/**
*
*/
function contentGenerator($template)
{
if (!user_allowed_to('manage site')) {
return $template;
}
// create XML with admin panel description
$xml = new DOMDocument('1.0', 'utf-8');
$root_node = $xml->createElement('admin-buttons');
$xml->appendChild($root_node);
// detect active module_definition. no active module means some content is displayd
$root_node->appendChild($xml->createElement('active-module'))->nodeValue = isset($_GET['module']) ? $_GET['module'] : '';
$root_node->appendChild($xml->createElement('cms-settings-phantom'))->nodeValue = self::CMS_SETTINGS_MODULE_PHANTOM;
$root_node->appendChild($xml->createElement('active-page'))->nodeValue = isset($_GET['p_id']) ? $_GET['p_id'] : '';
$root_node->appendChild($xml->createElement('edit-mode'))->nodeValue = isset($_GET['edit']) ? 'yes' : 'no';
$root_node->appendChild($xml->createElement('show-config-link'))->nodeValue = empty($_GET['module']) || empty(CMS::$cache[$_GET['module']]['config']['config']) ? 'no' : 'yes';
// get all modules' admin buttons, where exists
foreach (CMS::$cache as $module_name => $module) {
if (in_array($module_name, CMS::$R['modules_apply_order']) && isset($module['config']['admin_caption']) && $module['config']['admin_caption'] > '') {
$root_node->appendChild($button_node = $xml->createElement('button'));
$button_node->appendChild($xml->createElement('caption'))->nodeValue = $module['config']['admin_caption'];
$button_node->appendChild($xml->createElement('module-name'))->nodeValue = $module_name;
}
}
// if any module requests admin part, replace all the content with module's admin code and add CSS/JS
// otherwise, display page editorial buttons // TAG_TODO move them to content module
if (isset($_GET['module']) && isset(CMS::$cache[$_GET['module']]) && isset($_GET['action']) && $_GET['action'] == 'manage') {
$module_name = $_GET['module'];
module_init($module_name);
$module = CMS::$cache[$module_name];
// replace content
$template = preg_replace('~<body(.*?)>.*</body>~smui', '<body$1><div class="admin-content">' . $module['object']->AdminGenerator() . '</div></body>', $template, 1);
$template = preg_replace(macro_regexp('page_title'), 'администрирование: "' . CMS::$cache[$_GET['module']]['config']['comment'] . '"', $template, 1);
// remove user's CSS from template
$template = preg_replace('~<link[^>]*rel="stylesheet"[^>]*href="(\\./|)userfiles[^">]*"[^>]*>~', '', $template);
$template = preg_replace('~<link[^>]*href="(\\./|)userfiles[^">]*"[^>]*rel="stylesheet"[^>]*>~', '', $template);
// also add module's admin CSSes and scripts
add_CSS(get_array_value($module['config'], 'admin_css', array()), MODULES_DIR . $module_name . '/');
add_JS(get_array_value($module['config'], 'admin_js', array()), MODULES_DIR . $module_name . '/');
}
// add button box to the template
$admin_box_html = XSLTransform($xml->saveXML($root_node), __DIR__ . '/admin_box.xsl');
$template = preg_replace('~<body(.*?)>~', '<body$1>' . $admin_box_html, $template, 1);
return $template;
}
function create_module_help_links()
{
ini_set('include_path', './PEAR');
include_once 'lib/cms.php';
include_once 'lib/common.php';
include_once 'lib/module_base_class.php';
include_once 'lib/xml_to_array.php';
global $modules_apply_order;
// usort($modules_apply_order, 'module_sorter');
$result = '';
foreach ($modules_apply_order as $module) {
if (module_init($module)) {
$link = MODULES_DIR . $module . '/help/help.html';
if (file_exists($link)) {
$caption = CMS::$cache[$module]['config']['comment'];
$result .= '<a class="big-link" href="./help.php?path=' . $module . '" alt="' . $module . '">' . $caption . ' (' . $module . ')</a><br />';
}
}
}
return $result;
}
/**
* AJAX!
*
*/
function AJAXHandler()
{
$input_filter = array('id' => array('filter' => FILTER_VALIDATE_REGEXP, 'options' => array('regexp' => '~^-?[0-9]+$~ui')), 'action' => array('filter' => FILTER_VALIDATE_REGEXP, 'options' => array('regexp' => '~^[a-zA-Z0-9\\_\\-]+$~ui')));
$_INPUT = get_filtered_input($input_filter, array(FILTER_GET_BY_LIST));
// default responce
$response = 'unknown function';
switch ($_INPUT['action']) {
// add/edit dialog
case 'edit_elem':
if (!user_allowed_to('manage news')) {
terminate('Forbidden', '', 403);
}
// what to edit
if ($_INPUT['id'] == '') {
return 'bad ID';
}
module_init('menu');
// get element description
$q = CMS::$DB->query("select id, caption, link, page, streams, summary from `{$this->CONFIG['table']}` where id={$_INPUT['id']}");
$row = $q->fetch(PDO::FETCH_ASSOC);
$row['id'] = $_INPUT['id'];
$xml = array_to_xml($row, array('news-edit-data'));
// add pages list
$xml->documentElement->appendChild($xml->importNode(aliasCatchersAsXML(array('root' => 'page-list'))->documentElement, true));
return XSLTransform($xml->saveXML($xml->documentElement), __DIR__ . '/edit.xsl');
break;
}
return $response;
}
* @param mixed $test_only_this force test only one directory and return false if not mached
* @return array|false directory description if anything found, false if not
*/
private function getUserFolderParams($filename, $test_only_this = false)
{
$userfiles_dirs = $this->getDirectoriesDescription();
foreach ($userfiles_dirs as $type => $dir) {
// full regexp may be either full path or only filename
// full-path version needed for editing and deleting
$dir_path_regexp_mod = preg_replace('~([./\\\\])~', '\\\\$1', $dir['dir']);
$regexp = "~^(|{$dir_path_regexp_mod}){$dir['regexp_filename']}\$~ui";
if (preg_match($regexp, $filename) && ($test_only_this === false || $test_only_this == $type)) {
return $dir;
}
}
return false;
}
/**
* Creates list of manageable directories - from common list in common.php and module config
*
* @return array directories definition structure, refer lib/common.php for the sample
*/
die(mysql_error());
}
// Connect to session
session_start();
// Escape all http parameters
$esc_get = array();
foreach ($_GET as $k => $v) {
$esc_get[$k] = mysql_real_escape_string($v);
}
$esc_post = array();
foreach ($_POST as $k => $v) {
$esc_post[$k] = mysql_real_escape_string($v);
}
// Initialize error array
if (empty($_SESSION['errorList'])) {
$_SESSION['errorList'] = array();
}
// Initialize message array
if (empty($_SESSION['messageList'])) {
$_SESSION['messageList'] = array();
}
// Initialize member filter array
if (empty($_SESSION['member_filter'])) {
$_SESSION['member_filter'] = array();
}
// Initialize the sytlesheet and script list
$core_stylesheets = array();
$core_scripts = array();
// Initialize module system
module_init();
/**
* SMS.ru notification service responder
*
*/
private function parseNotificatorMessage($data)
{
if (!is_array($data)) {
return false;
}
module_init('db');
$DB = CMS::$cache['db']->DB;
$DB->exec('begin transaction');
$statement = $DB->prepare("update sms set status_text = :status_text where sms_id = :sms_id");
foreach ($data as $string) {
$result = preg_split('~[\\x0A\\x0D]+~smui', $string);
if (!is_array($result)) {
continue;
}
if ($result[0] == 'sms_status' && preg_match('~^[0-9]+\\-[0-9]+$~', $result[1]) && preg_match('~^[0-9]+$~', $result[2])) {
$statement->bindValue(':sms_id', $result[1]);
$statement->bindValue(':status_text', $result[2] . ' ' . isset(self::$status_messages[$result[2]]) ? self::$status_messages[$result[2]] : '*** неизвестный статус ***');
$statement->execute();
if ($result[2] == '103') {
$delivered = date('Y.m.d H:i:s');
$DB->exec("update sms set delivered = '{$delivered}' where sms_id = '{$result[1]}'");
}
}
}
$DB->exec('commit transaction');
}
require_once 'lib/security.php';
login_logout();
logthis('security applied');
// check input for intersected keys
if (count(array_intersect_key($_POST, $_GET)) > 0) {
terminate('POST and GET has duplicate keys', 'POST and GET has duplicate keys', 403);
}
// AJAX-proxy mode: just call special function and return its output, skipping normal flow
if ($module_name = isset($_POST['ajaxproxy']) ? $_POST['ajaxproxy'] : (isset($_GET['ajaxproxy']) ? $_GET['ajaxproxy'] : false)) {
module_init($module_name);
echo CMS::$cache[$module_name]['object']->AJAXHandler();
terminate();
}
// init modules
foreach ($modules_apply_order as $module_name) {
module_init($module_name);
}
// well, this is main template, we will transform it
$template = file_get_contents('userfiles/template/template.html');
// immediately add core libraries and stylesheets to ensure their minimal priority
add_JS(array('lib/jquery.js', 'lib/jquery-ui.js', 'lib/jquery.tablesorter.min.js', 'tinymce/tinymce.min.js', 'tinymce/jquery.tinymce.min.js', 'lib/lib.js'));
add_CSS(array('lib/jquery-ui.css', 'lib/tablesorter.css', 'lib/bootstrap.min.css', 'lib/core.css'));
// first loop: add modules' CSS and JS links
foreach ($modules_apply_order as $module_name) {
// check if module OK
if (!isset(CMS::$cache[$module_name])) {
logthis('module description not loaded: ' . $module_name, ZLogger::LOG_LEVEL_WARNING);
continue;
}
// also module may be disabled
if (get_array_value(CMS::$cache[$module_name]['config'], 'disabled', false) === true) {
