* @license http://www.contenido.org/license/LIZENZ.txt * @link http://www.4fb.de * @link http://www.contenido.org * @since file available since contenido release <= 4.6 * * {@internal * created 2003-01-26 * modified 2005-06-23, Andreas Lindner * modified 2008-06-27, Frederic Schneider, add security fix * * $Id$: * }} * */ if (!defined('CON_FRAMEWORK')) { die('Illegal call'); } cInclude("includes", "functions.tpl.php"); cInclude("includes", "functions.str.php"); cInclude("includes", "functions.pathresolver.php"); $firstMark = false; $db2 = new DB_ConLite; $idcat = ( isset($_GET['idcat']) && is_numeric($_GET['idcat'])) ? $_GET['idcat'] : -1; $next = ( isset($_GET['next']) && is_numeric($_GET['next']) && $_GET['next'] > 0) ? $_GET['next'] : 0; $dateformat = getEffectiveSetting("backend", "timeformat_date", "Y-m-d"); $debug = false; $templateDescription = ''; if (!isset($syncfrom)) { $syncfrom = -1; } $syncoptions = $syncfrom; if ($action == "con_duplicate") { $newidartlang = conCopyArticle($duplicate, $idcat); } if ($action == "con_syncarticle") { /* Verify that the category is available in this language */ $sql = "SELECT idcatlang FROM " . $cfg["tab"]["cat_lang"] . " WHERE idcat='" . Contenido_Security::toInteger($idcat) . "' AND idlang='" . Contenido_Security::toInteger($lang) . "'"; $db->query($sql); if ($db->next_record()) { conSyncArticle($syncarticle, $sourcelanguage, $lang); } else { strSyncCategory($idcat, $sourcelanguage, $lang); conSyncArticle($syncarticle, $sourcelanguage, $lang); } } /* Which columns to display? */ $listColumns = array("start" => i18n("Article"), "title" => i18n("Title"), "changeddate" => i18n("Changed"), "publisheddate" => i18n("Published"), "sortorder" => i18n("Sort order"), "template" => i18n("Template"), "actions" => i18n("Actions")); /* Which actions to display? */ $actionList = array("online", "duplicate", "locked", "todo", "delete", "usetime"); /* Call chains to process the columns and the action list */ $_cecIterator = $_cecRegistry->getIterator("Contenido.ArticleList.Columns"); if ($_cecIterator->count() > 0) { while ($chainEntry = $_cecIterator->next()) { $newColumnList = $chainEntry->execute($listColumns); if (is_array($newColumnList)) { $listColumns = $newColumnList; } } } $_cecIterator = $_cecRegistry->getIterator("Contenido.ArticleList.Actions"); if ($_cecIterator->count() > 0) { while ($chainEntry = $_cecIterator->next()) { $newActionList = $chainEntry->execute($actionList); if (is_array($newActionList)) { $actionList = $newActionList; } } } $cat_idtpl = 0; if (is_numeric($idcat) && ($idcat >= 0)) { // Saving sort and elements per page user settings (if specified) // Should be changed to User->setProperty... someday if (isset($sort)) { $currentuser->setUserProperty("system", "sortorder-idlang-$lang-idcat-$idcat", $sort); } if (isset($elemperpage) && is_numeric($elemperpage)) { $currentuser->setUserProperty("system", "elemperpage-idlang-$lang-idcat-$idcat", $elemperpage); } else { $elemperpage = $currentuser->getUserProperty("system", "elemperpage-idlang-$lang-idcat-$idcat"); if (!is_numeric($elemperpage)) { $elemperpage = 25; } } $col = new InUseCollection(); if ((( $idcat == 0 || $perm->have_perm_area_action("con")) && $perm->have_perm_item("str", $idcat)) || $perm->have_perm_area_action("con", "con_makestart") || $perm->have_perm_area_action("con", "con_makeonline") || $perm->have_perm_area_action("con", "con_deleteart") || $perm->have_perm_area_action("con", "con_tplcfg_edit") || $perm->have_perm_area_action("con", "con_lock") || $perm->have_perm_area_action("con", "con_makecatonline") || $perm->have_perm_area_action("con", "con_changetemplate") || $perm->have_perm_area_action("con_editcontent", "con_editart") || $perm->have_perm_area_action("con_editart", "con_edit") || $perm->have_perm_area_action("con_editart", "con_newart") || $perm->have_perm_area_action("con_editart", "con_saveart") || $perm->have_perm_area_action("con_tplcfg", "con_tplcfg_edit") || $perm->have_perm_area_action_item("con", "con_makestart", $idcat) || $perm->have_perm_area_action_item("con", "con_makeonline", $idcat) || $perm->have_perm_area_action_item("con", "con_deleteart", $idcat) || $perm->have_perm_area_action_item("con", "con_tplcfg_edit", $idcat) || $perm->have_perm_area_action_item("con", "con_lock", $idcat) || $perm->have_perm_area_action_item("con", "con_makecatonline", $idcat) || $perm->have_perm_area_action_item("con", "con_changetemplate", $idcat) || $perm->have_perm_area_action_item("con_editcontent", "con_editart", $idcat) || $perm->have_perm_area_action_item("con_editart", "con_edit", $idcat) || $perm->have_perm_area_action_item("con_editart", "con_newart", $idcat) || $perm->have_perm_area_action_item("con_tplcfg", "con_tplcfg_edit", $idcat) || $perm->have_perm_area_action_item("con_editart", "con_saveart", $idcat)) { $sort = $currentuser->getUserProperty("system", "sortorder-idlang-$lang-idcat-$idcat"); $sql = "SELECT a.idart AS idart, a.idlang AS idlang, a.idartlang AS idartlang, a.title AS title, c.idcat AS idcat, {ISSTART} c.idcatart AS idcatart, a.idtplcfg AS idtplcfg, a.published AS published, a.online AS online, a.created AS created, a.lastmodified AS lastmodified, a.timemgmt AS timemgmt, a.datestart AS datestart, a.dateend AS dateend, a.artsort AS artsort, a.redirect AS redirect, a.locked AS locked FROM " . $cfg["tab"]["art_lang"] . " AS a, " . $cfg["tab"]["art"] . " AS b, " . $cfg["tab"]["cat_art"] . " AS c WHERE (a.idlang = '" . $lang . "' {SYNCOPTIONS}) AND a.idart = b.idart AND b.idclient = '" . $client . "' AND b.idart = c.idart AND c.idcat = '" . $idcat . "'"; // Simple SQL statement to get the number of articles $sql_count = "SELECT COUNT(*) AS article_count FROM " . $cfg["tab"]["art_lang"] . " AS a, " . $cfg["tab"]["art"] . " AS b, " . $cfg["tab"]["cat_art"] . " AS c WHERE (a.idlang = '" . Contenido_Security::toInteger($lang) . "' {SYNCOPTIONS}) AND a.idart = b.idart AND b.idclient = '" . Contenido_Security::toInteger($client) . "' AND b.idart = c.idart AND c.idcat = '" . Contenido_Security::toInteger($idcat) . "'"; if ($cfg["is_start_compatible"] == true) { $sql = str_replace("{ISSTART}", "c.is_start AS is_start,", $sql); } else { $sql = str_replace("{ISSTART}", "", $sql); } if ($syncoptions == -1) { $sql = str_replace("{SYNCOPTIONS}", "", $sql); $sql_count = str_replace("{SYNCOPTIONS}", "", $sql_count); } else { $sql = str_replace("{SYNCOPTIONS}", "OR a.idlang = '" . $syncoptions . "'", $sql); $sql_count = str_replace("{SYNCOPTIONS}", "OR a.idlang = '" . $syncoptions . "'", $sql_count); } # Article sort switch ($sort) { case 2: $sql .= " ORDER BY a.lastmodified DESC"; break; case 3: $sql .= " ORDER BY a.published DESC, a.lastmodified DESC"; break; case 4: $sql .= " ORDER BY a.artsort ASC"; break; default: // Default sort order $sql .= " ORDER BY a.title ASC"; $sort = 1; } # Getting article count, if necessary if ($elemperpage > 0) { $db->query($sql_count); $db->next_record(); $iArticleCount = $db->f("article_count"); # If not beyond scope, limit if ($iArticleCount == 0) { $next = 0; } else if ($next >= $iArticleCount) { $next = (ceil($iArticleCount / $elemperpage) - 1) * $elemperpage; } $sql .= " LIMIT $next, $elemperpage"; } else { $iArticleCount = 0; // Will be used to "hide" the browsing area } # Debug info if ($debug) { echo "
"; echo $sql; echo ""; } # Getting data $db->query($sql); # Reset Template $tpl->reset(); # No article $no_article = true; $aArticles = Array(); while ($db->next_record()) { $sItem = "k" . $db->f("idart"); if ($db->f("idlang") == $lang || !array_key_exists($sItem, $aArticles)) { $aArticles[$sItem]["idart"] = $db->f("idart"); $aArticles[$sItem]["idlang"] = $db->f("idlang"); $aArticles[$sItem]["idartlang"] = $db->f("idartlang"); $aArticles[$sItem]["title"] = $db->f("title"); if ($cfg["is_start_compatible"] == true) { $aArticles[$sItem]["is_start"] = $db->f("is_start"); } else { $aArticles[$sItem]["is_start"] = isStartArticle($db->f("idartlang"), $idcat, $lang); } $aArticles[$sItem]["idcatart"] = $db->f("idcatart"); $aArticles[$sItem]["idtplcfg"] = $db->f("idtplcfg"); $aArticles[$sItem]["published"] = $db->f("published"); $aArticles[$sItem]["online"] = $db->f("online"); $aArticles[$sItem]["created"] = $db->f("created"); $aArticles[$sItem]["idcat"] = $db->f("idcat"); $aArticles[$sItem]["lastmodified"] = $db->f("lastmodified"); $aArticles[$sItem]["timemgmt"] = $db->f("timemgmt"); $aArticles[$sItem]["datestart"] = $db->f("datestart"); $aArticles[$sItem]["dateend"] = $db->f("dateend"); $aArticles[$sItem]["artsort"] = $db->f("artsort"); $aArticles[$sItem]["locked"] = $db->f("locked"); $aArticles[$sItem]["redirect"] = $db->f("redirect"); } } $artlist = array(); $dyn_cnt = 0; foreach ($aArticles as $sart) { $dyn_cnt++; $idart = $sart["idart"]; $idlang = $sart["idlang"]; $idtplcfg = $sart["idtplcfg"]; $idartlang = $sart["idartlang"]; $lidcat = $sart["idcat"]; $idcatlang = 0; $idart = $sart["idart"]; $published = $sart["published"]; $online = $sart["online"]; $is_start = $sart["is_start"]; $idcatart = $sart["idcatart"]; $created = $sart["created"]; $modified = $sart["lastmodified"]; $title = clHtmlSpecialChars($sart["title"]); $timemgmt = $sart["timemgmt"]; $datestart = $sart["datestart"]; $dateend = $sart["dateend"]; $sortkey = $sart["artsort"]; $locked = $sart["locked"]; $redirect = $sart["redirect"]; $published = ($published != '1000-01-01 00:00:00') ? date($dateformat, strtotime($published)) : i18n("not yet published"); $created = date($dateformat, strtotime($created)); $modified = date($dateformat, strtotime($modified)); $alttitle = "idart" . ': ' . $idart . ' ' . "idcatart" . ': ' . $idcatart . ' ' . "idartlang" . ': ' . $idartlang; if (($obj = $col->checkMark("article", $idartlang)) === false) { $inUse = false; } else { $vuser = new User; $vuser->loadUserByUserID($obj->get("userid")); $inUseUser = $vuser->getField("username"); $inUseUserRealName = $vuser->getField("realname"); $inUse = true; $title = $title . " (" . i18n("Article is in use") . ")"; $alttitle = sprintf(i18n("Article in use by %s (%s)"), $inUseUser, $inUseUserRealName) . " " . $alttitle; } $bgcolor = $cfg["color"]["table_light"]; if ($idlang != $lang) { $bgcolor = ( is_int($dyn_cnt / 2) ) ? $cfg["color"]["table_light_sync"] : $cfg["color"]["table_dark_sync"]; } /* Id of the row, stores informations about the article and category */ $tmp_rowid = $idart . "-" . $idartlang . "-" . $lidcat . "-" . $idcatlang . "-" . $idcatart . "-" . $idlang; $tpl->set('d', 'ROWID', $tmp_rowid); $colitem[$tmp_rowid] = $bgcolor; # Backgroundcolor of the table row $tpl->set('d', 'BGCOLOR', $bgcolor); # Article Title if ($perm->have_perm_area_action("con_editcontent", "con_editart") || $perm->have_perm_area_action_item("con_editcontent", "con_editart", $idcat)) { if ($idlang != $lang) { $tmp_alink = $sess->url("main.php?area=con_editcontent&action=con_editart&changeview=prev&idartlang=$idartlang&idart=$idart&idcat=$idcat&frame=$frame&tmpchangelang=$idlang"); $titlelink = '' . $title . ''; } else { $tmp_alink = $sess->url("main.php?area=con_editcontent&action=con_editart&changeview=edit&idartlang=$idartlang&idart=$idart&idcat=$idcat&frame=$frame"); $titlelink = '' . $title . ''; } } else { $tmp_alink = ""; $titlelink = $title; } if ($timemgmt == "1") { $sql = "SELECT NOW() AS TIME"; $db3 = new DB_ConLite; $db3->query($sql); $db3->next_record(); $starttimestamp = strtotime($datestart); $endtimestamp = strtotime($dateend); $nowtimestamp = strtotime($db3->f("TIME")); if (($nowtimestamp < $endtimestamp) && ($nowtimestamp > $starttimestamp)) { $usetime = ''; } else { $usetime = ''; } } else { $usetime = ""; } # Article Title if (($perm->have_perm_area_action("con", "con_lock") || $perm->have_perm_area_action_item("con", "con_lock", $idcat)) && $inUse == false) { if ($locked == 1) { $lockimg = 'images/article_locked.gif'; $lockalt = i18n("Unfreeze article"); } else { $lockimg = 'images/article_unlocked.gif'; $lockalt = i18n("Freeze article"); } $tmp_lock = ''; } else { if ($locked == 1) { $lockimg = 'images/article_locked.gif'; $lockalt = i18n("Article is frozen"); } else { $lockimg = 'images/article_unlocked.gif'; $lockalt = i18n("Article is not frozen"); } $tmp_lock = ''; } if ($idlang != $lang) { $lockedlink = ""; } else { $lockedlink = $tmp_lock; } if ($sortkey == "") { $sortkey = " "; } $tmp_articletitle = $titlelink; # Article conf button if ($perm->have_perm_area_action("con_editart", "con_edit") || $perm->have_perm_area_action_item("con_editart", "con_edit", $idcat)) { $tmp_artconf = ''; } else { $tmp_artconf = ""; } $tmp_sync = ''; if ($idlang != $lang) { $sql = "SELECT idcatlang FROM " . $cfg["tab"]["cat_lang"] . " WHERE idcat='" . Contenido_Security::toInteger($idcat) . "' AND idlang='" . Contenido_Security::toInteger($lang) . "'"; $db->query($sql); if ($db->next_record()) { $tmp_sync = ''; } else { $tmp_sync = ""; } } # Article Template if (!is_object($db2)) { $db2 = new DB_ConLite; } $sql2 = "SELECT b.name AS tplname, b.idtpl AS idtpl, b.description AS description FROM " . $cfg["tab"]["tpl_conf"] . " AS a, " . $cfg["tab"]["tpl"] . " AS b WHERE a.idtplcfg = '" . Contenido_Security::toInteger($idtplcfg) . "' AND a.idtpl = b.idtpl"; $db2->query($sql2); $db2->next_record(); $a_tplname = $db2->f("tplname"); $a_idtpl = $db2->f("idtpl"); $templateDescription = $db2->f("description"); # Uses Category Template if (0 == $idtplcfg) { $a_tplname = "--- " . i18n("None") . " ---"; } # Make Startarticle button $imgsrc = "isstart"; if ($is_start == false) { $imgsrc .= '0'; } else { $imgsrc .= '1'; } if (isArtInMultipleUse($idart)) { $imgsrc .= 'm'; } if ((int) $redirect == 1) { $imgsrc .= 'r'; } $imgsrc .= '.gif'; $tmp_img = ''; if (($perm->have_perm_area_action("con", "con_makestart") || $perm->have_perm_area_action_item("con", "con_makestart", $idcat)) && $idcat != 0) { if ($is_start == false) { $tmp_link = ''; } else { $tmp_link = ''; } } else { if ($is_start == true) { $sTitle = i18n("Start article"); } else { $sTitle = i18n("Normal article"); } $tmp_img = ''; $tmp_link = $tmp_img; } $tmp_start = $tmp_link; # Make copy button if (($perm->have_perm_area_action("con", "con_duplicate") || $perm->have_perm_area_action_item("con", "con_duplicate", $idcat)) && $idcat != 0) { $imgsrc = "but_copy.gif"; $tmp_link = ''; } else { $tmp_link = ""; } if ($idlang != $lang) { $duplicatelink = ""; } else { $duplicatelink = $tmp_link; } $subject = urlencode(sprintf(i18n("Reminder for Article '%s'"), $title)); $mycatname = ""; conCreateLocationString($idcat, " / ", $mycatname); $message = urlencode(sprintf(i18n("Reminder for Article '%s'\nCategory: %s"), $title, $mycatname)); $todolink = new TODOLink("idart", $idart, $subject, $message); # Make On-/Offline button if ($online) { if (($perm->have_perm_area_action("con", "con_makeonline") || $perm->have_perm_area_action_item("con", "con_makeonline", $idcat)) && ($idcat != 0)) { $tmp_online = ''; } else { $tmp_online = ''; } } else { if (($perm->have_perm_area_action("con", "con_makeonline") || $perm->have_perm_area_action_item("con", "con_makeonline", $idcat)) && ($idcat != 0)) { $tmp_online = ''; } else { $tmp_online = ''; } } if ($idlang != $lang) { $onlinelink = ""; } else { $onlinelink = $tmp_online; } # Delete button if (($perm->have_perm_area_action("con", "con_deleteart") || $perm->have_perm_area_action_item("con", "con_deleteart", $idcat)) && $inUse == false) { $tmp_title = $title; if (strlen($tmp_title) > 30) { $tmp_title = substr($tmp_title, 0, 27) . "..."; } $confirmString = sprintf(i18n("Are you sure to delete the following article: