public function authentificate()
{
session_name(BertaUtils::canonizeString('berta_' . Berta::$options['version'] . '_' . Berta::$options['SITE_ABS_ROOT'], '_', ''));
session_start();
$curTime = time();
if (isset($_SESSION['_berta__user']) && is_array($_SESSION['_berta__user'])) {
if ($curTime - $_SESSION['_berta__user']['last_access'] <= $this->authExpiresSeconds) {
if ($_SESSION['_berta__user']['last_ip'] == $_SERVER['REMOTE_ADDR']) {
$_SESSION['_berta__user']['last_access'] = $curTime;
$this->user = $_SESSION['_berta__user'];
$this->userLoggedIn = true;
if (!empty($_REQUEST['_security_reload_user'])) {
$this->updateUserSettings($this->user);
}
return $this->userLoggedIn = true;
} else {
$this->destroy(self::BERTASECURITY_ERROR_SESSION_IP_CONFLICT);
// ip conflict
return $this->userLoggedIn = false;
}
} else {
$this->destroy(self::BERTASECURITY_ERROR_SESSION_EXPIRED);
return $this->userLoggedIn = false;
}
} elseif (isset($_SESSION['_berta__user']) && !is_array($_SESSION['_berta__user'])) {
$this->destroy(self::BERTASECURITY_ERROR_SESSION_VARIABLE);
return $this->userLoggedIn = false;
} else {
return $this->userLoggedIn = false;
}
}
function smarty_function_entrySlug($params, &$smarty)
{
global $berta;
if (!empty($params['entry'])) {
$section_type = isset($berta->sections[$berta->sectionName]['@attributes']['type']) ? $berta->sections[$berta->sectionName]['@attributes']['type'] : null;
if ($section_type == 'portfolio' && isset($params['entry']['title']) && $params['entry']['title']) {
$title = $params['entry']['title'];
} else {
$title = 'entry-' . $params['entry']['id'];
}
$slug = strtolower(BertaUtils::canonizeString($title, '-', '-'));
return $slug;
}
return '';
}
public static function getUniqueSectionSlug($oldSlug, $title, $sectionsList)
{
$notUnique = true;
$title = trim($title);
if (strlen($title) < 1) {
return '';
}
$slug = strtolower(BertaUtils::canonizeString($title, '-', '\\._-', true));
unset($sectionsList[$oldSlug]);
$existingSections = array_map('strval', array_keys($sectionsList));
$slug = $slug ? $slug : '_';
$i = 1;
while ($notUnique) {
if (in_array($slug, $existingSections)) {
$slug = preg_replace('/(^.*?)+([\\-])+([0-9])+$/', '$1', $slug);
$slug .= '-' . $i;
$i++;
} else {
$notUnique = false;
}
}
return $slug;
}
<?
if($decoded['section']) {
// create media folder name
$mediafolder = '';
$mFAddNum = false;
if($decoded['mediafolder']) $mediafolder = BertaUtils::canonizeString($decoded['mediafolder'], '_');
if(!$decoded['mediafolder'] || $mediafolder == str_repeat('_', strlen($decoded['mediafolder']))) {
$mediafolder = $decoded['section'];
$mFAddNum = true;
}
$MFTestNum = 1;
do {
$mFTest = $mediafolder . ($mFAddNum ? $MFTestNum : ($MFTestNum > 1 ? ($MFTestNum - 1) : ''));
$MFTestNum++;
} while(file_exists($options['MEDIA_ROOT'] . $mFTest));
$mediafolder = $mFTest;
$defaultGalleryType = $berta->template->settings->get('entryLayout', 'defaultGalleryType');
if(!$defaultGalleryType) $defaultGalleryType = 'slideshow';
$FullScreen=$berta->settings->get('entryLayout', 'galleryFullScreenDefault');
// try to create media folder
//echo realpath($options['MEDIA_ROOT']) . '/' . $mFTest;
if(@mkdir(realpath($options['MEDIA_ROOT']) . '/' . $mFTest, 0777)) {
@chmod(realpath($options['MEDIA_ROOT']) . '/' . $mFTest, 0777);
//echo realpath($options['MEDIA_ROOT']) . $mFTest;
// update xml...
} else {
if ($decoded['action'] == 'CREATE_NEW_SECTION') {
$isClone = $decoded['cloneSection'];
//loop until section is not found - add numbers at the end
$i = 0;
do {
if ($i) {
if (preg_match('/(?P<name>.*) (?P<digit>\\d+)$/', $sTitle, $matches)) {
$sTitle = $matches['name'] . ' ' . ($matches['digit'] + 1);
} else {
$sTitle .= ' 2';
}
} else {
$sTitle = $decoded['cloneSectionTitle'] ? 'clone of ' . $decoded['cloneSectionTitle'] : 'untitled' . uniqid();
}
$sName = strtolower(BertaUtils::canonizeString($sTitle, '-', '-'));
$fName = $options['XML_ROOT'] . str_replace('%', $sName, $options['blog.%.xml']);
$i++;
} while (file_exists($fName));
$emptyXML = '<?xml version="1.0" encoding="utf-8"?><blog></blog>';
if (!@file_put_contents($fName, $emptyXML)) {
$returnError = 'section cannot be created! the storage file cannot be created. check permissions and be sure the name of the section is not TOO fancy.';
} else {
@chmod($fName, 0666);
$published = 1;
$sectionsList = BertaEditor::getSections();
if ($isClone) {
$cloneSection = $sectionsList[$decoded['cloneSection']];
$published = $cloneSection['@attributes']['published'];
$cloneSection['name'] = $sName;
$cloneSection['title'] = $sTitle;
$returnValues = array();
$returnParams = '';
// is put if editing an empty field (otherwise safari collapses it)
if(is_string($decoded['value']) && trim($decoded['value']) == ' ') $returnUpdate = $returnReal = $decoded['value'] = '';
// some preprocessing -------------------------------------------------------------------------------------------
switch($decoded['property']) {
case 'tags': // tags are to be formatted with a special divider in the updatable field
$t = preg_replace("/,\s+/", ',', $decoded['value']);
$returnUpdate = explode(',', $t);
$returnReal = str_replace(',', ', ', $t);
// eliminate items with identical canonical versions.
$r = array();
foreach($returnUpdate as $t) $r[strtolower(BertaUtils::canonizeString($t, '-', '-'))] = $t;
$returnUpdate = array_values($r);
// the "real" return value is done. the
$returnReal = implode(', ', $returnUpdate);
break;
case 'date': // for date only the year should be displayed in the updatable field
if(preg_match("/(\d{2})(?:\.|\/)(\d{2})(?:\.|\/)(\d{2,4})( (\d{2}):(\d{2})(:(\d{2})|)|)/", trim($decoded['value']), $regs)) {
if(strlen($regs[3]) == 2) {
$tY = date("Y") - 2000;
if($regs[3] > $tY + 50)
$regs[3] -= 100;
$regs[3] += 2000;
}
$returnReal = $regs[1] . '.' . $regs[2] . '.' . $regs[3];
$returnParams = '';
// is put if editing an empty field (otherwise safari collapses it)
if (is_string($decoded['value']) && trim($decoded['value']) == ' ') {
$returnUpdate = $returnReal = $decoded['value'] = '';
}
// some preprocessing -------------------------------------------------------------------------------------------
switch ($decoded['property']) {
case 'submenu':
// tags are to be formatted with a special divider in the updatable field
$t = preg_replace("/,\\s+/", ',', $decoded['value']);
$returnUpdate = explode(',', $t);
$returnReal = str_replace(',', ', ', $t);
// eliminate items with identical canonical versions.
$r = array();
foreach ($returnUpdate as $t) {
$r[strtolower(BertaUtils::canonizeString($t, '-', '-'))] = $t;
}
$returnUpdate = array_values($r);
// the "real" return value is done. the
$returnReal = implode(', ', $returnUpdate);
break;
case 'date':
// for date only the year should be displayed in the updatable field
if (preg_match("/(\\d{2})(?:\\.|\\/)(\\d{2})(?:\\.|\\/)(\\d{2,4})( (\\d{2}):(\\d{2})(:(\\d{2})|)|)/", trim($decoded['value']), $regs)) {
if (strlen($regs[3]) == 2) {
$tY = date("Y") - 2000;
if ($regs[3] > $tY + 50) {
$regs[3] -= 100;
}
$regs[3] += 2000;
}
public static function populateTags($sectionName, &$blog)
{
$tagsArr = BertaEditor::getTags();
$newCache = array();
$allHaveTags = true;
if (!empty($blog['entry'])) {
foreach ($blog['entry'] as $eId => $e) {
if ($eId === '@attributes') {
continue;
}
//echo '<p>'; print_r($e['subsections']);
$hasTags = false;
if (isset($e['tags'])) {
Array_XML::makeListIfNotList($e['tags']['tag']);
foreach ($e['tags']['tag'] as $t) {
if ($tName = trim((string) $t['value'])) {
$tName = strtolower(BertaUtils::canonizeString($tName, '-', '-'));
$c = isset($newCache[$tName]) ? $newCache[$tName]['entry_count'] : 0;
$newCache[$tName] = array('title' => $t['value'], 'entry_count' => ++$c);
$hasTags = true;
}
}
}
$allHaveTags &= $hasTags;
}
}
$tagsArr[$sectionName] = $newCache;
// update direct content property
$sectionsList = BertaEditor::getSections();
if (!empty($sectionsList[$sectionName])) {
if (empty($sectionsList[$sectionName]['@attributes'])) {
$sectionsList[$sectionName]['@attributes'] = array();
}
$sectionsList[$sectionName]['@attributes']['has_direct_content'] = !$allHaveTags ? '1' : '0';
}
BertaEditor::saveSections($sectionsList);
// save subsections list
BertaEditor::saveTags($tagsArr, $sectionsList);
return $tagsArr;
}
public static function populateTags($sectionName, &$blog)
{
$tagsArr = BertaEditor::getTags();
$newCache = array();
$allHaveTags = true;
if (isset($blog['entry']) && !empty($blog['entry'])) {
foreach ($blog['entry'] as $eId => $e) {
if ($eId === '@attributes') {
continue;
}
$hasTags = false;
if (isset($e['tags'])) {
Array_XML::makeListIfNotList($e['tags']['tag']);
foreach ($e['tags']['tag'] as $t) {
if ($tName = trim((string) $t['value'])) {
$tName = strtolower(BertaUtils::canonizeString($tName, '-', '-'));
$c = isset($newCache[$tName]) ? $newCache[$tName]['entry_count'] : 0;
$newCache[$tName] = array('title' => $t['value'], 'entry_count' => ++$c);
$hasTags = true;
}
}
}
$allHaveTags &= $hasTags;
}
}
//to keep sorting order, we need to check old and new tag arrays
//loop through old and check if exists and update, else do not add
$tempCache = array();
if (isset($tagsArr[$sectionName])) {
foreach ($tagsArr[$sectionName] as $tag => $tagVars) {
if (isset($newCache[$tag])) {
$tempCache[$tag] = $newCache[$tag];
}
}
}
//loop through new and check if exists, if not - add at bottom
foreach ($newCache as $tag => $tagVars) {
if (!isset($tagsArr[$sectionName][$tag])) {
$tempCache[$tag] = $tagVars;
}
}
$tagsArr[$sectionName] = $tempCache;
// update direct content property
$sectionsList = BertaEditor::getSections();
if (!empty($sectionsList[$sectionName])) {
if (empty($sectionsList[$sectionName]['@attributes'])) {
$sectionsList[$sectionName]['@attributes'] = array();
}
$sectionsList[$sectionName]['@attributes']['has_direct_content'] = !$allHaveTags ? '1' : '0';
}
BertaEditor::saveSections($sectionsList);
// save subsections list
BertaEditor::saveTags($tagsArr, $sectionsList);
return $tagsArr;
}
public static function entryForTemplate($p, $additionalValues = false)
{
$e = array();
// preset variables..
$e['__raw'] = $p;
$e['id'] = $p['id']['value'];
$e['uniqid'] = $p['uniqid']['value'];
$e['date'] = !empty($p['date']) && !empty($p['date']['value']) ? $p['date']['value'] : '';
$e['mediafolder'] = $p['mediafolder']['value'];
$e['marked'] = !empty($p['marked']['value']) ? '1' : '0';
if ($additionalValues) {
foreach ($additionalValues as $key => $value) {
if (!isset($e[$key])) {
// don't overwrite
$e[$key] = $value;
}
}
}
// entry content..
if (!empty($p['content'])) {
foreach ($p['content'] as $key => $value) {
if (!isset($e[$key])) {
// don't overwrite
$e[$key] = !empty($value['value']) ? $value['value'] : '';
}
}
}
// tags..
$tagsList = array();
if (!empty($p['tags']['tag'])) {
Array_XML::makeListIfNotList($p['tags']['tag']);
foreach ($p['tags']['tag'] as $tName => $t) {
if (!empty($t['value'])) {
$tagsList[strtolower(BertaUtils::canonizeString($t['value']))] = $t['value'];
}
}
}
$e['tags'] = $tagsList;
return $e;
}
$fName = rand(1, 100) . $fName;
}
// only derivatives start with "_"
} elseif ($posterFor) {
// if this image is uploaded as a poster frame, then its name should be the same as the name of the video
$fName = substr($posterFor, 0, strrpos($posterFor, '.')) . '.' . strtolower(substr(strrchr($_FILES['Filedata']['name'], '.'), 1));
if (file_exists($fileFolder . $fName)) {
if (@unlink($fileFolder . $fName)) {
BertaEditor::images_deleteDerivatives($fileFolder, $fName);
} else {
$result['result'] = 'failed';
$result['error'] = 'Cannot delete the current poster frame file!';
}
}
} else {
$fName = $fRealName = strtolower(BertaUtils::canonizeString($_FILES['Filedata']['name'], '_', '\\.-'));
//str_replace(' ', '', str_replace($badChars, '_', strtolower($_FILES['Filedata']['name'])));
if (substr($fName, 0, 1) == '_') {
$fName = rand(1, 100) . $fName;
}
// only derivatives start with "_"
$ext = strtolower(substr(strrchr($fName, '.'), 1));
}
if (empty($result['error'])) {
// be sure that we won't overwrite anything
while (file_exists($fileFolder . $fName)) {
$fName = substr($fName, 0, strlen($fName) - strlen($ext) - 1) . rand(1, 9) . '.' . $ext;
}
// UPLOAD!
if (!move_uploaded_file($file, $fileFolder . $fName)) {
$result['result'] = 'error';
