/**
*
* @access public
* @return
**/
public static function getWidgets()
{
global $parser;
$_chw_data = array();
$widgets = self::findWidgets();
$widget_name = NULL;
$addonh = CAT_Helper_Addons::getInstance();
$base = CAT_Helper_Directory::sanitizePath(CAT_PATH . '/modules');
foreach ($widgets as $widget) {
$path = pathinfo(CAT_Helper_Directory::sanitizePath($widget), PATHINFO_DIRNAME);
$info = $content = NULL;
// check if path is deeper than CAT_PATH/modules/<module>
if (count(explode('/', str_ireplace($base . '/', '', $path))) > 1) {
$temp = explode('/', str_ireplace($base . '/', '', $path));
$path = $base . '/' . $temp[0];
}
if (file_exists($path . '/info.php')) {
$info = $addonh->checkInfo($path);
}
if (file_exists($path . '/languages/' . LANGUAGE . '.php')) {
$addonh->lang()->addFile(LANGUAGE . '.php', $path . '/languages/');
}
ob_start();
$widget_name = NULL;
include $widget;
$content = ob_get_contents();
ob_clean();
$_chw_data[$widget] = array_merge(is_array($info) ? $info : array(), array('content' => $content));
if ($widget_name) {
$_chw_data[$widget]['module_name'] .= ' - ' . $widget_name;
}
}
return $_chw_data;
}
function Dwoo_Plugin_makeThumb(Dwoo $dwoo, $file = '', $prefix = '', $height = 300, $width = 200, $method = 'fit', $overwrite = false)
{
if ($file == '') {
return false;
}
// check if the file contains the Path to the image
$file = str_replace(CAT_URL, CAT_PATH, $file);
$file = strpos($file, CAT_PATH) === false ? CAT_PATH . $file : $file;
// Set some values
$temp_path = CAT_PATH . '/temp/' . MEDIA_DIRECTORY . '/';
$temp_url = CAT_URL . '/temp/' . MEDIA_DIRECTORY . '/';
$info = pathinfo($file);
$new_path = CAT_Helper_Directory::sanitizePath($temp_path . $prefix . $info['filename'] . '_' . $width . '_' . $height . '.' . $info['extension']);
$new_url = str_replace(CAT_PATH, CAT_URL, $new_path);
// Create temp directory, if the folder doesn't exist
if (!file_exists($temp_path)) {
CAT_Helper_Directory::createDirectory($temp_path, NULL, true);
}
// Create the file, if the file does not exist or overwrite is set to true
if (!file_exists($new_path) || $overwrite == true) {
CAT_Helper_Image::getInstance()->make_thumb($file, $new_path, $height, $width, $method);
}
return $new_url;
// end make_thumb()
}
/**
* execute registered filters
*
* @param reference $content
* @return void
**/
function executeFilters(&$content)
{
// get active filters
$res = CAT_Helper_Page::getInstance()->db()->query('SELECT * FROM `:prefix:mod_filter` WHERE filter_active=:active', array('active' => 'Y'));
if (is_object($res) && $res->numRows()) {
$filter = array();
while (false !== ($row = $res->fetch())) {
$filter[] = $row;
}
foreach ($filter as $f) {
if ($f['filter_code'] == '' && $f['module_name'] != '') {
$inc_file = CAT_Helper_Directory::sanitizePath(CAT_PATH . '/modules/' . $f['module_name'] . '/filter/' . $f['filter_name'] . '.php');
if (file_exists($inc_file)) {
include_once $inc_file;
$f['filter_name']($content);
}
}
}
}
// if we have some JS registered...
global $_bc_filter_js;
if (count($_bc_filter_js)) {
$js = array();
$dom = new DOMDocument();
libxml_use_internal_errors(true);
@$dom->loadHTML($content);
$h = $dom->getElementsByTagName('head')->item(0);
if ($h) {
foreach ($_bc_filter_js as $file) {
$element = $dom->createElement('script');
// Creating an empty text node forces <script></script>
$element->appendChild($dom->createTextNode(''));
$element->setAttribute('type', 'text/javascript');
$element->setAttribute('src', $file);
$h->appendChild($element);
}
$content = $dom->saveHTML();
}
}
// onload events
global $_bc_filter_onload;
if (count($_bc_filter_onload)) {
$attach = NULL;
$listener = NULL;
foreach ($_bc_filter_onload as $item) {
$attach .= " window.attachEvent('onload','{$item}');\n";
$listener .= " window.addEventListener('DOMContentLoaded',{$item},false);\n";
}
$h = $dom->getElementsByTagName('body')->item(0);
$element = $dom->createElement('script');
$element->appendChild($dom->createTextNode("\nif(window.attachEvent) {\n" . $attach . "\n} else {\n" . $listener . "\n}\n"));
$element->setAttribute('type', 'text/javascript');
$h->appendChild($element);
$content = $dom->saveHTML();
}
}
/**
* exception handler; allows to remove paths from error messages and show
* optional stack trace
**/
public static function exceptionHandler($exception)
{
$exc_class = get_class($exception);
try {
$logger = CAT_Helper_KLogger::instance(CAT_PATH . '/temp/logs', 2);
$logger->logFatal(sprintf('Exception with message [%s] emitted in [%s] line [%s]', $exception->getMessage(), $exception->getFile(), $exception->getLine()));
} catch (Exception $e) {
}
if (isset($exc_class::$exc_trace) && $exc_class::$exc_trace === true) {
$traceline = "#%s %s(%s): %s(%s)";
$msg = "Uncaught exception '%s' with message '%s'<br />" . "<div style=\"font-size:smaller;width:80%%;margin:5px auto;text-align:left;\">" . "in %s:%s<br />Stack trace:<br />%s<br />" . "thrown in %s on line %s</div>";
$trace = $exception->getTrace();
foreach ($trace as $key => $stackPoint) {
$trace[$key]['args'] = array_map('gettype', $trace[$key]['args']);
}
// build tracelines
$result = array();
foreach ($trace as $key => $stackPoint) {
$result[] = sprintf($traceline, $key, isset($stackPoint['file']) ? $stackPoint['file'] : '-', isset($stackPoint['line']) ? $stackPoint['line'] : '-', $stackPoint['function'], implode(', ', $stackPoint['args']));
}
// trace always ends with {main}
$result[] = '#' . ++$key . ' {main}';
// write tracelines into main template
$msg = sprintf($msg, get_class($exception), $exception->getMessage(), $exception->getFile(), $exception->getLine(), implode("<br />", $result), $exception->getFile(), $exception->getLine());
} else {
// filter message
$message = $exception->getMessage();
$message = str_replace(array(CAT_Helper_Directory::sanitizePath(CAT_PATH), str_replace('/', '\\', CAT_Helper_Directory::sanitizePath(CAT_PATH))), array('[path to]', '[path to]'), $message);
$msg = "[{$exc_class}] {$message}";
}
// log
$logger->logFatal($msg);
// show detailed error information to admin only
if (CAT_Users::is_authenticated() && CAT_Users::is_root()) {
CAT_Object::printFatalError($msg);
} else {
CAT_Object::printFatalError("An internal error occured. We're sorry for inconvenience.");
}
}
/**
* this method may be called by modules to handle a droplet upload
**/
function droplets_upload($input)
{
// Set temp vars
$temp_dir = CAT_Helper_Directory::sanitizePath(CAT_PATH . '/temp/');
$temp_file = CAT_Helper_Directory::sanitizePath($temp_dir . $_FILES[$input]['name']);
$temp_unzip = CAT_Helper_Directory::sanitizePath(CAT_PATH . '/temp/unzip/');
$errors = array();
// Try to upload the file to the temp dir
if (!move_uploaded_file($_FILES[$input]['tmp_name'], $temp_file)) {
return array('error', CAT_Helper_Directory::getInstance()->lang()->translate('Upload failed'));
}
$result = droplets_import($temp_file, $temp_unzip);
// Delete the temp zip file
if (file_exists($temp_file)) {
unlink($temp_file);
}
CAT_Helper_Directory::removeDirectory($temp_unzip);
// show errors
if (isset($result['errors']) && is_array($result['errors']) && count($result['errors']) > 0) {
return array('error', $result['errors'], NULL);
}
// return success
return array('success', $result['count']);
}
function mod_file_exists($mod_dir, $mod_file = 'frontend.css')
{
return file_exists(CAT_Helper_Directory::sanitizePath(CAT_PATH . '/modules/' . $mod_dir . '/' . $mod_file));
}
continue;
}
$errors[$key] = $backend->lang()->translate('Please fill out the field: {{ name }}', array('name' => $backend->lang()->translate($key)));
} else {
$data[$key] = $val->sanitizePost('filter_' . $key);
}
}
if (isset($errors['file']) && !isset($errors['code'])) {
unset($errors['file']);
}
if (!count($errors)) {
if (isset($_FILES['filter_file']) && isset($_FILES['filter_file']['error']) && $_FILES['filter_file']['error'] != 4) {
$file = CAT_Helper_Upload::getInstance($_FILES['filter_file']);
$file->no_script = false;
$file->allowed = array('application/octet-stream');
$file->process(CAT_Helper_Directory::sanitizePath(CAT_PATH . '/modules/blackcatFilter/filter/'));
if (!$file->processed) {
$upload_error = $file->error;
} else {
$data['name'] = $file->file_dst_name_body;
}
// filter must have the same name as the file
// the file will be renamed by the upload helper if it already
// exists, so we use the destination name here
}
}
if (count($errors) || $upload_error) {
$showit = true;
} else {
$backend->db()->query("INSERT INTO `:prefix:mod_filter` VALUES ( :name, :module, :desc, :code, :active )", array('name' => $data['name'], 'module' => $data['module_name'], 'desc' => $data['description'], 'code' => $data['code'], 'active' => $data['active']));
if ($backend->db()->isError()) {
//=====================
// ! Move (rename) page
//=====================
if ($options['link'] !== $old_link) {
// if a directory exists, rename it; if this fails, we need to recover
// the changes!
if (is_dir(CAT_PATH . PAGES_DIRECTORY . $old_link)) {
if (!CAT_Helper_Directory::moveDirectory(CAT_PATH . PAGES_DIRECTORY . $old_link, CAT_PATH . PAGES_DIRECTORY . $options['link'], true)) {
CAT_Helper_Page::updatePage($page_id, $page);
$ajax = array('message' => 'Unable to move the directory', 'success' => false);
print json_encode($ajax);
exit;
}
}
// delete old file
$old_filename = CAT_Helper_Directory::sanitizePath(CAT_PATH . PAGES_DIRECTORY . $old_link . PAGE_EXTENSION);
if (file_exists($old_filename)) {
unlink($old_filename);
}
// create new access file
$result = CAT_Helper_Page::createAccessFile($options['link'], $page_id, $options['level']);
// Update child pages
$old_link_len = strlen($old_link);
$query_subs = $database->query(sprintf("SELECT `page_id`, `parent`, `link`, `level` FROM `%spages` WHERE `page_trail` LIKE '%s,%%' ORDER BY LEVEL ASC", CAT_TABLE_PREFIX, $options['page_trail']));
if (is_object($query_subs) && $query_subs->numRows() > 0) {
while ($sub = $query_subs->fetchRow(MYSQL_ASSOC)) {
// Double-check to see if it contains old link
if (substr($sub['link'], 0, $old_link_len) == $old_link) {
// Get new link
$replace_this = $old_link;
$old_sub_link_len = strlen($sub['link']);
$addons = CAT_Helper_Addons::getInstance();
// Get name and type of add on
$type = $val->sanitizePost('type', NULL, true);
$addon_name = $val->sanitizePost('file');
$file = $type == 'language' ? $addon_name . '.php' : $addon_name;
// Check if user selected a module
if (trim($file) == '' || trim($type) == '') {
header("Location: index.php");
exit(0);
}
$js_back = CAT_ADMIN_URL . '/addons/index.php';
// Check if the module exists
if (!$addons->isModuleInstalled($addon_name, NULL, preg_replace('~s$~', '', $type))) {
$backend->print_error('Not installed', $js_back, false);
}
$path = CAT_Helper_Directory::sanitizePath(CAT_PATH . '/' . $type . 's/' . $file);
if (!file_exists($path)) {
$backend->print_error('Not installed', $js_back, false);
}
// Check if we have permissions on the directory
if (!is_writable($path)) {
$backend->print_error('Unable to write to the target directory', $js_back);
}
$result = CAT_Helper_Addons::uninstallModule($type . 's', $addon_name);
if ($result !== true) {
$backend->print_error($result, $js_back, false);
} else {
$backend->print_success('Uninstalled successfully');
}
// Print admin footer
$backend->print_footer();
/**
*
*
*
*
**/
public function addFile($file, $path = NULL, $var = NULL)
{
$this->log()->logDebug('FILE [' . $file . '] PATH [' . $path . '] VAR [' . $var . ']');
$check_var = 'LANG';
if (isset($var)) {
$var = str_ireplace('$', '', $var);
eval('global $' . $var . ';');
eval("\$lang_var = & \${$var};");
$check_var = $var;
}
if (!empty($path)) {
array_unshift(self::$search_paths, $path);
self::$search_paths = array_unique(self::$search_paths);
}
foreach (self::$search_paths as $path) {
$file = CAT_Helper_Directory::sanitizePath($path . '/' . $file);
if (file_exists($file) && !$this->isLoaded($file)) {
$this->log()->logDebug('found language file: ', $file);
$this->checkFile($file, $check_var);
}
}
if (!$this->isLoaded($file)) {
$this->log()->logDebug('language file does not exist: ', $file);
return false;
}
return true;
}
/**
* Returns the URL of the first image found in a WYSIWYG section
*
* @param INT $page_id
* @return STR URL oder BOOL FALSE
*/
public static function getFirstImageFromContent($page_id, $exec_droplets = true)
{
$self = self::getInstance();
$img = array();
$__CAT_Helper_Droplets_content = '';
$section = CAT_Sections::getSectionsByType($page_id);
if (count($section)) {
$SQL = "SELECT `content` FROM `:prefix:mod_wysiwyg` WHERE `section_id`=:id";
$params = array('id' => $section[0]['section_id']);
$result = $self->db()->query($SQL, $params)->fetchColumn();
if ($self->db()->isError()) {
return false;
}
if (is_string($result)) {
$__CAT_Helper_Droplets_content = self::unsanitizeText($result);
}
}
if (!empty($__CAT_Helper_Droplets_content)) {
// scan content for images
if ($exec_droplets && file_exists(CAT_Helper_Directory::sanitizePath(CAT_PATH . '/modules/droplets/droplets.php'))) {
// we must process the droplets to get the real output content
$_SESSION['DROPLET_EXECUTED_BY_DROPLETS_EXTENSION'] = true;
ob_start();
include_once CAT_Helper_Directory::sanitizePath(CAT_PATH . '/modules/droplets/droplets.php');
if (function_exists('evalDroplets')) {
try {
$__CAT_Helper_Droplets_content = evalDroplets($__CAT_Helper_Droplets_content);
} catch (Exception $e) {
trigger_error(sprintf('[%s - %s] %s', __FUNCTION__, __LINE__, $e->getMessage()), E_USER_ERROR);
}
}
ob_end_clean();
unset($_SESSION['DROPLET_EXECUTED_BY_DROPLETS_EXTENSION']);
}
if (preg_match('/<img[^>]*>/', $__CAT_Helper_Droplets_content, $matches)) {
preg_match_all('/([a-zA-Z]*[a-zA-Z])\\s{0,3}[=]\\s{0,3}("[^"\\r\\n]*)"/', $matches[0], $attr);
foreach ($attr as $attributes) {
foreach ($attributes as $attribut) {
if (strpos($attribut, "=") !== false) {
list($key, $value) = explode("=", $attribut);
$value = trim($value);
$value = substr($value, 1, strlen($value) - 2);
$img[strtolower(trim($key))] = trim($value);
}
}
}
}
}
if (isset($img['src'])) {
$image = $img['src'];
if (strpos($image, '..') !== false) {
$image = substr($image, strpos($image, MEDIA_DIRECTORY . '/'));
$image = CAT_URL . $image;
}
return $image;
} else {
return false;
}
}
/**
*
* @access public
* @return
**/
public static function getEditModuleFilesButton($mod_dir, $print = false)
{
global $page_id, $section_id;
$self = self::getInstance();
if (!$self->checkModulePermissions($mod_dir)) {
return;
}
$content = '';
$path = CAT_Helper_Directory::sanitizePath(CAT_PATH . '/modules/' . $mod_dir);
// find JS files
$js = CAT_Helper_Directory::getInstance()->maxRecursionDepth(5)->setSuffixFilter(array('js'))->scanDirectory($path, true, true, $path);
// find CSS files
$css = CAT_Helper_Directory::getInstance()->maxRecursionDepth(5)->setSuffixFilter(array('css'))->scanDirectory($path, true, true, $path);
if (count($js) || count($css)) {
$content = '
<form style="float:right" method="post" action="' . CAT_URL . '/backend/addons/edit_module_files.php" name="edit_module_file">
<input type="hidden" value="' . $page_id . '" name="page_id">
<input type="hidden" value="' . $section_id . '" name="section_id">
<input type="hidden" value="' . $mod_dir . '" name="mod_dir">
<input type="submit" value="' . $self->lang()->translate('Edit module file(s)') . '">
</form>';
}
if ($print) {
echo $content;
} else {
return $content;
}
}
while ($level < 10 && !file_exists($root . '/framework/class.secure.php')) {
$root .= "../";
$level += 1;
}
if (file_exists($root . '/framework/class.secure.php')) {
include $root . '/framework/class.secure.php';
} else {
trigger_error(sprintf("[ <b>%s</b> ] Can't include class.secure.php!", $_SERVER['SCRIPT_NAME']), E_USER_ERROR);
}
}
//
// include snippets
//
$snippets = CAT_Helper_Addons::get_addons(0, 'module', 'snippet');
foreach ($snippets as $s) {
$file = CAT_Helper_Directory::sanitizePath(CAT_PATH . '/modules/' . $s['VALUE'] . '/include.php');
if (file_exists($file)) {
include $file;
}
}
/* 'one liners' */
function get_page_link($page_id)
{
return CAT_Helper_Page::properties($page_id, 'link');
}
function language_menu()
{
global $page_id;
return CAT_Page::getInstance($page_id)->getLanguageMenu();
}
function page_content($block = 1)
* @license http://www.gnu.org/licenses/gpl.html
* @category CAT_Modules
* @package lib_search
*
*/
if (defined('CAT_PATH')) {
include CAT_PATH . '/framework/class.secure.php';
} else {
$root = "../";
$level = 1;
while ($level < 10 && !file_exists($root . '/framework/class.secure.php')) {
$root .= "../";
$level += 1;
}
if (file_exists($root . '/framework/class.secure.php')) {
include $root . '/framework/class.secure.php';
} else {
trigger_error(sprintf("[ <b>%s</b> ] Can't include class.secure.php!", $_SERVER['SCRIPT_NAME']), E_USER_ERROR);
}
}
// import droplets
$inst_dir = CAT_Helper_Directory::sanitizePath(dirname(__FILE__) . '/install');
$temp_unzip = CAT_Helper_Directory::sanitizePath(CAT_PATH . '/temp/unzip/');
$dirh = CAT_Helper_Directory::getInstance();
$files = $dirh->getFiles($inst_dir);
if (is_array($files) && count($files)) {
foreach ($files as $file) {
// ignore the result here
CAT_Helper_Droplet::installDroplet($file, $temp_unzip);
}
}
/**
* edit a droplet's datafile
**/
function edit_datafile($id)
{
global $parser, $val, $backend;
$info = $problem = NULL;
$groups = CAT_Users::get_groups_id();
if (!CAT_Helper_Droplet::is_allowed('modify_droplets', $groups)) {
$backend->print_error($backend->lang()->translate("You don't have the permission to do this"));
}
if ($val->get('_REQUEST', 'cancel')) {
return list_droplets();
}
$query = $backend->db()->query("SELECT name FROM " . CAT_TABLE_PREFIX . "mod_droplets WHERE id = '{$id}'");
$data = $query->fetch();
// find the file
if (file_exists(dirname(__FILE__) . '/data/' . $data['name'] . '.txt')) {
$file = CAT_Helper_Directory::getInstance()->sanitizePath(dirname(__FILE__) . '/data/' . $data['name'] . '.txt');
} elseif (file_exists(dirname(__FILE__) . '/data/' . strtolower($data['name']) . '.txt')) {
$file = CAT_Helper_Directory::getInstance()->sanitizePath(dirname(__FILE__) . '/data/' . strtolower($data['name']) . '.txt');
} elseif (file_exists(dirname(__FILE__) . '/data/' . strtoupper($data['name']) . '.txt')) {
$file = CAT_Helper_Directory::getInstance()->sanitizePath(dirname(__FILE__) . '/data/' . strtoupper($data['name']) . '.txt');
}
// slurp file
$contents = implode('', file($file));
if (isset($_POST['save']) || isset($_POST['save_and_back'])) {
$new_contents = htmlentities($_POST['contents']);
// create backup copy
copy($file, $file . '.bak');
$fh = fopen($file, 'w');
if (is_resource($fh)) {
fwrite($fh, $new_contents);
fclose($fh);
$info = $backend->lang()->translate('The datafile has been saved');
if (isset($_POST['save_and_back'])) {
return list_droplets($info);
}
} else {
$problem = $backend->lang()->translate('Unable to write to file [{{file}}]', array('file' => str_ireplace(CAT_Helper_Directory::sanitizePath(CAT_PATH), 'CAT_PATH', $file)));
}
}
$parser->output('edit_datafile.tpl', array('info' => $info, 'problem' => $problem, 'name' => $data['name'], 'id' => $id, 'contents' => htmlspecialchars($contents)));
}
}
$widget_name = CAT_Object::lang()->translate('Logfiles');
$current = strftime('%Y-%m-%d');
$logs = array();
$list = array();
$files = CAT_Helper_Directory::getInstance()->maxRecursionDepth(2)->setSuffixFilter(array('txt'))->setSkipDirs(array('cache', 'compiled'))->setSkipFiles(array('index.php'))->findFiles('log_\\d{4}-\\d{2}-\\d{2}\\.txt', CAT_PATH . '/temp');
if (count($files)) {
foreach ($files as $f) {
if (filesize($f) !== 0) {
$list[] = array('file' => $f, 'size' => filesize($f));
}
}
}
if (count($list)) {
foreach (array_values($list) as $f) {
$file = str_ireplace(CAT_Helper_Directory::sanitizePath(CAT_PATH . '/temp/'), '', CAT_Helper_Directory::sanitizePath($f['file']));
if (substr($file, 0, 1) == "/") {
$file = substr_replace($file, '', 0, 1);
}
if (pathinfo($f['file'], PATHINFO_BASENAME) == 'log_' . $current . '.txt') {
$removable = false;
} else {
$removable = true;
}
$logs[] = array('file' => $file, 'size' => CAT_Helper_Directory::byte_convert($f['size']), 'removable' => $removable, 'date' => str_ireplace(array('log_', 'logs/', '.txt'), '', $file));
}
} else {
echo CAT_Helper_Directory::getInstance()->lang()->translate('No logfiles (or all empty)');
}
global $parser;
$parser->setPath(dirname(__FILE__) . '/../templates/default');
public static function checkToken($token)
{
if (!TOKEN_LIFETIME) {
return true;
}
// for backward compatibility with WB...
if (is_string($token) && strtolower($token) == 'post' || $token === true) {
return true;
}
// We return true here, just to keep WB modules happy.
// The CSRF protection will be added automatically to the Backend,
// so there's no need to do it this way.
$path = CAT_Helper_Directory::sanitizePath(CAT_PATH . '/modules/lib_csrfmagic/csrf-magic.php');
if (file_exists($path)) {
if (!function_exists('csrf_check_token')) {
include_once $path;
}
return csrf_check_token($token);
} else {
// no token without csrf-magic!
return true;
}
}
$tpl_data['blocks'][$bcnt]['date_day_to'] = $section['publ_start'] > 0 ? date('d', $section['publ_end']) : '';
$tpl_data['blocks'][$bcnt]['date_month_to'] = $section['publ_start'] > 0 ? date('m', $section['publ_end']) : '';
$tpl_data['blocks'][$bcnt]['date_year_to'] = $section['publ_start'] > 0 ? date('Y', $section['publ_end']) : '';
$tpl_data['blocks'][$bcnt]['date_hour_to'] = $section['publ_start'] > 0 ? date('H', $section['publ_end']) : '';
$tpl_data['blocks'][$bcnt]['date_minute_to'] = $section['publ_start'] > 0 ? date('i', $section['publ_end']) : '';
$tpl_data['blocks'][$bcnt]['modified_when'] = $section['modified_when'] ? CAT_Helper_DateTime::getDateTime($section['modified_when']) : '';
$tpl_data['blocks'][$bcnt]['modified_by'] = $section['modified_by'] ? (CAT_Users::get_user_details($section['modified_by'], 'display_name') ? CAT_Users::get_user_details($section['modified_by'], 'display_name') : '') . ' (' . CAT_Users::get_user_details($section['modified_by'], 'username') . ')' : '';
// load language file (if any)
$langfile = CAT_Helper_Directory::sanitizePath(CAT_PATH . '/modules/' . $module . '/languages/' . LANGUAGE . '.php');
if (file_exists($langfile)) {
if (!$backend->lang()->checkFile($langfile, 'LANG', true)) {
// old fashioned language file
include $langfile;
} else {
// modern language file
$backend->lang()->addFile(LANGUAGE . '.php', CAT_Helper_Directory::sanitizePath(CAT_PATH . '/modules/' . $module . '/languages'));
}
}
// ======================================================
// ! Include the module and add it to the output buffer
// ======================================================
ob_start();
require CAT_PATH . '/modules/' . $module . '/modify.php';
$tpl_data['blocks'][$bcnt]['content'] = ob_get_contents();
//ob_end_clean();
ob_clean();
// allow multiple buffering for csrf-magic
$bcnt++;
}
}
}
* You should have received a copy of the GNU General Public License
* along with this program; if not, see <http://www.gnu.org/licenses/>.
*
* @author Black Cat Development
* @copyright 2015, Black Cat Development
* @link http://blackcat-cms.org
* @license http://www.gnu.org/licenses/gpl.html
* @category CAT_Core
* @package seotool
*
*/
if (defined('CAT_PATH')) {
include CAT_PATH . '/framework/class.secure.php';
} else {
$root = "../";
$level = 1;
while ($level < 10 && !file_exists($root . '/framework/class.secure.php')) {
$root .= "../";
$level += 1;
}
if (file_exists($root . '/framework/class.secure.php')) {
include $root . '/framework/class.secure.php';
} else {
trigger_error(sprintf("[ <b>%s</b> ] Can't include class.secure.php!", $_SERVER['SCRIPT_NAME']), E_USER_ERROR);
}
}
$init = CAT_Helper_Directory::sanitizePath(CAT_PATH . '/templates/' . CAT_Registry::get('DEFAULT_THEME') . '/forms.init.php');
if (file_exists($init)) {
require $init;
}
$FORMS = array('seo' => array(array('type' => 'legend', 'label' => 'Basic settings'), array('type' => 'hidden', 'name' => 'page_id', 'id' => 'page_id_hidden', 'value' => 0), array('type' => 'text', 'name' => 'page_title', 'label' => 'Page title', 'title' => 'Used for the title attribute. The title should be a nice "human readable" text with about 30 up to 55 characters.', 'class' => 'fc_input_300 important'), array('type' => 'textarea', 'name' => 'description', 'label' => 'Description', 'title' => 'Used for the description META attribute. The description should be a nice "human readable" text with 70 up to 156 characters.', 'class' => 'fc_input_300 important'), array('type' => 'textarea', 'name' => 'keywords', 'label' => 'Keywords', 'title' => 'Used for the keywords META attribute. You should use about 3 (up to 5-6) keywords that occur as often as possible in your page contents.', 'class' => 'fc_input_300'), array('type' => 'text', 'label' => 'Canonical URL', 'name' => 'canonical', 'class' => 'fc_input_300', 'title' => 'A canonical link element is an HTML element that helps to prevent duplicate content issues by specifying the "canonical" or "preferred" version of a web page.'), array('type' => 'text', 'label' => '301 Redirect', 'name' => 'redirect', 'class' => 'fc_input_300'), array('type' => 'submit', 'name' => 'submit1', 'label' => 'Save'), array('type' => 'legend', 'label' => 'Sitemap settings'), array('type' => 'select', 'label' => 'Include in Sitemap', 'name' => 'sitemap_include', 'options' => array('auto' => 'Automatic detection', 'always' => 'Always include', 'never' => 'Never include'), 'selected' => 'auto', 'class' => 'fbleave'), array('type' => 'select', 'label' => 'Sitemap priority', 'name' => 'sitemap_priority', 'options' => array(1 => '1 - Highest priority', '0.9' => '0.9', '0.8' => '0.8', '0.7' => '0.7', '0.6' => '0.6', '0.5' => '0.5 - Default priority', '0.4' => '0.4', '0.3' => '0.3', '0.2' => '0.2', '0.1' => '0.1 - Lowest priority'), 'selected' => '0.5', 'class' => 'fbleave fc_input_300', 'title' => 'The priority of this URL relative to other URLs on your site. This value does not affect how your pages are compared to pages on other sites—it only lets the search engines know which pages you deem most important for the crawlers.'), array('type' => 'select', 'label' => 'Update frequency', 'name' => 'sitemap_update_freq', 'options' => array('always', 'hourly', 'daily', 'weekly', 'monthly', 'yearly', 'never'), 'selected' => 'weekly', 'class' => 'fbleave'), array('type' => 'checkbox', 'name' => 'update_sitemap', 'label' => 'Update sitemap.xml on save', 'title' => 'If checked, the sitemap.xml will be re-generated after save.'), array('type' => 'submit', 'name' => 'submit2', 'label' => 'Save'), array('type' => 'legend', 'label' => 'Robots settings'), array('type' => 'checkboxgroup', 'name' => 'robots[]', 'label' => 'META Robots', 'title' => 'Allows to set the META attributes "noindex" and "nofollow"', 'options' => array(array('value' => 'noindex', 'label' => 'no index', 'title' => 'set to "on" to set "noindex" attribute'), array('value' => 'nofollow', 'label' => 'no follow', 'title' => 'set to "on" to set "nofollow" attribute'), array('value' => 'noodp', 'label' => 'NO ODP', 'title' => 'Sometimes, if you are listed in DMOZ (ODP), the search engines will display snippets of text about your site taken from them instead of your description meta tag. You can force the search engine to ignore the ODP information by setting this to on.'), array('value' => 'noydir', 'label' => 'NO YDIR', 'title' => 'Same als ODP but information is taken from Yahoo! directory.'), array('value' => 'noarchive', 'label' => 'No Archive', 'title' => 'Prevents the search engines from showing a cached copy of this page.'), array('value' => 'nocache', 'label' => 'No Cache', 'title' => 'Same as noarchive, but only used by MSN/Live.'), array('value' => 'nosnippet', 'label' => 'No Snippet', 'title' => 'Prevents the search engines from showing a snippet of this page in the search results and prevents them from caching the page.'), array('value' => 'notranslate', 'label' => 'No translate', 'title' => 'No translation of this page in search results'), array('value' => 'noimageindex', 'label' => 'No image index', 'title' => 'Do not add images to index')), 'radio_class' => 'fc_checkbox_jq'), array('type' => 'submit', 'name' => 'submit3', 'label' => 'Save')));
/**
* replaces CAT_PATH with CAT_URL in given $url
* if CAT_URL is stored without a scheme (relative URI), the current
* scheme will be added before replacement
*
* @access public
* @param string $url
* @return string
**/
public static function uri2path($url)
{
return str_ireplace(self::sanitize_url(self::getURI(CAT_URL)), CAT_Helper_Directory::sanitizePath(CAT_PATH), self::sanitize_url($url));
}
include CAT_PATH . '/modules/lib_zendlite/library.php';
$client = new Zend\Http\Client($current['source'], array('timeout' => $current['timeout'], 'adapter' => 'Zend\\Http\\Client\\Adapter\\Proxy', 'proxy_host' => $current['proxy_host'], 'proxy_port' => $current['proxy_port']));
$client->setHeaders(array('Pragma' => 'no-cache', 'Cache-Control' => 'no-cache'));
try {
$response = $client->send();
if ($response->getStatusCode() != '200') {
$error = "Unable to load source " . "(using Proxy: " . (isset($current['proxy_host']) && $current['proxy_host'] != '' ? 'yes' : 'no') . ")<br />" . "Status: " . $response->getStatus() . " - " . $response->getMessage() . ($debug ? "<br />" . var_dump($client->getLastRequest()) : NULL) . "<br />";
$version = 'unknown';
} else {
$version = $response->getBody();
}
} catch (Exception $e) {
$error = "Unable to load source " . "(using Proxy: " . (isset($current['proxy_host']) && $current['proxy_host'] != '' ? 'yes' : 'no') . ")<br />" . $e->getMessage() . "<br />";
$version = 'unknown';
}
if ($version && $version != 'unknown') {
if (CAT_Helper_Addons::getInstance()->versionCompare($version, CAT_VERSION, '>')) {
$newer = true;
}
}
$fh = @fopen(CAT_Helper_Directory::sanitizePath(dirname(__FILE__) . '/../data/.last'), 'w');
if (is_resource($fh)) {
fputs($fh, time() . '|' . $version);
fclose($fh);
}
} else {
$version = isset($last_version) && $last_version != '' ? $last_version : $version;
}
global $parser;
$parser->setPath(dirname(__FILE__) . '/../templates/default');
$parser->output('widget.tpl', array('error' => $error, 'version' => $version, 'newer' => $newer, 'last' => CAT_Helper_DateTime::getInstance()->getDate($last) . ' ' . CAT_Helper_DateTime::getInstance()->getTime($last), 'CAT_VERSION' => CAT_VERSION, 'uri' => $_SERVER['SCRIPT_NAME'], 'missing_mailer_libs' => count(CAT_Helper_Addons::getLibraries('mail')), 'missing_wysiwyg' => count(CAT_Helper_Addons::get_addons(NULL, 'module', 'wysiwyg'))));
// old fashioned language file
require $langfile;
} else {
// modern language file
$backend->lang()->addFile(LANGUAGE . '.php', CAT_Helper_Directory::sanitizePath(CAT_PATH . '/modules/' . $tool['directory'] . '/languages'));
}
}
// Cache the tool and add it to dwoo
if (!CAT_Helper_Validate::sanitizeGet('ajax')) {
ob_start();
require CAT_Helper_Directory::sanitizePath(CAT_PATH . '/modules/' . $tool['directory'] . '/tool.php');
$tpl_data['TOOL'] = ob_get_contents();
ob_clean();
// allow multiple buffering for csrf-magic
} else {
require CAT_Helper_Directory::sanitizePath(CAT_PATH . '/modules/' . $tool['directory'] . '/tool.php');
return;
}
// Check whether icon is available for the admintool
if (file_exists(CAT_PATH . '/modules/' . $tool['directory'] . '/icon.png')) {
list($width, $height, $type, $attr) = getimagesize(CAT_PATH . '/modules/' . $tool['directory'] . '/icon.png');
// Check whether file is 32*32 pixel and is an PNG-Image
$tpl_data['ICON'] = $width == 32 && $height == 32 && $type == 3 ? CAT_URL . '/modules/' . $tool['directory'] . '/icon.png' : false;
}
} else {
$admin->print_error('Error opening file.');
}
// print page
$parser->output('backend_admintools_tool', $tpl_data);
// Print admin footer
$backend->print_footer();
}
if (preg_match('~(\\d+)(.*)~', $height, $match)) {
$height = $match[1];
$height_unit = $match[2];
}
$skins = $c->getSkins($c->getSkinPath());
$current_skin = $c->getSkin($config);
$settings = $c->getAdditionalSettings();
$plugins = $c->getAdditionalPlugins();
$filemanager = $c->getFilemanager();
$toolbars = $c->getToolbars();
$preview = NULL;
$plugins_checked = array();
$filemanager_checked = array();
$enable_htmlpurifier = isset($config['enable_htmlpurifier']) ? $config['enable_htmlpurifier'] : false;
if (file_exists(CAT_Helper_Directory::sanitizePath(CAT_PATH . '/modules/' . WYSIWYG_EDITOR . '/images/' . $current_skin . '.png'))) {
$preview = '<img src="' . sanitize_url(CAT_URL . '/modules/' . WYSIWYG_EDITOR . '/images/' . $current_skin . '.png') . '" alt="' . $current_skin . '" title="' . $current_skin . '" />';
}
// something to save?
$job = $val->sanitizePost('job');
if ($job && $job == "save") {
$new_width = $new_height = $new_skin = $new_toolbar = $new_plugins = $new_fm = NULL;
// validate width and height
foreach (array('width', 'height') as $key) {
if ($val->sanitizePost($key)) {
if (!is_numeric($val->sanitizePost($key))) {
$errors[$key] = $backend->lang()->translate('Not numeric!');
continue;
}
if ($val->sanitizePost($key . '_unit') && in_array($val->sanitizePost($key . '_unit'), array('em', 'px', '%'))) {
if ($val->sanitizePost($key . '_unit') == '%' && $val->sanitizePost($key) > 100) {
}
$backend = CAT_Backend::getInstance('Addons', 'modules_install');
$user = CAT_Users::getInstance();
$val = CAT_Helper_Validate::getInstance();
$action = $val->sanitizePost('action');
$module = $val->sanitizePost('file');
$type = $val->sanitizePost('type') . 's';
$js_back = CAT_ADMIN_URL . '/addons/index.php';
if (!in_array($action, array('install', 'upgrade'))) {
die(header('Location: ' . CAT_ADMIN_URL . '/' . CAT_BACKEND_PATH . '/addons/index.php'));
}
if ($module == '' || !(strpos($module, '..') === false)) {
die(header('Location: ' . CAT_ADMIN_URL . '/' . CAT_BACKEND_PATH . '/addons/index.php'));
}
// validate
$path = CAT_Helper_Directory::sanitizePath(CAT_PATH . '/' . $type . '/' . $module . ($type == 'languages' ? '.php' : ''));
$info = CAT_Helper_Addons::checkInfo($path);
if (!is_array($info) || !count($info)) {
$backend->print_error($backend->lang()->translate('Unable to {{ action }} {{ type }} {{ module }}!', array('action' => $action, 'type' => substr($type, 0, -1), 'module' => $path)) . ': <tt>"' . htmlentities(basename($path)) . '/' . $action . '.php"</tt> ' . $backend->lang()->translate('does not exist'), $js_back);
}
if ($type != 'languages') {
// this prints an error page if prerequisites are not met
$precheck_errors = CAT_Helper_Addons::preCheckAddon(NULL, $path, false);
if ($precheck_errors != '' && !is_bool($precheck_errors)) {
$backend->print_error($backend->lang()->translate('Invalid installation file. {{error}}', array('error' => $precheck_errors)));
return false;
}
$admin =& $backend;
// Run the modules install // upgrade script if there is one
if (file_exists($path . '/' . $action . '.php')) {
require $path . '/' . $action . '.php';
$tpl_data['addons'] = array();
$tpl_data['not_installed_addons'] = array('modules' => array(), 'templates' => array(), 'languages' => array());
$tpl_data['groups'] = $users->get_groups('', '', false);
$tpl_data['username'] = $users->get_display_name();
// for new addons
global $parser;
foreach ($addons as $addon) {
// check if the user is allowed to see this item
if (!$users->get_permission($addon['directory'], $addon['type'])) {
$seen_dirs[] = $addon['directory'];
continue;
}
// ==================================================
// ! Check whether icon is available for the module
// ==================================================
$icon = CAT_Helper_Directory::sanitizePath(CAT_PATH . '/' . $addon['type'] . 's/' . $addon['directory'] . '/icon.png');
if (file_exists($icon)) {
list($width, $height, $type_of, $attr) = getimagesize($icon);
// Check whether file is 32*32 pixel and is an PNG-Image
$addon['icon'] = $width == 32 && $height == 32 && $type_of == 3 ? CAT_URL . '/' . $addon['type'] . 's/' . $addon['directory'] . '/icon.png' : false;
}
$tpl_data['addons'][$counter] = $addon;
$seen_dirs[] = $addon['directory'];
$counter++;
}
// Insert permissions values
$tpl_data['permissions']['ADVANCED'] = $users->checkPermission('addons', 'admintools') ? true : false;
$tpl_data['permissions']['MODULES_VIEW'] = $users->checkPermission('addons', 'modules_view') ? true : false;
$tpl_data['permissions']['MODULES_INSTALL'] = $users->checkPermission('addons', 'modules_install') ? true : false;
$tpl_data['permissions']['MODULES_UNINSTALL'] = $users->checkPermission('addons', 'modules_uninstall') ? true : false;
// scan modules path for modules not seen yet
* along with this program; if not, see <http://www.gnu.org/licenses/>.
*
* @author Black Cat Development
* @copyright 2013, Black Cat Development
* @link http://www.blackcat-cms.org
* @license http://www.gnu.org/licenses/gpl.html
* @category CAT_Core
* @package CAT_Core
*
*/
// include class.secure.php to protect this file and the whole CMS!
if (defined('CAT_PATH')) {
include CAT_PATH . '/framework/class.secure.php';
} else {
$root = "../";
$level = 1;
while ($level < 10 && !file_exists($root . '/framework/class.secure.php')) {
$root .= "../";
$level += 1;
}
if (file_exists($root . '/framework/class.secure.php')) {
include $root . '/framework/class.secure.php';
} else {
trigger_error(sprintf("[ <b>%s</b> ] Can't include class.secure.php!", $_SERVER['SCRIPT_NAME']), E_USER_ERROR);
}
}
// end include class.secure.php
$file = CAT_Helper_Directory::sanitizePath(dirname(__FILE__) . '/../' . WYSIWYG_EDITOR . '/headers.inc.php');
if (file_exists($file)) {
@(require $file);
}
/**
* set template fallback path (for templates not found in default path)
*
* @access public
* @param string $path
* @param string $context - frontend (default) or backend
* @return boolean
*
**/
public function setFallbackPath($path, $context = 'frontend')
{
$path = CAT_Helper_Directory::sanitizePath($path);
$this->log()->logDebug(sprintf('context [%s] fallback path [%s]', $context, $path));
if (file_exists($path)) {
$this->te->paths[$context . '_fallback'] = $path;
return true;
} else {
$this->log()->logWarn('unable to set fallback template path: does not exist!', $path);
return false;
}
}
/**
* create .htaccess in root dir
**/
function create_htaccess()
{
// filter document root from CAT_PATH
$server_path = CAT_Helper_Directory::sanitizePath(CAT_PATH);
$server_path = str_replace(CAT_Helper_Directory::sanitizePath($_SERVER['DOCUMENT_ROOT']), '', $server_path);
$content = ' RewriteEngine On
# If called directly - redirect to short url version
RewriteCond %{REQUEST_URI} !' . PAGES_DIRECTORY . '/intro.php
RewriteCond %{REQUEST_URI} ' . PAGES_DIRECTORY . '
RewriteRule ^' . PAGES_DIRECTORY . '/(.*)' . PAGE_EXTENSION . '$ /$1/ [R=301,L]
# Send the request to the index.php for processing
RewriteCond %{REQUEST_URI} !^/(' . str_replace('/', '', PAGES_DIRECTORY) . '|' . CAT_BACKEND_FOLDER . '|framework|include|languages|media|account|search|temp|templates/.*)$
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^([\\/\\sa-zA-Z0-9._-]+)$ ' . $server_path . '/index.php?$1 [QSA,L]
';
$fh = fopen(CAT_PATH . '/.htaccess', 'w');
if (is_resource($fh) && $fh) {
fwrite($fh, $content);
fclose($fh);
}
}
} else {
// Problem: no config.php nor installation files...
exit('<p><strong>Sorry, but this installation seems to be damaged! Please contact your webmaster!</strong></p>');
}
}
//**************************************************************************
// include config.php
//**************************************************************************
require_once $config_path . '/config.php';
//**************************************************************************
// analyze path to auto-protect backend
//**************************************************************************
if (!defined('CAT_LOGIN_PHASE')) {
$path = isset($_SERVER['SCRIPT_FILENAME']) ? CAT_Helper_Directory::sanitizePath($_SERVER['SCRIPT_FILENAME']) : NULL;
if ($path) {
$check = str_replace('/', '\\/', CAT_Helper_Directory::sanitizePath(CAT_ADMIN_PATH));
if (preg_match('~^' . $check . '~i', $path)) {
define('CAT_REQUIRE_ADMIN', true);
if (!CAT_Users::getInstance()->is_authenticated()) {
CAT_Users::getInstance()->handleLogin();
exit(0);
}
// always enable CSRF protection in backend; does not work with
// AJAX so scripts called via AJAX should set this constant
if (!defined('CAT_AJAX_CALL')) {
//echo "class.secure is calling enableCSRFMagic<br />";
CAT_Helper_Protect::getInstance()->enableCSRFMagic();
}
global $parser;
if (!is_object($parser)) {
$parser = CAT_Helper_Template::getInstance('Dwoo');
$root = "../";
$level = 1;
while ($level < 10 && !file_exists($root . '/framework/class.secure.php')) {
$root .= "../";
$level += 1;
}
if (file_exists($root . '/framework/class.secure.php')) {
include $root . '/framework/class.secure.php';
} else {
trigger_error(sprintf("[ <b>%s</b> ] Can't include class.secure.php!", $_SERVER['SCRIPT_NAME']), E_USER_ERROR);
}
}
// =================================
// ! Include the WB functions file
// =================================
include_once CAT_Helper_Directory::sanitizePath(CAT_PATH . '/framework/functions.php');
$backend = CAT_Backend::getInstance('Media', 'media', false);
$dirh = CAT_Helper_Directory::getInstance();
$val = CAT_Helper_Validate::getInstance();
$user = CAT_Users::getInstance();
header('Content-type: application/json');
// ================================================
// ! Check if user has permission to upload files
// ================================================
if ($user->checkPermission('media', 'media_upload', false) !== true) {
$ajax = array('message' => $backend->lang()->translate('You don\'t have the permission to upload a file. Check your system settings.'), 'success' => false);
print json_encode($ajax);
exit;
} elseif (is_array($val->sanitizePost('upload_counter'))) {
if ($val->sanitizePost('folder_path') != '') {
$file_path = $dirh->sanitizePath(CAT_PATH . $val->sanitizePost('folder_path'));
