KXStudio Website https://kx.studio/
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

208 lines
8.5KB

  1. <?php
  2. define('AJAX', true);
  3. require_once "common.php";
  4. # Prepare the controller.
  5. $main = MainController::current();
  6. # Parse the route.
  7. $route = Route::current($main);
  8. if (!$visitor->group->can("view_site"))
  9. if ($trigger->exists("can_not_view_site"))
  10. $trigger->call("can_not_view_site");
  11. else
  12. show_403(__("Access Denied"), __("You are not allowed to view this site."));
  13. switch($_POST['action']) {
  14. case "edit_post":
  15. if (!isset($_POST['id']))
  16. error(__("No ID Specified"), __("Please specify an ID of the post you would like to edit."));
  17. $post = new Post($_POST['id'], array("filter" => false, "drafts" => true));
  18. if ($post->no_results) {
  19. header("HTTP/1.1 404 Not Found");
  20. $trigger->call("not_found");
  21. exit;
  22. }
  23. if (!$post->editable())
  24. show_403(__("Access Denied"), __("You do not have sufficient privileges to edit posts."));
  25. $title = $post->title();
  26. $theme_file = THEME_DIR."/forms/feathers/".$post->feather.".php";
  27. $default_file = FEATHERS_DIR."/".$post->feather."/fields.php";
  28. $options = array();
  29. Trigger::current()->filter($options, array("edit_post_options", "post_options"), $post);
  30. $main->display("forms/post/edit", array("post" => $post,
  31. "feather" => Feathers::$instances[$post->feather],
  32. "options" => $options,
  33. "groups" => Group::find(array("order" => "id ASC"))));
  34. break;
  35. case "delete_post":
  36. $post = new Post($_POST['id'], array("drafts" => true));
  37. if ($post->no_results) {
  38. header("HTTP/1.1 404 Not Found");
  39. $trigger->call("not_found");
  40. exit;
  41. }
  42. if (!$post->deletable())
  43. show_403(__("Access Denied"), __("You do not have sufficient privileges to delete this post."));
  44. Post::delete($_POST['id']);
  45. break;
  46. case "view_post":
  47. fallback($_POST['offset'], 0);
  48. fallback($_POST['context']);
  49. $reason = (isset($_POST['reason'])) ? $_POST['reason'] : "" ;
  50. if (isset($_POST['id']))
  51. $post = new Post($_POST['id'], array("drafts" => true));
  52. if ($post->no_results) {
  53. header("HTTP/1.1 404 Not Found");
  54. $trigger->call("not_found");
  55. exit;
  56. }
  57. $main->display("feathers/".$post->feather, array("post" => $post, "ajax_reason" => $reason));
  58. break;
  59. case "preview":
  60. if (empty($_POST['content']))
  61. break;
  62. $trigger->filter($_POST['content'],
  63. array("preview_".$_POST['feather'], "preview"),
  64. $_POST['field'],
  65. $_POST['feather']);
  66. echo "<h2 class=\"preview-header\">".__("Preview")."</h2>\n".
  67. "<div class=\"preview-content\">".fix($_POST['content'])."</div>";
  68. break;
  69. case "check_confirm":
  70. if (!$visitor->group->can("toggle_extensions"))
  71. show_403(__("Access Denied"), __("You do not have sufficient privileges to enable/disable extensions."));
  72. $dir = ($_POST['type'] == "module") ? MODULES_DIR : FEATHERS_DIR ;
  73. $info = YAML::load($dir."/".$_POST['check']."/info.yaml");
  74. fallback($info["confirm"], "");
  75. if (!empty($info["confirm"]))
  76. echo __($info["confirm"], $_POST['check']);
  77. break;
  78. case "organize_pages":
  79. foreach ($_POST['parent'] as $id => $parent)
  80. $sql->update("pages", array("id" => $id), array("parent_id" => $parent));
  81. foreach ($_POST['page_list'] as $index => $page)
  82. $sql->update("pages", array("id" => $page), array("list_order" => $index));
  83. break;
  84. case "enable_module": case "enable_feather":
  85. $type = ($_POST['action'] == "enable_module") ? "module" : "feather" ;
  86. if (!$visitor->group->can("change_settings"))
  87. if ($type == "module")
  88. exit("{ \"notifications\": [\"".__("You do not have sufficient privileges to enable/disable modules.")."\"] }");
  89. else
  90. exit("{ \"notifications\": [\"".__("You do not have sufficient privileges to enable/disable feathers.")."\"] }");
  91. if (($type == "module" and module_enabled($_POST['extension'])) or
  92. ($type == "feather" and feather_enabled($_POST['extension'])))
  93. exit("{ \"notifications\": [] }");
  94. $enabled_array = ($type == "module") ? "enabled_modules" : "enabled_feathers" ;
  95. $folder = ($type == "module") ? MODULES_DIR : FEATHERS_DIR ;
  96. if (file_exists($folder."/".$_POST["extension"]."/locale/".$config->locale.".mo"))
  97. load_translator($_POST["extension"], $folder."/".$_POST["extension"]."/locale/".$config->locale.".mo");
  98. $info = YAML::load($folder."/".$_POST["extension"]."/info.yaml");
  99. fallback($info["uploader"], false);
  100. fallback($info["notifications"], array());
  101. foreach ($info["notifications"] as &$notification)
  102. $notification = addslashes(__($notification, $_POST["extension"]));
  103. require $folder."/".$_POST["extension"]."/".$_POST["extension"].".php";
  104. if ($info["uploader"])
  105. if (!file_exists(MAIN_DIR.$config->uploads_path))
  106. $info["notifications"][] = _f("Please create the <code>%s</code> directory at your Chyrp install's root and CHMOD it to 777.", array($config->uploads_path));
  107. elseif (!is_writable(MAIN_DIR.$config->uploads_path))
  108. $info["notifications"][] = _f("Please CHMOD <code>%s</code> to 777.", array($config->uploads_path));
  109. $class_name = camelize($_POST["extension"]);
  110. if ($type == "module" and !is_subclass_of($class_name, "Modules"))
  111. error("", __("Item is not a module."));
  112. if ($type == "feather" and !is_subclass_of($class_name, "Feathers"))
  113. error("", __("Item is not a feather."));
  114. if (method_exists($class_name, "__install"))
  115. call_user_func(array($class_name, "__install"));
  116. $new = $config->$enabled_array;
  117. array_push($new, $_POST["extension"]);
  118. $config->set($enabled_array, $new);
  119. exit('{ "notifications": ['.
  120. (!empty($info["notifications"]) ? '"'.implode('", "', $info["notifications"]).'"' : "").
  121. '] }');
  122. break;
  123. case "disable_module": case "disable_feather":
  124. $type = ($_POST['action'] == "disable_module") ? "module" : "feather" ;
  125. if (!$visitor->group->can("change_settings"))
  126. if ($type == "module")
  127. exit("{ \"notifications\": [\"".__("You do not have sufficient privileges to enable/disable modules.")."\"] }");
  128. else
  129. exit("{ \"notifications\": [\"".__("You do not have sufficient privileges to enable/disable feathers.")."\"] }");
  130. if (($type == "module" and !module_enabled($_POST['extension'])) or
  131. ($type == "feather" and !feather_enabled($_POST['extension'])))
  132. exit("{ \"notifications\": [] }");
  133. $class_name = camelize($_POST["extension"]);
  134. if (method_exists($class_name, "__uninstall"))
  135. call_user_func(array($class_name, "__uninstall"), ($_POST['confirm'] == "1"));
  136. $enabled_array = ($type == "module") ? "enabled_modules" : "enabled_feathers" ;
  137. $config->set($enabled_array,
  138. array_diff($config->$enabled_array, array($_POST['extension'])));
  139. exit('{ "notifications": [] }');
  140. break;
  141. case "reorder_feathers":
  142. $reorder = oneof(@$_POST['list'], $config->enabled_feathers);
  143. foreach ($reorder as &$value)
  144. $value = preg_replace("/feathers\[([^\]]+)\]/", "\\1", $value);
  145. $config->set("enabled_feathers", $reorder);
  146. break;
  147. }
  148. $trigger->call("ajax");
  149. if (!empty($_POST['action']))
  150. $trigger->call("ajax_".$_POST['action']);