} } if (!file_exists(CAT_PATH . '/modules/' . SEARCH_LIBRARY . '/library.php')) { $page_id = CAT_Helper_Validate::get('_REQUEST', 'page_id'); CAT_Object::printFatalError(CAT_Object::lang()->translate('No search library installed!'), CAT_Helper_Page::getLink($page_id)); } // Required page details $page_id = -1; $page_description = ''; $page_keywords = ''; // load search library require_once CAT_PATH . '/modules/' . SEARCH_LIBRARY . '/library.php'; $s = new CATSearch(); $page_id = $s->getSearchPageID(); // load droplets extensions $h = CAT_Helper_Droplet::getInstance(); $h->register_droplet_css('SearchBox', $page_id, '/modules/' . SEARCH_LIBRARY . '/templates/default/', 'search.box.css'); $h->register_droplet_js('SearchBox', $page_id, '/modules/' . SEARCH_LIBRARY . '/templates/default/', 'search.box.js'); if (isset($_GET['string'])) { CAT_Helper_Page::addCSS(CAT_URL . '/modules/' . SEARCH_LIBRARY . '/templates/default/frontend.css'); } // add language file CAT_Helper_I18n::getInstance()->addFile(LANGUAGE . '.php', CAT_PATH . '/modules/' . SEARCH_LIBRARY . '/languages/'); // add template search path global $parser; $parser->setPath(CAT_PATH . '/modules/' . SEARCH_LIBRARY . '/templates/custom'); $parser->setFallbackPath(CAT_PATH . '/modules/' . SEARCH_LIBRARY . '/templates/default'); define('PAGE_CONTENT', CAT_PATH . '/modules/' . SEARCH_LIBRARY . '/index.php'); // Get the referrer page ID if it exists if (isset($_REQUEST['referrer']) && is_numeric($_REQUEST['referrer']) && intval($_REQUEST['referrer']) > 0) { define('REFERRER_ID', intval($_REQUEST['referrer']));
/** * this method may be called by modules to handle a droplet import * * moved to CAT_Helper_Droplet, which ignores the $temp_unzip param; it is only * left for backward compatibility * **/ function droplets_import($temp_file, $temp_unzip = NULL) { return CAT_Helper_Droplet::installDroplet($temp_file); }
* @license http://www.gnu.org/licenses/gpl.html * @category CAT_Modules * @package lib_search * */ if (defined('CAT_PATH')) { include CAT_PATH . '/framework/class.secure.php'; } else { $root = "../"; $level = 1; while ($level < 10 && !file_exists($root . '/framework/class.secure.php')) { $root .= "../"; $level += 1; } if (file_exists($root . '/framework/class.secure.php')) { include $root . '/framework/class.secure.php'; } else { trigger_error(sprintf("[ <b>%s</b> ] Can't include class.secure.php!", $_SERVER['SCRIPT_NAME']), E_USER_ERROR); } } // import droplets $inst_dir = CAT_Helper_Directory::sanitizePath(dirname(__FILE__) . '/install'); $temp_unzip = CAT_Helper_Directory::sanitizePath(CAT_PATH . '/temp/unzip/'); $dirh = CAT_Helper_Directory::getInstance(); $files = $dirh->getFiles($inst_dir); if (is_array($files) && count($files)) { foreach ($files as $file) { // ignore the result here CAT_Helper_Droplet::installDroplet($file, $temp_unzip); } }
/** * **/ function toggle_active($id) { global $parser, $val, $backend; $groups = CAT_Users::get_groups_id(); if (!CAT_Helper_Droplet::is_allowed('modify_droplets', $groups)) { $backend->print_error($backend->lang()->translate("You don't have the permission to do this")); } $data = CAT_Helper_Droplet::getDroplet($id); $new = $data['active'] == 1 ? 0 : 1; $backend->db()->query('UPDATE `:prefix:mod_droplets` SET active=:active WHERE id=:id', array('active' => $new, 'id' => $id)); return list_droplets(); }
/** * The action handler of kitForm - call this function after creating a new * instance of kitForm! * * @return string result */ public function action() { // we can ignore calls by DropletsExtions... if (isset($_SESSION['DROPLET_EXECUTED_BY_DROPLETS_EXTENSION'])) { return '- passed call by DropletsExtension -'; } // CSS laden? if (defined('CAT_VERSION')) { if ($this->params[self::PARAM_CSS]) { if (!CAT_Helper_Droplet::is_registered_droplet_css('kit_form', PAGE_ID)) { CAT_Helper_Droplet::register_droplet_css('kit_form', PAGE_ID, 'kit_form', 'kit_form.css'); } } elseif (CAT_Helper_Droplet::is_registered_droplet_css('kit_form', PAGE_ID)) { CAT_Helper_Droplet::unregister_droplet_css('kit_form', PAGE_ID); } } else { if ($this->params[self::PARAM_CSS]) { if (!is_registered_droplet_css('kit_form', PAGE_ID)) { register_droplet_css('kit_form', PAGE_ID, 'kit_form', 'kit_form.css'); } } elseif (is_registered_droplet_css('kit_form', PAGE_ID)) { unregister_droplet_css('kit_form', PAGE_ID); } } // check dependency $this->checkDependency(); if ($this->isError()) { return sprintf('<a name="%s"></a><div class="error">%s</div>', self::FORM_ANCHOR, $this->getError()); } /** * to prevent cross site scripting XSS it is important to look also to * $_REQUESTs which are needed by other KIT addons. Addons which need * a $_REQUEST with HTML should set a key in $_SESSION['KIT_HTML_REQUEST'] */ $html_allowed = array(); if (isset($_SESSION['KIT_HTML_REQUEST'])) { $html_allowed = $_SESSION['KIT_HTML_REQUEST']; } $html = array(); foreach ($html as $key) { $html_allowed[] = $key; } $_SESSION['KIT_HTML_REQUEST'] = $html_allowed; foreach ($_REQUEST as $key => $value) { if (stripos($key, 'amp;') == 0) { $key = substr($key, 4); $_REQUEST[$key] = $value; unset($_REQUEST['amp;' . $key]); } if (!in_array($key, $html_allowed)) { $_REQUEST[$key] = $this->xssPrevent($value); } } isset($_REQUEST[self::request_action]) ? $action = $_REQUEST[self::request_action] : ($action = self::action_default); switch ($action) { case self::action_feedback_unsubscribe: $result = $this->showFeedbackUnsubscribe(); break; case self::action_feedback_unsubscribe_check: $result = $this->checkFeedbackUnsubscribe(); break; case self::action_command: $result = $this->checkCommand(); break; case self::action_check_form: $result = $this->checkForm(); break; case self::action_activation_key: $result = $this->checkActivationKey(); break; case self::action_default: default: $result = $this->showForm(); break; } if ($this->isError()) { $result = sprintf('<a name="%s"></a><div class="error">%s</div>', self::FORM_ANCHOR, $this->getError()); } return $result; }
/** * returns a list of droplets the current user is allowed to use * * @access public * @return array **/ public static function getDroplets($with_code = false) { $self = self::getInstance(); $groups = CAT_Users::get_groups_id(); $rows = array(); $fields = 't1.id, `name`, `description`, `active`, `comments`, `view_groups`, `edit_groups`'; if ($with_code) { $fields .= ', `code`'; } $query = $self->db()->query("SELECT {$fields} FROM `:prefix:mod_droplets` AS t1 " . "LEFT OUTER JOIN `:prefix:mod_droplets_permissions` AS t2 " . "ON t1.id=t2.id ORDER BY `name` ASC"); if ($query->rowCount()) { while ($droplet = $query->fetch()) { // the current user needs global edit permissions, or specific edit permissions to see this droplet if (!CAT_Helper_Droplet::is_allowed('modify_droplets', $groups)) { // get edit groups for this drople if ($droplet['edit_groups']) { if (CAT_Users::get_user_id() != 1 && !is_in_array($droplet['edit_groups'], $groups)) { continue; } else { $droplet['user_can_modify_this'] = true; } } } $comments = str_replace(array("\r\n", "\n", "\r"), '<br />', $droplet['comments']); if (!strpos($comments, "[[")) { $comments = '<span class="usage">' . $self->lang()->translate('Use') . ": [[" . $droplet['name'] . "]]</span><br />" . $comments; } $comments = str_replace(array("[[", "]]"), array('<b>[[', ']]</b>'), $comments); if ($with_code) { $droplet['valid_code'] = self::check_syntax($droplet['code']); } $droplet['comments'] = $comments; // droplet included in search? //$droplet['is_in_search'] = self::is_registered_droplet_search($droplet['name']); // is there a data file for this droplet? if (file_exists(dirname(__FILE__) . '/data/' . $droplet['name'] . '.txt') || file_exists(dirname(__FILE__) . '/data/' . strtolower($droplet['name']) . '.txt') || file_exists(dirname(__FILE__) . '/data/' . strtoupper($droplet['name']) . '.txt')) { $droplet['datafile'] = true; } array_push($rows, $droplet); } } return $rows; }
function evalDroplets(&$content, $max_loops = 3) { return CAT_Helper_Droplet::process($content, $max_loops); }
/** * * * * **/ public static function getFrontendHeaders() { global $page_id; // ----------------------------------------------------------------- // ----- frontend theme ----- // ----------------------------------------------------------------- $tpl = CAT_Registry::get('TEMPLATE'); $file = CAT_Helper_Directory::sanitizePath(CAT_PATH . '/templates/' . $tpl . '/headers.inc.php'); self::$instance->log()->logDebug(sprintf('searching for file [%s]', $file)); if (file_exists($file)) { self::$instance->log()->logDebug(sprintf('adding items for frontend template [%s]', $tpl)); self::_load_headers_inc($file, 'frontend', 'templates/' . $tpl); } else { self::$instance->log()->logDebug('no headers.inc.php'); } // add template path to CSS search path (frontend only) array_push(CAT_Helper_Page::$css_search_path, '/templates/' . $tpl, '/templates/' . $tpl . '/css', '/templates/' . $tpl . '/templates/default', '/templates/' . $tpl . '/templates/default/css', CAT_Registry::get('PAGES_DIRECTORY') . '/css/', '/modules/' . CAT_Registry::get('SEARCH_LIBRARY') . '/templates/custom/', '/modules/' . CAT_Registry::get('SEARCH_LIBRARY') . '/templates/default/'); // Javascript search path array_push(CAT_Helper_Page::$js_search_path, '/templates/' . $tpl, '/templates/' . $tpl . '/js', '/templates/' . $tpl . '/templates/default', '/templates/' . $tpl . '/templates/default/js', CAT_Registry::get('PAGES_DIRECTORY') . '/js/'); // ----------------------------------------------------------------- // ----- get extra header files ----- // ----------------------------------------------------------------- $global_files = CAT_Helper_Page::getExtraHeaderFiles(0); $page_files = CAT_Helper_Page::getExtraHeaderFiles($page_id); $all_files = array_merge($global_files, $page_files); if (isset($all_files['css']) && is_array($all_files['css'])) { foreach ($all_files['css'] as $file) { self::addCSS($file); } } if (isset($all_files['js']) && is_array($all_files['js'])) { foreach ($all_files['js'] as $file) { self::addJS($file); } } // ----------------------------------------------------------------- // ----- sections (modules) ----- // ----------------------------------------------------------------- self::_load_sections('frontend'); // ----------------------------------------------------------------- // ----- scan for css files ----- // ----------------------------------------------------------------- self::_load_css('frontend'); // ----------------------------------------------------------------- // ----- scan for js files ----- // ----------------------------------------------------------------- self::_load_js('frontend'); // called from backend? if (CAT_Helper_Validate::get('_REQUEST', 'preview') && CAT_Users::is_authenticated()) { $file = CAT_PATH . '/templates/' . DEFAULT_THEME . '/css/visibility.css'; if (file_exists($file)) { CAT_Helper_Page::$css[] = array('media' => 'screen,projection', 'file' => '/templates/' . DEFAULT_THEME . '/css/visibility.css'); } $file = CAT_PATH . '/templates/' . DEFAULT_THEME . '/js/visibility.js'; if (file_exists($file)) { global $page_id; CAT_Helper_Page::$js[] = '<script type="text/javascript">' . "\n" . ' var visibility = \'' . self::getInstance(1)->lang()->translate(self::properties($page_id, 'visibility')) . '\';' . "\n" . ' var visibility_text = \'' . self::getInstance(1)->lang()->translate('Visibility of this page') . '\';' . "\n" . ' var visibility_title = \'' . self::getInstance(1)->lang()->translate('Black Cat CMS Page Preview') . '\';' . "\n" . '</script>' . "\n" . '<script type="text/javascript" src="' . CAT_Helper_Validate::sanitize_url(CAT_URL . '/templates/' . DEFAULT_THEME . '/js/visibility.js') . '"></script>' . "\n"; } } $droplets_config = CAT_Helper_Droplet::getDropletsForHeader($page_id); // return the results return self::getMeta($droplets_config) . self::getCSS('frontend') . ($droplets_config['css'] ? "<!-- dropletsExtension -->\n" . $droplets_config['css'] . "\n<!-- /dropletsExtension -->\n" : NULL) . self::getJQuery('header') . self::getJavaScripts('header') . ($droplets_config['js'] ? "<!-- dropletsExtension -->\n" . $droplets_config['js'] . "\n<!-- /dropletsExtension -->\n" : NULL); }
/** * shows the current page * * @access public * @return void **/ public function show() { // ----- keep old modules happy ----- global $wb, $admin, $database, $page_id, $section_id; global $TEXT; $admin =& $wb; if ($page_id == '') { $page_id = $this->_page_id; } // ----- keep old modules happy ----- $this->log()->LogDebug(sprintf('showing page with ID [%s]', $page_id)); // send appropriate header if (CAT_Helper_Page::isMaintenance() || CAT_Registry::get('MAINTENANCE_PAGE') == $page_id) { header('HTTP/1.1 503 Service Temporarily Unavailable'); header('Status: 503 Service Temporarily Unavailable'); header('Retry-After: 7200'); // in seconds } // template engine global $parser; // page of type menu_link if (CAT_Sections::isMenuLink($this->_page_id)) { $this->showMenuLink(); } else { $do_filter = false; // use output filter (if any) if (file_exists(CAT_Helper_Directory::sanitizePath(CAT_PATH . '/modules/blackcatFilter/filter.php'))) { include_once CAT_Helper_Directory::sanitizePath(CAT_PATH . '/modules/blackcatFilter/filter.php'); if (function_exists('executeFilters')) { $this->log()->LogDebug('enabling output filters'); $do_filter = true; } } $this->setTemplate(); // including the template; it may calls different functions // like page_content() etc. ob_start(); require CAT_TEMPLATE_DIR . '/index.php'; $output = ob_get_contents(); ob_clean(); // droplets CAT_Helper_Droplet::process($output); // output filtering if ($do_filter) { $this->log()->LogDebug('executing output filters'); executeFilters($output); } // use HTMLPurifier to clean up the output if (defined('ENABLE_HTMLPURIFIER') && true === ENABLE_HTMLPURIFIER) { $this->log()->LogDebug('executing HTML Purifier'); $output = CAT_Helper_Protect::purify($output); } $this->log()->LogDebug('print output'); if (!headers_sent()) { $properties = self::properties($page_id); echo header('content-type:text/html; charset=' . (isset($properties['default_charset']) ? $properties['default_charset'] : 'utf-8')); } echo $output; } }