2 /* |
2 /* |
3 Plugin Name: Runt - the Enano administration panel |
3 Plugin Name: Runt - the Enano administration panel |
4 Plugin URI: http://enanocms.org/ |
4 Plugin URI: http://enanocms.org/ |
5 Description: Provides the page Special:Administration, which is the AJAX frontend to the various Admin pagelets. This plugin cannot be disabled. |
5 Description: Provides the page Special:Administration, which is the AJAX frontend to the various Admin pagelets. This plugin cannot be disabled. |
6 Author: Dan Fuhry |
6 Author: Dan Fuhry |
7 Version: 1.0.1 |
7 Version: 1.0.2 |
8 Author URI: http://enanocms.org/ |
8 Author URI: http://enanocms.org/ |
9 */ |
9 */ |
10 |
10 |
11 /* |
11 /* |
12 * Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between |
12 * Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between |
13 * Version 1.0.2 (Coblynau) |
13 * Version 1.1.1 |
14 * Copyright (C) 2006-2007 Dan Fuhry |
14 * Copyright (C) 2006-2007 Dan Fuhry |
15 * |
15 * |
16 * This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License |
16 * This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License |
17 * as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. |
17 * as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. |
18 * |
18 * |
46 |
46 |
47 // function names are IMPORTANT!!! The name pattern is: page_<namespace ID>_<page URLname, without namespace> |
47 // function names are IMPORTANT!!! The name pattern is: page_<namespace ID>_<page URLname, without namespace> |
48 |
48 |
49 function page_Admin_Home() { |
49 function page_Admin_Home() { |
50 global $db, $session, $paths, $template, $plugins; // Common objects |
50 global $db, $session, $paths, $template, $plugins; // Common objects |
|
51 global $lang; |
51 if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) |
52 if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) |
52 { |
53 { |
53 echo '<h3>Error: Not authenticated</h3><p>It looks like your administration session is invalid or you are not authorized to access this administration page. Please <a href="' . makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true) . '">re-authenticate</a> to continue.</p>'; |
54 $login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true); |
|
55 echo '<h3>' . $lang->get('adm_err_not_auth_title') . '</h3>'; |
|
56 echo '<p>' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '</p>'; |
54 return; |
57 return; |
55 } |
58 } |
56 |
59 |
57 // Basic information |
60 // Basic information |
58 echo RenderMan::render( |
61 echo RenderMan::render( |
113 |
116 |
114 } |
117 } |
115 |
118 |
116 function page_Admin_GeneralConfig() { |
119 function page_Admin_GeneralConfig() { |
117 global $db, $session, $paths, $template, $plugins; // Common objects |
120 global $db, $session, $paths, $template, $plugins; // Common objects |
|
121 global $lang; |
118 if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) |
122 if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) |
119 { |
123 { |
120 echo '<h3>Error: Not authenticated</h3><p>It looks like your administration session is invalid or you are not authorized to access this administration page. Please <a href="' . makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true) . '">re-authenticate</a> to continue.</p>'; |
124 $login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true); |
|
125 echo '<h3>' . $lang->get('adm_err_not_auth_title') . '</h3>'; |
|
126 echo '<p>' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '</p>'; |
121 return; |
127 return; |
122 } |
128 } |
123 |
129 |
124 if(isset($_POST['submit']) && !defined('ENANO_DEMO_MODE') ) |
130 if(isset($_POST['submit']) && !defined('ENANO_DEMO_MODE') ) |
125 { |
131 { |
200 if ( $strength >= -10 && $strength <= 30 ) |
206 if ( $strength >= -10 && $strength <= 30 ) |
201 { |
207 { |
202 $strength = strval($strength); |
208 $strength = strval($strength); |
203 setConfig('pw_strength_minimum', $strength); |
209 setConfig('pw_strength_minimum', $strength); |
204 } |
210 } |
|
211 |
|
212 // Account lockout policy |
|
213 if ( preg_match('/^[0-9]+$/', $_POST['lockout_threshold']) ) |
|
214 setConfig('lockout_threshold', $_POST['lockout_threshold']); |
|
215 |
|
216 if ( preg_match('/^[0-9]+$/', $_POST['lockout_duration']) ) |
|
217 setConfig('lockout_duration', $_POST['lockout_duration']); |
|
218 |
|
219 if ( in_array($_POST['lockout_policy'], array('disable', 'captcha', 'lockout')) ) |
|
220 setConfig('lockout_policy', $_POST['lockout_policy']); |
205 |
221 |
206 echo '<div class="info-box">Your changes to the site configuration have been saved.</div><br />'; |
222 echo '<div class="info-box">Your changes to the site configuration have been saved.</div><br />'; |
207 |
223 |
208 } |
224 } |
209 else if ( isset($_POST['submit']) && defined('ENANO_DEMO_MODE') ) |
225 else if ( isset($_POST['submit']) && defined('ENANO_DEMO_MODE') ) |
342 |
358 |
343 <tr> |
359 <tr> |
344 <td class="row1">Account activation:</td><td class="row1"> |
360 <td class="row1">Account activation:</td><td class="row1"> |
345 <?php |
361 <?php |
346 echo '<label><input'; if(getConfig('account_activation') == 'disable') echo ' checked="checked"'; echo ' type="radio" name="account_activation" value="disable" /> Disable registration</label><br />'; |
362 echo '<label><input'; if(getConfig('account_activation') == 'disable') echo ' checked="checked"'; echo ' type="radio" name="account_activation" value="disable" /> Disable registration</label><br />'; |
347 echo '<label><input'; if(getConfig('account_activation') != 'user' && getConfig('account_activation') != 'admin') echo ' checked="checked"'; echo ' type="radio" name="account_activation" value="none" /> None</label>'; |
363 echo '<label><input'; if(getConfig('account_activation') != 'user' && getConfig('account_activation') != 'admin' && getConfig('account_activation') != 'disable') echo ' checked="checked"'; echo ' type="radio" name="account_activation" value="none" /> None</label>'; |
348 echo '<label><input'; if(getConfig('account_activation') == 'user') echo ' checked="checked"'; echo ' type="radio" name="account_activation" value="user" /> User</label>'; |
364 echo '<label><input'; if(getConfig('account_activation') == 'user') echo ' checked="checked"'; echo ' type="radio" name="account_activation" value="user" /> User</label>'; |
349 echo '<label><input'; if(getConfig('account_activation') == 'admin') echo ' checked="checked"'; echo ' type="radio" name="account_activation" value="admin" /> Admin</label>'; |
365 echo '<label><input'; if(getConfig('account_activation') == 'admin') echo ' checked="checked"'; echo ' type="radio" name="account_activation" value="admin" /> Admin</label>'; |
350 ?> |
366 ?> |
351 </td> |
367 </td> |
352 </tr> |
368 </tr> |
|
369 |
|
370 <!-- Account lockout --> |
|
371 |
|
372 <tr><th colspan="2">Account lockouts</th></tr> |
|
373 |
|
374 <tr><td class="row3" colspan="2">Configure Enano to prevent or restrict logins for a specified period of time if a user enters an incorrect password a specific number of times.</td></tr> |
|
375 |
|
376 <tr> |
|
377 <td class="row2">Lockout threshold:<br /> |
|
378 <small>How many times can a user enter wrong credentials before a lockout goes into effect?</small> |
|
379 </td> |
|
380 <td class="row2"> |
|
381 <input type="text" name="lockout_threshold" value="<?php echo ( $_ = getConfig('lockout_threshold') ) ? $_ : '5' ?>" /> |
|
382 </td> |
|
383 </tr> |
|
384 |
|
385 <tr> |
|
386 <td class="row1">Lockout duration:<br /> |
|
387 <small>This is how long an account lockout should last, in minutes.</small> |
|
388 </td> |
|
389 <td class="row1"> |
|
390 <input type="text" name="lockout_duration" value="<?php echo ( $_ = getConfig('lockout_duration') ) ? $_ : '15' ?>" /> |
|
391 </td> |
|
392 </tr> |
|
393 |
|
394 <tr> |
|
395 <td class="row2">Lockout policy:<br /> |
|
396 <small>What should be done when a lockout goes into effect?</small> |
|
397 </td> |
|
398 <td class="row2"> |
|
399 <label><input type="radio" name="lockout_policy" value="disable" <?php if ( getConfig('lockout_policy') == 'disable' ) echo 'checked="checked"'; ?> /> Don't do anything</label><br /> |
|
400 <label><input type="radio" name="lockout_policy" value="captcha" <?php if ( getConfig('lockout_policy') == 'captcha' ) echo 'checked="checked"'; ?> /> Require visual confirmation</label><br /> |
|
401 <label><input type="radio" name="lockout_policy" value="lockout" <?php if ( getConfig('lockout_policy') == 'lockout' || !getConfig('lockout_policy') ) echo 'checked="checked"'; ?> /> Prevent all login attempts</label> |
|
402 </td> |
|
403 </tr> |
|
404 |
|
405 <!-- Password strength --> |
353 |
406 |
354 <tr><th colspan="2">Password strength</th></tr> |
407 <tr><th colspan="2">Password strength</th></tr> |
355 |
408 |
356 <tr> |
409 <tr> |
357 <td class="row2"> |
410 <td class="row2"> |
462 } |
515 } |
463 |
516 |
464 function page_Admin_UploadConfig() |
517 function page_Admin_UploadConfig() |
465 { |
518 { |
466 global $db, $session, $paths, $template, $plugins; // Common objects |
519 global $db, $session, $paths, $template, $plugins; // Common objects |
|
520 global $lang; |
467 if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) |
521 if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) |
468 { |
522 { |
469 echo '<h3>Error: Not authenticated</h3><p>It looks like your administration session is invalid or you are not authorized to access this administration page. Please <a href="' . makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true) . '">re-authenticate</a> to continue.</p>'; |
523 $login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true); |
|
524 echo '<h3>' . $lang->get('adm_err_not_auth_title') . '</h3>'; |
|
525 echo '<p>' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '</p>'; |
470 return; |
526 return; |
471 } |
527 } |
472 |
528 |
473 if(isset($_POST['save'])) |
529 if(isset($_POST['save'])) |
474 { |
530 { |
579 echo '</form>'; |
635 echo '</form>'; |
580 } |
636 } |
581 |
637 |
582 function page_Admin_PluginManager() { |
638 function page_Admin_PluginManager() { |
583 global $db, $session, $paths, $template, $plugins; // Common objects |
639 global $db, $session, $paths, $template, $plugins; // Common objects |
|
640 global $lang; |
584 if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) |
641 if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) |
585 { |
642 { |
586 echo '<h3>Error: Not authenticated</h3><p>It looks like your administration session is invalid or you are not authorized to access this administration page. Please <a href="' . makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true) . '">re-authenticate</a> to continue.</p>'; |
643 $login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true); |
|
644 echo '<h3>' . $lang->get('adm_err_not_auth_title') . '</h3>'; |
|
645 echo '<p>' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '</p>'; |
587 return; |
646 return; |
588 } |
647 } |
589 |
648 |
590 if(isset($_GET['action'])) |
649 if(isset($_GET['action'])) |
591 { |
650 { |
720 } |
779 } |
721 |
780 |
722 function page_Admin_UploadAllowedMimeTypes() |
781 function page_Admin_UploadAllowedMimeTypes() |
723 { |
782 { |
724 global $db, $session, $paths, $template, $plugins; // Common objects |
783 global $db, $session, $paths, $template, $plugins; // Common objects |
|
784 global $lang; |
725 if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) |
785 if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) |
726 { |
786 { |
727 echo '<h3>Error: Not authenticated</h3><p>It looks like your administration session is invalid or you are not authorized to access this administration page. Please <a href="' . makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true) . '">re-authenticate</a> to continue.</p>'; |
787 $login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true); |
|
788 echo '<h3>' . $lang->get('adm_err_not_auth_title') . '</h3>'; |
|
789 echo '<p>' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '</p>'; |
728 return; |
790 return; |
729 } |
791 } |
730 |
792 |
731 global $mime_types, $mimetype_exps, $mimetype_extlist; |
793 global $mime_types, $mimetype_exps, $mimetype_extlist; |
732 if(isset($_POST['save']) && !defined('ENANO_DEMO_MODE')) |
794 if(isset($_POST['save']) && !defined('ENANO_DEMO_MODE')) |
783 } |
845 } |
784 |
846 |
785 function page_Admin_Sidebar() |
847 function page_Admin_Sidebar() |
786 { |
848 { |
787 global $db, $session, $paths, $template, $plugins; // Common objects |
849 global $db, $session, $paths, $template, $plugins; // Common objects |
|
850 global $lang; |
788 if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) |
851 if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) |
789 { |
852 { |
790 echo '<h3>Error: Not authenticated</h3><p>It looks like your administration session is invalid or you are not authorized to access this administration page. Please <a href="' . makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true) . '">re-authenticate</a> to continue.</p>'; |
853 $login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true); |
|
854 echo '<h3>' . $lang->get('adm_err_not_auth_title') . '</h3>'; |
|
855 echo '<p>' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '</p>'; |
791 return; |
856 return; |
792 } |
857 } |
793 |
858 |
794 ?> |
859 ?> |
795 <h2>Editing and managing the Enano sidebar</h2> |
860 <h2>Editing and managing the Enano sidebar</h2> |
840 } |
905 } |
841 |
906 |
842 /* |
907 /* |
843 function page_Admin_UserManager() { |
908 function page_Admin_UserManager() { |
844 global $db, $session, $paths, $template, $plugins; // Common objects |
909 global $db, $session, $paths, $template, $plugins; // Common objects |
|
910 global $lang; |
845 if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) |
911 if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) |
846 { |
912 { |
847 echo '<h3>Error: Not authenticated</h3><p>It looks like your administration session is invalid or you are not authorized to access this administration page. Please <a href="' . makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true) . '">re-authenticate</a> to continue.</p>'; |
913 $login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true); |
|
914 echo '<h3>' . $lang->get('adm_err_not_auth_title') . '</h3>'; |
|
915 echo '<p>' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '</p>'; |
848 return; |
916 return; |
849 } |
917 } |
850 |
918 |
851 if ( isset($_GET['src']) && $_GET['src'] == 'get' && !empty($_GET['user']) ) |
919 if ( isset($_GET['src']) && $_GET['src'] == 'get' && !empty($_GET['user']) ) |
852 { |
920 { |
1110 */ |
1178 */ |
1111 |
1179 |
1112 function page_Admin_GroupManager() |
1180 function page_Admin_GroupManager() |
1113 { |
1181 { |
1114 global $db, $session, $paths, $template, $plugins; // Common objects |
1182 global $db, $session, $paths, $template, $plugins; // Common objects |
|
1183 global $lang; |
1115 if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) |
1184 if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) |
1116 { |
1185 { |
1117 echo '<h3>Error: Not authenticated</h3><p>It looks like your administration session is invalid or you are not authorized to access this administration page. Please <a href="' . makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true) . '">re-authenticate</a> to continue.</p>'; |
1186 $login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true); |
|
1187 echo '<h3>' . $lang->get('adm_err_not_auth_title') . '</h3>'; |
|
1188 echo '<p>' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '</p>'; |
1118 return; |
1189 return; |
1119 } |
1190 } |
1120 |
1191 |
1121 if(isset($_POST['do_create_stage1'])) |
1192 if(isset($_POST['do_create_stage1'])) |
1122 { |
1193 { |
1469 } |
1540 } |
1470 |
1541 |
1471 function page_Admin_COPPA() |
1542 function page_Admin_COPPA() |
1472 { |
1543 { |
1473 global $db, $session, $paths, $template, $plugins; // Common objects |
1544 global $db, $session, $paths, $template, $plugins; // Common objects |
|
1545 global $lang; |
1474 if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) |
1546 if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) |
1475 { |
1547 { |
1476 echo '<h3>Error: Not authenticated</h3><p>It looks like your administration session is invalid or you are not authorized to access this administration page. Please <a href="' . makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true) . '">re-authenticate</a> to continue.</p>'; |
1548 $login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true); |
|
1549 echo '<h3>' . $lang->get('adm_err_not_auth_title') . '</h3>'; |
|
1550 echo '<p>' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '</p>'; |
1477 return; |
1551 return; |
1478 } |
1552 } |
1479 |
1553 |
1480 echo '<h2>Background information</h2>'; |
1554 echo '<h2>Background information</h2>'; |
1481 echo '<p> |
1555 echo '<p> |
1542 } |
1616 } |
1543 |
1617 |
1544 function page_Admin_PageManager() |
1618 function page_Admin_PageManager() |
1545 { |
1619 { |
1546 global $db, $session, $paths, $template, $plugins; // Common objects |
1620 global $db, $session, $paths, $template, $plugins; // Common objects |
|
1621 global $lang; |
1547 if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) |
1622 if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) |
1548 { |
1623 { |
1549 echo '<h3>Error: Not authenticated</h3><p>It looks like your administration session is invalid or you are not authorized to access this administration page. Please <a href="' . makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true) . '">re-authenticate</a> to continue.</p>'; |
1624 $login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true); |
|
1625 echo '<h3>' . $lang->get('adm_err_not_auth_title') . '</h3>'; |
|
1626 echo '<p>' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '</p>'; |
1550 return; |
1627 return; |
1551 } |
1628 } |
1552 |
1629 |
1553 |
1630 |
1554 echo '<h2>Page management</h2>'; |
1631 echo '<h2>Page management</h2>'; |
1738 } |
1815 } |
1739 |
1816 |
1740 function page_Admin_PageEditor() |
1817 function page_Admin_PageEditor() |
1741 { |
1818 { |
1742 global $db, $session, $paths, $template, $plugins; // Common objects |
1819 global $db, $session, $paths, $template, $plugins; // Common objects |
|
1820 global $lang; |
1743 if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) |
1821 if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) |
1744 { |
1822 { |
1745 echo '<h3>Error: Not authenticated</h3><p>It looks like your administration session is invalid or you are not authorized to access this administration page. Please <a href="' . makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true) . '">re-authenticate</a> to continue.</p>'; |
1823 $login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true); |
|
1824 echo '<h3>' . $lang->get('adm_err_not_auth_title') . '</h3>'; |
|
1825 echo '<p>' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '</p>'; |
1746 return; |
1826 return; |
1747 } |
1827 } |
1748 |
1828 |
1749 |
1829 |
1750 echo '<h2>Edit page content</h2>'; |
1830 echo '<h2>Edit page content</h2>'; |
1838 |
1918 |
1839 function page_Admin_ThemeManager() |
1919 function page_Admin_ThemeManager() |
1840 { |
1920 { |
1841 |
1921 |
1842 global $db, $session, $paths, $template, $plugins; // Common objects |
1922 global $db, $session, $paths, $template, $plugins; // Common objects |
|
1923 global $lang; |
1843 if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) |
1924 if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) |
1844 { |
1925 { |
1845 echo '<h3>Error: Not authenticated</h3><p>It looks like your administration session is invalid or you are not authorized to access this administration page. Please <a href="' . makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true) . '">re-authenticate</a> to continue.</p>'; |
1926 $login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true); |
|
1927 echo '<h3>' . $lang->get('adm_err_not_auth_title') . '</h3>'; |
|
1928 echo '<p>' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '</p>'; |
1846 return; |
1929 return; |
1847 } |
1930 } |
1848 |
1931 |
1849 |
1932 |
1850 // Get the list of styles in the themes/ dir |
1933 // Get the list of styles in the themes/ dir |
2101 } |
2184 } |
2102 |
2185 |
2103 function page_Admin_BanControl() |
2186 function page_Admin_BanControl() |
2104 { |
2187 { |
2105 global $db, $session, $paths, $template, $plugins; // Common objects |
2188 global $db, $session, $paths, $template, $plugins; // Common objects |
|
2189 global $lang; |
2106 if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) |
2190 if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) |
2107 { |
2191 { |
2108 echo '<h3>Error: Not authenticated</h3><p>It looks like your administration session is invalid or you are not authorized to access this administration page. Please <a href="' . makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true) . '">re-authenticate</a> to continue.</p>'; |
2192 $login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true); |
|
2193 echo '<h3>' . $lang->get('adm_err_not_auth_title') . '</h3>'; |
|
2194 echo '<p>' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '</p>'; |
2109 return; |
2195 return; |
2110 } |
2196 } |
2111 |
2197 |
2112 if(isset($_GET['action']) && $_GET['action'] == 'delete' && isset($_GET['id']) && $_GET['id'] != '') |
2198 if(isset($_GET['action']) && $_GET['action'] == 'delete' && isset($_GET['id']) && $_GET['id'] != '') |
2113 { |
2199 { |
2114 $e = $db->sql_query('DELETE FROM '.table_prefix.'banlist WHERE ban_id=' . $db->escape($_GET['id']) . ''); |
2200 $e = $db->sql_query('DELETE FROM '.table_prefix.'banlist WHERE ban_id=' . intval($_GET['id']) . ''); |
2115 if(!$e) $db->_die('The ban list entry was not deleted.'); |
2201 if(!$e) $db->_die('The ban list entry was not deleted.'); |
2116 } |
2202 } |
2117 if(isset($_POST['create']) && !defined('ENANO_DEMO_MODE')) |
2203 if(isset($_POST['create']) && !defined('ENANO_DEMO_MODE')) |
2118 { |
2204 { |
2119 $type = intval($_POST['type']); |
2205 $type = intval($_POST['type']); |
2213 } |
2299 } |
2214 |
2300 |
2215 function page_Admin_MassEmail() |
2301 function page_Admin_MassEmail() |
2216 { |
2302 { |
2217 global $db, $session, $paths, $template, $plugins; // Common objects |
2303 global $db, $session, $paths, $template, $plugins; // Common objects |
|
2304 global $lang; |
2218 if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) |
2305 if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) |
2219 { |
2306 { |
2220 echo '<h3>Error: Not authenticated</h3><p>It looks like your administration session is invalid or you are not authorized to access this administration page. Please <a href="' . makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true) . '">re-authenticate</a> to continue.</p>'; |
2307 $login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true); |
|
2308 echo '<h3>' . $lang->get('adm_err_not_auth_title') . '</h3>'; |
|
2309 echo '<p>' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '</p>'; |
2221 return; |
2310 return; |
2222 } |
2311 } |
2223 |
2312 |
2224 global $enano_config; |
2313 global $enano_config; |
2225 if ( isset($_POST['do_send']) && !defined('ENANO_DEMO_MODE') ) |
2314 if ( isset($_POST['do_send']) && !defined('ENANO_DEMO_MODE') ) |
2429 } |
2518 } |
2430 |
2519 |
2431 function page_Admin_DBBackup() |
2520 function page_Admin_DBBackup() |
2432 { |
2521 { |
2433 global $db, $session, $paths, $template, $plugins; // Common objects |
2522 global $db, $session, $paths, $template, $plugins; // Common objects |
|
2523 global $lang; |
2434 if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) |
2524 if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) |
2435 { |
2525 { |
2436 echo '<h3>Error: Not authenticated</h3><p>It looks like your administration session is invalid or you are not authorized to access this administration page. Please <a href="' . makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true) . '">re-authenticate</a> to continue.</p>'; |
2526 $login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true); |
|
2527 echo '<h3>' . $lang->get('adm_err_not_auth_title') . '</h3>'; |
|
2528 echo '<p>' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '</p>'; |
2437 return; |
2529 return; |
2438 } |
2530 } |
2439 |
2531 |
2440 if(isset($_GET['submitting']) && $_GET['submitting'] == 'yes' && defined('ENANO_DEMO_MODE') ) |
2532 if(isset($_GET['submitting']) && $_GET['submitting'] == 'yes' && defined('ENANO_DEMO_MODE') ) |
2441 { |
2533 { |
2533 } |
2625 } |
2534 |
2626 |
2535 function page_Admin_AdminLogout() |
2627 function page_Admin_AdminLogout() |
2536 { |
2628 { |
2537 global $db, $session, $paths, $template, $plugins; // Common objects |
2629 global $db, $session, $paths, $template, $plugins; // Common objects |
|
2630 global $lang; |
2538 if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) |
2631 if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) |
2539 { |
2632 { |
2540 echo '<h3>Error: Not authenticated</h3><p>It looks like your administration session is invalid or you are not authorized to access this administration page. Please <a href="' . makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true) . '">re-authenticate</a> to continue.</p>'; |
2633 $login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true); |
|
2634 echo '<h3>' . $lang->get('adm_err_not_auth_title') . '</h3>'; |
|
2635 echo '<p>' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '</p>'; |
2541 return; |
2636 return; |
2542 } |
2637 } |
2543 |
2638 |
2544 $session->logout(USER_LEVEL_ADMIN); |
2639 $session->logout(USER_LEVEL_ADMIN); |
2545 echo '<h3>You have now been logged out of the administration panel.</h3><p>You will continue to be logged into the website, but you will need to re-authenticate before you can access the administration panel again.</p><p>Return to the <a href="'.makeUrl(getConfig('main_page')).'">Main Page</a>.</p>'; |
2640 echo '<h3>You have now been logged out of the administration panel.</h3><p>You will continue to be logged into the website, but you will need to re-authenticate before you can access the administration panel again.</p><p>Return to the <a href="'.makeUrl(getConfig('main_page')).'">Main Page</a>.</p>'; |
2546 } |
2641 } |
2547 |
2642 |
2548 function page_Special_Administration() |
2643 function page_Special_Administration() |
2549 { |
2644 { |
2550 global $db, $session, $paths, $template, $plugins; // Common objects |
2645 global $db, $session, $paths, $template, $plugins; // Common objects |
|
2646 global $lang; |
2551 |
2647 |
2552 if($session->auth_level < USER_LEVEL_ADMIN) { |
2648 if($session->auth_level < USER_LEVEL_ADMIN) { |
2553 redirect(makeUrlNS('Special', 'Login/'.$paths->page, 'level='.USER_LEVEL_ADMIN), 'Not authorized', 'You need an authorization level of '.USER_LEVEL_ADMIN.' to use this page, your auth level is: ' . $session->auth_level, 0); |
2649 redirect(makeUrlNS('Special', 'Login/'.$paths->page, 'level='.USER_LEVEL_ADMIN), 'Not authorized', 'You need an authorization level of '.USER_LEVEL_ADMIN.' to use this page, your auth level is: ' . $session->auth_level, 0); |
2554 exit; |
2650 exit; |
2555 } |
2651 } |
2571 document.getElementById('ajaxPageContainer').innerHTML = '<div class="error-box">Because of the lack of AJAX support, support for Internet Explorer versions less than 6.0 has been disabled in Runt. You can download and use Mozilla Firefox (or Seamonkey under Windows 95); both have an up-to-date standards-compliant rendering engine that has been tested thoroughly with Enano.</div>'; |
2667 document.getElementById('ajaxPageContainer').innerHTML = '<div class="error-box">Because of the lack of AJAX support, support for Internet Explorer versions less than 6.0 has been disabled in Runt. You can download and use Mozilla Firefox (or Seamonkey under Windows 95); both have an up-to-date standards-compliant rendering engine that has been tested thoroughly with Enano.</div>'; |
2572 return false; |
2668 return false; |
2573 } |
2669 } |
2574 if ( t == namespace_list.Admin + 'AdminLogout' ) |
2670 if ( t == namespace_list.Admin + 'AdminLogout' ) |
2575 { |
2671 { |
2576 var mb = new messagebox(MB_YESNO|MB_ICONQUESTION, 'Are you sure you want to de-authenticate?', 'If you de-authenticate, you will no longer be able to use the administration panel until you re-authenticate again. You may do so at any time using the Administration button on the sidebar.'); |
2672 var mb = new messagebox(MB_YESNO|MB_ICONQUESTION, $lang.get('user_logout_confirm_title_elev'), $lang.get('user_logout_confirm_body_elev')); |
2577 mb.onclick['Yes'] = function() { |
2673 mb.onclick['Yes'] = function() { |
2578 var tigraentry = document.getElementById('i_div0_0').parentNode; |
2674 var tigraentry = document.getElementById('i_div0_0').parentNode; |
2579 var tigraobj = $(tigraentry); |
2675 var tigraobj = $(tigraentry); |
2580 var div = document.createElement('div'); |
2676 var div = document.createElement('div'); |
2581 div.style.backgroundColor = '#FFFFFF'; |
2677 div.style.backgroundColor = '#FFFFFF'; |
2708 } |
2804 } |
2709 |
2805 |
2710 function page_Special_EditSidebar() |
2806 function page_Special_EditSidebar() |
2711 { |
2807 { |
2712 global $db, $session, $paths, $template, $plugins; // Common objects |
2808 global $db, $session, $paths, $template, $plugins; // Common objects |
|
2809 global $lang; |
2713 |
2810 |
2714 if($session->auth_level < USER_LEVEL_ADMIN) |
2811 if($session->auth_level < USER_LEVEL_ADMIN) |
2715 { |
2812 { |
2716 redirect(makeUrlNS('Special', 'Login/'.$paths->page, 'level='.USER_LEVEL_ADMIN), '', '', false); |
2813 redirect(makeUrlNS('Special', 'Login/'.$paths->page, 'level='.USER_LEVEL_ADMIN), '', '', false); |
2717 exit; |
2814 exit; |
2832 |
2929 |
2833 } |
2930 } |
2834 |
2931 |
2835 if(isset($_GET['action']) && isset($_GET['id'])) |
2932 if(isset($_GET['action']) && isset($_GET['id'])) |
2836 { |
2933 { |
2837 if(preg_match('#^([0-9]*)$#', $_GET['id'])) |
2934 if(!preg_match('#^([0-9]*)$#', $_GET['id'])) |
2838 { |
2935 { |
2839 } else { |
|
2840 echo '<div class="warning-box">Error with action: $_GET["id"] was not an integer, aborting to prevent SQL injection</div>'; |
2936 echo '<div class="warning-box">Error with action: $_GET["id"] was not an integer, aborting to prevent SQL injection</div>'; |
2841 } |
2937 } |
2842 switch($_GET['action']) |
2938 switch($_GET['action']) |
2843 { |
2939 { |
2844 case 'new': |
2940 case 'new': |
2978 if( !isset($_GET['side']) || ( isset($_GET['side']) && !preg_match('#^([0-9]+)$#', $_GET['side']) ) ) |
3074 if( !isset($_GET['side']) || ( isset($_GET['side']) && !preg_match('#^([0-9]+)$#', $_GET['side']) ) ) |
2979 { |
3075 { |
2980 echo '<div class="warning-box" style="margin: 10px 0;">$_GET[\'side\'] contained an SQL injection attempt</div>'; |
3076 echo '<div class="warning-box" style="margin: 10px 0;">$_GET[\'side\'] contained an SQL injection attempt</div>'; |
2981 break; |
3077 break; |
2982 } |
3078 } |
2983 $query = $db->sql_query('UPDATE '.table_prefix.'sidebar SET sidebar_id=' . $db->escape($_GET['side']) . ' WHERE item_id=' . $db->escape($_GET['id']) . ';'); |
3079 $query = $db->sql_query('UPDATE '.table_prefix.'sidebar SET sidebar_id=' . $db->escape($_GET['side']) . ' WHERE item_id=' . intval($_GET['id']) . ';'); |
2984 if(!$query) |
3080 if(!$query) |
2985 { |
3081 { |
2986 echo $db->get_error(); |
3082 echo $db->get_error(); |
2987 $template->footer(); |
3083 $template->footer(); |
2988 exit; |
3084 exit; |
2989 } |
3085 } |
2990 echo '<div class="info-box" style="margin: 10px 0;">Item moved.</div>'; |
3086 echo '<div class="info-box" style="margin: 10px 0;">Item moved.</div>'; |
2991 break; |
3087 break; |
2992 case 'delete': |
3088 case 'delete': |
2993 $query = $db->sql_query('DELETE FROM '.table_prefix.'sidebar WHERE item_id=' . $db->escape($_GET['id']) . ';'); // Already checked for injection attempts ;-) |
3089 $query = $db->sql_query('DELETE FROM '.table_prefix.'sidebar WHERE item_id=' . intval($_GET['id']) . ';'); // Already checked for injection attempts ;-) |
2994 if(!$query) |
3090 if(!$query) |
2995 { |
3091 { |
2996 echo $db->get_error(); |
3092 echo $db->get_error(); |
2997 $template->footer(); |
3093 $template->footer(); |
2998 exit; |
3094 exit; |
3003 die('GOOD'); |
3099 die('GOOD'); |
3004 } |
3100 } |
3005 echo '<div class="error-box" style="margin: 10px 0;">Item deleted.</div>'; |
3101 echo '<div class="error-box" style="margin: 10px 0;">Item deleted.</div>'; |
3006 break; |
3102 break; |
3007 case 'disenable'; |
3103 case 'disenable'; |
3008 $q = $db->sql_query('SELECT item_enabled FROM '.table_prefix.'sidebar WHERE item_id=' . $db->escape($_GET['id']) . ';'); |
3104 $q = $db->sql_query('SELECT item_enabled FROM '.table_prefix.'sidebar WHERE item_id=' . intval($_GET['id']) . ';'); |
3009 if(!$q) |
3105 if(!$q) |
3010 { |
3106 { |
3011 echo $db->get_error(); |
3107 echo $db->get_error(); |
3012 $template->footer(); |
3108 $template->footer(); |
3013 exit; |
3109 exit; |
3014 } |
3110 } |
3015 $r = $db->fetchrow(); |
3111 $r = $db->fetchrow(); |
3016 $db->free_result(); |
3112 $db->free_result(); |
3017 $e = ( $r['item_enabled'] == 1 ) ? '0' : '1'; |
3113 $e = ( $r['item_enabled'] == 1 ) ? '0' : '1'; |
3018 $q = $db->sql_query('UPDATE '.table_prefix.'sidebar SET item_enabled='.$e.' WHERE item_id=' . $db->escape($_GET['id']) . ';'); |
3114 $q = $db->sql_query('UPDATE '.table_prefix.'sidebar SET item_enabled='.$e.' WHERE item_id=' . intval($_GET['id']) . ';'); |
3019 if(!$q) |
3115 if(!$q) |
3020 { |
3116 { |
3021 echo $db->get_error(); |
3117 echo $db->get_error(); |
3022 $template->footer(); |
3118 $template->footer(); |
3023 exit; |
3119 exit; |
3026 { |
3122 { |
3027 ob_end_clean(); |
3123 ob_end_clean(); |
3028 die('GOOD'); |
3124 die('GOOD'); |
3029 } |
3125 } |
3030 break; |
3126 break; |
|
3127 case 'rename'; |
|
3128 $newname = $db->escape($_POST['newname']); |
|
3129 $q = $db->sql_query('UPDATE '.table_prefix.'sidebar SET block_name=\''.$newname.'\' WHERE item_id=' . intval($_GET['id']) . ';'); |
|
3130 if(!$q) |
|
3131 { |
|
3132 echo $db->get_error(); |
|
3133 $template->footer(); |
|
3134 exit; |
|
3135 } |
|
3136 if(isset($_GET['ajax'])) |
|
3137 { |
|
3138 ob_end_clean(); |
|
3139 die('GOOD'); |
|
3140 } |
|
3141 break; |
3031 case 'getsource': |
3142 case 'getsource': |
3032 $q = $db->sql_query('SELECT block_content,block_type FROM '.table_prefix.'sidebar WHERE item_id=' . $db->escape($_GET['id']) . ';'); |
3143 $q = $db->sql_query('SELECT block_content,block_type FROM '.table_prefix.'sidebar WHERE item_id=' . intval($_GET['id']) . ';'); |
3033 if(!$q) |
3144 if(!$q) |
3034 { |
3145 { |
3035 echo $db->get_error(); |
3146 echo $db->get_error(); |
3036 $template->footer(); |
3147 $template->footer(); |
3037 exit; |
3148 exit; |
3059 else |
3170 else |
3060 { |
3171 { |
3061 $_POST['content'] = sanitize_html($_POST['content'], true); |
3172 $_POST['content'] = sanitize_html($_POST['content'], true); |
3062 } |
3173 } |
3063 } |
3174 } |
3064 $q = $db->sql_query('UPDATE '.table_prefix.'sidebar SET block_content=\''.$db->escape(rawurldecode($_POST['content'])).'\' WHERE item_id=' . $db->escape($_GET['id']) . ';'); |
3175 $q = $db->sql_query('UPDATE '.table_prefix.'sidebar SET block_content=\''.$db->escape(rawurldecode($_POST['content'])).'\' WHERE item_id=' . intval($_GET['id']) . ';'); |
3065 if(!$q) |
3176 if(!$q) |
3066 { |
3177 { |
3067 echo 'var status=unescape(\''.hexencode($db->get_error()).'\');'; |
3178 echo 'var status=unescape(\''.hexencode($db->get_error()).'\');'; |
3068 exit; |
3179 exit; |
3069 } |
3180 } |
3070 $q = $db->sql_query('SELECT block_type,block_content FROM '.table_prefix.'sidebar WHERE item_id=' . $db->escape($_GET['id']) . ';'); |
3181 $q = $db->sql_query('SELECT block_type,block_content FROM '.table_prefix.'sidebar WHERE item_id=' . intval($_GET['id']) . ';'); |
3071 if(!$q) |
3182 if(!$q) |
3072 { |
3183 { |
3073 echo 'var status=unescape(\''.hexencode($db->get_error()).'\');'; |
3184 echo 'var status=unescape(\''.hexencode($db->get_error()).'\');'; |
3074 exit; |
3185 exit; |
3075 } |
3186 } |
3157 break; |
3268 break; |
3158 case BLOCK_TEMPLATEFORMAT: |
3269 case BLOCK_TEMPLATEFORMAT: |
3159 $parser = $template->makeParserText($vars['sidebar_section']); |
3270 $parser = $template->makeParserText($vars['sidebar_section']); |
3160 $c = $template->tplWikiFormat($row['block_content'], false, 'sidebar-editor.tpl'); |
3271 $c = $template->tplWikiFormat($row['block_content'], false, 'sidebar-editor.tpl'); |
3161 $c = preg_replace('#<a (.*?)>(.*?)</a>#is', '<a href="#" onclick="return false;">\\2</a>', $c); |
3272 $c = preg_replace('#<a (.*?)>(.*?)</a>#is', '<a href="#" onclick="return false;">\\2</a>', $c); |
|
3273 // fix for the "Administration" link that somehow didn't get rendered properly |
|
3274 $c = preg_replace("/(^|\n)([ ]*)<a([ ]+.*)?>(.+)<\/a>(<br(.*)\/>)([\r\n]+|$)/isU", '\\1\\2<li><a\\3>\\4</a></li>\\7', $c); |
3162 break; |
3275 break; |
3163 case BLOCK_HTML: |
3276 case BLOCK_HTML: |
3164 $parser = $template->makeParserText($vars['sidebar_section_raw']); |
3277 $parser = $template->makeParserText($vars['sidebar_section_raw']); |
3165 $c = $row['block_content']; |
3278 $c = $row['block_content']; |
3166 $c = preg_replace('#<a (.*?)>(.*?)</a>#is', '<a href="#" onclick="return false;">\\2</a>', $c); |
3279 $c = preg_replace('#<a (.*?)>(.*?)</a>#is', '<a href="#" onclick="return false;">\\2</a>', $c); |
3176 case BLOCK_PLUGIN: |
3289 case BLOCK_PLUGIN: |
3177 $parser = $template->makeParserText($vars['sidebar_section_raw']); |
3290 $parser = $template->makeParserText($vars['sidebar_section_raw']); |
3178 $c = ($template->fetch_block($row['block_content'])) ? $template->fetch_block($row['block_content']) : 'Can\'t find plugin block'; |
3291 $c = ($template->fetch_block($row['block_content'])) ? $template->fetch_block($row['block_content']) : 'Can\'t find plugin block'; |
3179 break; |
3292 break; |
3180 } |
3293 } |
3181 $t = $template->tplWikiFormat($row['block_name']); |
3294 $block_name = $row['block_name']; // $template->tplWikiFormat($row['block_name']); |
|
3295 if ( empty($block_name) ) |
|
3296 $block_name = '<Unnamed>'; |
|
3297 $t = '<span title="Double-click to rename this block" id="sbrename_' . $row['item_id'] . '" ondblclick="ajaxRenameSidebarStage1(this, \''.$row['item_id'].'\'); return false;">' . $block_name . '</span>'; |
3182 if($row['item_enabled'] == 0) $t .= ' <span id="disabled_'.$row['item_id'].'" style="color: red;">(disabled)</span>'; |
3298 if($row['item_enabled'] == 0) $t .= ' <span id="disabled_'.$row['item_id'].'" style="color: red;">(disabled)</span>'; |
3183 else $t .= ' <span id="disabled_'.$row['item_id'].'" style="color: red; display: none;">(disabled)</span>'; |
3299 else $t .= ' <span id="disabled_'.$row['item_id'].'" style="color: red; display: none;">(disabled)</span>'; |
3184 $side = ( $row['sidebar_id'] == SIDEBAR_LEFT ) ? SIDEBAR_RIGHT : SIDEBAR_LEFT; |
3300 $side = ( $row['sidebar_id'] == SIDEBAR_LEFT ) ? SIDEBAR_RIGHT : SIDEBAR_LEFT; |
3185 $tb = '<a title="Enable or disable this block" href="'.makeUrl($paths->page, 'action=disenable&id='.$row['item_id'].'' , true).'" onclick="ajaxDisenableBlock(\''.$row['item_id'].'\'); return false;" ><img alt="Enable/disable this block" style="border-width: 0;" src="'.scriptPath.'/images/disenable.png" /></a> |
3301 $tb = '<a title="Enable or disable this block" href="'.makeUrl($paths->page, 'action=disenable&id='.$row['item_id'].'' , true).'" onclick="ajaxDisenableBlock(\''.$row['item_id'].'\'); return false;" ><img alt="Enable/disable this block" style="border-width: 0;" src="'.scriptPath.'/images/disenable.png" /></a> |
3186 <a title="Edit the contents of this block" href="'.makeUrl($paths->page, 'action=edit&id='.$row['item_id'].'' , true).'" onclick="ajaxEditBlock(\''.$row['item_id'].'\', this); return false;"><img alt="Edit this block" style="border-width: 0;" src="'.scriptPath.'/images/edit.png" /></a> |
3302 <a title="Edit the contents of this block" href="'.makeUrl($paths->page, 'action=edit&id='.$row['item_id'].'' , true).'" onclick="ajaxEditBlock(\''.$row['item_id'].'\', this); return false;"><img alt="Edit this block" style="border-width: 0;" src="'.scriptPath.'/images/edit.png" /></a> |