inc/modules/admin/what-adminedit.php

   1 <?php
   2 /************************************************************************
   3  * MXChange v0.2.1                                    Start: 09/05/2003 *
   4  * ===============                              Last change: 12/13/2004 *
   5  *                                                                      *
   6  * -------------------------------------------------------------------- *
   7  * File              : what-adminedit.php                               *
   8  * -------------------------------------------------------------------- *
   9  * Short description : Edit the admin menu                              *
  10  * -------------------------------------------------------------------- *
  11  * Kurzbeschreibung  : Das Admin-Menue editieren                        *
  12  * -------------------------------------------------------------------- *
  13  *                                                                      *
  14  * -------------------------------------------------------------------- *
  15  * Copyright (c) 2003 - 2008 by Roland Haeder                           *
  16  * For more information visit: http://www.mxchange.org                  *
  17  *                                                                      *
  18  * This program is free software; you can redistribute it and/or modify *
  19  * it under the terms of the GNU General Public License as published by *
  20  * the Free Software Foundation; either version 2 of the License, or    *
  21  * (at your option) any later version.                                  *
  22  *                                                                      *
  23  * This program is distributed in the hope that it will be useful,      *
  24  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
  25  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
  26  * GNU General Public License for more details.                         *
  27  *                                                                      *
  28  * You should have received a copy of the GNU General Public License    *
  29  * along with this program; if not, write to the Free Software          *
  30  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
  31  * MA  02110-1301  USA                                                  *
  32  ************************************************************************/
  33
  34 // Some security stuff...
  35 if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN()))
  36 {
  37         $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
  38         require($INC);
  39 }
  40 // Add description as navigation point
  41 ADD_DESCR("admin", basename(__FILE__));
  42
  43 // Do we edit/delete/change main menus or sub menus?
  44 $AND = "what = ''"; $SUB = "";
  45 if (!empty($_GET['sub']))
  46 {
  47         $AND = sprintf("action='%s'", SQL_ESCAPE($_GET['sub']));
  48         $SUB = SQL_ESCAPE($_GET['sub']);
  49 }
  50
  51 // Get count of (maybe) selected menu points
  52 $chk = 0;
  53 if (!empty($_POST['sel'])) $chk = SELECTION_COUNT($_POST['sel']);
  54
  55 OPEN_TABLE("100%", "admin_content admin_content_align", "");
  56
  57 // List all menu points and make them editable
  58 OUTPUT_HTML("<br /><br /></FONT>
  59 <DIV align=\"center\">");
  60 if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO()))
  61 {
  62         // Edit menu entries
  63         define('__SUB_VALUE', $SUB);
  64         define('__CHK_VALUE', $chk);
  65         $cnt = 0; $SW = 2;
  66         foreach ($_POST['sel'] as $sel=>$confirm)
  67         {
  68                 if ($confirm == 1)
  69                 {
  70                         $cnt++;
  71                         $result = SQL_QUERY_ESC("SELECT title, action, what, descr FROM "._MYSQL_PREFIX."_admin_menu WHERE ".$AND." AND id=%d LIMIT 1",
  72                          array(bigintval($sel)), __FILE__, __LINE__);
  73                         if (SQL_NUMROWS($result) == 1)
  74                         {
  75                                 // Entry found so we load the stuff...
  76                                 list($menu, $act, $wht, $descr) = SQL_FETCHROW($result);
  77                                 SQL_FREERESULT($result);
  78
  79                                 // Prepare data for the row template
  80                                 $content = array(
  81                                         'action' => ADMIN_MAKE_MENU_SELECTION("admin", "action", "sel_action[".$sel."]", $act),
  82                                         'what'   => ADMIN_MAKE_MENU_SELECTION("admin", "what", "sel_what[".$sel."]", $wht),
  83                                         'sw'     => $SW,
  84                                         'sel'    => $sel,
  85                                         'menu'   => $menu,
  86                                         'descr'  => $descr,
  87                                         'cnt'    => $cnt,
  88                                 );
  89                                 $OUT .= LOAD_TEMPLATE("admin_amenu_edit_row", true, $content);
  90                         }
  91                          else
  92                         {
  93                                 // Entry not found?
  94                                 $content = array(
  95                                         'sw'  => $SW,
  96                                         'sel' => $sel
  97                                 );
  98                                 $OUT .= LOAD_TEMPLATE("admin_menu_404_row", true, $content);
  99                         }
 100                         $SW = 3 - $SW;
 101                 }
 102         }
 103         define('__MENU_ROWS', $OUT);
 104         define('__CNT_VALUE', $cnt);
 105
 106         // Load template
 107         LOAD_TEMPLATE("admin_amenu_edit_form");
 108 }
 109  elseif ((isset($_POST['del'])) && (!IS_DEMO()))
 110 {
 111         define('__SUB_VALUE', $SUB);
 112         define('__CHK_VALUE', $chk);
 113         // Del menu entries with or without confirmation
 114         $SW = 2; $cnt = 0; $OUT = "";
 115         foreach ($_POST['sel'] as $sel=>$confirm)
 116         {
 117                 if ($confirm == 1)
 118                 {
 119                         $cnt++;
 120                         $result = SQL_QUERY_ESC("SELECT title FROM "._MYSQL_PREFIX."_admin_menu WHERE ".$AND." AND id=%d LIMIT 1",
 121                          array(bigintval($sel)), __FILE__, __LINE__);
 122                         if (SQL_NUMROWS($result) == 1)
 123                         {
 124                                 // Entry found so we load the stuff...
 125                                 list($menu) = SQL_FETCHROW($result);
 126                                 SQL_FREERESULT($result);
 127
 128                                 // Prepare data for the row template
 129                                 $content = array(
 130                                         'menu' => $menu,
 131                                         'cnt'  => $cnt,
 132                                         'sel'  => $sel,
 133                                         'sw'   => $SW
 134                                 );
 135                                 $OUT .= LOAD_TEMPLATE("admin_amenu_delete_row", true, $content);
 136                         }
 137                          else
 138                         {
 139                                 // Entry not found?
 140                                 $content = array(
 141                                         'sw'  => $SW,
 142                                         'sel' => $sel
 143                                 );
 144                                 $OUT .= LOAD_TEMPLATE("admin_menu_404_row", true, $content);
 145                         }
 146                         $SW = 3 - $SW;
 147                 }
 148         }
 149         define('__MENU_ROWS', $OUT);
 150         define('__CNT_VALUE', $cnt);
 151
 152         // Load template
 153         LOAD_TEMPLATE("admin_amenu_delete");
 154 }
 155  elseif ((isset($_POST['ok'])) && (!IS_DEMO()))
 156 {
 157         // An action is done...
 158         switch ($_POST['ok'])
 159         {
 160         case "edit": // Edit menu
 161                 foreach ($_POST['sel'] as $sel=>$menu)
 162                 {
 163                         // Secure ID
 164                         $sel = bigintval($sel);
 165
 166                         // Update entry
 167                         $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admin_menu SET
 168 title='%s',
 169 action='%s',
 170 what='%s',
 171 descr='%s'
 172 WHERE ".$AND." AND id=%d LIMIT 1",
 173  array(
 174         $menu,
 175         $_POST['sel_action'][$sel],
 176         $_POST['sel_what'][$sel],
 177         addslashes($_POST['sel_desc'][$sel]),
 178         $sel,
 179 ), __FILE__, __LINE__);
 180                 }
 181                 LOAD_TEMPLATE("admin_data_saved");
 182                 break;
 183
 184         case "del": // Delete menu
 185                 foreach ($_POST['sel'] as $sel=>$menu)
 186                 {
 187                         $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_admin_menu WHERE ".$AND." AND id=%d LIMIT 1",
 188                          array(bigintval($sel)), __FILE__, __LINE__);
 189                 }
 190                 LOAD_TEMPLATE("admin_data_saved");
 191                 break;
 192
 193         default: // Unexpected action
 194                 define('__OK_VALUE', $_POST['ok']);
 195                 LOAD_TEMPLATE("admin_menu_unknown_okay");
 196                 break;
 197         }
 198 }
 199  else
 200 {
 201         if ((!empty($_GET['act'])) && (!empty($_GET['tid'])) && (!empty($_GET['fid'])))
 202         {
 203                 // Get IDs
 204                 if (!empty($_GET['w']))
 205                 {
 206                         // Sub menus selected
 207                         $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_admin_menu WHERE action='%s' AND sort='%s' LIMIT 1",
 208                          array($_GET['act'], bigintval($_GET['tid'])), __FILE__, __LINE__);
 209                         list($tid) = SQL_FETCHROW($result);
 210                         SQL_FREERESULT($result);
 211                         $result = SQL_QUERY("SELECT id FROM "._MYSQL_PREFIX."_admin_menu WHERE action='%s' AND sort='%s' LIMIT 1",
 212                          array($_GET['act'], bigintval($_GET['fid'])), __FILE__, __LINE__);
 213                         list($fid) = SQL_FETCHROW($result);
 214                         SQL_FREERESULT($result);
 215                 }
 216                  else
 217                 {
 218                         // Main menu selected
 219                         $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_admin_menu WHERE (what='' OR what IS NULL) AND sort='%s' LIMIT 1",
 220                          array(bigintval($_GET['tid'])), __FILE__, __LINE__);
 221                         list($tid) = SQL_FETCHROW($result);
 222                         SQL_FREERESULT($result);
 223                         $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_admin_menu WHERE (what='' OR what IS NULL) AND sort='%s' LIMIT 1",
 224                          array(bigintval($_GET['fid'])), __FILE__, __LINE__);
 225                         list($fid) = SQL_FETCHROW($result);
 226                         SQL_FREERESULT($result);
 227                 }
 228
 229                 if ((!empty($tid)) && (!empty($fid)))
 230                 {
 231                         // Sort menu
 232                         $result_sort = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admin_menu SET sort='%s' WHERE ".$AND." AND id=%d LIMIT 1",
 233                          array(bigintval($_GET['tid']), bigintval($fid)), __FILE__, __LINE__);
 234                         $result_sort = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admin_menu SET sort='%s' WHERE ".$AND." AND id=%d LIMIT 1",
 235                          array(bigintval($_GET['fid']), bigintval($tid)), __FILE__, __LINE__);
 236                 }
 237         }
 238
 239         // By default list menus
 240         if (!empty($SUB))
 241         {
 242                 // Sub menus of a main menu
 243                 $result = SQL_QUERY_ESC("SELECT id, action, what, title, sort FROM "._MYSQL_PREFIX."_admin_menu WHERE action='%s' AND what != '' ORDER BY sort ASC",
 244                  array($SUB), __FILE__, __LINE__);
 245         }
 246          else
 247         {
 248                 // Main menus
 249                 $result = SQL_QUERY("SELECT id, action, what, title, sort FROM "._MYSQL_PREFIX."_admin_menu WHERE (what='' OR what IS NULL) ORDER BY sort ASC", __FILE__, __LINE__);
 250         }
 251         $max = SQL_NUMROWS($result);
 252         if ($max > 0)
 253         {
 254                 define('__SUB_VALUE', $SUB);
 255                 $SW = 2; $cnt = 0; $OUT = "";
 256                 while (list($id, $act, $wht, $title, $sort) = SQL_FETCHROW($result))
 257                 {
 258                         $cnt++;
 259                         if (($sort == 0) || (($sort == 1) && (!empty($SUB))))
 260                         {
 261                                 // Is highest position
 262                                 $NAVI = "<A href=\"".URL."/modules.php?module=admin&amp;what=adminedit&amp;sub=".$SUB."&amp;act=".$act."&amp;w=".$wht."&amp;tid=".($sort+1)."&amp;fid=".$sort."\">".LOWER."</A>";
 263                         }
 264                          elseif ($cnt == $max)
 265                         {
 266                                 // Is lowest position
 267                                 $NAVI = "<A href=\"".URL."/modules.php?module=admin&amp;what=adminedit&amp;sub=".$SUB."&amp;act=".$act."&amp;w=".$wht."&amp;tid=".($sort-1)."&amp;fid=".$sort."\">".HIGHER."</A>";
 268                         }
 269                          elseif ($sort > 0)
 270                         {
 271                                 // Anything else between highest and lowest
 272                                 $NAVI = "<A href=\"".URL."/modules.php?module=admin&amp;what=adminedit&amp;sub=".$SUB."&amp;act=".$act."&amp;w=".$wht."&amp;tid=".($sort-1)."&amp;fid=".$sort."\">".HIGHER."</A>/<A href=\"".URL."/modules.php?module=admin&amp;what=adminedit&amp;sub=".$SUB."&amp;act=".$act."&amp;w=".$wht."&amp;tid=".($sort+1)."&amp;fid=".$sort."\">".LOWER."</A>";
 273                         }
 274
 275                         if (empty($act)) $act = "&nbsp;";
 276                         if (empty($wht))   $wht   = "&nbsp;";
 277                         if (empty($title))  $title  = "&nbsp;";
 278
 279                         $content = array(
 280                                 'sw'     => $SW,
 281                                 'id'     => $id,
 282                                 'action' => $act,
 283                                 'what'   => $wht,
 284                                 'title'  => $title,
 285                                 'navi'   => $NAVI,
 286                                 'mode'   => "admin",
 287                         );
 288                         $OUT .= LOAD_TEMPLATE("admin_menu_overview_row", true, $content);
 289                         $SW = 3 - $SW;
 290                 }
 291
 292                 // Free memory
 293                 SQL_FREERESULT($result);
 294                 define('__MENU_ROWS', $OUT);
 295
 296                 // Load template
 297                 LOAD_TEMPLATE("admin_amenu_edit");
 298         }
 299          else
 300         {
 301                 // Menu entries are missing... (???)
 302                 LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_NO_MENUS_FOUND);
 303         }
 304 }
 305 OUTPUT_HTML("</DIV>");
 306 CLOSE_TABLE();
 307 //
 308 ?>