PHP COM_allowedHTML函数代码示例

function MG_editCategory($cat_id, $mode)
{
    global $album_jumpbox, $_USER, $_CONF, $_TABLES, $_MG_CONF, $LANG_MG00, $LANG_MG01, $LANG_MG03, $LANG_ACCESS;
    $retval = '';
    $T = new Template($_MG_CONF['template_path'] . '/admin');
    $T->set_var('site_url', $_CONF['site_url']);
    $T->set_var('site_admin_url', $_CONF['site_admin_url']);
    if ($cat_id == 0 && $mode == 'create') {
        // set the album_id
        $sql = "SELECT MAX(cat_id) + 1 AS nextcat_id FROM " . $_TABLES['mg_category'];
        $result = DB_query($sql);
        $row = DB_fetchArray($result);
        $A['cat_id'] = $row['nextcat_id'];
        if ($A['cat_id'] < 1) {
            $A['cat_id'] = 1;
        }
        if ($A['cat_id'] == 0) {
            COM_errorLog("Media Gallery Error - Returned 0 as cat_id");
            $A['cat_id'] = 1;
        }
        $A['cat_name'] = '';
        $A['cat_description'] = '';
    } else {
        $A['cat_id'] = $cat_id;
        // pull info from DB
        $sql = "SELECT * FROM {$_TABLES['mg_category']} WHERE cat_id=" . (int) $cat_id;
        $result = DB_query($sql);
        $numRows = DB_numRows($result);
        if ($numRows > 0) {
            $A = DB_fetchArray($result);
        }
    }
    $T->set_var('cat_id', $A['cat_id']);
    // If edit, pull up the existing album information...
    $T->set_file(array('admin' => 'editcategory.thtml'));
    $T->set_var(array('action' => 'category', 'cat_id' => $A['cat_id'], 'cat_name' => $A['cat_name'], 'cat_description' => $A['cat_description'], 'lang_save' => $LANG_MG01['save'], 'lang_edit_category' => $mode == 'create' ? $LANG_MG01['create_category'] : $LANG_MG01['edit_category'], 's_form_action' => $_MG_CONF['admin_url'] . 'category.php', 'lang_cat_edit_help' => $LANG_MG01['cat_edit_help'], 'lang_title' => $LANG_MG01['title'], 'lang_description' => $LANG_MG01['description'], 'lang_cancel' => $LANG_MG01['cancel'], 'lang_delete' => $LANG_MG01['delete'], 'lang_delete_confirm' => $LANG_MG01['delete_item_confirm'], 'gltoken_name' => CSRF_TOKEN, 'gltoken' => SEC_createToken()));
    if ($_MG_CONF['htmlallowed'] == 1) {
        $T->set_var('allowed_html', COM_allowedHTML(SEC_getUserPermissions(), false, 'mediagallery', 'category_title'));
    }
    $T->parse('output', 'admin');
    $retval .= $T->finish($T->get_var('output'));
    return $retval;
}

function MG_editCategory($cat_id, $mode)
{
    global $_CONF, $_TABLES, $_MG_CONF, $LANG_MG01;
    $retval = '';
    if ($cat_id == 0 && $mode == 'create') {
        // set the album_id
        $sql = "SELECT MAX(cat_id) + 1 AS nextcat_id FROM " . $_TABLES['mg_category'];
        $result = DB_query($sql);
        $row = DB_fetchArray($result);
        $A['cat_id'] = $row['nextcat_id'];
        if ($A['cat_id'] < 1) {
            $A['cat_id'] = 1;
        }
        if ($A['cat_id'] == 0) {
            COM_errorLog("Media Gallery Error - Returned 0 as cat_id");
            $A['cat_id'] = 1;
        }
        $A['cat_name'] = '';
        $A['cat_description'] = '';
    } else {
        $A['cat_id'] = $cat_id;
        // pull info from DB
        $sql = "SELECT * FROM {$_TABLES['mg_category']} WHERE cat_id=" . $cat_id;
        $result = DB_query($sql);
        $numRows = DB_numRows($result);
        if ($numRows > 0) {
            $A = DB_fetchArray($result);
        }
    }
    $T = new Template($_MG_CONF['template_path']);
    $T->set_file('admin', 'editcategory.thtml');
    $T->set_var(array('site_url' => $_CONF['site_url'], 'site_admin_url' => $_CONF['site_admin_url'], 'xhtml' => XHTML, 'action' => 'edit_category', 'cat_id' => $A['cat_id'], 'cat_name' => $A['cat_name'], 'cat_description' => $A['cat_description'], 'lang_save' => $LANG_MG01['save'], 'lang_edit_category' => $mode == 'create' ? $LANG_MG01['create_category'] : $LANG_MG01['edit_category'], 's_form_action' => $_MG_CONF['admin_url'] . 'category.php', 'lang_cat_edit_help' => $LANG_MG01['cat_edit_help'], 'lang_title' => $LANG_MG01['title'], 'lang_description' => $LANG_MG01['description'], 'lang_cancel' => $LANG_MG01['cancel'], 'lang_delete' => $LANG_MG01['delete'], 'lang_delete_confirm' => $LANG_MG01['delete_item_confirm']));
    if ($_MG_CONF['htmlallowed'] == 1) {
        $T->set_var('allowed_html', COM_allowedHTML());
    }
    $retval .= $T->finish($T->parse('output', 'admin'));
    return $retval;
}

//.........这里部分代码省略.........
    $sp_template->set_var('lang_metakeywords', $LANG_ADMIN['meta_keywords']);
    if (!empty($A['meta_description'])) {
        $sp_template->set_var('meta_description', $A['meta_description']);
    }
    if (!empty($A['meta_keywords'])) {
        $sp_template->set_var('meta_keywords', $A['meta_keywords']);
    }
    if ($_CONF['meta_tags'] > 0 && $_SP_CONF['meta_tags'] > 0) {
        $sp_template->set_var('hide_meta', '');
    } else {
        $sp_template->set_var('hide_meta', ' style="display:none;"');
    }
    if ($A['template_flag'] == 1) {
        $sp_template->set_var('template_flag_checked', 'checked="checked"');
    } else {
        $sp_template->set_var('template_flag_checked', '');
    }
    $sp_template->set_var('lang_template', $LANG_STATIC['template']);
    $sp_template->set_var('lang_template_flag_msg', $LANG_STATIC['template_msg']);
    $template_list = templatelist($A['template_id']);
    $template_none = '<option value=""';
    if ($A['template_id'] == "") {
        $template_none .= ' selected="selected"';
    }
    $template_none .= '>' . $LANG_STATIC['none'] . '</option>';
    $sp_template->set_var('use_template_selection', '<select name="template_id">' . $template_none . $template_list . '</select>');
    $sp_template->set_var('lang_use_template', $LANG_STATIC['use_template']);
    $sp_template->set_var('lang_use_template_msg', $LANG_STATIC['use_template_msg']);
    $sp_template->set_var('lang_addtomenu', $LANG_STATIC['addtomenu']);
    if (isset($A['sp_onmenu']) && $A['sp_onmenu'] == 1) {
        $sp_template->set_var('onmenu_checked', 'checked="checked"');
    } else {
        $sp_template->set_var('onmenu_checked', '');
    }
    $sp_template->set_var('lang_label', $LANG_STATIC['label']);
    if (isset($A['sp_label'])) {
        $sp_template->set_var('sp_label', $A['sp_label']);
    } else {
        $sp_template->set_var('sp_label', '');
    }
    $sp_template->set_var('lang_pageformat', $LANG_STATIC['pageformat']);
    $sp_template->set_var('lang_blankpage', $LANG_STATIC['blankpage']);
    $sp_template->set_var('lang_noblocks', $LANG_STATIC['noblocks']);
    $sp_template->set_var('lang_leftblocks', $LANG_STATIC['leftblocks']);
    $sp_template->set_var('lang_leftrightblocks', $LANG_STATIC['leftrightblocks']);
    if (!isset($A['sp_format'])) {
        $A['sp_format'] = '';
    }
    if ($A['sp_format'] == 'noblocks') {
        $sp_template->set_var('noblock_selected', 'selected="selected"');
    } else {
        $sp_template->set_var('noblock_selected', '');
    }
    if ($A['sp_format'] == 'leftblocks') {
        $sp_template->set_var('leftblocks_selected', 'selected="selected"');
    } else {
        $sp_template->set_var('leftblocks_selected', '');
    }
    if ($A['sp_format'] == 'blankpage') {
        $sp_template->set_var('blankpage_selected', 'selected="selected"');
    } else {
        $sp_template->set_var('blankpage_selected', '');
    }
    if ($A['sp_format'] == 'allblocks' or empty($A['sp_format'])) {
        $sp_template->set_var('allblocks_selected', 'selected="selected"');
    } else {
        $sp_template->set_var('allblocks_selected', '');
    }
    $sp_template->set_var('lang_content', $LANG_STATIC['content']);
    $content = '';
    if (isset($A['sp_content'])) {
        $content = htmlspecialchars(stripslashes($A['sp_content']));
        $content = str_replace(array('{', '}'), array('&#123;', '&#125;'), $content);
    }
    $sp_template->set_var('sp_content', $content);
    $allowed = COM_allowedHTML('staticpages.edit', false, $_SP_CONF['filter_html']) . COM_allowedAutotags();
    $sp_template->set_var('lang_allowedhtml', $allowed);
    $sp_template->set_var('lang_allowed_html', $allowed);
    $sp_template->set_var('lang_hits', $LANG_STATIC['hits']);
    if (empty($A['sp_hits'])) {
        $sp_template->set_var('sp_hits', '0');
        $sp_template->set_var('sp_hits_formatted', '0');
    } else {
        $sp_template->set_var('sp_hits', $A['sp_hits']);
        $sp_template->set_var('sp_hits_formatted', COM_numberFormat($A['sp_hits']));
    }
    $sp_template->set_var('lang_comments', $LANG_STATIC['comments']);
    if ($A['commentcode'] == -1) {
        $sp_template->set_var('sp_comments', $LANG_ADMIN['na']);
    } else {
        $num_comments = DB_count($_TABLES['comments'], array('sid', 'type'), array(DB_escapeString($A['sp_id']), 'staticpages'));
        $sp_template->set_var('sp_comments', COM_numberFormat($num_comments));
    }
    $sp_template->set_var('end_block', COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer')));
    $sp_template->set_var('gltoken_name', CSRF_TOKEN);
    $sp_template->set_var('gltoken', $token);
    $sp_template->parse('output', 'form');
    $retval .= $sp_template->finish($sp_template->get_var('output'));
    return $retval;
}

//.........这里部分代码省略.........
     $navbar->set_selected($LANG_EVLIST['ev_info']);
     if ($this->AdminMode) {
         $action_url .= '?admin=true';
     }
     $T->set_var(array('action_url' => $action_url, 'navbar' => $navbar->generate(), 'alert_msg' => $alert_msg, 'cancel_url' => $cancel_url, 'eid' => $this->id, 'rp_id' => $rp_id, 'title' => $this->Detail->title, 'summary' => $summary, 'description' => $full_description, 'location' => $location, 'status_checked' => $this->status == 1 ? EVCHECKED : '', 'url' => $this->Detail->url, 'street' => $this->Detail->street, 'city' => $this->Detail->city, 'province' => $this->Detail->province, 'country' => $this->Detail->country, 'postal' => $this->Detail->postal, 'contact' => $this->Detail->contact, 'email' => $this->Detail->email, 'phone' => $this->Detail->phone, 'startdate1' => $this->date_start1, 'enddate1' => $this->date_end1, 'd_startdate1' => EVLIST_formattedDate($this->date_start1), 'd_enddate1' => EVLIST_formattedDate($this->date_end1), 'start_hour_options1' => $start1['hour'], 'start_minute_options1' => $start1['minute'], 'startdate1_ampm' => $start1['ampm'], 'end_hour_options1' => $end1['hour'], 'end_minute_options1' => $end1['minute'], 'enddate1_ampm' => $end1['ampm'], 'start_hour_options2' => $start2['hour'], 'start_minute_options2' => $start2['minute'], 'startdate2_ampm' => $start2['ampm'], 'end_hour_options2' => $end2['hour'], 'end_minute_options2' => $end2['minute'], 'enddate2_ampm' => $end2['ampm'], 'recurring_format_options' => EVLIST_GetOptions($LANG_EVLIST['rec_formats'], $option), 'recurring_weekday_options' => EVLIST_GetOptions(Date_Calc::getWeekDays(), $recweekday, 1), 'dailystop_label' => sprintf($LANG_EVLIST['stop_label'], $LANG_EVLIST['day_by_date'], ''), 'monthlystop_label' => sprintf($LANG_EVLIST['stop_label'], $LANG_EVLIST['year_and_month'], $LANG_EVLIST['if_any']), 'yearlystop_label' => sprintf($LANG_EVLIST['stop_label'], $LANG_EVLIST['year'], $LANG_EVLIST['if_any']), 'listdays_label' => sprintf($LANG_EVLIST['custom_label'], $LANG_EVLIST['days_of_week'], ''), 'listdaystop_label' => sprintf($LANG_EVLIST['stop_label'], $LANG_EVLIST['date_l'], $LANG_EVLIST['if_any']), 'intervalstop_label' => sprintf($LANG_EVLIST['stop_label'], $LANG_EVLIST['year_and_month'], $LANG_EVLIST['if_any']), 'custom_label' => sprintf($LANG_EVLIST['custom_label'], $LANG_EVLIST['dates'], ''), 'datestart_note' => $LANG_EVLIST['datestart_note'], 'src' => isset($_GET['src']) && $_GET['src'] == 'a' ? '1' : '0', 'rem_status_checked' => $this->enable_reminders == 1 ? EVCHECKED : '', 'del_button' => $this->id == '' ? '' : 'true', 'saveaction' => $saveaction, 'delaction' => $delaction, 'owner_id' => $this->owner_id, 'enable_reminders' => $_EV_CONF['enable_reminders'], 'iso_lang' => EVLIST_getIsoLang(), 'hour_mode' => $_CONF['hour_mode'], 'days_interval' => $days_interval, 'display_format' => $_CONF['shortdate'], 'ts_start' => strtotime($this->date_start1), 'ts_end' => strtotime($this->date_end1), 'cal_select' => $cal_select, 'contactlink_chk' => $this->options['contactlink'] == 1 ? EVCHECKED : '', 'lat' => $this->Detail->lat, 'lng' => $this->Detail->lng, 'perm_msg' => $LANG_ACCESS['permmsg'], 'last' => $LANG_EVLIST['rec_intervals'][5], 'doc_url' => EVLIST_getDocURL('event.html'), 'mootools' => $_SYSTEM['disable_mootools'] ? '' : 'true'));
     if ($_EV_CONF['enable_rsvp']) {
         USES_evlist_class_tickettype();
         $TickTypes = evTicketType::GetTicketTypes();
         //$T->set_block('editor', 'Tickets', 'tTypes');
         $tick_opts = '';
         foreach ($TickTypes as $tick_id => $tick_obj) {
             // Check enabled tickets. Ticket type 1 enabled by default
             if (isset($this->options['tickets'][$tick_id]) || $tick_id == 1) {
                 $checked = 'checked="checked"';
                 $fee = (double) $this->options['tickets'][$tick_id]['fee'];
             } else {
                 $checked = '';
                 $fee = 0;
             }
             $tick_opts .= '<tr><td><input name="tickets[' . $tick_id . ']" type="checkbox" ' . $checked . ' value="' . $tick_id . '" /></td>' . '<td>' . $tick_obj->description . '</td>' . '<td><input type="text" name="tick_fees[' . $tick_id . ']" value="' . $fee . '" size="8" /></td></tr>' . LB;
             /*$T->set_var(array(
                   'tick_id' => $tic['id'],
                   'tick_desc' => $tic['description'],
                   'tick_fee' => $fee,
                   'tick_enabled' => $enabled ? 'checked="checked"' : '',
               ) ) ;
               //$T->parse('tTypes', 'Tickets', true);*/
         }
         if ($_EV_CONF['rsvp_print'] > 0) {
             $rsvp_print_chk = 'rsvp_print_chk' . $this->options['rsvp_print'];
             $rsvp_print = 'true';
         } else {
             $rsvp_print = '';
             $rsvp_print_chk = 'no_rsvp_print';
         }
         $T->set_var(array('enable_rsvp' => 'true', 'reg_chk' . $this->options['use_rsvp'] => EVCHECKED, 'rsvp_wait_chk' => $this->options['rsvp_waitlist'] == 1 ? EVCHECKED : '', 'max_rsvp' => $this->options['max_rsvp'], 'max_user_rsvp' => $this->options['max_user_rsvp'], 'rsvp_cutoff' => $this->options['rsvp_cutoff'], 'use_rsvp' => $this->options['use_rsvp'], 'rsvp_waitlist' => $this->options['rsvp_waitlist'], 'tick_opts' => $tick_opts, 'rsvp_print' => $rsvp_print, $rsvp_print_chk => 'checked="checked"'));
     }
     // if rsvp_enabled
     // Split & All-Day settings
     if ($this->allday == 1) {
         // allday, can't be split, no times
         $T->set_var(array('starttime1_show' => 'style="display:none;"', 'endtime1_show' => 'style="display:none;"', 'datetime2_show' => 'style="display:none;"', 'allday_checked' => EVCHECKED, 'split_checked' => '', 'split_show' => 'style="display:none;"'));
     } elseif ($this->split == '1') {
         $T->set_var(array('split_checked' => EVCHECKED, 'allday_checked' => '', 'allday_show' => 'style="display:none"'));
     } else {
         $T->set_var(array('datetime2_show' => 'style="display:none;"'));
     }
     // Category fields. If $_POST['categories'] is set, then this is a
     // form re-entry due to an error saving. Populate checkboxes from the
     // submitted form. Include the user-added category, if any.
     // If not from a form re-entry, get the checked categories from the
     // evlist_lookup table.
     if ($_EV_CONF['enable_categories'] == '1') {
         $cresult = DB_query("SELECT tc.id, tc.name\n                FROM {$_TABLES['evlist_categories']} tc \n                WHERE tc.status='1' ORDER BY tc.name");
         while ($A = DB_fetchArray($cresult, false)) {
             if (isset($_POST['categories']) && is_array($_POST['categories'])) {
                 // Coming from a form re-entry
                 $chk = in_array($A['id'], $_POST['categories']) ? EVCHECKED : '';
             } else {
                 $chk = in_array($A['id'], $this->categories) ? EVCHECKED : '';
             }
             $catlist .= '<input type="checkbox" name="categories[]" ' . 'value="' . $A['id'] . '" ' . $chk . ' />' . '&nbsp;' . $A['name'] . '&nbsp;&nbsp;';
         }
         $T->set_var('catlist', $catlist);
         if (isset($_POST['newcat'])) {
             $T->set_var('newcat', $_POST['newcat']);
         }
         if ($_USER['uid'] > 1 && $rp_id == 0) {
             $T->set_var('category_section', 'true');
             $T->set_var('add_cat_input', 'true');
         }
     }
     // Enable the post mode selector if we allow HTML and the user is
     // logged in, or if this user is an authorized editor
     if ($this->isAdmin || $_EV_CONF['allow_html'] == '1' && $_USER['uid'] > 1) {
         $T->set_var(array('postmode_options' => EVLIST_GetOptions($LANG_EVLIST['postmodes'], $postmode), 'allowed_html' => COM_allowedHTML('evlist.submit')));
         if ($postmode == 'plaintext') {
             // plaintext, hide postmode selector
             $T->set_var('postmode_show', ' style="display:none"');
         }
         $T->parse('event_postmode', 'edit_postmode');
     }
     if ($this->isAdmin) {
         $T->set_var(array('owner_username' => COM_stripslashes($ownerusername), 'owner_dropdown' => COM_optionList($_TABLES['users'], 'uid,username', $this->owner_id, 1, "uid <> 1"), 'group_dropdown' => SEC_getGroupDropdown($this->group_id, 3)));
         if ($rp_id == 0) {
             // can only change permissions on main event
             $T->set_var('permissions_editor', SEC_getPermissionsHTML($this->perm_owner, $this->perm_group, $this->perm_members, $this->perm_anon));
         }
     } else {
         $T->set_var('group_id', $this->group_id);
     }
     // Latitude & Longitude part of location, if Location plugin is used
     if ($_EV_CONF['use_locator']) {
         $T->set_var(array('use_locator' => 'true', 'loc_selection' => GEO_optionList()));
     }
     $T->parse('output', 'editor');
     $retval .= $T->finish($T->get_var('output'));
     $retval .= COM_endBlock();
     return $retval;
 }

//.........这里部分代码省略.........
            if ($mode == 'edit' || $mode == $LANG03[28]) {
                //edit modes
                $comment_template->set_var('start_block_postacomment', COM_startBlock($LANG03[32]));
                $comment_template->set_var('cid', '<input type="hidden" name="cid" value="' . $cid . '"' . XHTML . '>');
            } else {
                if ($mode == 'editsubmission' || $mode == $LANG03[34]) {
                    $comment_template->set_var('start_block_postacomment', COM_startBlock($LANG03[33]));
                    $comment_template->set_var('cid', '<input type="hidden" name="cid" value="' . $cid . '"' . XHTML . '>');
                } else {
                    $comment_template->set_var('start_block_postacomment', COM_startBlock($LANG03[1]));
                    $comment_template->set_var('cid', '');
                }
            }
            $comment_template->set_var('form_url', $formurl);
            if (COM_isAnonUser()) {
                // Anonymous user
                $comment_template->set_var('uid', 1);
                if (isset($A['username'])) {
                    $name = $A['username'];
                    // for preview
                } elseif (isset($_COOKIE[$_CONF['cookie_anon_name']])) {
                    // stored as cookie, name used before
                    $name = htmlspecialchars(COM_checkWords(strip_tags(COM_stripslashes($_COOKIE[$_CONF['cookie_anon_name']]))));
                } else {
                    $name = COM_getDisplayName(1);
                    // anonymous user
                }
                $usernameblock = '<input type="text" name="username" size="16" value="' . $name . '" maxlength="32"' . XHTML . '>';
                $comment_template->set_var('username', $usernameblock);
                $comment_template->set_var('action_url', $_CONF['site_url'] . '/users.php?mode=new');
                $comment_template->set_var('lang_logoutorcreateaccount', $LANG03[04]);
            } else {
                if ($commentuid != $_USER['uid']) {
                    $uresult = DB_query("SELECT username, fullname FROM {$_TABLES['users']} WHERE uid = {$commentuid}");
                    list($username, $fullname) = DB_fetchArray($uresult);
                } else {
                    $username = $_USER['username'];
                    $fullname = $_USER['fullname'];
                }
                $comment_template->set_var('gltoken_name', CSRF_TOKEN);
                $comment_template->set_var('gltoken', SEC_createToken());
                $comment_template->set_var('uid', $commentuid);
                $name = COM_getDisplayName($commentuid, $username, $fullname);
                $comment_template->set_var('username', $name);
                $comment_template->set_var('action_url', $_CONF['site_url'] . '/users.php?mode=logout');
                $comment_template->set_var('lang_logoutorcreateaccount', $LANG03[03]);
            }
            if ($postmode == 'html') {
                $comment_template->set_var('show_texteditor', 'none');
                $comment_template->set_var('show_htmleditor', '');
            } else {
                $comment_template->set_var('show_texteditor', '');
                $comment_template->set_var('show_htmleditor', 'none');
            }
            $comment_template->set_var('lang_title', $LANG03[16]);
            $comment_template->set_var('title', htmlspecialchars($title));
            $comment_template->set_var('lang_comment', $LANG03[9]);
            $comment_template->set_var('comment', $commenttext);
            $comment_template->set_var('lang_postmode', $LANG03[2]);
            $comment_template->set_var('postmode_options', COM_optionList($_TABLES['postmodes'], 'code,name', $postmode));
            $comment_template->set_var('allowed_html', COM_allowedHTML($type == 'article' ? 'story.edit' : "{$type}.edit"));
            $comment_template->set_var('lang_importantstuff', $LANG03[18]);
            $comment_template->set_var('lang_instr_line1', $LANG03[19]);
            $comment_template->set_var('lang_instr_line2', $LANG03[20]);
            $comment_template->set_var('lang_instr_line3', $LANG03[21]);
            $comment_template->set_var('lang_instr_line4', $LANG03[22]);
            $comment_template->set_var('lang_instr_line5', $LANG03[23]);
            if ($mode == 'edit' || $mode == $LANG03[28]) {
                //editing comment or preview changes
                $comment_template->set_var('lang_preview', $LANG03[28]);
            } elseif ($mode == 'editsubmission' || $mode == $LANG03[34]) {
                $comment_template->set_var('lang_preview', $LANG03[34]);
            } else {
                //new comment
                $comment_template->set_var('lang_preview', $LANG03[14]);
            }
            PLG_templateSetVars('comment', $comment_template);
            if ($mode == $LANG03[28] || $mode == 'edit' && $_CONF['skip_preview'] == 1) {
                // for editing
                $comment_template->set_var('save_option', '<input type="submit" name="mode" value="' . $LANG03[29] . '"' . XHTML . '>');
            } elseif ($mode == $LANG03[34] || $mode == 'editsubmission' && $_CONF['skip_preview'] == 1) {
                // editing submission comment
                $comment_template->set_var('save_option', '<input type="submit" name="mode" value="' . $LANG03[35] . '"' . XHTML . '>');
            } elseif ($_CONF['skip_preview'] == 1 || $mode == $LANG03[14]) {
                $comment_template->set_var('save_option', '<input type="submit" name="mode" value="' . $LANG03[11] . '"' . XHTML . '>');
            }
            if ($_CONF['allow_reply_notifications'] == 1 && $uid != 1 && ($mode == '' || $mode == $LANG03[14] || $mode == 'error')) {
                $checked = '';
                if (isset($_POST['notify'])) {
                    $checked = ' checked="checked"';
                }
                $comment_template->set_var('notification', '<p><input type="checkbox"' . ' name="notify"' . $checked . '>' . $LANG03[36] . '</p>');
            }
            $comment_template->set_var('end_block', COM_endBlock());
            $comment_template->parse('output', 'form');
            $retval .= $comment_template->finish($comment_template->get_var('output'));
        }
    }
    return $retval;
}

/**
* Shows the links editor
*
* @param  string  $mode   Used to see if we are moderating a link or simply editing one
* @param  string  $lid    ID of link to edit
* @global array core config vars
* @global array core group data
* @global array core table data
* @global array core user data
* @global array links plugin config vars
* @global array links plugin lang vars
* @global array core lang access vars
* @return string HTML for the link editor form
*
*/
function editlink($mode, $lid = '')
{
    global $_CONF, $_GROUPS, $_TABLES, $_USER, $_LI_CONF, $LANG_LINKS_ADMIN, $LANG_ACCESS, $LANG_ADMIN, $MESSAGE;
    $retval = '';
    $link_templates = COM_newTemplate(CTL_plugin_templatePath('links', 'admin'));
    $link_templates->set_file('editor', 'linkeditor.thtml');
    $link_templates->set_var('lang_pagetitle', $LANG_LINKS_ADMIN[28]);
    $link_templates->set_var('lang_link_list', $LANG_LINKS_ADMIN[53]);
    $link_templates->set_var('lang_new_link', $LANG_LINKS_ADMIN[51]);
    $link_templates->set_var('lang_validate_links', $LANG_LINKS_ADMIN[26]);
    $link_templates->set_var('lang_list_categories', $LANG_LINKS_ADMIN[50]);
    $link_templates->set_var('lang_new_category', $LANG_LINKS_ADMIN[52]);
    $link_templates->set_var('lang_admin_home', $LANG_ADMIN['admin_home']);
    $link_templates->set_var('instructions', $LANG_LINKS_ADMIN[29]);
    if ($mode != 'editsubmission' and !empty($lid)) {
        $result = DB_query("SELECT * FROM {$_TABLES['links']} WHERE lid ='{$lid}'");
        if (DB_numRows($result) !== 1) {
            $msg = COM_showMessageText($LANG_LINKS_ADMIN[25], $LANG_LINKS_ADMIN[24]);
            return $msg;
        }
        $A = DB_fetchArray($result);
        $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
        if ($access == 0 or $access == 2) {
            $retval .= COM_showMessageText($LANG_LINKS_ADMIN[17], $LANG_LINKS_ADMIN[16]);
            COM_accessLog("User {$_USER['username']} tried to illegally submit or edit link {$lid}.");
            return $retval;
        }
    } else {
        if ($mode == 'editsubmission') {
            $result = DB_query("SELECT * FROM {$_TABLES['linksubmission']} WHERE lid = '{$lid}'");
            $A = DB_fetchArray($result);
        } else {
            $A['lid'] = COM_makesid();
            $A['cid'] = '';
            $A['url'] = '';
            $A['description'] = '';
            $A['title'] = '';
            $A['owner_id'] = $_USER['uid'];
        }
        $A['hits'] = 0;
        if (isset($_GROUPS['Links Admin'])) {
            $A['group_id'] = $_GROUPS['Links Admin'];
        } else {
            $A['group_id'] = SEC_getFeatureGroup('links.edit');
        }
        SEC_setDefaultPermissions($A, $_LI_CONF['default_permissions']);
        $access = 3;
    }
    $token = SEC_createToken();
    $retval .= COM_startBlock($LANG_LINKS_ADMIN[1], '', COM_getBlockTemplate('_admin_block', 'header'));
    $retval .= SEC_getTokenExpiryNotice($token);
    $link_templates->set_var('link_id', $A['lid']);
    if (!empty($lid) && SEC_hasRights('links.edit')) {
        $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>';
        $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
        $link_templates->set_var('delete_option', sprintf($delbutton, $jsconfirm));
        $link_templates->set_var('delete_option_no_confirmation', sprintf($delbutton, ''));
        if ($mode == 'editsubmission') {
            $link_templates->set_var('submission_option', '<input type="hidden" name="type" value="submission"' . XHTML . '>');
        }
    }
    $link_templates->set_var('lang_linktitle', $LANG_LINKS_ADMIN[3]);
    $link_templates->set_var('link_title', htmlspecialchars(stripslashes($A['title'])));
    $link_templates->set_var('lang_linkid', $LANG_LINKS_ADMIN[2]);
    $link_templates->set_var('lang_linkurl', $LANG_LINKS_ADMIN[4]);
    $link_templates->set_var('max_url_length', 255);
    $link_templates->set_var('link_url', $A['url']);
    $link_templates->set_var('lang_includehttp', $LANG_LINKS_ADMIN[6]);
    $link_templates->set_var('lang_category', $LANG_LINKS_ADMIN[5]);
    $othercategory = links_select_box(3, $A['cid']);
    $link_templates->set_var('category_options', $othercategory);
    $link_templates->set_var('lang_ifotherspecify', $LANG_LINKS_ADMIN[20]);
    $link_templates->set_var('category', $othercategory);
    $link_templates->set_var('lang_linkhits', $LANG_LINKS_ADMIN[8]);
    $link_templates->set_var('link_hits', $A['hits']);
    $link_templates->set_var('lang_linkdescription', $LANG_LINKS_ADMIN[9]);
    $link_templates->set_var('link_description', stripslashes($A['description']));
    $allowed = COM_allowedHTML('links.edit') . COM_allowedAutotags();
    $link_templates->set_var('lang_allowed_html', $allowed);
    $link_templates->set_var('lang_save', $LANG_ADMIN['save']);
    $link_templates->set_var('lang_cancel', $LANG_ADMIN['cancel']);
    // user access info
    $link_templates->set_var('lang_accessrights', $LANG_ACCESS['accessrights']);
    $link_templates->set_var('lang_owner', $LANG_ACCESS['owner']);
    $ownername = COM_getDisplayName($A['owner_id']);
//.........这里部分代码省略.........

//.........这里部分代码省略.........
                    $name = $A['username'];
                    // for preview
                } elseif (isset($_COOKIE[$_CONF['cookie_anon_name']])) {
                    // stored as cookie, name used before
                    $name = htmlspecialchars(COM_checkWords(strip_tags(COM_stripslashes($_COOKIE[$_CONF['cookie_anon_name']]))));
                } else {
                    $name = COM_getDisplayName(1);
                    // anonymous user
                }
                $usernameblock = '<input type="text" name="username" size="16" value="' . $name . '" maxlength="32"' . XHTML . '>';
                $comment_template->set_var('username', $usernameblock);
                $comment_template->set_var('action_url', $_CONF['site_url'] . '/users.php?mode=new');
                $comment_template->set_var('lang_logoutorcreateaccount', $LANG03[04]);
            } else {
                if ($commentuid != $_USER['uid']) {
                    $uresult = DB_query("SELECT username, fullname FROM {$_TABLES['users']} WHERE uid = {$commentuid}");
                    list($username, $fullname) = DB_fetchArray($uresult);
                } else {
                    $username = $_USER['username'];
                    $fullname = $_USER['fullname'];
                }
                $comment_template->set_var('gltoken_name', CSRF_TOKEN);
                $comment_template->set_var('gltoken', SEC_createToken());
                $comment_template->set_var('uid', $commentuid);
                $name = COM_getDisplayName($commentuid, $username, $fullname);
                $comment_template->set_var('username', $name);
                $comment_template->set_var('action_url', $_CONF['site_url'] . '/users.php?mode=logout');
                $comment_template->set_var('lang_logoutorcreateaccount', $LANG03[03]);
            }
            $comment_template->set_var('lang_cancel', $LANG_ADMIN['cancel']);
            if ($mode == 'editsubmission' or $mode == 'edit' or $mode == $LANG03[34] or $mode == $LANG03[28]) {
                $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>';
                $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
                $comment_template->set_var('delete_option', sprintf($delbutton, $jsconfirm));
            }
            if ($mode == 'editsubmission' or $mode == $LANG03[34]) {
                // Preview Submission changes (for edit)
                $comment_template->set_var('formtype', 'editsubmission');
            } elseif ($mode == 'edit' or $mode == $LANG03[28]) {
                // Preview changes (for edit)
                $comment_template->set_var('formtype', 'edit');
            } else {
                $comment_template->set_var('formtype', 'new');
            }
            if ($postmode == 'html') {
                $comment_template->set_var('show_texteditor', 'none');
                $comment_template->set_var('show_htmleditor', '');
            } else {
                $comment_template->set_var('show_texteditor', '');
                $comment_template->set_var('show_htmleditor', 'none');
            }
            $comment_template->set_var('lang_title', $LANG03[16]);
            $comment_template->set_var('title', htmlspecialchars($title));
            $comment_template->set_var('lang_comment', $LANG03[9]);
            $comment_template->set_var('comment', $commenttext);
            $comment_template->set_var('lang_postmode', $LANG03[2]);
            $comment_template->set_var('postmode_options', COM_optionList($_TABLES['postmodes'], 'code,name', $postmode));
            $comment_template->set_var('allowed_html', COM_allowedHTML($type == 'article' ? 'story.edit' : "{$type}.edit"));
            $comment_template->set_var('lang_importantstuff', $LANG03[18]);
            $comment_template->set_var('lang_instr_line1', $LANG03[19]);
            $comment_template->set_var('lang_instr_line2', $LANG03[20]);
            $comment_template->set_var('lang_instr_line3', $LANG03[21]);
            $comment_template->set_var('lang_instr_line4', $LANG03[22]);
            $comment_template->set_var('lang_instr_line5', $LANG03[23]);
            if ($mode == 'edit' || $mode == $LANG03[28]) {
                //editing comment or preview changes
                $comment_template->set_var('lang_preview', $LANG03[28]);
            } elseif ($mode == 'editsubmission' || $mode == $LANG03[34]) {
                $comment_template->set_var('lang_preview', $LANG03[34]);
            } else {
                //new comment
                $comment_template->set_var('lang_preview', $LANG03[14]);
            }
            if ($mode == $LANG03[28] || $mode == 'edit' && $_CONF['skip_preview'] == 1) {
                PLG_templateSetVars('comment', $comment_template);
                // Only for a edit form with a save button displayed (CAPTCHA related issue)
                // for editing
                $comment_template->set_var('save_option', '<input type="submit" name="mode" value="' . $LANG03[29] . '"' . XHTML . '>');
            } elseif ($mode == $LANG03[34] || $mode == 'editsubmission' && $_CONF['skip_preview'] == 1) {
                PLG_templateSetVars('comment', $comment_template);
                // editing submission comment
                $comment_template->set_var('save_option', '<input type="submit" name="mode" value="' . $LANG03[35] . '"' . XHTML . '>');
            } elseif ($_CONF['skip_preview'] == 1 || $mode == $LANG03[14]) {
                PLG_templateSetVars('comment', $comment_template);
                $comment_template->set_var('save_option', '<input type="submit" name="mode" value="' . $LANG03[11] . '"' . XHTML . '>');
            }
            if ($_CONF['allow_reply_notifications'] == 1 && $uid != 1 && ($mode == '' || $mode == $LANG03[14] || $mode == 'error')) {
                $checked = '';
                if (isset($_POST['notify'])) {
                    $checked = ' checked="checked"';
                }
                $comment_template->set_var('notification', '<p><input type="checkbox"' . ' name="notify"' . $checked . '>' . $LANG03[36] . '</p>');
            }
            $comment_template->set_var('end_block', COM_endBlock());
            $comment_template->parse('output', 'form');
            $retval .= $comment_template->finish($comment_template->get_var('output'));
        }
    }
    return $retval;
}

//.........这里部分代码省略.........
    $story_templates->set_var('lang_bodytext', $LANG24[17]);
    $story_templates->set_var('lang_postmode', $LANG24[4]);
    $story_templates->set_var('lang_publishoptions', $LANG24[76]);
    $story_templates->set_var('noscript', COM_getNoScript(false, $LANG24[77], sprintf($LANG24[78], $_CONF['site_admin_url'], $sid)));
    $postmode = $story->EditElements('postmode');
    if ($_CONF['advanced_editor'] && $_USER['advanced_editor']) {
        if ($story->EditElements('advanced_editor_mode') == 1 or $story->EditElements('postmode') == 'adveditor') {
            $postmode = '';
        }
    }
    $post_options = COM_optionList($_TABLES['postmodes'], 'code,name', $postmode);
    $postmode_list = 'plaintext,html';
    // If Advanced Mode - add post option and set default if editing story created with Advanced Editor
    if ($_CONF['advanced_editor'] && $_USER['advanced_editor']) {
        $postmode_list .= ',adveditor';
        if ($story->EditElements('advanced_editor_mode') == 1 or $story->EditElements('postmode') == 'adveditor') {
            $post_options .= '<option value="adveditor" selected="selected">' . $LANG24[86] . '</option>';
        } else {
            $post_options .= '<option value="adveditor">' . $LANG24[86] . '</option>';
        }
    }
    if ($_CONF['wikitext_editor']) {
        $postmode_list .= ',wikitext';
        if ($story->EditElements('postmode') == 'wikitext') {
            $post_options .= '<option value="wikitext" selected="selected">' . $LANG24[88] . '</option>';
        } else {
            $post_options .= '<option value="wikitext">' . $LANG24[88] . '</option>';
        }
    }
    $story_templates->set_var('post_options', $post_options);
    $postmode_array = explode(',', $postmode_list);
    $allowed_html = '';
    foreach ($postmode_array as $pm) {
        $allowed_html .= COM_allowedHTML('story.edit', false, 1, $pm);
    }
    $allowed_tags = array('code', 'raw');
    if ($_CONF['allow_page_breaks'] == 1) {
        $allowed_tags = array_merge($allowed_tags, array('page_break'));
    }
    $allowed_html .= COM_allowedAutotags(false, $allowed_tags);
    $story_templates->set_var('lang_allowed_html', $allowed_html);
    $fileinputs = '';
    $saved_images = '';
    if ($_CONF['maximagesperarticle'] > 0) {
        $story_templates->set_var('lang_images', $LANG24[47]);
        $icount = DB_count($_TABLES['article_images'], 'ai_sid', $story->getSid());
        if ($icount > 0) {
            $result_articles = DB_query("SELECT * FROM {$_TABLES['article_images']} WHERE ai_sid = '" . $story->getSid() . "'");
            for ($z = 1; $z <= $icount; $z++) {
                $I = DB_fetchArray($result_articles);
                $saved_images .= $z . ') ' . COM_createLink($I['ai_filename'], $_CONF['site_url'] . '/images/articles/' . $I['ai_filename']) . '&nbsp;&nbsp;&nbsp;' . $LANG_ADMIN['delete'] . ': <input type="checkbox" name="delete[' . $I['ai_img_num'] . ']"' . XHTML . '><br' . XHTML . '>';
            }
        }
        $newallowed = $_CONF['maximagesperarticle'] - $icount;
        for ($z = $icount + 1; $z <= $_CONF['maximagesperarticle']; $z++) {
            $fileinputs .= $z . ') <input type="file" dir="ltr" name="file' . $z . '"' . XHTML . '>';
            if ($z < $_CONF['maximagesperarticle']) {
                $fileinputs .= '<br' . XHTML . '>';
            }
        }
        $fileinputs .= '<br' . XHTML . '>' . $LANG24[51];
        if ($_CONF['allow_user_scaling'] == 1) {
            $fileinputs .= $LANG24[27];
        }
        $fileinputs .= $LANG24[28] . '<br' . XHTML . '>';
    }

/**
* Shows the story submission form
*
*/
function submitstory()
{
    global $_CONF, $_TABLES, $_USER, $LANG01, $LANG12, $LANG24, $_SCRIPTS;
    // Add JavaScript
    $_SCRIPTS->setJavaScriptFile('postmode_control', '/javascript/postmode_control.js');
    $retval = '';
    $story = new Story();
    if (isset($_POST['mode']) && $_POST['mode'] == $LANG12[32]) {
        // preview
        $story->loadSubmission();
        $retval .= COM_startBlock($LANG12[32]) . STORY_renderArticle($story, 'p') . COM_endBlock();
    } else {
        $story->initSubmission();
    }
    $storyform = COM_newTemplate($_CONF['path_layout'] . 'submit');
    if ($_CONF['advanced_editor'] && $_USER['advanced_editor']) {
        $storyform->set_file('storyform', 'submitstory_advanced.thtml');
        $storyform->set_var('change_editormode', 'onchange="change_editmode(this);"');
        $storyform->set_var('lang_expandhelp', $LANG24[67]);
        $storyform->set_var('lang_reducehelp', $LANG24[68]);
        $link_message = COM_isAnonUser() ? '' : $LANG01[138];
        $storyform->set_var('noscript', COM_getNoScript(false, '', $link_message));
        // Setup Advanced Editor
        COM_setupAdvancedEditor('/javascript/submitstory_adveditor.js');
        if ($story->EditElements('postmode') === 'html') {
            $storyform->set_var('show_texteditor', 'none');
            $storyform->set_var('show_htmleditor', '');
        } else {
            $storyform->set_var('show_texteditor', '');
            $storyform->set_var('show_htmleditor', 'none');
        }
    } else {
        $storyform->set_file('storyform', 'submitstory.thtml');
        if ($story->EditElements('postmode') === 'html') {
            $storyform->set_var('show_texteditor', 'none');
            $storyform->set_var('show_htmleditor', '');
        } else {
            $storyform->set_var('show_texteditor', '');
            $storyform->set_var('show_htmleditor', 'none');
        }
    }
    $storyform->set_var('lang_username', $LANG12[27]);
    if (!COM_isAnonUser()) {
        $storyform->set_var('story_username', $_USER['username']);
        $storyform->set_var('author', COM_getDisplayName());
        $storyform->set_var('status_url', $_CONF['site_url'] . '/users.php?mode=logout');
        $storyform->set_var('lang_loginout', $LANG12[34]);
    } else {
        $storyform->set_var('status_url', $_CONF['site_url'] . '/users.php');
        $storyform->set_var('lang_loginout', $LANG12[2]);
        if (!$_CONF['disable_new_user_registration']) {
            $storyform->set_var('separator', ' | ');
            $storyform->set_var('seperator', ' | ');
            $storyform->set_var('create_account', COM_createLink($LANG12[53], $_CONF['site_url'] . '/users.php?mode=new', array('rel' => 'nofollow')));
        }
    }
    $storyform->set_var('lang_title', $LANG12[10]);
    $storyform->set_var('story_title', $story->EditElements('title'));
    $storyform->set_var('lang_topic', $LANG12[28]);
    $tlist = TOPIC_getTopicSelectionControl('article', '', false, false, false);
    $storyform->set_var('topic_selection', $tlist);
    if (empty($tlist)) {
        $retval .= COM_showMessage(101);
        return $retval;
    }
    $storyform->set_var('story_topic_options', $tlist);
    $storyform->set_var('lang_story', $LANG12[29]);
    $storyform->set_var('lang_introtext', $LANG12[54]);
    $storyform->set_var('lang_bodytext', $LANG12[55]);
    $storyform->set_var('story_introtext', $story->EditElements('introtext'));
    $storyform->set_var('story_bodytext', $story->EditElements('bodytext'));
    $storyform->set_var('lang_postmode', $LANG12[36]);
    $postmode = $story->EditElements('postmode');
    $storyform->set_var('story_postmode_options', COM_optionList($_TABLES['postmodes'], 'code,name', $postmode));
    $allowed_html = '';
    foreach (array('plaintext', 'html') as $pm) {
        $allowed_html .= COM_allowedHTML('story.edit', false, 1, $pm);
    }
    $allowed_html .= COM_allowedAutotags();
    $storyform->set_var('allowed_html', $allowed_html);
    $storyform->set_var('story_uid', $story->EditElements('uid'));
    $storyform->set_var('story_sid', $story->EditElements('sid'));
    $storyform->set_var('story_date', $story->EditElements('unixdate'));
    $storyform->set_var('lang_preview', $LANG12[32]);
    PLG_templateSetVars('story', $storyform);
    if ($_CONF['skip_preview'] == 1 || isset($_POST['mode']) && $_POST['mode'] == $LANG12[32]) {
        $storyform->set_var('save_button', '<input name="mode" type="submit" value="' . $LANG12[8] . '"' . XHTML . '>');
    }
    $retval .= COM_startBlock($LANG12[6], 'submitstory.html');
    $storyform->parse('theform', 'storyform');
    $retval .= $storyform->finish($storyform->get_var('theform'));
    $retval .= COM_endBlock();
    return $retval;
}

//.........这里部分代码省略.........
    if ($A['sp_inblock'] == 1) {
        $sp_template->set_var('inblock_checked', 'checked="checked"');
    } else {
        $sp_template->set_var('inblock_checked', '');
    }
    $sp_template->set_var('inblock_msg', $LANG_STATIC['inblock_msg']);
    $sp_template->set_var('inblock_info', $LANG_STATIC['inblock_info']);
    $curtime = COM_getUserDateTimeFormat($A['unixdate']);
    $sp_template->set_var('lang_lastupdated', $LANG_STATIC['date']);
    $sp_template->set_var('sp_formateddate', $curtime[0]);
    $sp_template->set_var('sp_date', $curtime[1]);
    $sp_template->set_var('lang_title', $LANG_STATIC['title']);
    $title = '';
    if (isset($A['sp_title'])) {
        $title = htmlspecialchars(stripslashes($A['sp_title']));
    }
    $sp_template->set_var('sp_title', $title);
    $sp_template->set_var('lang_metadescription', $LANG_ADMIN['meta_description']);
    $sp_template->set_var('lang_metakeywords', $LANG_ADMIN['meta_keywords']);
    if (!empty($A['meta_description'])) {
        $sp_template->set_var('meta_description', $A['meta_description']);
    }
    if (!empty($A['meta_keywords'])) {
        $sp_template->set_var('meta_keywords', $A['meta_keywords']);
    }
    $sp_template->set_var('lang_addtomenu', $LANG_STATIC['addtomenu']);
    if (isset($A['sp_onmenu']) && $A['sp_onmenu'] == 1) {
        $sp_template->set_var('onmenu_checked', 'checked="checked"');
    } else {
        $sp_template->set_var('onmenu_checked', '');
    }
    $sp_template->set_var('lang_label', $LANG_STATIC['label']);
    if (isset($A['sp_label'])) {
        $sp_template->set_var('sp_label', $A['sp_label']);
    } else {
        $sp_template->set_var('sp_label', '');
    }
    $sp_template->set_var('lang_pageformat', $LANG_STATIC['pageformat']);
    $sp_template->set_var('lang_blankpage', $LANG_STATIC['blankpage']);
    $sp_template->set_var('lang_noblocks', $LANG_STATIC['noblocks']);
    $sp_template->set_var('lang_leftblocks', $LANG_STATIC['leftblocks']);
    $sp_template->set_var('lang_leftrightblocks', $LANG_STATIC['leftrightblocks']);
    if (!isset($A['sp_format'])) {
        $A['sp_format'] = '';
    }
    if ($A['sp_format'] == 'noblocks') {
        $sp_template->set_var('noblock_selected', 'selected="selected"');
    } else {
        $sp_template->set_var('noblock_selected', '');
    }
    if ($A['sp_format'] == 'leftblocks') {
        $sp_template->set_var('leftblocks_selected', 'selected="selected"');
    } else {
        $sp_template->set_var('leftblocks_selected', '');
    }
    if ($A['sp_format'] == 'blankpage') {
        $sp_template->set_var('blankpage_selected', 'selected="selected"');
    } else {
        $sp_template->set_var('blankpage_selected', '');
    }
    if ($A['sp_format'] == 'allblocks' or empty($A['sp_format'])) {
        $sp_template->set_var('allblocks_selected', 'selected="selected"');
    } else {
        $sp_template->set_var('allblocks_selected', '');
    }
    $sp_template->set_var('lang_content', $LANG_STATIC['content']);
    $content = '';
    if (isset($A['sp_content'])) {
        $content = htmlspecialchars(stripslashes($A['sp_content']));
        $content = str_replace(array('{', '}'), array('{', '}'), $content);
    }
    $sp_template->set_var('sp_content', $content);
    if ($_SP_CONF['filter_html'] == 1) {
        $allowed = COM_allowedHTML('staticpages.edit');
        $sp_template->set_var('lang_allowedhtml', $allowed);
        $sp_template->set_var('lang_allowed_html', $allowed);
    } else {
        $sp_template->set_var('lang_allowedhtml', $LANG_STATIC['all_html_allowed']);
        $allowed = '<span class="warningsmall">' . $LANG_STATIC['all_html_allowed'] . ',</span>' . LB . '<div dir="ltr" class="warningsmall">';
        $autotags = array_keys(PLG_collectTags());
        $allowed .= '[' . implode(':], [', $autotags) . ':]';
        $allowed .= '</div>';
        $sp_template->set_var('lang_allowed_html', $allowed);
    }
    $sp_template->set_var('lang_hits', $LANG_STATIC['hits']);
    if (empty($A['sp_hits'])) {
        $sp_template->set_var('sp_hits', '0');
        $sp_template->set_var('sp_hits_formatted', '0');
    } else {
        $sp_template->set_var('sp_hits', $A['sp_hits']);
        $sp_template->set_var('sp_hits_formatted', COM_numberFormat($A['sp_hits']));
    }
    $sp_template->set_var('end_block', COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer')));
    $sp_template->set_var('xhtml', XHTML);
    $sp_template->set_var('gltoken_name', CSRF_TOKEN);
    $sp_template->set_var('gltoken', $token);
    $sp_template->parse('output', 'form');
    $retval .= $sp_template->finish($sp_template->get_var('output'));
    return $retval;
}

/**
* Shows the story submission form
*
*/
function submitstory($topic = '')
{
    global $_CONF, $_TABLES, $_USER, $LANG12, $LANG24, $REMOTE_ADDR;
    $retval = '';
    $story = new Story();
    if (isset($_POST['mode']) && $_POST['mode'] == $LANG12[32]) {
        // preview
        $story->loadSubmission();
        $retval .= COM_startBlock($LANG12[32]) . STORY_renderArticle($story, 'p') . COM_endBlock();
        $retval .= '<div style="border-bottom:1px solid #cccccc"></div>';
    } else {
        $story->initSubmission($topic);
        $story->loadSubmission();
    }
    if ($_CONF['story_submit_by_perm_only']) {
        $topicList = COM_topicList('tid,topic', $story->EditElements('tid'), 1, false, 3);
    } else {
        $topicList = COM_topicList('tid,topic', $story->EditElements('tid'));
    }
    // no topics
    if ($topicList == '') {
        $retval = COM_showMessageText($LANG24[66], '', 1, 'error');
        return $retval;
    }
    $retval .= COM_startBlock($LANG12[6]);
    $storyform = new Template($_CONF['path_layout'] . 'submit');
    $storyform->set_file('storyform', 'submitstory.thtml');
    if ($story->EditElements('postmode') == 'html') {
        $storyform->set_var('show_htmleditor', true);
    } else {
        $storyform->unset_var('show_htmleditor');
    }
    $storyform->set_var('site_admin_url', $_CONF['site_admin_url']);
    $storyform->set_var('lang_username', $LANG12[27]);
    if (!COM_isAnonUser()) {
        $storyform->set_var('story_username', $_USER['username']);
        $storyform->set_var('author', COM_getDisplayName());
        $storyform->set_var('status_url', $_CONF['site_url'] . '/users.php?mode=logout');
        $storyform->set_var('lang_loginout', $LANG12[34]);
    } else {
        $storyform->set_var('status_url', $_CONF['site_url'] . '/users.php');
        $storyform->set_var('lang_loginout', $LANG12[2]);
        if (!$_CONF['disable_new_user_registration']) {
            $storyform->set_var('separator', ' | ');
            $storyform->set_var('seperator', ' | ');
            $storyform->set_var('create_account', COM_createLink($LANG12[53], $_CONF['site_url'] . '/users.php?mode=new', array('rel' => "nofollow")));
        }
    }
    $storyform->set_var('lang_title', $LANG12[10]);
    $storyform->set_var('story_title', $story->EditElements('title'));
    $storyform->set_var('lang_topic', $LANG12[28]);
    $storyform->set_var('story_topic_options', $topicList);
    /*
        if ( $_CONF['story_submit_by_perm_only'] ) {
            $storyform->set_var('story_topic_options', COM_topicList('tid,topic',$story->EditElements('tid'),1,false,3));
        } else {
            $storyform->set_var('story_topic_options', COM_topicList('tid,topic',$story->EditElements('tid')));
        }
    */
    $storyform->set_var('lang_story', $LANG12[29]);
    $storyform->set_var('lang_introtext', $LANG12[54]);
    $storyform->set_var('lang_bodytext', $LANG12[55]);
    $storyform->set_var('story_introtext', $story->EditElements('introtext'));
    $storyform->set_var('story_bodytext', $story->EditElements('bodytext'));
    $storyform->set_var('lang_postmode', $LANG12[36]);
    $storyform->set_var('story_postmode_options', COM_optionList($_TABLES['postmodes'], 'code,name', $story->EditElements('postmode')));
    $storyform->set_var('postmode', $story->EditElements('postmode'));
    $storyform->set_var('allowed_html', COM_allowedHTML(SEC_getUserPermissions(), false, 'glfusion', 'story') . '<br/>' . COM_allowedAutotags(SEC_getUserPermissions(), false, 'glfusion', 'story'));
    $storyform->set_var('story_uid', $story->EditElements('uid'));
    $storyform->set_var('story_sid', $story->EditElements('sid'));
    $storyform->set_var('story_date', $story->EditElements('unixdate'));
    PLG_templateSetVars('story', $storyform);
    if ($_CONF['skip_preview'] == 1 || isset($_POST['mode']) && $_POST['mode'] == $LANG12[32]) {
        $storyform->set_var('save_button', '<input name="mode" type="submit" value="' . $LANG12[8] . '"' . XHTML . '>');
    }
    $storyform->set_var('lang_preview', $LANG12[32]);
    $storyform->parse('theform', 'storyform');
    $retval .= $storyform->finish($storyform->get_var('theform'));
    $retval .= COM_endBlock();
    $urlfor = 'advancededitor';
    if (COM_isAnonUser()) {
        $urlfor = 'advancededitor' . md5($REMOTE_ADDR);
    }
    $rc = @setcookie($_CONF['cookie_name'] . 'adveditor', SEC_createTokenGeneral($urlfor), time() + 1200, $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure']);
    return $retval;
}

/**
* Shows event editor
*
* @param    string  $action action we are performing: 'edit', 'clone' or 'moderate'
* @param    array   $A      array holding the event's details
* @param    string  $msg    an optional error message to display
* @return   string          HTML for event editor or error message
*
*/
function CALENDAR_edit($action, $A, $msg = '')
{
    global $_CONF, $_USER, $_GROUPS, $_TABLES, $_USER, $_CA_CONF, $LANG_CAL_1, $LANG_CAL_ADMIN, $LANG10, $LANG12, $LANG_ACCESS, $LANG_ADMIN, $MESSAGE;
    USES_lib_admin();
    $retval = '';
    $menu_arr = array(array('url' => $_CONF['site_admin_url'] . '/plugins/calendar/index.php', 'text' => $LANG_CAL_ADMIN[40]), array('url' => $_CONF['site_admin_url'] . '/moderation.php', 'text' => $LANG_ADMIN['submissions']), array('url' => $_CONF['site_admin_url'] . '/plugins/calendar/index.php?batchadmin=x', 'text' => $LANG_CAL_ADMIN[38]), array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home']));
    switch ($action) {
        case 'edit':
        case 'clone':
            $blocktitle = $LANG_CAL_ADMIN[1];
            // Event Editor
            $saveoption = $LANG_ADMIN['save'];
            // Save
            break;
        case 'moderate':
            $blocktitle = $LANG_CAL_ADMIN[37];
            // Moderate Event
            $saveoption = $LANG_ADMIN['moderate'];
            // Save & Approve
            break;
    }
    if (!empty($msg)) {
        $retval .= COM_showMessageText($msg, $LANG_CAL_ADMIN[2], true);
    }
    $event_templates = new Template($_CONF['path'] . 'plugins/calendar/templates/admin');
    $event_templates->set_file('editor', 'eventeditor.thtml');
    $event_templates->set_var('lang_allowed_html', COM_allowedHTML(SEC_getUserPermissions(), false, 'calendar', 'description'));
    $event_templates->set_var('lang_postmode', $LANG_CAL_ADMIN[3]);
    if (!isset($A['perm_owner'])) {
        $A['perm_owner'][0] = "0";
    }
    if (!isset($A['perm_group'])) {
        $A['perm_group'][0] = "0";
    }
    if (!isset($A['perm_members'])) {
        $A['perm_members'][0] = "0";
    }
    if (!isset($A['perm_anon'])) {
        $A['perm_anon'][0] = "0";
    }
    if ($action != 'moderate' and !empty($A['eid'])) {
        // Get what level of access user has to this object
        $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
        if ($access == 0 or $access == 2) {
            // Uh, oh!  User doesn't have access to this object
            $retval .= COM_showMessageText($LANG_CAL_ADMIN[17], $LANG_ACCESS['accessdenied'], true);
            COM_accessLog("User {$_USER['username']} tried to illegally submit or edit event {$eid}.");
            return $retval;
        }
    } else {
        if (!isset($A['owner_id']) || $A['owner_id'] == '') {
            $A['owner_id'] = $_USER['uid'];
        }
        if (isset($_GROUPS['Calendar Admin'])) {
            $A['group_id'] = $_GROUPS['Calendar Admin'];
        } else {
            $A['group_id'] = SEC_getFeatureGroup('calendar.edit');
        }
        SEC_setDefaultPermissions($A, $_CA_CONF['default_permissions']);
        $access = 3;
    }
    if ($action == 'moderate') {
        $event_templates->set_var('post_options', COM_optionList($_TABLES['postmodes'], 'code,name', 'plaintext'));
    } else {
        if (!isset($A['postmode'])) {
            $A['postmode'] = $_CONF['postmode'];
        }
        $event_templates->set_var('post_options', COM_optionList($_TABLES['postmodes'], 'code,name', $A['postmode']));
    }
    $retval .= COM_startBlock($blocktitle, '', COM_getBlockTemplate('_admin_block', 'header'));
    $retval .= ADMIN_createMenu($menu_arr, $LANG_CAL_ADMIN[41], plugin_geticon_calendar());
    if (!empty($A['eid'])) {
        $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="delete"%s/>';
        $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
        $event_templates->set_var('lang_delete_confirm', $MESSAGE[76]);
        $event_templates->set_var('delete_option', sprintf($delbutton, $jsconfirm));
        $event_templates->set_var('delete_option_no_confirmation', sprintf($delbutton, ''));
        if ($action == 'moderate') {
            $event_templates->set_var('submission_option', '<input type="hidden" name="type" value="submission"/>');
        }
    } else {
        // new event
        $A['eid'] = COM_makesid();
        $A['status'] = 1;
        $A['title'] = '';
        $A['description'] = '';
        $A['url'] = '';
        $A['hits'] = 0;
        // in case a start date/time has been passed from the calendar,
        // pick it up for the end date/time
        if (empty($A['dateend'])) {
//.........这里部分代码省略.........

//.........这里部分代码省略.........
    }
    $story_templates->set_var('cmt_close_ampm_selection', $ampm_select);
    if ($_CONF['hour_mode'] == 24) {
        $hour_options = COM_getHourFormOptions($story->EditElements('cmt_close_hour'), 24);
    } else {
        $hour_options = COM_getHourFormOptions($cmt_close_hour);
    }
    $story_templates->set_var('cmt_close_hour_options', $hour_options);
    $minute_options = COM_getMinuteFormOptions($story->EditElements('cmt_close_minute'));
    $story_templates->set_var('cmt_close_minute_options', $minute_options);
    $story_templates->set_var('cmt_close_second', $story->EditElements('cmt_close_second'));
    if ($_CONF['onlyrootfeatures'] == 1 && SEC_inGroup('Root') or $_CONF['onlyrootfeatures'] !== 1) {
        $featured_options = "<select name=\"featured\">" . LB . COM_optionList($_TABLES['featurecodes'], 'code,name', $story->EditElements('featured')) . "</select>" . LB;
        $featured_options_data = COM_optionList($_TABLES['featurecodes'], 'code,name', $story->EditElements('featured'));
        $story_templates->set_var('featured_options_data', $featured_options_data);
    } else {
        $featured_options = "<input type=\"hidden\" name=\"featured\" value=\"0\"/>";
        $story_templates->unset_var('featured_options_data');
    }
    $story_templates->set_var('featured_options', $featured_options);
    $story_templates->set_var('frontpage_options', COM_optionList($_TABLES['frontpagecodes'], 'code,name', $story->EditElements('frontpage')));
    $story_templates->set_var('story_introtext', $story->EditElements('introtext'));
    $story_templates->set_var('story_bodytext', $story->EditElements('bodytext'));
    $story_templates->set_var('lang_introtext', $LANG24[16]);
    $story_templates->set_var('lang_bodytext', $LANG24[17]);
    $story_templates->set_var('lang_postmode', $LANG24[4]);
    $story_templates->set_var('lang_publishoptions', $LANG24[76]);
    $story_templates->set_var('lang_publishdate', $LANG24[69]);
    $story_templates->set_var('lang_nojavascript', $LANG24[77]);
    $story_templates->set_var('postmode', $story->EditElements('postmode'));
    if ($story->EditElements('postmode') == 'plaintext' || $story->EditElements('postmode') == 'text') {
        $allowedHTML = '';
    } else {
        $allowedHTML = COM_allowedHTML(SEC_getUserPermissions(), false, 'glfusion', 'story') . '<br/>';
    }
    $allowedHTML .= COM_allowedAutotags(SEC_getUserPermissions(), false, 'glfusion', 'story');
    $story_templates->set_var('lang_allowed_html', $allowedHTML);
    $fileinputs = '';
    $saved_images = '';
    if ($_CONF['maximagesperarticle'] > 0) {
        $story_templates->set_var('lang_images', $LANG24[47]);
        $icount = DB_count($_TABLES['article_images'], 'ai_sid', DB_escapeString($story->getSid()));
        if ($icount > 0) {
            $result_articles = DB_query("SELECT * FROM {$_TABLES['article_images']} WHERE ai_sid = '" . DB_escapeString($story->getSid()) . "'");
            for ($z = 1; $z <= $icount; $z++) {
                $I = DB_fetchArray($result_articles);
                $saved_images .= $z . ') ' . COM_createLink($I['ai_filename'], $_CONF['site_url'] . '/images/articles/' . $I['ai_filename']) . '&nbsp;&nbsp;&nbsp;' . $LANG_ADMIN['delete'] . ': <input type="checkbox" name="delete[' . $I['ai_img_num'] . ']" /><br />';
            }
        }
        $newallowed = $_CONF['maximagesperarticle'] - $icount;
        for ($z = $icount + 1; $z <= $_CONF['maximagesperarticle']; $z++) {
            $fileinputs .= $z . ') <input type="file" dir="ltr" name="file[]' . '" />';
            if ($z < $_CONF['maximagesperarticle']) {
                $fileinputs .= '<br />';
            }
        }
        $fileinputs .= '<br />' . $LANG24[51];
        if ($_CONF['allow_user_scaling'] == 1) {
            $fileinputs .= $LANG24[27];
        }
        $fileinputs .= $LANG24[28] . '<br />';
    }
    $story_templates->set_var('saved_images', $saved_images);
    $story_templates->set_var('image_form_elements', $fileinputs);
    $story_templates->set_var('lang_hits', $LANG24[18]);
    $story_templates->set_var('story_hits', $story->EditElements('hits'));

//.........这里部分代码省略.........
    $album_sort_select = MG_optionlist(array('name' => 'album_sort_order', 'current' => $album->album_sort_order, 'values' => array('0' => $LANG_MG03['no_sort'], '1' => $LANG_MG03['sort_capture_asc'], '2' => $LANG_MG03['sort_capture'], '3' => $LANG_MG03['sort_upload_asc'], '4' => $LANG_MG03['sort_upload'], '5' => $LANG_MG03['sort_alpha'], '6' => $LANG_MG03['sort_alpha_asc'])));
    if (SEC_hasRights('mediagallery.admin')) {
        //
        // -- build the featured selects and info...
        //
        $featured_select = MG_checkbox(array('name' => 'featured', 'checked' => $album->featured, 'value' => '1'));
        // build featurepage select...
        $featurepage_select = '<select name="featurepage">';
        $featurepage_select .= MG_options(array('current' => $album->cbpage, 'values' => array('all' => $LANG_MG01['all'], 'allnhp' => $LANG_MG01['all_nhp'], 'none' => $LANG_MG01['homepage_only'])));
        $featurepage_select .= COM_topicList('tid,topic', $album->cbpage);
        $featurepage_select .= '</select>';
        // position
        $feature_pos = MG_optionlist(array('name' => 'featureposition', 'current' => $album->cbposition, 'values' => array('1' => $LANG_MG01['top'], '2' => $LANG_MG01['after_featured_articles'], '3' => $LANG_MG01['bottom'])));
        $ri_select = MG_checkbox(array('name' => 'enable_random', 'checked' => $album->enable_random, 'value' => '1'));
        $T->set_var(array('featured_select' => $featured_select, 'feature_page_select' => $featurepage_select, 'feature_position' => $feature_pos, 'height_input' => $max_image_height_input, 'width_input' => $max_image_width_input, 'max_size_input' => $max_filesize_input, 'ri_select' => $ri_select, 'jpg_checked' => $album->valid_formats & MG_JPG ? ' checked="checked"' : '', 'png_checked' => $album->valid_formats & MG_PNG ? ' checked="checked"' : '', 'tif_checked' => $album->valid_formats & MG_TIF ? ' checked="checked"' : '', 'gif_checked' => $album->valid_formats & MG_GIF ? ' checked="checked"' : '', 'bmp_checked' => $album->valid_formats & MG_BMP ? ' checked="checked"' : '', 'tga_checked' => $album->valid_formats & MG_TGA ? ' checked="checked"' : '', 'psd_checked' => $album->valid_formats & MG_PSD ? ' checked="checked"' : '', 'mp3_checked' => $album->valid_formats & MG_MP3 ? ' checked="checked"' : '', 'ogg_checked' => $album->valid_formats & MG_OGG ? ' checked="checked"' : '', 'asf_checked' => $album->valid_formats & MG_ASF ? ' checked="checked"' : '', 'swf_checked' => $album->valid_formats & MG_SWF ? ' checked="checked"' : '', 'mov_checked' => $album->valid_formats & MG_MOV ? ' checked="checked"' : '', 'mp4_checked' => $album->valid_formats & MG_MP4 ? ' checked="checked"' : '', 'mpg_checked' => $album->valid_formats & MG_MPG ? ' checked="checked"' : '', 'zip_checked' => $album->valid_formats & MG_ZIP ? ' checked="checked"' : '', 'flv_checked' => $album->valid_formats & MG_FLV ? ' checked="checked"' : '', 'rflv_checked' => $album->valid_formats & MG_RFLV ? ' checked="checked"' : '', 'emb_checked' => $album->valid_formats & MG_EMB ? ' checked="checked"' : '', 'other_checked' => $album->valid_formats & MG_OTHER ? ' checked="checked"' : '', 'lang_featured_album' => $LANG_MG01['featured_album'], 'lang_set_featured' => $LANG_MG01['set_featured'], 'lang_featured_help' => $LANG_MG01['featured_help'], 'lang_position' => $LANG_MG01['position'], 'lang_topic' => $LANG_MG01['topic'], 'lang_ri_enable' => $LANG_MG01['ri_enable'], 'lang_max_image_height' => $LANG_MG01['max_image_height'], 'lang_max_image_width' => $LANG_MG01['max_image_width'], 'lang_max_filesize' => $LANG_MG01['max_filesize'], 'lang_jpg' => $LANG_MG01['jpg'], 'lang_png' => $LANG_MG01['png'], 'lang_tif' => $LANG_MG01['tif'], 'lang_gif' => $LANG_MG01['gif'], 'lang_bmp' => $LANG_MG01['bmp'], 'lang_tga' => $LANG_MG01['tga'], 'lang_psd' => $LANG_MG01['psd'], 'lang_mp3' => $LANG_MG01['mp3'], 'lang_ogg' => $LANG_MG01['ogg'], 'lang_asf' => $LANG_MG01['asf'], 'lang_swf' => $LANG_MG01['swf'], 'lang_mov' => $LANG_MG01['mov'], 'lang_mp4' => $LANG_MG01['mp4'], 'lang_mpg' => $LANG_MG01['mpg'], 'lang_zip' => $LANG_MG01['zip'], 'lang_flv' => $LANG_MG01['flv'], 'lang_rflv' => $LANG_MG01['rflv'], 'lang_emb' => $LANG_MG01['emb'], 'lang_other' => $LANG_MG01['other'], 'lang_allowed_formats' => $LANG_MG01['allowed_media_formats'], 'lang_image' => $LANG_MG01['image'], 'lang_audio' => $LANG_MG01['audio'], 'lang_video' => $LANG_MG01['video']));
    }
    $r = rand();
    if ($album->tn_attached) {
        list($album_last_image, $media_size) = MG_getImageUrl('covers/cover_' . $album_id);
        if ($media_size != false) {
            $T->set_var('thumbnail', '<img src="' . $album_last_image . '?r=' . $r . '" alt=""' . XHTML . '>');
        }
    }
    $filename_title_select = MG_checkbox(array('name' => 'filename_title', 'checked' => $album->filename_title, 'value' => '1'));
    // watermark stuff...
    $wm_auto_select = MG_checkbox(array('name' => 'wm_auto', 'checked' => $album->wm_auto, 'value' => '1'));
    $wm_opacity_select = MG_optionlist(array('name' => 'wm_opacity', 'current' => $album->wm_opacity, 'values' => array('10' => '10%', '20' => '20%', '30' => '30%', '40' => '40%', '50' => '50%', '60' => '60%', '70' => '70%', '80' => '80%', '90' => '90%')));
    $wm_location_select = MG_optionlist(array('name' => 'wm_location', 'current' => $album->wm_location, 'values' => array('1' => $LANG_MG01['top_left'], '2' => $LANG_MG01['top_center'], '3' => $LANG_MG01['top_right'], '4' => $LANG_MG01['middle_left'], '5' => $LANG_MG01['middle_center'], '6' => $LANG_MG01['middle_right'], '7' => $LANG_MG01['bottom_left'], '8' => $LANG_MG01['bottom_center'], '9' => $LANG_MG01['bottom_right'])));
    // now select what watermarks we have permission to use...
    $whereClause = "WHERE wm_id<>0 AND ";
    if (SEC_hasRights('mediagallery.admin')) {
        $whereClause .= "1=1 ";
    } else {
        $whereClause .= "(owner_id=" . intval($_USER['uid']) . " OR owner_id=0) ";
    }
    $sql = "SELECT * FROM {$_TABLES['mg_watermarks']} " . $whereClause . "ORDER BY owner_id";
    $result = DB_query($sql);
    $nRows = DB_numRows($result);
    $wm_select = '<select name="wm_id" onchange="change(this)">';
    $wm_select .= '<option value="blank.png">' . $LANG_MG01['no_watermark'] . '</option>';
    $wm_current = '<img src="' . $_MG_CONF['site_url'] . '/watermarks/blank.png" name="myImage" alt=""' . XHTML . '>';
    for ($i = 0; $i < $nRows; $i++) {
        $row = DB_fetchArray($result);
        $wm_select .= '<option value="' . $row['filename'] . '"' . ($album->wm_id == $row['wm_id'] ? ' selected="selected"' : '') . '>' . $row['filename'] . '</option>';
        if ($album->wm_id == $row['wm_id']) {
            $wm_current = '<img src="' . $_MG_CONF['site_url'] . '/watermarks/' . $row['filename'] . '" name="myImage" alt=""' . XHTML . '>';
        }
    }
    $wm_select .= '</select>';
    $skins = MG_getFrames();
    $tmp = array();
    for ($i = 0; $i < count($skins); $i++) {
        $tmp[$skins[$i]['dir']] = $skins[$i]['name'];
    }
    $skin_select = MG_optionlist(array('name' => 'skin', 'current' => $album->image_skin, 'values' => $tmp));
    $askin_select = MG_optionlist(array('name' => 'askin', 'current' => $album->album_skin, 'values' => $tmp));
    $dskin_select = MG_optionlist(array('name' => 'dskin', 'current' => $album->display_skin, 'values' => $tmp));
    // permission template
    $usergroups = SEC_getUserGroups();
    $groupdd = '<select name="group_id">';
    $moddd = '<select name="mod_id">';
    for ($i = 0; $i < count($usergroups); $i++) {
        if ($usergroups[key($usergroups)] != 2 && $usergroups[key($usergroups)] != 13) {
            $groupdd .= '<option value="' . $usergroups[key($usergroups)] . '"';
            $moddd .= '<option value="' . $usergroups[key($usergroups)] . '"';
            if ($album->group_id == $usergroups[key($usergroups)]) {
                $groupdd .= ' selected="selected"';
            }
            if ($album->mod_group_id == $usergroups[key($usergroups)]) {
                $moddd .= ' selected="selected"';
            }
            $groupdd .= '>' . key($usergroups) . '</option>';
            $moddd .= '>' . key($usergroups) . '</option>';
        }
        next($usergroups);
    }
    $groupdd .= '</select>';
    $moddd .= '</select>';
    $upload_select = MG_checkbox(array('name' => 'uploads', 'checked' => $album->member_uploads, 'value' => '1'));
    $moderate_select = MG_checkbox(array('name' => 'moderate', 'checked' => $album->moderate, 'value' => '1'));
    $child_update_select = MG_checkbox(array('name' => 'force_child_update', 'checked' => false, 'value' => '1'));
    $hidden_select = MG_checkbox(array('name' => 'hidden', 'checked' => $album->hidden, 'value' => '1'));
    $allow_download_select = MG_checkbox(array('name' => 'allow_download', 'checked' => $album->allow_download, 'value' => '1'));
    if (SEC_hasRights('mediagallery.admin')) {
        $perm_editor = SEC_getPermissionsHTML($album->perm_owner, $album->perm_group, $album->perm_members, $album->perm_anon);
    } else {
        $perm_editor = MG_getMemberPermissionsHTML($album->perm_members, $album->perm_anon);
    }
    $T->set_var(array('site_url' => $_CONF['site_url'], 'site_admin_url' => $_CONF['site_admin_url'], 'xhtml' => XHTML, 'start_block' => COM_startBlock($block_title), 'end_block' => COM_endBlock(), 'owner_username' => DB_getItem($_TABLES['users'], 'username', "uid={$album->owner_id}"), 'owner_id' => $album->owner_id, 'permissions_editor' => $perm_editor, 'old_album_id' => $oldaid, 'group_dropdown' => $groupdd, 'mod_dropdown' => $moddd, 'uploads' => $upload_select, 'moderate' => $moderate_select, 'hidden' => $hidden_select, 'force_child_update' => $child_update_select, 'owner_select' => $owner_select, 'email_mod_select' => $email_mod_select, 'action' => 'album', 'path_mg' => $_MG_CONF['site_url'], 'attach_select' => $attach_select, 'comment_select' => $comment_select, 'exif_select' => $exif_select, 'ranking_select' => $ranking_select, 'podcast_select' => $podcast_select, 'mp3ribbon_select' => $mp3ribbon_select, 'rsschildren_select' => $rsschildren_select, 'full_select' => $full_select, 'ss_select' => $ss_select, 'sf_select' => $sf_select, 'views_select' => $views_select, 'keywords_select' => $keywords_select, 'album_views_select' => $album_views_select, 'display_album_desc_select' => $display_album_desc_select, 'sort_select' => $sort_select, 'rss_select' => $rss_select, 'afirst_select' => $afirst_select, 'tn_size_select' => $tn_size_select, 'display_image_size' => $display_image_size_select, 'rows_input' => $rows_input, 'columns_input' => $columns_input, 'playback_type' => $playback_type, 'album_title' => $album->title, 'album_desc' => $album->description, 'album_id' => $album_id, 'parent_select' => $album_selectbox, 'album_cover' => $album->cover, 'album_owner' => $album->owner_id, 'album_order' => $album->order, 'album_cover_filename' => $album->cover_filename, 'last_update' => $album->last_update, 'media_count' => $album->media_count, 'wm_auto_select' => $wm_auto_select, 'wm_opacity_select' => $wm_opacity_select, 'wm_location_select' => $wm_location_select, 'wm_select' => $wm_select, 'wm_current' => $wm_current, 'album_theme_select' => $album_theme_select, 'album_sort_select' => $album_sort_select, 'allow_download_select' => $allow_download_select, 'filename_title_select' => $filename_title_select, 'skin_select' => $skin_select, 'askin_select' => $askin_select, 'dskin_select' => $dskin_select, 'tnheight_input' => $tnheight_input, 'tnwidth_input' => $tnwidth_input, 'usealternate_select' => $usealternate_select, 's_form_action' => $actionURL, 'lang_uploads' => $LANG_MG01['anonymous_uploads_prompt'], 'lang_accessrights' => $LANG_ACCESS['accessrights'], 'lang_owner' => $LANG_ACCESS['owner'], 'lang_group' => $LANG_ACCESS['group'], 'lang_permissions' => $LANG_ACCESS['permissions'], 'lang_perm_key' => $LANG_ACCESS['permissionskey'], 'lang_hidden' => $LANG_MG01['hidden'], 'permissions_msg' => $LANG_ACCESS['permmsg'], 'lang_member_upload' => $LANG_MG01['member_upload'], 'lang_moderate_album' => $LANG_MG01['mod_album'], 'lang_mod_group' => $LANG_MG01['moderation_group'], 'lang_force_child_update' => $LANG_MG01['force_child_update'], 'lang_allow_download' => $LANG_MG01['allow_download'], 'lang_email_mods_on_submission' => $LANG_MG01['email_mods_on_submission'], 'lang_usealternate' => $LANG_MG01['use_alternate_url'], 'lang_tnheight' => $LANG_MG01['tn_height'], 'lang_tnwidth' => $LANG_MG01['tn_width'], 'lang_save' => $LANG_MG01['save'], 'lang_edit_title' => $mode == 'create' ? $LANG_MG01['create_album'] : $LANG_MG01['edit_album'], 'lang_image_skin' => $LANG_MG01['image_skin'], 'lang_album_skin' => $LANG_MG01['album_skin'], 'lang_display_skin' => $LANG_MG01['display_skin'], 'lang_album_edit_help' => $LANG_MG01['album_edit_help'], 'lang_title' => $LANG_MG01['title'], 'lang_podcast' => $LANG_MG01['podcast'], 'lang_mp3ribbon' => $LANG_MG01['mp3ribbon'], 'lang_rsschildren' => $LANG_MG01['rsschildren'], 'lang_parent_album' => $LANG_MG01['parent_album'], 'lang_description' => $LANG_MG01['description'], 'lang_cancel' => $LANG_MG01['cancel'], 'lang_delete' => $LANG_MG01['delete'], 'lang_comments' => $LANG_MG01['comments_prompt'], 'lang_enable_exif' => $LANG_MG01['enable_exif'], 'lang_enable_ratings' => $LANG_MG01['enable_ratings'], 'lang_ss_enable' => $LANG_MG01['ss_enable'], 'lang_sf_enable' => $LANG_MG01['sf_enable'], 'lang_tn_size' => $LANG_MG01['tn_size'], 'lang_rows' => $LANG_MG01['rows'], 'lang_columns' => $LANG_MG01['columns'], 'lang_av_play_album' => $LANG_MG01['av_play_album'], 'lang_av_play_options' => $LANG_MG01['av_play_options'], 'lang_attached_thumbnail' => $LANG_MG01['attached_thumbnail'], 'lang_thumbnail' => $LANG_MG01['thumbnail'], 'lang_album_attributes' => $LANG_MG01['album_attributes'], 'lang_album_cover' => $LANG_MG01['album_cover'], 'lang_enable_views' => $LANG_MG01['enable_views'], 'lang_enable_keywords' => $LANG_MG01['enable_keywords'], 'lang_enable_album_views' => $LANG_MG01['enable_album_views'], 'lang_enable_sort' => $LANG_MG01['enable_sort'], 'lang_enable_rss' => $LANG_MG01['enable_rss'], 'lang_albums_first' => $LANG_MG01['albums_first'], 'lang_full_display' => $LANG_MG01['full_display'], 'lang_display_image_size' => $LANG_MG01['display_image_size'], 'lang_album_sort' => $LANG_MG01['default_album_sort'], 'lang_watermark' => $LANG_MG01['watermark'], 'lang_wm_auto' => $LANG_MG01['watermark_auto'], 'lang_wm_opacity' => $LANG_MG01['watermark_opacity'], 'lang_wm_location' => $LANG_MG01['watermark_location'], 'lang_wm_id' => $LANG_MG01['watermark_image'], 'lang_unlimited' => $LANG_MG01['zero_unlimited'], 'lang_display_album_desc' => $LANG_MG01['display_album_desc'], 'lang_filename_title' => $LANG_MG01['filename_title'], 'lang_media_attributes' => $LANG_MG01['media_attributes'], 'lang_theme_select' => $LANG_MG01['album_theme']));
    if (SEC_hasRights('mediagallery.admin')) {
        $T->set_var('perms_editor_admin', '1');
    } else {
        $T->set_var('perms_editor_member', '1');
    }
    if ($_MG_CONF['htmlallowed'] == 1) {
        $T->set_var('allowed_html', COM_allowedHTML());
    }
    $retval .= $T->finish($T->parse('output', 'admin'));
    return $retval;
}

//.........这里部分代码省略.........
        $scale_select .= '</select>';
        $wmode_select = '<select name="wmode">';
        $wmode_select .= '<option value="window" ' . ($playback_options['wmode'] == 'window' ? ' selected="selected"' : '') . '>' . $LANG_MG07['window'] . '</option>';
        $wmode_select .= '<option value="opaque" ' . ($playback_options['wmode'] == 'opaque' ? ' selected="selected"' : '') . '>' . $LANG_MG07['opaque'] . '</option>';
        $wmode_select .= '<option value="transparent" ' . ($playback_options['wmode'] == 'transparent' ? ' selected="selected"' : '') . '>' . $LANG_MG07['transparent'] . '</option>';
        $wmode_select .= '</select>';
        $asa_select = '<select name="allowscriptaccess">';
        $asa_select .= '<option value="always" ' . ($playback_options['allowscriptaccess'] == 'always' ? ' selected="selected"' : '') . '>' . $LANG_MG07['always'] . '</option>';
        $asa_select .= '<option value="sameDomain" ' . ($playback_options['allowscriptaccess'] == 'sameDomain' ? ' selected="selected"' : '') . '>' . $LANG_MG07['sameDomain'] . '</option>';
        $asa_select .= '<option value="never" ' . ($playback_options['allowscriptaccess'] == 'never' ? ' selected="selected"' : '') . '>' . $LANG_MG07['never'] . '</option>';
        $asa_select .= '</select>';
        $T->set_var(array('play_enabled' => $playback_options['play'] ? ' checked="checked"' : '', 'play_disabled' => $playback_options['play'] ? '' : ' checked="checked"', 'menu_enabled' => $playback_options['menu'] ? ' checked="checked"' : '', 'menu_disabled' => $playback_options['menu'] ? '' : ' checked="checked"', 'loop_enabled' => $playback_options['loop'] ? ' checked="checked"' : '', 'loop_disabled' => $playback_options['loop'] ? '' : ' checked="checked"', 'quality_select' => $quality_select, 'scale_select' => $scale_select, 'wmode_select' => $wmode_select, 'asa_select' => $asa_select, 'flashvars' => isset($playback_options['flashvars']) ? $playback_options['flashvars'] : '', 'height' => $playback_options['height'], 'width' => $playback_options['width'], 'bgcolor' => $playback_options['bgcolor'], 'swf_version' => $playback_options['swf_version'], 'lang_playback_options' => $LANG_MG07['playback_options'], 'lang_option' => $LANG_MG07['option'], 'lang_description' => $LANG_MG07['description'], 'lang_on' => $LANG_MG07['on'], 'lang_off' => $LANG_MG07['off'], 'lang_height' => $LANG_MG07['height'], 'lang_width' => $LANG_MG07['width'], 'lang_height_help' => $LANG_MG07['height_help'], 'lang_width_help' => $LANG_MG07['width_help'], 'lang_auto_start' => $LANG_MG07['auto_start'], 'lang_auto_start_help' => $LANG_MG07['auto_start_help'], 'lang_menu' => $LANG_MG07['menu'], 'lang_menu_help' => $LANG_MG07['menu_help'], 'lang_scale' => $LANG_MG07['scale'], 'lang_swf_scale_help' => $LANG_MG07['swf_scale_help'], 'lang_wmode' => $LANG_MG07['wmode'], 'lang_wmode_help' => $LANG_MG07['wmode_help'], 'lang_loop' => $LANG_MG07['loop'], 'lang_loop_help' => $LANG_MG07['loop_help'], 'lang_quality' => $LANG_MG07['quality'], 'lang_quality_help' => $LANG_MG07['quality_help'], 'lang_flash_vars' => $LANG_MG07['flash_vars'], 'lang_asa' => $LANG_MG07['asa'], 'lang_asa_help' => $LANG_MG07['asa_help'], 'lang_bgcolor' => $LANG_MG07['bgcolor'], 'lang_bgcolor_help' => $LANG_MG07['bgcolor_help'], 'lang_swf_version_help' => $LANG_MG07['swf_version_help']));
        if ($row['mime_type'] == 'application/x-shockwave-flash') {
            $T->parse('playback_options', 'swf_options');
        } else {
            $T->parse('playback_options', 'flv_options');
        }
    }
    if ($row['media_mime_ext'] == 'mov' || $row['media_mime_ext'] == 'mp4' || $row['mime_type'] == 'video/quicktime' || $row['mime_type'] == 'video/mpeg') {
        // pull defaults, then override...
        $playback_options['autoref'] = $_MG_CONF['mov_autoref'];
        $playback_options['autoplay'] = $_MG_CONF['mov_autoplay'];
        $playback_options['controller'] = $_MG_CONF['mov_controller'];
        $playback_options['kioskmode'] = isset($_MG_CONF['mov_kioskmod']) ? $_MG_CONF['mov_kiokmode'] : '';
        $playback_options['scale'] = $_MG_CONF['mov_scale'];
        $playback_options['loop'] = $_MG_CONF['mov_loop'];
        $playback_options['height'] = $_MG_CONF['mov_height'];
        $playback_options['width'] = $_MG_CONF['mov_width'];
        $playback_options['bgcolor'] = $_MG_CONF['mov_bgcolor'];
        $poResult = DB_query("SELECT * FROM {$_TABLES['mg_playback_options']} WHERE media_id='" . DB_escapeString($row['media_id']) . "'");
        $poNumRows = DB_numRows($poResult);
        for ($i = 0; $i < $poNumRows; $i++) {
            $poRow = DB_fetchArray($poResult);
            $playback_options[$poRow['option_name']] = $poRow['option_value'];
        }
        $scale_select = '<select name="scale">';
        $scale_select .= '<option value="tofit" ' . ($playback_options['scale'] == 'tofit' ? ' selected="selected"' : '') . '>' . $LANG_MG07['to_fit'] . '</option>';
        $scale_select .= '<option value="aspect" ' . ($playback_options['scale'] == 'aspect' ? ' selected="selected"' : '') . '>' . $LANG_MG07['aspect'] . '</option>';
        $scale_select .= '<option value="1" ' . ($playback_options['scale'] == '1' ? ' selected="selected"' : '') . '>' . $LANG_MG07['normal_size'] . '</option>';
        $scale_select .= '</select>';
        $T->set_var(array('autoref_enabled' => $playback_options['autoref'] ? ' checked="checked"' : '', 'autoref_disabled' => $playback_options['autoref'] ? '' : ' checked="checked"', 'autoplay_enabled' => $playback_options['autoplay'] ? ' checked="checked"' : '', 'autoplay_disabled' => $playback_options['autoplay'] ? '' : ' checked="checked"', 'controller_enabled' => $playback_options['controller'] ? ' checked="checked"' : '', 'controller_disabled' => $playback_options['controller'] ? '' : ' checked="checked"', 'kioskmode_enabled' => $playback_options['kioskmode'] ? ' checked="checked"' : '', 'kioskmode_disabled' => $playback_options['kioskmode'] ? '' : ' checked="checked"', 'scale_select' => $scale_select, 'loop_enabled' => $playback_options['loop'] ? ' checked="checked"' : '', 'loop_disabled' => $playback_options['loop'] ? '' : ' checked="checked"', 'height' => $playback_options['height'], 'width' => $playback_options['width'], 'bgcolor' => $playback_options['bgcolor'], 'lang_playback_options' => $LANG_MG07['playback_options'], 'lang_option' => $LANG_MG07['option'], 'lang_description' => $LANG_MG07['description'], 'lang_on' => $LANG_MG07['on'], 'lang_off' => $LANG_MG07['off'], 'lang_height' => $LANG_MG07['height'], 'lang_width' => $LANG_MG07['width'], 'lang_height_help' => $LANG_MG07['height_help'], 'lang_width_help' => $LANG_MG07['width_help'], 'lang_auto_start' => $LANG_MG07['auto_start'], 'lang_auto_start_help' => $LANG_MG07['auto_start_help'], 'lang_auto_ref' => $LANG_MG07['auto_ref'], 'lang_auto_ref_help' => $LANG_MG07['auto_ref_help'], 'lang_controller' => $LANG_MG07['controller'], 'lang_controller_help' => $LANG_MG07['controller_help'], 'lang_kiosk_mode' => $LANG_MG07['kiosk_mode'], 'lang_kiosk_mode_help' => $LANG_MG07['kiosk_mode_help'], 'lang_scale' => $LANG_MG07['scale'], 'lang_scale_help' => $LANG_MG07['scale_help'], 'lang_loop' => $LANG_MG07['loop'], 'lang_loop_help' => $LANG_MG07['loop_help'], 'lang_bgcolor' => $LANG_MG07['bgcolor'], 'lang_bgcolor_help' => $LANG_MG07['bgcolor_help']));
        $T->parse('playback_options', 'mov_options');
    }
    $T->set_var(array('original_filename' => $row['media_original_filename'], 'attach_tn' => $row['media_tn_attached'], 'at_tn_checked' => $row['media_tn_attached'] == 1 ? ' checked="checked"' : '', 'album_id' => $album_id, 'media_thumbnail' => $thumbnail, 'nocache' => time(), 'media_id' => $row['media_id'], 'media_title' => $row['media_title'], 'media_desc' => $row['media_desc'], 'media_time' => $media_time[0], 'media_views' => $row['media_views'], 'media_comments' => $row['media_comments'], 'media_exif_info' => $exif_info, 'media_rating_max' => 5, 'height' => $size[1] + 50, 'width' => $size[0] + 40, 'queue' => $mqueue, 'month_select' => $month_select, 'day_select' => $day_select, 'year_select' => $year_select, 'hour_select' => $hour_select, 'minute_select' => $minute_select, 'user_ip' => $row['media_user_ip'], 'album_select' => $album_jumpbox, 'media_rating' => $row['media_rating'] / 2, 'media_votes' => $row['media_votes'], 's_mode' => 'edit', 's_title' => $LANG_MG01['edit_media'], 's_rotate_right' => $rotate_right, 's_rotate_left' => $rotate_left, 's_form_action' => $actionURL, 'allowed_html' => COM_allowedHTML(SEC_getUserPermissions(), false, 'mediagallery', 'media_title'), 'site_url' => $_MG_CONF['site_url'], 'preview' => $preview, 'preview_end' => $preview_end));
    if ($row['remote_media'] == 1) {
        $T->set_var(array('remoteurl' => $row['remote_url'], 'lang_remote_url' => $LANG_MG01['remote_url']));
    } else {
        $T->set_var(array('remoteurl' => $row['remote_url'], 'lang_remote_url' => $LANG_MG01['alternate_url']));
    }
    if ($row['media_type'] == 1) {
        $T->set_var(array('lang_resolution' => $LANG_MG07['resolution'], 'resolution' => $row['media_resolution_x'] > 0 && $row['media_resolution_y'] > 0 ? $row['media_resolution_x'] . 'x' . $row['media_resolution_y'] : 'unknown'));
    } else {
        $T->set_var(array('lang_resolution' => '', 'resolution' => ''));
    }
    // Pull user information now
    if ($row['media_user_id'] != '') {
        if ($_CONF['show_fullname']) {
            $displayname = 'fullname';
        } else {
            $displayname = 'username';
        }
        $username = DB_getItem($_TABLES['users'], $displayname, "uid={$row['media_user_id']}");
    } else {
        $username = '';
    }
    $userselect = '<select name="owner_name"> ';
    $sql = "SELECT * FROM {$_TABLES['users']} WHERE status=3 AND uid > 1 ORDER BY username ASC";
    $result = DB_query($sql);
    while ($userRow = DB_fetchArray($result)) {
        $userselect .= '<option value="' . $userRow['uid'] . '"' . ($userRow['uid'] == $row['media_user_id'] ? ' selected="selected"' : '') . '>' . $userRow['username'] . '</option>' . LB;
    }
    $userselect .= '</select>';
    if (SEC_hasRights('mediagallery.admin')) {
        $T->set_var('username', $userselect);
    } else {
        $T->set_var('username', $username);
    }
    $cat_select = '<select name="cat_id" id="cat_id">';
    $cat_select .= '<option value="">' . $LANG_MG01['no_category'] . '</option>';
    $result = DB_query("SELECT * FROM {$_TABLES['mg_category']} ORDER BY cat_id ASC");
    while ($catRow = DB_fetchArray($result)) {
        $cat_select .= '<option value="' . $catRow['cat_id'] . '" ' . ($catRow['cat_id'] == $row['media_category'] ? ' selected="selected"' : '') . '>' . $catRow['cat_name'] . '</option>';
    }
    $cat_select .= '</select>';
    // keywords
    $keywords = $row['media_keywords'];
    if ($back != '') {
        $T->set_var(array('rpath' => htmlentities($back, ENT_QUOTES, COM_getEncodingt())));
    } else {
        $T->set_var(array('rpath' => ''));
    }
    $artist = $row['artist'];
    $musicalbum = $row['album'];
    $genre = $row['genre'];
    // language items...
    $T->set_var(array('lang_original_filename' => $LANG_MG01['original_filename'], 'lang_media_item' => $LANG_MG00['media_col_header'], 'lang_media_attributes' => $LANG_MG01['media_attributes'], 'lang_mediaattributes' => $LANG_MG01['mediaattributes'], 'lang_attached_thumbnail' => $LANG_MG01['attached_thumbnail'], 'lang_category' => $LANG_MG01['category'], 'lang_keywords' => $LANG_MG01['keywords'], 'lang_rating' => $LANG_MG03['rating'], 'lang_comments' => $LANG_MG03['comments'], 'lang_votes' => $LANG_MG03['votes'], 'media_edit_title' => $LANG_MG01['media_edit'], 'media_edit_help' => $LANG_MG01['media_edit_help'], 'rotate_left' => $LANG_MG01['rotate_left'], 'rotate_right' => $LANG_MG01['rotate_right'], 'lang_title' => $LANG_MG01['title'], 'albums' => $LANG_MG01['albums'], 'description' => $LANG_MG01['description'], 'capture_time' => $LANG_MG01['capture_time'], 'views' => $LANG_MG03['views'], 'uploaded_by' => $LANG_MG01['uploaded_by'], 'submit' => $LANG_MG01['submit'], 'cancel' => $LANG_MG01['cancel'], 'reset' => $LANG_MG01['reset'], 'lang_save' => $LANG_MG01['save'], 'lang_reset' => $LANG_MG01['reset'], 'lang_cancel' => $LANG_MG01['cancel'], 'lang_reset_rating' => $LANG_MG01['reset_rating'], 'lang_reset_views' => $LANG_MG01['reset_views'], 'cat_select' => $cat_select, 'media_keywords' => $keywords, 'lang_replacefile' => $LANG_MG01['replace_file'], 'artist' => $artist, 'musicalbum' => $musicalbum, 'genre' => $genre, 'lang_artist' => $LANG_MG01['artist'], 'lang_genre' => $LANG_MG01['genre'], 'lang_music_album' => $LANG_MG01['music_album']));
    $T->parse('output', 'admin');
    $retval .= $T->finish($T->get_var('output'));
    return $retval;
}