Menu
▾
▴
[mxbb-commits] kb_076_mxaddon/root/includes functions_kb_auth.php,NONE,1.1 functions_kb_field.php,NONE,1.1 functions_kb_mx.php,NONE,1.1 kb_post.php,NONE,1.1 functions_kb.php,1.1,1.2 kb_article.php,1.1,1.2 kb_cat.php,1.1,1.2 kb_constants.php,1.1,1.2 kb_footer.php,1.1,1.2 kb_header.php,1.1,1.2 kb_moderator.php,1.1,1.2 kb_rate.php,1.1,1.2 kb_stats.php,1.1,1.2 kb_add.php,1.1,NONE kb_edit.php,1.1,NONE
|
From: Jon O. <jon...@us...> - 2005-03-28 20:55:03
|
Update of /cvsroot/mxbb/kb_076_mxaddon/root/includes In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv9026/modules/kb_076_mxaddon/root/includes Modified Files: functions_kb.php kb_article.php kb_cat.php kb_constants.php kb_footer.php kb_header.php kb_moderator.php kb_rate.php kb_stats.php Added Files: functions_kb_auth.php functions_kb_field.php functions_kb_mx.php kb_post.php Removed Files: kb_add.php kb_edit.php Log Message: ## 2005/03/28 - Version KB MOD 2.01 ## - Name changed, since much is rewritten ;) ## - Updated with latest phpBB security patches ## - Category (PRIVATE) permissions ## - Subcategories ## - Comments phpBB forum set per category ## - Text reformatting options: img, link and linewidth controls ## - Rewritten BBcode/html handling (once more yes) ## - Custom fields added ## - wysiwyg feature (tinymce) ## - All reported bugs in dev thread fixed Index: kb_stats.php =================================================================== RCS file: /cvsroot/mxbb/kb_076_mxaddon/root/includes/kb_stats.php,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** kb_stats.php 9 Jan 2005 22:16:31 -0000 1.1 --- kb_stats.php 28 Mar 2005 20:54:53 -0000 1.2 *************** *** 1,9 **** <?php ! /** ! * kb_cat.php ! * ------------------- ! * begin : Sunday, Mar 31, 2003 ! * copyright : (C) 2001 The phpBB Group ! * email : su...@ph... * * $Id$ --- 1,12 ---- <?php ! /** ------------------------------------------------------------------------ ! * subject : mx-portal, CMS & portal ! * begin : june, 2002 ! * copyright : (C) 2002-2005 MX-System ! * email : jon...@ho... ! * project site : www.mx-system.com ! * ! * description : ! * ------------------------------------------------------------------------- * * $Id$ *************** *** 17,60 **** */ ! if ( !defined( 'IN_PHPBB' ) ) { die( "Hacking attempt" ); } ! // $category_id = $HTTP_GET_VARS['cat']; ! // $category = get_kb_cat($category_id); ! // $category_name = $category['category_name']; ! // $page_title = $category_name; if ( !$is_block ) { ! include( $phpbb_root_path . 'includes/page_header.' . $phpEx ); } ! // make_jumpbox($phpbb_root_path .'viewforum.'.$phpEx, $category_id); // load header ! include ( $phpbb_root_path . "includes/kb_header." . $phpEx ); ! $template->set_filenames( array( 'body' => 'kb_stats_body.tpl' ) ! ); ! // if ( !$category_name ) ! // { ! // $message = $lang['Category_not_exsist'] . '<br /><br />' . sprintf($lang['Click_return_kb'], '<a href="' . append_sid(this_kb_mxurl()) . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid($phpbb_root_path . "index.$phpEx") . '">', '</a>'); - // message_die(GENERAL_MESSAGE, $message); - // } - // else - // { - // get sub-cats - // get_kb_cat_subs($category_id); if ( $stats == 'toprated' ) { $path_kb = $lang['Top_toprated']; ! }elseif ( $stats == 'latest' ) { $path_kb = $lang['Top_latest']; ! }elseif ( $stats == 'mostpopular' ) { $path_kb = $lang['Top_most_popular']; } ! // $path_kb_array = array(); ! // get_kb_nav($category_id); $template->assign_vars( array( 'L_CATEGORY_NAME' => $category_name, 'L_ARTICLE' => $lang['Article'], --- 20,59 ---- */ ! if ( !defined( 'IN_PORTAL' ) ) { die( "Hacking attempt" ); } ! ! // Start auth check ! // ! $kb_is_auth = array(); ! $kb_is_auth = kb_auth(AUTH_ALL, AUTH_LIST_ALL, $userdata); ! ! // End of auth check ! // ! if ( !$is_block ) { ! include( $mx_root_path . 'includes/page_header.' . $phpEx ); } ! // load header ! include ( $module_root_path . "includes/kb_header." . $phpEx ); ! $template->set_filenames( array( 'body' => 'kb_stats_body.tpl' ) ); if ( $stats == 'toprated' ) { $path_kb = $lang['Top_toprated']; ! } ! elseif ( $stats == 'latest' ) { $path_kb = $lang['Top_latest']; ! } ! elseif ( $stats == 'mostpopular' ) { $path_kb = $lang['Top_most_popular']; } ! $template->assign_vars( array( 'L_CATEGORY_NAME' => $category_name, 'L_ARTICLE' => $lang['Article'], *************** *** 66,80 **** 'L_VIEWS' => $lang['Views'], 'L_VOTES' => $lang['Votes'], - 'L_CATEGORY' => $lang['Category_sub'], 'L_ARTICLES' => $lang['Articles'], ! 'PATH' => '-> ' . $path_kb, ! ! 'U_CAT' => append_sid( this_kb_mxurl( 'mode=cat&cat=' . $category_id ) ) ) ! ); ! ! get_kb_stats( $stats, '1', 'articlerow' ); ! // } ?> \ No newline at end of file --- 65,75 ---- 'L_VIEWS' => $lang['Views'], 'L_VOTES' => $lang['Votes'], 'L_CATEGORY' => $lang['Category_sub'], 'L_ARTICLES' => $lang['Articles'], + 'PATH' => '» ' . $path_kb, + 'U_CAT' => append_sid( this_kb_mxurl( 'mode=cat&cat=' . $category_id ) ) + ) ); ! get_kb_stats( $stats, '1', 'articlerow', $kb_is_auth ); ?> \ No newline at end of file Index: kb_header.php =================================================================== RCS file: /cvsroot/mxbb/kb_076_mxaddon/root/includes/kb_header.php,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** kb_header.php 9 Jan 2005 22:16:31 -0000 1.1 --- kb_header.php 28 Mar 2005 20:54:53 -0000 1.2 *************** *** 1,9 **** <?php ! /** ! * kb_header.php ! * ------------------- ! * begin : Monday, Mar 31, 2003 ! * copyright : (C) 2001 The phpBB Group ! * email : su...@ph... * * $Id$ --- 1,12 ---- <?php ! /** ------------------------------------------------------------------------ ! * subject : mx-portal, CMS & portal ! * begin : june, 2002 ! * copyright : (C) 2002-2005 MX-System ! * email : jon...@ho... ! * project site : www.mx-system.com ! * ! * description : ! * ------------------------------------------------------------------------- * * $Id$ *************** *** 17,21 **** */ ! if ( !defined( 'IN_PHPBB' ) ) { die( "Hacking attempt" ); --- 20,24 ---- */ ! if ( !defined( 'IN_PORTAL' ) ) { die( "Hacking attempt" ); *************** *** 25,69 **** define( 'ALLOW_ANON', 1 ); ! // Pull all config data ! $sql = "SELECT * ! FROM " . KB_CONFIG_TABLE; ! if ( !$result = $db->sql_query( $sql ) ) { ! message_die( CRITICAL_ERROR, "Could not query config information in kb_config", "", __LINE__, __FILE__, $sql ); } else { ! while ( $row = $db->sql_fetchrow( $result ) ) ! { ! $config_name = $row['config_name']; ! $config_value = $row['config_value']; ! $kb_config[$config_name] = $config_value; ! } } - // $dirname = $phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_kb.'.$phpEx; - // include($dirname); - - // Parse and show the overall header. - - $template->set_filenames( array( 'kb_header' => 'kb_header.tpl' ) - ); ! if ( ( $kb_config['allow_new'] == ALLOW_NEW && $userdata['session_logged_in'] && $show_new ) || ( $kb_config['allow_new'] == ALLOW_NEW && $kb_config['allow_anon'] == ALLOW_ANON && $show_new ) || $is_admin && $show_new ) ! { ! if ( $HTTP_GET_VARS['cat'] ) ! { ! $temp_url = append_sid( this_kb_mxurl( "mode=add&cat=" . $HTTP_GET_VARS['cat'] ) ); ! $add_article = '<a href="' . $temp_url . '">' . $lang['Add_article'] . '</a>'; ! } ! else ! { ! $add_article = $lang['Click_cat_to_add']; ! } - $template->assign_block_vars( 'switch_add_article', array() ); - } ! $temp_url = append_sid( $phpbb_root_path . "kb_search.php" ); $search = '<a href="' . $temp_url . '">' . $lang['Search'] . '</a>'; --- 28,53 ---- define( 'ALLOW_ANON', 1 ); ! // Parse and show the overall header. ! $template->set_filenames( array( 'kb_header' => 'kb_header.tpl' ) ); ! ! if ( isset ( $HTTP_GET_VARS['cat'] ) ) { ! ! if ( $kb_config['allow_new'] == 1 && ( $kb_is_auth['auth_post'] || $kb_is_auth['auth_mod'] ) ) ! { ! $temp_url = append_sid( this_kb_mxurl( "mode=add&cat=" . intval ($HTTP_GET_VARS['cat'] ) ) ); ! $add_article = '<a href="' . $temp_url . '">' . $lang['Add_article'] . '</a>'; ! } } else { ! $add_article = $lang['Click_cat_to_add']; } ! $template->assign_block_vars( 'switch_add_article', array() ); ! $temp_url = append_sid( this_kb_mxurl_search ('', true) ); $search = '<a href="' . $temp_url . '">' . $lang['Search'] . '</a>'; *************** *** 71,84 **** { $temp_url = append_sid( this_kb_mxurl() ); ! $title = '<a href="' . $temp_url . '"><img src="' . $images['kb_title'] . '" width="285" height="45" border="0" alt="' . $lang['KB_title'] . '"></a>'; } else { ! $title = $lang['KB_title']; } ! $template->assign_vars( array( 'U_PORTAL' => $phpbb_root_path, 'L_PORTAL' => "<<", ! 'L_KB_TITLE' => $title, 'L_ADD_ARTICLE' => $add_article, 'L_SEARCH' => $search, --- 55,68 ---- { $temp_url = append_sid( this_kb_mxurl() ); ! $block_title = '<td align="center"><a href="' . $temp_url . '"><img src="' . $images['kb_title'] . '" width="285" height="45" border="0" alt="' . $title . '"></a></td>'; } else { ! $block_title = MXBB_MODULE ? '<th class="thHead"> ' . $title . '</th>' : '<td align="center"><b>' . $lang['KB_title'] . '</b></td>'; } ! $template->assign_vars( array( 'U_PORTAL' => $mx_root_path, 'L_PORTAL' => "<<", ! 'L_KB_TITLE' => $block_title, 'L_ADD_ARTICLE' => $add_article, 'L_SEARCH' => $search, *************** *** 95,99 **** if ( $kb_config['stats_list'] == 1 ) { ! get_quick_stats(); } --- 79,83 ---- if ( $kb_config['stats_list'] == 1 ) { ! get_quick_stats( intval( $HTTP_GET_VARS['cat'] ) ); } Index: kb_constants.php =================================================================== RCS file: /cvsroot/mxbb/kb_076_mxaddon/root/includes/kb_constants.php,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** kb_constants.php 9 Jan 2005 22:16:31 -0000 1.1 --- kb_constants.php 28 Mar 2005 20:54:53 -0000 1.2 *************** *** 1,37 **** <?php ! /** ! * kb_constants.php ! * ------------------- ! * begin : April, 2003 ! * copyright : (C) 2002 MX-System ! * email : su...@mx... ! * description : define constants ! * Author : Haplo (jon...@ho...) ! * credit : Roman Malarev (romutis), MarcMoris * * $Id$ */ // ---------------------------------------------------------------------START // This file defines specific constants for the module // ------------------------------------------------------------------------- ! define( 'KB_ARTICLES_TABLE', $table_prefix . 'kb_articles' ); ! define( 'KB_CATEGORIES_TABLE', $table_prefix . 'kb_categories' ); ! define( 'KB_CONFIG_TABLE', $table_prefix . 'kb_config' ); ! define( 'KB_TYPES_TABLE', $table_prefix . 'kb_types' ); ! define( 'KB_WORD_TABLE', $table_prefix . 'kb_wordlist' ); ! define( 'KB_SEARCH_TABLE', $table_prefix . 'kb_results' ); ! define( 'KB_MATCH_TABLE', $table_prefix . 'kb_wordmatch' ); ! define( 'KB_VOTES_TABLE', $table_prefix . 'kb_votes' ); // ********************************************************************** // Read language definition // ********************************************************************** ! if ( !file_exists( $phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_kb.' . $phpEx ) ) { ! include( $phpbb_root_path . 'language/lang_english/lang_kb.' . $phpEx ); $link_language = 'lang_english'; } else { ! include( $phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_kb.' . $phpEx ); $link_language = 'lang_' . $board_config['default_lang']; } --- 1,75 ---- <?php ! /** ------------------------------------------------------------------------ ! * subject : mx-portal, CMS & portal ! * begin : june, 2002 ! * copyright : (C) 2002-2005 MX-System ! * email : jon...@ho... ! * project site : www.mx-system.com ! * ! * description : ! * ------------------------------------------------------------------------- * * $Id$ */ + + /** + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + */ + + if ( !MXBB_MODULE ) + { + $server_protocol = ($board_config['cookie_secure']) ? 'https://' : 'http://'; + $server_name = preg_replace('#^\/?(.*?)\/?$#', '\1', trim($board_config['server_name'])); + $server_port = ($board_config['server_port'] <> 80) ? ':' . trim($board_config['server_port']) : ''; + $script_name = preg_replace('#^\/?(.*?)\/?$#', '\1', trim($board_config['script_path'])); + $script_name = ($script_name == '') ? $script_name : '/' . $script_name; + + define( 'PORTAL_URL', $server_protocol . $server_name . $server_port . $script_name . '/' ); + define( 'PHPBB_URL', PORTAL_URL ); + + $reader_mode = false; + $kb_config['news_operate_mode'] = false; + $mx_table_prefix = $table_prefix; + $is_block = false; + } + // ---------------------------------------------------------------------START // This file defines specific constants for the module // ------------------------------------------------------------------------- ! define( 'PAGE_KB', -500 ); ! define( 'KB_ARTICLES_TABLE', $mx_table_prefix . 'kb_articles' ); ! define( 'KB_CATEGORIES_TABLE', $mx_table_prefix . 'kb_categories' ); ! define( 'KB_CONFIG_TABLE', $mx_table_prefix . 'kb_config' ); ! define( 'KB_TYPES_TABLE', $mx_table_prefix . 'kb_types' ); ! define( 'KB_WORD_TABLE', $mx_table_prefix . 'kb_wordlist' ); ! define( 'KB_SEARCH_TABLE', $mx_table_prefix . 'kb_results' ); ! define( 'KB_MATCH_TABLE', $mx_table_prefix . 'kb_wordmatch' ); ! define( 'KB_VOTES_TABLE', $mx_table_prefix . 'kb_votes' ); ! ! define( 'KB_CUSTOM_TABLE', $mx_table_prefix . 'kb_custom' ); ! define( 'KB_CUSTOM_DATA_TABLE', $mx_table_prefix . 'kb_customdata' ); ! ! // Field Types ! define( 'INPUT', 0 ); ! define( 'TEXTAREA', 1 ); ! define( 'RADIO', 2 ); ! define( 'SELECT', 3 ); ! define( 'SELECT_MULTIPLE', 4 ); ! define( 'CHECKBOX', 5 ); ! // ********************************************************************** // Read language definition // ********************************************************************** ! if ( !file_exists( $module_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_kb.' . $phpEx ) ) { ! include( $module_root_path . 'language/lang_english/lang_kb.' . $phpEx ); $link_language = 'lang_english'; } else { ! include( $module_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_kb.' . $phpEx ); $link_language = 'lang_' . $board_config['default_lang']; } *************** *** 39,47 **** // Read theme definition // ********************************************************************** ! if ( file_exists( $phpbb_root_path . "templates/" . $theme['template_name'] . "/images" ) ) { // ---------- ! // $current_template_images = $module_root_path . "templates/".$theme['template_name']."/images" ; ! $current_template_images = $phpbb_root_path . "templates/" . $theme['template_name'] . "/images" ; // ---------- } --- 77,84 ---- // Read theme definition // ********************************************************************** ! if ( file_exists( $module_root_path . "templates/" . $theme['template_name'] . "/images" ) ) { // ---------- ! $current_template_images = $module_root_path . "templates/" . $theme['template_name'] . "/images" ; // ---------- } *************** *** 49,54 **** { // ---------- ! // $current_template_images = $module_root_path . "templates/"."subSilver"."/images" ; ! $current_template_images = $phpbb_root_path . 'templates/subSilver/images' ; // ---------- } --- 86,90 ---- { // ---------- ! $current_template_images = $module_root_path . "templates/" . "subSilver" . "/images" ; // ---------- } *************** *** 73,79 **** } ! $kb_module_version = "Knowledge Base - MX Addon v. 1.03e"; ! $kb_module_author = "Haplo"; ! $kb_module_orig_author = "wGEric"; ?> \ No newline at end of file --- 109,125 ---- } ! if ( !MXBB_MODULE ) ! { ! $kb_module_version = "Knowledge Base v. 2.0"; ! $kb_module_author = "Haplo"; ! $kb_module_orig_author = "wGEric"; ! } ! else ! { ! $mxbb_footer_addup[] = 'mxBB Knowledge Base Module'; ! } ! ! ! ?> \ No newline at end of file --- NEW FILE: functions_kb_auth.php --- <?php /** ------------------------------------------------------------------------ * subject : mx-portal module * begin : june, 2002 * copyright : (C) 2002-2005 MX-System * email : jon...@ho... * project site : www.mx-system.com * * description : * */ /** * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. */ if ( !defined( 'IN_PORTAL' ) ) { die( 'Hacking attempt' ); } function kb_auth( $type, $cat_id, $userdata, $f_access = '', $f_access_group = '' ) { global $db, $lang; switch ( $type ) { case AUTH_ALL: $a_sql = 'a.auth_view, a.auth_post, a.auth_rate, a.auth_comment, a.auth_edit, a.auth_delete, a.auth_approval, a.auth_approval_edit'; $a_sql_groups = 'a.auth_view_groups, a.auth_post_groups, a.auth_rate_groups, a.auth_comment_groups, a.auth_edit_groups, a.auth_delete_groups, a.auth_approval_groups, a.auth_approval_edit_groups'; $auth_fields = array( 'auth_view', 'auth_post', 'auth_rate', 'auth_comment', 'auth_edit', 'auth_delete', 'auth_approval', 'auth_approval_edit' ); $auth_fields_groups = array( 'auth_view_groups', 'auth_post_groups', 'auth_rate_groups', 'auth_comment_groups', 'auth_edit_groups', 'auth_delete_groups', 'auth_approval_groups', 'auth_approval_edit_groups' ); break; case AUTH_VIEW: $a_sql = 'a.auth_view'; $a_sql_groups = 'a.auth_view_groups'; $auth_fields = array( 'auth_view' ); $auth_fields_groups = array( 'auth_view_groups' ); break; case AUTH_POST: $a_sql = 'a.auth_post'; $a_sql_groups = 'a.auth_post_groups'; $auth_fields = array( 'auth_post' ); $auth_fields_groups = array( 'auth_post_groups' ); break; case AUTH_RATE: $a_sql = 'a.auth_rate'; $a_sql_groups = 'a.auth_rate_groups'; $auth_fields = array( 'auth_rate' ); $auth_fields_groups = array( 'auth_rate_groups' ); break; case AUTH_COMMENT: $a_sql = 'a.auth_comment'; $a_sql_groups = 'a.auth_comment_groups'; $auth_fields = array( 'auth_comment' ); $auth_fields_groups = array( 'auth_comment_groups' ); break; case AUTH_EDIT: $a_sql = 'a.auth_edit'; $a_sql_groups = 'a.auth_edit_groups'; $auth_fields = array( 'auth_edit' ); $auth_fields_groups = array( 'auth_edit_groups' ); break; case AUTH_DELETE: $a_sql = 'a.auth_delete'; $a_sql_groups = 'a.auth_delete_groups'; $auth_fields = array( 'auth_delete' ); $auth_fields_groups = array( 'auth_delete_groups' ); break; case AUTH_APPROVAL: $a_sql = 'a.auth_approval'; $a_sql_groups = 'a.auth_approval_groups'; $auth_fields = array( 'auth_approval' ); $auth_fields_groups = array( 'auth_approval_groups' ); break; case AUTH_APPROVAL_EDIT: $a_sql = 'a.auth_approval_edit'; $a_sql_groups = 'a.auth_approval_edit_groups'; $auth_fields = array( 'auth_approval_edit' ); $auth_fields_groups = array( 'auth_approval_edit_groups' ); break; default: break; } $is_admin = ( $userdata['user_level'] == ADMIN && $userdata['session_logged_in'] ) ? true : 0; // // If f_access has not been passed, or auth is needed to return an array of forums // then we need to pull the auth information on the given forum (or all forums) // if ( empty($f_access) ) { $forum_match_sql = ( $cat_id != AUTH_LIST_ALL ) ? "WHERE a.category_id = $cat_id" : ''; $sql = "SELECT a.category_id, $a_sql FROM " . KB_CATEGORIES_TABLE . " a $forum_match_sql"; if ( !($result = $db->sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Failed obtaining forum access control lists', '', __LINE__, __FILE__, $sql); } $sql_fetchrow = ( $cat_id != AUTH_LIST_ALL ) ? 'sql_fetchrow' : 'sql_fetchrowset'; if ( !($f_access = $db->$sql_fetchrow($result)) ) { $db->sql_freeresult($result); return array(); } $db->sql_freeresult($result); } // // If f_access_group has not been passed, or auth is needed to return an array of forums // then we need to pull the auth information on the given forum (or all forums) // if ( empty($f_access_group) ) { $forum_match_sql = ( $cat_id != AUTH_LIST_ALL ) ? "WHERE a.category_id = $cat_id" : ''; $sql = "SELECT a.category_id, $a_sql_groups, a.auth_moderator_groups FROM " . KB_CATEGORIES_TABLE . " a $forum_match_sql"; if ( !($result = $db->sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Failed obtaining forum access control lists', '', __LINE__, __FILE__, $sql); } $sql_fetchrow = ( $cat_id != AUTH_LIST_ALL ) ? 'sql_fetchrow' : 'sql_fetchrowset'; if ( !($f_access_group = $db->$sql_fetchrow($result)) ) { $db->sql_freeresult($result); return array(); } $db->sql_freeresult($result); } $auth_user = array(); for( $i = 0; $i < count( $auth_fields ); $i++ ) { $key = $auth_fields[$i]; $key_groups = $auth_fields_groups[$i]; // If the user is logged on and the module type is either ALL or REG then the user has access // If the type if ACL, MOD or ADMIN then we need to see if the user has specific permissions // to do whatever it is they want to do ... to do this we pull relevant information for the // user (and any groups they belong to) // Now we compare the users access level against the modules. We assume here that a moderator // and admin automatically have access to an ACL module, similarly we assume admins meet an // auth requirement of MOD if ( $cat_id != AUTH_LIST_ALL ) { $value = $f_access[$key]; $value_groups = $f_access_group[$key_groups]; switch ( $value ) { case AUTH_ALL: $auth_user[$key] = true; $auth_user[$key . '_type'] = $lang['Auth_Anonymous_users']; break; case AUTH_REG: $auth_user[$key] = ( $userdata['session_logged_in'] ) ? true : 0; $auth_user[$key . '_type'] = $lang['Auth_Registered_Users']; break; case AUTH_ANONYMOUS: $auth_user[$key] = ( ! $userdata['session_logged_in'] ) ? true : 0; $auth_user[$key . '_type'] = $lang['Auth_Anonymous_users']; break; case AUTH_ACL: // PRIVATE $auth_user[$key] = ( $userdata['session_logged_in'] ) ? mx_auth_group_cache( $value_groups ) || $is_admin : 0; $auth_user[$key . '_type'] = $lang['Auth_Users_granted_access']; break; case AUTH_MOD: $auth_user[$key] = ( $userdata['session_logged_in'] ) ? mx_auth_group_cache( $f_access_group['auth_moderator_groups'] ) || $is_admin : 0; $auth_user[$key . '_type'] = $lang['Auth_Moderators']; break; case AUTH_ADMIN: $auth_user[$key] = $is_admin; $auth_user[$key . '_type'] = $lang['Auth_Administrators']; break; default: $auth_user[$key] = 0; break; } } else { for($k = 0; $k < count($f_access); $k++) { $value = $f_access[$k][$key]; $value_groups = $f_access_group[$k][$key_groups]; $f_cat_id = $f_access[$k]['category_id']; switch ( $value ) { case AUTH_ALL: $auth_user[$f_cat_id][$key] = true; $auth_user[$f_cat_id][$key . '_type'] = $lang['Auth_Anonymous_users']; break; case AUTH_REG: $auth_user[$f_cat_id][$key] = ( $userdata['session_logged_in'] ) ? true : 0; $auth_user[$f_cat_id][$key . '_type'] = $lang['Auth_Registered_Users']; break; case AUTH_ANONYMOUS: $auth_user[$f_cat_id][$key] = ( ! $userdata['session_logged_in'] ) ? true : 0; $auth_user[$f_cat_id][$key . '_type'] = $lang['Auth_Anonymous_users']; break; case AUTH_ACL: // PRIVATE $auth_user[$f_cat_id][$key] = ( $userdata['session_logged_in'] ) ? mx_auth_group_cache( $value_groups ) || $is_admin : 0; $auth_user[$f_cat_id][$key . '_type'] = $lang['Auth_Users_granted_access']; break; case AUTH_MOD: $auth_user[$f_cat_id][$key] = ( $userdata['session_logged_in'] ) ? mx_auth_group_cache( $f_access_group[$k]['auth_moderator_groups'] ) || $is_admin : 0; $auth_user[$f_cat_id][$key . '_type'] = $lang['Auth_Moderators']; break; case AUTH_ADMIN: $auth_user[$f_cat_id][$key] = $is_admin; $auth_user[$f_cat_id][$key . '_type'] = $lang['Auth_Administrators']; break; default: $auth_user[$f_cat_id][$key] = 0; break; } } } } // // Is user a moderator? // if ( $cat_id != AUTH_LIST_ALL ) { $auth_user['auth_mod'] = ( $userdata['session_logged_in'] ) ? mx_auth_group_cache( $f_access_group['auth_moderator_groups'] ) || $is_admin : 0; } else { for($k = 0; $k < count($f_access); $k++) { $f_cat_id = $f_access[$k]['category_id']; $auth_user[$f_cat_id]['auth_mod'] = ( $userdata['session_logged_in'] ) ? mx_auth_group_cache( $f_access_group[$k]['auth_moderator_groups'] ) || $is_admin : 0; } } //die(var_export($auth_user)); return $auth_user; } ?> --- NEW FILE: functions_kb_field.php --- <?php /** * functions_field.php * ------------------- * begin : Saturday, Feb 13, 2001 * copyright : (C) 2001 The phpBB Group * email : su...@ph... * * $Id: functions_kb_field.php,v 1.1 2005/03/28 20:54:53 jonohlsson Exp $ */ /** * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. */ // PLEASE DON'T TAKE THIS CLASS AND USE IT, I WILL KEEP MY EYES ON IT // I KNOW SOME PEOPLE MAY TAKE IT AND USE IT TO DO CUSTOM FIELD FOR PROFILE // BUT I AM PLANNING TO MAKE THIS FEATURE VERY SOON /* - orig if ( !defined('IN_PHPBB') ) { die("Hacking attempt"); } */ // MX if ( !defined( 'IN_PORTAL' ) ) { die( "Hacking attempt" ); } class kb_custom_field { var $field_rowset = array(); var $field_data_rowset = array(); // =================================================== // prepare data // =================================================== function init() { global $db; $sql = "SELECT * FROM " . KB_CUSTOM_TABLE . " ORDER BY field_order ASC"; if ( !( $result = $db->sql_query( $sql ) ) ) { mx_message_die( GENERAL_ERROR, 'Couldnt Query Custom field', '', __LINE__, __FILE__, $sql ); } while ( $row = $db->sql_fetchrow( $result ) ) { $this->field_rowset[$row['custom_id']] = $row; } unset( $row ); $db->sql_freeresult( $result ); $sql = "SELECT * FROM " . KB_CUSTOM_DATA_TABLE; if ( !( $result = $db->sql_query( $sql ) ) ) { mx_message_die( GENERAL_ERROR, 'Couldnt Query Custom field', '', __LINE__, __FILE__, $sql ); } while ( $row = $db->sql_fetchrow( $result ) ) { $this->field_data_rowset[$row['customdata_file']][$row['customdata_custom']] = $row; } unset( $row ); $db->sql_freeresult( $result ); } // =================================================== // check if there is a data in the database // =================================================== function field_data_exist() { if ( !empty( $this->field_data_rowset ) ) { return true; } return false; } function field_exist() { if ( !empty( $this->field_rowset ) ) { return true; } return false; } // =================================================== // display data in the comment // =================================================== function add_comment( $file_id ) { global $template; if ( $this->field_data_exist() ) { if ( isset( $this->field_data_rowset[$file_id] ) ) { $message = ''; foreach( $this->field_data_rowset[$file_id] as $field_id => $data ) { if ( !empty( $data['data'] ) ) { switch ( $this->field_rowset[$field_id]['field_type'] ) { case INPUT: case TEXTAREA: case RADIO: case SELECT: $field_data = $data['data']; break; case SELECT_MULTIPLE: case CHECKBOX: $field_data = @implode( ', ', unserialize( $data['data'] ) ); break; } $message .= "\n" . "[b]" . $this->field_rowset[$field_id]['custom_name'] . ":[/b] " . $field_data . "\n"; } else { global $db; $sql = "DELETE FROM " . KB_CUSTOM_DATA_TABLE . " WHERE customdata_file = '$file_id' AND customdata_custom = '$field_id'"; if ( !( $db->sql_query( $sql ) ) ) { mx_message_die( GENERAL_ERROR, 'Could not delete custom data', '', __LINE__, __FILE__, $sql ); } } } return $message; } else { return false; } } else { return false; } } // =================================================== // display data in the file page // =================================================== function display_data( $file_id ) { global $template; if ( $this->field_data_exist() ) { if ( isset( $this->field_data_rowset[$file_id] ) ) { foreach( $this->field_data_rowset[$file_id] as $field_id => $data ) { if ( !empty( $data['data'] ) ) { switch ( $this->field_rowset[$field_id]['field_type'] ) { case INPUT: case TEXTAREA: case RADIO: case SELECT: $field_data = $data['data']; break; case SELECT_MULTIPLE: case CHECKBOX: $field_data = @implode( ', ', unserialize( $data['data'] ) ); break; } $template->assign_block_vars( 'custom_field', array( 'CUSTOM_NAME' => $this->field_rowset[$field_id]['custom_name'], 'DATA' => $field_data ) ); } else { global $db; $sql = "DELETE FROM " . KB_CUSTOM_DATA_TABLE . " WHERE customdata_file = '$file_id' AND customdata_custom = '$field_id'"; if ( !( $db->sql_query( $sql ) ) ) { mx_message_die( GENERAL_ERROR, 'Could not delete custom data', '', __LINE__, __FILE__, $sql ); } } } } else { return false; } } else { return false; } } // =================================================== // display custom field and data in the add/edit page // =================================================== function display_edit( $file_id = false ) { global $template; $return = false; if ( $this->field_exist() ) { foreach( $this->field_rowset as $field_id => $field_data ) { switch ( $field_data['field_type'] ) { case INPUT: $this->display_edit_input( $file_id, $field_id, $field_data ); break; case TEXTAREA: $this->display_edit_textarea( $file_id, $field_id, $field_data ); break; case RADIO: $this->display_edit_radio( $file_id, $field_id, $field_data ); break; case SELECT: $this->display_edit_select( $file_id, $field_id, $field_data ); break; case SELECT_MULTIPLE: $this->display_edit_select_multiple( $file_id, $field_id, $field_data ); break; case CHECKBOX: $this->display_edit_checkbox( $file_id, $field_id, $field_data ); break; } $return = true; } } return $return; } function display_edit_input( $file_id, $field_id, $field_data ) { global $template; $template->assign_block_vars( 'input', array( 'FIELD_NAME' => $field_data['custom_name'], 'FIELD_ID' => $field_data['custom_id'], 'FIELD_DESCRIPTION' => $field_data['custom_description'], 'FIELD_VALUE' => ( !empty( $this->field_data_rowset[$file_id][$field_id]['data'] ) ) ? $this->field_data_rowset[$file_id][$field_id]['data'] : '' ) ); } function display_edit_textarea( $file_id, $field_id, $field_data ) { global $template; $template->assign_block_vars( 'textarea', array( 'FIELD_NAME' => $field_data['custom_name'], 'FIELD_ID' => $field_data['custom_id'], 'FIELD_DESCRIPTION' => $field_data['custom_description'], 'FIELD_VALUE' => ( !empty( $this->field_data_rowset[$file_id][$field_id]['data'] ) ) ? $this->field_data_rowset[$file_id][$field_id]['data'] : '' ) ); } function display_edit_radio( $file_id, $field_id, $field_data ) { global $template; $template->assign_block_vars( 'radio', array( 'FIELD_NAME' => $field_data['custom_name'], 'FIELD_ID' => $field_data['custom_id'], 'FIELD_DESCRIPTION' => $field_data['custom_description'] ) ); $data = ( !empty( $this->field_data_rowset[$file_id][$field_id]['data'] ) ) ? $this->field_data_rowset[$file_id][$field_id]['data'] : array(); $field_datas = ( !empty( $field_data['data'] ) ) ? unserialize( stripslashes( $field_data['data'] ) ) : array(); if ( !empty( $field_datas ) ) { foreach( $field_datas as $key => $value ) { $template->assign_block_vars( 'radio.row', array( 'FIELD_VALUE' => $value, 'FIELD_SELECTED' => ( $data == $value ) ? ' checked="checked"' : '' ) ); } } } function display_edit_select( $file_id, $field_id, $field_data ) { global $template; $template->assign_block_vars( 'select', array( 'FIELD_NAME' => $field_data['custom_name'], 'FIELD_ID' => $field_data['custom_id'], 'FIELD_DESCRIPTION' => $field_data['custom_description'] ) ); $data = ( !empty( $this->field_data_rowset[$file_id][$field_id]['data'] ) ) ? $this->field_data_rowset[$file_id][$field_id]['data'] : ''; $field_datas = ( !empty( $field_data['data'] ) ) ? unserialize( stripslashes( $field_data['data'] ) ) : array(); if ( !empty( $field_datas ) ) { foreach( $field_datas as $key => $value ) { $template->assign_block_vars( 'select.row', array( 'FIELD_VALUE' => $value, 'FIELD_SELECTED' => ( $data == $value ) ? ' selected="selected"' : '' ) ); } } } function display_edit_select_multiple( $file_id, $field_id, $field_data ) { global $template; $template->assign_block_vars( 'select_multiple', array( 'FIELD_NAME' => $field_data['custom_name'], 'FIELD_ID' => $field_data['custom_id'], 'FIELD_DESCRIPTION' => $field_data['custom_description'] ) ); $data = ( !empty( $this->field_data_rowset[$file_id][$field_id]['data'] ) ) ? unserialize( $this->field_data_rowset[$file_id][$field_id]['data'] ) : array(); $field_datas = ( !empty( $field_data['data'] ) ) ? unserialize( stripslashes( $field_data['data'] ) ) : array(); if ( !empty( $field_datas ) ) { foreach( $field_datas as $key => $value ) { $selected = ''; foreach( $data as $field_value ) { if ( $field_value == $value ) { $selected = ' selected="selected"'; break; } } $template->assign_block_vars( 'select_multiple.row', array( 'FIELD_VALUE' => $value, 'FIELD_SELECTED' => $selected ) ); } } } function display_edit_checkbox( $file_id, $field_id, $field_data ) { global $template; $template->assign_block_vars( 'checkbox', array( 'FIELD_NAME' => $field_data['custom_name'], 'FIELD_ID' => $field_data['custom_id'], 'FIELD_DESCRIPTION' => $field_data['custom_description'] ) ); $data = ( !empty( $this->field_data_rowset[$file_id][$field_id]['data'] ) ) ? unserialize( $this->field_data_rowset[$file_id][$field_id]['data'] ) : array(); $field_datas = ( !empty( $field_data['data'] ) ) ? unserialize( stripslashes( $field_data['data'] ) ) : array(); if ( !empty( $field_datas ) ) { foreach( $field_datas as $key => $value ) { $checked = ''; foreach( $data as $field_value ) { if ( $field_value == $value ) { $checked = ' checked'; break; } } $template->assign_block_vars( 'checkbox.row', array( 'FIELD_VALUE' => $value, 'FIELD_CHECKED' => $checked ) ); } } } function update_add_field( $field_type, $field_id = false ) { global $db, $db, $_POST, $lang; $field_name = ( isset( $_POST['field_name'] ) ) ? htmlspecialchars( $_POST['field_name'] ) : ''; $field_desc = ( isset( $_POST['field_desc'] ) ) ? htmlspecialchars( $_POST['field_desc'] ) : ''; $regex = ( isset( $_POST['regex'] ) ) ? $_POST['regex'] : ''; $data = ( isset( $_POST['data'] ) ) ? $_POST['data'] : ''; $field_order = ( isset( $_POST['field_order'] ) ) ? $_POST['field_order'] : ''; if ( $field_id ) { $field_order = ( isset( $_POST['field_order'] ) ) ? intval( $_POST['field_order'] ) : ''; } if ( !empty( $data ) ) { $data = explode( "\n", htmlspecialchars( trim( $data ) ) ); foreach( $data as $key => $value ) { $data[$key] = trim( $value ); } $data = addslashes( serialize( $data ) ); } if ( empty( $field_name ) ) { mx_message_die( GENERAL_ERROR, $lang['Missing_field'] ); } if ( ( ( $field_type != INPUT && $field_type != TEXTAREA ) && empty( $data ) ) ) { mx_message_die( GENERAL_ERROR, $lang['Missing_field'] ); } if ( !$field_id ) { $sql = "INSERT INTO " . KB_CUSTOM_TABLE . " (custom_name, custom_description, data, regex, field_type) VALUES('" . $field_name . "', '" . $field_desc . "', '" . $data . "', '" . $regex . "', '" . $field_type . "')"; if ( !( $db->sql_query( $sql ) ) ) { mx_message_die( GENERAL_ERROR, 'Could not add the new fields', '', __LINE__, __FILE__, $sql ); } $field_id = $db->sql_nextid(); $sql = "UPDATE " . KB_CUSTOM_TABLE . " SET field_order = '$field_id' WHERE custom_id = $field_id"; if ( !( $db->sql_query( $sql ) ) ) { mx_message_die( GENERAL_ERROR, 'Could not set the order for the giving field', '', __LINE__, __FILE__, $sql ); } } else { $sql = "UPDATE " . KB_CUSTOM_TABLE . " SET custom_name = '$field_name', custom_description = '$field_desc', data = '$data', regex = '$regex', field_order='$field_order' WHERE custom_id = $field_id"; if ( !( $db->sql_query( $sql ) ) ) { mx_message_die( GENERAL_ERROR, 'Could not update information for the giving field', '', __LINE__, __FILE__, $sql ); } } } function delete_field( $field_id ) { global $db; $sql = "DELETE FROM " . KB_CUSTOM_DATA_TABLE . " WHERE customdata_custom = '$field_id'"; if ( !( $db->sql_query( $sql ) ) ) { mx_message_die( GENERAL_ERROR, 'Could not delete custom data', '', __LINE__, __FILE__, $sql ); } $sql = "DELETE FROM " . KB_CUSTOM_TABLE . " WHERE custom_id = '$field_id'"; if ( !( $db->sql_query( $sql ) ) ) { mx_message_die( GENERAL_ERROR, 'Could not delete the selected field', '', __LINE__, __FILE__, $sql ); } } function get_field_data( $field_id ) { $return_array = $this->field_rowset[$field_id]; $return_array['data'] = implode( "\n", unserialize( stripslashes( $return_array['data'] ) ) ); return $return_array; } // =================================================== // file data in custom field operations // =================================================== function file_update_data( $file_id ) { global $_POST, $db; $field = ( isset( $_POST['field'] ) ) ? $_POST['field'] : ''; if ( !empty( $field ) ) { foreach( $field as $field_id => $field_data ) { if ( !empty( $this->field_rowset[$field_id]['regex'] ) ) { if ( !preg_match( '#' . $this->field_rowset[$field_id]['regex'] . '#siU', $field_data ) ) { $field_data = ''; } } switch ( $this->field_rowset[$field_id]['field_type'] ) { case INPUT: case TEXTAREA: case RADIO: case SELECT: $data = htmlspecialchars( $field_data ); break; case SELECT_MULTIPLE: case CHECKBOX: $data = addslashes( serialize( $field_data ) ); break; } $sql = "DELETE FROM " . KB_CUSTOM_DATA_TABLE . " WHERE customdata_file = '$file_id' AND customdata_custom = '$field_id'"; if ( !$db->sql_query( $sql ) ) { mx_message_die( GENERAL_ERROR, 'Could not delete data from custom data table', '', __LINE__, __FILE__, $sql ); } if ( !empty( $data ) ) { $sql = "INSERT INTO " . KB_CUSTOM_DATA_TABLE . " (customdata_file, customdata_custom, data) VALUES('$file_id', '$field_id', '$data')"; if ( !$db->sql_query( $sql ) ) { mx_message_die( GENERAL_ERROR, 'Could not add additional data', '', __LINE__, __FILE__, $sql ); } } } } } } ?> Index: kb_footer.php =================================================================== RCS file: /cvsroot/mxbb/kb_076_mxaddon/root/includes/kb_footer.php,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** kb_footer.php 9 Jan 2005 22:16:31 -0000 1.1 --- kb_footer.php 28 Mar 2005 20:54:53 -0000 1.2 *************** *** 1,9 **** <?php ! /** ! * kb_footer.php ! * ------------------- ! * begin : Monday, Mar 31, 2003 ! * copyright : (C) 2001 The phpBB Group ! * email : su...@ph... * * $Id$ --- 1,12 ---- <?php ! /** ------------------------------------------------------------------------ ! * subject : mx-portal, CMS & portal ! * begin : june, 2002 ! * copyright : (C) 2002-2005 MX-System ! * email : jon...@ho... ! * project site : www.mx-system.com ! * ! * description : ! * ------------------------------------------------------------------------- * * $Id$ *************** *** 17,21 **** */ ! if ( !defined( 'IN_PHPBB' ) ) { die( "Hacking attempt" ); --- 20,24 ---- */ ! if ( !defined( 'IN_PORTAL' ) ) { die( "Hacking attempt" ); Index: kb_moderator.php =================================================================== RCS file: /cvsroot/mxbb/kb_076_mxaddon/root/includes/kb_moderator.php,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** kb_moderator.php 9 Jan 2005 22:16:31 -0000 1.1 --- kb_moderator.php 28 Mar 2005 20:54:53 -0000 1.2 *************** *** 1,9 **** <?php ! /** ! * admin_kb_art.php ! * ------------------- ! * begin : Monday, Mar 31, 2003 ! * copyright : (C) 2001 The phpBB Group ! * email : su...@ph... * * $Id$ --- 1,12 ---- <?php ! /** ------------------------------------------------------------------------ ! * subject : mx-portal, CMS & portal ! * begin : june, 2002 ! * copyright : (C) 2002-2005 MX-System ! * email : jon...@ho... ! * project site : www.mx-system.com ! * ! * description : ! * ------------------------------------------------------------------------- * * $Id$ *************** *** 17,37 **** */ // MX ! if ( !defined( 'IN_PHPBB' ) ) { die( "Hacking attempt" ); } - if ( !$is_admin ) - { - $message = $lang['No_add'] . '<br /><br />' . sprintf( $lang['Click_return_kb'], '<a href="' . append_sid( this_kb_mxurl() ) . '">', '</a>' ) . '<br /><br />' . sprintf( $lang['Click_return_index'], '<a href="' . append_sid( $mx_root_path . "index.$phpEx" ) . '">', '</a>' ); - message_die( GENERAL_MESSAGE, $message ); - } - include( $phpbb_root_path . 'includes/functions_admin.' . $phpEx ); ! $category_id = $HTTP_GET_VARS['cat']; ! $page_id = $HTTP_GET_VARS['page']; $ref_stats = ( isset( $HTTP_GET_VARS['ref'] ) ) ? true : 0; if ( isset( $HTTP_POST_VARS['action'] ) || isset( $HTTP_GET_VARS['action'] ) ) { --- 20,48 ---- */ // MX ! if ( !defined( 'IN_PORTAL' ) ) { die( "Hacking attempt" ); } include( $phpbb_root_path . 'includes/functions_admin.' . $phpEx ); ! $category_id = ( isset( $HTTP_GET_VARS['cat'] ) ) ? intval ( $HTTP_GET_VARS['cat']) : intval ( $HTTP_POST_VARS['cat'] ); ! $page_id = ( isset( $HTTP_GET_VARS['page'] ) ) ? intval ( $HTTP_GET_VARS['page']) : intval ( $HTTP_POST_VARS['page'] ); $ref_stats = ( isset( $HTTP_GET_VARS['ref'] ) ) ? true : 0; + // Start auth check + // + $kb_is_auth = array(); + $kb_is_auth = kb_auth(AUTH_ALL, $category_id, $userdata); + + // End of auth check + // + + if ( !($kb_is_auth['auth_mod'] && $userdata['session_logged_in']) ) + { + $message = $lang['No_add'] . '<br /><br />' . sprintf( $lang['Click_return_kb'], '<a href="' . append_sid( this_kb_mxurl() ) . '">', '</a>' ) . '<br /><br />' . sprintf( $lang['Click_return_index'], '<a href="' . append_sid( $mx_root_path . "index.$phpEx" ) . '">', '</a>' ); + mx_message_die( GENERAL_MESSAGE, $message ); + } + if ( isset( $HTTP_POST_VARS['action'] ) || isset( $HTTP_GET_VARS['action'] ) ) { *************** *** 58,74 **** } switch ( $action ) { case 'approve': - $article_id = $HTTP_GET_VARS['a']; - $topic_sql = ''; ! if ( $kb_config['comments'] ) { $sql = "SELECT * FROM " . KB_ARTICLES_TABLE . " WHERE article_id = " . $article_id; if ( !( $results = $db->sql_query( $sql ) ) ) { ! message_die( GENERAL_ERROR, "Could not obtain article data", '', __LINE__, __FILE__, $sql ); } --- 69,85 ---- } + $article_id = intval ( $HTTP_GET_VARS['a'] ); + switch ( $action ) { case 'approve': $topic_sql = ''; ! if ( $kb_is_auth['auth_comment'] && $kb_config['use_comments'] ) { $sql = "SELECT * FROM " . KB_ARTICLES_TABLE . " WHERE article_id = " . $article_id; if ( !( $results = $db->sql_query( $sql ) ) ) { ! mx_message_die( GENERAL_ERROR, "Could not obtain article data", '', __LINE__, __FILE__, $sql ); } *************** *** 77,122 **** if ( !$row['topic_id'] ) { ! // choose a user ! $user_id = $kb_config['admin_id']; ! // initialise the userdata ! $sql = "SELECT * FROM " . USERS_TABLE . " WHERE user_id = $user_id"; ! if ( !( $result = $db->sql_query( $sql ) ) ) ! { ! message_die( CRITICAL_ERROR, 'Could not obtain lastvisit data from user table', '', __LINE__, __FILE__, $sql ); ! } ! $user = $db->sql_fetchrow( $result ); ! init_userprefs( $user ); ! ! $kb_cat = get_kb_cat( $row['article_category_id'] ); ! $type = get_kb_type( $row['article_type'] ); ! $author = get_kb_author( $row['article_author_id'] ); ! ! $search = array ( "'&(quot|#34);'i", // Replace HTML entities ! "'&(amp|#38);'i", ! "'&(lt|#60);'i", ! "'&(gt|#62);'i" ! ); ! $replace = array ( "\"", ! "&", ! "<", ! ">" ! ); ! ! $temp_url = "http://" . $board_config['server_name'] . $board_config['script_path'] . "kb." . $phpEx . "?mode=article&k=" . $article_id; ! $message = "[b]" . $lang['Category'] . ":[/b] " . $kb_cat['category_name'] . "\n"; ! $message .= "[b]" . $lang['Article_type'] . ":[/b] " . $type . "\n\n"; ! $message .= "[b]" . $lang['Article_title'] . ":[/b] " . preg_replace( $search, $replace, $row['article_title'] ) . "\n"; ! $message .= "[b]" . $lang['Author'] . ":[/b] " . $author . "\n"; ! $message .= "[b]" . $lang['Article_description'] . ":[/b] " . preg_replace( $search, $replace, $row['article_description'] ) . "\n\n"; ! $message .= "[b][url=" . $temp_url . "]" . $lang['Read_full_article'] . "[/url][/b]"; ! ! $subject = '[ KB ] ' . $row['article_title']; ! ! $subject = str_replace( "'", "\'" , $subject ); ! $message = str_replace( "'", "\'" , $message ); ! ! $forum_id = $kb_config['forum_id']; ! ! $topic_data = insert_post( $message, $subject, $forum_id, $user['user_id'], $user['username'], $user['user_attachsig'] ); $topic_sql = ", topic_id = " . $topic_data['topic_id']; } --- 88,106 ---- if ( !$row['topic_id'] ) { ! $kb_comment = array(); ! ! // Populate the kb_comment variable ! $kb_comment = kb_get_data($row, $userdata); ! ! // Compose post header ! $subject = $lang['KB_comment_prefix'] . $kb_comment['article_title']; ! $message_temp = kb_compose_comment( $kb_comment ); ! ! $kb_message = $message_temp['message']; ! $kb_update_message = $message_temp['update_message']; ! ! // Post ! $topic_data = kb_insert_post( $kb_message, $subject, $kb_comment['category_forum_id'], $kb_comment['article_editor_id'], $kb_comment['article_editor'], $kb_comment['article_editor_sig'], $kb_comment['topic_id'], $kb_update_message ); ! $topic_sql = ", topic_id = " . $topic_data['topic_id']; } *************** *** 128,162 **** if ( !( $result = $db->sql_query( $sql ) ) ) { ! message_die( GENERAL_ERROR, "Could not update article data", '', __LINE__, __FILE__, $sql ); ! } ! ! $sql = "SELECT article_category_id, article_body ! FROM " . KB_ARTICLES_TABLE . " ! WHERE article_id = " . $article_id; ! ! if ( !( $result = $db->sql_query( $sql ) ) ) ! { ! message_die( GENERAL_ERROR, "Could not obtain article category", '', __LINE__, __FILE__, $sql ); } ! if ( $article = $db->sql_fetchrow( $result ) ) ! { ! $article_category_id = $article['article_category_id']; ! $body = $article['article_body']; ! } update_kb_number( $article_category_id, '+ 1' ); ! add_kb_words( $article_id, $body ); ! ! $message = $lang['Article_approved'] . '<br /><br />' . sprintf( $lang['Click_return_article_manager'], '<a href="' . append_sid( $phpbb_root_path . "kb.$phpEx?mode=cat&cat=$article_category_id" ) . '">', '</a>' ) ; ! message_die( GENERAL_MESSAGE, $message ); break; case 'unapprove': - $article_id = $HTTP_GET_VARS['a']; - $sql = "UPDATE " . KB_ARTICLES_TABLE . " SET approved = 0 WHERE article_id = " . $article_id; --- 112,130 ---- if ( !( $result = $db->sql_query( $sql ) ) ) { ! mx_message_die( GENERAL_ERROR, "Could not update article data", '', __LINE__, __FILE__, $sql ); } ! $article_category_id = $row['article_category_id']; update_kb_number( $article_category_id, '+ 1' ); + mx_add_search_words( 'single', $article_id, stripslashes( $row['article_body'] ), stripslashes( $row['article_title'] ), 'kb' ); ! $message = $lang['Article_approved'] . '<br /><br />' . sprintf( $lang['Click_return_article_manager'], '<a href="' . append_sid( this_kb_mxurl( "page=$page_id&mode=cat&cat=$category_id" ) ) . '">', '</a>' ) ; ! mx_message_die( GENERAL_MESSAGE, $message ); break; case 'unapprove': $sql = "UPDATE " . KB_ARTICLES_TABLE . " SET approved = 0 WHERE article_id = " . $article_id; *************** *** 164,168 **** if ( !( $result = $db->sql_query( $sql ) ) ) { ! message_die( GENERAL_ERROR, "Could not update article data", '', __LINE__, __FILE__, $sql ); } --- 132,136 ---- if ( !( $result = $db->sql_query( $sql ) ) ) { ! mx_message_die( GENERAL_ERROR, "Could not update article data", '', __LINE__, __FILE__, $sql ); } *************** *** 173,177 **** if ( !( $result = $db->sql_query( $sql ) ) ) { ! message_die( GENERAL_ERROR, "Could not obtain article category", '', __LINE__, __FILE__, $sql ); } --- 141,145 ---- if ( !( $result = $db->sql_query( $sql ) ) ) { ! mx_message_die( GENERAL_ERROR, "Could not obtain article category", '', __LINE__, __FILE__, $sql ); } *************** *** 182,189 **** update_kb_number( $article_category_id, '- 1' ); ! $message = $lang['Article_unapproved'] . '<br /><br />' . sprintf( $lang['Click_return_article_manager'], '<a href="' . append_sid( $phpbb_root_path . "kb.$phpEx?mode=cat&cat=$article_category_id" ) . '">', '</a>' ) ; ! message_die( GENERAL_MESSAGE, $message ); break; --- 150,158 ---- update_kb_number( $article_category_id, '- 1' ); + mx_remove_search_post( $article_id, 'kb' ); ! $message = $lang['Article_unapproved'] . '<br /><br />' . sprintf( $lang['Click_return_article_manager'], '<a href="' . append_sid( this_kb_mxurl( "page=$page_id&mode=cat&cat=$category_id") ) . '">', '</a>' ) ; ! mx_message_die( GENERAL_MESSAGE, $message ); break; *************** *** 192,204 **** if ( $HTTP_GET_VARS['c'] == "yes" ) { - $article_id = $HTTP_GET_VARS['a']; - $sql = "SELECT article_category_id, approved, topic_id ! FROM " . KB_ARTICLES_TABLE . " ! WHERE article_id = " . $article_id; if ( !( $result = $db->sql_query( $sql ) ) ) { ! message_die( GENERAL_ERROR, "Could not obtain article category", '', __LINE__, __FILE__, $sql ); } --- 161,171 ---- if ( $HTTP_GET_VARS['c'] == "yes" ) { $sql = "SELECT article_category_id, approved, topic_id ! FROM " . KB_ARTICLES_TABLE . " ! WHERE article_id = " . $article_id; if ( !( $result = $db->sql_query( $sql ) ) ) { ! mx_message_die( GENERAL_ERROR, "Could not obtain article category", '', __LINE__, __FILE__, $sql ); } *************** *** 213,217 **** } ! if ( $kb_config['del_topic'] && $article['topic_id'] ) { $topic = $article['topic_id']; --- 180,184 ---- } ! if ( $kb_config['del_topic'] && $kb_is_auth['auth_delete'] && $article['topic_id'] ) { $topic = $article['topic_id']; *************** *** 223,227 **** if ( !( $result = $db->sql_query( $sql ) ) ) { ! message_die( GENERAL_ERROR, 'Could not get poster id information', '', __LINE__, __FILE__, $sql ); } --- 190,194 ---- if ( !( $result = $db->sql_query( $sql ) ) ) { ! mx_message_die( GENERAL_ERROR, 'Could not get poster id information', '', __LINE__, __FILE__, $sql ); } *************** *** 241,245 **** if ( !$db->sql_query( $count_sql[$i] ) ) { ! message_die( GENERAL_ERROR, 'Could not update user post count information', '', __LINE__, __FILE__, $sql ); } } --- 208,212 ---- if ( !$db->sql_query( $count_sql[$i] ) ) { ! mx_message_die( GENERAL_ERROR, 'Could not update user post count information', '', __LINE__, __FILE__, $sql ); } } *************** *** 252,256 **** if ( !( $result = $db->sql_query( $sql ) ) ) { ! message_die( GENERAL_ERROR, 'Could not get forum id information', '', __LINE__, __FILE__, $sql ); } --- 219,223 ---- if ( !( $result = $db->sql_query( $sql ) ) ) { ! mx_message_die( GENERAL_ERROR, 'Could not get forum id information', '', __LINE__, __FILE__, $sql ); } *************** *** 267,271 **** if ( !( $result = $db->sql_query( $sql ) ) ) { ! message_die( GENERAL_ERROR, 'Could not get post id information', '', __LINE__, __FILE__, $sql ); } --- 234,238 ---- if ( !( $result = $db->sql_query( $sql ) ) ) { ! mx_message_die( GENERAL_ERROR, 'Could not get post id information', '', __LINE__, __FILE__, $sql ); } *************** *** 289,293 **** if ( !$db->sql_query( $sql, BEGIN_TRANSACTION ) ) { ! message_die( GENERAL_ERROR, 'Could not delete topics', '', __LINE__, __FILE__, $sql ); } --- 256,260 ---- if ( !$db->sql_query( $sql, BEGIN_TRANSACTION ) ) { ! mx_message_die( GENERAL_ERROR, 'Could not delete topics', '', __LINE__, __FILE__, $sql ); } *************** *** 299,303 **** if ( !$db->sql_query( $sql ) ) { ! message_die( GENERAL_ERROR, 'Could not delete posts', '', __LINE__, __FILE__, $sql ); } --- 266,270 ---- if ( !$db->sql_query( $sql ) ) { ! mx_message_die( GENERAL_ERROR, 'Could not delete posts', '', __LINE__, __FILE__, $sql ); } *************** *** 309,313 **** if ( !$db->sql_query( $sql ) ) { ! message_die( GENERAL_ERROR, 'Could not delete posts text', '', __LINE__, __FILE__, $sql ); } } --- 276,280 ---- if ( !$db->sql_query( $sql ) ) { ! mx_message_die( GENERAL_ERROR, 'Could not delete posts text', '', __LINE__, __FILE__, $sql ); } } *************** *** 321,325 **** if ( !$db->sql_query( $sql, END_TRANSACTION ) ) { ! message_die( GENERAL_ERROR, 'Could not delete watched post list', '', __LINE__, __FILE__, $sql ); } if ( !empty( $forum_id ) ) --- 288,292 ---- if ( !$db->sql_query( $sql, END_TRANSACTION ) ) { ! mx_message_die( GENERAL_ERROR, 'Could not delete watched post list', '', __LINE__, __FILE__, $sql ); } if ( !empty( $forum_id ) ) *************** *** 333,337 **** if ( !( $result = $db->sql_query( $sql ) ) ) { ! message_die( GENERAL_ERROR, "Could not delete article data", '', __LINE__, __FILE__, $sql ); } --- 300,304 ---- if ( !( $result = $db->sql_query( $sql ) ) ) { ! mx_message_die( GENERAL_ERROR, "Could not delete article data", '', __LINE__, __FILE__, $sql ); } *************** *** 340,349 **** if ( !( $result = $db->sql_query( $sql ) ) ) { ! message_die( GENERAL_ERROR, "Could not delete article wordmatch data", '', __LINE__, __FILE__, $sql ); } ! $message = $lang['Article_deleted'] . '<br /><br />' . sprintf( $lang['Click_return_article_manager'], '<a href="' . append_sid( $phpbb_root_path . "kb.$phpEx?mode=cat&cat=$article_category_id" ) . '">', '</a>' ) ; ! message_die( GENERAL_MESSAGE, $message ); } else --- 307,318 ---- if ( !( $result = $db->sql_query( $sql ) ) ) { ! mx_message_die( GENERAL_ERROR, "Could not delete article wordmatch data", '', __LINE__, __FILE__, $sql ); } ! mx_remove_search_post( $article_id, 'kb' ); ! $message = $lang['Article_deleted'] . '<br /><br />' . sprintf( $lang['Click_return_article_manager'], '<a href="' . append_sid( this_kb_mxurl("page=$page_id&mode=cat&cat=$category_id") ) . '">', '</a>' ) ; ! ! mx_message_die( GENERAL_MESSAGE, $message ); } else *************** *** 351,357 **** $category_id = ( $ref_stats ? 1 : $category_id ); ! $message = $lang['Confirm_art_delete'] . '<br /><br />' . sprintf( $lang['Confirm_art_delete_yes'], '<a href="' . append_sid( $phpbb_root_path . "kb.$phpEx?mode=moderate&action=delete&page=$page_id&cat=$article_category_id&c=yes&a=" . $HTTP_GET_VARS['a'] ) . '">', '</a>' ) . '<br /><br />' . sprintf( $lang['Confirm_art_delete_no'], '<a href="' . append_sid( $phpbb_root_path . "kb.$phpEx?mode=cat&cat=$category_id" ) . '">', '</a>' ); ! ! message_die( GENERAL_MESSAGE, $message ); } break; --- 320,325 ---- $category_id = ( $ref_stats ? 1 : $category_id ); ! $message = $lang['Confirm_art_delete'] . '<br /><br />' . sprintf( $lang['Confirm_art_delete_yes'], '<a href="' . append_sid( this_kb_mxurl( "mode=moderate&action=delete&page=$page_id&cat=$category_id&c=yes&a=" . $article_id ) ) . '">', '</a>' ) . '<br /><br />' . sprintf( $lang['Confirm_art_delete_no'], '<a href="' . append_sid( $mx_root_path . "index.$phpEx?page=$page_id&mode=cat&cat=$category_id" ) . '">', '</a>' ); ! mx_message_die( GENERAL_MESSAGE, $message ); } break; --- NEW FILE: kb_post.php --- <?php /** ------------------------------------------------------------------------ * subject : mx-portal, CMS & portal * begin : june, 2002 * copyright : (C) 2002-2005 MX-System * email : jon...@ho... * project site : www.mx-system.com * * description : * ------------------------------------------------------------------------- * * $Id: kb_post.php,v 1.1 2005/03/28 20:54:53 jonohlsson Exp $ */ /** * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. */ if ( !defined( 'IN_PORTAL' ) ) { die( "Hacking attempt" ); } $category_id = ( isset( $HTTP_GET_VARS['cat'] ) ) ? intval ( $HTTP_GET_VARS['cat'] ) : intval ( ... [truncated message content] |
