Beispiel #1
0
 /**
  *
  * @access public
  * @return
  **/
 public static function addSection($page_id, $module, $add_to_block)
 {
     $self = self::getInstance();
     require CAT_PATH . '/framework/class.order.php';
     $order = new order(CAT_TABLE_PREFIX . 'sections', 'position', 'section_id', 'page_id');
     $position = $order->get_new($page_id);
     $self->db()->query('INSERT INTO `:prefix:sections` SET `page_id`=:id, `module`=:module, `position`=:pos, `block`=:block', array('id' => $page_id, 'module' => $module, 'pos' => $position, 'block' => $add_to_block));
     if (!$self->db()->isError()) {
         return $self->db()->lastInsertId();
     } else {
         return false;
     }
 }
function topics_move_topic($movetopic)
{
    global $database;
    global $admin;
    //global $queryextra;
    global $page_id;
    global $section_id;
    global $picture_dir;
    global $restrict2picdir;
    $mod_dir = basename(dirname(__FILE__));
    $tablename = $mod_dir;
    //change page_id and section_id to get back to new page!
    $query_sections = $database->query("SELECT section_title, page_id, picture_dir FROM `" . TABLE_PREFIX . "mod_" . $tablename . "_settings` WHERE section_id = '" . $movetopic . "'");
    if ($query_sections->numRows() > 0) {
        $sections_fetch = $query_sections->fetchRow();
        $newpicture_dir = $sections_fetch['picture_dir'];
        if ($restrict2picdir > 0 and $newpicture_dir != $picture_dir) {
            die('No Permission');
        }
        //Hier muss überprüft werden, ob der User überhaupt in die andere Section speichern darf.
        if (!$admin->get_page_permission($sections_fetch['page_id'])) {
            die('No Permission');
        }
        //------------------------------------------------------------
        $section_id = $movetopic;
        $page_id = $sections_fetch['page_id'];
        $section_title = $sections_fetch['section_title'];
        $order = new order(TABLE_PREFIX . 'mod_' . $tablename, 'position', 'topic_id', 'section_id');
        $position = $order->get_new($section_id);
        $qextra = ", page_id = '{$page_id}', section_id = '{$section_id}', position = '{$position}'";
        echo "<p>Save it in " . $section_title . '</p>';
        return $qextra;
    } else {
        return '';
    }
}
     $root_parent = root_parent($page_id);
     // Work out page trail
     $page_trail = get_page_trail($page_id);
     // Update page with new level and link
     $query = "UPDATE " . TABLE_PREFIX . "pages SET level = '{$level}', root_parent = '{$root_parent}', page_trail = '{$page_trail}', template = '{$template}' WHERE page_id = '{$page_id}'";
     echoh($query . "<br />");
     $database->query($query);
     // Create a new file in the /pages dir
     create_access_file($filename, $page_id, $level);
     /* clean up page order */
     $order = new order(TABLE_PREFIX . 'pages', 'position', 'page_id', 'parent');
     // First clean order
     $order->clean($parent);
     // Get new order for section
     $order = new order(TABLE_PREFIX . 'sections', 'position', 'section_id', 'page_id');
     $position = $order->get_new($parent);
     // Add new record into the sections table
     $query = "INSERT INTO " . TABLE_PREFIX . "sections (page_id,position,module,block) VALUES ('{$page_id}','{$position}', '{$module}','1')";
     echoh($query . "<br />");
     $database->query($query);
     // Get the section id
     $section_id = $database->get_one("SELECT LAST_INSERT_ID()");
     // Include the selected modules add file if it exists
     if (file_exists(WB_PATH . '/modules/' . $module . '/add.php')) {
         require WB_PATH . '/modules/' . $module . '/add.php';
     }
 }
 echo "<br /><strong>" . $MESSAGE['PAGES']['ADDED'] . ":</strong><ul class='listcreated'>";
 foreach ($created as $row) {
     echo "<li>" . $row . "</li>";
 }
Beispiel #4
0
    }
    if (file_exists($root . '/framework/class.secure.php')) {
        include $root . '/framework/class.secure.php';
    } else {
        trigger_error(sprintf("[ <b>%s</b> ] Can't include class.secure.php!", $_SERVER['SCRIPT_NAME']), E_USER_ERROR);
    }
}
// end include class.secure.php
global $section_id, $database, $page_id, $admin, $TEXT;
// Include admin wrapper script
require LEPTON_PATH . '/modules/admin.php';
// Include the ordering class
require LEPTON_PATH . '/framework/class.order.php';
// Get new order
$order = new order(TABLE_PREFIX . 'mod_news_posts', 'position', 'post_id', 'section_id');
$position = $order->get_new($section_id);
// Get default commenting
$fetch_settings = array();
$database->execute_query("SELECT commenting FROM " . TABLE_PREFIX . "mod_news_settings WHERE section_id = '" . $section_id . "'", true, $fetch_settings, false);
$commenting = $fetch_settings['commenting'];
// Insert new row into database
$fields = array('section_id' => $section_id, 'page_id' => $page_id, 'position' => $position, 'commenting' => $commenting, 'active' => 1, 'link' => "", 'content_short' => "", 'content_long' => "");
$database->build_and_execute("insert", TABLE_PREFIX . "mod_news_posts", $fields);
// Get the id
$post_id = $database->db_handle->lastInsertId();
// Say that a new record has been added, then redirect to modify page
if ($database->is_error()) {
    $admin->print_error($database->get_error(), LEPTON_URL . '/modules/news/modify_post.php?page_id=' . $page_id . '&section_id=' . $section_id . '&post_id=' . $post_id);
} else {
    ?>
<script type="text/javascript">
Beispiel #5
0
            $admin->print_error($MESSAGE['GENERIC_MODULE_VERSION_ERROR']);
        }
    }
    unset($temp_result);
    /**
     *	Got the current user the rights to "use" this module at all?
     *
     */
    if (true === in_array($module, $_SESSION['MODULE_PERMISSIONS'])) {
        $admin->print_error($MESSAGE['GENERIC_NOT_UPGRADED']);
    }
    // Include the ordering class
    require LEPTON_PATH . '/framework/class.order.php';
    // Get new order
    $order = new order(TABLE_PREFIX . 'sections', 'position', 'section_id', 'page_id');
    $position = $order->get_new($page_id);
    // Insert module into DB
    $sql = 'INSERT INTO `' . TABLE_PREFIX . 'sections` SET ';
    $sql .= '`page_id` = ' . $page_id . ', ';
    $sql .= '`module` = "' . $module . '", ';
    $sql .= '`position` = ' . $position . ', ';
    $sql .= '`block`=1';
    $database->query($sql);
    // Get the section id
    $section_id = $database->get_one("SELECT LAST_INSERT_ID()");
    // Include the selected modules add file if it exists
    if (file_exists(LEPTON_PATH . '/modules/' . $module . '/add.php')) {
        require LEPTON_PATH . '/modules/' . $module . '/add.php';
    }
}
// Get perms
 public function createPage($title, $parent, $module, $visibility, $admin_groups, $viewing_groups)
 {
     global $database;
     // admin object initialisieren
     require_once WB_PATH . '/framework/class.admin.php';
     require_once WB_PATH . '/framework/functions.php';
     require_once WB_PATH . '/framework/class.order.php';
     $admin = new admin('Pages', 'pages_add', false, false);
     $title = htmlspecialchars($title);
     // sicherstellen, dass Admin in der Admin-Gruppe und in der Betrachter-Gruppe existiert
     if (!in_array(1, $admin_groups)) {
         $admin_groups[] = 1;
     }
     if (!in_array(1, $viewing_groups)) {
         $viewing_groups[] = 1;
     }
     // Leerer Titel?
     if ($title == '' || substr($title, 0, 1) == '.') {
         $this->setError(sprintf('[%s - %s] %s', __METHOD__, __LINE__, kit_error_blank_title));
         return false;
     }
     // pruefen, ob die Seite ueber die erforderlichen Rechte verfuegt
     if (!in_array(1, $admin->get_groups_id())) {
         $admin_perm_ok = false;
         foreach ($admin_groups as $adm_group) {
             if (in_array($adm_group, $admin->get_groups_id())) {
                 $admin_perm_ok = true;
             }
         }
         if ($admin_perm_ok == false) {
             $this->setError(sprintf('[%s - %s] %s', __METHOD__, __LINE__, kit_error_insufficient_permissions));
             return false;
         }
         $admin_perm_ok = false;
         foreach ($viewing_groups as $view_group) {
             if (in_array($view_group, $admin->get_groups_id())) {
                 $admin_perm_ok = true;
             }
         }
         if ($admin_perm_ok == false) {
             $this->setError(sprintf('[%s - %s] %s', __METHOD__, __LINE__, kit_error_insufficient_permissions));
             return false;
         }
     }
     $admin_groups = implode(',', $admin_groups);
     $viewing_groups = implode(',', $viewing_groups);
     // Dateinamen erstellen
     if ($parent == '0') {
         $link = '/' . page_filename($title);
         // Dateinamen 'index' und 'intro' umbenennen um Kollisionen zu vermeiden
         if ($link == '/index' || $link == '/intro') {
             $link .= '_0';
             $filename = WB_PATH . PAGES_DIRECTORY . '/' . page_filename($title) . '_0' . PAGE_EXTENSION;
         } else {
             $filename = WB_PATH . PAGES_DIRECTORY . '/' . page_filename($title) . PAGE_EXTENSION;
         }
     } else {
         $parent_section = '';
         $parent_titles = array_reverse(get_parent_titles($parent));
         foreach ($parent_titles as $parent_title) {
             $parent_section .= page_filename($parent_title) . '/';
         }
         if ($parent_section == '/') {
             $parent_section = '';
         }
         $page_filename = page_filename($title);
         $page_filename = str_replace('_', '-', $page_filename);
         $link = '/' . $parent_section . $page_filename;
         $filename = WB_PATH . PAGES_DIRECTORY . '/' . $parent_section . $page_filename . PAGE_EXTENSION;
         make_dir(WB_PATH . PAGES_DIRECTORY . '/' . $parent_section);
     }
     // prufen, ob bereits eine Datei mit dem gleichen Dateinamen existiert
     $dbPages = new db_wb_pages();
     $where = array();
     $where[db_wb_pages::field_link] = $link;
     $pages = array();
     if (!$dbPages->sqlSelectRecord($where, $pages)) {
         $this->setError(sprintf('[%s - %s] %s', __METHOD__, __LINE__, $dbPages->getError()));
         return false;
     }
     if (sizeof($pages) > 0 || file_exists(WB_PATH . PAGES_DIRECTORY . $link . PAGE_EXTENSION) || file_exists(WB_PATH . PAGES_DIRECTORY . $link . '/')) {
         $this->setError(sprintf('[%s - %s] %s', __METHOD__, __LINE__, sprintf(kit_error_page_exists, $link)));
         return false;
     }
     // include the ordering class
     $order = new order(TABLE_PREFIX . 'pages', 'position', 'page_id', 'parent');
     // clean order
     $order->clean($parent);
     // get the new order
     $position = $order->get_new($parent);
     // Template und Sprache der uebergeordneten Seite ermitteln
     $where = array();
     $where[db_wb_pages::field_page_id] = $parent;
     $pages = array();
     if (!$dbPages->sqlSelectRecord($where, $pages)) {
         $this->setError(sprintf('[%s - %s] %s', __METHOD__, __LINE__, $dbPages->getError()));
         return false;
     }
     if (sizeof($pages) > 0) {
         $template = $pages[0][db_wb_pages::field_template];
         $language = $pages[0][db_wb_pages::field_language];
     } else {
         $template = '';
         $language = DEFAULT_LANGUAGE;
     }
     // Neue Seite in Tabelle einfuegen
     $data = array();
     $data[db_wb_pages::field_page_title] = $title;
     $data[db_wb_pages::field_menu_title] = $title;
     $data[db_wb_pages::field_parent] = $parent;
     $data[db_wb_pages::field_template] = $template;
     $data[db_wb_pages::field_target] = '_top';
     $data[db_wb_pages::field_position] = $position;
     $data[db_wb_pages::field_visibility] = $visibility;
     $data[db_wb_pages::field_searching] = 1;
     $data[db_wb_pages::field_menu] = 1;
     $data[db_wb_pages::field_language] = $language;
     $data[db_wb_pages::field_admin_groups] = $admin_groups;
     $data[db_wb_pages::field_viewing_groups] = $viewing_groups;
     $data[db_wb_pages::field_modified_when] = time();
     $data[db_wb_pages::field_modified_by] = $admin->get_user_id();
     $page_id = -1;
     if (!$dbPages->sqlInsertRecord($data, $page_id)) {
         $this->setError(sprintf('[%s - %s] %s', __METHOD__, __LINE__, $dbPages->getError()));
         return false;
     }
     // work out the level
     $level = level_count($page_id);
     // work out root parent
     $root_parent = root_parent($page_id);
     // work out page trail
     $page_trail = get_page_trail($page_id);
     $where = array();
     $where[db_wb_pages::field_page_id] = $page_id;
     $data = array();
     $data[db_wb_pages::field_link] = $link;
     $data[db_wb_pages::field_level] = $level;
     $data[db_wb_pages::field_root_parent] = $root_parent;
     $data[db_wb_pages::field_page_trail] = $page_trail;
     if (!$dbPages->sqlUpdateRecord($data, $where)) {
         $this->setError(sprintf('[%s - %s] %s', __METHOD__, __LINE__, $dbPages->getError()));
         return false;
     }
     // create a new file in the /pages directory
     create_access_file($filename, $page_id, $level);
     // add position 1 to new page
     $position = 1;
     // add a new record to section table
     $dbSections = new db_wb_sections();
     $data = array();
     $data[db_wb_sections::field_page_id] = $page_id;
     $data[db_wb_sections::field_position] = $position;
     $data[db_wb_sections::field_module] = $module;
     $data[db_wb_sections::field_block] = 1;
     $section_id = -1;
     if (!$dbSections->sqlInsertRecord($data, $section_id)) {
         $this->setError(sprintf('[%s - %s] %s', __METHOD__, __LINE__, $dbSections->getError()));
         return false;
     }
     if (file_exists(WB_PATH . '/modules/' . $module . '/add.php')) {
         require WB_PATH . '/modules/' . $module . '/add.php';
     }
     if ($database->is_error()) {
         $this->setError(sprintf('[%s - %s] %s', __METHOD__, __LINE__, $database->get_error()));
         return false;
     }
     return $page_id;
 }
    // Show error message and go back
    $admin->print_error($MESSAGE['GENERIC_FILL_IN_ALL'], WB_URL . '/modules/bakery/modify_item.php?page_id=' . $page_id . '&section_id=' . $section_id . '&item_id=' . $id);
}
// For currency inputs convert decimal comma to decimal point
$price = str_replace(',', '.', $price);
$shipping = str_replace(',', '.', $shipping);
// MOVE ITEM TO ANOTHER BAKERY SECTION/PAGE
$moved = false;
if ($old_section_id != $new_section_id && $action == 'move') {
    // Get new page and section ids
    $query_sections = $database->query("SELECT page_id FROM " . TABLE_PREFIX . "sections WHERE section_id = '{$new_section_id}'");
    $sections = $query_sections->fetchRow();
    $page_id = $sections['page_id'];
    $section_id = $new_section_id;
    // Get new order position
    $position = $item_order->get_new($section_id);
    $moved = true;
}
// GET ITEM LINK
// Get module pages directory from general settings table
$module_pages_directory = $database->get_one("SELECT pages_directory FROM " . TABLE_PREFIX . "mod_bakery_general_settings");
$module_pages_directory = '/' . $module_pages_directory . '/';
// Work-out what the link should be
$item_link = $module_pages_directory . page_filename($title) . PAGE_SPACER . $item_id;
// Replace triple page spacer by one page spacer
$item_link = str_replace(PAGE_SPACER . PAGE_SPACER . PAGE_SPACER, PAGE_SPACER, $item_link);
// UPDATE ITEM ATTRIBUTS
$return_to_options = false;
// Either insert or update item attribut...
if (isset($_POST['save_attribute']) and $_POST['save_attribute'] != '') {
    // Get option_id from the attributes table
    $ajax = array('message' => $backend->lang()->translate('You do not have permissions to modify this page'), 'success' => false);
    print json_encode($ajax);
    exit;
}
// Setup admin groups
$admin_groups[] = 1;
$admin_groups = implode(',', $options['admin_groups']);
// Setup viewing groups
$viewing_groups[] = 1;
$viewing_groups = implode(',', $options['viewing_groups']);
// If needed, get new order
if ($options['parent'] != $old_parent) {
    require CAT_PATH . '/framework/class.order.php';
    $order = new order(CAT_TABLE_PREFIX . 'pages', 'position', 'page_id', 'parent');
    // Get new order
    $options['position'] = $order->get_new($options['parent']);
    // Clean new order
    $order->clean($options['parent']);
} else {
    $options['position'] = $old_position;
}
// Work out level and root parent
if ($options['parent'] != '0') {
    $options['level'] = CAT_Helper_Page::properties($options['parent'], 'level') + 1;
}
$options['root_parent'] = $options['level'] == 1 ? $options['parent'] : CAT_Helper_Page::getRootParent($options['parent']);
// changes the values in the options array
CAT_Helper_Page::sanitizeLink($options);
CAT_Helper_Page::sanitizeTemplate($options);
CAT_Helper_Page::sanitizeLanguage($options);
// Check if page already exists; checks access file, directory, and database
function clone_page($title, $parent, $pagetoclone, $copy_title, $visibility)
{
    // Get objects and vars from outside this function
    global $admin, $template, $database, $TEXT, $PCTEXT, $MESSAGE;
    global $page_id, $section_id;
    // Get page list from database
    $query = "SELECT * FROM `" . TABLE_PREFIX . "pages` WHERE `page_id` = " . $pagetoclone;
    $get_page = $database->query($query);
    $is_page = $get_page->fetchRow(MYSQL_ASSOC);
    // Work-out what the link and page filename should be
    if ($parent == '0') {
        $link = '/' . page_filename($title);
        $filename = WB_PATH . PAGES_DIRECTORY . $link . '.php';
    } else {
        $parent_section = '';
        $parent_titles = array_reverse(get_parent_titles($parent));
        foreach ($parent_titles as $parent_title) {
            $parent_section .= page_filename($parent_title) . '/';
        }
        if ($parent_section == '/') {
            $parent_section = '';
        }
        $link = '/' . $parent_section . page_filename($title);
        $filename = WB_PATH . PAGES_DIRECTORY . '/' . $parent_section . page_filename($title) . '.php';
        make_dir(WB_PATH . PAGES_DIRECTORY . '/' . $parent_section);
    }
    // Check if a page with same page filename exists
    $get_same_page = $database->query("SELECT `page_id` FROM `" . TABLE_PREFIX . "pages` WHERE `link` = '{$link}'");
    if ($get_same_page->numRows() > 0 or file_exists(WB_PATH . PAGES_DIRECTORY . $link . '.php') or file_exists(WB_PATH . PAGES_DIRECTORY . $link . '/')) {
        $admin->print_error($MESSAGE['PAGES']['PAGE_EXISTS'], 'tool_clone.php?pagetoclone=' . $pagetoclone);
    }
    // check the title
    if ($copy_title) {
        $page_title = $is_page['page_title'];
    } else {
        $page_title = $title;
    }
    // Include the ordering class
    $order = new order(TABLE_PREFIX . 'pages', 'position', 'page_id', 'parent');
    // First clean order
    $order->clean($parent);
    // Get new order
    $position = $order->get_new($parent);
    // Insert page into pages table
    $template = $is_page['template'];
    $visibility = $visibility;
    $admin_groups = $is_page['admin_groups'];
    $viewing_groups = $is_page['viewing_groups'];
    $query = "INSERT INTO `" . TABLE_PREFIX . "pages` " . "(`page_title`,`menu_title`,`parent`,`template`,`target`,`position`,`visibility`,`searching`,`menu`,`language`,`admin_groups`,`viewing_groups`,`modified_when`,`modified_by`) VALUES ('" . $database->escapeString($page_title) . "','" . $database->escapeString($title) . "','{$parent}','{$template}','_top','{$position}','{$visibility}','1','1','" . DEFAULT_LANGUAGE . "','{$admin_groups}','{$viewing_groups}','" . time() . "','" . $admin->get_user_id() . "')";
    $database->query($query);
    if ($database->is_error()) {
        $admin->print_error($database->get_error());
    }
    // Get the page id
    $page_id = $database->get_one("SELECT LAST_INSERT_ID()");
    // Work out level
    $level = level_count($page_id);
    // Work out root parent
    $root_parent = root_parent($page_id);
    // Work out page trail
    $page_trail = get_page_trail($page_id);
    // Update page with new level and link
    $database->query("UPDATE `" . TABLE_PREFIX . "pages` SET `link` = '{$link}', `level` = '{$level}', `root_parent` = '{$root_parent}', `page_trail` = '{$page_trail}' WHERE `page_id` = '{$page_id}'");
    // Create a new file in the /pages dir
    create_access_file($filename, $page_id, $level);
    // Make new sections, database
    $query = "SELECT * FROM `" . TABLE_PREFIX . "sections` WHERE `page_id` = '{$pagetoclone}'";
    $get_section = $database->query($query);
    while (false != ($is_section = $get_section->fetchRow(MYSQL_ASSOC))) {
        // Add new record into the sections table
        $from_section = $is_section['section_id'];
        $position = $is_section['position'];
        $module = $is_section['module'];
        $block = $is_section['block'];
        $publ_start = $is_section['publ_start'];
        $publ_end = $is_section['publ_end'];
        $database->query("INSERT INTO `" . TABLE_PREFIX . "sections` (`page_id`,`position`,`module`,`block`,`publ_start`,`publ_end`) VALUES ('{$page_id}','{$position}', '{$module}','{$block}','{$publ_start}','{$publ_end}')");
        // Get the section id
        $section_id = $database->get_one("SELECT LAST_INSERT_ID()");
        require WB_PATH . '/modules/' . $module . '/info.php';
        // Include the selected modules add file if it exists
        if (file_exists(WB_PATH . '/modules/' . $module . '/add.php')) {
            require WB_PATH . '/modules/' . $module . '/add.php';
        }
        // copy module settings per section
        $query = "SELECT TABLE_NAME FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_NAME LIKE '%mod_" . $module . "%'";
        $res = $database->query($query);
        while ($row = $res->fetchRow()) {
            // there must be a section_id column at least
            if ($database->query("DESCRIBE {$row['0']} section_id")) {
                clone_lines($row[0], $pagetoclone, $page_id, $from_section, $section_id, $database);
            }
        }
        // some manual corrections that can not be automatically detected
        if ($module == 'miniform') {
            // delete the form submissions which are also copied
            $query = "DELETE FROM " . TABLE_PREFIX . "mod_miniform_data WHERE `section_id` = " . $section_id;
            $database->query($query);
        } elseif ($module == 'mpform') {
            // delete the form submissions which are also copied
            $query = "DELETE FROM " . TABLE_PREFIX . "mod_mpform_submissions WHERE `section_id` = " . $section_id;
            $database->query($query);
            // update refererence to result table
            $query = "UPDATE " . TABLE_PREFIX . "mod_mpform_settings SET `tbl_suffix` = " . $section_id . " WHERE `section_id` = " . $section_id;
            $database->query($query);
            // new results table
            $results = TABLE_PREFIX . "mod_mpform_results_" . $section_id;
            $s = "CREATE TABLE `{$results}` ( `session_id` VARCHAR(20) NOT NULL," . ' `started_when` INT NOT NULL DEFAULT \'0\' ,' . ' `submitted_when` INT NOT NULL DEFAULT \'0\' ,' . ' `referer` VARCHAR( 255 ) NOT NULL, ' . ' PRIMARY KEY ( `session_id` ) ' . ' )';
            $database->query($s);
            $query = "SELECT field_id FROM " . TABLE_PREFIX . "mod_mpform_fields WHERE `section_id` = " . $section_id;
            $ids = $database->query($query);
            while ($fid = $ids->fetchRow()) {
                // Insert new column into database
                $s = "ALTER TABLE `{$results}` add `field" . $fid[0] . "` TEXT NOT NULL";
                $database->query($s);
            }
        } elseif ($module == 'form') {
            // delete the form submissions which are also copied
            $query = "DELETE FROM " . TABLE_PREFIX . "mod_form_submissions WHERE `section_id` = " . $section_id;
            $database->query($query);
        } elseif ($module == 'minigallery') {
            // copy images
            $mediaDir = WB_PATH . MEDIA_DIRECTORY;
            $src = $mediaDir . "/minigallery/{$from_section}";
            $dst = $mediaDir . "/minigallery/{$section_id}";
            recurse_copy($src, $dst);
        }
    }
    return $page_id;
}