PageRenderTime 57ms CodeModel.GetById 21ms RepoModel.GetById 0ms app.codeStats 1ms

/databox/public_html/mydata/data.php

https://bitbucket.org/tsuchi/box
PHP | 1454 lines | 1034 code | 262 blank | 158 comment | 89 complexity | 01c7d6664284f638bde8aefb97e6756b MD5 | raw file
Possible License(s): AGPL-1.0 
    

  1. <?php
    2. 

  2. 

  3. /* Reminder: always indent with 4 spaces (no tabs). */
    4. 

  4. // +---------------------------------------------------------------------------+
    5. 

  5. // | data maintenannce
    6. 

  6. // +---------------------------------------------------------------------------+
    7. 

  7. // $Id: data.php
    8. 

  8. // public_html/databox/mydata/data.php
    9. 

  9. // 20101208 tsuchitani AT ivywe DOT co DOT jp
    10. 

  10. // 20120416 fncsave hits
    11. 

  11. 

  12. //@@@@@@追加予定 メールにカテゴリ
    13. 

  13. 

  14. define ('THIS_SCRIPT', 'databox/mydata/data.php');
    15. 

  15. //define ('THIS_SCRIPT', 'databox/mydata/test.php');
    16. 

  16. 

  17. require_once('databox_functions.php');
    18. 

  18. require_once( $_CONF['path_system'] . 'lib-admin.php' );
    19. 

  19. 

  20. if ($_DATABOX_CONF['allow_data_update']==1 ){
    21. 

  21. }else{
    22. 

  22.     if (SEC_hasRights ('databox.edit') ){
    23. 

  23. 	}else{
    24. 

  24. 		COM_accessLog("User {$_USER['username']} tried to data and failed ");
    25. 

  25. 		echo COM_refresh($_CONF['site_url'] . '/index.php');
    26. 

  26. 		exit;
    27. 

  27. 	}
    28. 

  28. }
    29. 

  29. 

  30. // +---------------------------------------------------------------------------+
    31. 

  31. // | 機能  一覧表示                                                            |
    32. 

  32. // | 書式 fncList()                                                            |
    33. 

  33. // +---------------------------------------------------------------------------+\
    34. 

  34. // | 戻値 nomal:一覧                                                           |
    35. 

  35. // +---------------------------------------------------------------------------+
    36. 

  36. function fncList(
    37. 

  37. 	$template
    38. 

  38. )
    39. 

  39. {
    40. 

  40.     global $_CONF;
    41. 

  41.     global $_TABLES;
    42. 

  42.     global $LANG_ADMIN;
    43. 

  43.     global $LANG09;
    44. 

  44.     global $LANG_DATABOX_ADMIN;
    45. 

  45.     global $LANG_DATABOX;
    46. 

  46.     global $_DATABOX_CONF;
    47. 

  47. 

  48. 	$retval = '';
    49. 

  49. 	
    50. 

  50. 	//フィルタ Filter
    51. 

  51.     if (!empty ($_GET['filter_val'])) {
    52. 

  52.         $filter_val = COM_applyFilter($_GET['filter_val']);
    53. 

  53.     } elseif (!empty ($_POST['filter_val'])) {
    54. 

  54.         $filter_val = COM_applyFilter($_POST['filter_val']);
    55. 

  55.     } else {
    56. 

  56.         $filter_val = $LANG09[9];
    57. 

  57.     }
    58. 

  58.     if  ($filter_val==$LANG09[9]){
    59. 

  59.         $exclude="";
    60. 

  60.     }else{
    61. 

  61.         $exclude=" AND t.fieldset_id={$filter_val}";
    62. 

  62.     }
    63. 

  63. 

  64.     $filter = "{$LANG_DATABOX_ADMIN['fieldset']}:";
    65. 

  65.     $filter .="<select name='filter_val' style='width: 125px' onchange='this.form.submit()'>";
    66. 

  66.     $filter .="<option value='{$LANG09[9]}'";
    67. 

  67. 

  68.     if  ($filter_val==$LANG09[9]){
    69. 

  69.         $filter .=" selected='selected'";
    70. 

  70.     }
    71. 

  71.     $filter .=" >{$LANG09[9]}</option>";
    72. 

  72.     $filter .= COM_optionList ($_TABLES['DATABOX_def_fieldset']
    73. 

  73.                 , 'fieldset_id,name', $filter_val,0,"fieldset_id<>0");
    74. 

  74. 

  75.     $filter .="</select>";
    76. 

  76. 	
    77. 

  77. 

  78.     //ヘッダ:編集~
    79. 

  79.     $header_arr[]=array('text' => $LANG_DATABOX_ADMIN['orderno'], 'field' => 'orderno', 'sort' => true);
    80. 

  80.     $header_arr[]=array('text' => $LANG_ADMIN['edit'], 'field' => 'editid', 'sort' => false);
    81. 

  81. 

  82.     if ($_DATABOX_CONF['allow_data_insert']
    83. 

  83.             OR SEC_hasRights('databox.submit')){
    84. 

  84.         $header_arr[]=array('text' => $LANG_ADMIN['copy'], 'field' => 'copy', 'sort' => false);
    85. 

  85.     }
    86. 

  86.     $header_arr[]=array('text' => $LANG_DATABOX_ADMIN['id'], 'field' => 'id', 'sort' => true);
    87. 

  87.     $header_arr[]=array('text' => $LANG_DATABOX_ADMIN['code'], 'field' => 'code', 'sort' => true);
    88. 

  88. 	$header_arr[]=array('text' => $LANG_DATABOX_ADMIN['title'], 'field' => 'title', 'sort' => true);
    89. 

  89.     $header_arr[]=array('text' => $LANG_DATABOX_ADMIN['fieldset'], 'field' => 'fieldset_name', 'sort' => true);
    90. 

  90.     $header_arr[]=array('text' => $LANG_DATABOX_ADMIN['remaingdays'], 'field' => 'remaingdays', 'sort' => true);
    91. 

  91. 

  92.     $header_arr[]=array('text' => $LANG_DATABOX_ADMIN['udatetime'], 'field' => 'udatetime', 'sort' => true);
    93. 

  93.     $header_arr[]=array('text' => $LANG_DATABOX_ADMIN['draft'], 'field' => 'draft_flag', 'sort' => true);
    94. 

  94. 

  95.     //
    96. 

  96.     $text_arr = array('has_menu' =>  true,
    97. 

  97.       'has_extras'   => true,
    98. 

  98.       'form_url' => $_CONF['site_url'] ."/".THIS_SCRIPT);
    99. 

  99. 

  100.     //Query
    101. 

  101.     $sql = "SELECT ";
    102. 

  102.     $sql .= " id";
    103. 

  103.     $sql .= " ,title";
    104. 

  104.     $sql .= " ,code";
    105. 

  105.     $sql .= " ,draft_flag";
    106. 

  106.     $sql .= " ,modified";
    107. 

  107.     $sql .= " ,UNIX_TIMESTAMP(t.udatetime) AS udatetime";
    108. 

  108.     $sql .= " ,orderno";
    109. 

  109.     $sql .= " ,t2.name AS fieldset_name";
    110. 

  110.     $sql .= " ,t.fieldset_id";
    111. 

  111. 	
    112. 

  112. 	$sql .= " ,(SELECT DATEDIFF(expired , NOW()) ";
    113. 

  113. 	$sql .= " FROM {$_TABLES['DATABOX_base']} AS t3  ";
    114. 

  114. 	$sql .= " where   t.id=t3.id AND DATEDIFF(expired , NOW())>0)";
    115. 

  115.     $sql .= "	+ 1 AS remaingdays";
    116. 

  116. 

  117.     $sql .= " ,owner_id";
    118. 

  118.     $sql .= " ,group_id";
    119. 

  119.     $sql .= " ,perm_owner";
    120. 

  120.     $sql .= " ,perm_group";
    121. 

  121.     $sql .= " ,perm_members";
    122. 

  122.     $sql .= " ,perm_anon";
    123. 

  123. 

  124.     $sql .= " FROM ";
    125. 

  125.     $sql .= " {$_TABLES['DATABOX_base']} AS t";
    126. 

  126.     $sql .= " ,{$_TABLES['DATABOX_def_fieldset']} AS t2";
    127. 

  127.     $sql .= " WHERE ";
    128. 

  128. 

  129.     $sql .= " t.fieldset_id=t2.fieldset_id";
    130. 

  130.     //編集権のないデータ はのぞく
    131. 

  131.     $sql .= COM_getPermSql('AND',0,3);
    132. 

  132. 

  133.     $query_arr = array(
    134. 

  134.         'table' => 'DATABOX_base',
    135. 

  135.         'sql' => $sql,
    136. 

  136.         'query_fields' => array('id','title','code','draft_flag','orderno','t2.name'),
    137. 

  137.         'default_filter' => $exclude);
    138. 

  138.     //デフォルトソート項目:
    139. 

  139.     if  ($_DATABOX_CONF["sort_list_by_my"]=="udatetime"){
    140. 

  140.         $defsort_arr = array('field' => 'udatetime', 'direction' => 'DESC');
    141. 

  141.     }else{
    142. 

  142.         $defsort_arr = array('field' => $_DATABOX_CONF["sort_list_by_my"], 'direction' => 'ASC');
    143. 

  143.     }
    144. 

  144. 	$form_arr = array('bottom' => '', 'top' => '');
    145. 

  145.     $pagenavurl = '&amp;filter_val=' . $filter_val;
    146. 

  146.    //List 取得
    147. 

  147. 	if (COM_versionCompare(VERSION, "2.0.0",  '>=')){
    148. 

  148. 		$retval .= ADMIN_list(
    149. 

  149. 			'databox'
    150. 

  150. 			, "fncGetListField"
    151. 

  151. 			, $header_arr
    152. 

  152. 			, $text_arr
    153. 

  153. 			, $query_arr
    154. 

  154. 			, $defsort_arr
    155. 

  155. 			, $filter
    156. 

  156. 			, '', ''
    157. 

  157. 			, $form_arr
    158. 

  158. 			, true
    159. 

  159. 			, $pagenavurl
    160. 

  160. 			);
    161. 

  161. 	}else{
    162. 

  162. 		$retval .= ADMIN_list(
    163. 

  163. 			'databox'
    164. 

  164. 			, "fncGetListField"
    165. 

  165. 			, $header_arr
    166. 

  166. 			, $text_arr
    167. 

  167. 			, $query_arr
    168. 

  168. 			, $defsort_arr
    169. 

  169. 			, $filter
    170. 

  170. 			, '', ''
    171. 

  171. 			, $form_arr
    172. 

  172. 			, true
    173. 

  173. 			);
    174. 

  174. 	}
    175. 

  175. 

  176.     return $retval;
    177. 

  177. }
    178. 

  178. 

  179. // +---------------------------------------------------------------------------+
    180. 

  180. // | 一覧取得                                                                  |
    181. 

  181. // | 書式 plugin_getListField_databox                                          |
    182. 

  182. // +---------------------------------------------------------------------------+
    183. 

  183. function fncGetListField($fieldname, $fieldvalue, $A, $icon_arr)
    184. 

  184. {
    185. 

  185.     global $_CONF;
    186. 

  186.     global $LANG_ACCESS;
    187. 

  187.     global $_DATABOX_CONF;
    188. 

  188.     global $LANG_DATABOX_ADMIN;
    189. 

  189. 

  190.     $retval = '';
    191. 

  191. 	$template = '';
    192. 

  192. 	if (isset ($_REQUEST['template'])) {
    193. 

  193. 		$template = COM_applyFilter ($_REQUEST['template']);
    194. 

  194. 	}
    195. 

  195. 

  196.         switch($fieldname) {
    197. 

  197.             //編集アイコン
    198. 

  198.             case 'editid':
    199. 

  199.                 $url=$_CONF['site_url'] . "/".THIS_SCRIPT;
    200. 

  200.                 $url.="?";
    201. 

  201.                 $url.="mode=edit";
    202. 

  202. 				$url.="&amp;id=".$A['id'];
    203. 

  203. 				if  ($template<>""){
    204. 

  204. 					$url.="&amp;template=".$template;
    205. 

  205. 				}
    206. 

  206.                 $retval = COM_createLink($icon_arr['edit'],$url);
    207. 

  207.                 break;
    208. 

  208.             case 'copy':
    209. 

  209.                 $url=$_CONF['site_url'] . "/".THIS_SCRIPT;
    210. 

  210.                 $url.="?";
    211. 

  211.                 $url.="mode=copy";
    212. 

  212.                 $url.="&amp;id=".$A['id'];
    213. 

  213.                 $retval = COM_createLink($icon_arr['copy'],$url);
    214. 

  214.                 break;
    215. 

  215. 			case 'id':
    216. 

  216. 				$name=COM_stripslashes($A['id']);
    217. 

  217. 				$url=$_CONF['site_url'] . "/databox/data.php";
    218. 

  218. 				$url.="?";
    219. 

  219. 				$url.="id=".$A['id'];
    220. 

  220. 				$url.="&amp;m=id";
    221. 

  221. 				$url = COM_buildUrl( $url );
    222. 

  222. 				$retval= COM_createLink($name, $url);
    223. 

  223. 				break;
    224. 

  224. 			case 'code':
    225. 

  225. 				$name=COM_stripslashes($A['code']);
    226. 

  226.                 $rt= databox_detail_link(0,$A['code'],$name);
    227. 

  227.                 $retval= $rt['link'];
    228. 

  228. 				break;
    229. 

  229.             //下書
    230. 

  230.             case 'draft_flag':
    231. 

  231.                 if ($A['draft_flag'] == 1) {
    232. 

  232.                     $switch = 'checked="checked"';
    233. 

  233.                 } else {
    234. 

  234.                     $switch = '';
    235. 

  235.                 }
    236. 

  236.                 $retval = "<form action=\"{$_CONF['site_admin_url']}";
    237. 

  237.                 $retval .= "/plugins/".THIS_SCRIPT."\" method=\"post\">";
    238. 

  238.                 $retval .= "<input type=\"checkbox\" name=\"drafton\" ";
    239. 

  239.                 $retval .= "onclick=\"submit()\" value=\"{$A['draft_flag']}\" $switch disabled>";
    240. 

  240.                 $retval .= "<input type=\"hidden\" name=\"draftChange\" ";
    241. 

  241.                 $retval .= "value=\"{$A['id']}\">";
    242. 

  242.                 $retval .= "</form>";
    243. 

  243. 				break;
    244. 

  244. 			case 'udatetime':
    245. 

  245. 				$curtime = COM_getUserDateTimeFormat($A['udatetime']);
    246. 

  246. 				$retval = $curtime[0];
    247. 

  247. 				break;
    248. 

  248. 			case 'remaingdays':
    249. 

  249. 				if  ($fieldvalue<>""){
    250. 

  250. 					$retval = "<span class=\"databox_admin_{$fieldvalue}\">";
    251. 

  251. 					$retval .= "{$fieldvalue}</span>";
    252. 

  252. 				}
    253. 

  253. 				break;
    254. 

  254.             //各項目
    255. 

  255.             default:
    256. 

  256.                 $retval = $fieldvalue;
    257. 

  257.                 break;
    258. 

  258.     }
    259. 

  259. 

  260.     return $retval;
    261. 

  261. 

  262. }
    263. 

  263. // +---------------------------------------------------------------------------+
    264. 

  264. // | 機能  編集画面表示
    265. 

  265. // | 書式 fncEdit($id , $edt_flg,$msg,$errmsg,$mode,$fieldset_id,$template)
    266. 

  266. // +---------------------------------------------------------------------------+
    267. 

  267. // | 引数 $id:
    268. 

  268. // | 引数 $edt_flg:
    269. 

  269. // | 引数 $msg:メッセージ番号
    270. 

  270. // +---------------------------------------------------------------------------+
    271. 

  271. // | 戻値 nomal:編集画面                                                       |
    272. 

  272. // +---------------------------------------------------------------------------+
    273. 

  273. // update 20101207
    274. 

  274. function fncEdit(
    275. 

  275.     $id
    276. 

  276.     ,$edt_flg,$msg = ''
    277. 

  277.     ,$errmsg=""
    278. 

  278. 	,$mode="edit"
    279. 

  279. 	,$fieldset_id=0
    280. 

  280.     ,$template=""
    281. 

  281.     ,$old_mode=""
    282. 

  282. )
    283. 

  283. {
    284. 

  284. 

  285.     $pi_name="databox";
    286. 

  286. 

  287.     global $_CONF;
    288. 

  288.     global $_TABLES;
    289. 

  289.     global $LANG_DATABOX_ADMIN;
    290. 

  290.     global $LANG_ADMIN;
    291. 

  291.     global $MESSAGE;
    292. 

  292.     global $LANG_ACCESS;
    293. 

  293.     global $_DATABOX_CONF;
    294. 

  294.     global $_USER;
    295. 

  295. 	global $_SCRIPTS;
    296. 

  296. 	
    297. 

  297.     $retval = '';
    298. 

  298. 

  299.     $delflg=false;
    300. 

  300. 

  301.     $addition_def=DATABOX_getadditiondef();
    302. 

  302. 

  303.     //メッセージ表示
    304. 

  304.     if (!empty ($msg)) {
    305. 

  305.         $retval .= COM_showMessage ($msg,$pi_name);
    306. 

  306.         $retval .= $errmsg;
    307. 

  307.         // clean 'em up
    308. 

  308.         $code=COM_applyFilter($_POST['code']);
    309. 

  309.         $title = COM_stripslashes($_POST['title']);
    310. 

  310.         $page_title = COM_applyFilter($_POST['page_title']);
    311. 

  311.         $description=$_POST['description'];//COM_applyFilter($_POST['description']);
    312. 

  312. 

  313.         $draft_flag = COM_applyFilter ($_POST['draft_flag'],true);
    314. 

  314.         $cache_time = COM_applyFilter ($_POST['cache_time'],true);
    315. 

  315. 

  316.         $language_id = COM_applyFilter ($_POST['language_id']);
    317. 

  317. 

  318.         $category = $_POST['category'];
    319. 

  319. 

  320.         $additionfields=$_POST['afield'];
    321. 

  321.         $additionfields_fnm=$_POST['afield_fnm'];//@@@@@
    322. 

  322. 		$additionfields_del=$_POST['afield_del'];
    323. 

  323. 		$additionfields_date=array();
    324. 

  324.         $additionfields_alt=$_POST['afield_alt'];;
    325. 

  325. 		$additionfields=DATABOX_cleanaddtiondatas (
    326. 

  326. 			$additionfields
    327. 

  327. 			,$addition_def
    328. 

  328. 			,$additionfields_fnm
    329. 

  329. 			,$additionfields_del
    330. 

  330. 			,$additionfields_date
    331. 

  331. 			,$additionfields_alt
    332. 

  332. 			,false
    333. 

  333. 			);
    334. 

  334. 

  335.         //作成日付
    336. 

  336.         $created = COM_applyFilter ($_POST['created']);
    337. 

  337.         $created_un = COM_applyFilter ($_POST['created_un']);
    338. 

  338. 

  339.         $orderno = COM_applyFilter ($_POST['orderno']);
    340. 

  340. 

  341.         $uuid=$_USER['uid'];
    342. 

  342.         $udatetime=COM_applyFilter ($_POST['udatetime']);//"";
    343. 

  343. 

  344.         $fieldset_id=COM_applyFilter ($_POST['fieldset'],true);//"";
    345. 

  345.         $fieldset_name=COM_applyFilter ($_POST['fieldset_name']);//"";
    346. 

  346. 

  347.     }else{
    348. 

  348. 		if (empty($id)) {
    349. 

  349. 			$fieldset_name=DB_getItem($_TABLES['DATABOX_def_fieldset'],"name","fieldset_id=".$fieldset_id);
    350. 

  350. 			$fieldset_name=COM_stripslashes($fieldset_name);
    351. 

  351. 			
    352. 

  352.             $id=0;
    353. 

  353. 

  354.             $code ="";
    355. 

  355.             $title ="";
    356. 

  356.             $description="";
    357. 

  357. 

  358. 			$language_id="";
    359. 

  359. 

  360.             $category = "";
    361. 

  361.             $additionfields=array();
    362. 

  362.             $additionfields_fnm=array();//@@@@@
    363. 

  363.             $additionfields_del=array();
    364. 

  364. 			$additionfields_date="";
    365. 

  365.             $additionfields = DATABOX_getadditiondatas(0,$pi_name);
    366. 

  366. 

  367.             //
    368. 

  368.             $draft_flag=$_DATABOX_CONF['user_draft_default'];
    369. 

  369.             $cache_time=$_DATABOX_CONF['default_cache_time'];
    370. 

  370. 			
    371. 

  371. 			//作成日付
    372. 

  372. 			$created=0;
    373. 

  373. 			$created_un=0;
    374. 

  374. 

  375.             $uuid=0;
    376. 

  376.             $udatetime="";//"";
    377. 

  377. 			
    378. 

  378. 			$defaulttemplatesdirectory="";
    379. 

  379.         }else{
    380. 

  380.             $sql = "SELECT ";
    381. 

  381. 

  382. 			$sql .= " t.*".LB;
    383. 

  383. 			$sql .= " ,t2.name AS fieldset_name".LB;
    384. 

  384. 			
    385. 

  385. 			
    386. 

  386. 			$sql .= " ,UNIX_TIMESTAMP(t.modified) AS modified_un".LB;
    387. 

  387. 			$sql .= " ,UNIX_TIMESTAMP(t.released) AS released_un".LB;
    388. 

  388. 			$sql .= " ,UNIX_TIMESTAMP(t.comment_expire) AS comment_expire_un".LB;
    389. 

  389. 			$sql .= " ,UNIX_TIMESTAMP(t.expired) AS expired_un".LB;
    390. 

  390. 			$sql .= " ,UNIX_TIMESTAMP(t.udatetime) AS udatetime_un".LB;
    391. 

  391. 			$sql .= " ,UNIX_TIMESTAMP(t.created) AS created_un".LB;
    392. 

  392. 			
    393. 

  393. 			$sql .= " FROM ";
    394. 

  394. 			$sql .= $_TABLES['DATABOX_base'] ." AS t ".LB;
    395. 

  395. 			$sql .= ",".$_TABLES['DATABOX_def_fieldset'] ." AS t2 ".LB;
    396. 

  396.             $sql .= " WHERE ".LB;
    397. 

  397. 			$sql .= " id = $id".LB;
    398. 

  398. 			$sql .= " AND t.fieldset_id = t2.fieldset_id".LB;
    399. 

  399. 

  400.             //編集権のないデータ はのぞく//@@@@@
    401. 

  401.             $sql .= COM_getPermSql('AND',0,3);
    402. 

  402. 

  403.             $result = DB_query($sql);
    404. 

  404. 

  405.             $A = DB_fetchArray($result);
    406. 

  406.             $A = array_map('stripslashes', $A);
    407. 

  407.             $fieldset_id = COM_stripslashes($A['fieldset_id']);
    408. 

  408.             $fieldset_name = COM_stripslashes($A['fieldset_name']);
    409. 

  409. 

  410.             $code = COM_stripslashes($A['code']);
    411. 

  411.             $title=COM_stripslashes($A['title']);
    412. 

  412.             $page_title=COM_stripslashes($A['page_title']);
    413. 

  413.             $description=COM_stripslashes($A['description']);
    414. 

  414. 

  415.             $language_id = COM_stripslashes($A['language_id']);
    416. 

  416. 

  417.             $category = DATABOX_getdatas("category_id",$_TABLES['DATABOX_category'],"id = $id");
    418. 

  418. 

  419.             //追加項目
    420. 

  420.             $additionfields = DATABOX_getadditiondatas($id,$pi_name);
    421. 

  421.             $additionfields_fnm=array();//@@@@@
    422. 

  422.             $additionfields_del=array();
    423. 

  423. 			$additionfields_date="";
    424. 

  424. 

  425.             $draft_flag=COM_stripslashes($A['draft_flag']);
    426. 

  426.             $cache_time=COM_stripslashes($A['cache_time']);
    427. 

  427. 

  428. 			//編集日
    429. 

  429. 			$wary = COM_getUserDateTimeFormat(COM_stripslashes($A['modified_un']));
    430. 

  430. 			$modified = $wary[1];
    431. 

  431.             $modified_month = date('m', $modified);
    432. 

  432.             $modified_day = date('d', $modified);
    433. 

  433.             $modified_year = date('Y', $modified);
    434. 

  434.             $modified_hour = date('H', $modified);
    435. 

  435.             $modified_minute = date('i', $modified);
    436. 

  436. 

  437.             //作成日付
    438. 

  438. 			$wary = COM_getUserDateTimeFormat(COM_stripslashes($A['created_un']));
    439. 

  439. 			$created = $wary[0];
    440. 

  440. 			$created_un = $wary[1];
    441. 

  441. 

  442.             $orderno=COM_stripslashes($A['orderno']);
    443. 

  443. 

  444.             $uuid = COM_stripslashes($A['uuid']);
    445. 

  445. 

  446. 			$wary = COM_getUserDateTimeFormat(COM_stripslashes($A['udatetime_un']));
    447. 

  447. 			$udatetime = $wary[0];
    448. 

  448. 			
    449. 

  449. 			$defaulttemplatesdirectory=$A['defaulttemplatesdirectory'];
    450. 

  450.             if ($_DATABOX_CONF['allow_data_delete']){
    451. 

  451.                 if ($edt_flg==FALSE) {
    452. 

  452.                     $delflg=true;
    453. 

  453.                 }
    454. 

  454.             }
    455. 

  455.         }
    456. 

  456.     }
    457. 

  457.     if ($mode==="copy"){
    458. 

  458.         $id=0;
    459. 

  459.         $draft_flag=$_DATABOX_CONF['user_draft_default'];
    460. 

  460. 		$code="";
    461. 

  461. 		
    462. 

  462.         //作成日付
    463. 

  463.         $created=0;
    464. 

  464.         $created_un=0;
    465. 

  465.         //公開日
    466. 

  466.         $released_month=$modified_month;
    467. 

  467.         $released_day = $modified_day;
    468. 

  468.         $released_year = $modified_year;
    469. 

  469.         $released_hour = $modified_hour;
    470. 

  470.         $released_minute = $modified_minute;
    471. 

  471.         //公開終了日
    472. 

  472.         $expired_flag=0;
    473. 

  473.         $w = mktime(0, 0, 0, date('m'),
    474. 

  474.              date('d') + $_CONF['article_comment_close_days'], date('Y'));
    475. 

  475.         $expired_year=date('Y', $w);
    476. 

  476.         $expired_month=date('m', $w);
    477. 

  477.         $expired_day=date('d', $w);
    478. 

  478.         $expired_hour=0;
    479. 

  479.         $expired_minute=0;
    480. 

  480. 

  481.         //
    482. 

  482.         $delflg=false;
    483. 

  483.         $old_mode="copy";
    484. 

  484.     }
    485. 

  485. 

  486.     $chk_user=DATABOX_chkuser($group_id,$owner_id,"databox.admin");
    487. 

  487. 

  488. 	//template フォルダ
    489. 

  489.     if (is_null($template) or ($template==="")){
    490. 

  490. 		$set_defaulttemplatesdirectory=DB_getItem($_TABLES['DATABOX_def_fieldset']
    491. 

  491. 			,"defaulttemplatesdirectory","fieldset_id=".$fieldset_id);
    492. 

  492. 		if ($defaulttemplatesdirectory<>""){
    493. 

  493.             $template=$defaulttemplatesdirectory;
    494. 

  494.         }elseif  ($set_defaulttemplatesdirectory<>""){
    495. 

  495.             $template=$set_defaulttemplatesdirectory;
    496. 

  496.         }else{
    497. 

  497.             $template="default";
    498. 

  498.         }
    499. 

  499.     }
    500. 

  500. 	
    501. 

  501.     $tmplfld=DATABOX_templatePath('mydata',$template,'databox');
    502. 

  502.     $templates = new Template($tmplfld);
    503. 

  503. 	
    504. 

  504.     $templates->set_file('editor',"data_editor.thtml");
    505. 

  505. 

  506.     $templates->set_file (array (
    507. 

  507.                 'editor' => 'data_editor.thtml',
    508. 

  508.                 'row'   => 'row.thtml',
    509. 

  509.                 'col'   => "data_col_detail.thtml",
    510. 

  510.             ));
    511. 

  511.     // Loads jQuery UI datepicker geeklog >=2.1.0
    512. 

  512.     $_SCRIPTS->setJavaScriptLibrary('jquery.ui.datepicker');
    513. 

  513.     $_SCRIPTS->setJavaScriptLibrary('jquery-ui-i18n');
    514. 

  514.     $_SCRIPTS->setJavaScriptLibrary('jquery-ui-timepicker-addon');
    515. 

  515.     $_SCRIPTS->setJavaScriptLibrary('jquery-ui-timepicker-addon-i18n');
    516. 

  516.     $_SCRIPTS->setJavaScriptFile('datetimepicker', '/javascript/datetimepicker.js');
    517. 

  517.     $_SCRIPTS->setJavaScriptFile('datepicker', '/javascript/datepicker.js');
    518. 

  518. 

  519.     $langCode = COM_getLangIso639Code();
    520. 

  520.     $toolTip  = $MESSAGE[118];
    521. 

  521.     $imgUrl   = $_CONF['site_url'] . '/images/calendar.png';
    522. 

  522. 

  523. 	//--
    524. 

  524.     if (($_CONF['meta_tags'] > 0) && ($_DATABOX_CONF['meta_tags'] > 0)) {
    525. 

  525.         $templates->set_var('hide_meta', '');
    526. 

  526.     } else {
    527. 

  527.         $templates->set_var('hide_meta', ' style="display:none;"');
    528. 

  528.     }
    529. 

  529.     $templates->set_var('maxlength_description', $_DATABOX_CONF['maxlength_description']);
    530. 

  530. 

  531.     $templates->set_var('about_thispage', $LANG_DATABOX_ADMIN['about_admin_data']);
    532. 

  532.     $templates->set_var('lang_must', $LANG_DATABOX_ADMIN['must']);
    533. 

  533.     $templates->set_var('site_url', $_CONF['site_url']);
    534. 

  534.     $templates->set_var('site_admin_url', $_CONF['site_admin_url']);
    535. 

  535. 	$templates->set_var('lang_view', $LANG_DATABOX_ADMIN['view']);
    536. 

  536. 

  537.     $templates->set_var('dateformat', $_DATABOX_CONF['dateformat']);
    538. 

  538. 

  539.     $token = SEC_createToken();
    540. 

  540.     $retval .= SEC_getTokenExpiryNotice($token);
    541. 

  541.     $templates->set_var('gltoken_name', CSRF_TOKEN);
    542. 

  542.     $templates->set_var('gltoken', $token);
    543. 

  543.     $templates->set_var ( 'xhtml', XHTML );
    544. 

  544. 	
    545. 

  545. 	$script=THIS_SCRIPT;
    546. 

  546. 	$script.="?template=".$template;
    547. 

  547.     $templates->set_var('script', $script);
    548. 

  548. 

  549.     //
    550. 

  550.     $templates->set_var('lang_link_admin', $LANG_DATABOX_ADMIN['link_admin']);
    551. 

  551.     $templates->set_var('lang_link_admin_top', $LANG_DATABOX_ADMIN['link_admin_top']);
    552. 

  552.     $templates->set_var('lang_link_public', $LANG_DATABOX_ADMIN['link_public']);
    553. 

  553.     $templates->set_var('lang_link_list', $LANG_DATABOX_ADMIN['link_list']);
    554. 

  554.     $templates->set_var('lang_link_detail', $LANG_DATABOX_ADMIN['link_detail']);
    555. 

  555. 	
    556. 

  556. 	//field_id
    557. 

  557.     $templates->set_var('lang_fieldset', $LANG_DATABOX_ADMIN['fieldset']);
    558. 

  558.     $templates->set_var('fieldset_id', $fieldset_id);
    559. 

  559.     $templates->set_var('fieldset_name', $fieldset_name);
    560. 

  560. 

  561.     //id
    562. 

  562.     $templates->set_var('lang_id', $LANG_DATABOX_ADMIN['id']);
    563. 

  563.     //@@@@@ $templates->set_var('help_id', $LANG_DATABOX_ADMIN['help']);
    564. 

  564.     $templates->set_var('id', $id);
    565. 

  565. 

  566.     //下書
    567. 

  567.     $templates->set_var('lang_draft', $LANG_DATABOX_ADMIN['draft']);
    568. 

  568.     if  ($draft_flag==1) {
    569. 

  569. 		$templates->set_var('draft_flag', "checked=checked");
    570. 

  570. 		$templates->set_var('draft_msg', $LANG_DATABOX_ADMIN['draft_msg']);
    571. 

  571.     }else{
    572. 

  572.         $templates->set_var('draft_flag', "");
    573. 

  573.         $templates->set_var('draft_msg', "");
    574. 

  574.     }
    575. 

  575. 

  576.     //
    577. 

  577.     $templates->set_var('lang_field', $LANG_DATABOX_ADMIN['field']);
    578. 

  578.     $templates->set_var('lang_fields', $LANG_DATABOX_ADMIN['fields']);
    579. 

  579.     $templates->set_var('lang_content', $LANG_DATABOX_ADMIN['content']);
    580. 

  580.     $templates->set_var('lang_templatesetvar', $LANG_DATABOX_ADMIN['templatesetvar']);
    581. 

  581. 

  582.     //基本項目
    583. 

  583.     $templates->set_var('lang_basicfields', $LANG_DATABOX_ADMIN['basicfields']);
    584. 

  584.     //コード&タイトル&説明&テンプレートセット値
    585. 

  585.     $templates->set_var('lang_code', $LANG_DATABOX_ADMIN['code']);
    586. 

  586.     if ($_DATABOX_CONF['datacode']){
    587. 

  587.         $templates->set_var('lang_must_code', $LANG_DATABOX_ADMIN['must']);
    588. 

  588.     }else{
    589. 

  589.         $templates->set_var('lang_must_code', "");
    590. 

  590.     }
    591. 

  591.     $templates->set_var ('code', $code);
    592. 

  592.     $templates->set_var('lang_title', $LANG_DATABOX_ADMIN['title']);
    593. 

  593.     $templates->set_var ('title', $title);
    594. 

  594.     $templates->set_var('lang_page_title', $LANG_DATABOX_ADMIN['page_title']);
    595. 

  595.     $templates->set_var ('page_title', $page_title);
    596. 

  596.     $templates->set_var('lang_description', $LANG_DATABOX_ADMIN['description']);
    597. 

  597.     $templates->set_var ('description', $description);
    598. 

  598. 

  599. 	
    600. 

  600. 	//language_id
    601. 

  601.     if (is_array($_CONF['languages'])) {
    602. 

  602.         $templates->set_var('hide_language_id', '');
    603. 

  603. 		$select_language_id=DATABOX_getoptionlist("language_id",$language_id,0,$pi_name,"",0 );
    604. 

  604.     } else {
    605. 

  605.         $templates->set_var('hide_language_id', ' style="display:none;"');
    606. 

  606. 		$select_language_id="";
    607. 

  607.     }
    608. 

  608.     $templates->set_var('lang_language_id', $LANG_DATABOX_ADMIN['language_id']);
    609. 

  609. 	$templates->set_var ('language_id', $language_id);
    610. 

  610.     $templates->set_var ('select_language_id', $select_language_id);//@@@@@
    611. 

  611. 	
    612. 

  612.     //編集日
    613. 

  613.     $templates->set_var ('lang_modified_autoupdate', $LANG_DATABOX_ADMIN['modified_autoupdate']);
    614. 

  614.     $templates->set_var ('lang_modified', $LANG_DATABOX_ADMIN['modified']);
    615. 

  615.     $w=COM_convertDate2Timestamp(
    616. 

  616.         $modified_year."-".$modified_month."-".$modified_day
    617. 

  617.         , $modified_hour.":".$modified_minute."::00"
    618. 

  618.         );
    619. 

  619.     $datetime_modified=DATABOX_datetimeedit($w,"LANG_DATABOX_ADMIN","modified");
    620. 

  620.     $templates->set_var ('datetime_modified', $datetime_modified);
    621. 

  621. 	
    622. 

  622. 	//カテゴリ
    623. 

  623.     $templates->set_var('lang_category', $LANG_DATABOX_ADMIN['category']);
    624. 

  624.     $checklist_category=DATABOX_getcategoriesinp ($category,$fieldset_id,"databox",$chk_user);
    625. 

  625.     $templates->set_var('checklist_category', $checklist_category);
    626. 

  626. 

  627.     //追加項目
    628. 

  628.     $templates->set_var('lang_additionfields', $LANG_DATABOX_ADMIN['additionfields']);
    629. 

  629. 	$rt=DATABOX_getaddtionfieldsEdit(
    630. 

  630. 		$additionfields
    631. 

  631. 		,$addition_def
    632. 

  632. 		,$templates
    633. 

  633. 		,$chk_user
    634. 

  634. 		,$pi_name
    635. 

  635. 		,$additionfields_fnm
    636. 

  636. 		,$additionfields_del
    637. 

  637. 		,$fieldset_id
    638. 

  638. 		,$additionfields_date
    639. 

  639. 		);
    640. 

  640.     //$rt=DATABOX_getaddtionfieldsJS($additionfields,$addition_def,$chk_user,$pi_name);
    641. 

  641. 

  642.     //保存日時
    643. 

  643.     $templates->set_var ('lang_udatetime', $LANG_DATABOX_ADMIN['udatetime']);
    644. 

  644.     $templates->set_var ('udatetime', $udatetime);
    645. 

  645.     $templates->set_var ('lang_uuid', $LANG_DATABOX_ADMIN['uuid']);
    646. 

  646.     $templates->set_var ('uuid', $uuid);
    647. 

  647.     //作成日付
    648. 

  648.     $templates->set_var ('lang_created', $LANG_DATABOX_ADMIN['created']);
    649. 

  649.     $templates->set_var ('created', $created);
    650. 

  650.     $templates->set_var ('created_un', $created_un);
    651. 

  651. 

  652.     // SAVE、CANCEL ボタン
    653. 

  653.     $templates->set_var('lang_save', $LANG_ADMIN['save']);
    654. 

  654.     $templates->set_var('lang_cancel', $LANG_ADMIN['cancel']);
    655. 

  655.     $templates->set_var('lang_preview', $LANG_ADMIN['preview']);
    656. 

  656. 

  657.     //delete_option
    658. 

  658.     if ($delflg){
    659. 

  659.         $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete']
    660. 

  660.                    . '" name="mode"%s>';
    661. 

  661.         $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
    662. 

  662.         $templates->set_var ('delete_option',
    663. 

  663.                                   sprintf ($delbutton, $jsconfirm));
    664. 

  664.     }
    665. 

  665. 

  666.     $templates->set_var('old_mode', $old_mode);
    667. 

  667. 

  668.     //
    669. 

  669.     $templates->parse('output', 'editor');
    670. 

  670.     $retval .= $templates->finish($templates->get_var('output'));
    671. 

  671. 

  672.     return $retval;
    673. 

  673. }
    674. 

  674. 

  675. 

  676. // +---------------------------------------------------------------------------+
    677. 

  677. // | 機能  保存                                                                |
    678. 

  678. // | 書式 fncSave ($edt_flg)                                                   |
    679. 

  679. // +---------------------------------------------------------------------------+
    680. 

  680. // | 戻値 nomal:戻り画面&メッセージ                                           |
    681. 

  681. // +---------------------------------------------------------------------------+
    682. 

  682. //20101207
    683. 

  683. function fncSave (
    684. 

  684.     $edt_flg
    685. 

  685.     ,$navbarMenu
    686. 

  686. 	,$menuno
    687. 

  687. 	,$template
    688. 

  688. )
    689. 

  689. {
    690. 

  690.     $pi_name="databox";
    691. 

  691. 

  692.     global $_CONF;
    693. 

  693.     global $LANG_DATABOX_ADMIN;
    694. 

  694.     global $_TABLES;
    695. 

  695.     global $_USER;
    696. 

  696.     global $_DATABOX_CONF;
    697. 

  697.     global $LANG_DATABOX_user_menu;
    698. 

  698. 

  699.     $addition_def=DATABOX_getadditiondef();
    700. 

  700. 

  701.     $retval = '';
    702. 

  702. 

  703.     // clean 'em up
    704. 

  704.     $id = COM_applyFilter($_POST['id'],true);
    705. 

  705.     if ($id==0){
    706. 

  706.         $new_flg=true;
    707. 

  707.     }else{
    708. 

  708.         $new_flg=false;
    709. 

  709.     }
    710. 

  710. 	$fieldset_id = COM_applyFilter ($_POST['fieldset'],true);
    711. 

  711.     $code = COM_applyFilter($_POST['code']);
    712. 

  712.     $code = addslashes (COM_checkHTML (COM_checkWords ($code)));
    713. 

  713. 

  714.     $title = COM_stripslashes($_POST['title']);
    715. 

  715.     $title = addslashes (COM_checkHTML (COM_checkWords ($title)));
    716. 

  716. 

  717.     $page_title = COM_applyFilter($_POST['page_title']);
    718. 

  718.     $page_title = addslashes (COM_checkHTML (COM_checkWords ($page_title)));
    719. 

  719. 

  720.     $description=$_POST['description'];//COM_applyFilter($_POST['description']);
    721. 

  721.     $description=addslashes (COM_checkHTML (COM_checkWords ($description)));
    722. 

  722. 	
    723. 

  723. 	$language_id=COM_applyFilter($_POST['language_id']);
    724. 

  724.     $language_id=addslashes (COM_checkHTML (COM_checkWords ($language_id)));
    725. 

  725. 	
    726. 

  726.     $category = $_POST['category'];
    727. 

  727. 

  728.     //@@@@@
    729. 

  729.     $additionfields=$_POST['afield'];
    730. 

  730.     $additionfields_old=$_POST['afield'];
    731. 

  731.     $additionfields_fnm=$_POST['afield_fnm'];
    732. 

  732.     $additionfields_del=$_POST['afield_del'];
    733. 

  733.     $additionfields_alt=$_POST['afield_alt'];
    734. 

  734. 	$additionfields_date=array();
    735. 

  735. 

  736. 	$additionfields=DATABOX_cleanaddtiondatas(
    737. 

  737. 		$additionfields
    738. 

  738. 		,$addition_def
    739. 

  739. 		,$additionfields_fnm
    740. 

  740. 		,$additionfields_del
    741. 

  741. 		,$additionfields_date
    742. 

  742. 		,$additionfields_alt
    743. 

  743. 		);
    744. 

  744. 

  745. 

  746. //            $hits =0;
    747. 

  747. //            $comments=0;
    748. 

  748.     $old_mode=COM_applyFilter($_POST['old_mode']);
    749. 

  749.     $old_mode=addslashes (COM_checkHTML (COM_checkWords ($old_mode)));
    750. 

  750. 

  751.     //-----
    752. 

  752.     $type=1;
    753. 

  753.     $uuid=$_USER['uid'];
    754. 

  754. 

  755. 

  756.     // CHECK はじめ
    757. 

  757.     $err="";
    758. 

  758.     //id
    759. 

  759.     if ($id==0 ){
    760. 

  760.         //$err.=$LANG_DATABOX_ADMIN['err_uid']."<br/>".LB;
    761. 

  761.     }else{
    762. 

  762.         if (!is_numeric($id) ){
    763. 

  763.             $err.=$LANG_DATABOX_ADMIN['err_id']."<br/>".LB;
    764. 

  764.         }
    765. 

  765.     }
    766. 

  766. 

  767.     //タイトル必須
    768. 

  768.     if (empty($title)){
    769. 

  769.         $err.=$LANG_DATABOX_ADMIN['err_title']."<br/>".LB;
    770. 

  770.     }
    771. 

  771. 	//文字数制限チェック
    772. 

  772. 	if (mb_strlen($description, 'UTF-8')>$_DATABOX_CONF['maxlength_description']) {
    773. 

  773. 		$err.=$LANG_DATABOX_ADMIN['description']
    774. 

  774. 				.$_DATABOX_CONF['maxlength_description']
    775. 

  775. 				.$LANG_DATABOX_ADMIN['err_maxlength']."<br/>".LB;
    776. 

  776. 	}
    777. 

  777. 

  778.     //----追加項目チェック
    779. 

  779.     $err.=DATABOX_checkaddtiondatas
    780. 

  780.         ($additionfields,$addition_def,$pi_name,$additionfields_fnm
    781. 

  781.         ,$additionfields_del,$additionfields_alt);
    782. 

  782. 

  783.     //errorのあるとき
    784. 

  784.     if ($err<>"") {
    785. 

  785.         $retval['title']=$LANG_DATABOX_ADMIN['piname'].$LANG_DATABOX_ADMIN['edit'];
    786. 

  786.         $retval['display']= fncEdit($id, $edt_flg,3,$err,"edit",$fieldset_id,$template,$old_mode);
    787. 

  787. 

  788.         return $retval;
    789. 

  789. 

  790.     }
    791. 

  791.     // CHECK おわり
    792. 

  792. 

  793.     //-----
    794. 

  794.     // 新規登録時
    795. 

  795.     if ($new_flg){
    796. 

  796.        $w=DB_getItem($_TABLES['DATABOX_base'],"max(id)","1=1");
    797. 

  797.         if ($w=="") {
    798. 

  798.             $w=0;
    799. 

  799.         }
    800. 

  800.         $id=$w+1;
    801. 

  801.     }
    802. 

  802. 

  803.     $fields=LB."id";
    804. 

  804.     $values=LB."$id";
    805. 

  805. 

  806. 

  807.     if ($new_flg){
    808. 

  808. 

  809.         if  ($_DATABOX_CONF['datacode']){
    810. 

  810.             $code="000000".date(Ymdhis);
    811. 

  811. 

  812.         }
    813. 

  813. 		$created=COM_convertDate2Timestamp(date("Y-m-d"),date("H:i::00"));
    814. 

  814.         $modified=$created;
    815. 

  815.         $released=$created;
    816. 

  816.         $commentcode =$_DATABOX_CONF['commentcode'];
    817. 

  817.         $trackbackcode=$_CONF[trackback_code];;
    818. 

  818. 		
    819. 

  819. 		$comment_expire='0000-00-00 00:00:00';
    820. 

  820.         $expired='0000-00-00 00:00:00';
    821. 

  821.         //
    822. 

  822. 

  823.         $defaulttemplatesdirectory=null;
    824. 

  824.         $draft_flag =$_DATABOX_CONF['user_draft_default'];
    825. 

  825.         $draft_flag =$_DATABOX_CONF['user_draft_default'];
    826. 

  826. 

  827.         //---
    828. 

  828.         $meta_description = "";
    829. 

  829.         $meta_keywords = "";
    830. 

  830.         $owner_id =$_USER['uid'];
    831. 

  831.         $group_id =SEC_getFeatureGroup('databox.admin', $_USER['uid']);
    832. 

  832. 

  833. 

  834.         $array = array();
    835. 

  835.         SEC_setDefaultPermissions($array, $_DATABOX_CONF['default_permissions']);
    836. 

  836.         $perm_owner = $array['perm_owner'];
    837. 

  837.         $perm_group = $array['perm_group'];
    838. 

  838.         $perm_anon = $array['perm_anon'];
    839. 

  839.         $perm_members = $array['perm_members'];
    840. 

  840. 

  841.         $draft_flag=$_DATABOX_CONF['user_draft_default'];
    842. 

  842.         $cache_time=$_DATABOX_CONF['default_cache_time'];
    843. 

  843. 

  844.         //-----
    845. 

  845. 

  846.         $fields.=",defaulttemplatesdirectory";//
    847. 

  847.         $values.=",'$defaulttemplatesdirectory'";
    848. 

  848. 

  849. 

  850.         $fields.=",draft_flag";
    851. 

  851.         $values.=",$draft_flag";
    852. 

  852. 		
    853. 

  853. 		$fields.=",cache_time";
    854. 

  854.         $values.=",$cache_time";
    855. 

  855. 

  856.         $fields.=",meta_description";//
    857. 

  857.         $values.=",'$meta_description'";
    858. 

  858. 

  859.         $fields.=",meta_keywords";//
    860. 

  860.         $values.=",'$meta_keywords'";
    861. 

  861. 

  862.         $fields.=",commentcode";//
    863. 

  863.         $values.=",$commentcode";
    864. 

  864. 		
    865. 

  865. 		$fields.=",trackbackcode";//
    866. 

  866.         $values.=",$trackbackcode";
    867. 

  867. 

  868.         $fields.=",comment_expire";//
    869. 

  869. 		if ($comment_expire=='0000-00-00 00:00:00'){
    870. 

  870. 			$values.=",'$comment_expire'";
    871. 

  871. 		}else{
    872. 

  872. 			$values.=",FROM_UNIXTIME('$comment_expire')";
    873. 

  873. 		}
    874. 

  874. 

  875.         $fields.=",language_id";//
    876. 

  876.         $values.=",'$language_id'";
    877. 

  877. 

  878.         $fields.=",owner_id";
    879. 

  879.         $values.=",$owner_id";
    880. 

  880. 

  881.         $fields.=",group_id";
    882. 

  882.         $values.=",$group_id";
    883. 

  883. 

  884.         $fields.=",perm_owner";
    885. 

  885.         $values.=",$perm_owner";
    886. 

  886. 

  887.         $fields.=",perm_group";
    888. 

  888.         $values.=",$perm_group";
    889. 

  889. 

  890.         $fields.=",perm_members";
    891. 

  891.         $values.=",$perm_members";
    892. 

  892. 

  893.         $fields.=",perm_anon";
    894. 

  894.         $values.=",$perm_anon";
    895. 

  895. 

  896. 		$fields.=",modified";
    897. 

  897. 		$values.=",FROM_UNIXTIME('$modified')";
    898. 

  898. 

  899. 		$fields.=",created";
    900. 

  900. 		$values.=",FROM_UNIXTIME('$created')";
    901. 

  901. 

  902.         $fields.=",expired";
    903. 

  903. 		if ($expired=='0000-00-00 00:00:00'){
    904. 

  904. 			$values.=",'$expired'";
    905. 

  905. 		}else{
    906. 

  906. 			$values.=",FROM_UNIXTIME('$expired')";
    907. 

  907. 		}
    908. 

  908. 

  909.         $fields.=",released";
    910. 

  910. 		$values.=",FROM_UNIXTIME('$released')";
    911. 

  911. 

  912.         $hits=0;
    913. 

  913.         $comments=0;
    914. 

  914. 

  915.         $fields.=",code";
    916. 

  916.         $values.=",'$code'";
    917. 

  917. 

  918.         $fields.=",title";//
    919. 

  919.         $values.=",'$title'";
    920. 

  920. 

  921.         $fields.=",page_title";//
    922. 

  922.         $values.=",'$page_title'";
    923. 

  923. 

  924.         $fields.=",description";//
    925. 

  925.         $values.=",'$description'";
    926. 

  926. 

  927. 

  928. //        $fields.=",hits";//
    929. 

  929. //        $values.=",$hits";
    930. 

  930. 

  931.         $fields.=",comments";//
    932. 

  932.         $values.=",$comments";
    933. 

  933. 

  934. 		$fields.=",fieldset_id";//
    935. 

  935. 		$values.=",$fieldset_id";
    936. 

  936. 

  937.         $fields.=",uuid";
    938. 

  938.         $values.=",$uuid";
    939. 

  939. 

  940.         if ($edt_flg){
    941. 

  941.             $return_page=$_CONF['site_url'] . "/".THIS_SCRIPT;
    942. 

  942.             $return_page.="?id=".$id;
    943. 

  943.         }else{
    944. 

  944.             $return_page=$_CONF['site_url'] . '/'.THIS_SCRIPT.'?msg=1';
    945. 

  945.         }
    946. 

  946. 

  947.         DB_save($_TABLES['DATABOX_base'],$fields,$values);
    948. 

  948.     }else{
    949. 

  949. 		
    950. 

  950.         $sql="UPDATE {$_TABLES['DATABOX_base']} set ";
    951. 

  951.         $sql.=" title = '$title'";
    952. 

  952.         $sql.=" ,page_title = '$page_title'";
    953. 

  953.         $sql.=" ,description = '$description'";
    954. 

  954.         $sql.=" ,language_id = '$language_id'";
    955. 

  955. 		
    956. 

  956.         $sql.=" ,modified = FROM_UNIXTIME('$modified')";
    957. 

  957. 		
    958. 

  958.         $sql.=",uuid='$uuid' WHERE id=$id";
    959. 

  959. 

  960.         DB_query($sql);
    961. 

  961. 

  962.     }
    963. 

  963. 

  964.     //カテゴリ
    965. 

  965.     //$rt=DATABOX_savedatas("category_id",$_TABLES['DATABOX_category'],$id,$category);
    966. 

  966.     $rt=DATABOX_savecategorydatas($id,$category,'databox','mydata');
    967. 

  967. 

  968. 	//追加項目
    969. 

  969. 	if  ($old_mode=="copy"){
    970. 

  970.         DATABOX_uploadaddtiondatas_cpy
    971. 

  971.         ($additionfields,$addition_def,$pi_name,$id,$additionfields_fnm
    972. 

  972.         ,$additionfields_del,$additionfields_old,$additionfields_alt);
    973. 

  973.     }else{
    974. 

  974.         DATABOX_uploadaddtiondatas	
    975. 

  975.         ($additionfields,$addition_def,$pi_name,$id,$additionfields_fnm
    976. 

  976.         ,$additionfields_del,$additionfields_old,$additionfields_alt);
    977. 

  977.     }
    978. 

  978. 		
    979. 

  979.     if ($new_flg){
    980. 

  980.         $rt=DATABOX_saveaddtiondatas($id,$additionfields,$addition_def,$pi_name);
    981. 

  981.     }else{
    982. 

  982.         $rt=DATABOX_saveaddtiondatas_update($id,$additionfields,$addition_def,$pi_name);
    983. 

  983.     }
    984. 

  984. 

  985.     $rt=fncsendmail ('data',$id);
    986. 

  986.     
    987. 

  987.     $cacheInstance = 'databox__' . $id . '__' ;
    988. 

  988.     CACHE_remove_instance($cacheInstance); 
    989. 

  989. 

  990. //exit;//@@@@@debug 用
    991. 

  991. 

  992.     if ($_DATABOX_CONF['aftersave']==='no'){
    993. 

  993.         $retval['title']=$LANG_DATABOX_ADMIN['piname'].$LANG_DATABOX_ADMIN['edit'];
    994. 

  994. 		$retval['display'] .= fncEdit($id, $edt_flg,1,$err,"edit",$fieldset_id,$template);
    995. 

  995.         return $retval;
    996. 

  996. 

  997.     }else if ($_DATABOX_CONF['aftersave']==='list'
    998. 

  998.           OR $_DATABOX_CONF['aftersave']==='admin' ){
    999. 

  999.             $url = $_CONF['site_url'] . "/databox/mydata/data.php";
    1000. 

  1000.             $item_url=COM_buildURL($url);
    1001. 

  1001.             $target='item';
    1002. 

  1002.     }else{
    1003. 

  1003.         $url=$_CONF['site_url'] . "/databox/data.php";
    1004. 

  1004.         $url.="?";
    1005. 

  1005.         //コード使用の時
    1006. 

  1006.         if ($_DATABOX_CONF['datacode']){
    1007. 

  1007.             $url.="code=".$code;
    1008. 

  1008.             $url.="&amp;m=code";
    1009. 

  1009.         }else{
    1010. 

  1010.             $url.="id=".$id;
    1011. 

  1011.             $url.="&amp;m=id";
    1012. 

  1012.         }
    1013. 

  1013.         $item_url = COM_buildUrl( $url );
    1014. 

  1014. 		$target=$_DATABOX_CONF['aftersave_admin'];
    1015. 

  1015.     }
    1016. 

  1016. 

  1017.     $return_page = PLG_afterSaveSwitch(
    1018. 

  1018.                     $target
    1019. 

  1019.                     ,$item_url
    1020. 

  1020.                     ,$pi_name
    1021. 

  1021.                     , 1);
    1022. 

  1022. 

  1023.     echo $return_page;
    1024. 

  1024. 

  1025. 	exit;
    1026. 

  1026. 

  1027. }
    1028. 

  1028. // +---------------------------------------------------------------------------+
    1029. 

  1029. // | 機能  削除                                                                |
    1030. 

  1030. // | 書式 fncdelete ()                                                         |
    1031. 

  1031. // +---------------------------------------------------------------------------+
    1032. 

  1032. // | 戻値 nomal:戻り画面&メッセージ                                           |
    1033. 

  1033. // +---------------------------------------------------------------------------+
    1034. 

  1034. function fncdelete (
    1035. 

  1035. 	$template
    1036. 

  1036. )
    1037. 

  1037. {
    1038. 

  1038.     global $_CONF;
    1039. 

  1039.     global $_TABLES;
    1040. 

  1040.     global $LANG_DATABOX_ADMIN;
    1041. 

  1041. 	
    1042. 

  1042. 	$pi_name="databox";
    1043. 

  1043.     $id = COM_applyFilter($_POST['id'],true);
    1044. 

  1044.     $title=DB_getItem ($_TABLES['DATABOX_base'], 'title',"id = ".$id);
    1045. 

  1045. 	
    1046. 

  1046. 	$addition_def=DATABOX_getadditiondef();//@@@@@
    1047. 

  1047. 	$additionfields=$_POST['afield'];//@@@@@
    1048. 

  1048. 

  1049.     // CHECK
    1050. 

  1050.     $err="";
    1051. 

  1051.     if ($err<>"") {
    1052. 

  1052.         $page_title=$LANG_DATABOX_ADMIN['err'];
    1053. 

  1053.         $retval .= DATABOX_siteHeader('DATABOX','_admin',$page_title);
    1054. 

  1054.         $retval .= COM_startBlock ($LANG_DATABOX_ADMIN['err'], '',
    1055. 

  1055.                             COM_getBlockTemplate ('_msg_block', 'header'));
    1056. 

  1056.         $retval .= $err;
    1057. 

  1057.         $retval .= COM_endBlock (COM_getBlockTemplate ('_msg_block', 'footer'));
    1058. 

  1058.         $retval .= DATABOX_siteFooter('DATABOX','_admin');
    1059. 

  1059.         return $retval;
    1060. 

  1060.     }
    1061. 

  1061. 

  1062.     //
    1063. 

  1063. 	$rt=databox_deletedata ($id);
    1064. 

  1064. 

  1065.     $rt=fncsendmail ('data_delete',$id,$title);
    1066. 

  1066. 	
    1067. 

  1067.     $cacheInstance = 'databox__' . $id . '__' ;
    1068. 

  1068.     CACHE_remove_instance($cacheInstance); 
    1069. 

  1069. 

  1070.     //exit;// debug 用
    1071. 

  1071. 	
    1072. 

  1072.     $return_page=$_CONF['site_url'] . '/'.THIS_SCRIPT.'?msg=2';
    1073. 

  1073. 	if  ($template<>""){
    1074. 

  1074. 		$return_page.="&amp;template=".$template;
    1075. 

  1075. 	}
    1076. 

  1076.     return COM_refresh ($return_page);
    1077. 

  1077. 

  1078. 

  1079. 

  1080. }
    1081. 

  1081. // +---------------------------------------------------------------------------+
    1082. 

  1082. // | 機能  メール送信                                                          |
    1083. 

  1083. // | 書式 fncsendmail ()                                                       |
    1084. 

  1084. // +---------------------------------------------------------------------------+
    1085. 

  1085. // | 戻値 nomal:                                                               |
    1086. 

  1086. // +---------------------------------------------------------------------------+
    1087. 

  1087. function fncsendmail (
    1088. 

  1088.     $m=""
    1089. 

  1089.     ,$id=0
    1090. 

  1090.     ,$title=""
    1091. 

  1091.     )
    1092. 

  1092. {
    1093. 

  1093.     global $_CONF;
    1094. 

  1094.     global $_TABLES;
    1095. 

  1095.     global $LANG_DATABOX_MAIL;
    1096. 

  1096.     global $LANG_DATABOX_ADMIN;
    1097. 

  1097.     global $_USER ;
    1098. 

  1098.     global $_DATABOX_CONF ;
    1099. 

  1099. 	
    1100. 

  1100. 	$pi_name="databox";
    1101. 

  1101.     $retval = '';
    1102. 

  1102. 

  1103.     $site_name=$_CONF['site_name'];
    1104. 

  1104.     $subject= sprintf($LANG_DATABOX_MAIL['subject_'.$m],$_USER['username']);
    1105. 

  1105.     $message=sprintf($LANG_DATABOX_MAIL['message_'.$m],$_USER['username'],$_USER['uid']);
    1106. 

  1106.     if ($m==="data_delete"){
    1107. 

  1107.         $msg= $LANG_DATABOX_ADMIN['id'].":".$id.LB;
    1108. 

  1108.         $msg.= $LANG_DATABOX_ADMIN['title'].":".$title.LB;
    1109. 

  1109.         //URL
    1110. 

  1110.         $url=$_CONF['site_url'] . "/databox/data.php";
    1111. 

  1111.         $url = COM_buildUrl( $url );
    1112. 

  1112. 		$A['draft_flag']=0;
    1113. 

  1113.     }else{
    1114. 

  1114.         $sql = "SELECT ";
    1115. 

  1115. 

  1116.         $sql .= " *";
    1117. 

  1117. 

  1118.         $sql .= " FROM ";
    1119. 

  1119.         $sql .= $_TABLES['DATABOX_base'];
    1120. 

  1120.         $sql .= " WHERE ";
    1121. 

  1121.         $sql .= " id = $id";
    1122. 

  1122. 

  1123.         $result = DB_query ($sql);
    1124. 

  1124.         $numrows = DB_numRows ($result);
    1125. 

  1125. 

  1126.         if ($numrows > 0) {
    1127. 

  1127. 

  1128.             $A = DB_fetchArray ($result);
    1129. 

  1129. 			$A = array_map('stripslashes', $A);
    1130. 

  1130. 

  1131.             //下書
    1132. 

  1132.             if ($A['draft_flag']==1) {
    1133. 

  1133.                 $msg.=$LANG_DATABOX_ADMIN['draft'].LB;
    1134. 

  1134.             }
    1135. 

  1135. 

  1136.             //基本項目
    1137. 

  1137.             $msg.= $LANG_DATABOX_ADMIN['code'].":".$A['code'].LB;
    1138. 

  1138.             $msg.= $LANG_DATABOX_ADMIN['title'].":".$A['title'].LB;
    1139. 

  1139.             $msg.= $LANG_DATABOX_ADMIN['page_title'].":".$A['page_title'].LB;
    1140. 

  1140.             $msg.= $LANG_DATABOX_ADMIN['description'].":".$A['description'].LB;
    1141. 

  1141. 

  1142.             //カテゴリ
    1143. 

  1143.             $msg.=DATABOX_getcategoriesText($id ,0,"DATABOX");
    1144. 

  1144. 

  1145.             //追加項目
    1146. 

  1146.             $group_id = stripslashes($A['group_id']);
    1147. 

  1147.             $owner_id = stripslashes($A['owner_id']);
    1148. 

  1148.             $chk_user=DATABOX_chkuser($group_id,$owner_id,"databox.admin");
    1149. 

  1149.             $addition_def=DATABOX_getadditiondef();
    1150. 

  1150.             $additionfields = DATABOX_getadditiondatas($id);
    1151. 

  1151.             $msg.=DATABOX_getaddtionfieldsText($additionfields,$addition_def,$chk_user,$pi_name,$A['fieldset_id']);
    1152. 

  1152. 

  1153.             //タイムスタンプ 更新ユーザ
    1154. 

  1154.             $msg.= $LANG_DATABOX_ADMIN['udatetime'].":".$A['udatetime'].LB;
    1155. 

  1155.             $msg.= $LANG_DATABOX_ADMIN['uuid'].":".$A['uuid'].LB;
    1156. 

  1156. 

  1157. 

  1158.             //URL
    1159. 

  1159.             $url=$_CONF['site_url'] . "/databox/data.php";
    1160. 

  1160.             $url.="?";
    1161. 

  1161.             if ($_DATABOX_CONF['datacode']){
    1162. 

  1162.                 $url.="m=code";
    1163. 

  1163.                 $url.="&code=".$A['code'];
    1164. 

  1164.             }else{
    1165. 

  1165.                 $url.="m=id";
    1166. 

  1166.                 $url.="&id=".$A['id'];
    1167. 

  1167.             }
    1168. 

  1168.             $url = COM_buildUrl( $url );
    1169. 

  1169. 

  1170.         }
    1171. 

  1171. 	}
    1172. 

  1172. 	if  (($_DATABOX_CONF['mail_to_draft']==0) AND ($A['draft_flag']==1)){
    1173. 

  1173. 	}else{
    1174. 

  1174. 

  1175. 		$message.=$msg.LB;
    1176. 

  1176. 		$message.=$url.LB;
    1177. 

  1177. 		$message.=$LANG_DATABOX_MAIL['sig'].LB;
    1178. 

  1178. 

  1179. 		$mail_to=$_DATABOX_CONF['mail_to'];
    1180. 

  1180. 		//--- to owner
    1181. 

  1181. 		if  ($_DATABOX_CONF['mail_to_owner']==1){
    1182. 

  1182. 			$owner_email=DB_getItem($_TABLES['users'],"email","uid=".$A['owner_id']);
    1183. 

  1183. 			if (array_search($owner_email,$mail_to)===false){
    1184. 

  1184. 				$to=$owner_email;
    1185. 

  1185. 				COM_mail ($to, $subject, $message);
    1186. 

  1186. 			}
    1187. 

  1187. 		}
    1188. 

  1188. 		//--- mail_to
    1189. 

  1189. 		if (!empty ($mail_to)){
    1190. 

  1190. 			$to=implode($mail_to,",");
    1191. 

  1191. 			COM_mail ($to, $subject, $message);
    1192. 

  1192. 		}
    1193. 

  1193. 	}
    1194. 

  1194. 

  1195.     return $retval;
    1196. 

  1196. }
    1197. 

  1197. 

  1198. 

  1199. function fncNew (
    1200. 

  1200. 	$template
    1201. 

  1201. )
    1202. 

  1202. {
    1203. 

  1203. 	global $_CONF;
    1204. 

  1204. 	global $LANG_DATABOX_ADMIN;
    1205. 

  1205. 	global $LANG_ADMIN;
    1206. 

  1206. 	
    1207. 

  1207. 	$pi_name="databox";
    1208. 

  1208. 	
    1209. 

  1209.     $retval = '';
    1210. 

  1210. 	
    1211. 

  1211. 	//-----
    1212. 

  1212.     $tmplfld=DATABOX_templatePath('mydata',$template,$pi_name);
    1213. 

  1213. 

  1214.     $templates = new Template($tmplfld);
    1215. 

  1215.     $templates->set_file('editor',"selectset.thtml");
    1216. 

  1216. 	
    1217. 

  1217.     $templates->set_var('site_url', $_CONF['site_url']);
    1218. 

  1218.     $templates->set_var('site_admin_url', $_CONF['site_admin_url']);
    1219. 

  1219. 	
    1220. 

  1220.     $token = SEC_createToken();
    1221. 

  1221.     $retval .= SEC_getTokenExpiryNotice($token);
    1222. 

  1222.     $templates->set_var('gltoken_name', CSRF_TOKEN);
    1223. 

  1223.     $templates->set_var('gltoken', $token);
    1224. 

  1224.     $templates->set_var ( 'xhtml', XHTML );
    1225. 

  1225. 	
    1226. 

  1226. 	$script=THIS_SCRIPT;
    1227. 

  1227. 	if  ($template<>""){
    1228. 

  1228. 		$script.="?template=".$template;
    1229. 

  1229. 	}
    1230. 

  1230.     $templates->set_var('script', $script);
    1231. 

  1231. 

  1232. 	//fieldset_id
    1233. 

  1233. 	$fieldset_id=0;
    1234. 

  1234. 	$templates->set_var('lang_fieldset', $LANG_DATABOX_ADMIN['fieldset']);
    1235. 

  1235. 	$list_fieldset=DATABOX_getoptionlist("fieldset",$fieldset_id,0,$pi_name,"",0 );
    1236. 

  1236. 	$templates->set_var ('list_fieldset', $list_fieldset);
    1237. 

  1237. 	
    1238. 

  1238. 	$templates->set_var ('lang_inst_newdata', $LANG_DATABOX_ADMIN['inst_newdata']);
    1239. 

  1239. 	
    1240. 

  1240.     $templates->set_var ('lang_new', $LANG_DATABOX_ADMIN['new']);
    1241. 

  1241.     $templates->set_var('lang_cancel', $LANG_ADMIN['cancel']);
    1242. 

  1242. 

  1243. 	$templates->parse('output', 'editor');
    1244. 

  1244.     $retval .= $templates->finish($templates->get_var('output'));
    1245. 

  1245. 	
    1246. 

  1246. 	return $retval;
    1247. 

  1247. }
    1248. 

  1248. function fncMenu(
    1249. 

  1249.     $pi_name
    1250. 

  1250. )
    1251. 

  1251. // +---------------------------------------------------------------------------+
    1252. 

  1252. // | 機能  menu表示  
    1253. 

  1253. // | 書式 fncMenu("databox")
    1254. 

  1254. // +---------------------------------------------------------------------------+
    1255. 

  1255. // | 引数 $pi_name:plugin name 'databox' 'userbox' 'formbox'
    1256. 

  1256. // +---------------------------------------------------------------------------+
    1257. 

  1257. // | 戻値 menu 
    1258. 

  1258. // +---------------------------------------------------------------------------+
    1259. 

  1259. {
    1260. 

  1260. 

  1261.     global $_CONF;
    1262. 

  1262.     global $_DATABOX_CONF;
    1263. 

  1263.     global $LANG_ADMIN;
    1264. 

  1264. 

  1265.     global $LANG_DATABOX_ADMIN;
    1266. 

  1266. 

  1267.     global $LANG_DATABOX;
    1268. 

  1268. 

  1269.     $retval = '';
    1270. 

  1270. 	//MENU1:管理画面
    1271. 

  1271.     $url1=$_CONF['site_url'] . '/'.THIS_SCRIPT.'?mode=new';
    1272. 

  1272. 	if  ($template<>""){
    1273. 

  1273. 		$url1.="&amp;template=".$template;
    1274. 

  1274. 	}
    1275. 

  1275.     $url2=$_CONF['site_url'] . '/databox/list.php';
    1276. 

  1276. 

  1277.     if ($_DATABOX_CONF['allow_data_insert']
    1278. 

  1278.             OR SEC_hasRights('databox.submit')){
    1279. 

  1279.         $menu_arr[]=array('url' => $url1,'text' => $LANG_DATABOX_ADMIN["new"]);
    1280. 

  1280.     }
    1281. 

  1281.     $menu_arr[]=array('url' => $url2,'text' => $LANG_DATABOX['list']);
    1282. 

  1282.     $retval .= ADMIN_createMenu(
    1283. 

  1283.         $menu_arr,
    1284. 

  1284.         $LANG_DATABOX_ADMIN['instructions'],
    1285. 

  1285.         plugin_geticon_databox()
    1286. 

  1286.     );
    1287. 

  1287. 

  1288.     return $retval;
    1289. 

  1289. }
    1290. 

  1290. 

  1291. 

  1292. // +---------------------------------------------------------------------------+
    1293. 

  1293. // | MAIN                                                                      |
    1294. 

  1294. // +---------------------------------------------------------------------------+
    1295. 

  1295. //############################
    1296. 

  1296. $pi_name    = 'databox';
    1297. 

  1297. //############################
    1298. 

  1298. 

  1299. // 引数
    1300. 

  1300. //public_html/mydata/data.php
    1301. 

  1301. //public_html/mydata/data.php?mode_id=new
    1302. 

  1302. //public_html/mydata/data.php?type_id=aaa
    1303. 

  1303. //public_html/mydata.php?mode_id=edit&id=1
    1304. 

  1304. //public_html/mydata.php?mode_id=edit&id=1&template=yyyy
    1305. 

  1305. if (isset ($_REQUEST['mode'])) {
    1306. 

  1306.     $mode = COM_applyFilter ($_REQUEST['mode'], false);
    1307. 

  1307. }
    1308. 

  1308. $msg = '';
    1309. 

  1309. if (isset ($_REQUEST['msg'])) {
    1310. 

  1310.     $msg = COM_applyFilter ($_REQUEST['msg'], true);
    1311. 

  1311. }
    1312. 

  1312. $id = '';
    1313. 

  1313. if (isset ($_REQUEST['id'])) {
    1314. 

  1314.     $id = COM_applyFilter ($_REQUEST['id'], true);
    1315. 

  1315. }
    1316. 

  1316. 

  1317. $fieldset_id = 0;
    1318. 

  1318. if (isset ($_REQUEST['type_id'])) {
    1319. 

  1319.     $fieldset_id = COM_applyFilter ($_REQUEST['type_id'], true);
    1320. 

  1320. }
    1321. 

  1321. 

  1322. $template = '';
    1323. 

  1323. if (isset ($_REQUEST['template'])) {
    1324. 

  1324. 	$template = COM_applyFilter ($_REQUEST['template']);
    1325. 

  1325. }
    1326. 

  1326. 

  1327. $old_mode="";
    1328. 

  1328. if (isset($_REQUEST['old_mode'])) {
    1329. 

  1329.     $old_mode = COM_applyFilter($_REQUEST['old_mode'],false);
    1330. 

  1330.     if ($mode==$LANG_ADMIN['cancel']) {
    1331. 

  1331.         $mode = $old_mode;
    1332. 

  1332.     }
    1333. 

  1333. }
    1334. 

  1334. 

  1335. if (($mode == $LANG_ADMIN['save']) && !empty ($LANG_ADMIN['save'])) { // save
    1336. 

  1336.     $mode="save";
    1337. 

  1337. }else if (($mode == $LANG_ADMIN['delete']) && !empty ($LANG_ADMIN['delete'])) {
    1338. 

  1338. 	$mode="delete";
    1339. 

  1339. }else if (($mode == $LANG_DATABOX_ADMIN['new']) && !empty ($LANG_DATABOX_ADMIN['new'])) {
    1340. 

  1340.     $mode="newedit";
    1341. 

  1341. }else if ($fieldset_id <> 0){
    1342. 

  1342.     $mode="newedit_type";
    1343. 

  1343. }
    1344. 

  1344. 

  1345. 

  1346. //echo "mode=".$mode."<br>";
    1347. 

  1347. if ($mode=="" OR $mode=="edit" OR $mode=="new" OR $mode=="drafton" OR $mode=="draftoff"
    1348. 

  1348. 	OR $mode=="export" OR $mode=="import"  OR $mode=="copy"
    1349. 

  1349. 	OR $mode=="newedit_type"
    1350. 

  1350. 	) {
    1351. 

  1351. }else{
    1352. 

  1352.     if (!SEC_checkToken()){
    1353. 

  1353.  //    if (SEC_checkToken()){//テスト用
    1354. 

  1354.         COM_accessLog("User {$_USER['username']} tried to illegally and failed CSRF checks.");
    1355. 

  1355.         echo COM_refresh($_CONF['site_admin_url'] . '/index.php');
    1356. 

  1356.         exit;
    1357. 

  1357.     }
    1358. 

  1358. }
    1359. 

  1359. 

  1360. //
    1361. 

  1361. $menuno=2;
    1362. 

  1362. $display="";
    1363. 

  1363. $information = array();
    1364. 

  1364. 

  1365. //ログイン要否チェック
    1366. 

  1366. if (COM_isAnonUser()){
    1367. 

  1367.     $loginrequired=$_DATABOX_CONF['loginrequired'];
    1368. 

  1368.     $loginrequired=$_CONF['loginrequired'];
    1369. 

  1369. 

  1370.     if ($loginrequired>0) {
    1371. 

  1371.         $display .= DATABOX_siteHeader($pi_name,'',$page_title);
    1372. 

  1372.         $display .= SEC_loginRequiredForm();
    1373. 

  1373.         $display .= DATABOX_siteFooter($pi_name);
    1374. 

  1374.         COM_output($display);
    1375. 

  1375.         exit;
    1376. 

  1376.     }
    1377. 

  1377. 

  1378. }
    1379. 

  1379. 

  1380. 

  1381. 

  1382. //echo "mode=".$mode."<br>";
    1383. 

  1383. switch ($mode) {
    1384. 

  1384. 

  1385.     case 'new':// 新規登録
    1386. 

  1386.         if ($_DATABOX_CONF['allow_data_insert']
    1387. 

  1387.                 OR SEC_hasRights('databox.submit')){
    1388. 

  1388. 

  1389.             $information['pagetitle']=$LANG_DATABOX_ADMIN['piname'].$LANG_DATABOX_ADMIN['new'];
    1390. 

  1390.             $display .= fncNew($template);
    1391. 

  1391.             break;
    1392. 

  1392.         }
    1393. 

  1393.     case 'newedit':// 新規登録
    1394. 

  1394. 		$fieldset_id=COM_applyFilter ($_POST['fieldset'],true);
    1395. 

  1395.     case 'newedit_type':// 新規登録
    1396. 

  1396.         if ($_DATABOX_CONF['allow_data_insert']
    1397. 

  1397.                 OR SEC_hasRights('databox.submit')){
    1398. 

  1398. 

  1399.             $information['pagetitle']=$LANG_DATABOX_ADMIN['piname'].$LANG_DATABOX_ADMIN['new'];
    1400. 

  1400.             $display .= fncEdit("", $edt_flg,$msg,"","new",$fieldset_id,$template);
    1401. 

  1401.             break;
    1402. 

  1402.         }
    1403. 

  1403.     case 'save':// 保存
    1404. 

  1404.         $retval= fncSave ($edt_flg ,$navbarMenu ,$menuno,$template);
    1405. 

  1405.         $information['pagetitle']=$retval['title'];
    1406. 

  1406. 		$display.=$retval['display'];
    1407. 

  1407. 		break;
    1408. 

  1408. 

  1409.     case 'delete':// 削除
    1410. 

  1410.         $display .= fncdelete($template);
    1411. 

  1411.         break;
    1412. 

  1412.     case 'copy'://コピー
    1413. 

  1413.         if ($_DATABOX_CONF['allow_data_insert']
    1414. 

  1414.                 OR SEC_hasRights('databox.submit')){
    1415. 

  1415.         }else{
    1416. 

  1416.             $id="";
    1417. 

  1417.             $display.=$rt;
    1418. 

  1418.         }
    1419. 

  1419.     case 'edit':// 編集
    1420. 

  1420.         if ($id<>""  ) {
    1421. 

  1421.             $information['pagetitle']=$LANG_DATABOX_ADMIN['piname'].$LANG_DATABOX_ADMIN['edit'];
    1422. 

  1422.             $rt=databox_chk_loaddata($id);
    1423. 

  1423.             if ($rt==="OK"){
    1424. 

  1424.                 $display .= fncEdit($id, $edt_flg,$msg,"",$mode,$fieldset_id,$template);
    1425. 

  1425.             }else{
    1426. 

  1426.                 $display.=$rt;
    1427. 

  1427.             }
    1428. 

  1428.         }
    1429. 

  1429.         break;
    1430. 

  1430. 

  1431.     default:// 初期表示、一覧表示
    1432. 

  1432. 

  1433.         $information['pagetitle']=$LANG_DATABOX_ADMIN['piname'];
    1434. 

  1434.         if (isset ($msg)) {
    1435. 

  1435.             $display .= COM_showMessage ($msg,'databox');
    1436. 

  1436.         }
    1437. 

  1437. 

  1438.         $display .= fncList($template);
    1439. 

  1439. 

  1440. 

  1441. }
    1442. 

  1442. $display =COM_startBlock($LANG_DATABOX_ADMIN['piname'],''
    1443. 

  1443.             ,COM_getBlockTemplate('_admin_block', 'header'))
    1444. 

  1444.          .ppNavbarjp($navbarMenu,$LANG_DATABOX_admin_menu[$menuno])
    1445. 

  1445.          .fncMenu($pi_name)
    1446. 

  1446.          .$display
    1447. 

  1447.          .COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
    1448. 

  1448. 

  1449. $display=DATABOX_displaypage($pi_name,'_admin',$display,$information);
    1450. 

  1450. 

  1451. 

  1452. COM_output($display);
    1453. 

  1453. 

  1454. ?>
    1455. 

  1455.