public function ProcessBBAction() { global $bb_widget, $bb_widget_id, $bb_account, $bb_revision_num, $g_bb_content_shortcodes, $g_bb_content_security, $g_bb_content_security_path; if (!BB_IsMemberOfPageGroup("_p")) { exit; } if ($bb_account["type"] == "dev" && $_REQUEST["bb_action"] == "bb_content_configure_security_submit") { BB_RunPluginAction("pre_bb_content_configure_security_submit"); // Rebuild the security context array. $g_bb_content_security = array(); foreach ($g_bb_content_shortcodes as $sname => $info) { if (isset($info["security"])) { foreach ($info["security"] as $key => $desc) { $key2 = $sname . "|" . $key; if (isset($_REQUEST[$key2]) && $_REQUEST[$key2] != "" && ($_REQUEST[$key2] == "content" || $_REQUEST[$key2] == "design" || $_REQUEST[$key2] == "dev")) { if (!isset($g_bb_content_security[$sname])) { $g_bb_content_security[$sname] = array(); } $g_bb_content_security[$sname][$key] = $_REQUEST[$key2]; } } } } // Save security contexts. $data = "<" . "?php\n\t\$g_bb_content_security = " . BB_CreatePHPStorageData($g_bb_content_security) . ";\n?" . ">"; if (BB_WriteFile($g_bb_content_security_path, $data) === false) { BB_PropertyFormError("Unable to save the shortcode security options."); } ?> <div class="success"><?php echo htmlspecialchars(BB_Translate("Global shortcode security options updated.")); ?> </div> <script type="text/javascript"> window.parent.CloseProperties(); window.parent.ReloadIFrame(); </script> <?php BB_RunPluginAction("post_bb_content_configure_security_submit"); } else { if ($bb_account["type"] == "dev" && $_REQUEST["bb_action"] == "bb_content_configure_security") { BB_RunPluginAction("pre_bb_content_configure_security"); $options = array("title" => "Configure Global Shortcode Security", "desc" => "Configure the global shortcode display options based on login account type.", "fields" => array(), "submit" => "Save", "focus" => true); foreach ($g_bb_content_shortcodes as $sname => $info) { if (isset($info["security"])) { foreach ($info["security"] as $key => $desc) { if ($key == "") { $options["fields"][] = array("title" => $desc[0], "type" => "select", "name" => $sname . "|" . $key, "options" => array("dev" => "Developers only", "design" => "Developers and Web Designers", "content" => "Everyone"), "select" => isset($g_bb_content_security[$sname]) && isset($g_bb_content_security[$sname][$key]) ? $g_bb_content_security[$sname][$key] : "", "desc" => $desc[1]); } else { $options["fields"][] = array("title" => $desc[0], "type" => "select", "name" => $sname . "|" . $key, "options" => array("" => "None", "content" => "Content Editors only", "design" => "Web Designers and Content Editors", "dev" => "Everyone"), "select" => isset($g_bb_content_security[$sname]) && isset($g_bb_content_security[$sname][$key]) ? $g_bb_content_security[$sname][$key] : "", "desc" => $desc[1]); } } } } BB_RunPluginActionInfo("bb_content_configure_security_options", $options); BB_PropertyForm($options); BB_RunPluginAction("post_bb_content_configure_security"); } else { if ($_REQUEST["bb_action"] == "bb_content_edit_load") { BB_RunPluginAction("pre_bb_content_edit_load"); if (isset($bb_widget->body)) { echo rawurlencode(UTF8::ConvertToHTML($bb_widget->body)); } else { echo rawurlencode("<p></p>"); } BB_RunPluginAction("post_bb_content_edit_load"); } else { if ($_REQUEST["bb_action"] == "bb_content_edit_save") { BB_RunPluginAction("pre_bb_content_edit_save"); $options = array("shortcodes" => true, "shortcode_placeholder" => "bb_content_shortcode_placeholder", "shortcode_ids" => array()); $shortcodes = $bb_widget->shortcodes; $base = "wid_" . htmlspecialchars($bb_widget_id) . "_"; foreach ($shortcodes as $num => $shortcode) { $options["shortcode_ids"][$base . $num] = isset($shortcode["_sn"]) && isset($g_bb_content_shortcodes[$shortcode["_sn"]]) ? htmlspecialchars($g_bb_content_shortcodes[$shortcode["_sn"]]["mainicon"]) : ""; } $bb_widget->body = BB_HTMLPurifyForWYMEditor($_REQUEST["content"], $options); if (!$this->RegenerateContent(true)) { echo htmlspecialchars(BB_Translate("Unable to save content. Try again.")); } else { echo "OK\n"; echo "<script type=\"text/javascript\">ReloadIFrame();</script>"; } BB_RunPluginAction("post_bb_content_edit_save"); } else { if ($_REQUEST["bb_action"] == "bb_content_edit_add_shortcode" && BB_IsSecExtraOpt("sname")) { BB_RunPluginAction("pre_bb_content_edit_add_shortcode"); if (!isset($_REQUEST["sname"]) || !isset($g_bb_content_shortcodes[$_REQUEST["sname"]])) { ?> <script type="text/javascript"> alert('<?php echo htmlspecialchars(BB_JSSafe(BB_Translate("Shortcode handler not found."))); ?> '); </script> <?php } else { if (!$this->IsShortcodeAllowed($_REQUEST["sname"], "")) { ?> <script type="text/javascript"> alert('<?php echo htmlspecialchars(BB_JSSafe(BB_Translate("Shortcode access denied."))); ?> '); </script> <?php } else { $sname = $_REQUEST["sname"]; $sid = count($bb_widget->shortcodes); $bb_widget->shortcodes[] = array("_sn" => $sname, "_id" => $sid); if (!BB_SaveLangPage($bb_revision_num)) { ?> <script type="text/javascript"> alert('<?php echo htmlspecialchars(BB_JSSafe(BB_Translate("Unable to add a new %s.", $g_bb_content_shortcodes[$sname]["name"]))); ?> '); </script> <?php } else { ?> <script type="text/javascript"> InsertWYMEditorContent('contenteditor', 'wid_<?php echo BB_JSSafe($bb_widget_id); ?> ', '<img id="wid_<?php echo BB_JSSafe($bb_widget_id); ?> _<?php echo $sid; ?> " class="bb_content_shortcode_placeholder" src="<?php echo htmlspecialchars(BB_JSSafe($g_bb_content_shortcodes[$sname]["mainicon"])); ?> " />'); </script> <?php } } } BB_RunPluginAction("post_bb_content_edit_add_shortcode"); } else { if ($_REQUEST["bb_action"] == "bb_content_edit_edit_shortcode" && (!isset($_REQUEST["sc_action"]) || BB_IsSecExtraOpt("sid") && BB_IsSecExtraOpt("sc_action"))) { BB_RunPluginAction("pre_bb_content_edit_edit_shortcode"); if (!isset($_REQUEST["sid"])) { BB_PropertyFormLoadError("Shortcode ID not specified."); } $sid = $_REQUEST["sid"]; $pos = strrpos($sid, "_"); if ($pos !== false) { $sid = substr($sid, $pos + 1); } $sid = (int) $sid; if (!isset($bb_widget->shortcodes[$sid]) || !isset($bb_widget->shortcodes[$sid]["_sn"])) { BB_PropertyFormLoadError("Invalid shortcode ID."); } $sname = $bb_widget->shortcodes[$sid]["_sn"]; if (!isset($g_bb_content_shortcodes[$sname])) { BB_PropertyFormLoadError("Shortcode handler not found."); } if (!$this->IsShortcodeAllowed($sname, "")) { BB_PropertyFormLoadError("Shortcode access denied."); } if (!isset($_REQUEST["sc_action"])) { $_REQUEST["sc_action"] = $sname . "_configure"; } $shortcode = "bb_content_shortcode_" . $sname; $shortcode = new $shortcode(); $this->currsid = $sid; $shortcode->ProcessShortcodeBBAction($this); BB_RunPluginAction("post_bb_content_edit_edit_shortcode"); } else { if ($_REQUEST["bb_action"] == "bb_content_edit") { BB_RunPluginAction("pre_bb_content_edit"); ?> <script type="text/javascript"> html = '<style type="text/css">\n'; <?php foreach ($g_bb_content_shortcodes as $sname => $info) { $sname2 = preg_replace('/[^A-Za-z0-9_]/', "_", trim($sname)); ?> html += '.wym_skin_barebones .wym_buttons li.wym_tools_custom_<?php echo htmlspecialchars(BB_JSSafe($sname2)); ?> a { background-image: url(<?php echo htmlspecialchars(BB_JSSafe($info["toolbaricon"])); ?> ); background-repeat: no-repeat; }\n'; <?php } ?> html += '</style>\n'; $("head").append(html); window.bb_content_WYMEditorPostInit = function(eid, id, wym) { <?php foreach ($g_bb_content_shortcodes as $sname => $info) { if ($this->IsShortcodeAllowed($sname, "")) { $sname2 = preg_replace('/[^A-Za-z0-9_]/', "_", trim($sname)); ?> var html = '<li class="wym_tools_custom_<?php echo htmlspecialchars(BB_JSSafe($sname2)); ?> "><a name="<?php echo htmlspecialchars(BB_JSSafe($info["name"])); ?> " href="#"><?php echo htmlspecialchars(BB_JSSafe($info["name"])); ?> </a></li>'; $(wym._box).find(wym._options.toolsSelector + wym._options.toolsListSelector).append(html); $(wym._box).find('li.wym_tools_custom_<?php echo BB_JSSafe($sname2); ?> a').click(function() { $('#' + eid + '_loader').load(Gx__URLBase, <?php echo BB_CreateWidgetPropertiesJS("bb_content_edit_add_shortcode", array("sname" => $sname), true); ?> ); return false; }); <?php } } ?> $(wym._doc).bind('dblclick', function(e) { if (e.target.tagName == 'IMG' && $(e.target).hasClass('bb_content_shortcode_placeholder') && typeof(e.target.id) == 'string' && e.target.id != '') { window.parent.LoadProperties({ 'bb_action' : 'bb_content_edit_edit_shortcode', 'wid' : '<?php echo BB_JSSafe($bb_widget_id); ?> ', 'sid' : e.target.id, 'bbt' : '<?php echo BB_JSSafe(BB_CreateSecurityToken("bb_content_edit_edit_shortcode", $bb_widget_id)); ?> ' }); } }); } if (typeof(window.parent.CreateWYMEditorInstance) != 'function') { window.bb_content_ClosedAllContent = function(eid) { setTimeout(function() { DestroyWYMEditorInstance(eid); $('#' + eid).hide(); }, 250); } } window.parent.LoadConditionalScript(Gx__RootURL + '/' + Gx__SupportPath + '/editcontent.js?_=20090725', true, function(loaded) { return ((!loaded && typeof(window.CreateWYMEditorInstance) == 'function') || (loaded && !IsConditionalScriptLoading())); }, function(params) { $('#contenteditor').show(); var fileopts = { loadurl : Gx__URLBase, loadparams : <?php echo BB_CreateWidgetPropertiesJS("bb_content_edit_load", array(), true); ?> , id : 'wid_<?php echo BB_JSSafe($bb_widget_id); ?> ', display : '<?php echo BB_JSSafe($bb_widget->_f); ?> ', saveurl : Gx__URLBase, saveparams : <?php echo BB_CreateWidgetPropertiesJS("bb_content_edit_save", array(), true); ?> , wymtoolbar : 'bold,italic,superscript,subscript,pasteword,undo,redo,createlink,unlink,insertorderedlist,insertunorderedlist,indent,outdent', wymeditorpostinit : bb_content_WYMEditorPostInit }; var editopts = { ismulti : true, closelast : bb_content_ClosedAllContent, width : '100%', height : '300px' }; CreateWYMEditorInstance('contenteditor', fileopts, editopts); }); window.parent.CloseProperties2(false); </script> <?php BB_RunPluginAction("post_bb_content_edit"); } else { if (isset($_REQUEST["action"])) { // Pass other requests onto the shortcode action handler. if (isset($_REQUEST["sid"])) { $sid = (int) $_REQUEST["sid"]; if (isset($bb_widget->shortcodes[$sid]) && isset($bb_widget->shortcodes[$sid]["_sn"])) { $sname = $bb_widget->shortcodes[$sid]["_sn"]; if (isset($g_bb_content_shortcodes[$sname])) { $shortcode = "bb_content_shortcode_" . $sname; $shortcode = new $shortcode(); $this->currsid = $sid; $shortcode->ProcessShortcodeAction($this); } } } } } } } } } } } }
public function ProcessShortcodeBBAction($parent) { global $bb_dir, $bb_pref_lang, $bb_revision_num, $bb_writeperms; $info = $this->GetInfo($parent->GetSID()); if ($_REQUEST["sc_action"] == "bb_image_upload_ajaxupload") { BB_RunPluginAction("pre_bb_content_shortcode_bb_image_upload_ajaxupload"); $msg = BB_ValidateAJAXUpload(); if ($msg != "") { echo htmlspecialchars(BB_Translate($msg)); exit; } // Use official magic numbers for each format to determine the real content type. $data = file_get_contents($_FILES["Filedata"]["tmp_name"]); $type = BB_GetImageType($data); if ($type != "gif" && $type != "jpg" && $type != "png") { echo htmlspecialchars(BB_Translate("Uploaded file is not a valid web image. Must be PNG, JPG, or GIF.")); exit; } if (!is_dir($bb_dir . "/images")) { mkdir($bb_dir . "/images", 0777, true); } $dirfile = preg_replace('/\\.+/', ".", preg_replace('/[^A-Za-z0-9_.\\-]/', "_", $bb_pref_lang . "_" . ($bb_revision_num > -1 ? $bb_revision_num . "_" : "") . trim($_FILES["Filedata"]["name"]))); if ($dirfile == ".") { $dirfile = ""; } if ($dirfile == "") { echo htmlspecialchars(BB_Translate("A filename was not specified.")); exit; } $pos = strrpos($dirfile, "."); if ($pos === false || substr($dirfile, $pos + 1) != $type) { $dirfile .= "." . $type; } if (!@move_uploaded_file($_FILES["Filedata"]["tmp_name"], $bb_dir . "/images/" . $dirfile)) { echo htmlspecialchars(BB_Translate("Unable to move temporary file to final location. Check the permissions of the target directory and destination file.")); exit; } @chmod($bb_dir . "/images/" . $dirfile, 0444 | $bb_writeperms); $info["src"] = "images/" . $dirfile; if (!$parent->SaveShortcode($info)) { echo htmlspecialchars(BB_Translate("Unable to save the shortcode.")); exit; } echo "OK"; BB_RunPluginAction("post_bb_content_shortcode_bb_image_upload_ajaxupload"); } else { if ($_REQUEST["sc_action"] == "bb_image_upload_submit") { BB_RunPluginAction("pre_bb_content_shortcode_bb_image_upload_submit"); $imginfo = BB_IsValidHTMLImage($_REQUEST["url"], array("protocol" => "http")); if (!$imginfo["success"]) { BB_PropertyFormError($imginfo["error"]); } $dirfile = preg_replace('/\\.+/', ".", preg_replace('/[^A-Za-z0-9_.\\-]/', "_", $_REQUEST["destfile"])); if ($dirfile == ".") { $dirfile = ""; } // Automatically calculate the new filename based on the URL. if ($dirfile == "") { $dirfile = $bb_pref_lang . "_" . ($bb_revision_num > -1 ? $bb_revision_num . "_" : "") . BB_MakeFilenameFromURL($imginfo["url"], $imginfo["type"]); } if (!is_dir($bb_dir . "/images")) { mkdir($bb_dir . "/images", 0777, true); } if (BB_WriteFile($bb_dir . "/images/" . $dirfile, $imginfo["data"]) === false) { BB_PropertyFormError("Unable to save the image."); } $info["src"] = "images/" . $dirfile; if (!$parent->SaveShortcode($info)) { BB_PropertyFormError("Unable to save the shortcode."); } ?> <div class="success"><?php echo htmlspecialchars(BB_Translate("Image transferred.")); ?> </div> <script type="text/javascript"> LoadProperties(<?php echo $parent->CreateShortcodePropertiesJS(""); ?> ); ReloadIFrame(); </script> <?php BB_RunPluginAction("post_bb_content_shortcode_bb_image_upload_submit"); } else { if ($_REQUEST["sc_action"] == "bb_image_upload") { $parent->CreateShortcodeUploader("", array(), "Configure Image", "Image", "image", "*.png;*.jpg;*.gif", "Web Image Files"); } else { if ($_REQUEST["sc_action"] == "bb_image_configure_submit") { BB_RunPluginAction("pre_bb_content_shortcode_bb_image_configure_submit"); $src = trim($_REQUEST["src"]); if ($info["src"] != $src) { if ($src != "") { $imginfo = BB_IsValidHTMLImage($src, array("protocol" => "http")); if (!$imginfo["success"] && function_exists("fsockopen")) { BB_PropertyFormError("'Image URL' field does not point to a valid image file."); } } $info["src"] = $src; } $info["alt"] = $_REQUEST["alt"]; $info["opt-caption"] = $_REQUEST["opt-caption"] == "enable"; $info["opt-caption-width"] = (int) $_REQUEST["opt-caption-width"]; if ($info["opt-caption-width"] < 0) { $info["opt-caption-width"] = 0; } if (!$parent->SaveShortcode($info)) { BB_PropertyFormError("Unable to save the shortcode."); } ?> <div class="success"><?php echo htmlspecialchars(BB_Translate("Options saved.")); ?> </div> <script type="text/javascript"> CloseProperties(); ReloadIFrame(); </script> <?php BB_RunPluginAction("post_bb_content_shortcode_bb_image_configure_submit"); } else { if ($_REQUEST["sc_action"] == "bb_image_configure") { BB_RunPluginAction("pre_bb_content_shortcode_bb_image_configure"); $desc = "<br />"; $desc .= $parent->CreateShortcodePropertiesLink(BB_Translate("Upload/Transfer Image"), "bb_image_upload"); $options = array("title" => "Configure Image", "desc" => "Configure the image or upload/transfer a new image.", "htmldesc" => $desc, "bb_action" => $_REQUEST["bb_action"], "hidden" => array("sid" => $parent->GetSID(), "sc_action" => "bb_image_configure_submit"), "fields" => array(array("title" => "Image URL", "type" => "text", "name" => "src", "value" => $info["src"], "desc" => "The URL of this image."), array("title" => "Alternate Text", "type" => "text", "name" => "alt", "value" => $info["alt"], "desc" => "The alternate text to display if images are not able to be seen (e.g. visually impaired visitors)."), array("title" => "Display Caption", "type" => "select", "name" => "opt-caption", "options" => array("enable" => "Enable", "disable" => "Disable"), "select" => $info["opt-caption"] ? "enable" : "disable", "desc" => "Display the alternate text as a caption below the image."), array("title" => "Caption Width", "type" => "text", "name" => "opt-caption-width", "value" => $info["opt-caption-width"], "desc" => "The width in pixels to constrain the caption to. Typically the width of the image.")), "submit" => "Save", "focus" => true); BB_RunPluginActionInfo("bb_content_shortcode_bb_image_configure_options", $options); BB_PropertyForm($options); BB_RunPluginAction("post_bb_content_shortcode_bb_image_configure"); } } } } } }
function BB_ZipPropertyFormError($msg, $cleanup) { global $dirfile, $info; $tempinfo = array(&$msg, &$cleanup); BB_RunPluginActionInfo("pre_bb_zippropertyerror", $tempinfo); if ($cleanup) { unlink($dirfile); if (file_exists($info["dir"] . "/" . $info["basename"] . ".zip")) { unlink($info["dir"] . "/" . $info["basename"] . ".zip"); } } ?> <script type="text/javascript"> Gx__ZipRunDone = true; $('#cancel_run').html('Back'); </script> <?php BB_PropertyFormError($msg); }
public function ProcessBBAction() { global $bb_widget, $bb_widget_id, $bb_account, $bb_revision_num; if (!BB_IsMemberOfPageGroup("_p")) { exit; } if ($_REQUEST["bb_action"] == "bb_code_edit_langmap_submit") { BB_RunPluginAction("pre_bb_code_edit_langmap_submit"); $bb_widget->langmap = $_REQUEST["langmap"]; if (!BB_SaveLangPage($bb_revision_num)) { BB_PropertyFormError("Unable to save the language mapping."); } ?> <div class="success"><?php echo htmlspecialchars(BB_Translate("Language mapping saved.")); ?> </div> <script type="text/javascript"> window.parent.CloseProperties(); window.parent.ReloadIFrame(); </script> <?php BB_RunPluginAction("post_bb_code_edit_langmap_submit"); } else { if ($_REQUEST["bb_action"] == "bb_code_edit_langmap") { BB_RunPluginAction("pre_bb_code_edit_langmap"); $options = array("title" => BB_Translate("Edit %s Language Map", $bb_widget->_f), "desc" => "Edit the language map. One mapping entry per line. First character indicates the termination character of the key. Empty keys are ignored.", "fields" => array(array("title" => "", "type" => "textarea", "name" => "langmap", "value" => $bb_widget->langmap, "desc" => "Example: |key|value")), "submit" => "Save", "focus" => true); BB_RunPluginActionInfo("bb_code_edit_langmap_options", $options); BB_PropertyForm($options); BB_RunPluginAction("post_bb_code_edit_langmap"); return; } } if ($bb_account["type"] == "dev") { $types = array("init" => array("ltitle" => "init", "utitle" => "Init"), "action" => array("ltitle" => "action", "utitle" => "Action"), "prehtml" => array("ltitle" => "pre-HTML", "utitle" => "Pre-HTML"), "head" => array("ltitle" => "head", "utitle" => "Head"), "body" => array("ltitle" => "body", "utitle" => "Body")); foreach ($types as $key => $typeinfo) { if ($_REQUEST["bb_action"] == "bb_code_edit_" . $key . "_load") { BB_RunPluginAction("pre_bb_code_edit_" . $key . "_load"); if (isset($bb_widget->{$key})) { echo rawurlencode($bb_widget->{$key}); } BB_RunPluginAction("post_bb_code_edit_" . $key . "_load"); return; } else { if ($_REQUEST["bb_action"] == "bb_code_edit_" . $key . "_save") { BB_RunPluginAction("pre_bb_code_edit_" . $key . "_save"); $bb_widget->{$key} = $_REQUEST["content"]; if (!BB_SaveLangPage($bb_revision_num)) { echo htmlspecialchars(BB_Translate("Unable to save " . $typeinfo["ltitle"] . " content. Try again.")); } else { echo "OK\n"; echo "<script type=\"text/javascript\">ReloadIFrame();</script>"; } BB_RunPluginAction("post_bb_code_edit_" . $key . "_save"); return; } else { if ($_REQUEST["bb_action"] == "bb_code_edit_" . $key) { BB_RunPluginAction("pre_bb_code_edit_" . $key); ?> <script type="text/javascript"> window.parent.LoadConditionalScript(Gx__RootURL + '/' + Gx__SupportPath + '/editfile.js?_=20140418', true, function(loaded) { return ((!loaded && typeof(window.CreateEditAreaInstance) == 'function') || (loaded && !IsConditionalScriptLoading())); }, function(params) { $('#fileeditor').show(); var fileopts = { loadurl : Gx__URLBase, loadparams : <?php echo BB_CreateWidgetPropertiesJS("bb_code_edit_" . $key . "_load", array(), true); ?> , id : 'wid_<?php echo BB_JSSafe($bb_widget_id); ?> _<?php echo BB_JSSafe($key); ?> ', display : '<?php echo BB_JSSafe($bb_widget->_f . " - " . $typeinfo["utitle"]); ?> ', saveurl : Gx__URLBase, saveparams : <?php echo BB_CreateWidgetPropertiesJS("bb_code_edit_" . $key . "_save", array(), true); ?> , syntax : 'php', aceopts : { 'focus' : true, 'theme' : 'crimson_editor' } }; var editopts = { ismulti : true, closelast : ClosedAllFiles, width : '100%', height : '500px' }; CreateEditAreaInstance('fileeditor', fileopts, editopts); }); window.parent.CloseProperties(false); </script> <?php BB_RunPluginAction("post_bb_code_edit_" . $key); return; } } } } } // Pass other requests onto the action handler. if (isset($_REQUEST["action"])) { foreach ($GLOBALS as $key => $val) { if (substr($key, 0, 3) == "bb_" || substr($key, 0, 2) == "g_") { global ${$key}; } } if (isset($bb_widget->action)) { eval("?" . ">" . $bb_widget->action); } } }
function BB_InstallExtension($id) { global $bb_extensions_info, $bb_writeperms, $bb_paths; BB_RunPluginAction("pre_bb_installextension"); if (!defined("BB_CORE_VER")) { return array("success" => false, "error" => "Core version not defined."); } if (!function_exists("zip_open")) { return array("success" => false, "error" => "Required function 'zip_open' does not exist. Ask your hosting provider to enable ZIP file functionality for PHP."); } // Remove any existing installation of this extension. if (!BB_UninstallExtension($id)) { return array("success" => false, "error" => "Unable to remove the existing extension."); } if (isset($bb_paths)) { $rootpath = $bb_paths["ROOT_PATH"]; $supportpath = $bb_paths["SUPPORT_PATH"]; $widgetpath = $bb_paths["WIDGET_PATH"]; $pluginpath = $bb_paths["PLUGIN_PATH"]; $langpath = $bb_paths["LANG_PATH"]; } else { $rootpath = ROOT_PATH; $supportpath = SUPPORT_PATH; $widgetpath = WIDGET_PATH; $pluginpath = PLUGIN_PATH; $langpath = LANG_PATH; } @unlink($rootpath . "/install_extension.zip"); if (file_exists($rootpath . "/install_extension.zip")) { return array("success" => false, "error" => "Unable to remove ZIP file from another extension installation attempt."); } $url = "https://barebonescms.com/extend/api/?action=install&core_ver=" . urlencode(BB_CORE_VER) . "&id=" . urlencode($id); BB_RunPluginActionInfo("pre_bb_installextension_url", $url); $info = BB_IsValidURL($url); if (!$info["success"]) { return $info; } $data = @json_decode(trim($info["data"]), true); if ($data === false) { return array("success" => false, "error" => "Invalid data returned from the Barebones CMS distribution server."); } if (!$data["success"]) { return $data; } if (!isset($data["data"])) { return array("success" => false, "error" => "ZIP file data is missing."); } $data2 = @base64_decode(str_replace(array("-", "_"), array("+", "/"), $data["data"])); if ($data2 === false) { return array("success" => false, "error" => "Invalid ZIP file data returned from the Barebones CMS distribution server."); } if (BB_WriteFile($rootpath . "/install_extension.zip", $data2) === false) { return array("success" => false, "error" => "Unable to write ZIP file data to a temporary file."); } // Find the 'package.json' file. $zip = @zip_open($rootpath . "/install_extension.zip"); if (!is_resource($zip)) { return array("success" => false, "error" => "Unable to open ZIP file. Possibly a temporary issue. Try again later. If the problem persists, notify CubicleSoft."); } $basepath = false; $packageinfo = false; $entry = @zip_read($zip); while ($packageinfo === false && is_resource($entry)) { $name = @zip_entry_name($entry); $name = str_replace("\\", "/", $name); $origname = $name; $pos = strrpos($name, "/"); if ($pos !== false) { $name = substr($name, $pos + 1); } if ($name === "package.json") { if (@zip_entry_open($zip, $entry)) { $packageinfo = @zip_entry_read($entry, @zip_entry_filesize($entry)); @zip_entry_close($entry); if ($packageinfo !== false) { $packageinfo = @json_decode($packageinfo, true); } if ($packageinfo === false) { return array("success" => false, "error" => "ZIP file contains a 'package.json' file but is invalid or corrupted."); } if (!isset($packageinfo["id"])) { return array("success" => false, "error" => "ZIP file contains a 'package.json' file but is missing 'id'."); } else { if (!is_string($packageinfo["id"])) { return array("success" => false, "error" => "ZIP file contains a 'package.json' file but 'id' is not a string."); } else { if ($packageinfo["id"] === "") { return array("success" => false, "error" => "ZIP file contains a 'package.json' file but 'id' is an empty string."); } else { if ($packageinfo["id"] !== $id) { return array("success" => false, "error" => "ZIP file contains a 'package.json' file but 'id' in the package does not match the expected extension ID."); } else { if (!isset($packageinfo["version"])) { return array("success" => false, "error" => "ZIP file contains a 'package.json' file but is missing 'version'."); } else { if (!is_string($packageinfo["version"])) { return array("success" => false, "error" => "ZIP file contains a 'package.json' file but 'version' is not a string."); } else { if ($packageinfo["version"] === "") { return array("success" => false, "error" => "ZIP file contains a 'package.json' file but 'version' is an empty string."); } else { if ($packageinfo["version"] !== $data["ver"]) { return array("success" => false, "error" => "ZIP file contains a 'package.json' file but the 'version' in the package does not match the expected version."); } else { if (!isset($packageinfo["files"])) { return array("success" => false, "error" => "ZIP file contains a 'package.json' file but is missing 'files'."); } else { if (!is_array($packageinfo["files"])) { return array("success" => false, "error" => "ZIP file contains a 'package.json' file but 'files' is not an array."); } else { if (!count($packageinfo["files"])) { return array("success" => false, "error" => "ZIP file contains a 'package.json' file but 'files' is an empty array."); } } } } } } } } } } } $basepath = (string) substr($origname, 0, -12); } } $entry = @zip_read($zip); } @zip_close($zip); if ($packageinfo === false) { return array("success" => false, "error" => "ZIP file is missing a 'package.json' file."); } // If the extension has external file prerequisites, then verify the files. if (isset($packageinfo["dependency_check"]) && is_array($packageinfo["dependency_check"])) { foreach ($packageinfo["dependency_check"] as $name => $error) { $name = str_replace("\\", "/", $name); $error = htmlspecialchars($error); $checkdir = substr($name, -1) === "/"; $name = BB_GetRealPath($name); $pos = strpos($name, "/"); if ($pos !== false) { $basedir = substr($name, 0, $pos); if ($basedir === "support") { $name = BB_GetRealPath($supportpath . substr($name, $pos)); } else { if ($basedir === "widgets") { $name = BB_GetRealPath($widgetpath . substr($name, $pos)); } else { if ($basedir === "plugins") { $name = BB_GetRealPath($pluginpath . substr($name, $pos)); } else { if ($basedir === "lang") { $name = BB_GetRealPath($langpath . substr($name, $pos)); } } } } } if ($checkdir && !is_dir($rootpath . "/" . $name)) { return array("success" => false, "error" => $error); } else { if (!$checkdir && !is_file($rootpath . "/" . $name)) { return array("success" => false, "error" => $error); } } } } // Extract files to the correct locations. $zip = @zip_open($rootpath . "/install_extension.zip"); if (!is_resource($zip)) { return array("success" => false, "error" => "Unable to open ZIP file. Possibly a temporary issue. Try again later. If the problem persists, notify CubicleSoft."); } $bb_extensions_info["exts"][$id] = array("id" => $id, "name" => $data["name"], "type" => $data["type"], "type_disp" => $data["type_disp"], "author" => $data["author"], "ver" => $data["ver"], "files" => array()); $entry = @zip_read($zip); while (is_resource($entry)) { $name = @zip_entry_name($entry); $name = str_replace("\\", "/", $name); if ($basepath === substr($name, 0, strlen($basepath))) { $name = substr($name, strlen($basepath)); // Attempt to match an option in 'files'. $match = false; foreach ($packageinfo["files"] as $src => $dest) { if ($src === $name) { $match = $dest; $name = ""; } else { if (substr($src, -1) === "*" && substr($src, 0, -1) === substr($name, 0, strlen($src) - 1)) { $match = $dest; $name = substr($name, strlen($src) - 1); } } } if ($match !== false) { if ($match === "support") { $match = $supportpath . "/"; } else { if ($match === "widgets") { $match = $widgetpath . "/"; } else { if ($match === "plugins") { $match = $pluginpath . "/"; } else { if ($match === "lang") { $match = $langpath . "/"; } } } } $match .= $name; $makedir = substr($match, -1) === "/"; $dest = BB_GetRealPath($match); if ($makedir) { @mkdir($rootpath . "/" . $dest, 0777, true); @chmod($rootpath . "/" . $dest, 0555 | $bb_writeperms); } else { if (@zip_entry_open($zip, $entry)) { $filedata = @zip_entry_read($entry, @zip_entry_filesize($entry)); @zip_entry_close($entry); if ($filedata === false) { return array("success" => false, "error" => "An error occurred while reading '" . htmlspecialchars($name) . "'."); } else { $dirpath = dirname($dest); if ($dirpath != "" && $dirpath != ".") { @mkdir($rootpath . "/" . $dirpath, 0777, true); @chmod($rootpath . "/" . $dirpath, 0555 | $bb_writeperms); } if (BB_WriteFile($rootpath . "/" . $dest, $filedata) === false) { return array("success" => false, "error" => "An error occurred while writing '" . htmlspecialchars($dest) . "'."); } $bb_extensions_info["exts"][$id]["files"][] = $dest; } } } } } $entry = @zip_read($zip); } @zip_close($zip); @unlink($rootpath . "/install_extension.zip"); if (!BB_SaveExtensionsCache()) { return array("success" => false, "error" => "Unable to save extension information to the cache."); } BB_RunPluginAction("post_bb_installextension"); return array("success" => true); }
public function ProcessBBAction() { global $bb_widget, $bb_account, $bb_revision_num; $basepath = BB_GetRealPath(Str::ExtractPathname($bb_widget->_file) . "/base"); if (($bb_account["type"] == "dev" || $bb_account["type"] == "design") && $_REQUEST["bb_action"] == "bb_layout_configure_widget_new_layout_submit") { BB_RunPluginAction("pre_bb_layout_configure_widget_new_layout_submit"); $found = false; $dirlist = BB_GetDirectoryList(ROOT_PATH . "/" . WIDGET_PATH . "/" . $basepath); foreach ($dirlist["files"] as $name) { $pos = strrpos($name, "."); if ($pos !== false && substr($name, $pos) == ".html" && substr($name, 0, $pos) == $_REQUEST["pattern"]) { $found = true; break; } } if (!$found) { BB_PropertyFormError("Invalid pattern specified."); } $name = $_REQUEST["name"]; if ($name == "") { BB_PropertyFormError("Name field not filled out."); } $dirfile = preg_replace('/[^A-Za-z0-9_\\-]/', "_", $name); if (file_exists(ROOT_PATH . "/" . WIDGET_PATH . "/" . $this->layoutpath . "/" . $dirfile . ".html")) { BB_PropertyFormError("A layout with that name already exists."); } if (file_exists(ROOT_PATH . "/" . WIDGET_PATH . "/" . $this->layoutpath . "/" . $dirfile . ".css")) { BB_PropertyFormError("A layout with that name already exists."); } $data = file_get_contents(ROOT_PATH . "/" . WIDGET_PATH . "/" . $basepath . "/" . $_REQUEST["pattern"] . ".html"); $data = str_replace(htmlspecialchars($_REQUEST["pattern"]), htmlspecialchars($dirfile), $data); if (BB_WriteFile(ROOT_PATH . "/" . WIDGET_PATH . "/" . $this->layoutpath . "/" . $dirfile . ".html", $data) === false) { BB_PropertyFormError("Unable to create layout HTML."); } if (!copy(ROOT_PATH . "/" . WIDGET_PATH . "/" . $basepath . "/" . $_REQUEST["pattern"] . ".css", ROOT_PATH . "/" . WIDGET_PATH . "/" . $this->layoutpath . "/" . $dirfile . ".css")) { BB_PropertyFormError("Unable to create layout CSS."); } ?> <div class="success"><?php echo htmlspecialchars(BB_Translate("Layout created.")); ?> </div> <script type="text/javascript"> window.parent.LoadProperties(<?php echo BB_CreateWidgetPropertiesJS("bb_layout_configure_widget"); ?> ); </script> <?php BB_RunPluginAction("post_bb_layout_configure_widget_new_layout_submit"); } else { if (($bb_account["type"] == "dev" || $bb_account["type"] == "design") && $_REQUEST["bb_action"] == "bb_layout_configure_widget_new_layout") { BB_RunPluginAction("pre_bb_layout_configure_widget_new_layout"); $desc = "<br />"; $desc .= BB_CreateWidgetPropertiesLink(BB_Translate("Back"), "bb_layout_configure_widget"); $patterns = array(); $dirlist = BB_GetDirectoryList(ROOT_PATH . "/" . WIDGET_PATH . "/" . $basepath); foreach ($dirlist["files"] as $name) { $pos = strrpos($name, "."); if ($pos !== false && substr($name, $pos) == ".html") { $info = $this->ExtractFileInfo(ROOT_PATH . "/" . WIDGET_PATH . "/" . $basepath . "/" . $name); if ($info !== false) { $patterns[substr($name, 0, $pos)] = $info[""]["info"][0]; } } } $options = array("title" => BB_Translate("Configure %s - New Layout", $bb_widget->_f), "desc" => "Create a new layout.", "htmldesc" => $desc, "fields" => array(array("title" => "Pattern", "type" => "select", "name" => "pattern", "options" => $patterns, "desc" => "The pattern to use for the new layout."), array("title" => "Name", "type" => "text", "name" => "name", "value" => "", "desc" => "The name of the new layout.")), "submit" => "Create", "focus" => true); BB_RunPluginActionInfo("bb_layout_configure_widget_new_layout_options", $options); BB_PropertyForm($options); BB_RunPluginAction("post_bb_layout_configure_widget_new_layout"); } else { if (($bb_account["type"] == "dev" || $bb_account["type"] == "design") && $_REQUEST["bb_action"] == "bb_layout_configure_widget_activate_layout" && BB_IsSecExtraOpt("file")) { BB_RunPluginAction("pre_bb_layout_configure_widget_activate_layout"); $found = false; $dirlist = BB_GetDirectoryList(ROOT_PATH . "/" . WIDGET_PATH . "/" . $this->layoutpath); foreach ($dirlist["files"] as $name) { $pos = strrpos($name, "."); if ($pos !== false && substr($name, $pos) == ".html" && $name == $_REQUEST["file"]) { $info = $this->ExtractFileInfo(ROOT_PATH . "/" . WIDGET_PATH . "/" . $this->layoutpath . "/" . $name); if ($info !== false) { $bb_widget->layout = $name; $found = true; break; } } } if (!$found) { BB_PropertyFormLoadError("Invalid layout specified."); } if (!BB_SaveLangPage($bb_revision_num)) { BB_PropertyFormError("Unable to save the layout activation."); } ?> <div class="success"><?php echo htmlspecialchars(BB_Translate("Layout activated.")); ?> </div> <script type="text/javascript"> window.parent.LoadProperties(<?php echo BB_CreateWidgetPropertiesJS("bb_layout_configure_widget"); ?> ); window.parent.ReloadIFrame(); </script> <?php BB_RunPluginAction("post_bb_layout_configure_widget_activate_layout"); } else { if (($bb_account["type"] == "dev" || $bb_account["type"] == "design") && $_REQUEST["bb_action"] == "bb_layout_configure_widget_deactivate_layout") { BB_RunPluginAction("pre_bb_layout_configure_widget_deactivate_layout"); $bb_widget->layout = ""; if (!BB_SaveLangPage($bb_revision_num)) { BB_PropertyFormError("Unable to save the layout deactivation."); } ?> <div class="success"><?php echo htmlspecialchars(BB_Translate("Layout deactivated.")); ?> </div> <script type="text/javascript"> window.parent.LoadProperties(<?php echo BB_CreateWidgetPropertiesJS("bb_layout_configure_widget"); ?> ); window.parent.ReloadIFrame(); </script> <?php BB_RunPluginAction("post_bb_layout_configure_widget_deactivate_layout"); } else { if (($bb_account["type"] == "dev" || $bb_account["type"] == "design") && $_REQUEST["bb_action"] == "bb_layout_configure_widget_delete_layout" && BB_IsSecExtraOpt("file")) { BB_RunPluginAction("pre_bb_layout_configure_widget_delete_layout"); $found = false; $dirlist = BB_GetDirectoryList(ROOT_PATH . "/" . WIDGET_PATH . "/" . $this->layoutpath); foreach ($dirlist["files"] as $name) { $pos = strrpos($name, "."); if ($pos !== false && substr($name, $pos) == ".html" && $name == $_REQUEST["file"]) { $info = $this->ExtractFileInfo(ROOT_PATH . "/" . WIDGET_PATH . "/" . $this->layoutpath . "/" . $name); if ($info !== false) { if (!unlink(ROOT_PATH . "/" . WIDGET_PATH . "/" . $this->layoutpath . "/" . $name)) { BB_PropertyFormLoadError("Unable to delete the layout HTML."); } foreach ($info as $profile => $data) { $filename = ROOT_PATH . "/" . WIDGET_PATH . "/" . $this->layoutpath . "/" . substr($name, 0, $pos) . ($profile != "" ? "." . $profile : "") . ".css"; if (file_exists($filename)) { @unlink($filename); } } if (file_exists(ROOT_PATH . "/" . WIDGET_PATH . "/" . $this->layoutpath . "/" . $name . ".dat")) { @unlink(ROOT_PATH . "/" . WIDGET_PATH . "/" . $this->layoutpath . "/" . $name . ".dat"); } if (isset($bb_widget->layout) && $bb_widget->layout == $name) { unset($bb_widget->layout); } $found = true; break; } } } if (!$found) { BB_PropertyFormLoadError("Invalid layout specified."); } if (!BB_SaveLangPage($bb_revision_num)) { BB_PropertyFormLoadError("Unable to save the layout activation status."); } ?> <div class="success"><?php echo htmlspecialchars(BB_Translate("Layout deleted.")); ?> </div> <script type="text/javascript"> window.parent.LoadProperties(<?php echo BB_CreateWidgetPropertiesJS("bb_layout_configure_widget"); ?> ); window.parent.ReloadIFrame(); </script> <?php BB_RunPluginAction("post_bb_layout_configure_widget_delete_layout"); } else { if (($bb_account["type"] == "dev" || $bb_account["type"] == "design") && $_REQUEST["bb_action"] == "bb_layout_configure_widget") { global $editmap, $extmap; BB_RunPluginAction("pre_bb_layout_configure_widget"); $editmap = array("ea_html" => array("<a href=\"#\" onclick=\"return EditFile('%%HTML_JS_DIR%%', '%%HTML_JS_FILE%%', '%%HTML_JS_syntax%%', '%%HTML_JS_LOADTOKEN%%', '%%HTML_JS_SAVETOKEN%%');\">" . htmlspecialchars(BB_Translate("Edit HTML")) . "</a>", "syntax"), "ea_css" => array("<a href=\"#\" onclick=\"return EditFile('%%HTML_JS_DIR%%', '%%HTML_JS_FILE%%', '%%HTML_JS_syntax%%', '%%HTML_JS_LOADTOKEN%%', '%%HTML_JS_SAVETOKEN%%');\">" . htmlspecialchars(BB_Translate("Edit CSS")) . "</a>", "syntax")); $extmap = array(".html" => array("edit" => "ea_html", "syntax" => "html"), ".css" => array("edit" => "ea_css", "syntax" => "css")); BB_RunPluginAction("bb_layout_configure_widget_exteditmaps"); $desc = "<br />"; $desc .= BB_CreateWidgetPropertiesLink(BB_Translate("New Layout"), "bb_layout_configure_widget_new_layout"); if ($bb_widget->layout != "") { $desc .= " | " . BB_CreateWidgetPropertiesLink(BB_Translate("Deactivate Current Layout"), "bb_layout_configure_widget_deactivate_layout"); } $rows = array(); $dirlist = BB_GetDirectoryList(ROOT_PATH . "/" . WIDGET_PATH . "/" . $this->layoutpath); foreach ($dirlist["files"] as $name) { $pos = strrpos($name, "."); if ($pos !== false && substr($name, $pos) == ".html") { $info = $this->ExtractFileInfo(ROOT_PATH . "/" . WIDGET_PATH . "/" . $this->layoutpath . "/" . $name); if ($info !== false) { $rows[] = array("<a href=\"" . htmlspecialchars(ROOT_URL . "/" . WIDGET_PATH . "/" . $this->layoutpath . "/" . $name) . "\" target=\"_blank\">" . htmlspecialchars($name) . "</a>", BB_FileExplorer_GetActionStr(WIDGET_PATH . "/" . $this->layoutpath, $name) . " | " . BB_FileExplorer_GetActionStr(WIDGET_PATH . "/" . $this->layoutpath, substr($name, 0, $pos) . ".css") . " | " . ($bb_widget->layout != $name ? BB_CreateWidgetPropertiesLink(BB_Translate("Activate"), "bb_layout_configure_widget_activate_layout", array("file" => $name)) : BB_CreateWidgetPropertiesLink(BB_Translate("Deactivate"), "bb_layout_configure_widget_deactivate_layout")) . " | " . BB_CreateWidgetPropertiesLink(BB_Translate("Delete"), "bb_layout_configure_widget_delete_layout", array("file" => $name), BB_Translate("Deleting the '%s' layout will immediately affect any pages that utilize the layout. Continue?", $name))); } else { if (file_exists(ROOT_PATH . "/" . WIDGET_PATH . "/" . $this->layoutpath . "/" . $name)) { $rows[] = array(BB_Translate("%s (Broken layout)", "<a href=\"" . htmlspecialchars(ROOT_URL . "/" . WIDGET_PATH . "/" . $this->layoutpath . "/" . $name) . "\" target=\"_blank\">" . htmlspecialchars($name) . "</a>"), BB_FileExplorer_GetActionStr(WIDGET_PATH . "/" . $this->layoutpath, $name)); } } } } $options = array("title" => BB_Translate("Configure %s", $bb_widget->_f), "desc" => "Select an existing layout or create a new layout.", "htmldesc" => $desc); if (count($rows)) { $options["fields"] = array(array("type" => "table", "cols" => array("Layout", "Options"), "rows" => $rows)); } BB_RunPluginActionInfo("bb_layout_configure_widget_options", $options); BB_PropertyForm($options); BB_RunPluginAction("post_bb_layout_configure_widget"); } } } } } } }