mirror of
https://github.com/slawkens/myaac.git
synced 2025-04-26 09:19:22 +02:00
a72d1a3c9f
* New admin panel Pages: Options + Config [WIP] * Forgot the plugin example of options * Rename to settings.php * Add Settings Class * New myaac_settings table * Add $limit parameter to $db->select method * Add $member var annotation * Remove useless title_separator from config * Move $menus to menus.php Also fix active link when menu item has subpage * Settings [WIP] New Settings class New Plugins::load() method Move config.php to settings.php MyAAC Settings will have plugin_name = 'core' Add compat_config.php * Change options.php to settings.php * Change name to settings * Add Settings menu * Add Sections + Add setting($key) function Reorganisation * Add email + password fields as type * Update 33.php * add settings migration * php 8 compatibility * add missing hook * Add categories in tabs, move more settings, revert back getPluginSettings Categories and sections are now not numbered Remove example settings plugin * fix typo * Update .gitignore * Add 36th migration for settings table * Execute migrations just after db connect * Update plugins.php * [WIP] Some work on settings Add hidden settings New method: parse, to parse settings from array Move base html to twig template Remove vocation loading from .xml, instead use predefined voc names * Rename * Fix path * [WIP] More work on settings Move more config to settings (mainly mail_* + some other) Remove mail_admin, wasnt used anywhere Add return type to some functions Add Twig settings(key) function Possibility to save setting to db * Add min, max, step to number field option * Re-enable plugin if disabled and already installed * Add Settings menu, including all plugins with settings One change included in previous commit, due to missclick * Nothing important * Better boolean detection * More detailed error message in settings * Lets call it settings.name instead * Add new function: only_if, to hide fields when they are not enabled [WIP] Not fully finished yet * guild_management: show_if * Hide section title on show_if * Fix: check on page load if radio button is checked * Add: show_if - account_mail_verify * nothing important * Rename team_* variables + add to deprecated * Change variable name * Extract Settings:save function * Add settings.callbacks.get * Move forum config to settings * Move status config to settings * Remove whitespaces * More config to settings: account_types, genders, highscores, admin * Move signature config to settings * Move news config to settings * Rename variable * Save config.php in Settings Egg and hen problem solved :) * Test database connection on save settings -> prevents from making website unusable if connection is wrong * Test server_path -> same There is no config.php anymore, just config.local.php, which can be edited manually and also from admin panel * Remove configs from previous commit * Fix create account, if account_create_character_create is enabled * Add more deprecated configs * Add more info into comment * Update 5-database.php * Fix menu highlighting & opening * Update template.php * Enable script option * Reword email settings + move two new settings * add last_kills_limit + move shop * google_analytics_id * add mail_lost_account_interval * Create character blocked words (by @gpedro), just moved to settings * Fix google_analytics * create character name config moved to settings * Fix for install warning - min/max length * New create character checks configurable: block monsters & spells names * fixes * Improve character npc name check * New setting: donate_column + move donate config to settings * Add super fancy No Refresh saving with a toast * Add new possibility: to deny saving setting if condition is not met * Move database settings to separate category * Fix default value displaying * Add database_hash setting * add last_kills_limit to compat config * Move create character blocked names down * Every setting needs to have default * Move rest of config to settings Remove config.php completely Add new settings category: Game Fix account_login_by_email Min textarea size = 2 + adjusted automatically
261 lines
6.9 KiB
PHP
261 lines
6.9 KiB
PHP
<?php
|
|
/**
|
|
* Pages
|
|
*
|
|
* @package MyAAC
|
|
* @author Slawkens <slawkens@gmail.com>
|
|
* @copyright 2019 MyAAC
|
|
* @link https://my-aac.org
|
|
*/
|
|
defined('MYAAC') or die('Direct access not allowed!');
|
|
$title = 'Pages';
|
|
$use_datatable = true;
|
|
|
|
if (!hasFlag(FLAG_CONTENT_PAGES) && !superAdmin()) {
|
|
echo 'Access denied.';
|
|
return;
|
|
}
|
|
|
|
header('X-XSS-Protection:0');
|
|
|
|
$name = $p_title = null;
|
|
$groups = new OTS_Groups_List();
|
|
|
|
$php = false;
|
|
$enable_tinymce = true;
|
|
$access = 0;
|
|
|
|
// some constants, used mainly by database (cannot by modified without schema changes)
|
|
define('PAGE_TITLE_LIMIT', 30);
|
|
define('PAGE_NAME_LIMIT', 30);
|
|
define('PAGE_BODY_LIMIT', 65535); // maximum page body length
|
|
|
|
if (!empty($action)) {
|
|
if ($action == 'delete' || $action == 'edit' || $action == 'hide')
|
|
$id = $_REQUEST['id'];
|
|
|
|
if (isset($_REQUEST['name']))
|
|
$name = $_REQUEST['name'];
|
|
|
|
if (isset($_REQUEST['title']))
|
|
$p_title = $_REQUEST['title'];
|
|
|
|
$php = isset($_REQUEST['php']) && $_REQUEST['php'] == 1;
|
|
$enable_tinymce = isset($_REQUEST['enable_tinymce']) && $_REQUEST['enable_tinymce'] == 1;
|
|
if ($php)
|
|
$body = $_REQUEST['body'];
|
|
else if (isset($_REQUEST['body'])) {
|
|
//$body = $_REQUEST['body'];
|
|
$body = html_entity_decode(stripslashes($_REQUEST['body']));
|
|
}
|
|
|
|
if (isset($_REQUEST['access']))
|
|
$access = $_REQUEST['access'];
|
|
|
|
$errors = array();
|
|
$player_id = 1;
|
|
|
|
if ($action == 'new') {
|
|
if (isset($p_title) && Pages::add($name, $p_title, $body, $player_id, $php, $enable_tinymce, $access, $errors)) {
|
|
$name = $p_title = $body = '';
|
|
$player_id = $access = 0;
|
|
$php = false;
|
|
$enable_tinymce = true;
|
|
success('Added successful.');
|
|
}
|
|
} else if ($action == 'delete') {
|
|
if (Pages::delete($id, $errors))
|
|
success('Page with id ' . $id . ' has been deleted');
|
|
} else if ($action == 'edit') {
|
|
if (isset($id) && !isset($_REQUEST['name'])) {
|
|
$_page = Pages::get($id);
|
|
$name = $_page['name'];
|
|
$p_title = $_page['title'];
|
|
$body = $_page['body'];
|
|
$php = $_page['php'] == '1';
|
|
$enable_tinymce = $_page['enable_tinymce'] == '1';
|
|
$access = $_page['access'];
|
|
} else {
|
|
if(Pages::update($id, $name, $p_title, $body, $player_id, $php, $enable_tinymce, $access, $errors)) {
|
|
$action = $name = $p_title = $body = '';
|
|
$player_id = 1;
|
|
$access = 0;
|
|
$php = false;
|
|
$enable_tinymce = true;
|
|
success('Updated successful.');
|
|
}
|
|
}
|
|
} else if ($action == 'hide') {
|
|
Pages::toggleHidden($id, $errors, $status);
|
|
success(($status == 1 ? 'Show' : 'Hide') . ' successful.');
|
|
}
|
|
|
|
if (!empty($errors))
|
|
error(implode(", ", $errors));
|
|
}
|
|
|
|
$query =
|
|
$db->query('SELECT * FROM ' . $db->tableName(TABLE_PREFIX . 'pages'));
|
|
|
|
$pages = array();
|
|
foreach ($query as $_page) {
|
|
$pages[] = array(
|
|
'link' => getFullLink($_page['name'], $_page['name'], true),
|
|
'title' => substr($_page['title'], 0, 20),
|
|
'php' => $_page['php'] == '1',
|
|
'id' => $_page['id'],
|
|
'hidden' => $_page['hidden']
|
|
);
|
|
}
|
|
|
|
$twig->display('admin.pages.form.html.twig', array(
|
|
'action' => $action,
|
|
'id' => $action == 'edit' ? $id : null,
|
|
'name' => $name,
|
|
'title' => $p_title,
|
|
'php' => $php,
|
|
'enable_tinymce' => $enable_tinymce,
|
|
'body' => isset($body) ? escapeHtml($body) : '',
|
|
'groups' => $groups->getGroups(),
|
|
'access' => $access
|
|
));
|
|
|
|
$twig->display('admin.pages.html.twig', array(
|
|
'pages' => $pages
|
|
));
|
|
|
|
class Pages
|
|
{
|
|
static public function verify($name, $title, $body, $player_id, $php, $enable_tinymce, $access, &$errors)
|
|
{
|
|
if(!isset($title[0]) || !isset($body[0])) {
|
|
$errors[] = 'Please fill all inputs.';
|
|
return false;
|
|
}
|
|
if(strlen($name) > PAGE_NAME_LIMIT) {
|
|
$errors[] = 'Page name cannot be longer than ' . PAGE_NAME_LIMIT . ' characters.';
|
|
return false;
|
|
}
|
|
if(strlen($title) > PAGE_TITLE_LIMIT) {
|
|
$errors[] = 'Page title cannot be longer than ' . PAGE_TITLE_LIMIT . ' characters.';
|
|
return false;
|
|
}
|
|
if(strlen($body) > PAGE_BODY_LIMIT) {
|
|
$errors[] = 'Page content cannot be longer than ' . PAGE_BODY_LIMIT . ' characters.';
|
|
return false;
|
|
}
|
|
if(!isset($player_id) || $player_id == 0) {
|
|
$errors[] = 'Player ID is wrong.';
|
|
return false;
|
|
}
|
|
if(!isset($php) || ($php != 0 && $php != 1)) {
|
|
$errors[] = 'Enable PHP is wrong.';
|
|
return false;
|
|
}
|
|
if ($php == 1 && !getBoolean(setting('core.admin_pages_php_enable'))) {
|
|
$errors[] = 'PHP pages disabled on this server. To enable go to Settings in Admin Panel and enable <strong>Enable PHP Pages</strong>.';
|
|
return false;
|
|
}
|
|
if(!isset($enable_tinymce) || ($enable_tinymce != 0 && $enable_tinymce != 1)) {
|
|
$errors[] = 'Enable TinyMCE is wrong.';
|
|
return false;
|
|
}
|
|
if(!isset($access) || $access < 0 || $access > PHP_INT_MAX) {
|
|
$errors[] = 'Access is wrong.';
|
|
return false;
|
|
}
|
|
|
|
return true;
|
|
}
|
|
|
|
static public function get($id)
|
|
{
|
|
global $db;
|
|
$query = $db->select(TABLE_PREFIX . 'pages', array('id' => $id));
|
|
if ($query !== false)
|
|
return $query;
|
|
|
|
return false;
|
|
}
|
|
|
|
static public function add($name, $title, $body, $player_id, $php, $enable_tinymce, $access, &$errors)
|
|
{
|
|
if(!self::verify($name, $title, $body, $player_id, $php, $enable_tinymce, $access, $errors)) {
|
|
return false;
|
|
}
|
|
|
|
global $db;
|
|
$query = $db->select(TABLE_PREFIX . 'pages', array('name' => $name));
|
|
if ($query === false)
|
|
$db->insert(TABLE_PREFIX . 'pages',
|
|
array(
|
|
'name' => $name,
|
|
'title' => $title,
|
|
'body' => $body,
|
|
'player_id' => $player_id,
|
|
'php' => $php ? '1' : '0',
|
|
'enable_tinymce' => $enable_tinymce ? '1' : '0',
|
|
'access' => $access
|
|
)
|
|
);
|
|
else
|
|
$errors[] = 'Page with this link already exists.';
|
|
|
|
return !count($errors);
|
|
}
|
|
|
|
static public function update($id, $name, $title, $body, $player_id, $php, $enable_tinymce, $access, &$errors)
|
|
{
|
|
if(!self::verify($name, $title, $body, $player_id, $php, $enable_tinymce, $access, $errors)) {
|
|
return false;
|
|
}
|
|
|
|
global $db;
|
|
$db->update(TABLE_PREFIX . 'pages',
|
|
array(
|
|
'name' => $name,
|
|
'title' => $title,
|
|
'body' => $body,
|
|
'player_id' => $player_id,
|
|
'php' => $php ? '1' : '0',
|
|
'enable_tinymce' => $enable_tinymce ? '1' : '0',
|
|
'access' => $access
|
|
),
|
|
array('id' => $id));
|
|
|
|
return true;
|
|
}
|
|
|
|
static public function delete($id, &$errors)
|
|
{
|
|
global $db;
|
|
if (isset($id)) {
|
|
if ($db->select(TABLE_PREFIX . 'pages', array('id' => $id)) !== false)
|
|
$db->delete(TABLE_PREFIX . 'pages', array('id' => $id));
|
|
else
|
|
$errors[] = 'Page with id ' . $id . ' does not exists.';
|
|
} else
|
|
$errors[] = 'id not set';
|
|
|
|
return !count($errors);
|
|
}
|
|
|
|
static public function toggleHidden($id, &$errors, &$status)
|
|
{
|
|
global $db;
|
|
if (isset($id)) {
|
|
$query = $db->select(TABLE_PREFIX . 'pages', array('id' => $id));
|
|
if ($query !== false) {
|
|
$db->update(TABLE_PREFIX . 'pages', array('hidden' => ($query['hidden'] == 1 ? 0 : 1)), array('id' => $id));
|
|
$status = $query['hidden'];
|
|
}
|
|
else {
|
|
$errors[] = 'Page with id ' . $id . ' does not exists.';
|
|
}
|
|
} else
|
|
$errors[] = 'id not set';
|
|
|
|
return !count($errors);
|
|
}
|
|
}
|