function getContent($pageId, $action, $userId, $permission, $recursed = 0) { if ($action == "login") { if ($userId == 0) { ///Commented the requirement of login.lib.php because it is already included in /index.php //require_once("login.lib.php"); $newUserId = login(); if (is_numeric($newUserId)) { return getContent($pageId, "view", $newUserId, getPermissions($newUserId, $pageId, "view"), 0); } else { return $newUserId; } ///<The login page } else { displayinfo("You are logged in as " . getUserName($userId) . "! Click <a href=\"./+logout\">here</a> to logout."); } return getContent($pageId, "view", $userId, getPermissions($userId, $pageId, "view"), $recursed = 0); } if ($action == "profile") { if ($userId != 0) { require_once "profile.lib.php"; return profile($userId); } else { displayinfo("You need to <a href=\"./+login\">login</a> to view your profile.!"); } } if ($action == "logout") { if ($userId != 0) { $newUserId = resetAuth(); displayinfo("You have been logged out!"); global $openid_enabled; if ($openid_enabled == 'true') { displaywarning("If you logged in via Open ID, make sure you also log out from your Open ID service provider's website. Until then your session in this website will remain active !"); } return getContent($pageId, "view", $newUserId, getPermissions($newUserId, $pageId, "view"), 0); } else { displayinfo("You need to <a href=\"./+login\">login</a> first to logout!"); } } if ($action == "search") { require_once "search.lib.php"; $ret = getSearchBox(); if (isset($_POST['query'])) { $ret .= getSearchResultString($_POST['query']); } elseif (isset($_GET['query'])) { $ret .= getSearchResultString($_GET['query']); } return $ret; } if (isset($_GET['subaction']) && $_GET['subaction'] == 'getchildren') { if (isset($_GET['parentpath'])) { global $urlRequestRoot; require_once 'menu.lib.php'; $pidarr = array(); parseUrlReal(escape($_GET['parentpath']), $pidarr); $pid = $pidarr[count($pidarr) - 1]; $children = getChildren($pid, $userId); $response = array(); $response['path'] = escape($_GET['parentpath']); $response['items'] = array(); foreach ($children as $child) { $response['items'][] = array($urlRequestRoot . '/home' . escape($_GET['parentpath']) . $child[1], $child[2]); } //echo json_encode($response); exit; } } if ($permission != true) { if ($userId == 0) { $suggestion = "(Try <a href=\"./+login\">logging in?</a>)"; } else { $suggestion = ""; } displayerror("You do not have the permissions to view this page. {$suggestion}<br /><input type=\"button\" onclick=\"history.go(-1)\" value=\"Go back\" />"); return ''; } if ($action == "admin") { require_once "admin.lib.php"; return admin($pageId, $userId); } ///default actions also to be defined here (and not outside) /// Coz work to be done after these actions do involve the page $pagetype_query = "SELECT page_module, page_modulecomponentid FROM " . MYSQL_DATABASE_PREFIX . "pages WHERE page_id='" . escape($pageId) . "'"; $pagetype_result = mysql_query($pagetype_query); $pagetype_values = mysql_fetch_assoc($pagetype_result); if (!$pagetype_values) { displayerror("The requested page does not exist."); return ""; } $moduleType = $pagetype_values['page_module']; $moduleComponentId = $pagetype_values['page_modulecomponentid']; if ($action == "settings") { ///<done here because we needed to check if the page exists for sure. require_once "pagesettings.lib.php"; return pagesettings($pageId, $userId); } if ($action == "widgets") { return handleWidgetPageSettings($pageId); } if ($recursed == 0) { $pagetypeupdate_query = "UPDATE " . MYSQL_DATABASE_PREFIX . "pages SET page_lastaccesstime=NOW() WHERE page_id='" . escape($pageId) . "'"; $pagetypeupdate_result = mysql_query($pagetypeupdate_query); if (!$pagetypeupdate_result) { return '<div class="cms-error">Error No. 563 - An error has occured. Contact the site administators.</div>'; } } if ($moduleType == "link") { return getContent($moduleComponentId, $action, $userId, true, 1); } if ($action == "grant") { return grantPermissions($userId, $pageId); } if ($moduleType == "menu") { return getContent(getParentPage($pageId), $action, $userId, true, 1); } if ($moduleType == "external") { $query = "SELECT `page_extlink` FROM `" . MYSQL_DATABASE_PREFIX . "external` WHERE `page_modulecomponentid` =\n\t\t\t\t\t(SELECT `page_modulecomponentid` FROM `" . MYSQL_DATABASE_PREFIX . "pages` WHERE `page_id`= '" . escape($pageId) . "')"; $result = mysql_query($query); $values = mysql_fetch_array($result); $link = $values[0]; header("Location: {$link}"); } global $sourceFolder; global $moduleFolder; require_once $sourceFolder . "/" . $moduleFolder . "/" . $moduleType . ".lib.php"; $page = new $moduleType(); if (!$page instanceof module) { displayerror("The module \"{$moduleType}\" does not implement the inteface module</div>"); return ""; } $createperms_query = " SELECT * FROM " . MYSQL_DATABASE_PREFIX . "permissionlist where perm_action = 'create' AND page_module = '" . $moduleType . "'"; $createperms_result = mysql_query($createperms_query); if (mysql_num_rows($createperms_result) < 1) { displayerror("The action \"create\" does not exist in the module \"{$moduleType}\"</div>"); return ""; } $availableperms_query = "SELECT * FROM " . MYSQL_DATABASE_PREFIX . "permissionlist where perm_action != 'create' AND page_module = '" . $moduleType . "'"; $availableperms_result = mysql_query($availableperms_query); $permlist = array(); while ($value = mysql_fetch_assoc($availableperms_result)) { array_push($permlist, $value['perm_action']); } array_push($permlist, "view"); $class_methods = get_class_methods($moduleType); foreach ($permlist as $perm) { if (!in_array("action" . ucfirst($perm), $class_methods)) { displayerror("The action \"{$perm}\" does not exist in the module \"{$moduleType}\"</div>"); return ""; } } if ($action == "pdf") { if (isset($_GET['depth'])) { $depth = $_GET['depth']; } else { $depth = 0; } if (!is_numeric($depth)) { $depth = 0; } global $TITLE; global $sourceFolder; require_once "{$sourceFolder}/modules/pdf/html2fpdf.php"; $pdf = new HTML2FPDF(); $pdf->setModuleComponentId($moduleComponentId); $pdf->AddPage(); $pdf->WriteHTML($page->getHtml($userId, $moduleComponentId, "view")); $cp = array(); $j = 0; if ($depth == -1) { $cp = child($pageId, $userId, $depth); if ($cp[0][0]) { for ($i = 0; $cp[$i][0] != NULL; $i++) { require_once $sourceFolder . "/" . $moduleFolder . "/" . $cp[$i][2] . ".lib.php"; $page1 = new $cp[$i][2](); $modCompId = $cp[$i][5]; $pdf->setModuleComponentId($modCompId); $pdf->AddPage(); $pdf->WriteHTML($page1->getHtml($userId, $modCompId, "view")); } } } else { if ($depth > 0) { $cp = child($pageId, $userId, $depth); --$depth; while ($depth > 0) { $count = count($cp); for ($j; $j < $count; $j++) { $cp = array_merge((array) $cp, (array) child($cp[$j][0], $userId, $depth)); } --$depth; } if ($cp[0][0]) { for ($i = 0; isset($cp[$i]); $i++) { require_once $sourceFolder . "/" . $moduleFolder . "/" . $cp[$i][2] . ".lib.php"; $page1 = new $cp[$i][2](); $modCompId = $cp[$i][5]; $pdf->setModuleComponentId($modCompId); $pdf->AddPage(); $pdf->WriteHTML($page1->getHtml($userId, $modCompId, "view")); } } } } $filePath = $sourceFolder . "/uploads/temp/" . $TITLE . ".pdf"; while (file_exists($filePath)) { $filePath = $sourceFolder . "/uploads/temp/" . $TITLE . "-" . rand() . ".pdf"; } $pdf->Output($filePath); header("Pragma: public"); header("Expires: 0"); header("Cache-Control: must-revalidate, post-check=0, pre-check=0"); header("Cache-Control: private", false); header("Content-Type: application/pdf"); header("Content-Disposition: attachment; filename=\"" . basename($filePath) . "\";"); header("Content-Transfer-Encoding: binary"); header("Content-Length: " . filesize($filePath)); @readfile("{$filePath}"); unlink($filePath); } return $page->getHtml($userId, $moduleComponentId, $action); }
function firstTimeGetUserId() { global $cookieSupported; if ($cookieSupported) { if (isset($_SESSION['userId'])) { $user_id = $_SESSION['userId']; $sessionData = getSessionData($user_id); if ($_SESSION['data'] == $sessionData) { if (!isset($_GET['fileget'])) { global $cookie_timeout, $cookie_path; setcookie('PHPSESSID', $_COOKIE['PHPSESSID'], time() + $cookie_timeout, $cookie_path); } return $user_id; } else { resetAuth(); } return 0; } else { resetAuth(); } return 0; } else { resetAuth(); } return 0; }