0) && ($_order > 0) && ($_parent > 0)) { $sql->db_Update("user_extended_struct", "user_extended_struct_order=user_extended_struct_order+1 WHERE user_extended_struct_type > 0 AND user_extended_struct_parent = {$_parent} AND user_extended_struct_order ='".($_order-1)."'"); $sql->db_Update("user_extended_struct", "user_extended_struct_order=user_extended_struct_order-1 WHERE user_extended_struct_type > 0 AND user_extended_struct_parent = {$_parent} AND user_extended_struct_id='".$_id."'"); $admin_log->log_event('EUF_01',$_id.', '.$_order.', '.$_parent,E_LOG_INFORMATIVE,''); } } if (isset($_POST['down_x'])) { $qs = explode(".", $_POST['id']); $_id = intval($qs[0]); $_order = intval($qs[1]); $_parent = intval($qs[2]); if (($_id > 0) && ($_order > 0) && ($_parent > 0)) { $sql->db_Update("user_extended_struct", "user_extended_struct_order=user_extended_struct_order-1 WHERE user_extended_struct_type > 0 AND user_extended_struct_parent = {$_parent} AND user_extended_struct_order='".($_order+1)."'"); $sql->db_Update("user_extended_struct", "user_extended_struct_order=user_extended_struct_order+1 WHERE user_extended_struct_type > 0 AND user_extended_struct_parent = {$_parent} AND user_extended_struct_id='".$_id."'"); $admin_log->log_event('EUF_02',$_id.', '.$_order.', '.$_parent,E_LOG_INFORMATIVE,''); } } if (isset($_POST['catup_x'])) { $qs = explode(".", $_POST['id']); $_id = intval($qs[0]); $_order = intval($qs[1]); if (($_id > 0) && ($_order > 0)) { $sql->db_Update("user_extended_struct", "user_extended_struct_order=user_extended_struct_order+1 WHERE user_extended_struct_type = 0 AND user_extended_struct_order='".($_order-1)."'"); $sql->db_Update("user_extended_struct", "user_extended_struct_order=user_extended_struct_order-1 WHERE user_extended_struct_type = 0 AND user_extended_struct_id='".$_id."'"); $admin_log->log_event('EUF_03',$_id.', '.$_order,E_LOG_INFORMATIVE,''); } } if (isset($_POST['catdown_x'])) { $qs = explode(".", $_POST['id']); $_id = intval($qs[0]); $_order = intval($qs[1]); if (($_id > 0) && ($_order > 0)) { $sql->db_Update("user_extended_struct", "user_extended_struct_order=user_extended_struct_order-1 WHERE user_extended_struct_type = 0 AND user_extended_struct_order='".($_order+1)."'"); $sql->db_Update("user_extended_struct", "user_extended_struct_order=user_extended_struct_order+1 WHERE user_extended_struct_type = 0 AND user_extended_struct_id='".$_id."'"); $admin_log->log_event('EUF_04',$_id.', '.$_order,E_LOG_INFORMATIVE,''); } } if (isset($_POST['add_field'])) { $ue_field_name = str_replace(' ','_',trim($_POST['user_field'])); // Replace space with underscore - better security if (preg_match('#^\w+$#',$ue_field_name) === 1) // Check for allowed characters, finite field length { if($_POST['user_type']==EUF_DB_FIELD) { $_POST['user_values'] = array($_POST['table_db'],$_POST['field_id'],$_POST['field_value'],$_POST['field_order']); } $new_values = $user->make_delimited($_POST['user_values']); $new_parms = $tp->toDB($_POST['user_include']."^,^".$_POST['user_regex']."^,^".$_POST['user_regexfail']."^,^".$_POST['user_hide']); // Check to see if its a reserved field name before adding to database if ($ue->user_extended_reserved($ue_field_name)) { // Reserved field name $message = "[user_".$tp->toHTML($ue_field_name)."] ".EXTLAN_74; } else { $result = admin_update($ue->user_extended_add($ue_field_name, $tp->toDB($_POST['user_text']), intval($_POST['user_type']), $new_parms, $new_values, $tp->toDB($_POST['user_default']), intval($_POST['user_required']), intval($_POST['user_read']), intval($_POST['user_write']), intval($_POST['user_applicable']), 0, intval($_POST['user_parent'])), 'insert', EXTLAN_29); if(!$result) { $message = EXTLAN_75; } else { $admin_log->log_event('EUF_05',$ue_field_name.'[!br!]'.$tp->toDB($_POST['user_text']).'[!br!]'.intval($_POST['user_type']),E_LOG_INFORMATIVE,''); } } } else { $message = EXTLAN_76." : ".$tp->toHTML($ue_field_name); } } if (isset($_POST['update_field'])) { if($_POST['user_type']==EUF_DB_FIELD) { $_POST['user_values'] = array($_POST['table_db'],$_POST['field_id'],$_POST['field_value'],$_POST['field_order']); } $upd_values = $user->make_delimited($_POST['user_values']); $upd_parms = $tp->toDB($_POST['user_include']."^,^".$_POST['user_regex']."^,^".$_POST['user_regexfail']."^,^".$_POST['user_hide']); admin_update($ue->user_extended_modify($sub_action, $tp->toDB($_POST['user_field']), $tp->toDB($_POST['user_text']), intval($_POST['user_type']), $upd_parms, $upd_values, $tp->toDB($_POST['user_default']), intval($_POST['user_required']), intval($_POST['user_read']), intval($_POST['user_write']), intval($_POST['user_applicable']), intval($_POST['user_parent'])), 'update', EXTLAN_29); $admin_log->log_event('EUF_06',$tp->toDB($_POST['user_field']).'[!br!]'.$tp->toDB($_POST['user_text']).'[!br!]'.intval($_POST['user_type']),E_LOG_INFORMATIVE,''); } if (isset($_POST['update_category'])) { $name = trim($tp->toHTML($_POST['user_field'])); admin_update($sql->db_Update("user_extended_struct","user_extended_struct_name = '{$name}', user_extended_struct_read = '{$_POST['user_read']}', user_extended_struct_write = '{$_POST['user_write']}', user_extended_struct_applicable = '{$_POST['user_applicable']}' WHERE user_extended_struct_id = '{$sub_action}'"), 'update', EXTLAN_43); $admin_log->log_event('EUF_09',$name,E_LOG_INFORMATIVE,''); } if (isset($_POST['add_category'])) { $name = $tp->toHTML($_POST['user_field']); admin_update($sql->db_Insert("user_extended_struct","'0', '{$name}', '', 0, '', '', '', '{$_POST['user_read']}', '{$_POST['user_write']}', '0', '0', '{$_POST['user_applicable']}', '0', '0'"), 'insert', EXTLAN_40); $admin_log->log_event('EUF_08',$name,E_LOG_INFORMATIVE,''); } // Delete category if (varset($_POST['eu_action'],'') == "delcat") { list($_id, $_name) = explode(",",$_POST['key']); if (count($ue->user_extended_get_fields($_id)) > 0) { $message = EXTLAN_77; } elseif($ue->user_extended_remove($_id, $_name)) { $admin_log->log_event('EUF_10',$_id.', '.$_name,E_LOG_INFORMATIVE,''); $message = EXTLAN_41; } } if(isset($_POST['activate'])) { $message .= $user->field_activate(); } if(isset($_POST['deactivate'])) { $message .= $user->field_deactivate(); } if($sql->db_Select("user_extended_struct","DISTINCT(user_extended_struct_parent)")) { $plist = $sql->db_getList(); foreach($plist as $_p) { $o = 0; if($sql->db_Select("user_extended_struct", "user_extended_struct_id", "user_extended_struct_parent = {$_p['user_extended_struct_parent']} && user_extended_struct_type != 0 ORDER BY user_extended_struct_order ASC")) { $_list = $sql->db_getList(); foreach($_list as $r) { $sql->db_Update("user_extended_struct", "user_extended_struct_order = '{$o}' WHERE user_extended_struct_id = {$r['user_extended_struct_id']}"); $o++; } } } } if($message) { $emessage = eMessage::getInstance(); $emessage->add($message, E_MESSAGE_SUCCESS); // $ns->tablerender("", "
".$message."
"); } if(isset($_POST['table_db']) && !$_POST['add_field'] && !$_POST['update_field']) { $action = "continue"; $current['user_extended_struct_name'] = $_POST['user_field']; $current['user_extended_struct_parms'] = $_POST['user_include']."^,^".$_POST['user_regex']."^,^".$_POST['user_regexfail']."^,^".$_POST['user_hide']; $current['user_extended_struct_text'] = $_POST['user_text']; $current['user_extended_struct_type'] = $_POST['user_type']; $user->show_extended($current); } if ($action == "editext") { if($sql->db_Select('user_extended_struct','*',"user_extended_struct_id = '{$sub_action}'")) { $tmp = $sql->db_Fetch(); $user->show_extended($tmp); } else { $user->show_extended('new'); } } if($action == 'pre') { $user->show_predefined(); } if($action == 'cat') { if(is_numeric($sub_action)) { if($sql->db_Select('user_extended_struct','*',"user_extended_struct_id = '{$sub_action}'")) { $tmp = $sql->db_Fetch(); } } $user->show_categories($tmp); } require_once("footer.php"); class users_ext { var $catList; var $catNums; function users_ext() { global $action,$ue; if (varset($_POST['eudel'],'')) { foreach($_POST['eudel'] as $id=>$name) { $this->delete_extended($id,$name); } } $this->catList = $ue->user_extended_get_categories(); $this->catList[0][0] = array('user_extended_struct_name' => EXTLAN_36); $this->catNums = array_keys($this->catList); if (!e_QUERY || $action == 'main') { $this->showExtendedList(); } } function delete_extended($_id,$_name) { global $ue,$admin_log; $emessage = eMessage::getInstance(); if ($ue->user_extended_remove($_id, $_name)) { $admin_log->log_event('EUF_07',$_id.', '.$_name, E_LOG_INFORMATIVE,''); $emessage->add(EXTLAN_30." [".$_name."]", E_MESSAGE_SUCCESS); } else { $emessage->add(LAN_ERROR." [".$_name."]", E_MESSAGE_ERROR); } } function showExtendedList() { global $sql, $ns, $ue, $curtype, $tp, $mySQLdefaultdb, $action, $sub_action,$frm; // $catList = $ue->user_extended_get_categories(); // $catList[0][0] = array('user_extended_struct_name' => EXTLAN_36); // $catNums = array_keys($catList); $extendedList = $ue->user_extended_get_fields(); $emessage = &eMessage::getInstance(); $text = $emessage->render() ; $mode = 'show'; $text .= "
"; foreach($this->catNums as $cn) { $i=0; $category_name = $this->catList[$cn][0]['user_extended_struct_name']; if(count($extendedList[$cn])) // Show current extended fields { foreach($extendedList[$cn] as $ext) { $name = $ext['user_extended_struct_name']; $fname = "user_".$name; $id = $ext['user_extended_struct_id']; $uVal = str_replace(chr(1), "", $ext['user_extended_struct_default']); // Is this right? $text .= " "; $i++; } } else { $text .= " "; } } //Show add/edit form $text .= "
".EXTLAN_1." ".EXTLAN_79." ".EXTLAN_2." ".EXTLAN_44." ".EXTLAN_4." ".EXTLAN_5." ".EXTLAN_6." ".EXTLAN_7." ".EXTLAN_8."
{$ext['user_extended_struct_name']} ".$tp->toHTML($ext['user_extended_struct_text'], FALSE, "defs")." ".$ue->user_extended_edit($ext,$uVal)." ".$category_name." ".($ext['user_extended_struct_required'] == 1 ? LAN_YES : LAN_NO)." ".r_userclass_name($ext['user_extended_struct_applicable'])." ".r_userclass_name($ext['user_extended_struct_read'])." ".r_userclass_name($ext['user_extended_struct_write'])." "; if($i > 0) { $text .= ""; } if($i <= count($extendedList[$cn])-2) { $text .= ""; } $text .= " ".ADMIN_EDIT_ICON."
".EXTLAN_28."
"; $emessage = eMessage::getInstance(); $ns->tablerender(EXTLAN_9,$text); } function show_extended($current = '') // Show existing fields List. { global $sql, $ns, $ue, $curtype, $tp, $mySQLdefaultdb, $action, $sub_action,$frm; if($current == 'new') { $mode = 'new'; $current = array(); $current_include = ''; $current_regex = ''; $current_regexfail = ''; $current_hide = ''; } else { // Editing existing definition $mode = 'edit'; list($current_include, $current_regex, $current_regexfail, $current_hide) = explode("^,^",$current['user_extended_struct_parms']); } $text .= "
"; $text .= " "; $text .= ""; $text .= " "; $text .= "
".EXTLAN_10.": user_"; if(is_array($current) && $current['user_extended_struct_name']) { $text .= $current['user_extended_struct_name']." "; } else { $text .= " "; } $text .= "
".EXTLAN_11."
".EXTLAN_12.":
".EXTLAN_13."
".EXTLAN_14."
".EXTLAN_3." "; // Start of Values --------------------------------- $val_hide = ($current['user_extended_struct_type'] != 4) ? "visible" : "none"; $text .= "
\n"; $text .= "
\n"; $curVals = explode(",",$current['user_extended_struct_values']); if(count($curVals) == 0){ $curVals[]=''; } $i=0; foreach($curVals as $v){ $id = $i ? "" : " id='value_line'"; $i++; $text .= "
"; } $text .= "

".EXTLAN_17."
"; // End of Values. -------------------------------------- $db_hide = ($current['user_extended_struct_type'] == 4) ? "visible" : "none"; $text .= "
\n"; $text .= ""; if($_POST['table_db'] || $curVals[0]) { // Field ID $text .= ""; } $text .= "
"; $text .= EXTLAN_62."
".EXTLAN_63."
"; // Field Value $text .= EXTLAN_64."
"; $text .= LAN_ORDER."
"; // --------------------------------------------------------- $text .= "
".EXTLAN_16."
".EXTLAN_15."
".EXTLAN_51."
".EXTLAN_52."
".EXTLAN_53."
".EXTLAN_54."
".EXTLAN_55."
".EXTLAN_44."
".EXTLAN_18."
".EXTLAN_19."
".EXTLAN_5." ".r_userclass("user_applicable", $current['user_extended_struct_applicable'], 'off', 'member, admin, classes, nobody')."
".EXTLAN_20."
".EXTLAN_6." ".r_userclass("user_read", $current['user_extended_struct_read'], 'off', 'public, member, admin, readonly, classes')."
".EXTLAN_22."
".EXTLAN_7." ".r_userclass("user_write", $current['user_extended_struct_write'], 'off', 'member, admin, classes')."
".EXTLAN_21."
".EXTLAN_49."
".EXTLAN_50."
"; // if ((!is_array($current) || $action == "continue") && $sub_action == "") if ((($mode == 'new') || $action == "continue") && $sub_action == "") { $text .= $frm->admin_button('add_field', EXTLAN_23); } else { $text .= $frm->admin_button('update_field', EXTLAN_24,'update'). $frm->admin_button('cancel', EXTLAN_33); } $text .= "
"; // $text .= ""; $emessage = eMessage::getInstance(); $ns->tablerender(EXTLAN_9,$emessage->render().$text); } function show_categories($current) { global $sql, $ns, $ue, $frm; $text = "
"; $text .= " "; $catList = $ue->user_extended_get_categories(FALSE); if(count($catList)) { // Show current categories $i=0; foreach($catList as $ext) { if ($ext['user_extended_struct_order'] != $i) { $ext['user_extended_struct_order'] = $i; $xID=$ext['user_extended_struct_id']; $sql->db_Update("user_extended_struct", "user_extended_struct_order=$i WHERE user_extended_struct_type = 0 AND user_extended_struct_id=$xID"); } $text .= " "; $i++; } } else { $text .= " "; } //Show add/edit form $text .= "
".EXTLAN_1." ".EXTLAN_5." ".EXTLAN_6." ".EXTLAN_7."   ".EXTLAN_8."
{$ext['user_extended_struct_name']} ".r_userclass_name($ext['user_extended_struct_applicable'])." ".r_userclass_name($ext['user_extended_struct_read'])." ".r_userclass_name($ext['user_extended_struct_write'])."
"; if($i > 0) { $text .= " "; } if($i <= count($catList)-2) { $text .= ""; } $text .= "
".ADMIN_EDIT_ICON."
".EXTLAN_37."
"; $text .= "

"; $text .= "
".EXTLAN_38.":
".EXTLAN_11."
".EXTLAN_5." ".r_userclass("user_applicable", $current['user_extended_struct_applicable'], 'off', 'member, admin, classes')."
".EXTLAN_20."
".EXTLAN_6." ".r_userclass("user_read", $current['user_extended_struct_read'], 'off', 'public, member, admin, classes, readonly')."
".EXTLAN_22."
".EXTLAN_7." ".r_userclass("user_write", $current['user_extended_struct_write'], 'off', 'member, admin, classes')."
".EXTLAN_21."
"; $text .= "
"; if (!is_array($current)) { $text .= $frm->admin_button('add_category', EXTLAN_39); } else { $text .= $frm->admin_button('update_category', EXTLAN_42,'update'). $frm->admin_button('cancel', EXTLAN_33); } // ======= end added by Cam. $text .= "
"; $ns->tablerender(EXTLAN_9, $text); } function show_options($action) { if ($action == "") { $action = "main"; } $var['main']['text'] = EXTLAN_34; $var['main']['link'] = e_SELF; $var['editext']['text'] = EXTLAN_45; $var['editext']['link'] = e_SELF."?editext"; $var['cat']['text'] = EXTLAN_35; $var['cat']['link'] = e_SELF."?cat"; $var['pre']['text'] = EXTLAN_56; $var['pre']['link'] = e_SELF."?pre"; show_admin_menu(EXTLAN_9, $action, $var); } function make_delimited($var) { global $tp; foreach($var as $k => $v) { $var[$k] = $tp->toDB(trim($v)); $var[$k] = str_replace(",", "[E_COMMA]", $var[$k]); if($var[$k] == "") { unset($var[$k]); } } $ret = implode(",", $var); return $ret; } function show_predefined() { global $tp, $ns, $ue, $sql, $frm; // Get list of current extended fields $curList = $ue->user_extended_get_fieldlist(); foreach($curList as $c) { $curNames[] = $c['user_extended_struct_name']; } //Get list of predefined fields. $preList = $ue->parse_extended_xml('getfile'); ksort($preList); $txt = "
"; foreach($preList as $k=>$a) { if($k !='version') // don't know why this is appearing in the array. { $active = (in_array($a['name'], $curNames)) ? TRUE : FALSE; $txt .= $this->show_predefined_field($a,$active); } } $txt .= "
".UE_LAN_21." ".EXTLAN_79." ".EXTLAN_2." ".UE_LAN_22." ".EXTLAN_57." ".LAN_OPTIONS."
"; $emessage = eMessage::getInstance(); $ns->tablerender(EXTLAN_56,$emessage->render(). $txt); require_once('footer.php'); exit; } function show_predefined_field($var, $active) { global $tp,$ue, $frm; static $head_shown; $txt = ""; foreach($var as $key=>$val) // convert predefined xml to default array format { $var['user_extended_struct_'.$key] = $val; } $var['user_extended_struct_type'] = $ue->typeArray[$var['user_extended_struct_type']]; $var['user_extended_struct_parms'] = $var['include_text']; $txt .= " {$var['user_extended_struct_name']} ".constant(strtoupper($var['user_extended_struct_text'])."_DESC")." ".$ue->user_extended_edit($var,$uVal)." ".$tp->toHTML($var['type'], false, 'defs')." ".($active ? ADMIN_TRUE_ICON : " ")." "; // $txt .= constant("UE_LAN_".strtoupper($var['text'])."DESC")."
"; // foreach($showlist as $f) // { // if($var[$f] != "" && $f != 'type' && $f !='text') // { // $txt .= "{$f}: ".$tp->toHTML($var[$f], false, 'defs')."
"; // } // } $val = (!$active) ? EXTLAN_59 : EXTLAN_60; $type = (!$active) ? 'activate' : 'deactivate'; ; $txt .= " "; $txt .= $frm->admin_button($type."[".$var['user_extended_struct_name']."]", $val); $txt .= " "; return $txt; } function field_activate() { global $ue, $ns, $tp, $admin_log; $ret = ""; $preList = $ue->parse_extended_xml('getfile'); $tmp = $preList; foreach(array_keys($_POST['activate']) as $f) { $tmp[$f]['parms'] = $tp->toDB($tmp[$f]['parms']); if($ue->user_extended_add($tmp[$f])) { $ret .= EXTLAN_68." $f ".EXTLAN_69."
"; if ($tmp[$f]['type']=="db field") { if (is_readable(e_ADMIN.'sql/extended_'.$f.'.php')) { $ret .= ($this->process_sql($f)) ? LAN_CREATED." user_extended_{$f}
" : LAN_CREATED_FAILED." user_extended_{$f}
"; } else { $ret .= str_replace('--FILE--',e_ADMIN.'sql/extended_'.$f.'.php',EXTLAN_78); } } } else { $ret .= EXTLAN_70." $f ".EXTLAN_71."
"; } } $admin_log->log_event('EUF_11',implode(', ',$_POST['activate']),E_LOG_INFORMATIVE,''); return $ret; } function field_deactivate() { global $ue, $ns, $tp, $sql, $admin_log; $ret = ""; foreach(array_keys($_POST['deactivate']) as $f) { if($ue->user_extended_remove($f, $f)) { $ret .= EXTLAN_68." $f ".EXTLAN_72."
"; if(is_readable(e_ADMIN."sql/extended_".$f.".php")){ $ret .= (mysql_query("DROP TABLE ".MPREFIX."user_extended_".$f)) ? LAN_DELETED." user_extended_".$f."
" : LAN_DELETED_FAILED." user_extended_".$f."
"; } } else { $ret .= EXTLAN_70." $f ".EXTLAN_73."
"; } } $admin_log->log_event('EUF_12',implode(', ',$_POST['deactivate']),E_LOG_INFORMATIVE,''); return $ret; } function process_sql($f) { global $sql; $filename = e_ADMIN."sql/extended_".$f.".php"; $fd = fopen ($filename, "r"); $sql_data = fread($fd, filesize($filename)); fclose ($fd); $search[0] = "CREATE TABLE "; $replace[0] = "CREATE TABLE ".MPREFIX; $search[1] = "INSERT INTO "; $replace[1] = "INSERT INTO ".MPREFIX; preg_match_all("/create(.*?)myisam;/si", $sql_data, $creation); foreach($creation[0] as $tab){ $query = str_replace($search,$replace,$tab); if(!mysql_query($query)){ $error = TRUE; } } preg_match_all("/insert(.*?);/si", $sql_data, $inserts); foreach($inserts[0] as $ins){ $qry = str_replace($search,$replace,$ins); if(!mysql_query($qry)){ $error = TRUE; } } return ($error) ? FALSE : TRUE; } }// end class function users_extended_adminmenu() { global $user, $action, $ns, $curtype, $action; $user->show_options($action); if($action == 'editext' || $action == 'continue') { $ns->tablerender(EXTLAN_46." -  ", "
 
"); echo ""; } } function headerjs() { //FIXME include_once(e_LANGUAGEDIR.e_LANGUAGE."/lan_user_extended.php"); $text = " "; global $cal; $text .= $cal->load_files(); echo $text; } ?>