getPath( 'admin_html' ) ); require_once($mosConfig_absolute_path.'/components/com_content/content.class.php'); // get parameters from the URL or submitted form $scope = mosGetParam( $_REQUEST, 'scope', '' ); $cid = mosGetParam( $_REQUEST, 'cid', array(0) ); $section = mosGetParam( $_REQUEST, 'scope', '' ); if (!is_array( $cid )) { $cid = array(0); } switch ($task) { case 'new': editSection( 0, $scope, $option ); break; case 'edit': editSection( $cid[0], '', $option ); break; case 'editA': editSection( $id, '', $option ); break; case 'go2menu': case 'go2menuitem': case 'menulink': case 'save': case 'apply': saveSection( $option, $scope, $task ); break; case 'remove': removeSections( $cid, $scope, $option ); break; case 'copyselect': copySectionSelect( $option, $cid, $section ); break; case 'copysave': copySectionSave( $cid ); break; case 'publish': publishSections( $scope, $cid, 1, $option ); break; case 'unpublish': publishSections( $scope, $cid, 0, $option ); break; case 'cancel': cancelSection( $option, $scope ); break; case 'orderup': orderSection( $cid[0], -1, $option, $scope ); break; case 'orderdown': orderSection( $cid[0], 1, $option, $scope ); break; case 'accesspublic': accessMenu( $cid[0], 0, $option ); break; case 'accessregistered': accessMenu( $cid[0], 1, $option ); break; case 'accessspecial': accessMenu( $cid[0], 2, $option ); break; case 'saveorder': saveOrder( $cid ); break; default: showSections( $scope, $option ); break; } /** * Compiles a list of categories for a section * @param database A database connector object * @param string The name of the category section * @param string The name of the current user */ function showSections( $scope, $option ) { global $database, $my, $mainframe, $mosConfig_list_limit; $limit = $mainframe->getUserStateFromRequest( "viewlistlimit", 'limit', $mosConfig_list_limit ); $limitstart = $mainframe->getUserStateFromRequest( "view{$option}limitstart", 'limitstart', 0 ); // get the total number of records // @RawSQLUse, trivial_implementation, SELECT $database->setQuery( "SELECT count(*) FROM #__sections WHERE scope='$scope'" ); $total = $database->loadResult(); require_once( $GLOBALS['mosConfig_absolute_path'] . '/administrator/includes/pageNavigation.php' ); $pageNav = new mosPageNav( $total, $limitstart, $limit ); $query = "SELECT c.*, g.name AS groupname, u.name AS editor" . "\n FROM #__sections AS c" . "\n LEFT JOIN #__content AS cc ON c.id = cc.sectionid" . "\n LEFT JOIN #__users AS u ON u.id = c.checked_out" . "\n LEFT JOIN #__groups AS g ON g.id = c.access" . "\n WHERE scope='$scope'" . "\n GROUP BY c.id" . "\n ORDER BY c.ordering, c.name" . "\n LIMIT $pageNav->limitstart,$pageNav->limit" ; $database->setQuery( $query ); $rows = $database->loadObjectList(); if ($rows) { foreach($rows as $row) { $row->title = htmlspecialchars( str_replace( '&', '&', $row->title ) ); $row->name = htmlspecialchars( str_replace( '&', '&', $row->name ) ); } } if ($database->getErrorNum()) { echo $database->stderr(); return false; } $count = count( $rows ); // number of Active Items for ( $i = 0; $i < $count; $i++ ) { $query = "SELECT COUNT( a.id )" . "\n FROM #__categories AS a" . "\n WHERE a.section = ". $rows[$i]->id . "\n AND a.published <> '-2'" ; $database->setQuery( $query ); $active = $database->loadResult(); $rows[$i]->categories = $active; } // number of Active Items for ( $i = 0; $i < $count; $i++ ) { $query = "SELECT COUNT( a.id )" . "\n FROM #__content AS a" . "\n WHERE a.sectionid = ". $rows[$i]->id . "\n AND a.state <> '-2'" ; $database->setQuery( $query ); $active = $database->loadResult(); $rows[$i]->active = $active; } // number of Trashed Items for ( $i = 0; $i < $count; $i++ ) { $query = "SELECT COUNT( a.id )" . "\n FROM #__content AS a" . "\n WHERE a.sectionid = ". $rows[$i]->id . "\n AND a.state = '-2'" ; $database->setQuery( $query ); $trash = $database->loadResult(); $rows[$i]->trash = $trash; } sections_html::show( $rows, $scope, $my->id, $pageNav, $option ); } /** * Compiles information to add or edit a section * @param database A database connector object * @param string The name of the category section * @param integer The unique id of the category to edit (0 if new) * @param string The name of the current user */ function editSection( $uid=0, $scope='', $option ) { global $database, $my; $row = new mosSection( $database ); // load the row from the db table $row->load( $uid ); $row->title = htmlspecialchars( str_replace( '&', '&', $row->title ) ); $row->name = htmlspecialchars( str_replace( '&', '&', $row->name ) ); // fail if checked out not by 'me' if ( $row->checked_out && $row->checked_out <> $my->id ) { $msg = sprintf(T_('The section %s is currently being edited by another administrator'), $row->title); mosRedirect( 'index2.php?option='. $option .'&scope='. $row->scope .'&mosmsg='. $msg ); } if ( $uid ) { $row->checkout( $my->id ); if ( $row->id > 0 ) { $query = "SELECT *" . "\n FROM #__menu" . "\n WHERE componentid = ". $row->id . "\n AND ( type = 'content_archive_section' OR type = 'content_blog_section' OR type = 'content_section' )" ; $database->setQuery( $query ); $menus = $database->loadObjectList(); $count = count( $menus ); for( $i = 0; $i < $count; $i++ ) { switch ( $menus[$i]->type ) { case 'content_section': $menus[$i]->type = T_('Section Table'); break; case 'content_blog_section': $menus[$i]->type = T_('Section Blog'); break; case 'content_archive_section': $menus[$i]->type = T_('Section Blog Archive'); break; } } } else { $menus = array(); } } else { $row->scope = $scope; $row->published = 1; $menus = array(); } // build the html select list for section types $types[] = mosHTML::makeOption( '', T_('Select Type') ); $types[] = mosHTML::makeOption( 'content_section', T_('Section List') ); $types[] = mosHTML::makeOption( 'content_blog_section', T_('Section Blog') ); $types[] = mosHTML::makeOption( 'content_archive_section', T_('Section Archive Blog') ); $lists['link_type'] = mosHTML::selectList( $types, 'link_type', 'class="inputbox" size="1"', 'value', 'text' );; // build the html select list for ordering $query = "SELECT ordering AS value, title AS text" . "\n FROM #__sections" . "\n WHERE scope='$row->scope' ORDER BY ordering" ; $lists['ordering'] = mosAdminMenus::SpecificOrdering( $row, $uid, $query ); // build the select list for the image positions $active = ( $row->image_position ? $row->image_position : 'left' ); $lists['image_position'] = mosAdminMenus::Positions( 'image_position', $active, NULL, 0 ); // build the html select list for images $lists['image'] = mosAdminMenus::Images( 'image', $row->image ); // build the html select list for the group access $lists['access'] = mosAdminMenus::Access( $row ); // build the html radio buttons for published $lists['published'] = mosHTML::yesnoRadioList( 'published', 'class="inputbox"', $row->published ); // build the html select list for menu selection $lists['menuselect'] = mosAdminMenus::MenuSelect( ); sections_html::edit( $row, $option, $lists, $menus ); } /** * Saves the catefory after an edit form submit * @param database A database connector object * @param string The name of the category section */ function saveSection( $option, $scope, $task ) { global $database; $menu = mosGetParam( $_POST, 'menu', 'mainmenu' ); $menuid = mosGetParam( $_POST, 'menuid', 0 ); $oldtitle = mosGetParam( $_POST, 'oldtitle', null ); $row = new mosSection( $database ); if (!$row->bind( $_POST )) { echo "\n"; exit(); } if (!$row->check()) { echo "\n"; exit(); } if ( $oldtitle ) { if ( $oldtitle <> $row->title ) { // @RawSQLUse, trivial_implementation, UPDATE $database->setQuery( "UPDATE #__menu SET name='$row->title' WHERE name='$oldtitle' AND type='content_section'" ); $database->query(); } } if (!$row->store()) { echo "\n"; exit(); } $row->checkin(); $row->updateOrder( "scope='$row->scope'" ); switch ( $task ) { case 'go2menu': mosRedirect( 'index2.php?option=com_menus&menutype='. $menu ); break; case 'go2menuitem': mosRedirect( 'index2.php?option=com_menus&menutype='. $menu .'&task=edit&hidemainmenu=1&id='. $menuid ); break; case 'menulink': menuLink( $row->id ); break; case 'apply': $msg = T_('Changes to Section saved'); mosRedirect( 'index2.php?option='. $option .'&scope='. $scope .'&task=editA&hidemainmenu=1&id='. $row->id, $msg ); break; case 'save': default: $msg = T_('Section saved'); mosRedirect( 'index2.php?option='. $option .'&scope='. $scope, $msg ); break; } } /** * Deletes one or more categories from the categories table * @param database A database connector object * @param string The name of the category section * @param array An array of unique category id numbers */ function removeSections( $cid, $scope, $option ) { global $database; if (count( $cid ) < 1) { echo "\n"; exit; } $cids = implode( ',', $cid ); $query = "SELECT s.id, s.name, COUNT(c.id) AS numcat" . "\n FROM #__sections AS s" . "\n LEFT JOIN #__categories AS c ON c.section=s.id" . "\n WHERE s.id IN ($cids)" . "\n GROUP BY s.id" ; $database->setQuery( $query ); if (!($rows = $database->loadObjectList())) { echo "\n"; } $err = array(); $cid = array(); foreach ($rows as $row) { if ($row->numcat == 0) { $cid[] = $row->id; $name[] = $row->name; } else { $err[] = $row->name; } } if (count( $cid )) { $cids = implode( ',', $cid ); // @RawSQLUse, trivial_implementation, DELETE $database->setQuery( "DELETE FROM #__sections WHERE id IN ($cids)" ); if (!$database->query()) { echo "\n"; } } if (count( $err )) { $cids = implode( ', ', $err ); $msg = sprintf(T_('Sections(s): %s cannot be removed as they contain categories'), $cids); mosRedirect( 'index2.php?option='. $option .'&scope='. $scope, $msg ); } $names = implode( ', ', $name ); $msg = sprintf(T_('Section(s): %s successfully deleted'), $names); mosRedirect( 'index2.php?option='. $option .'&scope='. $scope, $msg ); } /** * Publishes or Unpublishes one or more categories * @param database A database connector object * @param string The name of the category section * @param integer A unique category id (passed from an edit form) * @param array An array of unique category id numbers * @param integer 0 if unpublishing, 1 if publishing * @param string The name of the current user */ function publishSections( $scope, $cid=null, $publish=1, $option ) { global $database, $my; if ( !is_array( $cid ) || count( $cid ) < 1 ) { $action = $publish ? T_('publish') : T_('unpublish'); echo "\n"; exit; } $cids = implode( ',', $cid ); $count = count( $cid ); if ( $publish ) { if ( !$count ){ echo "\n"; return; } } $database->setQuery( "UPDATE #__sections SET published='$publish'" . "\n WHERE id IN ($cids) AND (checked_out=0 OR (checked_out='$my->id'))" ); if (!$database->query()) { echo "\n"; exit(); } if ( $count == 1 ) { $row = new mosSection( $database ); $row->checkin( $cid[0] ); } // check if section linked to menu items if unpublishing if ( $publish == 0 ) { // @RawSQLUse, trivial_implementation, SELECT $database->setQuery( "SELECT id FROM #__menu WHERE type='content_section' AND componentid IN ($cids)" ); $menus = $database->loadObjectList(); if ($menus) { foreach ($menus as $menu) { // @RawSQLUse, trivial_implementation, UPDATE $database->setQuery( "UPDATE #__menu SET published=$publish WHERE id=$menu->id" ); $database->query(); } } } mosRedirect( 'index2.php?option='. $option .'&scope='. $scope ); } /** * Cancels an edit operation * @param database A database connector object * @param string The name of the category section * @param integer A unique category id */ function cancelSection( $option, $scope ) { global $database; $row = new mosSection( $database ); $row->bind( $_POST ); // sanitize $row->id = intval($row->id); $row->checkin(); mosRedirect( 'index2.php?option='. $option .'&scope='. $scope ); } /** * Moves the order of a record * @param integer The increment to reorder by */ function orderSection( $uid, $inc, $option, $scope ) { global $database; $row = new mosSection( $database ); $row->load( $uid ); $row->move( $inc, "scope='$row->scope'" ); mosRedirect( 'index2.php?option='. $option .'&scope='. $scope ); } /** * Form for copying item(s) to a specific menu */ function copySectionSelect( $option, $cid, $section ) { global $database; if (!is_array( $cid ) || count( $cid ) < 1) { echo "\n"; exit; } ## query to list selected categories $cids = implode( ',', $cid ); // @RawSQLUse, trivial_implementation, SELECT $query = "SELECT a.name, a.id" . "\n FROM #__categories AS a" . "\n WHERE a.section IN ( ". $cids ." )" ; $database->setQuery( $query ); $categories = $database->loadObjectList(); ## query to list items from categories // @RawSQLUse, trivial_implementation, SELECT $query = "SELECT a.title, a.id" . "\n FROM #__content AS a" . "\n WHERE a.sectionid IN ( ". $cids ." )" . "\n ORDER BY a.sectionid, a.catid, a.title" ; $database->setQuery( $query ); $contents = $database->loadObjectList(); sections_html::copySectionSelect( $option, $cid, $categories, $contents, $section ); } /** * Save the item(s) to the menu selected */ function copySectionSave( $sectionid ) { global $database; $title = mosGetParam( $_REQUEST, 'title', '' ); $contentid = mosGetParam( $_REQUEST, 'content', '' ); $categoryid = mosGetParam( $_REQUEST, 'category', '' ); // copy section $section = new mosSection ( $database ); foreach( $sectionid as $id ) { $section->load( $id ); $section->id = NULL; $section->title = $title; $section->name = $title; if ( !$section->check() ) { echo "\n"; exit(); } if ( !$section->store() ) { echo "\n"; exit(); } $section->checkin(); $section->updateOrder( "section='". $section->id ."'" ); // stores original catid $newsectids[]["old"] = $id; // pulls new catid $newsectids[]["new"] = $section->id; } $sectionMove = $section->id; // copy categories $category = new mosCategory ( $database ); foreach( $categoryid as $id ) { $category->load( $id ); $category->id = NULL; $category->section = $sectionMove; foreach( $newsectids as $newsectid ) { if ( $category->section == $newsectid["old"] ) { $category->section = $newsectid["new"]; } } if (!$category->check()) { echo "\n"; exit(); } if (!$category->store()) { echo "\n"; exit(); } $category->checkin(); $category->updateOrder( "section='". $category->section ."'" ); // stores original catid $newcatids[]["old"] = $id; // pulls new catid $newcatids[]["new"] = $category->id; } $content = new mosContent ( $database ); foreach( $contentid as $id) { $content->load( $id ); $content->id = NULL; $content->hits = 0; foreach( $newsectids as $newsectid ) { if ( $content->sectionid == $newsectid["old"] ) { $content->sectionid = $newsectid["new"]; } } foreach( $newcatids as $newcatid ) { if ( $content->catid == $newcatid["old"] ) { $content->catid = $newcatid["new"]; } } if (!$content->check()) { echo "\n"; exit(); } if (!$content->store()) { echo "\n"; exit(); } $content->checkin(); } $sectionOld = new mosSection ( $database ); $sectionOld->load( $sectionMove ); $msg = sprintf(T_('Section %s and all its Categories and Items have been copied as %s'), $sectionOld-> name, $title); mosRedirect( 'index2.php?option=com_sections&scope=content&mosmsg='. $msg ); } /** * changes the access level of a record * @param integer The increment to reorder by */ function accessMenu( $uid, $access, $option ) { global $database; $row = new mosSection( $database ); $row->load( $uid ); $row->access = $access; if ( !$row->check() ) { return $row->getError(); } if ( !$row->store() ) { return $row->getError(); } mosRedirect( 'index2.php?option='. $option .'&scope='. $row->scope ); } function menuLink( $id ) { global $database; $section = new mosSection( $database ); $section->bind( $_POST ); $section->checkin(); $menu = mosGetParam( $_POST, 'menuselect', '' ); $name = mosGetParam( $_POST, 'link_name', '' ); $type = mosGetParam( $_POST, 'link_type', '' ); switch ( $type ) { case 'content_section': $link = 'index.php?option=com_content&task=section&id='. $id; $menutype = T_('Section Table'); break; case 'content_blog_section': $link = 'index.php?option=com_content&task=blogsection&id='. $id; $menutype = T_('Section Blog'); break; case 'content_archive_section': $link = 'index.php?option=com_content&task=archivesection&id='. $id; $menutype = T_('Section Blog Archive'); break; } $row = new mosMenu( $database ); $row->menutype = $menu; $row->name = $name; $row->type = $type; $row->published = 1; $row->componentid = $id; $row->link = $link; $row->ordering = 9999; if (!$row->check()) { echo "\n"; exit(); } if (!$row->store()) { echo "\n"; exit(); } $row->checkin(); $row->updateOrder( 'scope="'. $row->scope .'"' ); $msg = sprintf(T_('%s ( %s ) in menu: %s successfully created'), $name, $menutype, $menu); mosRedirect( 'index2.php?option=com_sections&scope=content&task=editA&hidemainmenu=1&id='. $id, $msg ); } function saveOrder( &$cid ) { global $database; $order = mosGetParam( $_POST, 'order', array(0) ); $row = new mosMenu( $database ); $scopes = array(); // update ordering values foreach ($cid as $i=>$ciditem) { $row->load( $ciditem ); if ($row->ordering != $order[$i]) { $row->ordering = $order[$i]; if (!$row->store()) { echo "\n"; exit(); } // remember to updateOrder this group $scopes[$row->scope] = $row->id; } } // execute updateOrder for each group foreach ($scopes as $scope=>$rowid) { $row->updateOrder("scope = '$scope'"); } // foreach $msg = T_('New ordering saved'); mosRedirect( 'index2.php?option=com_sections&scope=content', $msg ); } // saveOrder ?>