function _findFilePath($file_path) { if (false == ($test_path = realpath($file_path))) { $file_path = realpath(NServer::env('DOCUMENT_ROOT') . $file_path); } return $file_path; }
/** * insert_audit_trail - This is only for timed_remove so that we don't * lose the audit_trail. * Refactor: Duplication of audit_trail_controller->insert(); * * @param array Required params - asset, asset_id, action_taken * @return void **/ function insert_audit_trail($params = array()) { if (empty($params)) { return false; } $required_params = array('asset', 'asset_id', 'action_taken'); foreach ($required_params as $param) { if (!isset($params[$param])) { return false; } } $model =& NModel::factory($this->name); // apply fields in the model $fields = $model->fields(); foreach ($fields as $field) { $model->{$field} = isset($params[$field]) ? $params[$field] : null; } $model->user_id = $this->website_user_id; $model->ip = NServer::env('REMOTE_ADDR'); if (in_array('cms_created', $fields)) { $model->cms_created = $model->now(); } if (in_array('cms_modified', $fields)) { $model->cms_modified = $model->now(); } // set the user id if it's applicable and available if (in_array('cms_modified_by_user', $fields)) { $model->cms_modified_by_user = $this->website_user_id; } $model->insert(); }
static function env($key) { if (isset($_SERVER[$key])) { return $_SERVER[$key]; } else { if (isset($_ENV[$key])) { return $_ENV[$key]; } else { if (getenv($key) !== false) { return getenv($key); } } } if ($key == 'DOCUMENT_ROOT') { $offset = 0; if (!strpos(NServer::env('SCRIPT_NAME'), '.php')) { $offset = 4; } return substr(NServer::env('SCRIPT_FILENAME'), 0, strlen(NServer::env('SCRIPT_FILENAME')) - (strlen(NServer::env('SCRIPT_NAME')) + $offset)); } if ($key == 'PHP_SELF') { return r(NServer::env('DOCUMENT_ROOT'), '', NServer::env('SCRIPT_FILENAME')); } return null; }
function search404($params) { if ($this->getParam('q')) { return $this->searchForm($params); } $uri = NServer::env('PHP_SELF'); $words = explode('/', $uri); // remove any empty elements foreach ($words as $i => $val) { if (empty($val)) { unset($words[$i]); } } $this->setParam('q', urldecode(implode(' ', $words))); return $this->searchForm($params); }
function test_dispatcher_setup() { $uri = NServer::setUri(); $dispatcher =& new NDispatcher($uri); $dispatcher->setParams($uri); $this->assertEquals($dispatcher->controller, "page", "Controller set from URI"); $this->assertEquals($dispatcher->action, "edit", "Action set from URI"); $this->assertEquals($dispatcher->parameter, "1", "Parameter set from URI"); $_SERVER['REQUEST_URI'] = '/bogus/action/999999'; $_SERVER['PATH_INFO'] = '/bogus/action/999999'; $uri = NServer::setUri(); $dispatcher =& new NDispatcher($uri); $dispatcher->setParams($uri); $this->assertEquals($dispatcher->controller, "bogus", "Bogus Controller allowed by dispatcher"); $this->assertEquals($dispatcher->action, "action", "Bogus Action allowed by dispatcher"); $this->assertEquals($dispatcher->parameter, "999999", "Bogus Parameter allowed by dispatcher"); }
function __construct() { if (defined('ADMIN_URL') && constant('ADMIN_URL') != false && is_string(ADMIN_URL) && preg_match('|^/' . APP_DIR . '/|', $_SERVER['REQUEST_URI'])) { if (!preg_match('|http[s]?://' . $_SERVER['SERVER_NAME'] . '|', ADMIN_URL)) { $loc = preg_replace('|/$|', '', ADMIN_URL) . $_SERVER['REQUEST_URI']; // if you don't want a 404 and want to redirect instead, comment out this line die(NDispatcher::error404()); header('Location:' . $loc); exit; } } if (is_null($this->name)) { $this->name = 'nterchange'; } if (is_null($this->base_view_dir)) { $this->base_view_dir = BASE_DIR; } if (!defined('IN_NTERCHANGE')) { define('IN_NTERCHANGE', preg_match('|^/' . APP_DIR . '|', NServer::env('REQUEST_URI')) ? true : false); } parent::__construct(); }
function viewlist() { $this->auto_render = false; include_once 'n_quickform.php'; $model =& $this->getDefaultModel(); $pk = $model->primaryKey(); $setting_forms = array(); $user_settings = $GLOBALS['USER_SETTINGS']; foreach ($user_settings as $setting => $default) { $model->reset(); $model->user_id = (int) $this->_auth->currentUserId(); $model->setting = $setting; $form = new NQuickForm('setting_' . $setting); $form->addElement('header', null, $model->settingToText($setting)); $description = $this->getSettingDescription($setting); if (!$description) { $description = 'Setting'; } $form->addElement('hidden', 'setting', $setting); $checkbox =& $form->addElement('checkbox', 'value', $description, null, array('id' => 'qf_' . $model->setting)); if ($model->find(null, true)) { // set the form action to edit $form->updateAttributes(array('action' => '/' . APP_DIR . '/' . $this->name . '/edit/' . $model->{$pk})); $form->addElement('hidden', $pk, $model->{$pk}); // check the box according to the value $checkbox->setChecked((bool) $model->value); } else { $form->updateAttributes(array('action' => '/' . APP_DIR . '/' . $this->name . '/create')); $checkbox->setChecked((bool) $default); } $form->addElement('hidden', '_referer', urlencode(NServer::env('REQUEST_URI'))); $form->addElement('submit', '__submit__', 'Submit'); $form->addRule('setting', null, 'required'); $setting_forms[] =& $form; } $this->set('settings', $setting_forms); $this->render(array('layout' => 'default')); }
/** * checkRedirect - Look in the database to see if there's a redirect to follow. * If there is - hit renderRedirect. * * @return void **/ function checkRedirect() { include_once 'n_server.php'; $current_url = NServer::env('REQUEST_URI'); // Check DB for direct match. $model =& $this->getDefaultModel(); $model->reset(); $model->url = $current_url; $model->regex = 0; $model->find(); while ($model->fetch()) { $this->renderRedirect($model->toArray()); } // Let's look at the regex matches. $model->reset(); $model->regex = 1; $model->find(); $urls =& $model->fetchAll(); foreach ($urls as $url) { if ($url->regex != 0 && eregi($url->url, $current_url)) { $this->renderRedirect($url->toArray()); } } }
/** * insert - Actually insert a cms_audit_trail record. Must be logged in to nterchange * for this to succeed. * NOTE: If you need to log an audit trail record without being logged in (eg. timed content removal) * there is an alternate method in the cms_audit_trail model. * * @param array Required params - asset, asset_id, action_taken * @return void **/ function insert($params = array()) { $this->_auth = new NAuth(); if (empty($params)) { return false; } $required_params = array('asset', 'asset_id', 'action_taken'); foreach ($required_params as $param) { if (!isset($params[$param])) { return false; } } $model =& $this->getDefaultModel(); // apply fields in the model $fields = $model->fields(); foreach ($fields as $field) { $model->{$field} = isset($params[$field]) ? $params[$field] : null; } $model->user_id = $this->_auth->currentUserID(); $model->ip = NServer::env('REMOTE_ADDR'); if (in_array('cms_created', $fields)) { $model->cms_created = $model->now(); } if (in_array('cms_modified', $fields)) { $model->cms_modified = $model->now(); } // set the user id if it's applicable and available if (in_array('cms_modified_by_user', $fields)) { $model->cms_modified_by_user = $this->_auth->currentUserID(); } $model->insert(); }
function page($parameter) { if (!defined('IN_SURFTOEDIT')) { define('IN_SURFTOEDIT', $this->nterchange && $this->edit); } $this->base_view_dir = ROOT_DIR; if (!$parameter) { $this->do404(); return; } $this->auto_render = false; // load the model $model =& $this->getDefaultModel(); $pk = $model->primaryKey(); if (!$model->get($parameter)) { // get the page info // if the page doesn't exist, then 404 $this->do404(); return; } if (!$this->nterchange && $model->external_url && preg_match('/^(http[s]?)|(\\/)/', $model->external_url)) { header('Location:' . $model->external_url); return; } // check if a disclaimer is required if (defined('SITE_DISCLAIMER') && constant('SITE_DISCLAIMER') && !$this->nterchange && ($disclaimer =& NController::factory('disclaimer'))) { $disclaimer->checkDisclaimer($parameter); } // find the action $action = $this->getTemplate($model->page_template_id); $action = $action ? $action : 'default'; // set up caching if (!$this->nterchange && defined('PAGE_CACHING') && PAGE_CACHING == true && $model->cache_lifetime != 0) { // set the view cache values $this->view_cache_name = 'page' . $parameter . (NServer::env('QUERY_STRING') ? ':' . md5(NServer::env('QUERY_STRING')) : ''); $this->view_caching = true; $this->view_cache_lifetime = $model->cache_lifetime; $this->view_cache_lifetimes[] = $model->cache_lifetime; $this->view_client_cache_lifetime = isset($model->client_cache_lifetime) ? $model->client_cache_lifetime : '3600'; header('Expires:' . gmdate('D, d M Y H:i:s \\G\\M\\T', time() + $this->view_client_cache_lifetime)); header('Cache-Control:max-age=' . $this->view_client_cache_lifetime . ', must-revalidate'); } else { header('Cache-Control:max-age=0, must-revalidate'); } // set the page fields $this->set($model->toArray()); // load the page, checking if it's cached if we're not in nterchange if ($this->nterchange || $this->getParam('mode') == 'print' || !$this->isCached(array('action' => $action))) { if (defined('PAGE_CACHING') && PAGE_CACHING == false) { $this->debug('Cache not created for page for Page ID ' . $model->{$pk} . ' because PAGE_CACHING is set to false.', N_DEBUGTYPE_CACHE); } else { if ($model->cache_lifetime == 0) { $this->debug('Cache not created for page for Page ID ' . $model->{$pk} . ' because caching is turned off for that page.', N_DEBUGTYPE_CACHE); } else { if (!$this->nterchange) { $this->debug('Created cached page for Page ID ' . $model->{$pk} . '.', N_DEBUGTYPE_CACHE); } } } $this->page_last_modified = strtotime($model->cms_modified); // load up the manual content (site name, breadcrumbs, children, nav, etc.) $contents['_SITE_NAME_'] = htmlentities(SITE_NAME); $contents['_EXTERNAL_CACHE_'] = defined('EXTERNAL_CACHE') && constant('EXTERNAL_CACHE') ? EXTERNAL_CACHE : false; $contents['_PAGE_EDIT_'] = ''; if ($this->checkUserLevel()) { $this->page_edit_allowed = true; $this->content_edit_allowed = true; } if ($this->nterchange && $this->edit && SITE_WORKFLOW) { // set up the user's rights on the page $workflow =& NController::factory('workflow'); if (($workflow_group_model =& $workflow->getWorkflowGroup($model)) && ($users = $workflow->getWorkflowUsers($workflow_group_model->{$workflow_group_model->primaryKey()}))) { $contents['_PAGE_EDIT_'] = '<div id="workflow">This page is owned by the "' . $workflow_group_model->workflow_title . '" Workflow Group</div>' . "\n"; $current_user = $this->_auth->currentUserID(); $edit = false; foreach ($users as $user) { if ($current_user == $user->user_id) { $edit = true; } } $this->content_edit_allowed = $edit; $assigns['workflow'] = $workflow_group_model->workflow_title; $user_rights = $workflow->getWorkflowUserRights($model); $this->content_edit_allowed = $user_rights & WORKFLOW_RIGHT_EDIT ? true : false; } else { switch ($this->_auth->getAuthData('user_level')) { case N_USER_NORIGHTS: $this->page_edit_allowed = false; $this->content_edit_allowed = false; break; case N_USER_EDITOR: $this->page_edit_allowed = false; $this->content_edit_allowed = true; break; } } unset($workflow); } if ($this->edit && $this->page_edit_allowed) { // $contents['_PAGE_EDIT_'] .= '<div><a href="/nterchange/page/edit/' . $parameter . '?_referer=' . urlencode($_SERVER['REQUEST_URI']) . '" title="Edit Page - "' . $model->title . '""><img src="/nterchange/images/edit.gif" alt="Edit Page" width="18" height="9" border="0" /></a></div>' . "\n\n"; $contents['_PAGE_EDIT_'] .= $this->render(array('action' => 'surftoedit', 'return' => true)); } $contents['HOME_LINK'] = $this->getHref($model->getInfo($model->getRootNode())); $contents['HOME_CHILDREN'] = $this->getHomeChildren(); $contents['BREADCRUMBS'] = $this->getBreadcrumbs(); $contents['CHILDREN'] = $this->getChildren(); // get ancestor $ancestor = $this->getAncestor(); if ($ancestor && count($ancestor)) { $contents['ancestor'] = $ancestor['filename']; $contents['ancestor_id'] = $ancestor[$pk]; } if ($this->nterchange) { $contents['header'] = ''; $contents['header'] .= "\n <!-- Surf-to-Edit -->\n "; $contents['header'] .= '<link href="/nterchange/stylesheets/surftoedit.css" rel="stylesheet">'; $contents['header'] .= "\n "; $contents['header'] .= '<script src="/nterchange/javascripts/surftoedit.js"></script>'; } if ($this->nterchange) { $contents['admin_dir'] = 1; } if ($this->nterchange && $this->edit) { $contents['page_edit'] = 1; } // set the variables so far $this->set($contents); // load the content into those vars using custom views $this->set($this->getContent()); // last-modified $this->set('last_modified', $this->page_last_modified); } if (!$this->nterchange && defined('PAGE_CACHING') && PAGE_CACHING == true && $model->cache_lifetime != 0) { $this->view_caching = true; } if (!$this->nterchange && defined('PAGE_CACHING') && PAGE_CACHING == true) { foreach ($this->view_cache_lifetimes as $cache_lifetime) { if ($this->view_cache_lifetime == -1 || $this->view_cache_lifetime > $cache_lifetime) { $this->view_cache_lifetime = $cache_lifetime; } } } if (SITE_PRINTABLE && isset($model->printable) && $model->printable && $this->getParam('mode') == 'print') { $this->view_caching = false; $this->render(array('action' => 'print')); } else { $this->render(array('action' => $action)); } }
function siteAdminList($id = null) { // set view caching to false so as to not cache every item $this->view_caching = false; $page_ctrl =& NController::singleton('page'); $model =& $page_ctrl->getDefaultModel(); $model->reset(); $pk = $model->primaryKey(); $html = ''; $model->parent_id = $id ? (int) $id : 'null'; if ($model->find()) { $this->set('reorder', $id == 0 ? false : true); $this->set('parent_id', $id); $html .= $this->render(array('action' => 'site_admin_list_start', 'return' => true)); $i = 0; $assigns['_referer'] = urlencode(NServer::env('REQUEST_URI')); $pages =& $model->fetchAll(); foreach ($pages as $page) { $page_edit = false; $surfedit = false; switch ($this->_auth->getAuthData('user_level')) { case N_USER_EDITOR: $surfedit = true; break; case N_USER_ADMIN: case N_USER_ROOT: $page_edit = true; $surfedit = true; break; } if (SITE_WORKFLOW) { $assigns['workflow'] = ''; $workflow =& NController::singleton('workflow'); if ($workflow_group_model =& $workflow->getWorkflowGroup($page)) { $user_rights = $workflow->getWorkflowUserRights($page); if ($user_rights & WORKFLOW_RIGHT_EDIT) { $surfedit = true; } $assigns['workflow'] = $workflow_group_model->workflow_title; } } $assigns['id'] = $page->{$pk}; $assigns['title'] = $page->title; $assigns['active'] = $page->active; $assigns['visible'] = $page->visible; $assigns['page_edit'] = $page_edit; $assigns['surfedit'] = $surfedit; $assigns['odd_or_even'] = $i % 2 == 0 ? 'even' : 'odd'; $this->set($assigns); $html .= $this->render(array('action' => 'sitemap_list_item', 'return' => true)); $i++; $html .= $this->siteAdminList($page->{$pk}); } unset($pages); $html .= $this->render(array('action' => 'site_admin_list_end', 'return' => true)); } unset($model, $page_ctrl); return $html; }
<?php // if (file_exists($_SERVER['DOCUMENT_ROOT'].$_SERVER['REQUEST_URI'])) return false; if (preg_match('/\\.(?:png|jpg|jpeg|gif|css|js)$/', $_SERVER["REQUEST_URI"])) { return false; } require_once dirname(__FILE__) . '/../vendor/autoload.php'; $dispatcher = new NDispatcher(NServer::setUri()); $dispatcher->dispatch(); unset($dispatcher);