function __construct() { $app = JFactory::getApplication(); $url = JRequest::getVar('url'); $func = new plgSystemNNFrameworkHelperFunctions(); if ($url) { echo $func->getByUrl($url); die; } $file = JRequest::getVar('file'); // only allow files that have .inc.php in the file name if (!$file || strpos($file, '.inc.php') === false) { die; } $folder = JRequest::getVar('folder'); if ($folder) { $file = implode('/', explode('.', $folder)) . '/' . $file; } $allowed = array('administrator/components/com_dbreplacer/dbreplacer.inc.php', 'administrator/components/com_nonumbermanager/details.inc.php', 'administrator/components/com_rereplacer/images/image.inc.php', 'administrator/modules/mod_addtomenu/addtomenu/addtomenu.inc.php', 'plugins/editors-xtd/articlesanywhere/articlesanywhere.inc.php', 'plugins/editors-xtd/contenttemplater/contenttemplater.inc.php', 'plugins/editors-xtd/modulesanywhere/modulesanywhere.inc.php', 'plugins/editors-xtd/snippets/snippets.inc.php', 'plugins/editors-xtd/sourcerer/sourcerer.inc.php'); if (!$file || in_array($file, $allowed) === false) { die; } jimport('joomla.filesystem.file'); if ($app->isSite() && !JRequest::getCmd('usetemplate')) { if (version_compare(JVERSION, '1.6.0', 'l')) { $app->setTemplate('../administrator/templates/khepri'); } else { $app->setTemplate('../administrator/templates/bluestork'); } } $_REQUEST['tmpl'] = 'component'; JRequest::setVar('option', '1'); $app->set('_messageQueue', ''); $file = JPATH_SITE . '/' . $file; $html = ''; if (JFile::exists($file)) { ob_start(); include $file; $html = ob_get_contents(); ob_end_clean(); } $document = JFactory::getDocument(); $document->setBuffer($html, 'component'); if (version_compare(JVERSION, '1.6.0', 'l')) { $document->addStyleSheet(JURI::root(true) . '/administrator/templates/khepri/css/template.css'); $document->addStyleSheet(JURI::root(true) . '/administrator/templates/khepri/css/icon.css'); $document->addStyleSheet(JURI::root(true) . '/administrator/templates/khepri/css/rounded.css'); } else { $document->addStyleSheet(JURI::root(true) . '/administrator/templates/bluestork/css/template.css'); } $document->addScript(JURI::root(true) . '/includes/js/joomla.javascript.js'); $app->render(); $html = JResponse::toString($app->getCfg('gzip')); $html = preg_replace('#\\s*<' . 'link [^>]*href="[^"]*templates/system/[^"]*\\.css[^"]*"[^>]* />#s', '', $html); echo $html; die; }
function __construct() { $mainframe =& JFactory::getApplication(); $url = JRequest::getVar('url'); $options = JRequest::getVar('url_options', array(), 'post', 'array'); $func = new plgSystemNNFrameworkHelperFunctions(); if ($url) { echo $func->getByUrl($url, $options); exit; } $file = JRequest::getVar('file'); // only allow files that have .inc.php in the file name if (!$file || strpos($file, '.inc.php') === false) { die; } $folder = JRequest::getVar('folder'); if ($folder) { $file = implode('/', explode('.', $folder)) . '/' . $file; } $allowed = array('administrator/components/com_dbreplacer/dbreplacer.inc.php', 'administrator/components/com_nonumbermanager/details.inc.php', 'administrator/components/com_rereplacer/images/image.inc.php', 'administrator/modules/mod_addtomenu/addtomenu/addtomenu.inc.php', 'plugins/editors-xtd/articlesanywhere/articlesanywhere.inc.php', 'plugins/editors-xtd/contenttemplater/contenttemplater.inc.php', 'plugins/editors-xtd/modulesanywhere/modulesanywhere.inc.php', 'plugins/editors-xtd/snippets/snippets.inc.php', 'plugins/editors-xtd/sourcerer/sourcerer.inc.php'); if (!$file || in_array($file, $allowed) === false) { die; } jimport('joomla.filesystem.file'); if ($mainframe->isSite() && !JRequest::getCmd('usetemplate')) { $mainframe->setTemplate('system'); } $_REQUEST['tmpl'] = 'component'; JRequest::setVar('option', '1'); $mainframe->set('_messageQueue', ''); $file = JPATH_SITE . '/' . $file; $html = ''; if (JFile::exists($file)) { ob_start(); include $file; $html = ob_get_contents(); ob_end_clean(); } $document =& JFactory::getDocument(); $document->setBuffer($html, 'component'); $document->addStyleSheet(JURI::root(true) . '/templates/system/css/system.css'); $document->addStyleSheet(JURI::root(true) . '/plugins/system/nnframework/css/default.css'); $document->addScript(JURI::root(true) . '/includes/js/joomla.javascript.js'); $mainframe->render(); echo JResponse::toString($mainframe->getCfg('gzip')); exit; }
function __construct() { $mainframe =& JFactory::getApplication(); $url = JRequest::getVar('url'); $options = JRequest::getVar('url_options', array(), 'post', 'array'); $func = new plgSystemNNFrameworkHelperFunctions(); if ($url) { echo $func->getByUrl($url, $options); exit; } $file = JRequest::getVar('file'); // only allow files that have .inc.php in the file name if (!$file || strpos($file, '.inc.php') === false) { echo JText::_('Access Denied'); exit; } $folder = JRequest::getVar('folder'); jimport('joomla.filesystem.file'); if ($mainframe->isSite() && !JRequest::getCmd('usetemplate')) { $mainframe->setTemplate('system'); } $_REQUEST['tmpl'] = 'component'; JRequest::setVar('option', '1'); $mainframe->set('_messageQueue', ''); $path = JPATH_SITE; if ($folder) { $path .= '/' . implode('/', explode('.', $folder)); } $file = $path . '/' . $file; $html = ''; if (JFile::exists($file)) { ob_start(); include $file; $html = ob_get_contents(); ob_end_clean(); } $document =& JFactory::getDocument(); $document->setBuffer($html, 'component'); $document->addStyleSheet(JURI::root(true) . '/templates/system/css/system.css'); $document->addStyleSheet(JURI::root(true) . '/plugins/system/nnframework/css/default.css'); $document->addScript(JURI::root(true) . '/includes/js/joomla.javascript.js'); $mainframe->render(); echo JResponse::toString($mainframe->getCfg('gzip')); exit; }