/**
* this only saves the jQuery core and UI settings, as the plugins are saved
* at once via AJAX
**/
function saveHeaderfiles($backend)
{
$data = CAT_Helper_Page::getExtraHeaderFiles(0);
if (CAT_Helper_Validate::sanitizePost('use_core') == 'on') {
$use_core = 'Y';
} else {
$use_core = 'N';
}
if (CAT_Helper_Validate::sanitizePost('use_ui') == 'on') {
$use_ui = 'Y';
} else {
$use_ui = 'N';
}
if (count($data)) {
$query = 'UPDATE `:prefix:pages_headers` SET `use_core`=:value1, `use_ui`=:value2 WHERE `page_id`=:page_id';
} else {
$query = 'INSERT INTO `:prefix:pages_headers` ( `page_id`, `use_core`, `use_ui` ) VALUES ( :page_id, :value1, :value2 )';
}
CAT_Helper_Page::getInstance(1)->db()->query($query, array('page_id' => 0, 'value1' => $use_core, 'value2' => $use_ui));
}
/**
* let admin set access permissions for modules of type 'page' and 'tool'
*
* @access public
* @return
**/
public static function setModulePermissions($addon_info)
{
$self = self::getInstance();
$check_permission = $addon_info['addon_function'] . '_permissions';
// get groups
$stmt = $self->db()->query('SELECT * FROM `:prefix:groups` WHERE group_id <> 1');
if ($stmt->rowCount() > 0) {
$group_ids = CAT_Helper_Validate::sanitizePost('group_id');
$allowed_groups = array();
// get marked groups
if (is_array($group_ids)) {
foreach ($group_ids as $gid) {
$allowed_groups[$gid] = $gid;
}
}
// get all known groups
$groups = array();
while ($row = $stmt->fetchRow(MYSQL_ASSOC)) {
$groups[$row['group_id']] = $row;
$gid = $row['group_id'];
// add newly installed module to any group that's NOT in the $allowed_groups array
if (!array_key_exists($gid, $allowed_groups)) {
// get current value
$addons = explode(',', $groups[$gid][$check_permission]);
// add newly installed module
$addons[] = $addon_info['module_directory'];
$addons = array_unique($addons);
asort($addons);
// Update the database
$addon_permissions = implode(',', $addons);
$self->db()->query(sprintf('UPDATE `:prefix:groups` SET `%s`=:val WHERE `group_id`=:id', $check_permission), array('val' => $addon_permissions, 'id' => $gid));
if ($self->db()->isError()) {
self::printError($self->db()->getError());
return false;
}
}
}
return true;
} else {
return true;
}
}
if (empty($sub)) {
continue;
}
$dir .= '/' . $sub;
if (file_exists($dir . '/framework/class.secure.php')) {
include $dir . '/framework/class.secure.php';
$inc = true;
break;
}
}
if (!$inc) {
trigger_error(sprintf("[ <b>%s</b> ] Can't include class.secure.php!", $_SERVER['SCRIPT_NAME']), E_USER_ERROR);
}
}
// handle upload
if (CAT_Helper_Validate::sanitizePost('upload') && isset($_FILES['userfile']) && is_array($_FILES['userfile'])) {
$p = CAT_Helper_Upload::getInstance($_FILES['userfile'], CAT_PATH . '/temp');
$p->file_overwrite = true;
$p->process(CAT_PATH . '/temp');
if ($p->processed) {
$subdir = $p->file_dst_name_body;
$z = CAT_Helper_Zip::getInstance(CAT_PATH . '/temp/' . $p->file_dst_name)->config('Path', CAT_PATH . '/modules/lib_jquery/plugins/' . $subdir);
$z->extract();
}
}
// get already installed plugins
$files = CAT_Helper_Directory::getInstance()->maxRecursionDepth(0)->getDirectories(CAT_PATH . '/modules/lib_jquery/plugins', CAT_PATH . '/modules/lib_jquery/plugins/');
$readmes = jqpmgr_getReadmes($files);
$parser->setPath(CAT_PATH . '/modules/jquery_plugin_mgr/templates/default');
$parser->output('tool', array('plugins' => $files, 'readmes' => $readmes));
function jqpmgr_getReadmes($plugins)
// required for certain browsers
header("Content-Type: application/zip");
header("Content-Disposition: attachment; filename=\"" . basename($filename) . "\";");
header("Content-Transfer-Encoding: binary");
header("Content-Length: " . filesize($filename));
readfile("{$filename}");
exit;
}
} else {
echo CAT_Helper_Validate::getInstance()->lang()->translate("File not found") . ": " . str_ireplace(array(str_replace('\\', '/', CAT_PATH), '\\'), array('/abs/path/to', '/'), $file);
}
exit;
}
// remove
if (CAT_Helper_Validate::sanitizePost('remove')) {
$date = CAT_Helper_Validate::sanitizePost('remove');
$file = CAT_Helper_Directory::sanitizePath(CAT_PATH . '/temp/logs/log_' . $date . '.txt');
if (file_exists($file)) {
unlink($file);
} else {
echo CAT_Helper_Validate::getInstance()->lang()->translate("File not found") . ": " . str_ireplace(array(str_replace('\\', '/', CAT_PATH), '\\'), array('/abs/path/to', '/'), $file);
}
exit;
}
// clean up log files (older than 24 hours and size 0)
$files = CAT_Helper_Directory::findFiles('log_\\d{4}-\\d{2}-\\d{2}\\.txt', CAT_PATH . '/temp');
if (count($files)) {
foreach ($files as $f) {
if (filemtime($f) < time() - 24 * 60 * 60 && filesize($f) == 0) {
unlink($f);
}
/**
* Print the admin header
*
* @access public
* @return void
*/
public function print_header()
{
global $parser;
$tpl_data = array();
$addons = CAT_Helper_Addons::getInstance();
$user = CAT_Users::getInstance();
// Connect to database and get website title
if (!CAT_Registry::exists('WEBSITE_TITLE')) {
$title = $this->db()->query("SELECT `value` FROM `:prefix:settings` WHERE `name`='website_title'")->fetchColumn();
CAT_Registry::define('WEBSITE_TITLE', $title, true);
}
// check current URL for page tree
$uri = CAT_Helper_Validate::get('_SERVER', 'SCRIPT_NAME');
// init template search paths
self::initPaths();
// =================================
// ! Add permissions to $tpl_data
// =================================
$tpl_data['permission']['pages'] = $user->checkPermission('pages', 'pages', false);
$tpl_data['permission']['pages_add'] = $user->checkPermission('pages', 'pages_add', false);
$tpl_data['permission']['pages_add_l0'] = $user->checkPermission('pages', 'pages_add_l0', false);
$tpl_data['permission']['pages_modify'] = $user->checkPermission('pages', 'pages_modify', false);
$tpl_data['permission']['pages_delete'] = $user->checkPermission('pages', 'pages_delete', false);
$tpl_data['permission']['pages_settings'] = $user->checkPermission('pages', 'pages_settings', false);
$tpl_data['permission']['pages_intro'] = $user->checkPermission('pages', 'pages_intro', false) != true || INTRO_PAGE != 'enabled' ? false : true;
if ($tpl_data['permission']['pages'] == true) {
$tpl_data['DISPLAY_MENU_LIST'] = CAT_Registry::get('MULTIPLE_MENUS') != false ? true : false;
$tpl_data['DISPLAY_LANGUAGE_LIST'] = CAT_Registry::get('PAGE_LANGUAGES') != false ? true : false;
$tpl_data['DISPLAY_SEARCHING'] = CAT_Registry::get('SEARCH') != false ? true : false;
// ==========================
// ! Get info for pagesTree
// ==========================
$pages = CAT_Helper_Page::getPages(true);
$sections = CAT_Helper_Page::getSections();
// create LI content for ListBuilder
foreach ($pages as $i => $page) {
if (isset($sections[$page['page_id']]) && count($sections[$page['page_id']])) {
$page['page_title'] .= "\n" . count($sections[$page['page_id']]) . ' ' . $user->lang()->translate('active sections') . ':';
foreach ($sections[$page['page_id']] as $block_id => $section) {
foreach ($section as $item) {
$page['page_title'] .= "\n" . $item['module'] . ' (ID:' . $item['section_id'] . ')';
}
}
}
$text = $parser->get('backend_pagetree_item', array_merge($page, array('action' => pathinfo($uri, PATHINFO_FILENAME) == 'lang_settings' ? 'lang_settings' : 'modify')));
$pages[$i]['text'] = $text;
}
// list of first level of pages
$tpl_data['pages'] = CAT_Helper_ListBuilder::getInstance()->config(array('__li_level_css' => true, '__li_id_prefix' => 'pageid_', '__li_css_prefix' => 'fc_page_', '__li_has_child_class' => 'fc_expandable', '__is_open_key' => 'be_tree_is_open', '__li_is_open_class' => 'fc_tree_open', '__li_is_closed_class' => 'fc_tree_close', '__title_key' => 'text'))->tree($pages, 0);
// number of editable pages (for current user)
$tpl_data['pages_editable'] = CAT_Helper_Page::getEditable();
// ==========================================
// ! Get info for the form to add new pages
// ==========================================
$tpl_data['templates'] = $addons->get_addons(CAT_Registry::get('DEFAULT_TEMPLATE'), 'template', 'template');
$tpl_data['languages'] = $addons->get_addons(CAT_Registry::get('DEFAULT_LANGUAGE'), 'language');
$tpl_data['modules'] = $addons->get_addons('wysiwyg', 'module', 'page');
$tpl_data['groups'] = $user->get_groups();
// ===========================================
// ! Check and set permissions for templates
// ===========================================
foreach ($tpl_data['templates'] as $key => $template) {
$tpl_data['templates'][$key]['permissions'] = $user->get_permission($template['VALUE'], 'template') ? true : false;
}
}
// =========================
// ! Add Metadatas to Dwoo
// =========================
$tpl_data['META']['CHARSET'] = true === defined('DEFAULT_CHARSET') ? DEFAULT_CHARSET : 'utf-8';
$tpl_data['META']['LANGUAGE'] = strtolower(CAT_Registry::get('LANGUAGE'));
$tpl_data['META']['WEBSITE_TITLE'] = WEBSITE_TITLE;
$tpl_data['CAT_VERSION'] = CAT_Registry::get('CAT_VERSION');
$tpl_data['CAT_CORE'] = CAT_Registry::get('CAT_CORE');
$tpl_data['PAGE_EXTENSION'] = CAT_Registry::get('PAGE_EXTENSION');
$date_search = array('Y', 'j', 'n', 'jS', 'l', 'F');
$date_replace = array('yy', 'y', 'm', 'd', 'DD', 'MM');
$tpl_data['DATE_FORMAT'] = str_replace($date_search, $date_replace, CAT_Registry::get('CAT_DATE_FORMAT'));
$time_search = array('H', 'i', 's', 'g');
$time_replace = array('hh', 'mm', 'ss', 'h');
$tpl_data['TIME_FORMAT'] = str_replace($time_search, $time_replace, CAT_Registry::get('TIME_FORMAT'));
$tpl_data['SESSION'] = session_name();
$tpl_data['HEAD']['SECTION_NAME'] = $this->lang()->translate(strtoupper(self::$instance->section_name));
$tpl_data['DISPLAY_NAME'] = $user->get_display_name();
$tpl_data['USER'] = $user->get_user_details($user->get_user_id());
// ===================================================================
// ! Add arrays for main menu, options menu and the Preferences-Button
// ===================================================================
$tpl_data['MAIN_MENU'] = array();
$tpl_data['MAIN_MENU'][0] = array('link' => CAT_ADMIN_URL . '/start/index.php', 'title' => $this->lang()->translate('Start'), 'permission_title' => 'start', 'permission' => $user->checkPermission('start', 'start') ? true : false, 'current' => 'start' == strtolower($this->section_name) ? true : false);
$tpl_data['MAIN_MENU'][1] = array('link' => CAT_ADMIN_URL . '/media/index.php', 'title' => $this->lang()->translate('Media'), 'permission_title' => 'media', 'permission' => $user->checkPermission('media', 'media') ? true : false, 'current' => 'media' == strtolower($this->section_name) ? true : false);
$tpl_data['MAIN_MENU'][2] = array('link' => CAT_ADMIN_URL . '/settings/index.php', 'title' => $this->lang()->translate('Settings'), 'permission_title' => 'settings', 'permission' => $user->checkPermission('settings', 'settings') ? true : false, 'current' => 'settings' == strtolower($this->section_name) ? true : false);
$tpl_data['MAIN_MENU'][3] = array('link' => CAT_ADMIN_URL . '/addons/index.php', 'title' => $this->lang()->translate('Addons'), 'permission_title' => 'addons', 'permission' => $user->checkPermission('addons', 'addons') ? true : false, 'current' => 'addons' == strtolower($this->section_name) ? true : false);
$tpl_data['MAIN_MENU'][4] = array('link' => CAT_ADMIN_URL . '/admintools/index.php', 'title' => $this->lang()->translate('Admin-Tools'), 'permission_title' => 'admintools', 'permission' => $user->checkPermission('admintools', 'admintools') ? true : false, 'current' => 'admintools' == strtolower($this->section_name) ? true : false);
$tpl_data['MAIN_MENU'][5] = array('link' => CAT_ADMIN_URL . '/users/index.php', 'title' => $this->lang()->translate('Access'), 'permission_title' => 'access', 'permission' => $user->checkPermission('access', 'access') ? true : false, 'current' => 'access' == strtolower($this->section_name) ? true : false);
// =======================================
// ! Seperate access-link by permissions
// =======================================
if ($user->get_permission('users')) {
$tpl_data['MAIN_MENU'][5]['link'] = CAT_ADMIN_URL . '/users/index.php';
} elseif ($user->get_permission('groups')) {
$tpl_data['MAIN_MENU'][5]['link'] = CAT_ADMIN_URL . '/groups/index.php';
}
$tpl_data['PREFERENCES'] = array('link' => CAT_ADMIN_URL . '/preferences/index.php', 'title' => $this->lang()->translate('Preferences'), 'permission_title' => 'preferences', 'permission' => $this->get_link_permission('preferences') ? true : false, 'current' => 'preferences' == strtolower($this->section_name) ? true : false);
$tpl_data['section_name'] = strtolower($this->section_name);
$tpl_data['page_id'] = CAT_Helper_Validate::sanitizeGet('page_id', 'numeric') && CAT_Helper_Validate::sanitizeGet('page_id') != '' ? CAT_Helper_Validate::sanitizeGet('page_id') : (CAT_Helper_Validate::sanitizePost('page_id', 'numeric') && CAT_Helper_Validate::sanitizePost('page_id') != '' ? CAT_Helper_Validate::sanitizePost('page_id') : false);
// ====================
// ! Parse the header
// ====================
$parser->output('header', $tpl_data);
}
}
if (file_exists($root . '/framework/class.secure.php')) {
include $root . '/framework/class.secure.php';
} else {
trigger_error(sprintf("[ <b>%s</b> ] Can't include class.secure.php!", $_SERVER['SCRIPT_NAME']), E_USER_ERROR);
}
}
$backend = CAT_Backend::getInstance('Access', 'groups', false);
$users = CAT_Users::getInstance();
header('Content-type: application/json');
if (!$users->checkPermission('Access', 'groups')) {
$ajax = array('message' => $backend->lang()->translate('You do not have the permission to view groups'), 'success' => false);
print json_encode($ajax);
exit;
}
$group_id = CAT_Helper_Validate::sanitizePost('id', 'numeric');
if (!$group_id) {
$ajax = array('message' => $backend->lang()->translate('You sent an invalid value'), 'success' => false);
print json_encode($ajax);
exit;
}
$get_group = $backend->db()->query("SELECT * FROM `:prefix:groups` WHERE group_id = :id", array('id' => $group_id));
$members = array();
$group_members = $users->getMembers($group_id);
if (count($group_members)) {
foreach ($group_members as $member) {
$members[] = $member['display_name'] . ' (' . $member['username'] . ')';
}
}
// ==============================================
// ! Insert admin group and current group first
public function get_post_escaped($field)
{
return CAT_Helper_Validate::sanitizePost($field, NULL, true);
}
$backend->print_error('Cannot save file', CAT_ADMIN_URL . '/pages/modify.php?page_id=' . $page_id);
} else {
$backend->print_success('Success', CAT_ADMIN_URL . '/pages/modify.php?page_id=' . $page_id);
}
}
} else {
if (!CAT_Helper_Validate::sanitizePost('edit_file')) {
// find JS files
$js = CAT_Helper_Directory::getInstance()->maxRecursionDepth(5)->setSuffixFilter(array('js'))->scanDirectory($path, true, true, $path);
// find CSS files
$css = CAT_Helper_Directory::getInstance()->maxRecursionDepth(5)->setSuffixFilter(array('css'))->scanDirectory($path, true, true, $path);
$list = true;
} else {
$file = CAT_Helper_Directory::sanitizePath($path . '/' . CAT_Helper_Validate::sanitizePost('edit_file'));
if (!file_exists($file)) {
$backend->printFatalError("No such file");
}
$in = fopen($file, 'r');
$code = fread($in, filesize($file));
fclose($in);
if (file_exists(CAT_PATH . '/modules/edit_area/include.php')) {
include_once CAT_PATH . '/modules/edit_area/include.php';
ea_syntax('css');
$js = show_wysiwyg_editor('code', 'code', $code, '100%', '350px', false);
$code = NULL;
}
}
$page = CAT_Helper_Page::properties($page_id);
$parser->output('backend_addons_editfile.tpl', array('code' => $code, 'js' => $js, 'css' => $css, 'page_id' => $page_id, 'section_id' => $section_id, 'mod_dir' => CAT_Helper_Validate::sanitizePost('mod_dir'), 'edit_file' => CAT_Helper_Validate::sanitizePost('edit_file'), 'list' => $list, 'PAGE_TITLE' => $page['page_title'], 'PAGE_ID' => $page_id, 'PAGE_HEADER' => $backend->lang()->translate('Modify file')));
}
$backend->print_footer();
} else {
trigger_error(sprintf("[ <b>%s</b> ] Can't include class.secure.php!", $_SERVER['SCRIPT_NAME']), E_USER_ERROR);
}
}
require_once dirname(__FILE__) . '/../../config.php';
require_once dirname(__FILE__) . '/../../framework/functions.php';
$backend = CAT_Backend::getInstance('Addons', 'addons', false);
$users = CAT_Users::getInstance();
header('Content-type: application/json');
if (!$users->checkPermission('Addons', 'addons')) {
$ajax = array('message' => $backend->lang()->translate("Sorry, but you don't have the permissions for this action"), 'success' => false);
print json_encode($ajax);
exit;
}
$module = CAT_Helper_Validate::sanitizePost('module');
$type = CAT_Helper_Validate::sanitizePost('type');
if (CAT_Helper_Addons::isModuleInstalled($module, NULL, $type)) {
$info = CAT_Helper_Addons::checkInfo(CAT_Helper_Directory::sanitizePath(CAT_PATH . '/' . $type . 's/' . $module));
} else {
$path = CAT_Helper_Directory::sanitizePath(CAT_PATH . '/' . $type . '/' . $module . ($type == 'languages' ? '.php' : ''));
$info = CAT_Helper_Addons::checkInfo($path);
}
if (!is_array($info) || !count($info)) {
$ajax = array('message' => $backend->lang()->translate("No Addon info available, seems to be an invalid addon!"), 'success' => false);
print json_encode($ajax);
exit;
}
$addon = array('type' => $info['addon_function'], 'installed' => NULL, 'upgraded' => NULL, 'removable' => 'Y');
foreach ($info as $key => $value) {
$key = preg_replace('/^(module_|addon_)/i', '', $key);
$addon[$key] = $value;
