"); - $stmt->bindParam('acl_id',$access['id'],PDO::PARAM_INT); + <th>Group Name</th>'); + foreach ($rights as $right) { + echo '<th style="vertical-align:bottom;" title="'.$right['name'].': '.$right['description'].'"><img src="?page=presentation&type=vtext&text='.$right['name'].'" alt="'.$right['name'].'" /></th>'; + } + echo '</tr>'; + + + // for usage in loop + $stmt_is=&DBConnection::getInstance()->prepare("SELECT TRUE FROM ".ROSCMST_ACL." WHERE group_id=:group_id AND right_id=:right_id AND access_id=:access_id LIMIT 1"); + $stmt_is->bindParam('access_id',$access['id'],PDO::PARAM_INT); + + $stmt=&DBConnection::getInstance()->prepare("SELECT id, name, security_level, description FROM ".ROSCMST_GROUPS." ORDER BY security_level ASC, name ASC"); $stmt->execute(); while ($group = $stmt->fetch(PDO::FETCH_ASSOC)) { + $stmt_is->bindParam('group_id',$group['id'],PDO::PARAM_INT); echo_strip(' <tr title="'.htmlspecialchars($group['description']).'"> <td>'.$group['security_level'].'</td> - <td>'.htmlspecialchars($group['name']).'</td> - <td title="read entries"><input type="checkbox" name="read'.$group['id'].'" id="read'.$group['id'].'" '.($group['can_read'] == true ? 'checked="checked"' : '').' value="1" /></td> - <td title="edit entries"><input type="checkbox" name="write'.$group['id'].'" id="write'.$group['id'].'" '.($group['can_write'] == true ? 'checked="checked"' : '').' value="1" /></td> - <td title="add new entries"><input type="checkbox" name="add'.$group['id'].'" id="add'.$group['id'].'" '.($group['can_add'] == true ? 'checked="checked"' : '').' value="1" /></td> - <td title="delete entries"><input type="checkbox" name="del'.$group['id'].'" id="del'.$group['id'].'" '.($group['can_delete'] == true ? 'checked="checked"' : '').' value="1" /></td> - <td title="make entries stable"><input type="checkbox" name="pub'.$group['id'].'" id="pub'.$group['id'].'" '.($group['can_publish'] == true ? 'checked="checked"' : '').' value="1" /></td> - <td title="translate entries"><input type="checkbox" name="trans'.$group['id'].'" id="trans'.$group['id'].'" '.($group['can_translate'] == true ? 'checked="checked"' : '').' value="1" /></td> - </tr>'); + <td>'.htmlspecialchars($group['name']).'</td>'); + foreach ($rights as $right) { + $stmt_is->bindParam('right_id',$right['id'],PDO::PARAM_INT); + $stmt_is->execute(); + $is = $stmt_is->fetchColumn(); + + echo '<td title="'.$group['name'].'--'.$right['name'].': '.$right['description'].'"><input type="checkbox" value="1" name="valid'.$group['id'].'_'.$right['id'].'" '.($is ? 'checked="checked"' : '').' /></td>'; + } + echo '</tr>'; }
echo_strip(' @@ -286,29 +292,31 @@ $success = true;
// try to insert new access list - $stmt=&DBConnection::getInstance()->prepare("UPDATE ".ROSCMST_ACCESS." SET name=:name, name_short=:short, description=:description WHERE id=:acl_id"); - $stmt->bindParam('name',$_POST['acl_name'],PDO::PARAM_STR); - $stmt->bindParam('short',$_POST['acl_short'],PDO::PARAM_STR); - $stmt->bindParam('description',$_POST['acl_desc'],PDO::PARAM_STR); - $stmt->bindParam('acl_id',$_POST['acl_id'],PDO::PARAM_INT); + $stmt=&DBConnection::getInstance()->prepare("UPDATE ".ROSCMST_ACCESS." SET name=:name, name_short=:short, description=:description WHERE id=:access_id"); + $stmt->bindParam('name',$_POST['access_name'],PDO::PARAM_STR); + $stmt->bindParam('short',$_POST['access_short'],PDO::PARAM_STR); + $stmt->bindParam('description',$_POST['access_desc'],PDO::PARAM_STR); + $stmt->bindParam('access_id',$_POST['access_id'],PDO::PARAM_INT); $success = $success && $stmt->execute();
- // prepare for usage in loop - $stmt_ins=&DBConnection::getInstance()->prepare("UPDATE ".ROSCMST_ENTRY_AREA." SET can_read=:read, can_write=:write, can_add=:add, can_delete=:delete, can_publish=:publish, can_translate=:translate WHERE acl_id=:acl_id AND group_id=:group_id"); - $stmt_ins->bindParam('acl_id',$_POST['acl_id'],PDO::PARAM_INT); - - // insert access rights for each group - $stmt=&DBConnection::getInstance()->prepare("SELECT id FROM ".ROSCMST_GROUPS); + $stmt=&DBConnection::getInstance()->prepare("DELETE FROM ".ROSCMST_ACL." WHERE access_id=:access_id"); + $stmt->bindParam('access_id',$_POST['access_id'],PDO::PARAM_INT); $success = $success && $stmt->execute(); - while ($group = $stmt->fetch(PDO::FETCH_ASSOC)) { - $stmt_ins->bindParam('group_id',$group['id'],PDO::PARAM_INT); - $stmt_ins->bindValue('read',$_POST['read'.$group['id']]=='true',PDO::PARAM_BOOL); - $stmt_ins->bindValue('write',$_POST['write'.$group['id']]=='true',PDO::PARAM_BOOL); - $stmt_ins->bindValue('add',$_POST['add'.$group['id']]=='true',PDO::PARAM_BOOL); - $stmt_ins->bindValue('delete',$_POST['del'.$group['id']]=='true',PDO::PARAM_BOOL); - $stmt_ins->bindValue('publish',$_POST['pub'.$group['id']]=='true',PDO::PARAM_BOOL); - $stmt_ins->bindValue('translate',$_POST['trans'.$group['id']]=='true',PDO::PARAM_BOOL); - $success = $success && $stmt_ins->execute(); + + if ($success) { + $stmt=&DBConnection::getInstance()->prepare("INSERT INTO ".ROSCMST_ACL." (access_id, group_id, right_id) VALUES (:access_id,:group_id,:right_id)"); + $stmt->bindParam('access_id',$_POST['access_id'],PDO::PARAM_INT); + foreach ($_POST as $item=>$val) { + if (strpos($item,'valid')===0) { + $item = substr($item, 5); + $id = explode('_',$item); + if($id[0] > 0 && $id[1] > 0 && $val=='true') { + $stmt->bindParam('right_id',$id[1],PDO::PARAM_INT); + $stmt->bindParam('group_id',$id[0],PDO::PARAM_INT); + $success = $success && $stmt->execute(); + } + } + } }
// give the user a success or failure message @@ -329,8 +337,8 @@ */ protected function showDelete( ) { - $stmt=&DBConnection::getInstance()->prepare("SELECT COUNT(id) FROM ".ROSCMST_ENTRIES." WHERE acl_id=:acl_id"); - $stmt->bindParam('acl_id',$_POST['acl'],PDO::PARAM_INT); + $stmt=&DBConnection::getInstance()->prepare("SELECT COUNT(id) FROM ".ROSCMST_ENTRIES." WHERE access_id=:access_id"); + $stmt->bindParam('access_id',$_POST['access'],PDO::PARAM_INT); $stmt->execute(); $data_count = $stmt->fetchColumn();
@@ -339,17 +347,17 @@ echo '<div>Can't delete entry: It's used in '.$data_count.' entries. Remove usage first, and try again later.</div>'; } else { - $stmt=&DBConnection::getInstance()->prepare("SELECT name, name_short, description, id FROM ".ROSCMST_ACCESS." WHERE id=:acl_id"); - $stmt->bindParam('acl_id',$_POST['acl'],PDO::PARAM_INT); + $stmt=&DBConnection::getInstance()->prepare("SELECT name, name_short, description, id FROM ".ROSCMST_ACCESS." WHERE id=:access_id"); + $stmt->bindParam('access_id',$_POST['access'],PDO::PARAM_INT); $stmt->execute(); $access = $stmt->fetchOnce(PDO::FETCH_ASSOC);
echo_strip(' <form onsubmit="return false;"> <div> - <input type="hidden" name="acl_id" id="acl_id" value="'.$access['id'].'" /> - - Do you really want to delete the ACL "<span title="'.$access['description'].'">'.$access['name'].'</span>" ? + <input type="hidden" name="access_id" id="access_id" value="'.$access['id'].'" /> + + Do you really want to delete the access "<span title="'.$access['description'].'">'.$access['name'].'</span>" ? <button style="color: red;" onclick="'."submitDelete('acl')".'" name="uaq" value="yes">Yes, Delete it.</button> <button style="color: green;" name="uaq" value="no">No</button> </div> @@ -369,8 +377,8 @@ $success = true;
// check if it is used anywhere - $stmt=&DBConnection::getInstance()->prepare("SELECT COUNT(id) FROM ".ROSCMST_ENTRIES." WHERE acl_id=:acl_id"); - $stmt->bindParam('acl_id',$_POST['acl_id'],PDO::PARAM_INT); + $stmt=&DBConnection::getInstance()->prepare("SELECT COUNT(id) FROM ".ROSCMST_ENTRIES." WHERE access_id=:access_id"); + $stmt->bindParam('access_id',$_POST['access_id'],PDO::PARAM_INT); $stmt->execute(); $data_count = $stmt->fetchColumn(); if ($data_count > 0) { @@ -379,14 +387,14 @@ else {
// delete acl - $stmt=&DBConnection::getInstance()->prepare("DELETE FROM ".ROSCMST_ACCESS." WHERE id=:acl_id"); - $stmt->bindParam('acl_id',$_POST['acl_id'],PDO::PARAM_INT); + $stmt=&DBConnection::getInstance()->prepare("DELETE FROM ".ROSCMST_ACCESS." WHERE id=:access_id"); + $stmt->bindParam('access_id',$_POST['access_id'],PDO::PARAM_INT); $success = $success && $stmt->execute();
// delete rights list if ($success) { - $stmt=&DBConnection::getInstance()->prepare("DELETE FROM ".ROSCMST_ENTRY_AREA." WHERE acl_id=:acl_id"); - $stmt->bindParam('acl_id',$_POST['acl_id'],PDO::PARAM_INT); + $stmt=&DBConnection::getInstance()->prepare("DELETE FROM ".ROSCMST_ACL." WHERE access_id=:access_id"); + $stmt->bindParam('access_id',$_POST['access_id'],PDO::PARAM_INT); $success = $success && $stmt->execute(); }
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/Admin_Groups.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/Admin_Groups.class.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/Admin_Groups.class.php [iso-8859-1] Sun Jan 25 05:25:18 2009 @@ -35,6 +35,10 @@ */ protected function showNew( ) { + $stmt=&DBConnection::getInstance()->prepare("SELECT id, name, description FROM ".ROSCMST_RIGHTS." ORDER BY name ASC"); + $stmt->execute(); + $rights=$stmt->fetchAll(PDO::FETCH_ASSOC); + echo_strip(' <h2>Create new Group</h2> <form onsubmit="return false;"> @@ -42,10 +46,10 @@ <legend>Group Data</legend> <label for="group_sec">Security Level</label> <select id="group_sec" name="group_sec"> - <option value="0">0 (no access to CMS, only that myRosCMS stuff)</option> - <option value="1">1 (simple users (e.g. translator))</option> - <option value="2">2 (advanced rights, e.g. developers)</option> - <option value="3">3 (some admin functions)</option> + <option value="0">0</option> + <option value="1">1</option> + <option value="2">2</option> + <option value="3">3</option> </select> <br />
@@ -65,32 +69,47 @@ <legend>configure group access rights</legend> <table> <tr> + <th>ACL Name</th>'); + foreach ($rights as $right) { + echo '<th style="vertical-align:bottom;" title="'.$right['name'].': '.$right['description'].'"><img src="?page=presentation&type=vtext&text='.$right['name'].'" alt="'.$right['name'].'" /></th>'; + } + echo '</tr>'; + + $stmt=&DBConnection::getInstance()->prepare("SELECT id, name, description FROM ".ROSCMST_ACCESS." ORDER BY name ASC"); + $stmt->execute(); + while ($access = $stmt->fetch(PDO::FETCH_ASSOC)) { + echo_strip(' + <tr title="'.htmlspecialchars($access['description']).'"> + <td>'.htmlspecialchars($access['name']).'</td>'); + + foreach ($rights as $right) { + echo '<td title="'.$access['name'].'--'.$access['name'].': '.$access['description'].'"><input type="checkbox" value="1" name="valid'.$access['id'].'_'.$right['id'].'" /></td>'; + } + echo '</tr>'; + } + + echo_strip(' + </table> + </fieldset> + <br /> + <fieldset> + <legend>Area Protection List (APL)</legend> + <table> + <tr> <th>ACL Name</th> - <th title="read">R</th> - <th title="write">W</th> - <th title="add">A</th> - <th title="delete">D</th> - <th title="publish">P</th> - <th title="translate">T</th> - </tr>'); - - $stmt=&DBConnection::getInstance()->prepare("SELECT id, name, description FROM ".ROSCMST_ACCESS." ORDER BY name ASC"); - $stmt->execute(); - while ($acl = $stmt->fetch(PDO::FETCH_ASSOC)) { + <th>Status</th>'); + + $stmt=&DBConnection::getInstance()->prepare("SELECT id, name, description FROM ".ROSCMST_AREA." ORDER BY name ASC"); + $stmt->execute(); + while ($area = $stmt->fetch(PDO::FETCH_ASSOC)) { echo_strip(' - <tr title="'.htmlspecialchars($acl['description']).'"> - <td>'.htmlspecialchars($acl['name']).'</td> - <td title="read entries"><input type="checkbox" name="read'.$acl['id'].'" id="read'.$acl['id'].'" value="1" /></td> - <td title="edit entries"><input type="checkbox" name="write'.$acl['id'].'" id="write'.$acl['id'].'" value="1" /></td> - <td title="add new entries"><input type="checkbox" name="add'.$acl['id'].'" id="add'.$acl['id'].'" value="1" /></td> - <td title="delete entries"><input type="checkbox" name="del'.$acl['id'].'" id="del'.$acl['id'].'" value="1" /></td> - <td title="make entries stable"><input type="checkbox" name="pub'.$acl['id'].'" id="pub'.$acl['id'].'" value="1" /></td> - <td title="translate entries"><input type="checkbox" name="trans'.$acl['id'].'" id="trans'.$acl['id'].'" value="1" /></td> + <tr> + <td title="'.$area['description'].'"><label for="area'.$area['id'].'">'.$area['name'].'</label></td> + <td><input type="checkbox" value="1" name="area'.$area['id'].'" id="area'.$area['id'].'" /></td> </tr>'); }
echo_strip(' - </table> </fieldset> <button onclick="'."submitNew('group')".'">Create new Group</button> </form> @@ -123,23 +142,36 @@ $group_id = $stmt->fetchColumn(); if ($group_id !== false) {
- // prepare for usage in loop - $stmt_ins=&DBConnection::getInstance()->prepare("INSERT INTO ".ROSCMST_ENTRY_AREA." (acl_id, group_id, can_read, can_write, can_add, can_delete, can_publish, can_translate) VALUES (:acl_id, :group_id, :read, :write, :add, :delete, :publish, :translate)"); - $stmt_ins->bindParam('group_id',$group_id,PDO::PARAM_INT); - - // insert access rights for each group - $stmt=&DBConnection::getInstance()->prepare("SELECT id FROM ".ROSCMST_ACCESS); + $stmt=&DBConnection::getInstance()->prepare("SELECT id, name, description FROM ".ROSCMST_RIGHTS." ORDER BY name ASC"); $stmt->execute(); - while ($acl = $stmt->fetch(PDO::FETCH_ASSOC)) { - $stmt_ins->bindParam('acl_id',$acl['id'],PDO::PARAM_INT); - $stmt_ins->bindValue('read',$_POST['read'.$acl['id']]=='true',PDO::PARAM_BOOL); - $stmt_ins->bindValue('write',$_POST['write'.$acl['id']]=='true',PDO::PARAM_BOOL); - $stmt_ins->bindValue('add',$_POST['add'.$acl['id']]=='true',PDO::PARAM_BOOL); - $stmt_ins->bindValue('delete',$_POST['del'.$acl['id']]=='true',PDO::PARAM_BOOL); - $stmt_ins->bindValue('publish',$_POST['pub'.$acl['id']]=='true',PDO::PARAM_BOOL); - $stmt_ins->bindValue('translate',$_POST['trans'.$acl['id']]=='true',PDO::PARAM_BOOL); - $success = $success && $stmt_ins->execute(); - } + $rights=$stmt->fetchAll(PDO::FETCH_ASSOC); + + $stmt_acl=&DBConnection::getInstance()->prepare("INSERT INTO ".ROSCMST_ACL." (access_id, group_id, right_id) VALUES (:access_id,:group_id,:right_id)"); + $stmt_acl->bindParam('group_id',$group_id,PDO::PARAM_INT); + $stmt_apl=&DBConnection::getInstance()->prepare("INSERT INTO ".ROSCMST_AREA_ACCESS." (area_id, group_id) VALUES (:area_id,:group_id)"); + $stmt_apl->bindParam('group_id',$_POST['group_id'],PDO::PARAM_INT); + foreach ($_POST as $item=>$val) { + + // insert ACL + if (strpos($item,'valid')===0) { + $item = substr($item, 5); + $id = explode('_',$item); + if($id[0] > 0 && $id[1] > 0 && $val=='true') { + $stmt_acl->bindParam('right_id',$id[1],PDO::PARAM_INT); + $stmt_acl->bindParam('access_id',$id[0],PDO::PARAM_INT); + $success = $success && $stmt_acl->execute(); + } + } + + // insert APL + elseif (strpos($item,'area')===0 && $val=='true') { + $id = substr($item, 4); + if($id > 0) { + $stmt_apl->bindParam('area_id',$id,PDO::PARAM_INT); + $success = $success && $stmt_apl->execute(); + } + } + } // end foreach } // end got list id else { $success = false; @@ -219,6 +251,10 @@ */ protected function showEdit( ) { + $stmt=&DBConnection::getInstance()->prepare("SELECT id, name, description FROM ".ROSCMST_RIGHTS." ORDER BY name ASC"); + $stmt->execute(); + $rights=$stmt->fetchAll(PDO::FETCH_ASSOC); + $stmt=&DBConnection::getInstance()->prepare("SELECT name, name_short, description, id, security_level FROM ".ROSCMST_GROUPS." WHERE id=:acl_id"); $stmt->bindParam('acl_id',$_POST['group'],PDO::PARAM_INT); $stmt->execute(); @@ -233,10 +269,10 @@
<label for="group_sec">Security Level</label> <select id="group_sec" name="group_sec"> - <option value="0"'.($group['security_level'] == 0 ? ' selected="selected"' : '').'>0 (no access to CMS, only that myRosCMS stuff)</option> - <option value="1"'.($group['security_level'] == 1 ? ' selected="selected"' : '').'>1 (simple users (e.g. translator))</option> - <option value="2"'.($group['security_level'] == 2 ? ' selected="selected"' : '').'>2 (advanced rights, e.g. developers)</option> - <option value="3"'.($group['security_level'] == 3 ? ' selected="selected"' : '').'>3 (some admin functions)</option> + <option value="0"'.($group['security_level'] == 0 ? ' selected="selected"' : '').'>0</option> + <option value="1"'.($group['security_level'] == 1 ? ' selected="selected"' : '').'>1</option> + <option value="2"'.($group['security_level'] == 2 ? ' selected="selected"' : '').'>2</option> + <option value="3"'.($group['security_level'] == 3 ? ' selected="selected"' : '').'>3</option> </select> <br />
@@ -256,33 +292,63 @@ <legend>configure group access rights</legend> <table> <tr> + <th>ACL Name</th>'); + foreach ($rights as $right) { + echo '<th style="vertical-align:bottom;" title="'.$right['name'].': '.$right['description'].'"><img src="?page=presentation&type=vtext&text='.$right['name'].'" alt="'.$right['name'].'" /></th>'; + } + echo '</tr>'; + + // for usage in loop + $stmt_is=&DBConnection::getInstance()->prepare("SELECT TRUE FROM ".ROSCMST_ACL." WHERE group_id=:group_id AND right_id=:right_id AND access_id=:access_id LIMIT 1"); + $stmt_is->bindParam('group_id',$group['id'],PDO::PARAM_INT); + + $stmt=&DBConnection::getInstance()->prepare("SELECT id, name, description FROM ".ROSCMST_ACCESS." ORDER BY name ASC"); + $stmt->execute(); + while ($access = $stmt->fetch(PDO::FETCH_ASSOC)) { + $stmt_is->bindParam('access_id',$access['id'],PDO::PARAM_INT); + echo_strip(' + <tr title="'.htmlspecialchars($access['description']).'"> + <td>'.htmlspecialchars($access['name']).'</td>'); + foreach ($rights as $right) { + $stmt_is->bindParam('right_id',$right['id'],PDO::PARAM_INT); + $stmt_is->execute(); + $is = $stmt_is->fetchColumn(); + + echo '<td title="'.$access['name'].'--'.$right['name'].': '.$right['description'].'"><input type="checkbox" value="1" name="valid'.$access['id'].'_'.$right['id'].'" '.($is ? 'checked="checked"' : '').' /></td>'; + } + echo '</tr>'; + } + + echo_strip(' + </table> + </fieldset> + <br /> + <fieldset> + <legend>Area Protection List (APL)</legend> + <table> + <tr> <th>ACL Name</th> - <th title="read">R</th> - <th title="write">W</th> - <th title="add">A</th> - <th title="delete">D</th> - <th title="publish">P</th> - <th title="translate">T</th> - </tr>'); - - $stmt=&DBConnection::getInstance()->prepare("SELECT s.id, s.name, s.description, a.can_read, a.can_write, a.can_add, a.can_delete, a.can_publish, a.can_translate FROM ".ROSCMST_ACCESS." s JOIN ".ROSCMST_ENTRY_AREA." a ON a.acl_id=s.id WHERE a.group_id=:group_id ORDER BY name ASC"); - $stmt->bindParam('group_id',$group['id'],PDO::PARAM_INT); - $stmt->execute(); - while ($acl = $stmt->fetch(PDO::FETCH_ASSOC)) { + <th>Status</th>'); + + // for usage in loop + $stmt_is=&DBConnection::getInstance()->prepare("SELECT TRUE FROM ".ROSCMST_AREA_ACCESS." WHERE group_id=:group_id AND area_id=:area_id LIMIT 1"); + $stmt_is->bindParam('group_id',$group['id'],PDO::PARAM_INT); + + $stmt=&DBConnection::getInstance()->prepare("SELECT id, name, description FROM ".ROSCMST_AREA." ORDER BY name ASC"); + $stmt->execute(); + while ($area = $stmt->fetch(PDO::FETCH_ASSOC)) { + $stmt_is->bindParam('area_id',$area['id'],PDO::PARAM_INT); + $stmt_is->execute(); + $is = $stmt_is->fetchColumn(); + echo_strip(' - <tr title="'.htmlspecialchars($acl['description']).'"> - <td>'.htmlspecialchars($acl['name']).'</td> - <td title="read entries"><input type="checkbox" name="read'.$acl['id'].'" id="read'.$acl['id'].'" '.($acl['can_read'] == true ? 'checked="checked"' : '').' value="1" /></td> - <td title="edit entries"><input type="checkbox" name="write'.$acl['id'].'" id="write'.$acl['id'].'" '.($acl['can_write'] == true ? 'checked="checked"' : '').' value="1" /></td> - <td title="add new entries"><input type="checkbox" name="add'.$acl['id'].'" id="add'.$acl['id'].'" '.($acl['can_add'] == true ? 'checked="checked"' : '').' value="1" /></td> - <td title="delete entries"><input type="checkbox" name="del'.$acl['id'].'" id="del'.$acl['id'].'" '.($acl['can_delete'] == true ? 'checked="checked"' : '').' value="1" /></td> - <td title="make entries stable"><input type="checkbox" name="pub'.$acl['id'].'" id="pub'.$acl['id'].'" '.($acl['can_publish'] == true ? 'checked="checked"' : '').' value="1" /></td> - <td title="translate entries"><input type="checkbox" name="trans'.$acl['id'].'" id="trans'.$acl['id'].'" '.($acl['can_translate'] == true ? 'checked="checked"' : '').' value="1" /></td> + <tr> + <td title="'.$area['description'].'"><label for="area'.$area['id'].'">'.$area['name'].'</label></td> + <td><input type="checkbox" value="1" name="area'.$area['id'].'" id="area'.$area['id'].'"'.($is ? ' checked="checked"' : '').' /></td> </tr>'); }
echo_strip(' - </table> </fieldset> <button onclick="'."submitEdit('group')".'">Edit Group</button> </form> @@ -309,22 +375,41 @@ $stmt->bindParam('group_id',$_POST['group_id'],PDO::PARAM_INT); $success = $success && $stmt->execute();
- // prepare for usage in loop - $stmt_ins=&DBConnection::getInstance()->prepare("UPDATE ".ROSCMST_ENTRY_AREA." SET can_read=:read, can_write=:write, can_add=:add, can_delete=:delete, can_publish=:publish, can_translate=:translate WHERE acl_id=:acl_id AND group_id=:group_id"); - $stmt_ins->bindParam('group_id',$_POST['group_id'],PDO::PARAM_INT); - - // insert access rights for each group - $stmt=&DBConnection::getInstance()->prepare("SELECT id FROM ".ROSCMST_ACCESS); + $stmt=&DBConnection::getInstance()->prepare("DELETE FROM ".ROSCMST_ACL." WHERE group_id=:group_id"); + $stmt->bindParam('group_id',$_POST['group_id'],PDO::PARAM_INT); $success = $success && $stmt->execute(); - while ($access = $stmt->fetch(PDO::FETCH_ASSOC)) { - $stmt_ins->bindParam('acl_id',$access['id'],PDO::PARAM_INT); - $stmt_ins->bindValue('read',$_POST['read'.$access['id']]=='true',PDO::PARAM_BOOL); - $stmt_ins->bindValue('write',$_POST['write'.$access['id']]=='true',PDO::PARAM_BOOL); - $stmt_ins->bindValue('add',$_POST['add'.$access['id']]=='true',PDO::PARAM_BOOL); - $stmt_ins->bindValue('delete',$_POST['del'.$access['id']]=='true',PDO::PARAM_BOOL); - $stmt_ins->bindValue('publish',$_POST['pub'.$access['id']]=='true',PDO::PARAM_BOOL); - $stmt_ins->bindValue('translate',$_POST['trans'.$access['id']]=='true',PDO::PARAM_BOOL); - $success = $success && $stmt_ins->execute(); + + $stmt=&DBConnection::getInstance()->prepare("DELETE FROM ".ROSCMST_AREA_ACCESS." WHERE group_id=:group_id"); + $stmt->bindParam('group_id',$_POST['group_id'],PDO::PARAM_INT); + $success = $success && $stmt->execute(); + + if ($success) { + $stmt_acl=&DBConnection::getInstance()->prepare("INSERT INTO ".ROSCMST_ACL." (access_id, group_id, right_id) VALUES (:access_id,:group_id,:right_id)"); + $stmt_acl->bindParam('group_id',$_POST['group_id'],PDO::PARAM_INT); + $stmt_apl=&DBConnection::getInstance()->prepare("INSERT INTO ".ROSCMST_AREA_ACCESS." (area_id, group_id) VALUES (:area_id,:group_id)"); + $stmt_apl->bindParam('group_id',$_POST['group_id'],PDO::PARAM_INT); + foreach ($_POST as $item=>$val) { + + // insert ACL + if (strpos($item,'valid')===0) { + $item = substr($item, 5); + $id = explode('_',$item); + if($id[0] > 0 && $id[1] > 0 && $val=='true') { + $stmt_acl->bindParam('right_id',$id[1],PDO::PARAM_INT); + $stmt_acl->bindParam('access_id',$id[0],PDO::PARAM_INT); + $success = $success && $stmt_acl->execute(); + } + } + + // insert APL + elseif (strpos($item,'area')===0 && $val=='true') { + $id = substr($item, 4); + if($id > 0) { + $stmt_apl->bindParam('area_id',$id,PDO::PARAM_INT); + $success = $success && $stmt_apl->execute(); + } + } + } }
// give the user a success or failure message @@ -380,7 +465,11 @@
// delete rights list if ($success) { - $stmt=&DBConnection::getInstance()->prepare("DELETE FROM ".ROSCMST_ENTRY_AREA." WHERE group_id=:group_id"); + $stmt=&DBConnection::getInstance()->prepare("DELETE FROM ".ROSCMST_ACL." WHERE group_id=:group_id"); + $stmt->bindParam('group_id',$_POST['group_id'],PDO::PARAM_INT); + $success = $success && $stmt->execute(); + + $stmt=&DBConnection::getInstance()->prepare("DELETE FROM ".ROSCMST_ACL." WHERE group_id=:group_id"); $stmt->bindParam('group_id',$_POST['group_id'],PDO::PARAM_INT); $success = $success && $stmt->execute(); }
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/Admin_System.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/Admin_System.class.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/Admin_System.class.php [iso-8859-1] Sun Jan 25 05:25:18 2009 @@ -74,7 +74,7 @@ */ protected function showAPL( ) { - $stmt=&DBConnection::getInstance()->prepare("SELECT id, name_short, description FROM ".ROSCMST_AREA." ORDER BY name_short ASC"); + $stmt=&DBConnection::getInstance()->prepare("SELECT id, name, description FROM ".ROSCMST_AREA." ORDER BY name ASC"); $stmt->execute(); $areas=$stmt->fetchAll(PDO::FETCH_ASSOC);
@@ -88,15 +88,11 @@ <th style="vertical-align:bottom;" title="Security Level">SecLvl</th> <th style="vertical-align:bottom;">Group Name</th>'); foreach ($areas as $area) { - echo '<th style="width: 1em;font-family:monospace;vertical-align:bottom;line-height: 0.8em;" title="'.$area['name_short'].': '.$area['description'].'">'; - for ($i=0; $i<strlen($area['name_short']);$i++) { - echo substr($area['name_short'], $i, 1).'<br />'; - } - echo '</th>'; + echo '<th style="vertical-align:bottom;" title="'.$area['name'].': '.$area['description'].'"><img src="?page=presentation&type=vtext&text='.$area['name'].'" alt="'.$area['name'].'" /></th>'; } echo '</tr>';
- $stmt_is=&DBConnection::getInstance()->prepare("SELECT TRUE FROM ".ROSCMST_AREA." a JOIN ".ROSCMST_AREA_ACCESS." b ON a.id=b.area_id WHERE b.group_id=:group_id AND a.id=:area_id ORDER BY a.name_short LIMIT 1"); + $stmt_is=&DBConnection::getInstance()->prepare("SELECT TRUE FROM ".ROSCMST_AREA." a JOIN ".ROSCMST_AREA_ACCESS." b ON a.id=b.area_id WHERE b.group_id=:group_id AND a.id=:area_id LIMIT 1");
$stmt=&DBConnection::getInstance()->prepare("SELECT id, name, security_level, description FROM ".ROSCMST_GROUPS." ORDER BY security_level ASC, name ASC"); $stmt->execute(); @@ -111,7 +107,7 @@ $stmt_is->execute(); $is = $stmt_is->fetchColumn();
- echo '<td title="'.$group['name'].'--'.$area['name_short'].': '.$area['description'].'"><input type="checkbox" value="1" name="valid'.$group['id'].'_'.$area['id'].'" '.($is ? 'checked="checked"' : '').' /></td>'; + echo '<td title="'.$group['name'].'--'.$area['name'].': '.$area['description'].'"><input type="checkbox" value="1" name="valid'.$group['id'].'_'.$area['id'].'" '.($is ? 'checked="checked"' : '').' /></td>'; } echo '</tr>'; }
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/CMSWebsiteFilter.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/CMSWebsiteFilter.class.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/CMSWebsiteFilter.class.php [iso-8859-1] Sun Jan 25 05:25:18 2009 @@ -25,59 +25,85 @@ class CMSWebsiteFilter {
- private $type_num = 1; -
public function __construct( ) { Login::required();
- $this->manage(); + // manage actions for adding / deleting filters + if ($_GET['d_val'] == 'add') { + $this->add($_GET['title'], $_GET['setting']); + } + elseif ($_GET['d_val'] == 'del') { + $this->del($_GET['id']); + } + + // show updated filter list + $this->show(); + } // end of member function __construct
+ /** - * cares about filter management: adding, deleting, listing + * adds a new filter to users smart filters * - * @param string _GET['d_value'] action 'add' or 'del' - * @param string _GET['d_value3'] filter_title if adding its the filter name, if del it's the filter id - * @param string _GET['d_value4'] filter_string filter content + * @param string title the filter name + * @param string setting filter settings * @return * @access private */ - private function manage( ) + private function add( $title, $setting ) { $thisuser = &ThisUser::getInstance();
- // add a new label - if ($_GET['d_val'] == 'add') { + // check if filter already exists + $stmt=&DBConnection::getInstance()->prepare("SELECT 1 FROM ".ROSCMST_FILTER." WHERE user_id = :user_id AND name = :title LIMIT 1"); + $stmt->bindParam('user_id',$thisuser->id(),PDO::PARAM_INT); + $stmt->bindParam('title',$title,PDO::PARAM_STR); + $stmt->execute(); + if ($stmt->fetchColumn() === false) {
- // check if filter already exists - $stmt=&DBConnection::getInstance()->prepare("SELECT 1 FROM ".ROSCMST_FILTER." WHERE user_id = :user_id AND name = :title LIMIT 1"); + // insert new filter + $stmt=&DBConnection::getInstance()->prepare("INSERT INTO ".ROSCMST_FILTER." ( id, user_id, name, setting ) VALUES ( NULL, :user_id, :title, :setting )"); $stmt->bindParam('user_id',$thisuser->id(),PDO::PARAM_INT); - $stmt->bindParam('title',$_GET['d_val3'],PDO::PARAM_STR); - $stmt->execute(); - if ($stmt->fetchColumn() === false) { - - // insert new filter - $stmt=&DBConnection::getInstance()->prepare("INSERT INTO ".ROSCMST_FILTER." ( id, user_id, name, setting ) VALUES ( NULL, :user_id, :title, :string )"); - $stmt->bindParam('user_id',$thisuser->id(),PDO::PARAM_INT); - $stmt->bindParam('title',$_GET['d_val3'],PDO::PARAM_STR); - $stmt->bindParam('string',$_GET['d_val4'],PDO::PARAM_STR); - $stmt->execute(); - } - } - elseif ($_GET['d_val'] == 'del') { - // delete a label - $stmt=&DBConnection::getInstance()->prepare("DELETE FROM ".ROSCMST_FILTER." WHERE id = :filter_id AND user_id = :user_id LIMIT 1"); - $stmt->bindParam('filter_id',$_GET['d_val3'],PDO::PARAM_INT); - $stmt->bindParam('user_id',$thisuser->id(),PDO::PARAM_INT); + $stmt->bindParam('title',$title,PDO::PARAM_STR); + $stmt->bindParam('setting',$setting,PDO::PARAM_STR); $stmt->execute(); } + }
+ + + /** + * deletes a smart filter + * + * @param string _GET['d_val3'] filter_title if adding its the filter name, if del it's the filter id + * @param string _GET['d_val4'] filter_string filter content + * @return + * @access private + */ + private function del( $filter_id ) + { + // delete a label + $stmt=&DBConnection::getInstance()->prepare("DELETE FROM ".ROSCMST_FILTER." WHERE id = :filter_id AND user_id = :user_id LIMIT 1"); + $stmt->bindParam('filter_id',$filter_id,PDO::PARAM_INT); + $stmt->bindParam('user_id',ThisUser::getInstance()->id(),PDO::PARAM_INT); + $stmt->execute(); + } + + + + /** + * deletes a smart filter + * + * @access private + */ + private function show( ) + { // echo current list of filters $stmt=&DBConnection::getInstance()->prepare("SELECT id, name, setting FROM ".ROSCMST_FILTER." WHERE user_id = :user_id ORDER BY name ASC"); - $stmt->bindParam('user_id',$thisuser->id(),PDO::PARAM_INT); + $stmt->bindParam('user_id',ThisUser::getInstance()->id(),PDO::PARAM_INT); $stmt->execute(); while ($filter = $stmt->fetch(PDO::FETCH_ASSOC)) { echo_strip(' @@ -90,10 +116,9 @@
// give standard text, if no filters are found if ($filter === false) { - echo '<span>Compose your favorite filter combinations and afterwards use the "save" function.</span>'; + echo '<span>Compose your favorite filter combinations and afterwards use the "save" function.</span>'; } - - } // end of member function manage + }
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/CMSWebsiteLabel.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/CMSWebsiteLabel.class.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/CMSWebsiteLabel.class.php [iso-8859-1] Sun Jan 25 05:25:18 2009 @@ -30,21 +30,16 @@ { Login::required();
- $this->output(); + $this->show(); } // end of member function __construct
/** * cares about filter management: adding, deleting, listing * - * @param string _GET['d_value'] action 'add' or 'del' - * @param string _GET['d_value2'] type 'label' or not - * @param string _GET['d_value3'] filter_title if adding its the filter name, if del it's the filter id - * @param string _GET['d_value4'] filter_string filter content - * @return * @access private */ - private function output( ) + private function show( ) { $thisuser = &ThisUser::getInstance();
Added: branches/danny-web/reactos.org/htdocs/roscms/lib/CMSWebsitePreview.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/CMSWebsitePreview.class.php (added) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/CMSWebsitePreview.class.php [iso-8859-1] Sun Jan 25 05:25:18 2009 @@ -1,0 +1,54 @@ +<?php + /* + RosCMS - ReactOS Content Management System + Copyright (C) 2007 Klemens Friedl <frik85@reactos.org> + 2008-2009 Danny Götte <dangerground@web.de> + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + */ + +/** + * class CMSWebsitePreview + * + */ +class CMSWebsitePreview +{ + + + /** + * + * @access public + */ + public function __construct( ) + { + Login::required(); + + $this->show($_GET['rev_id']); + } + + + /** + * + * + * @access private + */ + private function show( $rev_id ) + { + echo_strip(' + <iframe style="width:100%;height:600px;background-color: white;border: 1px solid black;" src="?page=data_out&d_f=page&d_val='.$rev_id.'"></iframe>'); + } // end of member function show + +} // end of CMSWebsitePreview +?>
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/Data.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/Data.class.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/Data.class.php [iso-8859-1] Sun Jan 25 05:25:18 2009 @@ -431,7 +431,6 @@ }
// update text content with new name - //@ADD check, for only updating dependent entries $stmt=&DBConnection::getInstance()->prepare("UPDATE ".ROSCMST_TEXT." SET content = REPLACE(REPLACE(content, :old_type_name, :new_type_name), :old_link, :new_link) WHERE content LIKE :search1 OR content LIKE :search2"); $stmt->bindParam('search1','%[#'.$old_type_short.'_'.$data['name'].']%',PDO::PARAM_STR); $stmt->bindParam('search2','%[#link_'.$data['name'].']%',PDO::PARAM_STR); @@ -566,7 +565,6 @@
// add Tags Tag::add($rev_id, 'number', $next_number, -1); - Tag::add($rev_id, 'number_sort', str_pad($next_number, 5, '0', STR_PAD_LEFT), -1); // padding with '0' Tag::add($rev_id, 'pub_date', date('Y-m-d'), -1); Tag::add($rev_id, 'pub_user', $thisuser->id(), -1);
@@ -640,7 +638,7 @@ die('Set a valid language in your account settings!'); } elseif ($user_lang != $revision['lang_id']) { - echo 'As Language Maintainer you can only mark entries of "'.$user_lang.'" language as stable!'; + echo 'As Language Maintainer you can't mark entries of other languages as stable!'; continue; } } @@ -773,9 +771,8 @@
// move to archiv case 'va': - Data::copy($revision['id'], 0, $lang_id); + Data::toArchive($revision['id']); Data::deleteFile($revision['id']); - Data::deleteRevision($revision['id']); break; } // switch } // for @@ -847,93 +844,67 @@
/** - * - * - * @param int data_id - * @param int rev_id - * @param bool archive_mode - * @param string lang + * creates a new revision suitable for a new translation + * + * @param int rev_id the revision id which has to be translated + * @param int lang_id translated to this language * @return bool * @access public */ - public static function copy($rev_id, $archive_mode, $lang_id = 0 ) - { - // set archive mode dependent vars - if ($archive_mode == 0) { - // copy to archive - $archive_mode = true; - } - elseif ($archive_mode == 1) { - // create copy - $archive_mode = false; - } - else { - die('move_to_archive: wrong param'); - } - - // Log something - if ($archive_mode === false) { - Log::writeLow('copy entire entry (e.g. translate): rev-id '.$rev_id.Log::prepareInfo(null, $rev_id).'{move_to_archive}'); - } - else { - Log::writeMedium('move entire entry to archive: rev-id '.$rev_id.Log::prepareInfo(null, $rev_id).'{move_to_archive}'); - } - - // data_revision - $stmt=&DBConnection::getInstance()->prepare("SELECT r.data_id, d.name, d.type, d.access_id, r.version, r.user_id, r.lang_id, r.datetime FROM ".ROSCMST_REVISIONS." r JOIN ".ROSCMST_ENTRIES." d ON r.data_id=d.id WHERE r.id = :rev_id LIMIT 1"); + public static function newTranslation($rev_id, $lang_id = 0 ) + { + // original_revision + $stmt=&DBConnection::getInstance()->prepare("SELECT id, data_id, lang_id FROM ".ROSCMST_REVISIONS." WHERE id = :rev_id LIMIT 1"); $stmt->bindParam('rev_id',$rev_id,PDO::PARAM_INT); $stmt->execute(); $revision = $stmt->fetchOnce(PDO::FETCH_ASSOC);
- if ($archive_mode === false) { - $revision = array( - 'data_id' => $revision['data_id'], - 'version' => '0', - 'user_id' => ThisUser::getInstance()->id(), - 'lang_id' => $lang_id, - 'datetime' => date('Y-m-d H:i:s')); - } - $stmt=&DBConnection::getInstance()->prepare("INSERT INTO ".ROSCMST_REVISIONS." ( id , data_id , version , lang_id , user_id , datetime ) VALUES ( NULL, :data_id, :version, :lang, :user_id, :datetime )"); + // check if we can translate to the selected language + if ($lang_id == $revision['lang_id'] || $lang_id == Language::getStandardId()) { + die ('Can't translate to your language language'); + } + + // insert translated revision + $stmt=&DBConnection::getInstance()->prepare("INSERT INTO ".ROSCMST_REVISIONS." ( id , data_id , version , lang_id , user_id , datetime ) VALUES ( NULL, :data_id, :version, :lang, :user_id, NOW() )"); $stmt->bindParam('data_id',$revision['data_id'],PDO::PARAM_INT); - $stmt->bindValue('version',$revision['version'],PDO::PARAM_INT); - $stmt->bindParam('lang',$revision['lang_id'],PDO::PARAM_INT); - $stmt->bindParam('user_id',$revision['user_id'],PDO::PARAM_INT); - $stmt->bindParam('datetime',$revision['datetime'],PDO::PARAM_STR); - $stmt->execute(); - - $stmt=&DBConnection::getInstance()->prepare("SELECT id FROM ".ROSCMST_REVISIONS." WHERE data_id = :data_id AND user_id=:user_id ORDER BY id DESC LIMIT 1"); + $stmt->bindValue('version',0,PDO::PARAM_INT); + $stmt->bindParam('lang',$lang_id,PDO::PARAM_INT); + $stmt->bindParam('user_id',ThisUser::getInstance()->id(),PDO::PARAM_INT); + $stmt->execute(); + + // get new revision id + $stmt=&DBConnection::getInstance()->prepare("SELECT id FROM ".ROSCMST_REVISIONS." WHERE data_id = :data_id AND user_id=:user_id AND lang_id=:lang_id ORDER BY id DESC LIMIT 1"); $stmt->bindParam('data_id',$revision['data_id'],PDO::PARAM_INT); - $stmt->bindParam('user_id',$revision['user_id'],PDO::PARAM_INT); + $stmt->bindParam('lang_id',$lang_id,PDO::PARAM_INT); + $stmt->bindParam('user_id',ThisUser::getInstance()->id(),PDO::PARAM_INT); $stmt->execute(); $new_rev_id = $stmt->fetchColumn();
+ // check if copy process was successfull if ($new_rev_id === false) { die('copy-process of data_revision not successful'); } - - // copy stext - $stmt=&DBConnection::getInstance()->prepare("INSERT INTO ".ROSCMST_STEXT." ( id , rev_id , name , content ) SELECT NULL, :new_rev_id AS rev_id, name, content FROM ".ROSCMST_STEXT." WHERE rev_id = :old_rev_id"); + echo $new_rev_id.'--'.$revision['id']; + + // copy short text + $stmt=&DBConnection::getInstance()->prepare("INSERT INTO ".ROSCMST_STEXT." ( id , rev_id , name , content ) SELECT NULL, :new_rev_id, name, content FROM ".ROSCMST_STEXT." WHERE rev_id = :old_rev_id"); $stmt->bindParam('new_rev_id',$new_rev_id,PDO::PARAM_INT); - $stmt->bindParam('old_rev_id',$old_rev_id,PDO::PARAM_INT); + $stmt->bindParam('old_rev_id',$revision['id'],PDO::PARAM_INT); $stmt->execute();
// copy_text - $stmt=&DBConnection::getInstance()->prepare("INSERT INTO ".ROSCMST_TEXT." ( id , rev_id , name , content ) SELECT NULL, :new_rev_id AS rev_id, name, content FROM ".ROSCMST_TEXT." WHERE rev_id = :old_rev_id"); + $stmt=&DBConnection::getInstance()->prepare("INSERT INTO ".ROSCMST_TEXT." ( id , rev_id , name , content ) SELECT NULL, :new_rev_id, name, content FROM ".ROSCMST_TEXT." WHERE rev_id = :old_rev_id"); $stmt->bindParam('new_rev_id',$new_rev_id,PDO::PARAM_INT); - $stmt->bindParam('old_rev_id',$old_rev_id,PDO::PARAM_INT); - $stmt->execute(); - - - // data_tag - Tag::copyFromData($rev_id, $new_rev_id); - if ($archive_mode === false) { - // change status to draft - $tag_id = Tag::getIdByUser($new_rev_id, 'status', -1); - Tag::update($tag_id, 'draft'); - } + $stmt->bindParam('old_rev_id',$revision['id'],PDO::PARAM_INT); + $stmt->execute(); + + + // copy data tags and update status + Tag::copyFromData($revision['id'], $new_rev_id); + Tag::update(Tag::getIdByUser($new_rev_id, 'status', -1), 'draft');
return true; - } // end of member function compareGregorianDate + } // end of member function newTranslation
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/Editor_Website.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/Editor_Website.class.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/Editor_Website.class.php [iso-8859-1] Sun Jan 25 05:25:18 2009 @@ -236,15 +236,14 @@ if (Data::hasAccess($revision['data_id'], 'translate')) {
// copy existing entry to new language - if (Data::copy($revision['id'], 1 /* copy mode */, $_GET['d_r_lang'])) { + if (Data::newTranslation($revision['id'], $_GET['d_r_lang'])) { $stmt=&DBConnection::getInstance()->prepare("SELECT id FROM ".ROSCMST_REVISIONS." WHERE data_id = :data_id AND user_id = :user_id AND version = 0 AND lang_id = :lang ORDER BY id DESC LIMIT 1"); $stmt->bindParam('data_id',$revision['data_id'],PDO::PARAM_STR); $stmt->bindParam('user_id',ThisUser::getInstance()->id(),PDO::PARAM_INT); $stmt->bindParam('lang',$_GET['d_r_lang'],PDO::PARAM_STR); $stmt->execute(); - $translation = $stmt->fetchOnce(PDO::FETCH_ASSOC); - - $this->setRevision($translation['id']); + + $this->setRevision($stmt->fetchColumn()); $this->show(); } else {
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/Export_Page.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/Export_Page.class.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/Export_Page.class.php [iso-8859-1] Sun Jan 25 05:25:18 2009 @@ -25,12 +25,6 @@ class Export_Page extends Export {
- /** Aggregations: */ - - /** Compositions: */ - - /*** Attributes: ***/ -
/** * @@ -40,61 +34,22 @@ public function __construct( ) { parent::__construct(); - $this->page(); + + + // remove "tr" so that it also work in translation view + $this->show(str_replace('tr', '', $_GET['d_val'])); }
/** * - * @return - * @access public + * @access private */ - public function page( ) + private function show( $rev_id ) { - switch (@$_GET['d_u']) { - case 'output': - // @TODO - break; - - case 'show': - default: - if (empty($_GET['d_r_id']) || strpos($_GET['d_r_id'], 'tr') >= 0) { - // translation mode (contains "tr") - $lang = @$_GET['d_r_lang']; - } - else { - $lang = $_GET['d_val2']; - } - - // remove "tr" so that it also work in translation view - $data = str_replace('tr', '', $_GET['d_val']); - - if ( is_numeric($data) ) { - $stmt=&DBConnection::getInstance()->prepare("SELECT d.name, r.id, r.lang_id FROM ".ROSCMST_ENTRIES." d JOIN ".ROSCMST_REVISIONS." r ON d.id = r.data_id WHERE r.id = :rev_id ORDER BY r.version DESC LIMIT 1"); - $stmt->bindParam('rev_id',$data,PDO::PARAM_INT); - } - else { - $stmt=&DBConnection::getInstance()->prepare("SELECT d.name, r.id, r.lang_id FROM ".ROSCMST_ENTRIES." d JOIN ".ROSCMST_REVISIONS." r ON d.id = r.data_id WHERE d.name = :data_name AND r.lang_id IN(:lang_one, :lang_two) ORDER BY r.version DESC LIMIT 1"); - $stmt->bindParam('data_name',$data,PDO::PARAM_STR); - $stmt->bindParam('lang_one',$lang,PDO::PARAM_INT); - $stmt->bindParam('lang_two',Language::getStandardId(),PDO::PARAM_INT); - } - - $stmt->execute(); - $revision = $stmt->fetchOnce(PDO::FETCH_ASSOC); - if (empty($_GET['d_val3'])) { - $dynamic_num = Tag::getValueByUser($revision['id'], 'number', -1); - } - else { - $dynamic_num = $_GET['d_val3']; - } - - Log::writeGenerateLow('preview page: generate_page('.$revision['name'].', '.$revision['lang_id'].', '.$dynamic_num.', '.$_GET['d_u'].')'); - - $export_html = new Export_HTML(); - echo $export_html->processText($revision['id'], $_GET['d_u']); - break; - } + // output a preview of the selected content + $generate = new Generate(); + $generate->preview($rev_id); }
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/Export_XML.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/Export_XML.class.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/Export_XML.class.php [iso-8859-1] Sun Jan 25 05:25:18 2009 @@ -320,7 +320,7 @@ $tdata .= ' status="'. $line_status .'"'; /* status (odd/even (=stable), new, draft, etc.) */ $tdata .= ' security="'. $security .'"'; /* security (read, write, add, pub, trans) */ $tdata .= ' xtrcol="'.$column_list_row.'"'; - $tdata .= '><![CDATA['.urlencode(substr($stext_content, 30)).']]></row>'; + $tdata .= '><![CDATA['.urlencode(substr($stext_content, 0, 30)).']]></row>';
$row_counter++; } // while @@ -419,8 +419,8 @@ break; case 'nbr': // number ("dynamic" entry) $tag_counter++; - $this->sql_order .= " t".$tag_counter.".value"; - $this->sql_where .= " AND t".$tag_counter.".name = 'number_sort' "; + $this->sql_order .= " CAST(t".$tag_counter.".value AS INT)"; + $this->sql_where .= " AND t".$tag_counter.".name = 'number' "; break; case 'type': // type $this->sql_order .= "d.type ";
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/Generate.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/Generate.class.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/Generate.class.php [iso-8859-1] Sun Jan 25 05:25:18 2009 @@ -43,6 +43,9 @@ private $lang = null;
private $short = array('template'=>'templ', 'content'=>'cont', 'script'=>'inc'); + + //@DEBUG + private $base_rev = 0;
@@ -65,6 +68,52 @@
/** * + * @param int rev_id + * @return + * @access public + */ + public function preview( $rev_id ) + { + $this->rev_id=$rev_id; + + $stmt=&DBConnection::getInstance()->prepare("SELECT lang_id FROM ".ROSCMST_REVISIONS." WHERE id=:rev_id"); + $stmt->bindParam('rev_id',$rev_id,PDO::PARAM_INT); + $stmt->execute(); + $this->lang_id = $stmt->fetchColumn(); + + $stmt=&DBConnection::getInstance()->prepare("SELECT content FROM ".ROSCMST_TEXT." WHERE rev_id=:rev_id AND name='content'"); + $stmt->bindParam('rev_id',$rev_id,PDO::PARAM_INT); + $stmt->execute(); + $content = $stmt->fetchColumn(); + + // replace depencies + $stmt=&DBConnection::getInstance()->prepare("SELECT d.type, d.name FROM ".ROSCMST_DEPENCIES." w JOIN ".ROSCMST_ENTRIES." d ON w.child_id=d.id WHERE w.rev_id=:rev_id AND w.include IS TRUE"); + $stmt->bindParam('rev_id',$rev_id,PDO::PARAM_INT); + $stmt->execute(); + while ($depency = $stmt->fetch(PDO::FETCH_ASSOC)) { + + // replace + if ($depency['type'] != 'script') { + $content = str_replace('[#'.$this->short[$depency['type']].'_'.$depency['name'].']', $this->getCached(array(null, $this->short[$depency['type']].'_'.$depency['name'])), $content); + } + } + + // execute scripts + $content = preg_replace_callback('/[#inc_([^][#[:space:]]+)]/', array($this,'evalTemplate'),$content); + + // replace roscms vars + $content = $this->replaceRoscmsPlaceholder($content); + + // replace links + $content = preg_replace_callback('/[#link_([^][#[:space:]]+)]/', array($this, 'replaceWithHyperlink'), $content); + + echo $content; + } + + + + /** + * * * @return * @access public @@ -77,6 +126,7 @@ // caching $this->cacheFiles();
+ // we need to reset this, as cacheFiles() overwrites this setting $this->base_dir = $this->destination_folder;
// build all entries @@ -170,7 +220,6 @@ // file content $content = $revision['content']; $content = str_replace('[#%NAME%]', $data_name, $content); - $content = str_replace('[#cont_%NAME%]', '[#cont_'.$data_name.']', $content);
// replace depencies $stmt_more=&DBConnection::getInstance()->prepare("SELECT d.id, d.type, d.name FROM ".ROSCMST_DEPENCIES." w JOIN ".ROSCMST_ENTRIES." d ON w.child_id=d.id WHERE w.rev_id=:rev_id AND w.include IS TRUE"); @@ -183,11 +232,10 @@ if ($depency['type'] != 'script') { $content = str_replace('[#'.$this->short[$depency['type']].'_'.$depency['name'].']', $this->getCached(array(null, $this->short[$depency['type']].'_'.$depency['name'])), $content); } - // eval - else { - $content = str_replace('[#inc_'.$depency['name'].']', $this->evalTemplate(array(null,$depency['name'])), $content); - } - } + } + + // execute scripts + $content = preg_replace_callback('/[#inc_([^][#[:space:]]+)]/', array($this,'evalTemplate'),$content);
// replace roscms vars $content = $this->replaceRoscmsPlaceholder($content); @@ -274,14 +322,19 @@ * @return * @access private */ - public function update( $rev_id ) - { + public function update( $rev_id, $from = null ) + { + // exclude the base ref to avoid circles + if ($this->base_rev === 0) { + $this->base_rev = $rev_id; + }
$stmt=&DBConnection::getInstance()->prepare("SELECT data_id, lang_id FROM ".ROSCMST_REVISIONS." WHERE id=:rev_id"); $stmt->bindParam('rev_id',$rev_id,PDO::PARAM_INT); $stmt->execute(); $revision=$stmt->fetchOnce(PDO::FETCH_ASSOC);
+ // set language for cache $this->lang_id = $revision['lang_id'];
// cache data @@ -289,46 +342,58 @@
// set generating dir again $this->base_dir = $this->destination_folder; - - // update entries which depends on this one - $stmt=&DBConnection::getInstance()->prepare("SELECT r.lang_id, d.name, d.type, r.id FROM ".ROSCMST_DEPENCIES." w JOIN ".ROSCMST_REVISIONS." r ON r.id=w.rev_id JOIN ".ROSCMST_ENTRIES." d ON d.id=r.data_id WHERE w.child_id=:depency_id AND w.rev_id != :rev_id AND r.archive IS FALSE AND w.include IS TRUE"); - $stmt->bindParam('depency_id',$revision['data_id'],PDO::PARAM_INT); - $stmt->bindParam('rev_id',$rev_id,PDO::PARAM_INT); - $stmt->execute(); - while ($depency = $stmt->fetch(PDO::FETCH_ASSOC)) { - + + // for usage in loop // in standard language we may have depencies to other languages, so better generate them all if ($revision['lang_id'] == Language::getStandardId()){ - $stmt_lang=&DBConnection::getInstance()->prepare("SELECT id, name_short FROM ".ROSCMST_LANGUAGES." ORDER BY level DESC"); + $stmt_lang=&DBConnection::getInstance()->prepare("SELECT id, name_short FROM ".ROSCMST_LANGUAGES." ORDER BY level DESC, name ASC"); } else { $stmt_lang=&DBConnection::getInstance()->prepare("SELECT id, name_short FROM ".ROSCMST_LANGUAGES." WHERE id=:lang_id"); $stmt_lang->bindParam('lang_id',$revision['lang_id'],PDO::PARAM_INT); } - $stmt_lang->execute(); - while ($language = $stmt_lang->fetch(PDO::FETCH_ASSOC)) { - - // language settings for generating process - $this->lang_id=$language['id']; - $this->lang=$language['name_short']; - - // cache recursivly or generate page - switch ($depency['type']) { - case 'page': - $this->oneEntry($depency['name'], $language['id']); - break; - case 'dynamic': - $this->makeDynamic($depency['name'], $language['id']); - break; - case 'script': - // scripts are only executed by in pages - break; - default: - $this->update($depency['id']); - break; - } - } - } + + // get list of entries which depend on this one and handle their types + $stmt=&DBConnection::getInstance()->prepare("SELECT r.lang_id, d.name, d.type, r.id FROM ".ROSCMST_DEPENCIES." w JOIN ".ROSCMST_REVISIONS." r ON r.id=w.rev_id JOIN ".ROSCMST_ENTRIES." d ON d.id=r.data_id WHERE w.child_id=:depency_id AND w.rev_id NOT IN(:rev_id,:rev_id2) AND r.archive IS FALSE AND w.include IS TRUE"); + $stmt->bindParam('depency_id',$revision['data_id'],PDO::PARAM_INT); + $stmt->bindParam('rev_id',$this->base_rev,PDO::PARAM_INT); + $stmt->bindParam('rev_id2',$rev_id,PDO::PARAM_INT); + $stmt->execute(); + while ($depency = $stmt->fetch(PDO::FETCH_ASSOC)) { + + + // cache recursivly or generate page + switch ($depency['type']) { + case 'page': + case 'dynamic': + + // generate pages for all languages, if standard lang, otherwise only once + $stmt_lang->execute(); + while ($language = $stmt_lang->fetch(PDO::FETCH_ASSOC)) { + + // language settings for generating process + $this->lang_id=$language['id']; + $this->lang=$language['name_short']; + + // seperate functions for pages & dynamic pages (in that order) + if($depency['type'] == 'page') { + $this->oneEntry($depency['name'], $language['id']); + } + else { + $this->makeDynamic($depency['name'], $language['id']); + } + } // end while language + break; + + case 'script': + // scripts are only executed by in pages + break; + default: + // only run update once per $rev_id + $this->update($depency['id']); + break; + } // end switch + } // end while depency }
@@ -566,7 +631,6 @@
// check if depency not available if (count($results) === 0){ - //echo '<p>* <strong>Not found ('.$type.': '.$name.')</strong></p>'; return false; }
@@ -672,7 +736,7 @@ { $revision = $this->getFrom('script',$matches[1]);
- if( Tag::getValue($revision['id'], 'kind',-1) == 'php') { + if( Tag::getValueByUser($revision['id'], 'kind',-1) == 'php') {
// catch output ob_start();
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_CMS_Website.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_CMS_Website.class.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_CMS_Website.class.php [iso-8859-1] Sun Jan 25 05:25:18 2009 @@ -295,17 +295,17 @@ </select> </div> <div id="tablecmdbar" style="padding-top: 5px;"></div> - <div style="border: 0px dashed red; position: absolute; right: 10px; text-align:right; white-space: nowrap;"> - <span id="mtblnav"> </span> - </div> - <div class="tabselect">Select: <span id="tabselect1"></span></div> - <div id="tablist"> </div> - <div style="border: 0px dashed red; position: absolute; right: 10px; text-align:right; white-space: nowrap;"> - <span id="mtbl2nav"> </span> - </div> - <div class="tabselect">Select: <span id="tabselect2"></span></div> - </div> - <div id="frameedit" style="display: block; border: 0px dashed red; "> + <div style="border: 0px dashed red; position: absolute; right: 10px; text-align:right; white-space: nowrap;"> + <span id="mtblnav"> </span> + </div> + <div class="tabselect">Select: <span id="tabselect1"></span></div> + <div id="tablist"> </div> + <div style="border: 0px dashed red; position: absolute; right: 10px; text-align:right; white-space: nowrap;"> + <span id="mtbl2nav"> </span> + </div> + <div class="tabselect">Select: <span id="tabselect2"></span></div> + </div> + <div id="frameedit" style="display: block; border: 0px dashed red; ">
<div id="frmedithead" style="padding-bottom: 10px;"> </div> <div style="width:100%;"> @@ -313,6 +313,11 @@ <div id="frmdiff"></div> </div> </div> + <div id="previewarea" style="display:none;"> + <div id="previewhead" style="padding-bottom: 10px;"> </div> + <div id="previewzone"> </div> + </div> + </div> <div class="corner_BL"> <div class="corner_BR"></div> @@ -334,7 +339,7 @@ <tr> <td class="lbox" style="background-color:#eeeeee"> </td> <td class="lbox" style="background-color:#A3EDB4"> </td> - <td>Translation up to date</td> + <td>Translation up to date</td> </tr> <tr> <td class="lbox" style="background-color:#B5EDA3"> </td>
Added: branches/danny-web/reactos.org/htdocs/roscms/lib/Presentation.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/Presentation.class.php (added) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/Presentation.class.php [iso-8859-1] Sun Jan 25 05:25:18 2009 @@ -1,0 +1,64 @@ +<?php + /* + RosCMS - ReactOS Content Management System + Copyright (C) 2009 Danny Götte <dangerground@web.de> + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + */ + + +/** + * class Presentation + * + */ +class Presentation +{ + + + + /** + * + * + * @param string text + * @return + * @access private + */ + public static function verticalText( $text ) + { + $font = 2; + + // initial values + $width = 20; + $height = strlen($text)*imagefontwidth($font); + + $image = @imagecreatetruecolor($width, $height+5) or die('Cannot initialize new GD image stream'); + + // background + $bgcolor = imagecolorallocate($image, 255, 255, 255); + imagefill($image, 0, 0, $bgcolor); + + // Set text + $textcolor = imagecolorallocate($image, 0, 0, 0); + imagestringup($image, $font, 0, $height-1, $text, $textcolor); + + // output captcha image to browser + header('Content-Type: image/png'); + header('Cache-control: no-cache, no-store'); + imagepng($image); + imagedestroy($image); + } + +} // end of Presentation +?>
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/Tag.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/Tag.class.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/Tag.class.php [iso-8859-1] Sun Jan 25 05:25:18 2009 @@ -126,7 +126,6 @@ */ public static function add( $rev_id, $tag_name, $tag_value, $user_id ) { - //@ADD group membership check if ($user_id != ThisUser::getInstance()->id() && $user_id != 0 && $user_id != -1) { die('ERROR: no rights to access this function'); }