X-Git-Url: https://jasonwoof.com/gitweb/?p=wfpl-cms.git;a=blobdiff_plain;f=admin_pages.php;h=9c7f56aa224e9b3d22ed410ff71e7a6f2405a122;hp=cb2ecbe8684270fcc7ea03904e4a93598e4dea5b;hb=40e5acacf037bc97c69e25aeae2bfbf14f77c7ec;hpb=059569fef59006c2ab9af689c582fc3e9b0d7e6e

diff --git a/admin_pages.php b/admin_pages.php
index cb2ecbe..9c7f56a 100644
--- a/admin_pages.php
+++ b/admin_pages.php
@@ -1,13 +1,10 @@
 <?php
 
-# This form requires wfpl. See: http://jasonwoof.org/wfpl
+# This form requires wfpl. See: http://sametwice.com/wfpl
 
 define('ADMIN_PAGES_DB_FIELDS', 'title,filename,navbar,nav_title,content,description,keywords');
 
 
-require_once('code/wfpl/format.php');
-require_once('code/wfpl/email.php');
-
 function format_cms_filename($str) {
 	$str = format_filename($str);
 	$str = str_replace('.', '_', $str);
@@ -17,100 +14,119 @@ function format_cms_filename($str) {
 
 function admin_pages_get_fields() {
 	$data = array();
-	$data['title'] = format_oneline($_REQUEST['title']);
-	$data['filename'] = format_cms_filename($_REQUEST['filename']);
-	$data['navbar'] = format_oneline($_REQUEST['navbar'], 'navbar');
-	$data['nav_title'] = format_oneline($_REQUEST['nav_title']);
-	$data['content'] = format_unix($_REQUEST['content']);
-	$data['description'] = format_unix($_REQUEST['description']);
-	$data['keywords'] = format_unix($_REQUEST['keywords']);
+
+	$data['title'] = format_oneline(_REQUEST_cut('title'));
+	$data['filename'] = format_cms_filename(_REQUEST_cut('filename'));
+	$data['navbar'] = format_options(_REQUEST_cut('navbar'), 'navbar');
+	$data['nav_title'] = format_oneline(_REQUEST_cut('nav_title'));
+	$data['content'] = format_unix(_REQUEST_cut('content'));
+	$data['description'] = format_unix(_REQUEST_cut('description'));
+	$data['keywords'] = format_unix(_REQUEST_cut('keywords'));
 
 	return $data;
 }
 
 
-# You may pass a "where clause" for the db query.
-function admin_pages_display_listing($where = 'order by concat(nav_title,title)') {
-	$rows = db_get_assocs('cms_pages', 'id,filename,coalesce(nullif(nav_title,\'\'), title) as title', $where);
-	if($rows == false || count($rows) == 0) {
-		tem_set('listings', array('empty_listing' => true));
-		return;
+function admin_pages_main() {
+	session_auth_must('edit_page');
+
+	$id = _REQUEST_cut('edit_id');
+	if($id) {
+		return admin_pages_main_form($id);
 	}
 
-	# make sure there's something clickable
-	foreach($rows as &$row) {
-		if($row['filename'] == '') {
-			$row['filename'] = '-- offline --';
-		}
-		if($row['title'] == '') {
-			$row['title'] = '-- untitled --';
-		}
+	$id = _REQUEST_cut('admin_pages_delete_id');
+	if($id) {
+		return admin_pages_main_delete($id);
 	}
-	tem_set('listings', array(
-		'populated_listing' => true,
-		'rows' => $rows));
-	return true;
-}
 
-function admin_pages_main() {
-	if(!logged_in_as_admin()) {
-		$_REQUEST['url'] = this_url();
-		return 'admin_login';
+	if(_REQUEST_cut('new')) {
+		return admin_pages_main_form();
 	}
 
-	tem_set('this_host', this_host());
+	if(_REQUEST_cut('list')) {
+		return admin_pages_main_listing();
+	}
 
-	if(isset($_REQUEST['admin_pages_id'])) {
-		return admin_pages_display_main();
-	} else {
-		return admin_pages_edit_main();
+	$id = _REQUEST_cut('id');
+	if($id) {
+		return admin_pages_main_display($id);
+	}
+
+	if(isset($_POST['title'])) {
+		return admin_pages_main_form();
 	}
+
+	# default action:
+	return admin_pages_main_listing();
 }
 
 # admin-only access to view pages with no filename
-function admin_pages_display_main() {
-	$id = format_int($_REQUEST['admin_pages_id']);
-	unset($_REQUEST['admin_pages_id']);
-	if(!$id) {
-		message('Error: Broken link');
-		return './admin_pages';
-	}
+function admin_pages_main_display($id) {
 	cms_display_content($GLOBALS['wfpl_main_template'], 'where id=%i', $id);
 }
 
-function admin_pages_edit_main() {
-	$edit_id = format_int($_REQUEST['admin_pages_edit_id']);
-	unset($_REQUEST['admin_pages_edit_id']);
-	if($edit_id) {
-		# add hidden field for database id of row we're editing
-		tem_set('admin_pages_edit_id', $edit_id);
-		tem_set('editing', 'show');
-		tem_set('edit_msg', 'show');
-	}
+function admin_pages_main_delete($id) {
+	db_delete('cms_pages', 'where id=%i', $id);
+	message('Page deleted.');
+	return './admin_pages';
+}
 
-	$delete_id = format_int($_REQUEST['admin_pages_delete_id']);
-	unset($_REQUEST['admin_pages_delete_id']);
-	if($delete_id) {
-		db_delete('cms_pages', 'where id=%i', $delete_id);
-		message('Page deleted.');
+# get all images from admin_images (for cms)
+function admin_pages_get_images() {
+	$out = [];
+	$rows = db_get_assocs('cms_images', 'image,name,caption,sizes', 'order by name, caption, image');
+	if ($rows) {
+		$id = 0;
+		foreach($rows as &$row) {
+			$parts = explode(' ', $row['image'] . '      ', 7);
+			$out[] = [
+				'id' => '' . $id,
+				'thumb' => $parts[3],
+				'image' => $parts[0],
+				'image_width' => (int)$parts[1],
+				'image_height' => (int)$parts[2],
+				'sizes' => $row['sizes'],
+				'name' => $row['name'],
+				'caption' => $row['caption']
+			];
+			$id += 1;
+		} unset($row);
+	}
+	return $out;
+}
 
-		return './admin_pages';
+function admin_pages_main_listing() {
+	$data = array();
+	$desc = '';
+	$sort = _REQUEST_cut('sort');
+	if ($sort && substr($sort, 0, 1) === '-') {
+		$sort = substr($sort, 1);
+		$desc = ' DESC ';
+	} else {
+		$data["sorting-by-$sort"] = '-';
+	}
+	$legal_sorts = explode(',', ADMIN_PAGES_DB_FIELDS);
+	if (!$sort || !in_array($sort, $legal_sorts)) {
+		$sort = 'filename';
 	}
 
-	if(!$edit_id) {
-		if(!isset($_REQUEST['admin_pages_new']) && !isset($_REQUEST['title'])) {
-			admin_pages_display_listing();
-			return;
-		}
+	$data['rows'] = db_get_assocs('cms_pages', 'id,coalesce(nullif(nav_title,\'\'), title) as title,filename', "order by $sort $desc limit 1000");
+	tem_set('listing', $data);
+}
 
-		tem_set('new_msg', 'show');
+function admin_pages_main_form($id = false) {
+	if($id) {
+		tem_set('id', $id);
 	}
 
+	tem_set('$basename', 'admin_pages');
+
 	$navbar_options = array(array('ignored', 'Not at all'), array('0', 'First'));
 	$rows = db_get_rows('cms_pages', 'id,coalesce(nullif(nav_title,\'\'), title) as title,navbar', 'where navbar != 0 order by navbar');
 	if($rows) for($i = 0; $i < count($rows); ++$i) {
 		list($other_id, $other_title, $other_ord) = $rows[$i];
-		if($other_id != $edit_id) { # don't display ourselves
+		if($other_id != $id) { # don't display ourselves
 			$navbar_options[] = array($i + 1, "After \"$other_title\"");
 		}
 	}
@@ -121,16 +137,16 @@ function admin_pages_edit_main() {
 
 		# We'll save anything (no required fields)
 
-		$data['navbar'] = db_reposition('cms_pages', $edit_id, $data['navbar'], 'navbar', 'page');
+		$data['navbar'] = db_reposition('cms_pages', $id, $data['navbar'], 'navbar', 'page');
 
 		if($data['navbar'] && $data['filename'] == '') {
 			message('This page was removed from the navigation column because it does not have a filename. (Pages without filenames are visible only to admins.)');
 			$data['navbar'] = 0;
 		}
 
-		if($edit_id) {
-			db_update_assoc('cms_pages', $data, 'where id=%i', $edit_id);
-			$id = $edit_id;
+		if($id) {
+			db_update_assoc('cms_pages', $data, 'where id=%i', $id);
+			$id = $id;
 			message('Page updated.');
 		} else {
 			db_insert_assoc('cms_pages', $data);
@@ -140,22 +156,22 @@ function admin_pages_edit_main() {
 		if($data['filename']) {
 			return "./$data[filename]";
 		} else {
-			return "./admin_pages?admin_pages_id=$id";
+			return "./admin_pages?id=$id";
 		}
-	} elseif($edit_id) {
+	} elseif($id) {
 		# we've recieved an edit id, but no data. So we grab the values to be edited from the database
-		$data = db_get_assoc('cms_pages', ADMIN_PAGES_DB_FIELDS, 'where id=%i', $edit_id);
+		$data = db_get_assoc('cms_pages', ADMIN_PAGES_DB_FIELDS, 'where id=%i', $id);
 		if($data['navbar']) {
 			$data['navbar'] = db_count('cms_pages', 'where navbar!=0 && navbar<%i', $data['navbar']);
 		} else {
 			$data['navbar'] = 'ignored';
 		}
 	} else {
-		# form not submitted, you can set default values like so:
-		#$data = array('title' => 'Yes');
+		# form not submitted, set default values:
 		$data = array('filename' => format_cms_filename($_REQUEST['new_filename']));
 	}
 
+	tem_set('wfpl_images_json', json_encode(admin_pages_get_images()));
 	tem_set('form', $data);
-	tem_set('extra_headers', 'show');
+	tem_set('$head'); # wysiwyg init goes in <head>
 }