locale = self::get_articleAdminLocale(); $this->articleSettings = self::get_article_settings(); if (isset($_GET['ref']) && $_GET['ref'] == "article_form") { $this->display_article_form(); } else { $this->display_article_listing(); } } /** * Displays Articles Form */ private function display_article_form() { // Delete Article self::execute_ArticlesDelete(); // Update Article self::execute_ArticlesUpdate(); /** * Global vars */ if ((isset($_GET['action']) && $_GET['action'] == "edit") && (isset($_POST['article_id']) && isnum($_POST['article_id'])) || (isset($_GET['article_id']) && isnum($_GET['article_id']))) { $result = dbquery("SELECT * FROM ".DB_ARTICLES." WHERE article_id=:articleid", [':articleid' => (isset($_POST['article_id']) ? $_POST['article_id'] : $_GET['article_id'])]); if (dbrows($result)) { $this->article_data = dbarray($result); } else { redirect(FUSION_SELF.fusion_get_aidlink()); } } // Data $this->article_data += $this->default_article_data; self::articleContent_form(); } private function execute_ArticlesDelete() { if (isset($_GET['action']) && $_GET['action'] == "delete" && isset($_GET['article_id']) && isnum($_GET['article_id'])) { $article_id = intval($_GET['article_id']); if (dbcount("(article_id)", DB_ARTICLES, "article_id=:articleid", [':articleid' => $article_id])) { dbquery("DELETE FROM ".DB_COMMENTS." WHERE comment_item_id=:commentid AND comment_type=:commenttype", [':commentid' => $article_id, ':commenttype' => 'A']); dbquery("DELETE FROM ".DB_RATINGS." WHERE rating_item_id=:ratingid AND rating_type=:ratingtype", [':ratingid' => $article_id, ':ratingtype' => 'A']); dbquery("DELETE FROM ".DB_ARTICLES." WHERE article_id=:articleid", [':articleid' => $article_id]); addNotice('success', $this->locale['article_0032']); } redirect(clean_request('', ['ref', 'action', 'cat_id'], FALSE)); } } /** * Create or Update a Article */ private function execute_ArticlesUpdate() { if ((isset($_POST['save'])) or (isset($_POST['save_and_close']))) { // Check posted Informations $article_snippet = ""; if ($_POST['article_snippet']) { $article_snippet = str_replace("src='".str_replace("../", "", IMAGES_A), "src='".IMAGES_A, (fusion_get_settings("allow_php_exe") ? htmlspecialchars($_POST['article_snippet']) : $_POST['article_snippet'])); } $article_article = ""; if ($_POST['article_article']) { $article_article = str_replace("src='".str_replace("../", "", IMAGES_A), "src='".IMAGES_A, (fusion_get_settings("allow_php_exe") ? htmlspecialchars($_POST['article_article']) : $_POST['article_article'])); } $this->article_data = [ 'article_id' => form_sanitizer($_POST['article_id'], 0, 'article_id'), 'article_subject' => form_sanitizer($_POST['article_subject'], '', 'article_subject'), 'article_cat' => form_sanitizer($_POST['article_cat'], 0, 'article_cat'), 'article_snippet' => form_sanitizer($article_snippet, '', 'article_snippet'), 'article_article' => form_sanitizer($article_article, '', 'article_article'), 'article_keywords' => form_sanitizer($_POST['article_keywords'], '', 'article_keywords'), 'article_datestamp' => form_sanitizer($_POST['article_datestamp'], '', 'article_datestamp'), 'article_visibility' => form_sanitizer($_POST['article_visibility'], 0, 'article_visibility'), 'article_draft' => isset($_POST['article_draft']) ? $_POST['article_draft'] : '0', 'article_allow_comments' => isset($_POST['article_allow_comments']) ? $_POST['article_allow_comments'] : '0', 'article_allow_ratings' => isset($_POST['article_allow_ratings']) ? $_POST['article_allow_ratings'] : '0', 'article_language' => form_sanitizer($_POST['article_language'], LANGUAGE, 'article_language') ]; // Line Breaks if (fusion_get_settings('tinymce_enabled') != 1) { $this->article_data['article_breaks'] = isset($_POST['article_breaks']) ? "y" : "n"; } else { $this->article_data['article_breaks'] = "n"; } // Handle if (\defender::safe()) { // Update if (dbcount("('article_id')", DB_ARTICLES, "article_id=:articleid", [':articleid' => $this->article_data['article_id']])) { dbquery_insert(DB_ARTICLES, $this->article_data, 'update'); addNotice('success', $this->locale['article_0031']); // Create } else { $this->article_data['article_name'] = fusion_get_userdata('user_id'); $this->article_data['article_id'] = dbquery_insert(DB_ARTICLES, $this->article_data, 'save'); addNotice('success', $this->locale['article_0030']); } // Redirect if (isset($_POST['save_and_close'])) { redirect(clean_request('', ['ref', 'action', 'article_id'], FALSE)); } else { redirect(FUSION_REQUEST); } } } } /** * Display Form for Article */ private function articleContent_form() { // Textarea Settings if (!fusion_get_settings('tinymce_enabled')) { $articleSnippetSettings = [ 'required' => TRUE, 'preview' => TRUE, 'type' => 'bbcode', 'placeholder' => $this->locale['article_0254'], 'error_text' => $this->locale['article_0271'], 'form_name' => 'articleform', 'wordcount' => TRUE, 'path' => IMAGES_A, 'rows' => '20', 'autosize' => TRUE ]; $articleExtendedSettings = [ 'required' => ($this->articleSettings['article_extended_required'] ? TRUE : FALSE), 'preview' => TRUE, 'html' => TRUE, 'placeholder' => $this->locale['article_0253'], 'error_text' => $this->locale['article_0272'], 'form_name' => 'articleform', 'wordcount' => TRUE, 'path' => IMAGES_A, 'rows' => '20', 'autosize' => TRUE ]; } else { $articleSnippetSettings = [ 'required' => TRUE, 'type' => 'bbcode', 'tinymce' => 'advanced', 'error_text' => $this->locale['article_0271'], 'path' => IMAGES_A, 'rows' => '20', ]; $articleExtendedSettings = [ 'required' => ($this->articleSettings['article_extended_required'] ? TRUE : FALSE), 'type' => 'tinymce', 'tinymce' => 'advanced', 'error_text' => $this->locale['article_0272'], 'path' => IMAGES_A, 'rows' => '20', ]; } // Set Session Cache echo \PHPFusion\Admins::getInstance()->requestCache('articleform', 'A', $this->article_data['article_id'], [ 'article_subject' => $this->locale['article_0163'], 'article_snippet' => $this->locale['article_0251'], 'article_article' => $this->locale['article_0252'] ]); // Start Form echo openform('articleform', 'post', $this->form_action, ['enctype' => TRUE]); echo "
\n"; self::display_articleButtons('formstart'); echo "
\n"; echo "
\n"; echo form_hidden('article_id', '', $this->article_data['article_id']); echo "
\n"; echo "
\n"; echo form_text('article_subject', '', $this->article_data['article_subject'], [ 'required' => TRUE, 'max_length' => 200, 'class' => 'form-group-lg', 'placeholder' => $this->locale['article_0163'], 'error_text' => $this->locale['article_0270'] ]); add_to_head(""); echo "\n"; echo "
\n"; echo "
\n"; echo form_textarea('article_snippet', '', $this->article_data['article_snippet'], $articleSnippetSettings); echo "
\n"; echo "
\n"; echo form_textarea('article_article', '', $this->article_data['article_article'], $articleExtendedSettings); echo "
\n"; echo "
\n"; echo "
\n"; openside($this->locale['article_0262']); echo form_select('article_draft', $this->locale['status'], $this->article_data['article_draft'], [ 'inline' => TRUE, 'inner_width' => '100%', 'options' => [ 1 => $this->locale['draft'], 0 => $this->locale['publish'] ] ]); echo form_select_tree('article_cat', $this->locale['article_0101'], $this->article_data['article_cat'], [ 'required' => TRUE, 'inline' => TRUE, 'error_text' => $this->locale['article_0273'], 'inner_width' => '100%', 'parent_value' => $this->locale['choose'], 'query' => (multilang_table("AR") ? "WHERE ".in_group('article_cat_language', LANGUAGE) : "") ], DB_ARTICLE_CATS, "article_cat_name", "article_cat_id", "article_cat_parent" ); echo form_select('article_visibility', $this->locale['article_0106'], $this->article_data['article_visibility'], [ 'options' => fusion_get_groups(), 'placeholder' => $this->locale['choose'], 'inner_width' => '100%', 'inline' => TRUE ]); if (multilang_table("AR")) { echo form_select('article_language[]', $this->locale['language'], $this->article_data['article_language'], [ 'options' => fusion_get_enabled_languages(), 'placeholder' => $this->locale['choose'], 'inner_width' => '100%', 'inline' => TRUE, 'multiple' => TRUE, 'delimeter' => '.' ]); } else { echo form_hidden('article_language', '', $this->article_data['article_language']); } echo form_datepicker('article_datestamp', $this->locale['article_0203'], $this->article_data['article_datestamp'], [ 'inline' => TRUE, 'inner_width' => '100%' ]); closeside(); openside(''); if (fusion_get_settings("tinymce_enabled") != 1) { echo form_checkbox('article_breaks', $this->locale['article_0257'], $this->article_data['article_breaks'], [ 'value' => 'y', 'reverse_label' => TRUE, 'class' => 'm-b-5' ]); } echo form_checkbox('article_allow_comments', $this->locale['article_0258'], $this->article_data['article_allow_comments'], [ 'reverse_label' => TRUE, 'class' => 'm-b-5', 'ext_tip' => (!fusion_get_settings("comments_enabled") ? "
".sprintf($this->locale['article_0274'], $this->locale['comments'])."
" : "") ]); echo form_checkbox('article_allow_ratings', $this->locale['article_0259'], $this->article_data['article_allow_ratings'], [ 'reverse_label' => TRUE, 'class' => 'm-b-5', 'ext_tip' => (!fusion_get_settings("ratings_enabled") ? "
".sprintf($this->locale['article_0274'], $this->locale['ratings'])."
" : "") ]); closeside(); openside($this->locale['article_0260']); echo form_select('article_keywords', '', $this->article_data['article_keywords'], [ 'max_length' => 320, 'placeholder' => $this->locale['article_0260a'], 'width' => '100%', 'inner_width' => '100%', 'tags' => TRUE, 'multiple' => TRUE ]); closeside(); echo "
\n
\n"; self::display_articleButtons("formend"); echo closeform(); } /** * Generate sets of push buttons for article Content form * * @param $unique_id */ private function display_articleButtons($unique_id) { echo form_button('cancel', $this->locale['cancel'], $this->locale['cancel'], [ 'class' => 'btn-sm btn-default', 'icon' => 'fa fa-times', 'input-id' => 'cancel-'.$unique_id ]); echo form_button('save', $this->locale['save'], $this->locale['save'], [ 'class' => 'btn-sm btn-success', 'icon' => 'fa fa-hdd-o', 'input-id' => 'save-'.$unique_id ]); echo form_button('save_and_close', $this->locale['save_and_close'], $this->locale['save_and_close'], [ 'class' => 'btn-sm btn-primary', 'icon' => 'fa fa-floppy-o', 'input-id' => 'save_and_close-'.$unique_id ]); } // Articles Delete Function /** * Displays Articles Listing */ private function display_article_listing() { // Run functions $allowed_actions = array_flip(['publish', 'unpublish', 'delete', 'article_display']); // Table Actions if (isset($_POST['table_action']) && isset($allowed_actions[$_POST['table_action']])) { $input = (isset($_POST['article_id'])) ? explode(",", form_sanitizer($_POST['article_id'], '', 'article_id')) : ''; if (!empty($input)) { foreach ($input as $article_id) { // check input table if (dbcount("('article_id')", DB_ARTICLES, "article_id=:articleid", [':articleid' => intval($article_id)]) && \defender::safe()) { switch ($_POST['table_action']) { case "publish": dbquery("UPDATE ".DB_ARTICLES." SET article_draft=:draft WHERE article_id=:articleid", [':draft' => '0', ':articleid' => intval($article_id)]); break; case "unpublish": dbquery("UPDATE ".DB_ARTICLES." SET article_draft=:draft WHERE article_id=:articleid", [':draft' => '1', ':articleid' => intval($article_id)]); break; case "delete": dbquery("DELETE FROM ".DB_ARTICLES." WHERE article_id=:articleid", [':articleid' => intval($article_id)]); dbquery("DELETE FROM ".DB_COMMENTS." WHERE comment_item_id=:commentid AND comment_type=:commenttype", [':commentid' => intval($article_id), ':commenttype' => 'A']); dbquery("DELETE FROM ".DB_RATINGS." WHERE rating_item_id=:ratingid AND rating_type=:ratingtype", [':ratingid' => intval($article_id), ':ratingtype' => 'A']); break; default: redirect(FUSION_REQUEST); } } } addNotice('success', $this->locale['article_0033']); redirect(FUSION_REQUEST); } addNotice('warning', $this->locale['article_0034']); redirect(FUSION_REQUEST); } // Clear if (isset($_POST['article_clear'])) { redirect(FUSION_SELF.fusion_get_aidlink()); } // Search $sql_condition = multilang_table("AR") ? in_group('article_language', LANGUAGE) : ""; $search_string = []; if (isset($_POST['p-submit-article_text'])) { $search_string['article_subject'] = [ 'input' => form_sanitizer($_POST['article_text'], '', 'article_text'), 'operator' => "LIKE" ]; } if (!empty($_POST['article_status']) && isnum($_POST['article_status']) && $_POST['article_status'] == "1") { $search_string['article_draft'] = [ 'input' => 1, 'operator' => '=' ]; } if (!empty($_POST['article_visibility'])) { $search_string['article_visibility'] = [ 'input' => form_sanitizer($_POST['article_visibility'], '', 'article_visibility'), 'operator' => '=' ]; } if (!empty($_POST['article_category'])) { $search_string['article_cat'] = [ 'input' => form_sanitizer($_POST['article_category'], '', 'article_category'), 'operator' => "=" ]; } if (!empty($_POST['article_author'])) { $search_string['article_name'] = [ 'input' => form_sanitizer($_POST['article_author'], '', 'article_author'), 'operator' => "=" ]; } if (!empty($search_string)) { foreach ($search_string as $key => $values) { if ($sql_condition) $sql_condition .= " AND "; $sql_condition .= "`$key` ".$values['operator'].($values['operator'] == "LIKE" ? "'%" : "'").$values['input'].($values['operator'] == "LIKE" ? "%'" : "'"); } } $default_display = 16; $limit = $default_display; if ((!empty($_POST['article_display']) && isnum($_POST['article_display'])) || (!empty($_GET['article_display']) && isnum($_GET['article_display']))) { $limit = (!empty($_POST['article_display']) ? $_POST['article_display'] : $_GET['article_display']); } $max_rows = dbcount("(article_id)", DB_ARTICLES); $rowstart = 0; if (!isset($_POST['article_display'])) { $rowstart = (isset($_GET['rowstart']) && isnum($_GET['rowstart']) && $_GET['rowstart'] <= $max_rows ? $_GET['rowstart'] : 0); } // Query $sql = "SELECT a.*, ac.*, u.user_id, u.user_name, u.user_status, u.user_avatar, (SELECT COUNT(ar.rating_vote) FROM ".DB_RATINGS." ar WHERE ar.rating_item_id = a.article_id AND ar.rating_type = 'A') AS ratings_count, (SELECT COUNT(ad.comment_id) FROM ".DB_COMMENTS." ad WHERE ad.comment_item_id = a.article_id AND ad.comment_type = 'A' AND ad.comment_hidden = '0') AS comments_count FROM ".DB_ARTICLES." a LEFT JOIN ".DB_ARTICLE_CATS." ac ON ac.article_cat_id=a.article_cat INNER JOIN ".DB_USERS." u ON u.user_id=a.article_name ".($sql_condition ? " WHERE ".$sql_condition : "")." GROUP BY a.article_id ORDER BY article_draft DESC, article_datestamp DESC LIMIT $rowstart, $limit "; $result2 = dbquery($sql); $article_rows = dbrows($result2); $article_cats = dbcount("(article_cat_id)", DB_ARTICLE_CATS, ""); // Filters $filter_values = [ 'article_text' => !empty($_POST['article_text']) ? form_sanitizer($_POST['article_text'], '', 'article_text') : '', 'article_status' => !empty($_POST['article_status']) ? form_sanitizer($_POST['article_status'], '', 'article_status') : '', 'article_category' => !empty($_POST['article_category']) ? form_sanitizer($_POST['article_category'], '', 'article_category') : '', 'article_visibility' => !empty($_POST['article_visibility']) ? form_sanitizer($_POST['article_visibility'], '', 'article_visibility') : '', 'article_author' => !empty($_POST['article_author']) ? form_sanitizer($_POST['article_author'], '', 'article_author') : '' ]; $filter_empty = TRUE; foreach ($filter_values as $val) { if ($val) { $filter_empty = FALSE; } } ?>
"> locale['article_0002']; ?>
$this->locale['article_0100'], 'append_button' => TRUE, 'append_value' => "", 'append_form_value' => 'search_article', 'width' => '180px', 'group_size' => 'sm' ]); ?>
0) : while ($data = dbarray($result2)) : ?>
locale['article_0100'] ?> locale['article_0101'] ?> locale['article_0102'] ?> locale['article_0103'] ?> locale['article_0104'] ?> locale['article_0105'] ?> locale['article_0106'] ?> locale['article_0107'] ?>
locale['yes'] : $this->locale['no']; ?> locale['fmt_comment']) : $this->locale['disable']); ?> locale['fmt_rating']) : $this->locale['disable']); ?>
locale['edit']; ?> |  locale['delete']; ?>
locale['article_0112'] : $this->locale['article_0113']) : $this->locale['article_0114']); ?>
[5 => 5, 10 => 10, 16 => 16, 25 => 25, 50 => 50, 100 => 100] ]); ?>
$article_rows) : ?>