admin_webblocks.php

一款开源的sns系统源码 安装简单

<?php

// -----------------------------------------------------------------------
// This file is part of AROUNDMe
// 
// Copyright (C) 2003-2007 Barnraiser
// http://www.barnraiser.org/
// info@barnraiser.org
// 
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// 
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
// GNU General Public License for more details.
// 
// You should have received a copy of the GNU General Public License
// along with this program; see the file COPYING.txt.  If not, see
// <http://www.gnu.org/licenses/>
// -----------------------------------------------------------------------

if(isset($_SESSION['connection_permission']) && checkPermission('core', 'edit_webpages', $_SESSION['connection_permission'])) {

	require_once($language_path . 'admin_blocks.lang.php');
	
	
	if (isset($_POST['update_webblock'])) {
		if (!empty($_POST['webblock_id'])) { // we update the block
		
			$query = "
				UPDATE " . $db->prefix . "_webblock
				SET
				webblock_body=" . $db->qstr($_POST['webblock_body']) . " 
				WHERE webblock_id=" . $_POST['webblock_id']
			;
			
			$result = $db->Execute($query);
		}
		else { // we insert
			// check the tag (only [A-Z allowed])
			$_POST['webblock_tag'] = trim(strtoupper($_POST['webblock_tag']));
	
			if (strlen($_POST['webblock_tag']) < 3) {
				$GLOBALS['am_error_log'][] = array($lang['error']['tag_too_short']);
			}
			
			$pattern = '/^[A-Z]*$/';
			
			if (!preg_match($pattern, $_POST['webblock_tag'], $matches)) {
				$GLOBALS['am_error_log'][] = array($lang['error']['tag_only_uppercase']);
			}
	
			if (empty($GLOBALS['am_error_log'])) {
	
				$rec = array();
				$rec['webblock_tag'] = $_POST['webblock_tag'];
				$rec['webblock_body'] = $_POST['webblock_body'];
				$rec['webspace_id'] = $_SESSION['webspace_id'];
		
				$table = $db->prefix . "_webblock";
				
				$db->insertDb($rec, $table);
	
				$_REQUEST['webblock_id'] = $db->insertID();
			}
			else {
				$output_webblock['webblock_proposed_tag'] = $_POST['webblock_tag'];
				$output_webblock['webblock_body'] = $_POST['webblock_body'];
				$body->set('webblock', $output_webblock);
			}
		}
	}
	elseif (isset($_POST['delete_webblock'])) {
		// We check that the web block is not in use within any web pages
		$query = "
			SELECT webblock_tag 
			FROM " . $db->prefix . "_webblock 
			WHERE
			webblock_id=" . $_POST['webblock_id']
		;
		
		$result = $db->Execute($query);
		
		if (isset($result[0]['webblock_tag'])) {
			$pattern = "/<AM_BLOCK_" . $result[0]['webblock_tag'] . " \/>/";
			
			// we get all web pages
			$query = "
				SELECT webpage_name, webpage_body  
				FROM " . $db->prefix . "_webpage  
				WHERE
				webspace_id=" . $_POST['webspace_id']
			;

			$result = $db->Execute($query);

			if (isset($result)) {
				foreach ($result as $key => $i):

					unset ($match, $error_lang_txt);
					
					if (preg_match($pattern, $i['webpage_body'], $match)) {
						$error_lang_txt = str_replace('SYS_KEYWORD_NAME', $i['webpage_name'], $lang['error']['delete_block_in_use']);
						$GLOBALS['am_error_log'][] = array($error_lang_txt);
					}
				endforeach;
			}

			if (empty($GLOBALS['am_error_log'])) {
				// We can remove it
				$query = "DELETE FROM " . $db->prefix . "_webblock WHERE webblock_id=" . $_POST['webblock_id'];
				
				$db->Execute($query);

				header("Location: index.php?ws=" . $_POST['webspace_id'] . "&t=admin_webblocks");
				exit;
			}
		}
	}
	
	// SELECT WEBBLOCK ------------------------------------------------------------
	if (!empty($_REQUEST['webblock_id'])) { // we are editing a page
		$query = "
			SELECT *
			FROM " . $db->prefix . "_webblock 
			WHERE webblock_id=" . $_REQUEST['webblock_id']
		;
		
		$result = $db->Execute($query);
		
		if (isset($result)) {
			$body->set('webblock', $result);
		}
	}
	
	
	// SELECT WEBBLOCKS -----------------------------------------------------------
	$query = "
		SELECT webblock_id, webblock_tag, webblock_body 
		FROM " . $db->prefix . "_webblock
		WHERE
		webspace_id=" . $_SESSION['webspace_id'] . "
		ORDER BY webblock_tag desc"
	;
	
	$result = $db->Execute($query);
	
	if (isset($result)) {
		$output_webblocks = $result;
	
		foreach($output_webblocks as $key => $i):
			if (isset($_REQUEST['webblock_id']) && $i['webblock_id'] == $_REQUEST['webblock_id']) {
				$body->set('webblock', $i);
			}
		endforeach;
	
		if (!empty($output_webblocks)) {
			$body->set('webblocks', $output_webblocks);
			$tpl->set('webblocks', $output_webblocks);
		}
	}
}
else { // no permission to be here
	header("Location: index.php?ws=" . $_REQUEST['ws']);
	exit;
}

?>