uses('tpl'); $app->tpl->newTemplate('form.tpl.htm'); $app->tpl->setInclude('content_tpl', 'templates/module_nav_edit.htm'); // TODO: Check module and nav_id for malicius chars, nav_id can be empty or any number, even 0 $module_name = $_REQUEST['module_name']; $nav_id = $_REQUEST['nav_id']; //** Sanity checks of module if(!preg_match('/^[A-Za-z0-9_]{1,50}$/', $module_name)){ die('module_name contains invalid chars.'); } if(!preg_match('/^[A-Za-z0-9_]{0,50}$/', $nav_id)){ die('nav_id contains invalid chars.'); } if(empty($module_name)){ die('module is empty.'); } if(count($_POST) > 0) { //* Determine Action $action = ($nav_id != '') ? 'UPDATE' : 'INSERT'; $error = ''; // TODO: Check variables if($error == '') { $filename = '../'.$module_name.'/lib/module.conf.php'; if(!@is_file($filename)){ die("File not found: $filename"); } include_once($filename); $items = ($action == 'UPDATE') ? $module['nav'][$nav_id]['items'] : array(); $tmp = array('title' => $_POST['nav']['title'], 'open' => 1, 'items' => $items); if($action == 'UPDATE') { $module['nav'][$nav_id] = $tmp; } else { $module['nav'][] = $tmp; } $m = ""; //* writing module.conf if (!$handle = fopen($filename, 'w')) { die("Cannot open file ($filename)"); } if (!fwrite($handle, $m)) { die("Cannot write to file ($filename)"); } fclose($handle); //* Jump to list header('Location: module_show.php?id='.urlencode($module_name)); exit; } else { $app->tpl->setVar('error', 'Fehler:
'.$error); $app->tpl->setVar($_POST); } } if($nav_id != '') { //* Data record exists if($error == '') { include_once('../'.$module_name.'/lib/module.conf.php'); $record = $module['nav'][$nav_id]; } else { //* error $record = $_POST; } //$record["readonly"] = 'style="background-color: #EEEEEE;" readonly'; } else { //* New data record if($error == '') { //* es liegt kein Fehler vor } else { //* error $record = $_POST; } //$record["readonly"] = ''; } $record['nav_id'] = $nav_id; $record['module_name'] = $module_name; $app->tpl->setVar($record); include_once('lib/lang/'.$_SESSION['s']['language'].'_module_nav_edit.lng'); $app->tpl->setVar($wb); $app->tpl_defaults(); $app->tpl->pparse(); ?>