1: <?php
2: 3: 4: 5: 6: 7: 8: 9: 10: 11: 12: 13:
14:
15: if (!defined('CON_FRAMEWORK')) {
16: define('CON_FRAMEWORK', true);
17: }
18:
19:
20: include_once('./includes/startup.php');
21:
22: cRegistry::bootstrap(array(
23: 'sess' => 'cSession',
24: 'auth' => 'Contenido_Challenge_Crypt_Auth',
25: 'perm' => 'cPermission'
26: ));
27:
28: i18nInit($cfg['path']['contenido_locale'], $belang);
29:
30:
31: $db = cRegistry::getDb();
32: $db2 = cRegistry::getDb();
33:
34:
35: $sSession = '';
36: $sSessionTmp = '';
37:
38:
39: $iSpeachId = $lang;
40: $iSpeachIdTmp = NULL;
41:
42:
43: $iSearchId = NULL;
44: $iSearchIdTmp = 0;
45:
46:
47: $sSearchStr = NULL;
48: $sSearchStrTmp = '';
49:
50:
51: $sSearchStrDateType = NULL;
52: $sSearchStrDateTypeTmp = '';
53:
54:
55: $sSearchStrDateFrom = NULL;
56: $sSearchStrDateFromTmp = '';
57:
58:
59: $sSearchStrDateTo = NULL;
60: $sSearchStrDateToTmp = '';
61:
62: $bLostAndFound = false;
63:
64: $sWhere = '';
65:
66: $iLangId = ((int) $lang > 0 ? (int) $lang : 1);
67:
68: $sDateFormat = getEffectiveSetting('dateformat', 'date', 'Y-m-d');
69:
70: $sLoadSubnavi = '';
71: $iIdCat = 0;
72: $iDisplayMenu = 0;
73: $iIdTpl = 0;
74: $sScript = '';
75:
76:
77: if (isset($_POST[$sess->name])) {
78: $sSessionTmp = trim(strip_tags($_POST[$sess->name]));
79: } elseif (isset($_GET[$sess->name])) {
80: $sSessionTmp = trim(strip_tags($_GET[$sess->name]));
81: }
82: if (strlen($sSessionTmp) > 0) {
83: $sSession = $sSessionTmp;
84: }
85:
86: if (isset($_POST['speach'])) {
87: $iSpeachIdTmp = (int) $_POST['speach'];
88: if ((string) $iSpeachIdTmp === $_POST['speach']) {
89: $iSpeachId = $iSpeachIdTmp;
90: }
91: }
92: if (!empty($sSession)) {
93:
94: cRegistry::bootstrap(array(
95: 'sess' => 'cSession',
96: 'auth' => 'cAuthHandlerBackend',
97: 'perm' => 'cPermission'
98: ));
99: i18nInit($cfg['path']['contenido_locale'], $belang);
100: } else {
101:
102: cRegistry::bootstrap(array(
103: 'sess' => 'cFrontendSession',
104: 'auth' => 'cAuthHandlerFrontend',
105: 'perm' => 'cPermission'
106: ));
107: }
108:
109:
110: $sSortByValues = array('title', 'lastmodified', 'published', 'artsort');
111: $sSortBy = in_array($_POST['sortby'], $sSortByValues) ? $_POST['sortby'] : 'lastmodified';
112: $sSortMode = ($_POST['sortmode'] == 'asc') ? 'asc' : 'desc';
113:
114: 115: 116: 117: 118: 119: 120:
121:
122: $sSaveTitle = 'save_title';
123: $sSaveId = 'save_id';
124: $sSaveDateFrom = 'save_date_from';
125: $sSaveDateFromYear = 'save_date_from_year';
126: $sSaveDateFromMonth = 'save_date_from_month';
127: $sSaveDateFromDay = 'save_date_from_day';
128: $sSaveDateTo = 'save_date_to';
129: $sSaveDateToYear = 'save_date_to_year';
130: $sSaveDateToMonth = 'save_date_to_month';
131: $sSaveDateToDay = 'save_date_to_day';
132: $sSaveDateField = 'save_date_field';
133: $sSaveAuthor = 'save_author';
134: $sSaveName = 'save_name';
135: $sType = 'savedsearch';
136: $sRefreshScript = '';
137: $sSaveSuccessfull = '';
138:
139:
140: 141: 142: 143: 144: 145: 146: 147: 148: 149: 150: 151: 152: 153: 154: 155:
156: function generateJs($aValues) {
157: if (is_array($aValues)) {
158: global $sSaveTitle;
159: global $sSaveId;
160: global $sSaveDateFromYear;
161: global $sSaveDateFromMonth;
162: global $sSaveDateFromDay;
163: global $sSaveDateToYear;
164: global $sSaveDateToMonth;
165: global $sSaveDateToDay;
166: global $sSaveDateField;
167: global $sSaveAuthor;
168: global $sSaveName;
169:
170: return 'function refreshArticleSearchForm(refresh) {
171: var oFrame = Con.getFrame("left_top");
172: if (oFrame) {
173: oForm = oFrame.document.backend_search;
174:
175: oForm.bs_search_text.value = "' . $aValues[$sSaveTitle] . '";
176: oForm.bs_search_id.value = "' . $aValues[$sSaveId] . '";
177: oForm.bs_search_date_type.value = "' . $aValues[$sSaveDateField] . '";
178:
179: oFrame.toggle_tr_visibility("tr_date_from");
180: oFrame.toggle_tr_visibility("tr_date_to");
181:
182: oForm.bs_search_date_from_day.value = "' . $aValues[$sSaveDateFromDay] . '";
183: oForm.bs_search_date_from_month.value = "' . $aValues[$sSaveDateToMonth] . '";
184: oForm.bs_search_date_from_year.value = "' . $aValues[$sSaveDateFromYear] . '";
185:
186: oForm.bs_search_date_to_day.value = "' . $aValues[$sSaveDateToDay] . '";
187: oForm.bs_search_date_to_month.value = "' . $aValues[$sSaveDateToMonth] . '";
188: oForm.bs_search_date_to_year.value = "' . $aValues[$sSaveDateToYear] . '";
189:
190: oForm.bs_search_author.value = "' . $aValues[$sSaveAuthor] . '";
191: }
192: }
193: refreshArticleSearchForm();
194: ';
195: } else {
196: return false;
197: }
198: }
199:
200: 201: 202: 203: 204:
205: function mask($sString) {
206: $sString = str_replace('\\', '\\\\', $sString);
207: $sString = str_replace('\'', '\\\'', $sString);
208: $sString = str_replace('"', '\\"', $sString);
209: return $sString;
210: }
211:
212: 213: 214: 215: 216: 217:
218: function getSearchResults($itemidReq, $itemtypeReq) {
219: global $sSaveTitle;
220: global $sSaveId;
221: global $sSaveDateFrom;
222: global $sSaveDateFromYear;
223: global $sSaveDateFromMonth;
224: global $sSaveDateFromDay;
225: global $sSaveDateTo;
226: global $sSaveDateToYear;
227: global $sSaveDateToMonth;
228: global $sSaveDateToDay;
229: global $sSaveDateField;
230: global $sSaveAuthor;
231: global $sSaveName;
232: global $sType;
233:
234: $retValue = array();
235:
236: $propertyCollection = new cApiPropertyCollection();
237: $results = $propertyCollection->getValuesByType($itemtypeReq, $itemidReq, $sType);
238:
239:
240: $retValue[$sSaveTitle] = $results[$sSaveTitle];
241: $retValue[$sSaveId] = $results[$sSaveId];
242: $retValue[$sSaveDateField] = $results[$sSaveDateField];
243: $retValue[$sSaveAuthor] = $results[$sSaveAuthor];
244:
245:
246: $sSearchStrDateFromDayTmp = 0;
247: $sSearchStrDateFromMonthTmp = 0;
248: $sSearchStrDateFromYearTmp = 0;
249: $saveDateFrom = $results[$sSaveDateFrom];
250: if (isset($saveDateFrom) && sizeof($saveDateFrom) > 0) {
251: $saveDateFrom = str_replace(' 00:00:00', '', $saveDateFrom);
252: $saveDateFromParts = explode('-', $saveDateFrom);
253: if (sizeof($saveDateFromParts) == 3) {
254: $retValue[$sSaveDateFromYear] = $saveDateFromParts[0];
255: $retValue[$sSaveDateFromMonth] = $saveDateFromParts[1];
256: $retValue[$sSaveDateFromDay] = $saveDateFromParts[2];
257: }
258: }
259:
260: $sSearchStrDateToDayTmp = 0;
261: $sSearchStrDateToMonthTmp = 0;
262: $sSearchStrDateToYearTmp = 0;
263: $saveDateTo = $results[$sSaveDateTo];
264: if (isset($saveDateTo) && sizeof($saveDateTo) > 0) {
265: $saveDateTo = str_replace(' 23:59:59', '', $saveDateTo);
266: $saveDateToParts = explode('-', $saveDateTo);
267: if (sizeof($saveDateToParts) == 3) {
268: $retValue[$sSaveDateToYear] = $saveDateToParts[0];
269: $retValue[$sSaveDateToMonth] = $saveDateToParts[1];
270: $retValue[$sSaveDateToDay] = $saveDateToParts[2];
271: }
272: }
273: return $retValue;
274: }
275:
276:
277: if (sizeof($_GET) == 0 && isset($_POST['save_search'])) {
278: $itemtype = rand(0, 10000);
279: $itemid = time();
280: $propertyCollection = new cApiPropertyCollection();
281:
282:
283:
284:
285:
286:
287: $propertyCollection->setValue($itemtype, $itemid, $sType, $sSaveTitle, $_POST[$sSaveTitle]);
288:
289: $propertyCollection->setValue($itemtype, $itemid, $sType, $sSaveId, $_POST[$sSaveId]);
290:
291: $propertyCollection->setValue($itemtype, $itemid, $sType, $sSaveDateFrom, $_POST[$sSaveDateFrom]);
292:
293: $propertyCollection->setValue($itemtype, $itemid, $sType, $sSaveDateTo, $_POST[$sSaveDateTo]);
294:
295: $propertyCollection->setValue($itemtype, $itemid, $sType, $sSaveDateField, $_POST[$sSaveDateField]);
296:
297: $propertyCollection->setValue($itemtype, $itemid, $sType, $sSaveAuthor, $_POST[$sSaveAuthor]);
298:
299: $propertyCollection->setValue($itemtype, $itemid, $sType, $sSaveName, $_POST[$sSaveName]);
300:
301:
302: $aSearchResults = getSearchResults($itemid, $itemtype);
303: $sSearchStrTmp = $aSearchResults[$sSaveTitle];
304: $iSearchIdTmp = $aSearchResults[$sSaveId];
305: $sSearchStrDateTypeTmp = $aSearchResults[$sSaveDateField];
306: $sSearchStrDateFromDayTmp = $aSearchResults[$sSaveDateFromDay];
307: $sSearchStrDateFromMonthTmp = $aSearchResults[$sSaveDateFromMonth];
308: $sSearchStrDateFromYearTmp = $aSearchResults[$sSaveDateFromYear];
309: $sSearchStrDateToDayTmp = $aSearchResults[$sSaveDateToDay];
310: $sSearchStrDateToMonthTmp = $aSearchResults[$sSaveDateToMonth];
311: $sSearchStrDateToYearTmp = $aSearchResults[$sSaveDateToYear];
312: $sSearchStrAuthorTmp = $aSearchResults[$sSaveAuthor];
313:
314: $sScript = generateJs($aSearchResults);
315:
316:
317: $sRefreshScript .= 'Con.getFrame("left_top").location.href = Con.getFrame("left_top").location.href + "&save_search=true";';
318:
319:
320: $sSaveSuccessfull = i18n("Thank you for saving this search from extinction!");
321: } elseif (sizeof($_GET) > 0) {
322:
323:
324: $itemtypeReq = $_GET['itemtype'];
325: $itemidReq = $_GET['itemid'];
326:
327: if ((isset($itemtypeReq) && strlen($itemtypeReq) > 0) && (isset($itemidReq) && strlen($itemidReq) > 0)) {
328: $aSearchResults = getSearchResults($itemidReq, $itemtypeReq);
329: $sSearchStrTmp = $aSearchResults[$sSaveTitle];
330: $iSearchIdTmp = $aSearchResults[$sSaveId];
331: $sSearchStrDateTypeTmp = $aSearchResults[$sSaveDateField];
332: $sSearchStrDateFromDayTmp = $aSearchResults[$sSaveDateFromDay];
333: $sSearchStrDateFromMonthTmp = $aSearchResults[$sSaveDateFromMonth];
334: $sSearchStrDateFromYearTmp = $aSearchResults[$sSaveDateFromYear];
335: $sSearchStrDateToDayTmp = $aSearchResults[$sSaveDateToDay];
336: $sSearchStrDateToMonthTmp = $aSearchResults[$sSaveDateToMonth];
337: $sSearchStrDateToYearTmp = $aSearchResults[$sSaveDateToYear];
338: $sSearchStrAuthorTmp = $aSearchResults[$sSaveAuthor];
339: $sSearchStrDateFromTmp = $aSearchResults[$sSaveDateFrom];
340: $sSearchStrDateToTmp = $aSearchResults[$sSaveDateTo];
341:
342:
343: $sScript = generateJs($aSearchResults);
344: } elseif (isset($_GET['recentedit'])) {
345:
346: $actDate = time();
347: $weekInSeconds = 60 * 60 * 24 * 7;
348: $oneWeekEarlier = $actDate - $weekInSeconds;
349:
350: $sSearchStrDateTypeTmp = 'lastmodified';
351: $sSearchStrDateFromDayTmp = date('d', $oneWeekEarlier);
352: $sSearchStrDateFromMonthTmp = date('m', $oneWeekEarlier);
353: $sSearchStrDateFromYearTmp = date('Y', $oneWeekEarlier);
354: $sSearchStrDateToDayTmp = date('d', $actDate);
355: $sSearchStrDateToMonthTmp = date('m', $actDate);
356: $sSearchStrDateToYearTmp = date('Y', $actDate);
357: } elseif (isset($_GET['myarticles'])) {
358: $sSearchStrAuthorTmp = $auth->auth['uname'];
359: } elseif (isset($_GET['lostfound'])) {
360: $bLostAndFound = true;
361: }
362: } elseif (sizeof($_GET) == 0 && isset($_POST)) {
363:
364:
365: $sSearchStrTmp = trim(strip_tags($_POST['bs_search_text']));
366: $iSearchIdTmp = (int) $_POST['bs_search_id'];
367: $sSearchStrDateTypeTmp = trim(strip_tags($_POST['bs_search_date_type']));
368: $sSearchStrDateFromDayTmp = (int) trim(strip_tags($_POST['bs_search_date_from_day']));
369: $sSearchStrDateFromMonthTmp = (int) trim(strip_tags($_POST['bs_search_date_from_month']));
370: $sSearchStrDateFromYearTmp = (int) trim(strip_tags($_POST['bs_search_date_from_year']));
371: $sSearchStrDateToDayTmp = (int) trim(strip_tags($_POST['bs_search_date_to_day']));
372: $sSearchStrDateToMonthTmp = (int) trim(strip_tags($_POST['bs_search_date_to_month']));
373: $sSearchStrDateToYearTmp = (int) trim(strip_tags($_POST['bs_search_date_to_year']));
374: $sSearchStrAuthorTmp = trim(strip_tags($_POST['bs_search_author']));
375: }
376:
377:
378:
379:
380: if (!empty($sSearchStrTmp)) {
381: $sSearchStr = $sSearchStrTmp;
382: }
383:
384: if ($iSearchIdTmp > 0) {
385: $iSearchId = $iSearchIdTmp;
386: }
387:
388: if ($sSearchStrDateTypeTmp != 'n/a') {
389: if (($sSearchStrDateFromDayTmp > 0) && ($sSearchStrDateFromMonthTmp > 0) && ($sSearchStrDateFromYearTmp > 0)) {
390: $sSearchStrDateFrom = $sSearchStrDateFromYearTmp . '-' . $sSearchStrDateFromMonthTmp . '-' . $sSearchStrDateFromDayTmp . ' 00:00:00';
391: } else {
392: $sSearchStrDateFrom = '';
393: }
394:
395: if (($sSearchStrDateToDayTmp > 0) && ($sSearchStrDateToMonthTmp > 0) && ($sSearchStrDateToYearTmp > 0)) {
396: $sSearchStrDateTo = $sSearchStrDateToYearTmp . '-' . $sSearchStrDateToMonthTmp . '-' . $sSearchStrDateToDayTmp . ' 23:59:59';
397: } else {
398: $sSearchStrDateTo = '';
399: }
400:
401: $sDateFieldName = $sSearchStrDateTypeTmp;
402: } else {
403: $sDateFieldName = '';
404: }
405:
406: if (!empty($sSearchStrAuthorTmp)) {
407: $sSearchStrAuthor = $sSearchStrAuthorTmp;
408: }
409:
410:
411: $sql = "SELECT
412: DISTINCT a.idart, a.idartlang, a.title, a.online, a.locked, a.idartlang, a.created, a.published,
413: a.artsort, a.lastmodified, b.idcat, b.idcatart, b.idcatart, c.startidartlang,
414: c.idcatlang, e.name as 'tplname'
415: FROM " . $cfg['tab']['art_lang'] . " as a
416: LEFT JOIN " . $cfg['tab']['cat_art'] . " as b ON a.idart = b.idart
417: LEFT JOIN " . $cfg['tab']['cat_lang'] . " as c ON a.idartlang = c.startidartlang
418: LEFT JOIN " . $cfg['tab']['tpl_conf'] . " as d ON a.idtplcfg = d.idtplcfg
419: LEFT JOIN " . $cfg['tab']['tpl'] . " as e ON d.idtpl = e.`idtpl`
420: LEFT JOIN " . $cfg['tab']['content'] . " as f ON f.idartlang = a.idartlang
421: WHERE
422: (a.idlang = " . cSecurity::toInteger($iSpeachId) . ")
423: ";
424:
425: $sWhere = '';
426:
427: $bNoCriteria = true;
428:
429:
430: if ($iSearchId > 0) {
431: $sWhere .= " AND (a.idart = " . cSecurity::toInteger($iSearchId) . ")";
432: $bNoCriteria = false;
433: }
434:
435:
436: if (!empty($sSearchStr)) {
437: $sWhere .= " AND ((a.title LIKE '%" . mask($db->escape($sSearchStr)) . "%')";
438: $sWhere .= " OR (f.value LIKE '%" . mask($db->escape($sSearchStr)) . "%'))";
439: $bNoCriteria = false;
440: }
441:
442: if (!empty($sSearchStrDateFrom) && ($sDateFieldName != '')) {
443: $sWhere .= " AND (a." . $db->escape($sDateFieldName) . " >= '" . mask($db->escape($sSearchStrDateFrom)) . "')";
444: $bNoCriteria = false;
445: }
446:
447: if (!empty($sSearchStrDateTo) && ($sDateFieldName != '')) {
448: $sWhere .= " AND (a." . $sDateFieldName . " <= '" . mask($db->escape($sSearchStrDateTo)) . "')";
449: $bNoCriteria = false;
450: }
451:
452: if (!empty($sSearchStrAuthor) && ($sSearchStrAuthor != 'n/a')) {
453:
454: $sWhere .= " AND ((a.author = '" . mask($db->escape($sSearchStrAuthor)) . "') OR (a.modifiedby = '" . mask($db->escape($sSearchStrAuthor)) . "'))";
455: $bNoCriteria = false;
456: }
457:
458: if (!empty($sWhere)) {
459: $sql .= $sWhere;
460: $sql .= ' ORDER BY a.' . $sSortBy . ' ' . strtoupper($sSortMode);
461: $db->query($sql);
462: } elseif ($bLostAndFound) {
463: $sql = "SELECT
464: DISTINCT a.idart, a.idartlang, a.title, a.online, a.locked, a.idartlang, a.created, a.published,
465: a.artsort, a.lastmodified, b.idcat, b.idcatart, b.idcatart, c.startidartlang,
466: c.idcatlang, e.name as 'tplname'
467: FROM " . $cfg['tab']['art_lang'] . " as a
468: LEFT JOIN " . $cfg['tab']['cat_art'] . " as b ON a.idart = b.idart
469: LEFT JOIN " . $cfg['tab']['cat_lang'] . " as c ON a.idartlang = c.startidartlang
470: LEFT JOIN " . $cfg['tab']['tpl_conf'] . " as d ON a.idtplcfg = d.idtplcfg
471: LEFT JOIN " . $cfg['tab']['tpl'] . " as e ON d.idtpl = e.`idtpl`
472: WHERE
473: (a.idart NOT IN (SELECT " . $cfg['tab']['cat_art'] . ".idart FROM " . $cfg['tab']['cat_art'] . "))
474: OR
475: (b.idcat NOT IN (SELECT " . $cfg['tab']['cat'] . ".idcat FROM " . $cfg['tab']['cat'] . "));";
476: $db->query($sql);
477: }
478:
479: $aTableHeaders = array();
480: foreach ($sSortByValues as $value) {
481: $sTableHeader = '<a href="#" class="gray">';
482: switch ($value) {
483: case 'title':
484: $sTableHeader .= i18n('Title');
485: break;
486: case 'lastmodified':
487: $sTableHeader .= i18n('Changed');
488: break;
489: case 'published':
490: $sTableHeader .= i18n('Published');
491: break;
492: case 'artsort':
493: $sTableHeader .= i18n('Sort order');
494: break;
495: default:
496: break;
497: }
498: $sTableHeader .= '</a>';
499:
500: if ($value == $sSortBy) {
501: $imageSrc = ($sSortMode == 'asc') ? 'images/sort_up.gif' : 'images/sort_down.gif';
502: $sTableHeader .= '<img src="' . $imageSrc . '">';
503: }
504: $aTableHeaders[$value] = $sTableHeader;
505: }
506:
507: $tpl = new cTemplate();
508:
509: $tpl->setEncoding('iso-8859-1');
510: $tpl->set('s', 'SCRIPT', $sScript);
511: $tpl->set('s', 'TITLE', i18n('Search results'));
512: $tpl->set('s', 'TH_START', i18n("Article"));
513: $tpl->set('s', 'TH_TITLE', $aTableHeaders['title']);
514: $tpl->set('s', 'TH_CHANGED', $aTableHeaders['lastmodified']);
515: $tpl->set('s', 'TH_PUBLISHED', $aTableHeaders['published']);
516: $tpl->set('s', 'TH_SORTORDER', $aTableHeaders['artsort']);
517: $tpl->set('s', 'TH_TEMPLATE', i18n("Template"));
518: $tpl->set('s', 'TH_ACTIONS', i18n("Actions"));
519: $tpl->set('s', 'CURRENT_SORTBY', $sSortBy);
520: $tpl->set('s', 'CURRENT_SORTMODE', $sSortMode);
521:
522:
523: $tpl->set('s', 'REFRESH', $sRefreshScript);
524:
525:
526: $tpl->set('s', 'SEARCHSTOREDMESSAGE', $sSaveSuccessfull);
527:
528: $iAffectedRows = $db->affectedRows();
529:
530: if ($iAffectedRows <= 0 || (empty($sWhere) && !$bLostAndFound)) {
531: $sNoArticle = i18n("Missing search value.");
532: $sNothingFound = i18n("No article found.");
533:
534: if ($bNoCriteria && !$bLostAndFound) {
535: $sErrOut = $sNoArticle;
536: } else {
537: $sErrOut = $sNothingFound;
538: }
539:
540: $sRow = '<tr><td colspan="7" class="bordercell">' . $sErrOut . '</td></tr>';
541: $tpl->set('d', 'ROWS', $sRow);
542: $sLoadSubnavi = 'Con.getFrame(\'right_top\').location.href = \'main.php?area=con&frame=3&idcat=0&idtpl=' . $iIdTpl . '&contenido=' . $sSession . "';";
543: $tpl->next();
544: } else {
545: $bHit = false;
546:
547: for ($i = 0; $i < $iAffectedRows; $i++) {
548: $sRow = '';
549:
550: $db->nextRecord();
551:
552: $idcat = $db->f("idcat");
553:
554: $bCheckRights = $perm->have_perm_area_action("con", "con_makestart");
555:
556: if (!$bCheckRights) {
557: $bCheckRights = $perm->have_perm_area_action("con", "con_makeonline");
558: }
559: if (!$bCheckRights) {
560: $bCheckRights = $perm->have_perm_area_action("con", "con_deleteart");
561: }
562: if (!$bCheckRights) {
563: $bCheckRights = $perm->have_perm_area_action("con", "con_tplcfg_edit");
564: }
565: if (!$bCheckRights) {
566: $bCheckRights = $perm->have_perm_area_action("con", "con_makecatonline");
567: }
568: if (!$bCheckRights) {
569: $bCheckRights = $perm->have_perm_area_action("con", "con_changetemplate");
570: }
571: if (!$bCheckRights) {
572: $bCheckRights = $perm->have_perm_area_action("con_editcontent", "con_editart");
573: }
574: if (!$bCheckRights) {
575: $bCheckRights = $perm->have_perm_area_action("con_editart", "con_edit");
576: }
577: if (!$bCheckRights) {
578: $bCheckRights = $perm->have_perm_area_action("con_editart", "con_newart");
579: }
580: if (!$bCheckRights) {
581: $bCheckRights = $perm->have_perm_area_action("con_editart", "con_saveart");
582: }
583:
584:
585: if (!$bCheckRights) {
586:
587: $aGroupsForUser = $perm->getGroupsForUser($auth->auth['uid']);
588: $aGroupsForUser[] = $auth->auth['uid'];
589: $sTmpUserString = implode("','", $aGroupsForUser);
590:
591:
592: $sql = "SELECT *
593: FROM " . $cfg["tab"]["rights"] . "
594: WHERE user_id IN ('" . $sTmpUserString . "') AND idclient = " . cSecurity::toInteger($client) . "
595: AND idlang = " . cSecurity::toInteger($lang) . " AND idcat = " . cSecurity::toInteger($idcat);
596: $db2->query($sql);
597:
598: if ($db2->numRows() != 0) {
599:
600: if (!$bCheckRights) {
601: $bCheckRights = $perm->have_perm_area_action_item("con", "con_makestart", $idcat);
602: }
603: if (!$bCheckRights) {
604: $bCheckRights = $perm->have_perm_area_action_item("con", "con_makeonline", $idcat);
605: }
606: if (!$bCheckRights) {
607: $bCheckRights = $perm->have_perm_area_action_item("con", "con_deleteart", $idcat);
608: }
609: if (!$bCheckRights) {
610: $bCheckRights = $perm->have_perm_area_action_item("con", "con_tplcfg_edit", $idcat);
611: }
612: if (!$bCheckRights) {
613: $bCheckRights = $perm->have_perm_area_action_item("con", "con_makecatonline", $idcat);
614: }
615: if (!$bCheckRights) {
616: $bCheckRights = $perm->have_perm_area_action_item("con", "con_changetemplate", $idcat);
617: }
618: if (!$bCheckRights) {
619: $bCheckRights = $perm->have_perm_area_action_item("con_editcontent", "con_editart", $idcat);
620: }
621: if (!$bCheckRights) {
622: $bCheckRights = $perm->have_perm_area_action_item("con_editart", "con_edit", $idcat);
623: }
624: if (!$bCheckRights) {
625: $bCheckRights = $perm->have_perm_area_action_item("con_editart", "con_newart", $idcat);
626: }
627: if (!$bCheckRights) {
628: $bCheckRights = $perm->have_perm_area_action_item("con_editart", "con_saveart", $idcat);
629: }
630: }
631: }
632:
633: if ($bCheckRights) {
634: $bHit = true;
635:
636: $idart = $db->f("idart");
637: $idartlang = $db->f("idartlang");
638: $idcatart = $db->f("idcatart");
639: $idcatlang = $db->f("idcatlang");
640: $title = $db->f("title");
641: $idartlang = $db->f("idartlang");
642: $created = date($sDateFormat, strtotime($db->f("created")));
643: $lastmodified = date($sDateFormat, strtotime($db->f("lastmodified")));
644: $published = date($sDateFormat, strtotime($db->f("published")));
645: $online = $db->f("online");
646: $locked = $db->f("locked");
647: $startidartlang = $db->f("startidartlang");
648: $templatename = $db->f("tplname");
649: $idtplcfg = $db->f("idtplcfg");
650:
651:
652: if ($i == 0) {
653: $iDisplayMenu = 1;
654: $iIdCat = $idcat;
655: $iIdTpl = $idtpl;
656: }
657:
658:
659: if ($perm->have_perm_area_action_item("con", "con_makestart", $idcat) && 0 == 1) {
660: if ($startidartlang == $idartlang) {
661: $sFlagTitle = i18n('Flag as normal article');
662: $makeStartarticle = "<td nowrap=\"nowrap\" class=\"bordercell\"><a href=\"main.php?area=con&idcat=$idcat&action=con_makestart&idcatart=$idcatart&frame=4&is_start=0&contenido=$sSession\" title=\"{$sFlagTitle}\"><img src=\"images/isstart1.gif\" border=\"0\" title=\"{$sFlagTitle}\" alt=\"{$sFlagTitle}\"></a></td>";
663: } else {
664: $sFlagTitle = i18n('Flag as start article');
665: $makeStartarticle = "<td nowrap=\"nowrap\" class=\"bordercell\"><a href=\"main.php?area=con&idcat=$idcat&action=con_makestart&idcatart=$idcatart&frame=4&is_start=1&contenido=$sSession\" title=\"{$sFlagTitle}\"><img src=\"images/isstart0.gif\" border=\"0\" title=\"{$sFlagTitle}\" alt=\"{$sFlagTitle}\"></a></td>";
666: }
667: } else {
668: if ($startidartlang == $idartlang) {
669: $makeStartarticle = "<td nowrap=\"nowrap\" class=\"bordercell\"><img src=\"images/isstart1.gif\" border=\"0\" title=\"{$sFlagTitle}\" alt=\"{$sFlagTitle}\"></td>";
670: } else {
671: $makeStartarticle = "<td nowrap=\"nowrap\" class=\"bordercell\"><img src=\"images/isstart0.gif\" border=\"0\" title=\"{$sFlagTitle}\" alt=\"{$sFlagTitle}\"></td>";
672: }
673: }
674:
675:
676: if ($online == 1) {
677: $sOnlineStatus = i18n('Make offline');
678: $bgColorRow = "background-color: #E2E2E2;";
679: $setOnOff = "<a href=\"main.php?area=con&idcat=$idcat&action=con_makeonline&frame=4&idart=$idart&contenido=$sSession\" title=\"{$sOnlineStatus}\"><img src=\"images/online.gif\" title=\"{$sOnlineStatus}\" alt=\"{$sOnlineStatus}\" border=\"0\"></a>";
680: } else {
681: $sOnlineStatus = i18n('Make online');
682: $bgColorRow = "background-color: #E2D9D9;";
683: $setOnOff = "<a href=\"main.php?area=con&idcat=$idcat&action=con_makeonline&frame=4&idart=$idart&contenido=$sSession\" title=\"{$sOnlineStatus}\"><img src=\"images/offline.gif\" title=\"{$sOnlineStatus}\" alt=\"{$sOnlineStatus}\" border=\"0\"></a>";
684: }
685:
686: if ($locked == 1) {
687: $sLockStatus = i18n('Unfreeze article');
688: $lockArticle = "<a href=\"main.php?area=con&idcat=$idcat&action=con_lock&frame=4&idart=$idart&contenido=$sSession\" title=\"{$sLockStatus}\"><img src=\"images/lock_closed.gif\" title=\"{$sLockStatus}\" alt=\"{$sLockStatus}\" border=\"0\"></a>";
689: } else {
690: $sLockStatus = i18n('Freeze article');
691: $lockArticle = "<a href=\"main.php?area=con&idcat=$idcat&action=con_lock&frame=4&idart=$idart&contenido=$sSession\" title=\"{$sLockStatus}\"><img src=\"images/lock_open.gif\" title=\"{$sLockStatus}\" alt=\"{$sLockStatus}\" border=\"0\"></a>";
692: }
693:
694:
695: if (!empty($templatename)) {
696: $sTemplateName = conHtmlentities($templatename);
697: } else {
698: $db2 = cRegistry::getDb();
699: $sql2 = "SELECT
700: c.idtpl AS idtpl,
701: c.name AS name,
702: c.description,
703: b.idtplcfg AS idtplcfg
704: FROM
705: " . $cfg['tab']['tpl_conf'] . " AS a,
706: " . $cfg['tab']['cat_lang'] . " AS b,
707: " . $cfg['tab']['tpl'] . " AS c
708: WHERE
709: b.idcat = " . cSecurity::toInteger($idcat) . " AND
710: b.idlang = " . cSecurity::toInteger($lang) . " AND
711: b.idtplcfg = a.idtplcfg AND
712: c.idtpl = a.idtpl AND
713: c.idclient = " . cSecurity::toInteger($client);
714: $db2->query($sql2);
715: $db2->nextRecord();
716: $sTemplateName = $db2->f("name") ? '<i>' . $db2->f("name") . '</i>' : "--- " . i18n("None") . " ---";
717: }
718:
719: $sTodoListSubject = i18n("Reminder");
720: $sReminder = i18n("Set reminder / add to todo list");
721: $sDuplicateArticle = i18n("Duplicate article");
722: $sArticleProperty = i18n("Article properties");
723: $sConfigureTpl = i18n("Configure template");
724: $sDeleteArticle = i18n("Delete article");
725: $sDeleteArticleQuestion = i18n("Do you really want to delete the following article");
726: $sRowId = "$idart-$idartlang-$idcat-0-$idcatart-$iLangId";
727:
728: if ($i == 0) {
729: $tpl->set('s', 'FIRST_ROWID', $sRowId);
730: }
731:
732: $categoryHelper = cCategoryHelper::getInstance();
733: $catArt = new cApiCategoryArticle($idcatart);
734: $catArray = $categoryHelper->getCategoryPath($catArt->get("idcat"));
735: $catstring = "";
736: foreach ($catArray as $cat) {
737: $catstring .= $cat->get("name") . "-> ";
738: }
739: if (strlen($catstring) > 0) {
740: $catstring = substr($catstring, 0, strlen($catstring) - 3);
741: }
742:
743: $strTitle = cSecurity::unFilter($db->f("title"));
744:
745: if ($idcat == '') {
746: $idcat = 0;
747: }
748:
749: if ($perm->have_perm_area_action_item("con_editcontent", "con_editart", $idcat)) {
750: $editart = "<a href=\"main.php?area=con_editcontent&action=con_editart&changeview=edit&idartlang=$idartlang&idart=$idart&idcat=$idcat&frame=4&contenido=$sSession\" title=\"idart: $idart idcatart: $idcatart\" alt=\"idart: $idart idcatart: $idcatart\"><i><span style='font-size: 80%'>" . $catstring . "</span></i><br>" . $strTitle . "</a>";
751: } else {
752: $editart = "<i><span style='font-size: 80%'>" . $catstring . "</span></i><br>" . $strTitle;
753: }
754:
755: if ($perm->have_perm_area_action_item("con", "con_duplicate", $idcat)) {
756: $duplicate = "<a href=\"main.php?area=con&idcat=$idcat&action=con_duplicate&duplicate=$idart&frame=4&contenido=$sSession\" title=\"$sDuplicateArticle\"><img src=\"images/but_copy.gif\" border=\"0\" title=\"$sDuplicateArticle\" alt=\"$sDuplicateArticle\"></a>";
757: } else {
758: $duplicate = "";
759: }
760:
761: if ($perm->have_perm_area_action_item("con", "con_deleteart", $idcat)) {
762: $tmp_title = conHtmlSpecialChars($db->f("title"));
763: if (strlen($tmp_title) > 30) {
764: $tmp_title = substr($tmp_title, 0, 27) . "...";
765: }
766:
767: $delete = '
768: <a
769: href="javascript:void(0)"
770: onclick="Con.showConfirmation("' . $sDeleteArticleQuestion . ':<br><br><b>' . conHtmlSpecialChars($tmp_title) . '</b>", function() {deleteArticle(' . $idart . ', ' . $idcat . ');});"
771: title="' . $sDeleteArticle . '"
772: >
773: <img src="images/delete.gif" title="' . $sDeleteArticle . '" alt="' . $sDeleteArticle . '">
774: </a>';
775: } else {
776: $delete = "";
777: }
778:
779: $sRow = '<tr id="' . $sRowId . '" class="text_medium" onmouseover="artRow.over(this)" onmouseout="artRow.out(this)" onclick="artRow.click(this)">' . "\n";
780: $sRow .= $makeStartarticle . "\n";
781: $sRow .= "<td nowrap=\"nowrap\" class=\"bordercell\">$editart</td>
782: <td nowrap=\"nowrap\" class=\"bordercell\">$lastmodified</td>
783: <td nowrap=\"nowrap\" class=\"bordercell\">$published</td>
784: <td nowrap=\"nowrap\" class=\"bordercell\">" . $db->f("artsort") . "</td>
785: <td nowrap=\"nowrap\" class=\"bordercell\">$sTemplateName</td>
786: <td nowrap=\"nowrap\" class=\"bordercell\">
787: <a id=\"m1\" onclick=\"javascript:window.open('main.php?subject=$sTodoListSubject&area=todo&frame=1&itemtype=idart&itemid=$idart&contenido=$sSession', 'todo', 'scrollbars=yes, height=300, width=625');\" alt=\"$sReminder\" title=\"$sReminder\" href=\"#\"><img id=\"m2\" alt=\"$sReminder\" src=\"images/but_setreminder.gif\" border=\"0\"></a>
788: $properties
789: $tplconfig
790: $duplicate
791: $delete
792: </td>
793: </tr>";
794:
795: $tpl->set('d', 'ROWS', $sRow);
796: $tpl->next();
797: }
798: }
799:
800: if (!$bHit) {
801: $sNothingFound = i18n("No article found.");
802: $sRow = '<tr><td colspan="7" class="bordercell">' . $sNothingFound . '</td></tr>';
803: $tpl->set('d', 'ROWS', $sRow);
804: $tpl->next();
805: }
806:
807: if ($bLostAndFound) {
808: $iDisplayMenu = 1;
809: }
810: $sLoadSubnavi = 'Con.getFrame(\'right_top\').location.href = \'main.php?area=con&frame=3&idcat=' . $iIdCat . '&idtpl=' . $iIdTpl . '&display_menu=' . $iDisplayMenu . '&contenido=' . $sSession . "';";
811: }
812:
813:
814:
815:
816:
817:
818: if (sizeof($_GET) == 0 && isset($_POST) && !$bNoCriteria) {
819:
820: $searchForm = '<form id="save_search" target="right_bottom" method="post" action="backend_search.php">';
821:
822: $searchForm .= '<input type="hidden" name="area" value="' . $area . '">';
823: $searchForm .= '<input type="hidden" name="frame" value="' . $frame . '">';
824: $searchForm .= '<input type="hidden" name="contenido" value="' . $sess->id . '">';
825: $searchForm .= '<input type="hidden" name="speach" value="' . $lang . '">';
826:
827: $searchForm .= '<input type="hidden" name="save_search" id="save_search" value="true">';
828: $searchForm .= '<input type="hidden" name="' . $sSaveTitle . '" id="' . $sSaveTitle . '" value="' . $sSearchStr . '">';
829: $searchForm .= '<input type="hidden" name="' . $sSaveId . '" id="' . $sSaveId . '" value="' . $iSearchId . '">';
830: $searchForm .= '<input type="hidden" name="' . $sSaveDateFrom . '" id="' . $sSaveDateFrom . '" value="' . $sSearchStrDateFrom . '">';
831: $searchForm .= '<input type="hidden" name="' . $sSaveDateTo . '" id="' . $sSaveDateTo . '" value="' . $sSearchStrDateTo . '">';
832: $searchForm .= '<input type="hidden" name="' . $sSaveDateField . '" id="' . $sSaveDateField . '" value="' . $sDateFieldName . '">';
833: $searchForm .= '<input type="hidden" name="' . $sSaveAuthor . '" id="' . $sSaveAuthor . '" value="' . $sSearchStrAuthor . '">';
834: $searchForm .= '<label for="' . $sSaveName . '">' . i18n("Search name") . ': </label>';
835: $searchForm .= '<input type="text" class="text_medium" name="' . $sSaveName . '" id="' . $sSaveName . '" placeholder="' . i18n("The search") . '" class="vAlignMiddle">';
836: $searchForm .= '<input type="image" class="vAlignMiddle tableElement" src="./images/but_ok.gif" alt="' . i18n('Store') . '" title="' . i18n('Store') . '" value="' . i18n('Store') . '" name="submit">';
837: $searchForm .= '</form>';
838: $tpl->set('s', 'STORESEARCHFORM', $searchForm);
839:
840:
841: $tpl->set('s', 'STORESEARCHINFO', i18n("Save this search"));
842: } else {
843: $tpl->set('s', 'STORESEARCHINFO', '');
844: $tpl->set('s', 'STORESEARCHFORM', '');
845: }
846:
847: $tpl->set('s', 'SUBNAVI', $sLoadSubnavi);
848: sendEncodingHeader($db, $cfg, $lang);
849: $tpl->generate($cfg['path']['templates'] . 'template.backend_search_results.html');
850: