1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
|
<?
$module = array("help" => "ab_help",
"block" => "ab_block",
"admin" => "ab_admin");
function ab_help() {
?>
<P>The content of the site can be almost entirely altered by means of blocks. Simply put, <I>admin blocks</I> are small bit of PHP code which will get plugged into the site. Admin blocks are typically used to add custom blocks to the site.</P>
<P>If you know how to script in PHP, admin blocks are pretty simple to create. Don't get your panties in a knot if you are not confident with PHP: simply use the standard admin blocks (i.e. those available by default) as they are just fine or ask an expert 'admin blocker' to help you creating custom admin blocks that fit your need.</P>
<P>Each admin block consists of a subject an associated block of PHP code which can be as long as you want it to be and that will 'render' the content of the block. You can use any piece of PHP code to make up an admin block. An admin block's code is stored in the database and the engine will dynamically embedded the PHP code just-in-time for execution.</P>
<P>There are however some factors to keep in mind when using and creating admin blocks: admin blocks can be extremly useful and flexible, yet be dangerous and insecure if not properly used. If you are not confident with PHP, SQL or even with the site engine for that matter, avoid experimenting with admin blocks because you can - and you probably will - corrupt your database or even render your site unusable! If you don't plan to do fancy stuff with admin blocks then you are probably save though.</P>
<P>Remember that the code within each admin block must be valid PHP code, including things like terminating statements with a semicolon so the parser won't die. Therefore, it is highly recommended to test your admin blocks seperatly using a simple test script on top of a test database before migrating to your production environment running your real database.</P>
<P>Note that you can use any global variables, such as configuration parameters within the scope of an admin block and keep in mind that variables that have been given values in an admin block will retain these values in the engine or module afterwards.</P>
<P>You may as well use the <CODE>return</CODE> statement to return the actual content of the block.</P>
<P><U>A basic example:</U></P>
<P>Given the admin block with subject "Welcome", used to create a Welcome-block. The content for this admin block could be created by using:</P>
<PRE>
return "Welcome visitor, ... welcome message goes here ...";
</PRE>
<P>If we are however dealing with a registered user, we can customize the message by using:
<PRE>
if ($user) {
return "Welcome $user->userid, ... weclome message goes here ...";
}
else {
return "Welcome visitor, ... welcome message goes here ...";
}
</PRE>
<P>For a more in depth example, we recommand you to check any of the available admin blocks and to go from there.</P>
<P>As said above, you can virtually use any piece of PHP code in an admin block: you can declare and use functions, consult the SQL database, access configuration settings and so on.</P>
<?
}
function ab_block() {
$result = db_query("SELECT * FROM admin_blocks");
$i = 0;
while ($block = db_fetch_object($result)) {
$blocks[$i]["subject"] = check_output($block->subject);
$blocks[$i]["content"] = eval($block->content);
$blocks[$i]["info"] = check_output($block->info);
$blocks[$i]["link"] = check_output($block->link);
$i++;
}
return $blocks;
}
function ab_admin_display() {
$result = db_query("SELECT * FROM admin_blocks");
while ($block = db_fetch_object($result)) {
$output .= "<TABLE BORDER=\"1\" CELLPADDING=\"3\" CELLSPACING=\"0\">\n";
$output .= " <TR><TH>Subject:</TH><TD>". check_output($block->subject) ."</TD></TR>\n";
$output .= " <TR><TH>Content:</TH><TD>". nl2br(htmlentities($block->content)) ."</TD></TR>\n";
$output .= " <TR><TH>Information:</TH><TD><I>". check_output($block->info) ."</I></TD></TR>\n";
$output .= " <TR><TH>Link:</TH><TD>". format_url($block->link) ."</TD></TR>\n";
$output .= " <TR><TH>Operations:</TH><TD><A HREF=\"admin.php?mod=admin-block&op=edit&id=$block->id\">edit</A>, <A HREF=\"admin.php?mod=admin-block&op=delete&id=$block->id\">delete</A></TD></TR>\n";
$output .= "</TABLE>\n";
$output .= "<BR><BR>\n";
}
$output .= "<FORM ACTION=\"admin.php?mod=admin-block\" METHOD=\"post\">\n";
$output .= "<TABLE BORDER=\"1\" CELLPADDING=\"3\" CELLSPACING=\"0\">\n";
$output .= " <TR><TH>Subject:</TH><TD><INPUT TYPE=\"text\" NAME=\"subject\" SIZE=\"35\"></TD></TR>\n";
$output .= " <TR><TH>Content:</TH><TD><TEXTAREA NAME=\"content\" COLS=\"50\" ROWS=\"5\"></TEXTAREA></TD></TR>\n";
$output .= " <TR><TH>Information:</TH><TD><INPUT TYPE=\"text\" NAME=\"info\" SIZE=\"35\"></TD></TR>\n";
$output .= " <TR><TH>Link:</TH><TD><INPUT TYPE=\"text\" NAME=\"link\" SIZE=\"35\"></TD></TR>\n";
$output .= " <TR><TH>Operations:</TH><TD><INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"Add admin block\"></TD></TR>\n";
$output .= "</TABLE>\n";
$output .= "</FORM>\n";
print $output;
}
function ab_admin_add($subject, $content, $info, $link) {
db_query("INSERT INTO admin_blocks (subject, content, info, link) VALUES ('". check_input($subject) ."', '". check_code($content) ."', '". check_input($info) ."', '". check_input($link) ."')");
}
function ab_admin_delete($id) {
db_query("DELETE FROM admin_blocks WHERE id = $id");
}
function ab_admin_rehash() {
global $repository;
module_rehash_blocks("admin-block", $repository["admin-block"]);
}
function ab_admin_edit($id) {
$result = db_query("SELECT * FROM admin_blocks WHERE id = $id");
if ($block = db_fetch_object($result)) {
$output .= "<FORM ACTION=\"admin.php?mod=admin-block\" METHOD=\"post\">\n";
$output .= "<P>\n";
$output .= " <B>Subject:</B><BR>\n";
$output .= " <INPUT TYPE=\"text\" NAME=\"subject\" VALUE=\"". check_field($block->subject) ."\">\n";
$output .= "</P>\n";
$output .= "<P>\n";
$output .= "<B>Content:</B><BR>\n";
$output .= "<TEXTAREA NAME=\"content\" COLS=\"50\" ROWS=\"5\">$block->content</TEXTAREA>\n";
$output .= "</P>\n";
$output .= "<B>Information:</B><BR>\n";
$output .= "<INPUT TYPE=\"text\" NAME=\"info\" VALUE=\"$block->info\">\n";
$output .= "</P>\n";
$output .= "<P>\n";
$output .= "<B>Link:</B><BR>\n";
$output .= "<INPUT TYPE=\"text\" NAME=\"link\" VALUE=\"$block->link\">\n";
$output .= "</P>\n";
$output .= "<P>\n";
$output .= "<INPUT TYPE=\"hidden\" NAME=\"id\" VALUE=\"$id\">\n";
$output .= "<INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"Save admin block\"><BR>\n";
$output .= "</P>\n";
$output .= "</FORM>\n";
}
print $output;
}
function ab_admin_save($id, $subject, $content, $info, $link) {
db_query("UPDATE admin_blocks SET subject = '". check_input($subject) ."', content = '". check_code($content) ."', info = '". check_input($info) ."', link = '". check_input($link) ."' WHERE id = '$id'");
watchdog("message", "modified admin block `$subject'");
}
function ab_admin() {
global $op, $id, $subject, $content, $info, $link;
switch ($op) {
case "Add admin block":
ab_admin_add($subject, $content, $info, $link);
ab_admin_display();
ab_admin_rehash();
break;
case "Save admin block":
ab_admin_save($id, $subject, $content, $info, $link);
ab_admin_display();
ab_admin_rehash();
break;
case "edit":
ab_admin_edit($id);
break;
case "delete":
ab_admin_delete($id);
ab_admin_rehash();
// fall through
default:
ab_admin_display();
}
}
?>
|
