/**
* Modifies the original ParserOutput object using the one returned from FlagView.
* The modification
* @param \ParserOutput $parserOutput
* @param \Page $article
* @return bool
*/
public static function onBeforeParserCacheSave(\ParserOutput $parserOutput, \Page $article)
{
if (!\FlagsController::$parsed) {
$parserOutput = (new \FlagsController())->modifyParserOutputWithFlags($parserOutput, $article->getID());
}
return true;
}
public function setPage(Page $page)
{
$this->page = $page;
$this->set_field(self::PAGE, $page->getID());
}
$req = ob_get_contents();
ob_end_clean();
echo json_encode(array("success" => 0, "message" => urlencode($req)));
exit;
}
// Check if parent exists
$parent = null;
if ($val['parent'] != -1) {
foreach (Page::getList() as $page) {
if ($page->getID() == $val['parent']) {
$parent = $page;
break;
}
}
// Parent not found
if ($parent == null) {
$_GET['id'] = 7;
ob_start();
include 'pages/error.php';
$req = ob_get_contents();
ob_end_clean();
echo json_encode(array("success" => 0, "message" => urlencode($req)));
exit;
}
}
// Create page
$page = new Page(-1, $_SESSION['userdata']->getID(), $val['title'], $val['content'], $val['visibility'], new \DateTime(), $parent == null ? null : $parent->getID(), -1);
$page->update();
echo json_encode(array("success" => 1, "message" => $page->getID()));
break;
}
}
$page = null;
$view->setTitle("Viewing Page");
try {
$page = new Page($id);
} catch (Exception $e) {
if ($e->getCode() == PAGE_NOT_EXIST) {
header("Location: " . orongoURL("orongo-admin/manage.php?msg=0&obj=pages"));
exit;
} else {
header("Location: " . orongoURL("orongo-admin/index.php?msg=2"));
exit;
}
}
$form = new AdminFrontendForm(100, l("Page") . ": " . $page->getTitle(), "GET", "", false);
$form->addInput("ID", "id", "text", $page->getID(), false, true);
$form->addInput("Page Title", "title", "text", $page->getTitle(), false, true);
$form->addInput("Page Content", "content", "ckeditor", $page->getContent(), false, true);
$form->addButton("Delete", false, orongoURL("orongo-admin/delete.php?page." . $id));
$form->addButton("Edit", false, orongoURL("orongo-admin/edit.php?page." . $id));
$view->addObject($form);
$view->render();
break;
case "user":
if ($id != getUser()->getID() && getUser()->getRank() != RANK_ADMIN) {
header("Location: " . orongoURL("orongo-admin/index.php?msg=0"));
exit;
}
$user = null;
$view->setTitle("Viewing User");
try {
/**
* checks password posting or existing password cookie
*
* @param string $authType override of athorization type
*
* @return bool true if authorized
*/
function zp_handle_password($authType = NULL, $check_auth = NULL, $check_user = NULL)
{
global $_zp_loggedin, $_zp_login_error, $_zp_current_album, $_zp_current_page, $_zp_gallery;
if (empty($authType)) {
// not supplied by caller
$check_auth = '';
if (isset($_GET['z']) && @$_GET['p'] == 'full-image' || isset($_GET['p']) && $_GET['p'] == '*full-image') {
$authType = 'zp_image_auth';
$check_auth = getOption('protected_image_password');
$check_user = getOption('protected_image_user');
} else {
if (in_context(ZP_SEARCH)) {
// search page
$authType = 'zp_search_auth';
$check_auth = getOption('search_password');
$check_user = getOption('search_user');
} else {
if (in_context(ZP_ALBUM)) {
// album page
$authType = "zp_album_auth_" . $_zp_current_album->getID();
$check_auth = $_zp_current_album->getPassword();
$check_user = $_zp_current_album->getUser();
if (empty($check_auth)) {
$parent = $_zp_current_album->getParent();
while (!is_null($parent)) {
$check_auth = $parent->getPassword();
$check_user = $parent->getUser();
$authType = "zp_album_auth_" . $parent->getID();
if (!empty($check_auth)) {
break;
}
$parent = $parent->getParent();
}
}
} else {
if (in_context(ZP_ZENPAGE_PAGE)) {
$authType = "zp_page_auth_" . $_zp_current_page->getID();
$check_auth = $_zp_current_page->getPassword();
$check_user = $_zp_current_page->getUser();
if (empty($check_auth)) {
$pageobj = $_zp_current_page;
while (empty($check_auth)) {
$parentID = $pageobj->getParentID();
if ($parentID == 0) {
break;
}
$sql = 'SELECT `titlelink` FROM ' . prefix('pages') . ' WHERE `id`=' . $parentID;
$result = query_single_row($sql);
$pageobj = new Page($result['titlelink']);
$authType = "zp_page_auth_" . $pageobj->getID();
$check_auth = $pageobj->getPassword();
$check_user = $pageobj->getUser();
}
}
}
}
}
}
if (empty($check_auth)) {
// anything else is controlled by the gallery credentials
$authType = 'zp_gallery_auth';
$check_auth = $_zp_gallery->getPassword();
$check_user = $_zp_gallery->getUser();
}
}
// Handle the login form.
if (DEBUG_LOGIN) {
debugLog("zp_handle_password: \$authType={$authType}; \$check_auth={$check_auth}; \$check_user={$check_user}; ");
}
if (isset($_POST['password']) && isset($_POST['pass'])) {
// process login form
if (isset($_POST['user'])) {
$post_user = sanitize($_POST['user'], 0);
} else {
$post_user = '';
}
$post_pass = sanitize($_POST['pass'], 0);
foreach (Zenphoto_Authority::$hashList as $hash => $hi) {
$auth = Zenphoto_Authority::passwordHash($post_user, $post_pass, $hi);
$success = $auth == $check_auth && $post_user == $check_user;
if (DEBUG_LOGIN) {
debugLog("zp_handle_password({$success}): \$post_user={$post_user}; \$post_pass={$post_pass}; \$check_auth={$check_auth}; \$auth={$auth}; \$hash={$hash};");
}
if ($success) {
break;
}
}
$success = zp_apply_filter('guest_login_attempt', $success, $post_user, $post_pass, $authType);
if ($success) {
// Correct auth info. Set the cookie.
if (DEBUG_LOGIN) {
debugLog("zp_handle_password: valid credentials");
}
zp_setCookie($authType, $auth);
if (isset($_POST['redirect'])) {
$redirect_to = sanitizeRedirect($_POST['redirect'], true);
if (!empty($redirect_to)) {
header("Location: " . $redirect_to);
exitZP();
}
}
} else {
// Clear the cookie, just in case
if (DEBUG_LOGIN) {
debugLog("zp_handle_password: invalid credentials");
}
zp_clearCookie($authType);
$_zp_login_error = true;
}
return $success;
}
if (empty($check_auth)) {
//no password on record or admin logged in
return true;
}
if (($saved_auth = zp_getCookie($authType)) != '') {
if ($saved_auth == $check_auth) {
if (DEBUG_LOGIN) {
debugLog("zp_handle_password: valid cookie");
}
return true;
} else {
// Clear the cookie
if (DEBUG_LOGIN) {
debugLog("zp_handle_password: invalid cookie");
}
zp_clearCookie($authType);
}
}
return false;
}
} catch (Exception $e) {
if ($e->getCode() == PAGE_NOT_EXIST) {
header("Location: " . orongoURL("orongo-admin/manage.php?msg=0&obj=pages"));
exit;
} else {
header("Location: " . orongoURL("orongo-admin/index.php?msg=2"));
exit;
}
}
if (!empty($_POST['title'])) {
$page->setTitle($_POST['title']);
}
if (!empty($_POST['content'])) {
$page->setContent($_POST['content']);
}
header("Location: " . orongoURL("orongo-admin/view.php?msg=1&obj=page&id=" . $page->getID()));
exit;
break;
case "user":
if (getUser()->getRank() < RANK_ADMIN && getUser()->getID() != $id) {
header("Location: " . orongoURL("orongo-admin/index.php?msg=0"));
exit;
}
if (!isset($_POST['new_password']) || !isset($_POST['new_email'])) {
header("Location: " . orongoURL("orongo-admin/edit.php?user." . $id));
exit;
}
if (!isset($_POST['password']) && getUser()->getRank() < RANK_ADMIN) {
header("Location: " . orongoURL("orongo-admin/edit.php?user." . $id));
exit;
}
$create->addObject($form);
$create->render();
break;
case "page":
if (getUser()->getRank() < RANK_WRITER) {
header("Location: " . orongoURL("orongo-admin/index.php?msg=0"));
exit;
}
$create->setTitle("Edit Page");
try {
$page = new Page($id);
} catch (Exception $e) {
if ($e->getCode() == PAGE_NOT_EXIST) {
header("Location: " . orongoURL("orongo-admin/manage.php?msg=0&obj=pages"));
exit;
} else {
header("Location: " . orongoURL("orongo-admin/index.php?msg=2"));
exit;
}
}
$form = new AdminFrontendForm(100, l("Edit Page") . " (" . $page->getID() . ")", "POST", orongoURL("actions/action_Edit.php?page." . $page->getID()), false);
$form->addInput("Page Title", "title", "text", $page->getTitle(), true);
$form->addInput("Page Content", "content", "ckeditor", $page->getContent(), true);
$form->addButton("Save", true);
$create->addObject($form);
$create->render();
break;
default:
header("Location: " . orongoURL("orongo-admin/index.php?msg=1"));
exit;
}
header("Location: " . orongoURL("orongo-admin/index.php?msg=0"));
exit;
}
$delete->setTitle("Delete Page");
try {
$page = new Page($id);
} catch (Exception $e) {
if ($e->getCode() == PAGE_NOT_EXIST) {
header("Location: " . orongoURL("orongo-admin/manage.php?msg=0&obj=pages"));
exit;
} else {
header("Location: " . orongoURL("orongo-admin/index.php?msg=2"));
exit;
}
}
$form = new AdminFrontendForm(100, l("Delete Page") . " (" . $page->getID() . ")", "POST", "", false);
$form->addButton("Yes", true, orongoURL("actions/action_Delete.php?page." . $page->getID()));
$form->addButton("No", false, orongoURL("orongo-admin/manage.php?pages"));
$form->setContent(l("Sure delete page", $page->getTitle()));
$delete->addObject($form);
$delete->render();
break;
case "comment":
if (getUser()->getRank() < RANK_ADMIN) {
header("Location: " . orongoURL("orongo-admin/index.php?msg=0"));
exit;
}
$delete->setTitle("Delete Comment");
try {
$comment = new Comment($id);
} catch (Exception $e) {
/** @param $categoryID single page ID or CODE */
function __construct($categoryID, $showInHidden = false)
{
$IDs = Page::descendantIDs($categoryID, $showInHidden);
if ($categoryID) {
$IDs[] = Page::getID($categoryID);
}
parent::__construct($IDs);
}
public function testPage()
{
$date = new \DateTime();
$page = new Page(123, 1, 'A page', 'Some content', 2, $date, 0, 25);
$this->assertEquals(123, $page->getID());
$this->assertEquals('A page', $page->getTitle());
$this->assertEquals('Some content', $page->getContent());
$this->assertEquals(2, $page->getVisibility());
$this->assertEquals($date, $page->getDate());
$this->assertEquals(25, $page->getPosition());
}
