function exponent_flow_set($access_level, $url_type) { global $SYS_FLOW_REDIRECTIONPATH; if ($access_level == SYS_FLOW_PUBLIC) { exponent_sessions_set($SYS_FLOW_REDIRECTIONPATH . '_flow_' . SYS_FLOW_PROTECTED . '_' . $url_type, 'http://' . HOSTNAME . $_SERVER['REQUEST_URI']); exponent_sessions_set($SYS_FLOW_REDIRECTIONPATH . '_flow_last_' . SYS_FLOW_PROTECTED, 'http://' . HOSTNAME . $_SERVER['REQUEST_URI']); } exponent_sessions_set($SYS_FLOW_REDIRECTIONPATH . '_flow_' . $access_level . '_' . $url_type, 'http://' . HOSTNAME . $_SERVER['REQUEST_URI']); exponent_sessions_set($SYS_FLOW_REDIRECTIONPATH . '_flow_last_' . $access_level, 'http://' . HOSTNAME . $_SERVER['REQUEST_URI']); }
<?php ################################################## # # Copyright (c) 2004-2006 OIC Group, Inc. # Written and Designed by James Hunt # # This file is part of Exponent # # Exponent is free software; you can redistribute # it and/or modify it under the terms of the GNU # General Public License as published by the Free # Software Foundation; either version 2 of the # License, or (at your option) any later version. # # GPL: http://www.gnu.org/licenses/gpl.txt # ################################################## // Part of the Extensions category if (!defined('EXPONENT')) { exit(''); } if (exponent_permissions_check('extensions', exponent_core_makeLocation('administrationmodule'))) { exponent_sessions_set('display_theme', $_GET['theme']); exponent_flow_redirect(); } else { echo SITE_403_HTML; }
function update($values, $object) { if ($object == null) { $object = new TimeControl(); $object->default = 0; //This will force the control to always show the current time as default } if ($values['identifier'] == "") { $i18n = exponent_lang_loadFile('subsystems/forms/controls/TimeControl.php'); $post = $_POST; $post['_formError'] = $i18n['id_req']; exponent_sessions_set("last_POST", $post); return null; } $object->identifier = $values['identifier']; $object->caption = $values['caption']; $object->showControl = isset($values['showControl']); return $object; }
function update($values, $object) { if (isset($values['_db_config'])) { $i18n = exponent_lang_loadFile('datatypes/sharedcore_site.php'); // Test configuration, and return NULL if it doesn't work. if (preg_match('/[^A-Za-z0-9]/', $values['db_table_prefix'])) { $post = $values; $post['_formError'] = $i18n['bad_prefix'] . '<br />'; exponent_sessions_set('last_POST', $post); return null; } $linkdb = exponent_database_connect($values['db_user'], $values['db_pass'], $values['db_host'] . ':' . $values['db_port'], $values['db_name'], $values['db_engine'], true); $linkdb->prefix = $values['db_table_prefix'] . '_'; if (!$linkdb->isValid()) { $post = $values; $post['_formError'] = $i18n['cant_connect'] . '<br />'; exponent_sessions_set('last_POST', $post); return null; } $status = $linkdb->testPrivileges(); $failed = false; $errors = ''; foreach ($status as $type => $flag) { if (!$flag) { $failed = true; $errors .= sprintf($i18n['perm_denied'], $type) . '<br />'; } } if ($failed) { $post = $values; $post['_formError'] = $errors; exponent_sessions_set('last_POST', $post); return null; } } $object->name = $values['name']; $object->core_id = $values['core_id']; if (!isset($object->id)) { $object->path = $values['path']; if ($object->path[0] != '/') { $object->path = '/' . $object->path; } if (substr($object->path, -1, 1) != '/') { $object->path = $object->path . '/'; } $object->relpath = $values['relpath']; if ($object->relpath[0] != '/') { $object->relpath = '/' . $object->relpath; } if (substr($object->relpath, -1, 1) != '/') { $object->relpath = $object->relpath . '/'; } $object->host = $values['host']; if (substr($object->host, 0, 7) != 'http://' && substr($object->host, 0, 8) != 'https://') { $object->host = 'http://' . $object->host; } if (substr($object->host, -1, 1) == '/') { $object->host = substr($object->host, 0, -1); } } return $object; }
<?php ################################################## # # Copyright (c) 2004-2006 OIC Group, Inc. # Written and Designed by James Hunt # # This file is part of Exponent # # Exponent is free software; you can redistribute # it and/or modify it under the terms of the GNU # General Public License as published by the Free # Software Foundation; either version 2 of the # License, or (at your option) any later version. # # GPL: http://www.gnu.org/licenses/gpl.txt # ################################################## if (!defined("EXPONENT")) { exit(""); } exponent_sessions_set("uilevel", 0); exponent_flow_redirect();
$post['_formError'] = "File is not a delimited text file."; exponent_sessions_set("last_POST",$post); header("Location: " . $_SERVER['HTTP_REFERER']); exit(""); } */ //split the line into its columns $fh = fopen(BASE . $directory . "/" . $file->filename, "r"); for ($x = 0; $x < $_POST["rowstart"]; $x++) { $lineInfo = fgetcsv($fh, 2000, $_POST["delimiter"]); } $colNames = array("none" => $i18n['col_none'], "username" => $i18n['col_username'], "password" => $i18n['col_password'], "firstname" => $i18n['col_firstname'], "lastname" => $i18n['col_lastname'], "email" => $i18n['col_email']); //Check to see if the line got split, otherwise throw an error if ($lineInfo == null) { $post['_formError'] = sprintf($i18n['delimiter_error'], $_POST["delimiter"]); exponent_sessions_set("last_POST", $post); header("Location: " . $_SERVER['HTTP_REFERER']); exit(""); } else { //initialize the for stuff exponent_forms_initialize(); //Setup the mete data (hidden values) $form = new form(); $form->meta("module", "importer"); $form->meta("action", "page"); $form->meta("page", "process"); $form->meta("rowstart", $_POST["rowstart"]); $form->meta("importer", "usercsv"); $form->meta("filename", $directory . "/" . $file->filename); $form->meta("delimiter", $_POST["delimiter"]); for ($i = 0; $i < count($lineInfo); $i++) {
################################################## // Part of the User Management category if (!defined('EXPONENT')) { exit(''); } if (exponent_permissions_check('user_management', exponent_core_makeLocation('administrationmodule'))) { if (!defined('SYS_USERS')) { require_once BASE . 'subsystems/users.php'; } if (isset($_POST['id'])) { // Existing user profile edit $g = exponent_users_getGroupById($_POST['id']); $g = exponent_users_groupUpdate($_POST, $g); exponent_users_saveGroup($g); exponent_flow_redirect(); } else { if (exponent_users_getGroupByName($_POST['name']) != null) { $i18n = exponent_lang_loadFile('modules/administrationmodule/actions/gmgr_savegroup.php'); $post = $_POST; $post['_formError'] = $i18n['name_taken']; exponent_sessions_set('last_POST', $post); header('Location: ' . $_SERVER['HTTP_REFERER']); } else { $g = exponent_users_groupUpdate($_POST, null); exponent_users_saveGroup($g); exponent_flow_redirect(); } } } else { echo SITE_403_HTML; }
function update($values, $object) { if ($object == null) { $object = new checkboxcontrol(); } if ($values['identifier'] == "") { $i18n = exponent_lang_loadFile('subsystems/forms/controls/checkboxcontrol.php'); $post = $_POST; $post['_formError'] = $i18n['id_required']; exponent_sessions_set("last_POST", $post); return null; } $object->identifier = $values['identifier']; $object->caption = $values['caption']; $object->default = isset($values['default']); $object->flip = isset($values['flip']); return $object; }
define('SCRIPT_FILENAME', 'edit_page.php'); ob_start(); include_once '../../../exponent.php'; if (!defined('SYS_THEME')) { include_once BASE . 'subsystems/theme.php'; } $id = -1; if (isset($_GET['sitetemplate_id'])) { exponent_sessions_set('sitetemplate_id', intval($_GET['sitetemplate_id'])); $id = intval($_GET['sitetemplate_id']); } else { if (exponent_sessions_isset('sitetemplate_id')) { $id = exponent_sessions_get('sitetemplate_id'); } } $template = $db->selectObject('section_template', 'id=' . $id); $page = $template && $template->subtheme != '' && is_readable(BASE . 'themes/' . DISPLAY_THEME . '/subthemes/' . $template->subtheme . '.php') ? 'themes/' . DISPLAY_THEME . '/subthemes/' . $template->subtheme . '.php' : 'themes/' . DISPLAY_THEME . '/index.php'; $i18n = exponent_lang_loadFile('modules/NavigationModule/actions/edit_page.php'); exponent_sessions_set('themeopt_override', array('src_prefix' => '@st' . $id, 'ignore_mods' => array('NavigationModule', 'LoginModule'), 'mainpage' => PATH_RELATIVE . 'modules/NavigationModule/actions/edit_page.php', 'backlinktext' => $i18n['back'])); #define('PREVIEW_READONLY',1); $REDIRECTIONPATH = 'section_template'; if ($user && $user->is_acting_admin == 1) { if (is_readable(BASE . $page)) { include_once BASE . $page; } else { echo sprintf($i18n['err_not_readable'], BASE . $page); } exponent_sessions_unset('themeopt_override'); } else { echo SITE_403_HTML; }
<?php ################################################## # # Copyright (c) 2004-2006 OIC Group, Inc. # Written and Designed by James Hunt # # This file is part of Exponent # # Exponent is free software; you can redistribute # it and/or modify it under the terms of the GNU # General Public License as published by the Free # Software Foundation; either version 2 of the # License, or (at your option) any later version. # # GPL: http://www.gnu.org/licenses/gpl.txt # ################################################## if (!defined("EXPONENT")) { exit(""); } $levels = exponent_sessions_get('uilevels'); exponent_sessions_set('uilevel', max(array_keys($levels))); exponent_flow_redirect();
function update($values, $object) { if ($values['identifier'] == "") { $post = $_POST; $i18n = exponent_lang_loadFile('subsystems/forms/controls/SelectMultipleControl.php'); $post['_formError'] = $i18n['id_req']; exponent_sessions_set("last_POST", $post); return null; } if (!defined("SYS_FORMS")) { require_once BASE . "subsystems/forms.php"; } exponent_forms_initialize(); if ($object == null) { $object = new SelectMultipleControl(); } $object->identifier = $values['identifier']; $object->caption = $values['caption']; $object->default = $values['default']; $object->items = SelectMultipleControl::parseData($values, 'items', true); $object->size = intval($values['size']) <= 0 ? 1 : intval($values['size']); $object->required = isset($values['required']); return $object; }
echo '</td></tr>'; } function echoFailure($msg = "") { global $i18n; echo '<span class="failed">' . $i18n['failed'] . '</span>'; if ($msg != "") { echo ' : ' . $msg; } echo '</td></tr>'; } function isAllGood($str) { return !preg_match("/[^A-Za-z0-9]/", $str); } exponent_sessions_set("installer_config", $_POST['c']); $config = $_POST['c']; $passed = true; if (preg_match('/[^A-Za-z0-9]/', $config['db_table_prefix'])) { echoFailure($i18n['bad_prefix']); $passed = false; } if ($passed) { $db = exponent_database_connect($config['db_user'], $config['db_pass'], $config['db_host'], $config['db_name'], $config['db_engine'], 1); $db->prefix = $config['db_table_prefix'] . '_'; $status = array(); echoStart($i18n['connecting'] . ':'); if ($db->connection == null) { echoFailure($db->error()); // FIXME:BETTER ERROR CHECKING $passed = false;
function update($values, $object) { if ($object == null) { $object = new textcontrol(); } if ($values['identifier'] == "") { $i18n = exponent_lang_loadFile('subsystems/forms/controls/textcontrol.php'); $post = $_POST; $post['_formError'] = $i18n['id_req']; exponent_sessions_set("last_POST", $post); return null; } $object->identifier = $values['identifier']; $object->caption = $values['caption']; $object->default = $values['default']; $object->size = intval($values['size']); $object->maxlength = intval($values['maxlength']); $object->required = isset($values['required']); return $object; }
# Exponent is free software; you can redistribute # it and/or modify it under the terms of the GNU # General Public License as published by the Free # Software Foundation; either version 2 of the # License, or (at your option) any later version. # # GPL: http://www.gnu.org/licenses/gpl.txt # ################################################## if (!defined('EXPONENT')) { exit(''); } $dest_dir = $_POST['dest_dir']; $files = array(); if (!defined('SYS_FILES')) { require_once BASE . 'subsystems/files.php'; } foreach (array_keys($_POST['mods']) as $mod) { $files[$mod] = array('', array()); if (class_exists($mod)) { $files[$mod][0] = call_user_func(array($mod, 'name')); } foreach (array_keys(exponent_files_listFlat($dest_dir . '/files/' . $mod, 1, null, array(), $dest_dir . '/files/' . $mod . '/')) as $file) { $files[$mod][1][$file] = exponent_files_canCreate(BASE . 'files/' . $mod . '/' . $file); } } exponent_sessions_set('dest_dir', $dest_dir); exponent_sessions_set('files_data', $files); $template = new template('importer', '_files_verifyFiles'); $template->assign('files_data', $files); $template->output();
# it and/or modify it under the terms of the GNU # General Public License as published by the Free # Software Foundation; either version 2 of the # License, or (at your option) any later version. # # GPL: http://www.gnu.org/licenses/gpl.txt # ################################################## if (!defined('EXPONENT')) { exit(''); } ob_start(); if (isset($_GET['redirecturl'])) { $redirect = urldecode($_GET['redirecturl']); if (substr($redirect, 0, 4) != 'http') { $redirect = URL_FULL . $redirect; } exponent_sessions_set('redirecturl', $redirect); } //$SYS_FLOW_REDIRECTIONPATH = 'loginredirect'; exponent_flow_set(SYS_FLOW_PUBLIC, SYS_FLOW_ACTION); if (exponent_sessions_loggedIn()) { header('Location: ' . exponent_sessions_get('redirecturl')); exit('Redirecting...'); } $i18n = exponent_lang_loadFile('modules/loginmodule/actions/loginredirect.php'); loginmodule::show('Default', null, $i18n['login']); $template = new template('loginmodule', '_login_redirect'); $template->assign('output', ob_get_contents()); ob_end_clean(); $template->output();
function update($values, $object) { if ($object == null) { $object = new popupdatetimecontrol(); $object->default = 0; } if ($values['identifier'] == "") { $i18n = exponent_lang_loadFile('subsystems/forms/controls/popupdatetimecontrol.php'); $post = $_POST; $post['_formError'] = $i18n['id_req']; exponent_sessions_set("last_POST", $post); return null; } $object->identifier = $values['identifier']; $object->caption = $values['caption']; $object->showtime = isset($values['showtime']); return $object; }
function update($values, $object) { if ($values['identifier'] == "") { $i18n = exponent_lang_loadFile('subsystems/forms/controls/listbuildercontrol.php'); $post = $_POST; $post['_formError'] = $i18n['id_req']; exponent_sessions_set("last_POST", $post); return null; } $object->identifier = $values['identifier']; $object->caption = $values['caption']; return $object; }
function update($values, $object) { if ($object == null) { $object = new radiogroupcontrol(); } if ($values['identifier'] == "") { $i18n = exponent_lang_loadFile('subsystems/forms/controls/radiogroupcontrol.php'); $post = $_POST; $post['_formError'] = $i18n['id_req']; exponent_sessions_set("last_POST", $post); return null; } if (!defined("SYS_FORMS")) { require_once BASE . "subsystems/forms.php"; } exponent_forms_initialize(); $object->identifier = $values['identifier']; $object->caption = $values['caption']; $object->default = $values['default']; $object->items = listbuildercontrol::parseData($values, 'items', true); $object->flip = isset($values['flip']); $object->cols = intval($values['cols']); $object->spacing = intval($values['spacing']); $object->required = isset($values['required']); return $object; }
# # This file is part of Exponent # # Exponent is free software; you can redistribute # it and/or modify it under the terms of the GNU # General Public License as published by the Free # Software Foundation; either version 2 of the # License, or (at your option) any later version. # # GPL: http://www.gnu.org/licenses/gpl.txt # ################################################## include_once dirname(realpath(__FILE__)) . '/exponent.php'; include_once dirname(realpath(__FILE__)) . '/subsystems/image.php'; $w = isset($_GET['w']) ? $_GET['w'] : 200; $h = isset($_GET['h']) ? $_GET['h'] : 50; $name = isset($_GET['name']) ? $_GET['name'] : 'capcha_string'; if (exponent_sessions_isset($name)) { $str = exponent_sessions_get($name); } else { $str = strtoupper(substr(md5(rand()), 17, 6)); exponent_sessions_set($name, $str); } if (intval($w) > 0 && intval($h > 0)) { $img = exponent_image_captcha($w, $h, $str); } if ($img) { $sizeinfo = array('mime' => 'image/png'); ob_end_clean(); exponent_image_output($img, $sizeinfo); }
} if (isset($_REQUEST['dest'])) { $source_select['dest'] = $_REQUEST['dest']; } else { if (!isset($source_select['dest'])) { $source_select['dest'] = null; } } if (isset($_REQUEST['hideOthers'])) { $source_select['hideOthers'] = $_REQUEST['hideOthers']; } else { if (!isset($source_select['hideOthers'])) { $source_select['hideOthers'] = 0; } } exponent_sessions_set('source_select', $source_select); $template = new standalonetemplate('orphaned_content'); ob_start(); // Include the orphans_modules action of the container, to get a list of modules types with orhpans. include_once BASE . 'modules/ContainerModule/actions/orphans_modules.php'; $template->assign('modules_output', ob_get_contents()); ob_end_clean(); if (isset($_GET['module'])) { ob_start(); // Include the orphans_content action of the container module, to show all modules of the specified type. include_once BASE . 'modules/ContainerModule/actions/orphans_content.php'; $template->assign('main_output', ob_get_contents()); $template->assign('error', ''); ob_end_clean(); } else { if ($db->countObjects('locationref', 'refcount = 0')) {
function exponent_permissions_load($user) { global $db, $exponent_permissions_r; // The $has_admin boolean will be flipped to true if the user has any administrate permission anywhere. // It will be used for figuring out the allowable UI levels. $has_admin = 0; // Clear the global permissions array; $exponent_permissions_r = array(); if ($user == null) { // If the user is not logged in, they have no permissions. return; } if ($user->is_acting_admin == 0) { // Retrieve all of the explicit user permissions, by user id foreach ($db->selectObjects('userpermission', 'uid=' . $user->id) as $obj) { if ($obj->permission == 'administrate') { $has_admin = 1; } $exponent_permissions_r[$obj->module][$obj->source][$obj->internal][$obj->permission] = 1; } // Retrieve all of the implicit user permissions (by virtue of group membership). foreach ($db->selectObjects('groupmembership', 'member_id=' . $user->id) as $memb) { foreach ($db->selectObjects('grouppermission', 'gid=' . $memb->group_id) as $obj) { if ($obj->permission == 'administrate') { $has_admin = 1; } $exponent_permissions_r[$obj->module][$obj->source][$obj->internal][$obj->permission] = 1; } } // Retrieve sectional admin status. // First, figure out what sections the user has permission to manage, through the NavigationModule permissions if (isset($exponent_permissions_r['NavigationModule']['']) && is_array($exponent_permissions_r['NavigationModule'][''])) { foreach ($exponent_permissions_r['NavigationModule'][''] as $id => $perm_data) { if ($perm_data['manage'] == 1) { // The user is allowed to manage sections. // Pull in all stuff for the section, using section ref. $sectionrefs = $db->selectObjects('sectionref', 'is_original=1 AND section=' . $id); foreach ($sectionrefs as $sref) { $sloc = exponent_core_makeLocation($sref->module, $sref->source); if (class_exists($sref->module)) { // In business, the module exists $perms = call_user_func(array($sref->module, 'permissions')); if ($perms == null) { $perms = array(); } // For good measure, since some mods return no perms. foreach ($perms as $perm => $name) { $exponent_permissions_r[$sloc->mod][$sloc->src][''][$perm] = 1; } } } } } } } exponent_sessions_set('permissions', $exponent_permissions_r); // Check perm stats for UI levels $ui_levels = array(); $i18n = exponent_lang_loadFile('subsystems/permissions.php'); if ($user->is_acting_admin == 1) { $ui_levels = array($i18n['preview'], $i18n['normal'], $i18n['perms'], $i18n['structure']); } else { if (count($exponent_permissions_r)) { $ui_levels = array($i18n['preview'], $i18n['normal']); } if ($has_admin) { $ui_levels[] = $i18n['perms']; } if (isset($exponent_permissions_r['ContainerModule']) && count($exponent_permissions_r['ContainerModule'])) { $ui_levels[] = $i18n['structure']; } } exponent_sessions_set('uilevels', $ui_levels); }
// After config config setup: // Put session stuff first. $user = null; // Initialize the Sessions Subsystem require_once BASE . 'subsystems/sessions.php'; // Initializes the session. This will populate the $user variable exponent_sessions_initialize(); if (!isset($_SERVER['QUERY_STRING'])) { $_SERVER['QUERY_STRING'] = ''; } // Create a REQUEST_URI for people who don't have one. // FIXME: Move this code (and other similar platform stuff) into a platform compat layer. // FIXME: $_SERVER['REQUEST_URI'] = SCRIPT_RELATIVE . SCRIPT_FILENAME . '?' . $_SERVER['QUERY_STRING']; if (isset($_REQUEST['section'])) { exponent_sessions_set('last_section', intval($_REQUEST['section'])); } if (!defined('DISPLAY_THEME')) { /* exdoc * The directory and class name of the current active theme. This may be different * than the configure theme (DISPLAY_THEME_REAL) due to previewing. */ define('DISPLAY_THEME', DISPLAY_THEME_REAL); } if (!defined('THEME_ABSOLUTE')) { /* exdoc * The absolute path to the current active theme's files. This is similar to the BASE constant */ define('THEME_ABSOLUTE', BASE . 'themes/' . DISPLAY_THEME . '/'); // This is the recommended way }
if ($section) { $old_parent = $section->parent; $check_id = $section->id; } } else { $check_id = $_POST['parent']; } if ($check_id != -1 && exponent_permissions_check('manage', exponent_core_makeLocation('NavigationModule', '', $check_id))) { $i18n = exponent_lang_loadFile('modules/NavigationModule/actions/save_internalalias.php'); // Update the section from the _POST data. $section = section::updateInternalAlias($_POST, $section); if ($section->active == 0) { // User tried to link to an inactive section. This makes little or no sense in // this context, so throw them back to the edit form, with an error message. $_POST['_formError'] = $i18n['internal_link_err']; exponent_sessions_set('last_POST', $_POST); header('Location: ' . $_SERVER['HTTP_REFERER']); exit(''); } if (isset($section->id)) { if ($section->parent != $old_parent) { // Old_parent id was different than the new parent id. Need to decrement the ranks // of the old children (after ours), and then add $section = section::changeParent($section, $old_parent, $section->parent); } // Existing section. Update the database record. // The 'id=x' WHERE clause is implicit with an updateObject if (isset($_SESSION['nav_cache']['kids'])) { unset($_SESSION['nav_cache']['kids']); } $db->updateObject($section, 'section');
<?php ################################################## # # Copyright (c) 2004-2006 OIC Group, Inc. # Written and Designed by James Hunt # # This file is part of Exponent # # Exponent is free software; you can redistribute # it and/or modify it under the terms of the GNU # General Public License as published by the Free # Software Foundation; either version 2 of the # License, or (at your option) any later version. # # GPL: http://www.gnu.org/licenses/gpl.txt # ################################################## if (!defined('EXPONENT')) { exit(''); } if ($user !== null) { exponent_sessions_set('uilevel', $_POST['level']); exponent_flow_redirect(); }