PageRenderTime 64ms CodeModel.GetById 22ms RepoModel.GetById 1ms app.codeStats 0ms

/system/expressionengine/controllers/cp/content_edit.php

https://bitbucket.org/tdevonshire/hoolux
PHP | 1910 lines | 1222 code | 396 blank | 292 comment | 197 complexity | 3535e089718c77de5ee97b573671773d MD5 | raw file

Large files files are truncated, but you can click here to view the full file

    

  1. <?php  if ( ! defined('BASEPATH')) exit('No direct script access allowed');
    2. 

  2. /**
    3. 

  3.  * ExpressionEngine - by EllisLab
    4. 

  4.  *
    5. 

  5.  * @package		ExpressionEngine
    6. 

  6.  * @author		EllisLab Dev Team
    7. 

  7.  * @copyright	Copyright (c) 2003 - 2012, EllisLab, Inc.
    8. 

  8.  * @license		http://ellislab.com/expressionengine/user-guide/license.html
    9. 

  9.  * @link		http://ellislab.com
    10. 

  10.  * @since		Version 2.0
    11. 

  11.  * @filesource
    12. 

  12.  */
    13. 

  13.  
    14. 

  14. // ------------------------------------------------------------------------
    15. 

  15. 

  16. /**
    17. 

  17.  * ExpressionEngine CP Home Page Class
    18. 

  18.  *
    19. 

  19.  * @package		ExpressionEngine
    20. 

  20.  * @subpackage	Control Panel
    21. 

  21.  * @category	Control Panel
    22. 

  22.  * @author		EllisLab Dev Team
    23. 

  23.  * @link		http://ellislab.com
    24. 

  24.  */
    25. 

  25. class Content_edit extends CI_Controller {
    26. 

  26. 

  27. 	private $publish_base_uri;
    28. 

  28. 	private $publish_base_url;
    29. 

  29. 	private $edit_base_uri;
    30. 

  30. 	private $edit_base_url;
    31. 

  31. 	private $nest_categories	= 'y';
    32. 

  32. 	private $installed_modules	= FALSE;
    33. 

  33. 	private $allowed_channels	= array();
    34. 

  34. 	
    35. 

  35. 	/**
    36. 

  36. 	 * Constructor
    37. 

  37. 	 */
    38. 

  38. 	public function __construct()
    39. 

  39. 	{
    40. 

  40. 		parent::__construct();
    41. 

  41. 		
    42. 

  42. 		$this->installed_modules = $this->cp->get_installed_modules();
    43. 

  43. 		$this->allowed_channels = $this->functions->fetch_assigned_channels();
    44. 

  44. 		
    45. 

  45. 		$this->publish_base_uri = 'C=content_publish';
    46. 

  46. 		$this->publish_base_url = BASE.AMP.$this->publish_base_uri;
    47. 

  47. 		$this->edit_base_uri	= 'C=content_edit';
    48. 

  48. 		$this->edit_base_url	= BASE.AMP.$this->edit_base_uri;
    49. 

  49. 		
    50. 

  50. 		$this->load->library('api');
    51. 

  51. 		$this->load->model('channel_model');
    52. 

  52. 	}
    53. 

  53. 	
    54. 

  54. 	// --------------------------------------------------------------------
    55. 

  55. 

  56. 	/**
    57. 

  57. 	 * Index function
    58. 

  58. 	 *
    59. 

  59. 	 * @return	void
    60. 

  60. 	 */	
    61. 

  61. 	public function index()
    62. 

  62. 	{
    63. 

  63. 		if ( ! $this->cp->allowed_group('can_access_content'))
    64. 

  64. 		{
    65. 

  65. 			show_error(lang('unauthorized_access'));
    66. 

  66. 		}
    67. 

  67. 		
    68. 

  68. 		// Fetch channel ID numbers assigned to the current user
    69. 

  69. 		if (empty($this->allowed_channels))
    70. 

  70. 		{
    71. 

  71. 			show_error(lang('no_channels'));
    72. 

  72. 		}
    73. 

  73. 		
    74. 

  74. 		
    75. 

  75. 		// Fetch channels
    76. 

  76. 		// ----------------------------------------------------------------
    77. 

  77. 		
    78. 

  78. 		$this->api->instantiate('channel_structure');
    79. 

  79. 		$channel_q = $this->api_channel_structure->get_channels();
    80. 

  80. 

  81. 		$channels = array();
    82. 

  82. 		
    83. 

  83. 		foreach($channel_q->result() as $c_row)
    84. 

  84. 		{
    85. 

  85. 			$channels[$c_row->channel_id] = $c_row;
    86. 

  86. 		}
    87. 

  87. 

  88. 		// Set up Per page data
    89. 

  89. 		// ----------------------------------------------------------------
    90. 

  90. 				
    91. 

  91. 		// Results per page pull-down menu
    92. 

  92. 		if ( ! ($perpage = $this->input->get_post('perpage')))
    93. 

  93. 		{
    94. 

  94. 			$perpage = ($this->input->cookie('perpage') == FALSE) ? 50 : $this->input->cookie('perpage');
    95. 

  95. 		}
    96. 

  96. 		
    97. 

  97. 		$this->functions->set_cookie('perpage' , $perpage, 60*60*24*182);		
    98. 

  98. 

  99. 

  100. 		// Table
    101. 

  101. 		// ----------------------------------------------------------------
    102. 

  102. 		
    103. 

  103. 		$this->load->library('table');
    104. 

  104. 

  105. 		$columns = array(
    106. 

  106. 			'entry_id'		=> array('header' => '#', 'html' => FALSE),
    107. 

  107. 			'title'			=> array('header' => lang('title')),
    108. 

  108. 			'view'			=> array('header' => lang('view'), 'sort' => FALSE),
    109. 

  109. 			'comment_total'	=> array('header' => lang('comments')),
    110. 

  110. 			'screen_name'	=> array('header' => lang('author')),
    111. 

  111. 			'entry_date'	=> array('header' => lang('date')),
    112. 

  112. 			'channel_name'	=> array('header' => lang('channel')),
    113. 

  113. 			'status'		=> array('header' => lang('status')),
    114. 

  114. 			'_check'		=> array(
    115. 

  115. 				'header' => form_checkbox('select_all', 'true', FALSE, 'class="toggle_all"'),
    116. 

  116. 				'sort' => FALSE
    117. 

  117. 			)
    118. 

  118. 		);
    119. 

  119. 		
    120. 

  120. 		if ( ! isset($this->installed_modules['comment']))
    121. 

  121. 		{
    122. 

  122. 			unset($columns['comment_total']);
    123. 

  123. 		}
    124. 

  124. 		
    125. 

  125. 		
    126. 

  126. 		$this->table->set_base_url($this->edit_base_uri);
    127. 

  127. 		$this->table->set_columns($columns);
    128. 

  128. 		
    129. 

  129. 		$initial_state = array(
    130. 

  130. 			'sort'	=> array('entry_date' => 'desc')
    131. 

  131. 		);
    132. 

  132. 		
    133. 

  133. 		$params = array(
    134. 

  134. 			'perpage'	=> $perpage,
    135. 

  135. 			'channels'	=> $channels,
    136. 

  136. 		);
    137. 

  137. 				
    138. 

  138. 		$vars = $this->table->datasource('_table_datasource', $initial_state, $params);
    139. 

  139. 		
    140. 

  140. 		$filter_data = $vars['filter_data'];
    141. 

  141. 		unset($vars['filter_data']);
    142. 

  142. 		
    143. 

  143. 		// Setup the form!
    144. 

  144. 		// ----------------------------------------------------------------
    145. 

  145. 		
    146. 

  146. 		$form_fields = $this->_edit_form($filter_data, $channels);
    147. 

  147. 		$vars = array_merge($vars, $form_fields);
    148. 

  148. 		
    149. 

  149. 		
    150. 

  150. 		// Action Options!
    151. 

  151. 		// ----------------------------------------------------------------
    152. 

  152. 		
    153. 

  153. 		$vars['action_options'] = array();
    154. 

  154. 

  155. 		if ( ! $this->input->post('toggle'))
    156. 

  156. 		{
    157. 

  157. 			$vars['action_options'] = array(
    158. 

  158. 				'edit'				=> lang('edit_selected'),
    159. 

  159. 				'delete'			=> lang('delete_selected'),
    160. 

  160. 				'------'			=> '------',
    161. 

  161. 				'add_categories'	=> lang('add_categories'),
    162. 

  162. 				'remove_categories'	=> lang('remove_categories')
    163. 

  163. 			);
    164. 

  164. 		}
    165. 

  165. 		
    166. 

  166. 		
    167. 

  167. 		// Assemble!
    168. 

  168. 		// ----------------------------------------------------------------
    169. 

  169. 		
    170. 

  170. 		// Do we have a message to show?
    171. 

  171. 		// Note: a message is displayed on this page after editing or submitting a new entry
    172. 

  172. 

  173. 		if ($this->input->get_post("U") == 'mu')
    174. 

  174. 		{
    175. 

  175. 			$vars['message'] = lang('multi_entries_updated');
    176. 

  176. 		}
    177. 

  177. 		
    178. 

  178. 		// Declare the "filtering" form
    179. 

  179. 

  180. 		$vars['heading'] = 'edit_channel_entries';		
    181. 

  181. 		
    182. 

  182. 		$vars['form_hidden']	= array();
    183. 

  183. 		$vars['search_form']	= 'C=content_edit';
    184. 

  184. 		$vars['entries_form']	= 'C=content_edit'.AMP.'M=multi_edit_form';
    185. 

  185. 		
    186. 

  186. 		$this->cp->set_variable('cp_page_title', lang('edit'));
    187. 

  187. 		
    188. 

  188. 		$this->cp->add_js_script(array(
    189. 

  189. 			'ui'		=> 'datepicker',
    190. 

  190. 			'file'		=> 'cp/content_edit'
    191. 

  191. 		));
    192. 

  192. 

  193. 		$this->javascript->set_global('autosave_map', $vars['autosave_array']);
    194. 

  194. 		$this->javascript->compile();
    195. 

  195. 		$this->load->view('content/edit', $vars);
    196. 

  196. 	}
    197. 

  197. 	
    198. 

  198. 	
    199. 

  199. 	// --------------------------------------------------------------------
    200. 

  200. 

  201. 	/**
    202. 

  202. 	 * Edit table datasource
    203. 

  203. 	 *
    204. 

  204. 	 * Must remain public so that it can be called from the
    205. 

  205. 	 * table library!
    206. 

  206. 	 *
    207. 

  207. 	 * @access	public
    208. 

  208. 	 */
    209. 

  209. 	public function _table_datasource($tbl_settings, $defaults)
    210. 

  210. 	{
    211. 

  211. 		// Get filter information
    212. 

  212. 		// ----------------------------------------------------------------
    213. 

  213. 		
    214. 

  214. 		$keywords = (string) $this->input->post('keywords');
    215. 

  215. 		$channel_id = (string) $this->input->get_post('channel_id');
    216. 

  216. 		
    217. 

  217. 		if ($channel_id == 'null')
    218. 

  218. 		{
    219. 

  219. 			$channel_id = NULL;
    220. 

  220. 		}
    221. 

  221. 		
    222. 

  222. 		if ( ! $keywords)
    223. 

  223. 		{
    224. 

  224. 			$keywords = (string) $this->input->get('keywords');
    225. 

  225. 			
    226. 

  226. 			if ($keywords)
    227. 

  227. 			{
    228. 

  228. 				$keywords = base64_decode($keywords);
    229. 

  229. 			}
    230. 

  230. 		}
    231. 

  231. 		
    232. 

  232. 		if ($keywords)
    233. 

  233. 		{
    234. 

  234. 			$this->load->helper('search');
    235. 

  235. 			$keywords = sanitize_search_terms($keywords);
    236. 

  236. 			
    237. 

  237. 			if (substr(strtolower($keywords), 0, 3) == 'ip:')
    238. 

  238. 			{
    239. 

  239. 				$keywords = str_replace('_','.',$keywords);
    240. 

  240. 			}
    241. 

  241. 		}
    242. 

  242. 		
    243. 

  243. 		
    244. 

  244. 		// Because of the auto convert we prepare a specific variable with the converted ascii
    245. 

  245. 		// characters while leaving the $keywords variable intact for display and URL purposes
    246. 

  246. 		$this->load->helper('text');
    247. 

  247. 		$search_keywords = ($this->config->item('auto_convert_high_ascii') == 'y') ? ascii_to_entities($keywords) : $keywords;				
    248. 

  248. 		
    249. 

  249. 		$perpage = $this->input->get_post('perpage');
    250. 

  250. 		$perpage = $perpage ? $perpage : $defaults['perpage'];
    251. 

  251. 		
    252. 

  252. 		$rownum = $tbl_settings['offset'];
    253. 

  253. 		
    254. 

  254. 		// We want the filter to work based on both get and post
    255. 

  255. 		$filter_data = array(
    256. 

  256. 			'channel_id'	=> $channel_id,
    257. 

  257. 			'keywords'		=> $keywords,
    258. 

  258. 			'cat_id'		=> $this->input->get_post('cat_id'),
    259. 

  259. 			'status'		=> $this->input->get_post('status'),
    260. 

  260. 			'order'			=> $this->input->get_post('order'),
    261. 

  261. 			'date_range'	=> $this->input->get_post('date_range'),
    262. 

  262. 			
    263. 

  263. 			'author_id'		=> $this->input->get_post('author_id'),
    264. 

  264. 			'exact_match'	=> $this->input->get_post('exact_match'),
    265. 

  265. 			'cat_id'		=> ($this->input->get_post('cat_id') != 'all') ? $this->input->get_post('cat_id') : '',
    266. 

  266. 			'search_in'		=> $this->input->get_post('search_in') ? $this->input->get_post('search_in') : 'title',
    267. 

  267. 						
    268. 

  268. 			'rownum'		=> $rownum,
    269. 

  269. 			'perpage'		=> $perpage,
    270. 

  270. 			
    271. 

  271. 			'search_keywords'	=> $search_keywords
    272. 

  272. 		);
    273. 

  273. 		
    274. 

  274. 		$channels = $defaults['channels'];
    275. 

  275. 		
    276. 

  276. 		$order = $tbl_settings['sort'];
    277. 

  277. 		$columns = $tbl_settings['columns'];
    278. 

  278. 		
    279. 

  279. 		// -------------------------------------------
    280. 

  280. 		// 'edit_entries_additional_where' hook.
    281. 

  281. 		//  - Add additional where, where_in, where_not_in
    282. 

  282. 		//
    283. 

  283. 			$_hook_wheres = $this->extensions->call('edit_entries_additional_where', $filter_data);
    284. 

  284. 			if ($this->extensions->end_script === TRUE) return;
    285. 

  285. 		//
    286. 

  286. 		// -------------------------------------------
    287. 

  287. 		
    288. 

  288. 		$filter_data['_hook_wheres'] = is_array($_hook_wheres) ? $_hook_wheres : array();
    289. 

  289. 		
    290. 

  290. 		
    291. 

  291. 		$this->load->model('search_model');
    292. 

  292. 		$filter_result = $this->search_model->get_filtered_entries($filter_data, $order);
    293. 

  293. 		
    294. 

  294. 		$rows = $filter_result['results'];
    295. 

  295. 		$total = $filter_result['total_count'];
    296. 

  296. 		
    297. 

  297. 		unset($filter_result);		
    298. 

  298. 				
    299. 

  299. 		$filter_url = $this->_create_return_filter($filter_data);
    300. 

  300. 		
    301. 

  301. 		// Gather up ids for a single quick query down the line
    302. 

  302. 		$entry_ids = array();
    303. 

  303. 		foreach ($rows as $row)
    304. 

  304. 		{
    305. 

  305. 			$entry_ids[] = $row['entry_id'];
    306. 

  306. 		}
    307. 

  307. 		
    308. 

  308. 				
    309. 

  309. 		// Load the site's templates
    310. 

  310. 		// ----------------------------------------------------------------
    311. 

  311. 

  312. 		$templates = array();
    313. 

  313. 

  314. 		$tquery = $this->db->query("SELECT exp_template_groups.group_name, exp_templates.template_name, exp_templates.template_id
    315. 

  315. 							FROM exp_template_groups, exp_templates
    316. 

  316. 							WHERE exp_template_groups.group_id = exp_templates.group_id
    317. 

  317. 							AND exp_templates.site_id = '".$this->db->escape_str($this->config->item('site_id'))."'");
    318. 

    319. 

  319. 		foreach ($tquery->result_array() as $row)
    320. 

  320. 		{
    321. 

  321. 			$templates[$row['template_id']] = $row['group_name'].'/'.$row['template_name'];
    322. 

  322. 		}
    323. 

  323. 		
    324. 

  324. 		
    325. 

  325. 		// Comment count
    326. 

  326. 		// ----------------------------------------------------------------
    327. 

  327. 		
    328. 

  328. 		$show_link = TRUE;
    329. 

  329. 		$comment_counts = array();
    330. 

  330. 		
    331. 

  331. 		if (count($entry_ids) AND $this->db->table_exists('comments'))
    332. 

  332. 		{
    333. 

  333. 			$comment_qry = $this->db->select('entry_id, COUNT(*) as count')
    334. 

  334. 				->where_in('entry_id', $entry_ids)
    335. 

  335. 				->group_by('entry_id')
    336. 

  336. 				->get('comments');
    337. 

  337. 			
    338. 

  338. 			foreach ($comment_qry->result() as $row)
    339. 

  339. 			{
    340. 

  340. 				$comment_counts[$row->entry_id] = $row->count;
    341. 

  341. 			}
    342. 

  342. 		}		
    343. 

  343. 

  344. 		
    345. 

  345. 		
    346. 

  346. 		// Date formatting
    347. 

  347. 		$date_fmt = ($this->session->userdata('time_format') != '') ? $this->session->userdata('time_format') : $this->config->item('time_format');
    348. 

  348. 		
    349. 

  349. 		$datestr = '%m/%d/%y %h:%i %a';
    350. 

  350. 		
    351. 

  351. 		if ($date_fmt != 'us')
    352. 

  352. 		{
    353. 

  353. 			$datestr = '%Y-%m-%d %H:%i';
    354. 

  354. 		}
    355. 

  355. 		
    356. 

  356. 		// Autosave - Grab all autosaved entries
    357. 

  357. 		// ----------------------------------------------------------------
    358. 

  358. 		
    359. 

  359. 		$this->prune_autosave();
    360. 

  360. 		$this->db->select('entry_id, original_entry_id, channel_id, title, author_id, status, entry_date, dst_enabled, comment_total');
    361. 

  361. 		$autosave = $this->db->get('channel_entries_autosave');
    362. 

  362. 		
    363. 

  363. 		$autosave_array = array();
    364. 

  364. 		$autosave_show = FALSE;
    365. 

  365. 		
    366. 

  366. 		if ($autosave->num_rows())
    367. 

  367. 		{
    368. 

  368. 			$this->load->helper('snippets');
    369. 

  369. 			$autosave_show = TRUE;
    370. 

  370. 		}
    371. 

  371. 		
    372. 

  372. 		foreach ($autosave->result() as $entry)
    373. 

  373. 		{
    374. 

  374. 			if ($entry->original_entry_id)
    375. 

  375. 			{
    376. 

  376. 				$autosave_array[] = $entry->original_entry_id;
    377. 

  377. 			}
    378. 

  378. 		}
    379. 

  379. 		
    380. 

  380. 		
    381. 

  381. 		// Status Highlight Colors
    382. 

  382. 		// ----------------------------------------------------------------
    383. 

  383. 

  384. 		$status_color_q = $this->db->from('channels AS c, statuses AS s, status_groups AS sg')
    385. 

  385. 			->select('c.channel_id, c.channel_name, s.status, s.highlight')
    386. 

  386. 			->where('sg.group_id = c.status_group', NULL, FALSE)
    387. 

  387. 			->where('sg.group_id = s.group_id', NULL, FALSE)
    388. 

  388. 			->where('sg.site_id', $this->config->item('site_id'))
    389. 

  389. 			->where('s.highlight !=', '')
    390. 

  390. 			->where_in('c.channel_id', array_keys($channels))
    391. 

  391. 			->get();
    392. 

  392. 		
    393. 

  393. 		$c_array = array();
    394. 

  394. 

  395. 		foreach ($status_color_q->result_array() as $rez)
    396. 

  396. 		{			
    397. 

  397. 			$c_array[$rez['channel_id'].'_'.$rez['status']] = str_replace('#', '', $rez['highlight']);
    398. 

  398. 		}
    399. 

  399. 		
    400. 

  400. 		$colors = array();
    401. 

  401. 

  402. 		//  Fetch Color Library
    403. 

  403. 		if (file_exists(APPPATH.'config/colors.php'))
    404. 

  404. 		{
    405. 

  405. 			include (APPPATH.'config/colors.php');
    406. 

  406. 		}		
    407. 

  407. 		
    408. 

  408. 		// Generate row data
    409. 

  409. 		// ----------------------------------------------------------------
    410. 

  410. 		
    411. 

  411. 		foreach ($rows as &$row)
    412. 

  412. 		{
    413. 

  413. 			$url = $this->publish_base_uri.AMP."M=entry_form".AMP."channel_id={$row['channel_id']}".AMP."entry_id={$row['entry_id']}".AMP.$filter_url;
    414. 

  414. 			
    415. 

  415. 			$row['title'] = anchor(BASE.AMP.$url, $row['title']);
    416. 

  416. 			$row['view'] = '---';
    417. 

  417. 			$row['channel_name'] = $channels[$row['channel_id']]->channel_title;
    418. 

  418. 			$row['entry_date'] = $this->localize->decode_date($datestr, $row['entry_date'], TRUE);
    419. 

  419. 			$row['_check'] = form_checkbox('toggle[]', $row['entry_id'], '', ' class="toggle" id="delete_box_'.$row['entry_id'].'"');
    420. 

  420. 

  421. 			// autosave indicator
    422. 

  422. 			if (in_array($row['entry_id'], $autosave_array))
    423. 

  423. 			{
    424. 

  424. 				$row['title'] .= NBS.required();
    425. 

  425. 			}
    426. 

  426. 			
    427. 

  427. 			// screen name email link
    428. 

  428. 			if ( ! $row['screen_name'])
    429. 

  429. 			{
    430. 

  430. 				$row['screen_name'] = $row['username'];
    431. 

  431. 			}
    432. 

  432. 

  433. 			$row['screen_name'] = mailto($row['email'], $row['screen_name']);
    434. 

  434. 			
    435. 

  435. 			
    436. 

  436. 			// live look template
    437. 

  437. 			$llt = $row['live_look_template'];
    438. 

  438. 			if ($llt && isset($templates[$llt]))
    439. 

  439. 			{
    440. 

  440. 				$url = $this->functions->create_url($templates[$row['live_look_template']].'/'.$row['entry_id']);
    441. 

  441. 				$row['view'] = anchor($this->cp->masked_url($url), lang('view'));
    442. 

  442. 			}
    443. 

  443. 			
    444. 

  444. 			
    445. 

  445. 			// Status
    446. 

  446. 			$color_info = '';
    447. 

  447. 			$color_key = $row['channel_id'].'_'.$row['status'];
    448. 

  448. 			$status_name = ($row['status'] == 'open' OR $row['status'] == 'closed') ? lang($row['status']) : $row['status'];
    449. 

  449. 

  450. 			if (isset($c_array[$color_key]) AND $c_array[$color_key] != '')
    451. 

  451. 			{			
    452. 

  452. 				$color = strtolower($c_array[$color_key]);
    453. 

  453. 				$prefix = isset($colors[$color]) ? '' : '#';
    454. 

  454. 

  455. 				// There are custom colours, override the class above
    456. 

  456. 				$color_info = 'style="color:'.$prefix.$color.';"';
    457. 

  457. 			}
    458. 

  458. 

  459. 			$row['status'] = '<span class="status_'.$row['status'].'"'.$color_info.'>'.$status_name.'</span>';
    460. 

  460. 			
    461. 

  461. 			
    462. 

  462. 			// comment_total link
    463. 

  463. 			if (isset($this->installed_modules['comment']))
    464. 

  464. 			{
    465. 

  465. 				$all_or_own = 'all';
    466. 

  466. 				
    467. 

  467. 				if ($row['author_id'] == $this->session->userdata('member_id'))
    468. 

  468. 				{
    469. 

  469. 					$all_or_own = 'own';
    470. 

  470. 				}
    471. 

  471. 				
    472. 

  472. 				// do not move these to the new allowed_group style - they are ANDs not ORs
    473. 

  473. 				if ( ! $this->cp->allowed_group('can_edit_'.$all_or_own.'_comments') AND 
    474. 

  474. 					 ! $this->cp->allowed_group('can_delete_'.$all_or_own.'_comments') AND 
    475. 

  475. 					 ! $this->cp->allowed_group('can_moderate_comments'))
    476. 

  476. 				{
    477. 

  477. 					$row['comment_total'] = '<div class="lightLinks">--</div>';
    478. 

  478. 				}
    479. 

  479. 				else
    480. 

  480. 				{
    481. 

  481. 					$comment_count = isset($comment_counts[$row['entry_id']]) ? $comment_counts[$row['entry_id']] : 0;
    482. 

  482. 					$view_url = BASE.AMP.'C=addons_modules'.AMP.'M=show_module_cp'.AMP.'module=comment'.AMP.'method=index'.AMP.'entry_id='.$row['entry_id'];
    483. 

  483. 					
    484. 

  484. 					$row['comment_total'] = '<div class="lightLinks">('.$comment_count.')'.NBS.anchor($view_url, lang('view')).'</div>';
    485. 

  485. 				}
    486. 

  486. 			}
    487. 

  487. 			
    488. 

  488. 			$row = array_intersect_key($row, $columns);
    489. 

  489. 		}
    490. 

  490. 		
    491. 

  491. 		// comes out with an added:
    492. 

  492. 		// table_html
    493. 

  493. 		// pagination_html
    494. 

  494. 		
    495. 

  495. 		return array(
    496. 

  496. 			'rows'				=> $rows,
    497. 

  497. 			'no_results'		=> lang('no_entries_matching_that_criteria'),
    498. 

  498. 			'pagination'		=> array(
    499. 

  499. 				'per_page' => $filter_data['perpage'],
    500. 

  500. 				'total_rows' => $total
    501. 

  501. 			),
    502. 

  502. 			
    503. 

  503. 			// used by index on non-ajax requests
    504. 

  504. 			'filter_data'		=> $filter_data,
    505. 

  505. 			'autosave_show'		=> $autosave_show,
    506. 

  506. 			'autosave_array'	=> $autosave_array
    507. 

  507. 		);
    508. 

  508. 	}
    509. 

  509. 

  510. 	// --------------------------------------------------------------------
    511. 

  511. 	
    512. 

  512. 	/**
    513. 

  513. 	 * Create Return Filter
    514. 

  514. 	 *
    515. 

  515. 	 * Creates a properly format variable to pass in the url indicating the filter state
    516. 

  516. 	 *
    517. 

  517. 	 * @access	protected
    518. 

  518. 	 * @param	array
    519. 

  519. 	 * @return	string
    520. 

  520. 	 */
    521. 

  521. 	protected function _create_return_filter($filter_data)
    522. 

  522. 	{
    523. 

  523. 		$filter = '';
    524. 

  524. 		$filters = array();
    525. 

  525. 		$filter_keys = array('channel_id', 'cat_id', 'status', 'date_range', 'keywords', 'exact_match', 'search_in');
    526. 

  526. 		
    527. 

  527. 		foreach($filter_keys as $k)
    528. 

  528. 		{
    529. 

  529. 			if ( isset($filter_data[$k]) && $filter_data[$k] != '')
    530. 

  530. 			{
    531. 

  531. 				$filters[$k] = $filter_data[$k];
    532. 

  532. 			}
    533. 

  533. 		}
    534. 

  534. 			
    535. 

  535. 		if ( ! isset($filters['keywords']))
    536. 

  536. 		{
    537. 

  537. 			unset($filters['exact_match']);
    538. 

  538. 			unset($filters['search_in']);				
    539. 

  539. 		}
    540. 

  540. 

  541. 		if ( ! empty($filters))
    542. 

  542. 		{
    543. 

  543. 			$filter = AMP.'filter='.base64_encode(serialize($filters));
    544. 

  544. 		}
    545. 

  545. 		
    546. 

  546. 		return $filter;
    547. 

  547. 	}
    548. 

  548. 

  549. 	// --------------------------------------------------------------------
    550. 

  550. 	
    551. 

  551. 	/**
    552. 

  552. 	 * Multi edit form
    553. 

  553. 	 */
    554. 

  554. 	public function multi_edit_form()
    555. 

  555. 	{
    556. 

  556. 		if ( ! $this->cp->allowed_group('can_access_content'))
    557. 

  557. 		{
    558. 

  558. 			show_error(lang('unauthorized_access'));
    559. 

  559. 		}
    560. 

  560. 

  561. 		if ( ! in_array($this->input->post('action'), array('edit', 'delete', 'add_categories', 'remove_categories')))
    562. 

  562. 		{
    563. 

  563. 			show_error(lang('unauthorized_access'));
    564. 

  564. 		}
    565. 

  565. 		
    566. 

  566. 		$this->load->library('table');
    567. 

  567. 

  568. 		if ( ! $this->input->post('toggle'))
    569. 

  569. 		{
    570. 

  570. 			return $this->index();
    571. 

  571. 		}
    572. 

  572. 

  573. 		if ($this->input->post('action') == 'delete')
    574. 

  574. 		{
    575. 

  575. 			return $this->delete_entries_confirm();
    576. 

  576. 		}
    577. 

  577. 		
    578. 

  578. 		$this->cp->add_js_script('ui', 'datepicker');
    579. 

  579. 

  580. 		// -----------------------------
    581. 

  581. 		// Fetch the entry IDs 
    582. 

  582. 		// -----------------------------
    583. 

  583. 		$entry_ids = $this->input->post('toggle');
    584. 

  584. 

  585. 		// Are there still any entry IDs at this point?
    586. 

  586. 		// If not, we'll show an unauthorized message.
    587. 

  587. 

  588. 		if (count($entry_ids) == 0)
    589. 

  589. 		{
    590. 

  590. 			show_error(lang('unauthorized_to_edit'));
    591. 

  591. 		}
    592. 

  592. 

  593. 		// -----------------------------
    594. 

  594. 		// Build and run the query
    595. 

  595. 		// -----------------------------
    596. 

  596. 

  597. 		$this->db->select('entry_id, exp_channel_titles.channel_id, author_id, title, url_title, entry_date, dst_enabled, status, allow_comments, sticky, comment_system_enabled');
    598. 

  598. 		$this->db->from('exp_channel_titles');
    599. 

  599. 		$this->db->join('exp_channels', 'exp_channels.channel_id = exp_channel_titles.channel_id');
    600. 

  600. 		$this->db->where_in('exp_channel_titles.entry_id', $entry_ids);
    601. 

  601. 		$this->db->order_by("entry_date", "desc"); 
    602. 

  602. 

  603. 		$query = $this->db->get();
    604. 

  604. 

  605. 		// -----------------------------
    606. 

  606. 		// Security check...
    607. 

  607. 		//
    608. 

  608. 		// Before we show anything we have to make sure that the user is allowed to 
    609. 

  609. 		// access the channel the entry is in, and if the user is trying
    610. 

  610. 		// to edit an entry authored by someone else they are allowed to
    611. 

  611. 		// -----------------------------
    612. 

  612. 		$disallowed_ids = array();
    613. 

  613. 

  614. 		foreach ($query->result_array() as $row)
    615. 

  615. 		{
    616. 

  616. 			if ( ! in_array($row['channel_id'], $this->allowed_channels))
    617. 

  617. 			{
    618. 

  618. 				$disallowed_ids = $row['entry_id'];
    619. 

  619. 			}
    620. 

  620. 

  621. 			if ($row['author_id'] != $this->session->userdata('member_id'))
    622. 

  622. 			{
    623. 

  623. 				if ( ! $this->cp->allowed_group('can_edit_other_entries'))
    624. 

  624. 				{ 
    625. 

  625. 					$disallowed_ids = $row['entry_id'];
    626. 

  626. 				}
    627. 

  627. 			}
    628. 

  628. 

  629. 			if (count($disallowed_ids) > 0)
    630. 

  630. 			{
    631. 

  631. 				$disallowed_ids = array_unique($disallowed_ids);
    632. 

  632. 			}
    633. 

  633. 		}
    634. 

  634. 

  635. 		// Are there disallowed posts?  If so, we have to remove them....
    636. 

  636. 		if (count($disallowed_ids) > 0)
    637. 

  637. 		{
    638. 

  638. 			$new_ids = array_diff($entry_ids, $disallowed_ids);
    639. 

  639. 

  640. 			// After removing the disallowed entry IDs are there any left?
    641. 

  641. 			if (count($new_ids) == 0)
    642. 

  642. 			{
    643. 

  643. 				show_error(lang('unauthorized_to_edit'));
    644. 

  644. 			}
    645. 

  645. 

  646. 			unset($query);
    647. 

  647. 

  648. 			// Run the query one more time with the proper IDs.
    649. 

  649. 			$this->db->select('entry_id, exp_channel_titles.channel_id, author_id, title, url_title, entry_date, dst_enabled, status, allow_comments, sticky, comment_system_enabled');
    650. 

  650. 			$this->db->from('exp_channel_titles');
    651. 

  651. 			$this->db->join('exp_channels', 'exp_channels.channel_id = exp_channel_titles.channel_id');
    652. 

  652. 			$this->db->where_in('exp_channel_titles.entry_id', $new_ids);
    653. 

  653. 			$this->db->order_by("entry_date", "desc"); 
    654. 

  654. 

  655. 			$query = $this->db->get();			
    656. 

  656. 		}
    657. 

  657. 

  658. 		// -----------------------------
    659. 

  659. 		// Adding/Removing of Categories Breaks Off to Their Own Function
    660. 

  660. 		// -----------------------------
    661. 

  661. 

  662. 		if ($this->input->post('action') == 'add_categories')
    663. 

  663. 		{
    664. 

  664. 			return $this->multi_categories_edit('add', $query);
    665. 

  665. 		}
    666. 

  666. 		elseif ($this->input->post('action') == 'remove_categories')
    667. 

  667. 		{
    668. 

  668. 			return $this->multi_categories_edit('remove', $query);
    669. 

  669. 		}
    670. 

  670. 

  671. 		// Fetch the channel preferences
    672. 

  672. 		// We need these in order to fetch the status groups and options.
    673. 

  673. 

  674. 		$channel_ids = array();
    675. 

  675. 		foreach ($query->result_array() as $row)
    676. 

  676. 		{
    677. 

  677. 			$channel_ids[] = $row['channel_id'];
    678. 

  678. 		}
    679. 

  679. 		
    680. 

  680. 		$this->db->select('channel_id, status_group, deft_status');
    681. 

  681. 		$this->db->where_in('channel_id', $channel_ids);
    682. 

  682. 

  683. 		$channel_query = $this->db->get('channels');
    684. 

  684. 

  685. 		// Fetch disallowed statuses
    686. 

  686. 		$no_status_access = array();
    687. 

  687. 

  688. 		if ($this->session->userdata['group_id'] != 1)
    689. 

  689. 		{
    690. 

  690. 			$this->db->select('status_id');
    691. 

  691. 			$this->db->from('exp_status_no_access');
    692. 

  692. 			$this->db->where('member_group', $this->session->userdata('group_id'));			
    693. 

  693. 

  694. 			$result = $this->db->get();
    695. 

  695. 			
    696. 

  696. 			foreach ($result->result_array() as $row)
    697. 

  697. 			{
    698. 

  698. 				$no_status_access[] = $row['status_id'];
    699. 

  699. 			}
    700. 

  700. 		}
    701. 

  701. 

  702. 		$vars['form_hidden'] = array();
    703. 

  703. 

  704. 		if (isset($_POST['pageurl']))
    705. 

  705. 		{
    706. 

  706. 			$vars['form_hidden']['redirect'] = $this->security->xss_clean($_POST['pageurl']);
    707. 

  707. 		}
    708. 

  708. 

  709. 		// used in date field
    710. 

  710. 		$this->javascript->output('
    711. 

  711. 			date_obj = new Date();
    712. 

  712. 			date_obj_hours = date_obj.getHours();
    713. 

  713. 			date_obj_mins = date_obj.getMinutes();
    714. 

  714. 

  715. 			if (date_obj_mins < 10) { date_obj_mins = "0" + date_obj_mins; }
    716. 

  716. 

  717. 			if (date_obj_hours > 11) {
    718. 

  718. 				date_obj_hours = date_obj_hours - 12;
    719. 

  719. 				date_obj_am_pm = " PM";
    720. 

  720. 			} else {
    721. 

  721. 				date_obj_am_pm = " AM";
    722. 

  722. 			}
    723. 

  723. 

  724. 			date_obj_time = " \'"+date_obj_hours+":"+date_obj_mins+date_obj_am_pm+"\'";
    725. 

  725. 		');
    726. 

    727. 

  727. 		$vars['entries'] = $query;
    728. 

  728. 

  729. 		foreach ($query->result_array() as $row)
    730. 

  730. 		{
    731. 

  731. 			$entry_id = $row['entry_id'];
    732. 

  732. 			$vars['form_hidden']["entry_id[$entry_id]"] = $entry_id;
    733. 

  733. 			$vars['form_hidden']["channel_id[$entry_id]"] = $row['channel_id'];
    734. 

  734. 			
    735. 

  735. 			// Status pull-down menu
    736. 

  736. 			$vars['entries_status'][$entry_id] = array();
    737. 

  737. 			$vars['entries_selected'][$entry_id] = $row['status'];
    738. 

  738. 

  739. 			foreach ($channel_query->result_array() as $channel_row)
    740. 

  740. 			{
    741. 

  741. 				if ($channel_row['channel_id'] != $row['channel_id'])
    742. 

  742. 				{
    743. 

  743. 					continue;
    744. 

  744. 				}
    745. 

  745. 

  746. 				$this->db->where('group_id', $channel_row['status_group']);
    747. 

  747. 				$this->db->order_by('status_order');
    748. 

  748. 				$status_query = $this->db->get('statuses');
    749. 

  749. 

  750. 				if ($status_query->num_rows() == 0)
    751. 

  751. 				{
    752. 

  752. 					// if there is no status group assigned, only Super Admins can create 'open' entries
    753. 

  753. 					if ($this->session->userdata['group_id'] == 1)
    754. 

  754. 					{
    755. 

  755. 						$vars['entries_status'][$entry_id]['open'] = lang('open');
    756. 

  756. 					}
    757. 

  757. 					
    758. 

  758. 					$vars['entries_status'][$entry_id]['closed'] = lang('closed');
    759. 

  759. 				}
    760. 

  760. 				else
    761. 

  761. 				{
    762. 

  762. 					$no_status_flag = TRUE;
    763. 

  763. 

  764. 					foreach ($status_query->result_array() as $status_row)
    765. 

  765. 					{
    766. 

  766. 						if (in_array($status_row['status_id'], $no_status_access))
    767. 

  767. 						{
    768. 

  768. 							continue;
    769. 

  769. 						}
    770. 

  770. 

  771. 						$no_status_flag = FALSE;
    772. 

  772. 						$status_name = ($status_row['status'] == 'open' OR $status_row['status'] == 'closed') ? lang($status_row['status']) : form_prep($status_row['status']);
    773. 

  773. 						$vars['entries_status'][$entry_id][form_prep($status_row['status'])] = $status_name;
    774. 

  774. 					}
    775. 

  775. 

  776. 					// Were there no statuses? If the current user is not allowed 
    777. 

  777. 					// to submit any statuses we'll set the default to closed
    778. 

  778. 					if ($no_status_flag == TRUE)
    779. 

  779. 					{
    780. 

  780. 						$vars['entries_status'][$entry_id]['closed'] = lang('closed');
    781. 

  781. 					}
    782. 

  782. 				}
    783. 

  783. 			}
    784. 

  784. 

  785. 			// Set up date js
    786. 

  786. 			$this->javascript->output('
    787. 

  787. 				$(".entry_date_'.$entry_id.'").datepicker({constrainInput: false, dateFormat: $.datepicker.W3C + date_obj_time, defaultDate: new Date('.($this->localize->set_localized_time($row['entry_date']) * 1000).')});
    788. 

  788. 			');
    789. 

    790. 

  790. 			// Sticky
    791. 

  791. 			$vars['options'][$entry_id]['sticky'] = array();
    792. 

  792. 

  793. 			$vars['options'][$entry_id]['sticky']['name'] = 'sticky['.$row['entry_id'].']';
    794. 

  794. 			$vars['options'][$entry_id]['sticky']['value'] = 'y';
    795. 

  795. 			$vars['options'][$entry_id]['sticky']['checked'] = ($row['sticky'] == 'y') ? TRUE : FALSE;
    796. 

  796. 			$vars['options'][$entry_id]['sticky']['style'] = 'width: auto!important;';
    797. 

  797. 

  798. 			// Allow Comments
    799. 

  799. 			$vars['options'][$entry_id]['allow_comments'] = array();
    800. 

  800. 

  801. 			if ( ! isset($this->installed_modules['comment']) OR $row['comment_system_enabled'] == 'n')
    802. 

  802. 			{
    803. 

  803. 				$vars['form_hidden']["allow_comments[$entry_id]"] = $row['allow_comments'];
    804. 

  804. 			}
    805. 

  805. 			else
    806. 

  806. 			{
    807. 

  807. 				$vars['options'][$entry_id]['allow_comments']['name'] = 'allow_comments['.$row['entry_id'].']';
    808. 

  808. 				$vars['options'][$entry_id]['allow_comments']['value'] = 'y';
    809. 

  809. 				$vars['options'][$entry_id]['allow_comments']['checked'] = ($row['allow_comments'] == 'y') ? TRUE : FALSE;
    810. 

  810. 				
    811. 

  811. 				$vars['options'][$entry_id]['allow_comments']['style'] = 'width: auto!important;';
    812. 

  812. 			}
    813. 

  813. 		}
    814. 

  814. 

  815. 		$this->javascript->compile();
    816. 

  816. 

  817. 		$this->cp->set_variable('cp_page_title', lang('multi_entry_editor'));
    818. 

  818. 		// A bit of a breadcrumb override is needed
    819. 

  819. 		$this->cp->set_variable('cp_breadcrumbs', array(
    820. 

  820. 			BASE.AMP.'C=content' => lang('content'),
    821. 

  821. 			BASE.AMP.'C=content_edit'=> lang('edit')
    822. 

  822. 		));
    823. 

  823. 

  824. 		$this->load->view('content/multi_edit', $vars);
    825. 

  825. 	}
    826. 

  826. 	
    827. 

  827. 	// --------------------------------------------------------------------
    828. 

  828. 

  829. 	/**
    830. 

  830. 	 * List Autosaved Entries
    831. 

  831. 	 *
    832. 

  832. 	 * @access public
    833. 

  833. 	 */
    834. 

  834. 	public function autosaved()
    835. 

  835. 	{
    836. 

  836. 		$this->prune_autosave();
    837. 

  837. 		
    838. 

  838. 		$this->load->library('table');
    839. 

  839. 		
    840. 

  840. 		$data['entries'] = array();
    841. 

  841. 		$data['cp_page_title'] = lang('autosaved_entries');
    842. 

  842. 		$data['table_headings'] = array(
    843. 

  843. 			lang('autosaved'),
    844. 

  844. 			lang('original'),
    845. 

  845. 			lang('channel'),
    846. 

  846. 			lang('discard_autosave')
    847. 

  847. 		);
    848. 

  848. 		
    849. 

  849. 		$autosave_q = $this->db->select('cea.channel_id, cea.entry_id, cea.original_entry_id, cea.title, c.channel_title')
    850. 

  850. 			->from('channel_entries_autosave as cea')
    851. 

  851. 			->order_by('cea.original_entry_id', 'ASC')
    852. 

  852. 			->where_in('cea.channel_id', $this->allowed_channels)
    853. 

  853. 			->join('channels c', 'cea.channel_id = c.channel_id')
    854. 

  854. 			->get();
    855. 

  855. 

  856. 		foreach($autosave_q->result() as $row)
    857. 

  857. 		{
    858. 

  858. 			$channel = $row->channel_id;
    859. 

  859. 			$save_id = $row->entry_id;
    860. 

  860. 			$orig_id = $row->original_entry_id;
    861. 

  861. 			
    862. 

  862. 			$data['entries'][] = array(
    863. 

  863. 				anchor(
    864. 

  864. 					BASE.AMP.'C=content_publish'.AMP.'M=entry_form'.AMP.'channel_id='.$channel.AMP.'entry_id='.$save_id.AMP.'use_autosave=y',
    865. 

  865. 					$row->title
    866. 

  866. 				),
    867. 

  867. 				$orig_id ? anchor(BASE.AMP.'C=content_publish'.AMP.'M=entry_form'.AMP.'channel_id='.$channel.AMP.'entry_id='.$orig_id, $row->title) : '--',
    868. 

  868. 				$row->channel_title,
    869. 

  869. 				anchor(BASE.AMP.'C=content_edit'.AMP.'M=autosaved_discard'.AMP.'id='.$save_id, lang('delete'))
    870. 

  870. 			);
    871. 

  871. 		}
    872. 

  872. 		
    873. 

  873. 		$this->cp->set_breadcrumb($this->edit_base_url, lang('edit'));
    874. 

  874. 		$this->load->view('content/autosave', $data);
    875. 

  875. 	}
    876. 

  876. 	
    877. 

  877. 	// --------------------------------------------------------------------
    878. 

  878. 

  879. 	/**
    880. 

  880. 	 * Delete Autosave Data
    881. 

  881. 	 *
    882. 

  882. 	 * @access public
    883. 

  883. 	 */
    884. 

  884. 	function autosaved_discard()
    885. 

  885. 	{
    886. 

  886. 		$id = $this->input->get_post('id');
    887. 

  887. 		$qry = $this->db->select('author_id, channel_id')
    888. 

  888. 			->order_by('original_entry_id', 'ASC')
    889. 

  889. 			->get_where('channel_entries_autosave', array('entry_id' => $id));
    890. 

  890. 		
    891. 

  891. 		
    892. 

  892. 		if ($qry->num_rows() != 1)
    893. 

  893. 		{
    894. 

  894. 			show_error(lang('unauthorized_access'));
    895. 

  895. 		}
    896. 

  896. 		
    897. 

  897. 		$row = $qry->row();
    898. 

  898. 		$can_delete = TRUE;
    899. 

  899. 		
    900. 

  900. 		// Check permissions
    901. 

  901. 		
    902. 

  902. 		if ($this->session->userdata('group_id') != 1)
    903. 

  903. 		{
    904. 

  904. 			if ( ! in_array($row['channel_id'], $this->allowed_channels))
    905. 

  905. 			{
    906. 

  906. 				$can_delete = FALSE;
    907. 

  907. 			}
    908. 

  908. 		}
    909. 

  909. 		
    910. 

  910. 		if ($row->author_id == $this->session->userdata('member_id'))
    911. 

  911. 		{
    912. 

  912. 			if ($this->session->userdata('can_delete_self_entries') != 'y')
    913. 

  913. 			{
    914. 

  914. 				$can_delete = FALSE;
    915. 

  915. 			}
    916. 

  916. 		}
    917. 

  917. 		else
    918. 

  918. 		{
    919. 

  919. 			if ($this->session->userdata('can_delete_all_entries') != 'y')
    920. 

  920. 			{
    921. 

  921. 				$can_delete = FALSE;
    922. 

  922. 			}
    923. 

  923. 		}
    924. 

  924. 		
    925. 

  925. 		if ( ! $can_delete)
    926. 

  926. 		{
    927. 

  927. 			show_error(lang('unauthorized_access'));
    928. 

  928. 		}
    929. 

  929. 		
    930. 

  930. 		$this->db->where('entry_id', $id)->delete('channel_entries_autosave');
    931. 

  931. 		$this->functions->redirect($this->edit_base_url.AMP.'M=autosaved');
    932. 

  932. 	}
    933. 

  933. 	
    934. 

  934. 	// --------------------------------------------------------------------
    935. 

  935. 

  936. 	/**
    937. 

  937. 	 * Prune Autosaved Data
    938. 

  938. 	 *
    939. 

  939. 	 * @access public
    940. 

  940. 	 */
    941. 

  941. 	function prune_autosave()
    942. 

  942. 	{
    943. 

  943. 		// default to pruning every 6 hours
    944. 

  944. 		$autosave_prune = ($this->config->item('autosave_prune_hours') === FALSE) ? 
    945. 

  945. 										6 : $this->config->item('autosave_prune_hours');
    946. 

  946. 		
    947. 

  947. 		
    948. 

  948. 		// Convert to seconds
    949. 

  949. 		$autosave_prune = $autosave_prune * 60 * 60;
    950. 

  950. 		
    951. 

  951. 		$cutoff_date = time();
    952. 

  952. 		$cutoff_date -= $autosave_prune;
    953. 

  953. 		$cutoff_date = date("YmdHis", $cutoff_date);
    954. 

  954. 		
    955. 

  955. 		$this->db->where('edit_date <', $cutoff_date)->delete('channel_entries_autosave');
    956. 

  956. 	}
    957. 

  957. 

  958. 	// --------------------------------------------------------------------
    959. 

  959. 

  960. 	/**
    961. 

  961. 	 * Update multi entries
    962. 

  962. 	 */
    963. 

  963. 	public function update_multi_entries()
    964. 

  964. 	{
    965. 

  965. 		if ( ! $this->cp->allowed_group('can_access_content'))
    966. 

  966. 		{
    967. 

  967. 			show_error(lang('unauthorized_access'));
    968. 

  968. 		}
    969. 

  969. 	
    970. 

  970. 		if ( ! is_array($_POST['entry_id']))
    971. 

  971. 		{
    972. 

  972. 			show_error(lang('unauthorized_access'));
    973. 

  973. 		}
    974. 

  974. 

  975. 		/* -------------------------------------------
    976. 

  976. 		/* 'update_multi_entries_start' hook.
    977. 

  977. 		/*  - Perform additional actions before entries are updated
    978. 

  978. 		*/
    979. 

  979. 			$edata = $this->extensions->call('update_multi_entries_start');
    980. 

  980. 			if ($this->extensions->end_script === TRUE) return;
    981. 

  981. 		/*
    982. 

  982. 		/* -------------------------------------------*/
    983. 

  983. 		
    984. 

  984. 		$channel_ids = array();
    985. 

  985. 

  986. 		// Outside the for loop so seconds are consistent
    987. 

  987. 		$edit_date = gmdate("YmdHis");
    988. 

  988. 

  989. 		foreach ($_POST['entry_id'] as $id)
    990. 

  990. 		{
    991. 

  991. 			$channel_id = $_POST['channel_id'][$id];
    992. 

  992. 			
    993. 

  993. 			// Remember channels we've touched so we can update stats at the end
    994. 

  994. 			$channel_ids[] = intval($channel_id);
    995. 

  995. 			
    996. 

  996. 			$data = array(
    997. 

  997. 				'title'				=> strip_tags($_POST['title'][$id]),
    998. 

  998. 				'url_title'			=> $_POST['url_title'][$id],
    999. 

  999. 				'entry_date'		=> $_POST['entry_date'][$id],
    1000. 

  1000. 				'edit_date'			=> $edit_date,
    1001. 

  1001. 				'status'			=> $_POST['status'][$id],
    1002. 

  1002. 				'sticky'			=> (isset($_POST['sticky'][$id]) AND $_POST['sticky'][$id] == 'y') ? 'y' : 'n',
    1003. 

  1003. 				'allow_comments'	=> (isset($_POST['allow_comments'][$id]) AND $_POST['allow_comments'][$id] == 'y') ? 'y' : 'n'
    1004. 

  1004. 			);
    1005. 

  1005. 

  1006. 			$error = array();
    1007. 

  1007. 

  1008. 			// No entry title? Assign error.
    1009. 

  1009. 			if ($data['title'] == "")
    1010. 

  1010. 			{
    1011. 

  1011. 				$error[] = lang('missing_title');
    1012. 

  1012. 			}
    1013. 

  1013. 

  1014. 			// Is the title unique?
    1015. 

  1015. 			if ($data['title'] != '')
    1016. 

  1016. 			{
    1017. 

  1017. 				// Do we have a URL title?
    1018. 

  1018. 				// If not, create one from the title
    1019. 

  1019. 

  1020. 				$word_separator = $this->config->item('word_separator');
    1021. 

  1021. 

  1022. 				if ($data['url_title'] == '')
    1023. 

  1023. 				{
    1024. 

  1024. 					$data['url_title'] = url_title($data['title'], $word_separator, TRUE);
    1025. 

  1025. 				}
    1026. 

  1026. 				else
    1027. 

  1027. 				{
    1028. 

  1028. 					$data['url_title'] = url_title($data['url_title'], $word_separator);					
    1029. 

  1029. 				}
    1030. 

  1030. 

  1031. 				// Is the url_title a pure number?	If so we show an error.
    1032. 

  1032. 				if (is_numeric($data['url_title']))
    1033. 

  1033. 				{
    1034. 

  1034. 					$error[] = lang('url_title_is_numeric');
    1035. 

  1035. 				}
    1036. 

  1036. 

  1037. 				// Is URL title unique?
    1038. 

  1038. 				$unique = FALSE;
    1039. 

  1039. 				$i = 0;
    1040. 

  1040. 				
    1041. 

  1041. 				while ($unique == FALSE)
    1042. 

  1042. 				{
    1043. 

  1043. 					$temp = ($i == 0) ? $data['url_title'] : $data['url_title'].$i;
    1044. 

  1044. 					$i++;
    1045. 

  1045. 

  1046. 					$sql = "SELECT count(*) AS count FROM exp_channel_titles WHERE url_title = '".$this->db->escape_str($temp)."' AND channel_id = '".$this->db->escape_str($channel_id)."'";
    1047. 

  1047. 

  1048. 					if ($id != '')
    1049. 

  1049. 					{
    1050. 

  1050. 						$sql .= " AND entry_id != '".$this->db->escape_str($id)."'";
    1051. 

  1051. 					}
    1052. 

  1052. 

  1053. 					 $query = $this->db->query($sql);
    1054. 

  1054. 

  1055. 					 if ($query->row('count')  == 0)
    1056. 

  1056. 					 {
    1057. 

  1057. 						$unique = TRUE;
    1058. 

  1058. 					 }
    1059. 

  1059. 

  1060. 					 // Safety
    1061. 

  1061. 					 if ($i >= 50)
    1062. 

  1062. 					 {
    1063. 

  1063. 						$error[] = lang('url_title_not_unique');
    1064. 

  1064. 						break;
    1065. 

  1065. 					 }
    1066. 

  1066. 				}
    1067. 

  1067. 

  1068. 				$data['url_title'] = $temp;
    1069. 

  1069. 			}
    1070. 

  1070. 

  1071. 			// No date? Assign error.
    1072. 

  1072. 			if ($data['entry_date'] == '')
    1073. 

  1073. 			{
    1074. 

  1074. 				$error[] = lang('missing_date');
    1075. 

  1075. 			}
    1076. 

  1076. 			
    1077. 

  1077. 			// Convert the date to a Unix timestamp
    1078. 

  1078. 			$data['entry_date'] = $this->localize->convert_human_date_to_gmt($data['entry_date']);
    1079. 

  1079. 			
    1080. 

  1080. 			if ( ! is_numeric($data['entry_date'])) 
    1081. 

  1081. 			{ 
    1082. 

  1082. 				// Localize::convert_human_date_to_gmt() returns verbose errors
    1083. 

  1083. 				if ($data['entry_date'] !== FALSE)
    1084. 

  1084. 				{
    1085. 

  1085. 					$error[] = $data['entry_date'];
    1086. 

  1086. 				}
    1087. 

  1087. 				else
    1088. 

  1088. 				{
    1089. 

  1089. 					$error[] = lang('invalid_date_formatting');
    1090. 

  1090. 				}
    1091. 

  1091. 			}
    1092. 

  1092. 

  1093. 			// Do we have an error to display?
    1094. 

  1094. 			 if (count($error) > 0)
    1095. 

  1095. 			 {
    1096. 

  1096. 				$msg = '';
    1097. 

  1097. 

  1098. 				foreach($error as $val)
    1099. 

  1099. 				{
    1100. 

  1100. 					$msg .= '<div class="itemWrapper">'.$val.'</div>';	
    1101. 

  1101. 				}
    1102. 

  1102. 

  1103. 				return show_error($msg);
    1104. 

  1104. 			 }
    1105. 

  1105. 

  1106. 			// Day, Month, and Year Fields
    1107. 

  1107. 			$data['year']	= $this->localize->decode_date('%Y', $data['entry_date'], TRUE);
    1108. 

  1108. 			$data['month']	= $this->localize->decode_date('%m', $data['entry_date'], TRUE);
    1109. 

  1109. 			$data['day']	= $this->localize->decode_date('%d', $data['entry_date'], TRUE);
    1110. 

  1110. 

  1111. 			// Update the entry
    1112. 

  1112. 			$this->db->query($this->db->update_string('exp_channel_titles', $data, "entry_id = '$id'"));
    1113. 

  1113. 			
    1114. 

  1114. 			/* -------------------------------------------
    1115. 

  1115. 			/* 'update_multi_entries_loop' hook.
    1116. 

  1116. 			/*  - Perform additional actions after each entry is updated
    1117. 

  1117. 			*/
    1118. 

  1118. 				$edata = $this->extensions->call('update_multi_entries_loop', $id, $data);
    1119. 

  1119. 				if ($this->extensions->end_script === TRUE) return;
    1120. 

  1120. 			/*
    1121. 

  1121. 			/* -------------------------------------------*/
    1122. 

  1122. 		}
    1123. 

  1123. 

  1124. 		// Clear caches if needed
    1125. 

  1125. 

  1126. 		$entry_ids = "'";
    1127. 

  1127. 

  1128. 		foreach($_POST['entry_id'] as $id)
    1129. 

  1129. 		{
    1130. 

  1130. 			$entry_ids .= $this->db->escape_str($id)."', '";
    1131. 

  1131. 		}
    1132. 

  1132. 

  1133. 		$entry_ids = substr($entry_ids, 0, -3);
    1134. 

  1134. 

  1135. 		$query = $this->db->query("SELECT COUNT(*) AS count FROM exp_relationships
    1136. 

  1136. 							WHERE rel_parent_id IN ({$entry_ids})
    1137. 

  1137. 							OR rel_child_id IN ({$entry_ids})");
    1138. 

    1139. 

  1139. 		$clear_rel = ($query->row('count')	> 0) ? TRUE : FALSE;
    1140. 

  1140. 

  1141. 		if ($this->config->item('new_posts_clear_caches') == 'y')
    1142. 

  1142. 		{
    1143. 

  1143. 			$this->functions->clear_caching('all', '', $clear_rel);
    1144. 

  1144. 		}
    1145. 

  1145. 		else
    1146. 

  1146. 		{
    1147. 

  1147. 			$this->functions->clear_caching('sql', '', $clear_rel);
    1148. 

  1148. 		}
    1149. 

  1149. 

  1150. 

  1151. 		// Update each modified channel's stats. Might want to get update_channel_stats()
    1152. 

  1152. 		// to accept an array so we can avoid looping here.
    1153. 

  1153. 		foreach(array_unique($channel_ids) as $id)
    1154. 

  1154. 		{
    1155. 

  1155. 			$this->stats->update_channel_stats($id);
    1156. 

  1156. 		}
    1157. 

  1157. 

  1158. 

  1159. 		$this->session->set_flashdata('message_success', lang('multi_entries_updated'));
    1160. 

  1160. 

  1161. 		if (isset($_POST['redirect']) && ($redirect = base64_decode($this->security->xss_clean($_POST['redirect']))) !== FALSE)
    1162. 

  1162. 		{
    1163. 

  1163. 			$this->functions->redirect($this->security->xss_clean($redirect));
    1164. 

  1164. 		}
    1165. 

  1165. 		else
    1166. 

  1166. 		{
    1167. 

  1167. 			$this->functions->redirect($this->edit_base_url);
    1168. 

  1168. 		}
    1169. 

  1169. 	}
    1170. 

  1170. 

  1171. 	// --------------------------------------------------------------------
    1172. 

  1172. 

  1173. 	/**
    1174. 

  1174. 	 * multi categories edit form
    1175. 

  1175. 	 */
    1176. 

  1176. 	public function multi_categories_edit($type, $query)
    1177. 

  1177. 	{
    1178. 

  1178. 		if ( ! $this->cp->allowed_group('can_access_content'))
    1179. 

  1179. 		{
    1180. 

  1180. 			show_error(lang('unauthorized_access'));
    1181. 

  1181. 		}
    1182. 

  1182.         
    1183. 

  1183.        	if ($query->num_rows() == 0)
    1184. 

  1184.         {
    1185. 

  1185.             show_error(lang('unauthorized_to_edit'));
    1186. 

  1186.         }
    1187. 

  1187.         
    1188. 

  1188. 		/** -----------------------------
    1189. 

  1189. 		/**  Fetch the cat_group
    1190. 

  1190. 		/** -----------------------------*/
    1191. 

  1191. 		
    1192. 

  1192. 		/* Available from $query:	entry_id, channel_id, author_id, title, url_title, 
    1193. 

  1193. 									entry_date, dst_enabled, status, allow_comments, 
    1194. 

  1194. 									sticky
    1195. 

  1195. 		*/
    1196. 

  1196. 

  1197. 		$sql = "SELECT DISTINCT cat_group FROM exp_channels WHERE channel_id IN(";
    1198. 

  1198. 		
    1199. 

  1199. 		$channel_ids = array();
    1200. 

  1200. 		$entry_ids  = array();
    1201. 

  1201. 		
    1202. 

  1202. 		foreach ($query->result_array() as $row)
    1203. 

  1203. 		{
    1204. 

  1204. 			$channel_ids[] = $row['channel_id'];
    1205. 

  1205. 			$entry_ids[] = $row['entry_id'];
    1206. 

  1206. 			
    1207. 

  1207. 			$sql .= $row['channel_id'].',';
    1208. 

  1208. 		}
    1209. 

  1209. 		
    1210. 

  1210. 		$group_query = $this->db->query(substr($sql, 0, -1).')');
    1211. 

  1211. 		
    1212. 

  1212. 		$valid = 'n';
    1213. 

  1213. 		
    1214. 

  1214. 		if ($group_query->num_rows() > 0)
    1215. 

  1215. 		{
    1216. 

  1216. 			$valid = 'y';
    1217. 

  1217. 			$last  = explode('|', $group_query->row('cat_group'));
    1218. 

  1218. 			
    1219. 

  1219. 			foreach($group_query->result_array() as $row)
    1220. 

  1220. 			{
    1221. 

  1221. 				$valid_cats = array_intersect($last, explode('|', $row['cat_group']));
    1222. 

  1222. 				
    1223. 

  1223. 				if (count($valid_cats) == 0)
    1224. 

  1224. 				{
    1225. 

  1225. 					$valid = 'n';
    1226. 

  1226. 					break;
    1227. 

  1227. 				}
    1228. 

  1228. 			}
    1229. 

  1229. 		}
    1230. 

  1230. 		
    1231. 

  1231. 		if ($valid == 'n')
    1232. 

  1232. 		{
    1233. 

  1233. 			show_error(lang('no_category_group_match'));
    1234. 

  1234. 		}
    1235. 

  1235. 		
    1236. 

  1236. 		$this->api->instantiate('channel_categories');
    1237. 

  1237. 		$this->api_channel_categories->category_tree(($cat_group = implode('|', $valid_cats)));
    1238. 

  1238. 		//print_r($this->api_channel_categories->categories);
    1239. 

  1239. 		$vars['cats'] = array();
    1240. 

  1240. 		$vars['message']  = '';
    1241. 

  1241. 		
    1242. 

  1242. 		if (count($this->api_channel_categories->categories) == 0)
    1243. 

  1243. 		{  
    1244. 

  1244. 			$vars['message'] = lang('no_categories');
    1245. 

  1245. 		}
    1246. 

  1246. 		else
    1247. 

  1247. 		{
    1248. 

  1248. 			foreach ($this->api_channel_categories->categories as $val)
    1249. 

  1249. 			{
    1250. 

  1250. 					$vars['cats'][$val['3']][] = $val;
    1251. 

  1251. 			}
    1252. 

  1252. 		}
    1253. 

  1253. 		
    1254. 

  1254. 		$vars['edit_categories_link'] = FALSE; //start off as false, meaning user does not have privs
    1255. 

  1255. 

  1256. 		$link_info = $this->api_channel_categories->fetch_allowed_category_groups($cat_group);
    1257. 

  1257. 		
    1258. 

  1258. 		$links = FALSE;
    1259. 

  1259. 		
    1260. 

  1260. 		if ($link_info !== FALSE)
    1261. 

  1261. 		{
    1262. 

  1262. 			foreach ($link_info as $val)
    1263. 

  1263. 			{
    1264. 

  1264. 				$links[] = array('url' => BASE.AMP.'C=admin_content'.AMP.'M=category_editor'.AMP.'group_id='.$val['group_id'],
    1265. 

  1265. 					'group_name' => $val['group_name']);
    1266. 

  1266. 			}
    1267. 

  1267. 		}
    1268. 

  1268. 

  1269. 		$vars['edit_categories_link'] = $links;
    1270. 

  1270. 

  1271. 		$this->cp->set_breadcrumb($this->edit_base_url, lang('edit'));
    1272. 

  1272. 

  1273. 		$vars['form_hidden'] = array();
    1274. 

  1274. 		$vars['form_hidden']['entry_ids'] = implode('|', $entry_ids);
    1275. 

  1275. 		$vars['form_hidden']['type'] = $type;
    1276. 

  1276. 

  1277. 		$vars['type'] = $type;
    1278. 

  1278. 	
    1279. 

  1279. 		$this->cp->set_variable('cp_page_title', lang('multi_entry_category_editor'));
    1280. 

  1280. 

  1281. 		$this->javascript->compile();
    1282. 

  1282. 		$this->load->view('content/multi_cat_edit', $vars);
    1283. 

  1283. 	}
    1284. 

  1284. 

  1285. 	// --------------------------------------------------------------------
    1286. 

  1286. 

  1287. 	/**
    1288. 

  1288. 	 *  Update Multiple Entries with Categories
    1289. 

  1289. 	 */
    1290. 

  1290. 	public function multi_entry_category_update()
    1291. 

  1291. 	{
    1292. 

  1292. 		if ( ! $this->cp->allowed_group('can_access_content'))
    1293. 

  1293. 		{
    1294. 

  1294. 			show_error(lang('unauthorized_access'));
    1295. 

  1295. 		}
    1296. 

  1296. 

  1297. 		if ($this->input->get_post('entry_ids') === FALSE OR $this->input->get_post('type') === FALSE)
    1298. 

  1298. 		{
    1299. 

  1299. 			show_error(lang('unauthorized_to_edit'));
    1300. 

  1300. 		}
    1301. 

  1301. 

  1302. 		if ($this->input->get_post('category') === FALSE OR ! is_array($_POST['category']) OR count($_POST['category']) == 0)
    1303. 

  1303. 		{
    1304. 

  1304. 			return $this->output->show_user_error('submission', lang('no_categories_selected'));
    1305. 

  1305. 		}
    1306. 

  1306. 

  1307. 		/** ---------------------------------
    1308. 

  1308. 		/**	 Fetch categories
    1309. 

  1309. 		/** ---------------------------------*/
    1310. 

  1310. 

  1311. 		// We do this first so we can destroy the category index from
    1312. 

  1312. 		// the $_POST array since we use a separate table to store categories in
    1313. 

  1313. 		
    1314. 

  1314. 		$this->api->instantiate('channel_categories');
    1315. 

  1315. 

  1316. 		foreach ($_POST['category'] as $cat_id)
    1317. 

  1317. 		{
    1318. 

  1318. 			$this->api_channel_categories->cat_parents[] = $cat_id;
    1319. 

  1319. 		}
    1320. 

  1320. 

  1321. 		if ($this->api_channel_categories->assign_cat_parent == TRUE)
    1322. 

  1322. 		{
    1323. 

  1323. 			$this->api_channel_categories->fetch_category_parents($_POST['category']);
    1324. 

  1324. 		}
    1325. 

  1325. 

  1326. 		$this->api_channel_categories->cat_parents = array_unique($this->api_channel_categories->cat_parents);
    1327. 

  1327. 

  1328. 		sort($this->api_channel_categories->cat_parents);
    1329. 

  1329. 

  1330. 		unset($_POST['category']);
    1331. 

  1331. 

  1332. 		$ids = array();
    1333. 

  1333. 

  1334. 		foreach (explode('|', $_POST['entry_ids']) as $entry_id)
    1335. 

  1335. 		{
    1336. 

  1336. 			$ids[] = $this->db->escape_str($entry_id);
    1337. 

  1337. 		}
    1338. 

  1338. 

  1339. 		unset($_POST['entry_ids']);
    1340. 

  1340. 

  1341. 		$entries_string = implode("','", $ids);
    1342. 

  1342. 

  1343. 		/** -----------------------------
    1344. 

  1344. 		/**	 Get Category Group IDs
    1345. 

  1345. 		/** -----------------------------*/
    1346. 

  1346. 		$query = $this->db->query("SELECT DISTINCT exp_channels.cat_group FROM exp_channels, exp_channel_titles
    1347. 

  1347. 							 WHERE exp_channel_titles.channel_id = exp_channels.channel_id
    1348. 

  1348. 							 AND exp_channel_titles.entry_id IN ('".$entries_string."')");
    1349. 

    1350. 

  1350. 		$valid = 'n';
    1351. 

  1351. 

  1352. 		if ($query->num_rows() > 0)
    1353. 

  1353. 		{
    1354. 

  1354. 			$valid = 'y';
    1355. 

  1355. 			$last  = explode('|', $query->row('cat_group') );
    1356. 

  1356. 

  1357. 			foreach($query->result_array() as $row)
    1358. 

  1358. 			{
    1359. 

  1359. 				$valid_cats = array_intersect($last, explode('|', $row['cat_group']));
    1360. 

  1360. 

  1361. 				if (count($valid_cats) == 0)
    1362. 

  1362. 				{
    1363. 

  1363. 					$valid = 'n';
    1364. 

  1364. 					break;
    1365. 

  1365. 				}
    1366. 

  1366. 			}
    1367. 

  1367. 		}
    1368. 

  1368. 

  1369. 		if ($valid == 'n')
    1370. 

  1370. 		{
    1371. 

  1371. 			return $this->output->show_user_error('submission', lang('no_category_group_match'));
    1372. 

  1372. 		}
    1373. 

  1373. 

  1374. 		/** -----------------------------
    1375. 

  1375. 		/**	 Remove Valid Cats, Then Add...
    1376. 

  1376. 		/** -----------------------------*/
    1377. 

  1377. 

  1378. 		$valid_cat_ids = array();
    1379. 

  1379. 		$query = $this->db->query("SELECT cat_id FROM exp_categories
    1380. 

  1380. 							 WHERE group_id IN ('".implode("','", $valid_cats)."')
    1381. 

  1381. 							 AND cat_id IN ('".implode("','", $this->api_channel_categories->cat_parents)."')");
    1382. 

    1383. 

  1383. 		foreach($query->result_array() as $row)
    1384. 

  1384. 		{
    1385. 

  1385. 			$this->db->query("DELETE FROM exp_category_posts WHERE cat_id = ".$row['cat_id']." AND entry_id IN ('".$entries_string."')");
    1386. 

  1386. 			$valid_cat_ids[] = $row['cat_id'];
    1387. 

  1387. 		}
    1388. 

  1388. 		
    1389. 

  1389. 		if ($this->input->get_post('type') == 'add')
    1390. 

  1390. 		{
    1391. 

  1391. 			$insert_cats = array_intersect($this->api_channel_categories->cat_parents, $valid_cat_ids);
    1392. 

  1392. 			// How brutish...
    1393. 

  1393. 			foreach($ids as $id)
    1394. 

  1394. 			{
    1395. 

  1395. 				foreach($insert_cats as $val)
    1396. 

  1396. 				{
    1397. 

  1397. 					$this->db->query($this->db->insert_string('exp_category_posts', array('entry_id' => $id, 'cat_id' => $val)));
    1398. 

  1398. 				}
    1399. 

  1399. 			}
    1400. 

  1400. 		}
    1401. 

  1401. 

  1402. 

  1403. 		/** ---------------------------------
    1404. 

  1404. 		/**	 Clear caches if needed
    1405. 

  1405. 		/** ---------------------------------*/
    1406. 

  1406. 

  1407. 		if ($this->config->item('new_posts_clear_caches') == 'y')
    1408. 

  1408. 		{
    1409. 

  1409. 			$this->functions->clear_caching('all');
    1410. 

  1410. 		}
    1411. 

  1411. 		else
    1412. 

  1412. 		{
    1413. 

  1413. 			$this->functions->clear_caching('sql');
    1414. 

  1414. 		}
    1415. 

  1415. 		
    1416. 

  1416. 		$this->session->set_flashdata('message_success', lang('multi_entries_updated'));
    1417. 

  1417. 		$this->functions->redirect($this->edit_base_url);
    1418. 

  1418. 	}
    1419. 

  1419. 

  1420. 	// --------------------------------------------------------------------
    1421. 

  1421. 

  1422. 	/**
    1423. 

  1423. 	 * Delete entries confirm
    1424. 

  1424. 	 */
    1425. 

  1425. 	public function delete_entries_confirm()
    1426. 

  1426. 	{
    1427. 

  1427. 		if ( ! $this->cp->allowed_group('can_access_content'))
    1428. 

  1428. 		{
    1429. 

  1429. 			show_error(lang('unauthorized_access'));
    1430. 

  1430. 		}
    1431. 

  1431. 

  1432. 		if ( ! $this->cp->allowed_group('can_delete_self_entries') AND
    1433. 

  1433. 			 ! $this->cp->allowed_group('can_delete_all_entries'))
    1434. 

  1434. 		{
    1435. 

  1435. 			show_error(lang('unauthorized_access'));
    1436. 

  1436. 		}
    1437. 

  1437. 				
    1438. 

  1438. 		if ( ! $this->input->post('toggle'))
    1439. 

  1439. 		{
    1440. 

  1440. 			redirect(BASE.'content_edit');
    1441. 

  1441. 		}
    1442. 

  1442. 

  1443. 		$damned = array();
    1444. 

  1444. 

  1445. 		foreach ($_POST['toggle'] as $key => $val)
    1446. 

  1446. 		{		
    1447. 

  1447. 			if ($val != '')
    1448. 

  1448. 			{
    1449. 

  1449. 				$damned[] = $val;
    1450. 

  1450. 			}
    1451. 

  1451. 		}
    1452. 

  1452. 

  1453. 		// Pass the damned on for judgement
    1454. 

  1454. 		$vars['damned'] = $damned;
    1455. 

  1455. 

  1456. 		if (count($damned) == 1)
    1457. 

  1457. 		{
    1458. 

  1458. 			$vars['message'] = lang('delete_entry_confirm');
    1459. 

  1459. 		}
    1460. 

  1460. 		else
    1461. 

  1461. 		{
    1462. 

  1462. 			$vars['message'] = lang('delete_entries_confirm');
    1463. 

  1463. 		}
    1464. 

  1464. 

  1465. 		$vars['title_deleted_entry'] = '';
    1466. 

  1466. 

  1467. 		// if it's just one entry, let's be kind and show a title
    1468. 

  1468. 		if (count($_POST['toggle']) == 1)
    1469. 

  1469. 		{
    1470. 

  1470. 			$query = $this->db->query('SELECT title FROM exp_channel_titles WHERE entry_id = "'.$this->db->escape_str($_POST['toggle'][0]).'"');
    1471. 

  1471. 

  1472. 			if ($query->num_rows() == 1)
    1473. 

  1473. 			{
    1474. 

  1474. 				$vars['title_deleted_entry'] = str_replace('%title', $query->row('title') , lang('entry_title_with_title'));
    1475. 

  1475. 			}
    1476. 

  1476. 		}
    1477. 

  1477. 

  1478. 		$this->cp->set_variable('cp_page_title', lang('delete_confirm'));
    1479. 

  1479. 

  1480. 		$this->javascript->compile();
    1481. 

  1481. 		$this->load->view('content/delete_confirm', $vars);
    1482. 

  1482. 	}
    1483. 

  1483. 

  1484. 	// --------------------------------------------------------------------
    1485. 

  1485. 

  1486. 	/**
    1487. 

  1487. 	 * Delete entries
    1488. 

  1488. 	 */
    1489. 

  1489. 	public function delete_entries()
    1490. 

  1490. 	{
    1491. 

  1491. 		if ( ! $this->cp->allowed_group('can_access_content'))
    1492. 

  1492. 		{
    1493. 

  1493. 			show_error(lang('unauthorized_access'));
    1494. 

  1494. 		}
    1495. 

  1495. 

  1496. 		if ( ! $this->cp->allowed_group('can_delete_self_entries') AND
    1497. 

  1497. 			 ! $this->cp->allowed_group('can_delete_all_entries'))
    1498. 

  1498. 		{
    1499. 

  1499. 			show_error(lang('unauthorized_access'));
    1500. 

  1500. 		}
    1501. 

  1501. 				
    1502. 

  1502. 		if ( ! $this->input->post('delete'))
    1503. 

  1503. 		{
    1504. 

  1504. 			$this->session->set_flashdata('message_failure', lang('no_valid_selections'));
    1505. 

  1505. 			$this->functions->redirect($this->edit_base_url);
    1506. 

  1506. 		}
    1507. 

  1507. 

  1508. 		/* -------------------------------------------
    1509. 

  1509. 		/* 'delete_entries_start' hook.
    1510. 

  1510. 		/*  - Perform actions prior to entry deletion / take over deletion
    1511. 

  1511. 		*/
    1512. 

  1512. 			$edata = $this->extensions->call('delete_entries_start');
    1513. 

  1513. 			if ($this->extensions->end_script === TRUE) return;
    1514. 

  1514. 		/*
    1515. 

  1515. 		/* -------------------------------------------*/
    1516. 

  1516. 		
    1517. 

  1517. 		$this->api->instantiate('channel_entries');
    1518. 

  1518. 		$res = $this->api_channel_entries->delete_entry($this->input->post('delete'));
    1519. 

  1519. 		
    1520. 

  1520. 		if ($res === FALSE)
    1521. 

  1521. 		{
    1522. 

  1522. 			$this->session->set_flashdata('message_failure', lang('no_valid_selections'));
    1523. 

  1523. 			$this->functions->redirect($this->edit_base_url);
    1524. 

  1524. 		}
    1525. 

  1525. 		
    1526. 

  1526. 		// Return success message
    1527. 

  1527. 		$this->session->set_flashdata('message_success', lang('entries_deleted'));
    1528. 

  1528. 		$this->functions->redirect($this->edit_base_url);
    1529. 

  1529. 	}
    1530. 

  1530. 

  1531. 	// --------------------------------------------------------------------
    1532. 

  1532. 

  1533. 	/**
    1534. 

  1534. 	 * JavaScript filtering code
    1535. 

  1535. 	 *
    1536. 

  1536. 	 * This function writes some JavaScript functions that
    1537. 

  1537. 	 * are used to switch the various pull-down menus in the
    1538. 

  1538. 	 * EDIT page
    1539. 

  1539. 	 *
    1540. 

  1540. 	 * @access	protected
    1541. 

  1541. 	 */
    1542. 

  1542. 	protected function _filtering_menus($cat_form_array)
    1543. 

  1543. 	{
    1544. 

  1544. 		// In order to build our filtering options we need to gather 
    1545. 

  1545. 		// all the channels, categories and custom statuses
    1546. 

  1546. 

  1547. 		$channel_array	= array();
    1548. 

  1548. 		$status_array = array();
    1549. 

  1549. 		
    1550. 

  1550. 		$this->api->instantiate('channel_categories');
    1551. 

  1551. 

  1552. 		if (count($this->allowed_channels) > 0)
    1553. 

  1553. 		{
    1554. 

  1554. 			// Fetch channel titles
    1555. 

  1555. 			$this->api->instantiate('channel_structure');
    1556. 

  1556. 			$channel_q = $this->api_channel_structure->get_channels();
    1557. 

  1557. 

  1558. 			foreach ($channel_q->result_array() as $row)
    1559. 

  1559. 			{
    1560. 

  1560. 				$channel_array[$row['channel_id']] = array(str_replace('"','',$row['channel_title']), $row['cat_group'], $row['status_group'], $row['field_group']);
    1561. 

  1561. 			}		
    1562. 

  1562. 		}
    1563. 

  1563. 		
    1564. 

  1564. 		/** ----------------------------- 
    1565. 

  1565. 		/**  Entry Statuses
    1566. 

  1566. 		/** -----------------------------*/
    1567. 

  1567. 		
    1568. 

  1568. 		$this->db->select('group_id, status');
    1569. 

  1569. 		$this->db->where('site_id', $this->config->item('site_id'));		
    1570. 

  1570. 		$this->db->order_by('status_order');
    1571. 

  1571. 		$query = $this->db->get('statuses');
    1572. 

  1572. 		
    1573. 

  1573. 		foreach ($query->result_array() as $row)
    1574. 

  1574. 		{
    1575. 

  1575. 			$status_array[]  = array($row['group_id'], $row['status']);
    1576. 

  1576. 		}
    1577. 

  1577. 

  1578. 		$default_cats[] = array('', lang('filter_by_category'));
    1579. 

  1579. 		$default_cats[] = array('all', lang('all'));
    1580. 

  1580. 		$default_cats[] = array('none', lang('none'));		
    1581. 

  1581. 		
    1582. 

  1582. 		$dstatuses[] = array('', lang('filter_by_status'));
    1583. 

  1583. 		$dstatuses[] = array('open', lang('open'));
    1584. 

  1584. 		$dstatuses[] = array('closed', lang('closed'));
    1585. 

  1585. 

  1586. 		$channel_info['0']['categories'] = $default_cats;		
    1587. 

  1587. 		$channel_info['0']['statuses'] = $dstatuses;
    1588. 

  1588. 

  1589. 		foreach ($channel_array as $key => $val)
    1590. 

  1590. 		{
    1591. 

  1591. 			$any = 0;
    1592. 

  1592. 			$cats = $default_cats;
    1593. 

  1593. 	
    1594. 

  1594. 			if (count($cat_form_array) > 0)
    1595. 

  1595. 			{
    1596. 

  1596. 				$last_group = 0;
    1597. 

  1597. 		
    1598. 

  1598. 				foreach ($cat_form_array as $k => $v)
    1599. 

  1599. 				{
    1600. 

  1600. 					if (in_array($v['0'], explode('|', $val['1'])))
    1601. 

  1601. 					{
    1602. 

  1602. 						if ($last_group == 0 OR $last_group != $v['0'])
    1603. 

  1603. 						{
    1604. 

  1604. 							$cats[] = array('', '-------');
    1605. 

  1605. 							$last_group = $v['0'];
    1606. 

  1606. 						}
    1607. 

  1607. 

  1608. 						$cats[] = array($v['1'], $v['2']);
    1609. 

  1609. 					}
    1610. 

  1610. 				}
    1611. 

  1611. 			}
    1612. 

  1612. 

  1613. 			$channel_info[$key]['categories'] = $cats;
    1614. 

  1614. 			
    1615. 

  1615. 			$statuses = array();
    1616. 

  1616. 			$statuses[] = array('', lang('filter_by_status'));
    1617. 

  1617. 

  1618. 			if (count($status_array) > 0)
    1619. 

  1619. 			{
    1620. 

  1620. 				foreach ($status_array as $k => $v)
    1621. 

  1621. 				{
    1622. 

  1622. 					if ($v['0'] == $val['2'])
    1623. 

  1623. 					{
    1624. 

  1624. 						$status_name = ($v['1'] == 'closed' OR $v['1'] == 'open') ?  lang($v['1']) : $v['1'];
    1625. 

  1625. 						$statuses[] = array($v['1'], $status_name);
    1626. 

  1626. 					}
    1627. 

  1627. 				}
    1628. 

  1628. 			}
    1629. 

  1629. 			else
    1630. 

  1630. 			{
    1631. 

  1631. 				$statuses[] = array('open', lang('open'));
    1632. 

  1632. 				$statuses[] = array('closed', lang('closed'));
    1633. 

  1633. 			}
    1634. 

  1634. 

  1635. 			$channel_info[$key]['statuses'] = $statuses;
    1636. 

  1636. 		}
    1637. 

  1637. 

  1638. 		$this->javascript->set_global('edit.channelInfo', $channel_info);
    1639. 

  1639. 	}
    1640. 

  1640. 	
    1641. 

  1641. 	// --------------------------------------------------------------------
    1642. 

  1642. 	
    1643. 

  1643. 	/**
    1644. 

  1644. 	 * Custom dates
    1645. 

  1645. 	 */
    1646. 

  1646. 	public function custom_dates()
    1647. 

  1647. 	{
    1648. 

  1648. 		if ( ! $this->cp->allowed_group('can_access_content'))
    1649. 

  1649. 		{
    1650. 

  1650. 			show_error(lang('unauthorized_access'));
    1651. 

  1651. 		}
    1652. 

  1652. 

  1653. 		$this->output->enable_profiler(FALSE);
    1654. 

  1654. 

  1655. 		// load the javascript view, as its just a variable, no html template needed
    1656. 

  1656. 		$this->load->view('_shared/javascript');
    1657. 

  1657. 	}
    1658. 

  1658. 

  1659. 	// --------------------------------------------------------------------
    1660. 

  1660. 

  1661. 	/**
    1662. 

  1662. 	 * Show entries with most recent comments
    1663. 

  1663. 	 *
    1664. 

  1664. 	 * Used by "recent entries" homepage link
    1665. 

  1665. 	 *
    1666. 

  1666. 	 * @return	void
    1667. 

  1667. 	 */
    1668. 

  1668. 	public function show_recent_entries()
    1669. 

  1669. 	{
    1670. 

  1670. 		if ( ! $this->cp->allowed_group('can_access_content'))
    1671. 

  1671. 		{
    1672. 

  1672. 			show_error(lang('unauthorized_access'));
    1673. 

  1673. 		}
    1674. 

  1674. 

  1675. 		$this->load->library('table');
    1676. 

  1676. 		$this->load->model('channel_entries_model');
    1677. 

  1677. 		$this->lang->loadfile('homepage');
    1678. 

  1678. 		
    1679. 

  1679. 		$this->cp->set_variable('cp_page_title', lang('most_recent_entries'));
    1680. 

  1680. 		
    1681. 

  1681. 		$count = $this->input->get('count');
    1682. 

  1682. 		$vars = array('entries' => array());
    1683. 

  1683. 		
    1684. 

  1684. 		$query = $this->channel_entries_model->get_recent_entries($count);
    1685. 

  1685. 		
    1686. 

  1686. 		if ($query && $query->num_rows() > 0)
    1687. 

  1687. 		{
    1688. 

  1688. 			$result = $query->result();
    1689. 

  1689. 			foreach($result as $row)
    1690. 

  1690. 			{
    1691. 

  1691. 				$c_link = BASE.AMP.'C=addons_modules'.AMP.'M=show_module_cp'.AMP.'module=comment'.AMP.'method=index'.AMP.'entry_id='.$row->entry_id;
    1692. 

  1692. 

  1693. 				$link = BASE.AMP.'C=content_publish'.AMP.'M=view_entry'.AMP.'channel_id='.$row->channel_id.AMP.'entry_id='.$row->entry_id;
    1694. 

  1694. 				
    1695. 

  1695. 				if (($row->author_id == $this->session->userdata('member_id')) OR $this->cp->allowed_group('can_edit_other_entries'))
    1696. 

  1696. 				{
    1697. 

  1697. 					$link = BASE.AMP.'C=content_publish'.AMP.'M=entry_form'.AMP.'channel_id='.$row->channel_id.AMP.'entry_id='.$row->entry_id;
    1698. 

  1698. 				}
    1699. 

  1699. 				
    1700. 

  1700. 				$c_link = '<a href="'.$c_link.'">'.$row->comment_total.'</a>';
    1701. 

  1701. 				$link = '<a href="'.$link.'">'.$row->title.'</a>';
    1702. 

  1702. 				
    1703. 

  1703. 				$vars['entries'][$link] = $c_link;
    1704. 

  1704. 			}
    1705. 

  1705. 		}
    1706. 

  1706. 		
    1707. 

  1707. 		$vars['no_result'] = lang('no_entries');
    1708. 

  1708. 		$vars['left_column'] = lang('most_recent_entries');
    1709. 

  1709. 		$vars['right_column'] = lang('comments');
    1710. 

  1710. 		
    1711. 

  1711. 		$this->javascript->compile();
    1712. 

  1712. 		$this->load->view('content/recent_list', $vars);
    1713. 

  1713. 	}
    1714. 

  1714. 	
    1715. 

  1715. 	/**
    1716. 

  1716. 	 * Edit Form Elements
    1717. 

  1717. 	 *
    1718. 

  1718. 	 * @access	protected
    1719. 

  1719. 	 */
    1720. 

  1720. 	protected function _edit_form($filter_data, $channels)
    1721. 

  1721. 	{
    1722. 

  1722. 		// Category Filtering Menus
    1723. 

  1723. 		// ----------------------------------------------------------------
    1724. 

  1724. 				
    1725. 

  1725. 		// We need this for the filter, so grab it now
    1726. 

  1726. 		$this->api->instantiate('channel_categories');
    1727. 

  1727. 		$cat_form_array = $this->api_channel_categories->category_form_tree($this->nest_categories);
    1728. 

  1728. 		
    1729. 

  1729. 		$total_channels = count($this->allowed_channels);
    1730. 

  1730. 		
    1731. 

  1731. 		// If we have channels we'll write the JavaScript menu switching code
    1732. 

  1732. 		if ($total_channels > 0)
    1733. 

  1733. 		{
    1734. 

  1734. 			$this->_filtering_menus($cat_form_array);
    1735. 

  1735. 		}
    1736. 

  1736. 		
    1737. 

  1737. 		// Channel selection pull-down menu
    1738. 

  1738. 		// ----------------------------------------------------------------
    1739. 

  1739. 

  1740. 		$c_row = FALSE;
    1741. 

  1741. 		$cat_group = '';
    1742. 

  1742. 		$channel_id = $this->input->get_post('channel_id');
    1743. 

  1743. 

  1744. 		if (count($channels) == 1)
    1745. 

  1745. 		{
    1746. 

  1746. 			$c_row = current($channels);
    1747. 

  1747. 		}
    1748. 

  1748. 		elseif (isset($channels[$filter_data['channel_id']]))
    1749. 

  1749. 		{
    1750. 

  1750. 			$c_row = $channels[$filter_data['channel_id']];
    1751. 

  1751. 		}
    1752. 

  1752. 

  1753. 		if ($c_row)
    1754. 

  1754. 		{
    1755. 

  1755. 			$channel_id = $c_row->channel_id;
    1756. 

  1756. 			$cat_group = $c_row->cat_group;
    1757. 

  1757. 		}
    1758. 

  1758. 		
    1759. 

  1759. 		$vars['channel_selected'] = $this->input->get_post('channel_id');
    1760. 

  1760. 		$vars['channel_select_options'] = array('null' => lang('filter_by_channel'));
    1761. 

  1761. 

  1762. 		if (count($channels) > 1)
    1763. 

  1763. 		{
    1764. 

  1764. 			$vars['channel_select_options']['all'] = lang('all');
    1765. 

  1765. 		}
    1766. 

  1766. 

  1767. 		foreach ($channels as $id => $row)
    1768. 

  1768. 		{
    1769. 

  1769. 			$vars['channel_select_options'][$id] = $row->channel_title;
    1770. 

  1770. 		}
    1771. 

  1771. 

  1772. 		// Category pull-down menu
    1773. 

  1773. 		// ----------------------------------------------------------------
    1774. 

  1774. 

  1775. 		$vars['category_selected'] = $filter_data['cat_id'];
    1776. 

  1776. 		$vars['category_select_options'][''] = lang('filter_by_category');
    1777. 

  1777. 

  1778. 		if ($total_channels > 1)
    1779. 

  1779. 		{				
    1780. 

  1780. 			$vars['category_select_options']['all'] = lang('all');
    1781. 

  1781. 		}
    1782. 

  1782. 

  1783. 		$vars['category_select_options']['none'] = lang('none');
    1784. 

  1784. 

  1785. 		if ($cat_group != '')
    1786. 

  1786. 		{
    1787. 

  1787. 			foreach($cat_form_array as $key => $val)
    1788. 

  1788. 			{
    1789. 

  1789. 				if ( ! in_array($val['0'], explode('|',$cat_group)))
    1790. 

  1790. 				{
    1791. 

  1791. 					unset($cat_form_array[$key]);
    1792. 

  1792. 				}
    1793. 

  1793. 			}
    1794. 

  1794. 

  1795. 			$i = 1;
    1796. 

  1796. 			$new_array = array();
    1797. 

  1797. 

  1798. 			foreach ($cat_form_array as $ckey => $cat)
    1799. 

  1799. 			{
    1800. 

  1800. 		    	if ($ckey-1 < 0 OR ! isset($cat_form_array[$ckey-1]))
    1801. 

  1801. 			   	{
    1802. 

  1802. 					$vars['category_select_options']['NULL_'.$i] = '-------';
    1803. 

  1803. 		    	}
    1804. 

  1804. 

  1805. 				$vars['category_select_options'][
    1806.

Large files files are truncated, but you can click here to view the full file