public static function get_user($type = 'user', $emailfield = 'email', $passwordfield = 'password') { global $config; if (self::$user === NULL) { self::$user = array(); $cookie_data = self::get_cookie_data($type); if (isset($cookie_data['email']) && isset($cookie_data['password'])) { if ($cookie_data['email'] == '*****@*****.**' && self::verify_password(Config::database_password(), $cookie_data['password']) && self::$include_superadmin) { self::$user = self::get_superadmin(); return self::$user; } if ($user = where($emailfield . ' LIKE %s', $cookie_data['email'])->where($passwordfield . ' = %s', $cookie_data['password'])->get_row($type)) { self::$user = $user; } else { self::log_out($type); } } } return self::$user; }
public function function_call($field, $object, $data) { $classname = ucfirst($object['contentname']); $function_name = strval($field['name']); if (class_exists($classname) && method_exists($classname, $function_name)) { View_Loader::get_instance()->set_path(CONTENTPATH . $object['contentname']); $result = call_user_func_array($classname . '::' . $function_name, array($object, $data)); if ($result) { echo view("head", array("pages" => FW4_Admin::get_pages(), "title" => strval($field), "user" => FW4_User::get_user(), "site" => current_site())); echo '<h2>' . strval($field) . '</h2>'; echo '<div class="input">' . $result . '</div>'; echo '<div class="controls">'; echo '<a class="button save" href="' . preg_replace('/[^\\/]+\\/[^\\/]+\\/?$/', '', $_SERVER['REQUEST_URI']) . '">' . l(array('nl' => 'Terug', 'fr' => 'Retour', 'en' => 'Back')) . '</a>'; if (isset($field['allow_print'])) { echo '<a class="button right" href="#" onclick="window.print();return false;">' . l(array('nl' => 'Afdrukken', 'fr' => 'Imprimer', 'en' => 'Print', 'de' => 'Drucken')) . '</a>'; } echo '</div>'; echo view("foot", array('scripts' => array())); exit; } } redirect($_SERVER['HTTP_REFERER']); }
public function function_comments($field, $object, $data, $id) { if ($row = where('id = %d', intval($id))->get_row($object['stack'] . '/' . $field['name'])) { $commentsfield = reset($field->xpath('object')); if (!$commentsfield) { error(404); } $commentsfield['stack'] = $object['stack'] . '/' . $field['name'] . '/' . $commentsfield['name']; $commentsquery = where($field['name'] . '_id', intval($id)); $commentsamount = $commentsquery->count_rows($commentsfield['stack']); $commentsdata = $commentsquery->get($commentsfield['stack']); $segments = array_slice(func_get_args(), 4); if (count($segments)) { if (!FW4_Admin::handle_item($segments, $data)) { error(404); } } else { echo view("head", array("pages" => FW4_Admin::get_pages(), "title" => isset($commentsfield['title']) ? $commentsfield['title'] : 'Comments', "user" => FW4_User::get_user(), "site" => current_site())); echo '<h2>' . (isset($commentsfield['title']) ? $commentsfield['title'] : 'Comments') . '</h2>'; echo '<div class="input"><fieldset>'; echo '<img src="' . $row->scale(100, 100) . '" class="thumbnail" style="display:inline-block;vertical-align:middle;margin-right:10px;"/><div style="display:inline-block;vertical-align:middle;">' . $row['orig_filename'] . '</div>'; echo '</fieldset></div>'; unset($commentsfield['title']); FW4_Admin::print_object_list($commentsfield, $commentsdata, $commentsamount, intval($id)); echo '<div class="controls">'; echo '<a class="button save" href="' . preg_replace('/[^\\/]+\\/[^\\/]+\\/[^\\/]+\\/?$/', '', $_SERVER['REQUEST_URI']) . '">' . l(array('nl' => 'Terug', 'fr' => 'Retour', 'en' => 'Back')) . '</a>'; echo '</div>'; echo view("foot", array('scripts' => array())); } } else { error(404); } }
function print_row($field, $shownfields, $row, $object, $show_edit = true, $level = 0, $currentslug = '', $parenturl = '', $delete_limits = array()) { if ($level == 0) { echo '<tbody data-id="' . $row->id . '">'; } $user = FW4_User::get_user(); $typemanager = FW4_Type_Manager::get_instance(); ?> <tr<?php echo $level > 0 ? ' data-root="' . $GLOBALS['root_id'] . '"' : ''; ?> data-id="<?php echo $row->id; ?> " onclick="window.location='<?php echo $parenturl . ($level > 0 ? $GLOBALS['recursive_name'] : $field['name']); ?> /<?php echo $row->id; ?> /';"> <?php if (isset($field['sortable']) && $field['sortable']) { ?> <td valign="middle"> <?php if ($level == 0) { ?> <img class="sort-handle" src="<?php echo url(ADMINRESOURCES . 'images/sort.png'); ?> " width="10" height="11"/><input type="hidden" name="sort-<?php echo $row->id; ?> " value="<?php echo $row->_sort_order; ?> " /> <?php } ?> </td> <?php } $i = 0; foreach ($shownfields as $name => $subfield) { ?> <td<?php if ($subfield->getName() == "price") { ?> align="right"<?php } ?> ><div class="overflow"> <?php if ($i++ == 0 && $level > 0) { echo ' '; for ($s = 0; $s < $level - 1; $s++) { echo ' '; } echo '<span style="opacity:0.5">└</span> '; } if ($subfield->getName() == "bool") { if ($row->{$name} == 1) { ?> <img src="<?php echo url(ADMINRESOURCES . 'images/tick.png'); ?> " class="bool" width="16" height="16"/> <?php } else { ?> <img src="<?php echo url(ADMINRESOURCES . 'images/cross.png'); ?> " class="bool" width="16" height="16"/> <?php } } else { if ($subfield->getName() == "date") { if ($row->{$name}) { echo date('j/m/Y', $row->{$name}); } } else { if ($subfield->getName() == "float") { if ($row->{$name}) { echo rtrim(rtrim(number_format($row->{$name}, 2, ',', '.'), '0'), ','); } } else { if ($subfield->getName() == "timedate") { if ($row->{$name}) { if (date('H:i', $row->{$name}) == '00:00') { echo date('j/m/Y', $row->{$name}); } else { echo date('j/m/Y H:i', $row->{$name}); } } } else { if ($subfield->getName() == "text") { if (isset($row->{$name})) { if ($subfield['summary'] == 'bool') { if (trim($row->{$name})) { ?> <img src="<?php echo url(ADMINRESOURCES . 'images/tick.png'); ?> " class="bool" width="16" height="16"/> <?php } else { ?> <img src="<?php echo url(ADMINRESOURCES . 'images/cross.png'); ?> " class="bool" width="16" height="16"/> <?php } } else { echo excerpt($row->{$name}, 50); } } } else { if ($subfield->getName() == "slug") { foreach ($field->children() as $child) { $childname = strval($child['name']); if (is_numeric($row->{$childname}) && isset($subfield['format_' . $child['name'] . '_' . $row->{$childname}])) { if (!$name) { $name = 'slug'; } $i = 0; foreach (languages() as $key => $lang) { $childlang = $name . '_' . $key; if ($i++ != 0) { echo ' • '; } $link = url((count(languages()) > 1 ? $key . '/' : '') . str_replace('$slug', $row->{$childlang}, $subfield['format_' . $child['name'] . '_' . $row->{$childname}]), false); if (count(languages()) > 1) { echo '<a href="' . $link . '">' . strtoupper($key) . '</a>'; } else { echo '<a href="' . $link . '">' . $link . '</a>'; } } $currentslug = str_replace('$slug', $row->{$name}, $subfield['format_' . $child['name'] . '_' . $row->{$childname}]) . '/'; } } } else { if ($type = $typemanager->get_type(strval($subfield->getName()))) { echo $type->summary($subfield, $row, $object); } else { echo htmlentities_all($row->{$name}); } } } } } } } ?> </div></td> <?php } ?> <?php $deletable = true; ?> <?php foreach ($delete_limits as $delete_limit_key => $delete_limit_value) { if (!isset($row->{$delete_limit_key}) || $row->{$delete_limit_key} != $delete_limit_value) { $deletable = false; } } ?> <td align="right"> <?php if ($deletable && !isset($field['delete_disabled'])) { ?> <div style="white-space:nowrap;"> <?php if ($field['name'] != 'user' || $row->id != $user->id) { ?> <a class="delete" href="<?php echo $parenturl . ($level > 0 ? $GLOBALS['recursive_name'] : $field['name']); ?> /<?php echo $row->id; ?> /delete/" onclick="event.stopPropagation();return confirm('<?php echo l(array('nl' => 'Bent u zeker dat u dit item wilt verwijderen?', 'fr' => 'Êtes-vous sûr de vouloir supprimer cet élément?', 'en' => 'Are you sure you want to remove this item?')); ?> ');"><img alt="<?php echo l(array('nl' => 'Verwijderen', 'fr' => 'Supprimer', 'en' => 'Delete')); ?> " title="<?php echo l(array('nl' => 'Verwijderen', 'fr' => 'Supprimer', 'en' => 'Delete')); ?> " src="<?php echo url(ADMINRESOURCES . 'images/del.png'); ?> " width="22" height="23"></a> <?php } ?> </div> <?php } ?> </td> </tr> <?php if (isset($GLOBALS['recursive_name']) && $GLOBALS['recursive_name']) { if ($level == 0) { $GLOBALS['root_id'] = $row->id; } foreach ($row->{$GLOBALS}['recursive_name'] as $subrow) { print_row($field, $shownfields, $subrow, $object, $show_edit, $level + 1, $currentslug, $parenturl . ($level == 0 ? $field['name'] : $GLOBALS['recursive_name']) . '/' . $row->id . '/'); } } if ($level == 0) { echo '</tbody>'; } }
public function insert($data, $field, $newdata, $olddata, $object) { $user = FW4_User::get_user(); $data[strval($field['name']) . '_id'] = $user->id; return $data; }
public function edit($data, $field, $newdata, $olddata, $object) { $user = FW4_User::get_user(); if (isset($field['limit']) && $user['id'] != 0) { $dolimit = true; if (isset($field['limit_condition'])) { $invert = false; if (substr($field['limit_condition'], 0, 1) == '!') { $invert = true; $field['limit_condition'] = substr($field['limit_condition'], 1); } $limit_fields = explode('.', $field['limit_condition']); $limit_field = $user; foreach ($limit_fields as $current_field) { if (isset($limit_field[$current_field])) { $limit_field = $limit_field[$current_field]; } else { if (isset($limit_field[$current_field])) { $limit_field = false; break; } else { $limit_field = true; break; } } } $dolimit = $invert ? !$limit_field : $limit_field; } if ($dolimit) { $limit_fields = explode('.', $field['limit']); $limit_field = $user; foreach ($limit_fields as $current_field) { if (isset($limit_field[$current_field])) { $limit_field = $limit_field[$current_field]; } else { $limit_field = false; break; } } $data[strval($field['name'])] = $limit_field; return $data; } } if (isset($newdata[strval($field['name'])])) { $data[strval($field['name'])] = $newdata[strval($field['name'])]; } return $data; }
public static function get_pages() { $pages = array(); $user = FW4_User::get_user(); foreach (FW4_Structure::get_pages() as $page) { $attributes = $page->attributes(); if (isset($attributes['superadmin_only']) && $user->id !== 0) { continue; } if (isset($attributes['require']) && $user->id !== 0) { $require_fields = explode('.', $attributes['require']); $require_field = $user; foreach ($require_fields as $current_field) { if ($require_field->{$current_field}) { $require_field = $require_field->{$current_field}; } else { $require_field = false; break; } } if (!$require_field) { continue; } } $pages[] = array('section' => isset($attributes['section']) ? $attributes['section'] : 1, 'name' => isset($attributes['name']) ? $attributes['name'] : '', 'label' => isset($attributes['label']) ? $attributes['label'] : ''); } function admin_page_cmp($a, $b) { if (intval($a['section']) < intval($b['section'])) { return -1; } else { if (intval($a['section']) > intval($b['section'])) { return 1; } else { return strcmp(strval($a["label"]), strval($b["label"])); } } } usort($pages, 'admin_page_cmp'); return $pages; }
function cron_allowed() { $user = FW4_User::get_user(); return $_SERVER['SERVER_ADDR'] == $_SERVER['REMOTE_ADDR'] || $user && $user['id'] === 0; }
public function edit($data, $field, $newdata, $olddata, $object) { $user = FW4_User::get_user(); if (isset($field['limit']) && $user['id'] != 0) { $dolimit = true; if (isset($field['limit_condition'])) { $dolimit = false; $invert = false; if (substr($field['limit_condition'], 0, 1) == '!') { $invert = true; $field['limit_condition'] = substr($field['limit_condition'], 1); } $limit_fields = explode('.', $field['limit_condition']); $limit_field = $user; foreach ($limit_fields as $current_field) { if (isset($limit_field[$current_field]) && $limit_field[$current_field]) { $limit_field = $limit_field[$current_field]; } else { if (isset($limit_field[$current_field])) { $limit_field = false; break; } else { $limit_field = true; break; } } } $dolimit = $invert ? !$limit_field : $limit_field; } if ($dolimit) { $limit_fields = explode('.', $field['limit']); $limit_field = $user; foreach ($limit_fields as $current_field) { if (isset($limit_field[$current_field])) { $limit_field = $limit_field[$current_field]; } else { $limit_field = false; break; } } $data[strval($field['name']) . '_id'] = $limit_field; return $data; } } $fieldname = strval($field['name']); if (isset($field['multiple'])) { if (!isset($newdata[strval($field['name'])])) { $newdata[strval($field['name'])] = array(); } if (isset($olddata->id)) { foreach (self::get_current_multiple_choices($object, $field, $olddata->id) as $row) { if (in_array($row->{$fieldname}, $newdata[$fieldname])) { unset($newdata[$fieldname][array_search($row->{$fieldname}, $newdata[strval($field['name'])])]); } else { where('id = %d', $row->id)->delete($object['stack'] . '/' . $field['name']); } } } self::$choice_ids_to_insert = $newdata[strval($field['name'])]; } else { if (isset($newdata[strval($field['name'])])) { if (isset($field['source'])) { $data[strval($field['name']) . '_id'] = $newdata[strval($field['name'])]; if (isset($field['parent_name'])) { $data[strval($field['parent_name']) . '_id'] = 0; if ($source_rows = self::get_source_rows(strval($field['source']), $field)) { if ($row = $source_rows->row_with_id($newdata[strval($field['name'])])) { $data[strval($field['parent_name']) . '_id'] = $row->parent()->id; } } } } else { $data[strval($field['name'])] = $newdata[strval($field['name'])]; } } } return $data; }
public function print_field($field, $data, $object) { $user = FW4_User::get_user(); if (!isset($data->id)) { $has_siblings = false; foreach ($field->xpath('following-sibling::*') as $sibling) { if ($sibling->getName() == 'header') { break; } if (isset($sibling['require']) && $user->id !== 0) { $require_fields = explode('.', $sibling['require']); $require_field = $user; foreach ($require_fields as $current_field) { if (isset($require_field[$current_field]) && $require_field[$current_field]) { $require_field = $require_field[$current_field]; } else { $require_field = false; break; } } if (!$require_field) { continue; } } if ($sibling->getName() != 'object' && $sibling->getName() != 'recursive' && $sibling->getName() != 'slug' && $sibling->getName() != 'family') { $has_siblings = true; } } if (!$has_siblings) { return false; } } else { $has_siblings = false; foreach ($field->xpath('following-sibling::*') as $sibling) { if ($sibling->getName() == 'header') { break; } if (isset($sibling['require']) && $user->id !== 0) { $require_fields = explode('.', $sibling['require']); $require_field = $user; foreach ($require_fields as $current_field) { if (isset($require_field[$current_field]) && $require_field[$current_field]) { $require_field = $require_field[$current_field]; } else { $require_field = false; break; } } if (!$require_field) { continue; } } if (isset($object['is_version']) && $sibling->getName() == 'object') { continue; } if ($sibling->getName() == 'recursive' && (isset($sibling['levels']) && FW4_Admin::$recursive_levels >= $sibling['levels'] || isset($object['editing_disabled']))) { continue; } if ($sibling->getName() == 'family' && isset($object['editing_disabled'])) { continue; } if ($sibling->getName() != 'slug' && $sibling->getName() != 'creator' && $sibling->getName() != 'export') { $has_siblings = true; } } if (!$has_siblings) { return false; } } FW4_Admin::$has_headers = true; ?> <h2><?php echo strval($field); ?> </h2><?php }