Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> RavenNuke(tm) v2.5x
Author Message
hicuxunicorniobestbuildpc
The Mouse Is Extension Of Arm



Joined: Aug 13, 2009
Posts: 1123

PostPosted: Mon Oct 28, 2013 3:33 am Reply with quote

I compiled and zip all files in order to make it available for others.

Download Link
[ Only registered users can see links on this board! Get registered or login! ]
 
View user's profile Send private message
neralex
Site Admin



Joined: Aug 22, 2007
Posts: 1774

PostPosted: Mon Oct 28, 2013 11:08 am Reply with quote

draxx wrote:
If this your way of saying you want me to buy you lunch for fixing this much needed module I am very happy to do so! Smile What is your paypal?

No, what that meant! I meant that I will not rewrite it myself in the near future in this direction. I just wanted to help the old code to write safe and clean. Always easy to get from one to the other but I have my own project, which cost me a lot of time. If someone else wants to write it, he now has a reasonable basis. But I will not stop you from thinking about donating something. Smile On my media-page you can find a donation button. There should be no solicitation - more of a hint. Such individual adjustments to cost a lot of time to put it up to write for free. Maybe someone can find the time or do you even supplemented the script.

misterstereus wrote:
This is my fix for your file

This is again the old outdated and unsecure code. There are a lot of issues (security and validation). Without to recode it, i would never use it in this way - not recommended!

_________________
Github: RavenNuke 
View user's profile Send private message
draxx
Involved
Involved



Joined: Nov 19, 2003
Posts: 282

PostPosted: Mon Oct 28, 2013 12:41 pm Reply with quote

misterstereus wrote:
This is my fix for your file

neralex wrote:
This is again the old outdated and unsecure code. There are a lot of issues (security and validation). Without to recode it, i would never use it in this way - not recommended!


Yes but his code works completely!

You say that what I want from the module is not possible. Yet his code does it. I say your transported code only needs a slight adjustment to completely function as intended also but I can't see what that is.

It is has to do with the update of the block weight. When you edit block weight your code updates the weight of a block in all the titles - it should only update the weight of the block in the title being edited.

His code works perfectly and I think it is only a small change in your code for it to work perfectly too .... but I am too stupid to figure it out Smile
 
View user's profile Send private message
neralex







PostPosted: Mon Oct 28, 2013 12:43 pm Reply with quote

I have never written, that is not possible but i believe you don't have understand it, what i mean. I don't want start from scratch to fix all his security and validation issues... sorry! You are free to use and/or rewrite all of them. But its your risk to use his code. It could be a good start to expand your own experiences with PHP.
 
draxx







PostPosted: Mon Oct 28, 2013 12:57 pm Reply with quote

neralex wrote:
I don't start from scratch to fix all his security and validation issues... sorry! You are free to use and/or rewrite all of them. But its your risk to use his code. It could be a good start to expand your own experiences with PHP.


Please don't misunderstand. I think you made a perfect port!!

You see the original file does this as well. I think it is a problem with the update of php or something like that.

So your port was perfect! Wink Smile

It's okay I will ask misterstereus to fix your version of this function as he apparently already knows the answer since he fixed his. Thanks again for all your help in this regard.
 
misterstereus
Regular
Regular



Joined: Aug 03, 2012
Posts: 56
Location: Rome Italy

PostPosted: Mon Oct 28, 2013 1:39 pm Reply with quote

You can use my gile becouse it is an admin file and not important validate not see users or spyders
 
View user's profile Send private message Send e-mail Visit poster's website
neralex







PostPosted: Mon Oct 28, 2013 3:19 pm Reply with quote

misterstereus, you have security issues in your file - you should really protect your queries! No query is escaped, where is it needed, no numeric checks, etc. Its possible to manipulate it and you should add everytime csrf-checks if you are sending variables via GET and POST through functions to store data in the database! You are typing a very unsecure and outdated way in PHP. Not only if its an admin-file, then is it automaticly secure!

Validation have nothing to with users and spiders. Its a clear code standard and if you have a validated theme, like all themes in RN, then it should also have a validated code in the admin-areas. All other ways looks very ugly and later with HTML5 you get a lot of more validation issues.

I can only repeat it again, try to go new ways instead to hold on your old thinking. Smile

Wink
 
hicuxunicorniobestbuildpc







PostPosted: Mon Oct 28, 2013 6:03 pm Reply with quote

Quote:
You can use my gile becouse it is an admin file and not important validate not see users or spyders


First of all, I would like to tell you some things and ask you some questions:

If you do not care about validation or security as it looks like u don't..how is possible you are running RavenNuke ( one of the most secure and validate CMS I ever found) I fought for years testing blocks, modules, addons, mods which were having problems all the time and unfortunately some few people care.

I just visited your site and you have 153 warning errors like this example.


line 403 column 239 - Warning: <img> dropping value "0" for repeated attribute "border"

Code:
<img  width="80px" src="modules/Catalogo/images/products/thumbnails/386.png"border="0" /></a></td>


line 278 column 157 - Warning: missing </a> before <center>

Explain to me why do we need to use your file? In my opinion I suggest to not use your file in a production site.

About neralex:

I've been in discussion with him many times for different things but I am not blind to undertand how precisely he always does everytime he converted an old module, blocks, themes, addon, etc...His website loads in seconds, it is really fast and W3C Standard Validated.

The way neralex is bringing or showing the files should be the way RaveNuke(CMS) builds his own future and we should be more openmind in trying to do the same. Why do we need to get stuck in the past with old unsecure stuff?

If we need to put some money on the table to be motivated to make new modules, blocks, addons, new themes or fix or convert old stuff I do want to participate and I do agree with neralex's opinion.

I understand we are in a difficult time right now but if we all together just give a little money it becomes a lot.


Example: I need to convert Multiheadlines module for RavenNuke is has to be secure and validated.

I can put $5( I know it is not so much but if everybody contribute then it is not so much and then we can have more new cool stuff instead of fighting all time. In my eyes I don't see any progress because of the fact some people do not want to follow the most efficient way, others do not have the time, no motivation, tired of working hours and hours.)

Very Happy Let's be happy because I am trying to learn from many of you even I am a pain in the ass sometimes. I just want to see cool stuff.

This addon should be in the next version of RavenNuke if it is possible. It is really cool but I don't think anybody want to see his site hacked right?

Sorry for the long text
 
draxx







PostPosted: Mon Oct 28, 2013 6:21 pm Reply with quote

I have fixed Narelex's file myself by comparing the difference between misterstereus two versions and identifying the changes.

It only needed changed 2 lines of code with 1 variable. It now works as intended.

Thanks again to everyone who contributed to this effort. I am always thrilled to see the many come together.

For me I tend to agree with misterstereus as in this case only the admin can access the code presented. If a hacker has taken over the admin panel of your site to open the blocks by module manager then improper code in that file is the least of your worries!

However the control panel made by misterstereus does not allow you to select multiple modules at once to add a single block. You must do it one by one. It is this reason I prefer the Neralex version because it does allow this.

For those who care here is the working Neralex version:

Code:


<?php
/**
* @package: RN Admin Module - WB_BlocksManager
* @version: 1.0
* @file: blocks_manager.php
* @copyright: WB_BlocksManager v0.2 (c) 2003 Paulo Ferreira http://www.phpnuke-belgique.org
* @modifications: Easy Position Change, Block Position by Module, Multi Add/Remove of Selected Blocks
* @modifications: (c) 2004 James Johnston http://www.phpnuke-belgique.org
* @Updated for PHPNuke 7.4: (c) 2004 spcdata http://www.nextnet.se
* @Updated for RavenNuke(tm) v25x: (c) 2013 by neralex - http://www.media.soefm.de
* @license: http://opensource.org/licenses/gpl-license.php GNU Public License
*/
 
if (!defined('ADMIN_FILE')) {die('Illegal File Access');}
if (!defined('PHP_EOL')) define('PHP_EOL', strtoupper(substr(PHP_OS,0,3) == 'WIN') ? "\r\n" : "\n");
 
$centerblocks_only_for_home = 0; # set to 0 to have the option every time
 
if (is_mod_admin('admin')) {
 
if (!isset($op)) $op = '';
if (!isset($wb_name)) $wb_name = '';
if (!isset($bidrep)) $bidrep = '';
 
switch($op) {
case 'BlocksManager':
BlocksManager($wb_name);
break;
case 'BlocksManager_Add':
csrf_check();
BlocksManager_Add($bida, $title, $wb_name);
break;
case 'BlocksManager_Remove':
csrf_check();
BlocksManager_Remove($bidr, $title, $wb_name);
break;
case 'BlocksManager_BlockPosition':
csrf_check();
BlocksManager_BlockPosition($bid, $title, $position);
break;
case 'BlocksManager_FixWeight':
csrf_check();
BlocksManager_FixWeight($wb_name);
break;
case 'BlocksManager_BlockOrder':
csrf_check();
BlocksManager_BlockOrder($weightrep, $weight, $bidrep, $bidori, $title);
break;
 
}
 
} else {
echo 'Access Denied';
}
die();
 
/*********************************************************/
/* Blocks_Manager Functions */
/*********************************************************/
 
function BlocksManager($wb_name) {
global $admin_file, $prefix, $db, $currentlang, $multilingual, $centerblocks_only_for_home;
$table = $db->sql_fetchrow($db->sql_query('SHOW TABLES LIKE \'' . $prefix . '_blocks_manager\''));
if (isset($table['0'])) {
$blma_css = '<style type="text/css">' . PHP_EOL
. '.noborder {border:none;}' . PHP_EOL
. '.valign_top {vertical-align:top;}' . PHP_EOL
. '.valign_bottom {vertical-align:bottom;}' . PHP_EOL
. '.valign_middle {vertical-align:middle;}' . PHP_EOL
. '.blma_maintable {border-top:1px solid; border-bottom:1px solid; width:100%; border-spacing:0px;}' . PHP_EOL
. '.blma_maintable td:first-child {border-left:1px solid;}' . PHP_EOL
. '.blma_maintable td {padding:0; border-top:1px solid; border-top:1px solid; border-right:1px solid; display:table-cell; vertical-align:middle; text-align:center; padding:2px 0 2px 0;}' . PHP_EOL
. '.blma_maintable img {border:none;}' . PHP_EOL
. '.blma_maintable tr:first-child {font-weight:bold;border-bottom:1px solid;}' . PHP_EOL
. '.blma_maintable tr:first-child td {border-top:none;}' . PHP_EOL
. '.blma_addnewtable {border:none; border-spacing:0px; width:80%;}' . PHP_EOL
. '.blma_addnewtable td {display:table-cell; text-align:center;}' . PHP_EOL
. '</style>' . PHP_EOL;
addCSSToHead($blma_css, 'inline');
include_once 'header.php';
GraphicAdmin();
OpenTable();
echo '<div class="text-center thick">' , _BLOCKMGR_BLOCKSADMIN_MANAGER , '</div>' , PHP_EOL;
CloseTable();
echo '<br />' , PHP_EOL;
OpenTable();
$wb_url = $admin_file . '.php?op=BlocksManager&amp;wb_name=';
# added query to catch the current main-module (HOME)
$row2 = $db->sql_fetchrow($db->sql_query('SELECT `main_module` FROM `' . $prefix . '_main`'));
$main_module = $row2['main_module'];
$result = $db->sql_query('SELECT `mid`, `title`, `custom_title`, `active`, `view`, `inmenu` FROM `' . $prefix . '_modules` WHERE `active` = 1 ORDER BY `title` ASC');
echo '<div class="text-center">' , PHP_EOL;
if ($db->sql_numrows($result) > 0) {
echo '<form action="' , $admin_file , '.php" method="post">' , PHP_EOL
, _BLOCKMGR_MODULEDROP , '&nbsp;' , PHP_EOL
, '<select name="wb_name" size="1" onchange="top.location.href=this.options[this.selectedIndex].value">' , PHP_EOL;
while (list($mid, $title, $custom_title, $active, $view, $inmenu) = $db->sql_fetchrow($result)) {
echo '<option value="' , $wb_url , $title , '"' , ($wb_name == $title ? ' selected="selected"' : '') , '>' , $title , '</option>' , PHP_EOL;
if ($wb_name == '') {
$wb_name = $title;
}
} # end of while
echo '</select>' , PHP_EOL
, '</form>' , PHP_EOL
, '</div>' , PHP_EOL
, '<br />' , PHP_EOL;
} else {
echo 'No active modules found!' , PHP_EOL
, '</div>' , PHP_EOL;
CloseTable();
include_once 'footer.php';
exit;   
}   
echo '<table class="blma_maintable">' , PHP_EOL
, '<tr>' , PHP_EOL
, '<td>' , _TITLE , '</td>' , PHP_EOL
, '<td colspan="2">' , _POSITION , '</td>' , PHP_EOL
, '<td colspan="2">' , _WEIGHT , '</td>' , PHP_EOL
, '<td>' , _TYPE , '</td>' , PHP_EOL
, '<td>' , _STATUS , '</td>' , PHP_EOL
, '<td>' , _VIEW , '</td>' , PHP_EOL;
if ($multilingual == 1) {
echo '<td>' , _LANGUAGE , '</td>' , PHP_EOL;
}
#echo '<td>' , _FUNCTIONS , '</td>' , PHP_EOL;
echo '</tr>' , PHP_EOL;   
$i = 0;
$sql = 'SELECT b.`bid`, b.`bkey`, b.`title`, b.`url`, m.`bposition`, m.`weight`, b.`active`, b.`blanguage`, b.`blockfile`, b.`view` FROM `' . $prefix . '_blocks` b, `' . $prefix . '_blocks_manager` m WHERE b.`bid` = m.`bid` AND m.`title` = \'' . $db->sql_escape_string($wb_name) . '\' ORDER BY m.`bposition`, m.`weight` ASC';
$result1 = $db->sql_query($sql);
if ($db->sql_numrows($result1) > 0) {
while (list($bid, $bkey, $title, $url, $bposition, $weight, $active, $blanguage, $blockfile, $view) = $db->sql_fetchrow($result1)) {
$weight1 = $weight - 1;
$weight3 = $weight + 1;
$res = $db->sql_query('SELECT `bid` FROM `' . $prefix . '_blocks_manager` WHERE `title` = \'' . $db->sql_escape_string($wb_name) . '\' AND `weight` = \'' . $weight1 . '\' AND `bposition` = \'' . $bposition . '\'');
list($bid1) = $db->sql_fetchrow($res);
$con1 = $bid1;
$res2 = $db->sql_query('SELECT `bid` FROM `' . $prefix . '_blocks_manager` WHERE `title` = \'' . $db->sql_escape_string($wb_name) . '\' AND `weight` = \'' . $weight3 . '\' AND `bposition` = \'' . $bposition . '\'');
list($bid2) = $db->sql_fetchrow($res2);
$con2 = $bid2;
 
echo '<tr>' , PHP_EOL
, '<td>' , $title , '</td>' , PHP_EOL;
if ($bposition == 'l') {
$bposition = _LEFT . '</td>' . PHP_EOL
. '<td>' . PHP_EOL
. '<a class="rn_csrf" href="' . $admin_file . '.php?op=BlocksManager_BlockPosition&amp;bid=' . $bid . '&amp;title=' . $wb_name . '&amp;position=r">'
. '<img src="images/center_l.gif" alt="' . _RIGHTBLOCK . '" title="' . _RIGHTBLOCK . '" />'
. '</a>' . PHP_EOL;
if (($centerblocks_only_for_home == 1 && $wb_name == $main_module) || $centerblocks_only_for_home == 0) {
$bposition .= '<a class="rn_csrf" href="' . $admin_file . '.php?op=BlocksManager_BlockPosition&amp;bid=' . $bid . '&amp;title=' . $wb_name . '&amp;position=c">'
. '<img src="images/up.gif" alt="' . _CENTERUP . '" title="' . _CENTERUP . '" />'
. '</a>' . PHP_EOL
. '<a class="rn_csrf" href="' . $admin_file . '.php?op=BlocksManager_BlockPosition&amp;bid=' . $bid . '&amp;title=' . $wb_name . '&amp;position=d">'
. '<img src="images/down.gif" alt="' . _CENTERDOWN . '" title="' . _CENTERDOWN . '" />'
. '</a>' . PHP_EOL;
}
} elseif ($bposition == 'r') {
$bposition = _RIGHT . '</td>' . PHP_EOL
. '<td>' . PHP_EOL
. '<a class="rn_csrf" href="' . $admin_file . '.php?op=BlocksManager_BlockPosition&amp;bid=' . $bid . '&amp;title=' . $wb_name . '&amp;position=l">'
. '<img src="images/center_r.gif" alt="' . _LEFTBLOCK . '" title="' . _LEFTBLOCK . '" />'
. '</a>' . PHP_EOL;
if (($centerblocks_only_for_home == 1 && $wb_name == $main_module) || $centerblocks_only_for_home == 0) {
$bposition .= '<a class="rn_csrf" href="' . $admin_file . '.php?op=BlocksManager_BlockPosition&amp;bid=' . $bid . '&amp;title=' . $wb_name . '&amp;position=c">'
. '<img src="images/up.gif" alt="' . _CENTERUP . '" title="' . _CENTERUP . '" />'
. '</a>' . PHP_EOL
. '<a class="rn_csrf" href="' . $admin_file . '.php?op=BlocksManager_BlockPosition&amp;bid=' . $bid . '&amp;title=' . $wb_name . '&amp;position=d">'
. '<img src="images/down.gif" alt="' . _CENTERDOWN . '" title="' . _CENTERDOWN . '" />'
. '</a>' . PHP_EOL;
}
} elseif ($bposition == 'c') {
$bposition = _CENTERUP . '</td>' . PHP_EOL
. '<td>' . PHP_EOL
. '<a class="rn_csrf" href="' . $admin_file . '.php?op=BlocksManager_BlockPosition&amp;bid=' . $bid . '&amp;title=' . $wb_name . '&amp;position=l">'
. '<img src="images/center_r.gif" alt="' . _LEFTBLOCK . '" title="' . _LEFTBLOCK . '" />'
. '</a>' . PHP_EOL
. '<a class="rn_csrf" href="' . $admin_file . '.php?op=BlocksManager_BlockPosition&amp;bid=' . $bid . '&amp;title=' . $wb_name . '&amp;position=r">'
. '<img src="images/center_l.gif" alt="' . _RIGHTBLOCK . '" title="' . _RIGHTBLOCK . '" />'
. '</a>' . PHP_EOL;
if (($centerblocks_only_for_home == 1 && $wb_name == $main_module) || $centerblocks_only_for_home == 0) {
$bposition .= '<a class="rn_csrf" href="' . $admin_file . '.php?op=BlocksManager_BlockPosition&amp;bid=' . $bid . '&amp;title=' . $wb_name . '&amp;position=d">'
. '<img src="images/down.gif" alt="' . _CENTERDOWN . '" title="' . _CENTERDOWN . '" />'
. '</a>' . PHP_EOL;
}
} elseif ($bposition == 'd') {
$bposition = _CENTERDOWN . '</td>' . PHP_EOL
. '<td>' . PHP_EOL
. '<a class="rn_csrf" href="' . $admin_file . '.php?op=BlocksManager_BlockPosition&amp;bid=' . $bid . '&amp;title=' . $wb_name . '&amp;position=l">'
. '<img src="images/center_r.gif" alt="' . _LEFTBLOCK . '" title="' . _LEFTBLOCK . '" />'
. '</a>' . PHP_EOL
. '<a class="rn_csrf" href="' . $admin_file . '.php?op=BlocksManager_BlockPosition&amp;bid=' . $bid . '&amp;title=' . $wb_name . '&amp;position=r">'
. '<img src="images/center_l.gif" alt="' . _RIGHTBLOCK . '" title="' . _RIGHTBLOCK . '" />'
. '</a>' . PHP_EOL;
if (($centerblocks_only_for_home == 1 && $wb_name == $main_module) || $centerblocks_only_for_home == 0) {
$bposition .= '<a class="rn_csrf" href="' . $admin_file . '.php?op=BlocksManager_BlockPosition&amp;bid=' . $bid . '&amp;title=' . $wb_name . '&amp;position=c">'
. '<img src="images/up.gif" alt="' . _CENTERUP . '" title="' . _CENTERUP . '" />'
. '</a>' . PHP_EOL;
}
}
echo '<td>' , $bposition , '</td>' , PHP_EOL
, '<td>' , $weight , '</td>' , PHP_EOL
, '<td>' , PHP_EOL   
, '<a class="rn_csrf" href="' , $admin_file , '.php?op=BlocksManager_BlockOrder&amp;weight=' , $weight , '&amp;bidori=' , $bid , '&amp;weightrep=' , $weight1 , ($con1 != '' ? '&amp;bidrep=' . $con1 : '') , '&amp;title=' , $wb_name , '"><img src="images/up.gif" alt="' , _BLOCKUP , '" title="' , _BLOCKUP , '" /></a>' , PHP_EOL
, '<a class="rn_csrf" href="' , $admin_file , '.php?op=BlocksManager_BlockOrder&amp;weight=' , $weight , '&amp;bidori=' , $bid , '&amp;weightrep=' , $weight3 , ($con2 != '' ? '&amp;bidrep=' . $con2 : '') , '&amp;title=' , $wb_name , '"><img src="images/down.gif" alt="' , _BLOCKDOWN , '" title="' , _BLOCKDOWN , '" /></a>' , PHP_EOL
, '</td>' , PHP_EOL;   
if ($bkey == '') {
if ($url == '') {
$type = 'HTML';
} elseif ($url != '') {
$type = 'RSS/RDF';
}
if ($blockfile != '') {
$type = _BLOCKFILE2;
}
} elseif ($bkey != '') {
$type = _BLOCKSYSTEM;
}
echo '<td>' , $type , '</td>' , PHP_EOL;
$block_act = $active;
if ($active == 1) {
$active = _ACTIVE;
$change = _DEACTIVATE;
} elseif ($active == '0') {
$active = '<em>' . _INACTIVE . '</em>';
$change = _ACTIVATE;
}
echo '<td>' , $active , '</td>' , PHP_EOL;
if ($view == '0') {
$who_view = _MVALL;
} elseif ($view == 1) {
$who_view = _MVUSERS;
} elseif ($view == 2) {
$who_view = _MVADMIN;
} elseif ($view == 3) {
$who_view = _MVANON;
}
echo '<td>' , $who_view , '</td>' , PHP_EOL;
if ($multilingual == 1) {
if ($blanguage == '') {
$blanguage = _ALL;
} else {
$blanguage = ucfirst($blanguage);
}
echo '<td>' , $blanguage , '</td>' , PHP_EOL;
}   
/*echo '<td>';
if ($bkey == '') {
echo '<a href="' , $admin_file , '.php?op=BlocksManager_Delete&amp;bid=' , $bid , '&amp;title=' , $wb_name , '">' , _DELETE , '</a>';
} elseif ($bkey != '') {
echo _DELETE;
}
echo '</td>' , PHP_EOL; */
echo '</tr>' , PHP_EOL;
$wb_tabblocks[$i] = $bid;
$i++;
} # end of while
} else {
echo '<tr>' , PHP_EOL
, '<td colspan="' , ($multilingual == 1 ? '9' : '8') , '">' , _BLOCKMGR_NOENTRIES , '</td>' , PHP_EOL
, '</tr>' , PHP_EOL;
}
echo '</table>' , PHP_EOL
, '<br />' , PHP_EOL
, '<div class="text-center">[ <a class="rn_csrf" href="' , $admin_file , '.php?op=BlocksManager_FixWeight&amp;wb_name=' , $wb_name , '">' , _FIXBLOCKS , '</a> ]</div>' , PHP_EOL
, '<br />' , PHP_EOL;
CloseTable();
echo '<br />' , PHP_EOL;
OpenTable();
echo '<div class="text-center thick">' , _BLOCKMGR_ADDNEWBLOCK_MANAGER , '</div>' , PHP_EOL
, '<br />' , PHP_EOL
, '<form name="BM_EDIT" action="' , $admin_file , '.php" method="post">' , PHP_EOL
, '<table class="blma_addnewtable centered">' , PHP_EOL
, '<tr>' , PHP_EOL
# List all inactive Blocks for selected module
, '<td class="valign_top">' , PHP_EOL
, '<span class="thick">' , _BLOCKMGR_ACTIVE_BLOCKS , '</span><br />' , PHP_EOL;
$result = $db->sql_query('SELECT `bid`, `title` FROM `' . $prefix . '_blocks` ORDER BY `title` ASC');
if ($db->sql_numrows($result) > 0) {
echo '<select name="bida[]" size="10" multiple="multiple">' , PHP_EOL;
while (list($bid, $title) = $db->sql_fetchrow($result)) {
$ii = 0;
$wb_affiche = 1;
while ($ii < $i) {
if ($wb_tabblocks[$ii] == $bid) {
$wb_affiche = 0;
}
$ii++;
} # end of while
if ($wb_affiche == 1) {
echo '<option value="' , $bid , '">' , $title , '</option>' , PHP_EOL;
}
}
echo '</select>' , PHP_EOL
, '<br /><br />' , PHP_EOL
, '<input type="submit" value="' , _BLOCKMGR_ADD_BLOCK , '" onclick="document.BM_EDIT.op.value=\'BlocksManager_Add\';" />' , PHP_EOL;
} else {
echo _BLOCKMGR_NOENTRIES , PHP_EOL;
}
echo '</td>' , PHP_EOL
# List all active Modules
, '<td class="valign_top">' , PHP_EOL
, '<span class="thick">' , _BLOCKMGR_MODULES , '</span><br />' , PHP_EOL;
$result = $db->sql_query('SELECT `mid`, `title`, `custom_title`, `active`, `view`, `inmenu` FROM `' . $prefix . '_modules` WHERE `active` = 1 ORDER BY `title` ASC');
if ($db->sql_numrows($result) > 0) {
echo '<select name="title[]" size="10" multiple="multiple">' , PHP_EOL;
while (list($mid, $title, $custom_title, $active, $view, $inmenu) = $db->sql_fetchrow($result)) {
echo '<option value="' , $title , '"' , ($wb_name == $title ? ' selected="selected"' : '') , '>' , $title , '</option>' , PHP_EOL;
if ($wb_name == '') {
$wb_name = $title;
}
} # end of while
echo '</select>' , PHP_EOL
, '<br />' , PHP_EOL;
} else {
echo _BLOCKMGR_NOENTRIES , PHP_EOL;
}
echo '</td>' , PHP_EOL
# List all active Blocks for selected module
, '<td class="valign_top">' , PHP_EOL
, '<span class="thick">' , _BLOCKMGR_INACTIVE_BLOCKS , '</span><br />' , PHP_EOL;
$result = $db->sql_query('SELECT b.`bid`, b.`title` FROM `' . $prefix . '_blocks` b, `' . $prefix . '_blocks_manager` m WHERE b.`bid` = m.`bid` AND m.`title` = \'' . $db->sql_escape_string($wb_name) . '\' ORDER BY `title` ASC');
if ($db->sql_numrows($result) > 0) {
echo '<select name="bidr[]" size="10" multiple="multiple">' , PHP_EOL;
while (list($bid, $title) = $db->sql_fetchrow($result)) {
echo '<option value="' , $bid , '">' , $title , '</option>' , PHP_EOL;
} # end of while
echo '</select>' , PHP_EOL
, '<br />' , PHP_EOL
, '<input type="submit" value="' , _BLOCKMGR_REMOVE_BLOCK , '" onclick="document.BM_EDIT.op.value=\'BlocksManager_Remove\';" />' , PHP_EOL;
} else {
echo _BLOCKMGR_NOENTRIES , PHP_EOL;
}
echo '</td>' , PHP_EOL
, '</tr>' , PHP_EOL
, '</table>' , PHP_EOL
, '<br />' , PHP_EOL
, '<input type="hidden" name="wb_name" value="' , $wb_name , '" />' , PHP_EOL
, '<input type="hidden" name="op" value="BlocksManager_Add" />' , PHP_EOL
, '</form>' , PHP_EOL;
CloseTable();
include_once 'footer.php';
} else {
$visit_table = $db->sql_fetchrow($db->sql_query('SHOW TABLES LIKE \'' . $prefix . '_blocks_manager\''));
if (!isset($visit_table['0'])) {   
include_once 'header.php';
GraphicAdmin();
OpenTable();
echo '<div class="text-center">' , PHP_EOL;
$createtable = 'CREATE TABLE IF NOT EXISTS `' . $prefix . '_blocks_manager` (
`bid` int(10) NOT NULL DEFAULT \'0\',
`title` varchar(255) NOT NULL DEFAULT \'0\',
`bposition` char(1) NOT NULL DEFAULT \'\',
`weight` int(10) NOT NULL DEFAULT \'1\',
KEY title (`title`)
) ENGINE=MyISAM ;';
$qry = $db->sql_query($createtable);
if ($qry) {
echo 'create blocks manager db-table = done!<br />' , PHP_EOL;
} else {
echo 'create blocks manager db-table = failed!<br />' , PHP_EOL;
}
echo '<br /><a href="' , $admin_file , '.php?op=BlocksManager">Lets go!</a><br />' , PHP_EOL
, '</div>' , PHP_EOL;
CloseTable();
include_once 'footer.php';
}
}
}
 
function BlocksManager_Add($bid, $title, $wb_name) {
global $prefix, $db, $admin_file;
if ($wb_name != '') {
foreach ($title as $tKey => $tValue) {
if ($tValue != '') {
foreach ($bid as $bKey => $bValue) {
if (is_numeric($bValue)) {
$result = $db->sql_query('SELECT `bid`, `bposition`, `weight`, `title` FROM `' . $prefix . '_blocks` WHERE `bid` = \'' . $bValue . '\'');
list($bid, $bposition, $weight, $block_title) = $db->sql_fetchrow($result);
if ($bid != '') {
$tValue = $db->sql_escape_string(htmlspecialchars_decode(check_html($tValue, 'nohtml'), ENT_QUOTES));
$db->sql_query('INSERT INTO `' . $prefix . '_blocks_manager` VALUES (\'' . $bValue . '\', \'' . $tValue . '\', \'' . $bposition . '\', \'' . $weight . '\')');
}
}
}
}
}
Header('Location: ' . $admin_file . '.php?op=BlocksManager&wb_name=' . $wb_name); exit;
} else {
Header('Location: ' . $admin_file . '.php'); exit;
}
}
 
function BlocksManager_Remove($bid, $title, $wb_name) {
global $prefix, $db, $admin_file;
if ($wb_name != '') {
foreach ($title as $tKey => $tValue) {
if ($tValue != '') {
foreach ($bid as $bKey => $bValue) {
if (is_numeric($bValue)) {
$db->sql_query('DELETE FROM `' . $prefix . '_blocks_manager` WHERE `bid` = \'' . $bValue . '\' AND `title` = \'' . $db->sql_escape_string($tValue) . '\'');
}
}
}
}
Header('Location: ' . $admin_file . '.php?op=BlocksManager&wb_name=' . $wb_name); exit;
} else {
Header('Location: ' . $admin_file . '.php'); exit;
}
}
 
function BlocksManager_FixWeight($wb_name) {
global $prefix, $db, $admin_file;
if ($wb_name != '') {
$leftpos = 'l';
$rightpos = 'r';
$centeruppos = 'c';
$centerdnpos = 'd';
# Fix Left Block Weights
$result = $db->sql_query('SELECT `bid`, `title` FROM `' . $prefix . '_blocks_manager` WHERE `title` = \'' . $db->sql_escape_string($wb_name) . '\' AND `bposition` = \'' . $db->sql_escape_string($leftpos) . '\' ORDER BY `weight` ASC');
if ($db->sql_numrows($result) > 0) {
$weight = 0;
while (list($bid, $title) = $db->sql_fetchrow($result)) {
$weight++;
$db->sql_query('UPDATE `' . $prefix . '_blocks_manager` SET `weight` = \'' . $weight . '\' WHERE `title` = \'' . $db->sql_escape_string($wb_name) . '\' AND `bid` = \'' . $bid . '\'');
} # end of while
}   
# Fix Right Block Weights
$result = $db->sql_query('SELECT `bid` FROM `' . $prefix . '_blocks_manager` WHERE `title` = \'' . $db->sql_escape_string($wb_name) . '\' AND `bposition` = \'' . $db->sql_escape_string($rightpos) . '\' ORDER BY `weight` ASC');
if ($db->sql_numrows($result) > 0) {
$weight = 0;
while (list($bid) = $db->sql_fetchrow($result)) {
$weight++;
$db->sql_query('UPDATE `' . $prefix . '_blocks_manager` SET `weight` = \'' . $weight . '\' WHERE `title` = \'' . $db->sql_escape_string($wb_name) . '\' AND `bid` = \'' . $bid . '\'');
} # end of while
}   
# Fix Center Up Block Weights
$result = $db->sql_query('SELECT `bid` FROM `' . $prefix . '_blocks_manager` WHERE `title` = \'' . $db->sql_escape_string($wb_name) . '\' AND `bposition` = \'' . $db->sql_escape_string($centeruppos) . '\' ORDER BY `weight` ASC');
if ($db->sql_numrows($result) > 0) {
$weight = 0;
while (list($bid) = $db->sql_fetchrow($result)) {
$weight++;
$db->sql_query('UPDATE `' . $prefix . '_blocks_manager` SET `weight` = \'' . $weight . '\' WHERE `title` = \'' . $db->sql_escape_string($wb_name) . '\' AND `bid` = \'' . $bid . '\'');
} # end of while
}   
# Fix Center Down Block Weights
$result = $db->sql_query('SELECT `bid` FROM `' . $prefix . '_blocks_manager` WHERE `title` = \'' . $db->sql_escape_string($wb_name) . '\' AND `bposition` = \'' . $db->sql_escape_string($centerdnpos) . '\' ORDER BY `weight` ASC');
if ($db->sql_numrows($result) > 0) {
$weight = 0;
while (list($bid) = $db->sql_fetchrow($result)) {
$weight++;
$db->sql_query('UPDATE `' . $prefix . '_blocks_manager` SET `weight` = \'' . $weight . '\' WHERE `title` = \'' . $db->sql_escape_string($wb_name) . '\' AND `bid` = \'' . $bid . '\'');
} # end of while
}
Header('Location: ' . $admin_file . '.php?op=BlocksManager&wb_name=' . $wb_name); exit;
} else {
Header('Location: ' . $admin_file . '.php'); exit;
}
}
 
function BlocksManager_BlockPosition($bid, $title, $position) {
global $prefix, $db, $admin_file;
if (is_numeric($bid) && ($position == 'l' || $position == 'r' || $position == 'c' || $position == 'd') && $title != '') {
$title = $db->sql_escape_string(htmlspecialchars_decode(check_html($title, 'nohtml'), ENT_QUOTES));
$db->sql_query('UPDATE `' . $prefix . '_blocks_manager` SET `bposition` = \'' . $db->sql_escape_string($position) . '\' WHERE `bid` = \'' . $bid . '\' AND `title` = \'' . $title . '\'');
Header('Location: ' . $admin_file . '.php?op=BlocksManager&wb_name=' . $title); exit;
} else {
Header('Location: ' . $admin_file . '.php'); exit;
}
}
 
function BlocksManager_BlockOrder($weightrep, $weight, $bidrep, $bidori, $title) {
global $prefix, $db, $admin_file;
if (is_numeric($weightrep) && is_numeric($weight) && is_numeric($bidori) && $title != '') {
if (is_numeric($bidrep)) {
$result = $db->sql_query('UPDATE `' . $prefix . '_blocks_manager` SET `weight` = \'' . $weight . '\' WHERE `bid` = \'' . $bidrep . '\' AND `title` = \'' . $title . '\'');
}
$result2 = $db->sql_query('UPDATE `' . $prefix . '_blocks_manager` SET `weight` = \'' . $weightrep . '\' WHERE `bid` = \'' . $bidori . '\' AND `title` = \'' . $title . '\'');
Header('Location: ' . $admin_file . '.php?op=BlocksManager&wb_name=' . $title); exit;
} else {
Header('Location: ' . $admin_file . '.php'); exit;
}
}




This project can now be considered complete for RN 2.51

I always appreciate that there is a new version 2.6 on the horizon. There is always a new version on the horizon. It was around the year 2006 I stopped waiting for new versions to do things. For me and the new version well ... I will most likely begin to install it around the time that RN 3.0 is being released! I'm slow like that. Laughing LOL!

Thanks again to everyone.
 
hicuxunicorniobestbuildpc







PostPosted: Mon Oct 28, 2013 7:36 pm Reply with quote

draxx, I think u did the right thing and we should do the same instead of waisting time in unecessary discussions. I am gonna update the addon as well.


This is the part which was missing some variables.

Code:
function BlocksManager_BlockOrder($weightrep, $weight, $bidrep, $bidori, $title) {

    global $prefix, $db, $admin_file;
   if (is_numeric($weightrep) && is_numeric($weight) && is_numeric($bidori) && $title != '') {
      if (is_numeric($bidrep)) {
         $result = $db->sql_query('UPDATE `' . $prefix . '_blocks_manager` SET `weight` = \'' . $weight . '\' WHERE `bid` = \'' . $bidrep . '\' AND `title` = \'' . $title . '\'');
      }
      $result2 = $db->sql_query('UPDATE `' . $prefix . '_blocks_manager` SET `weight` = \'' . $weightrep . '\' WHERE `bid` = \'' . $bidori . '\' AND `title` = \'' . $title . '\'');
        Header('Location: ' . $admin_file . '.php?op=BlocksManager&wb_name=' . $title); exit;
   } else {
      Header('Location: ' . $admin_file . '.php'); exit;
   }
}



The modification was actually in these lines to be more specific and there isn't any problem in using neralex's convertion

Code:
$result = $db->sql_query('UPDATE `' . $prefix . '_blocks_manager` SET `weight` = \'' . $weight . '\' WHERE `bid` = \'' . $bidrep . '\' AND `title` = \'' . $title . '\'');


Code:
$result2 = $db->sql_query('UPDATE `' . $prefix . '_blocks_manager` SET `weight` = \'' . $weightrep . '\' WHERE `bid` = \'' . $bidori . '\' AND `title` = \'' . $title . '\'');


Very Happy
 
Guardian2003
Site Admin



Joined: Aug 28, 2003
Posts: 6799
Location: Ha Noi, Viet Nam

PostPosted: Mon Oct 28, 2013 7:48 pm Reply with quote

hicuxunicorniobestbuildpc wrote:
This addon should be in the next version of RavenNuke if it is possible.

Actually it is, I think.
You will be able to display different blocks depending on which module is being viewed and which theme is selected provided you use one of the default HTML5 mobile ready themes that will be included.
 
View user's profile Send private message Send e-mail
draxx







PostPosted: Thu Nov 21, 2013 1:28 am Reply with quote

I saw that from another post.

The only thing I did not like about what I've heard about the feature in the new version is that while the appearance of a block in a module will be optional the sort order of the blocks will be fixed. There needs to be the freedom to place things on the page where-ever you want them. Or at least in different order in a column ... just a imho Smile Smile
 
Guardian2003







PostPosted: Thu Nov 21, 2013 4:01 am Reply with quote

That may happen further down the road but it's highly unlikely for the first release of RavenCMS.
I'm hoping however that once it is released, we can gather feedback from our user base to help prioritise enhancements.
 
draxx







PostPosted: Thu Nov 21, 2013 1:07 pm Reply with quote

With this new blocks by module addon in 2.51 I have discovered that my site has 102 blocks that appear on various pages.

Can you imagine a home page with 102 blocks? Very Happy Laughing hahaha
 
Guardian2003







PostPosted: Thu Nov 21, 2013 1:23 pm Reply with quote

I could certainly imagine my mySQL server groaning under the weight lol.
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> RavenNuke(tm) v2.5x

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©