Beispiel #1
0
 function action_revision($args)
 {
     global $manager, $tree, $user, $lang;
     /* Decode argumenst */
     $id = array_shift($args);
     $item =& $tree->getItemById($id);
     $id = $item['id'];
     if (!$tree->_hasRights('admin', $item['rights'])) {
         header('Location: ' . url::item($id));
         exit;
     }
     if (count($args)) {
         $action = array_shift($args);
         if ($action == 'create') {
             revisions::doCreateRevision($id);
             if ($_REQUEST['return']) {
                 header('Location: ' . $_REQUEST['return']);
                 exit;
             }
         }
         if ($action == 'publish') {
             revisions::doPublishRevision($id, $_REQUEST['revision']);
             if ($_REQUEST['return']) {
                 header('Location: ' . $_REQUEST['return']);
                 exit;
             }
         }
     }
     // Redirect
     header("Location: " . url::item());
     exit;
 }
Beispiel #2
0
 function event_ExecuteEditor(&$data)
 {
     global $lang, $manager;
     if ($data['type'] == 'external' && $data['sheet'] == 'external') {
         if ($_SERVER['REQUEST_METHOD'] == 'POST') {
             if ($_REQUEST['url'] != 'http://') {
                 $res = sql::query("\r\n\t\t\t\t\t\t\tREPLACE \r\n\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_external\r\n\t\t\t\t\t\t\tSET\r\n\t\t\t\t\t\t\t\tID='" . $data['params']['id'] . "',\r\n\t\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "',\r\n\t\t\t\t\t\t\t\turl='" . addslashes($_REQUEST['url']) . "'\r\n\t\t\t\t\t\t");
             }
             // Mark this action as a modification
             revisions::updateModificationDate($data['params']['id'], $data['params']['revision']);
             header("Location: " . url::item($data['params']['id'], 'edit') . "/external?revision=" . $data['params']['revision']);
             exit;
         }
         $res = sql::query("\r\n\t\t\t\t\tSELECT\r\n\t\t\t\t\t\t*\r\n\t\t\t\t\tFROM\r\n\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_external\r\n\t\t\t\t\tWHERE\r\n\t\t\t\t\t\tID='" . $data['params']['id'] . "' AND\r\n\t\t\t\t\t\trevision='" . $data['params']['revision'] . "'\r\n\t\t\t\t");
         $tpl = new Template($this->getTemplate('editor.template'));
         if ($row = sql::fetch_array($res)) {
             $tpl->set("url", $row['url']);
         } else {
             $tpl->set("url", 'http://');
         }
         $tpl->set("id", $data['params']['id']);
         $tpl->set("revision", $data['params']['revision']);
         $data['template']->append('content', $tpl->fetch());
     }
 }
Beispiel #3
0
 function event_ExecuteEditor(&$data)
 {
     global $lang, $manager, $user;
     if (isset($manager->types[$data['type']]['content']['story']) && $data['sheet'] == 'contents') {
         // Retrieve story
         $res = sql::query("\n\t\t\t\t\tSELECT \n\t\t\t\t\t\t*\n\t\t\t\t\tFROM \n\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_story \n\t\t\t\t\tWHERE \n\t\t\t\t\t\t`ID` = '" . $data['params']['id'] . "' AND\n\t\t\t\t\t\t`revision` = '" . $data['params']['revision'] . "'\n\t\t\t\t");
         if ($row = sql::fetch_array($res, MYSQL_ASSOC)) {
             $story = $row;
         } else {
             $story = array('text' => '');
         }
         if ($_SERVER['REQUEST_METHOD'] == 'POST') {
             $_POST['text'] = filter::images($_POST['text']);
             $_POST['text'] = filter::html($_POST['text']);
             $res = sql::query("\n\t\t\t\t\t\tREPLACE INTO \n\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_story \n\t\t\t\t\t\tSET \n\t\t\t\t\t\t\tID='" . $data['params']['id'] . "', \n\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "',\n\t\t\t\t\t\t\ttext='" . addslashes($_POST['text']) . "'\n\t\t\t\t\t");
             // Mark this action as a modification
             revisions::updateModificationDate($data['params']['id'], $data['params']['revision']);
             header("Location: " . url::item($data['params']['id'], 'edit') . "/contents?revision=" . $data['params']['revision']);
             exit;
         }
         $tpl = new Template($this->getTemplate('editor.template'));
         $tpl->set('story', $story);
         $tpl->set('id', $data['params']['id']);
         $tpl->set('revision', $data['params']['revision']);
         $data['template']->append('content', $tpl->fetch());
     }
 }
Beispiel #4
0
 function event_ExecuteEditor(&$data)
 {
     global $lang, $manager;
     if ($data['sheet'] == 'background') {
         if ($_SERVER['REQUEST_METHOD'] == 'POST') {
             $res = sql::query("\r\n\t\t\t\t\t\tREPLACE INTO \r\n\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_background\r\n\t\t\t\t\t\tSET \r\n\t\t\t\t\t\t\tID='" . $data['params']['id'] . "', \r\n\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "',\r\n\t\t\t\t\t\t\timage='" . addslashes($_REQUEST['image']) . "', \r\n\t\t\t\t\t\t\tmodified=NOW()\r\n\t\t\t\t\t");
             // Mark this action as a modification
             revisions::updateModificationDate($data['params']['id'], $data['params']['revision']);
             header("Location: " . url::item($data['params']['id'], 'edit') . "/background?revision=" . $data['params']['revision']);
             exit;
         }
         $res = sql::query("\r\n\t\t\t\t\tSELECT \r\n\t\t\t\t\t\t* \r\n\t\t\t\t\tFROM \r\n\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_background\r\n\t\t\t\t\tWHERE \r\n\t\t\t\t\t\tid='" . $data['params']['id'] . "' AND\r\n\t\t\t\t\t\trevision='" . $data['params']['revision'] . "'\r\n\t\t\t\t");
         if ($row = sql::fetch_array($res)) {
             $image = $row['image'];
         } else {
             $image = '';
         }
         $tpl = new Template($this->getTemplate('editor.template'));
         $tpl->set('id', $data['params']['id']);
         $tpl->set('revision', $data['params']['revision']);
         $tpl->set('image', $image);
         $data['template']->append('content', $tpl->fetch());
         // Make sure the following assets are included
         $data['page']->assets->registerJavascript('/core/assets/javascript/modaldialog.js');
         $data['page']->assets->registerCSS($this->localAsset('editor.css'));
     }
 }
Beispiel #5
0
 function action_move($args)
 {
     global $manager, $tree, $user, $lang;
     /* Decode argumenst */
     $id = array_shift($args);
     $item =& $tree->getItemById($id);
     $id = $item['id'];
     if (!$tree->_hasRights('admin', $item['rights'])) {
         header('Location: ' . url::item($id));
         exit;
     }
     if ($_SERVER['REQUEST_METHOD'] == 'POST') {
         $parentid = intval($_POST['parent']);
         $position = 0;
         if ($parentid == 0) {
             reset($tree->tree);
             while (list($k, ) = each($tree->tree)) {
                 if ($tree->tree[$k]['id'] != 'admin') {
                     $position = max($position, $tree->tree[$k]['position']);
                 }
             }
         } else {
             if ($parent =& $tree->getItemById($parentid)) {
                 if (isset($parent['children'])) {
                     reset($parent['children']);
                     while (list($k, ) = each($parent['children'])) {
                         $position = max($position, $parent['children'][$k]['position']);
                     }
                 }
             }
         }
         $position++;
         treeStorage::startTransaction();
         treeStorage::prepareForMove($id, $parentid, $_POST['language']);
         sql::query("\r\n\t\t\t\t\tUPDATE \r\n\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents\r\n\t\t\t\t\tSET \r\n\t\t\t\t\t\t`parent`='" . $parentid . "',\r\n\t\t\t\t\t\t`position`=" . $position . "\r\n\t\t\t\t\tWHERE\r\n\t\t\t\t\t\t`ID`='" . $id . "'\r\n\t\t\t\t");
         treeStorage::stopTransaction();
         // Our url needs to be rebuild...
         $url = url::item($id);
         $url = str_replace('/' . $item['meta']['language'] . '/', '/' . $_POST['language'] . '/', $url);
         header("Location: " . $url);
         exit;
     } else {
         @(include _BASE_LIBRARIES_ . 'resources/iso639to3166.php');
         $languages = array();
         $list = new languages(_DEFAULT_SITE_);
         while (list(, $language) = each($list->nodes)) {
             if ($language->public) {
                 $languages[] = array('id' => $language->id, 'name' => $language->name, 'flag' => strtolower($iso639to3166[$language->id]));
             }
         }
         $tpl = new Template($this->getTemplate('move.template'));
         $tpl->set('languages', $languages);
         $tpl->set('id', $id);
         echo $tpl->fetch();
         exit;
     }
 }
Beispiel #6
0
 function event_PreSkinParse(&$data)
 {
     global $manager, $tree;
     if ($data['params']['action'] == 'view' && ($data['type'] == 'redirect' || isset($manager->types[$data['type']]['content']['redirect']))) {
         if ($item =& $tree->getFirstChild($data['params']['id'])) {
             header("Location: " . url::item($item));
             exit;
         }
     }
 }
Beispiel #7
0
 function action_restore($args)
 {
     global $manager, $tree, $user, $lang;
     /* Decode argumenst */
     $id = array_shift($args);
     if ($user->admin()) {
         $this->_restoreItem($id);
         header("Location: " . url::item($id));
     } else {
         header("Location: " . url::root());
     }
     exit;
 }
Beispiel #8
0
 function action_login($args)
 {
     global $manager, $tree, $user, $config, $lang;
     if ($config->get('inlineLogin')) {
         $page = new theme();
         $t = new Template($this->getTemplate('inline.template'));
         $l =& $lang;
     } else {
         $page = new admin();
         $t = new Template($this->getTemplate('form.template'));
         $l =& $user->lang;
     }
     if (count($args)) {
         $id = array_shift($args);
         // Check if the id contains an file extension
         if (preg_match('/(.*)\\.([a-z0-9]+)$/i', $id, $matches)) {
             $id = $matches[1];
         }
         $t->set('url', url::item($id, 'login'));
         if ($_SERVER['REQUEST_METHOD'] == 'POST') {
             $user->login(url::item($id));
             // If we end up here, we did not properly login... probably
             // username or password not correct...
             $t->set('error', $l->s('passwordnotcorrect'));
         } else {
             if (!$config->get('redirectToLogin')) {
                 $page->template->set('error', $l->s('notenoughrights') . ' ' . $l->s('logintoview'));
             }
         }
     } else {
         $t->set('url', url::action('login'));
         if ($_SERVER['REQUEST_METHOD'] == 'POST') {
             $user->login();
             // If we end up here, we did not properly login... probably
             // username or password not correct...
             $t->set('error', $l->s('passwordnotcorrect'));
         }
     }
     // Notify plugins of a PreSkinParse event;
     $data = array('page' => &$page, 'template' => &$page->template, 'type' => null, 'params' => array('action' => 'login', 'id' => null, 'args' => $args));
     $manager->handleEvent('PreSkinParse', $data);
     $page->template->set('title', $l->s('login'));
     $page->template->set('content', $t->fetch());
     $page->template->set('type', 'login');
     $page->show();
 }
Beispiel #9
0
 function action_delete($args)
 {
     global $manager, $tree, $user, $lang;
     /* Decode argumenst */
     $id = array_shift($args);
     $item =& $tree->getItemById($id);
     $id = $item['id'];
     if (!$tree->_hasRights('admin', $item['rights'])) {
         header('Location: ' . url::item($id));
         exit;
     }
     $this->_deleteItem($id);
     // Redirect
     if ($item['parent'] > 0) {
         header("Location: " . url::item($item['parent']));
     } else {
         header("Location: " . url::item());
     }
     exit;
 }
Beispiel #10
0
 function event_ExecuteEditor(&$data)
 {
     global $lang, $manager;
     if (isset($manager->types[$data['type']]['content']['links']) && $data['sheet'] == 'links') {
         // Define a list of errors
         $errors = array();
         $links = array();
         $res = sql::query("\r\n\t\t\t\t\tSELECT \r\n\t\t\t\t\t\t* \r\n\t\t\t\t\tFROM\r\n\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_links\r\n\t\t\t\t\tWHERE\r\n\t\t\t\t\t\tID = '" . $data['params']['id'] . "' AND\r\n\t\t\t\t\t\trevision = '" . $data['params']['revision'] . "'\r\n\t\t\t\t");
         while ($row = sql::fetch_array($res, MYSQL_ASSOC)) {
             $links[$row['link']] = $row;
         }
         if ($_SERVER['REQUEST_METHOD'] == 'POST') {
             $res = sql::query("\r\n\t\t\t\t\t\tDELETE FROM \r\n\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_links \r\n\t\t\t\t\t\tWHERE \r\n\t\t\t\t\t\t\tID='" . $data['params']['id'] . "' AND\r\n\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "'\r\n\t\t\t\t\t");
             if (is_array($_POST['links'])) {
                 $position = 0;
                 while (list(, $v) = each($_POST['links'])) {
                     $res = sql::query("\r\n\t\t\t\t\t\t\t\tINSERT INTO \r\n\t\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_links \r\n\t\t\t\t\t\t\t\tSET \r\n\t\t\t\t\t\t\t\t\tID='" . $data['params']['id'] . "', \r\n\t\t\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "',\r\n\t\t\t\t\t\t\t\t\tposition='" . $position . "',\r\n\t\t\t\t\t\t\t\t\turl='" . addslashes($v['url']) . "', \r\n\t\t\t\t\t\t\t\t\ttitle='" . addslashes($v['title']) . "',\r\n\t\t\t\t\t\t\t\t\ttarget='" . addslashes($v['target']) . "'\r\n\t\t\t\t\t\t\t");
                     $position++;
                 }
             }
             // Mark this action as a modification
             revisions::updateModificationDate($data['params']['id'], $data['params']['revision']);
             header("Location: " . url::item($data['params']['id'], 'edit') . "/links?revision=" . $data['params']['revision']);
             exit;
         }
         $tpl = new Template($this->getTemplate('editor.template'));
         $tpl->set("links", $links);
         $tpl->set("id", $data['params']['id']);
         $tpl->set("revision", $data['params']['revision']);
         if (count($errors)) {
             $data['template']->append('error', implode(', ', $errors));
         }
         $data['template']->append('content', $tpl->fetch());
         // Make sure the following assets are included
         $data['page']->assets->registerJavascript('/core/assets/javascript/modaldialog.js');
         $data['page']->assets->registerCSS($this->localAsset('editor.css'));
         $data['page']->assets->registerJavascript($this->localAsset('editor.js'));
     }
 }
Beispiel #11
0
 function action_duplicate($args)
 {
     global $manager, $tree, $user, $lang;
     /* Decode argumenst */
     $id = array_shift($args);
     $item =& $tree->getItemById($id);
     $id = $item['id'];
     if (!$tree->_hasRights('admin', $item['rights'])) {
         header('Location: ' . url::item($id));
         exit;
     }
     if ($item['parent']) {
         $parentnode =& $tree->getItemById($item['parent']);
         $position = 0;
         if (isset($parentnode['children'])) {
             reset($parentnode['children']);
             while (list($k, ) = each($parentnode['children'])) {
                 $position = max($position, $parentnode['children'][$k]['position']);
             }
         }
         $position++;
         $parent = $item['parent'];
     } else {
         $position = 0;
         reset($tree->tree);
         while (list($k, ) = each($tree->tree)) {
             if ($tree->tree[$k]['id'] != 'admin') {
                 $position = max($position, $tree->tree[$k]['position']);
             }
         }
         $position++;
         $parent = '';
     }
     $newid = $this->_duplicateItem($id, $parent, $position);
     header("Location: " . url::item($newid, 'edit'));
     exit;
 }
Beispiel #12
0
 function event_ExecuteEditor(&$data)
 {
     global $tree, $language;
     if ($data['sheet'] == 'seo') {
         if ($_SERVER['REQUEST_METHOD'] == 'POST') {
             $keywords = isset($_POST['keywords']) ? trim($_POST['keywords']) : '';
             $description = isset($_POST['description']) ? trim($_POST['description']) : '';
             $res = sql::query("\r\n\t\t\t\t\t\tREPLACE INTO \r\n\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_seo\r\n\t\t\t\t\t\tSET \r\n\t\t\t\t\t\t\tID='" . $data['params']['id'] . "',\r\n\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "',\r\n\t\t\t\t\t\t\tkeywords='" . addslashes($keywords) . "',\r\n\t\t\t\t\t\t\tdescription='" . addslashes($description) . "'\r\n\t\t\t\t\t");
             // Mark this action as a modification
             revisions::updateModificationDate($data['params']['id'], $data['params']['revision']);
             header("Location: " . url::item($data['params']['id'], 'edit') . "/seo?revision=" . $data['params']['revision']);
             exit;
         }
         $res = sql::query("\r\n\t\t\t\t\tSELECT\r\n\t\t\t\t\t\t*\r\n\t\t\t\t\tFROM\r\n\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_seo\r\n\t\t\t\t\tWHERE\r\n\t\t\t\t\t\tID='" . $data['params']['id'] . "' AND\r\n\t\t\t\t\t\trevision='" . $data['params']['revision'] . "'\r\n\t\t\t\t");
         if (!($row = sql::fetch_array($res))) {
             $row = array('keywords' => '', 'description' => '');
         }
         $tpl = new Template($this->getTemplate('editor.template'));
         $tpl->set('seo', $row);
         $tpl->set('id', $data['params']['id']);
         $tpl->set("revision", $data['params']['revision']);
         $data['template']->append('content', $tpl->fetch());
     }
 }
Beispiel #13
0
 function logout()
 {
     unset($_SESSION['USER_DATA']);
     header('Location: ' . url::item());
     exit;
 }
Beispiel #14
0
 function event_ExecuteEditor(&$data)
 {
     global $lang, $manager;
     if (isset($manager->types[$data['type']]['content']['movie']) && $data['sheet'] == 'movie') {
         if (isset($_REQUEST['json']) && $_REQUEST['json'] == 'list') {
             $res = sql::query("\r\n\t\t\t\t\t\tSELECT\r\n\t\t\t\t\t\t\t*\r\n\t\t\t\t\t\tFROM\r\n\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_movie\r\n\t\t\t\t\t\tWHERE\r\n\t\t\t\t\t\t\tID='" . $data['params']['id'] . "' AND\r\n\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "'\r\n\t\t\t\t\t");
             $tpl = new Template($this->getTemplate('json.template'));
             if ($movie = sql::fetch_array($res)) {
                 $tpl->set("movie", $movie);
             }
             echo $tpl->fetch();
             exit;
         }
         if (isset($_REQUEST['json']) && $_REQUEST['json'] == 'delete') {
             $res = sql::query("\r\n\t\t\t\t\t\tSELECT \r\n\t\t\t\t\t\t\t* \r\n\t\t\t\t\t\tFROM \r\n\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_movie\r\n\t\t\t\t\t\tWHERE \r\n\t\t\t\t\t\t\tID='" . $data['params']['id'] . "' AND\r\n\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "'\r\n\t\t\t\t\t");
             if ($row = sql::fetch_array($res)) {
                 $directory = _BASE_MEDIA_ . 'movies/';
                 if (file_exists($directory . $row['filename'])) {
                     unlink($directory . $row['filename']);
                 }
                 $res = sql::query("\r\n\t\t\t\t\t\t\tDELETE FROM \r\n\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_movie\r\n\t\t\t\t\t\t\tWHERE \r\n\t\t\t\t\t\t\t\tID='" . $data['params']['id'] . "' AND\r\n\t\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "'\r\n\t\t\t\t\t\t");
             }
             // Mark this action as a modification
             revisions::updateModificationDate($data['params']['id'], $data['params']['revision']);
             exit;
         }
         if ($_SERVER['REQUEST_METHOD'] == 'POST') {
             /* Upload */
             if (isset($_FILES['Filedata'])) {
                 if ($_FILES['Filedata']['error'] == UPLOAD_ERR_OK && is_uploaded_file($_FILES['Filedata']['tmp_name'])) {
                     $directory = _BASE_MEDIA_ . 'movies/';
                     $original = $_FILES['Filedata']['name'];
                     $contenttype = files::getCleanContentType($_FILES['Filedata']['type'], $_FILES['Filedata']['name']);
                     $filename = files::getUniqueName($contenttype, $directory);
                     if (files::allowedContentType($contenttype, 'movie')) {
                         // Insert into database...
                         move_uploaded_file($_FILES['Filedata']['tmp_name'], $directory . $filename);
                         $res = sql::query("\r\n\t\t\t\t\t\t\t\t\tINSERT INTO\r\n\t\t\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_movie \r\n\t\t\t\t\t\t\t\t\tSET \r\n\t\t\t\t\t\t\t\t\t\tID='" . $data['params']['id'] . "', \r\n\t\t\t\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "',\r\n\t\t\t\t\t\t\t\t\t\tfilename='" . addslashes($filename) . "', \r\n\t\t\t\t\t\t\t\t\t\tname='" . addslashes($original) . "',\r\n\t\t\t\t\t\t\t\t\t\ttype='" . addslashes($contenttype) . "', \r\n\t\t\t\t\t\t\t\t\t\tsize='" . addslashes($_FILES['Filedata']['size']) . "',\r\n\t\t\t\t\t\t\t\t\t\twidth=320,\r\n\t\t\t\t\t\t\t\t\t\theight=240,\r\n\t\t\t\t\t\t\t\t\t\tautostart=0\r\n\t\t\t\t\t\t\t\t");
                         // Mark this action as a modification
                         revisions::updateModificationDate($data['params']['id'], $data['params']['revision']);
                         // Workaround for a Flash bug on OS X.. We need to send back content... any content will do
                         echo " ";
                         flush();
                         exit;
                     } else {
                         header("HTTP/1.1 415 Unsupported Media Type");
                         header("Status: 415 Unsupported Media Type");
                         exit;
                     }
                 } else {
                     switch ($_FILES['Filedata']['error']) {
                         case UPLOAD_ERR_INI_SIZE:
                         case UPLOAD_ERR_FORM_SIZE:
                             header("HTTP/1.1 413 Request Entity Too Large");
                             header("Status: 413 Request Entity Too Large");
                             exit;
                         case UPLOAD_ERR_NO_FILE:
                         case UPLOAD_ERR_PARTIAL:
                         default:
                             header("HTTP/1.1 400 Bad Request");
                             header("Status: 400 Bad Request");
                             exit;
                     }
                 }
             } else {
                 // Update size and autostart
                 $autostart = isset($_REQUEST['autostart']) ? intval($_REQUEST['autostart']) : 0;
                 $width = isset($_REQUEST['size']) ? intval($_REQUEST['size']) : 320;
                 switch ($width) {
                     case 320:
                         $height = 240;
                     case 640:
                         $height = 480;
                     default:
                         $height = round($width / 4 * 3);
                 }
                 $res = sql::query("\r\n\t\t\t\t\t\t\tUPDATE\r\n\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_movie\r\n\t\t\t\t\t\t\tSET\r\n\t\t\t\t\t\t\t\twidth='" . addslashes($width) . "',\r\n\t\t\t\t\t\t\t\theight='" . addslashes($height) . "',\r\n\t\t\t\t\t\t\t\tautostart='" . addslashes($autostart) . "'\r\n\t\t\t\t\t\t\tWHERE\r\n\t\t\t\t\t\t\t\tID='" . $data['params']['id'] . "' AND\r\n\t\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "'\r\n\t\t\t\t\t\t");
             }
             // Mark this action as a modification
             revisions::updateModificationDate($data['params']['id'], $data['params']['revision']);
             header("Location: " . url::item($data['params']['id'], 'edit') . "/movie?revision=" . $data['params']['revision']);
             exit;
         }
         $res = sql::query("\r\n\t\t\t\t\tSELECT\r\n\t\t\t\t\t\t*\r\n\t\t\t\t\tFROM\r\n\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_movie\r\n\t\t\t\t\tWHERE\r\n\t\t\t\t\t\tID='" . $data['params']['id'] . "' AND\r\n\t\t\t\t\t\trevision='" . $data['params']['revision'] . "'\r\n\t\t\t\t");
         $tpl = new Template($this->getTemplate('editor.template'));
         if ($movie = sql::fetch_array($res)) {
             $tpl->set("movie", $movie);
         }
         $tpl->set("id", $data['params']['id']);
         $tpl->set("revision", $data['params']['revision']);
         $tpl->set("filemask", files::getFilemask('movie'));
         $tpl->set("ticket", ticket::generate($data['params']['id']));
         $data['template']->append('content', $tpl->fetch());
         // Make sure the following assets are included
         $data['page']->assets->registerJavascript('/core/assets/javascript/plugin.js');
         $data['page']->assets->registerJavascript('/core/assets/javascript/flash.js');
         $data['page']->assets->registerJavascript('/core/assets/javascript/upload.js');
         $data['page']->assets->registerJavascript('/core/assets/javascript/progress.js');
         $data['page']->assets->registerJavascript($this->localAsset('editor.js'));
         $data['page']->assets->registerJavascript($this->localAsset('player.js'));
     }
 }
Beispiel #15
0
 function event_ExecuteEditor(&$data)
 {
     global $lang, $manager;
     if (isset($manager->types[$data['type']]['content']['slides']) && $data['sheet'] == 'slides') {
         // Define a list of errors
         $errors = array();
         if ($_SERVER['REQUEST_METHOD'] == 'POST') {
             mysql_query("\r\n\t\t\t\t\t\tDELETE FROM \r\n\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_slides\r\n\t\t\t\t\t\tWHERE \r\n\t\t\t\t\t\t\t`ID` = '" . $data['params']['id'] . "' AND\r\n\t\t\t\t\t\t\t`revision` = '" . $data['params']['revision'] . "'\r\n\t\t\t\t\t");
             if (is_array($_POST['slides'])) {
                 $position = 0;
                 while (list(, $slide) = each($_POST['slides'])) {
                     mysql_query("\r\n\t\t\t\t\t\t\t\tINSERT INTO \r\n\t\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_slides \r\n\t\t\t\t\t\t\t\tSET \r\n\t\t\t\t\t\t\t\t\t`ID` = '" . $data['params']['id'] . "', \r\n\t\t\t\t\t\t\t\t\t`revision` = '" . $data['params']['revision'] . "',\r\n\t\t\t\t\t\t\t\t\t`position` = '" . $position . "',\r\n\t\t\t\t\t\t\t\t\t`thumbnail` = '" . addslashes($slide['thumbnail']) . "', \r\n\t\t\t\t\t\t\t\t\t`image` = '" . addslashes($slide['image']) . "', \r\n\t\t\t\t\t\t\t\t\t`title` = '" . addslashes($slide['title']) . "', \r\n\t\t\t\t\t\t\t\t\t`description` = '" . addslashes($slide['description']) . "'\r\n\t\t\t\t\t\t\t");
                     $position++;
                 }
             }
             // Mark this action as a modification
             revisions::updateModificationDate($data['params']['id'], $data['params']['revision']);
             header("Location: " . url::item($data['params']['id'], 'edit') . "/slides?revision=" . $data['params']['revision']);
             exit;
         }
         // Load...
         $slides = array();
         $res = mysql_query("\r\n\t\t\t\t\tSELECT \r\n\t\t\t\t\t\t*\r\n\t\t\t\t\tFROM \r\n\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_slides\r\n\t\t\t\t\tWHERE \r\n\t\t\t\t\t\t`ID` = '" . $data['params']['id'] . "' AND\r\n\t\t\t\t\t\t`revision` = '" . $data['params']['revision'] . "'\r\n\t\t\t\t");
         while ($row = mysql_fetch_array($res, MYSQL_ASSOC)) {
             $row['description'] = preg_replace('/\\s+/', ' ', $row['description']);
             $slides[] = $row;
         }
         $tpl = new Template($this->getTemplate('editor.template'));
         $tpl->set("slides", $slides);
         $tpl->set("id", $data['params']['id']);
         $tpl->set("revision", $data['params']['revision']);
         if (count($errors)) {
             $data['template']->append('error', implode(', ', $errors));
         }
         $data['template']->append('content', $tpl->fetch());
         // Make sure the following assets are included
         $data['page']->assets->registerJavascript('/core/assets/javascript/modaldialog.js');
         $data['page']->assets->registerCSS($this->localAsset('editor.css'));
         $data['page']->assets->registerJavascript($this->localAsset('editor.js'));
     }
 }
Beispiel #16
0
        $action = array_shift($args);
    } else {
        $action = 'login';
    }
    if ($action != 'settings' && $config->get('multiLanguageSupport') && count($args)) {
        $language = array_shift($args);
    } else {
        $language = _DEFAULT_LANGUAGE_;
    }
    $lang = new language($language, _DEFAULT_SITE_, true);
    $user = new currentUser();
    $manager = new pluginManager();
    $tree = new pageTree($user, $manager, $language, _DEFAULT_SITE_);
    if ($action == 'login' && $user->loggedin()) {
        $id = $tree->getHome();
        header('Location: ' . url::item($id));
        exit;
    }
    $manager->handleAction($action, $args);
    exit;
}
if (!$config->get('installed')) {
    $lang = new language(_DEFAULT_LANGUAGE_, _DEFAULT_SITE_, true);
    $theme =& new theme();
    $theme->showError(_OFFLINE_MESSAGE_, 3);
}
if ($config->get('multiLanguageSupport') && count($args)) {
    $language = array_shift($args);
} else {
    $language = _DEFAULT_LANGUAGE_;
}
Beispiel #17
0
 function action_create($args)
 {
     global $manager, $tree, $user, $lang;
     /* Decode argumenst */
     $id = array_shift($args);
     $item =& $tree->getItemById($id);
     $id = $item['id'];
     if (!$tree->_hasRights('create', $item['rights'])) {
         header('Location: ' . url::item($id));
         exit;
     }
     if ($_SERVER['REQUEST_METHOD'] == 'POST') {
         // Determine the type of the page
         $type = $_POST['childtype'];
         if (isset($_POST['location']) && $_POST['location'] == 'sibling') {
             // Overwrite the type of the page
             $type = $_POST['siblingtype'];
             if ($item['parent'] > 0) {
                 // Set the item to its parent an continue...
                 $item =& $tree->getItemById($item['parent']);
             } else {
                 $position = 0;
                 reset($tree->tree);
                 while (list($k, ) = each($tree->tree)) {
                     if ($tree->tree[$k]['id'] != 'admin') {
                         $position = max($position, $tree->tree[$k]['position']);
                     }
                 }
                 $position++;
                 if (isset($_POST['language'])) {
                     $language = $_POST['language'];
                 } else {
                     $language = $tree->language;
                 }
                 if (isset($_POST['name'])) {
                     $name = $_POST['name'];
                 } else {
                     $name = $user->lang->s('untitled');
                 }
                 $slug = strtolower($name);
                 $slug = preg_replace('/(\\s+|_)/i', '-', $slug);
                 $slug = preg_replace('/[^a-z0-9\\-]/i', '', $slug);
                 $base = explode('/', $GLOBALS['HASH_URLS'][$data['params']['id']]);
                 array_shift($base);
                 $unique = false;
                 while (!$unique) {
                     $url = implode('/', array_merge($base, array($slug)));
                     if (isset($GLOBALS['HASH_IDS'][$url])) {
                         if (preg_match('/^(.*)-([0-9]+)$/i', $slug, $matches)) {
                             $slug = $matches[1] . '-' . (intval($matches[2]) + 1);
                         } else {
                             $slug = $slug . '-2';
                         }
                     } else {
                         $unique = true;
                     }
                 }
                 treeStorage::startTransaction();
                 list($left, $right) = treeStorage::prepareForInsert(0, $language);
                 $res = sql::query("\r\n\t\t\t\t\t\t\tINSERT INTO \r\n\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents\r\n\t\t\t\t\t\t\tSET\r\n\t\t\t\t\t\t\t\t`parent`='',\r\n\t\t\t\t\t\t\t\t`left`='" . $left . "',\r\n\t\t\t\t\t\t\t\t`right`='" . $right . "',\r\n\t\t\t\t\t\t\t\t`site`='" . _DEFAULT_SITE_ . "',\r\n\t\t\t\t\t\t\t\t`name`='" . addslashes($name) . "',\r\n\t\t\t\t\t\t\t\t`title`='',\r\n\t\t\t\t\t\t\t\t`slug`='" . addslashes($slug) . "',\r\n\t\t\t\t\t\t\t\t`type`='" . $type . "',\r\n\t\t\t\t\t\t\t\t`status`='0',\r\n\t\t\t\t\t\t\t\t`revision`=0,\r\n\t\t\t\t\t\t\t\t`position`='" . $position . "',\r\n\t\t\t\t\t\t\t\t`language`='" . $language . "',\r\n\t\t\t\t\t\t\t\t`author`='" . $user->id . "',\r\n\t\t\t\t\t\t\t\t`r_view`='3',\r\n\t\t\t\t\t\t\t\t`r_view_inv`='0',\r\n\t\t\t\t\t\t\t\t`r_edit`='6',\r\n\t\t\t\t\t\t\t\t`r_edit_inv`='0',\r\n\t\t\t\t\t\t\t\t`r_create`='6',\r\n\t\t\t\t\t\t\t\t`r_create_inv`='0',\r\n\t\t\t\t\t\t\t\t`r_admin`='6',\r\n\t\t\t\t\t\t\t\t`r_admin_inv`='0',\r\n\t\t\t\t\t\t\t\t`created`='" . time() . "',\r\n\t\t\t\t\t\t\t\t`modified`='" . time() . "',\r\n\t\t\t\t\t\t\t\t`visible`='1'\r\n\t\t\t\t\t\t");
                 treeStorage::stopTransaction();
                 $id = sql::insert_id();
                 /* Create the first revision */
                 revisions::doCreatePage($id);
                 header("Location: " . url::item($id, 'edit'));
                 exit;
             }
         }
         // Create the page
         $position = 0;
         if (isset($item['children'])) {
             reset($item['children']);
             while (list($k, ) = each($item['children'])) {
                 $position = max($position, $item['children'][$k]['position']);
             }
         }
         $position++;
         if (isset($_POST['language'])) {
             $language = $_POST['language'];
         } else {
             $language = $tree->language;
         }
         if (isset($_POST['name'])) {
             $name = $_POST['name'];
         } else {
             $name = $user->lang->s('untitled');
         }
         $slug = strtolower($name);
         $slug = preg_replace('/(\\s+|_)/i', '-', $slug);
         $slug = preg_replace('/[^a-z0-9\\-]/i', '', $slug);
         $base = explode('/', $GLOBALS['HASH_URLS'][$data['params']['id']]);
         array_shift($base);
         while (!$unique) {
             $url = implode('/', array_merge($base, array($slug)));
             if (isset($GLOBALS['HASH_IDS'][$url])) {
                 if (preg_match('/^(.*)-([0-9]+)$/i', $slug, $matches)) {
                     $slug = $matches[1] . '-' . (intval($matches[2]) + 1);
                 } else {
                     $slug = $slug . '-2';
                 }
             } else {
                 $unique = true;
             }
         }
         // Newly created items have the same
         // writing and creation rights as their
         // parents...
         $r_view = $item['rights']['r_view'];
         $r_edit = $item['rights']['r_create'];
         $r_create = $item['rights']['r_create'];
         $r_admin = $item['rights']['r_create'];
         if ($item['rights']['r_create'] != $item['rights']['r_admin']) {
             // Check if we are trying to create this page
             // with admin rights, or with create rights.
             if ($tree->_hasRights('create', $item['rights']) && !$tree->_hasRights('create', $item['rights'], true)) {
                 $r_admin = $item['rights']['r_admin'];
             }
         }
         treeStorage::startTransaction();
         list($left, $right) = treeStorage::prepareForInsert($item['id'], $language);
         sql::query("\r\n\t\t\t\t\tINSERT INTO \r\n\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents\r\n\t\t\t\t\tSET\r\n\t\t\t\t\t\t`parent`='" . $item['id'] . "',\r\n\t\t\t\t\t\t`left`='" . $left . "',\r\n\t\t\t\t\t\t`right`='" . $right . "',\r\n\t\t\t\t\t\t`site`='" . _DEFAULT_SITE_ . "',\r\n\t\t\t\t\t\t`name`='" . addslashes($name) . "',\r\n\t\t\t\t\t\t`title`='',\r\n\t\t\t\t\t\t`slug`='" . addslashes($slug) . "',\r\n\t\t\t\t\t\t`type`='" . $type . "',\r\n\t\t\t\t\t\t`status`='0',\r\n\t\t\t\t\t\t`position`='" . $position . "',\r\n\t\t\t\t\t\t`language`='" . $language . "',\r\n\t\t\t\t\t\t`author`='" . $user->id . "',\r\n\t\t\t\t\t\t`r_view`='" . $r_view . "',\r\n\t\t\t\t\t\t`r_view_inv`='0',\r\n\t\t\t\t\t\t`r_edit`='" . $r_edit . "',\r\n\t\t\t\t\t\t`r_edit_inv`='0',\r\n\t\t\t\t\t\t`r_create`='" . $r_create . "',\r\n\t\t\t\t\t\t`r_create_inv`='0',\r\n\t\t\t\t\t\t`r_admin`='" . $r_admin . "',\r\n\t\t\t\t\t\t`r_admin_inv`='0',\r\n\t\t\t\t\t\t`created`='" . time() . "',\r\n\t\t\t\t\t\t`modified`='" . time() . "',\r\n\t\t\t\t\t\t`visible`='1'\r\n\t\t\t\t");
         treeStorage::stopTransaction();
         $id = sql::insert_id();
         /* Create the first revision */
         revisions::doCreatePage($id);
         header("Location: " . url::item($id, 'edit'));
         exit;
     } else {
         if (is_null($item)) {
             $siblingAllowed = false;
             $siblingTypes = $manager->types();
             if ($user->memberof(6)) {
                 $siblingAllowed = count($siblingTypes) ? true : false;
             }
             $childAllowed = false;
             $childTypes = array();
         } else {
             $childTypes = $manager->types($item['type']);
             $childAllowed = count($childTypes) ? true : false;
             $siblingAllowed = false;
             $siblingTypes = array();
             if ($item['parent'] > 0) {
                 $parent =& $tree->getItemById($item['parent']);
                 if ($parent && $tree->_hasRights('create', $parent['rights'])) {
                     $siblingAllowed = true;
                 }
                 $siblingTypes = $manager->types($parent['type']);
             } else {
                 $siblingTypes = $manager->types();
             }
             if ($user->memberof(6)) {
                 $siblingAllowed = true;
             }
             if (!$id) {
                 $siblingAllowed = false;
             }
         }
         $tpl = new Template($this->getTemplate('create.template'));
         $tpl->set('childTypes', $childTypes);
         $tpl->set('childAllowed', $childAllowed);
         $tpl->set('siblingTypes', $siblingTypes);
         $tpl->set('siblingAllowed', $siblingAllowed);
         $tpl->set('name', $user->lang->s('untitled'));
         $tpl->set('id', $id);
         echo $tpl->fetch();
         exit;
     }
 }
Beispiel #18
0
 function event_ExecuteEditor(&$data)
 {
     global $lang, $manager;
     if (isset($manager->types[$data['type']]['content']['files']) && ($data['sheet'] == 'attachments' || $data['sheet'] == 'files')) {
         if (isset($_REQUEST['json']) && $_REQUEST['json'] == 'list') {
             $tpl = new Template($this->getTemplate('json.template'));
             if ($data['sheet'] == 'files') {
                 $tpl->set("files", $this->_files_list($data['params']['id'], $data['params']['revision']));
             } else {
                 $tpl->set("files", $this->_attachments_list($data['params']['id'], $data['params']['revision']));
             }
             echo $tpl->fetch();
             exit;
         }
         if (isset($_REQUEST['json']) && $_REQUEST['json'] == 'delete') {
             $res = sql::query("\r\n\t\t\t\t\t\tSELECT \r\n\t\t\t\t\t\t\t* \r\n\t\t\t\t\t\tFROM \r\n\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_files \r\n\t\t\t\t\t\tWHERE \r\n\t\t\t\t\t\t\tID='" . $data['params']['id'] . "' AND \r\n\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "' AND \r\n\t\t\t\t\t\t\tfilename='" . addslashes($_POST['delete']) . "'\r\n\t\t\t\t\t");
             if ($row = sql::fetch_array($res)) {
                 $directory = _BASE_MEDIA_ . 'files/';
                 if (file_exists($directory . $row['filename'])) {
                     unlink($directory . $row['filename']);
                 }
                 $res = sql::query("\r\n\t\t\t\t\t\t\tDELETE FROM \r\n\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_files \r\n\t\t\t\t\t\t\tWHERE \r\n\t\t\t\t\t\t\t\tID='" . $data['params']['id'] . "' AND \r\n\t\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "' AND \r\n\t\t\t\t\t\t\t\tfilename='" . addslashes($row['filename']) . "'\r\n\t\t\t\t\t\t");
             }
             // Mark this action as a modification
             revisions::updateModificationDate($data['params']['id'], $data['params']['revision']);
             exit;
         }
         if ($_SERVER['REQUEST_METHOD'] == 'POST') {
             if (isset($_REQUEST['files']) && is_array($_REQUEST['files'])) {
                 // Update title and position
                 while (list($id, $file) = each($_REQUEST['files'])) {
                     $res = sql::query("\r\n\t\t\t\t\t\t\t\tUPDATE\r\n\t\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_files \r\n\t\t\t\t\t\t\t\tSET\r\n\t\t\t\t\t\t\t\t\ttitle='" . addslashes($file['title']) . "',\r\n\t\t\t\t\t\t\t\t\tposition='" . addslashes($file['position']) . "'\r\n\t\t\t\t\t\t\t\tWHERE \r\n\t\t\t\t\t\t\t\t\tID='" . $data['params']['id'] . "' AND \r\n\t\t\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "' AND \r\n\t\t\t\t\t\t\t\t\tfilename='" . addslashes($id) . "'\r\n\t\t\t\t\t\t\t");
                 }
                 // Mark this action as a modification
                 revisions::updateModificationDate($data['params']['id'], $data['params']['revision']);
             }
             if (isset($_FILES['Filedata'])) {
                 $flashUsed = preg_match('/Flash/i', $_SERVER['HTTP_USER_AGENT']);
                 if ($_FILES['Filedata']['error'] == UPLOAD_ERR_OK && is_uploaded_file($_FILES['Filedata']['tmp_name'])) {
                     $directory = _BASE_MEDIA_ . 'files/';
                     $original = $_FILES['Filedata']['name'];
                     $contenttype = files::getCleanContentType($_FILES['Filedata']['type'], $_FILES['Filedata']['name']);
                     $filename = files::getUniqueName($contenttype, $directory);
                     if (files::allowedContentType($contenttype)) {
                         // Insert into database...
                         @move_uploaded_file($_FILES['Filedata']['tmp_name'], $directory . $filename);
                         $attachment = $data['sheet'] == 'files' ? 0 : 1;
                         $res = sql::query("\r\n\t\t\t\t\t\t\t\t\tSELECT \r\n\t\t\t\t\t\t\t\t\t\t*\r\n\t\t\t\t\t\t\t\t\tFROM\r\n\t\t\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_files \r\n\t\t\t\t\t\t\t\t\tWHERE\r\n\t\t\t\t\t\t\t\t\t\tID = " . $data['params']['id'] . " AND\r\n\t\t\t\t\t\t\t\t\t\trevision = " . $data['params']['revision'] . " AND\r\n\t\t\t\t\t\t\t\t\t\tattachment = " . $attachment . "\r\n\t\t\t\t\t\t\t\t\tORDER BY\r\n\t\t\t\t\t\t\t\t\t\tposition DESC\r\n\t\t\t\t\t\t\t\t\tLIMIT 1\r\n\t\t\t\t\t\t\t\t");
                         if ($row = sql::fetch_array($res)) {
                             $position = $row['position'] + 1;
                         } else {
                             $position = 0;
                         }
                         $res = sql::query("\r\n\t\t\t\t\t\t\t\t\tINSERT INTO \r\n\t\t\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_files \r\n\t\t\t\t\t\t\t\t\tSET \r\n\t\t\t\t\t\t\t\t\t\tID='" . $data['params']['id'] . "', \r\n\t\t\t\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "', \r\n\t\t\t\t\t\t\t\t\t\tfilename='" . addslashes($filename) . "', \r\n\t\t\t\t\t\t\t\t\t\tname='" . addslashes($original) . "',\r\n\t\t\t\t\t\t\t\t\t\ttype='" . addslashes($contenttype) . "', \r\n\t\t\t\t\t\t\t\t\t\ttitle='" . addslashes($original) . "',\r\n\t\t\t\t\t\t\t\t\t\tsize='" . addslashes($_FILES['Filedata']['size']) . "',\r\n\t\t\t\t\t\t\t\t\t\tposition='" . $position . "',\r\n\t\t\t\t\t\t\t\t\t\tattachment='" . $attachment . "',\r\n\t\t\t\t\t\t\t\t\t\tmodified=NOW()\r\n\t\t\t\t\t\t\t\t");
                         // Mark this action as a modification
                         revisions::updateModificationDate($data['params']['id'], $data['params']['revision']);
                         if (!$flashUsed) {
                             header("Location: " . url::item($data['params']['id'], 'edit') . "/" . $data['sheet'] . "?revision=" . $data['params']['revision']);
                         } else {
                             // Workaround for a Flash bug on OS X.. We need to send back content... any content will do
                             echo " ";
                             flush();
                         }
                     } else {
                         if ($flashUsed) {
                             header("HTTP/1.1 415 Unsupported Media Type");
                             header("Status: 415 Unsupported Media Type");
                         } else {
                             header("Location: " . url::item($data['params']['id'], 'edit') . "/" . $data['sheet'] . "?revision=" . $data['params']['revision']);
                         }
                     }
                     exit;
                 } else {
                     switch ($_FILES['Filedata']['error']) {
                         case UPLOAD_ERR_INI_SIZE:
                         case UPLOAD_ERR_FORM_SIZE:
                             if ($flashUsed) {
                                 header("HTTP/1.1 413 Request Entity Too Large");
                                 header("Status: 413 Request Entity Too Large");
                             } else {
                                 header("Location: " . url::item($data['params']['id'], 'edit') . "/" . $data['sheet'] . "?revision=" . $data['params']['revision']);
                             }
                             break;
                         case UPLOAD_ERR_NO_FILE:
                         case UPLOAD_ERR_PARTIAL:
                             if ($flashUsed) {
                                 header("HTTP/1.1 400 Bad Request");
                                 header("Status: 400 Bad Request");
                             } else {
                                 header("Location: " . url::item($data['params']['id'], 'edit') . "/" . $data['sheet'] . "?revision=" . $data['params']['revision']);
                             }
                             break;
                         case UPLOAD_ERR_NO_TMP_DIR:
                         case UPLOAD_ERR_CANT_WRITE:
                         case UPLOAD_ERR_EXTENSION:
                         default:
                             if ($flashUsed) {
                                 header("HTTP/1.1 500 Internal Error");
                                 header("Status: 500 Internal Error");
                             } else {
                                 header("Location: " . url::item($data['params']['id'], 'edit') . "/" . $data['sheet'] . "?revision=" . $data['params']['revision']);
                             }
                             break;
                     }
                     exit;
                 }
             }
             header("Location: " . url::item($data['params']['id'], 'edit') . "/" . $data['sheet'] . "?revision=" . $data['params']['revision']);
             exit;
         }
         $tpl = new Template($this->getTemplate('editor.template'));
         if ($data['sheet'] == 'files') {
             $tpl->set("files", $this->_files_list($data['params']['id'], $data['params']['revision']));
         } else {
             $tpl->set("files", $this->_attachments_list($data['params']['id'], $data['params']['revision']));
         }
         $tpl->set("id", $data['params']['id']);
         $tpl->set("revision", $data['params']['revision']);
         $tpl->set("filemask", files::getFilemask());
         $tpl->set("ticket", ticket::generate($data['params']['id']));
         $tpl->set("sheet", $data['sheet']);
         $data['template']->append('content', $tpl->fetch());
         // Make sure the following assets are included
         $data['page']->assets->registerJavascript('/core/assets/javascript/plugin.js');
         $data['page']->assets->registerJavascript('/core/assets/javascript/flash.js');
         $data['page']->assets->registerJavascript('/core/assets/javascript/upload.js');
         $data['page']->assets->registerJavascript('/core/assets/javascript/progress.js');
         $data['page']->assets->registerCSS($this->localAsset('editor.css'));
         $data['page']->assets->registerJavascript($this->localAsset('editor.js'));
     }
 }
Beispiel #19
0
 function event_ExecuteEditor(&$data)
 {
     global $lang, $manager, $user;
     if (isset($manager->types[$data['type']]['content']['collection']) && $data['sheet'] == 'collection') {
         // Retrieve story
         $res = sql::query("\n\t\t\t\t\tSELECT \n\t\t\t\t\t\t*\n\t\t\t\t\tFROM \n\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_collection \n\t\t\t\t\tWHERE \n\t\t\t\t\t\t`ID` = '" . $data['params']['id'] . "' AND\n\t\t\t\t\t\t`revision` = '" . $data['params']['revision'] . "'\n\t\t\t\t");
         if ($row = sql::fetch_array($res, MYSQL_ASSOC)) {
             $type = $row['type'];
         } else {
             $type = '';
         }
         if ($_SERVER['REQUEST_METHOD'] == 'POST') {
             $res = sql::query("\n\t\t\t\t\t\tREPLACE INTO \n\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_collection \n\t\t\t\t\t\tSET \n\t\t\t\t\t\t\t`ID` = '" . $data['params']['id'] . "', \n\t\t\t\t\t\t\t`revision` = '" . $data['params']['revision'] . "',\n\t\t\t\t\t\t\t`type` = '" . addslashes($_POST['type']) . "',\n\t\t\t\t\t\t\t`limit` = " . intval($_POST['limit']) . ",\n\t\t\t\t\t\t\t`sort` = " . (isset($_POST['reverse']) ? 0 - $_POST['sort'] : $_POST['sort']) . "\n\t\t\t\t\t");
             // Mark this action as a modification
             revisions::updateModificationDate($data['params']['id'], $data['params']['revision']);
             header("Location: " . url::item($data['params']['id'], 'edit') . "/collection?revision=" . $data['params']['revision']);
             exit;
         }
         $tpl = new Template($this->getTemplate('editor.template'));
         $tpl->set('type', $type);
         $tpl->set('limit', $row['limit']);
         $tpl->set('sort', $row['sort']);
         $tpl->set('types', $manager->types());
         $tpl->set('id', $data['params']['id']);
         $tpl->set('revision', $data['params']['revision']);
         $data['template']->append('content', $tpl->fetch());
     }
 }
Beispiel #20
0
    function pageTree(&$user, &$manager, $language, $site)
    {
        // Hash tables for quick URL translation
        $GLOBALS['HASH_URLS'] = array();
        $GLOBALS['HASH_IDS'] = array();
        $this->user =& $user;
        $this->manager =& $manager;
        $this->language = $language;
        $this->site = $site;
        $time = time();
        $res = sql::query('
			SELECT 
				* 
			FROM 
				' . _TABLE_PREFIX_ . 'contents 
			WHERE 
				language="' . $this->language . '" AND
				site="' . $this->site . '" AND
				status < 2
			ORDER BY 
				`left`
		');
        while ($row = sql::fetch_array($res, MYSQL_ASSOC)) {
            if (intval($row['parent']) == 0 || isset($this->data[$row['parent']])) {
                // Create new hash entries for URL translation
                $slug = $row['slug'] == '' ? 'item-' . $row['ID'] : $row['slug'];
                if ($row['parent'] > 0) {
                    $url = $GLOBALS['HASH_URLS'][$row['parent']] . '/' . $slug;
                } else {
                    $url = $slug;
                }
                $GLOBALS['HASH_URLS'][$row['ID']] = $url;
                $GLOBALS['HASH_IDS'][$url] = $row['ID'];
                // Build tree
                $this->data[$row['ID']] = array('id' => intval($row['ID']), 'revision' => intval($row['revision']), 'parent' => intval($row['parent']), 'slug' => $row['slug'], 'set' => intval($row['set']), 'position' => $row['position'], 'created' => intval($row['created']), 'published' => intval($row['published']), 'modified' => intval($row['modified']), 'status' => $row['status'], 'name' => $row['name'], 'title' => $row['title'], 'type' => $row['type'], 'url' => url::item($row), 'expand' => false, 'rights' => array('r_view' => $row['r_view'], 'r_view_inv' => $row['r_view_inv'], 'r_edit' => $row['r_edit'], 'r_edit_inv' => $row['r_edit_inv'], 'r_create' => $row['r_create'], 'r_create_inv' => $row['r_create_inv'], 'r_admin' => $row['r_admin'], 'r_admin_inv' => $row['r_admin_inv'], 'author' => $row['author']), 'date' => array('activation' => $row['activation'], 'expiration' => $row['expiration'], 'visible' => $row['visible']), 'meta' => array('language' => $row['language'], 'created' => max($row['activation'], $row['created']), 'modified' => max($row['activation'], $row['modified'])));
                $sort = 0;
                $visible = true;
                $navigation = true && $row['visible'];
                /* Navigation and sort inherited from page type */
                if (isset($manager->types[$row['type']])) {
                    $navigation = $navigation && $manager->types[$row['type']]['visible'];
                    $sort = $manager->types[$row['type']]['sort'];
                }
                /* Check visibility of parent */
                if (intval($row['parent']) == 0) {
                    $this->tree[$row['ID']] =& $this->data[$row['ID']];
                } else {
                    $this->data[$row['parent']]['children'][] =& $this->data[$row['ID']];
                    /* Navigation manually set */
                    $navigation = $navigation && $this->data[$row['parent']]['visible'];
                }
                /* Check publishing date range */
                if ($visible) {
                    $visible = $visible && ($time > $this->data[$row['ID']]['date']['activation'] && $time < $this->data[$row['ID']]['date']['expiration']) || $time > $this->data[$row['ID']]['date']['activation'] && $this->data[$row['ID']]['date']['expiration'] == 0 || $this->data[$row['ID']]['date']['activation'] == 0 && $this->data[$row['ID']]['date']['expiration'] == 0;
                }
                /* Check view rights */
                if ($visible) {
                    $visible = $visible && $this->_hasRights('view', $this->data[$row['ID']]['rights']);
                }
                /* Check if a draft */
                if ($visible) {
                    $visible = $visible && $this->data[$row['ID']]['status'] > 0 || $this->user->admin();
                }
                $this->data[$row['ID']]['sort'] = $sort;
                $this->data[$row['ID']]['visible'] = $visible;
                $this->data[$row['ID']]['navigation'] = $navigation && $visible;
                if ($navigation && $visible) {
                    $tmp =& $this->data[$row['ID']];
                    while ($tmp['parent'] != 0) {
                        $tmp =& $this->data[$tmp['parent']];
                        $tmp['expand'] = true;
                    }
                }
                if ($row['slug'] != '') {
                    $this->slugs[$row['slug']] = $row['ID'];
                }
            }
        }
        if (!count($this->data)) {
            return;
        }
        // Sort all items
        while (list($id, ) = each($this->data)) {
            if (isset($this->data[$id]['children']) && $this->data[$id]['sort'] != 0) {
                switch (abs($this->data[$id]['sort'])) {
                    case 1:
                        $t = "strcasecmp(\$a['name'], \$b['name'])";
                        break;
                    case 2:
                        $t = "\$a['created'] - \$b['created']";
                        break;
                    case 3:
                        $t = "\$a['published'] - \$b['published']";
                        break;
                    case 4:
                        $t = "\$a['modified'] - \$b['modified']";
                        break;
                    default:
                        continue;
                }
                uasort($this->data[$id]['children'], create_function('$a, $b', "return " . ($this->data[$id]['sort'] > 0 ? '' : '-') . "(" . $t . ");"));
            }
        }
    }
Beispiel #21
0
    function event_ExecuteEditor(&$data)
    {
        global $tree, $lang, $user, $config, $manager;
        if ($data['sheet'] == 'navigation') {
            $item =& $data['item'];
            $allow = false;
            $allow = $allow || $tree->_hasRights('admin', $item['rights']);
            if ($item['parent'] != '' && $item['parent'] != '0') {
                $parent =& $tree->getItemById($item['parent']);
                $allow = $allow || $tree->_hasRights('admin', $parent['rights']);
            }
            $errors = array();
            $tpl = new Template($this->getTemplate('editor.template'));
            if ($_SERVER['REQUEST_METHOD'] == 'POST') {
                $hidden = isset($_POST['hidden']) && $_POST['hidden'] == 'yes' ? 0 : 1;
                $set = isset($_POST['set']) ? intval($_POST['set']) : 0;
                $res = sql::query("\r\n\t\t\t\t\t\tUPDATE \r\n\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents \r\n\t\t\t\t\t\tSET \r\n\t\t\t\t\t\t\t`set` = '" . addslashes($set) . "', \r\n\t\t\t\t\t\t\t`visible` = '" . $hidden . "' \r\n\t\t\t\t\t\tWHERE \r\n\t\t\t\t\t\t\t`ID` = '" . $item['id'] . "'\r\n\t\t\t\t\t");
                if ($allow && isset($_POST['position'])) {
                    for ($i = 0; $i < intval($config->get('navigationSets')); $i++) {
                        $position = explode(',', $_POST['position'][$i]);
                        if ($set != $i) {
                            while (list($p, $id) = each($position)) {
                                if ($id == $item['id']) {
                                    unset($position[$p]);
                                }
                            }
                            reset($position);
                        }
                        /* Also include all disabled siblings, but at the bottom... */
                        $res = sql::query('
								SELECT 
									`ID`
								FROM 
									' . _TABLE_PREFIX_ . 'contents 
								WHERE 
									`parent` = ' . $item['parent'] . ' AND
									`set` = ' . $set . ' AND 
									`status` = 2 
								ORDER BY 
									`position`
							');
                        while ($row = sql::fetch_array($res, MYSQL_ASSOC)) {
                            $position[] = $row['ID'];
                        }
                        /* Sort */
                        while (list($p, $id) = each($position)) {
                            treeStorage::startTransaction();
                            treeStorage::prepareForMove($id, $item['parent'], $item['meta']['language']);
                            $res = sql::query("\r\n\t\t\t\t\t\t\t\t\tUPDATE \r\n\t\t\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents \r\n\t\t\t\t\t\t\t\t\tSET \r\n\t\t\t\t\t\t\t\t\t\t`position`='" . addslashes($p + 100 * $set) . "'\r\n\t\t\t\t\t\t\t\t\tWHERE \r\n\t\t\t\t\t\t\t\t\t\t`ID` = '" . addslashes($id) . "'\r\n\t\t\t\t\t\t\t\t");
                            treeStorage::stopTransaction();
                        }
                    }
                    header("Location: " . url::item($data['params']['id'], 'edit') . "/navigation");
                    exit;
                }
            }
            if ($data['item']['parent'] != '' && $data['item']['parent'] != '0') {
                $tpl->set('pages', $parent['children']);
            } else {
                // Make a copy that we can edit...
                $pages = $tree->tree;
                reset($pages);
                while (list($k, ) = each($pages)) {
                    if ($pages[$k]['id'] == 'admin') {
                        unset($pages[$k]);
                        continue;
                    }
                    if ($pages[$k]['status'] > 1) {
                        unset($pages[$k]);
                        continue;
                    }
                    /*
                    if ($data['item']['parent'] == 0 && $pages[$k]['set'] != $data['item']['set']) {
                    	unset($pages[$k]);
                    	continue;
                    }
                    */
                }
                $tpl->set('pages', $pages);
            }
            // Determine if we must sort this item manually
            $sort = 0;
            $hidden = true;
            if ($item['parent'] > 0) {
                $parent =& $tree->getItemById($item['parent']);
                if (isset($manager->types[$parent['type']])) {
                    $sort = $manager->types[$parent['type']]['sort'];
                    $hidden = $manager->types[$parent['type']]['visible'] == 0;
                }
            }
            $tpl->set('item', $data['item']);
            $tpl->set('id', $data['params']['id']);
            $tpl->set('allow', $allow);
            $tpl->set('hidden', $hidden);
            $tpl->set('sort', $sort);
            $tpl->set('sets', intval($config->get('navigationSets')));
            $data['template']->append('content', $tpl->fetch());
        }
    }
Beispiel #22
0
 function action_view($args)
 {
     global $manager, $tree, $config, $user, $lang;
     // If no arguments are provided redirect
     if (!count($args)) {
         $id = $tree->getHome();
         if (!is_null($id)) {
             header('Location: ' . url::item($id));
             exit;
         }
         // There are no pages
         $id = 0;
         $type = '';
         $ext = '';
         $item = null;
         if ($user->admin()) {
             // Allow admins to add pages...
             $action = 'edit';
             $page = new admin();
             // Notify plugins of a PreSkinParse event;
             $data = array('page' => &$page, 'template' => &$page->template, 'type' => $type, 'params' => array('action' => $action, 'id' => $id, 'ext' => $ext, 'args' => $args));
             $manager->handleEvent('PreSkinParse', $data);
             $page->show();
             exit;
         } else {
             if ($lang->id != _DEFAULT_LANGUAGE_) {
                 // Redirect to the default language
                 header('Location: ' . url::language(_DEFAULT_LANGUAGE_));
             } else {
                 // Show error message that website is offline
                 $config = new config();
                 $lang = new language(_DEFAULT_LANGUAGE_, _DEFAULT_SITE_, true);
                 $page = new theme();
                 $page->showError(_OFFLINE_MESSAGE_, 4);
             }
         }
     } else {
         // Decode argumenst
         $id = array_shift($args);
         // Check if the id contains an file extension
         if (preg_match('/(.*)\\.([a-z0-9]+)$/i', $id, $matches)) {
             $id = $matches[1];
             $ext = $matches[2];
         } else {
             $ext = '';
         }
         // Load the page
         $item =& $tree->getItemById($id);
         $id = $item['id'];
         $type = $item['type'];
         $action = 'view';
         // Setup Theme
         $page = new theme($id, $type);
     }
     // Notify plugins of a PreSkinParse event;
     $data = array('page' => &$page, 'template' => &$page->template, 'type' => $type, 'params' => array('action' => $action, 'id' => $id, 'ext' => $ext, 'args' => $args));
     $manager->handleEvent('PreSkinParse', $data);
     // Handle authorisation
     $ticket = false;
     if (isset($_REQUEST['ticket'])) {
         if (ticket::authorize($_REQUEST['ticket']) == $data['params']['id']) {
             $ticket = true;
         }
     }
     if ($ticket || $tree->_hasRights('view', $item['rights'])) {
         $page->title->set($item['name']);
         if ($item['title'] != '') {
             $page->title->set($item['title']);
         }
         $manager->handleType($type, $data);
         $page->template->set('action', $action);
         $page->template->set('id', $id);
         $page->template->set('slug', isset($item['slug']) ? $item['slug'] : '');
         $page->template->set('type', $type);
         if (isset($item)) {
             if (!isset($manager->types[$item['type']]['generated']) || !$manager->types[$item['type']]['generated']) {
                 if ($config->get('showLastModified')) {
                     $page->template->set('modified', revisions::getModificationDate($id, $item['revision']));
                 }
             }
         }
     } else {
         if ($config->get('redirectToLogin') && $user->anonymous()) {
             array_unshift($args, $id);
             $manager->handleAction('login', $args);
             //header ('Location: ' . url::item($id, 'login'));
             exit;
         } else {
             $page->template->set('error', $lang->s('notenoughrights'));
         }
     }
     $page->show();
 }
Beispiel #23
0
 function event_ExecuteEditor(&$data)
 {
     global $lang, $manager, $user;
     if (isset($manager->types[$data['type']]['content']['form']) && $data['sheet'] == 'form') {
         $structure = $this->getStructure($data['params']['id'], $data['params']['revision']);
         if ($_SERVER['REQUEST_METHOD'] == 'POST') {
             // First delete the original...
             $this->event_DeleteRevision($data['params']);
             // Create the new structure
             sql::query("\r\n\t\t\t\t\t\tINSERT INTO\r\n\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_form\r\n\t\t\t\t\t\tSET\r\n\t\t\t\t\t\t\t`ID` = '" . $data['params']['id'] . "',\r\n\t\t\t\t\t\t\t`revision` = '" . $data['params']['revision'] . "',\r\n\t\t\t\t\t\t\t`button` = '" . addslashes($_REQUEST['button']) . "',\r\n\t\t\t\t\t\t\t`email` = '" . addslashes($_REQUEST['email']) . "'\r\n\t\t\t\t\t");
             while (list($id, $element) = each($_REQUEST['elements'])) {
                 if (isset($element['options'])) {
                     if ($element['type'] == 'checkbox') {
                         $default = array();
                         reset($element['options']);
                         while (list(, $option) = each($element['options'])) {
                             if (isset($option['default'])) {
                                 $default[] = $option['title'];
                             }
                         }
                         $element['default'] = implode(',', $default);
                     } else {
                         if ($element['default'] != '0') {
                             $element['default'] = $element['options'][$element['default']]['title'];
                         } else {
                             $element['default'] = '';
                         }
                     }
                 }
                 sql::query("\r\n\t\t\t\t\t\t\tINSERT INTO\r\n\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_form_elements\r\n\t\t\t\t\t\t\tSET\r\n\t\t\t\t\t\t\t\t`form` = '" . $data['params']['id'] . "',\r\n\t\t\t\t\t\t\t\t`revision` = '" . $data['params']['revision'] . "',\r\n\t\t\t\t\t\t\t\t`order` = '" . intval($element['position']) . "',\r\n\t\t\t\t\t\t\t\t`type` = '" . addslashes($element['type']) . "',\r\n\t\t\t\t\t\t\t\t`title` = '" . addslashes($element['title']) . "',\r\n\t\t\t\t\t\t\t\t`size` = '" . intval($element['size']) . "',\r\n\t\t\t\t\t\t\t\t`default` = '" . addslashes($element['default']) . "',\r\n\t\t\t\t\t\t\t\t`action` = '" . addslashes($element['action']) . "',\r\n\t\t\t\t\t\t\t\t`required` = '" . (isset($element['required']) ? 1 : 0) . "'\r\n\t\t\t\t\t\t");
                 $element_id = sql::insert_id();
                 if (isset($element['options'])) {
                     reset($element['options']);
                     while (list(, $option) = each($element['options'])) {
                         sql::query("\r\n\t\t\t\t\t\t\t\t\tINSERT INTO\r\n\t\t\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_form_elements_options\r\n\t\t\t\t\t\t\t\t\tSET\r\n\t\t\t\t\t\t\t\t\t\t`element` = '" . $element_id . "',\r\n\t\t\t\t\t\t\t\t\t\t`order` = '" . intval($option['order']) . "',\r\n\t\t\t\t\t\t\t\t\t\t`title` = '" . addslashes($option['title']) . "'\r\n\t\t\t\t\t\t\t\t");
                     }
                 }
             }
             // Mark this action as a modification
             revisions::updateModificationDate($data['params']['id'], $data['params']['revision']);
             header("Location: " . url::item($data['params']['id'], 'edit') . "/form?revision=" . $data['params']['revision']);
             exit;
         }
         $tpl = new Template($this->getTemplate('editor.template'));
         $tpl->set("id", $data['params']['id']);
         $tpl->set("revision", $data['params']['revision']);
         if ($structure) {
             $tpl->set("structure", $this->getJSON($structure));
             $tpl->set("email", $structure['email']);
             $tpl->set("button", $structure['button']);
         } else {
             $tpl->set("structure", '[ ]');
             $tpl->set("email", '');
             $tpl->set("button", '');
         }
         $tpl->set("types", array('text' => $user->lang->s('typetext'), 'textarea' => $user->lang->s('typetextarea'), 'email' => $user->lang->s('typeemail'), 'select' => $user->lang->s('typeselect'), 'radio' => $user->lang->s('typeradio'), 'checkbox' => $user->lang->s('typecheckbox'), 'country' => $user->lang->s('typecountry'), 'explaination' => $user->lang->s('typeexplaination'), 'header' => $user->lang->s('typeheader'), 'button' => $user->lang->s('typebutton')));
         $data['template']->append('content', $tpl->fetch());
         // Make sure the following assets are included
         $data['page']->assets->registerCSS($this->localAsset('editor.css'));
         $data['page']->assets->registerJavascript($this->localAsset('editor.js'));
     }
 }
Beispiel #24
0
 function event_ExecuteEditor(&$data)
 {
     global $tree, $lang, $user, $config, $manager;
     if ($data['sheet'] == 'title') {
         $item =& $data['item'];
         $allow = false;
         $allow = $allow || $tree->_hasRights('admin', $item['rights']);
         if ($item['parent'] != '' && $item['parent'] != '0') {
             $parent =& $tree->getItemById($item['parent']);
             $allow = $allow || $tree->_hasRights('admin', $parent['rights']);
         }
         $errors = array();
         $tpl = new Template($this->getTemplate('editor.template'));
         if ($_SERVER['REQUEST_METHOD'] == 'POST') {
             if ($_POST['name'] != '') {
                 $unique = false;
                 $slug = isset($_POST['slug']) ? trim($_POST['slug']) : '';
                 if ($slug != '') {
                     $slug = strtolower($slug);
                     $slug = preg_replace('/(\\s+|_)/i', '-', $slug);
                     $slug = preg_replace('/[^a-z0-9\\-]/i', '', $slug);
                     if (preg_match('/^[0-9]+$/i', $slug)) {
                         $slug = 'item-' . $slug;
                     }
                     $base = explode('/', $GLOBALS['HASH_URLS'][$data['params']['id']]);
                     array_pop($base);
                     while (!$unique) {
                         $url = implode('/', array_merge($base, array($slug)));
                         if (isset($GLOBALS['HASH_IDS'][$url]) && $GLOBALS['HASH_IDS'][$url] != $data['params']['id']) {
                             if (preg_match('/^(.*)-([0-9]+)$/i', $slug, $matches)) {
                                 $slug = $matches[1] . '-' . (intval($matches[2]) + 1);
                             } else {
                                 $slug = $slug . '-2';
                             }
                         } else {
                             $unique = true;
                         }
                     }
                 }
                 $res = sql::query("\r\n\t\t\t\t\t\t\tUPDATE \r\n\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents \r\n\t\t\t\t\t\t\tSET \r\n\t\t\t\t\t\t\t\t`name` = '" . addslashes($_POST['name']) . "',\r\n\t\t\t\t\t\t\t\t`title` = '" . addslashes($_POST['title']) . "',\r\n\t\t\t\t\t\t\t\t`slug` = '" . addslashes($slug) . "'\r\n\t\t\t\t\t\t\tWHERE \r\n\t\t\t\t\t\t\t\t`ID` = '" . $item['id'] . "'\r\n\t\t\t\t\t\t");
                 header("Location: " . url::item($data['params']['id'], 'edit') . "/title");
                 exit;
             }
             $errors[] = $user->lang->s('titleempty');
         }
         $url = 'http://' . _BASE_DOMAIN_ . '/';
         if ($config->get('multiLanguageSupport')) {
             if (isset($item['language'])) {
                 $s = $item['language'];
             }
             if (isset($item['meta']['language'])) {
                 $s = $item['meta']['language'];
             }
             $url .= $s . '/';
         }
         $url .= $data['item']['parent'] ? $GLOBALS['HASH_URLS'][$data['item']['parent']] . '/' : '';
         $tpl->set('url', $url);
         $tpl->set('item', $data['item']);
         $tpl->set('id', $data['params']['id']);
         if (count($errors)) {
             $data['template']->append('error', implode(', ', $errors));
         }
         $data['template']->append('content', $tpl->fetch());
     }
 }