trigger_error(sprintf("[ <b>%s</b> ] Can't include class.secure.php!", $_SERVER['SCRIPT_NAME']), E_USER_ERROR);
}
}
// end include class.secure.php
// prevent this file from being accessed directly
if (!(isset($_POST['page_id']) && isset($_POST['section_id']) && isset($_POST['action']) && isset($_POST['mod_dir']) && isset($_POST['edit_file']))) {
die(header('Location: index.php'));
}
// include the and admin wrapper script
require LEPTON_PATH . '/modules/admin.php';
// leave if the required module.functions.php file does not exist
if (!file_exists(LEPTON_PATH . '/framework/summary.module_edit_css.php')) {
echo 'The required file: /framework/summary.module_edit_css.php is missing - script stopped.';
die;
}
echo function_exists('registerEditArea') ? registerEditArea('code_area', 'css', false) : 'none';
// set default text output if varibles are not defined in the global WB language files
$HEADING_CSS_FILE = isset($GLOBALS['TEXT']['HEADING_CSS_FILE']) ? $GLOBALS['TEXT']['HEADING_CSS_FILE'] : 'Actual module file: ';
$TXT_EDIT_CSS_FILE = isset($GLOBALS['TEXT']['TXT_EDIT_CSS_FILE']) ? $GLOBALS['TEXT']['TXT_EDIT_CSS_FILE'] : 'Edit the CSS definitions in the textarea below.';
// include functions to edit the optional module CSS files (frontend.css, backend.css)
require_once LEPTON_PATH . '/framework/summary.module_edit_css.php';
// check if the module directory is valid
$mod_dir = $_POST['mod_dir'];
// check if action is: save or edit
if ($_POST['action'] == 'save' && mod_file_exists($mod_dir, $_POST['edit_file'])) {
/**
SAVE THE UPDATED CONTENTS TO THE CSS FILE
*/
$css_content = '';
if (isset($_POST['css_data']) && strlen($_POST['css_data']) > 0) {
$css_content = stripslashes($_POST['css_data']);
/* -------------------------------------------------------- */
// Must include code to stop this file being accessed directly
if (defined('WB_PATH') == false) {
die('Cannot access ' . basename(__DIR__) . '/' . basename(__FILE__) . ' directly');
}
/* -------------------------------------------------------- */
$admintool_link = ADMIN_URL . '/admintools/index.php';
// Get id
if (!$droplet_id) {
$admin->print_error('IDKEY::' . $MESSAGE['GENERIC_SECURITY_ACCESS'], $ToolUrl);
exit;
}
$modified_when = time();
$modified_by = $admin->ami_group_member('1') ? 1 : $admin->get_user_id();
require_once WB_PATH . '/include/editarea/wb_wrapper_edit_area.php';
echo registerEditArea('contentedit', 'php', true, 'both', true, true, 600, 450, 'search, fullscreen, |, undo, redo, |, select_font,|, highlight, reset_highlight, |, help');
$sOverviewDroplets = $TEXT['LIST_OPTIONS'] . ' ' . $DR_TEXT['DROPLETS'];
// Get header and footer
$sql = 'SELECT * FROM `' . TABLE_PREFIX . 'mod_droplets` ';
$sql .= 'WHERE `id` = ' . $droplet_id;
$query_content = $database->query($sql);
$fetch_content = $query_content->fetchRow(MYSQLI_ASSOC);
$content = htmlspecialchars($fetch_content['code']);
?>
<h4 style="margin: 0; border-bottom: 1px solid #DDD; padding-bottom: 5px;">
<a href="<?php
echo $admintool_link;
?>
" title="<?php
echo $HEADING['ADMINISTRATION_TOOLS'];
?>
// Must include code to stop this file being accessed directly
if (defined('WB_PATH') == false) {
die('Illegale file access /' . basename(__DIR__) . '/' . basename(__FILE__) . '');
}
/* -------------------------------------------------------- */
// check if module language file exists for the language set by the user (e.g. DE, EN)
$sAddonName = basename(__DIR__);
require WB_PATH . '/modules/' . $sAddonName . '/languages/EN.php';
if (file_exists(WB_PATH . '/modules/' . $sAddonName . '/languages/' . LANGUAGE . '.php')) {
require WB_PATH . '/modules/' . $sAddonName . '/languages/' . LANGUAGE . '.php';
}
$sModulName = basename(__DIR__);
if (!$admin->get_permission($sModulName, 'module')) {
die($MESSAGE['ADMIN_INSUFFICIENT_PRIVELLIGES']);
}
require WB_PATH . '/include/editarea/wb_wrapper_edit_area.php';
// Setup template object
$template = new Template(WB_PATH . '/modules/' . $sAddonName);
$template->set_file('page', 'htt/modify.htt');
$template->set_block('page', 'main_block', 'main');
// Get page content
$query = "SELECT content FROM `" . TABLE_PREFIX . "mod_code` WHERE `section_id` = '{$section_id}'";
$get_content = $database->query($query);
$content = $get_content->fetchRow(MYSQLI_ASSOC);
$content = htmlspecialchars($content['content']);
// Insert vars
$template->set_var(array('PAGE_ID' => $page_id, 'SECTION_ID' => $section_id, 'REGISTER_EDIT_AREA' => function_exists('registerEditArea') ? registerEditArea('content' . $section_id, 'php', false) : '', 'WB_URL' => WB_URL, 'CONTENT' => $content, 'TEXT_SAVE' => $TEXT['SAVE'], 'TEXT_CANCEL' => $TEXT['CANCEL'], 'SECTION' => $section_id, 'FTAN' => $admin->getFTAN()));
// Parse template object
$template->set_unknowns('keep');
$template->parse('main', 'main_block', false);
$template->pparse('output', 'page', false);
*
*/
if (!defined('WB_PATH')) {
require '../../config.php';
}
$admin = new admin('Pages', 'pages_intro');
$content = '';
$filename = WB_PATH . PAGES_DIRECTORY . '/intro' . PAGE_EXTENSION;
if (file_exists($filename) && filesize($filename) > 0) {
$content = file_get_contents($filename);
} else {
$content = file_get_contents(ADMIN_PATH . '/pages/html.php');
}
require_once WB_PATH . '/include/editarea/wb_wrapper_edit_area.php';
$toolbar = 'search, fullscreen, |, undo, redo, |, select_font, syntax_selection,|,word_wrap, highlight, reset_highlight, |,charmap, |, help';
echo registerEditArea('content', 'php', true, 'both', true, true, 600, 450, $toolbar);
function show_wysiwyg_editor($name, $id, $content, $width, $height)
{
echo '<textarea name="' . $name . '" id="' . $id . '" style="width: ' . $width . '; height: ' . $height . ';">' . $content . '</textarea>';
}
?>
<form action="intro2.php" method="post">
<?php
print $admin->getFTAN();
?>
<input type="hidden" name="page_id" value="{PAGE_ID}" />
<table cellpadding="0" cellspacing="0" border="0" class="form_submit">
<tr>
<td colspan="2">
<?php
show_wysiwyg_editor('content', 'content', $content, '100%', '500px');
/**
* Dialog zum Erstellen und Bearbeiten von Templates fuer Newsletter
*
* @return STR Dialog
*/
public function dlgTemplate()
{
global $dbNewsletterPreview;
global $dbNewsletterTemplates;
global $newsletterCommands;
global $parser;
// Bei Fehler sofort wieder raus...
if ($this->isError()) {
return false;
}
// Zurueck von der Vorschau? Daten holen...
if (isset($_REQUEST[dbKITnewsletterPreview::field_id]) && $_REQUEST[dbKITnewsletterPreview::field_id] != -1) {
$where = array();
$where[dbKITnewsletterPreview::field_id] = $_REQUEST[dbKITnewsletterPreview::field_id];
$prev = array();
if (!$dbNewsletterPreview->sqlSelectRecord($where, $prev)) {
$this->setError(sprintf('[%s - %s] %s', __METHOD__, __LINE__, $dbNewsletterPreview->getError()));
return false;
}
if (count($prev) < 1) {
// Datensatz nicht gefunden
$this->setError(sprintf(kit_error_item_id, $_REQUEST[self::request_id]));
return false;
}
$prev_array = explode(dbKITnewsletterPreview::array_separator, $prev[0][dbKITnewsletterPreview::field_view]);
$preview = array();
foreach ($prev_array as $item) {
list($key, $value) = explode(dbKITnewsletterPreview::array_separator_value, $item);
$preview[$key] = $value;
}
foreach ($preview as $key => $value) {
$_REQUEST[$key] = $value;
}
}
// Template ID gesetzt?
isset($_REQUEST[dbKITnewsletterTemplates::field_id]) ? $template_id = $_REQUEST[dbKITnewsletterTemplates::field_id] : ($template_id = -1);
$where = array();
$where[dbKITnewsletterTemplates::field_status] = dbKITnewsletterTemplates::status_active;
$templates = array();
if (!$dbNewsletterTemplates->sqlSelectRecord($where, $templates)) {
$this->setError(sprintf('[%s - %s] %s', __METHOD__, __LINE__, $dbNewsletterTemplates->getError()));
return false;
}
$template_select = sprintf('<option value="-1">%s</option>', kit_text_please_select);
foreach ($templates as $item) {
$item[dbKITnewsletterTemplates::field_id] == $template_id ? $selected = ' selected="selected"' : ($selected = '');
$template_select .= sprintf('<option value="%s"%s>%s</option>', $item[dbKITnewsletterTemplates::field_id], $selected, $item[dbKITnewsletterTemplates::field_name]);
}
$template_select = sprintf('<select id="%s" name="%s" onchange="javascript:addSelectToLink(\'%s\',\'%s\');">%s</select>', dbKITnewsletterTemplates::field_id, dbKITnewsletterTemplates::field_id, sprintf('%s&%s=%s%s&%s=', $this->page_link, self::request_action, self::action_template, defined('LEPTON_VERSION') && isset($_GET['leptoken']) ? sprintf('&leptoken=%s', $_GET['leptoken']) : '', dbKITnewsletterTemplates::field_id), dbKITnewsletterTemplates::field_id, $template_select);
if ($template_id != -1) {
$SQL = sprintf("SELECT * FROM %s WHERE %s='%s'", $dbNewsletterTemplates->getTableName(), dbKITnewsletterTemplates::field_id, $template_id);
$tpl = array();
if (!$dbNewsletterTemplates->sqlExec($SQL, $tpl)) {
$this->setError(sprintf('[%s - %s] %s', __METHOD__, __LINE__, $dbNewsletterTemplates->getError()));
return false;
}
if (count($tpl) < 1) {
$this->setError(sprintf(kit_error_newsletter_tpl_id_invalid, $template_id));
return false;
}
$tpl = $tpl[0];
} else {
// neuer Datensatz
$tpl = $dbNewsletterTemplates->getFields();
$tpl[dbKITnewsletterTemplates::field_id] = $template_id;
$tpl[dbKITnewsletterTemplates::field_status] = dbKITnewsletterTemplates::status_active;
}
$template_name = sprintf('<input type="text" name="%s" value="%s" />', dbKITnewsletterTemplates::field_name, isset($_REQUEST[dbKITnewsletterTemplates::field_name]) ? $_REQUEST[dbKITnewsletterTemplates::field_name] : $tpl[dbKITnewsletterTemplates::field_name]);
$template_desc = sprintf('<textarea name="%s" rows="2">%s</textarea>', dbKITnewsletterTemplates::field_description, isset($_REQUEST[dbKITnewsletterTemplates::field_description]) ? $_REQUEST[dbKITnewsletterTemplates::field_description] : $tpl[dbKITnewsletterTemplates::field_description]);
$template_html = sprintf('%s<textarea name="%s" id="%s" rows="20" style="width=98%%;">%s</textarea>', function_exists('registerEditArea') ? registerEditArea(dbKITnewsletterTemplates::field_html, 'html', false, 'both', true, true, 300, 300, 'default') : '', dbKITnewsletterTemplates::field_html, dbKITnewsletterTemplates::field_html, isset($_REQUEST[dbKITnewsletterTemplates::field_html]) ? $_REQUEST[dbKITnewsletterTemplates::field_html] : $tpl[dbKITnewsletterTemplates::field_html]);
$template_text = sprintf('<textarea name="%s" rows="20">%s</textarea>', dbKITnewsletterTemplates::field_text, isset($_REQUEST[dbKITnewsletterTemplates::field_text]) ? $_REQUEST[dbKITnewsletterTemplates::field_text] : $tpl[dbKITnewsletterTemplates::field_text]);
$template_status = '';
foreach ($dbNewsletterTemplates->status_array as $key => $value) {
$key == $tpl[dbKITnewsletterTemplates::field_status] ? $selected = ' selected="selected"' : ($selected = '');
$template_status .= sprintf('<option value="%s"%s>%s</option>', $key, $selected, $value);
}
$template_status = sprintf('<select name="%s">%s</select>', dbKITnewsletterTemplates::field_status, $template_status);
$form_name = 'template_form';
$commands = '';
$cmd_array = $newsletterCommands->cmd_array;
ksort($cmd_array);
foreach ($cmd_array as $key => $hint) {
$commands .= sprintf('<option value="%s" title="%s">%s</option>', $key, $this->lang->translate($hint), $key);
}
$commands = sprintf('<select name="%s" size="%d" onchange="editAreaLoader.insertTags(\'%s\', this.value, \'\');">%s</select>', self::request_command, count($cmd_array), dbKITnewsletterTemplates::field_html, $commands);
// intro oder meldung?
if ($this->isMessage()) {
$intro = sprintf('<div class="message">%s</div>', $this->getMessage());
} else {
$intro = sprintf('<div class="intro">%s</div>', kit_intro_newsletter_template);
}
$data = array('header' => kit_header_template, 'intro' => $intro, 'form_name' => $form_name, 'form_action' => $this->page_link, 'action_name' => self::request_action, 'action_value' => self::action_template_check, 'preview_name' => dbKITnewsletterPreview::field_id, 'preview_value' => -1, 'tid_name' => dbKITnewsletterTemplates::field_id, 'tid_value' => $template_id, 'template_select_label' => kit_label_newsletter_tpl_select, 'template_select' => $template_select, 'template_name_label' => kit_label_newsletter_tpl_name, 'template_name' => $template_name, 'template_description_label' => kit_label_newsletter_tpl_desc, 'template_description' => $template_desc, 'template_html_label' => kit_label_newsletter_tpl_html, 'template_html' => $template_html, 'template_text_label' => kit_label_newsletter_tpl_text, 'template_text' => $template_text, 'template_status_label' => kit_label_status, 'template_status' => $template_status, 'btn_preview' => $this->lang->translate('Preview'), 'btn_abort' => $this->lang->translate('Abort'), 'abort_location' => $this->page_link, 'header_commands' => kit_label_newsletter_commands, 'intro_commands' => kit_intro_newsletter_commands, 'commands' => $commands);
return $parser->get($this->template_path . 'backend.newsletter.template.htt', $data);
}
}
$filename = dirname(__FILE__) . '/templates/form_' . $template . '.htt';
if (!false == file_put_contents($filename, $data)) {
$admin->print_success($TEXT['SUCCESS'], ADMIN_URL . '/pages/modify.php?page_id=' . $page_id);
} else {
$admin->print_error($TEXT['ERROR'], ADMIN_URL . '/pages/modify.php?page_id=' . $page_id);
}
} else {
// $template = $admin->add_slashes($_GET['name']);
$template = addslashes($_GET['name']);
$filename = dirname(__FILE__) . '/templates/form_' . $template . '.htt';
$data = '';
if (file_exists($filename)) {
$data = file_get_contents($filename);
}
echo function_exists('registerEditArea') ? registerEditArea('code_area', 'html') : 'none';
?>
<form name="edit_module_file" action="<?php
echo $_SERVER['SCRIPT_NAME'];
?>
" method="post" style="margin: 0;">
<input type="hidden" name="page_id" value="<?php
echo $page_id;
?>
" />
<input type="hidden" name="section_id" value="<?php
echo $section_id;
?>
" />
<input type="hidden" name="action" value="save" />
<span><?php
/**
* edit a droplet
**/
function edit_droplet($id)
{
global $admin, $parser, $database, $MOD_DROPLET, $TEXT;
$groups = $admin->get_groups_id();
if ($id == 'new' && !is_allowed('Add_droplets', $groups)) {
$admin->print_error($MOD_DROPLET["You don't have the permission to do this"]);
} else {
if (!is_allowed('Modify_droplets', $groups)) {
$admin->print_error($MOD_DROPLET["You dont have the permission to do this"]);
}
}
$problem = NULL;
$info = NULL;
$problems = array();
if (isset($_POST['cancel'])) {
return list_droplets();
}
if ($id != 'new') {
$query = $database->query("SELECT * FROM " . TABLE_PREFIX . "mod_droplets WHERE id = '{$id}'");
$data = $query->fetchRow(MYSQL_ASSOC);
} else {
$data = array('name' => '', 'active' => 1, 'description' => '', 'code' => '', 'comments' => '');
}
if (isset($_POST['save']) || isset($_POST['save_and_back'])) {
// check the code before saving
if (!check_syntax(stripslashes($_POST['code']))) {
$problem = $MOD_DROPLET['Please check the syntax!'];
$data = $_POST;
$data['code'] = htmlspecialchars($data['code']);
} else {
// syntax okay, check fields and save
if ($admin->get_post('name') == '') {
$problems[] = $MOD_DROPLET['Please enter a name!'];
}
if ($admin->get_post('code') == '') {
$problems[] = $MOD_DROPLET['You have entered no code!'];
}
if (!count($problems)) {
$continue = true;
$title = addslashes($admin->get_post('name'));
$active = $admin->get_post('active');
$show_wysiwyg = $admin->get_post('show_wysiwyg');
$description = addslashes($admin->get_post('description'));
$tags = array('<?php', '?>', '<?');
$content = str_replace($tags, '', $admin->get_post('code'));
$comments = addslashes($admin->get_post('comments'));
$modified_when = time();
$modified_by = $admin->get_user_id();
if ($id == 'new') {
// check for doubles
$query = $database->query("SELECT * FROM " . TABLE_PREFIX . "mod_droplets WHERE name = '{$title}'");
if ($query->numRows() > 0) {
$problem = $MOD_DROPLET['There is already a droplet with the same name!'];
$continue = false;
$data = $_POST;
$data['code'] = stripslashes($_POST['code']);
} else {
$code = addslashes($content);
// generate query
$query = "INSERT INTO " . TABLE_PREFIX . "mod_droplets VALUES " . "(''," . "'{$title}', " . "'{$code}', " . "'{$description}', " . "'{$modified_when}', " . "'{$modified_by}', " . "'{$active}',1,1, '{$show_wysiwyg}', '{$comments}' )";
$result = $database->query($query);
if ($database->is_error()) {
echo "ERROR: ", $database->get_error();
}
}
} else {
// Update row
$database->query("UPDATE " . TABLE_PREFIX . "mod_droplets SET name = '{$title}', active = '{$active}', show_wysiwyg = '{$show_wysiwyg}', description = '{$description}', code = '" . addslashes($content) . "', comments = '{$comments}', modified_when = '{$modified_when}', modified_by = '{$modified_by}' WHERE id = '{$id}'");
// reload Droplet data
$query = $database->query("SELECT * FROM " . TABLE_PREFIX . "mod_droplets WHERE id = '{$id}'");
$data = $query->fetchRow(MYSQL_ASSOC);
}
if ($continue) {
// Check if there is a db error
if ($database->is_error()) {
$problem = $database->get_error();
} else {
if ($id == 'new' || isset($_POST['save_and_back'])) {
list_droplets($MOD_DROPLET['The Droplet was saved']);
return;
// should never be reached
} else {
$info = $MOD_DROPLET['The Droplet was saved'];
}
}
}
} else {
$problem = implode("<br />", $problems);
}
}
}
echo $parser->render('@droplets/edit.lte', array('LANG' => $MOD_DROPLET, 'problem' => $problem, 'info' => $info, 'data' => $data, 'id' => $id, 'name' => $data['name'], 'register_area' => registerEditArea('code'), 'TEXT' => $TEXT));
}
