/** * exception handler; allows to remove paths from error messages and show * optional stack trace **/ public static function exceptionHandler($exception) { $exc_class = get_class($exception); try { $logger = CAT_Helper_KLogger::instance(CAT_PATH . '/temp/logs', 2); $logger->logFatal(sprintf('Exception with message [%s] emitted in [%s] line [%s]', $exception->getMessage(), $exception->getFile(), $exception->getLine())); } catch (Exception $e) { } if (isset($exc_class::$exc_trace) && $exc_class::$exc_trace === true) { $traceline = "#%s %s(%s): %s(%s)"; $msg = "Uncaught exception '%s' with message '%s'<br />" . "<div style=\"font-size:smaller;width:80%%;margin:5px auto;text-align:left;\">" . "in %s:%s<br />Stack trace:<br />%s<br />" . "thrown in %s on line %s</div>"; $trace = $exception->getTrace(); foreach ($trace as $key => $stackPoint) { $trace[$key]['args'] = array_map('gettype', $trace[$key]['args']); } // build tracelines $result = array(); foreach ($trace as $key => $stackPoint) { $result[] = sprintf($traceline, $key, isset($stackPoint['file']) ? $stackPoint['file'] : '-', isset($stackPoint['line']) ? $stackPoint['line'] : '-', $stackPoint['function'], implode(', ', $stackPoint['args'])); } // trace always ends with {main} $result[] = '#' . ++$key . ' {main}'; // write tracelines into main template $msg = sprintf($msg, get_class($exception), $exception->getMessage(), $exception->getFile(), $exception->getLine(), implode("<br />", $result), $exception->getFile(), $exception->getLine()); } else { // filter message $message = $exception->getMessage(); $message = str_replace(array(CAT_Helper_Directory::sanitizePath(CAT_PATH), str_replace('/', '\\', CAT_Helper_Directory::sanitizePath(CAT_PATH))), array('[path to]', '[path to]'), $message); $msg = "[{$exc_class}] {$message}"; } // log $logger->logFatal($msg); // show detailed error information to admin only if (CAT_Users::is_authenticated() && CAT_Users::is_root()) { CAT_Object::printFatalError($msg); } else { CAT_Object::printFatalError("An internal error occured. We're sorry for inconvenience."); } }
/** * check module permissions for current user * * @access public * @param string $module - module to check * @return **/ public static function checkModulePermissions($module) { if (CAT_Users::is_root()) { return true; } return CAT_Users::get_permission($module, 'module'); }
/** * Checks if the user has a given permission by using the session data. * * Despite checkPermission, this does not use the "system_permissions' * table to check the permission. Instead, it just checks if perm * $name is set in group $type, where group is one of 'system', * 'module' or 'template'. * * This methods needs to be rewritten later * * @access public * @param string $name - name of the permission * @param string $type - permission type (system|module|template) * @return boolean **/ public static function get_permission($name, $type = 'system') { // Append to permission type $type .= '_permissions'; // start is always allowed; root user is always allowed if ($name == 'start' || CAT_Users::is_root()) { return true; } else { $val = CAT_Helper_Validate::getInstance(); // get user perms from the session $language_permissions = array(); $system_permissions = explode(',', $val->fromSession('SYSTEM_PERMISSIONS')); $module_permissions = $val->fromSession('MODULE_PERMISSIONS'); $template_permissions = $val->fromSession('TEMPLATE_PERMISSIONS'); if (!isset(${$type})) { return false; } return in_array($name, ${$type}); } }
function Dwoo_Plugin_show_menu(Dwoo $dwoo, $aMenu = 0, $aStart = SM2_ROOT, $aMaxLevel = -1999, $aOptions = SM2_TRIM, $aItemOpen = false, $aItemClose = false, $aMenuOpen = false, $aMenuClose = false, $aTopItemOpen = false, $aTopMenuOpen = false) { if (CAT_Helper_Page::isMaintenance() && !CAT_Users::is_root()) { return false; } if (strpos($aOptions, 'SM2_PRETTY') !== false) { return "<strong>Error:</strong> show_menu() does not support the SM2_PRETTY Flag!"; } // Set variables to replace strings with constants $search_values = array('SM2_ROOT', 'SM2_CURR', 'SM2_ALLMENU', 'SM2_START', 'SM2_MAX', 'SM2_ALLINFO', 'SM2_ALL', 'SM2_TRIM', 'SM2_CRUMB', 'SM2_SIBLING', 'SM2_NUMCLASS', 'SM2_NOCACHE', 'SM2_PRETTY', 'SM2_ESCAPE', 'SM2_NOESCAPE', 'SM2_BUFFER', 'SM2_CURRTREE', 'SM2_SHOWHIDDEN', 'SM2_XHTML_STRICT', 'SM2_NO_TITLE', 'SM2_ARRAY'); $replace_values = array(SM2_ROOT, SM2_CURR, SM2_ALLMENU, SM2_START, SM2_MAX, SM2_ALLINFO, SM2_ALL, SM2_TRIM, SM2_CRUMB, SM2_SIBLING, SM2_NUMCLASS, SM2_NOCACHE, SM2_PRETTY, SM2_ESCAPE, SM2_NOESCAPE, SM2_BUFFER, SM2_CURRTREE, SM2_SHOWHIDDEN, SM2_XHTML_STRICT, SM2_NO_TITLE, ''); // Check if function shall return an array or the menu $direct_output = strpos($aOptions, 'SM2_ARRAY') === false ? true : false; // Check if SM2_BUFFER is set, when SM2_ARRAY is set (otherwise simply replace SM2_ARRAY with SM2_BUFFER $aOptions = !$direct_output && strpos($aOptions, 'SM2_BUFFER') === false ? str_replace('SM2_ARRAY', 'SM2_BUFFER', $aOptions) : $aOptions; // Replace all Strings with constants $aStart = str_replace($search_values, $replace_values, $aStart); $aMaxLevel = str_replace($search_values, $replace_values, $aMaxLevel); $aOptions = str_replace($search_values, $replace_values, $aOptions); // Among all constants get to bit values $Menu = among_constants($aMenu); $Start = among_constants($aStart); $MaxLevel = among_constants($aMaxLevel); $Options = among_constants($aOptions); if ($direct_output) { show_menu2($Menu, $Start, $MaxLevel, $Options, $aItemOpen, $aItemClose, $aMenuOpen, $aMenuClose, $aTopItemOpen, $aTopMenuOpen); } else { $result = show_menu2($Menu, $Start, $MaxLevel, $Options); $search = array('</li><li', '</a><ul', '</li></ul>', '</ul></li>', '</a></li>'); $replace = array('</li>|<li', '</a>|<ul', '</li>|</ul>', '</ul>|</li>', '</a>|</li>'); $result = str_replace($search, $replace, $result); $walk = explode('|', $result); $menu = array(); $level = 0; foreach ($walk as $index => $item) { trim($item); if ($item == '</li>') { $menu[] = array('type' => 'link_end', 'level' => $level); continue; } if ($item == '</ul>') { $menu[] = array('type' => 'level_end', 'level' => $level); $level--; continue; } if (strpos($item, '<ul') !== false) { $ul = substr($item, 0, strpos($item, '<li')); $level++; $link = array(); $link['type'] = 'level_start'; $link['level'] = $level; preg_match_all('/([a-zA-Z]*[a-zA-Z])\\s{0,3}[=]\\s{0,3}("[^"\\r\\n]*)"/', $ul, $attr); foreach ($attr as $attributes) { foreach ($attributes as $attribut) { if (strpos($attribut, "=") !== false) { list($key, $value) = explode("=", $attribut); $value = trim($value); $value = trim(substr($value, 1, strlen($value) - 2)); if (!empty($value)) { $link[$key] = $value; } } } } $menu[] = $link; $item = trim(substr($item, strpos($item, '<li'))); } if (strpos($item, '<li') !== false) { $link = array(); $link['type'] = 'link_start'; $link['level'] = $level; preg_match_all('/([a-zA-Z]*[a-zA-Z])\\s{0,3}[=]\\s{0,3}("[^"\\r\\n]*)"/', $item, $attr); foreach ($attr as $attributes) { foreach ($attributes as $attribut) { if (strpos($attribut, "=") !== false) { list($key, $value) = explode("=", $attribut); $value = trim($value); $value = trim(substr($value, 1, strlen($value) - 2)); $link[$key] = $value; } } } $link['pagename'] = pathinfo($link['href'], PATHINFO_FILENAME); $menu[] = $link; } } return $menu; } // end loop for SM2_ARRAY }
/** * **/ public static function is_allowed($perm, $gid) { global $settings; // admin is always allowed to do all if (CAT_Users::is_root()) { return true; } if (!array_key_exists($perm, $settings)) { return false; } else { $value = $settings[$perm]; if (!is_array($value)) { $value = array($value); } return is_in_array($value, $gid); } return false; }
/** * Check whether a page is visible or not * This will check page-visibility, user- and group permissions * * @access public * @param integer $page_id * @return boolean **/ public static function isVisible($page_id) { $show_it = false; $page = self::properties($page_id); switch ($page['visibility']) { // never shown in FE case 'none': case 'deleted': $show_it = false; break; // shown if called, but not in menu // shown if called, but not in menu case 'hidden': if (self::selectPage() == $page_id) { $show_it = true; } break; // always visible // always visible case 'public': $show_it = true; break; // shown if user is allowed // shown if user is allowed case 'private': case 'registered': if (CAT_Users::is_authenticated() == true) { // check language if (CAT_Registry::get('PAGE_LANGUAGES') == 'false' || (self::properties($page_id, 'language') == '' || self::properties($page_id, 'language') == LANGUAGE)) { $show_it = CAT_Users::is_group_match(CAT_Users::get_groups_id(), $page['viewing_groups']) || CAT_Users::is_group_match(CAT_Users::get_user_id(), $page['viewing_users']) || CAT_Users::is_root(); } } else { $show_it = false; } break; } return $show_it; }
/** * get last DB error * * @access public * @return string **/ public function getError() { // show detailed error message only to global admin if (CAT_Users::is_authenticated() && CAT_Users::is_root()) { return $this->lasterror; } else { return "An internal error occured. We're sorry for inconvenience."; } }
/** * get page sections for given block * * @access public * @param integer $block * @return void (direct print to STDOUT) **/ public function getPageContent($block = 1) { // keep old modules happy global $wb, $admin, $database, $page_id, $section_id, $parser; // old style language files global $TEXT, $HEADING, $MESSAGE; $admin =& $wb; if ($page_id == '') { $page_id = $this->_page_id; } // check if user is allowed to see this page if (!self::$helper->isVisible($this->_page_id) && !CAT_Users::is_root() && (!self::$helper->isMaintenance() || CAT_Registry::get('MAINTENANCE_PAGE') != $this->_page_id)) { if (self::$helper->isDeleted($this->_page_id)) { return self::print404(); } else { // if Frontend-Login redirect user to login form and after login back to current page if (FRONTEND_LOGIN) { header("HTTP/1.1 401 Unauthorized"); header("Location: " . LOGIN_URL . '?redirect=' . $_SERVER['PHP_SELF']); exit; } else { self::$helper->printFatalError('You are not allowed to view this page!'); } } } // check if page has active sections if (!self::$helper->isActive($this->_page_id)) { return self::$helper->lang()->translate('The page does not have any content!'); } // get the page content; if constant PAGE_CONTENT is set, it contains // the name of a file to be included if (!defined('PAGE_CONTENT') or $block != 1) { // get active sections $sections = CAT_Sections::getActiveSections($this->_page_id, $block); if (is_array($sections) && count($sections)) { global $parser, $section_id; foreach ($sections as $section) { self::$helper->log()->logDebug('sections for this block', $sections); $section_id = $section['section_id']; $module = $section['module']; // make a anchor for every section. if (defined('SEC_ANCHOR') && SEC_ANCHOR != '') { echo '<a class="section_anchor" id="' . SEC_ANCHOR . $section_id . '"' . (isset($section['name']) && $section['name'] != 'no name' ? 'title="' . $section['name'] . '"' : '') . '></a>'; } // check if module exists - feature: write in errorlog if (file_exists(CAT_PATH . '/modules/' . $module . '/view.php')) { // load language file (if any) $langfile = CAT_Helper_Directory::sanitizePath(CAT_PATH . '/modules/' . $module . '/languages/' . LANGUAGE . '.php'); if (file_exists($langfile)) { // modern language file if ($this->lang()->checkFile($langfile, 'LANG', true)) { $this->lang()->addFile(LANGUAGE . '.php', CAT_Helper_Directory::sanitizePath(CAT_PATH . '/modules/' . $module . '/languages')); } } // set template path if (file_exists(CAT_Helper_Directory::sanitizePath(CAT_PATH . '/modules/' . $module . '/templates'))) { $parser->setPath(CAT_Helper_Directory::sanitizePath(CAT_PATH . '/modules/' . $module . '/templates')); } if (file_exists(CAT_Helper_Directory::sanitizePath(CAT_PATH . '/modules/' . $module . '/templates/default'))) { $parser->setPath(CAT_Helper_Directory::sanitizePath(CAT_PATH . '/modules/' . $module . '/templates/default')); } if (file_exists(CAT_Helper_Directory::sanitizePath(CAT_PATH . '/modules/' . $module . '/templates/' . DEFAULT_TEMPLATE))) { $parser->setFallbackPath(CAT_Helper_Directory::sanitizePath(CAT_PATH . '/modules/' . $module . '/templates/default')); $parser->setPath(CAT_Helper_Directory::sanitizePath(CAT_PATH . '/modules/' . $module . '/templates/' . DEFAULT_TEMPLATE)); } // fetch original content ob_start(); require CAT_PATH . '/modules/' . $module . '/view.php'; $content = ob_get_clean(); echo $content; } else { continue; } } } } else { require PAGE_CONTENT; } if (!CAT_Registry::exists('CAT_PAGE_CONTENT_DONE')) { CAT_Registry::register('CAT_PAGE_CONTENT_DONE', true, true); } }