$USR = strtolower($_POST['user']); } if (isset($_POST['name'])) { $NAME = var_out($_POST['name']); } if (isset($_POST['email'])) { $EMAIL = var_out($_POST['email'], 'email'); } if (isset($_POST['timezone'])) { $TIMEZONE = var_out($_POST['timezone']); } if (isset($_POST['lang'])) { $LANG = var_out($_POST['lang']); } if (isset($_POST['show_htmleditor'])) { $HTMLEDITOR = var_out($_POST['show_htmleditor']); } else { $HTMLEDITOR = ''; } # check to see if passwords are changing if (isset($_POST['sitepwd'])) { $pwd1 = $_POST['sitepwd']; } if (isset($_POST['sitepwd_confirm'])) { $pwd2 = $_POST['sitepwd_confirm']; } if ($pwd1 != $pwd2) { #passwords do not match $error = i18n_r('PASSWORD_NO_MATCH'); } else { # password cannot be null
" ><?php i18n('ASK_RESTORE'); ?> </a> <a href="backup-edit.php?p=delete&id=<?php echo var_out($id); ?> &nonce=<?php echo get_nonce("delete", "backup-edit.php"); ?> " title="<?php i18n('DELETEPAGE_TITLE'); ?> : <?php echo var_out($title); ?> ?" id="delback" accesskey="<?php echo find_accesskey(i18n_r('ASK_DELETE')); ?> " class="delconfirm noajax" ><?php i18n('ASK_DELETE'); ?> </a> <div class="clear"></div> </div> <table class="simple highlight" >
" value="<?php if (isset($PERMALINK)) { echo var_out($PERMALINK); } ?> " /> </p> </div> <div class="rightsec"> <p> <label for="email" ><?php i18n('LABEL_EMAIL'); ?> :</label> <input class="text" id="email" name="email" type="email" value="<?php echo var_out($SITEEMAIL); ?> " /> </p> <?php if (!check_email_address($SITEEMAIL)) { echo '<span class="input-warning">' . i18n_r('WARN_EMAILINVALID') . '</span>'; } ?> </div> <div class="clear"></div> <div class="widesec"> <p> <label for="about" ><?php i18n('LABEL_SITEABOUT'); ?>
<?php /** * View Log * * Displays the log file passed to it * * @package GetSimple * @subpackage Support */ // Setup inclusions $load['plugin'] = true; include 'inc/common.php'; // Variable Settings login_cookie_check(); $log_name = var_out(isset($_GET['log']) ? $_GET['log'] : ''); $log_path = GSDATAOTHERPATH . 'logs/'; $log_file = $log_path . $log_name; $whois_url = 'http://whois.arin.net/rest/ip/'; // filepath_is_safe returns false if file does nt exist if (!isset($log_name) || !filepath_is_safe($log_file, $log_path)) { $log_data = false; } if (isset($_GET['action']) && $_GET['action'] == 'delete' && strlen($log_name) > 0) { // check for csrf if (!defined('GSNOCSRF') || GSNOCSRF == FALSE) { $nonce = $_GET['nonce']; if (!check_nonce($nonce, "delete")) { die("CSRF detected!"); } }
} elseif ($ptype == 'delete') { doNotify(sprintf(i18n_r('ER_HASBEEN_DEL'), $errid) . '. <a href="backup-edit.php?p=restore&id=' . $errid . '&nonce=' . get_nonce("restore", "backup-edit.php") . '">' . i18n_r('UNDO') . '</a>', 'info'); } else { if ($ptype == 'new') { doNotify(sprintf(i18n_r('ER_YOUR_CHANGES'), $id) . '. <a href="deletefile.php?id=' . $id . '&nonce=' . get_nonce("delete", "deletefile.php") . '">' . i18n_r('UNDO') . '</a>', 'success'); } } break; case 'clone-success': doNotify(sprintf(i18n_r('CLONE_SUCCESS'), '<a href="edit.php?id=' . $errid . '">' . $errid . '</a>'), 'success'); break; case 'edit-index': doNotify('<b>' . i18n_r('ERROR') . ':</b> ' . i18n_r('ER_CANNOT_INDEX'), 'error'); break; case 'edit-error': doNotify('<b>' . i18n_r('ERROR') . ':</b> ' . var_out($ptype), 'error'); break; case 'pwd-success': doNotify(i18n_r('ER_NEW_PWD_SENT') . '. <a href="index.php">' . i18n_r('LOGIN') . '</a>', 'info'); break; case 'pwd-error': doNotify('<b>' . i18n_r('ERROR') . ':</b> ' . i18n_r('ER_SENDMAIL_ERR') . '.', 'error'); break; case 'del-success': doNotify(i18n_r('ER_FILE_DEL_SUC') . ': <b>' . $errid . '</b>', 'success'); break; case 'flushcache-success': doNotify(i18n_r('FLUSHCACHE-SUCCESS'), 'success'); break; case 'del-error': doNotify('<b>' . i18n_r('ERROR') . ':</b> ' . i18n_r('ER_PROBLEM_DEL') . '.', 'error');
echo $SESSIONHASH; ?> '; var uploadPath = '<?php echo isset($_GET['path']) ? $_GET['path'] : ""; ?> '; var maxFileSize = '<?php echo toBytesShorthand(getMaxUploadSize(), 'M'); ?> '; <?php if (isset($_COOKIE['gs_editor_theme'])) { // $editor_theme = var_out($_COOKIE['gs_editor_theme']); $editor_theme = var_out($_COOKIE['gs_editor_theme']); echo "// codemirror editortheme\n"; echo ' var editorTheme = "' . $editor_theme . "\";\n"; } if (getDef('GSAUTOSAVE', true)) { echo "\t\t// edit autosave\n"; echo ' var GSAUTOSAVEPERIOD = ' . getDef('GSAUTOSAVE') . ";\n"; } else { echo " var GSAUTOSAVEPERIOD = false;\n"; } ?> // ckeditor config obj shim for config if(typeof CKEDITOR == 'undefined'){ CKEDITOR = {}; CKEDITOR.SHIM = true;
$metak = safe_slash_html(strip_tags($_POST['post-metak'])); } if (isset($_POST['post-metad'])) { $metad = safe_slash_html(strip_tags($_POST['post-metad'])); } if (isset($_POST['post-author'])) { $author = safe_slash_html($_POST['post-author']); } if (isset($_POST['post-template'])) { $template = $_POST['post-template']; } if (isset($_POST['post-parent'])) { $parent = $_POST['post-parent']; } if (isset($_POST['post-menu'])) { $menu = var_out(xss_clean($_POST['post-menu'])); } if (isset($_POST['post-menu-enable'])) { $menuStatus = "Y"; } else { $menuStatus = ""; } if (isset($_POST['post-private'])) { $private = safe_slash_html($_POST['post-private']); } if (isset($_POST['post-content'])) { $content = safe_slash_html($_POST['post-content']); } if (isset($_POST['post-menu-order'])) { if (is_numeric($_POST['post-menu-order'])) { $menuOrder = $_POST['post-menu-order'];
$parent = $data_edit->parent; $author = $data_edit->author; $menu = stripslashes($data_edit->menu); $private = $data_edit->private; $menuStatus = $data_edit->menuStatus; $menuOrder = $data_edit->menuOrder; $buttonname = i18n_r('BTN_SAVEUPDATES'); } else { // prefill fields is provided $title = isset($_GET['title']) ? var_out($_GET['title']) : ''; $template = isset($_GET['template']) ? var_out($_GET['template']) : ''; $parent = isset($_GET['parent']) ? var_out($_GET['parent']) : ''; $menu = isset($_GET['menu']) ? var_out($_GET['menu']) : ''; $private = isset($_GET['private']) ? var_out($_GET['private']) : ''; $menuStatus = isset($_GET['menuStatus']) ? var_out($_GET['menuStatus']) : ''; $menuOrder = isset($_GET['menuOrder']) ? var_out($_GET['menuOrder']) : ''; $buttonname = i18n_r('BTN_SAVEPAGE'); } // MAKE SELECT BOX OF AVAILABLE TEMPLATES if ($template == '') { $template = 'template.php'; } $themes_path = GSTHEMESPATH . $TEMPLATE; $themes_handle = opendir($themes_path) or die("Unable to open " . GSTHEMESPATH); while ($file = readdir($themes_handle)) { if (isFile($file, $themes_path, 'php')) { if ($file != 'functions.php' && substr(strtolower($file), -8) != '.inc.php' && substr($file, 0, 1) !== '.') { $templates[] = $file; } } }
include 'template/include-nav.php'; ?> <div class="bodycontent clearfix"> <div id="maincontent"> <div class="main"> <h3 class="floated"><?php i18n('IMG_CONTROl_PANEL'); ?> <span class="crumbs"> <a href="upload.php"><?php echo i18n_r('FILES'); ?> </a> / <?php echo breadcrumbs(var_out($subPath . $src), 'upload.php?path='); ?> </span></h3> <div class="edit-nav clearfix" > <?php exec_action(get_filename_id() . '-edit-nav'); ?> </div> <?php exec_action(get_filename_id() . '-body'); echo '<div class="thumbs clearfix">'; echo '<div class="thumbcontainer"><a href="' . $src_url . rawurlencode($src) . '" rel="fancybox_i" >'; // echo '<div><img src="'.$thumb_url . 'thumbsm.'. rawurlencode($src).'"></div>'; echo '<div><img src="' . $src_url . rawurlencode($src) . '"></div>'; echo i18n_r('ORIGINAL_IMG') . '<br/><code>' . $imgwidth . 'x' . $imgheight . '</code>'; echo "</a></div>";
<div class="main"> <?php if (empty($log_name)) { echo '<h3 class="floated">' . i18n_r('VIEW_LOG_FILE') . '</h3><div class="clear"></div>'; echo '<ul>'; echo '<li><a href="log.php?log=failedlogins.log">Failed Logins</a></li>'; echo '<li><a href="log.php?log=logins.log">Logins</a></li>'; echo '</ul>'; } else { ?> <h3 class="floated"><?php echo i18n_r('VIEW_LOG_FILE'); ?> <span> / <?php echo var_out($log_name); ?> </span></h3> <div class="edit-nav" > <a href="log.php?log=<?php echo $log_name; ?> &action=delete&nonce=<?php echo get_nonce("delete"); ?> " accesskey="<?php echo find_accesskey(i18n_r('CLEAR_ALL_DATA')); ?> " title="<?php i18n('CLEAR_ALL_DATA'); ?>
/** * Recursive list of pages * * Returns a recursive list of items for the main page * * @author Mike * * @since 3.0 * @uses $pagesSorted * * @param string $parent * @param string $menu * @param int $level * * @returns string */ function get_pages_menu($parent, $menu, $level) { global $pagesSorted; $items = array(); foreach ($pagesSorted as $page) { if ($page['parent'] == $parent) { $items[(string) $page['url']] = $page; } } if (count($items) > 0) { foreach ($items as $page) { $dash = ""; if ($page['parent'] != '') { $page['parent'] = $page['parent'] . "/"; } for ($i = 0; $i <= $level - 1; $i++) { if ($i != $level - 1) { $dash .= '<span> </span>'; } else { $dash .= '<span> – </span>'; } } $menu .= '<tr id="tr-' . $page['url'] . '" >'; if ($page['title'] == '') { $page['title'] = '[No Title] » <em>' . $page['url'] . '</em>'; } if ($page['menuStatus'] != '') { $page['menuStatus'] = ' <sup>[' . i18n_r('MENUITEM_SUBTITLE') . ']</sup>'; } else { $page['menuStatus'] = ''; } if ($page['private'] != '') { $page['private'] = ' <sup>[' . i18n_r('PRIVATE_SUBTITLE') . ']</sup>'; } else { $page['private'] = ''; } if ($page['url'] == 'index') { $homepage = ' <sup>[' . i18n_r('HOMEPAGE_SUBTITLE') . ']</sup>'; } else { $homepage = ''; } $menu .= '<td class="pagetitle">' . $dash . '<a title="' . i18n_r('EDITPAGE_TITLE') . ': ' . var_out($page['title']) . '" href="edit.php?id=' . $page['url'] . '" >' . cl($page['title']) . '</a><span class="showstatus toggle" >' . $homepage . $page['menuStatus'] . $page['private'] . '</span></td>'; $menu .= '<td style="width:80px;text-align:right;" ><span>' . shtDate($page['pubDate']) . '</span></td>'; $menu .= '<td class="secondarylink" >'; $menu .= '<a title="' . i18n_r('VIEWPAGE_TITLE') . ': ' . var_out($page['title']) . '" target="_blank" href="' . find_url($page['url'], $page['parent']) . '">#</a>'; $menu .= '</td>'; if ($page['url'] != 'index') { $menu .= '<td class="delete" ><a class="delconfirm" href="deletefile.php?id=' . $page['url'] . '&nonce=' . get_nonce("delete", "deletefile.php") . '" title="' . i18n_r('DELETEPAGE_TITLE') . ': ' . var_out($page['title']) . '" >×</a></td>'; } else { $menu .= '<td class="delete" ></td>'; } $menu .= '</tr>'; $menu = get_pages_menu((string) $page['url'], $menu, $level + 1); } } return $menu; }
function var_in($var, $filter = 'special') { return var_out($var, $filter); }
echo sprintf(i18n_r('ER_HASBEEN_DEL'), $errid) . '. <a href="backup-edit.php?p=restore&id=' . $errid . '&nonce=' . get_nonce("restore", "backup-edit.php") . '">' . i18n_r('UNDO') . '</a>'; } else { if ($ptype == 'new') { echo sprintf(i18n_r('ER_YOUR_CHANGES'), $id) . '. <a href="deletefile.php?id=' . $id . '&nonce=' . get_nonce("delete", "deletefile.php") . '">' . i18n_r('UNDO') . '</a>'; } } echo '</p></div>'; break; case 'clone-success': echo '<div class="updated"><p>' . sprintf(i18n_r('CLONE_SUCCESS'), '<a href="edit.php?id=' . $errid . '">' . $errid . '</a>') . '.</p></div>'; break; case 'edit-index': echo '<div class="error"><p><b>' . i18n_r('ERROR') . ':</b> ' . i18n_r('ER_CANNOT_INDEX') . '.</p></div>'; break; case 'edit-error': echo '<div class="error"><p><b>' . i18n_r('ERROR') . ':</b> ' . var_out($ptype) . '.</p></div>'; break; case 'pwd-success': echo '<div class="updated"><p>' . i18n_r('ER_NEW_PWD_SENT') . '. <a href="index.php">' . i18n_r('LOGIN') . '</a></p></div>'; break; case 'pwd-error': echo '<div class="error"><p><b>' . i18n_r('ERROR') . ':</b> ' . i18n_r('ER_SENDMAIL_ERR') . '.</p></div>'; break; case 'del-success': echo '<div class="updated"><p>' . i18n_r('ER_FILE_DEL_SUC') . ': <b>' . $errid . '</b></p></div>'; break; case 'flushcache-success': echo '<div class="updated"><p>' . i18n_r('FLUSHCACHE-SUCCESS') . '</p></div>'; break; case 'del-error': echo '<div class="error"><p><b>' . i18n_r('ERROR') . ':</b> ' . i18n_r('ER_PROBLEM_DEL') . '.</p></div>';
$filesSorted = null; $dirsSorted = null; $path = isset($_GET['path']) ? "../data/uploads/" . $_GET['path'] : "../data/uploads/"; $subPath = isset($_GET['path']) ? $_GET['path'] : ""; if (!path_is_safe($path, GSDATAUPLOADPATH)) { die; } $returnid = isset($_GET['returnid']) ? var_out($_GET['returnid']) : ""; $func = isset($_GET['func']) ? $_GET['func'] : ""; $path = tsl($path); // check if host uses Linux (used for displaying permissions $isUnixHost = strtoupper(substr(PHP_OS, 0, 3)) === 'WIN' ? false : true; $CKEditorFuncNum = isset($_GET['CKEditorFuncNum']) ? var_out($_GET['CKEditorFuncNum']) : ''; $sitepath = suggest_site_path(); $fullPath = $sitepath . "data/uploads/"; $type = isset($_GET['type']) ? var_out($_GET['type']) : ''; global $LANG; $LANG_header = preg_replace('/(?:(?<=([a-z]{2}))).*/', '', $LANG); ?> <!DOCTYPE html> <html lang="<?php echo $LANG_header; ?> "> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <title><?php echo i18n_r('FILE_BROWSER'); ?> </title> <link rel="shortcut icon" href="favicon.png" type="image/x-icon" />
} } $thumb_exists = $thwidth = $thheight = $thtype = $athttr = ''; list($imgwidth, $imgheight, $imgtype, $imgattr) = getimagesize($src_folder . $subPath . $src); if (file_exists($thumb_folder . 'thumbnail.' . $src)) { list($thwidth, $thheight, $thtype, $athttr) = getimagesize($thumb_folder . 'thumbnail.' . $src); $thumb_exists = ' | <a href="' . $thumb_url . 'thumbnail.' . rawurlencode($src) . '" rel="facybox_i" >' . i18n_r('CURRENT_THUMBNAIL') . '</a> <code>' . $thwidth . 'x' . $thheight . '</code>'; } else { // if thumb is missing recreate it require_once 'inc/imagemanipulation.php'; if (genStdThumb($subPath, $src)) { list($thwidth, $thheight, $thtype, $athttr) = getimagesize($thumb_folder . 'thumbnail.' . $src); $thumb_exists = ' | <a href="' . $thumb_url . 'thumbnail.' . rawurlencode($src) . '" rel="facybox_i" >' . i18n_r('CURRENT_THUMBNAIL') . '</a> <code>' . $thwidth . 'x' . $thheight . '</code>'; } } $pagetitle = i18n_r('IMAGES') . ' · ' . var_out($src) . ' · ' . i18n_r('FILE_MANAGEMENT'); get_template('header'); include 'template/include-nav.php'; ?> <div class="bodycontent clearfix"> <div id="maincontent"> <div class="main"> <h3><?php i18n('IMG_CONTROl_PANEL'); ?> </h3> <?php echo '<p><a href="' . $src_url . rawurlencode($src) . '" rel="facybox_i" >' . i18n_r('ORIGINAL_IMG') . '</a> <code>' . $imgwidth . 'x' . $imgheight . '</code>' . $thumb_exists . '</p>';
# variable settings login_cookie_check(); $path = GSDATAOTHERPATH; $file = "website.xml"; $theme_options = ''; # was the form submitted? if (isset($_POST['submitted']) && isset($_POST['template'])) { # check for csrf if (!defined('GSNOCSRF') || GSNOCSRF == FALSE) { $nonce = $_POST['nonce']; if (!check_nonce($nonce, "activate")) { die("CSRF detected!"); } } # get passed value from form $TEMPLATE = var_out($_POST['template']); if (!path_is_safe(GSTHEMESPATH . $TEMPLATE, GSTHEMESPATH)) { die; } # backup old website.xml file $bakpath = GSBACKUPSPATH . 'other/'; createBak($file, $path, $bakpath); // # udpate website.xml file with new theme $xml = getXML($path . $file); $xml->TEMPLATE = null; $xml->TEMPLATE->addCData($TEMPLATE); $status = XMLsave($xml, $path . $file); $success = i18n_r('THEME_CHANGED'); } # get available themes (only look for folders) $themes_handle = opendir(GSTHEMESPATH) or die("Unable to open " . GSTHEMESPATH);
$pagesArray_tmp[$count]['date'] = $data->pubDate; $count++; } } $pagesSorted = subval_sort($pagesArray_tmp, 'title'); } if (count($pagesSorted) != 0) { foreach ($pagesSorted as $page) { $counter++; $table .= '<tr id="tr-' . $page['url'] . '" >'; if ($page['title'] == '') { $page['title'] = '[No Title] » <em>' . $page['url'] . '</em>'; } $table .= '<td class="pagetitle"><a title="' . i18n_r('VIEWPAGE_TITLE') . ' ' . var_out($page['title']) . '" href="backup-edit.php?p=view&id=' . $page['url'] . '">' . cl($page['title']) . '</a></td>'; $table .= '<td style="width:80px;text-align:right;" ><span>' . shtDate($page['date']) . '</span></td>'; $table .= '<td class="delete" ><a class="delconfirm" title="' . i18n_r('DELETEPAGE_TITLE') . ' ' . var_out($page['title']) . '?" href="backup-edit.php?p=delete&id=' . $page['url'] . '&nonce=' . get_nonce("delete", "backup-edit.php") . '">×</a></td>'; $table .= '</tr>'; } } get_template('header', cl($SITENAME) . ' » ' . i18n_r('BAK_MANAGEMENT')); ?> <?php include 'template/include-nav.php'; ?> <div class="bodycontent clearfix"> <div id="maincontent"> <div class="main" > <h3 class="floated"><?php
</div> <div class="clear"></div> <div class="leftsec"> <p><label for="name" ><?php i18n('LABEL_DISPNAME'); ?> :</label> <span style="margin:0px 0 5px 0;font-size:12px;color:#999;" ><?php i18n('DISPLAY_NAME'); ?> </span> <input class="text" id="name" name="name" type="text" value="<?php if (isset($NAME1)) { echo $NAME1; } else { echo var_out($NAME); } ?> " /></p> </div> <div class="clear"></div> <div class="leftsec"> <p><label for="timezone" ><?php i18n('LOCAL_TIMEZONE'); ?> :</label> <?php if (isset($_POST['timezone'])) { $TIMEZONE = $_POST['timezone']; } ?>
// inputs for error_checking $id = isset($_GET['id']) ? var_in($_GET['id']) : null; $ptype = isset($_GET['type']) ? var_in($_GET['type']) : null; $path = GSDATAPAGESPATH; $counter = '0'; $table = ''; // cloning a page if (isset($_GET['action']) && isset($_GET['id']) && $_GET['action'] == 'clone') { check_for_csrf("clone", "pages.php"); $status = clone_page($_GET['id']); if ($status !== false) { exec_action('page-clone'); // @hook page-clone page was cloned redirect('pages.php?upd=clone-success&id=' . $status); } else { $error = sprintf(i18n_r('CLONE_ERROR'), var_out($_GET['id'])); redirect('pages.php?error=' . $error); } } init_pageCache(true); getPagesXmlValues(true); /** * sorting prepare function tests * @todo */ /** * prepare pubDate strtotime it */ function prepare_pubDate($page, $key) { return strtotime($key);
&nonce=<?php echo get_nonce("restore", "backup-edit.php"); ?> " accesskey="<?php echo find_accesskey(i18n_r('ASK_RESTORE')); ?> " ><?php i18n('ASK_RESTORE'); ?> </a> <a href="backup-edit.php?p=delete<?php echo $draftqs; ?> &id=<?php echo var_out($id); ?> &nonce=<?php echo get_nonce("delete", "backup-edit.php"); ?> " title="<?php i18n('DELETEPAGE_TITLE'); ?> : <?php echo $title; ?> ?" id="delback" accesskey="<?php echo find_accesskey(i18n_r('ASK_DELETE'));
/** * get table row for pages display * * @since 3.4 * @param array $page page array * @param int $level current level * @param int $index current index * @param int $parent parent index * @param int $children number of children * @return str html for table row */ function getPagesRow($page, $level, $index, $parent, $children) { $indentation = $menu = ''; // indentation $indent = '<span class="tree-indent"></span>'; $last = '<span class="tree-indent indent-last">–</span>'; // add indents based on level $indentation .= $level > 0 ? str_repeat($indent, $level - 1) : ''; $indentation .= $level > 0 ? $last : ''; // add indents or expanders $isParent = $children > 0; // add expanders in php // $expander = '<span class="tree-expander tree-expander-expanded"></span>'; // $expander = $isParent ? $expander : '<span class="tree-indent"></span>'; // $indentation = $indentation . $expander; // depth level identifiers $class = 'depth-' . $level; $class .= $isParent ? ' tree-parent' : ''; $menu .= '<tr id="tr-' . $page['url'] . '" class="' . $class . '" data-depth="' . $level . '">'; $pagetitle = $pagemenustatus = $pageprivate = $pagedraft = $pageindex = ''; if ($page['title'] == '') { $pagetitle = '[No Title] » <em>' . $page['url'] . '</em>'; } else { $pagetitle = $page['title']; } if ($page['menuStatus'] != '') { $pagemenustatus = ' <span class="label label-ghost">' . i18n_r('MENUITEM_SUBTITLE') . '</span>'; } if ($page['private'] != '') { $pageprivate = ' <span class="label label-ghost">' . i18n_r('PRIVATE_SUBTITLE') . '</span>'; } if (pageHasDraft($page['url'])) { $pagedraft = ' <span class="label label-ghost">' . lowercase(i18n_r('LABEL_DRAFT')) . '</span>'; } if ($page['url'] == getDef('GSINDEXSLUG')) { $pageindex = ' <span class="label label-ghost">' . i18n_r('HOMEPAGE_SUBTITLE') . '</span>'; } if (dateIsToday($page['pubDate'])) { $pagepubdate = ' <span class="datetoday">' . output_date($page['pubDate']) . '</span>'; } else { $pagepubdate = '<span>' . output_date($page['pubDate']) . "</span>"; } $pagetitle = cl($pagetitle); $menu .= '<td class="pagetitle">' . $indentation . '<a title="' . i18n_r('EDITPAGE_TITLE') . ': ' . var_out($pagetitle) . '" href="edit.php?id=' . $page['url'] . '" >' . $pagetitle . '</a>'; $menu .= '<div class="showstatus toggle" >' . $pageindex . $pagedraft . $pageprivate . $pagemenustatus . '</div></td>'; // keywords used for filtering $menu .= '<td style="width:80px;text-align:right;" ><span>' . $pagepubdate . '</span></td>'; $menu .= '<td class="secondarylink" >'; $menu .= '<a title="' . i18n_r('VIEWPAGE_TITLE') . ': ' . var_out($pagetitle) . '" target="_blank" href="' . find_url($page['url'], $page['parent']) . '">#</a>'; $menu .= '</td>'; // add delete buttons, exclude index page if ($page['url'] != 'index') { $menu .= '<td class="delete" ><a class="delconfirm" href="deletefile.php?id=' . $page['url'] . '&nonce=' . get_nonce("delete", "deletefile.php") . '" title="' . i18n_r('DELETEPAGE_TITLE') . ': ' . cl($page['title']) . '" >×</a></td>'; } else { $menu .= '<td class="delete" ></td>'; } // add indexcolumn and tagcolumn for filtering $menu .= '<td class="indexColumn hidden">' . strip_tags(lowercase($pagetitle . $pageindex . $pagemenustatus . $pageprivate . $pagedraft)) . '</div></td>'; // keywords used for filtering $menu .= '<td class="tagColumn hidden">' . str_replace(',', ' ', $page['meta']) . '</div></td>'; // keywords used for filtering $menu .= '</tr>'; return $menu; }
/** * Redirect URL * * @since 3.0 * @author schlex * * @param string $url * @param bool ajax force redirects if ajax */ function redirect($url, $ajax = false) { global $i18n; $url = var_out($url, 'url'); // filter url here since it can come from alot of places, specifically redirectto user input // handle expired sessions for ajax requests if (requestIsAjax()) { if (!cookie_check()) { header('HTTP/1.1 401 Unauthorized'); header('WWW-Authenticate: FormBased'); // @note this is not a security function for ajax, just a session timeout handler die; } else { if ($ajax) { header('HTTP/1.1 302 Redirect'); echo $url; // header('Location: '.$url); // @note this is not a security function for ajax, just a session timeout handler die; } } } if (function_exists('exec_action')) { exec_action('redirect'); } // @hook redirect a redirect is occuring $debugredirect = getDef('GSDEBUGREDIRECTS', true); if (!headers_sent($filename, $linenum) && !$debugredirect) { header('Location: ' . $url); } else { // @todo not sure this ever gets used or headers_sent is reliable ( turn output buffering off to test ) echo "<html><head><title>" . i18n_r('REDIRECT') . "</title></head><body>"; if (!isDebug()) { echo '<script type="text/javascript">'; echo 'window.location.href="' . $url . '";'; echo '</script>'; echo '<noscript>'; echo '<meta http-equiv="refresh" content="0;url=' . $url . '" />'; echo '</noscript>'; } if (headers_sent()) { echo i18n_r('ERROR') . ": Headers already sent in " . $filename . " on line " . $linenum . "<br/><br/>\n\n"; } printf(i18n_r('REDIRECT_MSG'), $url); if (!isAuthPage()) { if (isDebug()) { debugLog(debug_backtrace()); outputDebugLog(); } } echo "</body></html>"; } exit; }
redirect("archive.php?upd=del-" . $status . "&id=" . $zip); die; } // Delete upload file if (isset($_GET['file']) && getDef('GSALLOWUPLOADDELETE', true)) { $path = isset($_GET['path']) ? $_GET['path'] : ""; $file = $_GET['file']; $status = delete_upload($file, $path) ? 'success' : 'error'; exec_action('upload-delete'); // @hook upload-delete deleting uploads file redirect("upload.php?upd=del-" . $status . "&id=" . $file . "&path=" . $path); die; } // Delete upload folders if (isset($_GET['folder']) && getDef('GSALLOWUPLOADDELETE', true)) { $path = isset($_GET['path']) ? $_GET['path'] : ""; $folder = $_GET['folder']; $status = delete_upload_dir($path . $folder) ? 'success' : 'error'; exec_action('upload-folder-delete'); // @hook upload-folder-delete deleting uploads folder redirect("upload.php?upd=del-" . $status . "&id=" . $folder . "&path=" . $path); die; } // Delete a log file if (isset($_GET['log'])) { $log = $_GET['log']; delete_logfile($log); exec_action('logfile-delete'); //@hook logfile-delete deleting log file redirect('log.php?success=' . urlencode('Log ' . var_out($log_name) . i18n_r('MSG_HAS_BEEN_CLR'))); }