setPageTitle(); // ##### DB --------------------------------------------------------------------------------------- require_once(HEADERF); //db : content create if(isset($_POST['create_content'])){ //content submit if(isset($qs[1]) && $qs[1] == "submit"){ if($_POST['content_text'] && $_POST['content_heading'] && $_POST['parent'] != "none" && $_POST['content_author_name'] != "" && $_POST['content_author_email'] != ""){ $adb -> dbContent("create", "submit"); }else{ $message = CONTENT_ADMIN_SUBMIT_LAN_4; } //content create (manager) }elseif(isset($qs[1]) && $qs[1] == "create"){ if($_POST['content_text'] && $_POST['content_heading'] && $_POST['parent'] != "none"){ $adb -> dbContent("create", "contentmanager"); }else{ $message = CONTENT_ADMIN_ITEM_LAN_0; } } } //db : content update if(isset($_POST['update_content'])){ if($_POST['content_text'] && $_POST['content_heading'] && $_POST['parent'] != "none"){ $adb -> dbContent("update", "contentmanager"); }else{ $message = CONTENT_ADMIN_ITEM_LAN_0; } } //db : content delete if(isset($_POST['delete'])){ $tmp = array_pop(array_flip($_POST['delete'])); list($delete, $del_id) = explode("_", $tmp); } if($delete == 'content' && is_numeric($del_id)){ if($sql -> db_Delete($plugintable, "content_id='$del_id' ")){ $message = CONTENT_ADMIN_ITEM_LAN_3; $e107cache->clear("content"); } } //render message if(isset($message)){ $ns -> tablerender("", "

".$message."

"); } //db : returned messages //content item submitted (with direct posting) if(isset($qs[0]) && $qs[0] == "s"){ $message = CONTENT_ADMIN_SUBMIT_LAN_2."

".CONTENT_ADMIN_SUBMIT_LAN_5; $ns -> tablerender("", "

".$message."

"); require_once(FOOTERF); exit; //content item submitted and reviewed in due course (without direct posting) }elseif(isset($qs[0]) && $qs[0] == "d"){ $message = CONTENT_ADMIN_SUBMIT_LAN_3."

".CONTENT_ADMIN_SUBMIT_LAN_5; $ns -> tablerender("", "

".$message."

"); require_once(FOOTERF); exit; //content item created (personal/category manager) }elseif(isset($qs[0]) && $qs[0] == "c"){ $message = CONTENT_ADMIN_ITEM_LAN_1."

".CONTENT_ADMIN_ITEM_LAN_55; $ns -> tablerender("", "

".$message."

"); require_once(FOOTERF); exit; //content item updated (personal/category manager) }elseif(isset($qs[0]) && $qs[0] == "u"){ $message = CONTENT_ADMIN_ITEM_LAN_2."

".CONTENT_ADMIN_ITEM_LAN_55; $ns -> tablerender("", "

".$message."

"); require_once(FOOTERF); exit; } if(!e_QUERY){ //show content manager/submit options if(USER){ $aform -> show_contentmanager("edit", USERID, USERNAME); require_once(FOOTERF); exit; }else{ header("location:".$plugindir."content.php"); exit; } }else{ //validate permissions if(isset($qs[1]) && ($qs[1]=='edit' || $qs[1]=='sa') ){ //on the edit page, the query id holds the content item's id number //we need to get the category (parent) of the content item first //this is both on the 'edit' page as well as on the 'post submitted' page. if(!$sql -> db_Select($plugintable, "content_id, content_parent", "content_id='".intval($qs[2])."' ")){ //not a valid item, so redirect header("location: ".e_SELF); exit; }else{ $row = $sql -> db_Fetch(); //parent can be '0' (top level) or '0.X (subcategory) if(strpos($row['content_parent'], ".")){ $id = substr($row['content_parent'],2); }else{ $id = $row['content_parent']; } } }else{ //on other pages in the manager either $qs[2] or $qs[1] holds the category id number if(isset($qs[2]) && is_numeric($qs[2]) ){ $id = intval($qs[2]); }elseif(isset($qs[1]) && is_numeric($qs[1]) ){ $id = intval($qs[1]); } } if(!isset($id)){ header("location: ".e_SELF); exit; } //get preferences for this category $content_pref = $aa->getContentPref($id); //if inherit is used in the manager, we need to get the preferences from the core plugin table default preferences //and use those preferences in the permissions check. if( varsettrue($content_pref['content_manager_inherit']) ){ $sql -> db_Select("core", "e107_value", "e107_name='$plugintable' "); $row = $sql -> db_Fetch(); $content_pref = $eArrayStorage->ReadArray($row['e107_value']); } $content_pref = $aa->parseConstants($content_pref); //now we can check the permissions for this user $personalmanagercheck = FALSE; if( (isset($content_pref["content_manager_approve"]) && check_class($content_pref["content_manager_approve"])) || (isset($content_pref["content_manager_personal"]) && check_class($content_pref["content_manager_personal"])) || (isset($content_pref["content_manager_category"]) && check_class($content_pref["content_manager_category"])) || (isset($content_pref["content_manager_submit"]) && check_class($content_pref["content_manager_submit"])) ){ $personalmanagercheck = TRUE; //user is not allowed here, redirect to content frontpage }else{ header("location:".$plugindir."content.php"); exit; } //show list of items in this category if(isset($qs[0]) && $qs[0] == "content" && is_numeric($qs[1])){ $aform -> show_manage_content("contentmanager", USERID, USERNAME); //content create (manager) }elseif(isset($qs[0]) && $qs[0] == "content" && $qs[1] == "create" && is_numeric($qs[2])){ $aform -> show_create_content("contentmanager", USERID, USERNAME); //content create (submit) }elseif(isset($qs[0]) && $qs[0]=="content" && $qs[1] == "submit" && is_numeric($qs[2]) && !isset($qs[3])){ $aform -> show_create_content("submit", USERID, USERNAME); //content edit }elseif(isset($qs[0]) && $qs[0] == "content" && $qs[1] == "edit" && is_numeric($qs[2])){ $aform -> show_create_content("contentmanager", USERID, USERNAME); //display list of submitted content items }elseif(isset($qs[0]) && $qs[0] == "content" && $qs[1] == "approve" && is_numeric($qs[2])){ //$aform -> show_submitted("contentmanager", USERID, USERNAME, $qs[2]); $aform -> show_submitted($qs[2]); //approve/post submitted content item }elseif(isset($qs[0]) && $qs[0] == "content" && $qs[1] == "sa" && is_numeric($qs[2]) ){ $newqs = array_reverse($qs); //item; submit post / update redirect if($newqs[0] == "cu"){ $mainparent = $aa -> getMainParent($qs[2]); $message = CONTENT_ADMIN_ITEM_LAN_117."

"; $message .= CONTENT_ADMIN_ITEM_LAN_88." ".CONTENT_ADMIN_ITEM_LAN_90."
"; $message .= CONTENT_ADMIN_ITEM_LAN_89." ".CONTENT_ADMIN_ITEM_LAN_90."
"; $message .= CONTENT_ADMIN_ITEM_LAN_91." ".CONTENT_ADMIN_ITEM_LAN_90."
"; $message .= CONTENT_ADMIN_ITEM_LAN_124." ".CONTENT_ADMIN_ITEM_LAN_90.""; $ns -> tablerender("", "

".$message."

"); require_once(e_ADMIN."footer.php"); exit; } $aform -> show_create_content("sa", USERID, USERNAME); }else{ header("location:".e_SELF); exit; } } require_once(FOOTERF); ?>