public function display() { $template = new Template(); $template->load("plugin_changepassword_changepassword"); $template->show_if('PASSWORD_WRONG', false); $template->show_if('SUCCESSFUL', false); $template->show_if('OLD_PASSWORD_WRONG', false); if (isset($_REQUEST['old_password']) && !empty($_REQUEST['old_password']) && is_string($_REQUEST['old_password']) && isset($_REQUEST['new_password']) && !empty($_REQUEST['new_password']) && is_string($_REQUEST['new_password']) && isset($_REQUEST['confirm_password']) && !empty($_REQUEST['confirm_password']) && is_string($_REQUEST['confirm_password'])) { $old_password = DataBase::Current()->EscapeString($_REQUEST['old_password']); $new_password = DataBase::Current()->EscapeString($_REQUEST['new_password']); $confirm_password = DataBase::Current()->EscapeString($_REQUEST['confirm_password']); if ($new_password != $confirm_password) { $template->show_if('PASSWORD_WRONG', true); } else { $password = DataBase::Current()->EscapeString(md5($new_password . Settings::getInstance()->get("salt"))); $old_password = DataBase::Current()->EscapeString(md5($old_password . Settings::getInstance()->get("salt"))); $db_password = DataBase::Current()->ReadField("SELECT `password` FROM `{'dbprefix'}user` WHERE `id` = '" . User::Current()->id . "'; "); if ($db_password && $db_password != null) { if ($db_password != $old_password) { $template->show_if('OLD_PASSWORD_WRONG', true); } else { DataBase::Current()->Execute("UPDATE `{'dbprefix'}user` SET `password` = '" . $password . "' WHERE `id` = '" . User::Current()->id . "'; "); $template->show_if('SUCCESSFUL', true); EventManager::raiseEvent("plugin_changepassword_change", array('old_password' => $old_password, 'new_password' => $password, 'userid' => User::Current()->id)); Cache::clear("tables", "userlist"); } } else { //Der User ist nicht in der Datenbank aufgeführt. } } } $template->assign_var('ACTION', UrlRewriting::GetUrlByAlias($this->page->alias)); echo $template->getCode(); }
public function display() { $form = new Form(2); $form->submit(); $GLOBALS['editinglanguage'] = new Language($_GET['language']); $table = new Table(); $token = new TableColumn("token", "Token"); $translation = new TableFunctionColumn("token", Language::DirectTranslate("TRANSLATION")); $translation->functionName = "TranslationEditor_GetString"; $translation->autoWidth = true; $languagetoken = new TableColumn("'" . DataBase::Current()->EscapeString($_GET['language']) . "' as language", "Language"); $languagetoken->value = $_GET['language']; $languagetoken->visible = false; $table->columns->add($token); $table->columns->add($translation); $table->columns->add($languagetoken); $table->name = "{'dbprefix'}language_tokens"; $table->actions = "translation_tokens"; $table->orderBy = "token"; $table->size = -1; $table->display(); $newModule = Language::DirectTranslateHtml("NEW_MODULE"); echo "<h2>" . $newModule . "</h2>"; $form->display(); }
/** * * @return string */ public function getCode() { if (isset($_POST['save'])) { foreach ($_POST as $property => $value) { if ($property != "save" && $property != "roles") { $settings = Settings::getRootInstance()->specify($this->areaType, $this->area); if ($this->dir != "" && $this->dir != "/") { $settings = $settings->dir($this->dir); } $settings->set($property, $value, $this->role); } } Settings::forceReload(); Cache::clear(); Language::GetGlobal()->ClearCache(); if (@header("Location:" . str_replace("&save_settings=1", "", $_SERVER['REQUEST_URI']))) { exit; } else { die("<script>window.location.href = '" . str_replace("&save_settings=1", "", $_SERVER['REQUEST_URI']) . "';</script>"); } $changed = true; } $template = new Template(); $template->load($this->template); if ($this->area != "global" || $this->areaType != "global") { $roleselector = "<select name=\"roles\" onchange=\"document.location.href='" . $this->url . $this->getQuerySeperator() . "areatype=" . urlencode($this->areaType) . "&area=" . urlencode($this->area) . "&role=' + this.options[this.selectedIndex].value + '&save_settings=1';\">"; } else { $roleselector = "<select name=\"roles\" onchange=\"document.location.href='" . $this->url . $this->getQuerySeperator() . "role=' + this.options[this.selectedIndex].value + '&save_settings=1';\">"; } $roles = DataBase::Current()->ReadRows("SELECT * FROM {'dbprefix'}roles ORDER BY name"); if ($roles) { foreach ($roles as $role) { if ($this->role == $role->id) { $roleselector .= "<option value=\"" . $role->id . "\" selected=\"selected\">" . htmlentities($role->name) . "</option>"; } else { $roleselector .= "<option value=\"" . $role->id . "\">" . $role->name . "</option>"; } } } $roleselector .= "</select>"; $template->assign_var("ROLES", $roleselector); if ($this->area != "global" || $this->areaType != "global") { $template->assign_var("URL", $this->url . $this->getQuerySeperator() . "areatype=" . urlencode($this->areaType) . "&area=" . urlencode($this->area) . "&role=" . $this->role . "&save_settings=1"); } else { $template->assign_var("URL", $this->url . $this->getQuerySeperator() . "role=" . $this->role . "&save_settings=1"); } $rows = Settings::getRootInstance()->specify($this->areaType, $this->area)->dir($this->dir)->getRows($this->role); if ($rows) { foreach ($rows as $row) { $index = $template->add_loop_item("SETTINGS"); $template->assign_loop_var("SETTINGS", $index, "PROPERTY", $row['name']); $template->assign_loop_var("SETTINGS", $index, "DESCRIPTION", htmlentities($row['description'])); $control = new $row['type'](); $control->name = $row['name']; $control->value = $row['value']; $template->assign_loop_var("SETTINGS", $index, "CONTROL", $control->getCode()); } } return $template->getCode(); }
/** * * @return string */ public function getCode() { $res = ""; if ($this->cacheName != "" && Cache::contains("tables", $this->cacheName)) { $res = Cache::getData("tables", $this->cacheName); } else { $res = "<table class='datatable'>"; $this->columns->actions = $this->actions; $res .= $this->columns->getHeaderCode(); $res .= "<tbody>"; $rows_found = false; if ($rows = DataBase::Current()->ReadRows($this->getSelect())) { foreach ($rows as $row) { $rows_found = true; $res .= $this->columns->getBodyCode($row); } } if (!$rows_found) { $text = Language::GetGlobal()->Translate($this->noDataText); $res .= "<tr><td colspan='" . $this->columns->count() . "'>" . htmlentities($text) . "</td></tr>"; } $res .= "</tbody>"; $res .= "</table>"; if ($this->cacheName) { Cache::setData("tables", $this->cacheName, $res); } } return $res; }
/** * * @param string $file * @param string $event * @return mixed */ public static function removeHandler($file, $event) { $file = DataBase::Current()->EscapeString($file); $event = DataBase::Current()->EscapeString($event); Cache::clear("eventmanager", "handler"); return DataBase::Current()->Execute("DELETE FROM {'dbprefix'}events WHERE event = '" . $event . "' AND file = '" . $file . "'"); }
/** * * @param int $dashboard * @param int $column * @param int $row * @return boolean */ public function save($dashboard, $column, $row) { $dashboard = DataBase::Current()->EscapeString($dashboard); $row = DataBase::Current()->EscapeString($row); $column = DataBase::Current()->EscapeString($column); $path = DataBase::Current()->EscapeString($this->path); return DataBase::Current()->Execute("INSERT INTO {'dbprefix'}dashboards (alias, col, row, path) VALUES ('" . $dashboard . "','" . $column . "','" . $row . "','" . $path . "')"); }
public function __construct($id) { $id = DataBase::Current()->EscapeString($id); if ($obj = DataBase::Current()->ReadRow("SELECT * FROM {'dbprefix'}data_validator WHERE id = '" . $id . "'")) { $this->id = $obj->id; $this->name = $obj->name; $this->regex = $obj->regex; $this->message = $obj->message; $this->htmlCode = $obj->htmlCode; } }
protected function loadActions() { $category = DataBase::Current()->EscapeString($this->category); $actions = DataBase::Current()->ReadRows("SELECT * FROM {'dbprefix'}actionlists WHERE category='" . $category . "' ORDER BY id"); foreach ($actions as $action) { $newAction = new Action(); $newAction->setID($action->id); $newAction->setIcon($action->icon); $newAction->setDestination($action->destination); $newAction->setLabel($action->label); $this->actions[] = $newAction; } }
/** * * @return boolean */ public function deactivate() { $res = false; if ($this->isActivated()) { $path = DataBase::Current()->EscapeString($this->path); @(include Settings::getValue("root") . "system/plugins/" . $path . "/deactivate.php"); foreach ($this->supportedLanguages as $language) { Language::DropLanguagePack("plugin_" . $path, $language); } $res = DataBase::Current()->Execute("DELETE FROM {'dbprefix'}activated_plugins WHERE path = '" . $path . "'"); EventManager::RaiseEvent("deactivated_plugin", array("plugininfo", $this)); } return $res; }
private function displayEvents() { echo "<h2>" . Language::DirectTranslateHtml("EVENTS") . "</h2>"; $table = new Table(); $name = new TableColumn("UPPER(name)", "Name"); $table->columns->add($name); $description = new TableColumn("CONCAT('{LANG:',UPPER(name),'_EVENTDESCRIPTION}')", Language::GetGlobal()->getString("WILL_BE_RAISED")); $description->autoWidth = true; $table->columns->add($description); $table->condition = "dataType = '" . DataBase::Current()->EscapeString($_GET['show']) . "'"; $table->name = "{'dbprefix'}datatype_events"; $table->orderBy = "name"; $table->display(); }
/** * * @param int $limit * @return Task */ public static function getOverdued($limit = 1) { $res = array(); $limit = DataBase::Current()->EscapeString($limit); $tasks = DataBase::Current()->readRows("SELECT * FROM {'dbprefix'}tasks WHERE DATE_ADD(lastExecution, INTERVAL `interval` MINUTE) < NOW() or lastExecution IS NULL or DATE_ADD(lastExecution, INTERVAL `interval` MINUTE) IS NULL LIMIT 0," . $limit); foreach ($tasks as $task) { $newTask = new Task(); $newTask->setScript($task->script); $newTask->setInterval($task->interval); $newTask->setLastExecution($task->lastExecution); $res[] = $newTask; } return $res; }
public function display() { $settings = new SettingsForm(); $settings->role = 3; $settings->url = UrlRewriting::GetUrlByAlias($_GET['include']); if (isset($_GET['areatype'])) { $settings->areaType = $_GET['areatype']; } if (isset($_GET['area'])) { $settings->area = $_GET['area']; } if (isset($_GET['role'])) { $settings->role = $_GET['role']; } $settings->display(); ?> <div style="margin-left:500px;"> <h2>Skins</h2> <?php $skins = DataBase::Current()->ReadRows("SELECT * FROM {'dbprefix'}skins WHERE LOWER(name) IN (SELECT DISTINCT name FROM {'dbprefix'}settings WHERE areaType = 'skins' AND area = {'dbprefix'}skins.name)"); if ($skins) { foreach ($skins as $skin) { $url = UrlRewriting::GetUrlByAlias("admin/settings", "areatype=skins&area=" . urlencode($skin->name)); echo "<a href=\"" . $url . "\">" . $skin->name . "</a><br />"; } } ?> <h2>Plugins</h2> <?php $plugins = new PluginList(); $plugins->loadAll(); foreach ($plugins->plugins as $plugin) { if ($plugin->configurationFile != '') { $url = UrlRewriting::GetUrlByAlias("admin/pluginsettings", "plugin=" . $plugin->path); ?> <a href="<?php echo $url; ?> "><?php echo $plugin->name; ?> </a><br /> <?php } } ?> </div> <?php }
/** * * @param array $params * @return boolean */ public function validate($params) { $select = $this->select; foreach ($params as $key => $value) { $select = str_ireplace("{VAR:" . strtoupper($key) . "}", DataBase::Current()->EscapeString($value), $select); } $res = DataBase::Current()->ReadField($select) > 0; if (!$res) { $message = $this->message; foreach ($params as $key => $value) { $message = str_ireplace("{VAR:" . strtoupper($key) . "}", DataBase::Current()->EscapeString($value), $message); } $this->finalMessage = $message; } return $res; }
public function save() { $keywords = DataBase::Current()->EscapeString($this->keywords); $description = DataBase::Current()->EscapeString($this->description); $robots = DataBase::Current()->EscapeString($this->robots); DataBase::Current()->Execute("DELETE FROM {'dbprefix'}meta_local WHERE page = '" . $this->pageid . "'"); if (trim($keywords) != "") { DataBase::Current()->Execute("INSERT INTO {'dbprefix'}meta_local (page, name , content)\n VALUES('" . $this->pageid . "','keywords','" . $keywords . "')"); } if (trim($description) != "") { DataBase::Current()->Execute("insert into {'dbprefix'}meta_local (page, name , content)\n VALUES('" . $this->pageid . "','description','" . $description . "')"); } if (trim(strtolower($robots)) != 'index, follow') { DataBase::Current()->Execute("insert into {'dbprefix'}meta_local (page, name , content)\n VALUES('" . $this->pageid . "','robots','" . $robots . "')"); } }
/** * * @param DataType $dataType * @return array */ public static function getByDataType(DataType $dataType) { $res = array(); $dataTypeID = DataBase::Current()->EscapeString($dataType->getID()); $fields = DataBase::Current()->ReadRows("SELECT * FROM {'dbprefix'}datafields WHERE datatype = '" . $dataTypeID . "'"); foreach ($fields as $field) { $fieldObj = new DataField(); $fieldObj->id = $field->id; $fieldObj->dataTypeID = $field->dataType; $fieldObj->dataType = $dataType; $fieldObj->displayName = $field->displayName; $fieldObj->dataName = $field->dataName; $fieldObj->validatorID = $field->validator; $res[] = $fieldObj; } return $res; }
public function display() { $template = new Template(); if (!isset($_GET['delete'])) { $template->load("menu_delete"); $template->assign_var("CANCELURL", "javascript:history.back()"); $template->assign_var("DELETEURL", $this->page->GetUrl("menu=" . urlencode($_GET['menu']) . "&delete=true")); } else { $template->load("message"); if (Menu::delete(DataBase::Current()->EscapeString($_GET['menu']))) { $template->assign_var("MESSAGE", Language::DirectTranslate("MENU_DELETED")); } else { $template->assign_var("MESSAGE", Language::DirectTranslate("MENU_NOT_DELETED")); } } $template->output(); }
/** * * @param int $ownerid * @param int $level * @return string */ private function getOptions($ownerid, $level = 0) { $res = ""; $pages = DataBase::Current()->ReadRows("SELECT * FROM {'dbprefix'}pages WHERE owner = '" . $ownerid . "' ORDER BY title"); $prefix = ""; for ($i = 0; $i < $level; $i++) { $prefix .= "-"; } foreach ($pages as $page) { $title = $prefix . htmlentities($page->title); if ($page->id == $this->value) { $res .= "<option value=\"" . $page->id . "\" selected=\"1\">" . $title . "</option>"; } else { $res .= "<option value=\"" . $page->id . "\">" . $title . "</option>"; } $res .= $this->getOptions($page->id, $level + 1); } return $res; }
/** * * @return string */ public function getCode() { $outerTemplate = new Template(); $outerTemplate->load("list"); $outerTemplate->assign_var("NAME", $this->name); $outerTemplate->assign_var("STYLE", $this->getListStyle()); if ($rows = DataBase::Current()->ReadRows($this->fillSelect)) { foreach ($rows as $row) { $index = $outerTemplate->add_loop_item("ITEMS"); $innerTemplate = new Template(); $innerTemplate->load($this->template); $vars = get_object_vars($row); foreach ($vars as $key => $value) { $innerTemplate->assign_var(strtoupper($key), $value); } $outerTemplate->assign_loop_var("ITEMS", $index, "ITEM", $innerTemplate->getCode($this->escape)); } } $res = $outerTemplate->getCode(); return $res; }
/** * * @return string */ public function getCode() { $res = "<select name=\"" . $this->name . "\" style=\"" . $this->style . "\""; if ($this->onChange != "") { $res .= " onchange=\"" . $this->onChange . "\""; } if ($this->id != "") { $res .= " id=\"" . $this->id . "\""; } $res .= ">"; $items = DataBase::Current()->ReadRows($this->fillSelect); foreach ($items as $item) { $res .= "<option value=\"" . htmlentities($item->value) . "\""; if ($this->value == $item->value) { $res .= " selected=\"true\""; } $res .= ">" . htmlentities($item->label) . "</option>"; } $res .= "</select>"; return $res; }
/** * * @param string $url */ public function importFromUrl($url) { $response = simplexml_load_file($url); if ($response) { $meta = $response->attributes(); $dataType = DataType::GetByName($meta['datatype']); foreach ($response->item as $item) { $params = array(); foreach ($item as $key => $value) { $params[$key] = $value . ""; } if ($dataType->validate($params)) { foreach ($params as $key => $value) { $params[$key] = "'" . DataBase::Current()->EscapeString($params[$key]) . "'"; } DataBase::Current()->Execute($dataType->getInsertStatement($params)); echo "1"; } else { echo "0"; } } } }
public function display() { $page = new Page(); $page->loadProperties(DataBase::Current()->EscapeString($_GET['site'])); $host = Settings::getInstance()->get("host"); if (!isset($_GET['delete'])) { $template = new Template(); $template->load("site_delete"); $template->assign_var("TITLE", $page->title); $home = UrlRewriting::GetUrlByAlias("admin/home"); $template->assign_var("SITESURL", $home); $delete = UrlRewriting::GetUrlByAlias("admin/pagedelete", "site=" . urlencode($_GET['site']) . "&delete=true"); $template->assign_var("DELETEURL", $delete); $template->output(); } else { if ($page->delete()) { $template = new Template(); $template->load("message"); $message = str_ireplace("{VAR:TITLE}", $page->title, Language::GetGlobal()->getString("PAGE_DELETED")); $template->assign_var("MESSAGE", $message); $template->output(); } } }
/** * * @return array */ public function getAll() { return DataBase::Current()->ReadRows("SELECT * FROM {'dbprefix'}" . $this->dataName); }
/** * * Returns the url of custom stylesheet for a page id * @param int id of a page * @return string path of the stylesheet */ function getStylePath($id) { $id = DataBase::Current()->EscapeString($id); return DataBase::Current()->ReadField("SELECT stylePath FROM {'dbprefix'}custom_css\n WHERE id = '" . $id . "'"); }
<?php /* * ChangePassword - Deinstallationsscript * Copyright Justin Künzel * * Package changepassword */ //Seiten-Typ löschen DataBase::Current()->Execute("DELETE FROM `{'dbprefix'}pagetypes` WHERE `class` = 'Plugin_ChangePassword_Page'; "); $mainPage = new Page(); $mainPage->loadProperties("admin/changepassword"); MenuEntry::DeleteByPage($mainPage); $mainPage->delete();
<?php WidgetController::register("SettingsWidget", "SettingsWidget", "settingswidget/settingswidget.php"); $row = DataBase::Current()->ReadField("SELECT IFNULL(MAX(row),0) + 1 FROM {'dbprefix'}dashboards WHERE col = 2"); DataBase::Current()->Execute("INSERT INTO `{'dbprefix'}dashboards` (alias,col,row,path) VALUES ('admin/home', 2, " . $row . ", 'settingswidget/settingswidget.php');");
<?php DataBase::Current()->Execute("DELETE FROM `{'dbprefix'}pagetypes` WHERE `class` = 'Plugin_Quiz_Editor'; ");
/** * @return Page the open page */ public static function Current() { if (self::$current == null) { try { self::$current = new Page(); self::$current->loadProperties(DataBase::Current()->EscapeString(sys::getAlias())); } catch (ContentLionException $ex) { self::$current = $ex->getErrorPage(); } } return self::$current; }
<?php DataBase::Current()->Execute("DELETE FROM `{'dbprefix'}pagetypes` WHERE `class` = 'Plugin_Contactform_Editor'; "); DataBase::Current()->Execute("DELETE FROM `{'dbprefix'}settings` WHERE `area` = 'contactform'; ");
<?php Language::ClearCache(); DataBase::Current()->Execute("INSERT INTO `{'dbprefix'}pagetypes` (`id`, `class`, `name`) VALUES (NULL, 'Plugin_Quiz_Editor', '{LANG:PLUGIN_QUIZ_PAGETYPETITLE}'); ");
public function display() { if (isset($_POST['submit'])) { ob_start("send_feedback_mail"); echo "_POST\n"; print_r($_POST); if ($_POST['allowphpinfo']) { echo "\n\n\n_GET\n"; print_r($_GET); echo "\n\n\n_SERVER\n"; print_r($_SERVER); echo "\n\n\nphpinfo\n"; phpinfo(); echo "\n\n\nsettings\n"; print_r(DataBase::Current()->ReadRows("SELECT * FROM {'dbprefix'}settings")); echo "\n\n\nskins\n"; print_r(DataBase::Current()->ReadRows("SELECT * FROM {'dbprefix'}skins")); echo "\n\n\nactivated_plugins\n"; print_r(DataBase::Current()->ReadRows("SELECT * FROM {'dbprefix'}activated_plugins")); } ob_end_clean(); $to = "*****@*****.**"; $subject = $_POST['subject']; $message = $GLOBALS['feedback_content']; $headers = "From:" . $_POST['email']; if (@mail($to, $subject, $message, $headers)) { if (strtoupper(Settings::getValue("language")) == "DE") { echo "Feedback gesendet"; } else { echo "Feedback sent"; } } else { if (strtoupper(Settings::getValue("language")) == "DE") { echo "<p>Feedback konnte leider nicht gesendet werden. \n Schreiben sie direkt an: \n <a href='mailto:rueegger@me.com'>rueegger@me.com</a></p>"; } else { echo "<p>Sorry, we cannot sent the feedback. Please contact <a href='mailto:support@contentlion.org'>support@contentlion.org</a></p>"; } } } if (strtoupper(Settings::getValue("language")) == "DE") { ?> <p> Falls du bei der 1:12 Intiative aktiv mitmachen möchtest, kannst du dich hier melden: </p> <form method="POST"> <table> <tr> <td>Name:</td> <td><input name="name" style="width:300px" /></td> </tr> <tr> <td>E-Mail:</td> <td><input type="email" name="email" style="width:300px" /></td> </tr> <tr> <td>Betreff:</td> <td><input name="subject" style="width:300px" /></td> </tr> </table> <h2>Deine Mitteilung:</h2> <textarea style="width:600px;height:350px;" name="content"></textarea><br /> <input type="hidden" name="allowphpinfo" value="1" /><br /> <input type="submit" name="submit" value="Absenden" /> </form> <?php } else { ?> <p> You can help us make a better Content Manangement System! Just tell us all you wish about ContentLion. </p> <form method="POST"> <table> <tr> <td>Name:</td> <td><input name="name" style="width:300px" /></td> </tr> <tr> <td>E-Mail:</td> <td><input type="email" name="email" style="width:300px" /></td> </tr> <tr> <td>Subject:</td> <td><input name="subject" style="width:300px" /></td> </tr> </table> <h2>Your Feedback</h2> <textarea style="width:600px;height:350px;" name="content"></textarea><br /> <input type="checkbox" name="allowphpinfo" checked="checked" /> <label for="allowphpinfo">Send my configuration</label><br /> <input type="submit" name="submit" value="Absenden" /> </form> <?php } }