Drupal
/
drupal
mirror of https://git.drupalcode.org/project/drupal.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
drupal/modules/box.module

142 lines
6.1 KiB
Plaintext
Raw Blame History

<?php
// $Id$
function box_help() {
?>
<P>The content of the site can be almost entirely altered through <I>boxes</I>. Simply put, boxes are small bits of text, HTML or PHP code which will get plugged into the site just like any other block. Boxes are typically used to add custom blocks to the site.</P>
<P>Each box consists of a title and an associated block of text, HTML or PHP code that can be as long as you wish and that will 'render' the content of the box.</P>
<H3>PHP boxes</H3>
<P>If you know how to script in PHP, PHP boxes are easy to create. Don't worry if you're no PHP-wizard: simply use ASCII or HTML boxes instead.</P>
<P>You can use any piece of PHP code to make up the content of a PHP box: this implies that you can declare and use functions, consult the SQL database, access configuration settings and much more. A PHP box's code is stored in the database and the engine will dynamically embed the PHP code just-in-time for execution.</P>
<P>There are however some factors to keep in mind when using and creating PHP boxes: PHP boxes can be extremely useful and flexible, yet they can be dangerous and insecure if not properly used. If you are not familiar with PHP, SQL or with the site engine, avoid experimenting with PHP boxes because you can - and probably will - corrupt your database or render your site unusable! If you don't plan to do fancy stuff with boxes then you're probably better off with ASCII or HTML boxes.</P>
<P>Remember that the code within each PHP box must be valid PHP code -- including things like correctly terminating statements with a semicolon so that the parser won't die. It is highly recommended that you develop your boxes separately using a simple test script on top of a test database before migrating to your production environment.</P>
<P>Note that you can use global variables such as configuration parameters within the scope of a PHP box. Also keep in mind that variables which have been given values in a PHP box will retain these values in the engine or module afterwards.</P>
<P>You can use the <CODE>return</CODE> statement to return the actual content for your block as well.</P>
<P><U>A basic example:</U></P>
<P>Given the box with title "Welcome", used to create a "<I>Welcome</I>" box. The content for this box could be created by using:</P>
<PRE>
return "Welcome visitor, ... welcome message goes here ...";
</PRE>
<P>If we are however dealing with a registered user, we can customize the message by using:</P>
<PRE>
if ($user->uid) {
return "Welcome $user->name, ... welcome message goes here ...";
}
else {
return "Welcome visitor, ... welcome message goes here ...";
}
</PRE>
<P>For more in-depth examples, we recommend that you check the existing boxes and use them as a starting point.</P>
<?php
}
function box_link($type) {
if ($type == "admin" && user_access("administer blocks")) {
$links[] = "<a href=\"admin.php?mod=box\">boxes</a>";
}
return $links ? $links : array();
}
function box_block() {
$result = db_query("SELECT * FROM boxes ORDER BY title");
$i = 0;
while ($block = db_fetch_object($result)) {
$blocks[$i]["subject"] = check_output($block->title);
$blocks[$i]["content"] = ($block->type == 2) ? eval($block->body) : $block->body;
$blocks[$i]["info"] = check_output($block->info);
$i++;
}
return $blocks;
}
function box_get_array($bid) {
return db_fetch_array(db_query("SELECT * FROM boxes WHERE bid = '". check_input($bid) ."'"));
}
function box_display() {
$type = array(0 => "ASCII", 1 => "HTML", 2 => "PHP");
$result = db_query("SELECT * FROM boxes");
while ($block = db_fetch_object($result)) {
$output .= "<TABLE BORDER=\"1\" CELLPADDING=\"3\" CELLSPACING=\"0\">\n";
$output .= " <TR><TH>Title:</TH><TD>". check_output($block->title) ."</TD></TR>\n";
$output .= " <TR><TH>Body:</TH><TD>". nl2br(htmlentities($block->body)) ."</TD></TR>\n";
$output .= " <TR><TH>Type:</TH><TD>". $type[$block->type] ."</TD></TR>\n";
$output .= " <TR><TH>Description:</TH><TD>". check_output($block->info) ."</TD></TR>\n";
$output .= " <TR><TH>Operations:</TH><TD><A HREF=\"admin.php?mod=box&op=edit&id=$block->bid\">edit</A></TD></TR>\n";
$output .= "</TABLE>\n";
$output .= "<BR><BR>\n";
}
return $output;
}
function box_save($edit) {
if ($edit[bid] && $edit[title]) {
db_query("UPDATE boxes SET title = '". check_input($edit[title]) ."', body = '". check_input($edit[body]) ."', info = '". check_input($edit[info]) ."', type = '". check_input($edit[type]) ."' WHERE bid = '". check_input($edit[bid]) ."'");
}
else if ($edit[bid]) {
db_query("DELETE FROM boxes WHERE bid = '". check_input($edit[bid]) ."'");
}
else {
db_query("INSERT INTO boxes (title, body, info, type) VALUES ('". check_input($edit[title]) ."', '". check_input($edit[body]) ."', '". check_input($edit[info]) ."', '". check_input($edit[type]) ."')");
}
}
function box_form($edit = array()) {
$type = array(0 => "ASCII", 1 => "HTML", 2 => "PHP");
$form .= form_textfield("Title", "title", $edit[title], 50, 64);
$form .= form_textfield("Description", "info", $edit[info], 50, 64);
$form .= form_textarea("Body", "body", $edit[body], 70, 10);
$form .= form_select("Type", "type", $edit[type], $type);
if ($edit[bid]) {
$form .= form_submit("Delete");
$form .= form_hidden("bid", $edit[bid]);
}
$form .= form_submit("Submit");
return form($form);
}
function box_admin() {
global $op, $id, $edit;
if (user_access("administer blocks")) {
print "<SMALL><A HREF=\"admin.php?mod=box&op=add\">add new box</A> | <A HREF=\"admin.php?mod=box\">overview</A> | <A HREF=\"admin.php?mod=box&op=help\">help</A></SMALL><HR>\n";
block_init();
switch ($op) {
case "add":
print box_form();
break;
case "edit":
print box_form(box_get_array($id));
break;
case "help":
box_help();
break;
case "Delete":
$edit[title] = 0;
// fall through:
case "Submit":
print status(box_save($edit));
// fall through:
default:
print box_display();
}
}
else {
print message_access();
}
}
?>
Reference in New Issue View Git Blame Copy Permalink