define("MESSAGE_PAGE_NEW_GROUPS_DESC", 1457);
define("MESSAGE_PAGE_NEW_GROUPS_NO_RIGHTS_DESC", 1458);
define("MESSAGE_PAGE_NEW_GROUPS_NO_RIGHTS", 1459);
define("MESSAGE_PAGE_WEBSITES_DESC", 1460);
define("MESSAGE_PAGE_WEBSITES", 1461);
define("MESSAGE_PAGE_THUMBNAIL_DESC", 1462);
define("MESSAGE_PAGE_THUMBNAIL", 1463);
define("MESSAGE_PAGE_XML_DEFINITION_DESC", 1464);
define("MESSAGE_PAGE_XML_FILE", 1465);
define("MESSAGE_PAGE_XML_DEFINITION_USAGE_DESC", 1466);
define("MESSAGE_PAGE_DEFAULT_ROWS", 1467);
define("MESSAGE_PAGE_SAVE_AND_REGEN", 1548);
define("MESSAGE_PAGE_SAVE_AND_REGEN_DESC", 1550);
define("MESSAGE_PAGE_INCORRECT_FORM_VALUES", 682);
$winId = sensitiveIO::request('winId', '', 'templateWindow');
$templateId = sensitiveIO::request('template', 'sensitiveIO::isPositiveInteger', 'createTemplate');
//load interface instance
$view = CMS_view::getInstance();
//set default display mode for this page
$view->setDisplayMode(CMS_view::SHOW_RAW);
//This file is an admin file. Interface must be secure
$view->setSecure();
//CHECKS user has templates clearance
if (!$cms_user->hasAdminClearance(CLEARANCE_ADMINISTRATION_EDIT_TEMPLATES)) {
//templates
CMS_grandFather::raiseError('User has no rights template editions');
$view->setActionMessage($cms_language->getMessage(MESSAGE_ERROR_NO_RIGHTS_FOR_TEMPLATES));
$view->show();
}
//load template if any
if (sensitiveIO::isPositiveInteger($templateId)) {
if ($field->getValue('searchable')) {
$objectType = $field->getTypeObject();
if (!method_exists($objectType, 'getListOfNamesForObject')) {
$possibleTargets[] = $fieldID;
}
}
}
//get all search datas from requests
$keywords = sensitiveIO::request('items_' . $object->getID() . '_kwrds', '', '');
$keywordsOptions = sensitiveIO::request('items_' . $object->getID() . '_kwrds_options', array('any', 'all', 'phrase', 'beginswith'), 'any');
$keywordsTarget = sensitiveIO::request('kwrds_target_' . $object->getID(), $possibleTargets, -1);
$dateFrom = sensitiveIO::request('items_dtfrm', '', '');
$dateEnd = sensitiveIO::request('items_dtnd', '', '');
$sort = sensitiveIO::request('sort_' . $object->getID(), '', '');
$status = sensitiveIO::request('status_' . $object->getID(), '', '');
$direction = sensitiveIO::request('direction_' . $object->getID(), '', '');
// Set default session search options
CMS_session::setSessionVar('items_' . $object->getID() . '_kwrds', $keywords);
//CMS_session::setSessionVar('items_'.$object->getID().'_kwrds_options', $keywordsOptions);
CMS_session::setSessionVar('kwrds_target_' . $object->getID(), $keywordsTarget);
CMS_session::setSessionVar("items_dtfrm", $dateFrom);
CMS_session::setSessionVar("items_dtnd", $dateEnd);
CMS_session::setSessionVar('sort_' . $object->getID(), $sort);
CMS_session::setSessionVar('status_' . $object->getID(), $status);
CMS_session::setSessionVar('direction_' . $object->getID(), $direction);
//Add all subobjects to search if any
foreach ($objectFields as $fieldID => $field) {
if (isset($fields[$fieldID])) {
CMS_session::setSessionVar('items_' . $object->getID() . '_' . $fieldID, $fields[$fieldID]);
}
}
$filelabel = sensitiveIO::request('filelabel');
$filename = sensitiveIO::request('filename');
//block flash
$width = sensitiveIO::request('flashwidth');
$height = sensitiveIO::request('flashheight');
$name = sensitiveIO::request('flashname');
$version = sensitiveIO::request('flashversion');
$params = sensitiveIO::request('flashparams');
$flashvars = sensitiveIO::request('flashvars');
$attributes = sensitiveIO::request('flashattributes');
//block image
$imagelink = sensitiveIO::request('imagelink');
$imagelabel = sensitiveIO::request('imagelabel');
$zoomname = sensitiveIO::request('zoomname');
//block link
$linktext = sensitiveIO::request('link');
//unset requests to avoid them to have interaction with evaluated page codes
sensitiveIO::unsetRequest(array_keys($_REQUEST));
//try to instanciate the requested page
$cms_page = CMS_tree::getPageByID($currentPage);
//instanciate page and check if user has view rights on it
if (isset($cms_page) && $cms_page->hasError()) {
CMS_grandFather::raiseError('Error on page : ' . $cms_page->getID());
$view->show();
}
//check for edit rights for user
if (!$cms_user->hasPageClearance($cms_page->getID(), CLEARANCE_PAGE_EDIT)) {
CMS_grandFather::raiseError('Error, user has no rights on page : ' . $cms_page->getID());
$view->show();
}
//check for lock
//load interface instance
$view = CMS_view::getInstance();
//set default display mode for this page
$view->setDisplayMode(CMS_view::SHOW_JSON);
//This file is an admin file. Interface must be secure
$view->setSecure();
define("MESSAGE_ERROR_MODULE_RIGHTS", 570);
define("MESSAGE_CATEGORY_PROTECTED", 1730);
define("MESSAGE_CATEGORY_PROTECTED_DESC", 1731);
function checkCatId($catId)
{
return io::strpos($catId, 'cat') === 0 && sensitiveIO::isPositiveInteger(io::substr($catId, 3));
}
$codename = sensitiveIO::request('module');
$rootId = io::substr(sensitiveIO::request('node', 'checkCatId', 'cat0'), 3);
$maxDepth = sensitiveIO::request('maxDepth', 'sensitiveIO::isPositiveInteger', 2);
if (!$codename) {
CMS_grandFather::raiseError('Unknown module ...');
$view->show();
}
//load module
$module = CMS_modulesCatalog::getByCodename($codename);
if (!$module) {
CMS_grandFather::raiseError('Unknown module or module for codename : ' . $codename);
$view->show();
}
//CHECKS user has module clearance
if (!$cms_user->hasModuleClearance($codename, CLEARANCE_MODULE_EDIT)) {
CMS_grandFather::raiseError('User has no rights on module : ' . $codename);
$view->setActionMessage($cms_language->getmessage(MESSAGE_ERROR_MODULE_RIGHTS, array($module->getLabel($cms_language))));
$view->show();
define("MESSAGE_FLASHVAR_INFO", 544);
define("MESSAGE_FLASHVAR", 545);
define("MESSAGE_ATTRIBUT_INFO", 546);
define("MESSAGE_ATTRIBUT", 547);
define("MESSAGE_ERROR_FORMAT", 549);
define("MESSAGE_ADVANCED_PARAMETERS", 566);
define("MESSAGE_PAGE_INCORRECT_FORM_VALUES", 682);
$winId = sensitiveIO::request('winId', '', 'blockFlashWindow');
$currentPage = sensitiveIO::request('page', 'sensitiveIO::isPositiveInteger', CMS_session::getPageID());
$tpl = sensitiveIO::request('template', 'sensitiveIO::isPositiveInteger');
$rowId = sensitiveIO::request('rowType', 'sensitiveIO::isPositiveInteger');
$rowTag = sensitiveIO::request('rowTag');
$cs = sensitiveIO::request('cs');
$blockId = sensitiveIO::request('block');
$blockClass = sensitiveIO::request('blockClass');
$value = sensitiveIO::request('value');
//load page
$cms_page = CMS_tree::getPageByID($currentPage);
if ($cms_page->hasError()) {
CMS_grandFather::raiseError('Selected page (' . $currentPage . ') has error ...');
$view->show();
}
//check user rights
if (!$cms_user->hasPageClearance($cms_page->getID(), CLEARANCE_PAGE_EDIT)) {
CMS_grandFather::raiseError('Error, user has no rights on page : ' . $cms_page->getID());
$view->show();
}
//get block datas
if (class_exists($blockClass)) {
$cms_block = new $blockClass();
$cms_block->initializeFromBasicAttributes($blockId);
require_once dirname(__FILE__) . '/../../cms_rc_admin.php';
//load interface instance
$view = CMS_view::getInstance();
//set default display mode for this page
$view->setDisplayMode(CMS_view::SHOW_JSON);
//This file is an admin file. Interface must be secure
$view->setSecure();
//get search vars
$search = sensitiveIO::request('search');
$letter = sensitiveIO::request('letter');
$sort = sensitiveIO::request('sort');
$dir = sensitiveIO::request('dir');
$start = sensitiveIO::request('start', 'sensitiveIO::isPositiveInteger', 0);
$limit = sensitiveIO::request('limit', 'sensitiveIO::isPositiveInteger', CMS_session::getRecordsPerPage());
$userId = sensitiveIO::request('userId', 'sensitiveIO::isPositiveInteger');
$filter = sensitiveIO::request('filter') ? true : false;
$groupsDatas = array();
$groupsDatas['groups'] = array();
if (!$cms_user->hasAdminClearance(CLEARANCE_ADMINISTRATION_EDITUSERS)) {
CMS_grandFather::raiseError('User has no users management rights ...');
$view->setContent($groupsDatas);
$view->show();
}
//load user's groups if any
if ($userId) {
$userGroups = CMS_profile_usersGroupsCatalog::getGroupsOfUser($userId, true);
} else {
$userGroups = array();
}
if ($userId && $filter) {
//search users
*
* @package Automne
* @subpackage admin
* @author Sébastien Pauchet <*****@*****.**>
*/
require_once dirname(__FILE__) . '/../../cms_rc_admin.php';
//load interface instance
$view = CMS_view::getInstance();
//set default display mode for this page
$view->setDisplayMode(CMS_view::SHOW_JSON);
//This file is an admin file. Interface must be secure
$view->setSecure();
$keyword = sensitiveIO::request('keyword');
$elements = sensitiveIO::request('elements', 'is_array', array());
$start = sensitiveIO::request('start', 'sensitiveIO::isPositiveInteger', 0);
$limit = sensitiveIO::request('limit', 'sensitiveIO::isPositiveInteger', 0);
$results = $scores = array();
//Users search
if (in_array('users', $elements)) {
$usersResults = CMS_profile_usersCatalog::search($keyword, '', '', 'score', 'desc', 0, 0, false, false, $usersScore);
if ($usersResults) {
foreach ($usersResults as $resultId) {
if (isset($usersScore[$resultId])) {
$scores[$usersScore[$resultId]][] = array('users', $resultId);
} else {
$scores[0][] = array('users', $resultId);
}
}
//pr('Users :');
//pr($usersResults);
//pr($rowsScore);
define("MESSAGE_PAGE_DONT_FINALIZE_IF_ERRORS", 1178);
define("MESSAGE_PAGE_FIELD_CONFIRM", 1179);
define("MESSAGE_PAGE_RESUME_PATCH", 1192);
//CHECKS user has admin clearance
if (!$cms_user->hasAdminClearance(CLEARANCE_ADMINISTRATION_EDITVALIDATEALL)) {
CMS_grandFather::raiseError('User has no administration rights');
echo $cms_language->getMessage(MESSAGE_PAGE_NO_SERVER_RIGHTS);
exit;
}
//ignore user abort to avoid interuption of process
@ignore_user_abort(true);
@set_time_limit(9000);
//Controler vars
$filename = sensitiveIO::request('filename');
$force = sensitiveIO::request('force');
$cms_action = sensitiveIO::request('cms_action');
$cms_message = '';
$content = '';
// +----------------------------------------------------------------------+
// | PATCH MANAGEMENT |
// +----------------------------------------------------------------------+
//verbose fonction, only send a message to user.
function verbose($text)
{
global $content;
$content .= $text . "<br />";
}
//report fonction, send a message to user and can stop process if it's an error.
function report($text, $isErrror = false)
{
global $report, $force, $cms_language, $content;
$action = sensitiveIO::request('action', array('properties', 'definition', 'printcs', 'regenerate', 'copy'));
$templateId = sensitiveIO::request('templateId', '');
//Properties vars vars
$label = sensitiveIO::request('label');
$description = sensitiveIO::request('description');
$image = sensitiveIO::request('image');
$definitionfile = sensitiveIO::request('definitionfile');
$groups = sensitiveIO::request('groups', 'is_array', array());
$newgroups = sensitiveIO::request('newgroup') ? array_map('trim', preg_split("/[;,]+/", sensitiveIO::request('newgroup'))) : array();
$selectedWebsites = sensitiveIO::request('websites') ? explode(',', sensitiveIO::request('websites')) : array();
$nouserrights = sensitiveIO::request('nouserrights') ? true : false;
//definition
$definition = sensitiveIO::request('definition');
$regenerate = sensitiveIO::request('regenerate') ? true : false;
//printable CS
$printableCS = sensitiveIO::request('printableCS') ? explode(',', sensitiveIO::request('printableCS')) : array();
//load interface instance
$view = CMS_view::getInstance();
//set default display mode for this page
$view->setDisplayMode(CMS_view::SHOW_JSON);
//This file is an admin file. Interface must be secure
$view->setSecure();
//CHECKS user has templates clearance
if (!$cms_user->hasAdminClearance(CLEARANCE_ADMINISTRATION_EDIT_TEMPLATES)) {
//templates
CMS_grandFather::raiseError('User has no rights template editions');
$view->setActionMessage($cms_language->getMessage(MESSAGE_ERROR_NO_RIGHTS_FOR_TEMPLATES));
$view->show();
}
//load template if any
if (sensitiveIO::isPositiveInteger($templateId)) {
// +----------------------------------------------------------------------+
// | Author: Sébastien Pauchet <*****@*****.**> |
// +----------------------------------------------------------------------+
//
// $Id: module-parameters.php,v 1.6 2010/03/08 16:41:18 sebastien Exp $
/**
* PHP page : Load module parameters window.
* Used accross an Ajax request render module properties window.
*
* @package Automne
* @subpackage admin
* @author Sébastien Pauchet <*****@*****.**>
*/
require_once dirname(__FILE__) . '/../../cms_rc_admin.php';
$codename = sensitiveIO::request('module', CMS_modulesCatalog::getAllCodenames());
$winId = sensitiveIO::request('winId', '', 'moduleParametersWindow');
define("MESSAGE_TOOLBAR_HELP", 1073);
define("MESSAGE_PAGE_SAVE", 952);
define("MESSAGE_PAGE_MODULE_PARAMS", 678);
define("MESSAGE_PAGE_AUTOMNE_PARAMS", 679);
define("MESSAGE_TOOLBAR_HELP_MESSAGE", 680);
define("MESSAGE_PAGE_UPDATE_PARAMS", 681);
define("MESSAGE_PAGE_FORM_INCORRECT", 682);
//load interface instance
$view = CMS_view::getInstance();
//set default display mode for this page
$view->setDisplayMode(CMS_view::SHOW_RAW);
//This file is an admin file. Interface must be secure
$view->setSecure();
//CHECKS
if (!$cms_user->hasAdminClearance(CLEARANCE_ADMINISTRATION_EDITVALIDATEALL)) {
define("MESSAGE_PAGE_ALL_FILES_SUPPORT", 559);
define("MESSAGE_PAGE_LIB_GD_VERIF", 560);
//load interface instance
$view = CMS_view::getInstance();
//set default display mode for this page
$view->setDisplayMode(CMS_view::SHOW_JSON);
//This file is an admin file. Interface must be secure
$view->setSecure();
$width = sensitiveIO::request('width', 'sensitiveIO::isPositiveInteger', 0);
$height = sensitiveIO::request('height', 'sensitiveIO::isPositiveInteger', 0);
$cropTop = sensitiveIO::request('cropTop', 'sensitiveIO::isPositiveInteger', 0);
$cropBottom = sensitiveIO::request('cropBottom', 'sensitiveIO::isPositiveInteger', 0);
$cropLeft = sensitiveIO::request('cropLeft', 'sensitiveIO::isPositiveInteger', 0);
$cropRight = sensitiveIO::request('cropRight', 'sensitiveIO::isPositiveInteger', 0);
$autocrop = sensitiveIO::request('autocrop') ? true : false;
$image = sensitiveIO::request('image');
$return = array('error' => '', 'filepath' => '', 'filename' => '');
$image = new CMS_image($image, CMS_file::WEBROOT);
//Check image
if (!$image->exists()) {
CMS_grandFather::raiseError('Can\'t find queried image : ' . $image->getFilename());
$return['error'] = $cms_language->getJsMessage(MESSAGE_PAGE_NO_IMG);
$view->setContent($return);
$view->show();
}
if (!function_exists('imagecreatefromgif')) {
CMS_grandFather::raiseError('Can\'t find imagecreatefromgif, please install GD library.');
$return['error'] = $cms_language->getJsMessage(MESSAGE_PAGE_GIF_SUPPORT);
$view->setContent($return);
$view->show();
}
//load interface instance
$view = CMS_view::getInstance();
//set default display mode for this page
$view->setDisplayMode(CMS_view::SHOW_RAW);
//This file is an admin file. Interface must be secure
$view->setSecure();
$pageUrl = sensitiveIO::request('pageUrl');
$pageId = sensitiveIO::request('pageId', 'sensitiveIO::isPositiveInteger');
$from = sensitiveIO::request('from', 'sensitiveIO::isPositiveInteger');
$fromtab = sensitiveIO::request('fromTab', array('edit', 'edited', 'public'));
$tab = sensitiveIO::request('tab', array('edit', 'edited', 'public'));
$followRedirect = sensitiveIO::request('followRedirect') ? true : false;
$regenerate = sensitiveIO::request('regenerate') ? true : false;
$reload = sensitiveIO::request('reload') ? true : false;
$noreload = sensitiveIO::request('noreload') ? true : false;
$unlock = sensitiveIO::request('unlock') ? true : false;
//Default tab to open
if ($tab && !$fromtab) {
$fromtab = $tab;
} elseif (!$fromtab) {
$fromtab = 'public';
}
if (!$pageUrl && !$pageId && !$from) {
CMS_grandFather::raiseError('Missing page parameter ...');
$view->show();
} elseif (!$pageUrl && !$pageId) {
$pageId = $from;
}
$jscontent = '';
$isAutomne = $querystring = false;
//current http host
$description = sensitiveIO::request('description');
//alerts
$alerts = sensitiveIO::request('alerts');
//users
$userId = sensitiveIO::request('userId', 'sensitiveIO::isPositiveInteger');
//modules
$moduleCodename = sensitiveIO::request('module', CMS_modulesCatalog::getAllCodenames());
$access = (int) sensitiveIO::request('access');
$validation = (int) sensitiveIO::request('validation');
$templates = sensitiveIO::request('templates', '', array());
$rows = sensitiveIO::request('rows', '', array());
//categories rights
$rights = sensitiveIO::request('rights');
$catIds = sensitiveIO::request('catIds');
//admin rights
$admin = sensitiveIO::request('admin', '', array());
//load interface instance
$view = CMS_view::getInstance();
//set default display mode for this page
$view->setDisplayMode(CMS_view::SHOW_JSON);
//This file is an admin file. Interface must be secure
$view->setSecure();
//check user rights
if (!$cms_user->hasAdminClearance(CLEARANCE_ADMINISTRATION_EDITUSERS)) {
CMS_grandFather::raiseError('User has no users management rights ...');
$view->show();
}
//load user if any
if ($groupId) {
$group = CMS_profile_usersGroupsCatalog::getByID($groupId);
if (!$group || $group->hasError()) {
* PHP page : Load page users-groups search window.
* Used accross an Ajax request. Render users-groups search.
*
* @package Automne
* @subpackage admin
* @author Sébastien Pauchet <*****@*****.**>
*/
require_once dirname(__FILE__) . '/../../cms_rc_admin.php';
define("MESSAGE_TOOLBAR_HELP", 1073);
define("MESSAGE_PAGE_STANDARD_MODULE_LABEL", 213);
define("MESSAGE_PAGE_USER_GROUP_PROFILE", 408);
define("MESSAGE_PAGE_SEARCH_USER_GROUP_INFO", 409);
define("MESSAGE_PAGE_USERS_LABEL", 926);
define("MESSAGE_PAGE_GROUPS_LABEL", 837);
$winId = sensitiveIO::request('winId', '', 'usersGroupsWindow');
$type = sensitiveIO::request('type') && in_array($_REQUEST['type'], array('users', 'groups')) ? $_REQUEST['type'] . 'Panel' : 'usersPanel';
//load interface instance
$view = CMS_view::getInstance();
//set default display mode for this page
$view->setDisplayMode(CMS_view::SHOW_RAW);
//This file is an admin file. Interface must be secure
$view->setSecure();
//check user rights
if (!$cms_user->hasAdminClearance(CLEARANCE_ADMINISTRATION_EDITUSERS)) {
CMS_grandFather::raiseError('User has no users management rights ...');
$view->show();
}
$jscontent = <<<END
\tvar usersGroupsWindow = Ext.getCmp('{$winId}');
\t//set window title
\tusersGroupsWindow.setTitle('{$cms_language->getJsMessage(MESSAGE_PAGE_USER_GROUP_PROFILE)}');
* @author Sébastien Pauchet <*****@*****.**>
*/
require_once dirname(__FILE__) . '/../../../../cms_rc_admin.php';
define("MESSAGE_TOOLBAR_HELP", 1073);
define("MESSAGE_PAGE_ERROR_NO_PLUGIN", 280);
define("MESSAGE_PAGE_TAB_DISABLED_SELECT_TEXT", 523);
define("MESSAGE_PAGE_TAB_DISABLED_NO_SELECT_TEXT", 524);
//load interface instance
$view = CMS_view::getInstance();
//set default display mode for this page
$view->setDisplayMode(CMS_view::SHOW_RAW);
//This file is an admin file. Interface must be secure
$view->setSecure();
$winId = sensitiveIO::request('winId');
$id = sensitiveIO::request('id');
$content = sensitiveIO::request('content');
//get ids from wysiwyg
if ($id) {
$ids = explode('-', $id);
$selectedPluginID = (int) $ids[1];
$selectedItem = (int) $ids[2];
} else {
$selectedPluginID = $selectedItem = 0;
}
//Select WYSIWYG Plugin
$pluginDefinitions = CMS_poly_object_catalog::getAllPluginDefinitionsForObject();
//check for user rights
$availablePlugin = array();
$availablePluginCount = 0;
if (sizeof($pluginDefinitions)) {
foreach ($pluginDefinitions as $id => $pluginDefinition) {
define("MESSAGE_PAGE_FILTER", 1515);
define("MESSAGE_PAGE_ACTIVATE", 1517);
define("MESSAGE_PAGE_DESACTIVATE", 1518);
define("MESSAGE_PAGE_VIEW_INACTIVE_ROWS", 1522);
define("MESSAGE_PAGE_DELETE_CONFIRM", 1523);
define("MESSAGE_PAGE_DUPLICATE", 1520);
define("MESSAGE_ACTION_DUPLICATE_SELECTED", 1521);
define("MESSAGE_PAGE_MODULES", 999);
//load interface instance
$view = CMS_view::getInstance();
//set default display mode for this page
$view->setDisplayMode(CMS_view::SHOW_RAW);
//This file is an admin file. Interface must be secure
$view->setSecure();
$winId = sensitiveIO::request('winId');
$fatherId = sensitiveIO::request('fatherId');
if (!$winId) {
CMS_grandFather::raiseError('Unknown window Id ...');
$view->show();
}
//CHECKS user has row edition clearance
if (!$cms_user->hasAdminClearance(CLEARANCE_ADMINISTRATION_TEMPLATES)) {
//rows
CMS_grandFather::raiseError('User has no rights on rows editions');
$view->setActionMessage($cms_language->getMessage(MESSAGE_ERROR_NO_RIGHTS_FOR_ROWS));
$view->show();
}
//usefull vars
$recordsPerPage = CMS_session::getRecordsPerPage();
//
// Search Panel
define("MESSAGE_PAGE_COPY_KEEP_CONTENT", 357);
define("MESSAGE_PAGE_COPY_NOTKEEP_CONTENT", 358);
define("MESSAGE_PAGE_COPY_KEEP_TEMPLATE", 359);
define("MESSAGE_PAGE_COPY_NOTKEEP_TEMPLATE", 360);
define("MESSAGE_PAGE_COPY_CONFIRM", 361);
define("MESSAGE_PAGE_CANCEL", 180);
define("MESSAGE_PAGE_COPY", 499);
define("MESSAGE_PAGE_REPLACE_TEMPLATE_DESC", 700);
//load interface instance
$view = CMS_view::getInstance();
//set default display mode for this page
$view->setDisplayMode(CMS_view::SHOW_RAW);
//This file is an admin file. Interface must be secure
$view->setSecure();
$winId = sensitiveIO::request('winId', '', 'copyPageWindow');
$currentPage = sensitiveIO::request('currentPage', 'sensitiveIO::isPositiveInteger');
//try to instanciate the requested page
$cms_page = CMS_tree::getPageByID($currentPage);
//instanciate page and check if user has view rights on it
if (isset($cms_page) && $cms_page->hasError() || !is_object($cms_page)) {
CMS_grandFather::raiseError('Error on page : ' . $cms_page->getID());
$view->show();
}
//check for view rights for user
if (!$cms_user->hasPageClearance($cms_page->getID(), CLEARANCE_PAGE_VIEW)) {
CMS_grandFather::raiseError('Error, user has no rights on page : ' . $cms_page->getID());
$view->show();
}
$pageId = $cms_page->getID();
$pageTitle = sensitiveIO::sanitizeJSString($cms_page->getTitle(true));
$onClick = base64_encode("\n\tthis.node.select();\n");
// | The license text is bundled with this package in the file |
// | LICENSE-GPL, and is available through the world-wide-web at |
// | http://www.gnu.org/copyleft/gpl.html. |
// +----------------------------------------------------------------------+
// | Author: Sébastien Pauchet <*****@*****.**> |
// +----------------------------------------------------------------------+
//
// $Id: tree-lineage.php,v 1.3 2010/03/08 16:41:22 sebastien Exp $
/**
* PHP page : Load tree window infos
* Used accross an Ajax request render page tree in the tree window
*
* @package Automne
* @subpackage admin
* @author Sébastien Pauchet <*****@*****.**>
*/
require_once dirname(__FILE__) . '/../../cms_rc_admin.php';
//load interface instance
$view = CMS_view::getInstance();
//set default display mode for this page
$view->setDisplayMode(CMS_view::SHOW_JSON);
//This file is an admin file. Interface must be secure
$view->setSecure();
$rootId = (int) sensitiveIO::request('root', 'sensitiveIO::isPositiveInteger', APPLICATION_ROOT_PAGE_ID);
$nodeId = (int) sensitiveIO::request('node', 'sensitiveIO::isPositiveInteger', APPLICATION_ROOT_PAGE_ID);
$lineage = CMS_tree::getLineage($rootId, $nodeId, false);
if (!$lineage) {
$lineage = array();
}
$view->setContent($lineage);
$view->show();
// +----------------------------------------------------------------------+
//
// $Id: server-scripts-controler.php,v 1.6 2010/03/08 16:41:21 sebastien Exp $
/**
* PHP controler : Receive actions on server
* Used accross an Ajax request to process one server action
*
* @package Automne
* @subpackage admin
* @author Sébastien Pauchet <*****@*****.**>
*/
require_once dirname(__FILE__) . '/../../cms_rc_admin.php';
//Controler vars
$action = sensitiveIO::request('action', array('regenerate-all', 'regenerate-tree', 'regenerate-pages', 'restart-scripts', 'stop-scripts', 'clear-scripts'));
$page = sensitiveIO::request('page', 'sensitiveIO::isPositiveInteger');
$pages = sensitiveIO::request('pages');
define("MESSAGE_PAGE_NO_SCRIPTS_RIGHTS", 794);
define("MESSAGE_ACTION_ALL_PAGES_SUBMITED", 795);
define("MESSAGE_ACTION_N_PAGES_SUBMITED", 796);
define("MESSAGE_ACTION_N_PAGES_REGENERATED", 797);
define("MESSAGE_ERROR_NO_PAGES_FOUND", 798);
define("MESSAGE_ACTION_N_PAGES_REGENERATION_ERROR", 1602);
//load interface instance
$view = CMS_view::getInstance();
//set default display mode for this page
$view->setDisplayMode(CMS_view::SHOW_RAW);
//This file is an admin file. Interface must be secure
$view->setSecure();
//CHECKS user has scripts admin clearance
if (!$cms_user->hasAdminClearance(CLEARANCE_ADMINISTRATION_REGENERATEPAGES)) {
CMS_grandFather::raiseError('User has no regeneration rights');
define("MESSAGE_PAGE_NO_ITEM", 530);
define("MESSAGE_PAGE_ITEM_NON_EXISTENT", 531);
define("MESSAGE_ERROR_MODULE_RIGHTS", 570);
//load interface instance
$view = CMS_view::getInstance();
//set default display mode for this page
$view->setDisplayMode(CMS_view::SHOW_JSON);
//This file is an admin file. Interface must be secure
$view->setSecure();
//get search vars
$objectId = sensitiveIO::request('objectId', 'sensitiveIO::isPositiveInteger');
$codename = sensitiveIO::request('module', CMS_modulesCatalog::getAllCodenames());
$fieldId = sensitiveIO::request('fieldId', 'sensitiveIO::isPositiveInteger');
$removeIds = sensitiveIO::request('removeIds');
$removeIds = $removeIds ? explode(',', $removeIds) : array();
$query = sensitiveIO::request('query');
$objectsDatas = array();
$objectsDatas['objects'] = array();
if (!$codename) {
CMS_grandFather::raiseError('Unknown module ...');
$view->setContent($objectsDatas);
$view->show();
}
//load module
$module = CMS_modulesCatalog::getByCodename($codename);
if (!$module || !$module->isPolymod()) {
CMS_grandFather::raiseError('Unknown module or module is not polymod for codename : ' . $codename);
$view->show();
}
//CHECKS user has module clearance
if (!$cms_user->hasModuleClearance($codename, CLEARANCE_MODULE_EDIT)) {
*
* @package Automne
* @subpackage admin
* @author Sébastien Pauchet <*****@*****.**>
*/
define("ENABLE_HTML_COMPRESSION", false);
require_once dirname(__FILE__) . '/../../cms_rc_admin.php';
define('MESSAGE_PAGE_NO_LOGS', 1608);
define("MESSAGE_PAGE_NO_SERVER_RIGHTS", 748);
//CHECKS user has admin clearance
if (!$cms_user->hasAdminClearance(CLEARANCE_ADMINISTRATION_EDITVALIDATEALL)) {
CMS_grandFather::raiseError('User has no administration rights');
echo $cms_language->getMessage(MESSAGE_PAGE_NO_SERVER_RIGHTS);
exit;
}
$date = sensitiveIO::request('date');
$errorFile = '';
$gzip = false;
$now = new CMS_date();
$now->setNow(true);
$requestedDate = new CMS_date();
$requestedDate->setFormat($cms_language->getDateFormat());
$requestedDate->setLocalizedDate($date);
if (!$requestedDate->hasError()) {
if (CMS_date::compare($requestedDate, $now, '==')) {
$errorFile = PATH_MAIN_FS . '/' . CMS_grandFather::ERROR_LOG;
} else {
$gzip = true;
$requestedDate->moveDate('+1 day');
$errorFile = PATH_LOGS_FS . '/' . CMS_grandFather::ERROR_LOG . '-' . $requestedDate->getLocalizedDate('Y-m-d') . '.gz';
}
define("MESSAGE_PAGE_REDIR_TYPE_INFO", 20);
define("MESSAGE_PAGE_REDIR_TYPE_DESC", 21);
define("MESSAGE_PAGE_PROTECTED", 22);
define("MESSAGE_PAGE_PROTECTED_INFO", 23);
define("MESSAGE_PAGE_PROTECTED_DESC", 24);
define("MESSAGE_PAGE_SELECT_PAGE_REDIRECTION", 30);
//load interface instance
$view = CMS_view::getInstance();
//set default display mode for this page
$view->setDisplayMode(CMS_view::SHOW_RAW);
//This file is an admin file. Interface must be secure
$view->setSecure();
$winId = sensitiveIO::request('winId');
$fatherId = sensitiveIO::request('fatherId', 'sensitiveIO::isPositiveInteger');
$aliasId = sensitiveIO::request('alias', 'sensitiveIO::isPositiveInteger');
$pageId = sensitiveIO::request('page', 'io::isPositiveInteger');
$codename = 'cms_aliases';
//CHECKS user has module clearance
if (!$cms_user->hasModuleClearance($codename, CLEARANCE_MODULE_EDIT)) {
CMS_grandFather::raiseError('Error, user has no rights on module : ' . $codename);
$view->show();
}
//instanciate module
$cms_module = CMS_modulesCatalog::getByCodename($codename);
// Current alias object to manipulate
if ($aliasId) {
$item = CMS_module_cms_aliases::getByID($aliasId);
if (io::isPositiveInteger($item->getParent())) {
$parentAlias = CMS_module_cms_aliases::getByID($item->getParent());
}
} else {
define("MESSAGE_LEGEND", 529);
define("MESSAGE_ALL_FILES", 530);
define("MESSAGE_LINK", 133);
define("MESSAGE_LINK_IMAGE_ZOOM", 561);
define("MESSAGE_LINK_OTHER", 562);
define("MESSAGE_PAGE_INCORRECT_FORM_VALUES", 682);
$winId = sensitiveIO::request('winId', '', 'blockImageWindow');
$currentPage = sensitiveIO::request('page', 'sensitiveIO::isPositiveInteger', CMS_session::getPageID());
$tpl = sensitiveIO::request('template', 'sensitiveIO::isPositiveInteger');
$rowId = sensitiveIO::request('rowType', 'sensitiveIO::isPositiveInteger');
$rowTag = sensitiveIO::request('rowTag');
$cs = sensitiveIO::request('cs');
$blockId = sensitiveIO::request('block');
$blockClass = sensitiveIO::request('blockClass');
$minWidth = sensitiveIO::request('minWidth', 'sensitiveIO::isPositiveInteger', 0);
$maxWidth = sensitiveIO::request('maxWidth', 'sensitiveIO::isPositiveInteger', 0);
//load page
$cms_page = CMS_tree::getPageByID($currentPage);
if ($cms_page->hasError()) {
CMS_grandFather::raiseError('Selected page (' . $currentPage . ') has error ...');
$view->show();
}
//check user rights
if (!$cms_user->hasPageClearance($cms_page->getID(), CLEARANCE_PAGE_EDIT)) {
CMS_grandFather::raiseError('Error, user has no rights on page : ' . $cms_page->getID());
$view->show();
}
//get block datas
if (class_exists($blockClass)) {
$cms_block = new $blockClass();
$cms_block->initializeFromBasicAttributes($blockId);
define("MESSAGE_PAGE_STYLESHEET", 1486);
define("MESSAGE_PAGE_WYSIWYG", 1487);
define("MESSAGE_PAGE_JAVASCRIPT", 1488);
define("MESSAGE_ACTION_DELETE_FILE", 1500);
define("MESSAGE_ERROR_DELETE_FILE", 1501);
define("MESSAGE_ACTION_UPDATE_FILE", 1502);
define("MESSAGE_ERROR_UPDATE_FILE", 1503);
define("MESSAGE_ACTION_CREATE_FILE", 1504);
define("MESSAGE_ERROR_CREATE_FILE_EXTENSION", 1505);
define("MESSAGE_ERROR_CREATE_FILE_EXISTS", 1506);
define("MESSAGE_PAGE_TXT", 273);
//Controler vars
$action = sensitiveIO::request('action', array('delete', 'update', 'create'));
$node = sensitiveIO::request('node', 'checkNode', '');
$definition = sensitiveIO::request('definition');
$filelabel = sensitiveIO::request('filelabel', 'checkFile', '');
//load interface instance
$view = CMS_view::getInstance();
//set default display mode for this page
$view->setDisplayMode(CMS_view::SHOW_JSON);
//This file is an admin file. Interface must be secure
$view->setSecure();
//CHECKS user has module clearance
if (!$cms_user->hasAdminClearance(CLEARANCE_ADMINISTRATION_EDIT_TEMPLATES)) {
CMS_grandFather::raiseError('User has no rights on page templates ...');
$view->show();
}
if (!$node && $action != 'create') {
CMS_grandFather::raiseError('Unknown node ...');
$view->show();
}
// | The license text is bundled with this package in the file |
// | LICENSE-GPL, and is available through the world-wide-web at |
// | http://www.gnu.org/copyleft/gpl.html. |
// +----------------------------------------------------------------------+
// | Author: Sébastien Pauchet <*****@*****.**> |
// +----------------------------------------------------------------------+
/**
* PHP page : Load help detail window.
* Used accross an Ajax request. Render help informations.
*
* @package Automne
* @subpackage admin
* @author Sébastien Pauchet <*****@*****.**>
*/
require_once dirname(__FILE__) . '/../../cms_rc_admin.php';
$winId = sensitiveIO::request('winId', '', 'atmHelpWindow');
define("MESSAGE_TOOLBAR_HELP", 1073);
define("MESSAGE_PAGE_UNKNOWN", 670);
define("MESSAGE_PAGE_NEVER", 671);
define("MESSAGE_PAGE_VERSION", 542);
define("MESSAGE_PAGE_ABOUT_MESSAGE", 672);
define("MESSAGE_TOOLBAR_HELP_MESSAGE", 673);
define("MESSAGE_PAGE_TITLE", 644);
//load interface instance
$view = CMS_view::getInstance();
//set default display mode for this page
$view->setDisplayMode(CMS_view::SHOW_RAW);
//This file is an admin file. Interface must be secure
$view->setSecure();
if (!defined('MOD_POLYMOD_CODENAME')) {
define('MOD_POLYMOD_CODENAME', 'polymod');
define("MESSAGE_PAGE_CREATE_CSS", 1489);
define("MESSAGE_PAGE_EDIT_CSS", 1490);
define("MESSAGE_PAGE_CREATE_JS", 1491);
define("MESSAGE_PAGE_EDIT_JS", 1492);
define("MESSAGE_PAGE_EDIT_WYSIWYG", 1493);
define("MESSAGE_TOOLBAR_HELP_DESC", 1494);
define("MESSAGE_PAGE_DEFINITION", 1495);
define("MESSAGE_PAGE_CREATE_FILE", 1744);
define("MESSAGE_PAGE_TXT", 273);
function checkNode($value)
{
return $value != 'source' && io::strpos($value, '..') === false;
}
//Controler vars
$winId = sensitiveIO::request('winId', '', 'printTemplateWindow');
$node = sensitiveIO::request('node', 'checkNode', '');
//load interface instance
$view = CMS_view::getInstance();
//set default display mode for this page
$view->setDisplayMode(CMS_view::SHOW_RAW);
//This file is an admin file. Interface must be secure
$view->setSecure();
//CHECKS user has module clearance
if (!$cms_user->hasAdminClearance(CLEARANCE_ADMINISTRATION_EDIT_TEMPLATES)) {
CMS_grandFather::raiseError('User has no rights on page templates ...');
$view->show();
}
$allowedFiles = array('less' => array('name' => $cms_language->getMessage(MESSAGE_PAGE_STYLESHEET), 'class' => 'atm-css'), 'css' => array('name' => $cms_language->getMessage(MESSAGE_PAGE_STYLESHEET), 'class' => 'atm-css'), 'xml' => array('name' => $cms_language->getMessage(MESSAGE_PAGE_WYSIWYG), 'class' => 'atm-xml'), 'js' => array('name' => $cms_language->getMessage(MESSAGE_PAGE_JAVASCRIPT), 'class' => 'atm-js'), 'txt' => array('name' => $cms_language->getMessage(MESSAGE_PAGE_TXT), 'class' => 'atm-txt'));
$file = PATH_REALROOT_FS . '/' . $node;
if (!is_file($file) && !is_dir($file)) {
CMS_grandFather::raiseError('Queried file does not exists.');
$content = $codeTopaste;
} else {
$selectedContent = $selectedContent ? $selectedContent : ' ';
$content = $selectedContent;
}
break;
case 'setRowParameters':
$tpl = sensitiveIO::request('template', 'sensitiveIO::isPositiveInteger');
$rowId = sensitiveIO::request('rowType', 'sensitiveIO::isPositiveInteger');
$rowTag = sensitiveIO::request('rowTag');
$cs = sensitiveIO::request('cs');
$currentPage = sensitiveIO::request('page', 'sensitiveIO::isPositiveInteger', CMS_session::getPageID());
$blockId = sensitiveIO::request('block');
$blockClass = sensitiveIO::request('blockClass');
$value = sensitiveIO::request('value', 'is_array');
$codename = sensitiveIO::request('module', CMS_modulesCatalog::getAllCodenames());
$cms_page = CMS_tree::getPageByID($currentPage);
//RIGHTS CHECK
if (!is_object($cms_page) || $cms_page->hasError() || !$cms_user->hasPageClearance($cms_page->getID(), CLEARANCE_PAGE_EDIT) || !$cms_user->hasModuleClearance(MOD_STANDARD_CODENAME, CLEARANCE_MODULE_EDIT)) {
CMS_grandFather::raiseError('Insufficient rights on page ' . $cms_page->getID());
break;
}
//CHECKS user has module clearance
if (!$cms_user->hasModuleClearance($codename, CLEARANCE_MODULE_EDIT)) {
CMS_grandFather::raiseError('Error, user has no rights on module : ' . $codename);
break;
}
//ARGUMENTS CHECK
if (!$cs || !$rowTag || !$rowId || !$blockId) {
CMS_grandFather::raiseError('Data missing ...');
break;
define("MESSAGE_PAGE_DATE_FORMAT", 1692);
define("MESSAGE_PAGE_EXCLUDED_MODULES", 1693);
define("MESSAGE_PAGE_EDIT_SELECTED", 1694);
define("MESSAGE_PAGE_CREATE_NEW_LANGUAGE", 1695);
//check user rights
if (!$cms_user->hasAdminClearance(CLEARANCE_ADMINISTRATION_EDITVALIDATEALL)) {
CMS_grandFather::raiseError('User has no rights on language management');
$view->show();
}
//load interface instance
$view = CMS_view::getInstance();
//set default display mode for this page
$view->setDisplayMode(CMS_view::SHOW_RAW);
//This file is an admin file. Interface must be secure
$view->setSecure();
$winId = sensitiveIO::request('winId');
if (!$winId) {
CMS_grandFather::raiseError('Unknown window Id ...');
$view->show();
}
//usefull vars
$searchURL = PATH_ADMIN_WR . '/languages-datas.php';
$editURL = PATH_ADMIN_WR . '/language.php';
$itemsControlerURL = PATH_ADMIN_WR . '/languages-controler.php';
$jscontent = <<<END
\tvar moduleObjectWindow = Ext.getCmp('{$winId}');
\tmoduleObjectWindow.setTitle('{$cms_language->getJsMessage(MESSAGE_PAGE_LANGUAGE_MANAGEMENT)}');
\t
\t//define search function into window (to be accessible by parent window)
\tmoduleObjectWindow.search = function() {
\t\tif (!moduleObjectWindow.ok) {
// | Author: Sébastien Pauchet <*****@*****.**> |
// +----------------------------------------------------------------------+
//
// $Id: page-previsualization.php,v 1.5 2010/03/08 16:41:19 sebastien Exp $
/**
* PHP page : page previsualization
* Used to view the page edited data.
*
* @package Automne
* @subpackage admin
* @author Antoine Pouch <*****@*****.**> &
* @author Sébastien Pauchet <*****@*****.**>
*/
require_once dirname(__FILE__) . '/../../cms_rc_admin.php';
$currentPage = sensitiveIO::request('currentPage', 'sensitiveIO::isPositiveInteger', CMS_session::getPageID());
$draft = sensitiveIO::request('draft') ? true : false;
//unset request to avoid it to have interaction with page code
sensitiveIO::unsetRequest(array('draft', 'currentPage'));
//CHECKS
if (!SensitiveIO::isPositiveInteger($currentPage)) {
die("Invalid page");
}
//view edited or edition mode ?
$cms_visual_mode = $draft ? PAGE_VISUALMODE_HTML_EDITION : PAGE_VISUALMODE_HTML_EDITED;
$cms_page = CMS_tree::getPageByID($currentPage);
if (!$cms_user->hasPageClearance($cms_page->getID(), CLEARANCE_PAGE_EDIT)) {
die('No rigths on page ...');
exit;
}
//unset vars to avoid interraction with page
unset($currentPage);
*/
require_once dirname(__FILE__) . '/../../cms_rc_admin.php';
define("MESSAGE_ERROR_MODULE_RIGHTS", 570);
//load interface instance
$view = CMS_view::getInstance();
//set default display mode for this page
$view->setDisplayMode(CMS_view::SHOW_JSON);
//This file is an admin file. Interface must be secure
$view->setSecure();
//Controler vars
$action = sensitiveIO::request('action', array('save'));
$code = sensitiveIO::request('code');
$selectedCode = sensitiveIO::request('selectedCode');
$dateFormat = sensitiveIO::request('dateformat');
$modulesDenied = sensitiveIO::request('modulesDenied');
$admin = sensitiveIO::request('admin') ? true : false;
//set default content
$content = array('success' => false);
//check user rights
if (!$cms_user->hasAdminClearance(CLEARANCE_ADMINISTRATION_EDITVALIDATEALL)) {
CMS_grandFather::raiseError('User has no rights on language management');
$view->setContent($content);
$view->show();
}
if (!$action) {
$view->setContent($content);
CMS_grandFather::raiseError('Unknown action ... ' . $action);
$view->show();
}
if (!$code && !$selectedCode) {
CMS_grandFather::raiseError('Missing language code ... ');
