Example #1
0
function ajaxpreview($params)
{
    $gCms = cmsms();
    $urlext = '?' . CMS_SECURE_PARAM_NAME . '=' . $_SESSION[CMS_USER_KEY];
    $config = $gCms->GetConfig();
    $contentops = $gCms->GetContentOperations();
    $content_type = $params['content_type'];
    global $contentobj;
    if (!is_object($contentobj)) {
        debug_to_log('no content object');
        return;
    }
    // 	$contentobj = UnserializeObject($params["serialized_content"]);
    // 	if (strtolower(get_class($contentobj)) != strtolower($content_type))
    // 	{
    // 		copycontentobj($contentobj, $content_type, $params);
    // 	}
    updatecontentobj($contentobj, true, $params);
    $tmpfname = createtmpfname($contentobj);
    // str_replace is because of stupid windows machines.... when will they die.
    $_SESSION['cms_preview'] = str_replace('\\', '/', $tmpfname);
    $tmpvar = substr(str_shuffle(md5($tmpfname)), -3);
    $url = $config["root_url"] . '/index.php?' . $config['query_var'] . "=__CMS_PREVIEW_PAGE__&r={$tmpvar}";
    // temporary
    $objResponse = new xajaxResponse();
    $objResponse->assign("previewframe", "src", $url);
    $objResponse->assign("serialized_content", "value", SerializeObject($contentobj));
    $count = 0;
    foreach ($contentobj->TabNames() as $tabname) {
        $objResponse->script("Element.removeClassName('editab" . $count . "', 'active');Element.removeClassName('editab" . $count . "_c', 'active');\$('editab" . $count . "_c').style.display = 'none';");
        $count++;
    }
    $objResponse->script("Element.addClassName('edittabpreview', 'active');Element.addClassName('edittabpreview_c', 'active');\$('edittabpreview_c').style.display = '';");
    return $objResponse;
}
Example #2
0
function cms_shutdown_function()
{
    $error = error_get_last();
    if ($error['type'] == E_ERROR || $error['type'] == E_USER_ERROR) {
        $str = 'ERROR DETECTED: ' . $error['message'] . ' at ' . $error['file'] . ':' . $error['line'];
        debug_to_log($str);
        $db = cmsms()->GetDb();
        if (is_object($db)) {
            // put mention into the admin log
            audit('', 'ERROR', $str);
        }
    }
}
Example #3
0
 protected function handle_image_file($file_path, $fileobject)
 {
     parent::handle_image_file($file_path, $fileobject);
     // here we may do image handling, and other cruft.
     if (is_object($fileobject) && $fileobject->name != '') {
         $mod = cms_utils::get_module('FileManager');
         $parms = array();
         $parms['file'] = filemanager_utils::join_path(filemanager_utils::get_full_cwd(), $fileobject->name);
         debug_to_log('after uploaded file');
         if ($mod->GetPreference('create_thumbnails')) {
             $thumb = cms_utils::generate_thumbnail($parms['file']);
             if ($thumb) {
                 $params['thumb'] = $thumb;
             }
         }
         $str = $fileobject->name . ' uploaded to ' . filemanager_utils::get_full_cwd();
         if (isset($params['thumb'])) {
             $str .= ' and a thumbnail was generated';
         }
         audit('', $mod->GetName(), $str);
         $mod->SendEvent('OnFileUploaded', $parms);
     }
 }
Example #4
0
                $out->child = $rec['event_parent_id'];
                $out->candelete = 1;
            } else {
                if ($rec['event_recur_period'] && $rec['event_recur_period'] != 'none') {
                    // is a parent event of a recurring event
                    $out->title .= " (" . $this->Lang('repeats') . ')';
                    $out->recurs = 1;
                } else {
                    $out->candelete = 1;
                }
            }
            //$out->start = $db->UnixTimeStamp($rec['event_date_start']);
            //$out->end = $db->UnixTimeStamp($rec['event_date_end']);
            $out->start = $rec['event_date_start'];
            $out->end = $rec['event_date_end'];
            $out->allDay = $rec['event_all_day'] ? true : false;
            $out->edit_url = $this->create_url($id, 'admin_add_event', $returnid, array('event_id' => $rec['event_id']));
            $out->edit_url = str_replace('&', '&', $out->edit_url);
            $outlist[] = $out;
        } catch (Exception $e) {
            debug_to_log(__FILE__);
            debug_to_log($e->GetMessage());
        }
    }
    debug_to_log(__FILE__);
    debug_to_log($outlist);
    $out = json_encode($outlist);
    debug_to_log($out);
    echo $out;
}
exit;
Example #5
0
         foreach ($gCms->errors as $globalerror) {
             echo $globalerror;
         }
     } else {
         // attempt to redirect to the originally requested page
         $tmp = $_SESSION["redirect_url"];
         unset($_SESSION["redirect_url"]);
         if (strstr($tmp, CMS_SECURE_PARAM_NAME . '=') !== FALSE) {
             $the_url = new cms_url($tmp);
             $the_url->set_queryvar(CMS_SECURE_PARAM_NAME, $_SESSION[CMS_USER_KEY]);
             $tmp = (string) $the_url;
         }
         if (!strstr($tmp, '.php') || endswith($tmp, '/')) {
             // force the url to go to index.php
             $tmp = $config['admin_url'] . '/index.php?' . CMS_SECURE_PARAM_NAME . '=' . $_SESSION[CMS_USER_KEY];
             debug_to_log('change session var to ' . $tmp);
         }
         redirect($tmp);
     }
     unset($_SESSION["redirect_url"]);
 } else {
     if (isset($config) and $config['debug'] == true) {
         $url = 'index.php?' . CMS_SECURE_PARAM_NAME . '=' . $_SESSION[CMS_USER_KEY];
         echo "Debug is on.  Redirecting disabled...  Please click this link to continue.<br />";
         echo "<a href=\"{$url}\">{$url}</a><br />";
         foreach ($gCms->errors as $globalerror) {
             echo $globalerror;
         }
     } else {
         $homepage = get_preference($oneuser->id, 'homepage');
         // quick hacks to remove old secure param name from homepage url
Example #6
0
 /**
  * // LOGGING FUNCTIONS
  */
 protected function log($str)
 {
     debug_to_log($str);
 }
Example #7
0
                } else {
                    $out->candelete = 1;
                }
            }
            $out->start = $rec['event_date_start'];
            $out->end = $rec['event_date_end'];
            $out->allDay = $rec['event_all_day'] ? true : false;
            $parms = array('event_id' => $rec['event_id']);
            $parms['display'] = 'event';
            if ($eventtemplate) {
                $parms['eventtemplate'] = $eventtemplate;
            }
            $out->detail_url = $this->create_url('cntnt01', 'default', $detailpage, $parms);
            $out->detail_url = str_replace('&amp;', '&', $out->detail_url);
            if ($feu_uid && $rec['event_created_by'] == $feu_uid) {
                $parms = array('event_id' => $rec['event_id']);
                if ($editeventtemplate) {
                    $parms['editeventtemplate'] = $editeventtemplate;
                }
                $parms['return_id'] = $returnid;
                $out->edit_url = $this->create_url('cntnt01', 'addedit_event', $editpage, $parms);
                $out->edit_url = str_replace('&amp;', '&', $out->edit_url);
            }
            $outlist[] = $out;
        } catch (Exception $e) {
            debug_to_log(__FILE__);
            debug_to_log($e->GetMessage());
        }
    }
}
cge_utils::send_ajax_and_exit($outlist);
Example #8
0
             }
             // quick hack to remove old secure param name from homepage url
             $pos = strpos($homepage, '?_s_');
             if ($pos !== FALSE) {
                 $homepage = substr($homepage, 0, $pos);
             }
             $pos = strpos($homepage, CMS_SECURE_PARAM_NAME);
             if ($pos !== FALSE) {
                 $str = substr($homepage, $pos - 1, strlen(CMS_SECURE_PARAM_NAME) + strlen($_SESSION[CMS_USER_KEY]) + 2);
                 $rep = '?' . CMS_SECURE_PARAM_NAME . '=' . $_SESSION[CMS_USER_KEY];
                 $homepage = str_replace($str, $rep, $homepage);
             } else {
                 $homepage .= '?' . CMS_SECURE_PARAM_NAME . '=' . $_SESSION[CMS_USER_KEY];
             }
             $homepage = html_entity_decode($homepage);
             debug_to_log('redirect to homepage ' . $homepage);
             redirect($homepage);
         }
     }
     return;
     #redirect("index.php");
 } else {
     if (isset($_POST['loginsubmit'])) {
         //No error if changing languages
         $error .= lang('usernameincorrect');
         debug_buffer("Login failed.  Error is: " . $error);
         Events::SendEvent('Core', 'LoginFailed', array('user' => $_POST['username']));
         // put mention into the admin log
         $ip_login_failed = cms_utils::get_real_ip();
         audit('', "Admin Username: " . $username . ' (IP: ' . $ip_login_failed . ')', 'Login Failed');
         #Now call the event
Example #9
0
try {
    $event_id = (int) cge_utils::get_param($params, 'event_id');
    $delete_children = (int) cge_utils::get_param($params, 'delete_children', 0);
    // get the event (make sure it's valid, and we have permission to delete it, AND that it is not a parent)
    $query = 'SELECT * FROM ' . $this->events_table_name . ' WHERE event_id = ?';
    $parms = array($event_id);
    if (!is_null($userid)) {
        $query .= ' AND event_created_by = ?';
        $parms[] = $userid;
    }
    $event = $db->GetRow($query, array($event_id));
    if (!$event) {
        throw new Exception($this->Lang('error_eventnotfound'));
    }
    if (!$delete_children) {
        // now make sure it's not a parent (don't wanna leave orphaned events lying around)
        $query = 'SELECT event_id FROM ' . $this->events_table_name . ' WHERE event_parent_id = ?';
        $tmp = $db->GetOne($query, array($event_id));
        if ($tmp > 0) {
            throw new Exception($this->Lang('error_deleteparentevent'));
        }
    }
    // woot, we can delete the thing.
    cgcalendar_utils::delete_event($event_id);
    $result->status = 1;
} catch (Exception $e) {
    $result->msg = $e->GetMessage();
    debug_to_log('admin_ajax_deleteevent err ' . $e->GetMessage());
}
echo json_encode($result);
exit;
Example #10
0
                $oneurl = cms_join_path($config['root_path'], $oneurl);
            } else {
                $oneurl = $tmpurl;
            }
        }
    }
    if (!file_exists($oneurl)) {
        debug_to_log("file not found url: {$origurl} -  file:{$oneurl}");
        continue;
    }
    $contents = file_get_contents($oneurl);
    if (!$contents) {
        debug_to_log('unable to read: ' . $oneurl);
        continue;
    }
    debug_to_log('converted: ' . $origurl . ' to ' . $oneurl);
    $encoded = base64_encode($contents);
    $output .= "  <reference>\n";
    $output .= "    <refname>" . basename($oneurl) . "</refname>\n";
    $output .= "    <refencoded>1</refencoded>\n";
    $output .= "    <reflocation>{$oneurl}</reflocation>\n";
    $output .= "    <refdata><![CDATA[" . $encoded . "]]></refdata>\n";
    $output .= "  </reference>\n";
}
$smarty->left_delimiter = '{';
$smarty->right_delimiter = '}';
// and the theme tail
$output .= "</theme>\n";
// and spit it out
header('Content-Description: File Transfer');
header('Content-Type: application/force-download');
Example #11
0
if (!$ct) {
    $ct = 'text/html';
}
header("Content-Type: {$ct}; charset=" . get_encoding());
echo $html;
@ob_flush();
$endtime = microtime();
$db =& cmsms()->GetDb();
$memory = function_exists('memory_get_usage') ? memory_get_usage() : 0;
$memory = $memory - $orig_memory;
$memory_peak = function_exists('memory_get_peak_usage') ? memory_get_peak_usage() : 0;
if (!is_sitedown() && $config["debug"] == true) {
    echo "<p>Generated in " . microtime_diff($starttime, $endtime) . " seconds by CMS Made Simple using " . (isset($db->query_count) ? $db->query_count : '') . " SQL queries and {$memory} bytes of memory (peak memory usage was {$memory_peak})</p>";
} else {
    if (isset($config['show_performance_info']) && $showtemplate == true) {
        debug_to_log('performance info: ' . microtime_diff($starttime, $endtime) . " / " . (isset($db->query_count) ? $db->query_count : '') . " / {$memory} / {$memory_peak}");
        echo "<!-- " . microtime_diff($starttime, $endtime) . " / " . (isset($db->query_count) ? $db->query_count : '') . " / {$memory} / {$memory_peak} -->\n";
    }
}
if (is_sitedown() || $config['debug'] == true) {
    $smarty->clear_compiled_tpl();
    #$smarty->clear_all_cache();
}
if (!is_sitedown() && $config["debug"] == true) {
    #$db->LogSQL(false); // turn off logging
    # output summary of SQL logging results
    #$perf = NewPerfMonitor($db);
    #echo $perf->SuspiciousSQL();
    #echo $perf->ExpensiveSQL();
    #echo $sql_queries;
    foreach ($gCms->errors as $error) {
Example #12
0
        if ($event['event_date_end']) {
            $event['event_date_end'] = $db->UnixTimeStamp($event['event_date_end']) + $tdiff;
        }
    } else {
        $event['event_date_start'] = $db->UnixTimeStamp($event['event_date_start']);
        if ($tdiff < 0) {
            $event['event_date_start'] += $tdiff;
        } else {
            // if there is no end date yet.
            // we have to create one.
            $event['event_date_end'] = $db->UnixTimeStamp($event['event_date_end']);
            if ($event['event_date_end'] == 0) {
                $event['event_date_end'] = $event['event_date_start'] + 15 * 60;
            }
            // fifteen minutes if there is no end time.
            $event['event_date_end'] += $tdiff;
        }
    }
    $event['event_all_day'] = $allDay;
    debug_to_log('start date ' . strftime('%x %X', $event['event_date_start']));
    debug_to_log('end date ' . strftime('%x %X', $event['event_date_end']));
    // and save the thing.
    $query = 'UPDATE ' . $this->events_table_name . ' SET event_date_start = FROM_UNIXTIME(?), event_date_end = FROM_UNIXTIME(?), event_all_day = ?, event_modified_date = NOW()
              WHERE event_id = ?';
    $db->Execute($query, array($event['event_date_start'], $event['event_date_end'], $event['event_all_day'], $event['event_id']));
    $result->status = 1;
} catch (Exception $e) {
    $result->msg = $this->GetMessage();
}
echo json_encode($result);
exit;