\n";
$body .= LJ::make_authas_select($remote, { 'authas' => $GET{'authas'} }) . "\n";
$body .= "\n\n";
};
# used for error messages
my $err = sub {
$title = "Error";
$body = '';
$authasform->() if $remote;
$body .= "";
return;
};
# id is optional
my $id = $POST{'id'} if $POST{'id'} =~ /^\d+$/;
# this catches core_hidden if it's set
$POST{'parid'} ||= $POST{'parid_hidden'};
# authenticate user
$remote = LJ::get_remote();
return $err->('You must be logged in to view your layers.')
unless $remote;
my $authas = $GET{'authas'} || $remote->{'user'};
my $u = LJ::get_authas_user($authas);
# if we don't have a u, maybe they're an admin and can view stuff anyway?
my $noactions = 0;
if ($GET{user} && (LJ::check_priv($remote, 'canview', 'styles') ||
LJ::check_priv($remote, 'canview', '*'))) {
return $err->('This privilege cannot be used on the system account.')
if $GET{user} eq 'system';
$u = LJ::load_user($GET{user});
$noactions = 1; # don't let admins change anything
}
return $err->('You could not be authenticated as the specified user.')
unless $u;
# load user and public layers
my $pub = LJ::S2::get_public_layers();
my $ulay = LJ::S2::get_layers_of_user($u);
my $has_priv = LJ::get_cap($u, 's2styles');
return $err->($remote->{user} eq $u->{user} ?
'Your account type does not allow advanced customization.' :
'The selected user\'s account type does not allow advanced customization.' )
unless $has_priv;
# start of output
$title = "Your Layers";
$body .= BML::ml("backlink", {
'link' => './',
'text' => 'Advanced Customization',
}) . "\n";
$body .= BML::ml("actionlink", {
'link' => "Your Styles",
}) . "\n";
### perform actions ###
# create
if ($POST{'action:create'} && !$noactions) {
return $err->("You have reached your maximum number of allowed layers")
if keys %$ulay >= LJ::get_cap($u, 's2layersmax');
my $err_badparid = "No/bogus parent layer ID given (for layouts and core languages, use core parent ID; for themes and layout languages, use layout ID)";
my $type = $POST{'type'} or return $err->("No layer type selected.");
my $parid = $POST{'parid'}+0 or return $err->($err_badparid);
return $err->("Invalid layer type") unless $type =~ /^layout|theme|user|i18nc?$/;
my $parent_type = ($type eq "theme" || $type eq "i18n" || $type eq "user") ? "layout" : "core";
# parent ID is public layer
if ($pub->{$parid}) {
# of the wrong type
return $err->($err_badparid) if $pub->{$parid}->{'type'} ne $parent_type;
# parent ID is user layer, or completely invalid
} else {
return $err->($err_badparid) if
! $ulay->{$parid} || $ulay->{$parid}->{'type'} != $parent_type;
}
my $id = LJ::S2::create_layer($u, $parid, $type);
return $err->("Error creating layer") unless $id;
my $lay = {
'userid' => $u->{'userid'},
'type' => $type,
'b2lid' => $parid,
's2lid' => $id,
};
# help user out a bit, creating the beginning of their layer.
my $s2 = "layerinfo \"type\" = \"$type\";\n";
$s2 .= "layerinfo \"name\" = \"\";\n\n";
my $error;
unless (LJ::S2::layer_compile($lay, \$error, { 's2ref' => \$s2 })) {
return $err->("Error setting up & compiling layer: $error");
}
# redirect so they can't refresh and create a new layer again
return BML::redirect("layers.bml?authas=$authas");
}
# delete
if ($POST{'action:del'} && !$noactions) {
my $id = $POST{'id'}+0;
my $lay = LJ::S2::load_layer($id);
return $err->("The specified layer does not exist")
unless $lay;
return $err->("You do not own the specified layer")
unless $lay->{'userid'} == $u->{'userid'};
unless ($POST{'confirm'}) {
my $layerinfo = {};
LJ::S2::load_layer_info($layerinfo, [ $id ]);
my $name = $layerinfo->{$id}->{'name'} ? "'$layerinfo->{$id}->{'name'}'" : "#$id";
$name = LJ::ehtml($name);
$title = "Deleting layer $name";
$body .= "
";
$body .= BML::ml("backlink", {
'link' => "layers.bml?authas=$authas",
'text' => 'Your Layers',
}) . "\n";
$body .= "
LayerID | Type | Name | Actions |
Child of layer $bid: $pname | |||
$lid | $lay->{'type'} | $name | "; $body .= ""; $body .= ""; $body .= " |