}
}
if (!file_exists(CAT_PATH . '/modules/' . SEARCH_LIBRARY . '/library.php')) {
$page_id = CAT_Helper_Validate::get('_REQUEST', 'page_id');
CAT_Object::printFatalError(CAT_Object::lang()->translate('No search library installed!'), CAT_Helper_Page::getLink($page_id));
}
// Required page details
$page_id = -1;
$page_description = '';
$page_keywords = '';
// load search library
require_once CAT_PATH . '/modules/' . SEARCH_LIBRARY . '/library.php';
$s = new CATSearch();
$page_id = $s->getSearchPageID();
// load droplets extensions
$h = CAT_Helper_Droplet::getInstance();
$h->register_droplet_css('SearchBox', $page_id, '/modules/' . SEARCH_LIBRARY . '/templates/default/', 'search.box.css');
$h->register_droplet_js('SearchBox', $page_id, '/modules/' . SEARCH_LIBRARY . '/templates/default/', 'search.box.js');
if (isset($_GET['string'])) {
CAT_Helper_Page::addCSS(CAT_URL . '/modules/' . SEARCH_LIBRARY . '/templates/default/frontend.css');
}
// add language file
CAT_Helper_I18n::getInstance()->addFile(LANGUAGE . '.php', CAT_PATH . '/modules/' . SEARCH_LIBRARY . '/languages/');
// add template search path
global $parser;
$parser->setPath(CAT_PATH . '/modules/' . SEARCH_LIBRARY . '/templates/custom');
$parser->setFallbackPath(CAT_PATH . '/modules/' . SEARCH_LIBRARY . '/templates/default');
define('PAGE_CONTENT', CAT_PATH . '/modules/' . SEARCH_LIBRARY . '/index.php');
// Get the referrer page ID if it exists
if (isset($_REQUEST['referrer']) && is_numeric($_REQUEST['referrer']) && intval($_REQUEST['referrer']) > 0) {
define('REFERRER_ID', intval($_REQUEST['referrer']));
/**
* this method may be called by modules to handle a droplet import
*
* moved to CAT_Helper_Droplet, which ignores the $temp_unzip param; it is only
* left for backward compatibility
*
**/
function droplets_import($temp_file, $temp_unzip = NULL)
{
return CAT_Helper_Droplet::installDroplet($temp_file);
}
* @license http://www.gnu.org/licenses/gpl.html
* @category CAT_Modules
* @package lib_search
*
*/
if (defined('CAT_PATH')) {
include CAT_PATH . '/framework/class.secure.php';
} else {
$root = "../";
$level = 1;
while ($level < 10 && !file_exists($root . '/framework/class.secure.php')) {
$root .= "../";
$level += 1;
}
if (file_exists($root . '/framework/class.secure.php')) {
include $root . '/framework/class.secure.php';
} else {
trigger_error(sprintf("[ <b>%s</b> ] Can't include class.secure.php!", $_SERVER['SCRIPT_NAME']), E_USER_ERROR);
}
}
// import droplets
$inst_dir = CAT_Helper_Directory::sanitizePath(dirname(__FILE__) . '/install');
$temp_unzip = CAT_Helper_Directory::sanitizePath(CAT_PATH . '/temp/unzip/');
$dirh = CAT_Helper_Directory::getInstance();
$files = $dirh->getFiles($inst_dir);
if (is_array($files) && count($files)) {
foreach ($files as $file) {
// ignore the result here
CAT_Helper_Droplet::installDroplet($file, $temp_unzip);
}
}
/**
*
**/
function toggle_active($id)
{
global $parser, $val, $backend;
$groups = CAT_Users::get_groups_id();
if (!CAT_Helper_Droplet::is_allowed('modify_droplets', $groups)) {
$backend->print_error($backend->lang()->translate("You don't have the permission to do this"));
}
$data = CAT_Helper_Droplet::getDroplet($id);
$new = $data['active'] == 1 ? 0 : 1;
$backend->db()->query('UPDATE `:prefix:mod_droplets` SET active=:active WHERE id=:id', array('active' => $new, 'id' => $id));
return list_droplets();
}
/**
* The action handler of kitForm - call this function after creating a new
* instance of kitForm!
*
* @return string result
*/
public function action()
{
// we can ignore calls by DropletsExtions...
if (isset($_SESSION['DROPLET_EXECUTED_BY_DROPLETS_EXTENSION'])) {
return '- passed call by DropletsExtension -';
}
// CSS laden?
if (defined('CAT_VERSION')) {
if ($this->params[self::PARAM_CSS]) {
if (!CAT_Helper_Droplet::is_registered_droplet_css('kit_form', PAGE_ID)) {
CAT_Helper_Droplet::register_droplet_css('kit_form', PAGE_ID, 'kit_form', 'kit_form.css');
}
} elseif (CAT_Helper_Droplet::is_registered_droplet_css('kit_form', PAGE_ID)) {
CAT_Helper_Droplet::unregister_droplet_css('kit_form', PAGE_ID);
}
} else {
if ($this->params[self::PARAM_CSS]) {
if (!is_registered_droplet_css('kit_form', PAGE_ID)) {
register_droplet_css('kit_form', PAGE_ID, 'kit_form', 'kit_form.css');
}
} elseif (is_registered_droplet_css('kit_form', PAGE_ID)) {
unregister_droplet_css('kit_form', PAGE_ID);
}
}
// check dependency
$this->checkDependency();
if ($this->isError()) {
return sprintf('<a name="%s"></a><div class="error">%s</div>', self::FORM_ANCHOR, $this->getError());
}
/**
* to prevent cross site scripting XSS it is important to look also to
* $_REQUESTs which are needed by other KIT addons. Addons which need
* a $_REQUEST with HTML should set a key in $_SESSION['KIT_HTML_REQUEST']
*/
$html_allowed = array();
if (isset($_SESSION['KIT_HTML_REQUEST'])) {
$html_allowed = $_SESSION['KIT_HTML_REQUEST'];
}
$html = array();
foreach ($html as $key) {
$html_allowed[] = $key;
}
$_SESSION['KIT_HTML_REQUEST'] = $html_allowed;
foreach ($_REQUEST as $key => $value) {
if (stripos($key, 'amp;') == 0) {
$key = substr($key, 4);
$_REQUEST[$key] = $value;
unset($_REQUEST['amp;' . $key]);
}
if (!in_array($key, $html_allowed)) {
$_REQUEST[$key] = $this->xssPrevent($value);
}
}
isset($_REQUEST[self::request_action]) ? $action = $_REQUEST[self::request_action] : ($action = self::action_default);
switch ($action) {
case self::action_feedback_unsubscribe:
$result = $this->showFeedbackUnsubscribe();
break;
case self::action_feedback_unsubscribe_check:
$result = $this->checkFeedbackUnsubscribe();
break;
case self::action_command:
$result = $this->checkCommand();
break;
case self::action_check_form:
$result = $this->checkForm();
break;
case self::action_activation_key:
$result = $this->checkActivationKey();
break;
case self::action_default:
default:
$result = $this->showForm();
break;
}
if ($this->isError()) {
$result = sprintf('<a name="%s"></a><div class="error">%s</div>', self::FORM_ANCHOR, $this->getError());
}
return $result;
}
/**
* returns a list of droplets the current user is allowed to use
*
* @access public
* @return array
**/
public static function getDroplets($with_code = false)
{
$self = self::getInstance();
$groups = CAT_Users::get_groups_id();
$rows = array();
$fields = 't1.id, `name`, `description`, `active`, `comments`, `view_groups`, `edit_groups`';
if ($with_code) {
$fields .= ', `code`';
}
$query = $self->db()->query("SELECT {$fields} FROM `:prefix:mod_droplets` AS t1 " . "LEFT OUTER JOIN `:prefix:mod_droplets_permissions` AS t2 " . "ON t1.id=t2.id ORDER BY `name` ASC");
if ($query->rowCount()) {
while ($droplet = $query->fetch()) {
// the current user needs global edit permissions, or specific edit permissions to see this droplet
if (!CAT_Helper_Droplet::is_allowed('modify_droplets', $groups)) {
// get edit groups for this drople
if ($droplet['edit_groups']) {
if (CAT_Users::get_user_id() != 1 && !is_in_array($droplet['edit_groups'], $groups)) {
continue;
} else {
$droplet['user_can_modify_this'] = true;
}
}
}
$comments = str_replace(array("\r\n", "\n", "\r"), '<br />', $droplet['comments']);
if (!strpos($comments, "[[")) {
$comments = '<span class="usage">' . $self->lang()->translate('Use') . ": [[" . $droplet['name'] . "]]</span><br />" . $comments;
}
$comments = str_replace(array("[[", "]]"), array('<b>[[', ']]</b>'), $comments);
if ($with_code) {
$droplet['valid_code'] = self::check_syntax($droplet['code']);
}
$droplet['comments'] = $comments;
// droplet included in search?
//$droplet['is_in_search'] = self::is_registered_droplet_search($droplet['name']);
// is there a data file for this droplet?
if (file_exists(dirname(__FILE__) . '/data/' . $droplet['name'] . '.txt') || file_exists(dirname(__FILE__) . '/data/' . strtolower($droplet['name']) . '.txt') || file_exists(dirname(__FILE__) . '/data/' . strtoupper($droplet['name']) . '.txt')) {
$droplet['datafile'] = true;
}
array_push($rows, $droplet);
}
}
return $rows;
}
function evalDroplets(&$content, $max_loops = 3)
{
return CAT_Helper_Droplet::process($content, $max_loops);
}
/**
*
*
*
*
**/
public static function getFrontendHeaders()
{
global $page_id;
// -----------------------------------------------------------------
// ----- frontend theme -----
// -----------------------------------------------------------------
$tpl = CAT_Registry::get('TEMPLATE');
$file = CAT_Helper_Directory::sanitizePath(CAT_PATH . '/templates/' . $tpl . '/headers.inc.php');
self::$instance->log()->logDebug(sprintf('searching for file [%s]', $file));
if (file_exists($file)) {
self::$instance->log()->logDebug(sprintf('adding items for frontend template [%s]', $tpl));
self::_load_headers_inc($file, 'frontend', 'templates/' . $tpl);
} else {
self::$instance->log()->logDebug('no headers.inc.php');
}
// add template path to CSS search path (frontend only)
array_push(CAT_Helper_Page::$css_search_path, '/templates/' . $tpl, '/templates/' . $tpl . '/css', '/templates/' . $tpl . '/templates/default', '/templates/' . $tpl . '/templates/default/css', CAT_Registry::get('PAGES_DIRECTORY') . '/css/', '/modules/' . CAT_Registry::get('SEARCH_LIBRARY') . '/templates/custom/', '/modules/' . CAT_Registry::get('SEARCH_LIBRARY') . '/templates/default/');
// Javascript search path
array_push(CAT_Helper_Page::$js_search_path, '/templates/' . $tpl, '/templates/' . $tpl . '/js', '/templates/' . $tpl . '/templates/default', '/templates/' . $tpl . '/templates/default/js', CAT_Registry::get('PAGES_DIRECTORY') . '/js/');
// -----------------------------------------------------------------
// ----- get extra header files -----
// -----------------------------------------------------------------
$global_files = CAT_Helper_Page::getExtraHeaderFiles(0);
$page_files = CAT_Helper_Page::getExtraHeaderFiles($page_id);
$all_files = array_merge($global_files, $page_files);
if (isset($all_files['css']) && is_array($all_files['css'])) {
foreach ($all_files['css'] as $file) {
self::addCSS($file);
}
}
if (isset($all_files['js']) && is_array($all_files['js'])) {
foreach ($all_files['js'] as $file) {
self::addJS($file);
}
}
// -----------------------------------------------------------------
// ----- sections (modules) -----
// -----------------------------------------------------------------
self::_load_sections('frontend');
// -----------------------------------------------------------------
// ----- scan for css files -----
// -----------------------------------------------------------------
self::_load_css('frontend');
// -----------------------------------------------------------------
// ----- scan for js files -----
// -----------------------------------------------------------------
self::_load_js('frontend');
// called from backend?
if (CAT_Helper_Validate::get('_REQUEST', 'preview') && CAT_Users::is_authenticated()) {
$file = CAT_PATH . '/templates/' . DEFAULT_THEME . '/css/visibility.css';
if (file_exists($file)) {
CAT_Helper_Page::$css[] = array('media' => 'screen,projection', 'file' => '/templates/' . DEFAULT_THEME . '/css/visibility.css');
}
$file = CAT_PATH . '/templates/' . DEFAULT_THEME . '/js/visibility.js';
if (file_exists($file)) {
global $page_id;
CAT_Helper_Page::$js[] = '<script type="text/javascript">' . "\n" . ' var visibility = \'' . self::getInstance(1)->lang()->translate(self::properties($page_id, 'visibility')) . '\';' . "\n" . ' var visibility_text = \'' . self::getInstance(1)->lang()->translate('Visibility of this page') . '\';' . "\n" . ' var visibility_title = \'' . self::getInstance(1)->lang()->translate('Black Cat CMS Page Preview') . '\';' . "\n" . '</script>' . "\n" . '<script type="text/javascript" src="' . CAT_Helper_Validate::sanitize_url(CAT_URL . '/templates/' . DEFAULT_THEME . '/js/visibility.js') . '"></script>' . "\n";
}
}
$droplets_config = CAT_Helper_Droplet::getDropletsForHeader($page_id);
// return the results
return self::getMeta($droplets_config) . self::getCSS('frontend') . ($droplets_config['css'] ? "<!-- dropletsExtension -->\n" . $droplets_config['css'] . "\n<!-- /dropletsExtension -->\n" : NULL) . self::getJQuery('header') . self::getJavaScripts('header') . ($droplets_config['js'] ? "<!-- dropletsExtension -->\n" . $droplets_config['js'] . "\n<!-- /dropletsExtension -->\n" : NULL);
}
/**
* shows the current page
*
* @access public
* @return void
**/
public function show()
{
// ----- keep old modules happy -----
global $wb, $admin, $database, $page_id, $section_id;
global $TEXT;
$admin =& $wb;
if ($page_id == '') {
$page_id = $this->_page_id;
}
// ----- keep old modules happy -----
$this->log()->LogDebug(sprintf('showing page with ID [%s]', $page_id));
// send appropriate header
if (CAT_Helper_Page::isMaintenance() || CAT_Registry::get('MAINTENANCE_PAGE') == $page_id) {
header('HTTP/1.1 503 Service Temporarily Unavailable');
header('Status: 503 Service Temporarily Unavailable');
header('Retry-After: 7200');
// in seconds
}
// template engine
global $parser;
// page of type menu_link
if (CAT_Sections::isMenuLink($this->_page_id)) {
$this->showMenuLink();
} else {
$do_filter = false;
// use output filter (if any)
if (file_exists(CAT_Helper_Directory::sanitizePath(CAT_PATH . '/modules/blackcatFilter/filter.php'))) {
include_once CAT_Helper_Directory::sanitizePath(CAT_PATH . '/modules/blackcatFilter/filter.php');
if (function_exists('executeFilters')) {
$this->log()->LogDebug('enabling output filters');
$do_filter = true;
}
}
$this->setTemplate();
// including the template; it may calls different functions
// like page_content() etc.
ob_start();
require CAT_TEMPLATE_DIR . '/index.php';
$output = ob_get_contents();
ob_clean();
// droplets
CAT_Helper_Droplet::process($output);
// output filtering
if ($do_filter) {
$this->log()->LogDebug('executing output filters');
executeFilters($output);
}
// use HTMLPurifier to clean up the output
if (defined('ENABLE_HTMLPURIFIER') && true === ENABLE_HTMLPURIFIER) {
$this->log()->LogDebug('executing HTML Purifier');
$output = CAT_Helper_Protect::purify($output);
}
$this->log()->LogDebug('print output');
if (!headers_sent()) {
$properties = self::properties($page_id);
echo header('content-type:text/html; charset=' . (isset($properties['default_charset']) ? $properties['default_charset'] : 'utf-8'));
}
echo $output;
}
}
