Exemplo n.º 1
0
/**
 * this only saves the jQuery core and UI settings, as the plugins are saved
 * at once via AJAX
 **/
function saveHeaderfiles($backend)
{
    $data = CAT_Helper_Page::getExtraHeaderFiles(0);
    if (CAT_Helper_Validate::sanitizePost('use_core') == 'on') {
        $use_core = 'Y';
    } else {
        $use_core = 'N';
    }
    if (CAT_Helper_Validate::sanitizePost('use_ui') == 'on') {
        $use_ui = 'Y';
    } else {
        $use_ui = 'N';
    }
    if (count($data)) {
        $query = 'UPDATE `:prefix:pages_headers` SET `use_core`=:value1, `use_ui`=:value2 WHERE `page_id`=:page_id';
    } else {
        $query = 'INSERT INTO `:prefix:pages_headers` ( `page_id`, `use_core`, `use_ui` ) VALUES ( :page_id, :value1, :value2 )';
    }
    CAT_Helper_Page::getInstance(1)->db()->query($query, array('page_id' => 0, 'value1' => $use_core, 'value2' => $use_ui));
}
Exemplo n.º 2
0
 /**
  * let admin set access permissions for modules of type 'page' and 'tool'
  *
  * @access public
  * @return
  **/
 public static function setModulePermissions($addon_info)
 {
     $self = self::getInstance();
     $check_permission = $addon_info['addon_function'] . '_permissions';
     // get groups
     $stmt = $self->db()->query('SELECT * FROM `:prefix:groups` WHERE group_id <> 1');
     if ($stmt->rowCount() > 0) {
         $group_ids = CAT_Helper_Validate::sanitizePost('group_id');
         $allowed_groups = array();
         // get marked groups
         if (is_array($group_ids)) {
             foreach ($group_ids as $gid) {
                 $allowed_groups[$gid] = $gid;
             }
         }
         // get all known groups
         $groups = array();
         while ($row = $stmt->fetchRow(MYSQL_ASSOC)) {
             $groups[$row['group_id']] = $row;
             $gid = $row['group_id'];
             // add newly installed module to any group that's NOT in the $allowed_groups array
             if (!array_key_exists($gid, $allowed_groups)) {
                 // get current value
                 $addons = explode(',', $groups[$gid][$check_permission]);
                 // add newly installed module
                 $addons[] = $addon_info['module_directory'];
                 $addons = array_unique($addons);
                 asort($addons);
                 // Update the database
                 $addon_permissions = implode(',', $addons);
                 $self->db()->query(sprintf('UPDATE `:prefix:groups` SET `%s`=:val WHERE `group_id`=:id', $check_permission), array('val' => $addon_permissions, 'id' => $gid));
                 if ($self->db()->isError()) {
                     self::printError($self->db()->getError());
                     return false;
                 }
             }
         }
         return true;
     } else {
         return true;
     }
 }
Exemplo n.º 3
0
        if (empty($sub)) {
            continue;
        }
        $dir .= '/' . $sub;
        if (file_exists($dir . '/framework/class.secure.php')) {
            include $dir . '/framework/class.secure.php';
            $inc = true;
            break;
        }
    }
    if (!$inc) {
        trigger_error(sprintf("[ <b>%s</b> ] Can't include class.secure.php!", $_SERVER['SCRIPT_NAME']), E_USER_ERROR);
    }
}
// handle upload
if (CAT_Helper_Validate::sanitizePost('upload') && isset($_FILES['userfile']) && is_array($_FILES['userfile'])) {
    $p = CAT_Helper_Upload::getInstance($_FILES['userfile'], CAT_PATH . '/temp');
    $p->file_overwrite = true;
    $p->process(CAT_PATH . '/temp');
    if ($p->processed) {
        $subdir = $p->file_dst_name_body;
        $z = CAT_Helper_Zip::getInstance(CAT_PATH . '/temp/' . $p->file_dst_name)->config('Path', CAT_PATH . '/modules/lib_jquery/plugins/' . $subdir);
        $z->extract();
    }
}
// get already installed plugins
$files = CAT_Helper_Directory::getInstance()->maxRecursionDepth(0)->getDirectories(CAT_PATH . '/modules/lib_jquery/plugins', CAT_PATH . '/modules/lib_jquery/plugins/');
$readmes = jqpmgr_getReadmes($files);
$parser->setPath(CAT_PATH . '/modules/jquery_plugin_mgr/templates/default');
$parser->output('tool', array('plugins' => $files, 'readmes' => $readmes));
function jqpmgr_getReadmes($plugins)
Exemplo n.º 4
0
            // required for certain browsers
            header("Content-Type: application/zip");
            header("Content-Disposition: attachment; filename=\"" . basename($filename) . "\";");
            header("Content-Transfer-Encoding: binary");
            header("Content-Length: " . filesize($filename));
            readfile("{$filename}");
            exit;
        }
    } else {
        echo CAT_Helper_Validate::getInstance()->lang()->translate("File not found") . ": " . str_ireplace(array(str_replace('\\', '/', CAT_PATH), '\\'), array('/abs/path/to', '/'), $file);
    }
    exit;
}
// remove
if (CAT_Helper_Validate::sanitizePost('remove')) {
    $date = CAT_Helper_Validate::sanitizePost('remove');
    $file = CAT_Helper_Directory::sanitizePath(CAT_PATH . '/temp/logs/log_' . $date . '.txt');
    if (file_exists($file)) {
        unlink($file);
    } else {
        echo CAT_Helper_Validate::getInstance()->lang()->translate("File not found") . ": " . str_ireplace(array(str_replace('\\', '/', CAT_PATH), '\\'), array('/abs/path/to', '/'), $file);
    }
    exit;
}
// clean up log files (older than 24 hours and size 0)
$files = CAT_Helper_Directory::findFiles('log_\\d{4}-\\d{2}-\\d{2}\\.txt', CAT_PATH . '/temp');
if (count($files)) {
    foreach ($files as $f) {
        if (filemtime($f) < time() - 24 * 60 * 60 && filesize($f) == 0) {
            unlink($f);
        }
Exemplo n.º 5
0
 /**
  *  Print the admin header
  *
  *  @access public
  *  @return void
  */
 public function print_header()
 {
     global $parser;
     $tpl_data = array();
     $addons = CAT_Helper_Addons::getInstance();
     $user = CAT_Users::getInstance();
     // Connect to database and get website title
     if (!CAT_Registry::exists('WEBSITE_TITLE')) {
         $title = $this->db()->query("SELECT `value` FROM `:prefix:settings` WHERE `name`='website_title'")->fetchColumn();
         CAT_Registry::define('WEBSITE_TITLE', $title, true);
     }
     // check current URL for page tree
     $uri = CAT_Helper_Validate::get('_SERVER', 'SCRIPT_NAME');
     // init template search paths
     self::initPaths();
     // =================================
     // ! Add permissions to $tpl_data
     // =================================
     $tpl_data['permission']['pages'] = $user->checkPermission('pages', 'pages', false);
     $tpl_data['permission']['pages_add'] = $user->checkPermission('pages', 'pages_add', false);
     $tpl_data['permission']['pages_add_l0'] = $user->checkPermission('pages', 'pages_add_l0', false);
     $tpl_data['permission']['pages_modify'] = $user->checkPermission('pages', 'pages_modify', false);
     $tpl_data['permission']['pages_delete'] = $user->checkPermission('pages', 'pages_delete', false);
     $tpl_data['permission']['pages_settings'] = $user->checkPermission('pages', 'pages_settings', false);
     $tpl_data['permission']['pages_intro'] = $user->checkPermission('pages', 'pages_intro', false) != true || INTRO_PAGE != 'enabled' ? false : true;
     if ($tpl_data['permission']['pages'] == true) {
         $tpl_data['DISPLAY_MENU_LIST'] = CAT_Registry::get('MULTIPLE_MENUS') != false ? true : false;
         $tpl_data['DISPLAY_LANGUAGE_LIST'] = CAT_Registry::get('PAGE_LANGUAGES') != false ? true : false;
         $tpl_data['DISPLAY_SEARCHING'] = CAT_Registry::get('SEARCH') != false ? true : false;
         // ==========================
         // ! Get info for pagesTree
         // ==========================
         $pages = CAT_Helper_Page::getPages(true);
         $sections = CAT_Helper_Page::getSections();
         // create LI content for ListBuilder
         foreach ($pages as $i => $page) {
             if (isset($sections[$page['page_id']]) && count($sections[$page['page_id']])) {
                 $page['page_title'] .= "\n" . count($sections[$page['page_id']]) . ' ' . $user->lang()->translate('active sections') . ':';
                 foreach ($sections[$page['page_id']] as $block_id => $section) {
                     foreach ($section as $item) {
                         $page['page_title'] .= "\n" . $item['module'] . ' (ID:' . $item['section_id'] . ')';
                     }
                 }
             }
             $text = $parser->get('backend_pagetree_item', array_merge($page, array('action' => pathinfo($uri, PATHINFO_FILENAME) == 'lang_settings' ? 'lang_settings' : 'modify')));
             $pages[$i]['text'] = $text;
         }
         // list of first level of pages
         $tpl_data['pages'] = CAT_Helper_ListBuilder::getInstance()->config(array('__li_level_css' => true, '__li_id_prefix' => 'pageid_', '__li_css_prefix' => 'fc_page_', '__li_has_child_class' => 'fc_expandable', '__is_open_key' => 'be_tree_is_open', '__li_is_open_class' => 'fc_tree_open', '__li_is_closed_class' => 'fc_tree_close', '__title_key' => 'text'))->tree($pages, 0);
         // number of editable pages (for current user)
         $tpl_data['pages_editable'] = CAT_Helper_Page::getEditable();
         // ==========================================
         // ! Get info for the form to add new pages
         // ==========================================
         $tpl_data['templates'] = $addons->get_addons(CAT_Registry::get('DEFAULT_TEMPLATE'), 'template', 'template');
         $tpl_data['languages'] = $addons->get_addons(CAT_Registry::get('DEFAULT_LANGUAGE'), 'language');
         $tpl_data['modules'] = $addons->get_addons('wysiwyg', 'module', 'page');
         $tpl_data['groups'] = $user->get_groups();
         // ===========================================
         // ! Check and set permissions for templates
         // ===========================================
         foreach ($tpl_data['templates'] as $key => $template) {
             $tpl_data['templates'][$key]['permissions'] = $user->get_permission($template['VALUE'], 'template') ? true : false;
         }
     }
     // =========================
     // ! Add Metadatas to Dwoo
     // =========================
     $tpl_data['META']['CHARSET'] = true === defined('DEFAULT_CHARSET') ? DEFAULT_CHARSET : 'utf-8';
     $tpl_data['META']['LANGUAGE'] = strtolower(CAT_Registry::get('LANGUAGE'));
     $tpl_data['META']['WEBSITE_TITLE'] = WEBSITE_TITLE;
     $tpl_data['CAT_VERSION'] = CAT_Registry::get('CAT_VERSION');
     $tpl_data['CAT_CORE'] = CAT_Registry::get('CAT_CORE');
     $tpl_data['PAGE_EXTENSION'] = CAT_Registry::get('PAGE_EXTENSION');
     $date_search = array('Y', 'j', 'n', 'jS', 'l', 'F');
     $date_replace = array('yy', 'y', 'm', 'd', 'DD', 'MM');
     $tpl_data['DATE_FORMAT'] = str_replace($date_search, $date_replace, CAT_Registry::get('CAT_DATE_FORMAT'));
     $time_search = array('H', 'i', 's', 'g');
     $time_replace = array('hh', 'mm', 'ss', 'h');
     $tpl_data['TIME_FORMAT'] = str_replace($time_search, $time_replace, CAT_Registry::get('TIME_FORMAT'));
     $tpl_data['SESSION'] = session_name();
     $tpl_data['HEAD']['SECTION_NAME'] = $this->lang()->translate(strtoupper(self::$instance->section_name));
     $tpl_data['DISPLAY_NAME'] = $user->get_display_name();
     $tpl_data['USER'] = $user->get_user_details($user->get_user_id());
     // ===================================================================
     // ! Add arrays for main menu, options menu and the Preferences-Button
     // ===================================================================
     $tpl_data['MAIN_MENU'] = array();
     $tpl_data['MAIN_MENU'][0] = array('link' => CAT_ADMIN_URL . '/start/index.php', 'title' => $this->lang()->translate('Start'), 'permission_title' => 'start', 'permission' => $user->checkPermission('start', 'start') ? true : false, 'current' => 'start' == strtolower($this->section_name) ? true : false);
     $tpl_data['MAIN_MENU'][1] = array('link' => CAT_ADMIN_URL . '/media/index.php', 'title' => $this->lang()->translate('Media'), 'permission_title' => 'media', 'permission' => $user->checkPermission('media', 'media') ? true : false, 'current' => 'media' == strtolower($this->section_name) ? true : false);
     $tpl_data['MAIN_MENU'][2] = array('link' => CAT_ADMIN_URL . '/settings/index.php', 'title' => $this->lang()->translate('Settings'), 'permission_title' => 'settings', 'permission' => $user->checkPermission('settings', 'settings') ? true : false, 'current' => 'settings' == strtolower($this->section_name) ? true : false);
     $tpl_data['MAIN_MENU'][3] = array('link' => CAT_ADMIN_URL . '/addons/index.php', 'title' => $this->lang()->translate('Addons'), 'permission_title' => 'addons', 'permission' => $user->checkPermission('addons', 'addons') ? true : false, 'current' => 'addons' == strtolower($this->section_name) ? true : false);
     $tpl_data['MAIN_MENU'][4] = array('link' => CAT_ADMIN_URL . '/admintools/index.php', 'title' => $this->lang()->translate('Admin-Tools'), 'permission_title' => 'admintools', 'permission' => $user->checkPermission('admintools', 'admintools') ? true : false, 'current' => 'admintools' == strtolower($this->section_name) ? true : false);
     $tpl_data['MAIN_MENU'][5] = array('link' => CAT_ADMIN_URL . '/users/index.php', 'title' => $this->lang()->translate('Access'), 'permission_title' => 'access', 'permission' => $user->checkPermission('access', 'access') ? true : false, 'current' => 'access' == strtolower($this->section_name) ? true : false);
     // =======================================
     // ! Seperate access-link by permissions
     // =======================================
     if ($user->get_permission('users')) {
         $tpl_data['MAIN_MENU'][5]['link'] = CAT_ADMIN_URL . '/users/index.php';
     } elseif ($user->get_permission('groups')) {
         $tpl_data['MAIN_MENU'][5]['link'] = CAT_ADMIN_URL . '/groups/index.php';
     }
     $tpl_data['PREFERENCES'] = array('link' => CAT_ADMIN_URL . '/preferences/index.php', 'title' => $this->lang()->translate('Preferences'), 'permission_title' => 'preferences', 'permission' => $this->get_link_permission('preferences') ? true : false, 'current' => 'preferences' == strtolower($this->section_name) ? true : false);
     $tpl_data['section_name'] = strtolower($this->section_name);
     $tpl_data['page_id'] = CAT_Helper_Validate::sanitizeGet('page_id', 'numeric') && CAT_Helper_Validate::sanitizeGet('page_id') != '' ? CAT_Helper_Validate::sanitizeGet('page_id') : (CAT_Helper_Validate::sanitizePost('page_id', 'numeric') && CAT_Helper_Validate::sanitizePost('page_id') != '' ? CAT_Helper_Validate::sanitizePost('page_id') : false);
     // ====================
     // ! Parse the header
     // ====================
     $parser->output('header', $tpl_data);
 }
Exemplo n.º 6
0
    }
    if (file_exists($root . '/framework/class.secure.php')) {
        include $root . '/framework/class.secure.php';
    } else {
        trigger_error(sprintf("[ <b>%s</b> ] Can't include class.secure.php!", $_SERVER['SCRIPT_NAME']), E_USER_ERROR);
    }
}
$backend = CAT_Backend::getInstance('Access', 'groups', false);
$users = CAT_Users::getInstance();
header('Content-type: application/json');
if (!$users->checkPermission('Access', 'groups')) {
    $ajax = array('message' => $backend->lang()->translate('You do not have the permission to view groups'), 'success' => false);
    print json_encode($ajax);
    exit;
}
$group_id = CAT_Helper_Validate::sanitizePost('id', 'numeric');
if (!$group_id) {
    $ajax = array('message' => $backend->lang()->translate('You sent an invalid value'), 'success' => false);
    print json_encode($ajax);
    exit;
}
$get_group = $backend->db()->query("SELECT * FROM `:prefix:groups` WHERE group_id = :id", array('id' => $group_id));
$members = array();
$group_members = $users->getMembers($group_id);
if (count($group_members)) {
    foreach ($group_members as $member) {
        $members[] = $member['display_name'] . ' (' . $member['username'] . ')';
    }
}
// ==============================================
// ! Insert admin group and current group first
Exemplo n.º 7
0
 public function get_post_escaped($field)
 {
     return CAT_Helper_Validate::sanitizePost($field, NULL, true);
 }
Exemplo n.º 8
0
            $backend->print_error('Cannot save file', CAT_ADMIN_URL . '/pages/modify.php?page_id=' . $page_id);
        } else {
            $backend->print_success('Success', CAT_ADMIN_URL . '/pages/modify.php?page_id=' . $page_id);
        }
    }
} else {
    if (!CAT_Helper_Validate::sanitizePost('edit_file')) {
        // find JS files
        $js = CAT_Helper_Directory::getInstance()->maxRecursionDepth(5)->setSuffixFilter(array('js'))->scanDirectory($path, true, true, $path);
        // find CSS files
        $css = CAT_Helper_Directory::getInstance()->maxRecursionDepth(5)->setSuffixFilter(array('css'))->scanDirectory($path, true, true, $path);
        $list = true;
    } else {
        $file = CAT_Helper_Directory::sanitizePath($path . '/' . CAT_Helper_Validate::sanitizePost('edit_file'));
        if (!file_exists($file)) {
            $backend->printFatalError("No such file");
        }
        $in = fopen($file, 'r');
        $code = fread($in, filesize($file));
        fclose($in);
        if (file_exists(CAT_PATH . '/modules/edit_area/include.php')) {
            include_once CAT_PATH . '/modules/edit_area/include.php';
            ea_syntax('css');
            $js = show_wysiwyg_editor('code', 'code', $code, '100%', '350px', false);
            $code = NULL;
        }
    }
    $page = CAT_Helper_Page::properties($page_id);
    $parser->output('backend_addons_editfile.tpl', array('code' => $code, 'js' => $js, 'css' => $css, 'page_id' => $page_id, 'section_id' => $section_id, 'mod_dir' => CAT_Helper_Validate::sanitizePost('mod_dir'), 'edit_file' => CAT_Helper_Validate::sanitizePost('edit_file'), 'list' => $list, 'PAGE_TITLE' => $page['page_title'], 'PAGE_ID' => $page_id, 'PAGE_HEADER' => $backend->lang()->translate('Modify file')));
}
$backend->print_footer();
Exemplo n.º 9
0
    } else {
        trigger_error(sprintf("[ <b>%s</b> ] Can't include class.secure.php!", $_SERVER['SCRIPT_NAME']), E_USER_ERROR);
    }
}
require_once dirname(__FILE__) . '/../../config.php';
require_once dirname(__FILE__) . '/../../framework/functions.php';
$backend = CAT_Backend::getInstance('Addons', 'addons', false);
$users = CAT_Users::getInstance();
header('Content-type: application/json');
if (!$users->checkPermission('Addons', 'addons')) {
    $ajax = array('message' => $backend->lang()->translate("Sorry, but you don't have the permissions for this action"), 'success' => false);
    print json_encode($ajax);
    exit;
}
$module = CAT_Helper_Validate::sanitizePost('module');
$type = CAT_Helper_Validate::sanitizePost('type');
if (CAT_Helper_Addons::isModuleInstalled($module, NULL, $type)) {
    $info = CAT_Helper_Addons::checkInfo(CAT_Helper_Directory::sanitizePath(CAT_PATH . '/' . $type . 's/' . $module));
} else {
    $path = CAT_Helper_Directory::sanitizePath(CAT_PATH . '/' . $type . '/' . $module . ($type == 'languages' ? '.php' : ''));
    $info = CAT_Helper_Addons::checkInfo($path);
}
if (!is_array($info) || !count($info)) {
    $ajax = array('message' => $backend->lang()->translate("No Addon info available, seems to be an invalid addon!"), 'success' => false);
    print json_encode($ajax);
    exit;
}
$addon = array('type' => $info['addon_function'], 'installed' => NULL, 'upgraded' => NULL, 'removable' => 'Y');
foreach ($info as $key => $value) {
    $key = preg_replace('/^(module_|addon_)/i', '', $key);
    $addon[$key] = $value;