public function __construct($args) { global $langmessage, $config; parent::__construct($args); $this->section_types = \gp\tool\Output\Sections::GetTypes(); $this->page->ajaxReplace = array(); $this->page->css_admin[] = '/include/css/admin_menu_new.css'; $this->page->head_js[] = '/include/thirdparty/js/nestedSortable.js'; $this->page->head_js[] = '/include/thirdparty/js/jquery_cookie.js'; $this->page->head_js[] = '/include/js/admin_menu_new.js'; $this->max_level_index = max(3, gp_max_menu_level - 1); $this->page->head_script .= 'var max_level_index = ' . $this->max_level_index . ';'; $this->avail_menus['gpmenu'] = $langmessage['Main Menu'] . ' / ' . $langmessage['site_map']; $this->avail_menus['all'] = $langmessage['All Pages']; $this->avail_menus['hidden'] = $langmessage['Not In Main Menu']; $this->avail_menus['nomenus'] = $langmessage['Not In Any Menus']; $this->avail_menus['search'] = $langmessage['search pages']; if (isset($config['menus'])) { foreach ($config['menus'] as $id => $menu_label) { $this->avail_menus[$id] = $menu_label; } } //read cookie settings if (isset($_COOKIE['gp_menu_prefs'])) { parse_str($_COOKIE['gp_menu_prefs'], $this->cookie_settings); } $this->SetMenuID(); $this->SetMenuArray(); $this->SetCollapseSettings(); $this->SetQueryInfo(); $cmd = \gp\tool::GetCommand(); $this->cmd = \gp\tool\Plugins::Filter('MenuCommand', array($cmd)); }
public function __construct($text) { parent::__construct($text); $this->dom_array = \gp\tool\Plugins::Filter('Html_Output', array($this->dom_array)); $this->Clean(); $this->Rebuild(); }
public function RunScript() { global $gp_index, $langmessage; $scriptinfo = self::GetScriptInfo($this->title); if ($scriptinfo === false) { switch ($this->title) { case 'Special_ExtraJS': $this->ExtraJS(); //dies } $this->Error_404($this->title); return; } $this->gp_index = $gp_index[$this->title]; $this->TitleInfo = $scriptinfo; if (!$this->CheckVisibility()) { return false; } //allow addons to affect page actions and how a page is displayed $cmd = \gp\tool::GetCommand(); $cmd_after = \gp\tool\Plugins::Filter('PageRunScript', array($cmd)); if ($cmd !== $cmd_after) { $cmd = $cmd_after; if ($cmd === 'return') { return; } } if (\gp\tool::LoggedIn() && \gp\admin\Tools::HasPermission('Admin_Menu')) { $this->cmds['RenameForm'] = '\\gp\\Page\\Rename::RenameForm'; $this->cmds['RenameFile'] = '\\gp\\Page\\Rename::RenamePage'; $this->cmds['ToggleVisibility'] = array('\\gp\\Page\\Visibility::TogglePage', 'DefaultDisplay'); $this->cmds['ManageSections'] = '\\gp\\Page\\Edit::ManageSections'; } $this->RunCommands($cmd); }
/** * Verify the user submitted form by checking anti-spam hooks and/or recaptcha if they exist * @static * */ public static function Check() { global $page, $langmessage, $config, $dataDir; // if hooks return false, stop if (!\gp\tool\Plugins::Filter('AntiSpam_Check', array(true))) { return false; } // if recaptcha inactive, stop if (!self::hasRecaptcha()) { return true; } if (empty($_POST['g-recaptcha-response'])) { return false; } require_once $dataDir . '/include/thirdparty/recaptcha/autoload.php'; if (!ini_get('allow_url_fopen')) { // allow_url_fopen = Off $recaptcha = new \ReCaptcha\ReCaptcha($config['recaptcha_private'], new \ReCaptcha\RequestMethod\SocketPost()); } else { // allow_url_fopen = On $recaptcha = new \ReCaptcha\ReCaptcha($config['recaptcha_private']); } if (!empty($_SERVER['HTTP_CLIENT_IP'])) { $ip = $_SERVER['HTTP_CLIENT_IP']; } elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) { $ip = $_SERVER['HTTP_X_FORWARDED_FOR']; } else { $ip = $_SERVER['REMOTE_ADDR']; } $resp = $recaptcha->verify($_POST['g-recaptcha-response'], $ip); if (!$resp->isSuccess()) { //$error_codes = $resp->getErrorCodes(); //error_log(); msg($langmessage['INCORRECT_CAPTCHA']); return false; } return true; }
/** * Return true if an administrator is logged in * @return bool */ public static function LoggedIn() { global $gpAdmin; $loggedin = false; if (isset($gpAdmin) && is_array($gpAdmin)) { $loggedin = true; } return \gp\tool\Plugins::Filter('LoggedIn', array($loggedin)); }
function RunScript() { if (!$this->SetVars()) { return; } //allow addons to effect page actions and how a page is displayed $cmd = \gp\tool::GetCommand(); $cmd_after = \gp\tool\Plugins::Filter('PageRunScript', array($cmd)); if ($cmd !== $cmd_after) { $cmd = $cmd_after; if ($cmd === 'return') { return; } } $this->GetFile(); $this->contentBuffer = \gp\tool\Output\Sections::Render($this->file_sections, $this->title, $this->file_stats); }
/** * Return formatted content for the $section_data * @return string * */ static function SectionToContent($section_data, $section_num) { $section_data = \gp\tool\Plugins::Filter('SectionToContent', array($section_data, $section_num)); switch ($section_data['type']) { case 'text': return self::TextContent($section_data['content']); case 'include': return self::IncludeContent($section_data); case 'gallery': \gp\tool::ShowingGallery(); return $section_data['content']; } return $section_data['content']; }
/** * Return the data for the requested menu, return the main menu if the requested menu doesn't exist * @param string $id String identifying the requested menu * @return array menu data */ public function GetMenuArray($id) { global $dataDir, $gp_menu; $menu_file = $dataDir . '/data/_menus/' . $id . '.php'; if (empty($id) || !\gp\tool\Files::Exists($menu_file)) { return \gp\tool\Plugins::Filter('GetMenuArray', array($gp_menu)); } $menu = \gp\tool\Files::Get('_menus/' . $id, 'menu'); if (\gp\tool\Files::$last_version && version_compare(\gp\tool\Files::$last_version, '3.0b1', '<')) { $menu = $this->FixMenu($menu); } return \gp\tool\Plugins::Filter('GetMenuArray', array($menu)); }
return $args; } function rename_check($event, $args, $finder) { $name = $args['name']; if (gp_restrict_uploads && !\gp\admin\Content\Uploaded::AllowedExtension($name)) { return false; } $args['name'] = $name; return $args; } function SaveFinderData($data) { global $config; $config['finder_data'] = $data; \gp\admin\Tools::SaveConfig(); } function ReturnFinderData() { global $config; if (isset($config['finder_data'])) { return $config['finder_data']; } return false; } $opts = array('debug' => gpdebug, 'saveData' => 'SaveFinderData', 'returnData' => 'ReturnFinderData', 'roots' => array(array('driver' => 'LocalFileSystem', 'path' => $dataDir . '/data/_uploaded/', 'URL' => \gp\tool::GetDir('data/_uploaded'), 'accessControl' => 'access', 'tmbPath' => $dataDir . '/data/_elthumbs', 'tmbURL' => \gp\tool::GetDir('data/_elthumbs'), 'separator' => '/', 'tmbBgColor' => 'transparent', 'copyOverwrite' => false, 'uploadOverwrite' => false, 'tmbPathMode' => gp_chmod_dir, 'dirMode' => gp_chmod_dir, 'fileMode' => gp_chmod_file)), 'bind' => array('duplicate upload rename rm paste resize' => array('\\gp\\admin\\Content\\Uploaded', 'FinderChange'), 'upload-before' => 'upload_check', 'rename-before' => 'rename_check')); $opts = \gp\tool\Plugins::Filter('FinderOptionsServer', array($opts)); gpSettingsOverride('finder_options_server', $opts); // run Finder $connector = new Finder($opts); $connector->run();
/** * Return a list of section types * */ public static function NewSections($checkboxes = false) { $types_with_imgs = array('text', 'image', 'gallery'); $section_types = \gp\tool\Output\Sections::GetTypes(); $links = array(); foreach ($section_types as $type => $type_info) { $img = ''; if (in_array($type, $types_with_imgs)) { $img = \gp\tool::GetDir('/include/imgs/section-' . $type . '.png'); } $links[] = array($type, $img); } $links[] = array(array('text.gpCol-6', 'image.gpCol-6'), \gp\tool::GetDir('/include/imgs/section-combo-text-image.png')); $links[] = array(array('text.gpCol-6', 'gallery.gpCol-6'), \gp\tool::GetDir('/include/imgs/section-combo-text-gallery.png')); //section combo: text & gallery $links = \gp\tool\Plugins::Filter('NewSections', array($links)); foreach ($links as $link) { $link += array('', '', 'gpRow'); echo self::NewSectionLink($link[0], $link[1], $link[2], $checkboxes); } }
static function InlineEdit($section_data) { $section_data += array('type' => '', 'content' => ''); $scripts = array(); $scripts[] = array('object' => 'gp_editing', 'file' => '/include/js/inline_edit/inline_editing.js'); $type = 'text'; if (!empty($section_data['type'])) { $type = $section_data['type']; } switch ($type) { case 'gallery': $scripts = self::InlineEdit_Gallery($scripts); break; case 'include': $scripts = self::InlineEdit_Include($scripts); break; case 'text': $scripts = self::InlineEdit_Text($scripts); break; case 'image': echo 'var gp_blank_img = ' . self::quote(\gp\tool::GetDir('/include/imgs/blank.gif')) . ';'; $scripts[] = '/include/js/jquery.auto_upload.js'; $scripts[] = '/include/js/inline_edit/image_common.js'; $scripts[] = '/include/js/inline_edit/image_edit.js'; break; } $scripts = \gp\tool\Plugins::Filter('InlineEdit_Scripts', array($scripts, $type)); self::SendScripts($scripts); //replace resized images with their originals if (isset($section_data['resized_imgs']) && is_array($section_data['resized_imgs']) && count($section_data['resized_imgs'])) { $section_data['content'] = \gp\tool\Editing::RestoreImages($section_data['content'], $section_data['resized_imgs']); } //create the section object that will be passed to gp_init_inline_edit $section_object = \gp\tool::JsonEncode($section_data); //send call to gp_init_inline_edit() echo ';if( typeof(gp_init_inline_edit) == "function" ){'; echo 'gp_init_inline_edit('; echo self::quote($_GET['area_id']); echo ',' . $section_object; echo ');'; echo '}else{alert("gp_init_inline_edit() is not defined");}'; }
/** * Return an array * */ public static function SectionFromPost(&$existing_section, $section_num, $title, $file_stats) { global $page, $gpAdmin; $section_before = $existing_section; $type = $existing_section['type']; $save_this = false; switch ($type) { case 'text': $save_this = true; self::SectionFromPost_Text($existing_section); break; case 'gallery': $save_this = true; self::SectionFromPost_Gallery($existing_section); break; case 'include': $save_this = self::SectionFromPost_Include($existing_section, $section_num, $title, $file_stats); break; case 'image': $save_this = self::SectionFromPost_Image($existing_section); break; } //make sure $existing_section is still an array $type_check = gettype($existing_section); if ($type_check !== 'array') { trigger_error('$existing_section is ' . $type_check . '. Array expected'); return false; } // Hack: SaveSection used $page->file_sections $page->file_sections[$section_num] = $existing_section; $save_this = \gp\tool\Plugins::Filter('SaveSection', array($save_this, $section_num, $type)); $existing_section = $page->file_sections[$section_num]; if (!$save_this) { $page->file_sections[$section_num] = $existing_section = $section_before; } $page->file_sections[$section_num]['modified'] = time(); $page->file_sections[$section_num]['modified_by'] = $gpAdmin['username']; return $save_this; }
public function SendMessage() { global $langmessage, $config; $headers = array(); $_POST += array('subject' => '', 'contact_nonce' => '', 'message' => ''); if (empty($_POST['message'])) { msg($langmessage['OOPS'] . '(Invalid Message)'); return; } //check nonce if (!\gp\tool::verify_nonce('contact_post', $_POST['contact_nonce'], true)) { msg($langmessage['OOPS'] . '(Invalid Nonce)'); return; } if (!empty($_POST['contact_void'])) { msg($langmessage['OOPS'] . '(Robot Detected)'); return; } //captcha if (!\gp\tool\Recaptcha::Check()) { return; } if (!\gp\tool\Plugins::Filter('contact_form_check', array(true))) { return; } $mailer = new \gp\tool\Emailer(); //subject $_POST['subject'] = strip_tags($_POST['subject']); //message $tags = '<p><div><span><font><b><i><tt><em><i><a><strong><blockquote>'; $message = nl2br(strip_tags($_POST['message'], $tags)); //reply name if (!empty($_POST['email'])) { //check format if (!$this->ValidEmail($_POST['email'])) { msg($langmessage['invalid_email']); return false; } $replyName = str_replace(array("\r", "\n"), array(' '), $_POST['name']); $replyName = strip_tags($replyName); $replyName = htmlspecialchars($replyName); $mailer->AddReplyTo($_POST['email'], $replyName); if (\gp\tool::ConfigValue('from_use_user', false)) { $mailer->SetFrom($_POST['email'], $replyName); } } //check for required values $require_email =& $config['require_email']; if (strpos($require_email, 'email') !== false) { if (empty($_POST['email'])) { $field = \gp\tool\Output::SelectText('your_email'); msg($langmessage['OOPS_REQUIRED'], $field); return false; } } if (strpos($require_email, 'none') === false) { if (empty($_POST['subject'])) { $field = \gp\tool\Output::SelectText('subject'); msg($langmessage['OOPS_REQUIRED'], $field); return false; } if (empty($message)) { $field = \gp\tool\Output::SelectText('message'); msg($langmessage['OOPS_REQUIRED'], $field); return false; } } if ($mailer->SendEmail($config['toemail'], $_POST['subject'], $message)) { msg($langmessage['message_sent']); return true; } msg($langmessage['OOPS'] . ' (Send Failed)'); return false; }
/** * Clean a string of html that may be used as file content * * @param string $text The string to be cleansed. Passed by reference */ public static function CleanText(&$text) { \gp\tool\Editing::tidyFix($text); self::rmPHP($text); self::FixTags($text); $text = \gp\tool\Plugins::Filter('CleanText', array($text)); }
/** * Clean a slug posted by the user * @param string $slug The slug provided by the user * @return string * @since 2.4b5 */ public static function PostedSlug($string, $from_label = false) { global $config; $orig_string = $string; // Remove control characters $string = preg_replace('#[[:cntrl:]]#u', '', $string); // [\x00-\x1F\x7F] //illegal characters $string = str_replace(array('?', '*', ':', '|'), array('', '', '', ''), $string); //change known entities to their character equivalent $string = \gp\tool\Strings::entity_unescape($string); //if it's from a label, remove any html if ($from_label) { $string = self::LabelHtml($string); $string = strip_tags($string); //after removing tags, unescape special characters $string = str_replace(array('<', '>', '"', ''', '&'), array('<', '>', '"', "'", '&'), $string); } // # character after unescape for entities and unescape of special chacters when $from_label is true $string = str_replace('#', '', $string); //slashes $string = self::SlugSlashes($string); $string = str_replace(' ', $config['space_char'], $string); return \gp\tool\Plugins::Filter('PostedSlug', array($string, $orig_string, $from_label)); }
/** * Check the file extension agains $allowed_types * */ public static function AllowedExtension(&$file, $fix = true) { global $upload_extensions_allow, $upload_extensions_deny; static $allowed_types = false; $file = \gp\tool\Files::NoNull($file); if (!gp_restrict_uploads) { return true; } $parts = explode('.', $file); if (count($parts) < 2) { return true; } //build list of allowed extensions once if (!$allowed_types) { if (is_string($upload_extensions_deny) && strtolower($upload_extensions_deny) === 'all') { $allowed_types = array(); } else { $allowed_types = array('bmp', 'gif', 'jpeg', 'jpg', 'png', 'tif', 'tiff', 'wav', 'wma', 'svg', 'aiff', 'asf', 'avi', 'fla', 'flv', 'm4v', 'mid', 'mov', 'mp3', 'mp4', 'mpc', 'mpeg', 'mpg', 'ogg', 'oga', 'ogv', 'opus', 'qt', 'ram', 'rm', 'rmi', 'rmvb', 'swf', 'webm', 'wmv', '7z', 'bz', 'gz', 'gzip', 'rar', 'sdc', 'sitd', 'tar', 'tgz', 'zip', 'css', 'csv', 'doc', 'docx', 'htm', 'html', 'js', 'json', 'less', 'md', 'ods', 'odt', 'pdf', 'ppt', 'pptx', 'rtf', 'txt', 'sxc', 'sxw', 'vsd', 'xls', 'xlsx', 'xml'); } if (is_array($upload_extensions_allow)) { $upload_extensions_allow = array_map('trim', $upload_extensions_allow); $upload_extensions_allow = array_map('strtolower', $upload_extensions_allow); $allowed_types = array_merge($allowed_types, $upload_extensions_allow); } if (is_array($upload_extensions_deny)) { $upload_extensions_allow = array_map('trim', $upload_extensions_allow); $upload_extensions_allow = array_map('strtolower', $upload_extensions_allow); $allowed_types = array_diff($allowed_types, $upload_extensions_deny); } } $allowed_types = \gp\tool\Plugins::Filter('AllowedTypes', array($allowed_types)); //make sure the extension is allowed $file_type = array_pop($parts); if (!in_array(strtolower($file_type), $allowed_types)) { return false; } if ($fix) { return implode('_', $parts) . '.' . $file_type; } else { return implode('.', $parts) . '.' . $file_type; } }