From: garvinhicking <garvinhicking>
Date: Mon, 26 Dec 2005 20:24:03 +0000 (+0000)
Subject: Smartify entry preview
X-Git-Tag: 1.0~209
X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=ff96d2b67fed26416c888239f834746309e0b04a;p=s9y.git

Smartify entry preview
---

diff --git a/docs/NEWS b/docs/NEWS
index 2adbd6c..15dd2e1 100644
--- a/docs/NEWS
+++ b/docs/NEWS
@@ -3,6 +3,9 @@
 Version 1.0 ()
 ------------------------------------------------------------------------
 
+   * New Smarty template preview_iframe.tpl for creating the entry's
+     preview in the backend panel (garvinhicking)
+
    * Entry mail plugin can now send mails to multiple recipients, and
      define the list of recipients per-entry (garvinhicking)
 
diff --git a/include/functions_config.inc.php b/include/functions_config.inc.php
index 0e13c62..1005f4d 100644
--- a/include/functions_config.inc.php
+++ b/include/functions_config.inc.php
@@ -24,7 +24,7 @@ function serendipity_addAuthor($username, $password, $realname, $email, $userlev
                                  '" . serendipity_db_escape_String($userlevel) . "')";
     serendipity_db_query($query);
     $cid = serendipity_db_insert_id('authors', 'authorid');
-    
+
     $data = array(
         'authorid' => $cid,
         'username' => $username,
@@ -51,7 +51,7 @@ function serendipity_deleteAuthor($authorid) {
     if (!serendipity_checkPermission('adminUsersDelete')) {
         return false;
     }
-    
+
     if (serendipity_db_query("DELETE FROM {$serendipity['dbPrefix']}authors WHERE authorid=" . (int)$authorid)) {
         serendipity_db_query("DELETE FROM {$serendipity['dbPrefix']}permalinks WHERE entry_id=" . (int)$authorid ." and type='author'");
     }
@@ -89,7 +89,7 @@ function serendipity_set_config_var($name, $val, $authorid = 0) {
 
     serendipity_db_query("DELETE FROM {$serendipity['dbPrefix']}config where name='" . serendipity_db_escape_string($name) . "' AND authorid = " . (int)$authorid);
     $r = serendipity_db_insert('config', array('name' => $name, 'value' => $val, 'authorid' => $authorid));
-    
+
     if ($authorid === 0 || $authorid === $serendipity['authorid']) {
         if ($val === 'false') {
             $serendipity[$name] = false;
@@ -514,27 +514,7 @@ function serendipity_is_iframe() {
     if ($serendipity['GET']['is_iframe'] && is_array($_SESSION['save_entry'])) {
         include_once S9Y_INCLUDE_PATH . 'include/functions_entries_admin.inc.php';
         // An iframe may NOT contain <html> and </html> tags, that's why we emit different headers here than on serendipity_admin.php
-?>
-    <head>
-        <title><?php echo SERENDIPITY_ADMIN_SUITE; ?></title>
-        <meta http-equiv="Content-Type" content="text/html; charset=<?php echo LANG_CHARSET; ?>" />
-        <link rel="stylesheet" type="text/css" href="<?php echo (isset($serendipity['serendipityHTTPPath']) ? $serendipity['serendipityHTTPPath'] : ''); ?>serendipity.css.php" />
-        <script type="text/javascript">
-           window.onload = function() {
-             parent.document.getElementById('serendipity_iframe').style.height = document.getElementById('mainpane').offsetHeight
-                                                                               + parseInt(document.getElementById('mainpane').style.marginTop)
-                                                                               + parseInt(document.getElementById('mainpane').style.marginBottom)
-                                                                               + 'px';
-             parent.document.getElementById('serendipity_iframe').scrolling    = 'no';
-             parent.document.getElementById('serendipity_iframe').style.border = 0;
-           }
-        </script>
-    </head>
-
-    <body style="padding: 0px; margin: 0px;">
-        <div id="mainpane" style="padding: 0px; margin: 5px auto 5px auto; width: 98%;">
-            <div id="content" style="padding: 5px; margin: 0px;">
-<?php
+
         // We need to restore GET/POST variables to that depending plugins inside the iframe
         // can still fetch all that variables; and we also tighten security by not allowing
         // to pass any different GET/POST variables to our iframe.
@@ -542,19 +522,14 @@ function serendipity_is_iframe() {
         $serendipity['POST'] = &$_SESSION['save_entry_POST'];
         $serendipity['GET']  = &$_SESSION['save_entry_POST']; // GET-Vars are the same as POST to ensure compatibility.
         ignore_user_abort(true);
-        serendipity_iframe($_SESSION['save_entry'], $iframe_mode);
-?>
-            </div>
-        </div>
-    </body>
-<?php
+        serendipity_iframe($_SESSION['save_entry'], $iframe_mode, true);
         return true;
     }
     return false;
 }
 
 /**
- * Prints the content of the iframe. 
+ * Prints the content of the iframe.
  *
  * Called by serendipity_is_iframe, when preview is requested. Fetches data from session.
  * An iframe is used so that a single s9y page must not timeout on intensive operations,
@@ -564,15 +539,25 @@ function serendipity_is_iframe() {
  * @see serendipity_is_iframe()
  * @param   mixed   The entry array (comes from session variable)
  * @param   string  Indicates whether an entry is previewed or saved. Save performs XML-RPC calls.
+ * @param   boolean Use smarty templating?
  * @return  boolean Indicates whether iframe data was printed
  */
-function serendipity_iframe(&$entry, $mode = null) {
+function serendipity_iframe(&$entry, $mode = null, $use_smarty = true) {
     global $serendipity;
 
     if (empty($mode) || !is_array($entry)) {
         return false;
     }
 
+    if ($use_smarty) {
+        $serendipity['smarty_raw_mode'] = true; // Force output of Smarty stuff in the backend
+        $serendipity['smarty_preview']  = true;
+        serendipity_smarty_init();
+        $serendipity['smarty']->assign('is_preview',  true);
+        ob_start();
+    }
+
+    $show = false;
     switch ($mode) {
         case 'save':
             echo '<div style="float: left; height: 75px"></div>';
@@ -590,24 +575,26 @@ function serendipity_iframe(&$entry, $mode = null) {
             }
             echo '<br style="clear: both" />';
 
-            return true;
+            $show = true;
             break;
 
         case 'preview':
             echo '<div style="float: left; height: 225px"></div>';
-            $serendipity['smarty_raw_mode'] = true; // Force output of Smarty stuff in the backend
-            $serendipity['smarty_preview']  = true;
-            serendipity_smarty_init();
-            $serendipity['smarty']->assign('is_preview',  true);
-
             serendipity_printEntries(array($entry), ($entry['extended'] != '' ? 1 : 0), true);
             echo '<br style="clear: both" />';
 
-            return true;
+            $show = true;
             break;
     }
 
-    return false;
+    if ($use_smarty) {
+        $preview = ob_get_contents();
+        ob_end_clean();
+        $serendipity['smarty']->assign('preview', $preview);
+        $serendipity['smarty']->display(serendipity_getTemplateFile('preview_iframe.tpl', 'serendipityPath'));
+    }
+
+    return $show;
 }
 
 /**
@@ -803,22 +790,22 @@ function &serendipity_getPermissions($authorid) {
  */
 function serendipity_getPermissionNames() {
     return array(
-        'personalConfiguration'  
+        'personalConfiguration'
             => array(USERLEVEL_ADMIN, USERLEVEL_CHIEF, USERLEVEL_EDITOR),
-        'personalConfigurationUserlevel'  
+        'personalConfigurationUserlevel'
             => array(USERLEVEL_ADMIN, USERLEVEL_CHIEF),
-        'personalConfigurationNoCreate'  
+        'personalConfigurationNoCreate'
             => array(USERLEVEL_ADMIN, USERLEVEL_CHIEF),
-        'personalConfigurationRightPublish'  
+        'personalConfigurationRightPublish'
             => array(USERLEVEL_ADMIN, USERLEVEL_CHIEF),
-        'siteConfiguration'      
+        'siteConfiguration'
             => array(USERLEVEL_ADMIN),
-        'blogConfiguration'      
+        'blogConfiguration'
             => array(USERLEVEL_ADMIN, USERLEVEL_CHIEF),
 
-        'adminEntries'           
+        'adminEntries'
             => array(USERLEVEL_ADMIN, USERLEVEL_CHIEF, USERLEVEL_EDITOR),
-        'adminEntriesMaintainOthers' 
+        'adminEntriesMaintainOthers'
             => array(USERLEVEL_ADMIN, USERLEVEL_CHIEF),
 
         'adminImport'
@@ -831,47 +818,47 @@ function serendipity_getPermissionNames() {
         'adminCategoriesDelete'
             => array(USERLEVEL_ADMIN, USERLEVEL_CHIEF),
 
-        'adminUsers'             
+        'adminUsers'
             => array(USERLEVEL_ADMIN, USERLEVEL_CHIEF),
-        'adminUsersDelete'       
+        'adminUsersDelete'
             => array(USERLEVEL_ADMIN, USERLEVEL_CHIEF),
-        'adminUsersEditUserlevel'             
+        'adminUsersEditUserlevel'
             => array(USERLEVEL_ADMIN, USERLEVEL_CHIEF),
-        'adminUsersMaintainSame'             
+        'adminUsersMaintainSame'
             => array(USERLEVEL_ADMIN, USERLEVEL_CHIEF),
-        'adminUsersMaintainOthers'             
+        'adminUsersMaintainOthers'
             => array(USERLEVEL_ADMIN),
-        'adminUsersCreateNew'             
+        'adminUsersCreateNew'
             => array(USERLEVEL_ADMIN, USERLEVEL_CHIEF),
-        'adminUsersGroups'             
+        'adminUsersGroups'
             => array(USERLEVEL_ADMIN, USERLEVEL_CHIEF),
 
-        'adminPlugins'           
+        'adminPlugins'
             => array(USERLEVEL_ADMIN, USERLEVEL_CHIEF),
-        'adminPluginsMaintainOthers'           
+        'adminPluginsMaintainOthers'
             => array(USERLEVEL_ADMIN),
 
-        'adminImages'            
+        'adminImages'
             => array(USERLEVEL_ADMIN, USERLEVEL_CHIEF, USERLEVEL_EDITOR),
-        'adminImagesDirectories' 
+        'adminImagesDirectories'
             => array(USERLEVEL_ADMIN, USERLEVEL_CHIEF),
-        'adminImagesAdd' 
+        'adminImagesAdd'
             => array(USERLEVEL_ADMIN, USERLEVEL_CHIEF, USERLEVEL_EDITOR),
-        'adminImagesDelete'     
+        'adminImagesDelete'
             => array(USERLEVEL_ADMIN, USERLEVEL_CHIEF, USERLEVEL_EDITOR),
-        'adminImagesMaintainOthers' 
+        'adminImagesMaintainOthers'
             => array(USERLEVEL_ADMIN, USERLEVEL_CHIEF),
-        'adminImagesViewOthers' 
+        'adminImagesViewOthers'
             => array(USERLEVEL_ADMIN, USERLEVEL_CHIEF, USERLEVEL_EDITOR),
-        'adminImagesView' 
+        'adminImagesView'
             => array(USERLEVEL_ADMIN, USERLEVEL_CHIEF, USERLEVEL_EDITOR),
-        'adminImagesSync' 
+        'adminImagesSync'
             => array(USERLEVEL_ADMIN, USERLEVEL_CHIEF),
 
-        'adminComments'          
+        'adminComments'
             => array(USERLEVEL_ADMIN, USERLEVEL_CHIEF),
 
-        'adminTemplates'         
+        'adminTemplates'
             => array(USERLEVEL_ADMIN, USERLEVEL_CHIEF),
     );
 }
@@ -894,11 +881,11 @@ function serendipity_getPermissionNames() {
  */
 function serendipity_checkPermission($permName, $authorid = null, $returnMyGroups = false) {
     global $serendipity;
-    
+
     // Define old serendipity permissions
     static $permissions = null;
     static $group = null;
-    
+
     if (IS_installed !== true) {
         return true;
     }
@@ -910,15 +897,15 @@ function serendipity_checkPermission($permName, $authorid = null, $returnMyGroup
     if ($group === null) {
         $group = array();
     }
-    
+
     if ($authorid === null) {
         $authorid = $serendipity['authorid'];
     }
-    
+
     if (!isset($group[$authorid])) {
         $group[$authorid] = serendipity_getPermissions($authorid);
     }
-    
+
     if ($returnMyGroups) {
         return $group[$authorid]['membership'];
     }
@@ -941,13 +928,13 @@ function serendipity_checkPermission($permName, $authorid = null, $returnMyGroup
             $return = false;
         }
     }
-    
+
     // If the function did not yet return it means there's a check for a permission which is not defined anywhere.
     // Let's use a backwards compatible way.
     if ($return && isset($permissions[$permName]) && in_array($serendipity['serendipityUserlevel'], $permissions[$permName])) {
         return true;
     }
-    
+
     return false;
 }
 
@@ -970,7 +957,7 @@ function serendipity_updateGroups($groups, $authorid, $apply_acl = true) {
     serendipity_db_query("DELETE FROM {$serendipity['dbPrefix']}authorgroups WHERE authorid = " . (int)$authorid);
 
     foreach($groups AS $group) {
-        serendipity_db_query("INSERT INTO {$serendipity['dbPrefix']}authorgroups (authorid, groupid) VALUES (" . (int)$authorid . ", " . (int)$group . ")"); 
+        serendipity_db_query("INSERT INTO {$serendipity['dbPrefix']}authorgroups (authorid, groupid) VALUES (" . (int)$authorid . ", " . (int)$group . ")");
     }
     return true;
 }
@@ -990,7 +977,7 @@ function &serendipity_getAllGroups($apply_ACL_user = false) {
     global $serendipity;
 
     if ($apply_ACL_user) {
-        $groups =& serendipity_db_query("SELECT g.id   AS confkey, 
+        $groups =& serendipity_db_query("SELECT g.id   AS confkey,
                                                 g.name AS confvalue,
                                                 g.id   AS id,
                                                 g.name AS name
@@ -1000,7 +987,7 @@ function &serendipity_getAllGroups($apply_ACL_user = false) {
                                           WHERE ag.authorid = " . (int)$apply_ACL_user . "
                                        ORDER BY g.name", false, 'assoc');
     } else {
-        $groups =& serendipity_db_query("SELECT g.id   AS confkey, 
+        $groups =& serendipity_db_query("SELECT g.id   AS confkey,
                                                 g.name AS confvalue,
                                                 g.id   AS id,
                                                 g.name AS name
@@ -1028,7 +1015,7 @@ function &serendipity_fetchGroup($groupid) {
     global $serendipity;
 
     $conf = array();
-    $groups =& serendipity_db_query("SELECT g.id        AS confkey, 
+    $groups =& serendipity_db_query("SELECT g.id        AS confkey,
                                             g.name      AS confvalue,
                                             g.id        AS id,
                                             g.name      AS name,
@@ -1042,7 +1029,7 @@ function &serendipity_fetchGroup($groupid) {
     foreach($groups AS $group) {
         $conf[$group['property']] = $group['value'];
     }
-    
+
     // The following are unique
     $conf['name']      = $groups[0]['name'];
     $conf['id']        = $groups[0]['id'];
@@ -1063,7 +1050,7 @@ function &serendipity_fetchGroup($groupid) {
 function &serendipity_getGroups($authorid, $sequence = false) {
     global $serendipity;
 
-    $groups =& serendipity_db_query("SELECT g.id   AS confkey, 
+    $groups =& serendipity_db_query("SELECT g.id   AS confkey,
                                             g.name AS confvalue,
                                             g.id   AS id,
                                             g.name AS name
@@ -1074,7 +1061,7 @@ function &serendipity_getGroups($authorid, $sequence = false) {
     if (!is_array($groups)) {
         $groups = array();
     }
-    
+
     if ($sequence) {
         $_groups = $groups;
         $groups  = array();
@@ -1121,14 +1108,14 @@ function serendipity_deleteGroup($groupid) {
     if (!serendipity_checkPermission('adminUsersGroups')) {
         return false;
     }
-    
+
     if (!serendipity_checkPermission('adminUsersMaintainOthers')) {
         // Only groups should be accessible where a user has access rights.
         $my_groups =& serendipity_getGroups($serendipity['authorid'], true);
         if (!in_array($groupid, $my_groups)) {
             return false;
         }
-    } 
+    }
 
     serendipity_db_query("DELETE FROM {$serendipity['dbPrefix']}groups       WHERE id = " . (int)$groupid);
     serendipity_db_query("DELETE FROM {$serendipity['dbPrefix']}authorgroups WHERE groupid = " . (int)$groupid);
@@ -1155,7 +1142,7 @@ function serendipity_addGroup($name) {
 /**
  * Returns a list of all existing permission names.
  *
- * Additional plugins might insert specific properties into the groupconfig database to 
+ * Additional plugins might insert specific properties into the groupconfig database to
  * handle their own privileges. This call returns an array of all available permission names
  * so that it can be intersected with the list of internal permission names (serendipity_getPermissionNames())
  * and the be distincted.
@@ -1166,7 +1153,7 @@ function serendipity_addGroup($name) {
  */
 function &serendipity_getDBPermissionNames() {
     global $serendipity;
-    
+
     $config =& serendipity_db_query("SELECT property FROM {$serendipity['dbPrefix']}groupconfig GROUP BY property ORDER BY property", false, 'assoc');
 
     return $config;
@@ -1193,7 +1180,7 @@ function &serendipity_getAllPermissionNames() {
 
     $DBperms =& serendipity_getDBPermissionNames();
     $perms   =& serendipity_getPermissionNames();
-    
+
     foreach($DBperms AS $perm) {
         if (!isset($perms[$perm['property']])) {
             $perms[$perm['property']] = array();
@@ -1225,7 +1212,7 @@ function serendipity_intersectGroup($checkuser = null, $myself = null) {
     if ($myself === null) {
         $myself = $serendipity['authorid'];
     }
-    
+
     $my_groups  =& serendipity_getGroups($myself, true);
     $his_groups =& serendipity_getGroups($checkuser, true);
 
@@ -1234,7 +1221,7 @@ function serendipity_intersectGroup($checkuser = null, $myself = null) {
             return true;
         }
     }
-    
+
     return false;
 }
 
@@ -1261,11 +1248,11 @@ function serendipity_updateGroupConfig($groupid, &$perms, &$values) {
         if (!in_array($groupid, $my_groups)) {
             return false;
         }
-    } 
+    }
 
-    $storage =& serendipity_fetchGroup($groupid);    
+    $storage =& serendipity_fetchGroup($groupid);
 
-    serendipity_db_query("DELETE FROM {$serendipity['dbPrefix']}groupconfig WHERE id = " . (int)$groupid); 
+    serendipity_db_query("DELETE FROM {$serendipity['dbPrefix']}groupconfig WHERE id = " . (int)$groupid);
     foreach ($perms AS $perm => $userlevels) {
         if (isset($values[$perm]) && $values[$perm] == 'true') {
             $value = 'true';
@@ -1276,7 +1263,7 @@ function serendipity_updateGroupConfig($groupid, &$perms, &$values) {
         } else {
             $value = 'false';
         }
-        
+
         if (!serendipity_checkPermission($perm)) {
             if (!isset($storage[$perm])) {
                 $value = 'false';
@@ -1293,7 +1280,7 @@ function serendipity_updateGroupConfig($groupid, &$perms, &$values) {
             )
         );
     }
-    
+
     serendipity_db_query("UPDATE {$serendipity['dbPrefix']}groups SET name = '" . serendipity_db_escape_string($values['name']) . "' WHERE id = " . (int)$groupid);
 
     if (is_array($values['members'])) {
@@ -1326,18 +1313,18 @@ function serendipity_addDefaultGroup($name, $level) {
     if ($perms === null) {
         $perms = serendipity_getPermissionNames();
     }
-    
+
     serendipity_db_query("INSERT INTO {$serendipity['dbPrefix']}groups (name) VALUES ('" . serendipity_db_escape_string($name) . "')");
     $gid = (int)serendipity_db_insert_id('groups', 'id');
     serendipity_db_query("INSERT INTO {$serendipity['dbPrefix']}groupconfig (id, property, value) VALUES ($gid, 'userlevel', '" . (int)$level . "')");
 
     $authors = serendipity_db_query("SELECT * FROM {$serendipity['dbPrefix']}authors WHERE userlevel = " . (int)$level);
-    
+
     if (is_array($authors)) {
         foreach($authors AS $author) {
             serendipity_db_query("INSERT INTO {$serendipity['dbPrefix']}authorgroups (authorid, groupid) VALUES ('{$author['authorid']}', '$gid')");
         }
-    }    
+    }
 
     foreach($perms AS $permName => $permArray) {
         if (in_array($level, $permArray)) {
@@ -1346,7 +1333,7 @@ function serendipity_addDefaultGroup($name, $level) {
             serendipity_db_query("INSERT INTO {$serendipity['dbPrefix']}groupconfig (id, property, value) VALUES ($gid, '" . serendipity_db_escape_string($permName) . "', 'false')");
         }
     }
-    
+
     return true;
 }
 
@@ -1372,10 +1359,10 @@ function serendipity_ACLGrant($artifact_id, $artifact_type, $artifact_mode, $gro
     if (empty($groups) || !is_array($groups)) {
         return false;
     }
-    
+
     // Delete all old existing relations.
     serendipity_db_query("DELETE FROM {$serendipity['dbPrefix']}access
-                                WHERE artifact_id   = " . (int)$artifact_id . " 
+                                WHERE artifact_id   = " . (int)$artifact_id . "
                                   AND artifact_type = '" . serendipity_db_escape_string($artifact_type) . "'
                                   AND artifact_mode = '" . serendipity_db_escape_string($artifact_mode) . "'");
 
@@ -1394,7 +1381,7 @@ function serendipity_ACLGrant($artifact_id, $artifact_type, $artifact_mode, $gro
         $data['groupid'] = $group;
         serendipity_db_insert('access', $data);
     }
-    
+
     return true;
 }
 
@@ -1406,7 +1393,7 @@ function serendipity_ACLGrant($artifact_id, $artifact_type, $artifact_mode, $gro
  * An artifact in terms of Serendipity can be either a category or an entry, or
  * anything beyond that for future compatibility.
  * This function retrieves the ACLs.
- * 
+ *
  * @access public
  * @param   int     The ID of the artifact to set the access
  * @param   string  The type of an artifact (category|entry)
@@ -1415,13 +1402,13 @@ function serendipity_ACLGrant($artifact_id, $artifact_type, $artifact_mode, $gro
  */
 function serendipity_ACLGet($artifact_id, $artifact_type, $artifact_mode) {
     global $serendipity;
-    
+
     $sql = "SELECT groupid, artifact_index FROM {$serendipity['dbPrefix']}access
                     WHERE artifact_type = '" . serendipity_db_escape_string($artifact_type) . "'
                       AND artifact_id   = '" . (int)$artifact_id . "'
                       AND artifact_mode = '" . serendipity_db_escape_string($artifact_mode) . "'";
     $rows = serendipity_db_query($sql, false, 'assoc');
-    
+
     if (!is_array($rows)) {
         return false;
     }
@@ -1430,7 +1417,7 @@ function serendipity_ACLGet($artifact_id, $artifact_type, $artifact_mode) {
     foreach($rows AS $row) {
         $acl[$row['groupid']] = $row['artifact_index'];
     }
-    
+
     return $acl;
 }
 
@@ -1442,7 +1429,7 @@ function serendipity_ACLGet($artifact_id, $artifact_type, $artifact_mode) {
  * An artifact in terms of Serendipity can be either a category or an entry, or
  * anything beyond that for future compatibility.
  * This function retrieves the ACLs for a specific user.
- * 
+ *
  * @access public
  * @param   int     The ID of the author to check against.
  * @param   int     The ID of the artifact to set the access
@@ -1452,32 +1439,32 @@ function serendipity_ACLGet($artifact_id, $artifact_type, $artifact_mode) {
  */
 function serendipity_ACLCheck($authorid, $artifact_id, $artifact_type, $artifact_mode) {
     global $serendipity;
-    
+
     $artifact_sql = array();
-    
-    // TODO: If more artifact_types are available, the JOIN needs to be edited so that the first AND portion is not required, and the join is fully made on that conditiion. 
+
+    // TODO: If more artifact_types are available, the JOIN needs to be edited so that the first AND portion is not required, and the join is fully made on that conditiion.
     switch($artifact_type) {
         default:
         case 'category':
             $artifact_sql['unique']= "atf.categoryid";
             $artifact_sql['cond']  = "atf.categoryid = " . (int)$artifact_id;
-            $artifact_sql['where'] = "     ag.groupid = a.groupid 
-                                        OR a.groupid  = 0 
+            $artifact_sql['where'] = "     ag.groupid = a.groupid
+                                        OR a.groupid  = 0
                                         OR (a.artifact_type IS NULL AND (atf.authorid = " . (int)$authorid . " OR atf.authorid = 0 OR atf.authorid IS NULL))";
             $artifact_sql['table'] = 'category';
     }
-    
+
     $sql = "SELECT {$artifact_sql['unique']} AS result
               FROM {$serendipity['dbPrefix']}{$artifact_sql['table']} AS atf
    LEFT OUTER JOIN {$serendipity['dbPrefix']}authorgroups AS ag
                 ON ag.authorid = ". (int)$authorid . "
-   LEFT OUTER JOIN {$serendipity['dbPrefix']}access AS a 
-                ON (    a.artifact_type = '" . serendipity_db_escape_string($artifact_type) . "' 
+   LEFT OUTER JOIN {$serendipity['dbPrefix']}access AS a
+                ON (    a.artifact_type = '" . serendipity_db_escape_string($artifact_type) . "'
                     AND a.artifact_id   = " . (int)$artifact_id . "
-                    AND a.artifact_mode = '" . serendipity_db_escape_string($artifact_mode) . "' 
+                    AND a.artifact_mode = '" . serendipity_db_escape_string($artifact_mode) . "'
                    )
 
-             WHERE {$artifact_sql['cond']} 
+             WHERE {$artifact_sql['cond']}
                AND ( {$artifact_sql['where']} )
           GROUP BY result";
 
@@ -1485,7 +1472,7 @@ function serendipity_ACLCheck($authorid, $artifact_id, $artifact_type, $artifact
     if (is_array($res) && !empty($res['result'])) {
         return true;
     }
-    
+
     return false;
 }
 
@@ -1517,7 +1504,7 @@ function serendipity_ACL_SQL(&$cond, $append_category = false) {
             $read_id = (int)$serendipity['authorid'];
             $read_id_sql = 'acl_a.groupid OR acl_acc.groupid = 0';
         } else {
-            // "0" as category property counts as "anonymous viewers" 
+            // "0" as category property counts as "anonymous viewers"
             $read_id     = 0;
             $read_id_sql = 0;
         }
@@ -1527,7 +1514,7 @@ function serendipity_ACL_SQL(&$cond, $append_category = false) {
                 $cond['joins'] .= " LEFT JOIN {$serendipity['dbPrefix']}entrycat ec
                                            ON e.id = ec.entryid";
             }
-            
+
             $cond['joins'] .= " LEFT JOIN {$serendipity['dbPrefix']}category c
                                        ON ec.categoryid = c.categoryid";
         }
@@ -1535,9 +1522,9 @@ function serendipity_ACL_SQL(&$cond, $append_category = false) {
         $cond['joins'] .= " LEFT JOIN {$serendipity['dbPrefix']}authorgroups AS acl_a
                                    ON acl_a.authorid = " . $read_id . "
                             LEFT JOIN {$serendipity['dbPrefix']}access AS acl_acc
-                                   ON (    acl_acc.artifact_mode = 'read' 
+                                   ON (    acl_acc.artifact_mode = 'read'
                                        AND acl_acc.artifact_type = 'category'
-                                       AND acl_acc.artifact_id   = c.categoryid 
+                                       AND acl_acc.artifact_id   = c.categoryid
                                       )";
 
         if (empty($cond['and'])) {
@@ -1548,18 +1535,18 @@ function serendipity_ACL_SQL(&$cond, $append_category = false) {
 
         // When in Admin-Mode, apply readership permissions.
         $cond['and'] .= "    (
-                                 c.categoryid IS NULL 
+                                 c.categoryid IS NULL
                                  OR ( acl_acc.groupid = " . $read_id_sql . ")
-                                 OR ( acl_acc.artifact_id IS NULL 
-                                      " . (isset($serendipity['GET']['adminModule']) && 
-                                           $serendipity['GET']['adminModule'] == 'entries' && 
-                                           !serendipity_checkPermission('adminEntriesMaintainOthers') 
+                                 OR ( acl_acc.artifact_id IS NULL
+                                      " . (isset($serendipity['GET']['adminModule']) &&
+                                           $serendipity['GET']['adminModule'] == 'entries' &&
+                                           !serendipity_checkPermission('adminEntriesMaintainOthers')
                                         ? "AND (c.authorid IS NULL OR c.authorid = 0 OR c.authorid = " . $read_id . ")"
                                         : "") . "
                                     )
                                )";
         return true;
-    }    
+    }
 
     return false;
 }
@@ -1586,7 +1573,7 @@ function serendipity_checkXSRF() {
         echo serendipity_reportXSRF(1, true, true);
         return false;
     }
-    
+
     // Parse the Referrer host. Abort if not parseable.
     $hostinfo = @parse_url($_SERVER['HTTP_REFERER']);
     if (!is_array($hostinfo)) {
@@ -1610,7 +1597,7 @@ function serendipity_checkXSRF() {
         echo serendipity_reportXSRF(3, true, true);
         return true;
     }
-    
+
     return false;
 }
 
@@ -1660,7 +1647,7 @@ function serendipity_reportXSRF($type = 0, $reset = true, $use_config = false) {
  */
 function serendipity_checkFormToken() {
     global $serendipity;
-    
+
     $token = '';
     if (!empty($serendipity['POST']['token'])) {
         $token = $serendipity['POST']['token'];
@@ -1678,7 +1665,7 @@ function serendipity_checkFormToken() {
         echo serendipity_reportXSRF('token', false);
         return false;
     }
-    
+
     return true;
 }
 
@@ -1702,7 +1689,7 @@ function serendipity_checkFormToken() {
  */
 function serendipity_setFormToken($type = 'form') {
     global $serendipity;
-    
+
     if ($type == 'form') {
         return '<input type="hidden" name="serendipity[token]" value="' . md5(session_id()) . '" />';
     } elseif ($type == 'url') {
diff --git a/templates/default/preview_iframe.tpl b/templates/default/preview_iframe.tpl
new file mode 100644
index 0000000..401f7ff
--- /dev/null
+++ b/templates/default/preview_iframe.tpl
@@ -0,0 +1,24 @@
+    <head>
+        <title>{$CONST.SERENDIPITY_ADMIN_SUITE}</title>
+        <meta http-equiv="Content-Type" content="text/html; charset={$head_charset}" />
+        <meta name="Powered-By" content="Serendipity v.{$head_version}" />
+        <link rel="stylesheet" type="text/css" href="{$head_link_stylesheet}" />
+        <script type="text/javascript">
+           window.onload = function() {ldelim}
+             parent.document.getElementById('serendipity_iframe').style.height = document.getElementById('mainpane').offsetHeight
+                                                                               + parseInt(document.getElementById('mainpane').style.marginTop)
+                                                                               + parseInt(document.getElementById('mainpane').style.marginBottom)
+                                                                               + 'px';
+             parent.document.getElementById('serendipity_iframe').scrolling    = 'no';
+             parent.document.getElementById('serendipity_iframe').style.border = 0;
+           {rdelim}
+        </script>
+    </head>
+
+    <body style="padding: 0px; margin: 0px;">
+        <div id="mainpane" style="padding: 0px; margin: 5px auto 5px auto; width: 98%;">
+            <div id="content" style="padding: 5px; margin: 0px;">
+            {$preview}
+            </div>
+        </div>
+    </body>