From 5394876236afc3eb724ceebeac08abbbd9f2382b Mon Sep 17 00:00:00 2001
From: Christian Klinger
Date: Fri, 24 Jun 2016 13:02:38 +0200
Subject: also allow users to edit the help.

The code is still a little ugly.
---
 modules-available/news/install.inc.php          |  42 ++-
 modules-available/news/page.inc.php             | 393 ++++++++++++++----------
 modules-available/news/templates/page-news.html | 129 +++++---
 3 files changed, 345 insertions(+), 219 deletions(-)

(limited to 'modules-available/news')

diff --git a/modules-available/news/install.inc.php b/modules-available/news/install.inc.php
index 69db5aa9..48e13a41 100644
--- a/modules-available/news/install.inc.php
+++ b/modules-available/news/install.inc.php
@@ -2,23 +2,35 @@
 
 $res = array();
 
-$res[] = tableCreate('news', "
-	`newsid` int(10) unsigned NOT NULL AUTO_INCREMENT,
-	`dateline` int(10) unsigned NOT NULL,
-	`title` varchar(200) DEFAULT NULL,
-	`content` text,
-	PRIMARY KEY (`newsid`),
-	KEY `dateline` (`dateline`)
-");
 
-// Update path
 
-// *crickets*
+if (tableExists('news')) {
+	/* rename news and add column "type" */
+	tableRename('news', 'vmchooser_pages');
+	Database::exec("ALTER TABLE `vmchooser_pages` ADD COLUMN type varchar(10)", []);
+	Database::exec("UPDATE `vmchooser_pages` set `type`='news` WHERE 1", []);
 
-// Create response for browser
+	finalResponse(UPDATE_DONE, 'Tables updated successfully');
 
-if (in_array(UPDATE_DONE, $res)) {
-	finalResponse(UPDATE_DONE, 'Tables created successfully');
-}
+} else {
+	$res[] = tableCreate('vmchooser_pages', "
+		`newsid` int(10) unsigned NOT NULL AUTO_INCREMENT,
+		`dateline` int(10) unsigned NOT NULL,
+		`title` varchar(200) DEFAULT NULL,
+		`content` text,
+		`type` varchar(10),
+		PRIMARY KEY (`newsid`),
+		KEY `dateline` (`dateline`)
+	");
+
+
+	// *crickets*
 
-finalResponse(UPDATE_NOOP, 'Everything already up to date');
+	// Create response for browser
+
+	if (in_array(UPDATE_DONE, $res)) {
+		finalResponse(UPDATE_DONE, 'Tables created successfully');
+	}
+
+	finalResponse(UPDATE_NOOP, 'Everything already up to date');
+}
diff --git a/modules-available/news/page.inc.php b/modules-available/news/page.inc.php
index 0ba09fdb..ce24c424 100644
--- a/modules-available/news/page.inc.php
+++ b/modules-available/news/page.inc.php
@@ -2,166 +2,233 @@
 
 class Page_News extends Page
 {
-	/**
-	 * Member variables needed to represent a news entry.
-	 *
-	 * @var newsId	int		ID of the news entry attributed by the database.
-	 * @var string	Title of the entry.
-	 * $newsContent	string	Content as text. (TODO: html-Support?)
-	 * $newsDate	string	Unix epoch date of the news' creation.
-	 */
-	private $newsId = false;
-	private $newsTitle = false;
-	private $newsContent = false;
-	private $newsDate = false;
-	
-	/**
-	 * Implementation of the abstract doPreprocess function
-	 *
-	 * Checks if the user is logged in and processes any
-	 * action if one was specified in the request.
-	 *
-	 */
-	protected function doPreprocess()
-	{
-		// load user, we will need it later
-		User::load();
-		
-		// only admins should be able to edit news
-		if (!User::hasPermission('superadmin')) {
-			Message::addError('main.no-permission');
-			Util::redirect('?do=Main');
-		}
-		
-		// check which action we need to do
-		$action = Request::any('action', 'show');
-		if ($action === 'clear') {
-			// clear news input fields
-			// TODO: is this the right way?
-			$this->newsId = false;
-			$this->newsTitle = false;
-			$this->newsContent = false;
-			$this->newsDate = false;
-		} elseif ($action === 'show') {
-			// show news
-			if (!$this->loadNews(Request::any('newsid'))) {
-				Message::addError('news-empty');
-			}
-		} elseif ($action === 'save') {
-			// save to DB
-			if (!$this->saveNews()) {
-				// re-set the fields we got
-				Request::post('news-title') ? $this->newsTitle = Request::post('news-title') : $this->newsTitle = false;
-				Request::post('news-content') ? $this->newsContent = Request::post('news-content') : $this->newsContent = false;
-			} else {
-				Message::addSuccess('news-save-success');
-				Util::redirect('?do=News');
-			}
-		} elseif ($action === 'delete') {
-			// delete it
-			$this->delNews(Request::post('newsid'));
-		} else {
-			// unknown action, redirect user
-			Message::addError('invalid-action', $action);
-			Util::redirect('?do=News');
-		}
-	}
-
-	/**
-	 * Implementation of the abstract doRender function
-	 *
-	 * Fetch the list of news from the database and paginate it.
-	 *
-	 */
-	protected function doRender()
-	{
-		// fetch the list of the older news
-		$lines = array();
-		$paginate = new Paginate("SELECT newsid, dateline, title, content FROM news ORDER BY dateline DESC", 10);
-		$res = $paginate->exec();
-		while ($row = $res->fetch(PDO::FETCH_ASSOC)) {
-			$row['date'] = date('d.m.Y H:i', $row['dateline']);
-			
-			if ($row['newsid'] == $this->newsId) $row['active'] = "active";
-			$lines[] = $row;
-		}
-		$paginate->render('page-news', array(
-				'token' => Session::get('token'),
-				'latestDate' => ($this->newsDate ? date('d.m.Y H:i', $this->newsDate) : '--'),
-				'latestContent' => $this->newsContent,
-				'latestTitle' => $this->newsTitle,
-				'list'     => $lines ));
-
-	}
-	/**
-	 * Loads the news with the given ID into the form.
-	 *
-	 * @param int $newsId ID of the news to be shown.
-	 * @return boolean true if loading that news worked
-	 *
-	 */
-	private function loadNews($newsId)
-	{
-		// check to see if we need to request a specific newsid
-		if ($newsId !== false) {
-			$row = Database::queryFirst("SELECT newsid, title, content, dateline FROM news WHERE newsid = :newsid LIMIT 1", array(
-				'newsid' => $newsId
-			));
-		} else {
-			$row = Database::queryFirst("SELECT newsid, title, content, dateline FROM news ORDER BY dateline DESC LIMIT 1");
-		}
-		
-		// fetch the news to be shown
-		if ($row !== false) {
-			$this->newsId = $row['newsid'];
-			$this->newsTitle = $row['title'];
-			$this->newsContent = $row['content'];
-			$this->newsDate = $row['dateline'];
-		}
-		return $row !== false;
-	}
-
-	/**
-	 * Save the given $newsTitle and $newsContent as POST'ed into the database.
-	 *
-	 */
-	private function saveNews()
-	{
-		// check if news content were set by the user
-		$newsTitle = Request::post('news-title');
-		$newsContent = Request::post('news-content');
-		if ($newsContent !== '' && $newsTitle !== '') {
-			// we got title and content, save it to DB
-			Database::exec("INSERT INTO news (dateline, title, content) VALUES (:dateline, :title, :content)", array(
-				'dateline' => time(),
-				'title' => $newsTitle,
-				'content' => $newsContent
-			));
-			return true;
-		} else {
-			Message::addError('main.empty-field');
-			return false;
-		}
-	}
-	
-	/**
-	 * Delete the news entry with ID $newsId
-	 *
-	 * @param int $newsId ID of the entry to be deleted.
-	 */
-	private function delNews($newsId)
-	{
-		// sanity check: is newsId even numeric?
-		if (!is_numeric($newsId)) {
-			Message::addError('main.value-invalid', 'newsid', $newsId);
-		} else {
-			// check passed - do delete
-			Database::exec("DELETE FROM news WHERE newsid = :newsid LIMIT 1", array(
-				'newsid' => $newsId
-			));
-			Message::addSuccess('news-del-success');
-		}
-		Util::redirect('?do=News');
-	}
-
-}
\ No newline at end of file
+    /**
+     * Member variables needed to represent a news entry.
+     *
+     * @var newsId int		ID of the news entry attributed by the database.
+     * @var string Title of the entry.
+     *             $newsContent	string	Content as text. (TODO: html-Support?)
+     *             $newsDate	string	Unix epoch date of the news' creation.
+     */
+    private $newsId = false;
+    private $newsTitle = false;
+    private $newsContent = false;
+    private $newsDate = false;
+    private $helpContent = '';
+    private $editHelp = false;
+
+    /**
+     * Implementation of the abstract doPreprocess function.
+     *
+     * Checks if the user is logged in and processes any
+     * action if one was specified in the request.
+     */
+    protected function doPreprocess()
+    {
+        // load user, we will need it later
+        User::load();
+
+        // only admins should be able to edit news
+        if (!User::hasPermission('superadmin')) {
+            Message::addError('main.no-permission');
+            Util::redirect('?do=Main');
+        }
+
+        // check which action we need to do
+        $action = Request::any('action', 'show');
+        if ($action === 'clear') {
+            // clear news input fields
+            // TODO: is this the right way?
+            $this->newsId = false;
+            $this->newsTitle = false;
+            $this->newsContent = false;
+            $this->newsDate = false;
+        } elseif ($action === 'show') {
+            /* load latest help */
+            $this->loadLatestHelp(Request::any('newsid'));
+
+            /* and also the news (or help) with the given id */
+            if (!$this->loadNews(Request::any('newsid'))) {
+                Message::addError('news-empty');
+            }
+
+            if (Request::any('editHelp')) {
+                $this->editHelp = true;
+            }
+        } elseif ($action === 'save') {
+            // save to DB
+            /* find out whether it's news or help */
+            $x = Request::post('news-type');
+
+            if ($x == 'news') {
+                if (!$this->saveNews()) {
+                    // re-set the fields we got
+                    Request::post('news-title') ? $this->newsTitle = Request::post('news-title') : $this->newsTitle = false;
+                    Request::post('news-content') ? $this->newsContent = Request::post('news-content') : $this->newsContent = false;
+                } else {
+                    Message::addSuccess('news-save-success');
+                    $lastId = Database::lastInsertId();
+                    Util::redirect("?do=News&newsid=$lastId");
+                }
+            } elseif ($x == 'help') {
+                if ($this->saveHelp()) {
+                    Message::addSuccess('help-save-success');
+                    $lastId = Database::lastInsertId();
+                    Util::redirect("?do=News&newsid=$lastId");
+                }
+            }
+        } elseif ($action === 'delete') {
+            // delete it
+            $this->delNews(Request::post('newsid'));
+            $x = Request::any('editHelp');
+            Util::redirect("?do=News&editHelp=$x");
+        } else {
+            // unknown action, redirect user
+            Message::addError('invalid-action', $action);
+        }
+    }
+
+    /**
+     * Implementation of the abstract doRender function.
+     *
+     * Fetch the list of news from the database and paginate it.
+     */
+    protected function doRender()
+    {
+        // fetch the list of the older news
+        $lines = array();
+        $paginate = new Paginate("SELECT newsid, dateline, title, content FROM vmchooser_pages WHERE type='news' ORDER BY dateline DESC", 10);
+        $res = $paginate->exec();
+        while ($row = $res->fetch(PDO::FETCH_ASSOC)) {
+            $row['date'] = date('d.m.Y H:i', $row['dateline']);
+
+            if ($row['newsid'] == $this->newsId) {
+                $row['active'] = 'active';
+            }
+            $lines[] = $row;
+        }
+        // fetch the list of the older helps
+        $linesHelp = array();
+        $paginateHelp = new Paginate("SELECT newsid, dateline, content FROM vmchooser_pages WHERE type='help' ORDER BY dateline DESC", 10);
+        $resHelp = $paginateHelp->exec();
+        while ($row = $resHelp->fetch(PDO::FETCH_ASSOC)) {
+            $row['date'] = date('d.m.Y H:i', $row['dateline']);
+            if ($row['newsid'] == $this->newsId) {
+                $row['active'] = 'active';
+            }
+            $linesHelp[] = $row;
+        }
+        // print_r($llist);
+        // die();
+
+        $paginate->render('page-news', array(
+                'token' => Session::get('token'),
+                'latestDate' => ($this->newsDate ? date('d.m.Y H:i', $this->newsDate) : '--'),
+                'latestContent' => $this->newsContent,
+                'latestTitle' => $this->newsTitle,
+                'latestHelp' => $this->helpContent,
+                'editHelp' => $this->editHelp,
+                'list' => $lines,
+                'listHelp' => $linesHelp, ));
+    }
+    /**
+     * Loads the news with the given ID into the form.
+     *
+     * @param int $newsId ID of the news to be shown.
+     *
+     * @return bool true if loading that news worked
+     */
+    private function loadNews($newsId)
+    {
+        // check to see if we need to request a specific newsid
+        if ($newsId !== false) {
+            $row = Database::queryFirst('SELECT newsid, title, content, dateline, type FROM vmchooser_pages WHERE newsid = :newsid LIMIT 1', array(
+                'newsid' => $newsId,
+            ));
+        } else {
+            $row = Database::queryFirst("SELECT newsid, title, content, dateline, type FROM vmchooser_pages WHERE type='news' ORDER BY dateline DESC LIMIT 1");
+        }
+
+        // fetch the news to be shown
+        if ($row !== false) {
+            if ($row['type'] == 'news') {
+                $this->newsId = $row['newsid'];
+                $this->newsTitle = $row['title'];
+                $this->newsContent = $row['content'];
+                $this->newsDate = $row['dateline'];
+            } else {
+                $this->editHelp = true;
+                $this->helpContent = $row['content'];
+            }
+        }
+
+        return $row !== false;
+    }
+
+    private function loadLatestHelp()
+    {
+        $row = Database::queryFirst("SELECT newsid, content, dateline, type FROM vmchooser_pages WHERE type='help' ORDER BY dateline DESC LIMIT 1", []);
+        if ($row !== false) {
+            $this->helpContent = $row['content'];
+        }
+    }
+
+    /**
+     * Save the given $newsTitle and $newsContent as POST'ed into the database.
+     */
+    private function saveNews()
+    {
+        // check if news content were set by the user
+        $newsTitle = Request::post('news-title');
+        $newsContent = Request::post('news-content');
+        if ($newsContent !== '' && $newsTitle !== '') {
+            // we got title and content, save it to DB
+            Database::exec("INSERT INTO vmchooser_pages (dateline, title, content, type) VALUES (:dateline, :title, :content, 'news')", array(
+                'dateline' => time(),
+                'title' => $newsTitle,
+                'content' => $newsContent,
+            ));
+
+            return true;
+        } else {
+            Message::addError('main.empty-field');
+
+            return false;
+        }
+    }
+    private function saveHelp()
+    {
+        $content = Request::post('help-content');
+        if ($content !== '') {
+            Database::exec("INSERT INTO vmchooser_pages (dateline, content, type) VALUES (:dateline, :content, 'help')", array(
+                'dateline' => time(),
+                'content' => $content,
+            ));
+
+            return true;
+        } else {
+            Message::addError('main.empty-field');
+
+            return false;
+        }
+    }
+
+    /**
+     * Delete the news entry with ID $newsId.
+     *
+     * @param int $newsId ID of the entry to be deleted.
+     */
+    private function delNews($newsId)
+    {
+        // sanity check: is newsId even numeric?
+        if (!is_numeric($newsId)) {
+            Message::addError('main.value-invalid', 'newsid', $newsId);
+        } else {
+            // check passed - do delete
+            Database::exec('DELETE FROM vmchooser_pages WHERE newsid = :newsid LIMIT 1', array(
+                'newsid' => $newsId,
+            ));
+            Message::addSuccess('news-del-success');
+        }
+    }
+}
diff --git a/modules-available/news/templates/page-news.html b/modules-available/news/templates/page-news.html
index 8e400498..e29d85fb 100644
--- a/modules-available/news/templates/page-news.html
+++ b/modules-available/news/templates/page-news.html
@@ -1,10 +1,13 @@
-<div class="panel panel-default">
-	<div class="panel-heading">
-		{{lang_editNews}}
-	</div>
-	<div class="panel-body">
-		<p>{{lang_newsIntro}}</p>
+
+<ul class="nav nav-tabs" role="tablist">
+	<li role="presentation" class="{{^editHelp}}active{{/editHelp}}"><a href="#news" role="tab" data-toggle="tab">{{lang_editNews}}</a></li>
+	<li role="presentation" class="{{#editHelp}}active{{/editHelp}}"	  ><a href="#help" role="tab" data-toggle="tab">Edit Help</a></li>
+</ul>
+
+<div class="tab-content">
+	<div role="tabpanel" class="tab-pane {{^editHelp}}active{{/editHelp}}" id="news" style="padding:5px">
 		<form action="?do=News&amp;action=save" method="post">
+			<p>{{lang_newsIntro}}</p>
 			<div class="form-group">
 				<label for="news-title-id">{{lang_title}}</label>
 				<input type="text" name="news-title" id ="news-title-id" class="form-control" placeholder="{{welcome}}" value="{{latestTitle}}">
@@ -14,44 +17,88 @@
 				<textarea name="news-content" id ="news-content-id" class="form-control" rows="5" cols="30"  placeholder="">{{latestContent}}</textarea>
 			</div>
 			<p>{{lang_latestUpdate}}: {{latestDate}}</p>
-			<button class="btn btn-primary btn-sm" type="submit">{{lang_save}}</button>
+			<button class="btn btn-primary btn-sm" name="news-type" value="news" type="submit">{{lang_save}}</button>
 			<input type="hidden" name="token" value="{{token}}">
 		</form>
+		<br/>
+		<div class="panel panel-default">
+			<div class="panel-heading">
+				{{lang_newsOld}}
+			</div>
+			<div class="panel-body">
+				<div class="table-responsive">
+					<form method="post" action="?do=News&amp;action=delete">
+						<table class="table table-stripped table-condensed">
+							<thead>
+								<tr>
+									<th>{{lang_date}}</th>
+									<th>{{lang_title}}</th>
+									<th>{{lang_content}}</th>
+									<th></th>
+								</tr>
+							</thead>
+							<tbody>
+								{{#list}}
+								<tr {{#active}}class="active"{{/active}}>
+									<td class="text-left nowrap">{{date}}</td>
+									<td class="slx-ellipsis">{{title}}</td>
+									<td class="slx-ellipsis">{{content}}</td>
+									<td>
+										<a class="btn btn-primary btn-xs" href="?do=news&amp;newsid={{newsid}}&amp;action=show"><span class="glyphicon glyphicon-share-alt"></span> {{lang_show}}</a>
+										<button class="btn btn-danger btn-xs" type="submit" name="newsid" value="{{newsid}}"><span class="glyphicon glyphicon-remove"></span> {{lang_delete}}</button>
+									</td>
+								</tr>
+								{{/list}}
+							</tbody>
+						</table>
+						<input type="hidden" name="token" value="{{token}}">
+					</form>
+				</div>
+			</div>
+		</div>
 	</div>
-</div>
-
-<div class="panel panel-default">
-	<div class="panel-heading">
-		{{lang_newsOld}}
-	</div>
-	<div class="panel-body">
-		<div class="table-responsive">
-			<form method="post" action="?do=News&amp;action=delete">
-				<input type="hidden" name="token" value="{{token}}">
-				<table class="table table-stripped table-condensed">
-					<thead>
-						<tr>
-							<th>{{lang_date}}</th>
-							<th>{{lang_title}}</th>
-							<th>{{lang_content}}</th>
-							<th></th>
-						</tr>
-					</thead>
-					<tbody>
-						{{#list}}
-						<tr {{#active}}class="active"{{/active}}>
-							<td class="text-left nowrap">{{date}}</td>
-							<td class="slx-ellipsis">{{title}}</td>
-							<td class="slx-ellipsis">{{content}}</td>
-							<td>
-								<a class="btn btn-primary btn-xs" href="?do=news&amp;newsid={{newsid}}&amp;action=show"><span class="glyphicon glyphicon-share-alt"></span> {{lang_show}}</a>
-								<button class="btn btn-danger btn-xs" type="submit" name="newsid" value="{{newsid}}"><span class="glyphicon glyphicon-remove"></span> {{lang_delete}}</button>
-							</td>
-						</tr>
-						{{/list}}
-					</tbody>
-				</table>
-			</form>
+	<div role="tabpanel" class="tab-pane {{#editHelp}}active{{/editHelp}}" id="help">
+		<form action="?do=News&amp;action=save" method="post">
+			<div class="form-group">
+				<label for="news-content-id">{{lang_content}}</label>
+				<textarea name="help-content" id ="help-content-id" class="form-control" rows="5" cols="30"  placeholder="">{{latestHelp}}</textarea>
+			</div>
+			<button class="btn btn-primary btn-sm" name="news-type" value="help" type="submit">{{lang_save}}</button>
+			<input type="hidden" name="token" value="{{token}}">
+		</form>
+		<div class="panel panel-default">
+			<div class="panel-heading">
+				{{lang_oldHelp}}
+			</div>
+			<div class="panel-body">
+				<div class="table-responsive">
+					<form method="post" action="?do=News&amp;action=delete&editHelp=true">
+						<table class="table table-stripped table-condensed">
+							<thead>
+								<tr>
+									<th>{{lang_date}}</th>
+									<th>{{lang_content}}</th>
+									<th></th>
+								</tr>
+							</thead>
+							<tbody>
+								{{#listHelp}}
+								<tr {{#active}}class="active"{{/active}}>
+									<td class="text-left nowrap">{{date}}</td>
+									<td class="slx-ellipsis">{{content}}</td>
+									<td>
+										<a class="btn btn-primary btn-xs" href="?do=news&amp;newsid={{newsid}}&amp;action=show"><span class="glyphicon glyphicon-share-alt"></span> {{lang_show}}</a>
+										<button class="btn btn-danger btn-xs" type="submit" name="newsid" value="{{newsid}}"><span class="glyphicon glyphicon-remove"></span> {{lang_delete}}</button>
+									</td>
+								</tr>
+								{{/listHelp}}
+							</tbody>
+						</table>
+						<input type="hidden" name="token" value="{{token}}">
+					</form>
+				</div>
+			</div>
 		</div>
 	</div>
 </div>
+
-- 
cgit v1.2.3-55-g7522