interface/forms_admin/forms_admin.php

   1 <?php
   2 // This program is free software; you can redistribute it and/or
   3 // modify it under the terms of the GNU General Public License
   4 // as published by the Free Software Foundation; either version 2
   5 // of the License, or (at your option) any later version.
   6
   7
   8
   9
  10 //INCLUDES, DO ANY ACTIONS, THEN GET OUR DATA
  11 require_once("../globals.php");
  12 require_once("$srcdir/acl.inc");
  13 require_once("$phpgacl_location/gacl_api.class.php");
  14 require_once("$srcdir/registry.inc");
  15
  16 if ($_GET['method'] == "enable") {
  17     if (!verifyCsrfToken($_GET["csrf_token_form"])) {
  18         csrfNotVerified();
  19     }
  20     updateRegistered($_GET['id'], "state=1");
  21 } elseif ($_GET['method'] == "disable") {
  22     if (!verifyCsrfToken($_GET["csrf_token_form"])) {
  23         csrfNotVerified();
  24     }
  25     updateRegistered($_GET['id'], "state=0");
  26 } elseif ($_GET['method'] == "install_db") {
  27     if (!verifyCsrfToken($_GET["csrf_token_form"])) {
  28         csrfNotVerified();
  29     }
  30     $dir = getRegistryEntry($_GET['id'], "directory");
  31     if (installSQL("$srcdir/../interface/forms/{$dir['directory']}")) {
  32         updateRegistered($_GET['id'], "sql_run=1");
  33     } else {
  34         $err = xl('ERROR: could not open table.sql, broken form?');
  35     }
  36 } elseif ($_GET['method'] == "register") {
  37     if (!verifyCsrfToken($_GET["csrf_token_form"])) {
  38         csrfNotVerified();
  39     }
  40     registerForm($_GET['name']) or $err=xl('error while registering form!');
  41 }
  42
  43 $bigdata = getRegistered("%") or $bigdata = false;
  44
  45 //START OUT OUR PAGE....
  46 ?>
  47 <html>
  48 <head>
  49 <?php html_header_show();?>
  50 <link rel="stylesheet" href="<?php echo $css_header;?>" type="text/css">
  51 </head>
  52 <body class="body_top">
  53 <span class="title"><?php echo xlt('Forms Administration');?></span>
  54 <br><br>
  55 <?php
  56 if (!empty($_POST)) {
  57     if (!verifyCsrfToken($_POST["csrf_token_form"])) {
  58         csrfNotVerified();
  59     }
  60     foreach ($_POST as $key => $val) {
  61         if (preg_match('/nickname_(\d+)/', $key, $matches)) {
  62             sqlQuery("update registry set nickname = ? where id = ?", array($val, $matches[1]));
  63         } else if (preg_match('/category_(\d+)/', $key, $matches)) {
  64             sqlQuery("update registry set category = ? where id = ?", array($val, $matches[1]));
  65         } else if (preg_match('/priority_(\d+)/', $key, $matches)) {
  66             sqlQuery("update registry set priority = ? where id = ?", array($val, $matches[1]));
  67         } else if (preg_match('/aco_spec_(\d+)/', $key, $matches)) {
  68             sqlQuery("update registry set aco_spec = ? where id = ?", array($val, $matches[1]));
  69         }
  70     }
  71 }
  72
  73 ?>
  74
  75 <?php //ERROR REPORTING
  76 if ($err) {
  77     echo "<span class=bold>" . text($err) . "</span><br><br>\n";
  78 }
  79 ?>
  80
  81 <?php //REGISTERED SECTION ?>
  82 <span class=bold><?php echo xlt('Registered');?></span><br>
  83 <form method=POST action ='./forms_admin.php'>
  84 <i><?php echo xlt('click here to update priority, category, nickname and access control settings'); ?></i>
  85 <input type="hidden" name="csrf_token_form" value="<?php echo attr(collectCsrfToken()); ?>" />
  86 <input type='submit' name='update' value='<?php echo xla('update'); ?>'><br>
  87 <table border=0 cellpadding=1 cellspacing=2 width="500">
  88     <tr>
  89         <td> </td>
  90         <td> </td>
  91         <td> </td>
  92         <td> </td>
  93         <td> </td>
  94         <td><?php echo xlt('Priority'); ?> </td>
  95         <td><?php echo xlt('Category'); ?> </td>
  96         <td><?php echo xlt('Nickname'); ?> </td>
  97         <td><?php echo xlt('Access Control'); ?></td>
  98     </tr>
  99 <?php
 100 $color="#CCCCCC";
 101 if ($bigdata != false) {
 102     foreach ($bigdata as $registry) {
 103         $priority_category = sqlQuery(
 104             "select priority, category, nickname, aco_spec from registry where id = ?",
 105             array($registry['id'])
 106         );
 107     ?>
 108       <tr>
 109     <td bgcolor="<?php echo $color; ?>" width="2%">
 110       <span class='text'><?php echo text($registry['id']); ?></span>
 111     </td>
 112     <td bgcolor="<?php echo attr($color); ?>" width="30%">
 113       <span class='bold'><?php echo text(xl_form_title($registry['name'])); ?></span>
 114     </td>
 115     <?php
 116     if ($registry['sql_run'] == 0) {
 117         echo "<td bgcolor='" . attr($color) . "' width='10%'><span class='text'>" . xlt('registered') . "</span>";
 118     } elseif ($registry['state'] == "0") {
 119         echo "<td bgcolor='#FFCCCC' width='10%'><a class='link_submit' href='./forms_admin.php?id=" . attr_url($registry['id']) . "&method=enable&csrf_token_form=" . attr_url(collectCsrfToken()) . "'>" . xlt('disabled') . "</a>";
 120     } else {
 121         echo "<td bgcolor='#CCFFCC' width='10%'><a class='link_submit' href='./forms_admin.php?id=" . attr_url($registry['id']) . "&method=disable&csrf_token_form=" . attr_url(collectCsrfToken()) . "'>" . xlt('enabled') . "</a>";
 122     }
 123         ?></td>
 124         <td bgcolor="<?php echo attr($color); ?>" width="10%">
 125       <span class='text'><?php
 126         if ($registry['unpackaged']) {
 127             echo xlt('PHP extracted');
 128         } else {
 129             echo xlt('PHP compressed');
 130         }
 131         ?></span>
 132         </td>
 133         <td bgcolor="<?php echo attr($color); ?>" width="10%">
 134         <?php
 135         if ($registry['sql_run']) {
 136             echo "<span class='text'>" . xlt('DB installed') . "</span>";
 137         } else {
 138             echo "<a class='link_submit' href='./forms_admin.php?id=" . attr_url($registry['id']) . "&method=install_db&csrf_token_form=" . attr_url(collectCsrfToken()) . "'>" . xlt('install DB') . "</a>";
 139         }
 140         ?>
 141         </td>
 142         <?php
 143           echo "<td><input type='text' size='4'  name='priority_" . attr($registry['id']) . "' value='" . attr($priority_category['priority']) . "'></td>";
 144           echo "<td><input type='text' size='10' name='category_" . attr($registry['id']) . "' value='" . attr($priority_category['category']) . "'></td>";
 145           echo "<td><input type='text' size='10' name='nickname_" . attr($registry['id']) . "' value='" . attr($priority_category['nickname']) . "'></td>";
 146           echo "<td>";
 147           echo "<select name='aco_spec_" . attr($registry['id']) . "'>";
 148           echo "<option value=''></option>";
 149           echo gen_aco_html_options($priority_category['aco_spec']);
 150           echo "</select>";
 151           echo "</td>";
 152         ?>
 153       </tr>
 154         <?php
 155         if ($color=="#CCCCCC") {
 156             $color="#999999";
 157         } else {
 158             $color="#CCCCCC";
 159         }
 160     } //end of foreach
 161 }
 162     ?>
 163 </table>
 164 <hr>
 165
 166 <?php  //UNREGISTERED SECTION ?>
 167 <span class='bold'><?php echo xlt('Unregistered'); ?></span><br>
 168 <table border=0 cellpadding=1 cellspacing=2 width="500">
 169 <?php
 170 $dpath = "$srcdir/../interface/forms/";
 171 $dp = opendir($dpath);
 172 $color="#CCCCCC";
 173 for ($i=0; false != ($fname = readdir($dp)); $i++) {
 174     if ($fname != "." && $fname != ".." && $fname != "CVS" && $fname != "LBF" &&
 175     (is_dir($dpath.$fname) || stristr($fname, ".tar.gz") ||
 176     stristr($fname, ".tar") || stristr($fname, ".zip") ||
 177     stristr($fname, ".gz"))) {
 178         $inDir[$i] = $fname;
 179     }
 180 }
 181
 182 // ballards 11/05/2005 fixed bug in removing registered form from the list
 183 if ($bigdata != false) {
 184     foreach ($bigdata as $registry) {
 185         $key = array_search($registry['directory'], $inDir) ;  /* returns integer or FALSE */
 186         unset($inDir[$key]);
 187     }
 188 }
 189
 190 foreach ($inDir as $fname) {
 191     if (stristr($fname, ".tar.gz") || stristr($fname, ".tar") || stristr($fname, ".zip") || stristr($fname, ".gz")) {
 192         $phpState = "PHP compressed";
 193     } else {
 194         $phpState =  "PHP extracted";
 195     }
 196     ?>
 197     <tr>
 198         <td bgcolor="<?php echo $color?>" width="1%">
 199             <span class=text> </span>
 200         </td>
 201         <td bgcolor="<?php echo $color?>" width="20%">
 202             <?php
 203                 $form_title_file = @file($GLOBALS['srcdir']."/../interface/forms/$fname/info.txt");
 204             if ($form_title_file) {
 205                     $form_title = $form_title_file[0];
 206             } else {
 207                 $form_title = $fname;
 208             }
 209                 ?>
 210             <span class=bold><?php echo text(xl_form_title($form_title)); ?></span>
 211         </td>
 212         <td bgcolor="<?php echo $color?>" width="10%"><?php
 213         if ($phpState == "PHP extracted") {
 214             echo '<a class=link_submit href="./forms_admin.php?name=' . attr_url($fname) . '&method=register&csrf_token_form=' . attr_url(collectCsrfToken()) . '">' . xlt('register') . '</a>';
 215         } else {
 216             echo '<span class=text>' . xlt('n/a') . '</span>';
 217         }
 218         ?></td>
 219         <td bgcolor="<?php echo $color?>" width="20%">
 220             <span class=text><?php echo xlt($phpState); ?></span>
 221         </td>
 222         <td bgcolor="<?php echo $color?>" width="10%">
 223             <span class=text><?php echo xlt('n/a'); ?></span>
 224         </td>
 225     </tr>
 226     <?php
 227     if ($color=="#CCCCCC") {
 228             $color="#999999";
 229     } else {
 230         $color="#CCCCCC";
 231     }
 232
 233     flush();
 234 }//end of foreach
 235 ?>
 236 </table>
 237
 238 </body>
 239 </html>