Exemplo n.º 1
0
 public function checkSSL()
 {
     if ($this->requireSSL == 1) {
         global $c;
         $cp = new Permissions($c);
         if (isset($cp)) {
             if (!$cp->canWrite() && !$cp->canAddSubContent() && !$cp->canAdminPage() && !$cp->canApproveCollection()) {
                 if ($_SERVER['HTTPS'] != "on") {
                     $redirect = "https://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
                     header("Location:{$redirect}");
                 }
             }
         }
     }
 }
Exemplo n.º 2
0
							$successMessage = '"' . $oc->getCollectionName() . '" '.t('and all its children were successfully copied beneath').' "' . $dc->getCollectionName() . '"';
						}
					} else {
						$nc2 = $oc->duplicate($dc);
						if (is_object($nc2)) {
							$successMessage = '"' . $oc->getCollectionName() . '" '.t('was successfully copied beneath').' "' . $dc->getCollectionName() . '"';
						}
					}
					if (!is_object($nc2)) {
						$error = t("An error occurred while attempting the copy operation.");
					} else {
						$newCID = $nc2->getCollectionID();
					}
					break;
				case "MOVE":
					if ($dcp->canApproveCollection() && $ocp->canApproveCollection()) {
						$_SESSION['movePageSaveOldPagePath'] = $_REQUEST['saveOldPagePath'];
						if ($_REQUEST['saveOldPagePath']) {
							$nc2 = $oc->move($dc, true);
						} else {
							$nc2 = $oc->move($dc);
						}
						$successMessage = '"' . $oc->getCollectionName() . '" '.t('was moved beneath').' "' . $dc->getCollectionName() . '"';
					} else {
						$oc->markPendingAction('MOVE', $dc);
						$successMessage = t("Your request to move \"%s\" beneath \"%s\" has been stored. Someone with approval rights will have to activate the change.", $oc->getCollectionName() , $dc->getCollectionName() );
					}
					$newCID = $oc->getCollectionID();
					break;
			}
		} else {
Exemplo n.º 3
0
$token = '&' . $valt->getParameter();
if (isset($cp)) {
    $u = new User();
    $username = $u->getUserName();
    $vo = $c->getVersionObject();
    $statusMessage = '';
    if ($c->isCheckedOut()) {
        if (!$c->isCheckedOutByMe()) {
            $cantCheckOut = true;
            $statusMessage .= t("%s is currently editing this page.", $c->getCollectionCheckedOutUserName());
        }
    }
    if ($c->getCollectionPointerID() > 0) {
        $statusMessage .= t("This page is an alias of one that actually appears elsewhere. ");
        $statusMessage .= "<br/><a href='" . DIR_REL . "/" . DISPATCHER_FILENAME . "?cID=" . $c->getCollectionID() . "'>" . t('View/Edit Original') . "</a>";
        if ($cp->canApproveCollection()) {
            $statusMessage .= "&nbsp;|&nbsp;";
            $statusMessage .= "<a href='" . DIR_REL . "/" . DISPATCHER_FILENAME . "?cID=" . $c->getCollectionPointerOriginalID() . "&ctask=remove-alias" . $token . "'>" . t('Remove Alias') . "</a>";
        }
    } else {
        if (is_object($vo)) {
            if (!$vo->isApproved() && !$c->isEditMode()) {
                $statusMessage .= t("This page is pending approval.");
                if ($cp->canApproveCollection() && !$c->isCheckedOut()) {
                    $statusMessage .= "<br/><a href='" . DIR_REL . "/" . DISPATCHER_FILENAME . "?cID=" . $c->getCollectionID() . "&ctask=approve-recent" . $token . "'>" . t('Approve Version') . "</a>";
                }
            }
        }
        $pendingAction = $c->getPendingAction();
        if ($pendingAction == 'MOVE') {
            $statusMessage .= $statusMessage ? "&nbsp;|&nbsp;" : "";
Exemplo n.º 4
0
		/**
		 * render takes one argument - the item being rendered - and it can either be a path or a page object
		 * @access public
		 * @param string $view
		 * @param array $args
		 * @return void
		*/	
		public function render($view, $args = null) { 
			
			try {			
				if (is_array($args)) {
					extract($args);
				}
	
				// strip off a slash if there is one at the end
				if (is_string($view)) {
					if (substr($view, strlen($view) - 1) == '/') {
						$view = substr($view, 0, strlen($view) - 1);
					}
				}
				
				$wrapTemplateInTheme = false;

				Events::fire('on_start', $this);
				
				// Extract controller information from the view, and put it in the current context
				if (!isset($this->controller)) {
					$this->controller = Loader::controller($view);
					$this->controller->setupAndRun();
				}

				if ($this->controller->getRenderOverride() != '') {
				   $view = $this->controller->getRenderOverride();
				}
				
				// Determine which inner item to load, load it, and stick it in $innerContent
				$content = false;
								
				ob_start();			
				if ($view instanceof Page) {
					
					$viewPath = $view->getCollectionPath();
					$this->viewPath = $viewPath;
					
					$cFilename = $view->getCollectionFilename();
					$ctHandle = $view->getCollectionTypeHandle();
					$editMode = $view->isEditMode();
					$c = $view;
					$this->c = $c;
					
					// $view is a page. It can either be a SinglePage or just a Page, but we're not sure at this point, unfortunately
					if ($view->getCollectionTypeID() == 0 && $cFilename) {
						$wrapTemplateInTheme = true;
						if (file_exists(DIR_FILES_CONTENT. "{$cFilename}")) {
							$content = DIR_FILES_CONTENT. "{$cFilename}";
						} else if ($view->getPackageID() > 0) {
							$file1 = DIR_PACKAGES . '/' . $view->getPackageHandle() . '/'. DIRNAME_PAGES . $cFilename;
							$file2 = DIR_PACKAGES_CORE . '/' . $view->getPackageHandle() . '/'. DIRNAME_PAGES . $cFilename;
							if (file_exists($file1)) {
								$content = $file1;
							} else if (file_exists($file2)) {
								$content = $file2;
							}
						} else if (file_exists(DIR_FILES_CONTENT_REQUIRED . "{$cFilename}")) {
							$content = DIR_FILES_CONTENT_REQUIRED. "{$cFilename}";
						}
						
						$themeFilename = $c->getCollectionHandle() . '.php';
						
					} else {
						if (file_exists(DIR_BASE . '/' . DIRNAME_PAGE_TYPES . '/' . $ctHandle . '.php')) {
							$content = DIR_BASE . '/' . DIRNAME_PAGE_TYPES . '/' . $ctHandle . '.php';
							$wrapTemplateInTheme = true;
						} else if (file_exists(DIR_BASE_CORE. '/' . DIRNAME_PAGE_TYPES . '/' . $ctHandle . '.php')) {
							$content = DIR_BASE_CORE . '/' . DIRNAME_PAGE_TYPES . '/' . $ctHandle . '.php';
							$wrapTemplateInTheme = true;
						} else if ($view->getPackageID() > 0) {
							$file1 = DIR_PACKAGES . '/' . $view->getPackageHandle() . '/'. DIRNAME_PAGE_TYPES . '/' . $ctHandle . '.php';
							$file2 = DIR_PACKAGES_CORE . '/' . $view->getPackageHandle() . '/'. DIRNAME_PAGE_TYPES . '/' . $ctHandle . '.php';
							if (file_exists($file1)) {
								$content = $file1;
								$wrapTemplateInTheme = true;
							} else if (file_exists($file2)) {
								$content = $file2;
								$wrapTemplateInTheme = true;
							}
						}
						
						$themeFilename = $ctHandle . '.php';
					}
					
					
				} else if (is_string($view)) {
					
					// if we're passing a view but our render override is not null, that means that we're passing 
					// a new view from within a controller. If that's the case, then we DON'T override the viewPath, we want to keep it
					
					// In order to enable editable 404 pages, other editable pages that we render without actually visiting
					if (defined('DB_DATABASE') && $view == '/page_not_found') {
						$pp = Page::getByPath($view);
						if (!$pp->isError()) {
							$this->c = $pp;
						}
					}
					
					$viewPath = $view;
					if ($this->controller->getRenderOverride() != '' && $this->getCollectionObject() != null) {
						// we are INSIDE a collection renderring a view. Which means we want to keep the viewPath that of the collection
						$this->viewPath = $this->getCollectionObject()->getCollectionPath();
					}
					
					// we're just passing something like "/login" or whatever. This will typically just be 
					// internal Concrete stuff, but we also prepare for potentially having something in DIR_FILES_CONTENT (ie: the webroot)
					if (file_exists(DIR_FILES_CONTENT . "/{$view}/" . FILENAME_COLLECTION_VIEW)) {
						$content = DIR_FILES_CONTENT . "/{$view}/" . FILENAME_COLLECTION_VIEW;
					} else if (file_exists(DIR_FILES_CONTENT . "/{$view}.php")) {
						$content = DIR_FILES_CONTENT . "/{$view}.php";
					} else if (file_exists(DIR_FILES_CONTENT_REQUIRED . "/{$view}/" . FILENAME_COLLECTION_VIEW)) {
						$content = DIR_FILES_CONTENT_REQUIRED . "/{$view}/" . FILENAME_COLLECTION_VIEW;
					} else if (file_exists(DIR_FILES_CONTENT_REQUIRED . "/{$view}.php")) {
						$content = DIR_FILES_CONTENT_REQUIRED . "/{$view}.php";
					} else if ($this->getCollectionObject() != null && $this->getCollectionObject()->isGeneratedCollection() && $this->getCollectionObject()->getPackageID() > 0) {
						//This is a single_page associated with a package, so check the package views as well
						$pagePkgPath = Package::getByID($this->getCollectionObject()->getPackageID())->getPackagePath();
						if (file_exists($pagePkgPath . "/single_pages/{$view}/" . FILENAME_COLLECTION_VIEW)) {
							$content = $pagePkgPath . "/single_pages/{$view}/" . FILENAME_COLLECTION_VIEW;
						} else if (file_exists($pagePkgPath . "/single_pages/{$view}.php")) {
							$content = $pagePkgPath . "/single_pages/{$view}.php";
						}
					}
					$wrapTemplateInTheme = true;
					$themeFilename = $view . '.php';
				}
				
				
				if (is_object($this->c)) {
					$c = $this->c;
					if (defined('DB_DATABASE') && $view == '/page_not_found') {
						$view = $c;
						$req = Request::get();
						$req->setCurrentPage($c);
					}
				}
				
				// Determine which outer item/theme to load
				// obtain theme information for this collection
				if (isset($this->themeOverride)) {
					$theme = $this->themeOverride;
				} else if ($this->controller->theme != false) {
					$theme = $this->controller->theme;
				} else if (($tmpTheme = $this->getThemeFromPath($viewPath)) != false) {
					$theme = $tmpTheme;
				} else if (is_object($this->c) && ($tmpTheme = $this->c->getCollectionThemeObject()) != false) {
					$theme = $tmpTheme;
				} else {
					$theme = FILENAME_COLLECTION_DEFAULT_THEME;
				}		
				
				$this->setThemeForView($theme, $themeFilename, $wrapTemplateInTheme);

				// Now, if we're on an actual page, we retrieve all the blocks on the page
				// and store their view states in the local cache (for the page). That way
				// we can add header items and have them show up in the header BEFORE
				// the block itself is actually loaded 			
				
				if ($view instanceof Page) {
					$_pageBlocks = $view->getBlocks();
					$_pageBlocksGlobal = $view->getGlobalBlocks();
					$_pageBlocks = array_merge($_pageBlocks, $_pageBlocksGlobal);
					if ($view->supportsPageCache($_pageBlocks, $this->controller)) {
						$pageContent = $view->getFromPageCache();
						if ($pageContent != false) {
							Events::fire('on_before_render', $this);
							if (defined('APP_CHARSET')) {
								header("Content-Type: text/html; charset=" . APP_CHARSET);
							}
							print($pageContent);
							Events::fire('on_render_complete', $this);
							if (ob_get_level() == OB_INITIAL_LEVEL) {
		
								require(DIR_BASE_CORE . '/startup/shutdown.php');
								exit;
							}
							return;
						}
					}
					
					foreach($_pageBlocks as $b1) {
						$btc = $b1->getInstance();
						// now we inject any custom template CSS and JavaScript into the header
						if('Controller' != get_class($btc)){
							$btc->outputAutoHeaderItems();
						}
						$btc->runTask('on_page_view', array($view));
					}
					
					// do we have any custom menu plugins?
					$cp = new Permissions($view);
					if ($cp->canWrite() || $cp->canAddSubContent() || $cp->canAdminPage() || $cp->canApproveCollection()) { 
						$ih = Loader::helper('concrete/interface/menu');
						$_interfaceItems = $ih->getPageHeaderMenuItems();
						foreach($_interfaceItems as $_im) {
							$_controller = $_im->getController();
							$_controller->outputAutoHeaderItems();
						}
						unset($_interfaceItems);
						unset($_im);
						unset($_controller);
					}
					unset($_interfaceItems);
					unset($_im);
					unset($_controller);
					
					
					// now, we output all the custom style records for the design tab in blocks/areas on the page
					$c = $this->getCollectionObject();
					$view->outputCustomStyleHeaderItems(); 				
				}
	
				// finally, we include the theme (which was set by setTheme and will automatically include innerContent)
				// disconnect from our db and exit

				$this->controller->on_before_render();
				extract($this->controller->getSets());
				extract($this->controller->getHelperObjects());

				if ($content != false) {
					include($content);
				}

				$innerContent = ob_get_contents();
				
				if (ob_get_level() > OB_INITIAL_LEVEL) {
					ob_end_clean();
				}
				
				Events::fire('on_before_render', $this);
				
				if (defined('APP_CHARSET')) {
					header("Content-Type: text/html; charset=" . APP_CHARSET);
				}
				
				if (file_exists($this->theme)) {
					
					ob_start();
					include($this->theme);
					$pageContent = ob_get_contents();
					ob_end_clean();
					
					$ret = Events::fire('on_page_output', $pageContent);
					if($ret != '') {
						print $ret;
					} else {
						print $pageContent;
					}
					
					if ($view instanceof Page) {
						if ($view->supportsPageCache($_pageBlocks, $this->controller)) {
							$view->addToPageCache($pageContent);
						}
					}
					
				} else {
					throw new Exception(t('File %s not found. All themes need default.php and view.php files in them. Consult concrete5 documentation on how to create these files.', $this->theme));
				}
				
				Events::fire('on_render_complete', $this);
				
				if (ob_get_level() == OB_INITIAL_LEVEL) {
	
					require(DIR_BASE_CORE . '/startup/shutdown.php');
					exit;
					
				}
				
			} catch(ADODB_Exception $e) {
				// if it's a database exception we go here.
				if (Config::get('SITE_DEBUG_LEVEL') == DEBUG_DISPLAY_ERRORS) {
					$this->renderError(t('An unexpected error occurred.'), $e->getMessage(), $e);		
				} else {
					$this->renderError(t('An unexpected error occurred.'), t('A database error occurred while processing this request.'), $e);
				}
				
				// log if setup to do so
				if (ENABLE_LOG_ERRORS) {
					$l = new Log(LOG_TYPE_EXCEPTIONS, true, true);
					$l->write(t('Exception Occurred: ') . $e->getMessage());
					$l->write($e->getTraceAsString());
					$l->close();
				}
			} catch (Exception $e) {
				$this->renderError(t('An unexpected error occurred.'), $e->getMessage(), $e);
				// log if setup to do so
				if (ENABLE_LOG_ERRORS) {
					$l = new Log(LOG_TYPE_EXCEPTIONS, true, true);
					$l->write(t('Exception Occurred: ') . $e->getMessage());
					$l->write($e->getTraceAsString());
					$l->close();
				}
			}

		}
Exemplo n.º 5
0
<?php

defined('C5_EXECUTE') or die("Access Denied.");
$valt = Loader::helper('validation/token');
$fh = Loader::helper('file');
$token = '&' . $valt->getParameter();
$c = Page::getByID($_REQUEST['cID']);
$cID = $c->getCollectionID();
$cp = new Permissions($c);
$isCheckedOut = $c->isCheckedOut() && !$c->isEditMode();
if (!$cp->canReadVersions() && !$cp->canApproveCollection()) {
    die(_("Access Denied."));
}
if ($_GET['vtask'] == 'view_version') {
    ?>
		<?php 
    /*
    		we use the always-updated ID below so that Safari doesn't cache the iframe's contents. We probably shouldn't be
    		making a new iframe on every request to this anyway, but it doesn't happen very often and it represents a significant
    		hurdle to making it a bit of a better citizen, so we'll do it this way for now.
    */
    ?>
		
		<iframe border="0" id="v<?php 
    echo time();
    ?>
" frameborder="0" height="100%" width="100%" src="<?php 
    echo BASE_URL . DIR_REL;
    ?>
/<?php 
    echo DISPATCHER_FILENAME;
Exemplo n.º 6
0
<?php

defined('C5_EXECUTE') or die("Access Denied.");
$c = Page::getByID($_REQUEST['cID']);
$cp = new Permissions($c);
if (!$cp->canWrite()) {
    die(_("Access Denied."));
}
$v = CollectionVersion::get($c, "RECENT", true);
if ($cp->canApproveCollection()) {
    $approveChecked = "";
    if (isset($_SESSION['checkInApprove'])) {
        if ($_SESSION['checkInApprove'] == true) {
            $approveChecked = " checked";
        }
    }
}
Loader::element('pane_header', array('c' => $c));
?>
<div class="ccm-pane-controls">
    <div id="ccm-edit-collection">
        <form method="post" id="ccm-check-in" action="<?php 
echo DIR_REL;
?>
/<?php 
echo DISPATCHER_FILENAME;
?>
?cID=<?php 
echo $c->getCollectionID();
?>
&ctask=check-in">
Exemplo n.º 7
0
 function approve($doReindexImmediately = true)
 {
     $db = Loader::db();
     $u = new User();
     $uID = $u->getUserID();
     $cvID = $this->cvID;
     $cID = $this->cID;
     $c = Page::getByID($cID, $this->cvID);
     $ov = Page::getByID($cID, 'ACTIVE');
     $oldHandle = $ov->getCollectionHandle();
     $newHandle = $this->cvHandle;
     // update a collection updated record
     $dh = Loader::helper('date');
     $db->query('update Collections set cDateModified = ? where cID = ?', array($dh->getLocalDateTime(), $cID));
     // first we remove approval for the other version of this collection
     $v = array($cID);
     $q = "update CollectionVersions set cvIsApproved = 0 where cID = ?";
     $r = $db->query($q, $v);
     $ov->refreshCache();
     // now we approve our version
     $v2 = array($uID, $cID, $cvID);
     $q2 = "update CollectionVersions set cvIsNew = 0, cvIsApproved = 1, cvApproverUID = ? where cID = ? and cvID = ?";
     $r = $db->query($q2, $v2);
     // next, we rescan our collection paths for the particular collection, but only if this isn't a generated collection
     // I don't know why but this just isn't reliable. It might be a race condition with the cached page objects?
     /*
     if ((($oldHandle != $newHandle) || $oldHandle == '') && (!$c->isGeneratedCollection())) {
     */
     $c->rescanCollectionPath();
     //}
     // check for related version edits. This only gets applied when we edit global areas.
     if ($this->isNew()) {
         $r = $db->Execute('select cRelationID, cvRelationID from CollectionVersionRelatedEdits where cID = ? and cvID = ?', array($cID, $cvID));
         while ($row = $r->FetchRow()) {
             $cn = Page::getByID($row['cRelationID'], $row['cvRelationID']);
             $cnp = new Permissions($cn);
             if ($cnp->canApproveCollection()) {
                 $v = $cn->getVersionObject();
                 if ($v->isNew()) {
                     $v->approve();
                 }
             }
         }
     }
     Events::fire('on_page_version_approve', $c);
     $c->reindex(false, $doReindexImmediately);
     $this->refreshCache();
 }
Exemplo n.º 8
0
<?

defined('C5_EXECUTE') or die("Access Denied.");
$c = Page::getByID($_REQUEST['cID']);
$cp = new Permissions($c);
if (!$cp->canWrite()) {
	die(t("Access Denied."));
}

$v = CollectionVersion::get($c, "RECENT", true);

if ($cp->canApproveCollection()) {
	$approveChecked = "";
	if (isset($_SESSION['checkInApprove'])) {
		if ($_SESSION['checkInApprove'] == true) {
			$approveChecked = " checked";
		}
	}
}

Loader::element('pane_header', array('c'=>$c)); 
?>
<div class="ccm-pane-controls">
    <div id="ccm-edit-collection">
        <form method="post" id="ccm-check-in" action="<?php 
echo DIR_REL;
?>
/<?php 
echo DISPATCHER_FILENAME;
?>
?cID=<?php 
Exemplo n.º 9
0
	$u = new User();
	$username = $u->getUserName();
	$vo = $c->getVersionObject();

	$statusMessage = '';
	if ($c->isCheckedOut()) {
		if (!$c->isCheckedOutByMe()) {
			$cantCheckOut = true;
			$statusMessage .= t("%s is currently editing this page.", $c->getCollectionCheckedOutUserName());
		}
	}
	
	if ($c->getCollectionPointerID() > 0) {
		$statusMessage .= t("This page is an alias of one that actually appears elsewhere. ");
		$statusMessage .= "<br/><a href='" . DIR_REL . "/" . DISPATCHER_FILENAME . "?cID=" . $c->getCollectionID() . "'>" . t('View/Edit Original') . "</a>";
		if ($cp->canApproveCollection()) {
			$statusMessage .= "&nbsp;|&nbsp;";
			$statusMessage .= "<a href='" . DIR_REL . "/" . DISPATCHER_FILENAME . "?cID=" . $c->getCollectionPointerOriginalID() . "&ctask=remove-alias" . $token . "'>" . t('Remove Alias') . "</a>";
		}
	} else {
	
		if (is_object($vo)) {
			if (!$vo->isApproved() && !$c->isEditMode()) {
				$statusMessage .= t("This page is pending approval.");
				if ($cp->canApproveCollection() && !$c->isCheckedOut()) {
					$statusMessage .= "<br/><a href='" . DIR_REL . "/" . DISPATCHER_FILENAME . "?cID=" . $c->getCollectionID() . "&ctask=approve-recent" . $token . "'>" . t('Approve Version') . "</a>";
				}
			}
		}
		
		$pendingAction = $c->getPendingAction();
Exemplo n.º 10
0
	$u = new User();
	$username = $u->getUserName();
	$vo = $c->getVersionObject();

	$statusMessage = '';
	if ($c->isCheckedOut()) {
		if (!$c->isCheckedOutByMe()) {
			$cantCheckOut = true;
			$statusMessage .= t("%s is currently editing this page.", $c->getCollectionCheckedOutUserName());
		}
	}
	
	if ($c->getCollectionPointerID() > 0) {
		$statusMessage .= t("This page is an alias of one that actually appears elsewhere. ");
		$statusMessage .= "<br/><a href='" . DIR_REL . "/" . DISPATCHER_FILENAME . "?cID=" . $c->getCollectionID() . "'>" . t('View/Edit Original') . "</a>";
		if ($cp->canApproveCollection()) {
			$statusMessage .= "&nbsp;|&nbsp;";
			$statusMessage .= "<a href='" . DIR_REL . "/" . DISPATCHER_FILENAME . "?cID=" . $c->getCollectionPointerOriginalID() . "&ctask=remove-alias" . $token . "'>" . t('Remove Alias') . "</a>";
		}
	} else {
	
		if (is_object($vo)) {
			if (!$vo->isApproved() && !$c->isEditMode()) {
				$statusMessage .= t("This page is pending approval.");
				if ($cp->canApproveCollection() && !$c->isCheckedOut()) {
					$statusMessage .= "<br/><a href='" . DIR_REL . "/" . DISPATCHER_FILENAME . "?cID=" . $c->getCollectionID() . "&ctask=approve-recent" . $token . "'>" . t('Approve Version') . "</a>";
				}
			}
		}
		
		$pendingAction = $c->getPendingAction();