diff --git a/mod.php b/mod.php index d9203c71..f95a6f71 100644 --- a/mod.php +++ b/mod.php @@ -1801,8 +1801,110 @@ 'body'=>$body, 'mod'=>true )); + } elseif(preg_match('/^\/config\/edit$/', $query)) { + if(!hasPermission($config['mod']['edit_config'])) + error($config['error']['noaccess']); + + // TODO: display "unset variables" + // $config_file = file_get_contents('inc/config.php'); + // preg_match_all('/\$config\[\'(\w+)\']/', $config_file, $matches); + // $config_variables = array_unique($matches[1]); + + $body = '
' . _('Configuration') . '
'; + + $var_force_string = Array('blotter'); + $var_system = Array('version'); + + if(isset($_POST['save_changes'])) { + $config_append = ''; + + foreach($config as $name => $original_value) { + if(in_array($name, $var_system)) + continue; + $type = gettype($original_value); + if($type == 'array' || $type == 'NULL') + continue; + + if($type == 'boolean' && in_array($name, $var_force_string)) + $type = 'string'; + + if(!isset($_POST[$name]) && $type != 'boolean') + continue; + + if($type == 'boolean') + $value = isset($_POST[$name]); + else + $value = $_POST[$name]; + + if($value != $original_value) { + // value has been changed + $config_append .= "\$config['" . addslashes($name) . "'] = "; + if($type == 'boolean') + $config_append .= $value ? 'true' : 'false'; + elseif($type == 'integer') + $config_append .= (int)$value; + elseif($type == 'string') + $config_append .= '\'' . addslashes($value) . '\''; + $config_append .= ";\n"; + } + } + + if(!empty($config_append)) { + $config_append = "\n// Changes made by web editor by \"" . $mod['username'] . "\" @ " . date('r') . ":\n" . $config_append . "\n"; + if(@file_put_contents('inc/instance-config.php', $config_append, FILE_APPEND)) { + header('Location: ?/config' . $b['uri'], true, $config['redirect_http']); + exit; + } else { + $page = Array(); + $page['title'] = 'Cannot write to file!'; + $page['config'] = $config; + $page['body'] = ' +

Tinyboard could not write to inc/instance-config.php with the ammended configuration, probably due to a permissions error.

+

You may proceed with these changes manually by copying and pasting the following code to the bottom of inc/instance-config.php:

+ + '; + echo Element('page.html', $page); + exit; + } + } + } + + foreach($config as $name => $value) { + $body .= ''; + + $body .= ''; + $type = gettype($value); + if($type == 'array') { + $body .= ''; + } else { + if($type == 'string' || $type == 'integer') { + $body .= ''; + } elseif($type == 'boolean') { + if(in_array($name, $var_force_string)) + $body .= ''; + else + $body .= ''; + } else { + $body .= ''; + } + } + + $body .= ''; + } + + $body .= '
' . utf8tohtml($name) . '[edit]' . '' . utf8tohtml($value) . '
'; + + echo Element('page.html', Array( + 'config'=>$config, + 'title'=>_('Configuration'), + 'body'=>$body, + 'mod'=>true + ) + ); } elseif(preg_match('/^\/config$/', $query)) { - if(!hasPermission($config['mod']['show_config'])) error($config['error']['noaccess']); + if(!hasPermission($config['mod']['show_config'])) + error($config['error']['noaccess']); // Show instance-config.php @@ -1830,7 +1932,7 @@ $data .= '' . - $prefix . (gettype($name) == 'integer' ? '[]' : $name) . + $prefix . (gettype($name) == 'integer' ? '[]' : utf8tohtml($name)) . '' . $value . ''; @@ -1838,7 +1940,7 @@ } } - do_array_part($config); + do_array_part($config); $body = '
' . _('Configuration') . '' . $data . '
';