b2evolution PHP Cross Reference Blogging Systems

Source: /inc/collections/coll_settings.ctrl.php - 474 lines - 15953 bytes - Text - Print

Description: This file implements the UI controller for blog params management, including permissions. This file is part of the evoCore framework - {@link http://evocore.net/} See also {@link http://sourceforge.net/projects/evocms/}.

   1  <?php
   2  /**
   3   * This file implements the UI controller for blog params management, including permissions.
   4   *
   5   * This file is part of the evoCore framework - {@link http://evocore.net/}
   6   * See also {@link http://sourceforge.net/projects/evocms/}.
   7   *
   8   * @copyright (c)2003-2014 by Francois Planque - {@link http://fplanque.com/}
   9   * Parts of this file are copyright (c)2004-2006 by Daniel HAHLER - {@link http://thequod.de/contact}.
  10   *
  11   * {@internal License choice
  12   * - If you have received this file as part of a package, please find the license.txt file in
  13   *   the same folder or the closest folder above for complete license terms.
  14   * - If you have received this file individually (e-g: from http://evocms.cvs.sourceforge.net/)
  15   *   then you must choose one of the following licenses before using the file:
  16   *   - GNU General Public License 2 (GPL) - http://www.opensource.org/licenses/gpl-license.php
  17   *   - Mozilla Public License 1.1 (MPL) - http://www.opensource.org/licenses/mozilla1.1.php
  18   * }}
  19   *
  20   * {@internal Open Source relicensing agreement:
  21   * Daniel HAHLER grants Francois PLANQUE the right to license
  22   * Daniel HAHLER's contributions to this file and the b2evolution project
  23   * under any OSI approved OSS license (http://www.opensource.org/licenses/).
  24   * }}
  25   *
  26   * @package admin
  27   *
  28   * {@internal Below is a list of authors who have contributed to design/coding of this file: }}
  29   * @author fplanque: Francois PLANQUE.
  30   *
  31   * @todo (sessions) When creating a blog, provide "edit options" (3 tabs) instead of a single long "New" form (storing the new Blog object with the session data).
  32   * @todo Currently if you change the name of a blog it gets not reflected in the blog list buttons!
  33   *
  34   * @version $Id: coll_settings.ctrl.php 6136 2014-03-08 07:59:48Z manuel $
  35   */
  36  if( !defined('EVO_MAIN_INIT') ) die( 'Please, do not access this page directly.' );
  37  
  38  
  39  // Store/retrieve preferred tab from UserSettings:
  40  $UserSettings->param_Request( 'tab', 'pref_coll_settings_tab', 'string', 'general', true /* memorize */, true /* force */ );
  41  if( $tab == 'widgets' )
  42  {    // This is another controller!
  43      require_once dirname(__FILE__).'/../widgets/widgets.ctrl.php';
  44      return;
  45  }
  46  else if( $tab == 'manage_skins' )
  47  {    // This is another controller!
  48      require_once dirname(__FILE__).'/../skins/skins.ctrl.php';
  49      return;
  50  }
  51  
  52  
  53  param_action( 'edit' );
  54  
  55  // Check permissions on requested blog and autoselect an appropriate blog if necessary.
  56  // This will prevent a fat error when switching tabs and you have restricted perms on blog properties.
  57  if( $selected = autoselect_blog( 'blog_properties', 'edit' ) ) // Includes perm check
  58  {    // We have a blog to work on:
  59  
  60      if( set_working_blog( $selected ) )    // set $blog & memorize in user prefs
  61      {    // Selected a new blog:
  62          $BlogCache = & get_BlogCache();
  63          /**
  64           * @var Blog
  65           */
  66          $Blog = & $BlogCache->get_by_ID( $blog );
  67      }
  68  
  69      /**
  70       * @var Blog
  71       */
  72      $edited_Blog = & $Blog;
  73  }
  74  else
  75  {    // We could not find a blog we have edit perms on...
  76      // Note: we may still have permission to edit categories!!
  77      // redirect to blog list:
  78      header_redirect( '?ctrl=collections' );
  79      // EXITED:
  80      $Messages->add( T_('Sorry, you have no permission to edit blog properties.'), 'error' );
  81      $action = 'nil';
  82      $tab = '';
  83  }
  84  
  85  memorize_param( 'blog', 'integer', -1 );    // Needed when generating static page for example
  86  
  87  param( 'skinpage', 'string', '' );
  88  if( $tab == 'skin' && $skinpage != 'selection' )    // If not screen selection => screen settings
  89  {
  90      $SkinCache = & get_SkinCache();
  91      /**
  92       * @var Skin
  93       */
  94      $normal_Skin = & $SkinCache->get_by_ID( $Blog->get_setting( 'normal_skin_ID' ) );
  95      $mobile_Skin = & $SkinCache->get_by_ID( $Blog->get_setting( 'mobile_skin_ID' ) );
  96      $tablet_Skin = & $SkinCache->get_by_ID( $Blog->get_setting( 'tablet_skin_ID' ) );
  97  }
  98  
  99  
 100  if( ( $tab == 'perm' || $tab == 'permgroup' )
 101      && ( empty($blog) || ! $Blog->advanced_perms ) )
 102  {    // We're trying to access advanced perms but they're disabled!
 103      $tab = 'features';    // the screen where you can enable advanced perms
 104      if( $action == 'update' )
 105      { // make sure we don't update anything here
 106          $action = 'edit';
 107      }
 108  }
 109  
 110  /**
 111   * Perform action:
 112   */
 113  switch( $action )
 114  {
 115      case 'update':
 116          // Update DB:
 117  
 118          // Check that this action request is not a CSRF hacked request:
 119          $Session->assert_received_crumb( 'collection' );
 120  
 121          // Check permissions:
 122          $current_User->check_perm( 'blog_properties', 'edit', true, $blog );
 123          $update_redirect_url = '?ctrl=coll_settings&tab='.$tab.'&blog='.$blog;
 124  
 125          switch( $tab )
 126          {
 127              case 'general':
 128              case 'urls':
 129                  if( $edited_Blog->load_from_Request( array() ) )
 130                  { // Commit update to the DB:
 131                      $edited_Blog->dbupdate();
 132                      $Messages->add( T_('The blog settings have been updated'), 'success' );
 133                      // Redirect so that a reload doesn't write to the DB twice:
 134                      header_redirect( $update_redirect_url, 303 ); // Will EXIT
 135                  }
 136                  break;
 137  
 138              case 'features':
 139              case 'comments':
 140              case 'other':
 141                  if( $edited_Blog->load_from_Request( array( $tab ) ) )
 142                  { // Commit update to the DB:
 143                      $edited_Blog->dbupdate();
 144                      $Messages->add( T_('The blog settings have been updated'), 'success' );
 145                      // Redirect so that a reload doesn't write to the DB twice:
 146                      header_redirect( $update_redirect_url, 303 ); // Will EXIT
 147                  }
 148                  break;
 149  
 150              case 'seo':
 151                  if( $edited_Blog->load_from_Request( array( 'seo' ) ) )
 152                  { // Commit update to the DB:
 153                      $edited_Blog->dbupdate();
 154                      $Messages->add( T_('The blog settings have been updated'), 'success' );
 155                      // Redirect so that a reload doesn't write to the DB twice:
 156                      header_redirect( $update_redirect_url, 303 ); // Will EXIT
 157                  }
 158                  break;
 159  
 160              case 'skin':
 161                  if( $skinpage == 'selection' )
 162                  {
 163                      if( $edited_Blog->load_from_Request( array() ) )
 164                      { // Commit update to the DB:
 165                          $edited_Blog->dbupdate();
 166                          $Messages->add( T_('The blog skin has been changed.')
 167                                              .' <a href="'.$admin_url.'?ctrl=coll_settings&amp;tab=skin&amp;blog='.$edited_Blog->ID.'">'.T_('Edit...').'</a>', 'success' );
 168                          if( ( !$Session->is_mobile_session() && !$Session->is_tablet_session() && param( 'normal_skin_ID', 'integer', NULL ) !== NULL ) ||
 169                              ( $Session->is_mobile_session() && param( 'mobile_skin_ID', 'integer', NULL ) !== NULL ) ||
 170                              ( $Session->is_tablet_session() && param( 'tablet_skin_ID', 'integer', NULL ) !== NULL ) )
 171                          {    // Redirect to blog home page if we change the skin for current device type
 172                              header_redirect( $edited_Blog->gen_blogurl() );
 173                          }
 174                          else
 175                          {    // Redirect to admin skins page if we change the skin for another device type
 176                              header_redirect( $admin_url.'?ctrl=coll_settings&tab=skin&blog='.$edited_Blog->ID );
 177                          }
 178                      }
 179                  }
 180                  else
 181                  { // Update params/Settings
 182                      $normal_Skin->load_params_from_Request();
 183                      $mobile_Skin->load_params_from_Request();
 184                      $tablet_Skin->load_params_from_Request();
 185  
 186                      if(    ! param_errors_detected() )
 187                      {    // Update settings:
 188                          $normal_Skin->dbupdate_settings();
 189                          $mobile_Skin->dbupdate_settings();
 190                          $tablet_Skin->dbupdate_settings();
 191                          $Messages->add( T_('Skin settings have been updated'), 'success' );
 192                          // Redirect so that a reload doesn't write to the DB twice:
 193                          header_redirect( $update_redirect_url, 303 ); // Will EXIT
 194                      }
 195                  }
 196                  break;
 197  
 198              case 'plugin_settings':
 199                  // Update Plugin params/Settings
 200                  load_funcs('plugins/_plugin.funcs.php');
 201  
 202                  $Plugins->restart();
 203                  while( $loop_Plugin = & $Plugins->get_next() )
 204                  {
 205                      $pluginsettings = $loop_Plugin->get_coll_setting_definitions( $tmp_params = array('for_editing'=>true) );
 206                      if( empty($pluginsettings) )
 207                      {
 208                          continue;
 209                      }
 210  
 211                      // Loop through settings for this plugin:
 212                      foreach( $pluginsettings as $set_name => $set_meta )
 213                      {
 214                          autoform_set_param_from_request( $set_name, $set_meta, $loop_Plugin, 'CollSettings', $Blog );
 215                      }
 216  
 217                      // Let plugins process settings
 218                      $Plugins->call_method( $loop_Plugin->ID, 'PluginCollSettingsUpdateAction', $tmp_params = array() );
 219                  }
 220  
 221                  if(    ! param_errors_detected() )
 222                  {    // Update settings:
 223                      $Blog->dbupdate();
 224                      $Messages->add( T_('Plugin settings have been updated'), 'success' );
 225                      // Redirect so that a reload doesn't write to the DB twice:
 226                      header_redirect( $update_redirect_url, 303 ); // Will EXIT
 227                  }
 228                  break;
 229  
 230              case 'advanced':
 231                  if( $edited_Blog->load_from_Request( array( 'pings', 'cache', 'authors', 'login', 'styles' ) ) )
 232                  { // Commit update to the DB:
 233                      if( $current_User->check_perm( 'blog_admin', 'edit', false, $edited_Blog->ID ) )
 234                      {
 235                          $cache_status = param( 'cache_enabled', 'integer', 0 );
 236                          load_funcs( 'collections/model/_blog.funcs.php' );
 237                          $result = set_cache_enabled( 'cache_enabled', $cache_status, $edited_Blog->ID, false );
 238                          if( $result != NULL )
 239                          {
 240                              list( $status, $message ) = $result;
 241                              $Messages->add( $message, $status );
 242                          }
 243                      }
 244  
 245                      $edited_Blog->dbupdate();
 246                      $Messages->add( T_('The blog settings have been updated'), 'success' );
 247                      // Redirect so that a reload doesn't write to the DB twice:
 248                      header_redirect( $update_redirect_url, 303 ); // Will EXIT
 249                  }
 250                  break;
 251  
 252              case 'perm':
 253                  blog_update_perms( $blog, 'user' );
 254                  $Messages->add( T_('The blog permissions have been updated'), 'success' );
 255                  break;
 256  
 257              case 'permgroup':
 258                  blog_update_perms( $blog, 'group' );
 259                  $Messages->add( T_('The blog permissions have been updated'), 'success' );
 260                  break;
 261          }
 262  
 263          break;
 264  
 265      case 'update_type':
 266          // Update DB:
 267  
 268          // Check that this action request is not a CSRF hacked request:
 269          $Session->assert_received_crumb( 'collection' );
 270  
 271          // Check permissions:
 272          $current_User->check_perm( 'blog_properties', 'edit', true, $blog );
 273          $update_redirect_url = '?ctrl=coll_settings&tab='.$tab.'&blog='.$blog;
 274  
 275          param( 'reset', 'boolean', '' );
 276          param( 'type', 'string', '' );
 277          param_check_not_empty( 'type', T_('Please select a type') );
 278  
 279          if( param_errors_detected() )
 280          {
 281              $action = 'type';
 282              break;
 283          }
 284  
 285          if( $reset )
 286          {    // Reset all settings
 287              // Remove previous widgets, plugin and skin settings
 288              $DB->query( 'DELETE FROM T_widget WHERE wi_coll_ID = '.$DB->quote( $edited_Blog->ID ) );
 289              $DB->query( 'DELETE FROM T_coll_settings
 290                  WHERE cset_coll_ID = '.$DB->quote( $edited_Blog->ID ).'
 291                  AND ( cset_name LIKE "skin%" OR cset_name LIKE "plugin%" )' );
 292              // ADD DEFAULT WIDGETS:
 293              load_funcs( 'widgets/_widgets.funcs.php' );
 294              insert_basic_widgets( $edited_Blog->ID, false, $type );
 295          }
 296  
 297          $edited_Blog->init_by_kind( $type, $edited_Blog->get( 'name' ), $edited_Blog->get( 'shortname' ), $edited_Blog->get( 'urlname' ) );
 298          $edited_Blog->dbupdate();
 299  
 300          $Messages->add( T_('The collection type has been updated'), 'success' );
 301          // Redirect so that a reload doesn't write to the DB twice:
 302          header_redirect( $update_redirect_url, 303 ); // Will EXIT
 303  
 304          break;
 305  }
 306  
 307  $AdminUI->set_path( 'blogs',  $tab  );
 308  
 309  
 310  /**
 311   * Display page header, menus & messages:
 312   */
 313  $AdminUI->set_coll_list_params( 'blog_properties', 'edit',
 314                                              array( 'ctrl' => 'coll_settings', 'tab' => $tab, 'action' => 'edit' ),
 315                                              T_('All'), '?ctrl=collections&amp;blog=0' );
 316  
 317  
 318  $AdminUI->breadcrumbpath_init( true );
 319  $AdminUI->breadcrumbpath_add( T_('Settings'), '?ctrl=coll_settings&amp;blog=$blog$' );
 320  switch( $AdminUI->get_path(1) )
 321  {
 322      case 'general':
 323          $AdminUI->breadcrumbpath_add( T_('General'), '?ctrl=coll_settings&amp;blog=$blog$&amp;tab='.$tab );
 324          if( $action == 'type' )
 325          {
 326              $AdminUI->breadcrumbpath_add( T_('Collection type'), '?ctrl=coll_settings&amp;blog=$blog$&amp;action=type&amp;tab='.$tab );
 327          }
 328          break;
 329  
 330      case 'features':
 331          $AdminUI->set_path( 'blogs', 'features', $tab );
 332          $AdminUI->breadcrumbpath_add( T_('Features'), '?ctrl=coll_settings&amp;blog=$blog$&amp;tab='.$tab );
 333          $AdminUI->breadcrumbpath_add( T_('Posts'), '?ctrl=coll_settings&amp;blog=$blog$&amp;tab='.$tab );
 334          break;
 335  
 336      case 'comments':
 337          $AdminUI->set_path( 'blogs', 'features', $tab );
 338          $AdminUI->breadcrumbpath_add( T_('Features'), '?ctrl=coll_settings&amp;blog=$blog$&amp;tab=features' );
 339          $AdminUI->breadcrumbpath_add( T_('Comments'), '?ctrl=coll_settings&amp;blog=$blog$&amp;tab='.$tab );
 340          break;
 341  
 342      case 'other':
 343          $AdminUI->set_path( 'blogs', 'features', $tab );
 344          $AdminUI->breadcrumbpath_add( T_('Features'), '?ctrl=coll_settings&amp;blog=$blog$&amp;tab=features' );
 345          $AdminUI->breadcrumbpath_add( T_('Other'), '?ctrl=coll_settings&amp;blog=$blog$&amp;tab='.$tab );
 346          break;
 347  
 348      case 'skin':
 349          $AdminUI->set_path( 'blogs', 'skin', 'current_skin' );
 350          $AdminUI->breadcrumbpath_add( T_('Skin'), '?ctrl=coll_settings&amp;blog=$blog$&amp;tab='.$tab );
 351          if( $skinpage == 'selection' )
 352          {
 353              $AdminUI->breadcrumbpath_add( T_('Skin selection'), '?ctrl=coll_settings&amp;blog=$blog$&amp;tab='.$tab.'&amp;skinpage=selection' );
 354          }
 355          else
 356          {
 357              init_colorpicker_js();
 358              $AdminUI->breadcrumbpath_add( T_('Settings for current skin'), '?ctrl=coll_settings&amp;blog=$blog$&amp;tab='.$tab );
 359          }
 360          break;
 361  
 362      case 'plugin_settings':
 363          $AdminUI->breadcrumbpath_add( T_('Blog specific plugin settings'), '?ctrl=coll_settings&amp;blog=$blog$&amp;tab='.$tab );
 364          break;
 365  
 366      case 'urls':
 367          $AdminUI->breadcrumbpath_add( T_('URL configuration'), '?ctrl=coll_settings&amp;blog=$blog$&amp;tab='.$tab );
 368          break;
 369  
 370      case 'seo':
 371          $AdminUI->breadcrumbpath_add( T_('SEO settings'), '?ctrl=coll_settings&amp;blog=$blog$&amp;tab='.$tab );
 372          break;
 373  
 374      case 'advanced':
 375          $AdminUI->breadcrumbpath_add( T_('Advanced settings'), '?ctrl=coll_settings&amp;blog=$blog$&amp;tab='.$tab );
 376          break;
 377  
 378      case 'perm':
 379          load_funcs( 'collections/views/_coll_perm_view.funcs.php' );
 380          $AdminUI->breadcrumbpath_add( T_('User permissions'), '?ctrl=coll_settings&amp;blog=$blog$&amp;tab='.$tab );
 381          break;
 382  
 383      case 'permgroup':
 384          load_funcs( 'collections/views/_coll_perm_view.funcs.php' );
 385          $AdminUI->breadcrumbpath_add( T_('Group permissions'), '?ctrl=coll_settings&amp;blog=$blog$&amp;tab='.$tab );
 386          break;
 387  }
 388  
 389  
 390  // Display <html><head>...</head> section! (Note: should be done early if actions do not redirect)
 391  $AdminUI->disp_html_head();
 392  
 393  // Display title, menu, messages, etc. (Note: messages MUST be displayed AFTER the actions)
 394  $AdminUI->disp_body_top();
 395  
 396  
 397  // Begin payload block:
 398  $AdminUI->disp_payload_begin();
 399  
 400  
 401  // Display VIEW:
 402  switch( $AdminUI->get_path(1) )
 403  {
 404      case 'general':
 405          if( $action == 'type' )
 406          {    // Form to change type
 407              $AdminUI->disp_view( 'collections/views/_coll_type.form.php' );
 408          }
 409          else
 410          {    // General settings of blog
 411              $next_action = 'update';
 412              $AdminUI->disp_view( 'collections/views/_coll_general.form.php' );
 413          }
 414          break;
 415  
 416      case 'features':
 417          switch( $AdminUI->get_path(2) )
 418          {
 419              case 'comments';
 420                  $AdminUI->disp_view( 'collections/views/_coll_comments.form.php' );
 421                  break;
 422              case 'other';
 423                  $AdminUI->disp_view( 'collections/views/_coll_other.form.php' );
 424                  break;
 425              default:
 426                  $AdminUI->disp_view( 'collections/views/_coll_features.form.php' );
 427                  break;
 428          }
 429          break;
 430  
 431      case 'skin':
 432          if( $skinpage == 'selection' )
 433          {
 434              $AdminUI->disp_view( 'skins/views/_coll_skin.view.php' );
 435          }
 436          else
 437          {
 438              $AdminUI->disp_view( 'skins/views/_coll_skin_settings.form.php' );
 439          }
 440          break;
 441  
 442      case 'plugin_settings':
 443          $AdminUI->disp_view( 'collections/views/_coll_plugin_settings.form.php' );
 444          break;
 445  
 446      case 'urls':
 447          $AdminUI->disp_view( 'collections/views/_coll_urls.form.php' );
 448          break;
 449  
 450      case 'seo':
 451          $AdminUI->disp_view( 'collections/views/_coll_seo.form.php' );
 452          break;
 453  
 454      case 'advanced':
 455          $AdminUI->disp_view( 'collections/views/_coll_advanced.form.php' );
 456          break;
 457  
 458      case 'perm':
 459          $AdminUI->disp_view( 'collections/views/_coll_user_perm.form.php' );
 460          break;
 461  
 462      case 'permgroup':
 463          $AdminUI->disp_view( 'collections/views/_coll_group_perm.form.php' );
 464          break;
 465  }
 466  
 467  // End payload block:
 468  $AdminUI->disp_payload_end();
 469  
 470  
 471  // Display body bottom, debug info and close </html>:
 472  $AdminUI->disp_global_footer();
 473  
 474  ?>

title

Description

title

Description

title

Description

title

title

Body