<?php
-# This form requires wfpl. See: http://jasonwoof.org/wfpl
+# This form requires wfpl. See: http://sametwice.com/wfpl
define('ADMIN_PAGES_DB_FIELDS', 'title,filename,navbar,nav_title,content,description,keywords');
-require_once('code/wfpl/format.php');
-require_once('code/wfpl/email.php');
+require_once(DOCROOT . 'inc/wfpl/format.php');
+require_once(DOCROOT . 'inc/wfpl/email.php');
function format_cms_filename($str) {
$str = format_filename($str);
function admin_pages_get_fields() {
$data = array();
- $data['title'] = format_oneline($_REQUEST['title']);
- $data['filename'] = format_cms_filename($_REQUEST['filename']);
- $data['navbar'] = format_oneline($_REQUEST['navbar'], 'navbar');
- $data['nav_title'] = format_oneline($_REQUEST['nav_title']);
- $data['content'] = format_unix($_REQUEST['content']);
- $data['description'] = format_unix($_REQUEST['description']);
- $data['keywords'] = format_unix($_REQUEST['keywords']);
+
+ $data['title'] = format_oneline(_REQUEST_cut('title'));
+ $data['filename'] = format_cms_filename(_REQUEST_cut('filename'));
+ $data['navbar'] = format_options(_REQUEST_cut('navbar'), 'navbar');
+ $data['nav_title'] = format_oneline(_REQUEST_cut('nav_title'));
+ $data['content'] = format_unix(_REQUEST_cut('content'));
+ $data['description'] = format_unix(_REQUEST_cut('description'));
+ $data['keywords'] = format_unix(_REQUEST_cut('keywords'));
return $data;
}
-# You may pass a "where clause" for the db query.
-function admin_pages_display_listing($where = 'order by concat(nav_title,title)') {
- $rows = db_get_assocs('cms_pages', 'id,filename,coalesce(nullif(nav_title,\'\'), title) as title', $where);
- if($rows == false || count($rows) == 0) {
- tem_set('listings', array('empty_listing' => true));
- return;
+function admin_pages_main() {
+ session_auth_must('edit_page');
+
+ $id = _REQUEST_cut('edit_id');
+ if($id) {
+ return admin_pages_main_form($id);
}
- # make sure there's something clickable
- foreach($rows as &$row) {
- if($row['filename'] == '') {
- $row['filename'] = '-- offline --';
- }
- if($row['title'] == '') {
- $row['title'] = '-- untitled --';
- }
+ $id = _REQUEST_cut('admin_pages_delete_id');
+ if($id) {
+ return admin_pages_main_delete($id);
}
- tem_set('listings', array(
- 'populated_listing' => true,
- 'rows' => $rows));
- return true;
-}
-function admin_pages_main() {
- if(!logged_in_as_admin()) {
- $_REQUEST['url'] = this_url();
- return 'admin_login';
+ if(_REQUEST_cut('new')) {
+ return admin_pages_main_form();
}
- tem_set('this_host', this_host());
+ if(_REQUEST_cut('list')) {
+ return admin_pages_main_listing();
+ }
- if(isset($_REQUEST['admin_pages_id'])) {
- return admin_pages_display_main();
- } else {
- return admin_pages_edit_main();
+ $id = _REQUEST_cut('id');
+ if($id) {
+ return admin_pages_main_display($id);
}
+
+ if(isset($_POST['title'])) {
+ return admin_pages_main_form();
+ }
+
+ # default action:
+ return admin_pages_main_listing();
}
# admin-only access to view pages with no filename
-function admin_pages_display_main() {
- $id = format_int($_REQUEST['admin_pages_id']);
- unset($_REQUEST['admin_pages_id']);
- if(!$id) {
- message('Error: Broken link');
- return './admin_pages';
- }
+function admin_pages_main_display($id) {
cms_display_content($GLOBALS['wfpl_main_template'], 'where id=%i', $id);
}
-function admin_pages_edit_main() {
- $edit_id = format_int($_REQUEST['admin_pages_edit_id']);
- unset($_REQUEST['admin_pages_edit_id']);
- if($edit_id) {
- # add hidden field for database id of row we're editing
- tem_set('admin_pages_edit_id', $edit_id);
- tem_set('editing', 'show');
- tem_set('edit_msg', 'show');
- }
-
- $delete_id = format_int($_REQUEST['admin_pages_delete_id']);
- unset($_REQUEST['admin_pages_delete_id']);
- if($delete_id) {
- db_delete('cms_pages', 'where id=%i', $delete_id);
- message('Page deleted.');
+function admin_pages_main_delete($id) {
+ db_delete('cms_pages', 'where id=%i', $id);
+ message('Page deleted.');
+ return './admin_pages';
+}
- return './admin_pages';
+function admin_pages_get_images() {
+ $images = db_get_assocs('cms_images', 'image,name,caption,sizes', 'order by name, caption, image');
+ $id = 0;
+ foreach($images as &$image) {
+ $image['id'] = '' . $id;
+ $id += 1;
}
+ return $images;
+}
- if(!$edit_id) {
- if(!isset($_REQUEST['admin_pages_new']) && !isset($_REQUEST['title'])) {
- admin_pages_display_listing();
- return;
- }
+function admin_pages_main_listing() {
+ $listing_rows = db_get_assocs('cms_pages', 'id,filename,coalesce(nullif(nav_title,\'\'), title) as title', 'order by concat(nav_title,title)');
+ tem_set('listings', $listing_rows);
+}
- tem_set('new_msg', 'show');
+function admin_pages_main_form($id = false) {
+ if($id) {
+ tem_set('id', $id);
}
+ tem_set('$basename', 'admin_pages');
+
$navbar_options = array(array('ignored', 'Not at all'), array('0', 'First'));
$rows = db_get_rows('cms_pages', 'id,coalesce(nullif(nav_title,\'\'), title) as title,navbar', 'where navbar != 0 order by navbar');
if($rows) for($i = 0; $i < count($rows); ++$i) {
list($other_id, $other_title, $other_ord) = $rows[$i];
- if($other_id != $edit_id) { # don't display ourselves
+ if($other_id != $id) { # don't display ourselves
$navbar_options[] = array($i + 1, "After \"$other_title\"");
}
}
# We'll save anything (no required fields)
- $data['navbar'] = db_reposition('cms_pages', $edit_id, $data['navbar'], 'navbar', 'page');
+ $data['navbar'] = db_reposition('cms_pages', $id, $data['navbar'], 'navbar', 'page');
if($data['navbar'] && $data['filename'] == '') {
message('This page was removed from the navigation column because it does not have a filename. (Pages without filenames are visible only to admins.)');
$data['navbar'] = 0;
}
- if($edit_id) {
- db_update_assoc('cms_pages', $data, 'where id=%i', $edit_id);
- $id = $edit_id;
+ if($id) {
+ db_update_assoc('cms_pages', $data, 'where id=%i', $id);
+ $id = $id;
message('Page updated.');
} else {
db_insert_assoc('cms_pages', $data);
if($data['filename']) {
return "./$data[filename]";
} else {
- return "./admin_pages?admin_pages_id=$id";
+ return "./admin_pages?id=$id";
}
- } elseif($edit_id) {
+ } elseif($id) {
# we've recieved an edit id, but no data. So we grab the values to be edited from the database
- $data = db_get_assoc('cms_pages', ADMIN_PAGES_DB_FIELDS, 'where id=%i', $edit_id);
+ $data = db_get_assoc('cms_pages', ADMIN_PAGES_DB_FIELDS, 'where id=%i', $id);
if($data['navbar']) {
$data['navbar'] = db_count('cms_pages', 'where navbar!=0 && navbar<%i', $data['navbar']);
} else {
$data['navbar'] = 'ignored';
}
} else {
- # form not submitted, you can set default values like so:
- #$data = array('title' => 'Yes');
+ # form not submitted, set default values:
$data = array('filename' => format_cms_filename($_REQUEST['new_filename']));
}
+ tem_set('wfpl_images', admin_pages_get_images());
tem_set('form', $data);
- tem_set('$head', 'show'); # wysiwyg init goes in <head>
+ tem_set('$head'); # wysiwyg init goes in <head>
}
Got questions, comments, patches, etc.? Contact Jason Woofenden