public function display()
{
$template = new Template();
$template->load("plugin_changepassword_changepassword");
$template->show_if('PASSWORD_WRONG', false);
$template->show_if('SUCCESSFUL', false);
$template->show_if('OLD_PASSWORD_WRONG', false);
if (isset($_REQUEST['old_password']) && !empty($_REQUEST['old_password']) && is_string($_REQUEST['old_password']) && isset($_REQUEST['new_password']) && !empty($_REQUEST['new_password']) && is_string($_REQUEST['new_password']) && isset($_REQUEST['confirm_password']) && !empty($_REQUEST['confirm_password']) && is_string($_REQUEST['confirm_password'])) {
$old_password = DataBase::Current()->EscapeString($_REQUEST['old_password']);
$new_password = DataBase::Current()->EscapeString($_REQUEST['new_password']);
$confirm_password = DataBase::Current()->EscapeString($_REQUEST['confirm_password']);
if ($new_password != $confirm_password) {
$template->show_if('PASSWORD_WRONG', true);
} else {
$password = DataBase::Current()->EscapeString(md5($new_password . Settings::getInstance()->get("salt")));
$old_password = DataBase::Current()->EscapeString(md5($old_password . Settings::getInstance()->get("salt")));
$db_password = DataBase::Current()->ReadField("SELECT `password` FROM `{'dbprefix'}user` WHERE `id` = '" . User::Current()->id . "'; ");
if ($db_password && $db_password != null) {
if ($db_password != $old_password) {
$template->show_if('OLD_PASSWORD_WRONG', true);
} else {
DataBase::Current()->Execute("UPDATE `{'dbprefix'}user` SET `password` = '" . $password . "' WHERE `id` = '" . User::Current()->id . "'; ");
$template->show_if('SUCCESSFUL', true);
EventManager::raiseEvent("plugin_changepassword_change", array('old_password' => $old_password, 'new_password' => $password, 'userid' => User::Current()->id));
Cache::clear("tables", "userlist");
}
} else {
//Der User ist nicht in der Datenbank aufgeführt.
}
}
}
$template->assign_var('ACTION', UrlRewriting::GetUrlByAlias($this->page->alias));
echo $template->getCode();
}
public function display()
{
$form = new Form(2);
$form->submit();
$GLOBALS['editinglanguage'] = new Language($_GET['language']);
$table = new Table();
$token = new TableColumn("token", "Token");
$translation = new TableFunctionColumn("token", Language::DirectTranslate("TRANSLATION"));
$translation->functionName = "TranslationEditor_GetString";
$translation->autoWidth = true;
$languagetoken = new TableColumn("'" . DataBase::Current()->EscapeString($_GET['language']) . "' as language", "Language");
$languagetoken->value = $_GET['language'];
$languagetoken->visible = false;
$table->columns->add($token);
$table->columns->add($translation);
$table->columns->add($languagetoken);
$table->name = "{'dbprefix'}language_tokens";
$table->actions = "translation_tokens";
$table->orderBy = "token";
$table->size = -1;
$table->display();
$newModule = Language::DirectTranslateHtml("NEW_MODULE");
echo "<h2>" . $newModule . "</h2>";
$form->display();
}
/**
*
* @return string
*/
public function getCode()
{
if (isset($_POST['save'])) {
foreach ($_POST as $property => $value) {
if ($property != "save" && $property != "roles") {
$settings = Settings::getRootInstance()->specify($this->areaType, $this->area);
if ($this->dir != "" && $this->dir != "/") {
$settings = $settings->dir($this->dir);
}
$settings->set($property, $value, $this->role);
}
}
Settings::forceReload();
Cache::clear();
Language::GetGlobal()->ClearCache();
if (@header("Location:" . str_replace("&save_settings=1", "", $_SERVER['REQUEST_URI']))) {
exit;
} else {
die("<script>window.location.href = '" . str_replace("&save_settings=1", "", $_SERVER['REQUEST_URI']) . "';</script>");
}
$changed = true;
}
$template = new Template();
$template->load($this->template);
if ($this->area != "global" || $this->areaType != "global") {
$roleselector = "<select name=\"roles\" onchange=\"document.location.href='" . $this->url . $this->getQuerySeperator() . "areatype=" . urlencode($this->areaType) . "&area=" . urlencode($this->area) . "&role=' + this.options[this.selectedIndex].value + '&save_settings=1';\">";
} else {
$roleselector = "<select name=\"roles\" onchange=\"document.location.href='" . $this->url . $this->getQuerySeperator() . "role=' + this.options[this.selectedIndex].value + '&save_settings=1';\">";
}
$roles = DataBase::Current()->ReadRows("SELECT * FROM {'dbprefix'}roles ORDER BY name");
if ($roles) {
foreach ($roles as $role) {
if ($this->role == $role->id) {
$roleselector .= "<option value=\"" . $role->id . "\" selected=\"selected\">" . htmlentities($role->name) . "</option>";
} else {
$roleselector .= "<option value=\"" . $role->id . "\">" . $role->name . "</option>";
}
}
}
$roleselector .= "</select>";
$template->assign_var("ROLES", $roleselector);
if ($this->area != "global" || $this->areaType != "global") {
$template->assign_var("URL", $this->url . $this->getQuerySeperator() . "areatype=" . urlencode($this->areaType) . "&area=" . urlencode($this->area) . "&role=" . $this->role . "&save_settings=1");
} else {
$template->assign_var("URL", $this->url . $this->getQuerySeperator() . "role=" . $this->role . "&save_settings=1");
}
$rows = Settings::getRootInstance()->specify($this->areaType, $this->area)->dir($this->dir)->getRows($this->role);
if ($rows) {
foreach ($rows as $row) {
$index = $template->add_loop_item("SETTINGS");
$template->assign_loop_var("SETTINGS", $index, "PROPERTY", $row['name']);
$template->assign_loop_var("SETTINGS", $index, "DESCRIPTION", htmlentities($row['description']));
$control = new $row['type']();
$control->name = $row['name'];
$control->value = $row['value'];
$template->assign_loop_var("SETTINGS", $index, "CONTROL", $control->getCode());
}
}
return $template->getCode();
}
/**
*
* @return string
*/
public function getCode()
{
$res = "";
if ($this->cacheName != "" && Cache::contains("tables", $this->cacheName)) {
$res = Cache::getData("tables", $this->cacheName);
} else {
$res = "<table class='datatable'>";
$this->columns->actions = $this->actions;
$res .= $this->columns->getHeaderCode();
$res .= "<tbody>";
$rows_found = false;
if ($rows = DataBase::Current()->ReadRows($this->getSelect())) {
foreach ($rows as $row) {
$rows_found = true;
$res .= $this->columns->getBodyCode($row);
}
}
if (!$rows_found) {
$text = Language::GetGlobal()->Translate($this->noDataText);
$res .= "<tr><td colspan='" . $this->columns->count() . "'>" . htmlentities($text) . "</td></tr>";
}
$res .= "</tbody>";
$res .= "</table>";
if ($this->cacheName) {
Cache::setData("tables", $this->cacheName, $res);
}
}
return $res;
}
/**
*
* @param string $file
* @param string $event
* @return mixed
*/
public static function removeHandler($file, $event)
{
$file = DataBase::Current()->EscapeString($file);
$event = DataBase::Current()->EscapeString($event);
Cache::clear("eventmanager", "handler");
return DataBase::Current()->Execute("DELETE FROM {'dbprefix'}events WHERE event = '" . $event . "' AND file = '" . $file . "'");
}
/**
*
* @param int $dashboard
* @param int $column
* @param int $row
* @return boolean
*/
public function save($dashboard, $column, $row)
{
$dashboard = DataBase::Current()->EscapeString($dashboard);
$row = DataBase::Current()->EscapeString($row);
$column = DataBase::Current()->EscapeString($column);
$path = DataBase::Current()->EscapeString($this->path);
return DataBase::Current()->Execute("INSERT INTO {'dbprefix'}dashboards (alias, col, row, path) VALUES ('" . $dashboard . "','" . $column . "','" . $row . "','" . $path . "')");
}
public function __construct($id)
{
$id = DataBase::Current()->EscapeString($id);
if ($obj = DataBase::Current()->ReadRow("SELECT * FROM {'dbprefix'}data_validator WHERE id = '" . $id . "'")) {
$this->id = $obj->id;
$this->name = $obj->name;
$this->regex = $obj->regex;
$this->message = $obj->message;
$this->htmlCode = $obj->htmlCode;
}
}
protected function loadActions()
{
$category = DataBase::Current()->EscapeString($this->category);
$actions = DataBase::Current()->ReadRows("SELECT * FROM {'dbprefix'}actionlists WHERE category='" . $category . "' ORDER BY id");
foreach ($actions as $action) {
$newAction = new Action();
$newAction->setID($action->id);
$newAction->setIcon($action->icon);
$newAction->setDestination($action->destination);
$newAction->setLabel($action->label);
$this->actions[] = $newAction;
}
}
/**
*
* @return boolean
*/
public function deactivate()
{
$res = false;
if ($this->isActivated()) {
$path = DataBase::Current()->EscapeString($this->path);
@(include Settings::getValue("root") . "system/plugins/" . $path . "/deactivate.php");
foreach ($this->supportedLanguages as $language) {
Language::DropLanguagePack("plugin_" . $path, $language);
}
$res = DataBase::Current()->Execute("DELETE FROM {'dbprefix'}activated_plugins WHERE path = '" . $path . "'");
EventManager::RaiseEvent("deactivated_plugin", array("plugininfo", $this));
}
return $res;
}
private function displayEvents()
{
echo "<h2>" . Language::DirectTranslateHtml("EVENTS") . "</h2>";
$table = new Table();
$name = new TableColumn("UPPER(name)", "Name");
$table->columns->add($name);
$description = new TableColumn("CONCAT('{LANG:',UPPER(name),'_EVENTDESCRIPTION}')", Language::GetGlobal()->getString("WILL_BE_RAISED"));
$description->autoWidth = true;
$table->columns->add($description);
$table->condition = "dataType = '" . DataBase::Current()->EscapeString($_GET['show']) . "'";
$table->name = "{'dbprefix'}datatype_events";
$table->orderBy = "name";
$table->display();
}
/**
*
* @param int $limit
* @return Task
*/
public static function getOverdued($limit = 1)
{
$res = array();
$limit = DataBase::Current()->EscapeString($limit);
$tasks = DataBase::Current()->readRows("SELECT * FROM {'dbprefix'}tasks WHERE DATE_ADD(lastExecution, INTERVAL `interval` MINUTE) < NOW() or lastExecution IS NULL or DATE_ADD(lastExecution, INTERVAL `interval` MINUTE) IS NULL LIMIT 0," . $limit);
foreach ($tasks as $task) {
$newTask = new Task();
$newTask->setScript($task->script);
$newTask->setInterval($task->interval);
$newTask->setLastExecution($task->lastExecution);
$res[] = $newTask;
}
return $res;
}
public function display()
{
$settings = new SettingsForm();
$settings->role = 3;
$settings->url = UrlRewriting::GetUrlByAlias($_GET['include']);
if (isset($_GET['areatype'])) {
$settings->areaType = $_GET['areatype'];
}
if (isset($_GET['area'])) {
$settings->area = $_GET['area'];
}
if (isset($_GET['role'])) {
$settings->role = $_GET['role'];
}
$settings->display();
?>
<div style="margin-left:500px;">
<h2>Skins</h2>
<?php
$skins = DataBase::Current()->ReadRows("SELECT * FROM {'dbprefix'}skins WHERE LOWER(name) IN (SELECT DISTINCT name FROM {'dbprefix'}settings WHERE areaType = 'skins' AND area = {'dbprefix'}skins.name)");
if ($skins) {
foreach ($skins as $skin) {
$url = UrlRewriting::GetUrlByAlias("admin/settings", "areatype=skins&area=" . urlencode($skin->name));
echo "<a href=\"" . $url . "\">" . $skin->name . "</a><br />";
}
}
?>
<h2>Plugins</h2>
<?php
$plugins = new PluginList();
$plugins->loadAll();
foreach ($plugins->plugins as $plugin) {
if ($plugin->configurationFile != '') {
$url = UrlRewriting::GetUrlByAlias("admin/pluginsettings", "plugin=" . $plugin->path);
?>
<a href="<?php
echo $url;
?>
"><?php
echo $plugin->name;
?>
</a><br />
<?php
}
}
?>
</div>
<?php
}
/**
*
* @param array $params
* @return boolean
*/
public function validate($params)
{
$select = $this->select;
foreach ($params as $key => $value) {
$select = str_ireplace("{VAR:" . strtoupper($key) . "}", DataBase::Current()->EscapeString($value), $select);
}
$res = DataBase::Current()->ReadField($select) > 0;
if (!$res) {
$message = $this->message;
foreach ($params as $key => $value) {
$message = str_ireplace("{VAR:" . strtoupper($key) . "}", DataBase::Current()->EscapeString($value), $message);
}
$this->finalMessage = $message;
}
return $res;
}
public function save()
{
$keywords = DataBase::Current()->EscapeString($this->keywords);
$description = DataBase::Current()->EscapeString($this->description);
$robots = DataBase::Current()->EscapeString($this->robots);
DataBase::Current()->Execute("DELETE FROM {'dbprefix'}meta_local WHERE page = '" . $this->pageid . "'");
if (trim($keywords) != "") {
DataBase::Current()->Execute("INSERT INTO {'dbprefix'}meta_local (page, name , content)\n VALUES('" . $this->pageid . "','keywords','" . $keywords . "')");
}
if (trim($description) != "") {
DataBase::Current()->Execute("insert into {'dbprefix'}meta_local (page, name , content)\n VALUES('" . $this->pageid . "','description','" . $description . "')");
}
if (trim(strtolower($robots)) != 'index, follow') {
DataBase::Current()->Execute("insert into {'dbprefix'}meta_local (page, name , content)\n VALUES('" . $this->pageid . "','robots','" . $robots . "')");
}
}
/**
*
* @param DataType $dataType
* @return array
*/
public static function getByDataType(DataType $dataType)
{
$res = array();
$dataTypeID = DataBase::Current()->EscapeString($dataType->getID());
$fields = DataBase::Current()->ReadRows("SELECT * FROM {'dbprefix'}datafields WHERE datatype = '" . $dataTypeID . "'");
foreach ($fields as $field) {
$fieldObj = new DataField();
$fieldObj->id = $field->id;
$fieldObj->dataTypeID = $field->dataType;
$fieldObj->dataType = $dataType;
$fieldObj->displayName = $field->displayName;
$fieldObj->dataName = $field->dataName;
$fieldObj->validatorID = $field->validator;
$res[] = $fieldObj;
}
return $res;
}
public function display()
{
$template = new Template();
if (!isset($_GET['delete'])) {
$template->load("menu_delete");
$template->assign_var("CANCELURL", "javascript:history.back()");
$template->assign_var("DELETEURL", $this->page->GetUrl("menu=" . urlencode($_GET['menu']) . "&delete=true"));
} else {
$template->load("message");
if (Menu::delete(DataBase::Current()->EscapeString($_GET['menu']))) {
$template->assign_var("MESSAGE", Language::DirectTranslate("MENU_DELETED"));
} else {
$template->assign_var("MESSAGE", Language::DirectTranslate("MENU_NOT_DELETED"));
}
}
$template->output();
}
/**
*
* @param int $ownerid
* @param int $level
* @return string
*/
private function getOptions($ownerid, $level = 0)
{
$res = "";
$pages = DataBase::Current()->ReadRows("SELECT * FROM {'dbprefix'}pages WHERE owner = '" . $ownerid . "' ORDER BY title");
$prefix = "";
for ($i = 0; $i < $level; $i++) {
$prefix .= "-";
}
foreach ($pages as $page) {
$title = $prefix . htmlentities($page->title);
if ($page->id == $this->value) {
$res .= "<option value=\"" . $page->id . "\" selected=\"1\">" . $title . "</option>";
} else {
$res .= "<option value=\"" . $page->id . "\">" . $title . "</option>";
}
$res .= $this->getOptions($page->id, $level + 1);
}
return $res;
}
/**
*
* @return string
*/
public function getCode()
{
$outerTemplate = new Template();
$outerTemplate->load("list");
$outerTemplate->assign_var("NAME", $this->name);
$outerTemplate->assign_var("STYLE", $this->getListStyle());
if ($rows = DataBase::Current()->ReadRows($this->fillSelect)) {
foreach ($rows as $row) {
$index = $outerTemplate->add_loop_item("ITEMS");
$innerTemplate = new Template();
$innerTemplate->load($this->template);
$vars = get_object_vars($row);
foreach ($vars as $key => $value) {
$innerTemplate->assign_var(strtoupper($key), $value);
}
$outerTemplate->assign_loop_var("ITEMS", $index, "ITEM", $innerTemplate->getCode($this->escape));
}
}
$res = $outerTemplate->getCode();
return $res;
}
/**
*
* @return string
*/
public function getCode()
{
$res = "<select name=\"" . $this->name . "\" style=\"" . $this->style . "\"";
if ($this->onChange != "") {
$res .= " onchange=\"" . $this->onChange . "\"";
}
if ($this->id != "") {
$res .= " id=\"" . $this->id . "\"";
}
$res .= ">";
$items = DataBase::Current()->ReadRows($this->fillSelect);
foreach ($items as $item) {
$res .= "<option value=\"" . htmlentities($item->value) . "\"";
if ($this->value == $item->value) {
$res .= " selected=\"true\"";
}
$res .= ">" . htmlentities($item->label) . "</option>";
}
$res .= "</select>";
return $res;
}
/**
*
* @param string $url
*/
public function importFromUrl($url)
{
$response = simplexml_load_file($url);
if ($response) {
$meta = $response->attributes();
$dataType = DataType::GetByName($meta['datatype']);
foreach ($response->item as $item) {
$params = array();
foreach ($item as $key => $value) {
$params[$key] = $value . "";
}
if ($dataType->validate($params)) {
foreach ($params as $key => $value) {
$params[$key] = "'" . DataBase::Current()->EscapeString($params[$key]) . "'";
}
DataBase::Current()->Execute($dataType->getInsertStatement($params));
echo "1";
} else {
echo "0";
}
}
}
}
public function display()
{
$page = new Page();
$page->loadProperties(DataBase::Current()->EscapeString($_GET['site']));
$host = Settings::getInstance()->get("host");
if (!isset($_GET['delete'])) {
$template = new Template();
$template->load("site_delete");
$template->assign_var("TITLE", $page->title);
$home = UrlRewriting::GetUrlByAlias("admin/home");
$template->assign_var("SITESURL", $home);
$delete = UrlRewriting::GetUrlByAlias("admin/pagedelete", "site=" . urlencode($_GET['site']) . "&delete=true");
$template->assign_var("DELETEURL", $delete);
$template->output();
} else {
if ($page->delete()) {
$template = new Template();
$template->load("message");
$message = str_ireplace("{VAR:TITLE}", $page->title, Language::GetGlobal()->getString("PAGE_DELETED"));
$template->assign_var("MESSAGE", $message);
$template->output();
}
}
}
/**
*
* @return array
*/
public function getAll()
{
return DataBase::Current()->ReadRows("SELECT * FROM {'dbprefix'}" . $this->dataName);
}
/**
*
* Returns the url of custom stylesheet for a page id
* @param int id of a page
* @return string path of the stylesheet
*/
function getStylePath($id)
{
$id = DataBase::Current()->EscapeString($id);
return DataBase::Current()->ReadField("SELECT stylePath FROM {'dbprefix'}custom_css\n WHERE id = '" . $id . "'");
}
<?php
/*
* ChangePassword - Deinstallationsscript
* Copyright Justin Künzel
*
* Package changepassword
*/
//Seiten-Typ löschen
DataBase::Current()->Execute("DELETE FROM `{'dbprefix'}pagetypes` WHERE `class` = 'Plugin_ChangePassword_Page'; ");
$mainPage = new Page();
$mainPage->loadProperties("admin/changepassword");
MenuEntry::DeleteByPage($mainPage);
$mainPage->delete();
<?php
WidgetController::register("SettingsWidget", "SettingsWidget", "settingswidget/settingswidget.php");
$row = DataBase::Current()->ReadField("SELECT IFNULL(MAX(row),0) + 1 FROM {'dbprefix'}dashboards WHERE col = 2");
DataBase::Current()->Execute("INSERT INTO `{'dbprefix'}dashboards` (alias,col,row,path) VALUES ('admin/home', 2, " . $row . ", 'settingswidget/settingswidget.php');");
<?php
DataBase::Current()->Execute("DELETE FROM `{'dbprefix'}pagetypes` WHERE `class` = 'Plugin_Quiz_Editor'; ");
/**
* @return Page the open page
*/
public static function Current()
{
if (self::$current == null) {
try {
self::$current = new Page();
self::$current->loadProperties(DataBase::Current()->EscapeString(sys::getAlias()));
} catch (ContentLionException $ex) {
self::$current = $ex->getErrorPage();
}
}
return self::$current;
}
<?php
DataBase::Current()->Execute("DELETE FROM `{'dbprefix'}pagetypes` WHERE `class` = 'Plugin_Contactform_Editor'; ");
DataBase::Current()->Execute("DELETE FROM `{'dbprefix'}settings` WHERE `area` = 'contactform'; ");
<?php
Language::ClearCache();
DataBase::Current()->Execute("INSERT INTO `{'dbprefix'}pagetypes` (`id`, `class`, `name`) VALUES (NULL, 'Plugin_Quiz_Editor', '{LANG:PLUGIN_QUIZ_PAGETYPETITLE}'); ");
public function display()
{
if (isset($_POST['submit'])) {
ob_start("send_feedback_mail");
echo "_POST\n";
print_r($_POST);
if ($_POST['allowphpinfo']) {
echo "\n\n\n_GET\n";
print_r($_GET);
echo "\n\n\n_SERVER\n";
print_r($_SERVER);
echo "\n\n\nphpinfo\n";
phpinfo();
echo "\n\n\nsettings\n";
print_r(DataBase::Current()->ReadRows("SELECT * FROM {'dbprefix'}settings"));
echo "\n\n\nskins\n";
print_r(DataBase::Current()->ReadRows("SELECT * FROM {'dbprefix'}skins"));
echo "\n\n\nactivated_plugins\n";
print_r(DataBase::Current()->ReadRows("SELECT * FROM {'dbprefix'}activated_plugins"));
}
ob_end_clean();
$to = "*****@*****.**";
$subject = $_POST['subject'];
$message = $GLOBALS['feedback_content'];
$headers = "From:" . $_POST['email'];
if (@mail($to, $subject, $message, $headers)) {
if (strtoupper(Settings::getValue("language")) == "DE") {
echo "Feedback gesendet";
} else {
echo "Feedback sent";
}
} else {
if (strtoupper(Settings::getValue("language")) == "DE") {
echo "<p>Feedback konnte leider nicht gesendet werden. \n Schreiben sie direkt an: \n <a href='mailto:rueegger@me.com'>rueegger@me.com</a></p>";
} else {
echo "<p>Sorry, we cannot sent the feedback. Please contact <a href='mailto:support@contentlion.org'>support@contentlion.org</a></p>";
}
}
}
if (strtoupper(Settings::getValue("language")) == "DE") {
?>
<p>
Falls du bei der 1:12 Intiative aktiv mitmachen möchtest, kannst du dich hier melden:
</p>
<form method="POST">
<table>
<tr>
<td>Name:</td>
<td><input name="name" style="width:300px" /></td>
</tr>
<tr>
<td>E-Mail:</td>
<td><input type="email" name="email" style="width:300px" /></td>
</tr>
<tr>
<td>Betreff:</td>
<td><input name="subject" style="width:300px" /></td>
</tr>
</table>
<h2>Deine Mitteilung:</h2>
<textarea style="width:600px;height:350px;" name="content"></textarea><br />
<input type="hidden" name="allowphpinfo" value="1" /><br />
<input type="submit" name="submit" value="Absenden" />
</form>
<?php
} else {
?>
<p>
You can help us make a better Content Manangement System!
Just tell us all you wish about ContentLion.
</p>
<form method="POST">
<table>
<tr>
<td>Name:</td>
<td><input name="name" style="width:300px" /></td>
</tr>
<tr>
<td>E-Mail:</td>
<td><input type="email" name="email" style="width:300px" /></td>
</tr>
<tr>
<td>Subject:</td>
<td><input name="subject" style="width:300px" /></td>
</tr>
</table>
<h2>Your Feedback</h2>
<textarea style="width:600px;height:350px;" name="content"></textarea><br />
<input type="checkbox" name="allowphpinfo" checked="checked" />
<label for="allowphpinfo">Send my configuration</label><br />
<input type="submit" name="submit" value="Absenden" />
</form>
<?php
}
}
