KXStudio
/
Website
mirror of https://github.com/KXStudio/Website
1
0
Fork 0
Code Releases 0 Activity
KXStudio Website https://kx.studio/
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
160 Commits
2 Branches
483MB
Tree: 72a43afc6c
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '72a43afc6c'
${ noResults }
Website/News/includes/controller/Admin.php

Admin.php 116KB
Raw Normal View History

Import news
9 years ago
 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308130913101311131213131314131513161317131813191320132113221323132413251326132713281329133013311332133313341335133613371338133913401341134213431344134513461347134813491350135113521353135413551356135713581359136013611362136313641365136613671368136913701371137213731374137513761377137813791380138113821383138413851386138713881389139013911392139313941395139613971398139914001401140214031404140514061407140814091410141114121413141414151416141714181419142014211422142314241425142614271428142914301431143214331434143514361437143814391440144114421443144414451446144714481449145014511452145314541455145614571458145914601461146214631464146514661467146814691470147114721473147414751476147714781479148014811482148314841485148614871488148914901491149214931494149514961497149814991500150115021503150415051506150715081509151015111512151315141515151615171518151915201521152215231524152515261527152815291530153115321533153415351536153715381539154015411542154315441545154615471548154915501551155215531554155515561557155815591560156115621563156415651566156715681569157015711572157315741575157615771578157915801581158215831584158515861587158815891590159115921593159415951596159715981599160016011602160316041605160616071608160916101611161216131614161516161617161816191620162116221623162416251626162716281629163016311632163316341635163616371638163916401641164216431644164516461647164816491650165116521653165416551656165716581659166016611662166316641665166616671668166916701671167216731674167516761677167816791680168116821683168416851686168716881689169016911692169316941695169616971698169917001701170217031704170517061707170817091710171117121713171417151716171717181719172017211722172317241725172617271728172917301731173217331734173517361737173817391740174117421743174417451746174717481749175017511752175317541755175617571758175917601761176217631764176517661767176817691770177117721773177417751776177717781779178017811782178317841785178617871788178917901791179217931794179517961797179817991800180118021803180418051806180718081809181018111812181318141815181618171818181918201821182218231824182518261827182818291830183118321833183418351836183718381839184018411842184318441845184618471848184918501851185218531854185518561857185818591860186118621863186418651866186718681869187018711872187318741875187618771878187918801881188218831884188518861887188818891890189118921893189418951896189718981899190019011902190319041905190619071908190919101911191219131914191519161917191819191920192119221923192419251926192719281929193019311932193319341935193619371938193919401941194219431944194519461947194819491950195119521953195419551956195719581959196019611962196319641965196619671968196919701971197219731974197519761977197819791980198119821983198419851986198719881989199019911992199319941995199619971998199920002001200220032004200520062007200820092010201120122013201420152016201720182019202020212022202320242025202620272028202920302031203220332034203520362037203820392040204120422043204420452046204720482049205020512052205320542055205620572058205920602061206220632064206520662067206820692070207120722073207420752076207720782079208020812082208320842085208620872088208920902091209220932094209520962097209820992100210121022103210421052106210721082109211021112112211321142115211621172118211921202121212221232124212521262127212821292130213121322133213421352136213721382139214021412142214321442145214621472148214921502151215221532154215521562157215821592160216121622163216421652166216721682169217021712172217321742175217621772178217921802181218221832184218521862187218821892190219121922193219421952196219721982199220022012202220322042205220622072208220922102211221222132214221522162217221822192220222122222223222422252226222722282229223022312232223322342235223622372238223922402241224222432244224522462247224822492250225122522253225422552256225722582259226022612262226322642265226622672268226922702271227222732274227522762277227822792280228122822283228422852286228722882289229022912292229322942295229622972298229923002301230223032304230523062307230823092310231123122313231423152316231723182319232023212322232323242325232623272328232923302331233223332334233523362337233823392340234123422343234423452346234723482349235023512352235323542355235623572358235923602361236223632364236523662367236823692370237123722373237423752376237723782379238023812382238323842385238623872388238923902391239223932394239523962397239823992400240124022403240424052406240724082409241024112412241324142415241624172418241924202421242224232424242524262427242824292430243124322433243424352436243724382439244024412442 
  1. <?php

  2.     /**

  3.      * Class: Admin Controller

  4.      * The logic behind the Admin area.

  5.      */

  6.     class AdminController {

  7.         # Boolean: $displayed

  8.         # Has anything been displayed?

  9.         public $displayed = false;

  10. 

  11.         # Array: $context

  12.         # Contains the context for various admin pages, to be passed to the Twig templates.

  13.         public $context = array();

  14. 

  15.         # String: $selected_bookmarklet

  16.         # Holds the name of the Feather to be selected when they open the bookmarklet.

  17.         public $selected_bookmarklet;

  18. 

  19.         # String: $base

  20.         # The base path for this controller.

  21.         public $base = "admin";

  22. 

  23.         # Boolean: $feed

  24.         # Is the current page a feed?

  25.         public $feed = false;

  26. 

  27.         /**

  28.          * Function: __construct

  29.          * Prepares Twig.

  30.          */

  31.         private function __construct() {

  32.             $this->admin_theme = fallback($_SESSION['admin_theme'], "default");

  33. 

  34.             $this->theme = new Twig_Loader(MAIN_DIR."/admin/themes/".$this->admin_theme,

  35.                                            (is_writable(INCLUDES_DIR."/caches") and !DEBUG) ?

  36.                                                INCLUDES_DIR."/caches" :

  37.                                                null);

  38. 

  39.             $this->default = new Twig_Loader(MAIN_DIR."/admin/themes/default",

  40.                                              (is_writable(INCLUDES_DIR."/caches") and !DEBUG) ?

  41.                                                  INCLUDES_DIR."/caches" :

  42.                                                  null);

  43.         }

  44. 

  45.         /**

  46.          * Function: parse

  47.          * Determines the action.

  48.          */

  49.         public function parse($route) {

  50.             $visitor = Visitor::current();

  51. 

  52.             # Protect non-responder functions.

  53.             if (in_array($route->action, array("__construct", "parse", "subnav_context", "display", "current")))

  54.                 show_404();

  55. 

  56.             if (empty($route->action) or $route->action == "write") {

  57.                 # "Write > Post", if they can add posts or drafts.

  58.                 if (($visitor->group->can("add_post") or $visitor->group->can("add_draft")) and

  59.                     !empty(Config::current()->enabled_feathers))

  60.                     return $route->action = "write_post";

  61. 

  62.                 # "Write > Page", if they can add pages.

  63.                 if ($visitor->group->can("add_page"))

  64.                     return $route->action = "write_page";

  65.             }

  66. 

  67.             if (empty($route->action) or $route->action == "manage") {

  68.                 # "Manage > Posts", if they can manage any posts.

  69.                 if (Post::any_editable() or Post::any_deletable())

  70.                     return $route->action = "manage_posts";

  71. 

  72.                 # "Manage > Pages", if they can manage pages.

  73.                 if ($visitor->group->can("edit_page") or $visitor->group->can("delete_page"))

  74.                     return $route->action = "manage_pages";

  75. 

  76.                 # "Manage > Users", if they can manage users.

  77.                 if ($visitor->group->can("edit_user") or $visitor->group->can("delete_user"))

  78.                     return $route->action = "manage_users";

  79. 

  80.                 # "Manage > Groups", if they can manage groups.

  81.                 if ($visitor->group->can("edit_group") or $visitor->group->can("delete_group"))

  82.                     return $route->action = "manage_groups";

  83.             }

  84. 

  85.             if (empty($route->action) or $route->action == "settings") {

  86.                 # "General Settings", if they can configure the installation.

  87.                 if ($visitor->group->can("change_settings"))

  88.                     return $route->action = "general_settings";

  89.             }

  90. 

  91.             if (empty($route->action) or $route->action == "extend") {

  92.                 # "Modules", if they can configure the installation.

  93.                 if ($visitor->group->can("toggle_extensions"))

  94.                     return $route->action = "modules";

  95.             }

  96. 

  97.             Trigger::current()->filter($route->action, "admin_determine_action");

  98. 

  99.             if (!isset($route->action))

  100.                 show_403(__("Access Denied"), __("You do not have sufficient privileges to view this area."));

  101.         }

  102. 

  103.         /**

  104.          * Function: write

  105.          * Post writing.

  106.          */

  107.         public function write_post() {

  108.             $visitor = Visitor::current();

  109. 

  110.             if (!$visitor->group->can("add_post", "add_draft"))

  111.                 show_403(__("Access Denied"), __("You do not have sufficient privileges to create posts."));

  112. 

  113.             $config = Config::current();

  114. 

  115.             if (empty($config->enabled_feathers))

  116.                 error(__("No Feathers"), __("Please install a feather or two in order to add a post."));

  117. 

  118.             Trigger::current()->filter($options, array("write_post_options", "post_options"));

  119. 

  120.             fallback($_GET['feather'], reset($config->enabled_feathers));

  121. 

  122.             $this->display("write_post",

  123.                            array("groups" => Group::find(array("order" => "id ASC")),

  124.                                  "options" => $options,

  125.                                  "feathers" => Feathers::$instances,

  126.                                  "feather" => Feathers::$instances[$_GET['feather']]));

  127.         }

  128. 

  129.         /**

  130.          * Function: bookmarklet

  131.          * Post writing, from the bookmarklet.

  132.          */

  133.         public function bookmarklet() {

  134.             $visitor = Visitor::current();

  135.             if (!$visitor->group->can("add_post", "add_draft"))

  136.                 show_403(__("Access Denied"), __("You do not have sufficient privileges to create posts."));

  137. 

  138.             $config = Config::current();

  139. 

  140.             if (empty($config->enabled_feathers))

  141.                 error(__("No Feathers"), __("Please install a feather or two in order to add a post."));

  142. 

  143.             if (!isset($this->selected_bookmarklet))

  144.                 fallback($feather, $config->enabled_feathers[0]);

  145.             else

  146.                 $feather = $this->selected_bookmarklet;

  147. 

  148.             fallback($_GET['url']);

  149.             fallback($_GET['title']);

  150.             fallback($_GET['selection']);

  151. 

  152.             $this->display("bookmarklet",

  153.                            array("done" => isset($_GET['done']),

  154.                                  "feathers" => Feathers::$instances,

  155.                                  "selected_feather" => Feathers::$instances[$feather],

  156.                                  "args" => array("url" => stripslashes($_GET['url']),

  157.                                                  "page_url" => stripslashes($_GET['url']),

  158.                                                  "page_link" => '(via <a href="'.stripslashes($_GET['url']).'">'.$_GET['title'].'</a>)',

  159.                                                  "title" => stripslashes($_GET['title']),

  160.                                                  "page_title" => stripslashes($_GET['title']),

  161.                                                  "selection" => stripslashes($_GET['selection']))));

  162.         }

  163. 

  164.         /**

  165.          * Function: add_post

  166.          * Adds a post when the form is submitted.

  167.          */

  168.         public function add_post() {

  169.             $visitor = Visitor::current();

  170.             if (!$visitor->group->can("add_post", "add_draft"))

  171.                 show_403(__("Access Denied"), __("You do not have sufficient privileges to create posts."));

  172. 

  173.             if (!isset($_POST['hash']) or $_POST['hash'] != Config::current()->secure_hashkey)

  174.                 show_403(__("Access Denied"), __("Invalid security key."));

  175. 

  176.             if (!isset($_POST['draft']) and !$visitor->group->can("add_post"))

  177.                 $_POST['draft'] = 'true';

  178. 

  179.             $post = Feathers::$instances[$_POST['feather']]->submit();

  180. 

  181.             if (!$post->redirect)

  182.                 $post->redirect = "/admin/?action=write_post";

  183. 

  184.             if (!isset($_POST['bookmarklet']))

  185.                 Flash::notice(__("Post created!"), $post->redirect);

  186.             else

  187.                 redirect($post->redirect);

  188.         }

  189. 

  190.         /**

  191.          * Function: edit_post

  192.          * Post editing.

  193.          */

  194.         public function edit_post() {

  195.             if (empty($_GET['id']))

  196.                 error(__("No ID Specified"), __("An ID is required to edit a post."));

  197. 

  198.             $post = new Post($_GET['id'], array("drafts" => true, "filter" => false));

  199. 

  200.             if (!$post->editable())

  201.                 show_403(__("Access Denied"), __("You do not have sufficient privileges to edit this post."));

  202. 

  203.             Trigger::current()->filter($options, array("edit_post_options", "post_options"), $post);

  204. 

  205.             $this->display("edit_post",

  206.                            array("post" => $post,

  207.                                  "groups" => Group::find(array("order" => "id ASC")),

  208.                                  "options" => $options,

  209.                                  "feather" => Feathers::$instances[$post->feather]));

  210.         }

  211. 

  212.         /**

  213.          * Function: update_post

  214.          * Updates a post when the form is submitted.

  215.          */

  216.         public function update_post() {

  217.             $post = new Post($_POST['id'], array("drafts" => true));

  218. 

  219.             if ($post->no_results)

  220.                 Flash::warning(__("Post not found."), "/admin/?action=manage_posts");

  221. 

  222.             if (!$post->editable())

  223.                 show_403(__("Access Denied"), __("You do not have sufficient privileges to edit this post."));

  224. 

  225.             if (!isset($_POST['hash']) or $_POST['hash'] != Config::current()->secure_hashkey)

  226.                 show_403(__("Access Denied"), __("Invalid security key."));

  227. 

  228.             Feathers::$instances[$post->feather]->update($post);

  229. 

  230.             if (!isset($_POST['ajax']))

  231.                 Flash::notice(_f("Post updated. <a href=\"%s\">View Post &rarr;</a>",

  232.                                  array($post->url())),

  233.                               "/admin/?action=manage_posts");

  234.             else

  235.                 exit((string) $_POST['id']);

  236.         }

  237. 

  238.         /**

  239.          * Function: delete_post

  240.          * Post deletion (confirm page).

  241.          */

  242.         public function delete_post() {

  243.             if (empty($_GET['id']))

  244.                 error(__("No ID Specified"), __("An ID is required to delete a post."));

  245. 

  246.             $post = new Post($_GET['id'], array("drafts" => true));

  247. 

  248.             if (!$post->deletable())

  249.                 show_403(__("Access Denied"), __("You do not have sufficient privileges to delete this post."));

  250. 

  251.             $this->display("delete_post", array("post" => $post));

  252.         }

  253. 

  254.         /**

  255.          * Function: destroy_post

  256.          * Destroys a post (the real deal).

  257.          */

  258.         public function destroy_post() {

  259.             if (empty($_POST['id']))

  260.                 error(__("No ID Specified"), __("An ID is required to delete a post."));

  261. 

  262.             if ($_POST['destroy'] == "bollocks")

  263.                 redirect("/admin/?action=manage_posts");

  264. 

  265.             if (!isset($_POST['hash']) or $_POST['hash'] != Config::current()->secure_hashkey)

  266.                 show_403(__("Access Denied"), __("Invalid security key."));

  267. 

  268.             $post = new Post($_POST['id'], array("drafts" => true));

  269.             if (!$post->deletable())

  270.                 show_403(__("Access Denied"), __("You do not have sufficient privileges to delete this post."));

  271. 

  272.             Post::delete($_POST['id']);

  273. 

  274.             Flash::notice(__("Post deleted."), "/admin/?action=manage_posts");

  275.         }

  276. 

  277.         /**

  278.          * Function: manage_posts

  279.          * Post managing.

  280.          */

  281.         public function manage_posts() {

  282.             if (!Post::any_editable() and !Post::any_deletable())

  283.                 show_403(__("Access Denied"), __("You do not have sufficient privileges to manage any posts."));

  284. 

  285.             fallback($_GET['query'], "");

  286. 

  287.             list($where, $params) = keywords($_GET['query'], "post_attributes.value LIKE :query OR url LIKE :query", "post_attributes");

  288. 

  289.             if (!empty($_GET['month']))

  290.                 $where["created_at like"] = $_GET['month']."-%";

  291. 

  292.             $visitor = Visitor::current();

  293.             if (!$visitor->group->can("view_draft", "edit_draft", "edit_post", "delete_draft", "delete_post"))

  294.                 $where["user_id"] = $visitor->id;

  295. 

  296.             $results = Post::find(array("placeholders" => true,

  297.                                         "drafts" => true,

  298.                                         "where" => $where,

  299.                                         "params" => $params));

  300. 

  301.             $ids = array();

  302.             foreach ($results[0] as $result)

  303.                 $ids[] = $result["id"];

  304. 

  305.             if (!empty($ids))

  306.                 $posts = new Paginator(Post::find(array("placeholders" => true,

  307.                                                         "drafts" => true,

  308.                                                         "where" => array("id" => $ids))),

  309.                                        25);

  310.             else

  311.                 $posts = new Paginator(array());

  312. 

  313.             foreach ($posts->paginated as &$post) {

  314.                 if (preg_match_all("/\{([0-9]+)\}/", $post->status, $matches)) {

  315.                     $groups = array();

  316.                     $groupClasses = array();

  317. 

  318.                     foreach ($matches[1] as $id) {

  319.                         $group = new Group($id);

  320.                         $groups[] = "<span class=\"group_prefix\">Group:</span> ".$group->name;

  321.                         $groupClasses[] = "group-".$id;

  322.                     }

  323. 

  324.                     $post->status_name = join(", ", $groups);

  325.                     $post->status_class = join(" ", $groupClasses);

  326.                 } else {

  327.                     $post->status_name = camelize($post->status, true);

  328.                     $post->status_class = $post->status;

  329.                 }

  330.             }

  331. 

  332.             $this->display("manage_posts", array("posts" => $posts));

  333.         }

  334. 

  335.         /**

  336.          * Function: write_page

  337.          * Page creation.

  338.          */

  339.         public function write_page() {

  340.             if (!Visitor::current()->group->can("add_page"))

  341.                 show_403(__("Access Denied"), __("You do not have sufficient privileges to create pages."));

  342. 

  343.             $this->display("write_page", array("pages" => Page::find()));

  344.         }

  345. 

  346.         /**

  347.          * Function: add_page

  348.          * Adds a page when the form is submitted.

  349.          */

  350.         public function add_page() {

  351.             if (!Visitor::current()->group->can("add_page"))

  352.                 show_403(__("Access Denied"), __("You do not have sufficient privileges to create pages."));

  353. 

  354.             if (!isset($_POST['hash']) or $_POST['hash'] != Config::current()->secure_hashkey)

  355.                 show_403(__("Access Denied"), __("Invalid security key."));

  356. 

  357.             if (empty($_POST['title']) and empty($_POST['slug']))

  358.                 error(__("Error"), __("Title and slug cannot be blank."));

  359. 

  360.             $page = Page::add($_POST['title'],

  361.                               $_POST['body'],

  362.                               null,

  363.                               $_POST['parent_id'],

  364.                               !empty($_POST['show_in_list']),

  365.                               0,

  366.                               (!empty($_POST['slug']) ? $_POST['slug'] : sanitize($_POST['title'])));

  367. 

  368.             Flash::notice(__("Page created!"), $page->url());

  369.         }

  370. 

  371.         /**

  372.          * Function: edit_page

  373.          * Page editing.

  374.          */

  375.         public function edit_page() {

  376.             if (!Visitor::current()->group->can("edit_page"))

  377.                 show_403(__("Access Denied"), __("You do not have sufficient privileges to edit this page."));

  378. 

  379.             if (empty($_GET['id']))

  380.                 error(__("No ID Specified"), __("An ID is required to edit a page."));

  381. 

  382.             $this->display("edit_page",

  383.                            array("page" => new Page($_GET['id'], array("filter" => false)),

  384.                                  "pages" => Page::find(array("where" => array("id not" => $_GET['id'])))));

  385.         }

  386. 

  387.         /**

  388.          * Function: update_page

  389.          * Updates a page when the form is submitted.

  390.          */

  391.         public function update_page() {

  392.             if (!Visitor::current()->group->can("edit_page"))

  393.                 show_403(__("Access Denied"), __("You do not have sufficient privileges to edit pages."));

  394. 

  395.             if (!isset($_POST['hash']) or $_POST['hash'] != Config::current()->secure_hashkey)

  396.                 show_403(__("Access Denied"), __("Invalid security key."));

  397. 

  398.             if (empty($_POST['title']) and empty($_POST['slug']))

  399.                 error(__("Error"), __("Title and slug cannot be blank."));

  400. 

  401.             $page = new Page($_POST['id']);

  402. 

  403.             if ($page->no_results)

  404.                 Flash::warning(__("Page not found."), "/admin/?action=manage_pages");

  405. 

  406.             $page->update($_POST['title'], $_POST['body'], null, $_POST['parent_id'], !empty($_POST['show_in_list']), $page->list_order, null, $_POST['slug']);

  407. 

  408.             if (!isset($_POST['ajax']))

  409.                 Flash::notice(_f("Page updated. <a href=\"%s\">View Page &rarr;</a>",

  410.                                  array($page->url())),

  411.                               "/admin/?action=manage_pages");

  412.         }

  413. 

  414.         /**

  415.          * Function: reorder_pages

  416.          * Reorders pages.

  417.          */

  418.         public function reorder_pages() {

  419.             foreach ($_POST['list_order'] as $id => $order) {

  420.                 $page = new Page($id);

  421.                 $page->update($page->title, $page->body, null, $page->parent_id, $page->show_in_list, $order, null, $page->url);

  422.             }

  423. 

  424.             Flash::notice(__("Pages reordered."), "/admin/?action=manage_pages");

  425.         }

  426. 

  427.         /**

  428.          * Function: delete_page

  429.          * Page deletion (confirm page).

  430.          */

  431.         public function delete_page() {

  432.             if (!Visitor::current()->group->can("delete_page"))

  433.                 show_403(__("Access Denied"), __("You do not have sufficient privileges to delete pages."));

  434. 

  435.             if (empty($_GET['id']))

  436.                 error(__("No ID Specified"), __("An ID is required to delete a page."));

  437. 

  438.             $this->display("delete_page", array("page" => new Page($_GET['id'])));

  439.         }

  440. 

  441.         /**

  442.          * Function: destroy_page

  443.          * Destroys a page.

  444.          */

  445.         public function destroy_page() {

  446.             if (!Visitor::current()->group->can("delete_page"))

  447.                 show_403(__("Access Denied"), __("You do not have sufficient privileges to delete pages."));

  448. 

  449.             if (empty($_POST['id']))

  450.                 error(__("No ID Specified"), __("An ID is required to delete a post."));

  451. 

  452.             if ($_POST['destroy'] == "bollocks")

  453.                 redirect("/admin/?action=manage_pages");

  454. 

  455.             if (!isset($_POST['hash']) or $_POST['hash'] != Config::current()->secure_hashkey)

  456.                 show_403(__("Access Denied"), __("Invalid security key."));

  457. 

  458.             $page = new Page($_POST['id']);

  459. 

  460.             if (!$page->no_results)

  461.                 foreach ($page->children as $child)

  462.                     if (isset($_POST['destroy_children']))

  463.                         Page::delete($child->id, true);

  464.                     else

  465.                         $child->update($child->title, $child->body, 0, $child->show_in_list, $child->list_order, $child->url);

  466. 

  467.             Page::delete($_POST['id']);

  468. 

  469.             Flash::notice(__("Page deleted."), "/admin/?action=manage_pages");

  470.         }

  471. 

  472.         /**

  473.          * Function: manage_pages

  474.          * Page managing.

  475.          */

  476.         public function manage_pages() {

  477.             $visitor = Visitor::current();

  478.             if (!$visitor->group->can("edit_page") and !$visitor->group->can("delete_page"))

  479.                 show_403(__("Access Denied"), __("You do not have sufficient privileges to manage pages."));

  480. 

  481.             fallback($_GET['query'], "");

  482.             list($where, $params) = keywords($_GET['query'], "title LIKE :query OR body LIKE :query", "pages");

  483. 

  484.             $this->display("manage_pages",

  485.                            array("pages" => new Paginator(Page::find(array("placeholders" => true,

  486.                                                                            "where" => $where,

  487.                                                                            "params" => $params)), 25)));

  488.         }

  489. 

  490.         /**

  491.          * Function: new_user

  492.          * User creation.

  493.          */

  494.         public function new_user() {

  495.             if (!Visitor::current()->group->can("add_user"))

  496.                 show_403(__("Access Denied"), __("You do not have sufficient privileges to add users."));

  497. 

  498.             $config = Config::current();

  499. 

  500.             $this->display("new_user",

  501.                            array("default_group" => new Group($config->default_group),

  502.                                  "groups" => Group::find(array("where" => array("id not" => array($config->guest_group,

  503.                                                                                                   $config->default_group)),

  504.                                                                "order" => "id DESC"))));

  505.         }

  506. 

  507.         /**

  508.          * Function: add_user

  509.          * Add a user when the form is submitted.

  510.          */

  511.         public function add_user() {

  512.             if (!Visitor::current()->group->can("add_user"))

  513.                 show_403(__("Access Denied"), __("You do not have sufficient privileges to add users."));

  514. 

  515.             if (!isset($_POST['hash']) or $_POST['hash'] != Config::current()->secure_hashkey)

  516.                 show_403(__("Access Denied"), __("Invalid security key."));

  517. 

  518.             if (empty($_POST['login']))

  519.                 error(__("Error"), __("Please enter a username for your account."));

  520. 

  521.             $check = new User(array("login" => $_POST['login']));

  522.             if (!$check->no_results)

  523.                 error(__("Error"), __("That username is already in use."));

  524. 

  525.             if (empty($_POST['password1']) or empty($_POST['password2']))

  526.                 error(__("Error"), __("Password cannot be blank."));

  527.             elseif ($_POST['password1'] != $_POST['password2'])

  528.                 error(__("Error"), __("Passwords do not match."));

  529. 

  530.             if (empty($_POST['email']))

  531.                 error(__("Error"), __("E-mail address cannot be blank."));

  532.             elseif (!preg_match("/^[_A-z0-9-]+((\.|\+)[_A-z0-9-]+)*@[A-z0-9-]+(\.[A-z0-9-]+)*(\.[A-z]{2,4})$/", $_POST['email']))

  533.                 error(__("Error"), __("Invalid e-mail address."));

  534. 

  535.             if (!empty($_POST['website']) and strpos($_POST['website'], '://') === false) {

  536.                 $_POST['website'] = 'http://' . $_POST['website'];

  537.             }

  538. 

  539.             User::add($_POST['login'],

  540.                       $_POST['password1'],

  541.                       $_POST['email'],

  542.                       $_POST['full_name'],

  543.                       $_POST['website'],

  544.                       $_POST['group']);

  545. 

  546.             Flash::notice(__("User added."), "/admin/?action=manage_users");

  547.         }

  548. 

  549.         /**

  550.          * Function: edit_user

  551.          * User editing.

  552.          */

  553.         public function edit_user() {

  554.             if (!Visitor::current()->group->can("edit_user"))

  555.                 show_403(__("Access Denied"), __("You do not have sufficient privileges to edit this user."));

  556. 

  557.             if (empty($_GET['id']))

  558.                 error(__("No ID Specified"), __("An ID is required to edit a user."));

  559. 

  560.             $this->display("edit_user",

  561.                            array("user" => new User($_GET['id']),

  562.                                  "groups" => Group::find(array("order" => "id ASC",

  563.                                                                "where" => array("id not" => Config::current()->guest_group)))));

  564.         }

  565. 

  566.         /**

  567.          * Function: update_user

  568.          * Updates a user when the form is submitted.

  569.          */

  570.         public function update_user() {

  571.             if (empty($_POST['id']))

  572.                 error(__("No ID Specified"), __("An ID is required to edit a user."));

  573. 

  574.             if (!isset($_POST['hash']) or $_POST['hash'] != Config::current()->secure_hashkey)

  575.                 show_403(__("Access Denied"), __("Invalid security key."));

  576. 

  577.             $visitor = Visitor::current();

  578. 

  579.             if (!$visitor->group->can("edit_user"))

  580.                 show_403(__("Access Denied"), __("You do not have sufficient privileges to edit users."));

  581. 

  582.             $check_name = new User(null, array("where" => array("login" => $_POST['login'],

  583.                                                                 "id not" => $_POST['id'])));

  584. 

  585.             if (!$check_name->no_results)

  586.                 Flash::notice(_f("Login &#8220;%s&#8221; is already in use.", array($_POST['login'])),

  587.                               "/admin/?action=edit_user&id=".$_POST['id']);

  588. 

  589.             $user = new User($_POST['id']);

  590. 

  591.             if ($user->no_results)

  592.                 Flash::warning(__("User not found."), "/admin/?action=manage_user");

  593. 

  594.             $password = (!empty($_POST['new_password1']) and $_POST['new_password1'] == $_POST['new_password2']) ?

  595.                             User::hashPassword($_POST['new_password1']) :

  596.                             $user->password ;

  597. 

  598.             $website = (!empty($_POST['website']) and strpos($_POST['website'], '://') === false) ?

  599.                            $_POST['website'] = 'http://' . $_POST['website'] :

  600.                            $_POST['website'] ;

  601. 

  602.             $user->update($_POST['login'], $password, $_POST['email'], $_POST['full_name'], $website, $_POST['group']);

  603. 

  604.             if ($_POST['id'] == $visitor->id)

  605.                 $_SESSION['password'] = $password;

  606. 

  607.             Flash::notice(__("User updated."), "/admin/?action=manage_users");

  608.         }

  609. 

  610.         /**

  611.          * Function: delete_user

  612.          * User deletion.

  613.          */

  614.         public function delete_user() {

  615.             if (!Visitor::current()->group->can("delete_user"))

  616.                 show_403(__("Access Denied"), __("You do not have sufficient privileges to delete users."));

  617. 

  618.             if (empty($_GET['id']))

  619.                 error(__("No ID Specified"), __("An ID is required to delete a user."));

  620. 

  621.             $this->display("delete_user",

  622.                            array("user" => new User($_GET['id']),

  623.                                  "users" => User::find(array("where" => array("id not" => $_GET['id'])))));

  624.         }

  625. 

  626.         /**

  627.          * Function: destroy_user

  628.          * Destroys a user.

  629.          */

  630.         public function destroy_user() {

  631.             if (!Visitor::current()->group->can("delete_user"))

  632.                 show_403(__("Access Denied"), __("You do not have sufficient privileges to delete users."));

  633. 

  634.             if (empty($_POST['id']))

  635.                 error(__("No ID Specified"), __("An ID is required to delete a user."));

  636. 

  637.             if ($_POST['destroy'] == "bollocks")

  638.                 redirect("/admin/?action=manage_users");

  639. 

  640.             if (!isset($_POST['hash']) or $_POST['hash'] != Config::current()->secure_hashkey)

  641.                 show_403(__("Access Denied"), __("Invalid security key."));

  642. 

  643.             $sql = SQL::current();

  644.             $user = new User($_POST['id']);

  645. 

  646.             if (isset($_POST['posts'])) {

  647.                 if ($_POST['posts'] == "delete")

  648.                     foreach ($user->post as $post)

  649.                         Post::delete($post->id);

  650.                 elseif ($_POST['posts'] == "move")

  651.                     $sql->update("posts",

  652.                                  array("user_id" => $user->id),

  653.                                  array("user_id" => $_POST['move_posts']));

  654.             }

  655. 

  656.             if (isset($_POST['pages'])) {

  657.                 if ($_POST['pages'] == "delete")

  658.                     foreach ($user->page as $page)

  659.                         Page::delete($page->id);

  660.                 elseif ($_POST['pages'] == "move")

  661.                     $sql->update("pages",

  662.                                  array("user_id" => $user->id),

  663.                                  array("user_id" => $_POST['move_pages']));

  664.             }

  665. 

  666.             User::delete($_POST['id']);

  667. 

  668.             Flash::notice(__("User deleted."), "/admin/?action=manage_users");

  669.         }

  670. 

  671.         /**

  672.          * Function: manage_users

  673.          * User managing.

  674.          */

  675.         public function manage_users() {

  676.             $visitor = Visitor::current();

  677.             if (!$visitor->group->can("edit_user") and !$visitor->group->can("delete_user") and !$visitor->group->can("add_user"))

  678.                 show_403(__("Access Denied"), __("You do not have sufficient privileges to manage users."));

  679. 

  680.             fallback($_GET['query'], "");

  681.             list($where, $params) = keywords($_GET['query'], "login LIKE :query OR full_name LIKE :query OR email LIKE :query OR website LIKE :query", "users");

  682. 

  683.             $this->display("manage_users",

  684.                            array("users" => new Paginator(User::find(array("placeholders" => true,

  685.                                                                            "where" => $where,

  686.                                                                            "params" => $params)),

  687.                                                           25)));

  688.         }

  689. 

  690.         /**

  691.          * Function: new_group

  692.          * Group creation.

  693.          */

  694.         public function new_group() {

  695.             if (!Visitor::current()->group->can("add_group"))

  696.                 show_403(__("Access Denied"), __("You do not have sufficient privileges to create groups."));

  697. 

  698.             $this->display("new_group",

  699.                            array("permissions" => SQL::current()->select("permissions", "*", array("group_id" => 0))->fetchAll()));

  700.         }

  701. 

  702.         /**

  703.          * Function: add_group

  704.          * Adds a group when the form is submitted.

  705.          */

  706.         public function add_group() {

  707.             if (!Visitor::current()->group->can("add_group"))

  708.                 show_403(__("Access Denied"), __("You do not have sufficient privileges to create groups."));

  709. 

  710.             if (!isset($_POST['hash']) or $_POST['hash'] != Config::current()->secure_hashkey)

  711.                 show_403(__("Access Denied"), __("Invalid security key."));

  712. 

  713.             Group::add($_POST['name'], array_keys($_POST['permissions']));

  714. 

  715.             Flash::notice(__("Group added."), "/admin/?action=manage_groups");

  716.         }

  717. 

  718.         /**

  719.          * Function: edit_group

  720.          * Group editing.

  721.          */

  722.         public function edit_group() {

  723.             if (!Visitor::current()->group->can("edit_group"))

  724.                 show_403(__("Access Denied"), __("You do not have sufficient privileges to edit groups."));

  725. 

  726.             if (empty($_GET['id']))

  727.                 error(__("No ID Specified"), __("An ID is required to edit a group."));

  728. 

  729.             $this->display("edit_group",

  730.                            array("group" => new Group($_GET['id']),

  731.                                  "permissions" => SQL::current()->select("permissions", "*", array("group_id" => 0))->fetchAll()));

  732.         }

  733. 

  734.         /**

  735.          * Function: update_group

  736.          * Updates a group when the form is submitted.

  737.          */

  738.         public function update_group() {

  739.             if (!Visitor::current()->group->can("edit_group"))

  740.                 show_403(__("Access Denied"), __("You do not have sufficient privileges to edit groups."));

  741. 

  742.             if (!isset($_POST['hash']) or $_POST['hash'] != Config::current()->secure_hashkey)

  743.                 show_403(__("Access Denied"), __("Invalid security key."));

  744. 

  745.             $permissions = array_keys($_POST['permissions']);

  746. 

  747.             $check_name = new Group(null, array("where" => array("name" => $_POST['name'],

  748.                                                                  "id not" => $_POST['id'])));

  749. 

  750.             if (!$check_name->no_results)

  751.                 Flash::notice(_f("Group name &#8220;%s&#8221; is already in use.", array($_POST['name'])),

  752.                               "/admin/?action=edit_group&id=".$_POST['id']);

  753. 

  754.             $group = new Group($_POST['id']);

  755. 

  756.             if ($group->no_results)

  757.                 Flash::warning(__("Group not found."), "/admin/?action=manage_groups");

  758. 

  759.             $group->update($_POST['name'], $permissions);

  760. 

  761.             Flash::notice(__("Group updated."), "/admin/?action=manage_groups");

  762.         }

  763. 

  764.         /**

  765.          * Function: delete_group

  766.          * Group deletion (confirm page).

  767.          */

  768.         public function delete_group() {

  769.             if (!Visitor::current()->group->can("delete_group"))

  770.                 show_403(__("Access Denied"), __("You do not have sufficient privileges to delete groups."));

  771. 

  772.             if (empty($_GET['id']))

  773.                 error(__("No ID Specified"), __("An ID is required to delete a group."));

  774. 

  775.             $this->display("delete_group",

  776.                            array("group" => new Group($_GET['id']),

  777.                                  "groups" => Group::find(array("where" => array("id not" => $_GET['id']),

  778.                                                                "order" => "id ASC"))));

  779.         }

  780. 

  781.         /**

  782.          * Function: destroy_group

  783.          * Destroys a group.

  784.          */

  785.         public function destroy_group() {

  786.             if (!Visitor::current()->group->can("delete_group"))

  787.                 show_403(__("Access Denied"), __("You do not have sufficient privileges to delete groups."));

  788. 

  789.             if (!isset($_POST['id']))

  790.                 error(__("No ID Specified"), __("An ID is required to delete a group."));

  791. 

  792.             if ($_POST['destroy'] == "bollocks")

  793.                 redirect("/admin/?action=manage_groups");

  794. 

  795.             if (!isset($_POST['hash']) or $_POST['hash'] != Config::current()->secure_hashkey)

  796.                 show_403(__("Access Denied"), __("Invalid security key."));

  797. 

  798.             $group = new Group($_POST['id']);

  799.             foreach ($group->users as $user)

  800.                 $user->update($user->login, $user->password, $user->email, $user->full_name, $user->website, $_POST['move_group']);

  801. 

  802.             $config = Config::current();

  803.             if (!empty($_POST['default_group']))

  804.                 $config->set("default_group", $_POST['default_group']);

  805.             if (!empty($_POST['guest_group']))

  806.                 $config->set("guest_group", $_POST['guest_group']);

  807. 

  808.             Group::delete($_POST['id']);

  809. 

  810.             Flash::notice(__("Group deleted."), "/admin/?action=manage_groups");

  811.         }

  812. 

  813.         /**

  814.          * Function: manage_groups

  815.          * Group managing.

  816.          */

  817.         public function manage_groups() {

  818.             $visitor = Visitor::current();

  819.             if (!$visitor->group->can("edit_group") and !$visitor->group->can("delete_group") and !$visitor->group->can("add_group"))

  820.                 show_403(__("Access Denied"), __("You do not have sufficient privileges to manage groups."));

  821. 

  822.             if (!empty($_GET['search'])) {

  823.                 $user = new User(array("login" => $_GET['search']));

  824.                 if (!$user->no_results)

  825.                     $groups = new Paginator(array($user->group), 10);

  826.                 else

  827.                     $groups = new Paginator(array(), 10);

  828.             } else

  829.                 $groups = new Paginator(Group::find(array("placeholders" => true, "order" => "id ASC")), 10);

  830. 

  831.             $this->display("manage_groups",

  832.                            array("groups" => $groups));

  833.         }

  834. 

  835.         /**

  836.          * Function: export

  837.          * Export posts, pages, etc.

  838.          */

  839.         public function export() {

  840.             if (!Visitor::current()->group->can("add_post"))

  841.                 show_403(__("Access Denied"), __("You do not have sufficient privileges to export content."));

  842. 

  843.             if (empty($_POST))

  844.                 return $this->display("export");

  845. 

  846.             $config = Config::current();

  847.             $trigger = Trigger::current();

  848.             $route = Route::current();

  849.             $exports = array();

  850. 

  851.             if (isset($_POST['posts'])) {

  852.                 list($where, $params) = keywords($_POST['filter_posts'], "post_attributes.value LIKE :query OR url LIKE :query", "post_attributes");

  853. 

  854.                 if (!empty($_GET['month']))

  855.                     $where["created_at like"] = $_GET['month']."-%";

  856. 

  857.                 $visitor = Visitor::current();

  858.                 if (!$visitor->group->can("view_draft", "edit_draft", "edit_post", "delete_draft", "delete_post"))

  859.                     $where["user_id"] = $visitor->id;

  860. 

  861.                 $results = Post::find(array("placeholders" => true,

  862.                                             "drafts" => true,

  863.                                             "where" => $where,

  864.                                             "params" => $params));

  865. 

  866.                 $ids = array();

  867.                 foreach ($results[0] as $result)

  868.                     $ids[] = $result["id"];

  869. 

  870.                 if (!empty($ids))

  871.                     $posts = Post::find(array("drafts" => true,

  872.                                               "where" => array("id" => $ids),

  873.                                               "order" => "id ASC"),

  874.                                         array("filter" => false));

  875.                 else

  876.                     $posts = new Paginator(array());

  877. 

  878.                 $latest_timestamp = 0;

  879.                 foreach ($posts as $post)

  880.                     if (strtotime($post->created_at) > $latest_timestamp)

  881.                         $latest_timestamp = strtotime($post->created_at);

  882. 

  883.                 $id = substr(strstr($config->url, "//"), 2);

  884.                 $id = str_replace("#", "/", $id);

  885.                 $id = preg_replace("/(".preg_quote(parse_url($config->url, PHP_URL_HOST)).")/", "\\1,".date("Y", $latest_timestamp).":", $id, 1);

  886. 

  887.                 $posts_atom = '<?xml version="1.0" encoding="utf-8"?>'."\r";

  888.                 $posts_atom.= '<feed xmlns="http://www.w3.org/2005/Atom" xmlns:chyrp="http://chyrp.net/export/1.0/">'."\r";

  889.                 $posts_atom.= '    <title>'.fix($config->name).' Posts</title>'."\r";

  890.                 $posts_atom.= '    <subtitle>'.fix($config->description).'</subtitle>'."\r";

  891.                 $posts_atom.= '    <id>tag:'.parse_url($config->url, PHP_URL_HOST).','.date("Y", $latest_timestamp).':Chyrp</id>'."\r";

  892.                 $posts_atom.= '    <updated>'.date("c", $latest_timestamp).'</updated>'."\r";

  893.                 $posts_atom.= '    <link href="'.$config->url.'" rel="self" type="application/atom+xml" />'."\r";

  894.                 $posts_atom.= '    <generator uri="http://chyrp.net/" version="'.CHYRP_VERSION.'">Chyrp</generator>'."\r";

  895. 

  896.                 foreach ($posts as $post) {

  897.                     $title = fix($post->title(), false);

  898.                     fallback($title, ucfirst($post->feather)." Post #".$post->id);

  899. 

  900.                     $updated = ($post->updated) ? $post->updated_at : $post->created_at ;

  901. 

  902.                     $tagged = substr(strstr(url("id/".$post->id), "//"), 2);

  903.                     $tagged = str_replace("#", "/", $tagged);

  904.                     $tagged = preg_replace("/(".preg_quote(parse_url($post->url(), PHP_URL_HOST)).")/", "\\1,".when("Y-m-d", $updated).":", $tagged, 1);

  905. 

  906.                     $url = $post->url();

  907.                     $posts_atom.= '    <entry xml:base="'.fix($url).'">'."\r";

  908.                     $posts_atom.= '        <title type="html">'.$title.'</title>'."\r";

  909.                     $posts_atom.= '        <id>tag:'.$tagged.'</id>'."\r";

  910.                     $posts_atom.= '        <updated>'.when("c", $updated).'</updated>'."\r";

  911.                     $posts_atom.= '        <published>'.when("c", $post->created_at).'</published>'."\r";

  912.                     $posts_atom.= '        <link href="'.fix($trigger->filter($url, "post_export_url", $post)).'" />'."\r";

  913.                     $posts_atom.= '        <author chyrp:user_id="'.$post->user_id.'">'."\r";

  914.                     $posts_atom.= '            <name>'.fix(oneof($post->user->full_name, $post->user->login)).'</name>'."\r";

  915. 

  916.                     if (!empty($post->user->website))

  917.                         $posts_atom.= '            <uri>'.fix($post->user->website).'</uri>'."\r";

  918. 

  919.                     $posts_atom.= '            <chyrp:login>'.fix($post->user->login).'</chyrp:login>'."\r";

  920.                     $posts_atom.= '        </author>'."\r";

  921.                     $posts_atom.= '        <content>'."\r";

  922. 

  923.                     foreach ($post->attributes as $key => $val)

  924.                         $posts_atom.= '            <'.$key.'>'.fix($val).'</'.$key.'>'."\r";

  925. 

  926.                     $posts_atom.= '        </content>'."\r";

  927. 

  928.                     foreach (array("feather", "clean", "url", "pinned", "status") as $attr)

  929.                         $posts_atom.= '        <chyrp:'.$attr.'>'.fix($post->$attr).'</chyrp:'.$attr.'>'."\r";

  930. 

  931.                     $trigger->filter($posts_atom, "posts_export", $post);

  932. 

  933.                     $posts_atom.= '    </entry>'."\r";

  934. 

  935.                 }

  936.                 $posts_atom.= '</feed>'."\r";

  937. 

  938.                 $exports["posts.atom"] = $posts_atom;

  939.             }

  940. 

  941.             if (isset($_POST['pages'])) {

  942.                 list($where, $params) = keywords($_POST['filter_pages'], "title LIKE :query OR body LIKE :query", "pages");

  943. 

  944.                 $pages = Page::find(array("where" => $where, "params" => $params, "order" => "id ASC"),

  945.                                     array("filter" => false));

  946. 

  947.                 $latest_timestamp = 0;

  948.                 foreach ($pages as $page)

  949.                     if (strtotime($page->created_at) > $latest_timestamp)

  950.                         $latest_timestamp = strtotime($page->created_at);

  951. 

  952.                 $pages_atom = '<?xml version="1.0" encoding="utf-8"?>'."\r";

  953.                 $pages_atom.= '<feed xmlns="http://www.w3.org/2005/Atom" xmlns:chyrp="http://chyrp.net/export/1.0/">'."\r";

  954.                 $pages_atom.= '    <title>'.fix($config->name).' Pages</title>'."\r";

  955.                 $pages_atom.= '    <subtitle>'.fix($config->description).'</subtitle>'."\r";

  956.                 $pages_atom.= '    <id>tag:'.parse_url($config->url, PHP_URL_HOST).','.date("Y", $latest_timestamp).':Chyrp</id>'."\r";

  957.                 $pages_atom.= '    <updated>'.date("c", $latest_timestamp).'</updated>'."\r";

  958.                 $pages_atom.= '    <link href="'.$config->url.'" rel="self" type="application/atom+xml" />'."\r";

  959.                 $pages_atom.= '    <generator uri="http://chyrp.net/" version="'.CHYRP_VERSION.'">Chyrp</generator>'."\r";

  960. 

  961.                 foreach ($pages as $page) {

  962.                     $updated = ($page->updated) ? $page->updated_at : $page->created_at ;

  963. 

  964.                     $tagged = substr(strstr($page->url(), "//"), 2);

  965.                     $tagged = str_replace("#", "/", $tagged);

  966.                     $tagged = preg_replace("/(".preg_quote(parse_url($page->url(), PHP_URL_HOST)).")/", "\\1,".when("Y-m-d", $updated).":", $tagged, 1);

  967. 

  968.                     $url = $page->url();

  969.                     $pages_atom.= '    <entry xml:base="'.fix($url).'" chyrp:parent_id="'.$page->parent_id.'">'."\r";

  970.                     $pages_atom.= '        <title type="html">'.fix($page->title).'</title>'."\r";

  971.                     $pages_atom.= '        <id>tag:'.$tagged.'</id>'."\r";

  972.                     $pages_atom.= '        <updated>'.when("c", $updated).'</updated>'."\r";

  973.                     $pages_atom.= '        <published>'.when("c", $page->created_at).'</published>'."\r";

  974.                     $pages_atom.= '        <link href="'.fix($trigger->filter($url, "page_export_url", $page)).'" />'."\r";

  975.                     $pages_atom.= '        <author chyrp:user_id="'.fix($page->user_id).'">'."\r";

  976.                     $pages_atom.= '            <name>'.fix(oneof($page->user->full_name, $page->user->login)).'</name>'."\r";

  977. 

  978.                     if (!empty($page->user->website))

  979.                         $pages_atom.= '            <uri>'.fix($page->user->website).'</uri>'."\r";

  980. 

  981.                     $pages_atom.= '            <chyrp:login>'.fix($page->user->login).'</chyrp:login>'."\r";

  982.                     $pages_atom.= '        </author>'."\r";

  983.                     $pages_atom.= '        <content type="html">'.fix($page->body).'</content>'."\r";

  984. 

  985.                     foreach (array("show_in_list", "list_order", "clean", "url") as $attr)

  986.                         $pages_atom.= '        <chyrp:'.$attr.'>'.fix($page->$attr).'</chyrp:'.$attr.'>'."\r";

  987. 

  988. 

  989.                     $trigger->filter($pages_atom, "pages_export", $page);

  990. 

  991.                     $pages_atom.= '    </entry>'."\r";

  992.                 }

  993.                 $pages_atom.= '</feed>'."\r";

  994. 

  995.                 $exports["pages.atom"] = $pages_atom;

  996.             }

  997. 

  998.             if (isset($_POST['groups'])) {

  999.                 list($where, $params) = keywords($_POST['filter_groups'], "name LIKE :query", "groups");

  1000. 

  1001.                 $groups = Group::find(array("where" => $where, "params" => $params, "order" => "id ASC"));

  1002. 

  1003.                 $groups_yaml = array("groups" => array(),

  1004.                                      "permissions" => array());

  1005. 

  1006.                 foreach (SQL::current()->select("permissions", "*", array("group_id" => 0))->fetchAll() as $permission)

  1007.                     $groups_yaml["permissions"][$permission["id"]] = $permission["name"];

  1008. 

  1009.                 foreach ($groups as $index => $group)

  1010.                     $groups_yaml["groups"][$group->name] = $group->permissions;

  1011. 

  1012.                 $exports["groups.yaml"] = YAML::dump($groups_yaml);

  1013.             }

  1014. 

  1015.             if (isset($_POST['users'])) {

  1016.                 list($where, $params) = keywords($_POST['filter_users'], "login LIKE :query OR full_name LIKE :query OR email LIKE :query OR website LIKE :query", "users");

  1017. 

  1018.                 $users = User::find(array("where" => $where, "params" => $params, "order" => "id ASC"));

  1019. 

  1020.                 $users_yaml = array();

  1021.                 foreach ($users as $user) {

  1022.                     $users_yaml[$user->login] = array();

  1023. 

  1024.                     foreach ($user as $name => $attr)

  1025.                         if (!in_array($name, array("no_results", "group_id", "group", "id", "login", "belongs_to", "has_many", "has_one", "queryString")))

  1026.                             $users_yaml[$user->login][$name] = $attr;

  1027.                         elseif ($name == "group_id")

  1028.                             $users_yaml[$user->login]["group"] = $user->group->name;

  1029.                 }

  1030. 

  1031.                 $exports["users.yaml"] = YAML::dump($users_yaml);

  1032.             }

  1033. 

  1034.             $trigger->filter($exports, "export");

  1035. 

  1036.             require INCLUDES_DIR."/lib/zip.php";

  1037. 

  1038.             $zip = new ZipFile();

  1039.             foreach ($exports as $filename => $content)

  1040.                 $zip->addFile($content, $filename);

  1041. 

  1042.             $zip_contents = $zip->file();

  1043. 

  1044.             $filename = sanitize(camelize($config->name), false, true)."_Export_".date("Y-m-d");

  1045.             header("Content-type: application/octet-stream");

  1046.             header("Content-Disposition: attachment; filename=\"".$filename.".zip\"");

  1047.             header("Content-length: ".strlen($zip_contents)."\n\n");

  1048. 

  1049.             echo $zip_contents;

  1050.         }

  1051. 

  1052.         /**

  1053.          * Function: import

  1054.          * Importing content from other systems.

  1055.          */

  1056.         public function import() {

  1057.             if (!Visitor::current()->group->can("add_post"))

  1058.                 show_403(__("Access Denied"), __("You do not have sufficient privileges to import content."));

  1059. 

  1060.             $this->display("import");

  1061.         }

  1062. 

  1063.         /**

  1064.          * Function: import_chyrp

  1065.          * Chyrp importing.

  1066.          */

  1067.         public function import_chyrp() {

  1068.             if (empty($_POST))

  1069.                 redirect("/admin/?action=import");

  1070. 

  1071.             if (!Visitor::current()->group->can("add_post"))

  1072.                 show_403(__("Access Denied"), __("You do not have sufficient privileges to import content."));

  1073. 

  1074.             if (isset($_FILES['posts_file']) and $_FILES['posts_file']['error'] == 0)

  1075.                 if (!$posts = simplexml_load_file($_FILES['posts_file']['tmp_name']) or $posts->generator != "Chyrp")

  1076.                     Flash::warning(__("Chyrp Posts export file is invalid."), "/admin/?action=import");

  1077. 

  1078.             if (isset($_FILES['pages_file']) and $_FILES['pages_file']['error'] == 0)

  1079.                 if (!$pages = simplexml_load_file($_FILES['pages_file']['tmp_name']) or $pages->generator != "Chyrp")

  1080.                     Flash::warning(__("Chyrp Pages export file is invalid."), "/admin/?action=import");

  1081. 

  1082.             if (ini_get("memory_limit") < 20)

  1083.                 ini_set("memory_limit", "20M");

  1084. 

  1085.             $trigger = Trigger::current();

  1086.             $visitor = Visitor::current();

  1087.             $sql = SQL::current();

  1088. 

  1089.             function media_url_scan(&$value) {

  1090.                 $config = Config::current();

  1091. 

  1092.                 $regexp_url = preg_quote($_POST['media_url'], "/");

  1093.                 if (preg_match_all("/{$regexp_url}([^\.\!,\?;\"\'<>\(\)\[\]\{\}\s\t ]+)\.([a-zA-Z0-9]+)/", $value, $media))

  1094.                     foreach ($media[0] as $matched_url) {

  1095.                         $filename = upload_from_url($matched_url);

  1096.                         $value = str_replace($matched_url, $config->url.$config->uploads_path.$filename, $value);

  1097.                     }

  1098.             }

  1099. 

  1100.             if (isset($_FILES['groups_file']) and $_FILES['groups_file']['error'] == 0) {

  1101.                 $import = YAML::load($_FILES['groups_file']['tmp_name']);

  1102. 

  1103.                 foreach ($import["groups"] as $name => $permissions)

  1104.                     if (!$sql->count("groups", array("name" => $name)))

  1105.                         $trigger->call("import_chyrp_group", Group::add($name, (array) $permissions));

  1106. 

  1107.                 foreach ($import["permissions"] as $id => $name)

  1108.                     if (!$sql->count("permissions", array("id" => $id)))

  1109.                         $sql->insert("permissions", array("id" => $id, "name" => $name));

  1110.             }

  1111. 

  1112.             if (isset($_FILES['users_file']) and $_FILES['users_file']['error'] == 0) {

  1113.                 $users = YAML::load($_FILES['users_file']['tmp_name']);

  1114. 

  1115.                 foreach ($users as $login => $user) {

  1116.                     $group_id = $sql->select("groups", "id", array("name" => $user["group"]), "id DESC")->fetchColumn();

  1117. 

  1118.                     $group = ($group_id) ? $group_id : $config->default_group ;

  1119. 

  1120.                     if (!$sql->count("users", array("login" => $login)))

  1121.                         $user = User::add($login,

  1122.                                           $user["password"],

  1123.                                           $user["email"],

  1124.                                           $user["full_name"],

  1125.                                           $user["website"],

  1126.                                           $group,

  1127.                                           $user["joined_at"]);

  1128. 

  1129.                     $trigger->call("import_chyrp_user", $user);

  1130.                 }

  1131.             }

  1132. 

  1133.             if (isset($_FILES['posts_file']) and $_FILES['posts_file']['error'] == 0)

  1134.                 foreach ($posts->entry as $entry) {

  1135.                     $chyrp = $entry->children("http://chyrp.net/export/1.0/");

  1136. 

  1137.                     $login = $entry->author->children("http://chyrp.net/export/1.0/")->login;

  1138.                     $user_id = $sql->select("users", "id", array("login" => $login), "id DESC")->fetchColumn();

  1139. 

  1140.                     $data = xml2arr($entry->content);

  1141.                     $data["imported_from"] = "chyrp";

  1142. 

  1143.                     if (!empty($_POST['media_url']))

  1144.                         array_walk_recursive($data, "media_url_scan");

  1145. 

  1146.                     $post = Post::add($data,

  1147.                                       $chyrp->clean,

  1148.                                       Post::check_url($chyrp->url),

  1149.                                       $chyrp->feather,

  1150.                                       ($user_id ? $user_id : $visitor->id),

  1151.                                       (bool) (int) $chyrp->pinned,

  1152.                                       $chyrp->status,

  1153.                                       datetime($entry->published),

  1154.                                       ($entry->updated == $entry->published) ?

  1155.                                           null :

  1156.                                           datetime($entry->updated),

  1157.                                       "",

  1158.                                       false);

  1159. 

  1160.                     $trigger->call("import_chyrp_post", $entry, $post);

  1161.                 }

  1162. 

  1163.             if (isset($_FILES['pages_file']) and $_FILES['pages_file']['error'] == 0)

  1164.                 foreach ($pages->entry as $entry) {

  1165.                     $chyrp = $entry->children("http://chyrp.net/export/1.0/");

  1166.                     $attr  = $entry->attributes("http://chyrp.net/export/1.0/");

  1167. 

  1168.                     $login = $entry->author->children("http://chyrp.net/export/1.0/")->login;

  1169.                     $user_id = $sql->select("users", "id", array("login" => $login), "id DESC")->fetchColumn();

  1170. 

  1171.                     $page = Page::add($entry->title,

  1172.                                       $entry->content,

  1173.                                       ($user_id ? $user_id : $visitor->id),

  1174.                                       $attr->parent_id,

  1175.                                       (bool) (int) $chyrp->show_in_list,

  1176.                                       $chyrp->list_order,

  1177.                                       $chyrp->clean,

  1178.                                       Page::check_url($chyrp->url),

  1179.                                       datetime($entry->published),

  1180.                                       ($entry->updated == $entry->published) ? null : datetime($entry->updated));

  1181. 

  1182.                     $trigger->call("import_chyrp_page", $entry, $page);

  1183.                 }

  1184. 

  1185.             Flash::notice(__("Chyrp content successfully imported!"), "/admin/?action=import");

  1186.         }

  1187. 

  1188.         /**

  1189.          * Function: import_wordpress

  1190.          * WordPress importing.

  1191.          */

  1192.         public function import_wordpress() {

  1193.             if (empty($_POST))

  1194.                 redirect("/admin/?action=import");

  1195. 

  1196.             if (!Visitor::current()->group->can("add_post"))

  1197.                 show_403(__("Access Denied"), __("You do not have sufficient privileges to import content."));

  1198. 

  1199.             $config = Config::current();

  1200. 

  1201.             if (!in_array("text", $config->enabled_feathers))

  1202.                 error(__("Missing Feather"), __("Importing from WordPress requires the Text feather to be installed and enabled."));

  1203. 

  1204.             if (ini_get("memory_limit") < 20)

  1205.                 ini_set("memory_limit", "20M");

  1206. 

  1207.             $trigger = Trigger::current();

  1208. 

  1209.             $stupid_xml = file_get_contents($_FILES['xml_file']['tmp_name']);

  1210.             $sane_xml = preg_replace(array("/<wp:comment_content>/", "/<\/wp:comment_content>/"),

  1211.                                      array("<wp:comment_content><![CDATA[", "]]></wp:comment_content>"),

  1212.                                      $stupid_xml);

  1213. 

  1214.             $sane_xml = str_replace(array("<![CDATA[<![CDATA[", "]]>]]>"),

  1215.                                     array("<![CDATA[", "]]>"),

  1216.                                     $sane_xml);

  1217. 

  1218.             if (!substr_count($sane_xml, "xmlns:excerpt"))

  1219.                 $sane_xml = preg_replace("/xmlns:content=\"([^\"]+)\"(\s+)/m",

  1220.                                          "xmlns:content=\"\\1\"\\2xmlns:excerpt=\"http://wordpress.org/excerpt/1.0/\"\\2",

  1221.                                          $sane_xml);

  1222. 

  1223.             $fix_amps_count = 1;

  1224.             while ($fix_amps_count)

  1225.                 $sane_xml = preg_replace("/<wp:meta_value>(.+)&(?!amp;)(.+)<\/wp:meta_value>/m",

  1226.                                          "<wp:meta_value>\\1&amp;\\2</wp:meta_value>",

  1227.                                          $sane_xml, -1, $fix_amps_count);

  1228. 

  1229.             # Remove null (x00) characters

  1230.             $sane_xml = str_replace("", "", $sane_xml);

  1231. 

  1232.             $xml = simplexml_load_string($sane_xml, "SimpleXMLElement", LIBXML_NOCDATA);

  1233. 

  1234.             if (!$xml or !substr_count($xml->channel->generator, "wordpress.org"))

  1235.                 Flash::warning(__("File does not seem to be a valid WordPress export file, or could not be parsed. Please check your PHP error log."),

  1236.                                "/admin/?action=import");

  1237. 

  1238.             foreach ($xml->channel->item as $item) {

  1239.                 $wordpress = $item->children("http://wordpress.org/export/1.0/");

  1240.                 $content   = $item->children("http://purl.org/rss/1.0/modules/content/");

  1241.                 if ($wordpress->status == "attachment" or $item->title == "zz_placeholder")

  1242.                     continue;

  1243. 

  1244.                 $regexp_url = preg_quote($_POST['media_url'], "/");

  1245.                 if (!empty($_POST['media_url']) and

  1246.                     preg_match_all("/{$regexp_url}([^\.\!,\?;\"\'<>\(\)\[\]\{\}\s\t ]+)\.([a-zA-Z0-9]+)/",

  1247.                                    $content->encoded,

  1248.                                    $media))

  1249.                     foreach ($media[0] as $matched_url) {

  1250.                         $filename = upload_from_url($matched_url);

  1251.                         $content->encoded = str_replace($matched_url, $config->url.$config->uploads_path.$filename, $content->encoded);

  1252.                     }

  1253. 

  1254.                 $clean = (isset($wordpress->post_name)) ? $wordpress->post_name : sanitize($item->title) ;

  1255. 

  1256.                 $pinned = (isset($wordpress->is_sticky)) ? $wordpress->is_sticky : 0 ;

  1257. 

  1258.                 if (empty($wordpress->post_type) or $wordpress->post_type == "post") {

  1259.                     $status_translate = array("publish" => "public",

  1260.                                               "draft"   => "draft",

  1261.                                               "private" => "private",

  1262.                                               "static"  => "public",

  1263.                                               "object"  => "public",

  1264.                                               "inherit" => "public",

  1265.                                               "future"  => "draft",

  1266.                                               "pending" => "draft");

  1267. 

  1268.                     $data = array("title" => trim($item->title),

  1269.                                   "body" => trim($content->encoded),

  1270.                                   "imported_from" => "wordpress");

  1271. 

  1272.                     $post = Post::add($data,

  1273.                                       $clean,

  1274.                                       Post::check_url($clean),

  1275.                                       "text",

  1276.                                       null,

  1277.                                       $pinned,

  1278.                                       $status_translate[(string) $wordpress->status],

  1279.                                       (string) ($wordpress->post_date == "0000-00-00 00:00:00" ? datetime() : $wordpress->post_date),

  1280.                                       null,

  1281.                                       "",

  1282.                                       false);

  1283. 

  1284.                     $trigger->call("import_wordpress_post", $item, $post);

  1285.                 } elseif ($wordpress->post_type == "page") {

  1286.                     $page = Page::add(trim($item->title),

  1287.                                       trim($content->encoded),

  1288.                                       null,

  1289.                                       0,

  1290.                                       true,

  1291.                                       0,

  1292.                                       $clean,

  1293.                                       Page::check_url($clean),

  1294.                                       (string) ($wordpress->post_date == "0000-00-00 00:00:00" ? datetime() : $wordpress->post_date));

  1295. 

  1296.                     $trigger->call("import_wordpress_page", $item, $page);

  1297.                 }

  1298.             }

  1299. 

  1300.             Flash::notice(__("WordPress content successfully imported!"), "/admin/?action=import");

  1301.         }

  1302. 

  1303.         /**

  1304.          * Function: import_tumblr

  1305.          * Tumblr importing.

  1306.          */

  1307.         public function import_tumblr() {

  1308.             if (empty($_POST))

  1309.                 redirect("/admin/?action=import");

  1310. 

  1311.             if (!Visitor::current()->group->can("add_post"))

  1312.                 show_403(__("Access Denied"), __("You do not have sufficient privileges to import content."));

  1313. 

  1314.             $config = Config::current();

  1315.             if (!in_array("text", $config->enabled_feathers) or

  1316.                 !in_array("video", $config->enabled_feathers) or

  1317.                 !in_array("audio", $config->enabled_feathers) or

  1318.                 !in_array("chat", $config->enabled_feathers) or

  1319.                 !in_array("photo", $config->enabled_feathers) or

  1320.                 !in_array("quote", $config->enabled_feathers) or

  1321.                 !in_array("link", $config->enabled_feathers))

  1322.                 error(__("Missing Feather"), __("Importing from Tumblr requires the Text, Video, Audio, Chat, Photo, Quote, and Link feathers to be installed and enabled."));

  1323. 

  1324.             if (ini_get("memory_limit") < 20)

  1325.                 ini_set("memory_limit", "20M");

  1326. 

  1327.             if (!parse_url($_POST['tumblr_url'], PHP_URL_SCHEME))

  1328.                 $_POST['tumblr_url'] = "http://".$_POST['tumblr_url'];

  1329. 

  1330.             set_time_limit(3600);

  1331.             $url = rtrim($_POST['tumblr_url'], "/")."/api/read?num=50";

  1332.             $api = preg_replace("/<(\/?)([a-z]+)\-([a-z]+)/", "<\\1\\2_\\3", get_remote($url));

  1333.             $api = preg_replace("/ ([a-z]+)\-([a-z]+)=/", " \\1_\\2=", $api);

  1334.             $xml = simplexml_load_string($api);

  1335. 

  1336.             if (!isset($xml->tumblelog))

  1337.                 Flash::warning(_f("Content could not be retrieved from the given URL. ". get_remote($url)),

  1338.                                   "/admin/?action=import");

  1339. 

  1340.             $already_in = $posts = array();

  1341.             foreach ($xml->posts->post as $post) {

  1342.                 $posts[] = $post;

  1343.                 $already_in[] = $post->attributes()->id;

  1344.             }

  1345. 

  1346.             while ($xml->posts->attributes()->total > count($posts)) {

  1347.                 set_time_limit(3600);

  1348.                 $api = preg_replace("/<(\/?)([a-z]+)\-([a-z]+)/", "<\\1\\2_\\3", get_remote($url."&start=".count($posts)));

  1349.                 $api = preg_replace("/ ([a-z]+)\-([a-z]+)=/", " \\1_\\2=", $api);

  1350.                 $xml = simplexml_load_string($api, "SimpleXMLElement", LIBXML_NOCDATA);

  1351.                 foreach ($xml->posts->post as $post)

  1352.                     if (!in_array($post->attributes()->id, $already_in)) {

  1353.                         $posts[] = $post;

  1354.                         $already_in[] = $post->attributes()->id;

  1355.                     }

  1356.             }

  1357. 

  1358.             function reverse($a, $b) {

  1359.                 if (empty($a) or empty($b)) return 0;

  1360.                 return (strtotime($a->attributes()->date) < strtotime($b->attributes()->date)) ? -1 : 1 ;

  1361.             }

  1362. 

  1363.             set_time_limit(3600);

  1364.             usort($posts, "reverse");

  1365. 

  1366.             foreach ($posts as $key => $post) {

  1367.                 set_time_limit(3600);

  1368.                 if ($post->attributes()->type == "audio")

  1369.                     break; # Can't import Audio posts since Tumblr has the files locked in to Amazon.

  1370. 

  1371.                 $translate_types = array("regular" => "text", "conversation" => "chat");

  1372. 

  1373.                 $clean = "";

  1374.                 switch($post->attributes()->type) {

  1375.                     case "regular":

  1376.                         $title = fallback($post->regular_title);

  1377.                         $values = array("title" => $title,

  1378.                                         "body" => $post->regular_body);

  1379.                         $clean = sanitize($title);

  1380.                         break;

  1381.                     case "video":

  1382.                         $values = array("embed" => $post->video_player,

  1383.                                         "caption" => fallback($post->video_caption));

  1384.                         break;

  1385.                     case "conversation":

  1386.                         $title = fallback($post->conversation_title);

  1387. 

  1388.                         $lines = array();

  1389.                         foreach ($post->conversation_line as $line)

  1390.                             $lines[] = $line->attributes()->label." ".$line;

  1391. 

  1392.                         $values = array("title" => $title,

  1393.                                         "dialogue" => implode("\n", $lines));

  1394.                         $clean = sanitize($title);

  1395.                         break;

  1396.                     case "photo":

  1397.                         $values = array("filename" => upload_from_url($post->photo_url[0]),

  1398.                                         "caption" => fallback($post->photo_caption));

  1399.                         break;

  1400.                     case "quote":

  1401.                         $values = array("quote" => $post->quote_text,

  1402.                                         "source" => preg_replace("/^&mdash; /", "",

  1403.                                                                  fallback($post->quote_source)));

  1404.                         break;

  1405.                     case "link":

  1406.                         $name = fallback($post->link_text);

  1407.                         $values = array("name" => $name,

  1408.                                         "source" => $post->link_url,

  1409.                                         "description" => fallback($post->link_description));

  1410.                         $clean = sanitize($name);

  1411.                         break;

  1412.                 }

  1413. 

  1414.                 $values["imported_from"] = "tumblr";

  1415. 

  1416.                 $new_post = Post::add($values,

  1417.                                       $clean,

  1418.                                       Post::check_url($clean),

  1419.                                       fallback($translate_types[(string) $post->attributes()->type], (string) $post->attributes()->type),

  1420.                                       null,

  1421.                                       null,

  1422.                                       "public",

  1423.                                       datetime((int) $post->attributes()->unix_timestamp),

  1424.                                       null,

  1425.                                       "",

  1426.                                       false);

  1427. 

  1428.                 Trigger::current()->call("import_tumble", $post, $new_post);

  1429.             }

  1430. 

  1431.             Flash::notice(__("Tumblr content successfully imported!"), "/admin/?action=import");

  1432.         }

  1433. 

  1434.         /**

  1435.          * Function: import_textpattern

  1436.          * TextPattern importing.

  1437.          */

  1438.         public function import_textpattern() {

  1439.             if (empty($_POST))

  1440.                 redirect("/admin/?action=import");

  1441. 

  1442.             if (!Visitor::current()->group->can("add_post"))

  1443.                 show_403(__("Access Denied"), __("You do not have sufficient privileges to import content."));

  1444. 

  1445.             $config = Config::current();

  1446.             $trigger = Trigger::current();

  1447. 

  1448.             $dbcon = $dbsel = false;

  1449.             if ($link = @mysql_connect($_POST['host'], $_POST['username'], $_POST['password'])) {

  1450.                 $dbcon = true;

  1451.                 $dbsel = @mysql_select_db($_POST['database'], $link);

  1452.             }

  1453. 

  1454.             if (!$dbcon or !$dbsel)

  1455.                 Flash::warning(__("Could not connect to the specified TextPattern database."),

  1456.                                "/admin/?action=import");

  1457. 

  1458.             mysql_query("SET NAMES 'utf8'");

  1459. 

  1460.             $get_posts = mysql_query("SELECT * FROM {$_POST['prefix']}textpattern ORDER BY ID ASC", $link) or error(__("Database Error"), mysql_error());

  1461.             $posts = array();

  1462.             while ($post = mysql_fetch_array($get_posts))

  1463.                 $posts[$post["ID"]] = $post;

  1464. 

  1465.             foreach ($posts as $post) {

  1466.                 $regexp_url = preg_quote($_POST['media_url'], "/");

  1467.                 if (!empty($_POST['media_url']) and

  1468.                     preg_match_all("/{$regexp_url}([^\.\!,\?;\"\'<>\(\)\[\]\{\}\s\t ]+)\.([a-zA-Z0-9]+)/",

  1469.                                    $post["Body"],

  1470.                                    $media))

  1471.                     foreach ($media[0] as $matched_url) {

  1472.                         $filename = upload_from_url($matched_url);

  1473.                         $post["Body"] = str_replace($matched_url, $config->url.$config->uploads_path.$filename, $post["Body"]);

  1474.                     }

  1475. 

  1476.                 $status_translate = array(1 => "draft",

  1477.                                           2 => "private",

  1478.                                           3 => "draft",

  1479.                                           4 => "public",

  1480.                                           5 => "public");

  1481. 

  1482.                 $clean = fallback($post["url_title"], sanitize($post["Title"]));

  1483. 

  1484.                 $new_post = Post::add(array("title" => $post["Title"],

  1485.                                             "body" => $post["Body"],

  1486.                                             "imported_from" => "textpattern"),

  1487.                                       $clean,

  1488.                                       Post::check_url($clean),

  1489.                                       "text",

  1490.                                       null,

  1491.                                       ($post["Status"] == "5"),

  1492.                                       $status_translate[$post["Status"]],

  1493.                                       $post["Posted"],

  1494.                                       null,

  1495.                                       "",

  1496.                                       false);

  1497. 

  1498.                 $trigger->call("import_textpattern_post", $post, $new_post);

  1499.             }

  1500. 

  1501.             mysql_close($link);

  1502. 

  1503.             Flash::notice(__("TextPattern content successfully imported!"), "/admin/?action=import");

  1504.         }

  1505. 

  1506.         /**

  1507.          * Function: import_movabletype

  1508.          * MovableType importing.

  1509.          */

  1510.         public function import_movabletype() {

  1511.             if (empty($_POST))

  1512.                 redirect("/admin/?action=import");

  1513. 

  1514.             if (!Visitor::current()->group->can("add_post"))

  1515.                 show_403(__("Access Denied"), __("You do not have sufficient privileges to import content."));

  1516. 

  1517.             $config = Config::current();

  1518.             $trigger = Trigger::current();

  1519. 

  1520.             $dbcon = $dbsel = false;

  1521.             if ($link = @mysql_connect($_POST['host'], $_POST['username'], $_POST['password'])) {

  1522.                 $dbcon = true;

  1523.                 $dbsel = @mysql_select_db($_POST['database'], $link);

  1524.             }

  1525. 

  1526.             if (!$dbcon or !$dbsel)

  1527.                 Flash::warning(__("Could not connect to the specified MovableType database."),

  1528.                                "/admin/?action=import");

  1529. 

  1530.             mysql_query("SET NAMES 'utf8'");

  1531. 

  1532.             $get_authors = mysql_query("SELECT * FROM mt_author ORDER BY author_id ASC", $link) or error(__("Database Error"), mysql_error());

  1533.             $users = array();

  1534.             while ($author = mysql_fetch_array($get_authors)) {

  1535.                 # Try to figure out if this author is the same as the person doing the import.

  1536.                 if ($author["author_name"] == Visitor::current()->login or

  1537.                     $author["author_nickname"] == Visitor::current()->login or

  1538.                     $author["author_nickname"] == Visitor::current()->full_name or

  1539.                     $author["author_url"] == Visitor::current()->website or

  1540.                     $author["author_email"] == Visitor::current()->email)

  1541.                     $users[$author["author_id"]] = Visitor::current();

  1542.                 else

  1543.                     $users[$author["author_id"]] = User::add($author["author_name"],

  1544.                                                              $author["author_password"],

  1545.                                                              $author["author_email"],

  1546.                                                              ($author["author_nickname"] != $author["author_name"] ?

  1547.                                                                  $author["author_nickname"] :

  1548.                                                                  ""),

  1549.                                                              $author["author_url"],

  1550.                                                              ($author["author_can_create_blog"] == "1" ?

  1551.                                                                  Visitor::current()->group :

  1552.                                                                  null),

  1553.                                                              $author["author_created_on"],

  1554.                                                              false);

  1555.             }

  1556. 

  1557.             $get_posts = mysql_query("SELECT * FROM mt_entry ORDER BY entry_id ASC", $link) or error(__("Database Error"), mysql_error());

  1558.             $posts = array();

  1559.             while ($post = mysql_fetch_array($get_posts))

  1560.                 $posts[$post["entry_id"]] = $post;

  1561. 

  1562.             foreach ($posts as $post) {

  1563.                 $body = $post["entry_text"];

  1564. 

  1565.                 if (!empty($post["entry_text_more"]))

  1566.                     $body.= "\n\n<!--more-->\n\n".$post["entry_text_more"];

  1567. 

  1568.                 $regexp_url = preg_quote($_POST['media_url'], "/");

  1569.                 if (!empty($_POST['media_url']) and

  1570.                     preg_match_all("/{$regexp_url}([^\.\!,\?;\"\'<>\(\)\[\]\{\}\s\t ]+)\.([a-zA-Z0-9]+)/",

  1571.                                    $body,

  1572.                                    $media))

  1573.                     foreach ($media[0] as $matched_url) {

  1574.                         $filename = upload_from_url($matched_url);

  1575.                         $body = str_replace($matched_url, $config->url.$config->uploads_path.$filename, $body);

  1576.                     }

  1577. 

  1578.                 $status_translate = array(1 => "draft",

  1579.                                           2 => "public",

  1580.                                           3 => "draft",

  1581.                                           4 => "draft");

  1582. 

  1583.                 $clean = oneof($post["entry_basename"], sanitize($post["entry_title"]));

  1584. 

  1585.                 if (empty($post["entry_class"]) or $post["entry_class"] == "entry") {

  1586.                     $new_post = Post::add(array("title" => $post["entry_title"],

  1587.                                                 "body" => $body,

  1588.                                                 "imported_from" => "movabletype"),

  1589.                                           $clean,

  1590.                                           Post::check_url($clean),

  1591.                                           "text",

  1592.                                           @$users[$post["entry_author_id"]],

  1593.                                           false,

  1594.                                           $status_translate[$post["entry_status"]],

  1595.                                           oneof(@$post["entry_authored_on"], @$post["entry_created_on"], datetime()),

  1596.                                           $post["entry_modified_on"],

  1597.                                           "",

  1598.                                           false);

  1599.                     $trigger->call("import_movabletype_post", $post, $new_post, $link);

  1600.                 } elseif (@$post["entry_class"] == "page") {

  1601.                     $new_page = Page::add($post["entry_title"], $body, null, 0, true, 0, $clean, Page::check_url($clean));

  1602.                     $trigger->call("import_movabletype_page", $post, $new_page, $link);

  1603.                 }

  1604.             }

  1605. 

  1606.             mysql_close($link);

  1607. 

  1608.             Flash::notice(__("MovableType content successfully imported!"), "/admin/?action=import");

  1609.         }

  1610. 

  1611.         /**

  1612.          * Function: modules

  1613.          * Module enabling/disabling.

  1614.          */

  1615.         public function modules() {

  1616.             if (!Visitor::current()->group->can("toggle_extensions"))

  1617.                 show_403(__("Access Denied"), __("You do not have sufficient privileges to enable/disable modules."));

  1618. 

  1619.             $config = Config::current();

  1620. 

  1621.             $this->context["enabled_modules"] = $this->context["disabled_modules"] = array();

  1622. 

  1623.             if (!$open = @opendir(MODULES_DIR))

  1624.                 return Flash::warning(__("Could not read modules directory."));

  1625. 

  1626.             $classes = array();

  1627. 

  1628.             while (($folder = readdir($open)) !== false) {

  1629.                 if (!file_exists(MODULES_DIR."/".$folder."/".$folder.".php") or !file_exists(MODULES_DIR."/".$folder."/info.yaml")) continue;

  1630. 

  1631.                 if (file_exists(MODULES_DIR."/".$folder."/locale/".$config->locale.".mo"))

  1632.                     load_translator($folder, MODULES_DIR."/".$folder."/locale/".$config->locale.".mo");

  1633. 

  1634.                 if (!isset($classes[$folder]))

  1635.                     $classes[$folder] = array($folder);

  1636.                 else

  1637.                     array_unshift($classes[$folder], $folder);

  1638. 

  1639.                 $info = YAML::load(MODULES_DIR."/".$folder."/info.yaml");

  1640. 

  1641.                 $info["conflicts_true"] = array();

  1642.                 $info["depends_true"] = array();

  1643. 

  1644.                 if (!empty($info["conflicts"])) {

  1645.                     $classes[$folder][] = "conflict";

  1646. 

  1647.                     foreach ((array) $info["conflicts"] as $conflict)

  1648.                         if (file_exists(MODULES_DIR."/".$conflict."/".$conflict.".php"))

  1649.                             $classes[$folder][] = "conflict_".$conflict;

  1650.                 }

  1651. 

  1652.                 $dependencies_needed = array();

  1653.                 if (!empty($info["depends"])) {

  1654.                     $classes[$folder][] = "depends";

  1655. 

  1656.                     foreach ((array) $info["depends"] as $dependency) {

  1657.                         if (!module_enabled($dependency)) {

  1658.                             if (!in_array("missing_dependency", $classes[$folder]))

  1659.                                 $classes[$folder][] = "missing_dependency";

  1660. 

  1661.                             $classes[$folder][] = "needs_".$dependency;

  1662. 

  1663.                             $dependencies_needed[] = $dependency;

  1664.                         }

  1665. 

  1666.                         $classes[$folder][] = "depends_".$dependency;

  1667. 

  1668.                         fallback($classes[$dependency], array());

  1669.                         $classes[$dependency][] = "depended_by_".$folder;

  1670.                     }

  1671.                 }

  1672. 

  1673.                 fallback($info["name"], $folder);

  1674.                 fallback($info["version"], "0");

  1675.                 fallback($info["url"]);

  1676.                 fallback($info["description"]);

  1677.                 fallback($info["author"], array("name" => "", "url" => ""));

  1678.                 fallback($info["help"]);

  1679. 

  1680.                 $info["description"] = __($info["description"], $folder);

  1681.                 $info["description"] = preg_replace(array("/<code>(.+)<\/code>/se", "/<pre>(.+)<\/pre>/se"),

  1682.                                                     array("'<code>'.fix('\\1').'</code>'", "'<pre>'.fix('\\1').'</pre>'"),

  1683.                                                     $info["description"]);

  1684. 

  1685.                 $info["author"]["link"] = !empty($info["author"]["url"]) ?

  1686.                                               '<a href="'.fix($info["author"]["url"]).'">'.fix($info["author"]["name"]).'</a>' :

  1687.                                               $info["author"]["name"] ;

  1688. 

  1689.                 $category = (module_enabled($folder)) ? "enabled_modules" : "disabled_modules" ;

  1690.                 $this->context[$category][$folder] = array("name" => $info["name"],

  1691.                                                            "version" => $info["version"],

  1692.                                                            "url" => $info["url"],

  1693.                                                            "description" => $info["description"],

  1694.                                                            "author" => $info["author"],

  1695.                                                            "help" => $info["help"],

  1696.                                                            "classes" => $classes[$folder],

  1697.                                                            "dependencies_needed" => $dependencies_needed);

  1698.             }

  1699. 

  1700.             foreach ($this->context["enabled_modules"] as $module => &$attrs)

  1701.                 $attrs["classes"] = $classes[$module];

  1702. 

  1703.             foreach ($this->context["disabled_modules"] as $module => &$attrs)

  1704.                 $attrs["classes"] = $classes[$module];

  1705. 

  1706.             $this->display("modules");

  1707.         }

  1708. 

  1709.         /**

  1710.          * Function: feathers

  1711.          * Feather enabling/disabling.

  1712.          */

  1713.         public function feathers() {

  1714.             if (!Visitor::current()->group->can("toggle_extensions"))

  1715.                 show_403(__("Access Denied"), __("You do not have sufficient privileges to enable/disable feathers."));

  1716. 

  1717.             $config = Config::current();

  1718. 

  1719.             $this->context["enabled_feathers"] = $this->context["disabled_feathers"] = array();

  1720. 

  1721.             if (!$open = @opendir(FEATHERS_DIR))

  1722.                 return Flash::warning(__("Could not read feathers directory."));

  1723. 

  1724.             while (($folder = readdir($open)) !== false) {

  1725.                 if (!file_exists(FEATHERS_DIR."/".$folder."/".$folder.".php") or !file_exists(FEATHERS_DIR."/".$folder."/info.yaml")) continue;

  1726. 

  1727.                 if (file_exists(FEATHERS_DIR."/".$folder."/locale/".$config->locale.".mo"))

  1728.                     load_translator($folder, FEATHERS_DIR."/".$folder."/locale/".$config->locale.".mo");

  1729. 

  1730.                 $info = YAML::load(FEATHERS_DIR."/".$folder."/info.yaml");

  1731. 

  1732.                 fallback($info["name"], $folder);

  1733.                 fallback($info["version"], "0");

  1734.                 fallback($info["url"]);

  1735.                 fallback($info["description"]);

  1736.                 fallback($info["author"], array("name" => "", "url" => ""));

  1737.                 fallback($info["help"]);

  1738. 

  1739.                 $info["description"] = __($info["description"], $folder);

  1740.                 $info["description"] = preg_replace("/<code>(.+)<\/code>/se", "'<code>'.fix('\\1').'</code>'", $info["description"]);

  1741.                 $info["description"] = preg_replace("/<pre>(.+)<\/pre>/se", "'<pre>'.fix('\\1').'</pre>'", $info["description"]);

  1742. 

  1743.                 $info["author"]["link"] = !empty($info["author"]["url"]) ?

  1744.                                               '<a href="'.fix($info["author"]["url"]).'">'.fix($info["author"]["name"]).'</a>' :

  1745.                                               $info["author"]["name"] ;

  1746. 

  1747.                 $category = (feather_enabled($folder)) ? "enabled_feathers" : "disabled_feathers" ;

  1748.                 $this->context[$category][$folder] = array("name" => $info["name"],

  1749.                                                            "version" => $info["version"],

  1750.                                                            "url" => $info["url"],

  1751.                                                            "description" => $info["description"],

  1752.                                                            "author" => $info["author"],

  1753.                                                            "help" => $info["help"]);

  1754.             }

  1755. 

  1756.             $this->display("feathers");

  1757.         }

  1758. 

  1759.         /**

  1760.          * Function: themes

  1761.          * Theme switching/previewing.

  1762.          */

  1763.         public function themes() {

  1764.             $config = Config::current();

  1765. 

  1766.             $this->context["preview"] = !empty($_SESSION['theme']) ? $_SESSION['theme'] : "" ;

  1767. 

  1768.             $this->context["themes"] = array();

  1769. 

  1770.             if (!$open = @opendir(THEMES_DIR))

  1771.                 return Flash::warning(__("Could not read themes directory."));

  1772. 

  1773.             while (($folder = readdir($open)) !== false) {

  1774.                 if (!file_exists(THEMES_DIR."/".$folder."/info.yaml"))

  1775.                     continue;

  1776. 

  1777.                 if (file_exists(THEMES_DIR."/".$folder."/locale/".$config->locale.".mo"))

  1778.                     load_translator($folder, THEMES_DIR."/".$folder."/locale/".$config->locale.".mo");

  1779. 

  1780.                 $info = YAML::load(THEMES_DIR."/".$folder."/info.yaml");

  1781. 

  1782.                 fallback($info["name"], $folder);

  1783.                 fallback($info["version"], "0");

  1784.                 fallback($info["url"]);

  1785.                 fallback($info["description"]);

  1786.                 fallback($info["author"], array("name" => "", "url" => ""));

  1787. 

  1788.                 $info["author"]["link"] = !empty($info["author"]["url"]) ?

  1789.                     '<a href="'.$info["author"]["url"].'">'.$info["author"]["name"].'</a>' :

  1790.                     $info["author"]["name"] ;

  1791.                 $info["description"] = preg_replace("/<code>(.+)<\/code>/se",

  1792.                                                     "'<code>'.fix('\\1').'</code>'",

  1793.                                                     $info["description"]);

  1794. 

  1795.                 $info["description"] = preg_replace("/<pre>(.+)<\/pre>/se",

  1796.                                                     "'<pre>'.fix('\\1').'</pre>'",

  1797.                                                     $info["description"]);

  1798. 

  1799.                 $this->context["themes"][] = array("name" => $folder,

  1800.                                                    "screenshot" => (file_exists(THEMES_DIR."/".$folder."/screenshot.png") ?

  1801.                                                                         $config->chyrp_url."/themes/".$folder."/screenshot.png" :

  1802.                                                                         ""),

  1803.                                                    "info" => $info);

  1804.             }

  1805. 

  1806.             if (!$open = @opendir(ADMIN_THEMES_DIR))

  1807.                 return Flash::warning(__("Could not read themes directory."));

  1808. 

  1809.             while (($folder = readdir($open)) !== false) {

  1810.                 if (!file_exists(ADMIN_THEMES_DIR."/".$folder."/info.yaml"))

  1811.                     continue;

  1812. 

  1813.                 if (file_exists(ADMIN_THEMES_DIR."/".$folder."/locale/".$config->locale.".mo"))

  1814.                     load_translator($folder, ADMIN_THEMES_DIR."/".$folder."/locale/".$config->locale.".mo");

  1815. 

  1816.                 $info = YAML::load(ADMIN_THEMES_DIR."/".$folder."/info.yaml");

  1817. 

  1818.                 fallback($info["name"], $folder);

  1819.                 fallback($info["version"], "0");

  1820.                 fallback($info["url"]);

  1821.                 fallback($info["description"]);

  1822.                 fallback($info["author"], array("name" => "", "url" => ""));

  1823. 

  1824.                 $info["author"]["link"] = !empty($info["author"]["url"]) ?

  1825.                     '<a href="'.$info["author"]["url"].'">'.$info["author"]["name"].'</a>' :

  1826.                     $info["author"]["name"] ;

  1827.                 $info["description"] = preg_replace("/<code>(.+)<\/code>/se",

  1828.                                                     "'<code>'.fix('\\1').'</code>'",

  1829.                                                     $info["description"]);

  1830. 

  1831.                 $info["description"] = preg_replace("/<pre>(.+)<\/pre>/se",

  1832.                                                     "'<pre>'.fix('\\1').'</pre>'",

  1833.                                                     $info["description"]);

  1834. 

  1835.                 $this->context["admin_themes"][] = array("name" => $folder,

  1836.                                                          "screenshot" => (file_exists(ADMIN_THEMES_DIR."/".$folder."/screenshot.png") ?

  1837.                                                          $config->chyrp_url."/admin/themes/".$folder."/screenshot.png" :

  1838.                                                          ""),

  1839.                                                          "info" => $info);

  1840.             }

  1841. 

  1842.             closedir($open);

  1843. 

  1844.             $this->display("themes");

  1845.         }

  1846. 

  1847.         /**

  1848.          * Function: enable

  1849.          * Enables a module or feather.

  1850.          */

  1851.         public function enable() {

  1852.             $config  = Config::current();

  1853.             $visitor = Visitor::current();

  1854. 

  1855.             $type = (isset($_GET['module'])) ? "module" : "feather" ;

  1856. 

  1857.             if (!$visitor->group->can("toggle_extensions"))

  1858.                 if ($type == "module")

  1859.                     show_403(__("Access Denied"), __("You do not have sufficient privileges to enable/disable modules."));

  1860.                 else

  1861.                     show_403(__("Access Denied"), __("You do not have sufficient privileges to enable/disable feathers."));

  1862. 

  1863.             if ($type == "module" and module_enabled($_GET[$type]))

  1864.                 Flash::warning(__("Module already enabled."), "/admin/?action=modules");

  1865. 

  1866.             if ($type == "feather" and feather_enabled($_GET[$type]))

  1867.                 Flash::warning(__("Feather already enabled."), "/admin/?action=feathers");

  1868. 

  1869.             $enabled_array = ($type == "module") ? "enabled_modules" : "enabled_feathers" ;

  1870.             $folder        = ($type == "module") ? MODULES_DIR : FEATHERS_DIR ;

  1871. 

  1872.             require $folder."/".$_GET[$type]."/".$_GET[$type].".php";

  1873. 

  1874.             $class_name = camelize($_GET[$type]);

  1875. 

  1876.             if ($type == "module" and !is_subclass_of($class_name, "Modules"))

  1877.                 Flash::warning(__("Item is not a module."), "/admin/?action=modules");

  1878. 

  1879.             if ($type == "feather" and !is_subclass_of($class_name, "Feathers"))

  1880.                 Flash::warning(__("Item is not a feather."), "/admin/?action=feathers");

  1881. 

  1882.             if (method_exists($class_name, "__install"))

  1883.                 call_user_func(array($class_name, "__install"));

  1884. 

  1885.             $new = $config->$enabled_array;

  1886.             array_push($new, $_GET[$type]);

  1887.             $config->set($enabled_array, $new);

  1888. 

  1889.             if (file_exists($folder."/".$_GET[$type]."/locale/".$config->locale.".mo"))

  1890.                 load_translator($_GET[$type], $folder."/".$_GET[$type]."/locale/".$config->locale.".mo");

  1891. 

  1892.             $info = YAML::load($folder."/".$_GET[$type]."/info.yaml");

  1893.             fallback($info["uploader"], false);

  1894.             fallback($info["notifications"], array());

  1895. 

  1896.             foreach ($info["notifications"] as &$notification)

  1897.                 $notification = __($notification, $_GET[$type]);

  1898. 

  1899.             if ($info["uploader"])

  1900.                 if (!file_exists(MAIN_DIR.$config->uploads_path))

  1901.                     $info["notifications"][] = _f("Please create the <code>%s</code> directory at your Chyrp install's root and CHMOD it to 777.", array($config->uploads_path));

  1902.                 elseif (!is_writable(MAIN_DIR.$config->uploads_path))

  1903.                     $info["notifications"][] = _f("Please CHMOD <code>%s</code> to 777.", array($config->uploads_path));

  1904. 

  1905.             foreach ($info["notifications"] as $message)

  1906.                 Flash::message($message);

  1907. 

  1908.             if ($type == "module")

  1909.                 Flash::notice(_f("&#8220;%s&#8221; module enabled.",

  1910.                                  array($info["name"])),

  1911.                               "/admin/?action=".pluralize($type));

  1912.             elseif ($type == "feather")

  1913.                 Flash::notice(_f("&#8220;%s&#8221; feather enabled.",

  1914.                                  array($info["name"])),

  1915.                               "/admin/?action=".pluralize($type));

  1916.         }

  1917. 

  1918.         /**

  1919.          * Function: disable

  1920.          * Disables a module or feather.

  1921.          */

  1922.         public function disable() {

  1923.             $config  = Config::current();

  1924.             $visitor = Visitor::current();

  1925. 

  1926.             $type = (isset($_GET['module'])) ? "module" : "feather" ;

  1927. 

  1928.             if (!$visitor->group->can("toggle_extensions"))

  1929.                 if ($type == "module")

  1930.                     show_403(__("Access Denied"), __("You do not have sufficient privileges to enable/disable modules."));

  1931.                 else

  1932.                     show_403(__("Access Denied"), __("You do not have sufficient privileges to enable/disable feathers."));

  1933. 

  1934.             if ($type == "module" and !module_enabled($_GET[$type]))

  1935.                 Flash::warning(__("Module already disabled."), "/admin/?action=modules");

  1936. 

  1937.             if ($type == "feather" and !feather_enabled($_GET[$type]))

  1938.                 Flash::warning(__("Feather already disabled."), "/admin/?action=feathers");

  1939. 

  1940.             $enabled_array = ($type == "module") ? "enabled_modules" : "enabled_feathers" ;

  1941.             $folder        = ($type == "module") ? MODULES_DIR : FEATHERS_DIR ;

  1942. 

  1943.             $class_name = camelize($_GET[$type]);

  1944.             if (method_exists($class_name, "__uninstall"))

  1945.                 call_user_func(array($class_name, "__uninstall"), false);

  1946. 

  1947.             $config->set(($type == "module" ? "enabled_modules" : "enabled_feathers"),

  1948.                          array_diff($config->$enabled_array, array($_GET[$type])));

  1949. 

  1950.             $info = YAML::load($folder."/".$_GET[$type]."/info.yaml");

  1951.             if ($type == "module")

  1952.                 Flash::notice(_f("&#8220;%s&#8221; module disabled.",

  1953.                                  array($info["name"])),

  1954.                               "/admin/?action=".pluralize($type));

  1955.             elseif ($type == "feather")

  1956.                 Flash::notice(_f("&#8220;%s&#8221; feather disabled.",

  1957.                                  array($info["name"])),

  1958.                               "/admin/?action=".pluralize($type));

  1959.         }

  1960. 

  1961.         /**

  1962.          * Function: change_theme

  1963.          * Changes the theme.

  1964.          */

  1965.         public function change_theme() {

  1966.             if (!Visitor::current()->group->can("change_settings"))

  1967.                 show_403(__("Access Denied"), __("You do not have sufficient privileges to change settings."));

  1968.             if (empty($_GET['theme']))

  1969.                 error(__("No Theme Specified"), __("You did not specify a theme to switch to."));

  1970. 

  1971.             $config = Config::current();

  1972. 

  1973.             $config->set("theme", $_GET['theme']);

  1974. 

  1975.             if (file_exists(THEMES_DIR."/".$_GET['theme']."/locale/".$config->locale.".mo"))

  1976.                 load_translator($_GET['theme'], THEMES_DIR."/".$_GET['theme']."/locale/".$config->locale.".mo");

  1977. 

  1978.             $info = YAML::load(THEMES_DIR."/".$_GET['theme']."/info.yaml");

  1979.             fallback($info["notifications"], array());

  1980. 

  1981.             foreach ($info["notifications"] as &$notification)

  1982.                 $notification = __($notification, $_GET['theme']);

  1983. 

  1984.             foreach ($info["notifications"] as $message)

  1985.                 Flash::message($message);

  1986. 

  1987.             # Clear the caches made by the previous theme.

  1988.             foreach ((array) glob(INCLUDES_DIR."/caches/*.cache") as $cache)

  1989.                 @unlink($cache);

  1990. 

  1991.             Flash::notice(_f("Theme changed to &#8220;%s&#8221;.", array($info["name"])), "/admin/?action=themes");

  1992.         }

  1993. 

  1994.         /**

  1995.          * Function: theme

  1996.          * Changes the admin theme.

  1997.          */

  1998.         public function change_admin_theme() {

  1999.             if (empty($_GET['theme']))

  2000.                 error(__("No Theme Specified"), __("You did not specify a theme to switch to."));

  2001. 

  2002.             $config = Config::current();

  2003. 

  2004.             $_SESSION['admin_theme'] = $_GET['theme'];

  2005. 

  2006.             if (file_exists(ADMIN_THEMES_DIR."/".$_GET['theme']."/locale/".$config->locale.".mo"))

  2007.                 load_translator($_GET['theme'], ADMIN_THEMES_DIR."/".$_GET['theme']."/locale/".$config->locale.".mo");

  2008. 

  2009.             $info = YAML::load(ADMIN_THEMES_DIR."/".$_GET['theme']."/info.yaml");

  2010.             fallback($info["notifications"], array());

  2011. 

  2012.             foreach ($info["notifications"] as &$notification)

  2013.                 $notification = __($notification, $_GET['theme']);

  2014. 

  2015.             foreach ($info["notifications"] as $message)

  2016.                 Flash::message($message);

  2017. 

  2018.             # Clear the caches made by the previous theme.

  2019.             foreach (glob(INCLUDES_DIR."/caches/*.cache") as $cache)

  2020.                 @unlink($cache);

  2021. 

  2022.             Flash::notice(_f("Admin theme changed to &#8220;%s&#8221;.", array($info["name"])), "/admin/?action=themes");

  2023.         }

  2024. 

  2025.         /**

  2026.          * Function: preview_theme

  2027.          * Previews the theme.

  2028.          */

  2029.         public function preview_theme() {

  2030.             if (!Visitor::current()->group->can("change_settings"))

  2031.                 show_403(__("Access Denied"), __("You do not have sufficient privileges to preview themes."));

  2032.             if (empty($_GET['theme']))

  2033.                 error(__("No Theme Specified"), __("You did not specify a theme to preview."));

  2034. 

  2035.             $info = YAML::load(THEMES_DIR."/".$_GET['theme']."/info.yaml");

  2036. 

  2037.             # Clear the caches made by the previous theme.

  2038.             foreach (glob(INCLUDES_DIR."/caches/*.cache") as $cache)

  2039.                 @unlink($cache);

  2040. 

  2041.             if (!empty($_SESSION['theme'])) {

  2042.                 unset($_SESSION['theme']);

  2043.                 Flash::notice(_f("Stopped previewing &#8220;%s&#8221;.", array($info["name"])), "/admin/?action=themes");

  2044.             } else {

  2045.                 $_SESSION['theme'] = $_GET['theme'];

  2046.                 Flash::notice(_f("Previewing theme &#8220;%s&#8221;. Press the theme's &#8220;Preview&#8221; button again to stop previewing.", array($info["name"])), "/");

  2047.             }

  2048.         }

  2049. 

  2050.         /**

  2051.          * Function: general_settings

  2052.          * General Settings page.

  2053.          */

  2054.         public function general_settings() {

  2055.             if (!Visitor::current()->group->can("change_settings"))

  2056.                 show_403(__("Access Denied"), __("You do not have sufficient privileges to change settings."));

  2057. 

  2058.             $locales = array();

  2059. 

  2060.             if ($open = opendir(INCLUDES_DIR."/locale/")) {

  2061.                  while (($folder = readdir($open)) !== false) {

  2062.                     $split = explode(".", $folder);

  2063.                     if (end($split) == "mo")

  2064.                         $locales[] = array("code" => $split[0], "name" => lang_code($split[0]));

  2065.                 }

  2066.                 closedir($open);

  2067.             }

  2068. 

  2069.             if (empty($_POST))

  2070.                 return $this->display("general_settings",

  2071.                                       array("locales" => $locales,

  2072.                                             "timezones" => timezones()));

  2073. 

  2074.             if (!isset($_POST['hash']) or $_POST['hash'] != Config::current()->secure_hashkey)

  2075.                 show_403(__("Access Denied"), __("Invalid security key."));

  2076. 

  2077.             $config = Config::current();

  2078.             $set = array($config->set("name", $_POST['name']),

  2079.                          $config->set("description", $_POST['description']),

  2080.                          $config->set("chyrp_url", rtrim($_POST['chyrp_url'], "/")),

  2081.                          $config->set("url", rtrim(oneof($_POST['url'], $_POST['chyrp_url']), "/")),

  2082.                          $config->set("email", $_POST['email']),

  2083.                          $config->set("timezone", $_POST['timezone']),

  2084.                          $config->set("locale", $_POST['locale']));

  2085. 

  2086.             if (!in_array(false, $set))

  2087.                 Flash::notice(__("Settings updated."), "/admin/?action=general_settings");

  2088.         }

  2089. 

  2090.         /**

  2091.          * Function: user_settings

  2092.          * User Settings page.

  2093.          */

  2094.         public function user_settings() {

  2095.             if (!Visitor::current()->group->can("change_settings"))

  2096.                 show_403(__("Access Denied"), __("You do not have sufficient privileges to change settings."));

  2097. 

  2098.             if (empty($_POST))

  2099.                 return $this->display("user_settings", array("groups" => Group::find(array("order" => "id DESC"))));

  2100. 

  2101.             if (!isset($_POST['hash']) or $_POST['hash'] != Config::current()->secure_hashkey)

  2102.                 show_403(__("Access Denied"), __("Invalid security key."));

  2103. 

  2104.             $config = Config::current();

  2105.             $set = array($config->set("can_register", !empty($_POST['can_register'])),

  2106.                          $config->set("default_group", $_POST['default_group']),

  2107.                          $config->set("guest_group", $_POST['guest_group']));

  2108. 

  2109.             if (!in_array(false, $set))

  2110.                 Flash::notice(__("Settings updated."), "/admin/?action=user_settings");

  2111.         }

  2112. 

  2113.         /**

  2114.          * Function: content_settings

  2115.          * Content Settings page.

  2116.          */

  2117.         public function content_settings() {

  2118.             if (!Visitor::current()->group->can("change_settings"))

  2119.                 show_403(__("Access Denied"), __("You do not have sufficient privileges to change settings."));

  2120. 

  2121.             if (empty($_POST))

  2122.                 return $this->display("content_settings");

  2123. 

  2124.             if (!isset($_POST['hash']) or $_POST['hash'] != Config::current()->secure_hashkey)

  2125.                 show_403(__("Access Denied"), __("Invalid security key."));

  2126. 

  2127.             $config = Config::current();

  2128.             $set = array($config->set("posts_per_page", $_POST['posts_per_page']),

  2129.                          $config->set("feed_items", $_POST['feed_items']),

  2130.                          $config->set("feed_url", $_POST['feed_url']),

  2131.                          $config->set("uploads_path", $_POST['uploads_path']),

  2132.                          $config->set("enable_trackbacking", !empty($_POST['enable_trackbacking'])),

  2133.                          $config->set("send_pingbacks", !empty($_POST['send_pingbacks'])),

  2134.                          $config->set("enable_xmlrpc", !empty($_POST['enable_xmlrpc'])),

  2135.                          $config->set("enable_ajax", !empty($_POST['enable_ajax'])));

  2136. 

  2137.             if (!in_array(false, $set))

  2138.                 Flash::notice(__("Settings updated."), "/admin/?action=content_settings");

  2139.         }

  2140. 

  2141.         /**

  2142.          * Function: route_settings

  2143.          * Route Settings page.

  2144.          */

  2145.         public function route_settings() {

  2146.             if (!Visitor::current()->group->can("change_settings"))

  2147.                 show_403(__("Access Denied"), __("You do not have sufficient privileges to change settings."));

  2148. 

  2149.             if (empty($_POST))

  2150.                 return $this->display("route_settings");

  2151. 

  2152.             if (!isset($_POST['hash']) or $_POST['hash'] != Config::current()->secure_hashkey)

  2153.                 show_403(__("Access Denied"), __("Invalid security key."));

  2154. 

  2155.             $config = Config::current();

  2156.             $set = array($config->set("clean_urls", !empty($_POST['clean_urls'])),

  2157.                          $config->set("post_url", $_POST['post_url']));

  2158. 

  2159.             if (!in_array(false, $set))

  2160.                 Flash::notice(__("Settings updated."), "/admin/?action=route_settings");

  2161.         }

  2162. 

  2163.         /**

  2164.          * Function: help

  2165.          * Sets the $title and $body for various help IDs.

  2166.          */

  2167.         public function help() {

  2168.             list($title, $body) = Trigger::current()->call("help_".$_GET['id']);

  2169. 

  2170.             switch($_GET['id']) {

  2171.                 case "filtering_results":

  2172.                     $title = __("Filtering Results");

  2173.                     $body = "<p>".__("Use this to search for specific items. You can either enter plain text to match the item with, or use keywords:")."</pre>";

  2174.                     $body.= "<h2>".__("Keywords")."</h2>";

  2175.                     $body.= "<cite><strong>".__("Usage")."</strong>: <code>attr:val</code></cite>\n".__("Use this syntax to quickly match specific results. Keywords will modify the query to match items where <code>attr</code> is equal to <code>val</code> (case insensitive).");

  2176.                     break;

  2177.                 case "slugs":

  2178.                     $title = __("Post Slugs");

  2179.                     $body = __("Post slugs are strings to use for the URL of a post. They are directly respondible for the <code>(url)</code> attribute in a post's clean URL, or the <code>/?action=view&amp;url=<strong>foo</strong></code> in a post's dirty URL. A post slug should not contain any special characters other than hyphens.");

  2180.                     break;

  2181.                 case "trackbacks":

  2182.                     $title = __("Trackbacks");

  2183.                     $body = __("Trackbacks are special urls to posts from other blogs that your post is related to or references. The other blog will be notified of your post, and in some cases a comment will automatically be added to the post in question linking back to your post. It's basically a way to network between blogs via posts.");

  2184.                     break;

  2185.                 case "alternate_urls":

  2186.                     $title = __("Alternate URL");

  2187.                     $body = "<p>".__("An alternate URL will allow you to keep Chyrp in its own directory, while having your site URLs point to someplace else. For example, you could have Chyrp in a <code>/chyrp</code> directory, and have your site at <code>/</code>. There are two requirements for this to work.")."</p>\n\n";

  2188.                     $body.= "<ol>\n\t<li>".__("Create an <code>index.php</code> file in your destination directory with the following in it:")."\n\n";

  2189.                     $body.= "<pre><code>&lt;?php

  2190.     require \"path/to/chyrp/index.php\";

  2191. ?&gt;</code></pre>";

  2192.                     $body.= "</li>\n\t<li>".__("Move the .htaccess file from the original Chyrp directory, and change the <code>RewriteBase</code> line to reflect the new website location.")."</li>\n</ol>";

  2193.             }

  2194. 

  2195.             require "help.php";

  2196.         }

  2197. 

  2198.         /**

  2199.          * Function: subnav_context

  2200.          * Generates the context variables for the subnav.

  2201.          */

  2202.         public function subnav_context($action) {

  2203.             $trigger = Trigger::current();

  2204.             $visitor = Visitor::current();

  2205. 

  2206.             $this->context["subnav"] = array();

  2207.             $subnav =& $this->context["subnav"];

  2208. 

  2209.             $subnav["write"] = array();

  2210.             $pages = array("manage" => array());

  2211. 

  2212.             foreach (Config::current()->enabled_feathers as $index => $feather) {

  2213.                 $info = YAML::load(FEATHERS_DIR."/".$feather."/info.yaml");

  2214.                 $subnav["write"]["write_post&feather=".$feather] = array("title" => __($info["name"], $feather),

  2215.                                                                          "show" => $visitor->group->can("add_draft", "add_post"),

  2216.                                                                          "attributes" => ' id="list_feathers['.$feather.']"',

  2217.                                                                          "selected" => (isset($_GET['feather']) and $_GET['feather'] == $feather) or

  2218.                                                                                        (!isset($_GET['feather']) and $action == "write_post" and !$index));

  2219.             }

  2220. 

  2221.             # Write navs

  2222.             $subnav["write"]["write_page"] = array("title" => __("Page"),

  2223.                                                    "show" => $visitor->group->can("add_page"));

  2224.             $trigger->filter($subnav["write"], array("admin_write_nav", "write_nav"));

  2225.             $pages["write"] = array_merge(array("write_post"), array_keys($subnav["write"]));;

  2226. 

  2227.             # Manage navs

  2228.             $subnav["manage"] = array("manage_posts"  => array("title" => __("Posts"),

  2229.                                                                "show" => (Post::any_editable() or Post::any_deletable()),

  2230.                                                                "selected" => array("edit_post", "delete_post")),

  2231.                                       "manage_pages"  => array("title" => __("Pages"),

  2232.                                                                "show" => ($visitor->group->can("edit_page", "delete_page")),

  2233.                                                                "selected" => array("edit_page", "delete_page")),

  2234.                                       "manage_users"  => array("title" => __("Users"),

  2235.                                                                "show" => ($visitor->group->can("add_user",

  2236.                                                                                                "edit_user",

  2237.                                                                                                "delete_user")),

  2238.                                                                "selected" => array("edit_user", "delete_user", "new_user")),

  2239.                                       "manage_groups" => array("title" => __("Groups"),

  2240.                                                                "show" => ($visitor->group->can("add_group",

  2241.                                                                                                "edit_group",

  2242.                                                                                                "delete_group")),

  2243.                                                                "selected" => array("edit_group", "delete_group", "new_group")));

  2244.             $trigger->filter($subnav["manage"], "manage_nav");

  2245. 

  2246.             $subnav["manage"]["import"] = array("title" => __("Import"),

  2247.                                                 "show" => ($visitor->group->can("add_post")));

  2248.             $subnav["manage"]["export"] = array("title" => __("Export"),

  2249.                                                 "show" => ($visitor->group->can("add_post")));

  2250. 

  2251.             $pages["manage"][] = "new_user";

  2252.             $pages["manage"][] = "new_group";

  2253.             foreach (array_keys($subnav["manage"]) as $manage)

  2254.                 $pages["manage"] = array_merge($pages["manage"], array($manage,

  2255.                                                                        preg_replace("/manage_(.+)/e",

  2256.                                                                                     "'edit_'.depluralize('\\1')",

  2257.                                                                                     $manage),

  2258.                                                                        preg_replace("/manage_(.+)/e",

  2259.                                                                                     "'delete_'.depluralize('\\1')",

  2260.                                                                                     $manage)));

  2261. 

  2262.             # Settings navs

  2263.             $subnav["settings"] = array("general_settings" => array("title" => __("General"),

  2264.                                                                     "show" => $visitor->group->can("change_settings")),

  2265.                                         "content_settings" => array("title" => __("Content"),

  2266.                                                                     "show" => $visitor->group->can("change_settings")),

  2267.                                         "user_settings"    => array("title" => __("Users"),

  2268.                                                                     "show" => $visitor->group->can("change_settings")),

  2269.                                         "route_settings"   => array("title" => __("Routes"),

  2270.                                                                     "show" => $visitor->group->can("change_settings")));

  2271.             $trigger->filter($subnav["settings"], "settings_nav");

  2272.             $pages["settings"] = array_keys($subnav["settings"]);

  2273. 

  2274.             # Extend navs

  2275.             $subnav["extend"] = array("modules"  => array("title" => __("Modules"),

  2276.                                                           "show" => $visitor->group->can("toggle_extensions")),

  2277.                                       "feathers" => array("title" => __("Feathers"),

  2278.                                                           "show" => $visitor->group->can("toggle_extensions")),

  2279.                                       "themes"   => array("title" => __("Themes"),

  2280.                                                           "show" => $visitor->group->can("toggle_extensions")));

  2281.             $trigger->filter($subnav["extend"], "extend_nav");

  2282.             $pages["extend"] = array_keys($subnav["extend"]);

  2283. 

  2284.             foreach (array_keys($subnav) as $main_nav)

  2285.                 foreach ($trigger->filter($pages[$main_nav], $main_nav."_nav_pages") as $extend)

  2286.                     $subnav[$extend] =& $subnav[$main_nav];

  2287. 

  2288.             foreach ($subnav as $main_nav => &$sub_nav)

  2289.                 foreach ($sub_nav as &$nav)

  2290.                     $nav["show"] = (!isset($nav["show"]) or $nav["show"]);

  2291. 

  2292.             $trigger->filter($subnav, "admin_subnav");

  2293.         }

  2294. 

  2295.         /**

  2296.          * Function: display

  2297.          * Renders the page.

  2298.          *

  2299.          * Parameters:

  2300.          *     $action - The template file to display, in (theme dir)/pages.

  2301.          *     $context - Context for the template.

  2302.          *     $title - The title for the page. Defaults to a camlelization of the action, e.g. foo_bar -> Foo Bar.

  2303.          */

  2304.         public function display($action, $context = array(), $title = "") {

  2305.             $this->displayed = true;

  2306. 

  2307.             fallback($title, camelize($action, true));

  2308. 

  2309.             $this->context = array_merge($context, $this->context);

  2310. 

  2311.             $trigger = Trigger::current();

  2312. 

  2313.             $trigger->filter($this->context, array("admin_context", "admin_context_".str_replace("/", "_", $action)));

  2314. 

  2315.             # Are there any extension-added pages?

  2316.             foreach (array("write" => array(),

  2317.                            "manage" => array("import", "export"),

  2318.                            "settings" => array(),

  2319.                            "extend" => array("modules", "feathers", "themes")) as $main_nav => $val) {

  2320.                 $$main_nav = $val;

  2321.                 $trigger->filter($$main_nav, $main_nav."_pages");

  2322.             }

  2323. 

  2324.             $visitor = Visitor::current();

  2325.             $route   = Route::current();

  2326. 

  2327.             $this->context["theme"]      = Theme::current();

  2328.             $this->context["flash"]      = Flash::current();

  2329.             $this->context["trigger"]    = $trigger;

  2330.             $this->context["title"]      = $title;

  2331.             $this->context["site"]       = Config::current();

  2332.             $this->context["visitor"]    = $visitor;

  2333.             $this->context["logged_in"]  = logged_in();

  2334.             $this->context["route"]      = $route;

  2335.             $this->context["hide_admin"] = isset($_SESSION["hide_admin"]);

  2336.             $this->context["now"]        = time();

  2337.             $this->context["version"]    = CHYRP_VERSION;

  2338.             $this->context["debug"]      = DEBUG;

  2339.             $this->context["feathers"]   = Feathers::$instances;

  2340.             $this->context["modules"]    = Modules::$instances;

  2341.             $this->context["admin_theme"] = $this->admin_theme;

  2342.             $this->context["theme_url"]  = Config::current()->chyrp_url."/admin/themes/".$this->admin_theme;

  2343.             $this->context["POST"]       = $_POST;

  2344.             $this->context["GET"]        = $_GET;

  2345. 

  2346.             $this->context["navigation"] = array();

  2347. 

  2348.             $show = array("write" => array($visitor->group->can("add_draft", "add_post", "add_page")),

  2349.                           "manage" => array($visitor->group->can("view_own_draft",

  2350.                                                                    "view_draft",

  2351.                                                                    "edit_own_draft",

  2352.                                                                    "edit_own_post",

  2353.                                                                    "edit_post",

  2354.                                                                    "delete_own_draft",

  2355.                                                                    "delete_own_post",

  2356.                                                                    "delete_post",

  2357.                                                                    "add_page",

  2358.                                                                    "edit_page",

  2359.                                                                    "delete_page",

  2360.                                                                    "add_user",

  2361.                                                                    "edit_user",

  2362.                                                                    "delete_user",

  2363.                                                                    "add_group",

  2364.                                                                    "edit_group",

  2365.                                                                    "delete_group")),

  2366.                           "settings" => array($visitor->group->can("change_settings")),

  2367.                           "extend" => array($visitor->group->can("toggle_extensions")));

  2368. 

  2369.             foreach ($show as $name => &$arr)

  2370.                 $trigger->filter($arr, $name."_nav_show");

  2371. 

  2372.             $this->context["navigation"]["write"] = array("title" => __("Write"),

  2373.                                                           "show" => in_array(true, $show["write"]),

  2374.                                                           "selected" => (in_array($action, $write) or

  2375.                                                                         match("/^write_/", $action)));

  2376. 

  2377.             $this->context["navigation"]["manage"] = array("title" => __("Manage"),

  2378.                                                            "show" => in_array(true, $show["manage"]),

  2379.                                                            "selected" => (in_array($action, $manage) or

  2380.                                                                          match(array("/^manage_/",

  2381.                                                                                      "/^edit_/",

  2382.                                                                                      "/^delete_/",

  2383.                                                                                      "/^new_/"), $action)));

  2384. 

  2385.             $this->context["navigation"]["settings"] = array("title" => __("Settings"),

  2386.                                                              "show" => in_array(true, $show["settings"]),

  2387.                                                              "selected" => (in_array($action, $settings) or

  2388.                                                                            match("/_settings$/", $action)));

  2389. 

  2390.             $this->context["navigation"]["extend"] = array("title" => __("Extend"),

  2391.                                                            "show" => in_array(true, $show["extend"]),

  2392.                                                            "selected" => (in_array($action, $extend)));

  2393. 

  2394.             $this->subnav_context($route->action);

  2395. 

  2396.             $trigger->filter($this->context["selected"], "nav_selected");

  2397. 

  2398.             $this->context["sql_debug"]  = SQL::current()->debug;

  2399. 

  2400.             $file = MAIN_DIR."/admin/themes/%s/pages/".$action.".twig";

  2401.             $template = file_exists(sprintf($file, $this->admin_theme)) ?

  2402.                 sprintf($file, $this->admin_theme) :

  2403.                 sprintf($file, "default");

  2404. 

  2405.             $config = Config::current();

  2406.             if (!file_exists($template)) {

  2407.                 foreach (array(MODULES_DIR => $config->enabled_modules,

  2408.                                FEATHERS_DIR => $config->enabled_feathers) as $path => $try)

  2409.                     foreach ($try as $extension)

  2410.                         if (file_exists($path."/".$extension."/pages/admin/".$action.".twig"))

  2411.                             $template = $path."/".$extension."/pages/admin/".$action.".twig";

  2412. 

  2413.                 if (!file_exists($template))

  2414.                     error(__("Template Missing"), _f("Couldn't load template: <code>%s</code>", array($template)));

  2415.             }

  2416. 

  2417.             # Try the theme first

  2418.             try {

  2419.                 $this->theme->getTemplate($template)->display($this->context);

  2420.             } catch (Exception $t) {

  2421.                 # Fallback to the default

  2422.                 try {

  2423.                     $this->default->getTemplate($template)->display($this->context);

  2424.                 } catch (Exception $e) {

  2425.                     $prettify = preg_replace("/([^:]+): (.+)/", "\\1: <code>\\2</code>", $e->getMessage());

  2426.                     $trace = debug_backtrace();

  2427.                     $twig = array("file" => $e->filename, "line" => $e->lineno);

  2428.                     array_unshift($trace, $twig);

  2429.                     error(__("Error"), $prettify, $trace);

  2430.                 }

  2431.             }

  2432.         }

  2433. 

  2434.         /**

  2435.          * Function: current

  2436.          * Returns a singleton reference to the current class.

  2437.          */

  2438.         public static function & current() {

  2439.             static $instance = null;

  2440.             return $instance = (empty($instance)) ? new self() : $instance ;

  2441.         }

  2442.     }