//
// $Id: page-previsualization.php,v 1.5 2010/03/08 16:41:19 sebastien Exp $
/**
* PHP page : page previsualization
* Used to view the page edited data.
*
* @package Automne
* @subpackage admin
* @author Antoine Pouch <*****@*****.**> &
* @author Sébastien Pauchet <*****@*****.**>
*/
require_once dirname(__FILE__) . '/../../cms_rc_admin.php';
$currentPage = sensitiveIO::request('currentPage', 'sensitiveIO::isPositiveInteger', CMS_session::getPageID());
$draft = sensitiveIO::request('draft') ? true : false;
//unset request to avoid it to have interaction with page code
sensitiveIO::unsetRequest(array('draft', 'currentPage'));
//CHECKS
if (!SensitiveIO::isPositiveInteger($currentPage)) {
die("Invalid page");
}
//view edited or edition mode ?
$cms_visual_mode = $draft ? PAGE_VISUALMODE_HTML_EDITION : PAGE_VISUALMODE_HTML_EDITED;
$cms_page = CMS_tree::getPageByID($currentPage);
if (!$cms_user->hasPageClearance($cms_page->getID(), CLEARANCE_PAGE_EDIT)) {
die('No rigths on page ...');
exit;
}
//unset vars to avoid interraction with page
unset($currentPage);
unset($draft);
echo $cms_page->getContent($cms_language, $cms_visual_mode);
// $Id: templates-rows.php,v 1.4 2010/03/08 16:41:22 sebastien Exp $
/**
* PHP page : template default rows
* Used to view and set the default template rows
*
* @package Automne
* @subpackage admin
* @author Antoine Pouch <*****@*****.**> &
* @author Sébastien Pauchet <*****@*****.**>
*/
require_once dirname(__FILE__) . '/../../cms_rc_admin.php';
define("MESSAGE_PAGE_TITLE", 852);
$view = CMS_view::getInstance();
$templateId = sensitiveIO::request('template', 'sensitiveIO::isPositiveInteger');
//unset request to avoid it to have interaction with page code
sensitiveIO::unsetRequest(array('template'));
//CHECKS
if (!SensitiveIO::isPositiveInteger($templateId)) {
die("Invalid template");
}
$template = CMS_pageTemplatesCatalog::getByID($templateId);
if (!is_object($template) || $template->hasError()) {
die("Invalid template or template error");
}
//RIGHTS CHECK
if (!$cms_user->hasAdminClearance(CLEARANCE_ADMINISTRATION_EDIT_TEMPLATES)) {
//templates
die("User has no rights on template edition");
}
$dummy_page = CMS_tree::getRoot();
$dummy_page->setTitle($cms_language->getMessage(MESSAGE_PAGE_TITLE, array($template->getLabel())), $cms_user);
//block flash
$width = sensitiveIO::request('flashwidth');
$height = sensitiveIO::request('flashheight');
$name = sensitiveIO::request('flashname');
$version = sensitiveIO::request('flashversion');
$params = sensitiveIO::request('flashparams');
$flashvars = sensitiveIO::request('flashvars');
$attributes = sensitiveIO::request('flashattributes');
//block image
$imagelink = sensitiveIO::request('imagelink');
$imagelabel = sensitiveIO::request('imagelabel');
$zoomname = sensitiveIO::request('zoomname');
//block link
$linktext = sensitiveIO::request('link');
//unset requests to avoid them to have interaction with evaluated page codes
sensitiveIO::unsetRequest(array_keys($_REQUEST));
//try to instanciate the requested page
$cms_page = CMS_tree::getPageByID($currentPage);
//instanciate page and check if user has view rights on it
if (isset($cms_page) && $cms_page->hasError()) {
CMS_grandFather::raiseError('Error on page : ' . $cms_page->getID());
$view->show();
}
//check for edit rights for user
if (!$cms_user->hasPageClearance($cms_page->getID(), CLEARANCE_PAGE_EDIT)) {
CMS_grandFather::raiseError('Error, user has no rights on page : ' . $cms_page->getID());
$view->show();
}
//check for lock
if ($cms_page->getLock() && $cms_page->getLock() != $cms_user->getUserId()) {
CMS_grandFather::raiseError('Page ' . $currentPage . ' is currently locked by another user and can\'t be updated.');
// $Id: page-content.php,v 1.5 2010/03/08 16:41:19 sebastien Exp $
/**
* PHP page : page previsualization
* Used to view the page edited data.
*
* @package Automne
* @subpackage admin
* @author Antoine Pouch <*****@*****.**> &
* @author Sébastien Pauchet <*****@*****.**>
*/
require_once dirname(__FILE__) . '/../../cms_rc_admin.php';
$cms_view = CMS_view::getInstance();
$currentPage = sensitiveIO::request('page', 'sensitiveIO::isPositiveInteger', CMS_session::getPageID());
$action = sensitiveIO::request('action');
//unset request to avoid it to have interaction with page code
sensitiveIO::unsetRequest(array('action', 'page'));
//CHECKS
if (!SensitiveIO::isPositiveInteger($currentPage)) {
die("Invalid page");
}
$cms_page = CMS_tree::getPageByID($currentPage);
if (!is_object($cms_page) || $cms_page->hasError()) {
die("Invalid page or page error");
}
//set page to context
CMS_session::setPage($cms_page);
//RIGHTS CHECK
if (!$cms_user->hasPageClearance($cms_page->getID(), CLEARANCE_PAGE_EDIT) || !$cms_user->hasModuleClearance(MOD_STANDARD_CODENAME, CLEARANCE_MODULE_EDIT)) {
die("User has no rights on page");
} elseif (!$action && !$cms_page->getLock()) {
$cms_page->lock($cms_user);
