public function view() {
$categories = array();
$c = Page::getCurrentPage();
$children = $c->getCollectionChildrenArray(true);
foreach($children as $cID) {
$nc = Page::getByID($cID, 'ACTIVE');
$ncp = new Permissions($nc);
if ($ncp->canRead() && (!$nc->getAttribute('exclude_nav'))) {
$categories[] = $nc;
}
}
$this->set('categories', $categories);
}
protected static function isValidStack($stack) {
$parent = Page::getByPath(STACKS_PAGE_PATH);
if ($stack->getCollectionParentID() != $parent->getCollectionID()) {
return false;
}
$as = Area::get($stack, STACKS_AREA_NAME);
$asp = new Permissions($as);
if (!$asp->canRead()) {
return false;
}
return true;
}
public function view_inline($fID)
{
$file = File::getByID($fID);
$fp = new Permissions($file);
if (!$fp->canRead()) {
return false;
}
$mimeType = $file->getMimeType();
$fc = Loader::helper('file');
$contents = $fc->getContents($file->getPath());
header("Content-type: {$mimeType}");
print $contents;
exit;
}
function loadFileSet(){
if (intval($this->fsID) < 1) {
return false;
}
Loader::helper('concrete/file');
Loader::model('file_attributes');
Loader::library('file/types');
Loader::model('file_list');
Loader::model('file_set');
$ak = FileAttributeKey::getByHandle('height');
$fs = FileSet::getByID($this->fsID);
$fileList = new FileList();
$fileList->filterBySet($fs);
$fileList->filterByType(FileType::T_IMAGE);
$fileList->sortByFileSetDisplayOrder();
$files = $fileList->get(1000,0);
$image = array();
$image['duration'] = $this->duration;
$image['fadeDuration'] = $this->fadeDuration;
$image['groupSet'] = 0;
$image['url'] = '';
$images = array();
$maxHeight = 0;
foreach ($files as $f) {
$fp = new Permissions($f);
if(!$fp->canRead()) { continue; }
$image['fID'] = $f->getFileID();
$image['fileName'] = $f->getFileName();
$image['fullFilePath'] = $f->getPath();
$image['url'] = $f->getRelativePath();
// find the max height of all the images so slideshow doesn't bounce around while rotating
$vo = $f->getAttributeValueObject($ak);
if (is_object($vo)) {
$image['imgHeight'] = $vo->getValue('height');
}
if ($maxHeight == 0 || $image['imgHeight'] > $maxHeight) {
$maxHeight = $image['imgHeight'];
}
$images[] = $image;
}
$this->images = $images;
}
public function view()
{
$this->enableNativeMobile();
$categories = array();
$c = Page::getCurrentPage();
$children = $c->getCollectionChildrenArray(true);
foreach ($children as $cID) {
$nc = Page::getByID($cID, 'ACTIVE');
$ncp = new Permissions($nc);
if ($ncp->canRead()) {
$categories[] = $nc;
}
}
$this->set('categories', $categories);
}
public static function getUnsortedPermittedFilesetImages($fsID)
{
Loader::model('file_set');
Loader::model('file_list');
$fsHasDisplayOrder = version_compare(APP_VERSION, '5.4.1', '>=');
$fs = FileSet::getByID($fsID);
$fl = new FileList();
$fl->filterBySet($fs);
$fl->filterByType(FileType::T_IMAGE);
if ($fsHasDisplayOrder) {
$fl->sortByFileSetDisplayOrder();
}
$all_files = $fl->get();
$permitted_files = array();
foreach ($all_files as $f) {
$fp = new Permissions($f);
if ($fp->canRead()) {
$permitted_files[] = $f;
}
}
return $permitted_files;
}
public function on_page_view() {
$stack = Stack::getByID($this->stID);
$p = new Permissions($stack);
if ($p->canRead()) {
$blocks = $stack->getBlocks();
foreach($blocks as $b) {
$bp = new Permissions($b);
if ($bp->canRead()) {
$btc = $b->getInstance();
if('Controller' != get_class($btc)){
$btc->outputAutoHeaderItems();
}
$csr = $b->getBlockCustomStyleRule();
if (is_object($csr)) {
$styleHeader = '#'.$csr->getCustomStyleRuleCSSID(1).' {'. $csr->getCustomStyleRuleText(). "} \r\n";
$btc->addHeaderItem("<style type=\"text/css\"> \r\n".$styleHeader.'</style>', 'VIEW');
}
$btc->runTask('on_page_view', array($view));
}
}
}
}
public function on_start() {
$c = Page::getByPath('/dashboard/blocks/stacks');
$cp = new Permissions($c);
if ($cp->canRead()) {
$c = Page::getCurrentPage();
$pcp = new Permissions($c);
if ((!$pcp->canReadVersions()) || ($_GET['vtask'] != 'view_versions' && $_GET['vtask'] != 'compare')) {
$cID = $c->getCollectionID();
$this->redirect('/dashboard/blocks/stacks','view_details', $cID);
} else {
$this->theme = 'dashboard';
}
} else {
global $c; // ugh
$v = View::getInstance();
$c = new Page();
$c->loadError(COLLECTION_NOT_FOUND);
$v->setCollectionObject($c);
$this->c = $c;
$cont = Loader::controller("/page_not_found");
$v->setController($cont);
$v->render('/page_not_found');
}
}
$obj->arHandle = $a->getAreaHandle();
$obj->error = false;
print Loader::helper('json')->encode($obj);
exit;
//header('Location: ' . BASE_URL . DIR_REL . '/' . DISPATCHER_FILENAME . '?cID=' . $redirectCID . '&mode=edit' . $step);
//exit;
}
break;
case 'passthru':
if (isset($_GET['bID']) && isset($_GET['arHandle'])) {
$a = Area::get($c, $_GET['arHandle']);
$b = Block::getByID($_GET['bID'], $c, $a);
// basically, we hand off the current request to the block
// which handles permissions and everything
$p = new Permissions($b);
if ($p->canRead()) {
$action = $b->passThruBlock($_REQUEST['method']);
}
}
break;
}
}
if ($_GET['atask'] && $valt->validate()) {
switch ($_GET['atask']) {
case 'update':
if ($cp->canAdminPage()) {
$area = Area::get($c, $_GET['arHandle']);
if (is_object($area)) {
if ($_POST['aRevertToPagePermissions']) {
$area->revertToPagePermissions();
} else {
defined('C5_EXECUTE') or die("Access Denied.");
$u = new User();
$form = Loader::helper('form');
$respw = array();
$fileIDs = array();
$files = array();
if (is_array($_REQUEST['fID'])) {
$fileIDs = $_REQUEST['fID'];
} else {
$fileIDs[] = $_REQUEST['fID'];
}
foreach ($fileIDs as $fID) {
$f = File::getByID($fID);
$fp = new Permissions($f);
if ($fp->canRead()) {
$files[] = $f;
}
}
if (count($files) == 0) {
die(t("Access Denied."));
}
$i = 0;
foreach ($files as $f) {
$ats = $f->getAttributeList();
$resp[$i]['error'] = false;
$resp[$i]['filePathDirect'] = $f->getRelativePath();
$resp[$i]['filePathInline'] = View::url('/download_file', 'view_inline', $f->getFileID());
$resp[$i]['filePath'] = View::url('/download_file', 'view', $f->getFileID());
$resp[$i]['title'] = $f->getTitle();
$resp[$i]['fileName'] = $f->getFilename();
?>
</form>
</div>
</div>
<?php
if (count($stacks) > 0) {
?>
<ul id="ccm-stack-list" class="item-select-list item-select-list-groups">
<?php
foreach ($stacks as $s) {
$as = Area::get($s, STACKS_AREA_NAME);
$asp = new Permissions($as);
if ($asp->canRead() && $ap->canAddStackToArea($s)) {
?>
<li class="ccm-stack-available">
<a onclick="ccmStackSearchResetKeys()" dialog-on-destroy="ccmStackSearchMapKeys()" class="dialog-launch ccm-block-type-inner" dialog-on-close="ccm_blockWindowAfterClose()" dialog-append-buttons="true" dialog-modal="false" dialog-width="620" dialog-height="400" dialog-title="<?php
echo $s->getCollectionName();
?>
<?php
echo t('Contents');
?>
" href="<?php
echo REL_DIR_FILES_TOOLS_REQUIRED;
?>
/edit_area_popup.php?atask=add_stack_contents&cID=<?php
echo $c->getCollectionID();
?>
switch ($_GET['atask']) {
case 'add':
$toolSection = "block_area_add_new";
$canViewPane = $ap->canAddBlocks();
break;
case 'add_from_stack':
$toolSection = "block_area_add_stack";
$canViewPane = $ap->canAddStacks();
break;
case 'add_stack_contents':
$toolSection = "block_area_add_stack_contents";
$stack = Stack::getByID($_REQUEST['stackID']);
$canViewPane = false;
if (is_object($stack)) {
$stp = new Permissions($stack);
$canViewPane = $stp->canRead() && $ap->canAddStacks();
}
break;
case 'paste':
$toolSection = "block_area_add_scrapbook";
$canViewPane = $ap->canAddBlocks();
break;
case 'layout':
$originalLayoutId = intval($_REQUEST['originalLayoutID']) ? intval($_REQUEST['originalLayoutID']) : intval($_REQUEST['layoutID']);
$args['refreshAction'] = REL_DIR_FILES_TOOLS_REQUIRED . '/edit_area_popup?atask=layout&cID=' . $c->getCollectionID() . '&arHandle=' . $a->getAreaHandle() . '&refresh=1&originalLayoutID=' . $originalLayoutId . '&cvalID=' . $_REQUEST['cvalID'] . '&areaNameNumber=' . intval($_REQUEST['areaNameNumber']);
$toolSection = "block_area_layout";
$canViewPane = $ap->canAddLayoutToArea();
$args['action'] = $a->getAreaUpdateAction('layout') . '&originalLayoutID=' . $originalLayoutId . '&cvalID=' . intval($_REQUEST['cvalID']) . '&areaNameNumber=' . intval($_REQUEST['areaNameNumber']);
break;
case 'design':
$toolSection = 'custom_style';
<?
defined('C5_EXECUTE') or die("Access Denied.");
$u = new User();
$form = Loader::helper('form');
$f = File::getByID($_REQUEST['fID']);
if (isset($_REQUEST['fvID'])) {
$fv = $f->getVersion($_REQUEST['fvID']);
} else {
$fv = $f->getApprovedVersion();
}
$fp = new Permissions($f);
if (!$fp->canRead()) {
die(t("Access Denied."));
}
?>
<div style="text-align: center">
<?
$to = $fv->getTypeObject();
if ($to->getPackageHandle() != '') {
Loader::packageElement('files/view/' . $to->getView(), $to->getPackageHandle(), array('fv' => $fv));
} else {
Loader::element('files/view/' . $to->getView(), array('fv' => $fv));
}
?>
</div>
<div class="dialog-buttons">
<form method="post" action="<?php
?>
</a>
<small><?php
echo $cat->getCollectionDescription();
?>
</small>
</h3>
</div>
<?php
$show = array();
$subcats = $cat->getCollectionChildrenArray(true);
foreach ($subcats as $catID) {
$subcat = Page::getByID($catID, 'ACTIVE');
$catp = new Permissions($subcat);
if ($catp->canRead() && $subcat->getAttribute('exclude_nav') != 1) {
$show[] = $subcat;
}
}
if (count($show) > 0) {
?>
<div class="clearfix">
<?php
foreach ($show as $subcat) {
?>
<div class="span4">
<a href="<?php
echo Loader::helper('navigation')->getLinkToCollection($cat);
protected function finishLogin($loginData = array())
{
$u = new User();
if ($this->post('uMaintainLogin')) {
$u->setUserForeverCookie();
}
if (count($this->locales) > 0) {
if (Config::get('LANGUAGE_CHOOSE_ON_LOGIN') && $this->post('USER_LOCALE') != '') {
$u->setUserDefaultLanguage($this->post('USER_LOCALE'));
}
}
// Verify that the user has filled out all
// required items that are required on register
// That means users logging in after new user attributes
// have been created and required will be prompted here to
// finish their profile
$this->set('invalidRegistrationFields', false);
Loader::model('attribute/categories/user');
$ui = UserInfo::getByID($u->getUserID());
$aks = UserAttributeKey::getRegistrationList();
$unfilledAttributes = array();
foreach ($aks as $uak) {
if ($uak->isAttributeKeyRequiredOnRegister()) {
$av = $ui->getAttributeValueObject($uak);
if (!is_object($av)) {
$unfilledAttributes[] = $uak;
}
}
}
if ($this->post('completePartialProfile')) {
foreach ($unfilledAttributes as $uak) {
$e1 = $uak->validateAttributeForm();
if ($e1 == false) {
$this->error->add(t('The field "%s" is required', $uak->getAttributeKeyName()));
} else {
if ($e1 instanceof ValidationErrorHelper) {
$this->error->add($e1);
}
}
}
if (!$this->error->has()) {
// the user has needed to complete a partial profile, and they have done so,
// and they have no errors. So we save our profile data against the account.
foreach ($unfilledAttributes as $uak) {
$uak->saveAttributeForm($ui);
$unfilledAttributes = array();
}
}
}
if (count($unfilledAttributes) > 0) {
$u->logout();
$this->set('invalidRegistrationFields', true);
$this->set('unfilledAttributes', $unfilledAttributes);
}
$txt = Loader::helper('text');
$rcID = $this->post('rcID');
$nh = Loader::helper('validation/numbers');
//set redirect url
if ($nh->integer($rcID)) {
$nh = Loader::helper('navigation');
$rc = Page::getByID($rcID);
$url = $nh->getLinkToCollection($rc, true);
$loginData['redirectURL'] = $url;
} elseif (strlen($rcID)) {
$rcID = trim($rcID, '/');
$nc2 = Page::getByPath('/' . $rcID);
if (is_object($nc2) && !$nc2->isError()) {
$loginData['redirectURL'] = BASE_URL . DIR_REL . '/' . DISPATCHER_FILENAME . '/' . $rcID;
}
}
/*
//full page login redirect (non-ajax login)
if( strlen($loginData['redirectURL']) && $_REQUEST['format']!='JSON' ){
header('Location: ' . $loginData['redirectURL']);
exit;
}
*/
$dash = Page::getByPath("/dashboard", "RECENT");
$dbp = new Permissions($dash);
Events::fire('on_user_login', $this);
//End JSON Login
if ($_REQUEST['format'] == 'JSON') {
return $loginData;
}
//should administrator be redirected to dashboard? defaults to yes if not set.
$adminToDash = intval(Config::get('LOGIN_ADMIN_TO_DASHBOARD'));
//Full page login, standard redirection
$u = new User();
// added for the required registration attribute change above. We recalc the user and make sure they're still logged in
if ($u->isRegistered()) {
if ($u->config('NEWSFLOW_LAST_VIEWED') == 'FIRSTRUN') {
$u->saveConfig('NEWSFLOW_LAST_VIEWED', 0);
}
if ($loginData['redirectURL']) {
//make double secretly sure there's no caching going on
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Pragma: no-cache");
header('Expires: Fri, 30 Oct 1998 14:19:41 GMT');
//in the past
$this->externalRedirect($loginData['redirectURL']);
} else {
if ($dbp->canRead() && $adminToDash) {
$this->redirect('/dashboard');
} else {
//options set in dashboard/users/registration
$login_redirect_cid = intval(Config::get('LOGIN_REDIRECT_CID'));
$login_redirect_mode = Config::get('LOGIN_REDIRECT');
//redirect to user profile
if ($login_redirect_mode == 'PROFILE' && ENABLE_USER_PROFILES) {
$this->redirect('/profile/', $u->uID);
//redirect to custom page
} elseif ($login_redirect_mode == 'CUSTOM' && $login_redirect_cid > 0) {
$redirectTarget = Page::getByID($login_redirect_cid);
if (intval($redirectTarget->cID) > 0) {
$this->redirect($redirectTarget->getCollectionPath());
} else {
$this->redirect('/');
}
//redirect home
} else {
$this->redirect('/');
}
}
}
}
}
protected function displayPage($tc)
{
if ($tc->isSystemPage() && !$this->displaySystemPages) {
return false;
}
$tcv = $tc->getVersionObject();
if (!is_object($tcv) || !$tcv->isApproved() && !$this->displayUnapproved) {
return false;
}
if ($this->displayUnavailablePages == false) {
$tcp = new Permissions($tc);
if (!$tcp->canRead() && $tc->getCollectionPointerExternalLink() == null) {
return false;
}
}
return true;
}
protected function displayPage($tc) {
if ($tc->isSystemPage() && (!$this->displaySystemPages)) {
if ($tc->getCollectionPath() == '/members' && Config::get('ENABLE_USER_PROFILES')) {
return true;
}
return false;
}
$tcv = $tc->getVersionObject();
if ((!is_object($tcv)) || (!$tcv->isApproved() && !$this->displayUnapproved)) {
return false;
}
if ($this->displayUnavailablePages == false) {
$tcp = new Permissions($tc);
if (!$tcp->canRead() && ($tc->getCollectionPointerExternalLink() == null)) {
return false;
}
}
return true;
}
/**
* render takes one argument - the item being rendered - and it can either be a path or a page object
* @access public
* @param string $view
* @param array $args
* @return void
*/
public function render($view, $args = null)
{
if (is_array($args)) {
extract($args);
}
// strip off a slash if there is one at the end
if (is_string($view)) {
if (substr($view, strlen($view) - 1) == '/') {
$view = substr($view, 0, strlen($view) - 1);
}
}
$dsh = Loader::helper('concrete/dashboard');
$wrapTemplateInTheme = false;
$this->checkMobileView();
if (defined('DB_DATABASE') && $view !== '/upgrade') {
Events::fire('on_start', $this);
}
// Extract controller information from the view, and put it in the current context
if (!isset($this->controller)) {
$this->controller = Loader::controller($view);
$this->controller->setupAndRun();
}
if ($this->controller->getRenderOverride() != '') {
$view = $this->controller->getRenderOverride();
}
// Determine which inner item to load, load it, and stick it in $innerContent
$content = false;
ob_start();
if ($view instanceof Page) {
$_pageBlocks = $view->getBlocks();
if (!$dsh->inDashboard()) {
$_pageBlocksGlobal = $view->getGlobalBlocks();
$_pageBlocks = array_merge($_pageBlocks, $_pageBlocksGlobal);
}
// do we have any custom menu plugins?
$cp = new Permissions($view);
if ($cp->canViewToolbar()) {
$ih = Loader::helper('concrete/interface/menu');
$_interfaceItems = $ih->getPageHeaderMenuItems();
foreach ($_interfaceItems as $_im) {
$_controller = $_im->getController();
$_controller->outputAutoHeaderItems();
}
unset($_interfaceItems);
unset($_im);
unset($_controller);
}
unset($_interfaceItems);
unset($_im);
unset($_controller);
// now, we output all the custom style records for the design tab in blocks/areas on the page
$c = $this->getCollectionObject();
$view->outputCustomStyleHeaderItems();
$viewPath = $view->getCollectionPath();
$this->viewPath = $viewPath;
$cFilename = $view->getCollectionFilename();
$ctHandle = $view->getCollectionTypeHandle();
$editMode = $view->isEditMode();
$c = $view;
$this->c = $c;
$env = Environment::get();
// $view is a page. It can either be a SinglePage or just a Page, but we're not sure at this point, unfortunately
if ($view->getCollectionTypeID() == 0 && $cFilename) {
$wrapTemplateInTheme = true;
$cFilename = trim($cFilename, '/');
$content = $env->getPath(DIRNAME_PAGES . '/' . $cFilename, $view->getPackageHandle());
$themeFilename = $c->getCollectionHandle() . '.php';
} else {
$rec = $env->getRecord(DIRNAME_PAGE_TYPES . '/' . $ctHandle . '.php', $view->getPackageHandle());
if ($rec->exists()) {
$wrapTemplateInTheme = true;
$content = $rec->file;
}
$themeFilename = $ctHandle . '.php';
}
} else {
if (is_string($view)) {
// if we're passing a view but our render override is not null, that means that we're passing
// a new view from within a controller. If that's the case, then we DON'T override the viewPath, we want to keep it
// In order to enable editable 404 pages, other editable pages that we render without actually visiting
if (defined('DB_DATABASE') && $view == '/page_not_found') {
$pp = Page::getByPath($view);
if (!$pp->isError()) {
$this->c = $pp;
}
}
$viewPath = $view;
if ($this->controller->getRenderOverride() != '' && $this->getCollectionObject() != null) {
// we are INSIDE a collection renderring a view. Which means we want to keep the viewPath that of the collection
$this->viewPath = $this->getCollectionObject()->getCollectionPath();
}
// we're just passing something like "/login" or whatever. This will typically just be
// internal Concrete stuff, but we also prepare for potentially having something in DIR_FILES_CONTENT (ie: the webroot)
if (file_exists(DIR_FILES_CONTENT . "/{$view}/" . FILENAME_COLLECTION_VIEW)) {
$content = DIR_FILES_CONTENT . "/{$view}/" . FILENAME_COLLECTION_VIEW;
} else {
if (file_exists(DIR_FILES_CONTENT . "/{$view}.php")) {
$content = DIR_FILES_CONTENT . "/{$view}.php";
} else {
if (file_exists(DIR_FILES_CONTENT_REQUIRED . "/{$view}/" . FILENAME_COLLECTION_VIEW)) {
$content = DIR_FILES_CONTENT_REQUIRED . "/{$view}/" . FILENAME_COLLECTION_VIEW;
} else {
if (file_exists(DIR_FILES_CONTENT_REQUIRED . "/{$view}.php")) {
$content = DIR_FILES_CONTENT_REQUIRED . "/{$view}.php";
} else {
if ($this->getCollectionObject() != null && $this->getCollectionObject()->isGeneratedCollection() && $this->getCollectionObject()->getPackageID() > 0) {
//This is a single_page associated with a package, so check the package views as well
$pagePkgPath = Package::getByID($this->getCollectionObject()->getPackageID())->getPackagePath();
if (file_exists($pagePkgPath . "/single_pages/{$view}/" . FILENAME_COLLECTION_VIEW)) {
$content = $pagePkgPath . "/single_pages/{$view}/" . FILENAME_COLLECTION_VIEW;
} else {
if (file_exists($pagePkgPath . "/single_pages/{$view}.php")) {
$content = $pagePkgPath . "/single_pages/{$view}.php";
}
}
}
}
}
}
}
$wrapTemplateInTheme = true;
$themeFilename = $view . '.php';
}
}
if (is_object($this->c)) {
$c = $this->c;
if (defined('DB_DATABASE') && ($view == '/page_not_found' || $view == '/login')) {
$view = $c;
$req = Request::get();
$req->setCurrentPage($c);
$_pageBlocks = $view->getBlocks();
$_pageBlocksGlobal = $view->getGlobalBlocks();
$_pageBlocks = array_merge($_pageBlocks, $_pageBlocksGlobal);
}
}
if (is_array($_pageBlocks)) {
foreach ($_pageBlocks as $b1) {
$b1p = new Permissions($b1);
if ($b1p->canRead()) {
$btc = $b1->getInstance();
// now we inject any custom template CSS and JavaScript into the header
if ('Controller' != get_class($btc)) {
$btc->outputAutoHeaderItems();
}
$btc->runTask('on_page_view', array($view));
}
}
}
// Determine which outer item/theme to load
// obtain theme information for this collection
if (isset($this->themeOverride)) {
$theme = $this->themeOverride;
} else {
if ($this->controller->theme != false) {
$theme = $this->controller->theme;
} else {
if (($tmpTheme = $this->getThemeFromPath($viewPath)) != false) {
$theme = $tmpTheme;
} else {
if (is_object($this->c) && ($tmpTheme = $this->c->getCollectionThemeObject()) != false) {
$theme = $tmpTheme;
} else {
$theme = FILENAME_COLLECTION_DEFAULT_THEME;
}
}
}
}
$this->setThemeForView($theme, $themeFilename, $wrapTemplateInTheme);
// finally, we include the theme (which was set by setTheme and will automatically include innerContent)
// disconnect from our db and exit
$this->controller->on_before_render();
extract($this->controller->getSets());
extract($this->controller->getHelperObjects());
if ($content != false && !$this->disableContentInclude) {
include $content;
}
$innerContent = ob_get_contents();
if (ob_get_level() > OB_INITIAL_LEVEL) {
ob_end_clean();
}
if (defined('DB_DATABASE') && $view !== '/upgrade') {
Events::fire('on_before_render', $this);
}
if (defined('APP_CHARSET')) {
header("Content-Type: text/html; charset=" . APP_CHARSET);
}
if (file_exists($this->theme)) {
$cache = PageCache::getLibrary();
$shouldAddToCache = $cache->shouldAddToCache($this);
if ($shouldAddToCache) {
$cache->outputCacheHeaders($c);
}
ob_start();
include $this->theme;
$pageContent = ob_get_contents();
ob_end_clean();
$ret = Events::fire('on_page_output', $pageContent);
if ($ret != '') {
print $ret;
$pageContent = $ret;
} else {
print $pageContent;
}
$cache = PageCache::getLibrary();
if ($shouldAddToCache) {
$cache->set($c, $pageContent);
}
} else {
throw new Exception(t('File %s not found. All themes need default.php and view.php files in them. Consult concrete5 documentation on how to create these files.', $this->theme));
}
if (defined('DB_DATABASE') && $view !== '/upgrade') {
Events::fire('on_render_complete', $this);
}
if (ob_get_level() == OB_INITIAL_LEVEL) {
require DIR_BASE_CORE . '/startup/jobs.php';
require DIR_BASE_CORE . '/startup/shutdown.php';
exit;
}
}
function display(&$c, $alternateBlockArray = null) {
if(!intval($c->cID)){
//Invalid Collection
return false;
}
$currentPage = Page::getCurrentPage();
$ourArea = Area::getOrCreate($c, $this->arHandle);
if (count($this->customTemplateArray) > 0) {
$ourArea->customTemplateArray = $this->customTemplateArray;
}
if (count($this->attributes) > 0) {
$ourArea->attributes = $this->attributes;
}
if ($this->maximumBlocks > -1) {
$ourArea->maximumBlocks = $this->maximumBlocks;
}
$ap = new Permissions($ourArea);
$blocksToDisplay = ($alternateBlockArray) ? $alternateBlockArray : $ourArea->getAreaBlocksArray($c, $ap);
$this->totalBlocks = $ourArea->getTotalBlocksInArea();
$u = new User();
$bv = new BlockView();
// now, we iterate through these block groups (which are actually arrays of block objects), and display them on the page
if (($this->showControls) && ($c->isEditMode() && ($ap->canAddBlocks() || $u->isSuperUser()))) {
$bv->renderElement('block_area_header', array('a' => $ourArea));
}
$bv->renderElement('block_area_header_view', array('a' => $ourArea));
//display layouts tied to this area
//Might need to move this to a better position
$areaLayouts = $this->getAreaLayouts($c);
if(is_array($areaLayouts) && count($areaLayouts)){
foreach($areaLayouts as $layout){
$layout->display($c,$this);
}
if($this->showControls && ($c->isArrangeMode() || $c->isEditMode())) {
echo '<div class="ccm-layouts-block-arrange-placeholder ccm-block-arrange"></div>';
}
}
foreach ($blocksToDisplay as $b) {
$bv = new BlockView();
$bv->setAreaObject($ourArea);
// this is useful for rendering areas from one page
// onto the next and including interactive elements
if ($currentPage->getCollectionID() != $c->getCollectionID()) {
$b->setBlockActionCollectionID($c->getCollectionID());
}
$p = new Permissions($b);
if (($p->canWrite() || $p->canDeleteBlock()) && $c->isEditMode() && $this->showControls) {
$includeEditStrip = true;
}
if ($p->canRead()) {
if (!$c->isEditMode()) {
echo $this->enclosingStart;
}
if ($includeEditStrip) {
$bv->renderElement('block_controls', array(
'a' => $ourArea,
'b' => $b,
'p' => $p
));
$bv->renderElement('block_header', array(
'a' => $ourArea,
'b' => $b,
'p' => $p
));
}
$bv->render($b);
if ($includeEditStrip) {
$bv->renderElement('block_footer');
}
if (!$c->isEditMode()) {
echo $this->enclosingEnd;
}
}
}
$bv->renderElement('block_area_footer_view', array('a' => $ourArea));
if (($this->showControls) && ($c->isEditMode() && ($ap->canAddBlocks() || $u->isSuperUser()))) {
$bv->renderElement('block_area_footer', array('a' => $ourArea));
}
}
}
?>
<div style="display: none">
<div class="btn-group" id="ccm-account-menu">
<a class="btn btn-default" href="<?=Core::make('helper/navigation')->getLinkToCollection($account)?>"><i class="fa fa-user"></i> <?=t('My Account')?></a>
<button class="btn btn-default dropdown-toggle" data-toggle="dropdown" role="button" aria-expanded="false">
<span class="caret"></span>
</button>
<ul class="dropdown-menu pull-right" role="menu">
<?
$children = $account->getCollectionChildrenArray(true);
foreach($children as $cID) {
$nc = Page::getByID($cID, 'ACTIVE');
$ncp = new Permissions($nc);
if ($ncp->canRead() && (!$nc->getAttribute('exclude_nav'))) {
$categories[] = $nc;
}
}
foreach($categories as $cc) { ?>
<li><a href="<?=Core::make('helper/navigation')->getLinkToCollection($cc)?>"><?=h(t($cc->getCollectionName()))?></a></li><?
}
?>
<li class="divider"></li>
<li><a href="<?=URL::to('/')?>"><i class="fa fa-home"></i> <?=t("Home")?></a></li>
<li><a href="<?=URL::to('/login', 'logout', Loader::helper('validation/token')->generate('logout'))?>"><i class="fa fa-sign-out"></i> <?=t("Sign Out")?></a></li>
</ul>
</div>
</div>
public static function getPermittedFilesetImages($fsID, $use_file_props_for_title_and_caption = false)
{
Loader::model('file_set');
Loader::model('file_list');
$fsHasDisplayOrder = version_compare(APP_VERSION, '5.4.1', '>=');
$fs = FileSet::getByID($fsID);
$fl = new FileList();
$fl->filterBySet($fs);
$fl->filterByType(FileType::T_IMAGE);
if ($fsHasDisplayOrder) {
$fl->sortByFileSetDisplayOrder();
}
$all_files = $fl->get();
$permitted_files = array();
foreach ($all_files as $f) {
$fp = new Permissions($f);
if ($fp->canRead()) {
$fv = $f->getRecentVersion();
$permitted_files[$f->fID] = array('file' => $f, 'fID' => $f->fID, 'position' => $fsHasDisplayOrder ? $f->fsDisplayOrder : 0, 'title' => $use_file_props_for_title_and_caption ? $fv->getTitle() : '', 'caption' => $use_file_props_for_title_and_caption ? $fv->getDescription() : '');
}
}
return $permitted_files;
}
//Permissions Check
$nh = Loader::helper('validation/numbers');
if($_GET['bID'] && $_GET['cID'] && $nh->integer($_GET['bID']) && $nh->integer($_GET['cID'])) {
$c = Page::getByID($_GET['cID']);
if (is_object($c) && !$c->isError()) {
$a = Area::get($c, $_GET['arHandle']);
//edit survey mode
$b = Block::getByID($_GET['bID'],$c, $a);
$controller = new PageListBlockController($b);
$rssUrl = $controller->getRssUrl($b);
$bp = new Permissions($b);
if( $bp->canRead() && $controller->rss && ($b->getBlockFilename() == 'blog_index.php' || $b->getBlockFilename() == 'blog_index')) {
$cArray = $controller->getPages();
$nh = Loader::helper('navigation');
header('Content-type: text/xml');
echo "<" . "?" . "xml version=\"1.0\"?>\n";
?>
<rss version="2.0">
<channel>
<title><?php echo $controller->rssTitle?></title>
<link><?php echo BASE_URL.$rssUrl?></link>
<description><?php echo $controller->rssDescription?></description>
<?php
for ($i = 0; $i < count($cArray); $i++ ) {
}
if (isset($_REQUEST['destCID'] ) && is_numeric($_REQUEST['destCID'])) {
$dc = Page::getByID($_REQUEST['destCID']);
}
$valt = Loader::helper('validation/token');
$json = array();
$json['error'] = false;
$json['message'] = false;
if (is_object($oc) && is_object($dc)) {
$ocp = new Permissions($oc);
$dcp = new Permissions($dc);
$ct = CollectionType::getByID($dc->getCollectionTypeID());
if (!$ocp->canRead()) {
$error = t("You cannot view the source page.");
} else if (!$dcp->canAddSubContent($ct)) {
$error = t("You do not have sufficient privileges to add this type of page to this destination.");
} else if (!$oc->canMoveCopyTo($dc)) {
$error = t("You may not move/copy/alias the chosen page to that location.");
} else {
$error = false;
}
}
if (!$error) {
if ($_REQUEST['ctask']) {
if ($valt->validate()) {
switch($_REQUEST['ctask']) {
case "ALIAS":
<?php
defined('C5_EXECUTE') or die("Access Denied.");
$canRead = false;
$ch = Page::getByPath('/dashboard/blocks/types');
$cp = new Permissions($ch);
if ($cp->canRead()) {
$canRead = true;
}
if (!$canRead) {
die(t("Access Denied."));
}
$btID = intval($_REQUEST['btID']);
$btDisplayOrder = intval($_REQUEST['btDisplayOrder']);
if ($btID && $btDisplayOrder) {
$bt = BlockType::getByID($btID);
$bt->setBlockTypeDisplayOrder($btDisplayOrder);
}
<h2><?php
echo t($cat->getCollectionName());
?>
</h2>
<?php
$show = array();
$subcats = $cat->getCollectionChildrenArray(true);
foreach ($subcats as $catID) {
$subcat = Page::getByID($catID, 'ACTIVE');
if ($subcat->getAttribute('exclude_nav')) {
continue;
}
$catp = new Permissions($subcat);
if ($catp->canRead()) {
$show[] = $subcat;
}
}
?>
<ul class="list-unstyled">
<?php
if (count($show) > 0) {
?>
<?php
foreach ($show as $subcat) {
?>
$action = $b->getBlockUpdateCssAction();
if ($_REQUEST['subtask'] == 'delete_custom_style_preset') {
$styleToDelete = CustomStylePreset::getByID($_REQUEST['deleteCspID']);
$styleToDelete->delete();
}
$refreshAction = REL_DIR_FILES_TOOLS_REQUIRED . '/edit_block_popup?btask=block_css&cID=' . $c->getCollectionID() . '&arHandle=' . $a->getAreaHandle() . '&bID=' . $b->getBlockID() . '&isGlobal=' . $_REQUEST['isGlobal'] . '&refresh=1';
$bv->renderElement('custom_style', array('b' => $b, 'rcID' => $rcID, 'c' => $c, 'a' => $a, 'style' => $style, 'action' => $action, 'refreshAction' => $refreshAction));
}
break;
case 'template':
if ($bp->canWrite()) {
$bv->renderElement('block_custom_template', array('b' => $b, 'rcID' => $rcID));
}
break;
case 'view':
if ($bp->canRead()) {
$bv->render($b, 'view', array('c' => $c, 'a' => $a));
}
break;
case 'view_edit_mode':
if ($bp->canWrite() || $c->canWrite() && $b->isGlobalBlock() && $b->canRead()) {
$btc = $b->getInstance();
// now we inject any custom template CSS and JavaScript into the header
if ('Controller' != get_class($btc)) {
$btc->outputAutoHeaderItems();
}
$btc->runTask('on_page_view', array($bv));
$v = View::getInstance();
$items = $v->getHeaderItems();
if (count($items) > 0) {
?>
function getPreviousCollection()
{
$page = false;
$db = Loader::db();
$cID = 1;
$currentPage = Page::getCurrentPage();
while ($cID > 0) {
if ($this->orderBy == 'display_asc') {
$cID = $db->GetOne('select cID from Pages where cDisplayOrder < ? and cParentID = ? order by cDisplayOrder desc', array($currentPage->getCollectionDisplayOrder(), $currentPage->getCollectionParentID()));
} else {
$cID = $db->GetOne('select Pages.cID from Pages inner join CollectionVersions cv on Pages.cID = cv.cID where cvIsApproved = 1 and cvDatePublic < ? and cParentID = ? order by cvDatePublic desc', array($currentPage->getCollectionDatePublic(), $currentPage->getCollectionParentID()));
}
if ($cID > 0) {
$page = Page::getByID($cID, 'RECENT');
$currentPage = $page;
$cp = new Permissions($page);
if ($cp->canRead() && $page->getAttribute('exclude_nav') != 1) {
break;
}
}
}
if (!is_object($page) && $this->loopSequence) {
$c = Page::getCurrentPage();
$parent = Page::getByID($c->getCollectionParentID(), 'ACTIVE');
if ($this->orderBy == 'display_asc') {
return $parent->getFirstChild('cDisplayOrder desc');
} else {
return $parent->getFirstChild('cvDatePublic desc');
}
}
return $page;
}
$p = Pile::get($_REQUEST['pID']);
if (is_object($p)) {
if (!$p->isMyPile()) {
unset($p);
}
}
}
if (!is_object($p)) {
$p = Pile::getDefault();
}
$a = Area::get($c, $_REQUEST['arHandle']);
$ap = new Permissions($a);
$aBlocks = $a->getAreaBlocksArray($c, $ap);
foreach ($aBlocks as $ab) {
$abp = new Permissions($ab);
if ($abp->canRead()) {
$p->add($ab);
}
}
break;
case 'add_prepare':
$c = Page::getByID($_REQUEST['cID']);
$cp = new Permissions($c);
if (!$cp->canViewPage()) {
exit;
}
$a = Area::get($c, $_REQUEST['arHandle']);
$ap = new Permissions($a);
if (!$ap->canViewArea() || !$ap->canAddBlocks()) {
exit;
}
<?php
defined('C5_EXECUTE') or die("Access Denied.");
$scrapbookC = Page::getByPath("/dashboard/scrapbook");
$scrapbookPermissions = new Permissions($scrapbookC);
if (!$scrapbookPermissions->canRead()) {
die(t("Access Denied."));
}
$db = Loader::db();
// update order of collections
Loader::model('user_attributes');
if ($_REQUEST['mode'] == 'reorder') {
if (is_array($_REQUEST['ccm-scrapbook-list-item'])) {
$arHandle = $_REQUEST['arHandle'];
$displayOrderCounter = 0;
foreach ($_REQUEST['ccm-scrapbook-list-item'] as $bID) {
if (intval($bID) == 0) {
continue;
}
$v = array($displayOrderCounter, $scrapbookC->getCollectionId(), $bID, $arHandle);
$db->Execute('update CollectionVersionBlocks set cbDisplayOrder = ? where cID = ? and bID = ? AND arHandle=?', $v);
$displayOrderCounter++;
}
} elseif (is_array($_REQUEST['ccm-pc'])) {
$displayOrderCounter = 0;
$u = new User();
foreach ($_REQUEST['ccm-pc'] as $pcID) {
if (intval($pcID) == 0) {
continue;
}
$v = array($displayOrderCounter, $pcID, intval($u->uID));
<?php
defined('C5_EXECUTE') or die('Access Denied.');
$c = Page::getCurrentPage();
$cp = new Permissions($c);
if ($cp->canViewPageVersions()) {
$stack = Stack::getByID($stID);
} else {
$stack = Stack::getByID($stID, 'ACTIVE');
}
if ($stack) {
$ax = Area::get($stack, STACKS_AREA_NAME);
$axp = new Permissions($ax);
if ($axp->canRead()) {
$ax->disableControls();
$ax->display($stack);
}
}
