/** * Checks to see if the page in question is a valid composer draft for the logged in user */ protected static function isValidComposerPage($entry) { $ct = CollectionType::getByID($entry->getCollectionTypeID()); if (!$ct->isCollectionTypeIncludedInComposer()) { return false; } $cp = new Permissions($entry); if (!$cp->canWrite()) { return false; } return true; }
public function checkSSL() { if ($this->requireSSL == 1) { global $c; $cp = new Permissions($c); if (isset($cp)) { if (!$cp->canWrite() && !$cp->canAddSubContent() && !$cp->canAdminPage() && !$cp->canApproveCollection()) { if ($_SERVER['HTTPS'] != "on") { $redirect = "https://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']; header("Location:{$redirect}"); } } } } }
public function on_page_view() { //Include js and css for image cropper IF user is logged in and has editing capabilities // (don't just check for edit mode because user could be in the file manager // via the dashboard OR the front-end sans edit mode [if they have file manager toolbar button enabled]). $u = new User(); $cp = new Permissions(Page::getCurrentPage()); if ($u->isLoggedIn() && $cp->canWrite()) { $html = Loader::helper('html'); $view = View::getInstance(); $view->addHeaderItem($html->css(BASE_URL . DIR_REL . '/packages/image_cropper/css/jquery.Jcrop.css'), 'CONTROLLER'); $view->addHeaderItem($html->css(BASE_URL . DIR_REL . '/packages/image_cropper/css/image_cropper.css'), 'CONTROLLER'); $view->addHeaderItem($html->javascript(BASE_URL . DIR_REL . '/packages/image_cropper/js/ccm.filemanager.js'), 'CONTROLLER'); //Note that we passed the 'CONTROLLER' namespace to addHeaderItem() so that it adds our items AFTER the core items //TODO: MAKE $.getScript() WORK FROM elements/files/edit/image.php SO WE DON'T HAVE TO LOAD THESE ON EVERY PAGE! $view->addHeaderItem($html->javascript(BASE_URL . DIR_REL . '/packages/image_cropper/js/jquery.Jcrop.js'), 'CONTROLLER'); $view->addHeaderItem($html->javascript(BASE_URL . DIR_REL . '/packages/image_cropper/js/image_editor.js'), 'CONTROLLER'); $view->addHeaderItem($html->javascript(BASE_URL . DIR_REL . '/packages/image_cropper/js/ui.js'), 'CONTROLLER'); } }
## Get a permissions object for this particular collection. $cp = new Permissions($c); ## Now that we have a collections and permissions object, we check to make sure ## everything is okay with collections and permissions if ($cp->isError()) { // if we've gotten an error getting information about this particular collection // than we load up the Content class, and get prepared to fire away switch ($cp->getError()) { case COLLECTION_FORBIDDEN: $v = View::getInstance(); $v->setCollectionObject($c); $v->render('/page_forbidden'); break; } } if (!$c->isActive() && !$cp->canWrite()) { $v = View::getInstance(); $v->render('/page_not_found'); } ## If there's no error, then we build the collection, but first we load it with the appropriate ## version. We pass the function the collection object, as well as the collection permissions ## object, which the function will use to determine what version we get to see if ($cp->canWrite() || $cp->canReadVersions()) { $cvID = $_REQUEST['cvID'] ? $_REQUEST['cvID'] : "RECENT"; } else { $cvID = "ACTIVE"; } if ($_REQUEST['ccm-disable-controls'] == true || intval($cvID) > 0) { $v = View::getInstance(); $v->disableEditing(); $v->disableLinks();
} if ($pcID && $_REQUEST['sbURL']) { header('Location: ' . BASE_URL . $_GET['sbURL']); exit; } //global scrapbooks } elseif ($_REQUEST['bID'] > 0 && $_REQUEST['arHandle']) { $bID = intval($_REQUEST['bID']); $scrapbookHelper = Loader::helper('concrete/scrapbook'); $globalScrapbookC = $scrapbookHelper->getGlobalScrapbookPage(); $globalScrapbookA = Area::get($globalScrapbookC, $_REQUEST['arHandle']); $block = Block::getById($bID, $globalScrapbookC, $globalScrapbookA); if ($block) { //&& $block->getAreaHandle()=='Global Scrapbook' $bp = new Permissions($block); if (!$bp->canWrite()) { throw new Exception(t('Access to block denied')); } else { $block->delete(1); } } } die; break; } } if ($_REQUEST['processBlock'] && $valt->validate()) { // some admin (or unscrupulous person) is doing something to a block of content on the site $edit = $_REQUEST['enterViewMode'] ? "" : "&mode=edit"; if ($_POST['update']) { // the person is attempting to update some block of content
$c = $scrapbookHelper->getGlobalScrapbookPage(); $db = Loader::db(); $arHandle = $db->getOne('SELECT arHandle FROM CollectionVersionBlocks WHERE bID=? AND cID=? AND isOriginal=1', array(intval($_REQUEST['bID']), intval($c->getCollectionId()))); $a = Area::get($c, $arHandle); $b = Block::getByID(intval($_REQUEST['bID']), $c, $a); //redirect cID $rcID = intval($_REQUEST['cID']); $isGlobal = 1; $rarHandle = $_REQUEST['arHandle']; } else { $c = Page::getByID($_REQUEST['cID']); $a = Area::get($c, $_REQUEST['arHandle']); $b = Block::getByID($_REQUEST['bID'], $c, $a); } $bp = new Permissions($b); if (!$bp->canWrite()) { die(t("Access Denied.")); } if ($_REQUEST['btask'] != 'view' && $_REQUEST['btask'] != 'view_edit_mode') { include DIR_FILES_ELEMENTS_CORE . '/dialog_header.php'; } $bv = new BlockView(); if (($isGlobal || $c->isMasterCollection()) && !in_array($_REQUEST['btask'], array('child_pages', 'composer', 'view_edit_mode'))) { echo '<div class="ccm-notification">'; echo t('This is a global block. Editing it here will change all instances of this block throughout the site.'); //echo t('This is a global block. Edit it from the <a href="%s">Global Scrapbook</a> in your dashboard.<br /><br /><br />', View::url('/dashboard/scrapbook/') ); //echo '[<a class="ccm-dialog-close">'.t('Close Window').'</a>]'; echo '</div>'; } if ($b->isAliasOfMasterCollection() && $_REQUEST['btask'] != 'view_edit_mode') { echo '<div class="ccm-notification">';
<?php defined('C5_EXECUTE') or die("Access Denied."); $u = new User(); $form = Loader::helper('form'); $f = File::getByID($_REQUEST['fID']); $fp = new Permissions($f); if (!$fp->canRead()) { die(t("Access Denied.")); } $fv = $f->getApprovedVersion(); $canViewInline = $fv->canView() ? 1 : 0; $canEdit = $fv->canEdit() ? 1 : 0; ?> <div class="ccm-file-selected" fID="<?php echo $_REQUEST['fID']?>" ccm-file-manager-field="<?php echo $_REQUEST['ccm_file_selected_field']?>" ccm-file-manager-can-admin="<?php echo ($fp->canAdmin())?>" ccm-file-manager-can-delete="<?php echo $fp->canAdmin()?>" ccm-file-manager-can-view="<?php echo $canViewInline?>" ccm-file-manager-can-replace="<?php echo $fp->canWrite()?>" ccm-file-manager-can-edit="<?php echo $canEdit?>" > <div class="ccm-file-selected-thumbnail"><?php echo $fv->getThumbnail(1)?></div> <div class="ccm-file-selected-data"><div><?php echo $fv->getTitle()?></div><div></div></div> <div class="ccm-spacer"> </div> </div>
foreach($slist as $ak) { ?> <th class="<?php echo $pageList->getSearchResultsClass($ak)?>"><a href="<?php echo $pageList->getSortByURL($ak, 'asc', $bu, $soargs)?>"><?php echo $ak->getAttributeKeyDisplayHandle()?></a></th> <?php } ?> <th class="ccm-search-add-column-header"><a href="<?php echo REL_DIR_FILES_TOOLS_REQUIRED?>/pages/customize_search_columns?searchInstance=<?php echo $searchInstance?>" id="ccm-search-add-column"><img src="<?php echo ASSETS_URL_IMAGES?>/icons/add.png" width="16" height="16" alt="<?php echo t('Add')?>"/></a></th> </tr> <?php foreach($pages as $cobj) { $cpobj = new Permissions($cobj); if (!isset($striped) || $striped == 'ccm-list-record-alt') { $striped = ''; } else if ($striped == '') { $striped = 'ccm-list-record-alt'; } ?> <tr class="ccm-list-record <?php echo $striped?>" cName="<?php echo htmlentities($cobj->getCollectionName(), ENT_QUOTES, APP_CHARSET)?>" cID="<?php echo $cobj->getCollectionID()?>" sitemap-select-callback="<?php echo $sitemap_select_callback?>" sitemap-select-mode="<?php echo $sitemap_select_mode?>" sitemap-display-mode="search" canWrite="<?php echo $cpobj->canWrite()?>" cNumChildren="<?php echo $cobj->getNumChildren()?>" cAlias="false"> <?php if (!$searchDialog) { ?><td class="ccm-<?php echo $searchInstance?>-list-cb" style="vertical-align: middle !important"><input type="checkbox" value="<?php echo $cobj->getCollectionID()?>" /></td><?php } ?> <td><?php echo $cobj->getCollectionTypeName()?></td> <td class="ccm-page-list-name"><div style="max-width: 150px; word-wrap: break-word"><?php echo $txt->highlightSearch($cobj->getCollectionName(), $keywords)?></div></td> <td><?php echo date(DATE_APP_DASHBOARD_SEARCH_RESULTS_PAGES, strtotime($cobj->getCollectionDatePublic()))?></td> <td><?php echo date(DATE_APP_DASHBOARD_SEARCH_RESULTS_PAGES, strtotime($cobj->getCollectionDateLastModified()))?></td> <td><?php $ui = UserInfo::getByID($cobj->getCollectionUserID()); if (is_object($ui)) { print $ui->getUserName(); } ?></td> <?php if ($pageList->isIndexedSearch()) { ?> <td><?php echo $cobj->getPageIndexScore()?></td> <?php } ?>
function display(&$c, $alternateBlockArray = null) { if(!intval($c->cID)){ //Invalid Collection return false; } $currentPage = Page::getCurrentPage(); $ourArea = Area::getOrCreate($c, $this->arHandle); if (count($this->customTemplateArray) > 0) { $ourArea->customTemplateArray = $this->customTemplateArray; } if (count($this->attributes) > 0) { $ourArea->attributes = $this->attributes; } if ($this->maximumBlocks > -1) { $ourArea->maximumBlocks = $this->maximumBlocks; } $ap = new Permissions($ourArea); $blocksToDisplay = ($alternateBlockArray) ? $alternateBlockArray : $ourArea->getAreaBlocksArray($c, $ap); $this->totalBlocks = $ourArea->getTotalBlocksInArea(); $u = new User(); $bv = new BlockView(); // now, we iterate through these block groups (which are actually arrays of block objects), and display them on the page if (($this->showControls) && ($c->isEditMode() && ($ap->canAddBlocks() || $u->isSuperUser()))) { $bv->renderElement('block_area_header', array('a' => $ourArea)); } $bv->renderElement('block_area_header_view', array('a' => $ourArea)); //display layouts tied to this area //Might need to move this to a better position $areaLayouts = $this->getAreaLayouts($c); if(is_array($areaLayouts) && count($areaLayouts)){ foreach($areaLayouts as $layout){ $layout->display($c,$this); } if($this->showControls && ($c->isArrangeMode() || $c->isEditMode())) { echo '<div class="ccm-layouts-block-arrange-placeholder ccm-block-arrange"></div>'; } } foreach ($blocksToDisplay as $b) { $bv = new BlockView(); $bv->setAreaObject($ourArea); // this is useful for rendering areas from one page // onto the next and including interactive elements if ($currentPage->getCollectionID() != $c->getCollectionID()) { $b->setBlockActionCollectionID($c->getCollectionID()); } $p = new Permissions($b); if (($p->canWrite() || $p->canDeleteBlock()) && $c->isEditMode() && $this->showControls) { $includeEditStrip = true; } if ($p->canRead()) { if (!$c->isEditMode()) { echo $this->enclosingStart; } if ($includeEditStrip) { $bv->renderElement('block_controls', array( 'a' => $ourArea, 'b' => $b, 'p' => $p )); $bv->renderElement('block_header', array( 'a' => $ourArea, 'b' => $b, 'p' => $p )); } $bv->render($b); if ($includeEditStrip) { $bv->renderElement('block_footer'); } if (!$c->isEditMode()) { echo $this->enclosingEnd; } } } $bv->renderElement('block_area_footer_view', array('a' => $ourArea)); if (($this->showControls) && ($c->isEditMode() && ($ap->canAddBlocks() || $u->isSuperUser()))) { $bv->renderElement('block_area_footer', array('a' => $ourArea)); } }
echo $_REQUEST['fID']; ?> " ccm-file-manager-field="<?php echo $_REQUEST['ccm_file_selected_field']; ?> " ccm-file-manager-can-admin="<?php echo $fp->canAdmin(); ?> " ccm-file-manager-can-delete="<?php echo $fp->canAdmin(); ?> " ccm-file-manager-can-view="<?php echo $canViewInline; ?> " ccm-file-manager-can-replace="<?php echo $fp->canWrite(); ?> " ccm-file-manager-can-edit="<?php echo $canEdit; ?> " > <div class="ccm-file-selected-thumbnail"><?php echo $fv->getThumbnail(1); ?> </div> <div class="ccm-file-selected-data"><div><?php echo $fv->getTitle(); ?> </div><div></div></div> <div class="ccm-spacer"> </div> </div>
<?php } ?> <?php } ?> <th class="ccm-search-add-column-header"><?php if ($_REQUEST['fssID'] < 1) { ?><a href="<?php echo REL_DIR_FILES_TOOLS_REQUIRED?>/files/customize_search_columns?searchInstance=<?php echo $searchInstance?>" id="ccm-search-add-column"><img src="<?php echo ASSETS_URL_IMAGES?>/icons/column_preferences.png" width="16" height="16" /></a><?php } ?></th> </tr> <?php foreach($files as $f) { $pf = new Permissions($f); if (!isset($striped) || $striped == 'ccm-list-record-alt') { $striped = ''; } else if ($striped == '') { $striped = 'ccm-list-record-alt'; } $star_icon = ($f->isStarred() == 1) ? 'star_yellow.png' : 'star_grey.png'; $fv = $f->getApprovedVersion(); $canViewInline = $fv->canView() ? 1 : 0; $canEdit = ($fv->canEdit() && $pf->canWrite()) ? 1 : 0; $pfg = FilePermissions::getGlobal(); ?> <tr class="ccm-list-record <?php echo $striped?>" ccm-file-manager-instance="<?php echo $searchInstance?>" ccm-file-manager-can-admin="<?php echo ($pf->canAdmin())?>" ccm-file-manager-can-duplicate="<?php echo ($pfg->canAddFileType($f->getExtension()) && $pf->canWrite())?>" ccm-file-manager-can-delete="<?php echo $pf->canAdmin()?>" ccm-file-manager-can-view="<?php echo $canViewInline?>" ccm-file-manager-can-replace="<?php echo $pf->canWrite()?>" ccm-file-manager-can-edit="<?php echo $canEdit?>" fID="<?php echo $f->getFileID()?>" id="fID<?php echo $f->getFileID()?>"> <td class="ccm-file-list-cb" style="vertical-align: middle !important"><input type="checkbox" value="<?php echo $f->getFileID()?>" /></td> <td> <div class="ccm-file-list-thumbnail"> <div class="ccm-file-list-thumbnail-image" fID="<?php echo $f->getFileID()?>"><table border="0" cellspacing="0" cellpadding="0" height="70" width="100%"><tr><td align="center" fID="<?php echo $f->getFileID()?>" style="padding: 0px"><?php echo $fv->getThumbnail(1)?></td></tr></table></div> </div> <?php if ($fv->hasThumbnail(2)) { ?> <div class="ccm-file-list-thumbnail-hover" id="fID<?php echo $f->getFileID()?>hoverThumbnail"><div><?php echo $fv->getThumbnail(2)?></div></div> <?php } ?> </td> <td class="ccm-file-list-starred"><img src="<?php echo ASSETS_URL_IMAGES?>/icons/<?php echo $star_icon?>" height="16" width="16" border="0" class="ccm-star" /></td>
$db = Loader::db(); $arHandle=$db->getOne('SELECT arHandle FROM CollectionVersionBlocks WHERE bID=? AND cID=? AND isOriginal=1', array(intval($_REQUEST['bID']),intval($c->getCollectionId()))); $a = Area::get( $c, $arHandle); $b=Block::getByID( intval($_REQUEST['bID']), $c, $a); //redirect cID $rcID = intval($_REQUEST['cID']); $isGlobal=1; $rarHandle = $_REQUEST['arHandle']; }else{ $c = Page::getByID($_REQUEST['cID']); $a = Area::get($c, $_REQUEST['arHandle']); $b = Block::getByID($_REQUEST['bID'], $c, $a); } $bp = new Permissions($b); if (!$bp->canWrite()) { die(t("Access Denied.")); } if ($_REQUEST['btask'] != 'view' && $_REQUEST['btask'] != 'view_edit_mode') { include(DIR_FILES_ELEMENTS_CORE . '/dialog_header.php'); } $bv = new BlockView(); if(($isGlobal || $c->isMasterCollection()) && (!in_array($_REQUEST['btask'], array('child_pages','composer','view_edit_mode')))) { echo '<div class="ccm-notification">'; echo t('This is a global block. Editing it here will change all instances of this block throughout the site.'); //echo t('This is a global block. Edit it from the <a href="%s">Global Scrapbook</a> in your dashboard.<br /><br /><br />', View::url('/dashboard/scrapbook/') ); //echo '[<a class="ccm-dialog-close">'.t('Close Window').'</a>]'; echo '</div>';
$args = array('c'=>$c, 'a' => $a, 'cp' => $cp, 'ap' => $ap, 'token' => $token); switch($_GET['atask']) { case 'add': $toolSection = "block_area_add_new"; $canViewPane = $ap->canAddBlocks(); break; case 'paste': $toolSection = "block_area_add_scrapbook"; $canViewPane = $ap->canAddBlocks(); break; case 'layout': $originalLayoutId = (intval($_REQUEST['originalLayoutID'])) ? intval($_REQUEST['originalLayoutID']) : intval($_REQUEST['layoutID']); $args['refreshAction'] = REL_DIR_FILES_TOOLS_REQUIRED . '/edit_area_popup?atask=layout&cID=' . $c->getCollectionID() . '&arHandle=' . $a->getAreaHandle() . '&refresh=1&originalLayoutID='.$originalLayoutId.'&cvalID='.$_REQUEST['cvalID']; $toolSection = "block_area_layout"; $canViewPane = $ap->canWrite(); $args['action'] = $a->getAreaUpdateAction('layout').'&originalLayoutID='.$originalLayoutId.'&cvalID='.intval($_REQUEST['cvalID']); break; case 'design': $toolSection = 'custom_style'; $args['style'] = $c->getAreaCustomStyleRule($a); $args['action'] = $a->getAreaUpdateAction('design'); $args['refreshAction'] = REL_DIR_FILES_TOOLS_REQUIRED . '/edit_area_popup?atask=design&cID=' . $c->getCollectionID() . '&arHandle=' . $a->getAreaHandle() . '&refresh=1'; $canViewPane = $ap->canWrite(); if ($canViewPane) { if ($_REQUEST['subtask'] == 'delete_custom_style_preset') { $styleToDelete = CustomStylePreset::getByID($_REQUEST['deleteCspID']); $styleToDelete->delete(); } } break;
$miniSurvey= new Minisurvey(); //Permissions Check if($_GET['cID'] && $_GET['arHandle']){ $c = Page::getByID($_GET['cID'], 'RECENT'); $a = Area::get($c, $_GET['arHandle']); if(intval($_GET['bID'])==0){ //add survey mode $ap = new Permissions($a); $bt = BlockType::getByID($_GET['btID']); if(!$ap->canAddBlock($bt)) $badPermissions=true; }else{ //edit survey mode $b = Block::getByID($_GET['bID'], $c, $a); $bp = new Permissions($b); if( !$bp->canWrite() ) $badPermissions=true; } }else $badPermissions=true; if($badPermissions){ echo t('Invalid Permissions'); die; } switch ($_GET['mode']){ case 'addQuestion': $miniSurvey->addEditQuestion($_POST); break; case 'getQuestion':
public function outputRequestHTML($instanceID, $display_mode, $select_mode, $req) { $nodeID = $req->nodeID; $spID = ($this->selectedPageID > 0) ? $this->selectedPageID : 'false'; $c = Page::getByID($req->nodeID, 'ACTIVE'); if ($display_mode == 'explore') { $nav = Loader::helper('navigation'); $trail = $nav->getTrailToCollection($c); $trail = array_reverse($trail); $this->html .= '<div id="ccm-sitemap-bc"><ul>'; foreach($trail as $t) { if ($select_mode == '') { $this->html .= '<li><a href="' . View::url('/dashboard/sitemap/explore', $t->getCollectionID()) . '"><span>' . $t->getCollectionName() . '</span></a></li>'; } else { $this->html .= '<li><a href="javascript:void(0)" onclick="ccmSitemapExploreNode(\'' . $instanceID . '\', \''. $display_mode . '\', \'' . $select_mode . '\',' . $t->getCollectionID() . ',' . $spID . ')">' . $t->getCollectionName() . '</a></li>'; } } $cp = new Permissions($c); $this->html .= '<li class="ccm-sitemap-current-level-title">'; $this->html .= '<div sitemap-display-mode="' . $display_mode . '" sitemap-select-mode="' . $select_mode . '" sitemap-instance-id="' . $instanceID . '" class="tree-label" rel="' . DIR_REL . '/' . DISPATCHER_FILENAME . '?cID=' . $c->getCollectionID() . '" tree-node-alias="0" '; $this->html .= 'selected-page-id="' . $this->selectedPageID . '" tree-node-canwrite="' . $cp->canWrite() . '" tree-node-children="' . $c->getNumChildren() . '" '; $this->html .= 'tree-node-title="' . htmlspecialchars($c->getCollectionName()) . '" id="tree-label' . $c->getCollectionID() . '">'; $this->html .= '<span>' . $c->getCollectionName() . '</span></div></li>'; $this->html .= '</ul></div>'; } if ($display_mode == 'full' || $display_mode == '') { $this->html .= '<div class="dropzone tree-dz' . $nodeID . '" tree-parent="' . $nodeID . '" id="tree-dz' . $nodeID . '-sub"></div>'; } $moveableClass = ''; for ($i = 0; $i < count($req->results); $i++) { $ri = $req->results[$i]; $typeClass = 'tree-node-document'; $treeNodeType = 'document'; $labelClass = "tree-label"; if ($ri['numSubpages'] > 0) { $treeNodeType = 'folder'; if ($display_mode == 'full' || $display_mode == '') { $typeClass = 'tree-node-folder'; } else { $typeClass = 'tree-node-folder-explore'; } } $customIconSrc = ""; if ($ri['cIcon']) { $customIconSrc = ' style="background-image: url(' . $ri['cIcon'] . ')"'; } $cAlias = $ri['cAlias']; $canWrite = $ri['canWrite']; $canDrag = ($ri['id'] > 1) ? "true" : "false"; $this->html .= '<li tree-node-cancompose="' . $ri['canCompose'] . '" tree-node-type="' . $treeNodeType . '" draggable="' . $canDrag . '" class="tree-node ' . $typeClass . ' tree-branch' . $nodeID . '" id="tree-node' . $ri['id'] . '"' . $customIconSrc . '>'; if ($ri['numSubpages'] > 0) { $subPageStr = ($ri['id'] == 1) ? '' : ' (' . $ri['numSubpages'] . ')'; if ($display_mode == 'explore') { $this->html .= ($select_mode == 'move_copy_delete' || $select_mode == 'select_page') ? '<a href="javascript:void(0)" onclick="ccmSitemapExploreNode(\'' . $instanceID . '\', \'' . $display_mode . '\', \'' . $select_mode . '\', ' . $ri["id"] . ',' . $spID . ')">' : '<a href="' . View::url('/dashboard/sitemap/explore', $ri['id']) . '">' ; } $this->html .= '<img src="' . ASSETS_URL_IMAGES . '/spacer.gif" width="16" height="16" class="handle ' . $moveableClass . '" />'; if ($display_mode == 'explore' || $select_mode == 'move_copy_delete' || $select_mode == 'select_page') { $this->html .= '</a>'; } if ($display_mode == 'full' || $display_mode == '') { $this->html .= '<a href="javascript:toggleSub(\'' . $instanceID . '\',\'' . $ri['id'] . '\',\'' . $display_mode . '\',\'' . $select_mode . '\')">'; $this->html .= '<img src="' . ASSETS_URL_IMAGES . '/dashboard/plus.jpg" width="9" height="9" class="tree-plus" id="tree-collapse' . $ri['id'] . '" /></a>'; } $this->html .= '<div rel="' . DIR_REL . '/' . DISPATCHER_FILENAME . '?cID=' . $ri['id'] . '" class="' . $labelClass . '" tree-node-alias="' . $cAlias . '" '; $this->html .= 'selected-page-id="' . $this->selectedPageID . '" tree-node-cancompose="' . $ri['canCompose'] . '" sitemap-display-mode="' . $display_mode . '" sitemap-select-mode="' . $select_mode . '" sitemap-instance-id="' . $instanceID . '" tree-node-canwrite="' . $canWrite . '" tree-node-children="' . $ri['numSubpages'] . '" '; $this->html .= 'tree-node-title="' . htmlspecialchars($ri['cvName']) . '" id="tree-label' . $ri['id'] . '" '; if ($ri['selected']) { $this->html .= 'class="tree-label-selected-onload" '; } $this->html .= '>'; $this->html .= '<span>' . $ri['cvName'] . $subPageStr . '</span>'; /* if ($display_mode == 'full' || $display_mode == '') { $this->html .= '<a class="ccm-tree-search-trigger" href="javascript:void(0)" onclick="searchSubPages(' . $ri['id'] . ')">'; $this->html .= '<img src="' . ASSETS_URL_IMAGES . '/icons/magnifying.png" /></a>'; } */ $this->html .= '</div>'; if ($display_mode == 'full' || $display_mode == '') { /* $this->html .= '<form onsubmit="return searchSitemapNode(' . $ri['id'] . ')" id="ccm-tree-search' . $ri['id'] . '" class="ccm-tree-search">'; $this->html .= '<a href="javascript:void(0)" onclick="closeSub(' . $ri['id'] . ')" class="ccm-tree-search-close"><img src="' . ASSETS_URL_IMAGES . '/icons/close.png" /></a>'; $this->html .= '<input type="text" name="submit" name="q" /> <a href="javascript:void(0)" onclick="searchSitemapNode(' . $ri['id'] . ')">'; $this->html .= '<img src="' . ASSETS_URL_IMAGES . '/icons/magnifying.png" /></a></form>'; */ // we HAVE to add another <LI> because of jQuery UI's weird drag and drop behavior on Windows if (strpos($_SERVER['HTTP_USER_AGENT'], 'MSIE') > -1) { $this->html .= '<li>'; } $this->html .= '<ul tree-root-state="closed" tree-root-node-id="' . $ri['id'] . '" tree-root-num-subpages="' . $ri['numSubpages'] . '" id="tree-root' . $ri['id'] . '" selected-page-id="' . $this->selectedPageID . '" sitemap-instance-id="' . $instanceID . '" sitemap-display-mode="' . $display_mode . '" sitemap-select-mode="' . $select_mode . '">'; if (is_object($ri['subnodes']) && count($ri['subnodes']->results) > 0) { $this->outputRequestHTML($instanceID, $display_mode, $select_mode, $ri['subnodes']); } $this->html .= '</ul>'; } } else { $this->html .= '<div tree-node-title="' . htmlspecialchars($ri['cvName']) . '" tree-node-children="' . $ri['numSubpages'] . '" '; $this->html .= 'class="' . $labelClass . '" tree-node-cancompose="' . $ri['canCompose'] . '" tree-node-alias="' . $cAlias . '" tree-node-canwrite="' . $canWrite . '" '; $this->html .= 'selected-page-id="' . $this->selectedPageID . '" sitemap-display-mode="' . $display_mode . '" sitemap-select-mode="' . $select_mode . '" sitemap-instance-id="' . $instanceID . '" id="tree-label' . $ri['id'] . '" rel="' . DIR_REL . '/' . DISPATCHER_FILENAME . '?cID=' . $ri['id'] . '">'; $this->html .= '<img src="' . ASSETS_URL_IMAGES . '/spacer.gif" width="16" height="16" class="handle ' . $moveableClass . '" /><span>' . $ri['cvName'] . '</span></div>'; } $this->html .= '</li>'; if ($display_mode == 'full' || $display_mode == '') { $this->html .= '<div class="dropzone tree-dz' . $nodeID . '" tree-parent="' . $nodeID . '" id="tree-dz' . $ri['id'] . '"></div>'; } } if ($req->total > count($req->results) && $nodeID > 1) { if ($display_mode == 'explore' || $select_mode == 'move_copy_delete' || $select_mode == 'select_page') { if ($display_mode == 'explore') { $this->html .= '<li class="ccm-sitemap-explore-paging">' . $req->pageList->displayPaging(false, true) . '</li>'; } else { $this->html .= '<li class="ccm-sitemap-explore-paging">' . $req->pageList->displayPaging(REL_DIR_FILES_TOOLS_REQUIRED . '/dashboard/sitemap_data', true) . '</li>'; } } else { $drillDownAction = ($req->keywords != null) ? View::url('/dashboard/sitemap/search?cvName=' . $req->keywords . '&selectedSearchField[]=parent&numResults=' . SITEMAP_PAGES_LIMIT . '&ccm_paging_p=2&cParentAll=1&ccm_order_by=cDisplayOrder&cParentIDSearchField=' . $nodeID) : View::url('/dashboard/sitemap/explore', $nodeID); $this->html .= '<li class="ccm-sitemap-more-results">' . t('%s more to display. <a href="%s">View All</a>', $req->total - count($req->results), $drillDownAction) . '</a></li>'; } } return $this->html; }
$fp = new Permissions($f); if (!$fp->canRead()) { die(t("Access Denied.")); } if (isset($_REQUEST['fvID'])) { $fv = $f->getVersion($_REQUEST['fvID']); } else { $fv = $f->getApprovedVersion(); } if ($_REQUEST['task'] == 'preview_version') { $previewMode = true; } if ($_POST['task'] == 'approve_version' && $fp->canWrite() && (!$previewMode)) { $fv->approve(); exit; } if ($_POST['task'] == 'delete_version' && $fp->canAdmin() && (!$previewMode)) { $fv->delete(); exit; } if ($_POST['task'] == 'update_core' && $fp->canWrite() && (!$previewMode)) { $fv = $f->getVersionToModify(); switch($_POST['attributeField']) { case 'fvTitle':
}else foreach($globalScrapbookBlocks as $b) { $b->setBlockAreaObject($globalScrapbookArea); $bv = new BlockView(); $bt = BlockType::getByID( $b->getBlockTypeID() ); $bp = new Permissions($b); $btIcon = $ci->getBlockTypeIconURL($bt); //give this block a name if it doesn't have one if( !strlen($b->getBlockName()) ){ $b->updateBlockName( $scrapbookName.' '.intval($b->bID) ); } ?> <div class="ccm-scrapbook-list-item" id="ccm-scrapbook-list-item-<?php echo intval($b->bID)?>"> <div class="ccm-block-type"> <div class="options"> <?php if ($bp->canWrite()) { ?> <a href="javascript:void(0)" onclick="GlobalScrapbook.toggleRename(<?php echo intval($b->bID) ?>)"><?php echo t('Rename')?></a> | <a href="javascript:void(0)" onclick="GlobalScrapbook.editBlockTemplate(<?php echo intval($b->bID) ?>)" ><?php echo t('Custom Template')?></a> | <?php if (ENABLE_CUSTOM_DESIGN == true) { ?> <a href="javascript:void(0)" onclick="GlobalScrapbook.editBlockDesign(<?php echo intval($b->bID) ?>)" ><?php echo t('Design')?></a> | <?php } ?> <a href="javascript:void(0)" onclick="GlobalScrapbook.editBlock(<?php echo intval($b->bID) ?>,<?php echo $bt->getBlockTypeInterfaceWidth()?> , <?php echo $bt->getBlockTypeInterfaceHeight()?> )" ><?php echo t('Edit')?></a> | <?php } ?> <?php if (PERMISSIONS_MODEL != 'simple' && $bp->canAdmin()) { ?> <a href="javascript:void(0)" onclick="GlobalScrapbook.editBlockPermissions(<?php echo $b->getBlockID()?>)" ><?php echo t('Permissions')?></a>
} break; case 'deny': if ($cp->canApproveCollection() && !$isCheckedOut) { $v = CollectionVersion::get($c, $_GET['cvID']); if ($v->isApproved()) { $v->deny(); header("Location: " . REL_DIR_FILES_TOOLS_REQUIRED . "/versions.php?forcereload=1&cID=" . $cID . "&cvID=" . $_GET['cvID']); exit; } } break; } switch ($_GET['ctask']) { case 'approve_pending_action': if ($cp->canApproveCollection() && $cp->canWrite() && !$isCheckedOut) { $approve = false; if ($c->isPendingDelete()) { $children = $c->getNumChildren(); if ($children == 0 || $cp->canCP()) { $approve = true; $cParentID = $c->getCollectionParentID(); } } else { $approve = true; } if ($approve) { $c->approvePendingAction(); } if ($c->isPendingDelete() && $approve) { header("Location: " . REL_DIR_FILES_TOOLS_REQUIRED . "/versions.php?cIsDeleted=1&cParentID={$cParentID}");
echo $striped; ?> " cName="<?php echo htmlentities($cobj->getCollectionName(), ENT_QUOTES, APP_CHARSET); ?> " cID="<?php echo $cobj->getCollectionID(); ?> " sitemap-select-callback="<?php echo $sitemap_select_callback; ?> " sitemap-select-mode="<?php echo $sitemap_select_mode; ?> " sitemap-display-mode="search" canWrite="<?php echo $cpobj->canWrite(); ?> " cNumChildren="<?php echo $cobj->getNumChildren(); ?> " cAlias="false"> <?php if (!$searchDialog) { ?> <td class="ccm-<?php echo $searchInstance; ?> -list-cb" style="vertical-align: middle !important"><input type="checkbox" value="<?php echo $cobj->getCollectionID(); ?> " /></td><?php
function setGroupAccess(&$cObj, &$u) { if (!$u->isRegistered()) { $perms = Cache::get('page_permission_set_guest', $cObj->getCollectionID()); } if ($perms == false) { $db = Loader::db(); $groups = $u->getUserGroups(); // now we get collection type permissions for all the groups that this user is in $inStr = '('; $i = 0; foreach ($groups as $key => $value) { $inStr .= $i != 0 ? ', ' : ''; $inStr .= $key; $i++; } $inStr .= ')'; $_uID = $u->getUserID() > 0 ? " or uID = " . $u->getUserID() : ""; $_cID = $cObj->getPermissionsCollectionID(); $q = "select cgPermissions, cgStartDate, cgEndDate, gID from PagePermissions where cID = '{$_cID}' and (gID in {$inStr} {$_uID})"; $r = $db->query($q); $groupSetAdditional = false; $canWriteToPage = false; $permissions = array(); if ($r) { while ($row = $r->fetchRow()) { $dh = Loader::helper('date'); $time = strtotime($dh->getSystemDateTime()); if (!$row['cgStartDate'] && !$row['cgEndDate'] || $row['cgStartDate'] && !$row['cgEndDate'] && $time >= strtotime($row['cgStartDate']) || !$row['cgStartDate'] && $row['cgEndDate'] && $time <= strtotime($row['cgEndDate']) || $row['cgStartDate'] && $row['cgEndDate'] && $time >= strtotime($row['cgStartDate']) && $time <= strtotime($row['cgEndDate'])) { $permissions[] = $row['cgPermissions']; if (strpos($row['cgPermissions'], 'wa') !== false && !$canWriteToPage) { $canWriteToPage = true; // once this is set it can't be unset } //if ($row['gID'] != GUEST_GROUP_ID && $row['gID'] != REGISTERED_GROUP_ID) { if ($row['gID'] != GUEST_GROUP_ID) { $groupSetAdditional = true; if (PERMISSIONS_MODEL != 'simple') { $q2 = "select ctID from PagePermissionPageTypes where cID = '{$_cID}' and (gID in {$inStr} {$_uID})"; $r2 = $db->query($q2); while ($row2 = $r2->fetchRow()) { $this->addCollectionTypes[] = $row2['ctID']; } } } } } $r->free(); } if ($cObj->isExternalLink()) { // then whether the person can delete/write to this page ACTUALLY dependent on whether the PARENT collection // is writable $cParentCollection = Page::getByID($cObj->getCollectionParentID(), "RECENT"); $cp2 = new Permissions($cParentCollection); if ($cp2->canWrite()) { $permissions[] = 'dc:wa'; } } if ($canWriteToPage) { if (PERMISSIONS_MODEL == 'simple') { $this->populateAllPageTypes(); // we add delete block to the permission set, since for some reason it's a separate permissions call than delete collection (which we should've already added) $permissions[] = "db"; } $this->populateAllBlockTypes(); // the block types directive above may be overridden by area-specific permissions } $perms = $this->mergePermissions($permissions); if (!$u->isRegistered()) { Cache::set('page_permission_set_guest', $cObj->getCollectionID(), $perms); } } $cv = $cObj->getVersionObject(); if (is_object($cv)) { // if it's not the most recent, the only thing the user could do would be read if (!$cv->isMostRecent()) { $this->disableWrite(); return $perms; } else { return $perms; } } else { return $perms; } }
<?php defined('C5_EXECUTE') or die("Access Denied."); $c = Page::getByID($_REQUEST['cID']); $cp = new Permissions($c); if (!$cp->canWrite()) { die(t("Access Denied.")); } $scrapbookName=$_REQUEST['scrapbookName']; $_SESSION['ccmLastViewedScrapbook']=$scrapbookName; $a = Area::get($c, $_REQUEST['arHandle']); $token='&ccm_token='.$_REQUEST['ccm_token']; Loader::element('scrapbook_lists', array( 'c'=>$c, 'a'=>$a, 'scrapbookName'=>$scrapbookName, 'token'=>$token ) ); ?>
/** * render takes one argument - the item being rendered - and it can either be a path or a page object * @access public * @param string $view * @param array $args * @return void */ public function render($view, $args = null) { try { if (is_array($args)) { extract($args); } // strip off a slash if there is one at the end if (is_string($view)) { if (substr($view, strlen($view) - 1) == '/') { $view = substr($view, 0, strlen($view) - 1); } } $wrapTemplateInTheme = false; Events::fire('on_start', $this); // Extract controller information from the view, and put it in the current context if (!isset($this->controller)) { $this->controller = Loader::controller($view); $this->controller->setupAndRun(); } if ($this->controller->getRenderOverride() != '') { $view = $this->controller->getRenderOverride(); } // Determine which inner item to load, load it, and stick it in $innerContent $content = false; ob_start(); if ($view instanceof Page) { $viewPath = $view->getCollectionPath(); $this->viewPath = $viewPath; $cFilename = $view->getCollectionFilename(); $ctHandle = $view->getCollectionTypeHandle(); $editMode = $view->isEditMode(); $c = $view; $this->c = $c; // $view is a page. It can either be a SinglePage or just a Page, but we're not sure at this point, unfortunately if ($view->getCollectionTypeID() == 0 && $cFilename) { $wrapTemplateInTheme = true; if (file_exists(DIR_FILES_CONTENT. "{$cFilename}")) { $content = DIR_FILES_CONTENT. "{$cFilename}"; } else if ($view->getPackageID() > 0) { $file1 = DIR_PACKAGES . '/' . $view->getPackageHandle() . '/'. DIRNAME_PAGES . $cFilename; $file2 = DIR_PACKAGES_CORE . '/' . $view->getPackageHandle() . '/'. DIRNAME_PAGES . $cFilename; if (file_exists($file1)) { $content = $file1; } else if (file_exists($file2)) { $content = $file2; } } else if (file_exists(DIR_FILES_CONTENT_REQUIRED . "{$cFilename}")) { $content = DIR_FILES_CONTENT_REQUIRED. "{$cFilename}"; } $themeFilename = $c->getCollectionHandle() . '.php'; } else { if (file_exists(DIR_BASE . '/' . DIRNAME_PAGE_TYPES . '/' . $ctHandle . '.php')) { $content = DIR_BASE . '/' . DIRNAME_PAGE_TYPES . '/' . $ctHandle . '.php'; $wrapTemplateInTheme = true; } else if (file_exists(DIR_BASE_CORE. '/' . DIRNAME_PAGE_TYPES . '/' . $ctHandle . '.php')) { $content = DIR_BASE_CORE . '/' . DIRNAME_PAGE_TYPES . '/' . $ctHandle . '.php'; $wrapTemplateInTheme = true; } else if ($view->getPackageID() > 0) { $file1 = DIR_PACKAGES . '/' . $view->getPackageHandle() . '/'. DIRNAME_PAGE_TYPES . '/' . $ctHandle . '.php'; $file2 = DIR_PACKAGES_CORE . '/' . $view->getPackageHandle() . '/'. DIRNAME_PAGE_TYPES . '/' . $ctHandle . '.php'; if (file_exists($file1)) { $content = $file1; $wrapTemplateInTheme = true; } else if (file_exists($file2)) { $content = $file2; $wrapTemplateInTheme = true; } } $themeFilename = $ctHandle . '.php'; } } else if (is_string($view)) { // if we're passing a view but our render override is not null, that means that we're passing // a new view from within a controller. If that's the case, then we DON'T override the viewPath, we want to keep it // In order to enable editable 404 pages, other editable pages that we render without actually visiting if (defined('DB_DATABASE') && $view == '/page_not_found') { $pp = Page::getByPath($view); if (!$pp->isError()) { $this->c = $pp; } } $viewPath = $view; if ($this->controller->getRenderOverride() != '' && $this->getCollectionObject() != null) { // we are INSIDE a collection renderring a view. Which means we want to keep the viewPath that of the collection $this->viewPath = $this->getCollectionObject()->getCollectionPath(); } // we're just passing something like "/login" or whatever. This will typically just be // internal Concrete stuff, but we also prepare for potentially having something in DIR_FILES_CONTENT (ie: the webroot) if (file_exists(DIR_FILES_CONTENT . "/{$view}/" . FILENAME_COLLECTION_VIEW)) { $content = DIR_FILES_CONTENT . "/{$view}/" . FILENAME_COLLECTION_VIEW; } else if (file_exists(DIR_FILES_CONTENT . "/{$view}.php")) { $content = DIR_FILES_CONTENT . "/{$view}.php"; } else if (file_exists(DIR_FILES_CONTENT_REQUIRED . "/{$view}/" . FILENAME_COLLECTION_VIEW)) { $content = DIR_FILES_CONTENT_REQUIRED . "/{$view}/" . FILENAME_COLLECTION_VIEW; } else if (file_exists(DIR_FILES_CONTENT_REQUIRED . "/{$view}.php")) { $content = DIR_FILES_CONTENT_REQUIRED . "/{$view}.php"; } else if ($this->getCollectionObject() != null && $this->getCollectionObject()->isGeneratedCollection() && $this->getCollectionObject()->getPackageID() > 0) { //This is a single_page associated with a package, so check the package views as well $pagePkgPath = Package::getByID($this->getCollectionObject()->getPackageID())->getPackagePath(); if (file_exists($pagePkgPath . "/single_pages/{$view}/" . FILENAME_COLLECTION_VIEW)) { $content = $pagePkgPath . "/single_pages/{$view}/" . FILENAME_COLLECTION_VIEW; } else if (file_exists($pagePkgPath . "/single_pages/{$view}.php")) { $content = $pagePkgPath . "/single_pages/{$view}.php"; } } $wrapTemplateInTheme = true; $themeFilename = $view . '.php'; } if (is_object($this->c)) { $c = $this->c; if (defined('DB_DATABASE') && $view == '/page_not_found') { $view = $c; $req = Request::get(); $req->setCurrentPage($c); } } // Determine which outer item/theme to load // obtain theme information for this collection if (isset($this->themeOverride)) { $theme = $this->themeOverride; } else if ($this->controller->theme != false) { $theme = $this->controller->theme; } else if (($tmpTheme = $this->getThemeFromPath($viewPath)) != false) { $theme = $tmpTheme; } else if (is_object($this->c) && ($tmpTheme = $this->c->getCollectionThemeObject()) != false) { $theme = $tmpTheme; } else { $theme = FILENAME_COLLECTION_DEFAULT_THEME; } $this->setThemeForView($theme, $themeFilename, $wrapTemplateInTheme); // Now, if we're on an actual page, we retrieve all the blocks on the page // and store their view states in the local cache (for the page). That way // we can add header items and have them show up in the header BEFORE // the block itself is actually loaded if ($view instanceof Page) { $_pageBlocks = $view->getBlocks(); $_pageBlocksGlobal = $view->getGlobalBlocks(); $_pageBlocks = array_merge($_pageBlocks, $_pageBlocksGlobal); if ($view->supportsPageCache($_pageBlocks, $this->controller)) { $pageContent = $view->getFromPageCache(); if ($pageContent != false) { Events::fire('on_before_render', $this); if (defined('APP_CHARSET')) { header("Content-Type: text/html; charset=" . APP_CHARSET); } print($pageContent); Events::fire('on_render_complete', $this); if (ob_get_level() == OB_INITIAL_LEVEL) { require(DIR_BASE_CORE . '/startup/shutdown.php'); exit; } return; } } foreach($_pageBlocks as $b1) { $btc = $b1->getInstance(); // now we inject any custom template CSS and JavaScript into the header if('Controller' != get_class($btc)){ $btc->outputAutoHeaderItems(); } $btc->runTask('on_page_view', array($view)); } // do we have any custom menu plugins? $cp = new Permissions($view); if ($cp->canWrite() || $cp->canAddSubContent() || $cp->canAdminPage() || $cp->canApproveCollection()) { $ih = Loader::helper('concrete/interface/menu'); $_interfaceItems = $ih->getPageHeaderMenuItems(); foreach($_interfaceItems as $_im) { $_controller = $_im->getController(); $_controller->outputAutoHeaderItems(); } unset($_interfaceItems); unset($_im); unset($_controller); } unset($_interfaceItems); unset($_im); unset($_controller); // now, we output all the custom style records for the design tab in blocks/areas on the page $c = $this->getCollectionObject(); $view->outputCustomStyleHeaderItems(); } // finally, we include the theme (which was set by setTheme and will automatically include innerContent) // disconnect from our db and exit $this->controller->on_before_render(); extract($this->controller->getSets()); extract($this->controller->getHelperObjects()); if ($content != false) { include($content); } $innerContent = ob_get_contents(); if (ob_get_level() > OB_INITIAL_LEVEL) { ob_end_clean(); } Events::fire('on_before_render', $this); if (defined('APP_CHARSET')) { header("Content-Type: text/html; charset=" . APP_CHARSET); } if (file_exists($this->theme)) { ob_start(); include($this->theme); $pageContent = ob_get_contents(); ob_end_clean(); $ret = Events::fire('on_page_output', $pageContent); if($ret != '') { print $ret; } else { print $pageContent; } if ($view instanceof Page) { if ($view->supportsPageCache($_pageBlocks, $this->controller)) { $view->addToPageCache($pageContent); } } } else { throw new Exception(t('File %s not found. All themes need default.php and view.php files in them. Consult concrete5 documentation on how to create these files.', $this->theme)); } Events::fire('on_render_complete', $this); if (ob_get_level() == OB_INITIAL_LEVEL) { require(DIR_BASE_CORE . '/startup/shutdown.php'); exit; } } catch(ADODB_Exception $e) { // if it's a database exception we go here. if (Config::get('SITE_DEBUG_LEVEL') == DEBUG_DISPLAY_ERRORS) { $this->renderError(t('An unexpected error occurred.'), $e->getMessage(), $e); } else { $this->renderError(t('An unexpected error occurred.'), t('A database error occurred while processing this request.'), $e); } // log if setup to do so if (ENABLE_LOG_ERRORS) { $l = new Log(LOG_TYPE_EXCEPTIONS, true, true); $l->write(t('Exception Occurred: ') . $e->getMessage()); $l->write($e->getTraceAsString()); $l->close(); } } catch (Exception $e) { $this->renderError(t('An unexpected error occurred.'), $e->getMessage(), $e); // log if setup to do so if (ENABLE_LOG_ERRORS) { $l = new Log(LOG_TYPE_EXCEPTIONS, true, true); $l->write(t('Exception Occurred: ') . $e->getMessage()); $l->write($e->getTraceAsString()); $l->close(); } } }
<?php defined('C5_EXECUTE') or die("Access Denied."); $u = new User(); $form = Loader::helper('form'); $ci = Loader::helper('concrete/urls'); $f = File::getByID($_REQUEST['fID']); $fv = $f->getApprovedVersion(); $fp = new Permissions($f); if (!$fp->canWrite()) { die(t("Access Denied.")); } $to = $fv->getTypeObject(); if ($to->getPackageHandle() != '') { Loader::packageElement('files/edit/' . $to->getEditor(), $to->getPackageHandle(), array('fv' => $fv)); } else { Loader::element('files/edit/' . $to->getEditor(), array('fv' => $fv)); }
$statusMessage .= " " . t('Only administrators can approve a multi-page delete operation.'); } } else { if ($children == 0 && $cp->canApproveCollection() && (!$c->isCheckedOut() || $c->isCheckedOut() && $c->isEditMode())) { $statusMessage .= " <a href='" . DIR_REL . "/" . DISPATCHER_FILENAME . "?cID=" . $c->getCollectionID() . "&ctask=approve_pending_action" . $token . "'>" . t('Approve Delete') . "</a> | <a href='" . DIR_REL . "/" . DISPATCHER_FILENAME . "?cID=" . $c->getCollectionID() . "&ctask=clear_pending_action" . $token . "'>" . t('Cancel') . "</a>"; } } } } } if ($c->isMasterCollection()) { $statusMessage .= $statusMessage ? "<br/>" : ""; $statusMessage .= t('Page Defaults for') . ' "' . $c->getCollectionTypeName() . '" ' . t("page type"); $statusMessage .= "<br/>" . t('(All edits take effect immediately)'); } if ($dh->canRead() || $cp->canWrite() || $cp->canAddSubContent() || $cp->canAdminPage() || $cp->canApproveCollection()) { $cID = $c->getCollectionID(); ?> menuHTML += '<div id="ccm-page-controls-wrapper" class="ccm-ui">'; menuHTML += '<div id="ccm-toolbar">'; menuHTML += '<ul id="ccm-main-nav">'; menuHTML += '<li id="ccm-logo-wrapper"><?php echo Loader::helper('concrete/interface')->getToolbarLogoSRC(); ?> </li>';
"> <div class="arrow"></div> <div class="popover-inner"> <ul class="dropdown-menu"> <?php if ($btOriginal->getBlockTypeHandle() == BLOCK_HANDLE_STACK_PROXY) { if (is_object($_bo)) { $bi = $_bo->getInstance(); } else { $bi = $b->getInstance(); } $stack = Stack::getByID($bi->stID); if (is_object($stack)) { $sp = new Permissions($stack); if ($sp->canWrite()) { ?> <li><a href="<?php echo View::url('/dashboard/blocks/stacks', 'view_details', $stack->getCollectionID()); ?> "><?php echo t("Manage Stack Contents"); ?> </a></li> <?php } } } else { if ($p->canEditBlock() && $b->isEditable()) {
.arHandle = "<?php echo $arHandle; ?> "; ccm_areaMenuObj<?php echo $a->getAreaID(); ?> .canAddBlocks = <?php echo $ap->canAddBlocks(); ?> ; ccm_areaMenuObj<?php echo $a->getAreaID(); ?> .canWrite = <?php echo $ap->canWrite(); ?> ; <?php if ($cp->canAdmin() && PERMISSIONS_MODEL != 'simple') { ?> ccm_areaMenuObj<?php echo $a->getAreaID(); ?> .canModifyGroups = true; <?php } ?> <?php if ($ap->canWrite() && ENABLE_AREA_LAYOUTS == true && !$c->isMasterCollection()) { ?>
<?php defined('C5_EXECUTE') or die("Access Denied."); $f = File::getByID($_REQUEST['fID']); $fp = new Permissions($f); if (is_object($f) && $fp->canWrite()) { $to = $f->getTypeObject(); if ($to->getGenericType() == FileType::T_IMAGE) { $imp = Loader::helper('concrete/image'); $width = $f->getAttribute('width'); $height = $f->getAttribute('height'); $ext = $f->getExtension(); $viewPortW = $_POST["viewPortW"]; $viewPortH = $_POST["viewPortH"]; $pWidth = $_POST["imageW"]; $pHeight = $_POST["imageH"]; $image = $imp->startImageProcess($f); if ($image) { $width = imagesx($image); $height = imagesy($image); // Resample $image_p = imagecreatetruecolor($pWidth, $pHeight); $imp->setTransparency($image, $image_p, $ext); imagecopyresampled($image_p, $image, 0, 0, 0, 0, $pWidth, $pHeight, $width, $height); imagedestroy($image); $widthR = imagesx($image_p); $heightR = imagesy($image_p); $selectorX = $_POST["selectorX"]; $selectorY = $_POST["selectorY"]; if ($_POST["imageRotate"]) { $angle = 360 - $_POST["imageRotate"];
if ($error['type'] == E_ERROR) { print '<li><div class="ccm-error">' . t('Unable to rescan %s. Error encountered: %s. Rescan halted.', $fv->getTitle(), $error['message']) . '</div></li>'; } } } $searchInstance = $_REQUEST['searchInstance']; register_shutdown_function('shutdownRescan'); $u = new User(); $form = Loader::helper('form'); print '<ol>'; $fcnt = 0; if (is_array($_REQUEST['fID'])) { foreach ($_REQUEST['fID'] as $fID) { $f = File::getByID($fID); $fp = new Permissions($f); if ($fp->canWrite()) { $fcnt++; $fv = $f->getApprovedVersion(); $resp = $fv->refreshAttributes(); switch ($resp) { case File::F_ERROR_FILE_NOT_FOUND: print '<li><div class="ccm-error">' . t('File <strong>%s</strong> could not be found.', $fv->getFilename()) . '</div></li>'; break; default: print '<li>'; print t('File <strong>%s</strong> has been rescanned', $fv->getFileName()) . '</li>'; break; } } } }
}else foreach($globalScrapbookBlocks as $b) { $b->setBlockAreaObject($globalScrapbookArea); $bv = new BlockView(); $bt = BlockType::getByID( $b->getBlockTypeID() ); $bp = new Permissions($b); $btIcon = $ci->getBlockTypeIconURL($bt); //give this block a name if it doesn't have one if( !strlen($b->getBlockName()) ){ $b->updateBlockName( $scrapbookName.' '.intval($b->bID) ); } ?> <div class="ccm-scrapbook-list-item" id="ccm-scrapbook-list-item-<?=intval($b->bID)?>"> <div class="ccm-block-type"> <div class="options"> <? if ($bp->canWrite()) { ?> <a href="javascript:void(0)" onclick="GlobalScrapbook.toggleRename(<?=intval($b->bID) ?>)"><?=t('Rename')?></a> | <a href="javascript:void(0)" onclick="GlobalScrapbook.editBlockTemplate(<?=intval($b->bID) ?>)" ><?=t('Custom Template')?></a> | <? if (ENABLE_CUSTOM_DESIGN == true) { ?> <a href="javascript:void(0)" onclick="GlobalScrapbook.editBlockDesign(<?=intval($b->bID) ?>)" ><?=t('Design')?></a> | <? } ?> <a href="javascript:void(0)" onclick="GlobalScrapbook.editBlock(<?=intval($b->bID) ?>,<?=$bt->getBlockTypeInterfaceWidth()?> , <?=$bt->getBlockTypeInterfaceHeight()?> )" ><?=t('Edit')?></a> | <? } ?> <? if (PERMISSIONS_MODEL != 'simple' && $bp->canAdmin()) { ?> <a href="javascript:void(0)" onclick="GlobalScrapbook.editBlockPermissions(<?=$b->getBlockID()?>)" ><?=t('Permissions')?></a>
} else { $canViewPane = $cp->canAddSubCollection($ct); } } break; case 'add_external': $toolSection = "collection_add_external"; $divID = 'ccm-edit-collection-external'; $canViewPane = $cp->canAddExternalLink(); break; case 'delete_external': $toolSection = "collection_delete_external"; $divID = 'ccm-delete-collection-external'; $cparent = Page::getByID($c->getCollectionParentID(), "RECENT"); $cparentP = new Permissions($cparent); $canViewPane = $cparentP->canWrite(); break; case 'edit_external': $toolSection = "collection_edit_external"; $divID = 'ccm-edit-collection-external'; $canViewPane = $cp->canEditPageProperties(); break; } if (!isset($divID)) { $divID = 'ccm-edit-collection'; } if (!$canViewPane) { die(t("Access Denied.")); } ?>