25 Jan
2009
25 Jan
'09
11:25 a.m.
Author: dgoette
Date: Sun Jan 25 05:25:18 2009
New Revision: 39086
URL: http://svn.reactos.org/svn/reactos?rev=39086&view=rev
Log:
* simplify Smarty Filter backend
* show title in entry table again
* make preview working again, now don't open a new window per preview, load into an
iframe instaed
* use vertical written text in admin tables, to get an better overview
* use revision copy function only to build new translations
* make admin functions working again, after that ACL & APL changes
* fix a bug in generator: while updating entries, entries where generated too often
* minor bugfixes
* simple style changes
Added:
branches/danny-web/reactos.org/htdocs/roscms/lib/CMSWebsitePreview.class.php
branches/danny-web/reactos.org/htdocs/roscms/lib/Presentation.class.php
Modified:
branches/danny-web/reactos.org/htdocs/roscms/config.php
branches/danny-web/reactos.org/htdocs/roscms/connect.db.php
branches/danny-web/reactos.org/htdocs/roscms/css/user.css
branches/danny-web/reactos.org/htdocs/roscms/index.php
branches/danny-web/reactos.org/htdocs/roscms/js/cms_website.js
branches/danny-web/reactos.org/htdocs/roscms/lib/Admin_ACL.class.php
branches/danny-web/reactos.org/htdocs/roscms/lib/Admin_Groups.class.php
branches/danny-web/reactos.org/htdocs/roscms/lib/Admin_System.class.php
branches/danny-web/reactos.org/htdocs/roscms/lib/CMSWebsiteFilter.class.php
branches/danny-web/reactos.org/htdocs/roscms/lib/CMSWebsiteLabel.class.php
branches/danny-web/reactos.org/htdocs/roscms/lib/Data.class.php
branches/danny-web/reactos.org/htdocs/roscms/lib/Editor_Website.class.php
branches/danny-web/reactos.org/htdocs/roscms/lib/Export_Page.class.php
branches/danny-web/reactos.org/htdocs/roscms/lib/Export_XML.class.php
branches/danny-web/reactos.org/htdocs/roscms/lib/Generate.class.php
branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_CMS_Website.class.php
branches/danny-web/reactos.org/htdocs/roscms/lib/Tag.class.php
Modified: branches/danny-web/reactos.org/htdocs/roscms/config.php
URL:
http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ro…
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/config.php [iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/roscms/config.php [iso-8859-1] Sun Jan 25
05:25:18 2009
@@ -17,6 +17,10 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
+
+// How much debug by php itself should be showed
+error_reporting(E_ALL);
+ini_set('error_reporting', E_ALL);
if (!defined('ROSCMS_PATH')) {
define('ROSCMS_PATH',''); // relative path to roscms
Modified: branches/danny-web/reactos.org/htdocs/roscms/connect.db.php
URL:
http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ro…
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/connect.db.php [iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/roscms/connect.db.php [iso-8859-1] Sun Jan 25
05:25:18 2009
@@ -26,5 +26,6 @@
$db_name = 'roscms';
// vars are unset in DBConnection class
+// !!! so be sure to use DBConnection or unset(..) yourself
?>
Modified: branches/danny-web/reactos.org/htdocs/roscms/css/user.css
URL:
http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ro…
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/css/user.css [iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/roscms/css/user.css [iso-8859-1] Sun Jan 25
05:25:18 2009
@@ -26,7 +26,7 @@
/* left menu */
#leftNav { padding: 0px 10px 10px 10px; }
#leftNav UL { margin: 0px 0px 1.5em 0px; padding: 0px; list-style-type: none;
background-color: #EEEEEE; border-top: #3F3849 0px solid; border-right: #3F3849 1px solid;
border-left: #3F3849 1px solid; }
-#leftNav UL LI { font-size: 13px; font-weight: bold; border-bottom: 1px solid #3f3849; }
+#leftNav UL LI { font-size: 12px; font-weight: bold; border-bottom: 1px solid #3f3849; }
#leftNav UL LI A { display: block; padding: 2px 4px; color: #3F3849; text-decoration:
none; }
#leftNav UL LI A:hover { color: black; background-color: #FFCC33; }
#leftNav H2 { margin: 0px; padding-left: 12px; border: #3F3849 1px solid; font-weight:
bold; font-size: 14px; color: white; background-color: #5984c3; }
Modified: branches/danny-web/reactos.org/htdocs/roscms/index.php
URL:
http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ro…
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/index.php [iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/roscms/index.php [iso-8859-1] Sun Jan 25
05:25:18 2009
@@ -3,7 +3,7 @@
RosCMS - ReactOS Content Management System
Copyright (C) 2005-2008 Klemens Friedl <frik85(a)reactos.org>
2005 Ge van Geldorp <gvg(a)reactos.org>
- 2008 Danny Götte <dangerground(a)web.de>
+ 2008-2009 Danny Götte <dangerground(a)web.de>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -19,10 +19,6 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
-
-//@MOVEME to config
-error_reporting(E_ALL);
-ini_set('error_reporting', E_ALL);
if (get_magic_quotes_gpc()) {
ini_set('magic_quotes', 'off');
@@ -146,6 +142,9 @@
case 'uqi': // User Quick Info
new Export_QuickInfo();
break;
+ case 'prv': // Preview
+ new CMSWebsitePreview();
+ break;
default:
die('');
break;
@@ -180,8 +179,16 @@
break;
} // end $_GET['d_u']
break;
- break;
} // end switch
+ break;
+
+ // presentation
+ case 'presentation':
+ switch ($_GET['type']) {
+ case 'vtext': // vertical text
+ Presentation::verticalText($_GET['text']);
+ break;
+ } // end type
break;
// No permission
Modified: branches/danny-web/reactos.org/htdocs/roscms/js/cms_website.js
URL:
http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ro…
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/js/cms_website.js [iso-8859-1]
(original)
+++ branches/danny-web/reactos.org/htdocs/roscms/js/cms_website.js [iso-8859-1] Sun Jan 25
05:25:18 2009
@@ -442,7 +442,7 @@
}
if (uf_name != '' && uf_name.length < 50) {
-
makeRequest('?page=data_out&d_f=text&d_u=ufs&d_val=add&d_val2='+encodeURIComponent(uf_type)+'&d_val3='+encodeURIComponent(uf_name)+'&d_val4='+encodeURIComponent(uf_str),
'ufs', uf_objid, 'html', 'GET', '');
+
makeRequest('?page=data_out&d_f=text&d_u=ufs&action=add&title='+encodeURIComponent(uf_name)+'&setting='+encodeURIComponent(uf_str),
'ufs', uf_objid, 'html', 'GET', '');
}
}
@@ -461,7 +461,7 @@
uf_objid = 'labtitel2c';
if (uf_check == true) {
-
makeRequest('?page=data_out&d_f=text&d_u=ufs&d_val=del&d_val2='+encodeURIComponent(uf_type)+'&d_val3='+encodeURIComponent(uf_id),
'ufs', uf_objid, 'html', 'GET', '');
+
makeRequest('?page=data_out&d_f=text&d_u=ufs&action=del&id='+encodeURIComponent(uf_id),
'ufs', uf_objid, 'html', 'GET', '');
}
}
@@ -685,6 +685,7 @@
if (document.getElementById('frametable').style.display != 'block') {
document.getElementById('frametable').style.display = 'block';
document.getElementById('frameedit').style.display = 'none';
+ document.getElementById('previewarea').style.display = 'none';
// deactivate alert-timer
window.clearTimeout(alertactiv);
@@ -778,6 +779,7 @@
if (document.getElementById('frametable').style.display != 'block') {
document.getElementById('frametable').style.display = 'block';
document.getElementById('frameedit').style.display = 'none';
+ document.getElementById('previewarea').style.display = 'none';
}
reloadEntryTableWithOffset( offset );
@@ -793,6 +795,7 @@
if (document.getElementById('frametable').style.display != 'block') {
document.getElementById('frametable').style.display = 'block';
document.getElementById('frameedit').style.display = 'none';
+ document.getElementById('previewarea').style.display = 'none';
}
// deactivate alert-timer
@@ -815,6 +818,7 @@
{
if (document.getElementById('frameedit').style.display != 'block') {
document.getElementById('frametable').style.display = 'none';
+ document.getElementById('previewarea').style.display = 'none';
document.getElementById('frameedit').style.display = 'block';
}
@@ -876,7 +880,7 @@
roscms_prev_page = roscms_current_page;
roscms_current_page = objevent;
- document.getElementById('frmedithead').innerHTML = '<span
class="button"
onclick="loadEntryTableWithOffset(roscms_current_tbl_position)"><strong>«
Back</strong></span> <b>Edit Entry</b>';
+ document.getElementById('frmedithead').innerHTML = '<span
class="button"
onclick="loadEntryTableWithOffset(roscms_current_tbl_position)"><strong>«
Back</strong></span> <strong>Edit Entry</strong>';
// enable autosave
autosave_timer = window.setTimeout("tryAutosave()",
autosave_coundown);
@@ -1787,6 +1791,11 @@
// user quick info
case 'uqi':
updateQuickinfo(http_request, objid);
+ break;
+
+ // preview
+ case 'prv':
+ showPreview(http_request, objid);
break;
default:
@@ -2378,13 +2387,31 @@
var tentrs2 = tentrs[1].split("_");
if (tentrs[0] == 1) {
-
window.open(roscms_intern_page_link+"data_out&d_f=page&d_u=show&d_val="+tentrs2[1]+"&d_val2="+userlang+"&d_val3=",
"RosCMSPagePreview");
+ makeRequest('?page=data_out&d_f=text&d_u=prv&rev_id='+tentrs2[1],
'prv', 'previewarea', 'html', 'GET', '');
}
else {
alertbox("Select one entry to preview a page!");
}
-
- document.getElementById('extraopt').value = 'sel';
+}
+
+
+
+/**
+ * put the previewed page into an iframe and hide other elements like entry table and
editor
+ *
+ * @param object http_request
+ * @param string objid
+ */
+function showPreview( http_request, objid )
+{
+ if (document.getElementById('previewarea').style.display != 'block') {
+ document.getElementById('frametable').style.display = 'none';
+ document.getElementById('frameedit').style.display = 'none';
+ document.getElementById('previewarea').style.display = 'block';
+ }
+
+ document.getElementById('previewzone').innerHTML = http_request.responseText;
+ document.getElementById('previewhead').innerHTML = '<span
class="button"
onclick="loadEntryTableWithOffset(roscms_current_tbl_position)"><strong>«
Back</strong></span> <strong>Preview</strong>';
}
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/Admin_ACL.class.php
URL:
http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ro…
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/lib/Admin_ACL.class.php [iso-8859-1]
(original)
+++ branches/danny-web/reactos.org/htdocs/roscms/lib/Admin_ACL.class.php [iso-8859-1] Sun
Jan 25 05:25:18 2009
@@ -35,21 +35,25 @@
*/
protected function showNew( )
{
+ $stmt=&DBConnection::getInstance()->prepare("SELECT id, name, description
FROM ".ROSCMST_RIGHTS." ORDER BY name ASC");
+ $stmt->execute();
+ $rights=$stmt->fetchAll(PDO::FETCH_ASSOC);
+
echo_strip('
<h2>Create new Access Control List (ACL)</h2>
<form onsubmit="return false;">
<fieldset>
<legend>Access Control List Options</legend>
- <label for="acl_name">Name</label>
- <input id="acl_name" name="acl_name"
maxlength="100" value="" />
+ <label for="access_name">Name</label>
+ <input id="access_name" name="access_name"
maxlength="100" value="" />
<br />
- <label for="acl_short">Short Name (Identifier)</label>
- <input id="acl_short" name="acl_short"
maxlength="50" value="" />
+ <label for="access_short">Short Name
(Identifier)</label>
+ <input id="access_short" name="access_short"
maxlength="50" value="" />
<br />
- <label for="acl_desc">Description</label>
- <input id="acl_desc" name="acl_desc"
maxlength="255" value="" />
+ <label for="access_desc">Description</label>
+ <input id="access_desc" name="access_desc"
maxlength="255" value="" />
</fieldset>
<br />
<fieldset>
@@ -57,14 +61,11 @@
<table>
<tr>
<th title="Security Level">SecLvl</th>
- <th>Group Name</th>
- <th title="read">R</th>
- <th title="write">W</th>
- <th title="add">A</th>
- <th title="delete">D</th>
- <th title="publish">P</th>
- <th title="translate">T</th>
- </tr>');
+ <th>Group Name</th>');
+ foreach ($rights as $right) {
+ echo '<th style="vertical-align:bottom;"
title="'.$right['name'].':
'.$right['description'].'"><img
src="?page=presentation&type=vtext&text='.$right['name'].'"
alt="'.$right['name'].'" /></th>';
+ }
+ echo '</tr>';
$stmt=&DBConnection::getInstance()->prepare("SELECT id, name,
security_level, description FROM ".ROSCMST_GROUPS." ORDER BY security_level ASC,
name ASC");
$stmt->execute();
@@ -72,14 +73,12 @@
echo_strip('
<tr
title="'.htmlspecialchars($group['description']).'">
<td>'.$group['security_level'].'</td>
- <td>'.htmlspecialchars($group['name']).'</td>
- <td title="read entries"><input type="checkbox"
name="read'.$group['id'].'"
id="read'.$group['id'].'" checked="checked"
value="1" /></td>
- <td title="edit entries"><input type="checkbox"
name="write'.$group['id'].'"
id="write'.$group['id'].'" value="1" /></td>
- <td title="add new entries"><input type="checkbox"
name="add'.$group['id'].'"
id="add'.$group['id'].'" value="1" /></td>
- <td title="delete entries"><input type="checkbox"
name="del'.$group['id'].'"
id="del'.$group['id'].'" value="1" /></td>
- <td title="make entries stable"><input
type="checkbox" name="pub'.$group['id'].'"
id="pub'.$group['id'].'" value="1" /></td>
- <td title="translate entries"><input
type="checkbox" name="trans'.$group['id'].'"
id="trans'.$group['id'].'" value="1" /></td>
- </tr>');
+
<td>'.htmlspecialchars($group['name']).'</td>');
+
+ foreach ($rights as $right) {
+ echo '<td
title="'.$group['name'].'--'.$right['name'].':
'.$right['description'].'"><input type="checkbox"
value="1"
name="valid'.$group['id'].'_'.$right['id'].'"
/></td>';
+ }
+ echo '</tr>';
}
echo_strip('
@@ -103,35 +102,35 @@
// try to insert new access list
$stmt=&DBConnection::getInstance()->prepare("INSERT INTO
".ROSCMST_ACCESS." (name, name_short, description) VALUES (:name, :short,
:description)");
- $stmt->bindParam('name',$_POST['acl_name'],PDO::PARAM_STR);
- $stmt->bindParam('short',$_POST['acl_short'],PDO::PARAM_STR);
-
$stmt->bindParam('description',$_POST['acl_desc'],PDO::PARAM_STR);
+ $stmt->bindParam('name',$_POST['access_name'],PDO::PARAM_STR);
+ $stmt->bindParam('short',$_POST['access_short'],PDO::PARAM_STR);
+
$stmt->bindParam('description',$_POST['access_desc'],PDO::PARAM_STR);
if ($stmt->execute()) {
// check for new access list id
$stmt=&DBConnection::getInstance()->prepare("SELECT id FROM
".ROSCMST_ACCESS." WHERE name=:name");
- $stmt->bindParam('name',$_POST['acl_name'],PDO::PARAM_STR);
+ $stmt->bindParam('name',$_POST['access_name'],PDO::PARAM_STR);
$stmt->execute();
$access_id = $stmt->fetchColumn();
if ($access_id !== false) {
- // prepare for usage in loop
- $stmt_ins=&DBConnection::getInstance()->prepare("INSERT INTO
".ROSCMST_ENTRY_AREA." (acl_id, group_id, can_read, can_write, can_add,
can_delete, can_publish, can_translate) VALUES (:acl_id, :group_id, :read, :write, :add,
:delete, :publish, :translate)");
- $stmt_ins->bindParam('acl_id',$access_id,PDO::PARAM_INT);
-
- // insert access rights for each group
- $stmt=&DBConnection::getInstance()->prepare("SELECT id FROM
".ROSCMST_GROUPS);
+ $stmt=&DBConnection::getInstance()->prepare("SELECT id, name,
description FROM ".ROSCMST_RIGHTS." ORDER BY name ASC");
$stmt->execute();
- while ($group = $stmt->fetch(PDO::FETCH_ASSOC)) {
-
$stmt_ins->bindParam('group_id',$group['id'],PDO::PARAM_INT);
-
$stmt_ins->bindValue('read',$_POST['read'.$group['id']]=='true',PDO::PARAM_BOOL);
-
$stmt_ins->bindValue('write',$_POST['write'.$group['id']]=='true',PDO::PARAM_BOOL);
-
$stmt_ins->bindValue('add',$_POST['add'.$group['id']]=='true',PDO::PARAM_BOOL);
-
$stmt_ins->bindValue('delete',$_POST['del'.$group['id']]=='true',PDO::PARAM_BOOL);
-
$stmt_ins->bindValue('publish',$_POST['pub'.$group['id']]=='true',PDO::PARAM_BOOL);
-
$stmt_ins->bindValue('translate',$_POST['trans'.$group['id']]=='true',PDO::PARAM_BOOL);
- $success = $success && $stmt_ins->execute();
- }
+ $rights=$stmt->fetchAll(PDO::FETCH_ASSOC);
+
+ $stmt=&DBConnection::getInstance()->prepare("INSERT INTO
".ROSCMST_ACL." (access_id, group_id, right_id) VALUES
(:access_id,:group_id,:right_id)");
+ $stmt->bindParam('access_id',$access_id,PDO::PARAM_INT);
+ foreach ($_POST as $item=>$val) {
+ if (strpos($item,'valid')===0) {
+ $item = substr($item, 5);
+ $id = explode('_',$item);
+ if($id[0] > 0 && $id[1] > 0 && $val=='true') {
+ $stmt->bindParam('right_id',$id[1],PDO::PARAM_INT);
+ $stmt->bindParam('group_id',$id[0],PDO::PARAM_INT);
+ $success = $success && $stmt->execute();
+ }
+ }
+ } // end foreach
} // end got list id
else {
$success = false;
@@ -162,7 +161,7 @@
echo_strip('
<h2>Select ACL to '.($_GET['for']=='edit' ?
'edit' : 'delete').'</h2>
<form onsubmit="return false;">
- <select name="acl" id="acl">
+ <select name="access" id="access">
<option value="0"> </option>');
$stmt=&DBConnection::getInstance()->prepare("SELECT id, name, description
FROM ".ROSCMST_ACCESS." ORDER BY name ASC");
@@ -187,7 +186,7 @@
protected function submitSearch( )
{
// show edit / delete form, if entry was selected
- if ($_POST['acl'] > 0) {
+ if ($_POST['access'] > 0) {
if ($_GET['for'] == 'edit') {
self::showEdit();
}
@@ -211,8 +210,12 @@
*/
protected function showEdit( )
{
- $stmt=&DBConnection::getInstance()->prepare("SELECT name, name_short,
description, id FROM ".ROSCMST_ACCESS." WHERE id=:acl_id");
- $stmt->bindParam('acl_id',$_POST['acl'],PDO::PARAM_INT);
+ $stmt=&DBConnection::getInstance()->prepare("SELECT id, name, description
FROM ".ROSCMST_RIGHTS." ORDER BY name ASC");
+ $stmt->execute();
+ $rights=$stmt->fetchAll(PDO::FETCH_ASSOC);
+
+ $stmt=&DBConnection::getInstance()->prepare("SELECT name, name_short,
description, id FROM ".ROSCMST_ACCESS." WHERE id=:access_id");
+ $stmt->bindParam('access_id',$_POST['access'],PDO::PARAM_INT);
$stmt->execute();
$access = $stmt->fetchOnce(PDO::FETCH_ASSOC);
@@ -221,18 +224,18 @@
<form onsubmit="return false;">
<fieldset>
<legend>Access Control List Options</legend>
- <input type="hidden" name="acl_id" id="acl_id"
value="'.$access['id'].'" />
+ <input type="hidden" name="access_id"
id="access_id" value="'.$access['id'].'" />
- <label for="acl_name">Name</label>
- <input id="acl_name" name="acl_name"
maxlength="100" value="'.$access['name'].'" />
+ <label for="access_name">Name</label>
+ <input id="access_name" name="access_name"
maxlength="100" value="'.$access['name'].'" />
<br />
- <label for="acl_short">Short Name (Identifier)</label>
- <input id="acl_short" name="acl_short"
maxlength="50" value="'.$access['name_short'].'"
/>
+ <label for="access_short">Short Name
(Identifier)</label>
+ <input id="access_short" name="access_short"
maxlength="50" value="'.$access['name_short'].'"
/>
<br />
- <label for="acl_desc">Description</label>
- <input id="acl_desc" name="acl_desc"
maxlength="255" value="'.$access['description'].'"
/>
+ <label for="access_desc">Description</label>
+ <input id="access_desc" name="access_desc"
maxlength="255" value="'.$access['description'].'"
/>
</fieldset>
<br />
<fieldset>
@@ -240,30 +243,33 @@
<table>
<tr>
<th title="Security Level">SecLvl</th>
- <th>Group Name</th>
- <th title="read">R</th>
- <th title="write">W</th>
- <th title="add">A</th>
- <th title="delete">D</th>
- <th title="publish">P</th>
- <th title="translate">T</th>
- </tr>');
-
- $stmt=&DBConnection::getInstance()->prepare("SELECT g.id, g.name,
g.security_level, g.description, a.can_read, a.can_write, a.can_add, a.can_delete,
a.can_publish, a.can_translate FROM ".ROSCMST_ENTRY_AREA." a JOIN
".ROSCMST_GROUPS." g ON g.id=a.group_id WHERE a.acl_id=:acl_id ORDER BY
g.security_level ASC, g.name ASC");
- $stmt->bindParam('acl_id',$access['id'],PDO::PARAM_INT);
+ <th>Group Name</th>');
+ foreach ($rights as $right) {
+ echo '<th style="vertical-align:bottom;"
title="'.$right['name'].':
'.$right['description'].'"><img
src="?page=presentation&type=vtext&text='.$right['name'].'"
alt="'.$right['name'].'" /></th>';
+ }
+ echo '</tr>';
+
+
+ // for usage in loop
+ $stmt_is=&DBConnection::getInstance()->prepare("SELECT TRUE FROM
".ROSCMST_ACL." WHERE group_id=:group_id AND right_id=:right_id AND
access_id=:access_id LIMIT 1");
+ $stmt_is->bindParam('access_id',$access['id'],PDO::PARAM_INT);
+
+ $stmt=&DBConnection::getInstance()->prepare("SELECT id, name,
security_level, description FROM ".ROSCMST_GROUPS." ORDER BY security_level ASC,
name ASC");
$stmt->execute();
while ($group = $stmt->fetch(PDO::FETCH_ASSOC)) {
+ $stmt_is->bindParam('group_id',$group['id'],PDO::PARAM_INT);
echo_strip('
<tr
title="'.htmlspecialchars($group['description']).'">
<td>'.$group['security_level'].'</td>
- <td>'.htmlspecialchars($group['name']).'</td>
- <td title="read entries"><input type="checkbox"
name="read'.$group['id'].'"
id="read'.$group['id'].'" '.($group['can_read'] ==
true ? 'checked="checked"' : '').' value="1"
/></td>
- <td title="edit entries"><input type="checkbox"
name="write'.$group['id'].'"
id="write'.$group['id'].'" '.($group['can_write'] ==
true ? 'checked="checked"' : '').' value="1"
/></td>
- <td title="add new entries"><input type="checkbox"
name="add'.$group['id'].'"
id="add'.$group['id'].'" '.($group['can_add'] ==
true ? 'checked="checked"' : '').' value="1"
/></td>
- <td title="delete entries"><input type="checkbox"
name="del'.$group['id'].'"
id="del'.$group['id'].'" '.($group['can_delete'] ==
true ? 'checked="checked"' : '').' value="1"
/></td>
- <td title="make entries stable"><input
type="checkbox" name="pub'.$group['id'].'"
id="pub'.$group['id'].'" '.($group['can_publish'] ==
true ? 'checked="checked"' : '').' value="1"
/></td>
- <td title="translate entries"><input
type="checkbox" name="trans'.$group['id'].'"
id="trans'.$group['id'].'"
'.($group['can_translate'] == true ? 'checked="checked"' :
'').' value="1" /></td>
- </tr>');
+
<td>'.htmlspecialchars($group['name']).'</td>');
+ foreach ($rights as $right) {
+ $stmt_is->bindParam('right_id',$right['id'],PDO::PARAM_INT);
+ $stmt_is->execute();
+ $is = $stmt_is->fetchColumn();
+
+ echo '<td
title="'.$group['name'].'--'.$right['name'].':
'.$right['description'].'"><input type="checkbox"
value="1"
name="valid'.$group['id'].'_'.$right['id'].'"
'.($is ? 'checked="checked"' : '').'
/></td>';
+ }
+ echo '</tr>';
}
echo_strip('
@@ -286,29 +292,31 @@
$success = true;
// try to insert new access list
- $stmt=&DBConnection::getInstance()->prepare("UPDATE
".ROSCMST_ACCESS." SET name=:name, name_short=:short, description=:description
WHERE id=:acl_id");
- $stmt->bindParam('name',$_POST['acl_name'],PDO::PARAM_STR);
- $stmt->bindParam('short',$_POST['acl_short'],PDO::PARAM_STR);
-
$stmt->bindParam('description',$_POST['acl_desc'],PDO::PARAM_STR);
- $stmt->bindParam('acl_id',$_POST['acl_id'],PDO::PARAM_INT);
+ $stmt=&DBConnection::getInstance()->prepare("UPDATE
".ROSCMST_ACCESS." SET name=:name, name_short=:short, description=:description
WHERE id=:access_id");
+ $stmt->bindParam('name',$_POST['access_name'],PDO::PARAM_STR);
+ $stmt->bindParam('short',$_POST['access_short'],PDO::PARAM_STR);
+
$stmt->bindParam('description',$_POST['access_desc'],PDO::PARAM_STR);
+ $stmt->bindParam('access_id',$_POST['access_id'],PDO::PARAM_INT);
$success = $success && $stmt->execute();
- // prepare for usage in loop
- $stmt_ins=&DBConnection::getInstance()->prepare("UPDATE
".ROSCMST_ENTRY_AREA." SET can_read=:read, can_write=:write, can_add=:add,
can_delete=:delete, can_publish=:publish, can_translate=:translate WHERE acl_id=:acl_id
AND group_id=:group_id");
- $stmt_ins->bindParam('acl_id',$_POST['acl_id'],PDO::PARAM_INT);
-
- // insert access rights for each group
- $stmt=&DBConnection::getInstance()->prepare("SELECT id FROM
".ROSCMST_GROUPS);
+ $stmt=&DBConnection::getInstance()->prepare("DELETE FROM
".ROSCMST_ACL." WHERE access_id=:access_id");
+ $stmt->bindParam('access_id',$_POST['access_id'],PDO::PARAM_INT);
$success = $success && $stmt->execute();
- while ($group = $stmt->fetch(PDO::FETCH_ASSOC)) {
- $stmt_ins->bindParam('group_id',$group['id'],PDO::PARAM_INT);
-
$stmt_ins->bindValue('read',$_POST['read'.$group['id']]=='true',PDO::PARAM_BOOL);
-
$stmt_ins->bindValue('write',$_POST['write'.$group['id']]=='true',PDO::PARAM_BOOL);
-
$stmt_ins->bindValue('add',$_POST['add'.$group['id']]=='true',PDO::PARAM_BOOL);
-
$stmt_ins->bindValue('delete',$_POST['del'.$group['id']]=='true',PDO::PARAM_BOOL);
-
$stmt_ins->bindValue('publish',$_POST['pub'.$group['id']]=='true',PDO::PARAM_BOOL);
-
$stmt_ins->bindValue('translate',$_POST['trans'.$group['id']]=='true',PDO::PARAM_BOOL);
- $success = $success && $stmt_ins->execute();
+
+ if ($success) {
+ $stmt=&DBConnection::getInstance()->prepare("INSERT INTO
".ROSCMST_ACL." (access_id, group_id, right_id) VALUES
(:access_id,:group_id,:right_id)");
+
$stmt->bindParam('access_id',$_POST['access_id'],PDO::PARAM_INT);
+ foreach ($_POST as $item=>$val) {
+ if (strpos($item,'valid')===0) {
+ $item = substr($item, 5);
+ $id = explode('_',$item);
+ if($id[0] > 0 && $id[1] > 0 && $val=='true') {
+ $stmt->bindParam('right_id',$id[1],PDO::PARAM_INT);
+ $stmt->bindParam('group_id',$id[0],PDO::PARAM_INT);
+ $success = $success && $stmt->execute();
+ }
+ }
+ }
}
// give the user a success or failure message
@@ -329,8 +337,8 @@
*/
protected function showDelete( )
{
- $stmt=&DBConnection::getInstance()->prepare("SELECT COUNT(id) FROM
".ROSCMST_ENTRIES." WHERE acl_id=:acl_id");
- $stmt->bindParam('acl_id',$_POST['acl'],PDO::PARAM_INT);
+ $stmt=&DBConnection::getInstance()->prepare("SELECT COUNT(id) FROM
".ROSCMST_ENTRIES." WHERE access_id=:access_id");
+ $stmt->bindParam('access_id',$_POST['access'],PDO::PARAM_INT);
$stmt->execute();
$data_count = $stmt->fetchColumn();
@@ -339,17 +347,17 @@
echo '<div>Can\'t delete entry: It\'s used in
'.$data_count.' entries. Remove usage first, and try again
later.</div>';
}
else {
- $stmt=&DBConnection::getInstance()->prepare("SELECT name, name_short,
description, id FROM ".ROSCMST_ACCESS." WHERE id=:acl_id");
- $stmt->bindParam('acl_id',$_POST['acl'],PDO::PARAM_INT);
+ $stmt=&DBConnection::getInstance()->prepare("SELECT name, name_short,
description, id FROM ".ROSCMST_ACCESS." WHERE id=:access_id");
+ $stmt->bindParam('access_id',$_POST['access'],PDO::PARAM_INT);
$stmt->execute();
$access = $stmt->fetchOnce(PDO::FETCH_ASSOC);
echo_strip('
<form onsubmit="return false;">
<div>
- <input type="hidden" name="acl_id"
id="acl_id" value="'.$access['id'].'" />
-
- Do you really want to delete the ACL "<span
title="'.$access['description'].'">'.$access['name'].'</span>"
?
+ <input type="hidden" name="access_id"
id="access_id" value="'.$access['id'].'" />
+
+ Do you really want to delete the access "<span
title="'.$access['description'].'">'.$access['name'].'</span>"
?
<button style="color: red;"
onclick="'."submitDelete('acl')".'"
name="uaq" value="yes">Yes, Delete it.</button>
<button style="color: green;" name="uaq"
value="no">No</button>
</div>
@@ -369,8 +377,8 @@
$success = true;
// check if it is used anywhere
- $stmt=&DBConnection::getInstance()->prepare("SELECT COUNT(id) FROM
".ROSCMST_ENTRIES." WHERE acl_id=:acl_id");
- $stmt->bindParam('acl_id',$_POST['acl_id'],PDO::PARAM_INT);
+ $stmt=&DBConnection::getInstance()->prepare("SELECT COUNT(id) FROM
".ROSCMST_ENTRIES." WHERE access_id=:access_id");
+ $stmt->bindParam('access_id',$_POST['access_id'],PDO::PARAM_INT);
$stmt->execute();
$data_count = $stmt->fetchColumn();
if ($data_count > 0) {
@@ -379,14 +387,14 @@
else {
// delete acl
- $stmt=&DBConnection::getInstance()->prepare("DELETE FROM
".ROSCMST_ACCESS." WHERE id=:acl_id");
- $stmt->bindParam('acl_id',$_POST['acl_id'],PDO::PARAM_INT);
+ $stmt=&DBConnection::getInstance()->prepare("DELETE FROM
".ROSCMST_ACCESS." WHERE id=:access_id");
+
$stmt->bindParam('access_id',$_POST['access_id'],PDO::PARAM_INT);
$success = $success && $stmt->execute();
// delete rights list
if ($success) {
- $stmt=&DBConnection::getInstance()->prepare("DELETE FROM
".ROSCMST_ENTRY_AREA." WHERE acl_id=:acl_id");
- $stmt->bindParam('acl_id',$_POST['acl_id'],PDO::PARAM_INT);
+ $stmt=&DBConnection::getInstance()->prepare("DELETE FROM
".ROSCMST_ACL." WHERE access_id=:access_id");
+
$stmt->bindParam('access_id',$_POST['access_id'],PDO::PARAM_INT);
$success = $success && $stmt->execute();
}
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/Admin_Groups.class.php
URL:
http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ro…
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/lib/Admin_Groups.class.php [iso-8859-1]
(original)
+++ branches/danny-web/reactos.org/htdocs/roscms/lib/Admin_Groups.class.php [iso-8859-1]
Sun Jan 25 05:25:18 2009
@@ -35,6 +35,10 @@
*/
protected function showNew( )
{
+ $stmt=&DBConnection::getInstance()->prepare("SELECT id, name, description
FROM ".ROSCMST_RIGHTS." ORDER BY name ASC");
+ $stmt->execute();
+ $rights=$stmt->fetchAll(PDO::FETCH_ASSOC);
+
echo_strip('
<h2>Create new Group</h2>
<form onsubmit="return false;">
@@ -42,10 +46,10 @@
<legend>Group Data</legend>
<label for="group_sec">Security Level</label>
<select id="group_sec" name="group_sec">
- <option value="0">0 (no access to CMS, only that myRosCMS
stuff)</option>
- <option value="1">1 (simple users (e.g.
translator))</option>
- <option value="2">2 (advanced rights, e.g.
developers)</option>
- <option value="3">3 (some admin functions)</option>
+ <option value="0">0</option>
+ <option value="1">1</option>
+ <option value="2">2</option>
+ <option value="3">3</option>
</select>
<br />
@@ -65,32 +69,47 @@
<legend>configure group access rights</legend>
<table>
<tr>
+ <th>ACL Name</th>');
+ foreach ($rights as $right) {
+ echo '<th style="vertical-align:bottom;"
title="'.$right['name'].':
'.$right['description'].'"><img
src="?page=presentation&type=vtext&text='.$right['name'].'"
alt="'.$right['name'].'" /></th>';
+ }
+ echo '</tr>';
+
+ $stmt=&DBConnection::getInstance()->prepare("SELECT id, name, description
FROM ".ROSCMST_ACCESS." ORDER BY name ASC");
+ $stmt->execute();
+ while ($access = $stmt->fetch(PDO::FETCH_ASSOC)) {
+ echo_strip('
+ <tr
title="'.htmlspecialchars($access['description']).'">
+
<td>'.htmlspecialchars($access['name']).'</td>');
+
+ foreach ($rights as $right) {
+ echo '<td
title="'.$access['name'].'--'.$access['name'].':
'.$access['description'].'"><input type="checkbox"
value="1"
name="valid'.$access['id'].'_'.$right['id'].'"
/></td>';
+ }
+ echo '</tr>';
+ }
+
+ echo_strip('
+ </table>
+ </fieldset>
+ <br />
+ <fieldset>
+ <legend>Area Protection List (APL)</legend>
+ <table>
+ <tr>
<th>ACL Name</th>
- <th title="read">R</th>
- <th title="write">W</th>
- <th title="add">A</th>
- <th title="delete">D</th>
- <th title="publish">P</th>
- <th title="translate">T</th>
- </tr>');
-
- $stmt=&DBConnection::getInstance()->prepare("SELECT id, name, description
FROM ".ROSCMST_ACCESS." ORDER BY name ASC");
- $stmt->execute();
- while ($acl = $stmt->fetch(PDO::FETCH_ASSOC)) {
+ <th>Status</th>');
+
+ $stmt=&DBConnection::getInstance()->prepare("SELECT id, name, description
FROM ".ROSCMST_AREA." ORDER BY name ASC");
+ $stmt->execute();
+ while ($area = $stmt->fetch(PDO::FETCH_ASSOC)) {
echo_strip('
- <tr
title="'.htmlspecialchars($acl['description']).'">
- <td>'.htmlspecialchars($acl['name']).'</td>
- <td title="read entries"><input type="checkbox"
name="read'.$acl['id'].'"
id="read'.$acl['id'].'" value="1" /></td>
- <td title="edit entries"><input type="checkbox"
name="write'.$acl['id'].'"
id="write'.$acl['id'].'" value="1" /></td>
- <td title="add new entries"><input type="checkbox"
name="add'.$acl['id'].'"
id="add'.$acl['id'].'" value="1" /></td>
- <td title="delete entries"><input type="checkbox"
name="del'.$acl['id'].'"
id="del'.$acl['id'].'" value="1" /></td>
- <td title="make entries stable"><input
type="checkbox" name="pub'.$acl['id'].'"
id="pub'.$acl['id'].'" value="1" /></td>
- <td title="translate entries"><input
type="checkbox" name="trans'.$acl['id'].'"
id="trans'.$acl['id'].'" value="1" /></td>
+ <tr>
+ <td title="'.$area['description'].'"><label
for="area'.$area['id'].'">'.$area['name'].'</label></td>
+ <td><input type="checkbox" value="1"
name="area'.$area['id'].'"
id="area'.$area['id'].'" /></td>
</tr>');
}
echo_strip('
- </table>
</fieldset>
<button
onclick="'."submitNew('group')".'">Create new
Group</button>
</form>
@@ -123,23 +142,36 @@
$group_id = $stmt->fetchColumn();
if ($group_id !== false) {
- // prepare for usage in loop
- $stmt_ins=&DBConnection::getInstance()->prepare("INSERT INTO
".ROSCMST_ENTRY_AREA." (acl_id, group_id, can_read, can_write, can_add,
can_delete, can_publish, can_translate) VALUES (:acl_id, :group_id, :read, :write, :add,
:delete, :publish, :translate)");
- $stmt_ins->bindParam('group_id',$group_id,PDO::PARAM_INT);
-
- // insert access rights for each group
- $stmt=&DBConnection::getInstance()->prepare("SELECT id FROM
".ROSCMST_ACCESS);
+ $stmt=&DBConnection::getInstance()->prepare("SELECT id, name,
description FROM ".ROSCMST_RIGHTS." ORDER BY name ASC");
$stmt->execute();
- while ($acl = $stmt->fetch(PDO::FETCH_ASSOC)) {
- $stmt_ins->bindParam('acl_id',$acl['id'],PDO::PARAM_INT);
-
$stmt_ins->bindValue('read',$_POST['read'.$acl['id']]=='true',PDO::PARAM_BOOL);
-
$stmt_ins->bindValue('write',$_POST['write'.$acl['id']]=='true',PDO::PARAM_BOOL);
-
$stmt_ins->bindValue('add',$_POST['add'.$acl['id']]=='true',PDO::PARAM_BOOL);
-
$stmt_ins->bindValue('delete',$_POST['del'.$acl['id']]=='true',PDO::PARAM_BOOL);
-
$stmt_ins->bindValue('publish',$_POST['pub'.$acl['id']]=='true',PDO::PARAM_BOOL);
-
$stmt_ins->bindValue('translate',$_POST['trans'.$acl['id']]=='true',PDO::PARAM_BOOL);
- $success = $success && $stmt_ins->execute();
- }
+ $rights=$stmt->fetchAll(PDO::FETCH_ASSOC);
+
+ $stmt_acl=&DBConnection::getInstance()->prepare("INSERT INTO
".ROSCMST_ACL." (access_id, group_id, right_id) VALUES
(:access_id,:group_id,:right_id)");
+ $stmt_acl->bindParam('group_id',$group_id,PDO::PARAM_INT);
+ $stmt_apl=&DBConnection::getInstance()->prepare("INSERT INTO
".ROSCMST_AREA_ACCESS." (area_id, group_id) VALUES (:area_id,:group_id)");
+
$stmt_apl->bindParam('group_id',$_POST['group_id'],PDO::PARAM_INT);
+ foreach ($_POST as $item=>$val) {
+
+ // insert ACL
+ if (strpos($item,'valid')===0) {
+ $item = substr($item, 5);
+ $id = explode('_',$item);
+ if($id[0] > 0 && $id[1] > 0 && $val=='true') {
+ $stmt_acl->bindParam('right_id',$id[1],PDO::PARAM_INT);
+ $stmt_acl->bindParam('access_id',$id[0],PDO::PARAM_INT);
+ $success = $success && $stmt_acl->execute();
+ }
+ }
+
+ // insert APL
+ elseif (strpos($item,'area')===0 && $val=='true') {
+ $id = substr($item, 4);
+ if($id > 0) {
+ $stmt_apl->bindParam('area_id',$id,PDO::PARAM_INT);
+ $success = $success && $stmt_apl->execute();
+ }
+ }
+ } // end foreach
} // end got list id
else {
$success = false;
@@ -219,6 +251,10 @@
*/
protected function showEdit( )
{
+ $stmt=&DBConnection::getInstance()->prepare("SELECT id, name, description
FROM ".ROSCMST_RIGHTS." ORDER BY name ASC");
+ $stmt->execute();
+ $rights=$stmt->fetchAll(PDO::FETCH_ASSOC);
+
$stmt=&DBConnection::getInstance()->prepare("SELECT name, name_short,
description, id, security_level FROM ".ROSCMST_GROUPS." WHERE
id=:acl_id");
$stmt->bindParam('acl_id',$_POST['group'],PDO::PARAM_INT);
$stmt->execute();
@@ -233,10 +269,10 @@
<label for="group_sec">Security Level</label>
<select id="group_sec" name="group_sec">
- <option value="0"'.($group['security_level'] == 0 ?
' selected="selected"' : '').'>0 (no access to CMS, only
that myRosCMS stuff)</option>
- <option value="1"'.($group['security_level'] == 1 ?
' selected="selected"' : '').'>1 (simple users (e.g.
translator))</option>
- <option value="2"'.($group['security_level'] == 2 ?
' selected="selected"' : '').'>2 (advanced rights, e.g.
developers)</option>
- <option value="3"'.($group['security_level'] == 3 ?
' selected="selected"' : '').'>3 (some admin
functions)</option>
+ <option value="0"'.($group['security_level'] == 0 ?
' selected="selected"' : '').'>0</option>
+ <option value="1"'.($group['security_level'] == 1 ?
' selected="selected"' : '').'>1</option>
+ <option value="2"'.($group['security_level'] == 2 ?
' selected="selected"' : '').'>2</option>
+ <option value="3"'.($group['security_level'] == 3 ?
' selected="selected"' : '').'>3</option>
</select>
<br />
@@ -256,33 +292,63 @@
<legend>configure group access rights</legend>
<table>
<tr>
+ <th>ACL Name</th>');
+ foreach ($rights as $right) {
+ echo '<th style="vertical-align:bottom;"
title="'.$right['name'].':
'.$right['description'].'"><img
src="?page=presentation&type=vtext&text='.$right['name'].'"
alt="'.$right['name'].'" /></th>';
+ }
+ echo '</tr>';
+
+ // for usage in loop
+ $stmt_is=&DBConnection::getInstance()->prepare("SELECT TRUE FROM
".ROSCMST_ACL." WHERE group_id=:group_id AND right_id=:right_id AND
access_id=:access_id LIMIT 1");
+ $stmt_is->bindParam('group_id',$group['id'],PDO::PARAM_INT);
+
+ $stmt=&DBConnection::getInstance()->prepare("SELECT id, name, description
FROM ".ROSCMST_ACCESS." ORDER BY name ASC");
+ $stmt->execute();
+ while ($access = $stmt->fetch(PDO::FETCH_ASSOC)) {
+ $stmt_is->bindParam('access_id',$access['id'],PDO::PARAM_INT);
+ echo_strip('
+ <tr
title="'.htmlspecialchars($access['description']).'">
+
<td>'.htmlspecialchars($access['name']).'</td>');
+ foreach ($rights as $right) {
+ $stmt_is->bindParam('right_id',$right['id'],PDO::PARAM_INT);
+ $stmt_is->execute();
+ $is = $stmt_is->fetchColumn();
+
+ echo '<td
title="'.$access['name'].'--'.$right['name'].':
'.$right['description'].'"><input type="checkbox"
value="1"
name="valid'.$access['id'].'_'.$right['id'].'"
'.($is ? 'checked="checked"' : '').'
/></td>';
+ }
+ echo '</tr>';
+ }
+
+ echo_strip('
+ </table>
+ </fieldset>
+ <br />
+ <fieldset>
+ <legend>Area Protection List (APL)</legend>
+ <table>
+ <tr>
<th>ACL Name</th>
- <th title="read">R</th>
- <th title="write">W</th>
- <th title="add">A</th>
- <th title="delete">D</th>
- <th title="publish">P</th>
- <th title="translate">T</th>
- </tr>');
-
- $stmt=&DBConnection::getInstance()->prepare("SELECT s.id, s.name,
s.description, a.can_read, a.can_write, a.can_add, a.can_delete, a.can_publish,
a.can_translate FROM ".ROSCMST_ACCESS." s JOIN ".ROSCMST_ENTRY_AREA."
a ON a.acl_id=s.id WHERE a.group_id=:group_id ORDER BY name ASC");
- $stmt->bindParam('group_id',$group['id'],PDO::PARAM_INT);
- $stmt->execute();
- while ($acl = $stmt->fetch(PDO::FETCH_ASSOC)) {
+ <th>Status</th>');
+
+ // for usage in loop
+ $stmt_is=&DBConnection::getInstance()->prepare("SELECT TRUE FROM
".ROSCMST_AREA_ACCESS." WHERE group_id=:group_id AND area_id=:area_id LIMIT
1");
+ $stmt_is->bindParam('group_id',$group['id'],PDO::PARAM_INT);
+
+ $stmt=&DBConnection::getInstance()->prepare("SELECT id, name, description
FROM ".ROSCMST_AREA." ORDER BY name ASC");
+ $stmt->execute();
+ while ($area = $stmt->fetch(PDO::FETCH_ASSOC)) {
+ $stmt_is->bindParam('area_id',$area['id'],PDO::PARAM_INT);
+ $stmt_is->execute();
+ $is = $stmt_is->fetchColumn();
+
echo_strip('
- <tr
title="'.htmlspecialchars($acl['description']).'">
- <td>'.htmlspecialchars($acl['name']).'</td>
- <td title="read entries"><input type="checkbox"
name="read'.$acl['id'].'"
id="read'.$acl['id'].'" '.($acl['can_read'] == true
? 'checked="checked"' : '').' value="1"
/></td>
- <td title="edit entries"><input type="checkbox"
name="write'.$acl['id'].'"
id="write'.$acl['id'].'" '.($acl['can_write'] ==
true ? 'checked="checked"' : '').' value="1"
/></td>
- <td title="add new entries"><input type="checkbox"
name="add'.$acl['id'].'"
id="add'.$acl['id'].'" '.($acl['can_add'] == true ?
'checked="checked"' : '').' value="1"
/></td>
- <td title="delete entries"><input type="checkbox"
name="del'.$acl['id'].'"
id="del'.$acl['id'].'" '.($acl['can_delete'] == true
? 'checked="checked"' : '').' value="1"
/></td>
- <td title="make entries stable"><input
type="checkbox" name="pub'.$acl['id'].'"
id="pub'.$acl['id'].'" '.($acl['can_publish'] ==
true ? 'checked="checked"' : '').' value="1"
/></td>
- <td title="translate entries"><input
type="checkbox" name="trans'.$acl['id'].'"
id="trans'.$acl['id'].'" '.($acl['can_translate'] ==
true ? 'checked="checked"' : '').' value="1"
/></td>
+ <tr>
+ <td title="'.$area['description'].'"><label
for="area'.$area['id'].'">'.$area['name'].'</label></td>
+ <td><input type="checkbox" value="1"
name="area'.$area['id'].'"
id="area'.$area['id'].'"'.($is ? '
checked="checked"' : '').' /></td>
</tr>');
}
echo_strip('
- </table>
</fieldset>
<button
onclick="'."submitEdit('group')".'">Edit
Group</button>
</form>
@@ -309,22 +375,41 @@
$stmt->bindParam('group_id',$_POST['group_id'],PDO::PARAM_INT);
$success = $success && $stmt->execute();
- // prepare for usage in loop
- $stmt_ins=&DBConnection::getInstance()->prepare("UPDATE
".ROSCMST_ENTRY_AREA." SET can_read=:read, can_write=:write, can_add=:add,
can_delete=:delete, can_publish=:publish, can_translate=:translate WHERE acl_id=:acl_id
AND group_id=:group_id");
-
$stmt_ins->bindParam('group_id',$_POST['group_id'],PDO::PARAM_INT);
-
- // insert access rights for each group
- $stmt=&DBConnection::getInstance()->prepare("SELECT id FROM
".ROSCMST_ACCESS);
+ $stmt=&DBConnection::getInstance()->prepare("DELETE FROM
".ROSCMST_ACL." WHERE group_id=:group_id");
+ $stmt->bindParam('group_id',$_POST['group_id'],PDO::PARAM_INT);
$success = $success && $stmt->execute();
- while ($access = $stmt->fetch(PDO::FETCH_ASSOC)) {
- $stmt_ins->bindParam('acl_id',$access['id'],PDO::PARAM_INT);
-
$stmt_ins->bindValue('read',$_POST['read'.$access['id']]=='true',PDO::PARAM_BOOL);
-
$stmt_ins->bindValue('write',$_POST['write'.$access['id']]=='true',PDO::PARAM_BOOL);
-
$stmt_ins->bindValue('add',$_POST['add'.$access['id']]=='true',PDO::PARAM_BOOL);
-
$stmt_ins->bindValue('delete',$_POST['del'.$access['id']]=='true',PDO::PARAM_BOOL);
-
$stmt_ins->bindValue('publish',$_POST['pub'.$access['id']]=='true',PDO::PARAM_BOOL);
-
$stmt_ins->bindValue('translate',$_POST['trans'.$access['id']]=='true',PDO::PARAM_BOOL);
- $success = $success && $stmt_ins->execute();
+
+ $stmt=&DBConnection::getInstance()->prepare("DELETE FROM
".ROSCMST_AREA_ACCESS." WHERE group_id=:group_id");
+ $stmt->bindParam('group_id',$_POST['group_id'],PDO::PARAM_INT);
+ $success = $success && $stmt->execute();
+
+ if ($success) {
+ $stmt_acl=&DBConnection::getInstance()->prepare("INSERT INTO
".ROSCMST_ACL." (access_id, group_id, right_id) VALUES
(:access_id,:group_id,:right_id)");
+
$stmt_acl->bindParam('group_id',$_POST['group_id'],PDO::PARAM_INT);
+ $stmt_apl=&DBConnection::getInstance()->prepare("INSERT INTO
".ROSCMST_AREA_ACCESS." (area_id, group_id) VALUES (:area_id,:group_id)");
+
$stmt_apl->bindParam('group_id',$_POST['group_id'],PDO::PARAM_INT);
+ foreach ($_POST as $item=>$val) {
+
+ // insert ACL
+ if (strpos($item,'valid')===0) {
+ $item = substr($item, 5);
+ $id = explode('_',$item);
+ if($id[0] > 0 && $id[1] > 0 && $val=='true') {
+ $stmt_acl->bindParam('right_id',$id[1],PDO::PARAM_INT);
+ $stmt_acl->bindParam('access_id',$id[0],PDO::PARAM_INT);
+ $success = $success && $stmt_acl->execute();
+ }
+ }
+
+ // insert APL
+ elseif (strpos($item,'area')===0 && $val=='true') {
+ $id = substr($item, 4);
+ if($id > 0) {
+ $stmt_apl->bindParam('area_id',$id,PDO::PARAM_INT);
+ $success = $success && $stmt_apl->execute();
+ }
+ }
+ }
}
// give the user a success or failure message
@@ -380,7 +465,11 @@
// delete rights list
if ($success) {
- $stmt=&DBConnection::getInstance()->prepare("DELETE FROM
".ROSCMST_ENTRY_AREA." WHERE group_id=:group_id");
+ $stmt=&DBConnection::getInstance()->prepare("DELETE FROM
".ROSCMST_ACL." WHERE group_id=:group_id");
+ $stmt->bindParam('group_id',$_POST['group_id'],PDO::PARAM_INT);
+ $success = $success && $stmt->execute();
+
+ $stmt=&DBConnection::getInstance()->prepare("DELETE FROM
".ROSCMST_ACL." WHERE group_id=:group_id");
$stmt->bindParam('group_id',$_POST['group_id'],PDO::PARAM_INT);
$success = $success && $stmt->execute();
}
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/Admin_System.class.php
URL:
http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ro…
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/lib/Admin_System.class.php [iso-8859-1]
(original)
+++ branches/danny-web/reactos.org/htdocs/roscms/lib/Admin_System.class.php [iso-8859-1]
Sun Jan 25 05:25:18 2009
@@ -74,7 +74,7 @@
*/
protected function showAPL( )
{
- $stmt=&DBConnection::getInstance()->prepare("SELECT id, name_short,
description FROM ".ROSCMST_AREA." ORDER BY name_short ASC");
+ $stmt=&DBConnection::getInstance()->prepare("SELECT id, name, description
FROM ".ROSCMST_AREA." ORDER BY name ASC");
$stmt->execute();
$areas=$stmt->fetchAll(PDO::FETCH_ASSOC);
@@ -88,15 +88,11 @@
<th style="vertical-align:bottom;" title="Security
Level">SecLvl</th>
<th style="vertical-align:bottom;">Group
Name</th>');
foreach ($areas as $area) {
- echo '<th style="width:
1em;font-family:monospace;vertical-align:bottom;line-height: 0.8em;"
title="'.$area['name_short'].':
'.$area['description'].'">';
- for ($i=0; $i<strlen($area['name_short']);$i++) {
- echo substr($area['name_short'], $i, 1).'<br />';
- }
- echo '</th>';
+ echo '<th style="vertical-align:bottom;"
title="'.$area['name'].':
'.$area['description'].'"><img
src="?page=presentation&type=vtext&text='.$area['name'].'"
alt="'.$area['name'].'" /></th>';
}
echo '</tr>';
- $stmt_is=&DBConnection::getInstance()->prepare("SELECT TRUE FROM
".ROSCMST_AREA." a JOIN ".ROSCMST_AREA_ACCESS." b ON a.id=b.area_id
WHERE b.group_id=:group_id AND a.id=:area_id ORDER BY a.name_short LIMIT 1");
+ $stmt_is=&DBConnection::getInstance()->prepare("SELECT TRUE FROM
".ROSCMST_AREA." a JOIN ".ROSCMST_AREA_ACCESS." b ON a.id=b.area_id
WHERE b.group_id=:group_id AND a.id=:area_id LIMIT 1");
$stmt=&DBConnection::getInstance()->prepare("SELECT id, name,
security_level, description FROM ".ROSCMST_GROUPS." ORDER BY security_level ASC,
name ASC");
$stmt->execute();
@@ -111,7 +107,7 @@
$stmt_is->execute();
$is = $stmt_is->fetchColumn();
- echo '<td
title="'.$group['name'].'--'.$area['name_short'].':
'.$area['description'].'"><input type="checkbox"
value="1"
name="valid'.$group['id'].'_'.$area['id'].'"
'.($is ? 'checked="checked"' : '').'
/></td>';
+ echo '<td
title="'.$group['name'].'--'.$area['name'].':
'.$area['description'].'"><input type="checkbox"
value="1"
name="valid'.$group['id'].'_'.$area['id'].'"
'.($is ? 'checked="checked"' : '').'
/></td>';
}
echo '</tr>';
}
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/CMSWebsiteFilter.class.php
URL:
http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ro…
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/lib/CMSWebsiteFilter.class.php
[iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/roscms/lib/CMSWebsiteFilter.class.php
[iso-8859-1] Sun Jan 25 05:25:18 2009
@@ -25,59 +25,85 @@
class CMSWebsiteFilter
{
- private $type_num = 1;
-
public function __construct( )
{
Login::required();
- $this->manage();
+ // manage actions for adding / deleting filters
+ if ($_GET['d_val'] == 'add') {
+ $this->add($_GET['title'], $_GET['setting']);
+ }
+ elseif ($_GET['d_val'] == 'del') {
+ $this->del($_GET['id']);
+ }
+
+ // show updated filter list
+ $this->show();
+
} // end of member function __construct
+
/**
- * cares about filter management: adding, deleting, listing
+ * adds a new filter to users smart filters
*
- * @param string _GET['d_value'] action 'add' or 'del'
- * @param string _GET['d_value3'] filter_title if adding its the filter name,
if del it's the filter id
- * @param string _GET['d_value4'] filter_string filter content
+ * @param string title the filter name
+ * @param string setting filter settings
* @return
* @access private
*/
- private function manage( )
+ private function add( $title, $setting )
{
$thisuser = &ThisUser::getInstance();
- // add a new label
- if ($_GET['d_val'] == 'add') {
+ // check if filter already exists
+ $stmt=&DBConnection::getInstance()->prepare("SELECT 1 FROM
".ROSCMST_FILTER." WHERE user_id = :user_id AND name = :title LIMIT 1");
+ $stmt->bindParam('user_id',$thisuser->id(),PDO::PARAM_INT);
+ $stmt->bindParam('title',$title,PDO::PARAM_STR);
+ $stmt->execute();
+ if ($stmt->fetchColumn() === false) {
- // check if filter already exists
- $stmt=&DBConnection::getInstance()->prepare("SELECT 1 FROM
".ROSCMST_FILTER." WHERE user_id = :user_id AND name = :title LIMIT 1");
+ // insert new filter
+ $stmt=&DBConnection::getInstance()->prepare("INSERT INTO
".ROSCMST_FILTER." ( id, user_id, name, setting ) VALUES ( NULL, :user_id,
:title, :setting )");
$stmt->bindParam('user_id',$thisuser->id(),PDO::PARAM_INT);
- $stmt->bindParam('title',$_GET['d_val3'],PDO::PARAM_STR);
- $stmt->execute();
- if ($stmt->fetchColumn() === false) {
-
- // insert new filter
- $stmt=&DBConnection::getInstance()->prepare("INSERT INTO
".ROSCMST_FILTER." ( id, user_id, name, setting ) VALUES ( NULL, :user_id,
:title, :string )");
- $stmt->bindParam('user_id',$thisuser->id(),PDO::PARAM_INT);
- $stmt->bindParam('title',$_GET['d_val3'],PDO::PARAM_STR);
- $stmt->bindParam('string',$_GET['d_val4'],PDO::PARAM_STR);
- $stmt->execute();
- }
- }
- elseif ($_GET['d_val'] == 'del') {
- // delete a label
- $stmt=&DBConnection::getInstance()->prepare("DELETE FROM
".ROSCMST_FILTER." WHERE id = :filter_id AND user_id = :user_id LIMIT 1");
- $stmt->bindParam('filter_id',$_GET['d_val3'],PDO::PARAM_INT);
- $stmt->bindParam('user_id',$thisuser->id(),PDO::PARAM_INT);
+ $stmt->bindParam('title',$title,PDO::PARAM_STR);
+ $stmt->bindParam('setting',$setting,PDO::PARAM_STR);
$stmt->execute();
}
+ }
+
+
+ /**
+ * deletes a smart filter
+ *
+ * @param string _GET['d_val3'] filter_title if adding its the filter name, if
del it's the filter id
+ * @param string _GET['d_val4'] filter_string filter content
+ * @return
+ * @access private
+ */
+ private function del( $filter_id )
+ {
+ // delete a label
+ $stmt=&DBConnection::getInstance()->prepare("DELETE FROM
".ROSCMST_FILTER." WHERE id = :filter_id AND user_id = :user_id LIMIT 1");
+ $stmt->bindParam('filter_id',$filter_id,PDO::PARAM_INT);
+
$stmt->bindParam('user_id',ThisUser::getInstance()->id(),PDO::PARAM_INT);
+ $stmt->execute();
+ }
+
+
+
+ /**
+ * deletes a smart filter
+ *
+ * @access private
+ */
+ private function show( )
+ {
// echo current list of filters
$stmt=&DBConnection::getInstance()->prepare("SELECT id, name, setting
FROM ".ROSCMST_FILTER." WHERE user_id = :user_id ORDER BY name ASC");
- $stmt->bindParam('user_id',$thisuser->id(),PDO::PARAM_INT);
+
$stmt->bindParam('user_id',ThisUser::getInstance()->id(),PDO::PARAM_INT);
$stmt->execute();
while ($filter = $stmt->fetch(PDO::FETCH_ASSOC)) {
echo_strip('
@@ -90,10 +116,9 @@
// give standard text, if no filters are found
if ($filter === false) {
- echo '<span>Compose your favorite filter combinations and afterwards use
the "save" function.</span>';
+ echo '<span>Compose your favorite filter combinations and afterwards use
the "save" function.</span>';
}
-
- } // end of member function manage
+ }
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/CMSWebsiteLabel.class.php
URL:
http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ro…
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/lib/CMSWebsiteLabel.class.php
[iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/roscms/lib/CMSWebsiteLabel.class.php
[iso-8859-1] Sun Jan 25 05:25:18 2009
@@ -30,21 +30,16 @@
{
Login::required();
- $this->output();
+ $this->show();
} // end of member function __construct
/**
* cares about filter management: adding, deleting, listing
*
- * @param string _GET['d_value'] action 'add' or 'del'
- * @param string _GET['d_value2'] type 'label' or not
- * @param string _GET['d_value3'] filter_title if adding its the filter name,
if del it's the filter id
- * @param string _GET['d_value4'] filter_string filter content
- * @return
* @access private
*/
- private function output( )
+ private function show( )
{
$thisuser = &ThisUser::getInstance();
Added: branches/danny-web/reactos.org/htdocs/roscms/lib/CMSWebsitePreview.class.php
URL:
http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ro…
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/lib/CMSWebsitePreview.class.php (added)
+++ branches/danny-web/reactos.org/htdocs/roscms/lib/CMSWebsitePreview.class.php
[iso-8859-1] Sun Jan 25 05:25:18 2009
@@ -1,0 +1,54 @@
+<?php
+ /*
+ RosCMS - ReactOS Content Management System
+ Copyright (C) 2007 Klemens Friedl <frik85(a)reactos.org>
+ 2008-2009 Danny Götte <dangerground(a)web.de>
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ */
+
+/**
+ * class CMSWebsitePreview
+ *
+ */
+class CMSWebsitePreview
+{
+
+
+ /**
+ *
+ * @access public
+ */
+ public function __construct( )
+ {
+ Login::required();
+
+ $this->show($_GET['rev_id']);
+ }
+
+
+ /**
+ *
+ *
+ * @access private
+ */
+ private function show( $rev_id )
+ {
+ echo_strip('
+ <iframe style="width:100%;height:600px;background-color: white;border: 1px
solid black;"
src="?page=data_out&d_f=page&d_val='.$rev_id.'"></iframe>');
+ } // end of member function show
+
+} // end of CMSWebsitePreview
+?>
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/Data.class.php
URL:
http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ro…
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/lib/Data.class.php [iso-8859-1]
(original)
+++ branches/danny-web/reactos.org/htdocs/roscms/lib/Data.class.php [iso-8859-1] Sun Jan
25 05:25:18 2009
@@ -431,7 +431,6 @@
}
// update text content with new name
- //@ADD check, for only updating dependent entries
$stmt=&DBConnection::getInstance()->prepare("UPDATE
".ROSCMST_TEXT." SET content = REPLACE(REPLACE(content, :old_type_name,
:new_type_name), :old_link, :new_link) WHERE content LIKE :search1 OR content LIKE
:search2");
$stmt->bindParam('search1','%[#'.$old_type_short.'_'.$data['name'].']%',PDO::PARAM_STR);
$stmt->bindParam('search2','%[#link_'.$data['name'].']%',PDO::PARAM_STR);
@@ -566,7 +565,6 @@
// add Tags
Tag::add($rev_id, 'number', $next_number, -1);
- Tag::add($rev_id, 'number_sort', str_pad($next_number, 5, '0',
STR_PAD_LEFT), -1); // padding with '0'
Tag::add($rev_id, 'pub_date', date('Y-m-d'), -1);
Tag::add($rev_id, 'pub_user', $thisuser->id(), -1);
@@ -640,7 +638,7 @@
die('Set a valid language in your account settings!');
}
elseif ($user_lang != $revision['lang_id']) {
- echo 'As Language Maintainer you can only mark entries of
"'.$user_lang.'" language as stable!';
+ echo 'As Language Maintainer you can\'t mark entries of other
languages as stable!';
continue;
}
}
@@ -773,9 +771,8 @@
// move to archiv
case 'va':
- Data::copy($revision['id'], 0, $lang_id);
+ Data::toArchive($revision['id']);
Data::deleteFile($revision['id']);
- Data::deleteRevision($revision['id']);
break;
} // switch
} // for
@@ -847,93 +844,67 @@
/**
- *
- *
- * @param int data_id
- * @param int rev_id
- * @param bool archive_mode
- * @param string lang
+ * creates a new revision suitable for a new translation
+ *
+ * @param int rev_id the revision id which has to be translated
+ * @param int lang_id translated to this language
* @return bool
* @access public
*/
- public static function copy($rev_id, $archive_mode, $lang_id = 0 )
- {
- // set archive mode dependent vars
- if ($archive_mode == 0) {
- // copy to archive
- $archive_mode = true;
- }
- elseif ($archive_mode == 1) {
- // create copy
- $archive_mode = false;
- }
- else {
- die('move_to_archive: wrong param');
- }
-
- // Log something
- if ($archive_mode === false) {
- Log::writeLow('copy entire entry (e.g. translate): rev-id
'.$rev_id.Log::prepareInfo(null, $rev_id).'{move_to_archive}');
- }
- else {
- Log::writeMedium('move entire entry to archive: rev-id
'.$rev_id.Log::prepareInfo(null, $rev_id).'{move_to_archive}');
- }
-
- // data_revision
- $stmt=&DBConnection::getInstance()->prepare("SELECT r.data_id, d.name,
d.type, d.access_id, r.version, r.user_id, r.lang_id, r.datetime FROM
".ROSCMST_REVISIONS." r JOIN ".ROSCMST_ENTRIES." d ON r.data_id=d.id
WHERE r.id = :rev_id LIMIT 1");
+ public static function newTranslation($rev_id, $lang_id = 0 )
+ {
+ // original_revision
+ $stmt=&DBConnection::getInstance()->prepare("SELECT id, data_id, lang_id
FROM ".ROSCMST_REVISIONS." WHERE id = :rev_id LIMIT 1");
$stmt->bindParam('rev_id',$rev_id,PDO::PARAM_INT);
$stmt->execute();
$revision = $stmt->fetchOnce(PDO::FETCH_ASSOC);
- if ($archive_mode === false) {
- $revision = array(
- 'data_id' => $revision['data_id'],
- 'version' => '0',
- 'user_id' => ThisUser::getInstance()->id(),
- 'lang_id' => $lang_id,
- 'datetime' => date('Y-m-d H:i:s'));
- }
- $stmt=&DBConnection::getInstance()->prepare("INSERT INTO
".ROSCMST_REVISIONS." ( id , data_id , version , lang_id , user_id , datetime )
VALUES ( NULL, :data_id, :version, :lang, :user_id, :datetime )");
+ // check if we can translate to the selected language
+ if ($lang_id == $revision['lang_id'] || $lang_id ==
Language::getStandardId()) {
+ die ('Can\'t translate to your language language');
+ }
+
+ // insert translated revision
+ $stmt=&DBConnection::getInstance()->prepare("INSERT INTO
".ROSCMST_REVISIONS." ( id , data_id , version , lang_id , user_id , datetime )
VALUES ( NULL, :data_id, :version, :lang, :user_id, NOW() )");
$stmt->bindParam('data_id',$revision['data_id'],PDO::PARAM_INT);
- $stmt->bindValue('version',$revision['version'],PDO::PARAM_INT);
- $stmt->bindParam('lang',$revision['lang_id'],PDO::PARAM_INT);
- $stmt->bindParam('user_id',$revision['user_id'],PDO::PARAM_INT);
-
$stmt->bindParam('datetime',$revision['datetime'],PDO::PARAM_STR);
- $stmt->execute();
-
- $stmt=&DBConnection::getInstance()->prepare("SELECT id FROM
".ROSCMST_REVISIONS." WHERE data_id = :data_id AND user_id=:user_id ORDER BY id
DESC LIMIT 1");
+ $stmt->bindValue('version',0,PDO::PARAM_INT);
+ $stmt->bindParam('lang',$lang_id,PDO::PARAM_INT);
+
$stmt->bindParam('user_id',ThisUser::getInstance()->id(),PDO::PARAM_INT);
+ $stmt->execute();
+
+ // get new revision id
+ $stmt=&DBConnection::getInstance()->prepare("SELECT id FROM
".ROSCMST_REVISIONS." WHERE data_id = :data_id AND user_id=:user_id AND
lang_id=:lang_id ORDER BY id DESC LIMIT 1");
$stmt->bindParam('data_id',$revision['data_id'],PDO::PARAM_INT);
- $stmt->bindParam('user_id',$revision['user_id'],PDO::PARAM_INT);
+ $stmt->bindParam('lang_id',$lang_id,PDO::PARAM_INT);
+
$stmt->bindParam('user_id',ThisUser::getInstance()->id(),PDO::PARAM_INT);
$stmt->execute();
$new_rev_id = $stmt->fetchColumn();
+ // check if copy process was successfull
if ($new_rev_id === false) {
die('copy-process of data_revision not successful');
}
-
- // copy stext
- $stmt=&DBConnection::getInstance()->prepare("INSERT INTO
".ROSCMST_STEXT." ( id , rev_id , name , content ) SELECT NULL, :new_rev_id AS
rev_id, name, content FROM ".ROSCMST_STEXT." WHERE rev_id = :old_rev_id");
+ echo $new_rev_id.'--'.$revision['id'];
+
+ // copy short text
+ $stmt=&DBConnection::getInstance()->prepare("INSERT INTO
".ROSCMST_STEXT." ( id , rev_id , name , content ) SELECT NULL, :new_rev_id,
name, content FROM ".ROSCMST_STEXT." WHERE rev_id = :old_rev_id");
$stmt->bindParam('new_rev_id',$new_rev_id,PDO::PARAM_INT);
- $stmt->bindParam('old_rev_id',$old_rev_id,PDO::PARAM_INT);
+ $stmt->bindParam('old_rev_id',$revision['id'],PDO::PARAM_INT);
$stmt->execute();
// copy_text
- $stmt=&DBConnection::getInstance()->prepare("INSERT INTO
".ROSCMST_TEXT." ( id , rev_id , name , content ) SELECT NULL, :new_rev_id AS
rev_id, name, content FROM ".ROSCMST_TEXT." WHERE rev_id = :old_rev_id");
+ $stmt=&DBConnection::getInstance()->prepare("INSERT INTO
".ROSCMST_TEXT." ( id , rev_id , name , content ) SELECT NULL, :new_rev_id,
name, content FROM ".ROSCMST_TEXT." WHERE rev_id = :old_rev_id");
$stmt->bindParam('new_rev_id',$new_rev_id,PDO::PARAM_INT);
- $stmt->bindParam('old_rev_id',$old_rev_id,PDO::PARAM_INT);
- $stmt->execute();
-
-
- // data_tag
- Tag::copyFromData($rev_id, $new_rev_id);
- if ($archive_mode === false) {
- // change status to draft
- $tag_id = Tag::getIdByUser($new_rev_id, 'status', -1);
- Tag::update($tag_id, 'draft');
- }
+ $stmt->bindParam('old_rev_id',$revision['id'],PDO::PARAM_INT);
+ $stmt->execute();
+
+
+ // copy data tags and update status
+ Tag::copyFromData($revision['id'], $new_rev_id);
+ Tag::update(Tag::getIdByUser($new_rev_id, 'status', -1), 'draft');
return true;
- } // end of member function compareGregorianDate
+ } // end of member function newTranslation
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/Editor_Website.class.php
URL:
http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ro…
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/lib/Editor_Website.class.php [iso-8859-1]
(original)
+++ branches/danny-web/reactos.org/htdocs/roscms/lib/Editor_Website.class.php [iso-8859-1]
Sun Jan 25 05:25:18 2009
@@ -236,15 +236,14 @@
if (Data::hasAccess($revision['data_id'], 'translate')) {
// copy existing entry to new language
- if (Data::copy($revision['id'], 1 /* copy mode */,
$_GET['d_r_lang'])) {
+ if (Data::newTranslation($revision['id'], $_GET['d_r_lang'])) {
$stmt=&DBConnection::getInstance()->prepare("SELECT id FROM
".ROSCMST_REVISIONS." WHERE data_id = :data_id AND user_id = :user_id AND
version = 0 AND lang_id = :lang ORDER BY id DESC LIMIT 1");
$stmt->bindParam('data_id',$revision['data_id'],PDO::PARAM_STR);
$stmt->bindParam('user_id',ThisUser::getInstance()->id(),PDO::PARAM_INT);
$stmt->bindParam('lang',$_GET['d_r_lang'],PDO::PARAM_STR);
$stmt->execute();
- $translation = $stmt->fetchOnce(PDO::FETCH_ASSOC);
-
- $this->setRevision($translation['id']);
+
+ $this->setRevision($stmt->fetchColumn());
$this->show();
}
else {
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/Export_Page.class.php
URL:
http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ro…
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/lib/Export_Page.class.php [iso-8859-1]
(original)
+++ branches/danny-web/reactos.org/htdocs/roscms/lib/Export_Page.class.php [iso-8859-1]
Sun Jan 25 05:25:18 2009
@@ -25,12 +25,6 @@
class Export_Page extends Export
{
- /** Aggregations: */
-
- /** Compositions: */
-
- /*** Attributes: ***/
-
/**
*
@@ -40,61 +34,22 @@
public function __construct( )
{
parent::__construct();
- $this->page();
+
+
+ // remove "tr" so that it also work in translation view
+ $this->show(str_replace('tr', '', $_GET['d_val']));
}
/**
*
- * @return
- * @access public
+ * @access private
*/
- public function page( )
+ private function show( $rev_id )
{
- switch (@$_GET['d_u']) {
- case 'output':
- // @TODO
- break;
-
- case 'show':
- default:
- if (empty($_GET['d_r_id']) || strpos($_GET['d_r_id'],
'tr') >= 0) {
- // translation mode (contains "tr")
- $lang = @$_GET['d_r_lang'];
- }
- else {
- $lang = $_GET['d_val2'];
- }
-
- // remove "tr" so that it also work in translation view
- $data = str_replace('tr', '', $_GET['d_val']);
-
- if ( is_numeric($data) ) {
- $stmt=&DBConnection::getInstance()->prepare("SELECT d.name, r.id,
r.lang_id FROM ".ROSCMST_ENTRIES." d JOIN ".ROSCMST_REVISIONS." r ON
d.id = r.data_id WHERE r.id = :rev_id ORDER BY r.version DESC LIMIT 1");
- $stmt->bindParam('rev_id',$data,PDO::PARAM_INT);
- }
- else {
- $stmt=&DBConnection::getInstance()->prepare("SELECT d.name, r.id,
r.lang_id FROM ".ROSCMST_ENTRIES." d JOIN ".ROSCMST_REVISIONS." r ON
d.id = r.data_id WHERE d.name = :data_name AND r.lang_id IN(:lang_one, :lang_two) ORDER BY
r.version DESC LIMIT 1");
- $stmt->bindParam('data_name',$data,PDO::PARAM_STR);
- $stmt->bindParam('lang_one',$lang,PDO::PARAM_INT);
-
$stmt->bindParam('lang_two',Language::getStandardId(),PDO::PARAM_INT);
- }
-
- $stmt->execute();
- $revision = $stmt->fetchOnce(PDO::FETCH_ASSOC);
- if (empty($_GET['d_val3'])) {
- $dynamic_num = Tag::getValueByUser($revision['id'], 'number',
-1);
- }
- else {
- $dynamic_num = $_GET['d_val3'];
- }
-
- Log::writeGenerateLow('preview page:
generate_page('.$revision['name'].',
'.$revision['lang_id'].', '.$dynamic_num.',
'.$_GET['d_u'].')');
-
- $export_html = new Export_HTML();
- echo $export_html->processText($revision['id'],
$_GET['d_u']);
- break;
- }
+ // output a preview of the selected content
+ $generate = new Generate();
+ $generate->preview($rev_id);
}
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/Export_XML.class.php
URL:
http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ro…
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/lib/Export_XML.class.php [iso-8859-1]
(original)
+++ branches/danny-web/reactos.org/htdocs/roscms/lib/Export_XML.class.php [iso-8859-1] Sun
Jan 25 05:25:18 2009
@@ -320,7 +320,7 @@
$tdata .= ' status="'. $line_status .'"'; /* status
(odd/even (=stable), new, draft, etc.) */
$tdata .= ' security="'. $security .'"'; /* security
(read, write, add, pub, trans) */
$tdata .= ' xtrcol="'.$column_list_row.'"';
- $tdata .= '><![CDATA['.urlencode(substr($stext_content,
30)).']]></row>';
+ $tdata .= '><![CDATA['.urlencode(substr($stext_content, 0,
30)).']]></row>';
$row_counter++;
} // while
@@ -419,8 +419,8 @@
break;
case 'nbr': // number ("dynamic" entry)
$tag_counter++;
- $this->sql_order .= " t".$tag_counter.".value";
- $this->sql_where .= " AND t".$tag_counter.".name =
'number_sort' ";
+ $this->sql_order .= " CAST(t".$tag_counter.".value AS
INT)";
+ $this->sql_where .= " AND t".$tag_counter.".name =
'number' ";
break;
case 'type': // type
$this->sql_order .= "d.type ";
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/Generate.class.php
URL:
http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ro…
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/lib/Generate.class.php [iso-8859-1]
(original)
+++ branches/danny-web/reactos.org/htdocs/roscms/lib/Generate.class.php [iso-8859-1] Sun
Jan 25 05:25:18 2009
@@ -43,6 +43,9 @@
private $lang = null;
private $short = array('template'=>'templ',
'content'=>'cont', 'script'=>'inc');
+
+ //@DEBUG
+ private $base_rev = 0;
@@ -65,6 +68,52 @@
/**
*
+ * @param int rev_id
+ * @return
+ * @access public
+ */
+ public function preview( $rev_id )
+ {
+ $this->rev_id=$rev_id;
+
+ $stmt=&DBConnection::getInstance()->prepare("SELECT lang_id FROM
".ROSCMST_REVISIONS." WHERE id=:rev_id");
+ $stmt->bindParam('rev_id',$rev_id,PDO::PARAM_INT);
+ $stmt->execute();
+ $this->lang_id = $stmt->fetchColumn();
+
+ $stmt=&DBConnection::getInstance()->prepare("SELECT content FROM
".ROSCMST_TEXT." WHERE rev_id=:rev_id AND name='content'");
+ $stmt->bindParam('rev_id',$rev_id,PDO::PARAM_INT);
+ $stmt->execute();
+ $content = $stmt->fetchColumn();
+
+ // replace depencies
+ $stmt=&DBConnection::getInstance()->prepare("SELECT d.type, d.name FROM
".ROSCMST_DEPENCIES." w JOIN ".ROSCMST_ENTRIES." d ON w.child_id=d.id
WHERE w.rev_id=:rev_id AND w.include IS TRUE");
+ $stmt->bindParam('rev_id',$rev_id,PDO::PARAM_INT);
+ $stmt->execute();
+ while ($depency = $stmt->fetch(PDO::FETCH_ASSOC)) {
+
+ // replace
+ if ($depency['type'] != 'script') {
+ $content =
str_replace('[#'.$this->short[$depency['type']].'_'.$depency['name'].']',
$this->getCached(array(null,
$this->short[$depency['type']].'_'.$depency['name'])),
$content);
+ }
+ }
+
+ // execute scripts
+ $content = preg_replace_callback('/\[#inc_([^][#[:space:]]+)\]/',
array($this,'evalTemplate'),$content);
+
+ // replace roscms vars
+ $content = $this->replaceRoscmsPlaceholder($content);
+
+ // replace links
+ $content = preg_replace_callback('/\[#link_([^][#[:space:]]+)\]/',
array($this, 'replaceWithHyperlink'), $content);
+
+ echo $content;
+ }
+
+
+
+ /**
+ *
*
* @return
* @access public
@@ -77,6 +126,7 @@
// caching
$this->cacheFiles();
+ // we need to reset this, as cacheFiles() overwrites this setting
$this->base_dir = $this->destination_folder;
// build all entries
@@ -170,7 +220,6 @@
// file content
$content = $revision['content'];
$content = str_replace('[#%NAME%]', $data_name, $content);
- $content = str_replace('[#cont_%NAME%]',
'[#cont_'.$data_name.']', $content);
// replace depencies
$stmt_more=&DBConnection::getInstance()->prepare("SELECT d.id, d.type,
d.name FROM ".ROSCMST_DEPENCIES." w JOIN ".ROSCMST_ENTRIES." d ON
w.child_id=d.id WHERE w.rev_id=:rev_id AND w.include IS TRUE");
@@ -183,11 +232,10 @@
if ($depency['type'] != 'script') {
$content =
str_replace('[#'.$this->short[$depency['type']].'_'.$depency['name'].']',
$this->getCached(array(null,
$this->short[$depency['type']].'_'.$depency['name'])),
$content);
}
- // eval
- else {
- $content = str_replace('[#inc_'.$depency['name'].']',
$this->evalTemplate(array(null,$depency['name'])), $content);
- }
- }
+ }
+
+ // execute scripts
+ $content = preg_replace_callback('/\[#inc_([^][#[:space:]]+)\]/',
array($this,'evalTemplate'),$content);
// replace roscms vars
$content = $this->replaceRoscmsPlaceholder($content);
@@ -274,14 +322,19 @@
* @return
* @access private
*/
- public function update( $rev_id )
- {
+ public function update( $rev_id, $from = null )
+ {
+ // exclude the base ref to avoid circles
+ if ($this->base_rev === 0) {
+ $this->base_rev = $rev_id;
+ }
$stmt=&DBConnection::getInstance()->prepare("SELECT data_id, lang_id FROM
".ROSCMST_REVISIONS." WHERE id=:rev_id");
$stmt->bindParam('rev_id',$rev_id,PDO::PARAM_INT);
$stmt->execute();
$revision=$stmt->fetchOnce(PDO::FETCH_ASSOC);
+ // set language for cache
$this->lang_id = $revision['lang_id'];
// cache data
@@ -289,46 +342,58 @@
// set generating dir again
$this->base_dir = $this->destination_folder;
-
- // update entries which depends on this one
- $stmt=&DBConnection::getInstance()->prepare("SELECT r.lang_id, d.name,
d.type, r.id FROM ".ROSCMST_DEPENCIES." w JOIN ".ROSCMST_REVISIONS." r
ON r.id=w.rev_id JOIN ".ROSCMST_ENTRIES." d ON d.id=r.data_id WHERE
w.child_id=:depency_id AND w.rev_id != :rev_id AND r.archive IS FALSE AND w.include IS
TRUE");
-
$stmt->bindParam('depency_id',$revision['data_id'],PDO::PARAM_INT);
- $stmt->bindParam('rev_id',$rev_id,PDO::PARAM_INT);
- $stmt->execute();
- while ($depency = $stmt->fetch(PDO::FETCH_ASSOC)) {
-
+
+ // for usage in loop
// in standard language we may have depencies to other languages, so better
generate them all
if ($revision['lang_id'] == Language::getStandardId()){
- $stmt_lang=&DBConnection::getInstance()->prepare("SELECT id,
name_short FROM ".ROSCMST_LANGUAGES." ORDER BY level DESC");
+ $stmt_lang=&DBConnection::getInstance()->prepare("SELECT id,
name_short FROM ".ROSCMST_LANGUAGES." ORDER BY level DESC, name ASC");
}
else {
$stmt_lang=&DBConnection::getInstance()->prepare("SELECT id,
name_short FROM ".ROSCMST_LANGUAGES." WHERE id=:lang_id");
$stmt_lang->bindParam('lang_id',$revision['lang_id'],PDO::PARAM_INT);
}
- $stmt_lang->execute();
- while ($language = $stmt_lang->fetch(PDO::FETCH_ASSOC)) {
-
- // language settings for generating process
- $this->lang_id=$language['id'];
- $this->lang=$language['name_short'];
-
- // cache recursivly or generate page
- switch ($depency['type']) {
- case 'page':
- $this->oneEntry($depency['name'], $language['id']);
- break;
- case 'dynamic':
- $this->makeDynamic($depency['name'], $language['id']);
- break;
- case 'script':
- // scripts are only executed by in pages
- break;
- default:
- $this->update($depency['id']);
- break;
- }
- }
- }
+
+ // get list of entries which depend on this one and handle their types
+ $stmt=&DBConnection::getInstance()->prepare("SELECT r.lang_id, d.name,
d.type, r.id FROM ".ROSCMST_DEPENCIES." w JOIN ".ROSCMST_REVISIONS." r
ON r.id=w.rev_id JOIN ".ROSCMST_ENTRIES." d ON d.id=r.data_id WHERE
w.child_id=:depency_id AND w.rev_id NOT IN(:rev_id,:rev_id2) AND r.archive IS FALSE AND
w.include IS TRUE");
+
$stmt->bindParam('depency_id',$revision['data_id'],PDO::PARAM_INT);
+ $stmt->bindParam('rev_id',$this->base_rev,PDO::PARAM_INT);
+ $stmt->bindParam('rev_id2',$rev_id,PDO::PARAM_INT);
+ $stmt->execute();
+ while ($depency = $stmt->fetch(PDO::FETCH_ASSOC)) {
+
+
+ // cache recursivly or generate page
+ switch ($depency['type']) {
+ case 'page':
+ case 'dynamic':
+
+ // generate pages for all languages, if standard lang, otherwise only once
+ $stmt_lang->execute();
+ while ($language = $stmt_lang->fetch(PDO::FETCH_ASSOC)) {
+
+ // language settings for generating process
+ $this->lang_id=$language['id'];
+ $this->lang=$language['name_short'];
+
+ // seperate functions for pages & dynamic pages (in that order)
+ if($depency['type'] == 'page') {
+ $this->oneEntry($depency['name'], $language['id']);
+ }
+ else {
+ $this->makeDynamic($depency['name'], $language['id']);
+ }
+ } // end while language
+ break;
+
+ case 'script':
+ // scripts are only executed by in pages
+ break;
+ default:
+ // only run update once per $rev_id
+ $this->update($depency['id']);
+ break;
+ } // end switch
+ } // end while depency
}
@@ -566,7 +631,6 @@
// check if depency not available
if (count($results) === 0){
- //echo '<p>* <strong>Not found ('.$type.':
'.$name.')</strong></p>';
return false;
}
@@ -672,7 +736,7 @@
{
$revision = $this->getFrom('script',$matches[1]);
- if( Tag::getValue($revision['id'], 'kind',-1) == 'php') {
+ if( Tag::getValueByUser($revision['id'], 'kind',-1) == 'php')
{
// catch output
ob_start();
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_CMS_Website.class.php
URL:
http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ro…
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_CMS_Website.class.php
[iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_CMS_Website.class.php
[iso-8859-1] Sun Jan 25 05:25:18 2009
@@ -295,17 +295,17 @@
</select>
</div>
<div id="tablecmdbar" style="padding-top:
5px;"></div>
- <div style="border: 0px dashed red; position: absolute; right:
10px; text-align:right; white-space: nowrap;">
- <span id="mtblnav"> </span>
- </div>
- <div class="tabselect">Select: <span
id="tabselect1"></span></div>
- <div id="tablist"> </div>
- <div style="border: 0px dashed red; position: absolute; right:
10px; text-align:right; white-space: nowrap;">
- <span id="mtbl2nav"> </span>
- </div>
- <div class="tabselect">Select: <span
id="tabselect2"></span></div>
- </div>
- <div id="frameedit" style="display: block; border: 0px
dashed red; ">
+ <div style="border: 0px dashed red; position: absolute; right:
10px; text-align:right; white-space: nowrap;">
+ <span id="mtblnav"> </span>
+ </div>
+ <div class="tabselect">Select: <span
id="tabselect1"></span></div>
+ <div id="tablist"> </div>
+ <div style="border: 0px dashed red; position: absolute; right:
10px; text-align:right; white-space: nowrap;">
+ <span id="mtbl2nav"> </span>
+ </div>
+ <div class="tabselect">Select: <span
id="tabselect2"></span></div>
+ </div>
+ <div id="frameedit" style="display: block; border: 0px
dashed red; ">
<div id="frmedithead" style="padding-bottom:
10px;"> </div>
<div style="width:100%;">
@@ -313,6 +313,11 @@
<div id="frmdiff"></div>
</div>
</div>
+ <div id="previewarea" style="display:none;">
+ <div id="previewhead" style="padding-bottom:
10px;"> </div>
+ <div id="previewzone"> </div>
+ </div>
+
</div>
<div class="corner_BL">
<div class="corner_BR"></div>
@@ -334,7 +339,7 @@
<tr>
<td class="lbox"
style="background-color:#eeeeee"> </td>
<td class="lbox"
style="background-color:#A3EDB4"> </td>
- <td>Translation up to date</td>
+ <td>Translation up to date</td>
</tr>
<tr>
<td class="lbox"
style="background-color:#B5EDA3"> </td>
Added: branches/danny-web/reactos.org/htdocs/roscms/lib/Presentation.class.php
URL:
http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ro…
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/lib/Presentation.class.php (added)
+++ branches/danny-web/reactos.org/htdocs/roscms/lib/Presentation.class.php [iso-8859-1]
Sun Jan 25 05:25:18 2009
@@ -1,0 +1,64 @@
+<?php
+ /*
+ RosCMS - ReactOS Content Management System
+ Copyright (C) 2009 Danny Götte <dangerground(a)web.de>
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ */
+
+
+/**
+ * class Presentation
+ *
+ */
+class Presentation
+{
+
+
+
+ /**
+ *
+ *
+ * @param string text
+ * @return
+ * @access private
+ */
+ public static function verticalText( $text )
+ {
+ $font = 2;
+
+ // initial values
+ $width = 20;
+ $height = strlen($text)*imagefontwidth($font);
+
+ $image = @imagecreatetruecolor($width, $height+5) or die('Cannot initialize new
GD image stream');
+
+ // background
+ $bgcolor = imagecolorallocate($image, 255, 255, 255);
+ imagefill($image, 0, 0, $bgcolor);
+
+ // Set text
+ $textcolor = imagecolorallocate($image, 0, 0, 0);
+ imagestringup($image, $font, 0, $height-1, $text, $textcolor);
+
+ // output captcha image to browser
+ header('Content-Type: image/png');
+ header('Cache-control: no-cache, no-store');
+ imagepng($image);
+ imagedestroy($image);
+ }
+
+} // end of Presentation
+?>
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/Tag.class.php
URL:
http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ro…
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/lib/Tag.class.php [iso-8859-1]
(original)
+++ branches/danny-web/reactos.org/htdocs/roscms/lib/Tag.class.php [iso-8859-1] Sun Jan 25
05:25:18 2009
@@ -126,7 +126,6 @@
*/
public static function add( $rev_id, $tag_name, $tag_value, $user_id )
{
- //@ADD group membership check
if ($user_id != ThisUser::getInstance()->id() && $user_id != 0 &&
$user_id != -1) {
die('ERROR: no rights to access this function');
}