/ hat mir nicht gefallen! */ if ($HTTP_POST_VARS["PREVIEW"]) { $hidedata["preview"]["content"] = "#(preview)"; $preview = intelilink($HTTP_POST_VARS["content"]); $preview = tagreplace($preview); $hidedata["preview"]["content"] .= nlreplace($preview); $form_values["content"] = $HTTP_POST_VARS["content"]; } // convert tag 2 html switch ($environment["parameter"][5]) { case "html": // content nach html wandeln $form_values["content"] = tagreplace($form_values["content"]); // intelligenten link tag bearbeiten $form_values["content"] = intelilink($form_values["content"]); // newlines nach br wandeln $form_values["content"] = nlreplace($form_values["content"]); // html db value aendern $form_values["html"] = -1; break; case "tag": // content nach cmstag wandeln ### // html db value aendern $form_values["html"] = 0; break; default: $form_values["html"] = 0; } // eWeBuKi tag schutz part 3
function content($line, $tname) { global $db, $debugging, $pathvars, $specialvars, $environment, $ausgaben, $rechte; if ($specialvars["crc32"] == -1) { if ($environment["ebene"] != "" && $tname == $environment["kategorie"]) { $dbtname = crc32($environment["ebene"]) . "." . $tname; if ($debugging["html_enable"]) { $debugging["ausgabe"] .= "crc32 tname \"" . $dbtname . "\" forced!!!" . $debugging["char"]; } } else { $dbtname = $tname; } } else { // ist das eine sub kategorie ? if ($environment["subkatid"] != "" && $tname == $environment["katid"]) { $dbtname = $tname . "." . $environment["subkatid"]; if ($debugging["html_enable"]) { $debugging["ausgabe"] .= "sub tname \"" . $dbtname . "\" forced!!!" . $debugging["char"]; } #$dbtname = $tname; } else { $dbtname = $tname; } } while (strstr($line, "#(")) { // wo beginnt die marke $labelbeg = strpos($line, "#("); // wo endet die marke (wichtig der offset!) $labelend = strpos($line, ")", $labelbeg); // wie lang ist die marke $labellen = $labelend - $labelbeg; // token name extrahieren $label = substr($line, $labelbeg + 2, $labellen - 2); $sql = "SELECT html, content FROM " . SITETEXT . " WHERE tname='" . $dbtname . "' AND lang='" . $environment["language"] . "' AND label='{$label}'"; #if ( $debugging["html_enable"] ) $debugging["ausgabe"] .= "sql: ".$sql.$debugging["char"]; $result = $db->query($sql); $row = $db->fetch_row($result); if (!is_array($row)) { // wenn "aktuelle sprache" = "default sprache" ueberfluessige fehlermeldung nicht anzeigen! if ($environment["language"] != $specialvars["default_language"]) { if ($debugging["html_enable"]) { $debugging["ausgabe"] .= "Language: \"" . $environment["language"] . "\" for #(" . $label . ") in template \"" . $dbtname . "\" not found using default: \"" . $specialvars["default_language"] . "\"" . $debugging["char"]; } } $sql = "SELECT html, content FROM " . SITETEXT . " WHERE tname='{$dbtname}' AND lang='" . $specialvars["default_language"] . "' AND label='{$label}'"; $result = $db->query($sql); $row = $db->fetch_row($result); } if ($row[1] == "") { if ($debugging["html_enable"]) { $debugging["ausgabe"] .= "Language: Uuuuups no default language \"" . $specialvars["default_language"] . "\" for #(" . $label . ") in template \"" . $dbtname . "\" found. Giving up!" . $debugging["char"]; } } // erlaubnis bei intrabvv speziell setzen global $HTTP_SESSION_VARS; $database = $db->getDb(); if (is_array($HTTP_SESSION_VARS["katzugriff"])) { if (in_array("-1:" . $database . ":" . $dbtname, $HTTP_SESSION_VARS["katzugriff"])) { $erlaubnis = -1; } } if (is_array($HTTP_SESSION_VARS["dbzugriff"])) { if (in_array($database, $HTTP_SESSION_VARS["dbzugriff"])) { $erlaubnis = -1; } } $replace = $row[1]; // cms edit link einblenden if ($rechte["cms_edit"] == -1 || $rechte["administration"] == -1 && $erlaubnis == -1) { // konvertieren ? if ($specialvars["wysiwyg"] == "" && $row[0] == -1) { $convert = ",,tag"; $signal = "c"; } elseif ($specialvars["wysiwyg"] != "" && $row[0] != -1) { $convert = ",,html"; $signal = "c"; } else { $convert = ""; $signal = "e"; } $editurl = $pathvars["virtual"] . "/cms/edit," . $db->getDb() . "," . $dbtname . "," . $label; // wenn es kein button ist if (!strstr($line, "value=\"")) { $replace .= " <a target=\"_top\" href=\"" . $editurl . $convert . ".html\"><img src=\"" . $pathvars["images"] . "cms-tag-" . $signal . ".png\" width=\"4\" height=\"4\" border=\"0\" alt=\"Bearbeiten\"></a>"; } else { $line = $line . " <a target=\"_top\" href=\"" . $editurl . ".html\"><img src=\"" . $pathvars["images"] . "cms-tag-" . $signal . ".png\" width=\"4\" height=\"4\" border=\"0\" alt=\"Bearbeiten\"></a>"; } } // wenn content nicht in html ist if ($row[0] != -1) { // intelligenten link tag bearbeiten $replace = intelilink($replace); // neues generelles tagreplace $replace = tagreplace($replace); // newlines nach br wandeln (muss zuletzt gemacht werden) $replace = nlreplace($replace); } // marke ersetzen if (strstr($line, "#(")) { $line = str_replace("#(" . $label . ")", $replace, $line); } } return $line; }
function content($line, $tname) { global $db, $debugging, $pathvars, $specialvars, $environment, $defaults, $ausgaben, $rechte; if ($specialvars["crc32"] == -1) { if ($environment["ebene"] != "" && $tname == $environment["kategorie"]) { $tname = crc32($environment["ebene"]) . "." . $tname; if ($debugging["html_enable"]) { $debugging["ausgabe"] .= "crc32 tname \"" . $tname . "\" forced!!!" . $debugging["char"]; } } } else { // ist das eine sub kategorie ? if ($environment["subkatid"] != "" && $tname == $environment["katid"]) { $tname = $tname . "." . $environment["subkatid"]; if ($debugging["html_enable"]) { $debugging["ausgabe"] .= "sub tname \"" . $tname . "\" forced!!!" . $debugging["char"]; } #$dbtname = $tname; } } while (strpos($line, "#(") !== false || strpos($line, "g(") !== false) { // wo beginnt die marke $labelbeg = strpos($line, "#("); $art = "#("; $bez = "# ("; $dbtname = $tname; if ($labelbeg === false) { $labelbeg = strpos($line, "g("); $art = "g("; $bez = "g ("; $dbtname = "global"; } // wo endet die marke (wichtig der offset!) $labelend = strpos($line, ")", $labelbeg); // wie lang ist die marke $labellen = $labelend - $labelbeg; // token name extrahieren $label = substr($line, $labelbeg + 2, $labellen - 2); if (strpos($label, ",") !== false) { break; } // javascript fix $sql = "SELECT html, content FROM " . SITETEXT . " WHERE tname='" . $dbtname . "' AND lang='" . $environment["language"] . "' AND label='{$label}'"; #if ( $debugging["html_enable"] ) $debugging["ausgabe"] .= "sql: ".$sql.$debugging["char"]; $result = $db->query($sql); $row = $db->fetch_row($result); if (!is_array($row)) { // wenn "aktuelle sprache" = "default sprache" ueberfluessige fehlermeldung nicht anzeigen! if ($environment["language"] != $specialvars["default_language"]) { if ($debugging["html_enable"]) { $debugging["ausgabe"] .= "Language: \"" . $environment["language"] . "\" for #(" . $label . ") in template \"" . $dbtname . "\" not found using default: \"" . $specialvars["default_language"] . "\"" . $debugging["char"]; } } $sql = "SELECT html, content FROM " . SITETEXT . " WHERE tname='{$dbtname}' AND lang='" . $specialvars["default_language"] . "' AND label='{$label}'"; $result = $db->query($sql); $row = $db->fetch_row($result); } if ($row[1] == "") { if ($debugging["html_enable"]) { $debugging["ausgabe"] .= "Language: Uuuuups no default language \"" . $specialvars["default_language"] . "\" for #(" . $label . ") in template \"" . $dbtname . "\" found. Giving up!" . $debugging["char"]; } } $database = $db->getDb(); if (is_array($_SESSION["dbzugriff"])) { // admin darf alles in seiner db !! if (in_array($database, $_SESSION["dbzugriff"]) && $rechte[$specialvars["security"]["overwrite"]] == -1) { $dbzugriff = -1; $katzugriff = -1; // sperre fuer bestimmte templates } elseif (in_array($tname, (array) $specialvars["security"]["nochk"])) { $katzugriff = FALSE; $dbzugriff = FALSE; // hier erfolgt der check wenn man kein admin ist und bei nicht gesperrten templates } else { if (right_check("-1", $environment["ebene"], $environment["kategorie"], $database) != "") { $dbzugriff = -1; $katzugriff = -1; } else { $katzugriff = FALSE; $dbzugriff = FALSE; } } } else { $dbzugriff = -1; // admin darf alles if ($rechte[$specialvars["security"]["overwrite"]] == -1) { $katzugriff = -1; // sperre fuer bestimmte templates } elseif (in_array($tname, (array) $specialvars["security"]["nochk"])) { $katzugriff = FALSE; // hier erfolgt der check wenn man kein admin ist und bei nicht gesperrten templates } else { if (right_check("-1", $environment["ebene"], $environment["kategorie"], $database) != "") { $katzugriff = -1; } else { $katzugriff = FALSE; } } } $replace = $row[1]; // wenn content nicht in html ist und deaktiviert wurde if ($row[0] != -1 && $specialvars["denyhtml"] == -1) { // html killer :) $pattern = "<[\\!\\/a-zA-Z].{0,}>"; while (preg_match("/" . $pattern . "/", $replace, $tag)) { $replace = str_replace($tag[0], " - html gelöscht! -", $replace); } } // cms edit link einblenden if ($specialvars["editlock"] == False) { // erlaubt wenn content_right nicht gesetzt und cms_edit = -1 if ($rechte["cms_edit"] == -1 && $specialvars["security"]["enable"] != -1 || $specialvars["security"]["enable"] == -1 && $katzugriff == -1 && $dbzugriff == -1) { // konvertieren ? if ($specialvars["wysiwyg"] == "" && $row[0] == -1) { $convert = ",,tag"; $signal = "c"; } elseif ($specialvars["wysiwyg"] != "" && $row[0] != -1) { $convert = ",,html"; $signal = "c"; } else { $convert = ""; $signal = "e"; } $editurl = $pathvars["virtual"] . "/cms/edit," . $db->getDb() . "," . $dbtname . "," . $label; if ($defaults["cms-tag"]["signal"] == "") { $defaults["cms-tag"]["signal"] = "<img src=\"/images/default/cms-tag-"; $defaults["cms-tag"]["/signal"] = ".png\" width=\"4\" height=\"4\" border=\"0\" alt=\"Bearbeiten\" />"; } // wenn es kein value, alt, title und status in der zeile gibt $vorher = substr($line, $labelbeg - 20, 20); if (!strpos($vorher, "value=\"") && !strpos($vorher, "alt=\"") && !strpos($vorher, "title=\"") && !strpos($vorher, "status='")) { $replace .= " <a target=\"_top\" href=\"" . $editurl . $convert . ".html\">" . $defaults["cms-tag"]["signal"] . $signal . $defaults["cms-tag"]["/signal"] . "</a>"; } else { #$line = $line."# (".$label.") <a target=\"_top\" href=\"".$editurl.$convert.".html\">".$defaults["cms-tag"]["signal"].$signal.$defaults["cms-tag"]["/signal"]."</a><br />\n"; #$ausgaben["inaccessible"] .= "# (".$label.") #(".$label.")<a target=\"_top\" href=\"".$editurl.$convert.".html\">".$defaults["cms-tag"]["signal"].$signal.$defaults["cms-tag"]["/signal"]."</a><br />\n"; $ausgaben["inaccessible"] .= $bez . $label . ") " . $art . $label . ")<br />\n"; } } } // wenn content nicht in html ist if ($row[0] != -1) { // intelligenten link tag bearbeiten $replace = intelilink($replace); // neues generelles tagreplace $replace = tagreplace($replace); // newlines nach br wandeln (muss zuletzt gemacht werden) $replace = nlreplace($replace); } // marke ersetzen if (strpos($line, $art) !== false) { $line = str_replace($art . $label . ")", $replace, $line); } } return $line; }
} $ausgaben["ce_tem_db"] = "DB: " . $environment["parameter"][1]; $ausgaben["ce_tem_name"] = "Template: " . $environment["parameter"][2]; $ausgaben["ce_tem_label"] = "Label: " . $environment["parameter"][3]; $ausgaben["ce_tem_convert"] = "Convert: " . $environment["parameter"][5]; $ausgaben["ce_tem_lang"] = "Sprache: " . $environment["language"]; $sql = "SELECT tid, html, content FROM " . SITETEXT . " WHERE tname='" . $environment["parameter"][2] . "' AND lang='" . $environment["language"] . "' AND label='" . $environment["parameter"][3] . "'"; $result = $db->query($sql); $data = $db->fetch_array($result, $nop); // convert tag 2 html switch ($environment["parameter"][5]) { case "html": // content nach html wandeln $data["content"] = tagreplace($data["content"]); // intelligenten link tag bearbeiten $data["content"] = intelilink($data["content"]); // newlines nach br wandeln $data["content"] = nlreplace($data["content"]); // html db value aendern $data["html"] = -1; break; case "tag": // content nach cmstag wandeln ### // html db value aendern $data["html"] = 0; break; } if ($data["html"] == "-1") { $ausgaben["ce_name"] = "content"; $ausgaben["ce_inhalt"] = $data["content"];
function content($line, $tname) { global $db, $debugging, $pathvars, $specialvars, $environment, $defaults, $ausgaben, $rechte, $eWeBuKi, $RightConcept; if ($specialvars["crc32"] == -1) { if ($environment["ebene"] != "" && $tname == $environment["kategorie"]) { $tname = eCRC($environment["ebene"]) . "." . $tname; if ($debugging["html_enable"]) { $debugging["ausgabe"] .= "crc32 tname \"" . $tname . "\" forced!!!" . $debugging["char"]; } } } else { // ist das eine sub kategorie ? if ($environment["subkatid"] != "" && $tname == $environment["katid"]) { $tname = $tname . "." . $environment["subkatid"]; if ($debugging["html_enable"]) { $debugging["ausgabe"] .= "sub tname \"" . $tname . "\" forced!!!" . $debugging["char"]; } #$dbtname = $tname; } } while (strpos($line, "#(") !== false || strpos($line, "g(") !== false) { // wo beginnt die marke $labelbeg = strpos($line, "#("); $art = "#("; $bez = "# ("; $dbtname = $tname; if ($labelbeg === false) { $labelbeg = strpos($line, "g("); $art = "g("; $bez = "g ("; $dbtname = "global"; } // wo endet die marke (wichtig der offset!) $labelend = strpos($line, ")", $labelbeg); // wie lang ist die marke $labellen = $labelend - $labelbeg; // token name extrahieren $label = substr($line, $labelbeg + 2, $labellen - 2); if (strpos($label, ",") !== false) { break; } // javascript fix if (preg_match("/^v[0-9]*\$/", $environment["parameter"][1], $regs) && ($rechte["view"] || $rechte["cms_edit"] == -1)) { $version_sql = "AND version=" . substr($environment["parameter"][1], 1); $version = substr($environment["parameter"][1], 1); } else { $version = ""; $version_sql = ""; } if ($specialvars["content_release"] == -1 && $version == "") { $content_release = "AND status>0"; } else { $content_release = ""; } $sql = "SELECT html, content\n FROM " . SITETEXT . "\n WHERE tname='" . $dbtname . "'\n AND lang='" . $environment["language"] . "'\n AND label='" . $label . "'\n " . $version_sql . "\n " . $content_release . "\n ORDER BY version DESC\n LIMIT 0,1"; #if ( $debugging["html_enable"] ) $debugging["ausgabe"] .= "sql: ".$sql.$debugging["char"]; $result = $db->query($sql); $row = $db->fetch_row($result); if (!is_array($row)) { // wenn "aktuelle sprache" = "default sprache" ueberfluessige fehlermeldung nicht anzeigen! if ($environment["language"] != $specialvars["default_language"]) { if ($debugging["html_enable"]) { $debugging["ausgabe"] .= "Language: \"" . $environment["language"] . "\" for #(" . $label . ") in template \"" . $dbtname . "\" not found using default: \"" . $specialvars["default_language"] . "\"" . $debugging["char"]; } } $sql = "SELECT html, content\n FROM " . SITETEXT . "\n WHERE tname='{$dbtname}'\n AND lang='" . $specialvars["default_language"] . "'\n AND label='{$label}'\n " . $version_sql . "\n " . $content_release . "\n ORDER BY version DESC\n LIMIT 0,1"; $result = $db->query($sql); $row = $db->fetch_row($result); } if ($row[1] == "") { if ($debugging["html_enable"]) { $debugging["ausgabe"] .= "Language: Uuuuups no default language \"" . $specialvars["default_language"] . "\" for #(" . $label . ") in template \"" . $dbtname . "\" found. Giving up!" . $debugging["char"]; } } $database = $db->getDb(); $replace = $row[1]; // wenn content nicht in html ist und deaktiviert wurde if ($row[0] != -1 && $specialvars["denyhtml"] == -1) { // html killer :) $pattern = "<[\\!\\/a-zA-Z].{0,}>"; while (preg_match("/" . $pattern . "/", $replace, $tag)) { $replace = str_replace($tag[0], " - html gelöscht! -", $replace); } } // eWeBuKi tag schutz part 1 (siehe part 2 (weiter unten), part 3 (cms.in.php), part 4 (function_rparser.inc.php)) if (strpos($replace, "[/E]") !== false) { $preg = "|\\[E\\](.*)\\[/E\\]|Us"; preg_match_all($preg, $replace, $match, PREG_PATTERN_ORDER); $mark_l = array("[/", "["); $hide_l = array("++", "**"); $mark_o = array("#(", "g(", "#{", "!#"); $hide_o = array("::1::", "::2::", "::3::", "::4::"); foreach ($match[0] as $key => $value) { $escape = str_replace($mark_l, $hide_l, $match[1][$key]); $escape = str_replace($mark_o, $hide_o, $escape); $replace = str_replace($value, "[E]" . $escape . "[/E]", $replace); } } // cms edit link einblenden $check = ""; if ($specialvars["editlock"] == False && $tname != "auth") { if ($specialvars["security"]["new"] == -1) { $check = priv_check('', $specialvars["security"]["content"], $specialvars["dyndb"]); } else { if ($rechte["cms_edit"] == -1) { $check = True; } } if ($check == True) { if ($defaults["section"]["label"] == "") { $defaults["section"]["label"] = "inhalt"; } if ($defaults["section"]["tag"] == "") { $defaults["section"]["tag"] = "[H"; } if ($specialvars["nosections"] != True && $label == $defaults["section"]["label"]) { if (is_array($defaults["section"]["tag"])) { // neue section-edit-marken $preg_search = str_replace(array("[", "]", "/"), array("\\[", "\\]", "\\/"), implode("|", $defaults["section"]["tag"])); $allcontent = preg_split("/(" . $preg_search . ")/", $replace, -1, PREG_SPLIT_DELIM_CAPTURE); $i = 0; foreach ($allcontent as $key => $value) { if (in_array($value, $defaults["section"]["tag"])) { $join[$i] = "{" . $i . "}" . $value; } else { $join[$i] .= $value; $i++; } } $replace = implode("", $join); } else { $allcontent = explode($defaults["section"]["tag"], $replace); foreach ($allcontent as $key => $value) { if ($key == 0) { $join[] = $value; } else { $parts = explode("]", $value, 2); $join[] = $parts[0] . "]{" . $key . "}" . $parts[1]; } } $replace = implode($defaults["section"]["tag"], $join); } } // konvertieren ? if ($specialvars["wysiwyg"] == "" && $row[0] == -1) { $convert = ",,tag"; $signal = "c"; } elseif ($specialvars["wysiwyg"] != "" && $row[0] != -1) { $convert = ",,html"; $signal = "c"; } else { $convert = ""; $signal = "e"; } if ($specialvars["old_contented"] == True) { $editurl = $pathvars["virtual"] . "/cms/edit," . $db->getDb() . "," . $dbtname . "," . $label; } else { $editurl_key = $pathvars["virtual"] . "/admin/contented/edit," . $db->getDb() . "," . $dbtname . "," . $label; $editurl = $pathvars["virtual"] . "/admin/contented/edit," . $db->getDb() . "," . $dbtname . "," . $label . ",,," . $version; } if ($defaults["cms-tag"]["link"] == "") { $defaults["cms-tag"]["link"] = "<a href=\"##url##\"><img src=\"/images/default/cms-tag-##signal##.png\" width=\"4\" height=\"4\" alt=\"Bearbeiten\" /></a>"; } // section verarbeitung if ($specialvars["nosections"] != True && $label == $defaults["section"]["label"]) { foreach ($allcontent as $key => $value) { $marken = array("##url##", "##signal##"); $ersatz = array($editurl_key . "," . $key . ",," . $version . ",.html", $signal); $replace = str_replace("{" . $key . "}", str_replace($marken, $ersatz, $defaults["cms-tag"]["link"]), $replace); } } // wenn es kein value, alt, title und status in der zeile gibt $vorher = substr($line, $labelbeg - 20, 20); if (!strpos($vorher, "value=\"") && !strpos($vorher, "alt=\"") && !strpos($vorher, "title=\"") && !strpos($vorher, "status='")) { $marken = array("##url##", "##signal##"); $ersatz = array($editurl . $convert . ".html", $signal); $replace .= str_replace($marken, $ersatz, $defaults["cms-tag"]["link"]); } else { $ausgaben["inaccessible"] .= $bez . $label . ") " . $art . $label . ")<br />\n"; } } } // wenn content nicht in html ist if ($row[0] != -1) { // intelligenten link tag bearbeiten $replace = intelilink($replace); // neues generelles tagreplace $replace = tagreplace($replace); // eWeBuKi tag schutz part 2 $replace = str_replace($hide_l, $mark_l, $replace); // newlines nach br wandeln (muss zuletzt gemacht werden) if ($specialvars["newbrmode"] != True) { $replace = nlreplace($replace); } } // marke ersetzen if (strpos($line, $art) !== false) { $line = str_replace($art . $label . ")", $replace, $line); } } return $line; }
if ($debugging["html_enable"]) { $debugging["ausgabe"] .= "[ ** " . $script["name"] . " ** ]" . $debugging["char"]; } $print = array("namen" => "iautor", "akkate" => "ikategorie", "schlagzeile" => "ititel", "edatum" => "ierstellt"); $sql = "SELECT * FROM " . $cfg["db"]["entries"] . " WHERE " . $cfg["db"]["key"] . "='" . $environment["parameter"][1] . "'"; $result = $db->query($sql); $data = $db->fetch_array($result, $nop); foreach ($print as $key => $value) { if ($key == "edatum") { $ausgaben[$key] = substr($data[$value], 8, 2) . "." . substr($data[$value], 5, 2) . "." . substr($data[$value], 0, 4); } else { $ausgaben[$key] = $data[$value]; } } // intelligenten link tag bearbeiten $replace = intelilink($data["itext"]); // neues generelles tagreplace $replace = tagreplace($replace); // newlines nach br wandeln (muss zuletzt gemacht werden) $ausgaben["output"] = nlreplace($replace); $ausgaben["uebersicht"] = "<a href=" . $cfg["basis"] . "/" . $cfg["ebene"]["zwei"] . ".html>Zurück zur Übersicht</a>"; $ausgaben["versenden"] = "<a href=" . $cfg["basis"] . "/" . $cfg["ebene"]["zwei"] . "/email,form," . $data["iid"] . ".html>Artikel empfehlen</a>"; if ($rechte[$cfg["right"]["red"]] == -1 || $rechte[$cfg["right"]["chf"]] == -1) { $ausgaben["edit"] = "<a href=" . $cfg["basis"] . "/" . $cfg["ebene"]["zwei"] . "/modify,edit," . $environment["parameter"][1] . ".html>Artikel editieren</a>"; } else { $ausgaben["edit"] = ""; } $mapping["navi"] = "leer"; $mapping["main"] = "1943315524.details"; if ($debugging["html_enable"]) { $debugging["ausgabe"] .= "<font color=\"#FF0000\">ATTENTION: template overwrite -> " . $mapping["main"] . ".tem.html</font>" . $debugging["char"];