Fixes so previews appear

git-svn-id: https://xerteonlinetoolkits.googlecode.com/svn/branches/1.8@230 912cdd6b-5c7d-d5a7-a2ba-d0f0cdb91641
thexerteproject · Nov 9, 2011 · 70df23d · 70df23d
1 parent 307c743
commit 70df23d
Show file tree

Hide file tree

Showing 5 changed files with 52 additions and 47 deletions.
diff --git a/MainPreloader.swf b/MainPreloader.swf
diff --git a/XMLEngine.swf b/XMLEngine.swf
diff --git a/config.php b/config.php
@@ -22,9 +22,6 @@
 global $development;
 $development = false;
 
-if(php_uname('n') == 'orange') {
-    $development = true;
-}
 ini_set('error_reporting', 0);
 if($development) {
     ini_set('error_reporting', E_ALL);

diff --git a/modules/xerte/preview.php b/modules/xerte/preview.php
@@ -50,6 +50,8 @@ function show_preview_code($row, $row_username){
 
 	$dimension = explode("~",get_template_screen_size($row['template_name'],$row['template_framework']));
 
+	require_once("config.php");
+
 	_load_language_file("/modules/xerte/preview.inc");
 
 	?>

diff --git a/preview.php b/preview.php
@@ -21,83 +21,89 @@
  * Check the ID is numeric
  */
 
-if(is_numeric($_GET['template_id'])){
+if(isset($_SESSION['toolkits_logon_id'])){
 
-    $safe_template_id = mysql_real_escape_string($_GET['template_id']);
+	if(is_numeric($_GET['template_id'])){
 
-    $mysql_id=database_connect("Preview database connect successful","Preview database connect failed");
+		$safe_template_id = mysql_real_escape_string($_GET['template_id']);
 
-    /*
-     * Standard query
-     */
+		$mysql_id=database_connect("Preview database connect successful","Preview database connect failed");
 
-    $query_for_preview_content_strip = str_replace("\" . \$xerte_toolkits_site->database_table_prefix . \"", $xerte_toolkits_site->database_table_prefix, $xerte_toolkits_site->play_edit_preview_query);
+		/*
+		 * Standard query
+		 */
 
-    $query_for_preview_content = str_replace("TEMPLATE_ID_TO_REPLACE", $safe_template_id, $query_for_preview_content_strip);	
+		$query_for_preview_content_strip = str_replace("\" . \$xerte_toolkits_site->database_table_prefix . \"", $xerte_toolkits_site->database_table_prefix, $xerte_toolkits_site->play_edit_preview_query);
 
-    $query_for_preview_content_response = mysql_query($query_for_preview_content);
+		$query_for_preview_content = str_replace("TEMPLATE_ID_TO_REPLACE", $safe_template_id, $query_for_preview_content_strip);	
 
-    if(mysql_num_rows($query_for_preview_content_response)!=0){
+		$query_for_preview_content_response = mysql_query($query_for_preview_content);
 
-        $row = mysql_fetch_array($query_for_preview_content_response);
+		if(mysql_num_rows($query_for_preview_content_response)!=0){
 
-        /*
-         * Check users has some rights to this template
-         */
+			$row = mysql_fetch_array($query_for_preview_content_response);
 
-        if(has_rights_to_this_template($row['template_id'], $_SESSION['toolkits_logon_id'])){
+			/*
+			 * Check users has some rights to this template
+			 */
 
-            $query_for_username = "select username from " . $xerte_toolkits_site->database_table_prefix . "logindetails where login_id=\"" . $row['user_id'] . "\"";
+			if(has_rights_to_this_template($row['template_id'], $_SESSION['toolkits_logon_id'])){
 
-            $query_for_username_response = mysql_query($query_for_username);
+				$query_for_username = "select username from " . $xerte_toolkits_site->database_table_prefix . "logindetails where login_id=\"" . $row['user_id'] . "\"";
 
-            $row_username = mysql_fetch_array($query_for_username_response);
+				$query_for_username_response = mysql_query($query_for_username);
 
-            require $xerte_toolkits_site->root_file_path . "modules/" . $row['template_framework'] . "/preview.php";
+				$row_username = mysql_fetch_array($query_for_username_response);
 
-            show_preview_code($row, $row_username);		
+				require $xerte_toolkits_site->root_file_path . "modules/" . $row['template_framework'] . "/preview.php";
 
-            /*
-             * User might be admin so show code then
-             */	
+				show_preview_code($row, $row_username);		
 
-        }else if(is_user_admin()){
+				/*
+				 * User might be admin so show code then
+				 */	
 
-            $mysql_id=database_connect("Preview database connect successful","Preview database connect failed");
+			}else if(is_user_admin()){
 
-            $query_for_username = "select username from " . $xerte_toolkits_site->database_table_prefix . "logindetails where login_id=\"" . $row['user_id'] . "\"";
+				$mysql_id=database_connect("Preview database connect successful","Preview database connect failed");
 
-            $query_for_username_response = mysql_query($query_for_username);
+				$query_for_username = "select username from " . $xerte_toolkits_site->database_table_prefix . "logindetails where login_id=\"" . $row['user_id'] . "\"";
 
-            $row_username = mysql_fetch_array($query_for_username_response);
+				$query_for_username_response = mysql_query($query_for_username);
 
-            require $xerte_toolkits_site->root_file_path . "modules/" . $row['template_framework'] . "/preview.php";
+				$row_username = mysql_fetch_array($query_for_username_response);
 
-            show_preview_code($row, $row_username);	
+				require $xerte_toolkits_site->root_file_path . "modules/" . $row['template_framework'] . "/preview.php";
 
-        }		
+				show_preview_code($row, $row_username);	
 
-    }else{
+			}		
 
-        /*
-         * No rights, show error
-         */
+		}else{
 
-        echo file_get_contents($xerte_toolkits_site->website_code_path  . "error_top") . PREVIEW_RESOURCE_FAIL . "</div></div></body></html>";
+			/*
+			 * No rights, show error
+			 */
 
-        die();
+			echo PREVIEW_RESOURCE_FAIL;
 
-    }
+			die();
 
-}else{
+		}
+
+	}else{
+
+		echo PREVIEW_RESOURCE_FAIL;
 
-    /*
-     * No rights, show error
-     */
+		die();
 
-    echo file_get_contents($xerte_toolkits_site->website_code_path  . "error_top") . PREVIEW_RESOURCE_FAIL . "</div></div></body></html>";
+	}
+
+}else{
+
+	echo PREVIEW_RESOURCE_FAIL;
 
-    die();
+	die();
 
 }