function action_revision($args) { global $manager, $tree, $user, $lang; /* Decode argumenst */ $id = array_shift($args); $item =& $tree->getItemById($id); $id = $item['id']; if (!$tree->_hasRights('admin', $item['rights'])) { header('Location: ' . url::item($id)); exit; } if (count($args)) { $action = array_shift($args); if ($action == 'create') { revisions::doCreateRevision($id); if ($_REQUEST['return']) { header('Location: ' . $_REQUEST['return']); exit; } } if ($action == 'publish') { revisions::doPublishRevision($id, $_REQUEST['revision']); if ($_REQUEST['return']) { header('Location: ' . $_REQUEST['return']); exit; } } } // Redirect header("Location: " . url::item()); exit; }
function event_ExecuteEditor(&$data) { global $lang, $manager; if ($data['type'] == 'external' && $data['sheet'] == 'external') { if ($_SERVER['REQUEST_METHOD'] == 'POST') { if ($_REQUEST['url'] != 'http://') { $res = sql::query("\r\n\t\t\t\t\t\t\tREPLACE \r\n\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_external\r\n\t\t\t\t\t\t\tSET\r\n\t\t\t\t\t\t\t\tID='" . $data['params']['id'] . "',\r\n\t\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "',\r\n\t\t\t\t\t\t\t\turl='" . addslashes($_REQUEST['url']) . "'\r\n\t\t\t\t\t\t"); } // Mark this action as a modification revisions::updateModificationDate($data['params']['id'], $data['params']['revision']); header("Location: " . url::item($data['params']['id'], 'edit') . "/external?revision=" . $data['params']['revision']); exit; } $res = sql::query("\r\n\t\t\t\t\tSELECT\r\n\t\t\t\t\t\t*\r\n\t\t\t\t\tFROM\r\n\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_external\r\n\t\t\t\t\tWHERE\r\n\t\t\t\t\t\tID='" . $data['params']['id'] . "' AND\r\n\t\t\t\t\t\trevision='" . $data['params']['revision'] . "'\r\n\t\t\t\t"); $tpl = new Template($this->getTemplate('editor.template')); if ($row = sql::fetch_array($res)) { $tpl->set("url", $row['url']); } else { $tpl->set("url", 'http://'); } $tpl->set("id", $data['params']['id']); $tpl->set("revision", $data['params']['revision']); $data['template']->append('content', $tpl->fetch()); } }
function event_ExecuteEditor(&$data) { global $lang, $manager, $user; if (isset($manager->types[$data['type']]['content']['story']) && $data['sheet'] == 'contents') { // Retrieve story $res = sql::query("\n\t\t\t\t\tSELECT \n\t\t\t\t\t\t*\n\t\t\t\t\tFROM \n\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_story \n\t\t\t\t\tWHERE \n\t\t\t\t\t\t`ID` = '" . $data['params']['id'] . "' AND\n\t\t\t\t\t\t`revision` = '" . $data['params']['revision'] . "'\n\t\t\t\t"); if ($row = sql::fetch_array($res, MYSQL_ASSOC)) { $story = $row; } else { $story = array('text' => ''); } if ($_SERVER['REQUEST_METHOD'] == 'POST') { $_POST['text'] = filter::images($_POST['text']); $_POST['text'] = filter::html($_POST['text']); $res = sql::query("\n\t\t\t\t\t\tREPLACE INTO \n\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_story \n\t\t\t\t\t\tSET \n\t\t\t\t\t\t\tID='" . $data['params']['id'] . "', \n\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "',\n\t\t\t\t\t\t\ttext='" . addslashes($_POST['text']) . "'\n\t\t\t\t\t"); // Mark this action as a modification revisions::updateModificationDate($data['params']['id'], $data['params']['revision']); header("Location: " . url::item($data['params']['id'], 'edit') . "/contents?revision=" . $data['params']['revision']); exit; } $tpl = new Template($this->getTemplate('editor.template')); $tpl->set('story', $story); $tpl->set('id', $data['params']['id']); $tpl->set('revision', $data['params']['revision']); $data['template']->append('content', $tpl->fetch()); } }
function event_ExecuteEditor(&$data) { global $lang, $manager; if ($data['sheet'] == 'background') { if ($_SERVER['REQUEST_METHOD'] == 'POST') { $res = sql::query("\r\n\t\t\t\t\t\tREPLACE INTO \r\n\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_background\r\n\t\t\t\t\t\tSET \r\n\t\t\t\t\t\t\tID='" . $data['params']['id'] . "', \r\n\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "',\r\n\t\t\t\t\t\t\timage='" . addslashes($_REQUEST['image']) . "', \r\n\t\t\t\t\t\t\tmodified=NOW()\r\n\t\t\t\t\t"); // Mark this action as a modification revisions::updateModificationDate($data['params']['id'], $data['params']['revision']); header("Location: " . url::item($data['params']['id'], 'edit') . "/background?revision=" . $data['params']['revision']); exit; } $res = sql::query("\r\n\t\t\t\t\tSELECT \r\n\t\t\t\t\t\t* \r\n\t\t\t\t\tFROM \r\n\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_background\r\n\t\t\t\t\tWHERE \r\n\t\t\t\t\t\tid='" . $data['params']['id'] . "' AND\r\n\t\t\t\t\t\trevision='" . $data['params']['revision'] . "'\r\n\t\t\t\t"); if ($row = sql::fetch_array($res)) { $image = $row['image']; } else { $image = ''; } $tpl = new Template($this->getTemplate('editor.template')); $tpl->set('id', $data['params']['id']); $tpl->set('revision', $data['params']['revision']); $tpl->set('image', $image); $data['template']->append('content', $tpl->fetch()); // Make sure the following assets are included $data['page']->assets->registerJavascript('/core/assets/javascript/modaldialog.js'); $data['page']->assets->registerCSS($this->localAsset('editor.css')); } }
function action_move($args) { global $manager, $tree, $user, $lang; /* Decode argumenst */ $id = array_shift($args); $item =& $tree->getItemById($id); $id = $item['id']; if (!$tree->_hasRights('admin', $item['rights'])) { header('Location: ' . url::item($id)); exit; } if ($_SERVER['REQUEST_METHOD'] == 'POST') { $parentid = intval($_POST['parent']); $position = 0; if ($parentid == 0) { reset($tree->tree); while (list($k, ) = each($tree->tree)) { if ($tree->tree[$k]['id'] != 'admin') { $position = max($position, $tree->tree[$k]['position']); } } } else { if ($parent =& $tree->getItemById($parentid)) { if (isset($parent['children'])) { reset($parent['children']); while (list($k, ) = each($parent['children'])) { $position = max($position, $parent['children'][$k]['position']); } } } } $position++; treeStorage::startTransaction(); treeStorage::prepareForMove($id, $parentid, $_POST['language']); sql::query("\r\n\t\t\t\t\tUPDATE \r\n\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents\r\n\t\t\t\t\tSET \r\n\t\t\t\t\t\t`parent`='" . $parentid . "',\r\n\t\t\t\t\t\t`position`=" . $position . "\r\n\t\t\t\t\tWHERE\r\n\t\t\t\t\t\t`ID`='" . $id . "'\r\n\t\t\t\t"); treeStorage::stopTransaction(); // Our url needs to be rebuild... $url = url::item($id); $url = str_replace('/' . $item['meta']['language'] . '/', '/' . $_POST['language'] . '/', $url); header("Location: " . $url); exit; } else { @(include _BASE_LIBRARIES_ . 'resources/iso639to3166.php'); $languages = array(); $list = new languages(_DEFAULT_SITE_); while (list(, $language) = each($list->nodes)) { if ($language->public) { $languages[] = array('id' => $language->id, 'name' => $language->name, 'flag' => strtolower($iso639to3166[$language->id])); } } $tpl = new Template($this->getTemplate('move.template')); $tpl->set('languages', $languages); $tpl->set('id', $id); echo $tpl->fetch(); exit; } }
function event_PreSkinParse(&$data) { global $manager, $tree; if ($data['params']['action'] == 'view' && ($data['type'] == 'redirect' || isset($manager->types[$data['type']]['content']['redirect']))) { if ($item =& $tree->getFirstChild($data['params']['id'])) { header("Location: " . url::item($item)); exit; } } }
function action_restore($args) { global $manager, $tree, $user, $lang; /* Decode argumenst */ $id = array_shift($args); if ($user->admin()) { $this->_restoreItem($id); header("Location: " . url::item($id)); } else { header("Location: " . url::root()); } exit; }
function action_login($args) { global $manager, $tree, $user, $config, $lang; if ($config->get('inlineLogin')) { $page = new theme(); $t = new Template($this->getTemplate('inline.template')); $l =& $lang; } else { $page = new admin(); $t = new Template($this->getTemplate('form.template')); $l =& $user->lang; } if (count($args)) { $id = array_shift($args); // Check if the id contains an file extension if (preg_match('/(.*)\\.([a-z0-9]+)$/i', $id, $matches)) { $id = $matches[1]; } $t->set('url', url::item($id, 'login')); if ($_SERVER['REQUEST_METHOD'] == 'POST') { $user->login(url::item($id)); // If we end up here, we did not properly login... probably // username or password not correct... $t->set('error', $l->s('passwordnotcorrect')); } else { if (!$config->get('redirectToLogin')) { $page->template->set('error', $l->s('notenoughrights') . ' ' . $l->s('logintoview')); } } } else { $t->set('url', url::action('login')); if ($_SERVER['REQUEST_METHOD'] == 'POST') { $user->login(); // If we end up here, we did not properly login... probably // username or password not correct... $t->set('error', $l->s('passwordnotcorrect')); } } // Notify plugins of a PreSkinParse event; $data = array('page' => &$page, 'template' => &$page->template, 'type' => null, 'params' => array('action' => 'login', 'id' => null, 'args' => $args)); $manager->handleEvent('PreSkinParse', $data); $page->template->set('title', $l->s('login')); $page->template->set('content', $t->fetch()); $page->template->set('type', 'login'); $page->show(); }
function action_delete($args) { global $manager, $tree, $user, $lang; /* Decode argumenst */ $id = array_shift($args); $item =& $tree->getItemById($id); $id = $item['id']; if (!$tree->_hasRights('admin', $item['rights'])) { header('Location: ' . url::item($id)); exit; } $this->_deleteItem($id); // Redirect if ($item['parent'] > 0) { header("Location: " . url::item($item['parent'])); } else { header("Location: " . url::item()); } exit; }
function event_ExecuteEditor(&$data) { global $lang, $manager; if (isset($manager->types[$data['type']]['content']['links']) && $data['sheet'] == 'links') { // Define a list of errors $errors = array(); $links = array(); $res = sql::query("\r\n\t\t\t\t\tSELECT \r\n\t\t\t\t\t\t* \r\n\t\t\t\t\tFROM\r\n\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_links\r\n\t\t\t\t\tWHERE\r\n\t\t\t\t\t\tID = '" . $data['params']['id'] . "' AND\r\n\t\t\t\t\t\trevision = '" . $data['params']['revision'] . "'\r\n\t\t\t\t"); while ($row = sql::fetch_array($res, MYSQL_ASSOC)) { $links[$row['link']] = $row; } if ($_SERVER['REQUEST_METHOD'] == 'POST') { $res = sql::query("\r\n\t\t\t\t\t\tDELETE FROM \r\n\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_links \r\n\t\t\t\t\t\tWHERE \r\n\t\t\t\t\t\t\tID='" . $data['params']['id'] . "' AND\r\n\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "'\r\n\t\t\t\t\t"); if (is_array($_POST['links'])) { $position = 0; while (list(, $v) = each($_POST['links'])) { $res = sql::query("\r\n\t\t\t\t\t\t\t\tINSERT INTO \r\n\t\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_links \r\n\t\t\t\t\t\t\t\tSET \r\n\t\t\t\t\t\t\t\t\tID='" . $data['params']['id'] . "', \r\n\t\t\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "',\r\n\t\t\t\t\t\t\t\t\tposition='" . $position . "',\r\n\t\t\t\t\t\t\t\t\turl='" . addslashes($v['url']) . "', \r\n\t\t\t\t\t\t\t\t\ttitle='" . addslashes($v['title']) . "',\r\n\t\t\t\t\t\t\t\t\ttarget='" . addslashes($v['target']) . "'\r\n\t\t\t\t\t\t\t"); $position++; } } // Mark this action as a modification revisions::updateModificationDate($data['params']['id'], $data['params']['revision']); header("Location: " . url::item($data['params']['id'], 'edit') . "/links?revision=" . $data['params']['revision']); exit; } $tpl = new Template($this->getTemplate('editor.template')); $tpl->set("links", $links); $tpl->set("id", $data['params']['id']); $tpl->set("revision", $data['params']['revision']); if (count($errors)) { $data['template']->append('error', implode(', ', $errors)); } $data['template']->append('content', $tpl->fetch()); // Make sure the following assets are included $data['page']->assets->registerJavascript('/core/assets/javascript/modaldialog.js'); $data['page']->assets->registerCSS($this->localAsset('editor.css')); $data['page']->assets->registerJavascript($this->localAsset('editor.js')); } }
function action_duplicate($args) { global $manager, $tree, $user, $lang; /* Decode argumenst */ $id = array_shift($args); $item =& $tree->getItemById($id); $id = $item['id']; if (!$tree->_hasRights('admin', $item['rights'])) { header('Location: ' . url::item($id)); exit; } if ($item['parent']) { $parentnode =& $tree->getItemById($item['parent']); $position = 0; if (isset($parentnode['children'])) { reset($parentnode['children']); while (list($k, ) = each($parentnode['children'])) { $position = max($position, $parentnode['children'][$k]['position']); } } $position++; $parent = $item['parent']; } else { $position = 0; reset($tree->tree); while (list($k, ) = each($tree->tree)) { if ($tree->tree[$k]['id'] != 'admin') { $position = max($position, $tree->tree[$k]['position']); } } $position++; $parent = ''; } $newid = $this->_duplicateItem($id, $parent, $position); header("Location: " . url::item($newid, 'edit')); exit; }
function event_ExecuteEditor(&$data) { global $tree, $language; if ($data['sheet'] == 'seo') { if ($_SERVER['REQUEST_METHOD'] == 'POST') { $keywords = isset($_POST['keywords']) ? trim($_POST['keywords']) : ''; $description = isset($_POST['description']) ? trim($_POST['description']) : ''; $res = sql::query("\r\n\t\t\t\t\t\tREPLACE INTO \r\n\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_seo\r\n\t\t\t\t\t\tSET \r\n\t\t\t\t\t\t\tID='" . $data['params']['id'] . "',\r\n\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "',\r\n\t\t\t\t\t\t\tkeywords='" . addslashes($keywords) . "',\r\n\t\t\t\t\t\t\tdescription='" . addslashes($description) . "'\r\n\t\t\t\t\t"); // Mark this action as a modification revisions::updateModificationDate($data['params']['id'], $data['params']['revision']); header("Location: " . url::item($data['params']['id'], 'edit') . "/seo?revision=" . $data['params']['revision']); exit; } $res = sql::query("\r\n\t\t\t\t\tSELECT\r\n\t\t\t\t\t\t*\r\n\t\t\t\t\tFROM\r\n\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_seo\r\n\t\t\t\t\tWHERE\r\n\t\t\t\t\t\tID='" . $data['params']['id'] . "' AND\r\n\t\t\t\t\t\trevision='" . $data['params']['revision'] . "'\r\n\t\t\t\t"); if (!($row = sql::fetch_array($res))) { $row = array('keywords' => '', 'description' => ''); } $tpl = new Template($this->getTemplate('editor.template')); $tpl->set('seo', $row); $tpl->set('id', $data['params']['id']); $tpl->set("revision", $data['params']['revision']); $data['template']->append('content', $tpl->fetch()); } }
function logout() { unset($_SESSION['USER_DATA']); header('Location: ' . url::item()); exit; }
function event_ExecuteEditor(&$data) { global $lang, $manager; if (isset($manager->types[$data['type']]['content']['movie']) && $data['sheet'] == 'movie') { if (isset($_REQUEST['json']) && $_REQUEST['json'] == 'list') { $res = sql::query("\r\n\t\t\t\t\t\tSELECT\r\n\t\t\t\t\t\t\t*\r\n\t\t\t\t\t\tFROM\r\n\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_movie\r\n\t\t\t\t\t\tWHERE\r\n\t\t\t\t\t\t\tID='" . $data['params']['id'] . "' AND\r\n\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "'\r\n\t\t\t\t\t"); $tpl = new Template($this->getTemplate('json.template')); if ($movie = sql::fetch_array($res)) { $tpl->set("movie", $movie); } echo $tpl->fetch(); exit; } if (isset($_REQUEST['json']) && $_REQUEST['json'] == 'delete') { $res = sql::query("\r\n\t\t\t\t\t\tSELECT \r\n\t\t\t\t\t\t\t* \r\n\t\t\t\t\t\tFROM \r\n\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_movie\r\n\t\t\t\t\t\tWHERE \r\n\t\t\t\t\t\t\tID='" . $data['params']['id'] . "' AND\r\n\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "'\r\n\t\t\t\t\t"); if ($row = sql::fetch_array($res)) { $directory = _BASE_MEDIA_ . 'movies/'; if (file_exists($directory . $row['filename'])) { unlink($directory . $row['filename']); } $res = sql::query("\r\n\t\t\t\t\t\t\tDELETE FROM \r\n\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_movie\r\n\t\t\t\t\t\t\tWHERE \r\n\t\t\t\t\t\t\t\tID='" . $data['params']['id'] . "' AND\r\n\t\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "'\r\n\t\t\t\t\t\t"); } // Mark this action as a modification revisions::updateModificationDate($data['params']['id'], $data['params']['revision']); exit; } if ($_SERVER['REQUEST_METHOD'] == 'POST') { /* Upload */ if (isset($_FILES['Filedata'])) { if ($_FILES['Filedata']['error'] == UPLOAD_ERR_OK && is_uploaded_file($_FILES['Filedata']['tmp_name'])) { $directory = _BASE_MEDIA_ . 'movies/'; $original = $_FILES['Filedata']['name']; $contenttype = files::getCleanContentType($_FILES['Filedata']['type'], $_FILES['Filedata']['name']); $filename = files::getUniqueName($contenttype, $directory); if (files::allowedContentType($contenttype, 'movie')) { // Insert into database... move_uploaded_file($_FILES['Filedata']['tmp_name'], $directory . $filename); $res = sql::query("\r\n\t\t\t\t\t\t\t\t\tINSERT INTO\r\n\t\t\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_movie \r\n\t\t\t\t\t\t\t\t\tSET \r\n\t\t\t\t\t\t\t\t\t\tID='" . $data['params']['id'] . "', \r\n\t\t\t\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "',\r\n\t\t\t\t\t\t\t\t\t\tfilename='" . addslashes($filename) . "', \r\n\t\t\t\t\t\t\t\t\t\tname='" . addslashes($original) . "',\r\n\t\t\t\t\t\t\t\t\t\ttype='" . addslashes($contenttype) . "', \r\n\t\t\t\t\t\t\t\t\t\tsize='" . addslashes($_FILES['Filedata']['size']) . "',\r\n\t\t\t\t\t\t\t\t\t\twidth=320,\r\n\t\t\t\t\t\t\t\t\t\theight=240,\r\n\t\t\t\t\t\t\t\t\t\tautostart=0\r\n\t\t\t\t\t\t\t\t"); // Mark this action as a modification revisions::updateModificationDate($data['params']['id'], $data['params']['revision']); // Workaround for a Flash bug on OS X.. We need to send back content... any content will do echo " "; flush(); exit; } else { header("HTTP/1.1 415 Unsupported Media Type"); header("Status: 415 Unsupported Media Type"); exit; } } else { switch ($_FILES['Filedata']['error']) { case UPLOAD_ERR_INI_SIZE: case UPLOAD_ERR_FORM_SIZE: header("HTTP/1.1 413 Request Entity Too Large"); header("Status: 413 Request Entity Too Large"); exit; case UPLOAD_ERR_NO_FILE: case UPLOAD_ERR_PARTIAL: default: header("HTTP/1.1 400 Bad Request"); header("Status: 400 Bad Request"); exit; } } } else { // Update size and autostart $autostart = isset($_REQUEST['autostart']) ? intval($_REQUEST['autostart']) : 0; $width = isset($_REQUEST['size']) ? intval($_REQUEST['size']) : 320; switch ($width) { case 320: $height = 240; case 640: $height = 480; default: $height = round($width / 4 * 3); } $res = sql::query("\r\n\t\t\t\t\t\t\tUPDATE\r\n\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_movie\r\n\t\t\t\t\t\t\tSET\r\n\t\t\t\t\t\t\t\twidth='" . addslashes($width) . "',\r\n\t\t\t\t\t\t\t\theight='" . addslashes($height) . "',\r\n\t\t\t\t\t\t\t\tautostart='" . addslashes($autostart) . "'\r\n\t\t\t\t\t\t\tWHERE\r\n\t\t\t\t\t\t\t\tID='" . $data['params']['id'] . "' AND\r\n\t\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "'\r\n\t\t\t\t\t\t"); } // Mark this action as a modification revisions::updateModificationDate($data['params']['id'], $data['params']['revision']); header("Location: " . url::item($data['params']['id'], 'edit') . "/movie?revision=" . $data['params']['revision']); exit; } $res = sql::query("\r\n\t\t\t\t\tSELECT\r\n\t\t\t\t\t\t*\r\n\t\t\t\t\tFROM\r\n\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_movie\r\n\t\t\t\t\tWHERE\r\n\t\t\t\t\t\tID='" . $data['params']['id'] . "' AND\r\n\t\t\t\t\t\trevision='" . $data['params']['revision'] . "'\r\n\t\t\t\t"); $tpl = new Template($this->getTemplate('editor.template')); if ($movie = sql::fetch_array($res)) { $tpl->set("movie", $movie); } $tpl->set("id", $data['params']['id']); $tpl->set("revision", $data['params']['revision']); $tpl->set("filemask", files::getFilemask('movie')); $tpl->set("ticket", ticket::generate($data['params']['id'])); $data['template']->append('content', $tpl->fetch()); // Make sure the following assets are included $data['page']->assets->registerJavascript('/core/assets/javascript/plugin.js'); $data['page']->assets->registerJavascript('/core/assets/javascript/flash.js'); $data['page']->assets->registerJavascript('/core/assets/javascript/upload.js'); $data['page']->assets->registerJavascript('/core/assets/javascript/progress.js'); $data['page']->assets->registerJavascript($this->localAsset('editor.js')); $data['page']->assets->registerJavascript($this->localAsset('player.js')); } }
function event_ExecuteEditor(&$data) { global $lang, $manager; if (isset($manager->types[$data['type']]['content']['slides']) && $data['sheet'] == 'slides') { // Define a list of errors $errors = array(); if ($_SERVER['REQUEST_METHOD'] == 'POST') { mysql_query("\r\n\t\t\t\t\t\tDELETE FROM \r\n\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_slides\r\n\t\t\t\t\t\tWHERE \r\n\t\t\t\t\t\t\t`ID` = '" . $data['params']['id'] . "' AND\r\n\t\t\t\t\t\t\t`revision` = '" . $data['params']['revision'] . "'\r\n\t\t\t\t\t"); if (is_array($_POST['slides'])) { $position = 0; while (list(, $slide) = each($_POST['slides'])) { mysql_query("\r\n\t\t\t\t\t\t\t\tINSERT INTO \r\n\t\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_slides \r\n\t\t\t\t\t\t\t\tSET \r\n\t\t\t\t\t\t\t\t\t`ID` = '" . $data['params']['id'] . "', \r\n\t\t\t\t\t\t\t\t\t`revision` = '" . $data['params']['revision'] . "',\r\n\t\t\t\t\t\t\t\t\t`position` = '" . $position . "',\r\n\t\t\t\t\t\t\t\t\t`thumbnail` = '" . addslashes($slide['thumbnail']) . "', \r\n\t\t\t\t\t\t\t\t\t`image` = '" . addslashes($slide['image']) . "', \r\n\t\t\t\t\t\t\t\t\t`title` = '" . addslashes($slide['title']) . "', \r\n\t\t\t\t\t\t\t\t\t`description` = '" . addslashes($slide['description']) . "'\r\n\t\t\t\t\t\t\t"); $position++; } } // Mark this action as a modification revisions::updateModificationDate($data['params']['id'], $data['params']['revision']); header("Location: " . url::item($data['params']['id'], 'edit') . "/slides?revision=" . $data['params']['revision']); exit; } // Load... $slides = array(); $res = mysql_query("\r\n\t\t\t\t\tSELECT \r\n\t\t\t\t\t\t*\r\n\t\t\t\t\tFROM \r\n\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_slides\r\n\t\t\t\t\tWHERE \r\n\t\t\t\t\t\t`ID` = '" . $data['params']['id'] . "' AND\r\n\t\t\t\t\t\t`revision` = '" . $data['params']['revision'] . "'\r\n\t\t\t\t"); while ($row = mysql_fetch_array($res, MYSQL_ASSOC)) { $row['description'] = preg_replace('/\\s+/', ' ', $row['description']); $slides[] = $row; } $tpl = new Template($this->getTemplate('editor.template')); $tpl->set("slides", $slides); $tpl->set("id", $data['params']['id']); $tpl->set("revision", $data['params']['revision']); if (count($errors)) { $data['template']->append('error', implode(', ', $errors)); } $data['template']->append('content', $tpl->fetch()); // Make sure the following assets are included $data['page']->assets->registerJavascript('/core/assets/javascript/modaldialog.js'); $data['page']->assets->registerCSS($this->localAsset('editor.css')); $data['page']->assets->registerJavascript($this->localAsset('editor.js')); } }
$action = array_shift($args); } else { $action = 'login'; } if ($action != 'settings' && $config->get('multiLanguageSupport') && count($args)) { $language = array_shift($args); } else { $language = _DEFAULT_LANGUAGE_; } $lang = new language($language, _DEFAULT_SITE_, true); $user = new currentUser(); $manager = new pluginManager(); $tree = new pageTree($user, $manager, $language, _DEFAULT_SITE_); if ($action == 'login' && $user->loggedin()) { $id = $tree->getHome(); header('Location: ' . url::item($id)); exit; } $manager->handleAction($action, $args); exit; } if (!$config->get('installed')) { $lang = new language(_DEFAULT_LANGUAGE_, _DEFAULT_SITE_, true); $theme =& new theme(); $theme->showError(_OFFLINE_MESSAGE_, 3); } if ($config->get('multiLanguageSupport') && count($args)) { $language = array_shift($args); } else { $language = _DEFAULT_LANGUAGE_; }
function action_create($args) { global $manager, $tree, $user, $lang; /* Decode argumenst */ $id = array_shift($args); $item =& $tree->getItemById($id); $id = $item['id']; if (!$tree->_hasRights('create', $item['rights'])) { header('Location: ' . url::item($id)); exit; } if ($_SERVER['REQUEST_METHOD'] == 'POST') { // Determine the type of the page $type = $_POST['childtype']; if (isset($_POST['location']) && $_POST['location'] == 'sibling') { // Overwrite the type of the page $type = $_POST['siblingtype']; if ($item['parent'] > 0) { // Set the item to its parent an continue... $item =& $tree->getItemById($item['parent']); } else { $position = 0; reset($tree->tree); while (list($k, ) = each($tree->tree)) { if ($tree->tree[$k]['id'] != 'admin') { $position = max($position, $tree->tree[$k]['position']); } } $position++; if (isset($_POST['language'])) { $language = $_POST['language']; } else { $language = $tree->language; } if (isset($_POST['name'])) { $name = $_POST['name']; } else { $name = $user->lang->s('untitled'); } $slug = strtolower($name); $slug = preg_replace('/(\\s+|_)/i', '-', $slug); $slug = preg_replace('/[^a-z0-9\\-]/i', '', $slug); $base = explode('/', $GLOBALS['HASH_URLS'][$data['params']['id']]); array_shift($base); $unique = false; while (!$unique) { $url = implode('/', array_merge($base, array($slug))); if (isset($GLOBALS['HASH_IDS'][$url])) { if (preg_match('/^(.*)-([0-9]+)$/i', $slug, $matches)) { $slug = $matches[1] . '-' . (intval($matches[2]) + 1); } else { $slug = $slug . '-2'; } } else { $unique = true; } } treeStorage::startTransaction(); list($left, $right) = treeStorage::prepareForInsert(0, $language); $res = sql::query("\r\n\t\t\t\t\t\t\tINSERT INTO \r\n\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents\r\n\t\t\t\t\t\t\tSET\r\n\t\t\t\t\t\t\t\t`parent`='',\r\n\t\t\t\t\t\t\t\t`left`='" . $left . "',\r\n\t\t\t\t\t\t\t\t`right`='" . $right . "',\r\n\t\t\t\t\t\t\t\t`site`='" . _DEFAULT_SITE_ . "',\r\n\t\t\t\t\t\t\t\t`name`='" . addslashes($name) . "',\r\n\t\t\t\t\t\t\t\t`title`='',\r\n\t\t\t\t\t\t\t\t`slug`='" . addslashes($slug) . "',\r\n\t\t\t\t\t\t\t\t`type`='" . $type . "',\r\n\t\t\t\t\t\t\t\t`status`='0',\r\n\t\t\t\t\t\t\t\t`revision`=0,\r\n\t\t\t\t\t\t\t\t`position`='" . $position . "',\r\n\t\t\t\t\t\t\t\t`language`='" . $language . "',\r\n\t\t\t\t\t\t\t\t`author`='" . $user->id . "',\r\n\t\t\t\t\t\t\t\t`r_view`='3',\r\n\t\t\t\t\t\t\t\t`r_view_inv`='0',\r\n\t\t\t\t\t\t\t\t`r_edit`='6',\r\n\t\t\t\t\t\t\t\t`r_edit_inv`='0',\r\n\t\t\t\t\t\t\t\t`r_create`='6',\r\n\t\t\t\t\t\t\t\t`r_create_inv`='0',\r\n\t\t\t\t\t\t\t\t`r_admin`='6',\r\n\t\t\t\t\t\t\t\t`r_admin_inv`='0',\r\n\t\t\t\t\t\t\t\t`created`='" . time() . "',\r\n\t\t\t\t\t\t\t\t`modified`='" . time() . "',\r\n\t\t\t\t\t\t\t\t`visible`='1'\r\n\t\t\t\t\t\t"); treeStorage::stopTransaction(); $id = sql::insert_id(); /* Create the first revision */ revisions::doCreatePage($id); header("Location: " . url::item($id, 'edit')); exit; } } // Create the page $position = 0; if (isset($item['children'])) { reset($item['children']); while (list($k, ) = each($item['children'])) { $position = max($position, $item['children'][$k]['position']); } } $position++; if (isset($_POST['language'])) { $language = $_POST['language']; } else { $language = $tree->language; } if (isset($_POST['name'])) { $name = $_POST['name']; } else { $name = $user->lang->s('untitled'); } $slug = strtolower($name); $slug = preg_replace('/(\\s+|_)/i', '-', $slug); $slug = preg_replace('/[^a-z0-9\\-]/i', '', $slug); $base = explode('/', $GLOBALS['HASH_URLS'][$data['params']['id']]); array_shift($base); while (!$unique) { $url = implode('/', array_merge($base, array($slug))); if (isset($GLOBALS['HASH_IDS'][$url])) { if (preg_match('/^(.*)-([0-9]+)$/i', $slug, $matches)) { $slug = $matches[1] . '-' . (intval($matches[2]) + 1); } else { $slug = $slug . '-2'; } } else { $unique = true; } } // Newly created items have the same // writing and creation rights as their // parents... $r_view = $item['rights']['r_view']; $r_edit = $item['rights']['r_create']; $r_create = $item['rights']['r_create']; $r_admin = $item['rights']['r_create']; if ($item['rights']['r_create'] != $item['rights']['r_admin']) { // Check if we are trying to create this page // with admin rights, or with create rights. if ($tree->_hasRights('create', $item['rights']) && !$tree->_hasRights('create', $item['rights'], true)) { $r_admin = $item['rights']['r_admin']; } } treeStorage::startTransaction(); list($left, $right) = treeStorage::prepareForInsert($item['id'], $language); sql::query("\r\n\t\t\t\t\tINSERT INTO \r\n\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents\r\n\t\t\t\t\tSET\r\n\t\t\t\t\t\t`parent`='" . $item['id'] . "',\r\n\t\t\t\t\t\t`left`='" . $left . "',\r\n\t\t\t\t\t\t`right`='" . $right . "',\r\n\t\t\t\t\t\t`site`='" . _DEFAULT_SITE_ . "',\r\n\t\t\t\t\t\t`name`='" . addslashes($name) . "',\r\n\t\t\t\t\t\t`title`='',\r\n\t\t\t\t\t\t`slug`='" . addslashes($slug) . "',\r\n\t\t\t\t\t\t`type`='" . $type . "',\r\n\t\t\t\t\t\t`status`='0',\r\n\t\t\t\t\t\t`position`='" . $position . "',\r\n\t\t\t\t\t\t`language`='" . $language . "',\r\n\t\t\t\t\t\t`author`='" . $user->id . "',\r\n\t\t\t\t\t\t`r_view`='" . $r_view . "',\r\n\t\t\t\t\t\t`r_view_inv`='0',\r\n\t\t\t\t\t\t`r_edit`='" . $r_edit . "',\r\n\t\t\t\t\t\t`r_edit_inv`='0',\r\n\t\t\t\t\t\t`r_create`='" . $r_create . "',\r\n\t\t\t\t\t\t`r_create_inv`='0',\r\n\t\t\t\t\t\t`r_admin`='" . $r_admin . "',\r\n\t\t\t\t\t\t`r_admin_inv`='0',\r\n\t\t\t\t\t\t`created`='" . time() . "',\r\n\t\t\t\t\t\t`modified`='" . time() . "',\r\n\t\t\t\t\t\t`visible`='1'\r\n\t\t\t\t"); treeStorage::stopTransaction(); $id = sql::insert_id(); /* Create the first revision */ revisions::doCreatePage($id); header("Location: " . url::item($id, 'edit')); exit; } else { if (is_null($item)) { $siblingAllowed = false; $siblingTypes = $manager->types(); if ($user->memberof(6)) { $siblingAllowed = count($siblingTypes) ? true : false; } $childAllowed = false; $childTypes = array(); } else { $childTypes = $manager->types($item['type']); $childAllowed = count($childTypes) ? true : false; $siblingAllowed = false; $siblingTypes = array(); if ($item['parent'] > 0) { $parent =& $tree->getItemById($item['parent']); if ($parent && $tree->_hasRights('create', $parent['rights'])) { $siblingAllowed = true; } $siblingTypes = $manager->types($parent['type']); } else { $siblingTypes = $manager->types(); } if ($user->memberof(6)) { $siblingAllowed = true; } if (!$id) { $siblingAllowed = false; } } $tpl = new Template($this->getTemplate('create.template')); $tpl->set('childTypes', $childTypes); $tpl->set('childAllowed', $childAllowed); $tpl->set('siblingTypes', $siblingTypes); $tpl->set('siblingAllowed', $siblingAllowed); $tpl->set('name', $user->lang->s('untitled')); $tpl->set('id', $id); echo $tpl->fetch(); exit; } }
function event_ExecuteEditor(&$data) { global $lang, $manager; if (isset($manager->types[$data['type']]['content']['files']) && ($data['sheet'] == 'attachments' || $data['sheet'] == 'files')) { if (isset($_REQUEST['json']) && $_REQUEST['json'] == 'list') { $tpl = new Template($this->getTemplate('json.template')); if ($data['sheet'] == 'files') { $tpl->set("files", $this->_files_list($data['params']['id'], $data['params']['revision'])); } else { $tpl->set("files", $this->_attachments_list($data['params']['id'], $data['params']['revision'])); } echo $tpl->fetch(); exit; } if (isset($_REQUEST['json']) && $_REQUEST['json'] == 'delete') { $res = sql::query("\r\n\t\t\t\t\t\tSELECT \r\n\t\t\t\t\t\t\t* \r\n\t\t\t\t\t\tFROM \r\n\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_files \r\n\t\t\t\t\t\tWHERE \r\n\t\t\t\t\t\t\tID='" . $data['params']['id'] . "' AND \r\n\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "' AND \r\n\t\t\t\t\t\t\tfilename='" . addslashes($_POST['delete']) . "'\r\n\t\t\t\t\t"); if ($row = sql::fetch_array($res)) { $directory = _BASE_MEDIA_ . 'files/'; if (file_exists($directory . $row['filename'])) { unlink($directory . $row['filename']); } $res = sql::query("\r\n\t\t\t\t\t\t\tDELETE FROM \r\n\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_files \r\n\t\t\t\t\t\t\tWHERE \r\n\t\t\t\t\t\t\t\tID='" . $data['params']['id'] . "' AND \r\n\t\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "' AND \r\n\t\t\t\t\t\t\t\tfilename='" . addslashes($row['filename']) . "'\r\n\t\t\t\t\t\t"); } // Mark this action as a modification revisions::updateModificationDate($data['params']['id'], $data['params']['revision']); exit; } if ($_SERVER['REQUEST_METHOD'] == 'POST') { if (isset($_REQUEST['files']) && is_array($_REQUEST['files'])) { // Update title and position while (list($id, $file) = each($_REQUEST['files'])) { $res = sql::query("\r\n\t\t\t\t\t\t\t\tUPDATE\r\n\t\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_files \r\n\t\t\t\t\t\t\t\tSET\r\n\t\t\t\t\t\t\t\t\ttitle='" . addslashes($file['title']) . "',\r\n\t\t\t\t\t\t\t\t\tposition='" . addslashes($file['position']) . "'\r\n\t\t\t\t\t\t\t\tWHERE \r\n\t\t\t\t\t\t\t\t\tID='" . $data['params']['id'] . "' AND \r\n\t\t\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "' AND \r\n\t\t\t\t\t\t\t\t\tfilename='" . addslashes($id) . "'\r\n\t\t\t\t\t\t\t"); } // Mark this action as a modification revisions::updateModificationDate($data['params']['id'], $data['params']['revision']); } if (isset($_FILES['Filedata'])) { $flashUsed = preg_match('/Flash/i', $_SERVER['HTTP_USER_AGENT']); if ($_FILES['Filedata']['error'] == UPLOAD_ERR_OK && is_uploaded_file($_FILES['Filedata']['tmp_name'])) { $directory = _BASE_MEDIA_ . 'files/'; $original = $_FILES['Filedata']['name']; $contenttype = files::getCleanContentType($_FILES['Filedata']['type'], $_FILES['Filedata']['name']); $filename = files::getUniqueName($contenttype, $directory); if (files::allowedContentType($contenttype)) { // Insert into database... @move_uploaded_file($_FILES['Filedata']['tmp_name'], $directory . $filename); $attachment = $data['sheet'] == 'files' ? 0 : 1; $res = sql::query("\r\n\t\t\t\t\t\t\t\t\tSELECT \r\n\t\t\t\t\t\t\t\t\t\t*\r\n\t\t\t\t\t\t\t\t\tFROM\r\n\t\t\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_files \r\n\t\t\t\t\t\t\t\t\tWHERE\r\n\t\t\t\t\t\t\t\t\t\tID = " . $data['params']['id'] . " AND\r\n\t\t\t\t\t\t\t\t\t\trevision = " . $data['params']['revision'] . " AND\r\n\t\t\t\t\t\t\t\t\t\tattachment = " . $attachment . "\r\n\t\t\t\t\t\t\t\t\tORDER BY\r\n\t\t\t\t\t\t\t\t\t\tposition DESC\r\n\t\t\t\t\t\t\t\t\tLIMIT 1\r\n\t\t\t\t\t\t\t\t"); if ($row = sql::fetch_array($res)) { $position = $row['position'] + 1; } else { $position = 0; } $res = sql::query("\r\n\t\t\t\t\t\t\t\t\tINSERT INTO \r\n\t\t\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_files \r\n\t\t\t\t\t\t\t\t\tSET \r\n\t\t\t\t\t\t\t\t\t\tID='" . $data['params']['id'] . "', \r\n\t\t\t\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "', \r\n\t\t\t\t\t\t\t\t\t\tfilename='" . addslashes($filename) . "', \r\n\t\t\t\t\t\t\t\t\t\tname='" . addslashes($original) . "',\r\n\t\t\t\t\t\t\t\t\t\ttype='" . addslashes($contenttype) . "', \r\n\t\t\t\t\t\t\t\t\t\ttitle='" . addslashes($original) . "',\r\n\t\t\t\t\t\t\t\t\t\tsize='" . addslashes($_FILES['Filedata']['size']) . "',\r\n\t\t\t\t\t\t\t\t\t\tposition='" . $position . "',\r\n\t\t\t\t\t\t\t\t\t\tattachment='" . $attachment . "',\r\n\t\t\t\t\t\t\t\t\t\tmodified=NOW()\r\n\t\t\t\t\t\t\t\t"); // Mark this action as a modification revisions::updateModificationDate($data['params']['id'], $data['params']['revision']); if (!$flashUsed) { header("Location: " . url::item($data['params']['id'], 'edit') . "/" . $data['sheet'] . "?revision=" . $data['params']['revision']); } else { // Workaround for a Flash bug on OS X.. We need to send back content... any content will do echo " "; flush(); } } else { if ($flashUsed) { header("HTTP/1.1 415 Unsupported Media Type"); header("Status: 415 Unsupported Media Type"); } else { header("Location: " . url::item($data['params']['id'], 'edit') . "/" . $data['sheet'] . "?revision=" . $data['params']['revision']); } } exit; } else { switch ($_FILES['Filedata']['error']) { case UPLOAD_ERR_INI_SIZE: case UPLOAD_ERR_FORM_SIZE: if ($flashUsed) { header("HTTP/1.1 413 Request Entity Too Large"); header("Status: 413 Request Entity Too Large"); } else { header("Location: " . url::item($data['params']['id'], 'edit') . "/" . $data['sheet'] . "?revision=" . $data['params']['revision']); } break; case UPLOAD_ERR_NO_FILE: case UPLOAD_ERR_PARTIAL: if ($flashUsed) { header("HTTP/1.1 400 Bad Request"); header("Status: 400 Bad Request"); } else { header("Location: " . url::item($data['params']['id'], 'edit') . "/" . $data['sheet'] . "?revision=" . $data['params']['revision']); } break; case UPLOAD_ERR_NO_TMP_DIR: case UPLOAD_ERR_CANT_WRITE: case UPLOAD_ERR_EXTENSION: default: if ($flashUsed) { header("HTTP/1.1 500 Internal Error"); header("Status: 500 Internal Error"); } else { header("Location: " . url::item($data['params']['id'], 'edit') . "/" . $data['sheet'] . "?revision=" . $data['params']['revision']); } break; } exit; } } header("Location: " . url::item($data['params']['id'], 'edit') . "/" . $data['sheet'] . "?revision=" . $data['params']['revision']); exit; } $tpl = new Template($this->getTemplate('editor.template')); if ($data['sheet'] == 'files') { $tpl->set("files", $this->_files_list($data['params']['id'], $data['params']['revision'])); } else { $tpl->set("files", $this->_attachments_list($data['params']['id'], $data['params']['revision'])); } $tpl->set("id", $data['params']['id']); $tpl->set("revision", $data['params']['revision']); $tpl->set("filemask", files::getFilemask()); $tpl->set("ticket", ticket::generate($data['params']['id'])); $tpl->set("sheet", $data['sheet']); $data['template']->append('content', $tpl->fetch()); // Make sure the following assets are included $data['page']->assets->registerJavascript('/core/assets/javascript/plugin.js'); $data['page']->assets->registerJavascript('/core/assets/javascript/flash.js'); $data['page']->assets->registerJavascript('/core/assets/javascript/upload.js'); $data['page']->assets->registerJavascript('/core/assets/javascript/progress.js'); $data['page']->assets->registerCSS($this->localAsset('editor.css')); $data['page']->assets->registerJavascript($this->localAsset('editor.js')); } }
function event_ExecuteEditor(&$data) { global $lang, $manager, $user; if (isset($manager->types[$data['type']]['content']['collection']) && $data['sheet'] == 'collection') { // Retrieve story $res = sql::query("\n\t\t\t\t\tSELECT \n\t\t\t\t\t\t*\n\t\t\t\t\tFROM \n\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_collection \n\t\t\t\t\tWHERE \n\t\t\t\t\t\t`ID` = '" . $data['params']['id'] . "' AND\n\t\t\t\t\t\t`revision` = '" . $data['params']['revision'] . "'\n\t\t\t\t"); if ($row = sql::fetch_array($res, MYSQL_ASSOC)) { $type = $row['type']; } else { $type = ''; } if ($_SERVER['REQUEST_METHOD'] == 'POST') { $res = sql::query("\n\t\t\t\t\t\tREPLACE INTO \n\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_collection \n\t\t\t\t\t\tSET \n\t\t\t\t\t\t\t`ID` = '" . $data['params']['id'] . "', \n\t\t\t\t\t\t\t`revision` = '" . $data['params']['revision'] . "',\n\t\t\t\t\t\t\t`type` = '" . addslashes($_POST['type']) . "',\n\t\t\t\t\t\t\t`limit` = " . intval($_POST['limit']) . ",\n\t\t\t\t\t\t\t`sort` = " . (isset($_POST['reverse']) ? 0 - $_POST['sort'] : $_POST['sort']) . "\n\t\t\t\t\t"); // Mark this action as a modification revisions::updateModificationDate($data['params']['id'], $data['params']['revision']); header("Location: " . url::item($data['params']['id'], 'edit') . "/collection?revision=" . $data['params']['revision']); exit; } $tpl = new Template($this->getTemplate('editor.template')); $tpl->set('type', $type); $tpl->set('limit', $row['limit']); $tpl->set('sort', $row['sort']); $tpl->set('types', $manager->types()); $tpl->set('id', $data['params']['id']); $tpl->set('revision', $data['params']['revision']); $data['template']->append('content', $tpl->fetch()); } }
function pageTree(&$user, &$manager, $language, $site) { // Hash tables for quick URL translation $GLOBALS['HASH_URLS'] = array(); $GLOBALS['HASH_IDS'] = array(); $this->user =& $user; $this->manager =& $manager; $this->language = $language; $this->site = $site; $time = time(); $res = sql::query(' SELECT * FROM ' . _TABLE_PREFIX_ . 'contents WHERE language="' . $this->language . '" AND site="' . $this->site . '" AND status < 2 ORDER BY `left` '); while ($row = sql::fetch_array($res, MYSQL_ASSOC)) { if (intval($row['parent']) == 0 || isset($this->data[$row['parent']])) { // Create new hash entries for URL translation $slug = $row['slug'] == '' ? 'item-' . $row['ID'] : $row['slug']; if ($row['parent'] > 0) { $url = $GLOBALS['HASH_URLS'][$row['parent']] . '/' . $slug; } else { $url = $slug; } $GLOBALS['HASH_URLS'][$row['ID']] = $url; $GLOBALS['HASH_IDS'][$url] = $row['ID']; // Build tree $this->data[$row['ID']] = array('id' => intval($row['ID']), 'revision' => intval($row['revision']), 'parent' => intval($row['parent']), 'slug' => $row['slug'], 'set' => intval($row['set']), 'position' => $row['position'], 'created' => intval($row['created']), 'published' => intval($row['published']), 'modified' => intval($row['modified']), 'status' => $row['status'], 'name' => $row['name'], 'title' => $row['title'], 'type' => $row['type'], 'url' => url::item($row), 'expand' => false, 'rights' => array('r_view' => $row['r_view'], 'r_view_inv' => $row['r_view_inv'], 'r_edit' => $row['r_edit'], 'r_edit_inv' => $row['r_edit_inv'], 'r_create' => $row['r_create'], 'r_create_inv' => $row['r_create_inv'], 'r_admin' => $row['r_admin'], 'r_admin_inv' => $row['r_admin_inv'], 'author' => $row['author']), 'date' => array('activation' => $row['activation'], 'expiration' => $row['expiration'], 'visible' => $row['visible']), 'meta' => array('language' => $row['language'], 'created' => max($row['activation'], $row['created']), 'modified' => max($row['activation'], $row['modified']))); $sort = 0; $visible = true; $navigation = true && $row['visible']; /* Navigation and sort inherited from page type */ if (isset($manager->types[$row['type']])) { $navigation = $navigation && $manager->types[$row['type']]['visible']; $sort = $manager->types[$row['type']]['sort']; } /* Check visibility of parent */ if (intval($row['parent']) == 0) { $this->tree[$row['ID']] =& $this->data[$row['ID']]; } else { $this->data[$row['parent']]['children'][] =& $this->data[$row['ID']]; /* Navigation manually set */ $navigation = $navigation && $this->data[$row['parent']]['visible']; } /* Check publishing date range */ if ($visible) { $visible = $visible && ($time > $this->data[$row['ID']]['date']['activation'] && $time < $this->data[$row['ID']]['date']['expiration']) || $time > $this->data[$row['ID']]['date']['activation'] && $this->data[$row['ID']]['date']['expiration'] == 0 || $this->data[$row['ID']]['date']['activation'] == 0 && $this->data[$row['ID']]['date']['expiration'] == 0; } /* Check view rights */ if ($visible) { $visible = $visible && $this->_hasRights('view', $this->data[$row['ID']]['rights']); } /* Check if a draft */ if ($visible) { $visible = $visible && $this->data[$row['ID']]['status'] > 0 || $this->user->admin(); } $this->data[$row['ID']]['sort'] = $sort; $this->data[$row['ID']]['visible'] = $visible; $this->data[$row['ID']]['navigation'] = $navigation && $visible; if ($navigation && $visible) { $tmp =& $this->data[$row['ID']]; while ($tmp['parent'] != 0) { $tmp =& $this->data[$tmp['parent']]; $tmp['expand'] = true; } } if ($row['slug'] != '') { $this->slugs[$row['slug']] = $row['ID']; } } } if (!count($this->data)) { return; } // Sort all items while (list($id, ) = each($this->data)) { if (isset($this->data[$id]['children']) && $this->data[$id]['sort'] != 0) { switch (abs($this->data[$id]['sort'])) { case 1: $t = "strcasecmp(\$a['name'], \$b['name'])"; break; case 2: $t = "\$a['created'] - \$b['created']"; break; case 3: $t = "\$a['published'] - \$b['published']"; break; case 4: $t = "\$a['modified'] - \$b['modified']"; break; default: continue; } uasort($this->data[$id]['children'], create_function('$a, $b', "return " . ($this->data[$id]['sort'] > 0 ? '' : '-') . "(" . $t . ");")); } } }
function event_ExecuteEditor(&$data) { global $tree, $lang, $user, $config, $manager; if ($data['sheet'] == 'navigation') { $item =& $data['item']; $allow = false; $allow = $allow || $tree->_hasRights('admin', $item['rights']); if ($item['parent'] != '' && $item['parent'] != '0') { $parent =& $tree->getItemById($item['parent']); $allow = $allow || $tree->_hasRights('admin', $parent['rights']); } $errors = array(); $tpl = new Template($this->getTemplate('editor.template')); if ($_SERVER['REQUEST_METHOD'] == 'POST') { $hidden = isset($_POST['hidden']) && $_POST['hidden'] == 'yes' ? 0 : 1; $set = isset($_POST['set']) ? intval($_POST['set']) : 0; $res = sql::query("\r\n\t\t\t\t\t\tUPDATE \r\n\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents \r\n\t\t\t\t\t\tSET \r\n\t\t\t\t\t\t\t`set` = '" . addslashes($set) . "', \r\n\t\t\t\t\t\t\t`visible` = '" . $hidden . "' \r\n\t\t\t\t\t\tWHERE \r\n\t\t\t\t\t\t\t`ID` = '" . $item['id'] . "'\r\n\t\t\t\t\t"); if ($allow && isset($_POST['position'])) { for ($i = 0; $i < intval($config->get('navigationSets')); $i++) { $position = explode(',', $_POST['position'][$i]); if ($set != $i) { while (list($p, $id) = each($position)) { if ($id == $item['id']) { unset($position[$p]); } } reset($position); } /* Also include all disabled siblings, but at the bottom... */ $res = sql::query(' SELECT `ID` FROM ' . _TABLE_PREFIX_ . 'contents WHERE `parent` = ' . $item['parent'] . ' AND `set` = ' . $set . ' AND `status` = 2 ORDER BY `position` '); while ($row = sql::fetch_array($res, MYSQL_ASSOC)) { $position[] = $row['ID']; } /* Sort */ while (list($p, $id) = each($position)) { treeStorage::startTransaction(); treeStorage::prepareForMove($id, $item['parent'], $item['meta']['language']); $res = sql::query("\r\n\t\t\t\t\t\t\t\t\tUPDATE \r\n\t\t\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents \r\n\t\t\t\t\t\t\t\t\tSET \r\n\t\t\t\t\t\t\t\t\t\t`position`='" . addslashes($p + 100 * $set) . "'\r\n\t\t\t\t\t\t\t\t\tWHERE \r\n\t\t\t\t\t\t\t\t\t\t`ID` = '" . addslashes($id) . "'\r\n\t\t\t\t\t\t\t\t"); treeStorage::stopTransaction(); } } header("Location: " . url::item($data['params']['id'], 'edit') . "/navigation"); exit; } } if ($data['item']['parent'] != '' && $data['item']['parent'] != '0') { $tpl->set('pages', $parent['children']); } else { // Make a copy that we can edit... $pages = $tree->tree; reset($pages); while (list($k, ) = each($pages)) { if ($pages[$k]['id'] == 'admin') { unset($pages[$k]); continue; } if ($pages[$k]['status'] > 1) { unset($pages[$k]); continue; } /* if ($data['item']['parent'] == 0 && $pages[$k]['set'] != $data['item']['set']) { unset($pages[$k]); continue; } */ } $tpl->set('pages', $pages); } // Determine if we must sort this item manually $sort = 0; $hidden = true; if ($item['parent'] > 0) { $parent =& $tree->getItemById($item['parent']); if (isset($manager->types[$parent['type']])) { $sort = $manager->types[$parent['type']]['sort']; $hidden = $manager->types[$parent['type']]['visible'] == 0; } } $tpl->set('item', $data['item']); $tpl->set('id', $data['params']['id']); $tpl->set('allow', $allow); $tpl->set('hidden', $hidden); $tpl->set('sort', $sort); $tpl->set('sets', intval($config->get('navigationSets'))); $data['template']->append('content', $tpl->fetch()); } }
function action_view($args) { global $manager, $tree, $config, $user, $lang; // If no arguments are provided redirect if (!count($args)) { $id = $tree->getHome(); if (!is_null($id)) { header('Location: ' . url::item($id)); exit; } // There are no pages $id = 0; $type = ''; $ext = ''; $item = null; if ($user->admin()) { // Allow admins to add pages... $action = 'edit'; $page = new admin(); // Notify plugins of a PreSkinParse event; $data = array('page' => &$page, 'template' => &$page->template, 'type' => $type, 'params' => array('action' => $action, 'id' => $id, 'ext' => $ext, 'args' => $args)); $manager->handleEvent('PreSkinParse', $data); $page->show(); exit; } else { if ($lang->id != _DEFAULT_LANGUAGE_) { // Redirect to the default language header('Location: ' . url::language(_DEFAULT_LANGUAGE_)); } else { // Show error message that website is offline $config = new config(); $lang = new language(_DEFAULT_LANGUAGE_, _DEFAULT_SITE_, true); $page = new theme(); $page->showError(_OFFLINE_MESSAGE_, 4); } } } else { // Decode argumenst $id = array_shift($args); // Check if the id contains an file extension if (preg_match('/(.*)\\.([a-z0-9]+)$/i', $id, $matches)) { $id = $matches[1]; $ext = $matches[2]; } else { $ext = ''; } // Load the page $item =& $tree->getItemById($id); $id = $item['id']; $type = $item['type']; $action = 'view'; // Setup Theme $page = new theme($id, $type); } // Notify plugins of a PreSkinParse event; $data = array('page' => &$page, 'template' => &$page->template, 'type' => $type, 'params' => array('action' => $action, 'id' => $id, 'ext' => $ext, 'args' => $args)); $manager->handleEvent('PreSkinParse', $data); // Handle authorisation $ticket = false; if (isset($_REQUEST['ticket'])) { if (ticket::authorize($_REQUEST['ticket']) == $data['params']['id']) { $ticket = true; } } if ($ticket || $tree->_hasRights('view', $item['rights'])) { $page->title->set($item['name']); if ($item['title'] != '') { $page->title->set($item['title']); } $manager->handleType($type, $data); $page->template->set('action', $action); $page->template->set('id', $id); $page->template->set('slug', isset($item['slug']) ? $item['slug'] : ''); $page->template->set('type', $type); if (isset($item)) { if (!isset($manager->types[$item['type']]['generated']) || !$manager->types[$item['type']]['generated']) { if ($config->get('showLastModified')) { $page->template->set('modified', revisions::getModificationDate($id, $item['revision'])); } } } } else { if ($config->get('redirectToLogin') && $user->anonymous()) { array_unshift($args, $id); $manager->handleAction('login', $args); //header ('Location: ' . url::item($id, 'login')); exit; } else { $page->template->set('error', $lang->s('notenoughrights')); } } $page->show(); }
function event_ExecuteEditor(&$data) { global $lang, $manager, $user; if (isset($manager->types[$data['type']]['content']['form']) && $data['sheet'] == 'form') { $structure = $this->getStructure($data['params']['id'], $data['params']['revision']); if ($_SERVER['REQUEST_METHOD'] == 'POST') { // First delete the original... $this->event_DeleteRevision($data['params']); // Create the new structure sql::query("\r\n\t\t\t\t\t\tINSERT INTO\r\n\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_form\r\n\t\t\t\t\t\tSET\r\n\t\t\t\t\t\t\t`ID` = '" . $data['params']['id'] . "',\r\n\t\t\t\t\t\t\t`revision` = '" . $data['params']['revision'] . "',\r\n\t\t\t\t\t\t\t`button` = '" . addslashes($_REQUEST['button']) . "',\r\n\t\t\t\t\t\t\t`email` = '" . addslashes($_REQUEST['email']) . "'\r\n\t\t\t\t\t"); while (list($id, $element) = each($_REQUEST['elements'])) { if (isset($element['options'])) { if ($element['type'] == 'checkbox') { $default = array(); reset($element['options']); while (list(, $option) = each($element['options'])) { if (isset($option['default'])) { $default[] = $option['title']; } } $element['default'] = implode(',', $default); } else { if ($element['default'] != '0') { $element['default'] = $element['options'][$element['default']]['title']; } else { $element['default'] = ''; } } } sql::query("\r\n\t\t\t\t\t\t\tINSERT INTO\r\n\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_form_elements\r\n\t\t\t\t\t\t\tSET\r\n\t\t\t\t\t\t\t\t`form` = '" . $data['params']['id'] . "',\r\n\t\t\t\t\t\t\t\t`revision` = '" . $data['params']['revision'] . "',\r\n\t\t\t\t\t\t\t\t`order` = '" . intval($element['position']) . "',\r\n\t\t\t\t\t\t\t\t`type` = '" . addslashes($element['type']) . "',\r\n\t\t\t\t\t\t\t\t`title` = '" . addslashes($element['title']) . "',\r\n\t\t\t\t\t\t\t\t`size` = '" . intval($element['size']) . "',\r\n\t\t\t\t\t\t\t\t`default` = '" . addslashes($element['default']) . "',\r\n\t\t\t\t\t\t\t\t`action` = '" . addslashes($element['action']) . "',\r\n\t\t\t\t\t\t\t\t`required` = '" . (isset($element['required']) ? 1 : 0) . "'\r\n\t\t\t\t\t\t"); $element_id = sql::insert_id(); if (isset($element['options'])) { reset($element['options']); while (list(, $option) = each($element['options'])) { sql::query("\r\n\t\t\t\t\t\t\t\t\tINSERT INTO\r\n\t\t\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_form_elements_options\r\n\t\t\t\t\t\t\t\t\tSET\r\n\t\t\t\t\t\t\t\t\t\t`element` = '" . $element_id . "',\r\n\t\t\t\t\t\t\t\t\t\t`order` = '" . intval($option['order']) . "',\r\n\t\t\t\t\t\t\t\t\t\t`title` = '" . addslashes($option['title']) . "'\r\n\t\t\t\t\t\t\t\t"); } } } // Mark this action as a modification revisions::updateModificationDate($data['params']['id'], $data['params']['revision']); header("Location: " . url::item($data['params']['id'], 'edit') . "/form?revision=" . $data['params']['revision']); exit; } $tpl = new Template($this->getTemplate('editor.template')); $tpl->set("id", $data['params']['id']); $tpl->set("revision", $data['params']['revision']); if ($structure) { $tpl->set("structure", $this->getJSON($structure)); $tpl->set("email", $structure['email']); $tpl->set("button", $structure['button']); } else { $tpl->set("structure", '[ ]'); $tpl->set("email", ''); $tpl->set("button", ''); } $tpl->set("types", array('text' => $user->lang->s('typetext'), 'textarea' => $user->lang->s('typetextarea'), 'email' => $user->lang->s('typeemail'), 'select' => $user->lang->s('typeselect'), 'radio' => $user->lang->s('typeradio'), 'checkbox' => $user->lang->s('typecheckbox'), 'country' => $user->lang->s('typecountry'), 'explaination' => $user->lang->s('typeexplaination'), 'header' => $user->lang->s('typeheader'), 'button' => $user->lang->s('typebutton'))); $data['template']->append('content', $tpl->fetch()); // Make sure the following assets are included $data['page']->assets->registerCSS($this->localAsset('editor.css')); $data['page']->assets->registerJavascript($this->localAsset('editor.js')); } }
function event_ExecuteEditor(&$data) { global $tree, $lang, $user, $config, $manager; if ($data['sheet'] == 'title') { $item =& $data['item']; $allow = false; $allow = $allow || $tree->_hasRights('admin', $item['rights']); if ($item['parent'] != '' && $item['parent'] != '0') { $parent =& $tree->getItemById($item['parent']); $allow = $allow || $tree->_hasRights('admin', $parent['rights']); } $errors = array(); $tpl = new Template($this->getTemplate('editor.template')); if ($_SERVER['REQUEST_METHOD'] == 'POST') { if ($_POST['name'] != '') { $unique = false; $slug = isset($_POST['slug']) ? trim($_POST['slug']) : ''; if ($slug != '') { $slug = strtolower($slug); $slug = preg_replace('/(\\s+|_)/i', '-', $slug); $slug = preg_replace('/[^a-z0-9\\-]/i', '', $slug); if (preg_match('/^[0-9]+$/i', $slug)) { $slug = 'item-' . $slug; } $base = explode('/', $GLOBALS['HASH_URLS'][$data['params']['id']]); array_pop($base); while (!$unique) { $url = implode('/', array_merge($base, array($slug))); if (isset($GLOBALS['HASH_IDS'][$url]) && $GLOBALS['HASH_IDS'][$url] != $data['params']['id']) { if (preg_match('/^(.*)-([0-9]+)$/i', $slug, $matches)) { $slug = $matches[1] . '-' . (intval($matches[2]) + 1); } else { $slug = $slug . '-2'; } } else { $unique = true; } } } $res = sql::query("\r\n\t\t\t\t\t\t\tUPDATE \r\n\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents \r\n\t\t\t\t\t\t\tSET \r\n\t\t\t\t\t\t\t\t`name` = '" . addslashes($_POST['name']) . "',\r\n\t\t\t\t\t\t\t\t`title` = '" . addslashes($_POST['title']) . "',\r\n\t\t\t\t\t\t\t\t`slug` = '" . addslashes($slug) . "'\r\n\t\t\t\t\t\t\tWHERE \r\n\t\t\t\t\t\t\t\t`ID` = '" . $item['id'] . "'\r\n\t\t\t\t\t\t"); header("Location: " . url::item($data['params']['id'], 'edit') . "/title"); exit; } $errors[] = $user->lang->s('titleempty'); } $url = 'http://' . _BASE_DOMAIN_ . '/'; if ($config->get('multiLanguageSupport')) { if (isset($item['language'])) { $s = $item['language']; } if (isset($item['meta']['language'])) { $s = $item['meta']['language']; } $url .= $s . '/'; } $url .= $data['item']['parent'] ? $GLOBALS['HASH_URLS'][$data['item']['parent']] . '/' : ''; $tpl->set('url', $url); $tpl->set('item', $data['item']); $tpl->set('id', $data['params']['id']); if (count($errors)) { $data['template']->append('error', implode(', ', $errors)); } $data['template']->append('content', $tpl->fetch()); } }