0byt3m1n1
Path:
/
data
/
applications
/
aps.bak
/
postnuke
/
0.764-3
/
standard
/
htdocs
/
modules
/
Modules
/
[
Home
]
File: pnadmin.php
<?php // File: $Id: pnadmin.php 17522 2006-01-12 13:22:17Z markwest $ // ---------------------------------------------------------------------- // PostNuke Content Management System // Copyright (C) 2001 by the PostNuke Development Team. // http://www.postnuke.com/ // ---------------------------------------------------------------------- // Based on: // PHP-NUKE Web Portal System - http://phpnuke.org/ // Thatware - http://thatware.org/ // ---------------------------------------------------------------------- // LICENSE // This program is free software; you can redistribute it and/or // modify it under the terms of the GNU General Public License (GPL) // as published by the Free Software Foundation; either version 2 // of the License, or (at your option) any later version. // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // To read the license please visit http://www.gnu.org/copyleft/gpl.html // ---------------------------------------------------------------------- // Original Author of file: Jim McDonald // Purpose of file: Modules administration // ---------------------------------------------------------------------- /** * @package PostNuke_System_Modules * @subpackage Modules * @license http://www.gnu.org/copyleft/gpl.html */ /** * Modules Module main admin function * @author Jim McDonald * @return string HTML output string */ function modules_admin_main() { // security check if (!pnSecAuthAction(0, 'Modules::', '::', ACCESS_ADMIN)) { return pnVarPrepHTMLDisplay(_MODULENOAUTH); } // Create output object - this object will store all of our output so that // we can return it easily when required $pnRender =& new pnRender('Modules'); // As Admin output changes often, we do not want caching. $pnRender->caching = false; // Return the output that has been generated by this function return $pnRender->fetch('modules_admin_main.htm'); } /** * Modules_admin_modify - modify a module * @author Jim McDonald * @return string HTML output string */ function modules_admin_modify() { // get our input $id = pnVarCleanFromInput('id'); // check the input if (!is_numeric($id)) { pnSessionSetVar('errormsg', _MODARGSERROR); return pnRedirect(pnModURL('Modules', 'admin', 'view')); } // Create output object - this object will store all of our output so that // we can return it easily when required $pnRender =& new pnRender('Modules'); // As Admin output changes often, we do not want caching. $pnRender->caching = false; $dbconn =& pnDBGetConn(true); $pntable =& pnDBGetTables(); $modulestable = $pntable['modules']; $modulescolumn = &$pntable['modules_column']; $query = "SELECT $modulescolumn[name], $modulescolumn[displayname], $modulescolumn[description] FROM $modulestable WHERE $modulescolumn[id] = '" . (int)pnVarPrepForStore($id) . "'"; $result =& $dbconn->Execute($query); if ($result->EOF) { return pnVarPrepHTMLDisplay(_MODULESNOSUCHMODID); } list($name, $displayname, $description) = $result->fields; $result->Close(); // Security check - important to do this as early as possible to avoid // potential security holes or just too much wasted processing. For the // main function we want to check that the user has at least edit privilege // for some item within this component, or else they won't be able to do // anything and so we refuse access altogether. The lowest level of access // for administration depends on the particular module, but it is generally // either 'edit' or 'delete' if (!pnSecAuthAction(0, 'Modules::', "$name::$id", ACCESS_ADMIN)) { return pnVarPrepHTMLDisplay(_MODULENOAUTH); } // add the module id $pnRender->assign('id', $id); // Name $pnRender->assign('newdisplayname', $displayname); // Description $pnRender->assign('newdescription', $description); // Return the output that has been generated by this function return $pnRender->fetch('modules_admin_modify.htm'); } /** * Modules_admin_update - update a module * @author Jim McDonald * @return string HTML output string * @param int 'id' module id * @param string 'newdisplayname' new display name of the module * @param string 'newdescription' new description of the module */ function modules_admin_update() { // Get parameters list($id, $newdisplayname, $newdescription) = pnVarCleanFromInput('id', 'newdisplayname', 'newdescription'); if (!pnSecConfirmAuthKey()) { pnSessionSetVar('errormsg', _BADAUTHKEY); return pnRedirect(pnModURL('Modules', 'admin', 'view')); } // Pass to API if (pnModAPIFunc('Modules', 'admin', 'update', array('mid' => $id, 'displayname' => $newdisplayname, 'description' => $newdescription))) { // Success pnSessionSetVar('statusmsg', _MODULESUPDATEDINFORMATION); } return pnRedirect(pnModURL('Modules', 'admin', 'view')); } /** * Modules_admin_update hooks * update hooks for a module * @author Mark West * @param int 'id' module id * @return bool true if successful, false otherwise */ function modules_admin_updatehooks() { // Get parameters $id = pnVarCleanFromInput('id'); if (!pnSecConfirmAuthKey()) { pnSessionSetVar('errormsg', _BADAUTHKEY); return pnRedirect(pnModURL('Modules', 'admin', 'view')); } // Pass to API if (pnModAPIFunc('Modules', 'admin', 'updatehooks', array('mid' => $id))) { // Success pnSessionSetVar('statusmsg', _MODULESUPDATEDINFORMATION); } return pnRedirect(pnModURL('Modules', 'admin', 'view')); } /** * Modules_admin_view - list modules and current settings * @author Jim McDonald * @return string HTML output string */ function modules_admin_view() { // Security check - important to do this as early as possible to avoid // potential security holes or just too much wasted processing. For the // main function we want to check that the user has at least edit privilege // for some item within this component, or else they won't be able to do // anything and so we refuse access altogether. The lowest level of access // for administration depends on the particular module, but it is generally // either 'edit' or 'delete' if (!pnSecAuthAction(0, 'Modules::', '::', ACCESS_ADMIN)) { return pnVarPrepHTMLDisplay(_MODULENOAUTH); } // Get parameters from whatever input we need. All arguments to this // function should be obtained from pnVarCleanFromInput(), getting them // from other places such as the environment is not allowed, as that makes // assumptions that will not hold in future versions of PostNuke list($startnum, $letter, $state) = pnVarCleanFromInput('startnum', 'letter', 'state'); // do some clean up pnSessionDelVar('interactive_init'); pnSessionDelVar('interactive_remove'); pnSessionDelVar('interactive_upgrade'); // Create output object - this object will store all of our output so that // we can return it easily when required $pnRender =& new pnRender('Modules'); // As Admin output changes often, we do not want caching. $pnRender->caching = false; // assign the state filter $pnRender->assign('state', $state); // Get list of modules $mods = pnModAPIFunc('Modules', 'admin', 'list', array('startnum' => $startnum, 'letter' => $letter, 'state' => $state, 'numitems' => pnModGetVar('Modules', 'itemsperpage'))); // generate an auth key to use in urls $authid = pnSecGenAuthKey(); $moduleinfo = array(); if (!empty($mods)) { foreach($mods as $mod) { // Add applicable actions $actions = array(); if (pnSecAuthAction(0, 'Modules::', "$mod[name]::$mod[id]", ACCESS_ADMIN)) { switch ($mod['state']) { case _PNMODULE_STATE_ACTIVE: $actions[] = array('url' => pnModURL('Modules', 'admin', 'deactivate', array('id' => $mod['id'], 'startnum' => $startnum, 'authid' => $authid, 'letter' => $letter, 'state' => $state)), 'title' => _MODULESDEACTIVATE); $actions[] = array('url' => pnModURL('Modules', 'admin', 'hooks', array('id' => $mod['id'])), 'title' => _MODULESHOOKS); if( $mod['admin_capable']==1 && ($mod['type']==2 || $mod['type']==3)) { $actions[] = array('url' => pnModURL($mod['name'], 'admin', 'main'), 'title' => _MODULESADMIN); } else if ( $mod['admin_capable']==1 && $mod['type']==1 ) { $actions[] = array('url' => 'admin.php?module='.$mod['name'], 'title' => _MODULESADMIN); } break; case _PNMODULE_STATE_INACTIVE: $actions[] = array('url' => pnModURL('Modules', 'admin', 'activate', array('id' => $mod['id'], 'startnum' => $startnum, 'authid' => $authid, 'letter' => $letter, 'state' => $state)), 'title' => _MODULESACTIVATE); $actions[] = array('url' => pnModURL('Modules', 'admin', 'remove', array('id' => $mod['id'], 'startnum' => $startnum, 'authid' => $authid, 'letter' => $letter, 'state' => $state)), 'title' => _MODULESREMOVE); break; case _PNMODULE_STATE_MISSING: $actions[] = array('url' => pnModURL('Modules', 'admin', 'remove', array('id' => $mod['id'], 'startnum' => $startnum, 'authid' => $authid, 'letter' => $letter, 'state' => $state)), 'title' => _MODULESREMOVE); break; case _PNMODULE_STATE_UPGRADED: $actions[] = array('url' => pnModURL('Modules', 'admin', 'upgrade', array('id' => $mod['id'], 'startnum' => $startnum, 'authid' => $authid, 'letter' => $letter, 'state' => $state)), 'title' => _MODULESUPGRADE); break; case _PNMODULE_STATE_UNINITIALISED: default: $actions[] = array('url' => pnModURL('Modules', 'admin', 'initialise', array('id' => $mod['id'], 'startnum' => $startnum, 'authid' => $authid, 'letter' => $letter, 'state' => $state)), 'title' => _MODULESINITIALISE); $actions[] = array('url' => pnModURL('Modules', 'admin', 'remove', array('id' => $mod['id'], 'startnum' => $startnum, 'authid' => $authid, 'letter' => $letter, 'state' => $state)), 'title' => _MODULESREMOVE); break; } $actions[] = array('url' => pnModURL('Modules', 'admin', 'modify', array('id' => $mod['id'])), 'title' => _MODULESEDIT); } // Translate state switch ($mod['state']) { case _PNMODULE_STATE_INACTIVE: $status = _MODULESINACTIVE; $statusimage = 'red_dot.gif'; break; case _PNMODULE_STATE_ACTIVE: $status = _MODULESACTIVE; $statusimage = 'green_dot.gif'; break; case _PNMODULE_STATE_MISSING: $status = _MODULESFILESMISSING; $statusimage = 'red_dot.gif'; break; case _PNMODULE_STATE_UPGRADED: $status = _MODULESUPGRADED; $statusimage = 'red_dot.gif'; break; case _PNMODULE_STATE_UNINITIALISED: default: $status = _MODULESUNINIT; $statusimage = 'white_dot.gif'; break; } $moduleinfo[] = array('modinfo' => $mod, 'status' => $status, 'statusimage' => $statusimage, 'options' => $actions); } } $pnRender->assign('modules', $moduleinfo); // Assign the values for the smarty plugin to produce a pager in case of there // being many items to display. // // Note that this function includes another user API function. The // function returns a simple count of the total number of items in the item // table so that the pager function can do its job properly $pnRender->assign('pager', array('numitems' => pnModAPIFunc('Modules', 'admin', 'countitems', array('letter' => $letter, 'state' => $state)), 'itemsperpage' => pnModGetVar('Modules', 'itemsperpage'))); // Return the output that has been generated by this function return $pnRender->fetch('modules_admin_view.htm'); } /** * Modules_admin_view - list modules and current settings * * This function is an alias to modules_admin_view as pnphpbb calls this * function name directly on the install * * @author Jim McDonald * @see modules_admin_view * @return string HTML output string */ function modules_admin_list() { return modules_admin_view(); } /** * Initialise a module * @author Jim McDonald * @param int 'id' module id * @return bool true */ function modules_admin_initialise() { // Security and sanity checks if (!pnSecConfirmAuthKey()) { pnSessionSetVar('errormsg', _BADAUTHKEY); return pnRedirect(pnModURL('Modules', 'admin', 'view')); } $interactive_init = pnSessionGetVar('interactive_init'); $interactive_init = (empty($interactive_init)) ? false : true; if($interactive_init==false) { list($id, $startnum, $letter, $state) = pnVarCleanFromInput('id', 'startnum', 'letter','state'); pnSessionSetVar('modules_id', $id); pnSessionSetVar('modules_startnum', $startnum); pnSessionSetVar('modules_letter', $letter); pnSessionSetVar('modules_state', $state); $activate = false; } else { $id = pnSessionGetVar('modules_id'); $startnum = pnSessionGetVar('modules_startnum'); $letter = pnSessionGetVar('modules_letter'); $state = pnSessionGetVar('modules_state'); $activate = (bool)pnVarCleanFromInput('activate'); } if (empty($id) || !is_numeric($id)) { pnSessionSetVar('errormsg', _MODULESNOMODID); return pnRedirect(pnModURL('Modules', 'admin', 'view')); } // Initialise module $res = pnModAPIFunc('Modules', 'admin', 'initialise', array('mid' => $id, 'interactive_init' => $interactive_init)); if(is_bool($res) && $res==true) { // Success pnSessionDelVar('modules_id'); pnSessionDelVar('modules_startnum'); pnSessionDelVar('modules_letter'); pnSessionDelVar('modules_state'); pnSessionDelVar('interactive_init'); pnSessionSetVar('statusmsg', _MODULESINITIALISED); if($activate==true) { if (pnModAPIFunc('Modules', 'admin', 'setstate', array('mid' => $id, 'state' => _PNMODULE_STATE_ACTIVE))) { // Success pnSessionSetVar('statusmsg', _MODULESACTIVATED); } } return pnRedirect(pnModURL('Modules', 'admin', 'view', array('startnum' => $startnum, 'letter' => $letter, 'state' => $state))); } elseif (is_bool($res)) { return pnRedirect(pnModURL('Modules', 'admin', 'view', array('startnum' => $startnum, 'letter' => $letter, 'state' => $state))); } else { return $res; } } /** * Activate a module * @author Jim McDonald * @param int 'id' module id * @return bool true */ function modules_admin_activate() { // Security and sanity checks if (!pnSecConfirmAuthKey()) { pnSessionSetVar('errormsg', _BADAUTHKEY); return pnRedirect(pnModURL('Modules', 'admin', 'view')); } list($id, $startnum, $letter, $state) = pnVarCleanFromInput('id', 'startnum', 'letter','state'); if (empty($id) || !is_numeric($id)) { pnSessionSetVar('errormsg', _MODULESNOMODID); return pnRedirect(pnModURL('Modules', 'admin', 'view')); } // Update state if (pnModAPIFunc('Modules', 'admin', 'setstate', array('mid' => $id, 'state' => _PNMODULE_STATE_ACTIVE))) { // Success pnSessionSetVar('statusmsg', _MODULESACTIVATED); } return pnRedirect(pnModURL('Modules', 'admin', 'view', array('startnum' => $startnum, 'letter' => $letter, 'state' => $state))); } /** * Upgrade a module * @author Jim McDonald * @param int 'id' module id * @return bool true */ function modules_admin_upgrade() { // Security and sanity checks if (!pnSecConfirmAuthKey()) { pnSessionSetVar('errormsg', _BADAUTHKEY); return pnRedirect(pnModURL('Modules', 'admin', 'view')); } $interactive_upgrade = pnSessionGetVar('interactive_upgrade'); $interactive_upgrade = (empty($interactive_upgrade)) ? false : true; if($interactive_upgrade==false) { list($id, $startnum, $letter, $state) = pnVarCleanFromInput('id', 'startnum', 'letter','state'); pnSessionSetVar('modules_id', $id); pnSessionSetVar('modules_startnum', $startnum); pnSessionSetVar('modules_letter', $letter); pnSessionSetVar('modules_state', $state); $activate = false; } else { $id = pnSessionGetVar('modules_id'); $startnum = pnSessionGetVar('modules_startnum'); $letter = pnSessionGetVar('modules_letter'); $state = pnSessionGetVar('modules_state'); $activate = (bool)pnVarCleanFromInput('activate'); } if (empty($id) || !is_numeric($id)) { pnSessionSetVar('errormsg', _MODULESNOMODID); return pnRedirect(pnModURL('Modules', 'admin', 'view')); } // Upgrade module $res = pnModAPIFunc('Modules', 'admin', 'upgrade', array('mid' => $id, 'interactive_upgrade' => $interactive_upgrade)); if(is_bool($res) && $res==true) { // Success pnSessionDelVar('modules_id'); pnSessionDelVar('modules_startnum'); pnSessionDelVar('modules_letter'); pnSessionDelVar('modules_state'); pnSessionDelVar('interactive_upgrade'); pnSessionSetVar('statusmsg', _MODULESUPGRADED); if($activate==true) { if (pnModAPIFunc('Modules', 'admin', 'setstate', array('mid' => $id, 'state' => _PNMODULE_STATE_ACTIVE))) { // Success pnSessionSetVar('statusmsg', _MODULESACTIVATED); } } return pnRedirect(pnModURL('Modules', 'admin', 'view', array('startnum' => $startnum, 'letter' => $letter, 'state' => $state))); } elseif (is_bool($res)) { return pnRedirect(pnModURL('Modules', 'admin', 'view', array('startnum' => $startnum, 'letter' => $letter, 'state' => $state))); } else { return $res; } } /** * Deactivate a module * @author Jim McDonald * @param int 'id' module id * @return bool true */ function modules_admin_deactivate() { // Security and sanity checks if (!pnSecConfirmAuthKey()) { pnSessionSetVar('errormsg', _BADAUTHKEY); return pnRedirect(pnModURL('Modules', 'admin', 'view')); } list($id, $startnum, $letter, $state) = pnVarCleanFromInput('id', 'startnum', 'letter','state'); if (empty($id) || !is_numeric($id)) { pnSessionSetVar('errormsg', _MODULESNOMODID); return pnRedirect(pnModURL('Modules', 'admin', 'view')); } // Update state if (pnModAPIFunc('Modules', 'admin', 'setstate', array('mid' => $id, 'state' => _PNMODULE_STATE_INACTIVE))) { // Success pnSessionSetVar('statusmsg', _MODULESDEACTIVATED); } return pnRedirect(pnModURL('Modules', 'admin', 'view', array('startnum' => $startnum, 'letter' => $letter, 'state' => $state))); } /** * Remove a module * @author Jim McDonald * @param int 'id' module id * @return bool true if successful */ function modules_admin_remove() { //pnSessionDelVar('interactive_remove'); die(); // Security and sanity checks if (!pnSecConfirmAuthKey()) { pnSessionSetVar('errormsg', _BADAUTHKEY); return pnRedirect(pnModURL('Modules', 'admin', 'view')); } $interactive_remove = pnSessionGetVar('interactive_remove'); $interactive_remove = (empty($interactive_remove)) ? false : true; if($interactive_remove == false) { list($id, $startnum, $letter, $state) = pnVarCleanFromInput('id', 'startnum', 'letter','state'); pnSessionSetVar('modules_id', $id); pnSessionSetVar('modules_startnum', $startnum); pnSessionSetVar('modules_letter', $letter); pnSessionSetVar('modules_state', $state); } else { $id = pnSessionGetVar('modules_id'); $startnum = pnSessionGetVar('modules_startnum'); $letter = pnSessionGetVar('modules_letter'); $state = pnSessionGetVar('modules_state'); } if (empty($id) || !is_numeric($id)) { pnSessionSetVar('errormsg', _MODULESNOMODID); return pnRedirect(pnModURL('Modules', 'admin', 'view')); } // check the blocks module for existing blocks $blocks = pnModAPIFunc('Blocks', 'user', 'getall', array('modid' => $id)); if (!empty($blocks)) { pnSessionSetVar('errormsg', _MODULESBLOCKSEXIST); return pnRedirect(pnModURL('Modules', 'admin', 'view')); } // Remove module $res = pnModAPIFunc('Modules', 'admin', 'remove', array('mid' => $id, 'interactive_remove' => $interactive_remove)); if(is_bool($res) && $res==true) { // Success pnSessionDelVar('modules_id'); pnSessionDelVar('modules_startnum'); pnSessionDelVar('modules_letter'); pnSessionDelVar('modules_state'); pnSessionDelVar('interactive_remove'); pnSessionSetVar('statusmsg', _MODULESREMOVED); return pnRedirect(pnModURL('Modules', 'admin', 'view', array('startnum' => $startnum, 'letter' => $letter, 'state' => $state))); } elseif (is_bool($res)) { return pnRedirect(pnModURL('Modules', 'admin', 'view', array('startnum' => $startnum, 'letter' => $letter, 'state' => $state))); } else { return $res; } } /** * Re-generate modules list * @author Jim McDonald * @return bool true if successful */ function modules_admin_regenerate() { // Security check if (!pnSecConfirmAuthKey()) { pnSessionSetVar('errormsg', _BADAUTHKEY); return pnRedirect(pnModURL('Modules', 'admin', 'view')); } // get variables to pass back to pager list($startnum, $letter, $state) = pnVarCleanFromInput('startnum', 'letter', 'state'); // Regenerate modules if (pnModAPIFunc('Modules', 'admin', 'regenerate')) { // Success pnSessionSetVar('statusmsg', _MODULESREGENERATED); } return pnRedirect(pnModURL('Modules', 'admin', 'view', array('startnum' => $startnum, 'letter' => $letter, 'state' => $state))); } /** * display available hooks * @author Mark West * @param int 'id' module id * @return string HTML output string */ function modules_admin_hooks() { // get our input $id = pnVarCleanFromInput('id'); // check the input if (!is_numeric($id)) { pnSessionSetVar('errormsg', _MODARGSERROR); return pnRedirect(pnModURL('Modules', 'admin', 'view')); } // Create output object - this object will store all of our output so that // we can return it easily when required $pnRender =& new pnRender('Modules'); // As Admin output changes often, we do not want caching. $pnRender->caching = false; $dbconn =& pnDBGetConn(true); $pntable =& pnDBGetTables(); $modulestable = $pntable['modules']; $modulescolumn = &$pntable['modules_column']; $query = "SELECT $modulescolumn[name], $modulescolumn[displayname], $modulescolumn[description] FROM $modulestable WHERE $modulescolumn[id] = '" . (int)pnVarPrepForStore($id) . "'"; $result =& $dbconn->Execute($query); if ($result->EOF) { return pnVarPrepHTMLDisplay(_MODULESNOSUCHMODID); } list($name, $displayname, $description) = $result->fields; $pnRender->assign('name', $name); $pnRender->assign('displayname', $displayname); $pnRender->assign('description', $description); $result->Close(); if (!pnSecAuthAction(0, 'Modules::', "$name::$id", ACCESS_ADMIN)) { return pnVarPrepHTMLDisplay(_MODULENOAUTH); } // add module id to form $pnRender->assign('id', $id); // Hooks $hookstable = $pntable['hooks']; $hookscolumn = &$pntable['hooks_column']; $sql = "SELECT DISTINCT $hookscolumn[smodule], $hookscolumn[tmodule] FROM $hookstable WHERE $hookscolumn[smodule] IS NULL OR $hookscolumn[smodule] = '" . pnVarPrepForStore($name) . "' ORDER BY $hookscolumn[tmodule], $hookscolumn[smodule] DESC"; $result =& $dbconn->Execute($sql); $displayed = array(); $hooks = array(); for (; !$result->EOF; $result->MoveNext()) { list($smodname, $tmodname) = $result->fields; // Only display once if (isset($displayed[$tmodname])) { continue; } $displayed[$tmodname] = true; if (!empty($smodname)) { $checked = 1; } else { $checked = 0; } $hooks[]= array('hooklabel' => _MODULESACTIVATE . ' ' . strtolower($tmodname) . ' ' . _MODULESFORTHIS, 'targetmodname' => $tmodname, 'hookvalue' => $checked); } $result->Close(); $pnRender->assign('hooks', $hooks); // Return the output that has been generated by this function return $pnRender->fetch('modules_admin_hooks.htm'); } /** * This is a standard function to modify the configuration parameters of the * module * @author Mark West * @since 1.14 * @return string HTML string */ function modules_admin_modifyconfig() { // Security check - important to do this as early as possible to avoid // potential security holes or just too much wasted processing if (!pnSecAuthAction(0, 'Modules::', '::', ACCESS_ADMIN)) { return pnVarPrepHTMLDisplay(_MODULENOAUTH); } // Create output object - this object will store all of our output so that // we can return it easily when required $pnRender =& new pnRender('Modules'); // As Admin output changes often, we do not want caching. $pnRender->caching = false; // Number of items to display per page $pnRender->assign('itemsperpage', pnModGetVar('Modules', 'itemsperpage')); // load support for legacy modules $pnRender->assign('loadlegacy', pnConfigGetVar('loadlegacy')); // Return the output that has been generated by this function return $pnRender->fetch('modules_admin_modifyconfig.htm'); } /** * This is a standard function to update the configuration parameters of the * module given the information passed back by the modification form * @author Mark West * @since 1.14 * @return bool true */ function modules_admin_updateconfig() { // Security check - important to do this as early as possible to avoid // potential security holes or just too much wasted processing if (!pnSecAuthAction(0, 'Modules::', '::', ACCESS_ADMIN)) { return pnVarPrepHTMLDisplay(_MODULENOAUTH); } // Get parameters from whatever input we need. All arguments to this // function should be obtained from pnVarCleanFromInput(), getting them // from other places such as the environment is not allowed, as that makes // assumptions that will not hold in future versions of PostNuke list($itemsperpage, $loadlegacy) = pnVarCleanFromInput('itemsperpage', 'loadlegacy'); // Confirm authorisation code. This checks that the form had a valid // authorisation code attached to it. If it did not then the function will // proceed no further as it is possible that this is an attempt at sending // in false data to the system if (!pnSecConfirmAuthKey()) { pnSessionSetVar('errormsg', pnVarPrepForDisplay(_BADAUTHKEY)); return pnRedirect(pnModURL('Modules', 'admin', 'view')); } // Update module variables. Note that depending on the HTML structure used // to obtain the information from the user it is possible that the values // might be unset, so it is important to check them all and assign them // default values if required if (empty($itemsperpage)) { $itemsperpage = 25; } // make sure $itemsperpage is a positive integer if (!is_integer($itemsperpage) || $itemsperpage < 1) { pnSessionSetVar('errormsg', pnVarPrepForDisplay(_MODULESITEMSPERPAGENUMERIC)); $itemsperpage = (int)$itemsperpage; if ($itemsperpage < 1) { $itemsperpage = 25; } } pnModSetVar('Modules', 'itemsperpage', $itemsperpage); if (empty($loadlegacy)) { $loadlegacy = 0; } pnConfigSetVar('loadlegacy', $loadlegacy); // the module configuration has been updated successfuly pnSessionSetVar('statusmsg', _CONFIGUPDATED); // This function generated no output, and so now it is complete we redirect // the user to an appropriate page for them to carry on their work return pnRedirect(pnModURL('Modules', 'admin', 'view')); } ?>