File Source for mod.php

<?php
/**
* @package linea21.modules
* @subpackage news
* @author linea21 <info@linea21.com>
* @version $id SVN
* @access public
* @license http://opensource.org/licenses/gpl-3.0.html
*/
//////////// Check Inclusion de pages ////////////
if (!function_exists('AuthenthificationProcess')) {
include_once("../lib/lib_common.php");
ReloadIndex('admin');
}
////////////
//////////// Check Droits utilisateur ////////////
if (!HaveRight('news')) ReloadIndex('admin');
////////////
if (isset($_GET['id'])) $id=$_GET['id'];
if (isset($_POST['id'])) $id=$_POST['id'];
$news_object = new news;
$mask_template_1='';
$mask_template_2='';
$mask_template_3='';
$mask_template_4='';
$mask_statut_P='';
$mask_statut_D='';
$mask_archive_P='';
$mask_archive_D='';
$mask_archive_AA='';
$mask_archive_PA='';
$layer_tpl_1_2 = 'style="display:none;"';
$layer_tpl_3 = 'style="display:none;"';
if(isset($_POST['enregistrer'])) {
include_once('../class/system/class.upload.php');
$upload_object= new upload;
$data_table=unserialize(urldecode($_POST['data_table']));
$result=$news_object->ModifyNews($id, $data_table, $sql_object);
$visual_uri=GetAllPhotoUri($data_table[7]);
if($visual_uri!=0) {
if(isset($visual_uri[0])) $result_rename=$upload_object->Archivefile('../'.$visual_uri[0]);
if(isset($visual_uri[1])) $result_rename=$upload_object->Archivefile('../'.$visual_uri[1]);
}
$link_confirm="confirm.php?rub=".$rub."&todo=".$todo;
if($result) header("Location: ".$link_confirm);
else system_error();
}
// Titre de l'actu en cours de modification
$requete=SQL_getNewsTitle($id);
$result=$sql_object->DBSelect($requete);
if($result==0 || count($result)!=1) exit;
else $news_current_title=formatText($result[0]['news_title'],'2HTML');
// Obtention des données de la BDD
$req_det= SQL_getoneCompleteNews($id);
$result=$sql_object->DBSelect($req_det);
if($result==0 || count($result)!=1) exit;
$form_title=formatText($result[0]['news_title'], '2FIELD');
$form_header=formatText($result[0]['news_header'], '2FIELD');
$form_body=formatText($result[0]['news_body'], '2FIELD');
$form_theme=$result[0]['news_theme'];
$form_scale=$result[0]['news_scale'];
$form_level=$result[0]['news_level'];
$form_template=$result[0]['news_template'];
$current_template=$form_template;
$form_statut=$result[0]['news_statut'];
$current_statut=$result[0]['news_statut'];
$news_owner = $result[0]['news_posted_by'];
//////////// Check Droits utilisateur ////////////
if (!HaveRight('news')) ReloadIndex('admin');
if (GetSessionElement('id')!=$news_owner && !IsSuperAdmin()) ReloadIndex('admin');
////////////
$news_photouri=urlencode($result[0]['news_photo_uri']);
$visual=GetAllPhotoUri($result[0]['news_photo_uri']);
$reca_visual="<dl class=\"dl_mod\">\n";
$reca_visual.="<dt>"._t('news','photouri').": </dt>\n";
if($visual==0) {
$reca_visual.="<dd>"._t('divers','none')."</dd>\n";
} else {
$complete_uri='../'.$visual[0];
$reca_visual.="<dd> </dd>\n";
$reca_visual.="<dt> ."._t('news','visu1').": </dt>\n";
$reca_visual.='<dd>'.EnlargeImage($complete_uri)."</dd>\n";
if(isset($visual[1])) {
$complete_uri='../'.$visual[1];
$reca_visual.="<dt> ."._t('news','visu2').": </dt>\n";
$reca_visual.='<dd>'.EnlargeImage($complete_uri)."</dd>\n";
}
}
$reca_visual.="</dl>\n";
if(isset($_POST['valider'])) {
$table[0]=$_POST['news_title'];
$table[1]=$_POST['news_header'];
$table[2]=$_POST['news_body'];
$table[3]=$_POST['news_theme'];
$table[4]=$_POST['news_scale'];
$table[5]=$_POST['news_level'];
$table[6]=$_POST['news_template'];
$news_photo_uri=urldecode($_POST['news_photouri']);
$table[7]=$news_photo_uri;
$table[8]=$_POST['news_statut'];
$table[9]=$current_statut; // statut courant
$current_template=urldecode($_POST['current_template']);
$news_object= new news;
$integrity=$news_object->CheckDataIntegrity($table);
// si changement de template
if($_POST['news_template']!=$current_template) {
if(($_POST['news_template']==1 && $current_template==2) || ($_POST['news_template']==2 && $current_template==1)) {
$table[7]=urldecode($_POST['news_photouri']);
$template_integrity=1;
} else {
if($_POST['news_template']==4) {
$table[7]='';
$template_integrity=1;
$news_photo_uri='';
$reca_visual='';
} else {
$template_integrity=1;
if(($_POST['news_template']==1 || $_POST['news_template']==2) && (!isset($_FILES['news_visuel1']) || $_FILES['news_visuel1']['name']=='')) $template_integrity=_t('news','no_visu1');
if(((!isset($_FILES['news_visuel1']) || $_FILES['news_visuel1']['name']=='') || (!isset($_FILES['news_visuel2']) || $_FILES['news_visuel2']['name']=='')) && $_POST['news_template']==3) $template_integrity=_t('news','no_visu2');
}
}
} else $template_integrity=1;
if($template_integrity!=1 && !is_string($integrity)) $integrity=$template_integrity;
if(!is_string($integrity)) {
if ($_POST['news_template'] != 4 && (isset($_FILES['news_visuel1']) && $_FILES['news_visuel1']['name']!='')) {
include_once('../class/system/class.upload.php');
include_once('../class/system/class.image.php');
$image_object = new image;
$upload_object = new upload;
$upload1 = $_FILES['news_visuel1'];
$size_integrity=$upload_object->CheckMaxFile($upload1['size'], $news_object->UPLOAD_MAX_MO);
if(is_string($size_integrity)) $integrity=$size_integrity;
$format_integrity=$upload_object->CheckExtImage($upload1['name']);
if(is_string($format_integrity)) $integrity=$format_integrity;
if($_POST['news_template'] == 3 && (isset($_FILES['news_visuel2']) && $_FILES['news_visuel2']['name']!='')) {
$upload2 = $_FILES['news_visuel2'];
$size_integrity=$upload_object->CheckMaxFile($upload2['size'], $news_object->UPLOAD_MAX_MO);
if(is_string($size_integrity)) $integrity=$size_integrity;
$format_integrity=$upload_object->CheckExtImage($upload2['name']);
if(is_string($format_integrity)) $integrity=$format_integrity;
}
if(!is_string($integrity)) {
$dir_name=$id.'/';
$destination="../".$news_object->URI_INPUT.$dir_name;
$bdd_name="1.".$upload_object->GetExtension($upload1['name']);
$final_name='temp_'.$bdd_name;
$visual_link1=$destination.$final_name;
$table[7]=$news_object->URI_INPUT.$dir_name.$bdd_name;
if(isset($upload1)) {
$result_upload=$upload_object->UploadFile($upload1, $final_name, $destination);
// création des thumbs
$min_name=get_min_name($destination.$final_name);
$image_object->ThumbCreate($destination.$final_name, $min_name , $news_object->MAX_PHOTO_MIN_WIDTH);
// on retaille l'original au besoin.
if(PHOTO_RESIZE==true && ExcedMaxSize($destination.$final_name, $news_object->MAX_PHOTO_MAX_WIDTH)) {
$image_object->ThumbCreate($destination.$final_name, $destination.$final_name , $news_object->MAX_PHOTO_MAX_WIDTH);
}
// préparation de l'affichage de la miniature
$visual_link1=EnlargeImage($visual_link1);
} else $visual_link1=EnlargeImage($destination.$bdd_name);
if($_POST['news_template'] == 3) {
$bdd_name="2.".$upload_object->GetExtension($upload1['name']);
$final_name='temp_'.$bdd_name;
$visual_link2=$destination.$final_name;
$table[7] .= '|'.$news_object->URI_INPUT.$dir_name.$bdd_name;
if(isset($upload2)) {
$result_upload=$upload_object->UploadFile($upload2, $final_name, $destination);
// création des thumbs
$min_name=get_min_name($destination.$final_name);
$image_object->ThumbCreate($destination.$final_name, $min_name , $news_object->MAX_PHOTO_MIN_WIDTH);
// on retaille l'original au besoin.
if(PHOTO_RESIZE==true && ExcedMaxSize($destination.$final_name, $news_object->MAX_PHOTO_MAX_WIDTH)) {
$image_object->ThumbCreate($destination.$final_name, $destination.$final_name , $news_object->MAX_PHOTO_MAX_WIDTH);
}
// préparation de l'affichage de la miniature
$visual_link2=EnlargeImage($visual_link2);
} else $visual_link2=EnlargeImage($destination.$bdd_name);
}
}
}
}
if(is_string($integrity)) $text_format='2FIELD';
else $text_format='2HTML';
$form_title=formatText($_POST['news_title'],$text_format);
$form_header=formatText($_POST['news_header'], $text_format);
$form_body=formatText($_POST['news_body'], $text_format);
$form_theme=$_POST['news_theme'];
$form_scale=$_POST['news_scale'];
$form_level=$_POST['news_level'];
$form_template=$_POST['news_template'];
$form_statut=$_POST['news_statut'];
if($_POST['news_template']==1) $mask_template_1=" selected=\"selected\"";
if($_POST['news_template']==2) $mask_template_2=" selected=\"selected\"";
if($_POST['news_template']==3) {
$mask_template_3=" selected=\"selected\"";
$layer_tpl_3 = "style=\"display:block;\"";
}
if($_POST['news_template']==4) {
$mask_template_4=" selected=\"selected\"";
$layer_tpl_1_2 = "style=\"display:none;\"";
}
if($_POST['news_statut']=='D') $mask_statut_D="checked=\"checked\""; else $mask_statut_D='';
if($_POST['news_statut']=='P') $mask_statut_P="checked=\"checked\""; else $mask_statut_P='';
$table=urlencode(serialize($table));
}
include_once("../lib/input_helpers.php");
// select-box de thèmes
$data=$sql_object->DBSelect($req_list_theme);
$select_theme=ThemeSelectBox($data, "news_theme", $form_theme);
// select-box des échelles
$data=$sql_object->DBSelect($req_list_scale);
$select_scale=ScaleSelectBox($data, "news_scale", $form_scale);
// select-box des niveaux
$data=$sql_object->DBSelect($req_list_level);
$select_level=LevelSelectBox($data, "news_level", $form_level);
// select-box Templates
if($form_template==1) $mask_template_1=' selected="selected"';
if($form_template==2) $mask_template_2=' selected="selected"';
if($form_template==3) $mask_template_3=' selected="selected"';
if($form_template==4) $mask_template_4=' selected="selected"';
$select_template="<select name=\"news_template\" id=\"news_template\" onchange=\"ShowFilesLayer(this.value, 'news')\">\n";
$select_template.="<option value=\"1\"".$mask_template_1.">".$news_object->GetTemplateName(1)."</option>\n";
$select_template.="<option value=\"2\"".$mask_template_2.">".$news_object->GetTemplateName(2)."</option>\n";
$select_template.="<option value=\"3\"".$mask_template_3.">".$news_object->GetTemplateName(3)."</option>\n";
$select_template.="<option value=\"4\"".$mask_template_4.">".$news_object->GetTemplateName(4)."</option>\n";
$select_template.="</select>\n";
// select-box statut
if($form_statut=='P') $mask_archive_P=' selected="selected"';
if($form_statut=='D') $mask_archive_D=' selected="selected"';
if($form_statut=='AA') $mask_archive_AA=' selected="selected"';
if($form_statut=='PA') $mask_archive_PA=' selected="selected"';
$select_statut="<select name=\"news_statut\" id=\"news_statut\">\n";
$select_statut.="<option value=\"P\"".$mask_archive_P.">".display_statut('P')."</option>\n";
$select_statut.="<option value=\"D\"".$mask_archive_D.">".display_statut('D')."</option>\n";
$select_statut.="<option value=\"AA\"".$mask_archive_AA.">".display_statut('AA')."</option>\n";
$select_statut.="<option value=\"PA\"".$mask_archive_PA.">".display_statut('PA')."</option>\n";
$select_statut.="</select>\n";
// Préparation affichage des layers Upload
if($form_template!=4) {
$layer_tpl_1_2 = 'style="display:block;"';
if($form_template==3) $layer_tpl_3 = 'style="display:block;"';
}
?>
<div id="chemin">
<ul>
<li>
<a href="index.php" class="chemin_home"><? echo _t('way','home'); ?></a>
</li>
<li>
<a href="<?php echo $rub_link; ?>" id="chemin_<? echo $rub; ?>" class="chemin_rub"><? echo _t('menu','news');?></a>
</li>
<li>
<span><? echo formatNavTitle(_t('news','mod'). ' : '.$news_current_title); ?></span>
</li>
</ul>
</div>
<?php
include_once(THEME_ADMIN_PATH."quickicons.php");
?>
<?php
if(!isset($integrity) || is_string($integrity)) {
?>
<div class="contentcontainer">
<?php
include_once($dir."/menurub.php");
?>
<div id="content">
<?php
if(isset($integrity) && is_string($integrity)) display_errors($integrity);
?>
<h2><? echo formatTitleh2($news_current_title); ?></h2>
<form id="modnews" action="<?php echo $_SERVER['SCRIPT_NAME']; ?>" method="post" enctype="multipart/form-data">
<p>
<label for="news_title"><? echo _t('news','title'); ?> : *</label>
<input name="news_title" type="text" class="textfield" maxlength="200" id="news_title" value="<?php echo $form_title; ?>" />
</p>
<p>
<label for="news_header"><? echo _t('news','header'); ?> : *</label>
<textarea id="news_header" name="news_header" class="largetextfield" <?php echo AREA_SETTINGS; ?>><?php echo $form_header; ?></textarea>
</p>
<p>
<label for="news_body"><? echo _t('news','body'); ?> : *</label>
<textarea id="news_body" name="news_body" class="largetextfield" <?php echo AREA_SETTINGS; ?>><?php echo $form_body; ?></textarea>
</p>
<p>
<label for="news_theme" ><? echo _t('news','theme'); ?> : *</label>
<?php echo $select_theme; ?>
</p>
<p>
<label for="news_scale" ><? echo _t('news','scale'); ?> : *</label>
<?php echo $select_scale; ?>
</p>
<p>
<label for="news_level" ><? echo _t('news','level'); ?> : </label>
<?php echo $select_level; ?>
</p>
<p>
<label for="news_template" ><? echo _t('news','template'); ?> : </label>
<?php echo $select_template; ?>
</p>
<?php echo $reca_visual; ?>
<p id="layervisuel1" <?php echo $layer_tpl_1_2; ?>>
<label for="news_visuel1"><?php echo _t('news','visu1'); ?></label>
<input name="news_visuel1" type="file" size="47" id="news_visuel1" class="file" value="" /><br /><br />
</p>
<p id="layervisuel2" <?php echo $layer_tpl_3; ?>>
<label for="news_visuel2"><?php echo _t('news','visu2'); ?></label>
<input name="news_visuel2" type="file" size="47" id="news_visuel2" class="file" /><br /><br />
</p>
<p style="clear:both">
<label for="news_statut" ><? echo _t('news','statut'); ?> : </label>
<?php echo $select_statut; ?>
</p>
<div>
<input name="id" type="hidden" value="<?php echo $id; ?>" id="id" />
<input name="news_photouri" type="hidden" value="<?php echo $news_photouri; ?>" id="news_photouri" />
<input name="current_template" type="hidden" value="<?php echo $current_template; ?>" id="current_template" />
<input name="rub" type="hidden" value="<?php echo $rub; ?>" id="rub" />
<input name="todo" type="hidden" value="<?php echo $todo; ?>" id="todo" />
<?php echo cancel_button('javascript:history.go(-1);'); ?>
<input name="valider" type="submit" value="<? echo _t('btn','valid'); ?>" class="button" id="valider" />
</div>
</form>
</div>
<?php include_once($dir."/help.php"); ?>
</div>
<?php
// Récapitulatif
} else {
$requete=SQL_getonethemeName($form_theme);
$result=$sql_object->DBSelect($requete);
if($result==0 || count($result)!=1) exit;
else $theme_denomination=formatText($result[0]['theme_name']);
$requete=SQL_getonescaleDenomination($form_scale);
$result=$sql_object->DBSelect($requete);
if($result==0 || count($result)!=1) exit;
else $scale_denomination=formatText($result[0]['scale_denomination']);
if($form_level <> -1) {
$requete=SQL_getonelevelName($form_level);
$result=$sql_object->DBSelect($requete);
if($result==0 || count($result)!=1) exit;
else $level_denomination=formatText($result[0]['level_name']);
} else $level_denomination=_t('divers','none');
$display_form_header=formatText(empty_nc($form_header));
if(isset($visual_link1)) {
$reca_visual="<dt>"._t('news','photouri')."</dt>\n";
$reca_visual.="<dd> </dd>\n";
$reca_visual.="<dt>"._t('news','visu1')." :</dt>\n";
$reca_visual.="<dd>".$visual_link1."</dd>\n";
if(isset($visual_link2)) {
$reca_visual.="<dt>"._t('news','visu2')." :</dt>\n";
$reca_visual.="<dd>".$visual_link2."</dd>\n";
}
}
?>
<div class="contentcontainer">
<?php
include_once($dir."/menurub.php");
?>
<div id="content">
<h2><? echo formatTitleh2(_t('recap','title')); ?></h2>
<?php
echo "<dl class=\"dl3\">\n";
echo "<dt>"._t('news','title')."</dt>\n";
echo "<dd>".$form_title."</dd>\n";
echo "<dt>"._t('news','header'). "</dt>\n";
echo "<dd>".linkin_content($display_form_header)."</dd>\n";
echo "<dt>"._t('news','body')." :</dt>\n";
echo "<dd>".linkin_content($form_body)."</dd>\n";
echo "<dt>"._t('news','theme')." :</dt>\n";
echo "<dd>".$theme_denomination."</dd>\n";
echo "<dt>"._t('news','scale')." :</dt>\n";
echo "<dd>".$scale_denomination."</dd>\n";
echo "<dt>"._t('news','level')." :</dt>\n";
echo "<dd>".$level_denomination."</dd>\n";
echo "<dt>"._t('news','template')." :</dt>\n";
echo "<dd>".$news_object->GetTemplateName($form_template)."</dd>\n";
echo $reca_visual;
echo "<dt>"._t('divers','statut') ."</dt>\n";
echo "<dd>". display_statut($_POST['news_statut']). "</dd>\n";
echo "</dl>\n";
?>
<br style="clear:both" />
<form id="modscale" action="<?php echo $_SERVER['SCRIPT_NAME']; ?>" method="post">
<div>
<input name="id" type="hidden" value="<?php echo $id; ?>" id="id" />
<input name="rub" type="hidden" value="<?php echo $rub; ?>" id="rub" />
<input name="todo" type="hidden" value="<?php echo $todo; ?>" id="todo" />
<input name="data_table" type="hidden" value="<?php echo $table; ?>" id="data_table" />
<?php echo cancel_button('?rub=news&todo=list'); ?>
<input name="retour" type="button" value="<? echo _t('btn','preview'); ?>" class="button" id="retour" onclick="history.go(-1);" />
<input name="enregistrer" type="submit" value="<? echo _t('btn','save'); ?>" class="button" id="valider" />
</div>
</form>
</div>
<?php include_once($dir."/help.php"); ?>
</div>
<?php
}
?>

Source for file mod.php