[dgoette] 39504: * bugfixing * minor improvements - Ros-diffs

8 Feb 2009

Author: dgoette
Date: Sun Feb  8 16:24:23 2009
New Revision: 39504
URL: http://svn.reactos.org/svn/reactos?rev=39504&view=rev
Log:
* bugfixing
* minor improvements
Modified:
    branches/danny-web/reactos.org/htdocs/roscms/convert3to4.sql
    branches/danny-web/reactos.org/htdocs/roscms/js/cms_website.js
    branches/danny-web/reactos.org/htdocs/roscms/js/cms_website.js.php
    branches/danny-web/reactos.org/htdocs/roscms/js/mef.js
    branches/danny-web/reactos.org/htdocs/roscms/lib/backend/Backend_EntryTable.class.php
    branches/danny-web/reactos.org/htdocs/roscms/lib/backend/Backend_QuickInfo.class.php
    branches/danny-web/reactos.org/htdocs/roscms/lib/backend/Backend_SaveDraft.class.php
    branches/danny-web/reactos.org/htdocs/roscms/lib/backend/Backend_ViewEditor.class.php
    branches/danny-web/reactos.org/htdocs/roscms/lib/backend/Backend_ViewEntryTable.class.php
    branches/danny-web/reactos.org/htdocs/roscms/lib/backend/Backend_ViewPreview.class.php
    branches/danny-web/reactos.org/htdocs/roscms/lib/om/Entry.class.php
    branches/danny-web/reactos.org/htdocs/roscms/lib/om/Generate.class.php
    branches/danny-web/reactos.org/htdocs/roscms/lib/om/Log.class.php
    branches/danny-web/reactos.org/htdocs/roscms/lib/om/Revision.class.php
    branches/danny-web/reactos.org/htdocs/roscms/lib/om/Tag.class.php
    branches/danny-web/reactos.org/htdocs/roscms/lib/view/HTML_CMS_Maintain.class.php
    branches/danny-web/reactos.org/htdocs/roscms/lib/view/HTML_CMS_User.class.php
    branches/danny-web/reactos.org/htdocs/roscms/lib/view/HTML_CMS_Website.class.php
Modified: branches/danny-web/reactos.org/htdocs/roscms/convert3to4.sql
URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros...
==============================================================================

--- branches/danny-web/reactos.org/htdocs/roscms/convert3to4.sql [iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/roscms/convert3to4.sql [iso-8859-1] Sun Feb  8 16:24:23 2009
@@ -161,16 +161,13 @@
 INSERT INTO roscms_entries_areas VALUES
 (1, 'Translate', 'translate', 'user can translate this entry to the lang he has set in his profile'),
 (2, 'Edit', 'edit', 'modify content of this entry'),
-(3, 'View Metadata', 'metadata', 'view Metadata tab '),
-(4, 'View History', 'history', 'view History tab'),
-(5, 'View Fields', 'fields', 'view fields tab'),
-(6, 'View Entry Tab', 'entry', 'view entry tab'),
-(7, 'View Security', 'security', 'view security tab'),
-(8, 'View Depencies', 'depencies', 'view depencies tab'),
-(9, 'System metadata', 'system_meta', 'modify System metadata'),
-(10, 'Change ACL', 'acl', 'modify ACL for this entry'),
-(11, 'Add Fields', 'add_fields', 'add new text fields'),
-(12, 'Read', 'read', 'can view this entry');
+(3, 'View History', 'history', 'view History tab'),
+(4, 'View Fields', 'fields', 'view fields tab'),
+(5, 'View Revision Tab', 'revision', 'view revision tab'),
+(6, 'View Depencies', 'depencies', 'view depencies tab'),
+(7, 'System metadata', 'system_meta', 'modify System metadata'),
+(8, 'Add Fields', 'add_fields', 'add new text fields'),
+(9, 'Read', 'read', 'can view this entry');
@@ -206,7 +203,7 @@
OR (g.security_level = 3 AND s.sec_lev3_read = 1 AND r.name_short='read')
 OR (g.security_level = 3 AND s.sec_lev3_write = 1 AND r.name_short='edit')
-OR (g.security_level = 3 AND s.sec_lev3_add = 1 AND (r.name_short='add_fields' OR r.name_short='fields' OR r.name_short='security' OR r.name_short='acl' OR r.name_short='entry'))
+OR (g.security_level = 3 AND s.sec_lev3_add = 1 AND (r.name_short='add_fields' OR r.name_short='fields' OR r.name_short='revision'))
 OR (g.security_level = 3 AND s.sec_lev3_trans = 1 AND r.name_short='translate')
OR (s.sec_allow LIKE CONCAT('%',s.sec_allow,'%') AND r.name_short='read')
@@ -269,7 +266,8 @@
 (29, 'add level 2 groups', 'addlvl2group', 'Add memberships with group security level 2'),
 (30, 'add level 3 groups', 'addlvl3group', 'Add memberships with group security level 3'),
 (31, 'Mix private & public entries', 'mix_priv_pub', 'show private and public type entries together'),
-(32, 'show system entries', 'show_sys_entry', 'show entries of type ''system''');
+(32, 'Entry Details Security', 'entry_security', 'change security settings & name + type of entry'),
+(33, 'show system entries', 'show_sys_entry', 'show entries of type ''system''');
@@ -283,7 +281,7 @@
 ) ENGINE=MyISAM DEFAULT CHARSET=utf8;
INSERT INTO roscms_rel_groups_area
-SELECT g.id, a.id
+SELECT DISTINCT g.id, a.id
 FROM roscms_area a JOIN roscms_groups g
 WHERE ((a.name_short = 'system_tags' OR a.name_short = 'entry_details' OR a.name_short = 'new_entry' OR a.name_short = 'deltag' OR a.name_short = 'del_entry' OR a.name_short = 'mix_priv_pub' OR a.name_short = 'show_sys_entry' OR a.name_short = 'addlvl1group')
 AND g.security_level > 1)
@@ -304,7 +302,10 @@
 AND g.name_short = 'transmaint')
OR ((a.name_short = 'more_lang')
-AND g.name_short != 'translator' AND g.name_short != 'transmaint' AND g.security_level > 0);
+AND g.name_short != 'translator' AND g.name_short != 'transmaint' AND g.security_level > 0)
+
+OR ((a.name_short = 'entry_security')
+AND (g.name_short = 'ros_sadmin' OR g.name_short = 'ros_admin'));
-- --------------------------------------------------------
@@ -331,7 +332,7 @@
   d.data_name,
   s.id,
   d.data_id,
-  1
+  TRUE
 FROM data_a d JOIN roscms_entries_access s ON d.data_acl=s.name_short
 UNION
 SELECT
@@ -340,7 +341,7 @@
   d.data_name,
   s.id,
   d.data_id,
-  0
+  FALSE
 FROM data_ d JOIN roscms_entries_access s ON d.data_acl=s.name_short;
@@ -374,8 +375,8 @@
   r.rev_usrid,
   r.rev_version,
   r.rev_datetime,
-  1,
   'unknown',
+  TRUE,
   r.rev_id
 FROM data_revision_a r JOIN roscms_languages l ON r.rev_language=l.name_short JOIN roscms_entries d ON (d.old_id=r.data_id AND d.old_archive IS TRUE)
 UNION
@@ -386,8 +387,8 @@
   r.rev_usrid,
   r.rev_version,
   r.rev_datetime,
-  0,
   'unknown',
+  FALSE,
   r.rev_id
 FROM data_revision r JOIN roscms_languages l ON r.rev_language=l.name_short JOIN roscms_entries d ON (d.old_id=r.data_id AND d.old_archive IS FALSE);
@@ -513,10 +514,12 @@
 -- --------------------------------------------------------
 -- port status tags to revisions
 -- --------------------------------------------------------
+
 UPDATE roscms_entries_revisions r
-SET status = (SELECT value FROM roscms_entries_tags WHERE rev_id=r.id AND name='status' LIMIT 1);
+SET status = (SELECT value FROM roscms_entries_tags WHERE rev_id=r.id AND name='status' ORDER BY value ASC LIMIT 1);
DELETE FROM roscms_entries_tags WHERE name='status';
+
@@ -525,7 +528,7 @@
 -- --------------------------------------------------------
 DELETE FROM roscms_entries_tags WHERE name='visible';
 DELETE FROM roscms_entries_tags WHERE name='kind' AND value='default';
-
+DELETE FROM roscms_entries_tags WHERE name='number_sort';
-- --------------------------------------------------------
@@ -707,6 +710,17 @@
-- --------------------------------------------------------
+-- remove converter specific fields
+-- --------------------------------------------------------
+ALTER TABLE roscms_entries
+  DROP old_id,
+  DROP old_archive,
+  ADD UNIQUE KEY type_name ( type , name );
+ALTER TABLE roscms_entries_revisions DROP old_id;
+
+
+
+-- --------------------------------------------------------
 -- convert to dynamic entries
 -- --------------------------------------------------------
 UPDATE roscms_entries SET type = 'dynamic' WHERE type='page' AND (name='news_page' OR name='newsletter' OR name='interview');
@@ -716,23 +730,28 @@
   'content',
   CONCAT(d.name,'_',t.value),
   d.access_id
-FROM roscms_entries d JOIN roscms_entries_revisions r ON r.data_id=d.id JOIN roscms_entries_tags t ON t.rev_id=r.id
-WHERE t.name='number' AND d.type='content';
+FROM roscms_entries d JOIN roscms_entries e ON e.name=d.name JOIN roscms_entries_revisions r ON r.data_id=d.id JOIN roscms_entries_tags t ON t.rev_id=r.id
+WHERE t.name='number' AND d.type='content' AND e.type = 'dynamic';
UPDATE roscms_entries_revisions r JOIN roscms_entries o ON r.data_id=o.id JOIN roscms_entries_tags t ON t.rev_id=r.id JOIN roscms_entries d ON d.name=CONCAT(o.name,'_',t.value) SET r.data_id=d.id WHERE t.name='number' AND o.type='content';
+INSERT INTO roscms_entries_tags (rev_id, name, value, user_id)
+SELECT
+  r2.id,
+  'next_index',
+  MAX(t.value*1)+1 AS val,
+  -1
+FROM roscms_entries d
+JOIN roscms_entries_revisions r2 ON d.id=r2.data_id
+JOIN roscms_entries e ON e.name LIKE CONCAT(d.name,'_%')
+JOIN roscms_entries_revisions r ON r.data_id=e.id
+JOIN roscms_entries_tags t ON t.rev_id=r.id
+WHERE d.type = 'dynamic'
+AND e.type = 'content'
+AND t.name='number'
+GROUP BY d.name;
+
 DELETE FROM roscms_entries WHERE type='content' AND (name='news_page' OR name='newsletter' OR name='interview');
-
-
-
--- --------------------------------------------------------
--- remove converter specific fields
--- --------------------------------------------------------
-ALTER TABLE roscms_entries
-  DROP old_id,
-  DROP old_archive,
-  ADD UNIQUE KEY type_name ( type , name );
-ALTER TABLE roscms_entries_revisions DROP old_id;
@@ -766,4 +785,4 @@
 DROP TABLE users;
 DROP TABLE user_unsafenames;
 DROP TABLE user_unsafepwds;
-DROP TABLE user_sessions;
+DROP TABLE user_sessions;
Modified: branches/danny-web/reactos.org/htdocs/roscms/js/cms_website.js
URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros...
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/js/cms_website.js [iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/roscms/js/cms_website.js [iso-8859-1] Sun Feb  8 16:24:23 2009
@@ -1056,7 +1056,7 @@
   var selhtml_new = '<span class="button" onclick="selectType(\'new\')">New</span>';
   var selhtml_draft = '<span class="button" onclick="selectType(\'draft\')">Draft</span>';
   var selhtml_uptodate = '<span class="button" onclick="selectType(\'transg\')">Current</span>';
-  var selhtml_outdated = '<span class="button" onclick="selectType(\'transr\')">Dated</span>';
+  var selhtml_outdated = '<span class="button" onclick="selectType(\'transr\')">Outdated</span>';
   var selhtml_notrans = '<span class="button" onclick="selectType(\'transb\')">Missing</span>';
// use for all types
@@ -1359,21 +1359,18 @@
/**
- * updates or changes a specific tag, mostly status or star
- *
- * @param int rev revision id
- * @param string dtn tag name
- * @param string dtv tag value
- * @param int dusr user
- * @param int dtid tag id
+ * updates or changes a specific tag, mostly star
+ *
+ * @param int rev_id revision id
+ * @param string value tag value
  * @param string objid
  */
-function updateTag( rev_id, dtn, dtv, dusr, dtid, objid )
-{
-  if (dtn !== '' && dtv !== '') {
-    makeRequest('?page=backend&type=text&subtype=eta&d_fl=updatetag&rev='+rev_id+'&d_val='+encodeURIComponent(dtn)+'&d_val2='+encodeURIComponent(dtv)+'&d_val3='+dusr+'&d_val4='+dtid, 'eta', objid, 'html', 'GET', '');
-  }
-} // end of function updateTag
+function updateBookmark( rev_id, value, objid )
+{
+  if (value != '') {
+    makeRequest('?page=backend&type=text&subtype=eta&d_fl=setbookmark&rev='+rev_id+'&tag_value='+encodeURIComponent(value), 'eta', objid, 'html', 'GET', '');
+  }
+} // end of function updateBookmark
@@ -1438,7 +1435,6 @@
loadEntryTableWithOffset(roscms_current_tbl_position);
     window.clearTimeout(autosave_timer);
-    alertbox('Draft saved');
   }
 } // end of function saveAsDraft
@@ -1994,6 +1990,13 @@
         autosave_cache = tempcache;
       }
       document.getElementById('mefasi').innerHTML = 'Draft saved at '+ curr_hour +':'+ curr_min;
+      
+      if (http_request.responseText != '') {
+        alertbox('Error: '+http_request.responseText);
+      }
+      else {
+        alertbox('Draft saved');
+      }
       break;
case 'alert':
@@ -2044,7 +2047,7 @@
         dtv = 'off';
         document.getElementById(objid).className = 'cStarOff';
       }
-      updateTag(devideids2, devideids3, 'star', dtv, dusr, devide2[1], objid, '3');
+      updateBookmark(devideids3, dtv, objid);
     }
   }
 } // end of function setBookmark
@@ -2176,12 +2179,12 @@
       break;
case '3':
-      filtstring2 = 'y_is_page_0|k_is_stable_0|l_is_'+userlang+'_0|i_is_read_0|o_asc_name_0';
+      filtstring2 = 'y_is_page_0|k_is_stable_0|c_is_language_0|i_is_read_0|o_asc_name_0';
       loadEntryTable('page');
       break;
case '13':
-      filtstring2 = 'y_is_dynamic_0|k_is_stable_0|l_is_'+userlang+'_0|i_is_read_0|o_asc_name_0';
+      filtstring2 = 'y_is_dynamic_0|k_is_stable_0|c_is_language_0|i_is_read_0|o_asc_name_0';
       loadEntryTable('dynamic');
       break;
@@ -2191,12 +2194,12 @@
       break;
case '5':
-        filtstring2 = 'y_is_template_0|k_is_stable_0|l_is_'+userlang+'_0|i_is_read_0|o_asc_name_0';
+        filtstring2 = 'y_is_template_0|k_is_stable_0|c_is_language_0|i_is_read_0|o_asc_name_0';
       loadEntryTable('template');
       break;
case '6':
-      filtstring2 = 'y_is_script_0|k_is_stable_0|l_is_'+userlang+'_0|i_is_read_0|o_asc_name_0';
+      filtstring2 = 'y_is_script_0|k_is_stable_0|c_is_language_0|i_is_read_0|o_asc_name_0';
       loadEntryTable('script');
       break;
@@ -2287,11 +2290,11 @@
   if (did > 0 && drid > 0) {
     if (document.getElementById(objid).src == roscms_intern_webserver_roscms+'images/star_on_small.gif') {
       document.getElementById(objid).src = roscms_intern_webserver_roscms+'images/star_off_small.gif';
-      updateTag(drid, 'star', 'off', dusr, document.getElementById(objid).className, objid, '3');
+      updateBookmark(drid, 'off', objid);
     }
     else {
       document.getElementById(objid).src = roscms_intern_webserver_roscms+'images/star_on_small.gif';
-      updateTag(drid, 'star', 'on', dusr, document.getElementById(objid).className, objid, '3');
+      updateBookmark(drid, 'on', objid);
     }
   }
 } // end of function ToggleBookmark
Modified: branches/danny-web/reactos.org/htdocs/roscms/js/cms_website.js.php
URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros...
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/js/cms_website.js.php [iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/roscms/js/cms_website.js.php [iso-8859-1] Sun Feb  8 16:24:23 2009
@@ -23,12 +23,8 @@
 Login::required();
// get user language
-$user_lang = ThisUser::getInstance()->language();
-
-// prepare build languages
-$stmt=&DBConnection::getInstance()->prepare("SELECT id, level, name FROM ".ROSCMST_LANGUAGES." WHERE level > 0 ORDER BY name ASC");
-$stmt->execute();
-$languages = $stmt->fetchAll(PDO::FETCH_ASSOC);
+$thisuser = ThisUser::getInstance();
+$user_lang = $thisuser->language();
 ?>
@@ -104,7 +100,16 @@
         filtentryselstrs2 = '<select id="sfc'+filterid+'"><?php
// build languages
-foreach($languages as $language) {
+if ($thisuser->hasAccess('more_lang')) {
+  $stmt=&DBConnection::getInstance()->prepare("SELECT id, name FROM ".ROSCMST_LANGUAGES." WHERE level > 0 ORDER BY name ASC");
+}
+else {
+  $stmt=&DBConnection::getInstance()->prepare("SELECT id, name FROM ".ROSCMST_LANGUAGES." WHERE id IN(:lang_id,:standard_lang)");
+  $stmt->bindParam('lang_id',$thisuser->language(),PDO::PARAM_INT);
+  $stmt->bindParam('standard_lang',Language::getStandardId(),PDO::PARAM_INT);
+}
+$stmt->execute();
+while ($language = $stmt->fetch(PDO::FETCH_ASSOC)) {
   echo '<option value="'.$language['id'].'"'.(($language['id'] == $user_lang) ? ' selected="selected"' : '').'>'.$language['name'].'</option>';
 }
@@ -116,11 +121,18 @@
         filtentryselstrs1 = '<select id="sfb'+filterid+'"><option value="is">to</option></select>';
         filtentryselstrs2 = '<select id="sfc'+filterid+'"><?php
-// build translation languages
-foreach($languages as $language) {
-  if ($language['level'] != '10') {
-    echo '<option value="'.$language['id'].'"'.(($language['id'] == $user_lang) ? ' selected="selected"' : '').'>'.$language['name'].'</option>';
-  }
+// translation languages
+if ($thisuser->hasAccess('more_lang')) {
+  $stmt=&DBConnection::getInstance()->prepare("SELECT id, name FROM ".ROSCMST_LANGUAGES." WHERE level > 0 AND id!=:standard_lang ORDER BY name ASC");
+}
+else {
+  $stmt=&DBConnection::getInstance()->prepare("SELECT id, name FROM ".ROSCMST_LANGUAGES." WHERE id=:lang_id AND id != :standard_lang");
+  $stmt->bindParam('lang_id',$user_lang,PDO::PARAM_INT);
+}
+$stmt->bindParam('standard_lang',Language::getStandardId(),PDO::PARAM_INT);
+$stmt->execute();
+while ($language = $stmt->fetch(PDO::FETCH_ASSOC)) {
+  echo '<option value="'.$language['id'].'"'.(($language['id'] == $user_lang) ? ' selected="selected"' : '').'>'.$language['name'].'</option>';
 }
  ?></select>';
         break;
Modified: branches/danny-web/reactos.org/htdocs/roscms/js/mef.js
URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros...
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/js/mef.js [iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/roscms/js/mef.js [iso-8859-1] Sun Feb  8 16:24:23 2009
@@ -1,5 +1,4 @@
-var roscmseditorsavecache = '';
 var roscms_richtexteditors = new Array();
@@ -20,7 +19,7 @@
   var butid = document.getElementById(objid);
   var wrapid = document.getElementById('swraped'+objid.substr(6));
-  if (tinyMCE.getInstanceById(id) === null) {
+  if (tinyMCE.getInstanceById(id) == null) {
     tinyMCE.execCommand('mceAddControl', false, id);
     butid.value = 'HTML Source';
     wrapid.style.visibility = 'hidden';
@@ -58,7 +57,8 @@
function ajaxsaveContent( id )
 {
-  if (tinyMCE.getInstanceById(id) !== null) {
+
+  if (tinyMCE.getInstanceById(id) != null) {
     return tinyMCE.getInstanceById(id).getHTML();
   }
@@ -94,23 +94,3 @@
     setWrap('off', objid);
   }
 }
-
-
-
-function ajaxLoad( )
-{
-  var inst = tinyMCE.getInstanceById('elm1');
-
-  // Do you ajax call here
-  inst.setHTML('HTML content that got passed from server.');
-}
-
-
-
-function ajaxSave( )
-{
-  var inst = tinyMCE.getInstanceById('elm1');
-
-  // Do you ajax call here
-  alert(inst.getHTML());
-}
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/backend/Backend_EntryTable.class.php
URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros...
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/lib/backend/Backend_EntryTable.class.php [iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/roscms/lib/backend/Backend_EntryTable.class.php [iso-8859-1] Sun Feb  8 16:24:23 2009
@@ -41,8 +41,8 @@
     parent::__construct();
// update one tag
-    if ($_GET['d_fl'] == 'updatetag') {
-      echo $this->updateTag();
+    if ($_GET['d_fl'] == 'setbookmark') {
+      echo $this->setBookmark();
     }
// update a list (if there a entries selected)
@@ -76,7 +76,7 @@
     }
// go through all selected revisions
-    $stmt=&DBConnection::getInstance()->prepare("SELECT lang_id, version, data_id, id, user_id, status FROM ".ROSCMST_REVISIONS." WHERE id IN(".$id_list.") LIMIT 1");
+    $stmt=&DBConnection::getInstance()->prepare("SELECT lang_id, version, data_id, id, user_id, status FROM ".ROSCMST_REVISIONS." WHERE id IN(".$id_list.")");
     $stmt->execute();
     while ($revision = $stmt->fetch(PDO::FETCH_ASSOC)) {
@@ -132,11 +132,10 @@
    * @return int
    * @access private
    */
-  private function updateTag( )
-  {
-    Tag::deleteByName($_GET['rev'], $_GET['tag_name'] , $_GET['user']);
-    Tag::add($_GET['rev'], $_GET['tag_name'] , $_GET['tag_value'], $_GET['user']);
-    return Tag::getId($_GET['rev'], $_GET['tag_value'], $_GET['user']);
+  private function setBookmark( )
+  {
+    Tag::deleteByName($_GET['rev'], 'star', ThisUser::getInstance()->id() );
+    Tag::add($_GET['rev'], 'star' , $_GET['tag_value'], ThisUser::getInstance()->id());
   }
@@ -152,33 +151,34 @@
   {
     $thisuser = &ThisUser::getInstance();
+    // able to delete this entry ?
+    if (!$thisuser->hasAccess('del_entry') && ($revision['user_id'] != $thisuser->id() || $revision['version']>0)) {
+      echo 'Not enough rights for delete process.';
+      return false;
+    }
+
+    // delete own entries ?
+    if ($revision['user_id'] == $thisuser->id() && $revision['version'] == 0 ) {
+      return Revision::delete($revision['id']);
+    }
+    
     // access to this entry ?
     if (!$thisuser->hasAccess('more_lang') && $revision['lang_id'] != $thisuser->language()) {
       echo 'You have no rights to delete entries from other languages';
       return false;
     }
-    // able to delete this entry ?
-    if (!$thisuser->hasAccess('del_entry') && ($revision['user_id'] != $thisuser->id() || $revision['version']>0)) {
-      echo 'Not enough rights for delete process.';
-      return false;
-    }
-
     // entries need to be backuped
     if (!$thisuser->hasAccess('del_wo_archiv')) {
       return Revision::toArchive($revision['id']);
     }
-    // 
-    elseif ($revision['version']) {
-      return Revision::delete($revision['id']);
-    }
-
     // delete everything
     else {
-      Revision::deleteFile($revision['id']);
+      //Data::deleteFile($revision['id']);
       return Revision::delete($revision['id']);
     }
+
   } // end of member function deleteEntry
@@ -285,21 +285,24 @@
     // update depencies for new rev
     $depency = new Depencies();
     if (!$depency->addRevision($revision['id'])) {
-      echo 'Can't generate updated entry.';
-      return false;
-    }
+      echo 'Error while updating depencies';
+      return false;
+    }
+
+    // make entry stable
+    Revision::setStatus($revision['id'],'stable');
// generate content
     $generate = new Generate();
     if (!$generate->update($revision['id'])) {
+      Revision::setStatus($revision['id'],$revision['status']);
       echo 'Can't generate updated entry.';
       return false;
     }
Log::writeLow('mark entry as stable: data-id '.$revision['data_id'].', rev-id '.$revision['id']);
-    // make entry stable
-    return Revision::setStatus($revision['id'],'stable');
+    return true;
   } // end of member function markStable
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/backend/Backend_QuickInfo.class.php
URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros...
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/lib/backend/Backend_QuickInfo.class.php [iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/roscms/lib/backend/Backend_QuickInfo.class.php [iso-8859-1] Sun Feb  8 16:24:23 2009
@@ -47,7 +47,7 @@
   private function getInfo( )
   {
     // get current revision
-    $stmt=&DBConnection::getInstance()->prepare("SELECT u.name AS user_name, l.name AS language, r.data_id, d.name, d.type, a.name AS acl, r.id, r.version, datetime FROM ".ROSCMST_ENTRIES." d JOIN ".ROSCMST_REVISIONS." r ON r.data_id = d.id JOIN ".ROSCMST_USERS." u ON r.user_id=u.id JOIN ".ROSCMST_LANGUAGES." l ON l.id=r.lang_id JOIN ".ROSCMST_ACCESS." a ON a.id=d.access_id WHERE r.id = :rev_id LIMIT 1");
+    $stmt=&DBConnection::getInstance()->prepare("SELECT u.name AS user_name, l.name AS language, r.data_id, d.name, d.type, a.name AS acl, r.id, r.version, datetime, status FROM ".ROSCMST_ENTRIES." d JOIN ".ROSCMST_REVISIONS." r ON r.data_id = d.id JOIN ".ROSCMST_USERS." u ON r.user_id=u.id JOIN ".ROSCMST_LANGUAGES." l ON l.id=r.lang_id JOIN ".ROSCMST_ACCESS." a ON a.id=d.access_id WHERE r.id = :rev_id LIMIT 1");
     $stmt->bindParam('rev_id',$_GET['d_r_id'],PDO::PARAM_INT);
     $stmt->execute();
     $revision = $stmt->fetchOnce(PDO::FETCH_ASSOC);
@@ -65,6 +65,7 @@
     // start to echo metadata
     echo $t_s.'Name'.$t_e . wordwrap($revision['name'],14,'<br />',1).$t_lb;
     echo $t_s.'Type'.$t_e . $revision['type'].$t_lb;
+    echo $t_s.'Status'.$t_e . $revision['status'].$t_lb;
     echo $t_s.'Version'.$t_e . $revision['version'].$t_lb;
     echo $t_s.'Lang'.$t_e . $revision['language'].$t_lb;
     echo $t_s.'User'.$t_e . wordwrap($revision['user_name'],13,'<br />',1).$t_lb;
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/backend/Backend_SaveDraft.class.php
URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros...
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/lib/backend/Backend_SaveDraft.class.php [iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/roscms/lib/backend/Backend_SaveDraft.class.php [iso-8859-1] Sun Feb  8 16:24:23 2009
@@ -57,6 +57,10 @@
   {
     $thisuser = &ThisUser::getInstance();
     $rev_id = 0; // helper var, contains current rev_id in force
+    
+    if (!$thisuser->hasAccess('more_lang') && $_GET['lang_id'] != $thisuser->language()) {
+      die ('Can't save drafts of other than your language, due to access restrictions');
+    }
// detect if theres already a autosave-draft saved, and get rev_id
     $stmt=&DBConnection::getInstance()->prepare("SELECT id FROM ".ROSCMST_REVISIONS." WHERE data_id = :data_id AND user_id = :user_id AND lang_id = :lang AND archive IS FALSE AND status = 'draft' ORDER BY id DESC LIMIT 1");
@@ -67,7 +71,7 @@
     $draft_candidate = $stmt->fetchColumn();
// if there is a valid value returned, use it as rev_id
-    if ($draft_candidate !== false)
+    if ($draft_candidate !== false) {
       $rev_id = $draft_candidate;
     }
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/backend/Backend_ViewEditor.class.php
URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros...
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/lib/backend/Backend_ViewEditor.class.php [iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/roscms/lib/backend/Backend_ViewEditor.class.php [iso-8859-1] Sun Feb  8 16:24:23 2009
@@ -421,27 +421,33 @@
     else {
       echo '<span class="detailmenu" onclick="'."showEditorTabMetadata(".$this->rev_id.")".'">Metadata</span>';
     }
-    echo '&nbsp;|&nbsp;';
// History
-    if ($mode == self::HISTORY) {
-      echo '<strong>History</strong>';
-    }
-    else {
-      echo '<span class="detailmenu" onclick="'."showEditorTabHistory(".$this->rev_id.")".'">History</span>';
-    }
-    echo '&nbsp;|&nbsp;';
+    if (Entry::hasAccess($this->data_id,'history')) {
+      echo '&nbsp;|&nbsp;';
+
+      if ($mode == self::HISTORY) {
+        echo '<strong>History</strong>';
+      }
+      else {
+        echo '<span class="detailmenu" onclick="'."showEditorTabHistory(".$this->rev_id.")".'">History</span>';
+      }
+    }
// Depencies
-    if ($mode == self::DEPENCIES) {
-      echo '<strong>Depencies</strong>';
-    }
-    else {
-      echo '<span class="detailmenu" onclick="'."showEditorTabDepencies(".$this->rev_id.")".'">Depencies</span>';
+    if (Entry::hasAccess($this->data_id,'depencies')) {
+      echo '&nbsp;|&nbsp;';
+
+      if ($mode == self::DEPENCIES) {
+        echo '<strong>Depencies</strong>';
+      }
+      else {
+        echo '<span class="detailmenu" onclick="'."showEditorTabDepencies(".$this->rev_id.")".'">Depencies</span>';
+      }
     }
// allowed only for someone with "add" rights
-    if ($thisuser->hasAccess('entry_fields')) {
+    if (Entry::hasAccess($this->data_id,'fields')) {
       echo '&nbsp;|&nbsp;';
// Fields
@@ -454,7 +460,7 @@
     }
// Revision Data
-    if ($thisuser->hasAccess('entry_revs')) {
+    if (Entry::hasAccess($this->data_id,'revision')) {
       echo '&nbsp;|&nbsp;';
// Revision
@@ -495,7 +501,7 @@
         $this->showEntryDepencies($this->data_id);
         break;
       case self::SECURITY:
-        $this->showEntryDetailsSecurity();
+        $this->showEntryDetailsEntry();
         break;
       case self::FIELDS:
         $this->showEntryDetailsFields();
@@ -708,11 +714,11 @@
/**
-   * Interface to modify security settings
-   *
-   * @access private
-   */
-  private function showEntryDetailsSecurity( )
+   * Interface to modify entry settings
+   *
+   * @access private
+   */
+  private function showEntryDetailsEntry( )
   {
     // entry details
     $stmt=&DBConnection::getInstance()->prepare("SELECT id, name, type, access_id FROM ".ROSCMST_ENTRIES." WHERE id = :data_id LIMIT 1");
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/backend/Backend_ViewEntryTable.class.php
URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros...
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/lib/backend/Backend_ViewEntryTable.class.php [iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/roscms/lib/backend/Backend_ViewEntryTable.class.php [iso-8859-1] Sun Feb  8 16:24:23 2009
@@ -61,7 +61,7 @@
     $this->generateFilterSQL($_GET['d_filter2']);
// begin to construct xml
-    $this->generateXML($_GET['d_cp']);
+    $this->generateXML(@$_GET['d_cp']);
   } // end of constructor
@@ -79,7 +79,7 @@
// convert requested columns to array
     $this->column_list = substr($this->column_list,1,-1);// prevent from additional entries caused by '|' at start and end
-    if ($this->column_list === '') {
+    if ($this->column_list === false) {
       $column_array = array();
     }
     else {
@@ -105,7 +105,7 @@
       echo $ptm_entries.'<table>';
// start table header
-      echo '<view curpos="'.$page_offset.'" pagelimit="'.$this->page_limit.'" pagemax="'.$ptm_entries.'" tblcols="|'.$this->column_list.'|" />';
+      echo '<view curpos="'.$page_offset.'" pagelimit="'.$this->page_limit.'" pagemax="'.$ptm_entries.'" tblcols="'.($this->column_list !== false ? '|'.$this->column_list.'|' : '').'" />';
// prepare for usage in loop
       $stmt_trans=&DBConnection::getInstance()->prepare("SELECT r.data_id, d.name, d.type, r.id, r.version, r.lang_id, r.datetime, r.user_id FROM ".ROSCMST_ENTRIES." d JOIN ".ROSCMST_REVISIONS." r ON r.data_id=d.id WHERE d.id = :data_id AND r.version > 0 AND r.lang_id = :lang AND r.archive = :archive LIMIT 1");
@@ -134,7 +134,7 @@
         $star_state = '0';
         $star_id = 0;
         $line_status = 'unknown';
-        $column_list_row = '';
+        $column_list_row = null;
         $security = '';
// for non translation
@@ -217,7 +217,7 @@
               $stmt_lang->bindParam('lang',$row['lang_id'],PDO::PARAM_STR);
               $stmt_lang->execute();
               $language = $stmt_lang->fetchColumn();
-              if ($language != '') {
+              if ($language !== false) {
                 $column_list_row .= $language;
               }
               else {
@@ -228,7 +228,7 @@
               $stmt_user->bindParam('user_id',$row['user_id'],PDO::PARAM_INT);
               $stmt_user->execute();
               $user_name = $stmt_user->fetchColumn();
-              if ($user_name != '') {
+              if ($user_name !== false) {
                 $column_list_row .= $user_name;
               }
               else {
@@ -242,7 +242,7 @@
               $stmt_acl->bindParam('access_id',$row['access_id'],PDO::PARAM_INT);
               $stmt_acl->execute();
               $acl = $stmt_acl->fetchColumn();
-              if ($acl != '') {
+              if ($acl !== false) {
                 $column_list_row .= $acl;
               }
               else {
@@ -260,7 +260,9 @@
               break;
           }
         } // foreach
-        $column_list_row .= '|';
+        if ($column_list_row !== null) {
+          $column_list_row .= '|';
+        }
// has person right to write / edit entries ?
         if (Entry::hasAccess($row['data_id'], 'edit')) {
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/backend/Backend_ViewPreview.class.php
URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros...
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/lib/backend/Backend_ViewPreview.class.php [iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/roscms/lib/backend/Backend_ViewPreview.class.php [iso-8859-1] Sun Feb  8 16:24:23 2009
@@ -53,7 +53,7 @@
   private function show( $rev_id )
   {  
     echo_strip('
-      <iframe style="width:100%;height:600px;background-color: white;border: 1px solid black;" src="?page=backend&amp;type=page&amp;rev='.$rev_id.'"></iframe>');
+      <iframe style="width:100%;height:600px;background-color: white;border: 1px solid black;" src="?page=backend&amp;type=text&amp;subtype=prv&amp;rev='.$rev_id.'"></iframe>');
   } // end of member function show
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/om/Entry.class.php
URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros...
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/lib/om/Entry.class.php [iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/roscms/lib/om/Entry.class.php [iso-8859-1] Sun Feb  8 16:24:23 2009
@@ -182,15 +182,12 @@
     if ($data_id === false) {
// insert new data
-      $stmt=&DBConnection::getInstance()->prepare("INSERT INTO ".ROSCMST_ENTRIES." ( id , name , type ) VALUES ( NULL , :name, :type )");
-      $stmt->bindParam('name',$data_name,PDO::PARAM_STR);
-      $stmt->bindParam('type',$data_type,PDO::PARAM_STR);
-      $stmt->execute();
-
-      // and get new data_id
-      $stmt=&DBConnection::getInstance()->prepare("SELECT id FROM ".ROSCMST_ENTRIES." WHERE name = :name AND type = :type LIMIT 1");
-      $stmt->bindParam('name',$data_name,PDO::PARAM_STR);
-      $stmt->bindParam('type',$data_type,PDO::PARAM_STR);
+      $stmt_ins=&DBConnection::getInstance()->prepare("INSERT INTO ".ROSCMST_ENTRIES." ( id , name , type ) VALUES ( NULL , :name, :type )");
+      $stmt_ins->bindParam('name',$data_name,PDO::PARAM_STR);
+      $stmt_ins->bindParam('type',$data_type,PDO::PARAM_STR);
+      $stmt_ins->execute();
+
+      // and get new data_id (use old used statement again)
       $stmt->execute();
       $data_id = $stmt->fetchColumn();
     }
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/om/Generate.class.php
URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros...
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/lib/om/Generate.class.php [iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/roscms/lib/om/Generate.class.php [iso-8859-1] Sun Feb  8 16:24:23 2009
@@ -1,8 +1,8 @@
 <?php
     /*
     RosCMS - ReactOS Content Management System
-    Copyright (C) 2007  Klemens Friedl frik85@reactos.org
-                  2008  Danny Götte dangerground@web.de
+    Copyright (C) 2007      Klemens Friedl frik85@reactos.org
+                  2008-2009 Danny Götte dangerground@web.de
This program is free software; you can redistribute it and/or modify
     it under the terms of the GNU General Public License as published by
@@ -128,9 +128,6 @@
       $this->cacheFiles();
     }
-    // we need to reset this, as cacheFiles() overwrites this setting
-    $this->base_dir = $this->destination_folder;
-
     // build all entries
     if ($id === null) {
       $stmt=&DBConnection::getInstance()->prepare("SELECT d.name, type, l.id AS lang_id, l.name AS language, l.name_short AS lang_short FROM ".ROSCMST_ENTRIES." d CROSS JOIN ".ROSCMST_LANGUAGES." l WHERE (d.type = 'page' OR d.type = 'dynamic') ORDER BY l.level DESC, l.id ASC, d.name ASC");
@@ -256,7 +253,7 @@
    * @return bool
    * @access private
    */
-  private function makeDynamic( $data_name )
+  private function makeDynamic( $data_name, $number = null )
   {
     // get page data
     $revision = $this->getFrom('dynamic', $data_name);
@@ -273,13 +270,26 @@
       return false;
     }
-    // get last index
-    $next_index = (int)Tag::getValue($revision['id'],'next_index',-1);
-
-    for ($i=1; $i < $next_index; ++$i) {
+    // generate all numbers
+    if ($number === null) {
+      // get last index
+      $next_index = (int)Tag::getValue($revision['id'],'next_index',-1);
+      $start = 1;
+    }
+
+    // generate only one number
+    else {
+      $start = $number;
+      $next_index = $start + 1;
+    }
+
+    for ($i=$start; $i < $next_index; ++$i) {
// get file name
       $file_name = $data_name.'_'.$i.'.'.$file_extension;
+
+      // information, what was generated
+      echo $this->lang_id.'--'.$file_name.'<br />';
// can I copy from standard lang ?
       if (!$this->cloneFile(RosCMS::getInstance()->siteLanguage(), $this->lang, $file_name)) {
@@ -332,7 +342,6 @@
     // cache revision (set language, cache, restore base_dir)
     $this->lang_id = $revision['lang_id'];
     $this->cacheFiles($revision['data_id']);
-    $this->base_dir = $this->destination_folder;
// for usage in loop
       // in standard language we may have depencies to other languages, so better generate them all
@@ -345,10 +354,19 @@
       }
// get list of entries which depend on this one and handle their types
-    $stmt=&DBConnection::getInstance()->prepare("SELECT r.lang_id, d.name, d.type, r.id FROM ".ROSCMST_DEPENCIES." w JOIN ".ROSCMST_REVISIONS." r ON r.id=w.rev_id JOIN ".ROSCMST_ENTRIES." d ON d.id=r.data_id WHERE w.child_id=:depency_id AND w.rev_id NOT IN(:rev_id,:rev_id2) AND r.archive IS FALSE AND w.include IS TRUE");
+    $stmt=&DBConnection::getInstance()->prepare("
+        SELECT
+          org.name, org.type, COALESCE( trans.id, org.id ) AS id, org.data_id
+        FROM (
+          SELECT d.name, d.type, r.id, r.data_id FROM ".ROSCMST_DEPENCIES." w JOIN ".ROSCMST_REVISIONS." r ON r.id=w.rev_id JOIN ".ROSCMST_ENTRIES." d ON d.id=r.data_id WHERE w.child_id=:depency_id AND r.lang_id = :standard_lang AND w.rev_id NOT IN(:rev_id,:rev_id2) AND r.archive IS FALSE AND w.include IS TRUE
+        ) AS org LEFT OUTER JOIN (
+          SELECT d.name, d.type, r.id, r.data_id FROM ".ROSCMST_DEPENCIES." w JOIN ".ROSCMST_REVISIONS." r ON r.id=w.rev_id JOIN ".ROSCMST_ENTRIES." d ON d.id=r.data_id WHERE w.child_id=:depency_id AND r.lang_id = :lang_id AND w.rev_id NOT IN(:rev_id,:rev_id2) AND r.archive IS FALSE AND w.include IS TRUE
+        ) AS trans ON org.data_id = trans.data_id");
     $stmt->bindParam('depency_id',$revision['data_id'],PDO::PARAM_INT);
     $stmt->bindParam('rev_id',$base_rev,PDO::PARAM_INT);
     $stmt->bindParam('rev_id2',$rev_id,PDO::PARAM_INT);
+    $stmt->bindParam('standard_lang',Language::getStandardId(),PDO::PARAM_INT);
+    $stmt->bindParam('lang_id',$revision['lang_id'],PDO::PARAM_INT);
     $stmt->execute();
     while ($depency = $stmt->fetch(PDO::FETCH_ASSOC)) {
@@ -356,7 +374,7 @@
       switch ($depency['type']) {
         case 'page':
         case 'dynamic':
-        
+
           // generate pages for all languages, if standard lang, otherwise only once
           $stmt_lang->execute();
           while ($language = $stmt_lang->fetch(PDO::FETCH_ASSOC)) {
@@ -379,6 +397,7 @@
           // scripts are only executed in pages
           break;
         default:
+
           // only run update once per $rev_id
           $this->update($depency['id']);
           break;
@@ -398,7 +417,14 @@
    */
   private function cacheFiles( $data_id = null, $depencies = true )
   {
-    $this->base_dir = $this->cache_dir;
+    // set dir to generate contents
+    static $backup;
+    static $first;
+    if (empty($backup)){
+      $backup = $this->base_dir;
+      $first = $data_id;
+      $this->base_dir = $this->cache_dir;
+    }
if ($data_id === null) {
       $stmt=&DBConnection::getInstance()->prepare("SELECT d.id AS data_id, d.type, d.name, l.id AS lang_id FROM ".ROSCMST_ENTRIES." d CROSS JOIN ".ROSCMST_LANGUAGES." l WHERE d.type = 'content' OR d.type = 'script' OR d.type='template' ORDER BY l.level DESC");
@@ -463,6 +489,11 @@
         $this->writeFile($data['lang_id'],$filename, $content);
       }
     } // end while
+
+    // reset old build path
+    if ($first == $data_id) {
+      $this->base_dir = $backup;
+    }
   } // end of member function cacheFiles
@@ -557,23 +588,22 @@
   private function getFrom( $type, $name )
   {
     // get entry
-    $stmt=&DBConnection::getInstance()->prepare("SELECT t.content, r.id, r.lang_id, r.version FROM ".ROSCMST_ENTRIES." d JOIN ".ROSCMST_REVISIONS." r ON r.data_id = d.id JOIN ".ROSCMST_TEXT." t ON t.rev_id = r.id WHERE d.name = :name AND d.type = :type AND r.version > 0 AND r.lang_id IN(:lang_one, :lang_two) AND r.archive IS FALSE AND t.name = 'content' AND r.status='stable' ORDER BY r.version DESC LIMIT 2");
+    $stmt=&DBConnection::getInstance()->prepare("SELECT t.content, r.id, r.lang_id, r.version, r.status FROM ".ROSCMST_ENTRIES." d JOIN ".ROSCMST_REVISIONS." r ON r.data_id = d.id JOIN ".ROSCMST_TEXT." t ON t.rev_id = r.id WHERE d.name = :name AND d.type = :type AND r.version > 0 AND r.lang_id = :lang_id AND r.archive IS FALSE AND t.name = 'content' AND status='stable' LIMIT 1");
     $stmt->bindParam('name',$name,PDO::PARAM_STR);
     $stmt->bindParam('type',$type,PDO::PARAM_STR);
-    $stmt->bindParam('lang_one',$this->lang_id,PDO::PARAM_INT);
-    $stmt->bindParam('lang_two',Language::getStandardId(),PDO::PARAM_INT);
-    $stmt->execute();
-    $results=$stmt->fetchAll(PDO::FETCH_ASSOC);
+    $stmt->bindParam('lang_id',$this->lang_id,PDO::PARAM_INT);
+    $stmt->execute();
+    $revision=$stmt->fetch(PDO::FETCH_ASSOC);
// check if depency not available
-    if (count($results) === 0){
-      return false;
-    }
-
-    // try to get the dataset with lang_id == $lang, to boost the translated content
-    $revision = $results[0];
-    if (count($results) === 2 && $revision['lang_id'] == Language::getStandardId() ) {
-      $revision = $results[1];
+    if ($revision === false) {
+      $stmt->bindParam('lang_id',Language::getStandardId(),PDO::PARAM_INT);
+      $stmt->execute();
+      $revision=$stmt->fetch(PDO::FETCH_ASSOC);
+      
+      if ($revision === false) {
+        return false;
+      }
     }
     return $revision;
   }
@@ -626,14 +656,11 @@
    */
   private function cloneFile( $source_folder, $dest_folder, $filename )
   {
-    $standard_id = Language::getStandardId();
-
     // check, if language is different than standard and if requested file exists
-    if ($this->lang_id != $standard_id && file_exists($this->base_dir.$source_folder.'/'.$filename)) {
+    if ($this->lang_id != Language::getStandardId() && file_exists($this->base_dir.$source_folder.'/'.$filename)) {
       return copy($this->base_dir.$source_folder.'/'.$filename, $this->base_dir.$dest_folder.'/'.$filename);
     }
     return false;
-
   } // end of member function cloneFile
@@ -648,7 +675,7 @@
   private function getCached( $matches )
   {
     // get cached content
-    $fh = fopen($this->cache_dir.$this->lang_id.'/'.$matches[1].'.rcf', 'r');
+    $fh = @fopen($this->cache_dir.$this->lang_id.'/'.$matches[1].'.rcf', 'r');
     if ($fh !== false){
       $content = fread($fh, filesize($this->cache_dir.$this->lang_id.'/'.$matches[1].'.rcf')+1); 
       fclose($fh);
@@ -656,7 +683,7 @@
// fail
     else {
-      $content = '[#'.$matches[1].']';
+      $content = '[#'.$matches[1].'--'.$this->cache_dir.$this->lang_id.'/'.$matches[1].'.rcf'.']';
     }
return $content;
@@ -672,9 +699,10 @@
    * @access private
    */
   private function evalTemplate( $matches )
-  {
-    $revision = $this->getFrom('script',$matches[1]);
-  
+  {  
+    // get entry
+    $revision=$this->getFrom('script',$matches[1]);
+
     // execute php code
     if( Tag::getValue($revision['id'], 'kind',-1) == 'php') {
@@ -688,12 +716,12 @@
       // execute code and return the output
       eval('?>'.$revision['content']);
       $content = ob_get_contents(); 
-      ob_end_clean(); 
+      ob_end_clean();
     }
// no other script types supported -> return nothing
     else {
-      $content = '';
+      $content = $revision['content'];
     }
// replace roscms links
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/om/Log.class.php
URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros...
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/lib/om/Log.class.php [iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/roscms/lib/om/Log.class.php [iso-8859-1] Sun Feb  8 16:24:23 2009
@@ -180,7 +180,7 @@
       // insert long text
       $stmt=&DBConnection::getInstance()->prepare("INSERT INTO ".ROSCMST_TEXT." ( id , rev_id , name , content ) VALUES (NULL, :rev_id, :name, :content)");
       $stmt->bindParam('rev_id',$rev_id,PDO::PARAM_INT);
-      $stmt->bindValue('content',$entry,PDO::PARAM_STR);
+      $stmt->bindValue('content','',PDO::PARAM_STR);
// insert all three
       $stmt->bindValue('name','low',PDO::PARAM_INT);
@@ -229,7 +229,12 @@
    * @access public
    */
   public static function read($level = 'medium', $log = '' ) {
-    return Entry::getContent('log_website_'.($log!=''?$log.'_':'').date('Y-W'), 'system', Language::getStandardId(), $level.'_security_log', 'text');
+    $stmt=&DBConnection::getInstance()->prepare("SELECT t.content FROM ".ROSCMST_ENTRIES." d JOIN ".ROSCMST_REVISIONS." r ON r.data_id = d.id JOIN ".ROSCMST_TEXT." t ON t.rev_id=r.id WHERE d.name = :name AND d.type = 'system' AND r.lang_id = :lang AND t.name = :type ORDER BY r.datetime DESC LIMIT 1");
+    $stmt->bindValue('name','log_website_'.($log!=''?$log.'_':'').date('Y-W'),PDO::PARAM_STR);
+    $stmt->bindParam('type',$level,PDO::PARAM_STR);
+    $stmt->bindParam('lang',Language::getStandardId(),PDO::PARAM_INT);
+    $stmt->execute();
+    return $stmt->fetchColumn();
   } // end of member function read
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/om/Revision.class.php
URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros...
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/lib/om/Revision.class.php [iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/roscms/lib/om/Revision.class.php [iso-8859-1] Sun Feb  8 16:24:23 2009
@@ -155,10 +155,10 @@
    */
   public static function delete( $rev_id )
   {
-    Log::writeMedium("delete entry: rev-id [rev-id: ".$rev_id."]");
+    Log::writeMedium('delete entry: rev-id [rev-id: '.$rev_id.']');
// delete Depencies
-    $success = $success && Depencies::removeRevision($rev_id);
+    $success = Depencies::removeRevision($rev_id);
// delete revision and texts
     $stmt=&DBConnection::getInstance()->prepare("DELETE FROM ".ROSCMST_REVISIONS." WHERE id = :rev_id LIMIT 1");
@@ -369,17 +369,13 @@
     if ($rev_id === false) {
// create new revision
-      $stmt=&DBConnection::getInstance()->prepare("INSERT INTO ".ROSCMST_REVISIONS." ( id , data_id , version , lang_id , user_id , datetime, status ) VALUES ( NULL, :data_id, 0, :lang, :user_id, NOW(), 'draft')");
-      $stmt->bindParam('data_id',$data_id,PDO::PARAM_INT);
-      $stmt->bindParam('lang',$lang_id,PDO::PARAM_INT);
-      $stmt->bindParam('user_id',$thisuser_id,PDO::PARAM_INT);
-      $stmt->execute();
-
-      // get new revision id
-      $stmt=&DBConnection::getInstance()->prepare("SELECT id FROM ".ROSCMST_REVISIONS." WHERE data_id = :data_id AND version = 0 AND lang_id = :lang AND user_id = :user_id AND status='draft' ORDER BY datetime DESC LIMIT 1");
-      $stmt->bindParam('data_id',$data_id,PDO::PARAM_INT);
-      $stmt->bindParam('lang',$lang_id,PDO::PARAM_INT);
-      $stmt->bindParam('user_id',$thisuser_id,PDO::PARAM_INT);
+      $stmt_ins=&DBConnection::getInstance()->prepare("INSERT INTO ".ROSCMST_REVISIONS." ( id , data_id , version , lang_id , user_id , datetime, status ) VALUES ( NULL, :data_id, 0, :lang, :user_id, NOW(), 'draft')");
+      $stmt_ins->bindParam('data_id',$data_id,PDO::PARAM_INT);
+      $stmt_ins->bindParam('lang',$lang_id,PDO::PARAM_INT);
+      $stmt_ins->bindParam('user_id',$thisuser_id,PDO::PARAM_INT);
+      $stmt_ins->execute();
+
+      // get new revision id (use old used statement again)
       $stmt->execute();
// return new revision id
@@ -421,6 +417,11 @@
    */
   public static function translate( $rev_id, $lang_id = 0 )
   {
+    // can translate to this language ?
+    if (!ThisUser::getInstance()->hasAccess('more_lang') && $lang_id != ThisUser::getInstance()->language()) {
+      die ('You've no rights to translate into this language'.$lang_id.'--'.ThisUser::getInstance()->language());
+    }
+
     // original_revision
     $stmt=&DBConnection::getInstance()->prepare("SELECT id, data_id, lang_id FROM ".ROSCMST_REVISIONS." WHERE id = :rev_id LIMIT 1");
     $stmt->bindParam('rev_id',$rev_id,PDO::PARAM_INT);
@@ -433,11 +434,11 @@
     }
// insert translated revision
-    $new_rev_id = Revision::add($revision['data_id'],$lang_id);
+    $new_rev_id = self::add($revision['data_id'],$lang_id);
// check if copy process was successfull
     if ($new_rev_id === false) {
-      die('copy-process of data_revision not successful');
+      die('Copy-process of data_revision not successful, maybe you've that entry already as a draft.');
     }
// copy short text
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/om/Tag.class.php
URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros...
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/lib/om/Tag.class.php [iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/roscms/lib/om/Tag.class.php [iso-8859-1] Sun Feb  8 16:24:23 2009
@@ -25,6 +25,7 @@
  */
 class Tag
 {
+
/**
@@ -50,6 +51,7 @@
   } // end of member function getId
+
   /**
    * wrapper for deleteById
    *
@@ -64,6 +66,7 @@
     $tag_id = self::getId($rev_id, $tag_name, $user_id);
     return self::deleteById($tag_id);
   } // end of member function deleteByName
+
/**
@@ -93,6 +96,7 @@
   } // end of member function deleteById
+
   /**
    * add a new tag
    *
@@ -105,7 +109,8 @@
    */
   public static function add( $rev_id, $tag_name, $tag_value, $user_id )
   {
-    if ($user_id != ThisUser::getInstance()->id() && !($user_id == -1 && ThisUser::getInstance()->hasAccess('system_tags'))) {
+    // check if user has rights to add this type of tag
+    if ($user_id != ThisUser::getInstance()->id() && ($user_id != -1 || !ThisUser::getInstance()->hasAccess('system_tags'))) {
       die('ERROR: no rights to access this function');
     }
@@ -132,6 +137,7 @@
   } // end of member function add
+
   /**
    * updates a given tag with new value
    *
@@ -160,6 +166,7 @@
   } // end of member function update
+
   /**
    * copies tags from old-data to new-data
    *
@@ -170,14 +177,36 @@
    */
   public static function copyFromRevision( $old_rev_id, $new_rev_id )
   {
-
-    // prepare statements for while loop
-    $stmt=&DBConnection::getInstance()->prepare("INSERT INTO ".ROSCMST_TAGS." ( rev_id , name, value, user_id ) SELECT :new_rev_id, name, value, user_id FROM ".ROSCMST_TAGS." WHERE rev_id = :old_rev_id");
+    // prepare insert for usage in loop
+      $stmt_ins=&DBConnection::getInstance()->prepare("INSERT INTO ".ROSCMST_TAGS." ( id , rev_id , name , value , user_id ) VALUES (NULL, :rev_id, :tag_name, :tag_value, :user_id)");
+      $stmt_ins->bindParam('rev_id',$new_rev_id,PDO::PARAM_INT);
+
+    // check each old tag
+    $stmt=&DBConnection::getInstance()->prepare("SELECT name, value, user_id FROM ".ROSCMST_TAGS." WHERE rev_id = :old_rev_id");
     $stmt->bindParam('old_rev_id',$old_rev_id, PDO::PARAM_INT);
-    $stmt->bindParam('new_rev_id',$new_rev_id, PDO::PARAM_INT);
-    return $stmt->execute();
-
+    $success = $stmt->execute();
+    while ($old = $stmt->fetch(PDO::FETCH_ASSOC)) {
+      $tag_id = Tag::getId($new_rev_id, $old['name'], $old['user_id']);
+
+      // check if tag already exists
+      if ($tag_id == false) { // could be 0
+
+        // tag doesn't exist -> insert new
+        $stmt_ins->bindParam('tag_name',$old['name'],PDO::PARAM_STR);
+        $stmt_ins->bindParam('tag_value',$old['value'],PDO::PARAM_STR);
+        $stmt_ins->bindParam('user_id',$old['user_id'],PDO::PARAM_INT);
+        $success = $success && $stmt_ins->execute();
+      }
+      else {
+
+        // update old tag with new value
+        $success = $success && Tag::update($tag_id, $old['value']);
+      }
+    }
+
+    return ;
   } // end of member function copyFromRevision
+
/**
@@ -203,6 +232,7 @@
   } // end of member function getValue
+
   /**
    * returns revision id
    *
@@ -222,5 +252,6 @@
   } // end of member function getRevision
+
 } // end of Tag
 ?>
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/view/HTML_CMS_Maintain.class.php
URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros...
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/lib/view/HTML_CMS_Maintain.class.php [iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/roscms/lib/view/HTML_CMS_Maintain.class.php [iso-8859-1] Sun Feb  8 16:24:23 2009
@@ -57,10 +57,6 @@
   protected function body( )
   {
     echo_strip('
-      <br />
-      <h2>Maintain</h2>
-      <p><b>RosCMS Maintainer Interface</b></p>
-      <br />
       <p><a href="javascript:optimizeDB()">Optimize Database Tables</a></p>
       <br />
       <p><a href="javascript:rebuildDepencies()">Rebuild Depency Tree</a></p>
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/view/HTML_CMS_User.class.php
URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros...
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/lib/view/HTML_CMS_User.class.php [iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/roscms/lib/view/HTML_CMS_User.class.php [iso-8859-1] Sun Feb  8 16:24:23 2009
@@ -60,19 +60,17 @@
echo_strip('
       <br />
-      <h2>User</h2>
-      <p style="font-weight: bold;">User Account Management Interface</p>
+      <fieldset>
+        <legend>User search</legend>
+        <label for="textfield">Username: </label><input type="text" name="textfield" id="textfield" onkeyup="getUser()" /><br />
+        <input name="searchopt" type="radio" id="searchopt1" value="accountname" checked="checked" onclick="getUser()" /><label for="searchopt1">account name</label>
+        <input name="searchopt" type="radio" id="searchopt2" value="fullname" onclick="getUser()" /><label for="searchopt2">full name </label>
+        <input name="searchopt" type="radio" id="searchopt3" value="email" onclick="getUser()" /><label for="searchopt3">email address</label>
+        <input name="searchopt" type="radio" id="searchopt4" value="website" onclick="getUser()" /><label for="searchopt4">website</label>'.($thisuser->hasAccess('more_lang') ? '
+        <input name="searchopt" type="radio" id="searchopt5" value="language" onclick="getUser()" /><label for="searchopt5">language</label>' : '').'
+        <img id="ajaxloading" style="display:none;" src="images/ajax_loading.gif" width="13" height="13" alt="" /><br />
+      </fieldset>
       <br />
-      <div>
-        <label for="textfield">Username: </label><input type="text" name="textfield" id="textfield" onkeyup="getUser()" /><br />
-        <input name="searchopt" type="radio" id="searchopt1" value="accountname" checked="checked" onclick="getUser()" /><label>account name</label>
-        <input name="searchopt" type="radio" id="searchopt2" value="fullname" onclick="getUser()" /><label>full name </label>
-        <input name="searchopt" type="radio" id="searchopt3" value="email" onclick="getUser()" /><label>email address</label>
-        <input name="searchopt" type="radio" id="searchopt4" value="website" onclick="getUser()" /><label>website</label>'.($thisuser->hasAccess('more_lang') ? '
-        <input name="searchopt" type="radio" id="searchopt5" value="language" onclick="getUser()" /><label>language</label>' : '').'
-        <img id="ajaxloading" style="display:none;" src="images/ajax_loading.gif" width="13" height="13" alt="" /><br />
-        <br />
-      </div>
       <div id="userarea"></div>
       <br />
       <br />
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/view/HTML_CMS_Website.class.php
URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros...
==============================================================================
--- branches/danny-web/reactos.org/htdocs/roscms/lib/view/HTML_CMS_Website.class.php [iso-8859-1] (original)
+++ branches/danny-web/reactos.org/htdocs/roscms/lib/view/HTML_CMS_Website.class.php [iso-8859-1] Sun Feb  8 16:24:23 2009
@@ -281,7 +281,14 @@
                   <select name="favlangopt" id="favlangopt" style="vertical-align: top; width: 22ex;" onchange="setLang(this.value)">');
// preselect current user language
-    $stmt=&DBConnection::getInstance()->prepare("SELECT id, name FROM ".ROSCMST_LANGUAGES." WHERE level > 0 ORDER BY name ASC");
+    if ($thisuser->hasAccess('more_lang')) {
+      $stmt=&DBConnection::getInstance()->prepare("SELECT id, name FROM ".ROSCMST_LANGUAGES." WHERE level > 0 ORDER BY name ASC");
+    }
+    else {
+      $stmt=&DBConnection::getInstance()->prepare("SELECT id, name FROM ".ROSCMST_LANGUAGES." WHERE id IN(:lang_id,:standard_lang)");
+      $stmt->bindParam('lang_id',$thisuser->language(),PDO::PARAM_INT);
+      $stmt->bindParam('standard_lang',Language::getStandardId(),PDO::PARAM_INT);
+    }
     $stmt->execute();
     while($language=$stmt->fetch()) {
       echo '<option value="'.$language['id'].'"';

    