/** * Load this editfile * * @param string $templatename * @param string $templatefile * @param array $templates * @return string */ function filetext($templatename, $templatefile, $templates) { $sFileName = gettemplatefilename($templates[$templatename], $templatefile); if (file_exists($sFileName)) { return file_get_contents($sFileName); } else { } }
/** * Function responsible to save the changes made in CodemMirror editor. * * @access public * @return void */ public function templatesavechanges() { if (!Permission::model()->hasGlobalPermission('templates', 'update')) { die('No permission'); } if (returnGlobal('changes')) { $changedtext = returnGlobal('changes'); $changedtext = str_replace('<?', '', $changedtext); if (get_magic_quotes_gpc()) { $changedtext = stripslashes($changedtext); } } if (returnGlobal('changes_cp')) { $changedtext = returnGlobal('changes_cp'); $changedtext = str_replace('<?', '', $changedtext); if (get_magic_quotes_gpc()) { $changedtext = stripslashes($changedtext); } } $action = returnGlobal('action'); //$editfile = sanitize_filename(returnGlobal('editfile')); $editfile = returnGlobal('editfile'); $sTemplateName = Template::templateNameFilter(App()->request->getPost('templatename')); $editfileindex = App()->request->getPost('editfileindex'); $useindex = App()->request->getPost('useindex'); $screenname = returnGlobal('screenname'); global $oEditedTemplate; $oEditedTemplate = Template::model()->getTemplateConfiguration($sTemplateName); $files = $this->_initfiles($sTemplateName); $cssfiles = $this->_initcssfiles($oEditedTemplate); $jsfiles = $this->_getEditableJsFiles($oEditedTemplate); if ($action == "templatesavechanges" && $changedtext) { Yii::app()->loadHelper('admin/template'); $changedtext = str_replace("\r\n", "\n", $changedtext); if ($editfile) { // Check if someone tries to submit a file other than one of the allowed filenames if (multiarray_search($files, 'name', $editfile) === false && multiarray_search($cssfiles, 'name', $editfile) === false && multiarray_search($jsfiles, 'name', $editfile) === false) { Yii::app()->user->setFlash('error', gT('Invalid template name')); $this->getController()->redirect(array("admin/templates/sa/upload")); } $savefilename = gettemplatefilename(Yii::app()->getConfig('usertemplaterootdir') . "/" . $sTemplateName, $editfile); if (is_writable($savefilename)) { if (!($handle = fopen($savefilename, 'w'))) { Yii::app()->user->setFlash('error', gT('Could not open file ') . $savefilename); $this->getController()->redirect(array("admin/templates/sa/upload")); } if (!fwrite($handle, $changedtext)) { Yii::app()->user->setFlash('error', gT('Could not write file ') . $savefilename); $this->getController()->redirect(array("admin/templates/sa/upload")); } fclose($handle); } else { Yii::app()->user->setFlash('error', "The file {$savefilename} is not writable"); $this->getController()->redirect(array("admin/templates/sa/upload")); } } } // 'admin/templates/sa/view/editfile/'.$_GET['editfile'].'/screenname/'.$screenname.'/templatename/'.$sTemplateName.'/useindex/'.$_GET['useindex']; //echo "admin/templates/sa/view/editfile/" . $editfile . "/screenname/" . $screenname . "/templatename/" . $sTemplateName; //die("OK"); //$this->getController()->redirect(array("admin/templates/sa/view/editfile/" . $editfile . "/screenname/" . $screenname . "/templatename/" . $sTemplateName)); $this->getController()->redirect(array('admin/templates/sa/view/editfile/' . $editfileindex . '/screenname/' . $screenname . '/templatename/' . $sTemplateName . '/useindex/' . $useindex)); }
/** * Function responsible to save the changes made in CodemMirror editor. * * @access public * @return void */ public function templatesavechanges() { if (!Permission::model()->hasGlobalPermission('templates', 'update')) { die('No permission'); } if (returnGlobal('changes')) { $changedtext = returnGlobal('changes'); $changedtext = str_replace('<?', '', $changedtext); if (get_magic_quotes_gpc()) { $changedtext = stripslashes($changedtext); } } if (returnGlobal('changes_cp')) { $changedtext = returnGlobal('changes_cp'); $changedtext = str_replace('<?', '', $changedtext); if (get_magic_quotes_gpc()) { $changedtext = stripslashes($changedtext); } } $action = returnGlobal('action'); $editfile = returnGlobal('editfile'); $sTemplateName = Template::templateNameFilter(App()->request->getPost('templatename')); $screenname = returnGlobal('screenname'); $oEditedTemplate = Template::model()->getTemplateConfiguration($sTemplateName); $aScreenFiles = $this->getValidScreenFiles($sTemplateName); $cssfiles = $this->_initcssfiles($oEditedTemplate); $jsfiles = $this->_getEditableJsFiles($oEditedTemplate); if ($action == "templatesavechanges" && $changedtext) { Yii::app()->loadHelper('admin/template'); $changedtext = str_replace("\r\n", "\n", $changedtext); if ($editfile) { // Check if someone tries to submit a file other than one of the allowed filenames if (in_array($editfile, $aScreenFiles) === false && in_array($editfile, $cssfiles) === false && in_array($editfile, $jsfiles) === false) { Yii::app()->user->setFlash('error', gT('Invalid template name')); $this->getController()->redirect(array("admin/templates/sa/upload")); } $savefilename = gettemplatefilename(Yii::app()->getConfig('usertemplaterootdir') . "/" . $sTemplateName, $editfile); if (is_writable($savefilename)) { if (!($handle = fopen($savefilename, 'w'))) { Yii::app()->user->setFlash('error', gT('Could not open file ') . $savefilename); $this->getController()->redirect(array("admin/templates/sa/upload")); } if (!fwrite($handle, $changedtext)) { Yii::app()->user->setFlash('error', gT('Could not write file ') . $savefilename); $this->getController()->redirect(array("admin/templates/sa/upload")); } $oEditedTemplate->actualizeLastUpdate(); fclose($handle); } else { Yii::app()->user->setFlash('error', "The file {$savefilename} is not writable"); $this->getController()->redirect(array("admin/templates/sa/upload")); } } } $this->getController()->redirect(array('admin/templates/', 'sa' => 'view', 'editfile' => $editfile, 'screenname' => $screenname, 'templatename' => $sTemplateName)); }