1: <?php
2: 3: 4: 5: 6: 7: 8: 9: 10: 11: 12: 13: 14:
15:
16: if (!defined('CON_FRAMEWORK')) {
17: define('CON_FRAMEWORK', true);
18: }
19:
20:
21: include_once('./includes/startup.php');
22:
23: cRegistry::bootstrap(array(
24: 'sess' => 'cSession',
25: 'auth' => 'Contenido_Challenge_Crypt_Auth',
26: 'perm' => 'cPermission'
27: ));
28:
29: i18nInit($cfg['path']['contenido_locale'], $belang);
30:
31:
32: $db = cRegistry::getDb();
33: $db2 = cRegistry::getDb();
34:
35:
36: $sSession = '';
37: $sSessionTmp = '';
38:
39:
40: $iSpeachId = $lang;
41: $iSpeachIdTmp = NULL;
42:
43:
44: $iSearchId = NULL;
45: $iSearchIdTmp = 0;
46:
47:
48: $sSearchStr = NULL;
49: $sSearchStrTmp = '';
50:
51:
52: $sSearchStrDateType = NULL;
53: $sSearchStrDateTypeTmp = '';
54:
55:
56: $sSearchStrDateFrom = NULL;
57: $sSearchStrDateFromTmp = '';
58:
59:
60: $sSearchStrDateTo = NULL;
61: $sSearchStrDateToTmp = '';
62:
63: $bLostAndFound = false;
64:
65: $sWhere = '';
66:
67: $iLangId = ((int) $lang > 0 ? (int) $lang : 1);
68:
69: $sDateFormat = getEffectiveSetting('dateformat', 'date', 'Y-m-d');
70:
71: $sLoadSubnavi = '';
72: $iIdCat = 0;
73: $iDisplayMenu = 0;
74: $iIdTpl = 0;
75: $sScript = '';
76:
77:
78: if (isset($_POST[$sess->name])) {
79: $sSessionTmp = trim(strip_tags($_POST[$sess->name]));
80: } elseif (isset($_GET[$sess->name])) {
81: $sSessionTmp = trim(strip_tags($_GET[$sess->name]));
82: }
83: if (strlen($sSessionTmp) > 0) {
84: $sSession = $sSessionTmp;
85: }
86:
87: if (isset($_POST['speach'])) {
88: $iSpeachIdTmp = (int) $_POST['speach'];
89: if ((string) $iSpeachIdTmp === $_POST['speach']) {
90: $iSpeachId = $iSpeachIdTmp;
91: }
92: }
93: if (!empty($sSession)) {
94:
95: cRegistry::bootstrap(array(
96: 'sess' => 'cSession',
97: 'auth' => 'cAuthHandlerBackend',
98: 'perm' => 'cPermission'
99: ));
100: i18nInit($cfg['path']['contenido_locale'], $belang);
101: } else {
102:
103: cRegistry::bootstrap(array(
104: 'sess' => 'cFrontendSession',
105: 'auth' => 'cAuthHandlerFrontend',
106: 'perm' => 'cPermission'
107: ));
108: }
109:
110:
111: $sSortByValues = array('title', 'lastmodified', 'published', 'artsort');
112: $sSortBy = in_array($_POST['sortby'], $sSortByValues) ? $_POST['sortby'] : 'lastmodified';
113: $sSortMode = ($_POST['sortmode'] == 'asc') ? 'asc' : 'desc';
114:
115: 116: 117: 118: 119: 120: 121:
122:
123: $sSaveTitle = 'save_title';
124: $sSaveId = 'save_id';
125: $sSaveDateFrom = 'save_date_from';
126: $sSaveDateFromYear = 'save_date_from_year';
127: $sSaveDateFromMonth = 'save_date_from_month';
128: $sSaveDateFromDay = 'save_date_from_day';
129: $sSaveDateTo = 'save_date_to';
130: $sSaveDateToYear = 'save_date_to_year';
131: $sSaveDateToMonth = 'save_date_to_month';
132: $sSaveDateToDay = 'save_date_to_day';
133: $sSaveDateField = 'save_date_field';
134: $sSaveAuthor = 'save_author';
135: $sSaveName = 'save_name';
136: $sType = 'savedsearch';
137: $sRefreshScript = '';
138: $sSaveSuccessfull = '';
139:
140:
141: 142: 143: 144: 145: 146: 147: 148: 149: 150: 151: 152: 153: 154: 155: 156:
157: function generateJs($aValues) {
158: if (is_array($aValues)) {
159: global $sSaveTitle;
160: global $sSaveId;
161: global $sSaveDateFromYear;
162: global $sSaveDateFromMonth;
163: global $sSaveDateFromDay;
164: global $sSaveDateToYear;
165: global $sSaveDateToMonth;
166: global $sSaveDateToDay;
167: global $sSaveDateField;
168: global $sSaveAuthor;
169: global $sSaveName;
170:
171: return 'function refresh_article_search_form (refresh) {
172: var oFrame = top.content.left.left_top;
173: if (oFrame) {
174: oForm = oFrame.document.backend_search;
175:
176: oForm.bs_search_text.value = "' . $aValues[$sSaveTitle] . '";
177: oForm.bs_search_id.value = "' . $aValues[$sSaveId] . '";
178: oForm.bs_search_date_type.value = "' . $aValues[$sSaveDateField] . '";
179:
180: oFrame.toggle_tr_visibility("tr_date_from");
181: oFrame.toggle_tr_visibility("tr_date_to");
182:
183: oForm.bs_search_date_from_day.value = "' . $aValues[$sSaveDateFromDay] . '";
184: oForm.bs_search_date_from_month.value = "' . $aValues[$sSaveDateToMonth] . '";
185: oForm.bs_search_date_from_year.value = "' . $aValues[$sSaveDateFromYear] . '";
186:
187: oForm.bs_search_date_to_day.value = "' . $aValues[$sSaveDateToDay] . '";
188: oForm.bs_search_date_to_month.value = "' . $aValues[$sSaveDateToMonth] . '";
189: oForm.bs_search_date_to_year.value = "' . $aValues[$sSaveDateToYear] . '";
190:
191: oForm.bs_search_author.value = "' . $aValues[$sSaveAuthor] . '";
192: }
193: }
194: refresh_article_search_form ();
195: ';
196: } else {
197: return false;
198: }
199: }
200:
201: 202: 203: 204: 205:
206: function mask($sString) {
207: $sString = str_replace('\\', '\\\\', $sString);
208: $sString = str_replace('\'', '\\\'', $sString);
209: $sString = str_replace('"', '\\"', $sString);
210: return $sString;
211: }
212:
213: 214: 215: 216: 217: 218:
219: function getSearchResults($itemidReq, $itemtypeReq) {
220: global $sSaveTitle;
221: global $sSaveId;
222: global $sSaveDateFrom;
223: global $sSaveDateFromYear;
224: global $sSaveDateFromMonth;
225: global $sSaveDateFromDay;
226: global $sSaveDateTo;
227: global $sSaveDateToYear;
228: global $sSaveDateToMonth;
229: global $sSaveDateToDay;
230: global $sSaveDateField;
231: global $sSaveAuthor;
232: global $sSaveName;
233: global $sType;
234:
235: $retValue = array();
236:
237: $propertyCollection = new cApiPropertyCollection();
238: $results = $propertyCollection->getValuesByType($itemtypeReq, $itemidReq, $sType);
239:
240:
241: $retValue[$sSaveTitle] = $results[$sSaveTitle];
242: $retValue[$sSaveId] = $results[$sSaveId];
243: $retValue[$sSaveDateField] = $results[$sSaveDateField];
244: $retValue[$sSaveAuthor] = $results[$sSaveAuthor];
245:
246:
247: $sSearchStrDateFromDayTmp = 0;
248: $sSearchStrDateFromMonthTmp = 0;
249: $sSearchStrDateFromYearTmp = 0;
250: $saveDateFrom = $results[$sSaveDateFrom];
251: if (isset($saveDateFrom) && sizeof($saveDateFrom) > 0) {
252: $saveDateFrom = str_replace(' 00:00:00', '', $saveDateFrom);
253: $saveDateFromParts = explode('-', $saveDateFrom);
254: if (sizeof($saveDateFromParts) == 3) {
255: $retValue[$sSaveDateFromYear] = $saveDateFromParts[0];
256: $retValue[$sSaveDateFromMonth] = $saveDateFromParts[1];
257: $retValue[$sSaveDateFromDay] = $saveDateFromParts[2];
258: }
259: }
260:
261: $sSearchStrDateToDayTmp = 0;
262: $sSearchStrDateToMonthTmp = 0;
263: $sSearchStrDateToYearTmp = 0;
264: $saveDateTo = $results[$sSaveDateTo];
265: if (isset($saveDateTo) && sizeof($saveDateTo) > 0) {
266: $saveDateTo = str_replace(' 23:59:59', '', $saveDateTo);
267: $saveDateToParts = explode('-', $saveDateTo);
268: if (sizeof($saveDateToParts) == 3) {
269: $retValue[$sSaveDateToYear] = $saveDateToParts[0];
270: $retValue[$sSaveDateToMonth] = $saveDateToParts[1];
271: $retValue[$sSaveDateToDay] = $saveDateToParts[2];
272: }
273: }
274: return $retValue;
275: }
276:
277:
278: if (sizeof($_GET) == 0 && isset($_POST['save_search'])) {
279: $itemtype = rand(0, 10000);
280: $itemid = time();
281: $propertyCollection = new cApiPropertyCollection();
282:
283:
284:
285:
286:
287:
288: $propertyCollection->setValue($itemtype, $itemid, $sType, $sSaveTitle, $_POST[$sSaveTitle]);
289:
290: $propertyCollection->setValue($itemtype, $itemid, $sType, $sSaveId, $_POST[$sSaveId]);
291:
292: $propertyCollection->setValue($itemtype, $itemid, $sType, $sSaveDateFrom, $_POST[$sSaveDateFrom]);
293:
294: $propertyCollection->setValue($itemtype, $itemid, $sType, $sSaveDateTo, $_POST[$sSaveDateTo]);
295:
296: $propertyCollection->setValue($itemtype, $itemid, $sType, $sSaveDateField, $_POST[$sSaveDateField]);
297:
298: $propertyCollection->setValue($itemtype, $itemid, $sType, $sSaveAuthor, $_POST[$sSaveAuthor]);
299:
300: $propertyCollection->setValue($itemtype, $itemid, $sType, $sSaveName, $_POST[$sSaveName]);
301:
302:
303: $aSearchResults = getSearchResults($itemid, $itemtype);
304: $sSearchStrTmp = $aSearchResults[$sSaveTitle];
305: $iSearchIdTmp = $aSearchResults[$sSaveId];
306: $sSearchStrDateTypeTmp = $aSearchResults[$sSaveDateField];
307: $sSearchStrDateFromDayTmp = $aSearchResults[$sSaveDateFromDay];
308: $sSearchStrDateFromMonthTmp = $aSearchResults[$sSaveDateFromMonth];
309: $sSearchStrDateFromYearTmp = $aSearchResults[$sSaveDateFromYear];
310: $sSearchStrDateToDayTmp = $aSearchResults[$sSaveDateToDay];
311: $sSearchStrDateToMonthTmp = $aSearchResults[$sSaveDateToMonth];
312: $sSearchStrDateToYearTmp = $aSearchResults[$sSaveDateToYear];
313: $sSearchStrAuthorTmp = $aSearchResults[$sSaveAuthor];
314:
315: $sScript = generateJs($aSearchResults);
316:
317:
318: $sRefreshScript .= 'top.content.left.left_top.location.href = top.content.left.left_top.location.href+"&save_search=true";';
319:
320:
321: $sSaveSuccessfull = i18n("Thank you for saving this search from extinction!");
322: } elseif (sizeof($_GET) > 0) {
323:
324:
325: $itemtypeReq = $_GET['itemtype'];
326: $itemidReq = $_GET['itemid'];
327:
328: if ((isset($itemtypeReq) && strlen($itemtypeReq) > 0) && (isset($itemidReq) && strlen($itemidReq) > 0)) {
329: $aSearchResults = getSearchResults($itemidReq, $itemtypeReq);
330: $sSearchStrTmp = $aSearchResults[$sSaveTitle];
331: $iSearchIdTmp = $aSearchResults[$sSaveId];
332: $sSearchStrDateTypeTmp = $aSearchResults[$sSaveDateField];
333: $sSearchStrDateFromDayTmp = $aSearchResults[$sSaveDateFromDay];
334: $sSearchStrDateFromMonthTmp = $aSearchResults[$sSaveDateFromMonth];
335: $sSearchStrDateFromYearTmp = $aSearchResults[$sSaveDateFromYear];
336: $sSearchStrDateToDayTmp = $aSearchResults[$sSaveDateToDay];
337: $sSearchStrDateToMonthTmp = $aSearchResults[$sSaveDateToMonth];
338: $sSearchStrDateToYearTmp = $aSearchResults[$sSaveDateToYear];
339: $sSearchStrAuthorTmp = $aSearchResults[$sSaveAuthor];
340: $sSearchStrDateFromTmp = $aSearchResults[$sSaveDateFrom];
341: $sSearchStrDateToTmp = $aSearchResults[$sSaveDateTo];
342:
343:
344: $sScript = generateJs($aSearchResults);
345: } elseif (isset($_GET['recentedit'])) {
346:
347: $actDate = time();
348: $weekInSeconds = 60 * 60 * 24 * 7;
349: $oneWeekEarlier = $actDate - $weekInSeconds;
350:
351: $sSearchStrDateTypeTmp = 'lastmodified';
352: $sSearchStrDateFromDayTmp = date('d', $oneWeekEarlier);
353: $sSearchStrDateFromMonthTmp = date('m', $oneWeekEarlier);
354: $sSearchStrDateFromYearTmp = date('Y', $oneWeekEarlier);
355: $sSearchStrDateToDayTmp = date('d', $actDate);
356: $sSearchStrDateToMonthTmp = date('m', $actDate);
357: $sSearchStrDateToYearTmp = date('Y', $actDate);
358: } elseif (isset($_GET['myarticles'])) {
359: $sSearchStrAuthorTmp = $auth->auth['uname'];
360: } elseif (isset($_GET['lostfound'])) {
361: $bLostAndFound = true;
362: }
363: } elseif (sizeof($_GET) == 0 && isset($_POST)) {
364:
365:
366: $sSearchStrTmp = trim(strip_tags($_POST['bs_search_text']));
367: $iSearchIdTmp = (int) $_POST['bs_search_id'];
368: $sSearchStrDateTypeTmp = trim(strip_tags($_POST['bs_search_date_type']));
369: $sSearchStrDateFromDayTmp = (int) trim(strip_tags($_POST['bs_search_date_from_day']));
370: $sSearchStrDateFromMonthTmp = (int) trim(strip_tags($_POST['bs_search_date_from_month']));
371: $sSearchStrDateFromYearTmp = (int) trim(strip_tags($_POST['bs_search_date_from_year']));
372: $sSearchStrDateToDayTmp = (int) trim(strip_tags($_POST['bs_search_date_to_day']));
373: $sSearchStrDateToMonthTmp = (int) trim(strip_tags($_POST['bs_search_date_to_month']));
374: $sSearchStrDateToYearTmp = (int) trim(strip_tags($_POST['bs_search_date_to_year']));
375: $sSearchStrAuthorTmp = trim(strip_tags($_POST['bs_search_author']));
376: }
377:
378:
379:
380:
381: if (!empty($sSearchStrTmp)) {
382: $sSearchStr = $sSearchStrTmp;
383: }
384:
385: if ($iSearchIdTmp > 0) {
386: $iSearchId = $iSearchIdTmp;
387: }
388:
389: if ($sSearchStrDateTypeTmp != 'n/a') {
390: if (($sSearchStrDateFromDayTmp > 0) && ($sSearchStrDateFromMonthTmp > 0) && ($sSearchStrDateFromYearTmp > 0)) {
391: $sSearchStrDateFrom = $sSearchStrDateFromYearTmp . '-' . $sSearchStrDateFromMonthTmp . '-' . $sSearchStrDateFromDayTmp . ' 00:00:00';
392: } else {
393: $sSearchStrDateFrom = '';
394: }
395:
396: if (($sSearchStrDateToDayTmp > 0) && ($sSearchStrDateToMonthTmp > 0) && ($sSearchStrDateToYearTmp > 0)) {
397: $sSearchStrDateTo = $sSearchStrDateToYearTmp . '-' . $sSearchStrDateToMonthTmp . '-' . $sSearchStrDateToDayTmp . ' 23:59:59';
398: } else {
399: $sSearchStrDateTo = '';
400: }
401:
402: $sDateFieldName = $sSearchStrDateTypeTmp;
403: } else {
404: $sDateFieldName = '';
405: }
406:
407: if (!empty($sSearchStrAuthorTmp)) {
408: $sSearchStrAuthor = $sSearchStrAuthorTmp;
409: }
410:
411:
412: $sql = "SELECT
413: DISTINCT a.idart, a.idartlang, a.title, a.online, a.locked, a.idartlang, a.created, a.published,
414: a.artsort, a.lastmodified, b.idcat, b.idcatart, b.idcatart, c.startidartlang,
415: c.idcatlang, e.name as 'tplname'
416: FROM " . $cfg['tab']['art_lang'] . " as a
417: LEFT JOIN " . $cfg['tab']['cat_art'] . " as b ON a.idart = b.idart
418: LEFT JOIN " . $cfg['tab']['cat_lang'] . " as c ON a.idartlang = c.startidartlang
419: LEFT JOIN " . $cfg['tab']['tpl_conf'] . " as d ON a.idtplcfg = d.idtplcfg
420: LEFT JOIN " . $cfg['tab']['tpl'] . " as e ON d.idtpl = e.`idtpl`
421: LEFT JOIN " . $cfg['tab']['content'] . " as f ON f.idartlang = a.idartlang
422: WHERE
423: (a.idlang = " . cSecurity::toInteger($iSpeachId) . ")
424: ";
425:
426: $sWhere = '';
427:
428: $bNoCriteria = true;
429:
430:
431: if ($iSearchId > 0) {
432: $sWhere .= " AND (a.idart = " . cSecurity::toInteger($iSearchId) . ")";
433: $bNoCriteria = false;
434: }
435:
436:
437: if (!empty($sSearchStr)) {
438: $sWhere .= " AND ((a.title LIKE '%" . mask(cSecurity::escapeDB($sSearchStr, $db)) . "%')";
439: $sWhere .= " OR (f.value LIKE '%" . mask(cSecurity::escapeDB($sSearchStr, $db)) . "%'))";
440: $bNoCriteria = false;
441: }
442:
443: if (!empty($sSearchStrDateFrom) && ($sDateFieldName != '')) {
444: $sWhere .= " AND (a." . cSecurity::escapeDB($sDateFieldName, $db) . " >= '" . mask(cSecurity::escapeDB($sSearchStrDateFrom, $db)) . "')";
445: $bNoCriteria = false;
446: }
447:
448: if (!empty($sSearchStrDateTo) && ($sDateFieldName != '')) {
449: $sWhere .= " AND (a." . $sDateFieldName . " <= '" . mask(cSecurity::escapeDB($sSearchStrDateTo, $db)) . "')";
450: $bNoCriteria = false;
451: }
452:
453: if (!empty($sSearchStrAuthor) && ($sSearchStrAuthor != 'n/a')) {
454:
455: $sWhere .= " AND ((a.author = '" . mask(cSecurity::escapeDB($sSearchStrAuthor, $db)) . "') OR (a.modifiedby = '" . mask(cSecurity::escapeDB($sSearchStrAuthor, $db)) . "'))";
456: $bNoCriteria = false;
457: }
458:
459: if (!empty($sWhere)) {
460: $sql .= $sWhere;
461: $sql .= ' ORDER BY a.' . $sSortBy . ' ' . strtoupper($sSortMode);
462: $db->query($sql);
463: } elseif ($bLostAndFound) {
464: $sql = "SELECT
465: DISTINCT a.idart, a.idartlang, a.title, a.online, a.locked, a.idartlang, a.created, a.published,
466: a.artsort, a.lastmodified, b.idcat, b.idcatart, b.idcatart, c.startidartlang,
467: c.idcatlang, e.name as 'tplname'
468: FROM " . $cfg['tab']['art_lang'] . " as a
469: LEFT JOIN " . $cfg['tab']['cat_art'] . " as b ON a.idart = b.idart
470: LEFT JOIN " . $cfg['tab']['cat_lang'] . " as c ON a.idartlang = c.startidartlang
471: LEFT JOIN " . $cfg['tab']['tpl_conf'] . " as d ON a.idtplcfg = d.idtplcfg
472: LEFT JOIN " . $cfg['tab']['tpl'] . " as e ON d.idtpl = e.`idtpl`
473: WHERE
474: (a.idart NOT IN (SELECT " . $cfg['tab']['cat_art'] . ".idart FROM " . $cfg['tab']['cat_art'] . "))
475: OR
476: (b.idcat NOT IN (SELECT " . $cfg['tab']['cat'] . ".idcat FROM " . $cfg['tab']['cat'] . "));";
477: $db->query($sql);
478: }
479:
480: $aTableHeaders = array();
481: foreach ($sSortByValues as $value) {
482: $sTableHeader = '<a href="#" class="gray">';
483: switch ($value) {
484: case 'title':
485: $sTableHeader .= i18n('Title');
486: break;
487: case 'lastmodified':
488: $sTableHeader .= i18n('Changed');
489: break;
490: case 'published':
491: $sTableHeader .= i18n('Published');
492: break;
493: case 'artsort':
494: $sTableHeader .= i18n('Sort order');
495: break;
496: default:
497: break;
498: }
499: $sTableHeader .= '</a>';
500:
501: if ($value == $sSortBy) {
502: $imageSrc = ($sSortMode == 'asc') ? 'images/sort_up.gif' : 'images/sort_down.gif';
503: $sTableHeader .= '<img src="' . $imageSrc . '" />';
504: }
505: $aTableHeaders[$value] = $sTableHeader;
506: }
507:
508: $tpl = new cTemplate();
509:
510: $tpl->setEncoding('iso-8859-1');
511: $tpl->set('s', 'SESSID', $sSession);
512: $tpl->set('s', 'SCRIPT', $sScript);
513: $tpl->set('s', 'SESSNAME', $sess->name);
514: $tpl->set('s', 'TITLE', i18n('Search results'));
515: $tpl->set('s', 'TH_START', i18n("Article"));
516: $tpl->set('s', 'TH_TITLE', $aTableHeaders['title']);
517: $tpl->set('s', 'TH_CHANGED', $aTableHeaders['lastmodified']);
518: $tpl->set('s', 'TH_PUBLISHED', $aTableHeaders['published']);
519: $tpl->set('s', 'TH_SORTORDER', $aTableHeaders['artsort']);
520: $tpl->set('s', 'TH_TEMPLATE', i18n("Template"));
521: $tpl->set('s', 'TH_ACTIONS', i18n("Actions"));
522: $tpl->set('s', 'CURRENT_SORTBY', $sSortBy);
523: $tpl->set('s', 'CURRENT_SORTMODE', $sSortMode);
524:
525:
526: $tpl->set('s', 'REFRESH', $sRefreshScript);
527:
528:
529: $tpl->set('s', 'SEARCHSTOREDMESSAGE', $sSaveSuccessfull);
530:
531: $iAffectedRows = $db->affectedRows();
532:
533: if ($iAffectedRows <= 0 || (empty($sWhere) && !$bLostAndFound)) {
534: $sNoArticle = i18n("Missing search value.");
535: $sNothingFound = i18n("No article found.");
536:
537: if ($bNoCriteria && !$bLostAndFound) {
538: $sErrOut = $sNoArticle;
539: } else {
540: $sErrOut = $sNothingFound;
541: }
542:
543: $sRow = '<tr><td colspan="7" class="bordercell">' . $sErrOut . '</td></tr>';
544: $tpl->set('d', 'ROWS', $sRow);
545: $sLoadSubnavi = 'parent.parent.frames["right"].frames["right_top"].location.href = \'main.php?area=con&frame=3&idcat=0&idtpl=' . $iIdTpl . '&contenido=' . $sSession . "';";
546: $tpl->next();
547: } else {
548: $bHit = false;
549:
550: for ($i = 0; $i < $iAffectedRows; $i++) {
551: $sRow = '';
552:
553: $db->nextRecord();
554:
555: $idcat = $db->f("idcat");
556:
557: $bCheckRights = $perm->have_perm_area_action("con", "con_makestart");
558:
559: if (!$bCheckRights) {
560: $bCheckRights = $perm->have_perm_area_action("con", "con_makeonline");
561: }
562: if (!$bCheckRights) {
563: $bCheckRights = $perm->have_perm_area_action("con", "con_deleteart");
564: }
565: if (!$bCheckRights) {
566: $bCheckRights = $perm->have_perm_area_action("con", "con_tplcfg_edit");
567: }
568: if (!$bCheckRights) {
569: $bCheckRights = $perm->have_perm_area_action("con", "con_makecatonline");
570: }
571: if (!$bCheckRights) {
572: $bCheckRights = $perm->have_perm_area_action("con", "con_changetemplate");
573: }
574: if (!$bCheckRights) {
575: $bCheckRights = $perm->have_perm_area_action("con_editcontent", "con_editart");
576: }
577: if (!$bCheckRights) {
578: $bCheckRights = $perm->have_perm_area_action("con_editart", "con_edit");
579: }
580: if (!$bCheckRights) {
581: $bCheckRights = $perm->have_perm_area_action("con_editart", "con_newart");
582: }
583: if (!$bCheckRights) {
584: $bCheckRights = $perm->have_perm_area_action("con_editart", "con_saveart");
585: }
586:
587:
588: if (!$bCheckRights) {
589:
590: $aGroupsForUser = $perm->getGroupsForUser($auth->auth[uid]);
591: $aGroupsForUser[] = $auth->auth[uid];
592: $sTmpUserString = implode("','", $aGroupsForUser);
593:
594:
595: $sql = "SELECT *
596: FROM " . $cfg["tab"]["rights"] . "
597: WHERE user_id IN ('" . $sTmpUserString . "') AND idclient = '" . cSecurity::toInteger($client) . "' AND idlang = '" . cSecurity::toInteger($lang) . "' AND idcat = '" . cSecurity::toInteger($idcat) . "'";
598: $db2->query($sql);
599:
600: if ($db2->numRows() != 0) {
601:
602: if (!$bCheckRights) {
603: $bCheckRights = $perm->have_perm_area_action_item("con", "con_makestart", $idcat);
604: }
605: if (!$bCheckRights) {
606: $bCheckRights = $perm->have_perm_area_action_item("con", "con_makeonline", $idcat);
607: }
608: if (!$bCheckRights) {
609: $bCheckRights = $perm->have_perm_area_action_item("con", "con_deleteart", $idcat);
610: }
611: if (!$bCheckRights) {
612: $bCheckRights = $perm->have_perm_area_action_item("con", "con_tplcfg_edit", $idcat);
613: }
614: if (!$bCheckRights) {
615: $bCheckRights = $perm->have_perm_area_action_item("con", "con_makecatonline", $idcat);
616: }
617: if (!$bCheckRights) {
618: $bCheckRights = $perm->have_perm_area_action_item("con", "con_changetemplate", $idcat);
619: }
620: if (!$bCheckRights) {
621: $bCheckRights = $perm->have_perm_area_action_item("con_editcontent", "con_editart", $idcat);
622: }
623: if (!$bCheckRights) {
624: $bCheckRights = $perm->have_perm_area_action_item("con_editart", "con_edit", $idcat);
625: }
626: if (!$bCheckRights) {
627: $bCheckRights = $perm->have_perm_area_action_item("con_editart", "con_newart", $idcat);
628: }
629: if (!$bCheckRights) {
630: $bCheckRights = $perm->have_perm_area_action_item("con_editart", "con_saveart", $idcat);
631: }
632: }
633: }
634:
635: if ($bCheckRights) {
636: $bHit = true;
637:
638: $idart = $db->f("idart");
639: $idartlang = $db->f("idartlang");
640: $idcatart = $db->f("idcatart");
641: $idcatlang = $db->f("idcatlang");
642: $title = $db->f("title");
643: $idartlang = $db->f("idartlang");
644: $created = date($sDateFormat, strtotime($db->f("created")));
645: $lastmodified = date($sDateFormat, strtotime($db->f("lastmodified")));
646: $published = date($sDateFormat, strtotime($db->f("published")));
647: $online = $db->f("online");
648: $locked = $db->f("locked");
649: $startidartlang = $db->f("startidartlang");
650: $templatename = $db->f("tplname");
651: $idtplcfg = $db->f("idtplcfg");
652:
653:
654: if ($i == 0) {
655: $iDisplayMenu = 1;
656: $iIdCat = $idcat;
657: $iIdTpl = $idtpl;
658: }
659:
660:
661: if ($perm->have_perm_area_action_item("con", "con_makestart", $idcat) && 0 == 1) {
662: if ($startidartlang == $idartlang) {
663: $sFlagTitle = i18n('Flag as normal article');
664: $makeStartarticle = "<td nowrap=\"nowrap\" class=\"bordercell\"><a href=\"main.php?area=con&idcat=$idcat&action=con_makestart&idcatart=$idcatart&frame=4&is_start=0&contenido=$sSession\" title=\"{$sFlagTitle}\"><img src=\"images/isstart1.gif\" border=\"0\" title=\"{$sFlagTitle}\" alt=\"{$sFlagTitle}\"></a></td>";
665: } else {
666: $sFlagTitle = i18n('Flag as start article');
667: $makeStartarticle = "<td nowrap=\"nowrap\" class=\"bordercell\"><a href=\"main.php?area=con&idcat=$idcat&action=con_makestart&idcatart=$idcatart&frame=4&is_start=1&contenido=$sSession\" title=\"{$sFlagTitle}\"><img src=\"images/isstart0.gif\" border=\"0\" title=\"{$sFlagTitle}\" alt=\"{$sFlagTitle}\"></a></td>";
668: }
669: } else {
670: if ($startidartlang == $idartlang) {
671: $makeStartarticle = "<td nowrap=\"nowrap\" class=\"bordercell\"><img src=\"images/isstart1.gif\" border=\"0\" title=\"{$sFlagTitle}\" alt=\"{$sFlagTitle}\"></td>";
672: } else {
673: $makeStartarticle = "<td nowrap=\"nowrap\" class=\"bordercell\"><img src=\"images/isstart0.gif\" border=\"0\" title=\"{$sFlagTitle}\" alt=\"{$sFlagTitle}\"></td>";
674: }
675: }
676:
677:
678: if ($online == 1) {
679: $sOnlineStatus = i18n('Make offline');
680: $bgColorRow = "background-color: #E2E2E2;";
681: $setOnOff = "<a href=\"main.php?area=con&idcat=$idcat&action=con_makeonline&frame=4&idart=$idart&contenido=$sSession\" title=\"{$sOnlineStatus}\"><img src=\"images/online.gif\" title=\"{$sOnlineStatus}\" alt=\"{$sOnlineStatus}\" border=\"0\"></a>";
682: } else {
683: $sOnlineStatus = i18n('Make online');
684: $bgColorRow = "background-color: #E2D9D9;";
685: $setOnOff = "<a href=\"main.php?area=con&idcat=$idcat&action=con_makeonline&frame=4&idart=$idart&contenido=$sSession\" title=\"{$sOnlineStatus}\"><img src=\"images/offline.gif\" title=\"{$sOnlineStatus}\" alt=\"{$sOnlineStatus}\" border=\"0\"></a>";
686: }
687:
688: if ($locked == 1) {
689: $sLockStatus = i18n('Unfreeze article');
690: $lockArticle = "<a href=\"main.php?area=con&idcat=$idcat&action=con_lock&frame=4&idart=$idart&contenido=$sSession\" title=\"{$sLockStatus}\"><img src=\"images/lock_closed.gif\" title=\"{$sLockStatus}\" alt=\"{$sLockStatus}\" border=\"0\"></a>";
691: } else {
692: $sLockStatus = i18n('Freeze article');
693: $lockArticle = "<a href=\"main.php?area=con&idcat=$idcat&action=con_lock&frame=4&idart=$idart&contenido=$sSession\" title=\"{$sLockStatus}\"><img src=\"images/lock_open.gif\" title=\"{$sLockStatus}\" alt=\"{$sLockStatus}\" border=\"0\"></a>";
694: }
695:
696:
697: if (!empty($templatename)) {
698: $sTemplateName = conHtmlentities($templatename);
699: } else {
700: $db2 = cRegistry::getDb();
701: $sql2 = "SELECT
702: c.idtpl AS idtpl,
703: c.name AS name,
704: c.description,
705: b.idtplcfg AS idtplcfg
706: FROM
707: " . $cfg['tab']['tpl_conf'] . " AS a,
708: " . $cfg['tab']['cat_lang'] . " AS b,
709: " . $cfg['tab']['tpl'] . " AS c
710: WHERE
711: b.idcat = " . cSecurity::toInteger($idcat) . " AND
712: b.idlang = " . cSecurity::toInteger($lang) . " AND
713: b.idtplcfg = a.idtplcfg AND
714: c.idtpl = a.idtpl AND
715: c.idclient = " . cSecurity::toInteger($client);
716: $db2->query($sql2);
717: $db2->nextRecord();
718: $sTemplateName = $db2->f("name")? '<i>' . $db2->f("name") . '</i>' : "--- " . i18n("None") . " ---";
719: }
720:
721: $sTodoListSubject = i18n("Reminder");
722: $sReminder = i18n("Set reminder / add to todo list");
723: $sDuplicateArticle = i18n("Duplicate article");
724: $sArticleProperty = i18n("Article properties");
725: $sConfigureTpl = i18n("Configure template");
726: $sDeleteArticle = i18n("Delete article");
727: $sDeleteArticleQuestion = i18n("Do you really want to delete the following article");
728: $sRowId = "$idart-$idartlang-$idcat-0-$idcatart-$iLangId";
729:
730: if ($i == 0) {
731: $tpl->set('s', 'FIRST_ROWID', $sRowId);
732: }
733:
734: $categoryHelper = cCategoryHelper::getInstance();
735: $catArt = new cApiCategoryArticle($idcatart);
736: $catArray = $categoryHelper->getCategoryPath($catArt->get("idcat"));
737: $catstring = "";
738: foreach($catArray as $cat) {
739: $catstring .= $cat->get("name") . "-> ";
740: }
741: if(strlen($catstring) > 0) {
742: $catstring = substr($catstring, 0, strlen($catstring) - 3);
743: }
744:
745: $strTitle = cSecurity::unFilter($db->f("title"));
746:
747: if ($perm->have_perm_area_action_item("con_editcontent", "con_editart", $idcat)) {
748: $editart = "<a href=\"main.php?area=con_editcontent&action=con_editart&changeview=edit&idartlang=$idartlang&idart=$idart&idcat=$idcat&frame=4&contenido=$sSession\" title=\"idart: $idart idcatart: $idcatart\" alt=\"idart: $idart idcatart: $idcatart\"><i><span style='font-size: 80%'>" . $catstring . "</span></i><br>" . $strTitle . "</a>";
749: } else {
750: $editart = "<i><span style='font-size: 80%'>" . $catstring . "</span></i><br>" . $strTitle;
751: }
752:
753: if ($perm->have_perm_area_action_item("con", "con_duplicate", $idcat)) {
754: $duplicate = "<a href=\"main.php?area=con&idcat=$idcat&action=con_duplicate&duplicate=$idart&frame=4&contenido=$sSession\" title=\"$sDuplicateArticle\"><img src=\"images/but_copy.gif\" border=\"0\" title=\"$sDuplicateArticle\" alt=\"$sDuplicateArticle\"></a>";
755: } else {
756: $duplicate = "";
757: }
758:
759: if ($perm->have_perm_area_action_item("con", "con_deleteart", $idcat)) {
760: $tmp_title = conHtmlSpecialChars($db->f("title"));
761: if (strlen($tmp_title) > 30) {
762: $tmp_title = substr($tmp_title, 0, 27) . "...";
763: }
764:
765: $delete = '
766: <a
767: href="javascript:void(0)"
768: onclick="showConfirmation("' . $sDeleteArticleQuestion . ':<br><br><b>' . conHtmlSpecialChars($tmp_title) . '</b>", function() {deleteArticle(' . $idart . ', ' . $idcat . ');});"
769: title="' . $sDeleteArticle . '"
770: >
771: <img
772: src="images/delete.gif"
773: title="' . $sDeleteArticle . '"
774: alt="' . $sDeleteArticle . '" />
775: </a>';
776: } else {
777: $delete = "";
778: }
779:
780: $sRow = '<tr id="' . $sRowId . '" class="text_medium" onmouseover="artRow.over(this)" onmouseout="artRow.out(this)" onclick="artRow.click(this)">' . "\n";
781: $sRow .= $makeStartarticle . "\n";
782: $sRow .= "<td nowrap=\"nowrap\" class=\"bordercell\">$editart</td>
783: <td nowrap=\"nowrap\" class=\"bordercell\">$lastmodified</td>
784: <td nowrap=\"nowrap\" class=\"bordercell\">$published</td>
785: <td nowrap=\"nowrap\" class=\"bordercell\">" . $db->f("artsort") . "</td>
786: <td nowrap=\"nowrap\" class=\"bordercell\">$sTemplateName</td>
787: <td nowrap=\"nowrap\" class=\"bordercell\">
788: <a id=\"m1\" onclick=\"javascript:window.open('main.php?subject=$sTodoListSubject&area=todo&frame=1&itemtype=idart&itemid=$idart&contenido=$sSession', 'todo', 'scrollbars=yes, height=300, width=625');\" alt=\"$sReminder\" title=\"$sReminder\" href=\"#\"><img id=\"m2\" alt=\"$sReminder\" src=\"images/but_setreminder.gif\" border=\"0\"></a>
789: $properties
790: $tplconfig
791: $duplicate
792: $delete
793: </td>
794: </tr>";
795:
796: $tpl->set('d', 'ROWS', $sRow);
797: $tpl->next();
798: }
799: }
800:
801: if (!$bHit) {
802: $sNothingFound = i18n("No article found.");
803: $sRow = '<tr><td colspan="7" class="bordercell">' . $sNothingFound . '</td></tr>';
804: $tpl->set('d', 'ROWS', $sRow);
805: $tpl->next();
806: }
807:
808: if ($bLostAndFound) {
809: $iDisplayMenu = 1;
810: }
811: $sLoadSubnavi = 'parent.parent.frames["right"].frames["right_top"].location.href = \'main.php?area=con&frame=3&idcat=' . $iIdCat . '&idtpl=' . $iIdTpl . '&display_menu=' . $iDisplayMenu . '&contenido=' . $sSession . "';";
812: }
813:
814:
815:
816:
817:
818:
819: if (sizeof($_GET) == 0 && isset($_POST) && !$bNoCriteria) {
820:
821: $searchForm = '<form id="save_search" target="right_bottom" method="post" action="backend_search.php">';
822:
823: $searchForm .= '<input type="hidden" name="area" value="' . $area . '">';
824: $searchForm .= '<input type="hidden" name="frame" value="' . $frame . '">';
825: $searchForm .= '<input type="hidden" name="contenido" value="' . $sess->id . '">';
826: $searchForm .= '<input type="hidden" name="speach" value="' . $lang . '">';
827:
828: $searchForm .= '<input type="hidden" name="save_search" id="save_search" value="true">';
829: $searchForm .= '<input type="hidden" name="' . $sSaveTitle . '" id="' . $sSaveTitle . '" value="' . $sSearchStr . '">';
830: $searchForm .= '<input type="hidden" name="' . $sSaveId . '" id="' . $sSaveId . '" value="' . $iSearchId . '">';
831: $searchForm .= '<input type="hidden" name="' . $sSaveDateFrom . '" id="' . $sSaveDateFrom . '" value="' . $sSearchStrDateFrom . '">';
832: $searchForm .= '<input type="hidden" name="' . $sSaveDateTo . '" id="' . $sSaveDateTo . '" value="' . $sSearchStrDateTo . '">';
833: $searchForm .= '<input type="hidden" name="' . $sSaveDateField . '" id="' . $sSaveDateField . '" value="' . $sDateFieldName . '">';
834: $searchForm .= '<input type="hidden" name="' . $sSaveAuthor . '" id="' . $sSaveAuthor . '" value="' . $sSearchStrAuthor . '">';
835: $searchForm .= '<label for="' . $sSaveName . '">' . i18n("Search name") . ': </label>';
836: $searchForm .= '<input type="text" class="text_medium" name="' . $sSaveName . '" id="' . $sSaveName . '" placeholder="' . i18n("The search") . '" class="vAlignMiddle">';
837: $searchForm .= '<input type="image" class="vAlignMiddle tableElement" src="./images/but_ok.gif" alt="' . i18n('Store') . '" title="' . i18n('Store') . '" value="' . i18n('Store') . '" name="submit">';
838: $searchForm .= '</form>';
839: $tpl->set('s', 'STORESEARCHFORM', $searchForm);
840:
841:
842: $tpl->set('s', 'STORESEARCHINFO', i18n("Save this search"));
843: } else {
844: $tpl->set('s', 'STORESEARCHINFO', '');
845: $tpl->set('s', 'STORESEARCHFORM', '');
846: }
847:
848: $tpl->set('s', 'SUBNAVI', $sLoadSubnavi);
849: sendEncodingHeader($db, $cfg, $lang);
850: $tpl->generate($cfg['path']['templates'] . 'template.backend_search_results.html');
851: