mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-07-31 03:40:37 +02:00
Code Issues Releases Wiki Activity

Submitnews token added and set access to 'Members' during installation.

Browse Source
This commit is contained in:
Cameron
2013-07-12 03:21:27 -07:00
parent 7a70f27629
commit 62f178f9bb
5 changed files with 72 additions and 76 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
e107_admin/image.php
View File

@@ -993,6 +993,11 @@ class media_admin_ui extends e_admin_ui
$options = array(); $options = array();
$options['bbcode'] = ($this->getQuery('bbcode')=='img') ? 'img' : FALSE; $options['bbcode'] = ($this->getQuery('bbcode')=='img') ? 'img' : FALSE;
if($this->getQuery('for') == '_icon')
{
// $options['glyphs'] = true;
}
$text = " $text = "
@@ -1005,6 +1010,17 @@ class media_admin_ui extends e_admin_ui
$text .= "<li><a data-toggle='tab' href='#core-media-style'>Appearance</a></li>\n"; $text .= "<li><a data-toggle='tab' href='#core-media-style'>Appearance</a></li>\n";
} }
if(varset($options['glyphs']))
{
$text .= "<li><a data-toggle='tab' href='#core-media-glyphs'>Glyphs</a></li>\n";
}
if(varset($options['bbcode']))
{
$text .= "<li><a data-toggle='tab' href='#core-media-style'>Appearance</a></li>\n";
}
if(varset($_GET['from'])) if(varset($_GET['from']))
{ {
$options['from'] .= intval($_GET['from']); $options['from'] .= intval($_GET['from']);
@@ -1120,6 +1136,20 @@ class media_admin_ui extends e_admin_ui
</div> </div>
</div>"; </div>";
} }
if(varset($options['glyphs']))
{
//TODO
$text .= "<div class='tab-pane' id='core-media-glyphs'>
</div>
";
}
$text .= "</div>"; $text .= "</div>";
// For BBCODE mode. //TODO image-float. // For BBCODE mode. //TODO image-float.

2
e107_admin/menus.php
View File

@@ -11,6 +11,8 @@
if(isset($_GET['configure'])) if(isset($_GET['configure']))
{ {
//Switch to Front-end //Switch to Front-end
$_GET['configure'] = preg_replace('[^a-z0-9_-]','',$_GET['configure']);
define("USER_AREA", true); define("USER_AREA", true);
//Switch to desired layout //Switch to desired layout
define('THEME_LAYOUT', $_GET['configure']); define('THEME_LAYOUT', $_GET['configure']);

4
e107_core/xml/default_install.xml
View File

@@ -239,8 +239,8 @@ City, State, Country
<core name="social_login_active">0</core> <core name="social_login_active">0</core>
<core name="social_login"><![CDATA[array()]]></core> <core name="social_login"><![CDATA[array()]]></core>
<core name="ssl_enabled">0</core> <core name="ssl_enabled">0</core>
<core name="subnews_attach"></core> <core name="subnews_attach">253</core>
<core name="subnews_class">0</core> <core name="subnews_class">253</core>
<core name="subnews_htmlarea">0</core> <core name="subnews_htmlarea">0</core>
<core name="subnews_resize"></core> <core name="subnews_resize"></core>
<core name="themecss">canvas.css</core> <core name="themecss">canvas.css</core>

5
e107_handlers/form_handler.php
View File

@@ -240,7 +240,7 @@ class e_form
} }
$mlength = vartrue($maxlength) ? "maxlength=".$maxlength : ""; $mlength = vartrue($maxlength) ? "maxlength=".$maxlength : "";
$options = $this->format_options('text', $name, $options); $options = $this->format_options('text', $name, $options);
//never allow id in format name-value for text fields //never allow id in format name-value for text fields
return "<input type='text' name='{$name}' value='{$value}' {$mlength} ".$this->get_attributes($options, $name)." />"; return "<input type='text' name='{$name}' value='{$value}' {$mlength} ".$this->get_attributes($options, $name)." />";
@@ -873,7 +873,8 @@ class e_form
* IMPORTANT: $$mediaCat is also used is the media-manager category identifier * IMPORTANT: $$mediaCat is also used is the media-manager category identifier
*/ */
function bbarea($name, $value, $template = '', $mediaCat='_common', $size = 'large', $options = array()) function bbarea($name, $value, $template = '', $mediaCat='_common', $size = 'large', $options = array())
{ {
if(is_string($options)) parse_str($options, $options);
//size - large|medium|small //size - large|medium|small
//width should be explicit set by current admin theme //width should be explicit set by current admin theme
$size = 'input-large'; $size = 'input-large';

107
submitnews.php
View File

@@ -8,6 +8,12 @@
* *
*/ */
if(!empty($_POST) && !isset($_POST['e-token']))
{
// set e-token so it can be processed by class2
$_POST['e-token'] = '';
}
require_once("class2.php"); require_once("class2.php");
include_lan(e_LANGUAGEDIR.e_LANGUAGE.'/lan_'.e_PAGE); include_lan(e_LANGUAGEDIR.e_LANGUAGE.'/lan_'.e_PAGE);
@@ -109,10 +115,16 @@ if (isset($_POST['submitnews_submit']) && $_POST['submitnews_title'] && $_POST['
if ($submitnews_error === FALSE) if ($submitnews_error === FALSE)
{ {
$sql->db_Insert("submitnews", "0, '$submitnews_user', '$submitnews_email', '$submitnews_title', '".intval($_POST['cat_id'])."', '$submitnews_item', '".time()."', '$ip', '0', '".implode(',',$submitnews_filearray)."' "); $sql->insert("submitnews", "0, '$submitnews_user', '$submitnews_email', '$submitnews_title', '".intval($_POST['cat_id'])."', '$submitnews_item', '".time()."', '$ip', '0', '".implode(',',$submitnews_filearray)."' ");
$edata_sn = array("user" => $submitnews_user, "email" => $submitnews_email, "itemtitle" => $submitnews_title, "catid" => intval($_POST['cat_id']), "item" => $submitnews_item, "image" => $submitnews_file, "ip" => $ip); $edata_sn = array("user" => $submitnews_user, "email" => $submitnews_email, "itemtitle" => $submitnews_title, "catid" => intval($_POST['cat_id']), "item" => $submitnews_item, "image" => $submitnews_file, "ip" => $ip);
$e_event->trigger("subnews", $edata_sn); $e_event->trigger("subnews", $edata_sn);
$ns->tablerender(LAN_133, "<div style='text-align:center'>".LAN_134."</div>");
$mes = e107::getMessage();
$mes->addSuccess(LAN_134);
echo $mes->render();
// $ns->tablerender(LAN_133, "<div style='text-align:center'>".LAN_134."</div>");
require_once(FOOTERF); require_once(FOOTERF);
exit; exit;
} }
@@ -131,27 +143,27 @@ $text = "
if (!empty($pref['news_subheader'])) if (!empty($pref['news_subheader']))
{ {
$text .= " $text .= "
<tr> <tr>
<td colspan='2' class='forumheader3'>".$tp->toHTML($pref['news_subheader'], TRUE, "TITLE")."<br /></td> <td colspan='2' class='forumheader3'>".$tp->toHTML($pref['news_subheader'], TRUE, "TITLE")."<br /></td>
</tr>"; </tr>";
} }
if (!USER) if (!USER)
{ {
$text .= " $text .= "
<tr> <tr>
<td style='width:20%' class='forumheader3'>".LAN_7."</td> <td style='width:20%' class='forumheader3'>".LAN_7."</td>
<td style='width:80%' class='forumheader3'> <td style='width:80%' class='forumheader3'>
<input class='tbox' type='text' name='submitnews_name' size='60' value='".$tp->toHTML($submitnews_user,FALSE,'USER_TITLE')."' maxlength='100' required /> <input class='tbox' type='text' name='submitnews_name' size='60' value='".$tp->toHTML($submitnews_user,FALSE,'USER_TITLE')."' maxlength='100' required />
</td> </td>
</tr> </tr>
<tr> <tr>
<td style='width:20%' class='forumheader3'>".LAN_112."</td> <td style='width:20%' class='forumheader3'>".LAN_112."</td>
<td style='width:80%' class='forumheader3'> <td style='width:80%' class='forumheader3'>
<input class='tbox' type='text' name='submitnews_email' size='60' value='".$tp->toHTML($submitnews_email, FALSE, 'LINKTEXT')."' maxlength='100' required /> <input class='tbox' type='text' name='submitnews_email' size='60' value='".$tp->toHTML($submitnews_email, FALSE, 'LINKTEXT')."' maxlength='100' required />
</td> </td>
</tr>"; </tr>";
} }
$text .= " $text .= "
@@ -187,39 +199,11 @@ $text .= "
<tr> <tr>
<td style='width:20%' class='forumheader3'>".LAN_135."</td> <td style='width:20%' class='forumheader3'>".LAN_135."</td>
<td style='width:80%' class='forumheader3'> <td style='width:80%' class='forumheader3'>
".e107::getForm()->bbarea('submitnews_item', $tp->toForm(vartrue($_POST['submitnews_item'])))." ".e107::getForm()->bbarea('submitnews_item', $tp->toForm(vartrue($_POST['submitnews_item'])),null, null, 'large', 'required=1')."
</td> </td>
</tr> </tr>
"; ";
/*
if (e_WYSIWYG)
{
$insertjs = "rows='25'";
}
else
{
require_once(e_HANDLER."ren_help.php");
$insertjs = "rows='15' onselect='storeCaret(this);' onclick='storeCaret(this);' onkeyup='storeCaret(this);'";
}
$text .= "
<tr>
<td style='width:20%' class='forumheader3'>".LAN_135."</td>
<td style='width:80%' class='forumheader3'>
<textarea class='e-wysiwyg tbox' id='submitnews_item' name='submitnews_item' cols='80' style='max-width:95%' {$insertjs}>".$tp->toForm(vartrue($_POST['submitnews_item']),TRUE,'USER_BODY')."</textarea><br />";
// toHTML is dangerous.
if (!e_WYSIWYG)
{
$text .= display_help("helpb","submitnews");
}
$text .= "
</td>
</tr>";
*/
if ($pref['subnews_attach'] && $pref['upload_enabled'] && check_class($pref['upload_class']) && FILE_UPLOADS) if ($pref['subnews_attach'] && $pref['upload_enabled'] && check_class($pref['upload_class']) && FILE_UPLOADS)
{ {
$text .= " $text .= "
@@ -235,6 +219,7 @@ $text .= "
<tr> <tr>
<td colspan='2' style='text-align:center' class='forumheader'> <td colspan='2' style='text-align:center' class='forumheader'>
<input class='btn btn-success button' type='submit' name='submitnews_submit' value='".LAN_136."' /> <input class='btn btn-success button' type='submit' name='submitnews_submit' value='".LAN_136."' />
<input type='hidden' name='e-token' value='".e_TOKEN."' />
</td> </td>
</tr> </tr>
</table> </table>
@@ -242,31 +227,9 @@ $text .= "
</div>"; </div>";
$ns->tablerender(LAN_136, $text); $ns->tablerender(LAN_136, $text);
require_once(FOOTERF); require_once(FOOTERF);
function headerjs()
{
$adder = "";
if (e_WYSIWYG) $adder = 'tinyMCE.triggerSave();';
$script = "
<script type=\"text/javascript\">
function frmVerify()
{
{$adder}
if(document.getElementById('submitnews_title').value == \"\")
{
alert('".SUBNEWSLAN_1."');
return false;
}
if(document.getElementById('submitnews_item').value == \"\")
{
alert('".SUBNEWSLAN_2."');
return false;
}
}
</script>";
return $script;
}
?> ?>