Note: this list is kept only as a demonstration for CVSNotice. For the latest CVS notices, see the Xaraya and Postnuke sites
View Statistics - Next Notice - Previous NoticeDirectory filter : [ all ] / postnuke_official / html / modules / example [ view in CVS ]
Date | Directory [filter] | File(s) [view] | Author [filter] |
07 Aug 2002 01:30:24 | postnuke_official/html/modules/example | pnadmin.php,NONE,1.1 pnadminapi.php,NONE,1.1 pninit.php,NONE,1.1 pntables.php,NONE,1.1 pnuser.php,NONE,1.1 pnuserapi.php,NONE,1.1 pnversion.php,NONE,1.1 | Mike |
"new" example module |
Update of /home/cvsroot/postnuke_official/html/modules/example In directory ns7.hostnuke.net:/tmp/cvs-serv22286 Added Files: pnadmin.php pnadminapi.php pninit.php pntables.php pnuser.php pnuserapi.php pnversion.php Log Message: "new" example module --- NEW FILE: pnadmin.php --- <?php // $Id: pnadmin.php,v 1.1 2002/08/07 01:30:22 mikespub Exp $ // ---------------------------------------------------------------------- // PostNuke Content Management System // Copyright (C) 2002 by the PostNuke Development Team. // http://www.postnuke.com/ // ---------------------------------------------------------------------- // LICENSE // // This program is free software; you can redistribute it and/or // modify it under the terms of the GNU General Public License (GPL) // as published by the Free Software Foundation; either version 2 // of the License, or (at your option) any later version. // // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // // To read the license please visit http://www.gnu.org/copyleft/gpl.html // ---------------------------------------------------------------------- // Original Author of file: Jim McDonald // Purpose of file: Example administration display functions // ---------------------------------------------------------------------- /** * the main administration function * This function is the default function, and is called whenever the * module is initiated without defining arguments. As such it can * be used for a number of things, but most commonly it either just * shows the module menu and returns or calls whatever the module * designer feels should be the default function (often this is the * view() function) */ function example_admin_main() { // Security check - important to do this as early as possible to avoid // potential security holes or just too much wasted processing. For the // main function we want to check that the user has at least edit privilege // for some item within this component, or else they won't be able to do // anything and so we refuse access altogether. The lowest level of access // for administration depends on the particular module, but it is generally // either 'edit' or 'delete' if (!pnSecAuthAction(0, 'Example::Item', '::', ACCESS_EDIT)) { return _EXAMPLENOAUTH; } // If you want to go directly to some default function, instead of // having a separate main function, you can simply call it here, and // use the same template for admin-main.pnd as for admin-view.pnd // return example_admin_view(); // Initialise the $data variable that will hold the data to be used in // the blocklayout template, and get the common menu configuration - it // helps if all of the module pages have a standard menu at the top to // support easy navigation $data = example_admin_menu(); // Specify some other variables used in the blocklayout template $data['welcome'] = pnML('Welcome to the administration part of this Example module...'); // Return the template variables defined in this function return $data; // Note : instead of using the $data variable, you could also specify // the different template variables directly in your return statement : // // return array('menutitle' => ..., // 'welcome' => ..., // ... => ...); } /** * view items */ function example_admin_view() { // Get parameters from whatever input we need. All arguments to this // function should be obtained from pnVarCleanFromInput(), getting them // from other places such as the environment is not allowed, as that makes // assumptions that will not hold in future versions of PostNuke $startnum = pnVarCleanFromInput('startnum'); // Initialise the $data variable that will hold the data to be used in // the blocklayout template, and get the common menu configuration - it // helps if all of the module pages have a standard menu at the top to // support easy navigation $data = example_admin_menu(); // Initialise the variable that will hold the items, so that the template // doesn't need to be adapted in case of errors $data['items'] = array(); // Specify some labels for display $data['namelabel'] = pnVarPrepForDisplay(_EXAMPLENAME); $data['numberlabel'] = pnVarPrepForDisplay(_EXAMPLENUMBER); $data['optionslabel'] = pnVarPrepForDisplay(_EXAMPLEOPTIONS); $data['pager'] = ''; // Security check - important to do this as early as possible to avoid // potential security holes or just too much wasted processing if (!pnSecAuthAction(0, 'Example::', '::', ACCESS_EDIT)) { // Fill in some status variable to be shown in the blocklayout template $data['status'] = _EXAMPLENOAUTH; // Return the template variables defined in this function return $data; } // Load API. Note that this is loading the user API, that is because the // user API contains the function to obtain item information which is the // first thing that we need to do. If the API fails to load an appropriate // error message is posted and the function returns if (!pnModAPILoad('example', 'user')) { // Fill in the status variable with the status to be shown $data['status'] = _LOADFAILED; // Return the template variables defined in this function return $data; } // The user API function is called. This takes the number of items // required and the first number in the list of all items, which we // obtained from the input and gets us the information on the appropriate // items. $items = pnModAPIFunc('example', 'user', 'getall', array('startnum' => $startnum, 'numitems' => pnModGetVar('example', 'itemsperpage'))); // The return value of the function is checked here, and if the function // failed then an appropriate message is posted here. Note that if the // API function gave an error, then it should raise an exception that // you can handle here... if ($items == false) { // Throw back any system exceptions (e.g. database failure) if (pnExceptionMajor() == PN_SYSTEM_EXCEPTION) { return; // throw back } // Handle the user exceptions yourself $data['status'] = pnML('No items available'); // Possibly handle different exception IDs in specific ways : // if (pnExceptionId() == 'BAD_PARAM') { // /* do something */ // } elseif (pnExceptionId() == 'NO_PERMISSION') { // /* do something else */ // } elseif (pnExceptionId() == 'MyException1') { // /* do some other thing */ // } else { // /* default handling */ // } // Get the information about the exception (in HTML or string format) // $reason = pnExceptionValueHTML(); $reason = pnExceptionValueString(); if (!empty($reason)) { $data['status'] .= '<br /><br />'. pnML('Reason') .' : '. $reason; } // Free the exception to tell PostNuke that you handled it pnExceptionFree(); // Return the template variables defined in this function return $data; } // Check individual permissions for Edit / Delete // Note : we could use a foreach ($items as $item) here as well, as // shown in pnuser.php, but as an example, we'll adapt the $items array // 'in place', and *then* pass the complete items array to $data for ($i = 0; $i < count($items); $i++) { $item = $items[$i]; if (pnSecAuthAction(0, 'Example::', "$item[name]::$item[exid]", ACCESS_EDIT)) { $items[$i]['editurl'] = pnModURL('example', 'admin', 'modify', array('exid' => $item['exid'])); } else { $items[$i]['editurl'] = ''; } $items[$i]['edittitle'] = pnML('Edit'); if (pnSecAuthAction(0, 'Example::', "$item[name]::$item[exid]", ACCESS_DELETE)) { $items[$i]['deleteurl'] = pnModURL('example', 'admin', 'delete', array('exid' => $item['exid'])); } else { $items[$i]['deleteurl'] = ''; } $items[$i]['deletetitle'] = pnML('Delete'); } // Add the array of items to the template variables $data['items'] = $items; // Specify some labels for display $data['namelabel'] = pnVarPrepForDisplay(_EXAMPLENAME); $data['numberlabel'] = pnVarPrepForDisplay(_EXAMPLENUMBER); $data['optionslabel'] = pnVarPrepForDisplay(_EXAMPLEOPTIONS); // TODO : add a pager (once it exists in BL) $data['pager'] = ''; // Return the template variables defined in this function return $data; // Note : instead of using the $data variable, you could also specify // the different template variables directly in your return statement : // // return array('items' => ..., // 'namelabel' => ..., // ... => ...); } /** * add new item * This is a standard function that is called whenever an administrator * wishes to create a new module item */ function example_admin_new() { // Initialise the $data variable that will hold the data to be used in // the blocklayout template, and get the common menu configuration - it // helps if all of the module pages have a standard menu at the top to // support easy navigation $data = example_admin_menu(); // Security check - important to do this as early as possible to avoid // potential security holes or just too much wasted processing if (!pnSecAuthAction(0, 'Example::', '::', ACCESS_EDIT)) { // Fill in some status variable to be shown in the blocklayout template $data['status'] = _EXAMPLENOAUTH; // Return the template variables defined in this function return $data; } // Generate a one-time authorisation code for this operation $data['authid'] = pnSecGenAuthKey(); // Specify some labels for display $data['namelabel'] = pnVarPrepForDisplay(_EXAMPLENAME); $data['numberlabel'] = pnVarPrepForDisplay(_EXAMPLENUMBER); $data['addbutton'] = pnVarPrepForDisplay(_EXAMPLEADD); // Return the template variables defined in this function return $data; } /** * This is a standard function that is called with the results of the * form supplied by example_admin_new() to create a new item * @param 'name' the name of the item to be created * @param 'number' the number of the item to be created */ function example_admin_create($args) { // Get parameters from whatever input we need. All arguments to this // function should be obtained from pnVarCleanFromInput(), getting them // from other places such as the environment is not allowed, as that makes // assumptions that will not hold in future versions of PostNuke list($name, $number) = pnVarCleanFromInput('name', 'number'); // Admin functions of this type can be called by other modules. If this // happens then the calling module will be able to pass in arguments to // this function through the $args parameter. Hence we extract these // arguments *after* we have obtained any form-based input through // pnVarCleanFromInput(). extract($args); // Confirm authorisation code. This checks that the form had a valid // authorisation code attached to it. If it did not then the function will // proceed no further as it is possible that this is an attempt at sending // in false data to the system if (!pnSecConfirmAuthKey()) { $msg = pnML('Invalid authorization key for creating new #(1) item', 'Example'); pnExceptionSet(PN_SYSTEM_EXCEPTION, 'NO_PERMISSION', new SystemException($msg)); return; } // Notable by its absence there is no security check here. This is because // the security check is carried out within the API function and as such we // do not duplicate the work here // Load API. All of the actual work for the creation of the new item is // done within the API, so we need to load that in before we can do // anything. If the API fails to load an appropriate error message is // posted and the function returns if (!pnModAPILoad('example', 'admin')) { $msg = pnML('Unable to load #(1) admin API', 'Example'); pnExceptionSet(PN_SYSTEM_EXCEPTION, 'NO_PERMISSION', new SystemException($msg)); return; } // The API function is called. Note that the name of the API function and // the name of this function are identical, this helps a lot when // programming more complex modules. The arguments to the function are // passed in as their own arguments array $exid = pnModAPIFunc('example', 'admin', 'create', array('name' => $name, 'number' => $number)); // The return value of the function is checked here, and if the function // suceeded then an appropriate message is posted. Note that if the // function did not succeed then the API function should have already // posted a failure message so no action is required if ($exid == false) { // $msg = pnML('Unable to create #(1) item', // 'Example'); // pnExceptionSet(PN_SYSTEM_EXCEPTION, 'NO_PERMISSION', // new SystemException($msg)); // return; } else { // Success //TODO replace with no exception? pnSessionSetVar('statusmsg', _EXAMPLECREATED); } // This function generated no output, and so now it is complete we redirect // the user to an appropriate page for them to carry on their work pnRedirect(pnModURL('example', 'admin', 'view')); // Return return true; } /** * modify an item * This is a standard function that is called whenever an administrator * wishes to modify a current module item * @param 'exid' the id of the item to be modified */ function example_admin_modify($args) { // Get parameters from whatever input we need. All arguments to this // function should be obtained from pnVarCleanFromInput(), getting them // from other places such as the environment is not allowed, as that makes // assumptions that will not hold in future versions of PostNuke list($exid, $objectid)= pnVarCleanFromInput('exid', 'objectid'); // Admin functions of this type can be called by other modules. If this // happens then the calling module will be able to pass in arguments to // this function through the $args parameter. Hence we extract these // arguments *after* we have obtained any form-based input through // pnVarCleanFromInput(). extract($args); // At this stage we check to see if we have been passed $objectid, the // generic item identifier. This could have been passed in by a hook or // through some other function calling this as part of a larger module, but // if it exists it overrides $exid // // Note that this module couuld just use $objectid everywhere to avoid all // of this munging of variables, but then the resultant code is less // descriptive, especially where multiple objects are being used. The // decision of which of these ways to go is up to the module developer if (!empty($objectid)) { $exid = $objectid; } // Load API. Note that this is loading the user API, that is because the // user API contains the function to obtain item information which is the // first thing that we need to do. If the API fails to load an appropriate // error message is posted and the function returns if (!pnModAPILoad('example', 'user')) { return pnML('Unable to load #(1) user API', 'Example'); } // The user API function is called. This takes the item ID which we // obtained from the input and gets us the information on the appropriate // item. If the item does not exist we post an appropriate message and // return $item = pnModAPIFunc('example', 'user', 'get', array('exid' => $exid)); if ($item == false) { return pnML('Unable to find #(1) item #(2)', 'Example', pnVarPrepForDisplay($exid)); } // Security check - important to do this as early as possible to avoid // potential security holes or just too much wasted processing. However, // in this case we had to wait until we could obtain the item name to // complete the instance information so this is the first chance we get to // do the check if (!pnSecAuthAction(0, 'Example::Item', "$item[name]::$exid", ACCESS_EDIT)) { return pnML('Not authorized to modify #(1) item #(2)', 'Example', pnVarPrepForDisplay($exid)); } // Get menu variables - it helps if all of the module pages have a standard // menu at their head to aid in navigation //$menu = example_admin_menu('modify'); // Return the template variables defined in this function return array('authid' => pnSecGenAuthKey(), 'namelabel' => pnVarPrepForDisplay(_EXAMPLENAME), 'numberlabel' => pnVarPrepForDisplay(_EXAMPLENUMBER), 'updatebutton' => pnVarPrepForDisplay(_EXAMPLEUPDATE), 'item' => $item); } /** * This is a standard function that is called with the results of the * form supplied by example_admin_modify() to update a current item * @param 'exid' the id of the item to be updated * @param 'name' the name of the item to be updated * @param 'number' the number of the item to be updated */ function example_admin_update($args) { // Get parameters from whatever input we need. All arguments to this // function should be obtained from pnVarCleanFromInput(), getting them // from other places such as the environment is not allowed, as that makes // assumptions that will not hold in future versions of PostNuke list($exid, $objectid, $name, $number) = pnVarCleanFromInput('exid', 'objectid', 'name', 'number'); // User functions of this type can be called by other modules. If this // happens then the calling module will be able to pass in arguments to // this function through the $args parameter. Hence we extract these // arguments *after* we have obtained any form-based input through // pnVarCleanFromInput(). extract($args); // At this stage we check to see if we have been passed $objectid, the // generic item identifier. This could have been passed in by a hook or // through some other function calling this as part of a larger module, but // if it exists it overrides $exid // // Note that this module couuld just use $objectid everywhere to avoid all // of this munging of variables, but then the resultant code is less // descriptive, especially where multiple objects are being used. The // decision of which of these ways to go is up to the module developer if (!empty($objectid)) { $exid = $objectid; } // Confirm authorisation code. This checks that the form had a valid // authorisation code attached to it. If it did not then the function will // proceed no further as it is possible that this is an attempt at sending // in false data to the system if (!pnSecConfirmAuthKey()) { $msg = pnML('Invalid authorization key for updating #(1) item #(2)', 'Example', pnVarPrepForDisplay($exid)); pnExceptionSet(PN_SYSTEM_EXCEPTION, 'NO_PERMISSION', new SystemException($msg)); return; } // Notable by its absence there is no security check here. This is because // the security check is carried out within the API function and as such we // do not duplicate the work here // Load API. All of the actual work for the update of the new item is done // within the API, so we need to load that in before we can do anything. // If the API fails to load an appropriate error message is posted and the // function returns if (!pnModAPILoad('example', 'admin')) { $msg = pnML('Unable to load #(1) admin API', 'Example'); pnExceptionSet(PN_SYSTEM_EXCEPTION, 'NO_PERMISSION', new SystemException($msg)); return; } // The API function is called. Note that the name of the API function and // the name of this function are identical, this helps a lot when // programming more complex modules. The arguments to the function are // passed in as their own arguments array. // // The return value of the function is checked here, and if the function // suceeded then an appropriate message is posted. Note that if the // function did not succeed then the API function should have already // posted a failure message so no action is required if(pnModAPIFunc('example', 'admin', 'update', array('exid' => $exid, 'name' => $name, 'number' => $number))) { // Success //TODO make it an exception? pnSessionSetVar('statusmsg', _EXAMPLEUPDATED); } // This function generated no output, and so now it is complete we redirect // the user to an appropriate page for them to carry on their work pnRedirect(pnModURL('example', 'admin', 'view')); // Return return true; } /** * delete item * This is a standard function that is called whenever an administrator * wishes to delete a current module item. Note that this function is * the equivalent of both of the modify() and update() functions above as * it both creates a form and processes its output. This is fine for * simpler functions, but for more complex operations such as creation and * modification it is generally easier to separate them into separate * functions. There is no requirement in the PostNuke MDG to do one or the * other, so either or both can be used as seen appropriate by the module * developer * @param 'exid' the id of the item to be deleted * @param 'confirm' confirm that this item can be deleted */ function example_admin_delete($args) { // Get parameters from whatever input we need. All arguments to this // function should be obtained from pnVarCleanFromInput(), getting them // from other places such as the environment is not allowed, as that makes // assumptions that will not hold in future versions of PostNuke list($exid, $objectid, $confirm) = pnVarCleanFromInput('exid', 'objectid', 'confirm'); // User functions of this type can be called by other modules. If this // happens then the calling module will be able to pass in arguments to // this function through the $args parameter. Hence we extract these // arguments *after* we have obtained any form-based input through // pnVarCleanFromInput(). extract($args); // At this stage we check to see if we have been passed $objectid, the // generic item identifier. This could have been passed in by a hook or // through some other function calling this as part of a larger module, but // if it exists it overrides $exid // // Note that this module couuld just use $objectid everywhere to avoid all // of this munging of variables, but then the resultant code is less // descriptive, especially where multiple objects are being used. The // decision of which of these ways to go is up to the module developer if (!empty($objectid)) { $exid = $objectid; } // Load API. Note that this is loading the user API, that is because the // user API contains the function to obtain item information which is the // first thing that we need to do. If the API fails to load an appropriate // error message is posted and the function returns if (!pnModAPILoad('example', 'user')) { $msg = pnML('Unable to load #(1) user API', 'Example'); pnExceptionSet(PN_SYSTEM_EXCEPTION, 'NO_PERMISSION', new SystemException($msg)); return; } // The user API function is called. This takes the item ID which we // obtained from the input and gets us the information on the appropriate // item. If the item does not exist we post an appropriate message and // return $item = pnModAPIFunc('example', 'user', 'get', array('exid' => $exid)); if ($item == false) { $msg = pnML('Unable to find #(1) item #(2)', 'Example', pnVarPrepForDisplay($exid)); pnExceptionSet(PN_SYSTEM_EXCEPTION, 'NO_PERMISSION', new SystemException($msg)); return; } // Security check - important to do this as early as possible to avoid // potential security holes or just too much wasted processing. However, // in this case we had to wait until we could obtain the item name to // complete the instance information so this is the first chance we get to // do the check if (!pnSecAuthAction(0, 'Example::Item', "$item[name]::$exid", ACCESS_DELETE)) { $msg = pnML('Not authorized to delete #(1) item #(2)', 'Example', pnVarPrepForDisplay($exid)); pnExceptionSet(PN_SYSTEM_EXCEPTION, 'NO_PERMISSION', new SystemException($msg)); return; } // Check for confirmation. if (empty($confirm)) { // No confirmation yet - display a suitable form to obtain confirmation // of this action from the user // Initialise the $data variable that will hold the data to be used in // the blocklayout template, and get the common menu configuration - it // helps if all of the module pages have a standard menu at the top to // support easy navigation $data = example_admin_menu(); // Specify for which item you want confirmation $data['exid'] = $exid; // Add some other data you'll want to display in the template $data['confirmtext'] = pnML('Confirm deleting this item ?'); $data['itemid'] = pnML('Item ID'); $data['namelabel'] = _EXAMPLENAME; $data['namevalue'] = pnVarPrepForDisplay($item['name']); $data['confirmbutton'] = pnML('Confirm'); // Generate a one-time authorisation code for this operation $data['authid'] = pnSecGenAuthKey(); // Return the template variables defined in this function return $data; } // If we get here it means that the user has confirmed the action // Confirm authorisation code. This checks that the form had a valid // authorisation code attached to it. If it did not then the function will // proceed no further as it is possible that this is an attempt at sending // in false data to the system if (!pnSecConfirmAuthKey()) { $msg = pnML('Invalid authorization key for deleting #(1) item #(2)', 'Example', pnVarPrepForDisplay($exid)); pnExceptionSet(PN_SYSTEM_EXCEPTION, 'NO_PERMISSION', new SystemException($msg)); return; } // Load API. All of the actual work for the deletion of the item is done // within the API, so we need to load that in before before we can do // anything. If the API fails to load an appropriate error message is // posted and the function returns if (!pnModAPILoad('example', 'admin')) { $msg = pnML('Unable to load #(1) admin API', 'Example'); pnExceptionSet(PN_SYSTEM_EXCEPTION, 'NO_PERMISSION', new SystemException($msg)); return; } // The API function is called. Note that the name of the API function and // the name of this function are identical, this helps a lot when // programming more complex modules. The arguments to the function are // passed in as their own arguments array. // // The return value of the function is checked here, and if the function // suceeded then an appropriate message is posted. Note that if the // function did not succeed then the API function should have already // posted a failure message so no action is required if (pnModAPIFunc('example', 'admin', 'delete', array('exid' => $exid))) { // Success //TODO make this an exception? pnSessionSetVar('statusmsg', _EXAMPLEDELETED); } // This function generated no output, and so now it is complete we redirect // the user to an appropriate page for them to carry on their work pnRedirect(pnModURL('example', 'admin', 'view')); // Return return true; } /** * This is a standard function to modify the configuration parameters of the * module */ function example_admin_modifyconfig() { // Initialise the $data variable that will hold the data to be used in // the blocklayout template, and get the common menu configuration - it // helps if all of the module pages have a standard menu at the top to // support easy navigation $data = example_admin_menu(); // Security check - important to do this as early as possible to avoid // potential security holes or just too much wasted processing if (!pnSecAuthAction(0, 'Example::', '::', ACCESS_ADMIN)) { // Fill in some status variable to be shown in the blocklayout template $data['status'] = pnML('Not authorized to modify #(1) configuration settings', 'Example'); // Return the template variables defined in this function return $data; } // Generate a one-time authorisation code for this operation $data['authid'] = pnSecGenAuthKey(); // Specify some labels and values for display $data['boldlabel'] = pnVarPrepForDisplay(_EXAMPLEDISPLAYBOLD); $data['boldchecked'] = pnModGetVar('example','bold') ? 'checked' : ''; $data['itemslabel'] = pnVarPrepForDisplay(_EXAMPLEITEMSPERPAGE); $data['itemsvalue'] = pnModGetVar('example', 'itemsperpage'); $data['updatebutton'] = pnVarPrepForDisplay(pnML('Update Configuration')); // Note : if you don't plan on providing encode/decode functions for // short URLs (see pnuserapi.php), you should remove these from your // admin-modifyconfig.pnd template ! $data['shorturlslabel'] = pnML('Enable short URLs'); $data['shorturlschecked'] = pnModGetVar('example','SupportShortURLs') ? 'checked' : ''; // Return the template variables defined in this function return $data; } /** * This is a standard function to update the configuration parameters of the * module given the information passed back by the modification form */ function example_admin_updateconfig() { // Get parameters from whatever input we need. All arguments to this // function should be obtained from pnVarCleanFromInput(), getting them // from other places such as the environment is not allowed, as that makes // assumptions that will not hold in future versions of PostNuke list($bold, $itemsperpage, $shorturls) = pnVarCleanFromInput('bold', 'itemsperpage', 'shorturls'); // Confirm authorisation code. This checks that the form had a valid // authorisation code attached to it. If it did not then the function will // proceed no further as it is possible that this is an attempt at sending // in false data to the system if (!pnSecConfirmAuthKey()) { $msg = pnML('Invalid authorization key for updating #(1) configuration', 'Example'); pnExceptionSet(PN_SYSTEM_EXCEPTION, 'NO_PERMISSION', new SystemException($msg)); return; } // Update module variables. Note that depending on the HTML structure used // to obtain the information from the user it is possible that the values // might be unset, so it is important to check them all and assign them // default values if required if (!isset($bold)) { $bold = 0; } pnModSetVar('example', 'bold', $bold); if (!isset($itemsperpage) || !is_numeric($itemsperpage)) { $itemsperpage = 10; } pnModSetVar('example', 'itemsperpage', $itemsperpage); if (!isset($shorturls)) { $shorturls = 0; } pnModSetVar('example', 'SupportShortURLs', $shorturls); // This function generated no output, and so now it is complete we redirect // the user to an appropriate page for them to carry on their work pnRedirect(pnModURL('example', 'admin', 'view')); // Return return true; } /** * generate the common admin menu configuration */ function example_admin_menu() { // Initialise the array that will hold the menu configuration $menu = array(); // Specify the menu title to be used in your blocklayout template $menu['menutitle'] = pnML('Example Administration'); // Specify the menu labels to be used in your blocklayout template $menu['menulabel_new'] = _NEWEXAMPLE; $menu['menulabel_view'] = _VIEWEXAMPLE; $menu['menulabel_config'] = _EXAMPLEMODIFYCONFIG; // Preset some status variable $menu['status'] = ''; // Note : you could also specify the menu links here, and pass them // on to the template as variables // $menu['menulink_view'] = pnModURL('example','admin','view'); // Note : you could also put all menu items in a $menu['menuitems'] array // // Initialise the array that will hold the different menu items // $menu['menuitems'] = array(); // // Define a menu item // $item = array(); // $item['menulabel'] = _EXAMPLEVIEW; // $item['menulink'] = pnModURL('example','user','view'); // // Add it to the array of menu items // $menu['menuitems'][] = $item; // // Add more menu items to the array // ... // // Then you can let the blocklayout template create the different // menu items *dynamically*, e.g. by using something like : // // <pnt:loop name="menuitems"> // <td><a href="&pnt-var-menulink;">&pnt-var-menulabel;</a></td> // </pnt:loop> // // in the templates of your module. Or you could even pass an argument // to the admin_menu() function to turn links on/off automatically // depending on which function is currently called... // // But most people will prefer to specify all this manually in each // blocklayout template anyway :-) // Return the array containing the menu configuration return $menu; } ?> --- NEW FILE: pnadminapi.php --- <?php // $Id: pnadminapi.php,v 1.1 2002/08/07 01:30:22 mikespub Exp $ // ---------------------------------------------------------------------- // PostNuke Content Management System // Copyright (C) 2002 by the PostNuke Development Team. // http://www.postnuke.com/ // ---------------------------------------------------------------------- // LICENSE // // This program is free software; you can redistribute it and/or // modify it under the terms of the GNU General Public License (GPL) // as published by the Free Software Foundation; either version 2 // of the License, or (at your option) any later version. // // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // // To read the license please visit http://www.gnu.org/copyleft/gpl.html // ---------------------------------------------------------------------- // Original Author of file: Jim McDonald // Purpose of file: Example administration API // ---------------------------------------------------------------------- /** * create a new example item * * @author the Example module development team * @param $args['name'] name of the item * @param $args['number'] number of the item * @returns int * @return example item ID on success, false on failure * @raise BAD_PARAM, NO_PERMISSION, DATABASE_ERROR */ function example_adminapi_create($args) { // Get arguments from argument array - all arguments to this function // should be obtained from the $args array, getting them from other // places such as the environment is not allowed, as that makes // assumptions that will not hold in future versions of PostNuke extract($args); // Argument check - make sure that all required arguments are present // and in the right format, if not then set an appropriate error // message and return // Note : since we have several arguments we want to check here, we'll // report all those that are invalid at the same time... $invalid = array(); if (!isset($name) || !is_string($name)) { $invalid[] = 'name'; } if (!isset($number) || !is_numeric($number)) { $invalid[] = 'number'; } if (count($invalid) > 0) { $msg = pnML('Invalid #(1) for #(2) function #(3)() in module #(4)', join(', ',$invalid), 'admin', 'create', 'Example'); pnExceptionSet(PN_USER_EXCEPTION, 'BAD_PARAM', new SystemException($msg)); return false; } // Security check - important to do this as early on as possible to // avoid potential security holes or just too much wasted processing if (!pnSecAuthAction(0, 'Example::Item', "$name::", ACCESS_ADD)) { $msg = pnML('Not authorized to add #(1) items', 'Example'); pnExceptionSet(PN_USER_EXCEPTION, 'NO_PERMISSION', new SystemException($msg)); return false; } // Get database setup - note that both pnDBGetConn() and pnDBGetTables() // return arrays but we handle them differently. For pnDBGetConn() // we currently just want the first item, which is the official // database handle. For pnDBGetTables() we want to keep the entire // tables array together for easy reference later on list($dbconn) = pnDBGetConn(); $pntable = pnDBGetTables(); // It's good practice to name the table and column definitions you // are getting - $table and $column don't cut it in more complex // modules $exampletable = $pntable['example']; // Get next ID in table - this is required prior to any insert that // uses a unique ID, and ensures that the ID generation is carried // out in a database-portable fashion $nextId = $dbconn->GenId($exampletable); // Add item - the formatting here is not mandatory, but it does make // the SQL statement relatively easy to read. Also, separating out // the sql statement from the Execute() command allows for simpler // debug operation if it is ever needed $sql = "INSERT INTO $exampletable ( pn_exid, pn_name, pn_number) VALUES ( $nextId, '" . pnVarPrepForStore($name) . "', " . pnvarPrepForStore($number) . ")"; $dbconn->Execute($sql); // Check for an error with the database code, and if so set an // appropriate error message and return if ($dbconn->ErrorNo() != 0) { // Hint : for debugging SQL queries, you can use $dbconn->ErrorMsg() // to retrieve the actual database error message, and use e.g. the // following message : // $msg = pnML('Database error #(1) in query #(2) for #(3) function ' . // '#(4)() in module #(5)', // $dbconn->ErrorMsg(), $sql, 'admin', 'create', 'Example'); // Don't use that for release versions, though... $msg = pnML('Database error for #(1) function #(2)() in module #(3)', 'admin', 'create', 'Example'); pnExceptionSet(PN_SYSTEM_EXCEPTION, 'DATABASE_ERROR', new SystemException($msg)); return false; } // Get the ID of the item that we inserted. It is possible, depending // on your database, that this is different from $nextId as obtained // above, so it is better to be safe than sorry in this situation $exid = $dbconn->PO_Insert_ID($exampletable, 'pn_exid'); // Let any hooks know that we have created a new item. As this is a // create hook we're passing 'exid' as the extra info, which is the // argument that all of the other functions use to reference this // item pnModCallHooks('item', 'create', $exid, 'exid'); // Return the id of the newly created item to the calling process return $exid; } /** * delete a example item * * @author the Example module development team * @param $args['exid'] ID of the item * @returns bool * @return true on success, false on failure * @raise BAD_PARAM, NO_PERMISSION, DATABASE_ERROR */ function example_adminapi_delete($args) { // Get arguments from argument array - all arguments to this function // should be obtained from the $args array, getting them from other // places such as the environment is not allowed, as that makes // assumptions that will not hold in future versions of PostNuke extract($args); // Argument check - make sure that all required arguments are present and // in the right format, if not then set an appropriate error message // and return if (!isset($exid) || !is_numeric($exid)) { $msg = pnML('Invalid #(1) for #(2) function #(3)() in module #(4)', 'item ID', 'admin', 'delete', 'Example'); pnExceptionSet(PN_USER_EXCEPTION, 'BAD_PARAM', new SystemException($msg)); return false; } // Load API. Note that this is loading the user API in addition to // the administration API, that is because the user API contains // the function to obtain item information which is the first thing // that we need to do. If the API fails to load an appropriate error // message is posted and the function returns if (!pnModAPILoad('example', 'user')) { $msg = pnML('Unable to load #(1) #(2) API', 'Example','user'); pnExceptionSet(PN_SYSTEM_EXCEPTION, 'NO_PERMISSION', new SystemException($msg)); return false; } // The user API function is called. This takes the item ID which // we obtained from the input and gets us the information on the // appropriate item. If the item does not exist we post an appropriate // message and return $item = pnModAPIFunc('example', 'user', 'get', array('exid' => $exid)); if ($item == false) { $msg = pnML('Invalid #(1) for #(2) function #(3)() in module #(4)', 'item ID', 'user', 'get', 'Example'); pnExceptionSet(PN_USER_EXCEPTION, 'BAD_PARAM', new SystemException($msg)); return false; } // Security check - important to do this as early on as possible to // avoid potential security holes or just too much wasted processing. // However, in this case we had to wait until we could obtain the item // name to complete the instance information so this is the first // chance we get to do the check if (!pnSecAuthAction(0, 'Example::Item', "$item[name]::$exid", ACCESS_DELETE)) { $msg = pnML('Not authorized to delete #(1) item #(2)', 'Example', pnVarPrepForStore($exid)); pnExceptionSet(PN_USER_EXCEPTION, 'NO_PERMISSION', new SystemException($msg)); return false; } // Get database setup - note that both pnDBGetConn() and pnDBGetTables() // return arrays but we handle them differently. For pnDBGetConn() // we currently just want the first item, which is the official // database handle. For pnDBGetTables() we want to keep the entire // tables array together for easy reference later on list($dbconn) = pnDBGetConn(); $pntable = pnDBGetTables(); // It's good practice to name the table and column definitions you // are getting - $table and $column don't cut it in more complex // modules $exampletable = $pntable['example']; // Delete the item - the formatting here is not mandatory, but it does // make the SQL statement relatively easy to read. Also, separating // out the sql statement from the Execute() command allows for simpler // debug operation if it is ever needed $sql = "DELETE FROM $exampletable WHERE pn_exid = " . pnVarPrepForStore($exid); $dbconn->Execute($sql); // Check for an error with the database code, and if so set an // appropriate error message and return if ($dbconn->ErrorNo() != 0) { // Hint : for debugging SQL queries, you can use $dbconn->ErrorMsg() // to retrieve the actual database error message, and use e.g. the // following message : // $msg = pnML('Database error #(1) in query #(2) for #(3) function ' . // '#(4)() in module #(5)', // $dbconn->ErrorMsg(), $sql, 'admin', 'delete', 'Example'); // Don't use that for release versions, though... $msg = pnML('Database error for #(1) function #(2)() in module #(3)', 'admin', 'delete', 'Example'); pnExceptionSet(PN_SYSTEM_EXCEPTION, 'DATABASE_ERROR', new SystemException($msg)); return false; } // Let any hooks know that we have deleted an item. As this is a // delete hook we're not passing any extra info pnModCallHooks('item', 'delete', $exid, ''); // Let the calling process know that we have finished successfully return true; } /** * update a example item * * @author the Example module development team * @param $args['exid'] the ID of the item * @param $args['name'] the new name of the item * @param $args['number'] the new number of the item * @raise BAD_PARAM, NO_PERMISSION, DATABASE_ERROR */ function example_adminapi_update($args) { // Get arguments from argument array - all arguments to this function // should be obtained from the $args array, getting them from other // places such as the environment is not allowed, as that makes // assumptions that will not hold in future versions of PostNuke extract($args); // Argument check - make sure that all required arguments are present // and in the right format, if not then set an appropriate error // message and return // Note : since we have several arguments we want to check here, we'll // report all those that are invalid at the same time... $invalid = array(); if (!isset($exid) || !is_numeric($exid)) { $invalid[] = 'item ID'; } if (!isset($name) || !is_string($name)) { $invalid[] = 'name'; } if (!isset($number) || !is_numeric($number)) { $invalid[] = 'number'; } if (count($invalid) > 0) { $msg = pnML('Invalid #(1) for #(2) function #(3)() in module #(4)', join(', ',$invalid), 'admin', 'update', 'Example'); pnExceptionSet(PN_USER_EXCEPTION, 'BAD_PARAM', new SystemException($msg)); return false; } // Load API. Note that this is loading the user API in addition to // the administration API, that is because the user API contains // the function to obtain item information which is the first thing // that we need to do. If the API fails to load an appropriate error // message is posted and the function returns if (!pnModAPILoad('example', 'user')) { $msg = pnML('Unable to load #(1) #(2) API', 'Example','user'); pnExceptionSet(PN_SYSTEM_EXCEPTION, 'NO_PERMISSION', new SystemException($msg)); return false; } // The user API function is called. This takes the item ID which // we obtained from the input and gets us the information on the // appropriate item. If the item does not exist we post an appropriate // message and return $item = pnModAPIFunc('example', 'user', 'get', array('exid' => $exid)); if ($item == false) { $msg = pnML('Invalid #(1) for #(2) function #(3)() in module #(4)', 'item ID', 'user', 'get', 'Example'); pnExceptionSet(PN_USER_EXCEPTION, 'BAD_PARAM', new SystemException($msg)); return false; } // Security check - important to do this as early on as possible to // avoid potential security holes or just too much wasted processing. // However, in this case we had to wait until we could obtain the item // name to complete the instance information so this is the first // chance we get to do the check // Note that at this stage we have two sets of item information, the // pre-modification and the post-modification. We need to check against // both of these to ensure that whoever is doing the modification has // suitable permissions to edit the item otherwise people can potentially // edit areas to which they do not have suitable access if (!pnSecAuthAction(0, 'Example::Item', "$item[name]::$exid", ACCESS_EDIT)) { $msg = pnML('Not authorized to edit #(1) item #(2)', 'Example', pnVarPrepForStore($exid)); pnExceptionSet(PN_USER_EXCEPTION, 'NO_PERMISSION', new SystemException($msg)); return false; } if (!pnSecAuthAction(0, 'Example::Item', "$name::$exid", ACCESS_EDIT)) { $msg = pnML('Not authorized to edit #(1) item #(2)', 'Example', pnVarPrepForStore($exid)); pnExceptionSet(PN_USER_EXCEPTION, 'NO_PERMISSION', new SystemException($msg)); return false; } // Get database setup - note that both pnDBGetConn() and pnDBGetTables() // return arrays but we handle them differently. For pnDBGetConn() // we currently just want the first item, which is the official // database handle. For pnDBGetTables() we want to keep the entire // tables array together for easy reference later on list($dbconn) = pnDBGetConn(); $pntable = pnDBGetTables(); // It's good practice to name the table and column definitions you // are getting - $table and $column don't cut it in more complex // modules $exampletable = $pntable['example']; // Update the item - the formatting here is not mandatory, but it does // make the SQL statement relatively easy to read. Also, separating // out the sql statement from the Execute() command allows for simpler // debug operation if it is ever needed $sql = "UPDATE $exampletable SET pn_name = '" . pnVarPrepForStore($name) . "', pn_number = " . pnVarPrepForStore($number) . " WHERE pn_exid = " . pnVarPrepForStore($exid); $dbconn->Execute($sql); // Check for an error with the database code, and if so set an // appropriate error message and return if ($dbconn->ErrorNo() != 0) { // Hint : for debugging SQL queries, you can use $dbconn->ErrorMsg() // to retrieve the actual database error message, and use e.g. the // following message : // $msg = pnML('Database error #(1) in query #(2) for #(3) function ' . // '#(4)() in module #(5)', // $dbconn->ErrorMsg(), $sql, 'admin', 'update', 'Example'); // Don't use that for release versions, though... $msg = pnML('Database error for #(1) function #(2)() in module #(3)', 'admin', 'update', 'Example'); pnExceptionSet(PN_SYSTEM_EXCEPTION, 'DATABASE_ERROR', new SystemException($msg)); return false; } // Let the calling process know that we have finished successfully return true; } ?> --- NEW FILE: pninit.php --- <?php // $Id: pninit.php,v 1.1 2002/08/07 01:30:22 mikespub Exp $ // ---------------------------------------------------------------------- // PostNuke Content Management System // Copyright (C) 2002 by the PostNuke Development Team. // http://www.postnuke.com/ // ---------------------------------------------------------------------- // LICENSE // // This program is free software; you can redistribute it and/or // modify it under the terms of the GNU General Public License (GPL) // as published by the Free Software Foundation; either version 2 // of the License, or (at your option) any later version. // // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // // To read the license please visit http://www.gnu.org/copyleft/gpl.html // ---------------------------------------------------------------------- // Original Author of file: Jim McDonald // Purpose of file: Initialisation functions for example // ---------------------------------------------------------------------- /** * initialise the example module * This function is only ever called once during the lifetime of a particular * module instance */ function example_init() { // Get datbase setup - note that both pnDBGetConn() and pnDBGetTables() // return arrays but we handle them differently. For pnDBGetConn() // we currently just want the first item, which is the official // database handle. For pnDBGetTables() we want to keep the entire // tables array together for easy reference later on list($dbconn) = pnDBGetConn(); $pntable = pnDBGetTables(); // It's good practice to name the table and column definitions you // are getting - $table and $column don't cut it in more complex // modules $exampletable = $pntable['example']; $examplecolumn = &$pntable['example_column']; // adodb does not provide the functionality to abstract table creates // across multiple databases. Postnuke offers the pnCreateTable function // contained in the following file to provide this functionality. include ('pnadodb/pnTableDDL.php'); // Define the table structure in this associative array // There is one element for each field. The key for the element is // the physical field name. The element contains another array specifying the // data type and associated parameters $fields = array( 'pn_exid'=>array('type'=>'integer','null'=>FALSE,'increment'=>TRUE,'primary_key'=>TRUE), 'pn_name'=>array('type'=>'varchar','size'=>32,'null'=>FALSE), 'pn_number'=>array('type'=>'integer','size'=>'small','null'=>FALSE,'default'=>'0') ); // $sql = "CREATE TABLE $exampletable ( // pn_exid int(10) NOT NULL auto_increment, // pn_name varchar(32) NOT NULL default '', // pn_number int(5) NOT NULL default 0, // PRIMARY KEY(pn_exid))"; // More sample field create statements // 'pn_i000'=>array('null'=>FALSE, 'type'=>'integer','unsigned'=>TRUE,'increment'=>TRUE,'primary_key'=>TRUE), // 'pn_i001'=>array('null'=>FALSE, 'type'=>'integer','size'=>'tiny', 'default'=>'0'), // 'pn_i002'=>array('null'=>FALSE, 'type'=>'integer','size'=>'small', 'default'=>'0'), // 'pn_i003'=>array('null'=>TRUE, 'type'=>'integer','size'=>'medium', 'default'=>'0'), // 'pn_i004'=>array('type'=>'integer','size'=>'big', 'default'=>'0'), // 'pn_v001'=>array('null'=>FALSE, 'type'=>'varchar','size'=>255), // 'pn_v002'=>array('null'=>TRUE, 'type'=>'varchar','size'=>100, 'default'=>'NULL'), // 'pn_v003'=>array('null'=>TRUE, 'type'=>'varchar','size'=>11, 'default'=>'XX'), // 'pn_c001'=>array('null'=>FALSE, 'type'=>'char','size'=>255), // 'pn_c002'=>array('null'=>TRUE, 'type'=>'char','size'=>100, 'default'=>'NULL'), // 'pn_c003'=>array('null'=>TRUE, 'type'=>'char','size'=>11, 'default'=>'XX'), // 'pn_t001'=>array('null'=>FALSE, 'type'=>'text'), // 'pn_t002'=>array('null'=>FALSE, 'type'=>'text', 'size'=>'tiny'), // 'pn_t003'=>array('null'=>FALSE, 'type'=>'text', 'size'=>'medium'), // 'pn_t004'=>array('null'=>FALSE, 'type'=>'text', 'size'=>'long'), // 'pn_b001'=>array('null'=>FALSE, 'type'=>'blob'), // 'pn_b002'=>array('null'=>FALSE, 'type'=>'blob','size'=>'tiny'), // 'pn_b003'=>array('null'=>FALSE, 'type'=>'blob','size'=>'medium'), // 'pn_b004'=>array('null'=>FALSE, 'type'=>'blob','size'=>'long'), // 'pn_l001'=>array('null'=>FALSE, 'type'=>'boolean','default'=>FALSE), // 'pn_d001'=>array('type'=>'datetime','default'=>array('year'=>2002,'month'=>04,'day'=>17,'hour'=>'12','minute'=>59,'second'=>0)), // 'pn_d002'=>array('null'=>FALSE, 'type'=>'date','default'=>array('year'=>2002,'month'=>04,'day'=>17)), // 'pn_f000'=>array('type'=>'float'), // 'pn_f001'=>array('type'=>'float', 'width'=>6,'decimals'=>2), // 'pn_f002'=>array('type'=>'float', 'size'=>'double','width'=>12, 'decimals'=>2), // 'pn_f003'=>array('type'=>'float', 'size'=>'decimal','width'=>12, 'decimals'=>2), // 'pn_ts01'=>array('type'=>'timestamp'), // 'pn_ts02'=>array('type'=>'timestamp', 'size'=>'YYYYMMDD'), // Create the Table - the function will return the SQL is successful or // FALSE if it fails to build the SQL $sql = pnDBCreateTable($exampletable,$fields); if ($sql == FALSE) { pnSessionSetVar('errormsg', _CREATETABLEFAILED); return false; } // Pass the Table Create DDL to adodb to create the table $dbconn->Execute($sql); // Check for an error with the database code, and if so set an // appropriate error message and return if ($dbconn->ErrorNo() != 0) { pnSessionSetVar('errormsg', _CREATETABLEFAILED); return false; } // If Categories API loaded and available, generate proprietary // module master category cid and child subcids if(pnModAvailable('categories') && pnModAPILoad('categories', 'admin')) { $examplecid = pnModAPIFunc('categories', 'admin', 'create', Array('name' => 'examples', 'description' => 'Example Categories', 'parent_id' => 0)); // Note: you can have more than 1 mastercid (cfr. articles module) pnModSetVar('example', 'mastercid', $examplecid); $examplecategories = array(); $examplecategories[] = array('name' => "one", 'description' => "description one"); $examplecategories[] = array('name' => "two", 'description' => "description two"); $examplecategories[] = array('name' => "three", 'description' => "description three"); foreach($examplecategories as $subcat) { $examplesubcid = pnModAPIFunc('categories', 'admin', 'create', Array('name' => $subcat['name'], 'description' => $subcat['description'], 'parent_id' => $examplecid)); } } // Set up an initial value for a module variable. Note that all module // variables should be initialised with some value in this way rather // than just left blank, this helps the user-side code and means that // there doesn't need to be a check to see if the variable is set in // the rest of the code as it always will be pnModSetVar('example', 'bold', 0); pnModSetVar('example', 'itemsperpage', 10); // If your module supports short URLs, the website administrator should // be able to turn it on or off in your module administration pnModSetVar('example', 'SupportShortURLs', 0); // Register Block types (this *should* happen at activation/deactivation) pnBlockTypeRegister('example', 'first'); // Initialisation successful return true; } /** * upgrade the example module from an old version * This function can be called multiple times */ function example_upgrade($oldversion) { // Upgrade dependent on old version number switch($oldversion) { case 0.5: // Version 0.5 didn't have a 'number' field, it was added // in version 1.0 // Get datbase setup - note that both pnDBGetConn() and pnDBGetTables() // return arrays but we handle them differently. For pnDBGetConn() // we currently just want the first item, which is the official // database handle. For pnDBGetTables() we want to keep the entire // tables array together for easy reference later on // This code could be moved outside of the switch statement if // multiple upgrades need it list($dbconn) = pnDBGetConn(); $pntable = pnDBGetTables(); // It's good practice to name the table and column definitions you // are getting - $table and $column don't cut it in more complex // modules // This code could be moved outside of the switch statement if // multiple upgrades need it $exampletable = $pntable['example']; // Add a column to the table - the formatting here is not // mandatory, but it does make the SQL statement relatively easy // to read. Also, separating out the SQL statement from the // Execute() command allows for simpler debug operation if it is // ever needed $sql = "ALTER TABLE $exampletable ADD pn_number int(5) NOT NULL default 0"; $dbconn->Execute($sql); // Check for an error with the database code, and if so set an // appropriate error message and return if ($dbconn->ErrorNo() != 0) { pnSessionSetVar('errormsg', _UPDATETABLEFAILED); return false; } // At the end of the successful completion of this function we // recurse the upgrade to handle any other upgrades that need
View Statistics - Next Notice - Previous Notice
Visit Developer Site - Browse CVS Repository |
Syndicate via backend.rss (max. once per hour please) | Powered by CVSNotice 0.1.3 |