/** * check for csrfs * @param string $action action to pass to check_nonce * @param string $file file to pass to check_nonce * @param bool $die if false return instead of die * @return */ function check_for_csrf($action, $file = "", $die = true) { // check for csrf if (!getDef('GSNOCSRF', true) || GSNOCSRF == FALSE) { $nonce = $_REQUEST['nonce']; if (!check_nonce($nonce, $action, $file)) { if ($die) { die("CSRF detected!"); } return true; } } }
/** * update plugin_info with additional info from api */ function plugin_info_update() { global $plugin_info; foreach ($plugin_info as $key => $plugin) { $api_data = json_decode(get_api_details('plugin', $key . '.php', getDef('GSNOPLUGINCHECK', true))); // on api success if (is_object($api_data) && $api_data->status == 'successful') { $apiver = $api_data->version; $apipath = $api_data->path; $apiname = $api_data->name; $plugin_info[$key]['name'] = $apiname; // $plugin_info[$key]['apiname'] = $apiname; $plugin_info[$key]['apipath'] = $apipath; $plugin_info[$key]['apiver'] = $apiver; } } }
/** * check for csrfs * @param string $action action to pass to check_nonce * @param string $file file to pass to check_nonce * @param bool $die if false return instead of die * @return bool returns true if csrf check fails */ function check_for_csrf($action, $file = "", $die = true) { // check for csrf if (!getDef('GSNOCSRF', true)) { $nonce = $_REQUEST['nonce']; if (!check_nonce($nonce, $action, $file)) { exec_action('csrf'); // @hook csrf a csrf was detected if (requestIsAjax()) { $error = i18n_r("CSRF", "CRSF Detected!"); echo "<div>"; // jquery bug will not parse 1 html element so we wrap it include 'template/error_checking.php'; echo "</div>"; die; } if ($die) { die(i18n_r("CSRF", "CRSF Detected!")); } return true; } } }
$htmleditor = ''; } # check to see if passwords are changing if (isset($_POST['sitepwd'])) { $pwd1 = $_POST['sitepwd']; } if (isset($_POST['sitepwd_confirm'])) { $pwd2 = $_POST['sitepwd_confirm']; } // do password checking if ($pwd1 != $pwd2 || $adding === true && (empty($pwd1) || $pwd1 !== $pwd2)) { # passwords do not match if changing or adding users passwords $error = i18n_r('PASSWORD_NO_MATCH'); $password = ''; } else { if ($pwd1 != '' && strlen($pwd1) < getDef('GSPASSLENGTHMIN')) { # password cannot be shorter than GSPASSLENGTH $error = i18n_r('PASSWORD_TOO_SHORT'); $password = ''; } else { if ($pwd1 != '') { # password changed $newpassword = $pwd1; // set new password exec_action('profile-password-changed'); // @hook profile-password-changed a users password was changed $password = passhash($newpassword); // set new password } } }
// @hook header backend before html head closes ?> <noscript> <style> .tab{ display:block; clear:both;} .tab fieldset legend{ display: block; } #cm_themeselect, #cm_themeselect_label { display:none;} #theme_filemanager ul ul { display: block; } </style> </noscript> </head> <?php $headerclass = getDef('GSHEADERCLASS', true) ? getDef('GSHEADERCLASS') : ''; ?> <body <?php filename_id(); echo ' class="' . $bodyclass . '"'; ?> > <div class="header <?php echo $headerclass; ?> " id="header" > <div class="wrapper clearfix"> <?php exec_action('header-body'); // @hook header-body backend header body wrapper html
echo find_accesskey(i18n_r('MENU_MANAGER')); ?> " <?php check_menu('menu-manager'); ?> ><?php i18n('MENU_MANAGER'); ?> </a></li> <?php exec_action("pages-sidebar"); // @hook pages-sidebar sidebar list html output ?> </ul> <p id="js_submit_line" ></p> <?php if (get_filename_id() === 'edit') { ?> <?php if (getDef('GSAUTOSAVE')) { ?> <p id="autosavestatus"><?php echo sprintf(i18n_r("AUTOSAVE_STATUS"), getDef('GSAUTOSAVE')); ?> </p> <p id="autosavenotify"></p> <?php } }
} else { echo '<tr><td>SimpleXML Module</td><td><span class="OKmsg" >' . i18n_r('INSTALLED') . ' - ' . i18n_r('OK') . '</span></td></tr>'; } if (server_is_apache()) { echo '<tr><td>Apache web server</td><td><span class="OKmsg" >' . $_SERVER['SERVER_SOFTWARE'] . ' - ' . i18n_r('OK') . '</span></td></tr>'; if (function_exists('apache_get_modules')) { if (!in_arrayi('mod_rewrite', apache_get_modules())) { echo '<tr><td>Apache Mod Rewrite</td><td><span class="WARNmsg" >' . i18n_r('NOT_INSTALLED') . ' - ' . i18n_r('WARNING') . '</span></td></tr>'; } else { echo '<tr><td>Apache Mod Rewrite</td><td><span class="OKmsg" >' . i18n_r('INSTALLED') . ' - ' . i18n_r('OK') . '</span></td></tr>'; } } else { echo '<tr><td>Apache Mod Rewrite</td><td><span class="OKmsg" >' . i18n_r('INSTALLED') . ' - ' . i18n_r('OK') . '</span></td></tr>'; } } else { if (!getDef('GSNOAPACHECHECK') || GSNOAPACHECHECK == false) { echo '<tr><td>Apache web server</td><td><span class="ERRmsg" >' . $_SERVER['SERVER_SOFTWARE'] . ' - <b>' . i18n_r('ERROR') . '</b></span></td></tr>'; } } ?> </table> <p class="hint"><?php echo sprintf(i18n_r('REQS_MORE_INFO'), "http://get-simple.info/docs/requirements"); ?> </p> <?php if ($kill != '') { ?> <p><?php i18n('KILL_CANT_CONTINUE'); ?>
} ?> <h1 class="sitename"><a href="<?php echo $SITEURL; ?> " target="_blank" ><?php echo cl($SITENAME); ?> <i class="icon fa fa-external-link"></i></a></h1> <ul class="nav <?php echo $plugin_class; ?> "> <?php $tabs = explode(',', getDef('GSTABS')); // $tabs = array_keys($sidemenudefinition); // debug all $current = get_filename_id(); // if current tab is not in GSTABS, then set its parent tab as current if (!in_array($current, $tabs)) { if (isset($sidemenudefinition[$current]) && !empty($sidemenudefinition[$current])) { $current = $sidemenudefinition[$current]; } } if ($tabs) { foreach ($tabs as $tab) { if (empty($tab)) { continue; } $tabtitle = i18n_r('TAB_' . uppercase($tab)); $class = $tab == $current ? ' current' : '';
<?php } ?> <li style="float:right;" id="sb_filesize" ><small><?php i18n('MAX_FILE_SIZE'); ?> : <strong><?php echo toBytes(ini_get('upload_max_filesize')) / 1024 / 1024; ?> MB</strong></small></li> </ul> <?php # show normal upload form if Uploadify is turned off if (getDef('GSNOUPLOADIFY', true)) { ?> <form class="uploadform" action="upload.php?path=<?php echo $path; ?> " method="post" enctype="multipart/form-data"> <p><input type="file" name="file[]" id="file" style="width:220px;" multiple /></p> <input type="hidden" name="hash" id="hash" value="<?php echo $SESSIONHASH; ?> " /> <input type="submit" class="submit" name="submit" value="<?php i18n('UPLOAD'); ?> " /> </form>
/** * strip shortcodes based on pattern * @since 3.3.6 * @param str $str input string * @param string $pattern regex pattern to strip * @return str new string */ function strip_content($str, $pattern = '/[({]%.*?%[})]/') { if (getDef('GSCONTENTSTRIPPATTERN', true)) { $pattern = getDef('GSCONTENTSTRIPPATTERN'); } return preg_replace($pattern, '', $str); }
exec_action('common'); // @hook common common.php has completed loading resoruces, base not yet loaded // debugLog('calling common_callout'); if (function_exists('common_callout')) { common_callout(); } // @callout common_callout callout after common loaded, before templating } /** * debug plugin global arrays */ // debugLog($live_plugins); // debugLog($plugin_info); // debugLog($plugins); // debugLog($pluginHooks); if (isset($load['login']) && $load['login'] && getDef('GSALLOWLOGIN', true)) { require_once GSADMININCPATH . 'login_functions.php'; } // do the template rendering if (GSBASE) { require_once GSADMINPATH . 'base.php'; } // common methods that are required before dependancy includes /** * Debug Console Log * @since 3.1 * @param $txt string */ function debugLog($mixed = null) { global $GS_debug;
/** * Generate standard thumbnails * @param string $path path to image * @param string $name file name * @uses GD */ function genStdThumb($subpath, $file) { // set thumbnail width from GSIMAGEWIDTH if (!getDef('GSIMAGEWIDTH')) { $width = 200; //New width of image } else { $width = getDef('GSIMAGEWIDTH'); } generate_thumbnail($file, $subpath, 'thumbnail.' . $file, $width); }
} // if ajax we are done changedataAjaxSave($url, $oldslug); // redirect user back to edit page or redirectto if (isset($_POST['redirectto']) && $_POST['redirectto'] != '') { $redirect_url = $_POST['redirectto']; } else { $redirect_url = 'edit.php'; } if ($pageIsNew) { $redirect_url .= "?id=" . $url . "&upd=edit-success&type=new"; } // new page if ($slugHasChanged) { $redirect_url .= "?id=" . $url . "&old=" . $oldslug . "&upd=edit-success&type=edit"; } else { $redirect_url .= "?id=" . $url . "&upd=edit-success&type=edit"; } // update if ($draft) { $redirect_url .= "&upd-draft"; } // add nodraft arg if we are force editing a live page if (getDef('GSUSEDRAFTS', true) && !$draft) { $redirect_url .= '&nodraft'; } redirect($redirect_url); } else { // nothing submitted redirect('pages.php'); }
echo find_accesskey(i18n_r('ASK_DELETE_ALL')); ?> " class="confirmation" ><?php i18n('ASK_DELETE_ALL'); ?> </a> <?php exec_action(get_filename_id() . '-edit-nav'); ?> </div> <div id="filter-search"> <form><input type="text" autocomplete="off" class="text" id="q" placeholder="<?php echo strip_tags(lowercase(i18n_r('FILTER'))); ?> ..." /> <a href="<?php echo getDef('GSDEFAULTPAGE'); ?> " class="cancel"><?php i18n('CANCEL'); ?> </a></form> </div> <?php exec_action(get_filename_id() . '-body'); ?> <table id="editpages" class="highlight paginate"> <thead> <tr><th><?php i18n('PAGE_TITLE'); ?>
$widepages = explode(',', getDef('GSWIDEPAGES')); // get ids of pages that are wide $widepagecss = ''; if ($width == '0' or $width == '') { $width = 'none'; } // allow for no max-width // set max width for wide pages using custom wide width foreach ($widepages as $pageid) { $widepagecss .= "#{$pageid} .wrapper {max-width: {$width_wide};}\n"; } include 'css-wide.php'; } // include custom theme/admin.css if exists if (file_exists(GSTHEMESPATH . getDef('GSCSSCUSTOMFILE')) && getDef('GSCSSCUSTOMENABLE', true)) { include GSTHEMESPATH . getDef('GSCSSCUSTOMFILE'); } // You can include your own css here exec_action('style-save'); // @hook style-save called after css files are included before cache is saved // save cache $ob_get_contents = ob_get_contents(); save_file($cachefile, cssCompress($ob_get_contents)); ob_end_flush(); /** * Convert a hexa decimal color code to its RGB equivalent * * @param string $hexStr (hexadecimal color value) * @param boolean $returnAsString (if set true, returns the value separated by the separator character. Otherwise returns associative array) * @param string $seperator (to separate RGB values. Applicable only if second parameter is true.) * @return array or string (depending on second parameter. Returns False if invalid hex color value)
/** * Get Page Meta Description * * @since 2.0 * @uses $metad * @uses strip_decode * * @param bool $echo Optional, default is true. False will 'return' value * @return string Echos or returns based on param $echo */ function get_page_meta_desc($echo = true) { $metad = getPageGlobal('metad'); $desc = ''; if ($metad != '') { $desc = encode_quotes(strip_decode($metad)); } else { if (getDef('GSAUTOMETAD', true)) { // use content excerpt, NOT filtered $desc = strip_decode($content); if (getDef('GSCONTENTSTRIP', true)) { $desc = strip_content($desc); } $desc = cleanHtml($desc, array('style', 'script')); // remove unwanted elements that strip_tags fails to remove $desc = getExcerpt($desc, 160); // grab 160 chars $desc = strip_whitespace($desc); // remove newlines, tab chars $desc = encode_quotes($desc); $desc = trim($desc); } } $str = exec_filter('metad', $desc); // @filter metad (str) meta description in get_page_meta_desc return echoReturn($str, $echo); }
echo find_accesskey(i18n_r('MENU_MANAGER')); ?> " <?php check_menu('menu-manager'); ?> ><?php i18n('MENU_MANAGER'); ?> </a></li> <?php exec_action("pages-sidebar"); // @hook pages-sidebar sidebar list html output ?> </ul> <p id="js_submit_line" ></p> <?php if (get_filename_id() === 'edit') { ?> <?php if (getDef('GSAUTOSAVE', true)) { ?> <p id="autosavestatus"><?php echo sprintf(i18n_r("AUTOSAVE_STATUS"), (int) getDef('GSAUTOSAVEINTERVAL')); ?> </p> <p id="autosavenotify"></p> <?php } }
$labelAlphas .= '.label_' . $i . '_' . floor($alpha * 100) . ' {background-color: ' . getRGBA($defaultcolors['label_' . $i], $alpha) . "!important ;}\n"; } $labelAlphas .= "\n"; } // include main css file css.php include GSCSSMAINFILE; // output label alphas echo "/* label alphas */\n"; echo $labelAlphas; // if GSTYLEWIDE ( default ) if (isset($_GET['s']) and in_array('wide', explode(',', $_GET['s']))) { $width = getDef('GSWIDTH'); // get page width $width_wide = getDef('GSWIDTHWIDE'); // get wide page width $widepages = explode(',', getDef('GSWIDEPAGES')); // get ids of pages that are wide $widepagecss = ''; if ($width == '0' or $width == '') { $width = 'none'; } // allow for no max-width // set max width for wide pages using custom wide width foreach ($widepages as $pageid) { $widepagecss .= "#{$pageid} .wrapper {max-width: {$width_wide};}\n"; } include 'css-wide.php'; } // include custom theme/admin.css if exists if (file_exists(GSTHEMESPATH . GSCSSCUSTOMFILE) && $useadmincss) { include GSTHEMESPATH . GSCSSCUSTOMFILE;
function getPublishedPageHead($editing = true, $path = '') { global $id, $draftExists, $pageExists; echo '<h3 class="floated">' . ($editing ? i18n_r('PAGE_EDIT_MODE') : i18n_r('CREATE_NEW_PAGE')) . '</h3>'; if (getDef('GSUSEDRAFTS', true) && $pageExists && getDef('GSSDRAFTSPUBLISHEDTAG', true)) { echo '<div class="title label label-ok unselectable">' . i18n_r('LABEL_PUBLISHED') . '</div>'; } echo '<!-- pill edit navigation -->', "\n", '<div class="edit-nav clearfix" >'; if ($editing) { echo '<a class="pageview" href="' . $path . '" target="_blank" accesskey="' . find_accesskey(i18n_r('VIEW')) . '" >' . i18n_r('VIEW') . '</a>'; if ($path != '') { echo '<a class="pageclone" href="pages.php?id=' . $id . '&action=clone&nonce=' . get_nonce("clone", "pages.php") . '" >' . i18n_r('CLONE') . '</a>'; } } exec_action(get_filename_id() . '-edit-nav'); echo "\n</div>"; }
} } # create default 403.xml page $init = GSDATAOTHERPATH . GSHTTPPREFIX . '403.xml'; $temp = GSADMININCPATH . 'tmp/tmp-403.xml'; if (!file_exists($init)) { if (copy($temp, $init)) { $message .= msgOK(sprintf(i18n_r('COPY_SUCCESS'), 'tmp/403.xml')); } else { $message .= msgError(sprintf(i18n_r('COPY_FAILURE'), 'tmp/403.xml')); } } /* create new folders */ foreach ($create_dirs as $dir) { if (!file_exists($dir)) { if (getDef('GSCHMOD')) { $chmod_value = GSCHMOD; } else { $chmod_value = 0755; } $status = mkdir($dir, $chmod_value); if ($status) { $message .= msgOK(sprintf(i18n_r('FOLDER_CREATED'), $dir)); } else { $error .= msgError(i18n_r('ERROR_CREATING_FOLDER') . "<br /> - {$dir}"); } } } # remove the pages.php plugin if it exists. if (file_exists(GSPLUGINPATH . 'pages.php')) { unlink(GSPLUGINPATH . 'pages.php');
if (getDef('GSNOSITEMAP', true)) { echo 'class="last_sb"'; } ?> ><a href="components.php" <?php check_menu('components'); ?> accesskey="<?php echo find_accesskey(i18n_r('SIDE_COMPONENTS')); ?> " ><?php i18n('SIDE_COMPONENTS'); ?> </a></li> <?php if (!getDef('GSNOSITEMAP')) { ?> <li id="sb_sitemap" class="last_sb"><a href="sitemap.php" <?php check_menu('sitemap'); ?> accesskey="<?php echo find_accesskey(i18n_r('SIDE_VIEW_SITEMAP')); ?> " ><?php i18n('SIDE_VIEW_SITEMAP'); ?> </a></li> <?php } ?> <?php exec_action("theme-sidebar");
/** * Get Page Header HTML * * This will return header html for a particular page. This will include the * meta desriptions & keywords, canonical and title tags * * @since 1.0 * @uses exec_action * @uses get_page_url * @uses strip_quotes * @uses get_page_meta_desc * @uses get_page_meta_keywords * @uses $metad * @uses $title * @uses $content * @uses $site_full_name from configuration.php * @uses GSADMININCPATH * * @return string HTML for template header */ function get_header($full = true) { global $metad; global $title; global $content; include GSADMININCPATH . 'configuration.php'; // meta description if ($metad != '') { $description = get_page_meta_desc(FALSE); } else { if (getDef('GSAUTOMETAD', true)) { // get meta from content excerpt if (function_exists('mb_substr')) { $description = trim(mb_substr(strip_tags(strip_decode($content)), 0, 160)); } else { $description = trim(substr(strip_tags(strip_decode($content)), 0, 160)); } $description = str_replace('"', '', $description); $description = str_replace("'", '', $description); $description = preg_replace('/\\n/', " ", $description); $description = preg_replace('/\\r/', " ", $description); $description = preg_replace('/\\t/', " ", $description); $description = preg_replace('/ +/', " ", $description); } } if (!empty($description)) { echo '<meta name="description" content="' . $description . '" />' . "\n"; } // meta keywords $keywords = get_page_meta_keywords(FALSE); if ($keywords != '') { echo '<meta name="keywords" content="' . $keywords . '" />' . "\n"; } if ($full) { echo '<link rel="canonical" href="' . get_page_url(true) . '" />' . "\n"; } // script queue get_scripts_frontend(); exec_action('theme-header'); }
/** * Setup * * Second step of installation (install.php). Sets up initial files & structure * * @package GetSimple * @subpackage Installation */ # setup inclusions $load['plugin'] = true; if (isset($_POST['lang']) && trim($_POST['lang']) != '') { $LANG = $_POST['lang']; } include 'inc/common.php'; # default variables if (getDef('GSLOGINSALT')) { $logsalt = GSLOGINSALT; } else { $logsalt = null; } $kill = ''; // fatal error kill submission reshow form $status = ''; $err = null; // used for errors, show form alow resubmision $message = null; // message to show user $random = null; $success = false; // success true show message if message $fullpath = suggest_site_path();
function doVerCheck() { return !isAuthPage() && !getDef('GSNOVERCHECK'); }
echo '<td style="width:70px;text-align:right;"><span>' . $fileOwnerName . '/' . $filePerms . '</span></td>'; } echo '<td class="file_date right"><span class="' . (dateIsToday($upload['date']) ? 'datetoday' : '') . '">' . output_date($upload['date']) . '</span></td>'; echo '<td class="delete" >' . $directory_delete . '</td>'; echo '</tr>'; $foldercount++; } } // will regenerate all thumbnail. thumbsm. in current folder, ideally used when changing smthumb size // can take a very long time if you have massive images, it would be wise to keep folders small if using large gallary images // if you have a lot to regen simply delete the images form the thumbs folder and keep refreshing until they are all regenerated if (isset($_REQUEST['regenthumbsm']) || isset($_REQUEST['regenthumbnail'])) { set_time_limit(120); } $thumbsm_w = (int) getDef('GSTHUMBSMWIDTH'); $thumbsm_h = (int) getDef('GSTHUMBSMHEIGHT'); // show files if (count($filesSorted) != 0) { foreach ($filesSorted as $upload) { $counter++; $thumbnailLink = ''; $primarylink = getRelPath(GSDATAUPLOADPATH) . $urlPath . rawurlencode($upload['name']); echo '<tr class="all ' . $upload['type'] . '" >'; echo '<td class="imgthumb" >'; // handle images if ($upload['type'] == 'image') { $gallery = 'rel="fancybox_i"'; $pathlink = 'image.php?i=' . rawurlencode($upload['name']) . '&path=' . $subPath; $thumbLink = $urlPath . 'thumbsm.' . $upload['name']; $thumbLinkEncoded = $urlPath . 'thumbsm.' . rawurlencode($upload['name']); $thumbLinkExternal = $urlPath . 'thumbnail.' . $upload['name'];
/** * Alias for checking for debug constant * @since 3.2.1 * @return bool true if debug enabled */ function isDebug() { return getDef('GSDEBUG', true); }
/** * get the default language user->site->gsconfig->GSDEFAULTLANG->filesystem fallback * @since 3.4 * @return str IETF langcode */ function getDefaultLang() { global $USRLANG, $SITELANG; if (isset($USRLANG)) { return $USRLANG; } if (isset($SITELANG)) { return $SITELANG; } if (getDef('GSLANG')) { return getDef('GSLANG'); } // get language files $filenames = glob(GSLANGPATH . '*.php'); $cntlang = count($filenames); if ($cntlang == 1) { // 1 file , assign lang to only existing file return basename($filenames[0], ".php"); } elseif ($cntlang > 1 && in_array(GSLANGPATH . GSDEFAULTLANG . '.php', $filenames)) { // prefer GSDEFAULTLANG as default if available return GSDEFAULTLANG; } elseif (isset($filenames[0])) { // else fallback to first lang found return basename($filenames[0], ".php"); } else { return ''; // no languages available } }
/** * get the chmod value for a file path * will check if path is a directory or file and return appropriate value * @since 3.4 * @param str $path file path * @return chmod value */ function getChmodValue($path) { if (is_dir($path)) { $writeOctal = getDef('GSCHMODDIR'); } else { if (getDef('GSCHMODFILE')) { $writeOctal = getDef('GSCHMODFILE'); } else { if (getDef('GSCHMOD')) { $writeOctal = getDef('GSCHMOD'); } else { $writeOctal = 0755; } } } return $writeOctal; }
/** * Add javascript for cdn fallback to local * get_scripts_backend helper * @param array $script gsscript array */ function cdn_fallback($script) { global $GS_script_assets, $GS_asset_objects; if (getDef('GSNOCDN', true)) { return; } // if nocdn skip if ($script['name'] == 'jquery' || $script['name'] == 'jquery-ui') { echo "<script>"; echo "window." . $GS_asset_objects[$script['name']] . " || "; echo "document.write('<!-- CDN FALLING BACK --><script src=\"" . $GS_script_assets[$script['name']]['local']['url'] . '?v=' . $GS_script_assets[$script['name']]['local']['ver'] . "\"><\\/script>');"; echo "</script>\n"; } }
$fileInArchiv = $dir . $element->getFilename(); // add file to archive $archiv->addFile($file, $fileInArchiv); } } } } // check if file exists, close will fail if bad file added, addfile always returns true if (file_exists(GSROOTPATH . '.htaccess')) { $archiv->addFile(GSROOTPATH . '.htaccess', '.htaccess'); } if (file_exists(GSROOTPATH . 'gsconfig.php')) { $archiv->addFile(GSROOTPATH . 'gsconfig.php', 'gsconfig.php'); } // testing custom extra files, will need a iter wrapper to get dirs if (getDef('GSBACKUPEXTRAS', true)) { $extras = explode(GSBACKUPEXTRAS, ','); foreach ($extras as $extra) { if (file_exists($extra)) { $archiv->addFile($extra); } } } // attempt to save and close $status = $archiv->close(); if (!$status) { //ziparchive failed $zipcreated = false; } } else { // ziparchive non existant