Note: this list is kept only as a demonstration for CVSNotice. For the latest CVS notices, see the Xaraya and Postnuke sites
View Statistics - Next Notice - Previous NoticeDirectory filter : [ all ] / postnuke_modules / nascar [ view in CVS ]
Date | Directory [filter] | File(s) [view] | Author [filter] |
10 Aug 2002 06:02:36 | postnuke_modules/nascar | pnadmin.php,NONE,1.1 pnadminapi.php,NONE,1.1 pnuser.php,NONE,1.1 pnuserapi.php,1.1,1.2 | George Neill |
+ updates for the 'tracks' section of the NASCAR module. (still learning!) |
Update of /home/cvsroot/postnuke_modules/nascar In directory ns7.hostnuke.net:/tmp/cvs-serv29779 Modified Files: pnuserapi.php Added Files: pnadmin.php pnadminapi.php pnuser.php Log Message: + updates for the 'tracks' section of the NASCAR module. (still learning!) GNeill 2002.08.10 --- NEW FILE: pnadmin.php --- <?php // $Id: pnadmin.php,v 1.1 2002/08/10 06:02:33 georgen Exp $ // ---------------------------------------------------------------------- // PostNuke Content Management System // Copyright (C) 2002 by the PostNuke Development Team. // http://www.postnuke.com/ // ---------------------------------------------------------------------- // LICENSE // // This program is free software; you can redistribute it and/or // modify it under the terms of the GNU General Public License (GPL) // as published by the Free Software Foundation; either version 2 // of the License, or (at your option) any later version. // // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // // To read the license please visit http://www.gnu.org/copyleft/gpl.html // ---------------------------------------------------------------------- // Original Author of file: George Neill // Purpose of file: nascar administration display functions // ---------------------------------------------------------------------- function nascar_admin_main() { if (!pnSecAuthAction(0, 'nascar::Item', '::', ACCESS_EDIT)) { return _NASCARNOAUTH; } $data = nascar_admin_menu(); return $data; } function nascar_admin_menu() { $data = array(); $data['nascar_title'] = pnML(pnVarPrepForDisplay(_NASCARTITLE)); $data['nascar_home'] = pnML(pnVarPrepForDisplay(_NASCARHOME)); $data['nascar_binaries'] = pnML(pnVarPrepForDisplay(_NASCARBINARIES)); $data['nascar_event'] = pnML(pnVarPrepForDisplay(_NASCAREVENT)); $data['nascar_leagues'] = pnML(pnVarPrepForDisplay(_NASCARLEAGUES)); $data['nascar_pen_votes'] = pnML(pnVarPrepForDisplay(_NASCARPENVOTES)); $data['nascar_penalties'] = pnML(pnVarPrepForDisplay(_NASCARPENALTIES)); $data['nascar_results'] = pnML(pnVarPrepForDisplay(_NASCARRESULTS)); $data['nascar_roster'] = pnML(pnVarPrepForDisplay(_NASCARROSTER)); $data['nascar_season'] = pnML(pnVarPrepForDisplay(_NASCARSEASON)); $data['nascar_tracks'] = pnML(pnVarPrepForDisplay(_NASCARTRACKS)); $data['status'] = ''; return $data; } function nascar_admin_view_tracks() { $startnum = pnVarCleanFromInput('startnum'); $data = nascar_admin_menu(); if (!pnSecAuthAction(0, 'nascar::', '::', ACCESS_EDIT)) { $data['status'] = _NASCARNOAUTH; return $data; } if (!pnModAPILoad('nascar', 'user')) { $data['status'] = _LOADFAILED; return $data; } $data['items'] = array(); $data['nascar_addtrack'] = pnML(pnVarPrepForDisplay(_NASCARADDTRACK)); $data['tracks_id'] = pnML(pnVarPrepForDisplay(_TRACKSID)); $data['tracks_name'] = pnML(pnVarPrepForDisplay(_TRACKSNAME)); $data['tracks_longname'] = pnML(pnVarPrepForDisplay(_TRACKSLONGNAME)); $data['tracks_location'] = pnML(pnVarPrepForDisplay(_TRACKSLOCATION)); $data['tracks_weather_url'] = pnML(pnVarPrepForDisplay(_TRACKSWEATHERURL)); $data['tracks_image'] = pnML(pnVarPrepForDisplay(_TRACKSIMAGE)); $data['tracks_length'] = pnML(pnVarPrepForDisplay(_TRACKSLENGTH)); $data['tracks_url'] = pnML(pnVarPrepForDisplay(_TRACKSURL)); $data['tracks_active'] = pnML(pnVarPrepForDisplay(_TRACKSACTIVE)); $data['pager'] = ''; $items = pnModAPIFunc('nascar', 'user', 'getall_tracks', array('startnum' => $startnum, 'numitems' => pnModGetVar('nascar', 'itemsperpage'))); if ($items == false) { if (pnExceptionMajor() == PN_SYSTEM_EXCEPTION) { return; // throw back } $data['status'] = pnML('No items available'); $reason = pnExceptionValueString(); if (!empty($reason)) { $data['status'] .= '<br /><br />'. pnML('Reason') .' : '. $reason; } pnExceptionFree(); return $data; } for ($i = 0; $i < count($items); $i++) { $item = $items[$i]; if (pnSecAuthAction(0, 'nascar::', "$item[tname]::$item[tid]", ACCESS_EDIT)) { $items[$i]['editurl'] = pnModURL('nascar', 'admin', 'modify_tracks', array('tid' => $item['tid'])); } else { $items[$i]['editurl'] = ''; } $items[$i]['edittitle'] = pnML('Edit'); if (pnSecAuthAction(0, 'nascar::', "$item[tname]::$item[tid]", ACCESS_DELETE)) { $items[$i]['deleteurl'] = pnModURL('nascar', 'admin', 'delete_tracks', array('tid' => $item['tid'])); } else { $items[$i]['deleteurl'] = ''; } $items[$i]['deletetitle'] = pnML('Delete'); } $data['items'] = $items; return $data; } function nascar_admin_new_tracks() { $data = nascar_admin_menu(); if (!pnSecAuthAction(0, 'nascar::', '::', ACCESS_EDIT)) { $data['status'] = _NASCARNOAUTH; return $data; } $data['authid'] = pnSecGenAuthKey(); $data['nascar_home'] = pnML(pnVarPrepForDisplay(_NASCARHOME)); $data['nascar_title'] = pnML(pnVarPrepForDisplay(_NASCARTITLE)); $data['label_viewtracks'] = pnML(pnVarPrepForDisplay(_NASCARTRACKS)); $data['label_name'] = pnML(pnVarPrepForDisplay(_TRACKSNAME)); $data['label_longname'] = pnML(pnVarPrepForDisplay(_TRACKSLONGNAME)); $data['label_location'] = pnML(pnVarPrepForDisplay(_TRACKSLOCATION)); $data['label_weather_url'] = pnML(pnVarPrepForDisplay(_TRACKSWEATHERURL)); $data['label_image'] = pnML(pnVarPrepForDisplay(_TRACKSIMAGE)); $data['label_length'] = pnML(pnVarPrepForDisplay(_TRACKSLENGTH)); $data['label_url'] = pnML(pnVarPrepForDisplay(_TRACKSURL)); $data['label_active'] = pnML(pnVarPrepForDisplay(_TRACKSACTIVE)); $data['addbutton'] = 'Create'; return $data; } function nascar_admin_create_tracks($args) { list($tname, $tlongname, $tlocation, $tweather_url, $timage, $tlength, $turl, $tactive) = pnVarCleanFromInput('tname', 'tlongname', 'tlocation', 'tweather_url', 'timage', 'tlength', 'turl', 'tactive'); extract($args); if (!pnSecConfirmAuthKey()) { $msg = pnML('Invalid authorization key for creating new #(1) item', 'nascar'); pnExceptionSet(PN_SYSTEM_EXCEPTION, 'NO_PERMISSION', new SystemException($msg)); return; } if (!pnModAPILoad('nascar', 'admin')) { $msg = pnML('Unable to load #(1) admin API', 'nascar'); pnExceptionSet(PN_SYSTEM_EXCEPTION, 'NO_PERMISSION', new SystemException($msg)); return; } $tid = pnModAPIFunc('nascar', 'admin', 'create_tracks', array('tname' => $tname, 'tlongname' => $tlongname, 'tlocation' => $tlocation, 'tweather_url' => $tweather_url, 'timage' => $timage, 'tlength' => $tlength, 'turl' => $turl, 'tactive' => $tactive)); if ($tid == true) { pnSessionSetVar('statusmsg', _NASCARTRACKSCREATED); } pnRedirect(pnModURL('nascar', 'admin', 'view_tracks')); return true; } /** * modify an item * This is a standard function that is called whenever an administrator * wishes to modify a current module item * @param 'tid' the id of the item to be modified */ function nascar_admin_modify_tracks($args) { list($tid, $objectid)= pnVarCleanFromInput('tid', 'objectid'); extract($args); if (!empty($objectid)) { $tid = $objectid; } if (!pnModAPILoad('nascar', 'user')) { return pnML('Unable to load user API', 'nascar'); } $item = pnModAPIFunc('nascar', 'user', 'get', array('tid' => $tid)); if ($item == false) { return pnML('Unable to find', 'nascar', pnVarPrepForDisplay($tid)); } if (!pnSecAuthAction(0, 'nascar::Item', "$item[name]::$tid", ACCESS_EDIT)) { return pnML('Not authorized to modify ', 'nascar', pnVarPrepForDisplay($tid)); } return array('authid' => pnSecGenAuthKey(), 'namelabel' => pnVarPrepForDisplay(_NASCARNAME), 'numberlabel' => pnVarPrepForDisplay(_NASCARNUMBER), 'updatebutton' => pnVarPrepForDisplay(_NASCARUPDATE), 'item' => $item); } /** * This is a standard function that is called with the results of the * form supplied by nascar_admin_modify() to update a current item * @param 'tid' the id of the item to be updated * @param 'name' the name of the item to be updated * @param 'number' the number of the item to be updated */ function nascar_admin_update($args) { list($tid, $objectid, $name, $number) = pnVarCleanFromInput('tid', 'objectid', 'name', 'number'); extract($args); if (!empty($objectid)) { $tid = $objectid; } if (!pnSecConfirmAuthKey()) { $msg = pnML('Invalid authorization key for updating ', 'nascar', pnVarPrepForDisplay($tid)); pnExceptionSet(PN_SYSTEM_EXCEPTION, 'NO_PERMISSION', new SystemException($msg)); return; } if (!pnModAPILoad('nascar', 'admin')) { $msg = pnML('Unable to load admin API', 'nascar'); pnExceptionSet(PN_SYSTEM_EXCEPTION, 'NO_PERMISSION', new SystemException($msg)); return; } if(pnModAPIFunc('nascar', 'admin', 'update', array('tid' => $tid, 'name' => $name, 'number' => $number))) { pnSessionSetVar('statusmsg', _NASCARUPDATED); } pnRedirect(pnModURL('nascar', 'admin', 'view')); return true; } function nascar_admin_delete_tracks($args) { list($tid, $objectid, $confirm) = pnVarCleanFromInput('tid', 'objectid', 'confirm'); extract($args); if (!empty($objectid)) { $tid = $objectid; } if (!pnModAPILoad('nascar', 'user')) { $msg = pnML('Unable to load )user API', 'nascar'); pnExceptionSet(PN_SYSTEM_EXCEPTION, 'NO_PERMISSION', new SystemException($msg)); return; } $item = pnModAPIFunc('nascar', 'user', 'get_tracks', array('tid' => $tid)); if ($item == false) { $msg = pnML('Unable to find ', 'nascar', pnVarPrepForDisplay($tid)); pnExceptionSet(PN_SYSTEM_EXCEPTION, 'NO_PERMISSION', new SystemException($msg)); return; } if (!pnSecAuthAction(0, 'nascar::Item', "$item[tname]::$tid", ACCESS_DELETE)) { $msg = pnML('Not authorized to delete ', 'nascar', pnVarPrepForDisplay($tid)); pnExceptionSet(PN_SYSTEM_EXCEPTION, 'NO_PERMISSION', new SystemException($msg)); return; } if (empty($confirm)) { $data = nascar_admin_menu(); $data['tracks_id'] = pnML(pnVarPrepForDisplay(_TRACKSID)); $data['tid'] = pnML(pnVarPrepForDisplay($tid)); $data['tracks_name'] = pnML(pnVarPrepForDisplay(_TRACKSNAME)); $data['tracks_name_value'] = pnML(pnVarPrepForDisplay($item['tname'])); $data['confirmtext'] = pnML('Confirm deleting this item ?'); $data['itemid'] = pnML('Item ID'); $data['confirmbutton'] = pnML('Confirm'); $data['authid'] = pnSecGenAuthKey(); return $data; } if (!pnSecConfirmAuthKey()) { $msg = pnML('Invalid authorization key for deleting', 'nascar', pnVarPrepForDisplay($tid)); pnExceptionSet(PN_SYSTEM_EXCEPTION, 'NO_PERMISSION', new SystemException($msg)); return; } if (!pnModAPILoad('nascar', 'admin')) { $msg = pnML('Unable to load admin API', 'nascar'); pnExceptionSet(PN_SYSTEM_EXCEPTION, 'NO_PERMISSION', new SystemException($msg)); return; } if (pnModAPIFunc('nascar', 'admin', 'delete_tracks', array('tid' => $tid))) { pnSessionSetVar('statusmsg', _NASCARTRACKSDELETED); } pnRedirect(pnModURL('nascar', 'admin', 'view_tracks')); return true; } ?> --- NEW FILE: pnadminapi.php --- <?php // $Id: pnadminapi.php,v 1.1 2002/08/10 06:02:33 georgen Exp $ // ---------------------------------------------------------------------- // PostNuke Content Management System // Copyright (C) 2002 by the PostNuke Development Team. // http://www.postnuke.com/ // ---------------------------------------------------------------------- // LICENSE // // This program is free software; you can redistribute it and/or // modify it under the terms of the GNU General Public License (GPL) // as published by the Free Software Foundation; either version 2 // of the License, or (at your option) any later version. // // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // // To read the license please visit http://www.gnu.org/copyleft/gpl.html // ---------------------------------------------------------------------- // Original Author of file: George Neill // Purpose of file: nascar administration API // ---------------------------------------------------------------------- function nascar_adminapi_create_tracks($args) { extract($args); $invalid = array(); if (count($invalid) > 0) { $msg = pnML('Invalid #(1) for #(2) function #(3)() in module #(4)', join(', ',$invalid), 'admin', 'create_tracks', 'Nascar'); pnExceptionSet(PN_USER_EXCEPTION, 'BAD_PARAM', new SystemException($msg)); return false; } if (!pnSecAuthAction(0, 'nascar::Item', "$tname::", ACCESS_ADD)) { $msg = pnML('Not authorized to add #(1) items', 'Nascar'); pnExceptionSet(PN_USER_EXCEPTION, 'NO_PERMISSION', new SystemException($msg)); return false; } list($dbconn) = pnDBGetConn(); $pntable = pnDBGetTables(); $nascartable = $pntable['nascar_tracks']; $nextId = $dbconn->GenId($nascartable); $sql = "INSERT INTO $nascartable ( pn_track_id, pn_track_name, pn_longname, pn_location, pn_weather_url, pn_track_image, pn_track_length, pn_track_url, pn_active) VALUES ( $nextId, '" . pnVarPrepForStore($tname) . "', '" . pnVarPrepForStore($tlongname) . "', '" . pnVarPrepForStore($tlocation) . "', '" . pnVarPrepForStore($tweather_url) . "', '" . pnVarPrepForStore($timage) . "', '" . pnVarPrepForStore($tlength) . "', '" . pnVarPrepForStore($turl) . "', " . pnvarPrepForStore($tactive) . ")"; $dbconn->Execute($sql); if ($dbconn->ErrorNo() != 0) { $msg = pnML('Database error for #(1) function #(2)() in module #(3)', 'admin', 'create', 'Nascar'); pnExceptionSet(PN_SYSTEM_EXCEPTION, 'DATABASE_ERROR', new SystemException($msg)); return false; } $tid = $dbconn->PO_Insert_ID($nascartable, 'pn_tid'); pnModCallHooks('item', 'create', $tid, 'tid'); return $tid; } function nascar_adminapi_delete_tracks($args) { extract($args); if (!isset($tid) || !is_numeric($tid)) { $msg = pnML('Invalid #(1) for #(2) function #(3)() in module #(4)', 'item ID', 'admin', 'delete_tracks', 'Nascar'); pnExceptionSet(PN_USER_EXCEPTION, 'BAD_PARAM', new SystemException($msg)); return false; } if (!pnModAPILoad('nascar', 'user')) { $msg = pnML('Unable to load #(1) #(2) API', 'nascar','user'); pnExceptionSet(PN_SYSTEM_EXCEPTION, 'NO_PERMISSION', new SystemException($msg)); return false; } $item = pnModAPIFunc('nascar', 'user', 'get_tracks', array('tid' => $tid)); if ($item == false) { $msg = pnML('Invalid #(1) for #(2) function #(3)() in module #(4)', 'item ID', 'user', 'get_tracks', 'Nascar'); pnExceptionSet(PN_USER_EXCEPTION, 'BAD_PARAM', new SystemException($msg)); return false; } if (!pnSecAuthAction(0, 'nascar::Item', "$item[tname]::$tid", ACCESS_DELETE)) { $msg = pnML('Not authorized to delete #(1) item #(2)', 'Nascar', pnVarPrepForStore($tid)); pnExceptionSet(PN_USER_EXCEPTION, 'NO_PERMISSION', new SystemException($msg)); return false; } list($dbconn) = pnDBGetConn(); $pntable = pnDBGetTables(); $nascartable = $pntable['nascar_tracks']; $sql = "DELETE FROM $nascartable WHERE pn_track_id = " . pnVarPrepForStore($tid); $dbconn->Execute($sql); if ($dbconn->ErrorNo() != 0) { $msg = pnML('Database error for #(1) function #(2)() in module #(3)', 'admin', 'delete_tracks', 'Nascar'); pnExceptionSet(PN_SYSTEM_EXCEPTION, 'DATABASE_ERROR', new SystemException($msg)); return false; } pnModCallHooks('item', 'delete_tracks', $tid, ''); return true; } /** * update a nascar item * * @author the Nascar module development team * @param $args['tid'] the ID of the item * @param $args['name'] the new name of the item * @param $args['number'] the new number of the item * @raise BAD_PARAM, NO_PERMISSION, DATABASE_ERROR */ function nascar_adminapi_update($args) { // Get arguments from argument array - all arguments to this function // should be obtained from the $args array, getting them from other // places such as the environment is not allowed, as that makes // assumptions that will not hold in future versions of PostNuke extract($args); // Argument check - make sure that all required arguments are present // and in the right format, if not then set an appropriate error // message and return // Note : since we have several arguments we want to check here, we'll // report all those that are invalid at the same time... $invalid = array(); if (!isset($tid) || !is_numeric($tid)) { $invalid[] = 'item ID'; } if (!isset($name) || !is_string($name)) { $invalid[] = 'name'; } if (!isset($number) || !is_numeric($number)) { $invalid[] = 'number'; } if (count($invalid) > 0) { $msg = pnML('Invalid #(1) for #(2) function #(3)() in module #(4)', join(', ',$invalid), 'admin', 'update', 'Nascar'); pnExceptionSet(PN_USER_EXCEPTION, 'BAD_PARAM', new SystemException($msg)); return false; } // Load API. Note that this is loading the user API in addition to // the administration API, that is because the user API contains // the function to obtain item information which is the first thing // that we need to do. If the API fails to load an appropriate error // message is posted and the function returns if (!pnModAPILoad('nascar', 'user')) { $msg = pnML('Unable to load #(1) #(2) API', 'nascar','user'); pnExceptionSet(PN_SYSTEM_EXCEPTION, 'NO_PERMISSION', new SystemException($msg)); return false; } // The user API function is called. This takes the item ID which // we obtained from the input and gets us the information on the // appropriate item. If the item does not exist we post an appropriate // message and return $item = pnModAPIFunc('nascar', 'user', 'get', array('tid' => $tid)); if ($item == false) { $msg = pnML('Invalid #(1) for #(2) function #(3)() in module #(4)', 'item ID', 'user', 'get', 'Nascar'); pnExceptionSet(PN_USER_EXCEPTION, 'BAD_PARAM', new SystemException($msg)); return false; } // Security check - important to do this as early on as possible to // avoid potential security holes or just too much wasted processing. // However, in this case we had to wait until we could obtain the item // name to complete the instance information so this is the first // chance we get to do the check // Note that at this stage we have two sets of item information, the // pre-modification and the post-modification. We need to check against // both of these to ensure that whoever is doing the modification has // suitable permissions to edit the item otherwise people can potentially // edit areas to which they do not have suitable access if (!pnSecAuthAction(0, 'nascar::Item', "$item[name]::$tid", ACCESS_EDIT)) { $msg = pnML('Not authorized to edit #(1) item #(2)', 'Nascar', pnVarPrepForStore($tid)); pnExceptionSet(PN_USER_EXCEPTION, 'NO_PERMISSION', new SystemException($msg)); return false; } if (!pnSecAuthAction(0, 'nascar::Item', "$name::$tid", ACCESS_EDIT)) { $msg = pnML('Not authorized to edit #(1) item #(2)', 'Nascar', pnVarPrepForStore($tid)); pnExceptionSet(PN_USER_EXCEPTION, 'NO_PERMISSION', new SystemException($msg)); return false; } // Get database setup - note that both pnDBGetConn() and pnDBGetTables() // return arrays but we handle them differently. For pnDBGetConn() // we currently just want the first item, which is the official // database handle. For pnDBGetTables() we want to keep the entire // tables array together for easy reference later on list($dbconn) = pnDBGetConn(); $pntable = pnDBGetTables(); // It's good practice to name the table and column definitions you // are getting - $table and $column don't cut it in more complex // modules $nascartable = $pntable['nascar']; // Update the item - the formatting here is not mandatory, but it does // make the SQL statement relatively easy to read. Also, separating // out the sql statement from the Execute() command allows for simpler // debug operation if it is ever needed $sql = "UPDATE $nascartable SET pn_name = '" . pnVarPrepForStore($name) . "', pn_number = " . pnVarPrepForStore($number) . " WHERE pn_tid = " . pnVarPrepForStore($tid); $dbconn->Execute($sql); // Check for an error with the database code, and if so set an // appropriate error message and return if ($dbconn->ErrorNo() != 0) { // Hint : for debugging SQL queries, you can use $dbconn->ErrorMsg() // to retrieve the actual database error message, and use e.g. the // following message : // $msg = pnML('Database error #(1) in query #(2) for #(3) function ' . // '#(4)() in module #(5)', // $dbconn->ErrorMsg(), $sql, 'admin', 'update', 'Nascar'); // Don't use that for release versions, though... $msg = pnML('Database error for #(1) function #(2)() in module #(3)', 'admin', 'update', 'Nascar'); pnExceptionSet(PN_SYSTEM_EXCEPTION, 'DATABASE_ERROR', new SystemException($msg)); return false; } // Let the calling process know that we have finished successfully return true; } ?> --- NEW FILE: pnuser.php --- <?php // $Id: pnuser.php,v 1.1 2002/08/10 06:02:33 georgen Exp $ // ---------------------------------------------------------------------- // PostNuke Content Management System // Copyright (C) 2002 by the PostNuke Development Team. // http://www.postnuke.com/ // ---------------------------------------------------------------------- // LICENSE // // This program is free software; you can redistribute it and/or // modify it under the terms of the GNU General Public License (GPL) // as published by the Free Software Foundation; either version 2 // of the License, or (at your option) any later version. // // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // // To read the license please visit http://www.gnu.org/copyleft/gpl.html // ---------------------------------------------------------------------- // Original Author of file: George Neill // Purpose of file: Template user display functions // ---------------------------------------------------------------------- function nascar_user_main() { if (!pnSecAuthAction(0, 'Template::', '::', ACCESS_OVERVIEW)) { return _NASCARNOAUTH; } $data = nascar_user_menu(); $data['welcome'] = pnML('Welcome to this Nascar module...'); return $data; } function nascar_user_view_tracks() { $startnum = pnVarCleanFromInput('startnum'); $data = nascar_user_menu(); $data['status'] = ''; $data['items'] = array(); $data['someheader'] = _NASCARNAME; $data['pager'] = ''; if (!pnSecAuthAction(0, 'Templates::', '::', ACCESS_OVERVIEW)) { $data['status'] = _NASCARNOAUTH; return $data; } if (!pnModAPILoad('nascar', 'user')) { $data['status'] = _LOADFAILED; return $data; } $items = pnModAPIFunc('nascar', 'user', 'getall', array('startnum' => $startnum, 'numitems' => pnModGetVar('nascar', 'itemsperpage'))); if ($items == false) { if (pnExceptionMajor() == PN_SYSTEM_EXCEPTION) { return; // throw back } $data['status'] = _NASCARITEMFAILED; $reason = pnExceptionValueString(); if (!empty($reason)) { $data['status'] .= '<br /><br />'. pnML('Reason') .' : '. $reason; } pnExceptionFree(); return $data; } // TODO: check for conflicts between transformation hook output and // pnVarCensor / pnVarPrepForDisplay foreach ($items as $item) { // Let any transformation hooks know that we want to transform some text // You'll need to specify the item id, and an array containing all the // pieces of text that you want to transform (e.g. for autolinks, wiki, // smilies, bbcode, ...). // Note : for your module, you might not want to call transformation // hooks in this overview list, but only in the display of the details // in the display() function. //list($item['name']) = pnModCallHooks('item', // 'transform', // $item['tid'], // array($item['name'])); // Security check 2 - if the user has read access to the item, show a // link to display the details of the item if (pnSecAuthAction(0, 'Templates::', "$item[name]::$item[tid]", ACCESS_READ)) { $item['link'] = pnModURL('nascar', 'user', 'display', array('tid' => $item['tid'])); // Security check 2 - else only display the item name (or whatever is // appropriate for your module) } else { $item['link'] = ''; } // Clean up the item text before display $item['name'] = pnVarPrepForDisplay(pnVarCensor($item['name'])); // Add this item to the list of items to be displayed $data['items'][] = $item; } // TODO: replace with a blocklayout pager // Create output object - this object will store all of our output so that // we can return it easily when required $output = new pnHTML(); // Call the pnHTML helper function to produce a pager in case of there // being many items to display. // // Note that this function includes another user API function. The // function returns a simple count of the total number of items in the item // table so that the pager function can do its job properly $output->Pager($startnum, pnModAPIFunc('nascar', 'user', 'countitems'), pnModURL('nascar', 'user', 'view', array('startnum' => '%%')), pnModGetVar('nascar', 'itemsperpage')); $data['pager'] = $output->GetOutput(); $data['someheader'] = _NASCARNAME; return $data; } function nascar_user_display($args) { list($tid, $objectid) = pnVarCleanFromInput('tid', 'objectid'); extract($args); if (!empty($objectid)) { $tid = $objectid; } $data = nascar_user_menu(); $data['status'] = ''; if (!pnModAPILoad('nascar', 'user')) { $data['status'] = _LOADFAILED; return $data; } $item = pnModAPIFunc('nascar', 'user', 'get', array('tid' => $tid)); if ($item == false) { if (pnExceptionMajor() == PN_SYSTEM_EXCEPTION) { return; // throw back } $data['status'] = _NASCARITEMFAILED; $reason = pnExceptionValueString(); if (!empty($reason)) { $data['status'] .= '<br /><br />'. pnML('Reason') .' : '. $reason; } pnExceptionFree(); return $data; } list($item['name']) = pnModCallHooks('item', 'transform', $item['tid'], array($item['name'])); // TODO: check for conflicts between transformation hook output and // pnVarCensor / input parsing of Text() by pnHTML $data['name_label'] = _NASCARNAME; $data['name_value'] = pnVarCensor($item['name']); $data['number_label'] = _NASCARNUMBER; $data['number_value'] = $item['number']; $data['is_bold'] = pnModGetVar('nascar', 'bold'); $data['hookoutput'] = pnModCallHooks('item', 'display', $tid, pnModURL('nascar', 'user', 'display', array('tid' => $tid))); return $data; } function nascar_user_menu() { $menu = array(); $menu['menutitle'] = _NASCAR; $menu['menulabel_view'] = _NASCARVIEW; $menu['menulink_view'] = pnModURL('nascar','user','view'); return $menu; } ?> Index: pnuserapi.php =================================================================== RCS file: /home/cvsroot/postnuke_modules/nascar/pnuserapi.php,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** pnuserapi.php 9 Aug 2002 05:16:11 -0000 1.1 --- pnuserapi.php 10 Aug 2002 06:02:33 -0000 1.2 *************** *** 48,52 **** if (count($invalid) > 0) { $msg = pnML('Invalid #(1) for #(2) function #(3)() in module #(4)', ! join(', ',$invalid), 'user', 'getall', 'Nascar'); pnExceptionSet(PN_USER_EXCEPTION, 'BAD_PARAM', new SystemException($msg)); --- 48,52 ---- if (count($invalid) > 0) { $msg = pnML('Invalid #(1) for #(2) function #(3)() in module #(4)', ! join(', ',$invalid), 'user', 'getall_tracks', 'Nascar'); pnExceptionSet(PN_USER_EXCEPTION, 'BAD_PARAM', new SystemException($msg)); *************** *** 85,89 **** if ($dbconn->ErrorNo() != 0) { $msg = pnML('Database error for #(1) function #(2)() in module #(3)', ! 'user', 'getall', 'Nascar'); pnExceptionSet(PN_SYSTEM_EXCEPTION, 'DATABASE_ERROR', new SystemException($msg)); --- 85,89 ---- if ($dbconn->ErrorNo() != 0) { $msg = pnML('Database error for #(1) function #(2)() in module #(3)', ! 'user', 'getall_tracks', 'Nascar'); pnExceptionSet(PN_SYSTEM_EXCEPTION, 'DATABASE_ERROR', new SystemException($msg)); *************** *** 94,116 **** list($tid, ! $name, ! $longname, ! $location, ! $weather_url, ! $track_image, ! $track_length, ! $track_url, ! $active) = $result->fields; ! if (pnSecAuthAction(0, 'nascar::', "$name::$tid", ACCESS_OVERVIEW)) { $items[] = array('tid' => $tid, ! 'name' => $name, ! 'longname' => $longname, ! 'location' => $location, ! 'weather_url' => $weather_url, ! 'track_image' => $track_image, ! 'track_length' => $track_length, ! 'track_url' => $track_url, ! 'active' => $active); } } --- 94,116 ---- list($tid, ! $tname, ! $tlongname, ! $tlocation, ! $tweather_url, ! $timage, ! $tlength, ! $turl, ! $tactive) = $result->fields; ! if (pnSecAuthAction(0, 'nascar::', "$tname::$tid", ACCESS_OVERVIEW)) { $items[] = array('tid' => $tid, ! 'tname' => $tname, ! 'tlongname' => $tlongname, ! 'tlocation' => $tlocation, ! 'tweather_url' => $tweather_url, ! 'timage' => $timage, ! 'tlength' => $tlength, ! 'turl' => $turl, ! 'tactive' => $tactive); } } *************** *** 121,125 **** } ! function nascar_userapi_tracks_get($args) { extract($args); --- 121,125 ---- } ! function nascar_userapi_get_tracks($args) { extract($args); *************** *** 127,131 **** if (!isset($tid) || !is_numeric($tid)) { $msg = pnML('Invalid #(1) for #(2) function #(3)() in module #(4)', ! 'item ID', 'user', 'get', 'Nascar'); pnExceptionSet(PN_USER_EXCEPTION, 'BAD_PARAM', new SystemException($msg)); --- 127,131 ---- if (!isset($tid) || !is_numeric($tid)) { $msg = pnML('Invalid #(1) for #(2) function #(3)() in module #(4)', ! 'item ID', 'user', 'get_tracks', 'Nascar'); pnExceptionSet(PN_USER_EXCEPTION, 'BAD_PARAM', new SystemException($msg)); *************** *** 135,148 **** list($dbconn) = pnDBGetConn(); $pntable = pnDBGetTables(); ! $nascartable = $pntable['nascar']; $sql = "SELECT pn_track_id, pn_track_name FROM $nascartable WHERE pn_track_id = " . pnVarPrepForStore($tid); $result = $dbconn->Execute($sql); if ($dbconn->ErrorNo() != 0) { $msg = pnML('Database error for #(1) function #(2)() in module #(3)', ! 'user', 'get', 'Nascar'); pnExceptionSet(PN_SYSTEM_EXCEPTION, 'DATABASE_ERROR', new SystemException($msg)); --- 135,149 ---- list($dbconn) = pnDBGetConn(); $pntable = pnDBGetTables(); ! $nascartable = $pntable['nascar_tracks']; $sql = "SELECT pn_track_id, pn_track_name FROM $nascartable WHERE pn_track_id = " . pnVarPrepForStore($tid); + $result = $dbconn->Execute($sql); if ($dbconn->ErrorNo() != 0) { $msg = pnML('Database error for #(1) function #(2)() in module #(3)', ! 'user', 'get_tracks', 'Nascar'); pnExceptionSet(PN_SYSTEM_EXCEPTION, 'DATABASE_ERROR', new SystemException($msg)); *************** *** 155,163 **** } ! list($tid, $name) = $result->fields; $result->Close(); ! if (!pnSecAuthAction(0, 'nascar::', "$name::$tid", ACCESS_READ)) { $msg = pnML('Not authorized to access #(1) item #(2)', 'Nascar', pnVarPrepForStore($tid)); --- 156,164 ---- } ! list($tid, $tname) = $result->fields; $result->Close(); ! if (!pnSecAuthAction(0, 'nascar::', "$tname::$tid", ACCESS_READ)) { $msg = pnML('Not authorized to access #(1) item #(2)', 'Nascar', pnVarPrepForStore($tid)); *************** *** 167,180 **** } ! $item = array('tid' => $tid, 'name' => $name); return $item; } ! function nascar_userapi_tracks_countitems() { list($dbconn) = pnDBGetConn(); $pntable = pnDBGetTables(); ! $nascartable = $pntable['nascar']; $sql = "SELECT COUNT(1) FROM $nascartable"; --- 168,181 ---- } ! $item = array('tid' => $tid, 'tname' => $tname); return $item; } ! function nascar_userapi_countitems_tracks() { list($dbconn) = pnDBGetConn(); $pntable = pnDBGetTables(); ! $nascartable = $pntable['nascar_tracks']; $sql = "SELECT COUNT(1) FROM $nascartable"; *************** *** 184,188 **** if ($dbconn->ErrorNo() != 0) { $msg = pnML('Database error for #(1) function #(2)() in module #(3)', ! 'user', 'countitems', 'Nascar'); pnExceptionSet(PN_SYSTEM_EXCEPTION, 'DATABASE_ERROR', new SystemException($msg)); --- 185,189 ---- if ($dbconn->ErrorNo() != 0) { $msg = pnML('Database error for #(1) function #(2)() in module #(3)', ! 'user', 'countitems_tracks', 'Nascar'); pnExceptionSet(PN_SYSTEM_EXCEPTION, 'DATABASE_ERROR', new SystemException($msg));
View Statistics - Next Notice - Previous Notice
Visit Developer Site - Browse CVS Repository |
Syndicate via backend.rss (max. once per hour please) | Powered by CVSNotice 0.1.3 |