Page 1 of 1
Make an own admin_plugin
Posted: Sat Jan 28, 2006 6:04 pm
by jojje
OK lets see if I can explain this.
I have a file with a form <form> that sends email to subscribers....
Now I have the leave s9y and log into that file to send emails.
Is it possible tha add a menu option i admininterface there I can put this form.
The form calls a php-file that sends away the mail.
Is there any easy why to do it?
Posted: Sat Jan 28, 2006 11:05 pm
by judebert
Kind of like an HTML nugget for the admin screen?
It sounds kind of insecure to just include another file from the admin page. After all, if someone managed to overwrite it with something malicious, you'd run it without even a chance to stop it. That's why the backend doesn't even use Smarty templating. Heck, it won't even run if it's in an IFRAME.
We might manage to convince Garvin that copy-and-pasting text into an Admin HTML Nugget isn't too insecure. Then you could put the contents of the form into a nugget. But I wouldn't count on it.
You can paste the <form> directly into your admin page by modifying serendipity_admin.php. The "New Entries" link is called NEW_ENTRIES, and you can figure out from there where you want your code to go.
Posted: Sun Jan 29, 2006 7:00 am
by jojje
A html-nugget for the admin screen sounds like something like it.
I think that if someone has manage to overwrite a php-file on my server I will have other problems than that they changed this sendmail file.
But thanks for the tip, I will look in the suggested files and see if I can make somethinh out.
Posted: Sun Jan 29, 2006 3:16 pm
by garvinhicking
You should write a plugin for that.
Something like this:
Code: Select all
<?php
class serendipity_event_adminform extends serendipity_event {
function introspect(&$propbag) {
global $serendipity;
$propbag->add('name', 'Adminform');
$propbag->add('version', '1.0');
$propbag->add('author', 'Garvin Hicking');
$propbag->add('stackable', true);
$propbag->add('event_hooks', array(
'backend_sidebar_entries' => true,
'backend_sidebar_entries_event_display_adminform' => true
)
);
}
function event_hook($event, &$bag, &$eventData) {
global $serendipity;
$hooks = &$bag->get('event_hooks');
if (isset($hooks[$event])) {
switch($event) {
case 'backend_sidebar_entries':
if ($serendipity['serendipityUserlevel'] >= USERLEVEL_CHIEF) {
?>
<li><a href="?serendipity[adminModule]=event_display&serendipity[adminAction]=adminform">Adminform</a></li>
<?php
}
break;
case 'backend_sidebar_entries_event_display_aggregator':
?>
<form action="">
Your form here
</form>
<?php
break;
}
}
return true;
}
}
You could abstract this plugin a bit more to make the FORM output configurable via a configuration option of the plugin.
Have fun,
Garvin
Posted: Sun Jan 29, 2006 10:56 pm
by jojje
Thx Garvin, you are the greatest!
The code generates a blank page but I think I have a great start to work with tomorrow. thanks!
Posted: Mon Jan 30, 2006 11:07 am
by garvinhicking
Hi!
I'm sorry, you'll need to replace
backend_sidebar_entries_event_display_aggregator
with
backend_sidebar_entries_event_display_adminform
Regards,
Garvin
Posted: Mon Jan 30, 2006 9:53 pm
by judebert
That's like a skeleton for any admin plugin (which, incidentally, I've been considering adding to the wiki).
jojje, please consider naming it something other than "Adminform"
