function checkLogin($mode = 'REDIRECT') { $sql = "UPDATE " . DB_PREPEND . "phpwcms_userlog SET logged_in=0, logged_change='" . time() . "' "; $sql .= "WHERE logged_in=1 AND (" . time() . "-logged_change) > " . intval($GLOBALS['phpwcms']["max_time"]); _dbQuery($sql, 'UPDATE'); checkLoginCount(); if (empty($_SESSION["wcs_user"])) { @session_destroy(); $ref_url = ''; if (!empty($_SERVER['QUERY_STRING'])) { $ref_url = '?ref=' . rawurlencode(PHPWCMS_URL . 'phpwcms.php?' . xss_clean($_SERVER['QUERY_STRING'])); } if ($mode == 'REDIRECT') { // check again if user was logged in and this is a valid redirect request $sql = 'SELECT COUNT(*) FROM ' . DB_PREPEND . 'phpwcms_userlog WHERE '; $sql .= "logged_ip=" . _dbEscape(getRemoteIP()) . " AND "; $sql .= '( ' . time() . ' - logged_change ) < 3600'; $ref_url = _dbCount($sql) > 0 ? get_login_file() . $ref_url : ''; headerRedirect(PHPWCMS_URL . $ref_url); } else { return false; } } return true; }
function init_frontend_edit() { if (empty($GLOBALS['phpwcms']['frontend_edit']) || empty($_SESSION["wcs_user_id"])) { define('VISIBLE_MODE', 0); define('FE_EDIT_LINK', false); return true; } // Check Backend session checkLoginCount(); if (empty($_SESSION["wcs_user_id"])) { define('VISIBLE_MODE', 0); define('FE_EDIT_LINK', false); } else { define('VISIBLE_MODE', $_SESSION['wcs_user_admin'] === 1 ? 2 : 1); define('FE_EDIT_LINK', empty($GLOBALS['phpwcms']['frontend_edit']) ? false : true); } }
$alias = ''; $PERMIT_ACCESS = true; // by default set all content without permissions $CUSTOM = array(); // var that holds result of content part "php var" $phpwcms['preview_mode'] = false; // reset force redirect in case it is a POST if (!empty($_POST)) { $phpwcms['force301_id2alias'] = false; $phpwcms['force301_2struct'] = false; // handle preview mode } elseif (isset($_GET['phpwcms-preview'])) { $phpwcms['force301_id2alias'] = false; $phpwcms['force301_2struct'] = false; unset($_GET['phpwcms-preview'], $_getVar['phpwcms-preview']); checkLoginCount(); if (empty($_SESSION["wcs_user"])) { headerRedirect(abs_url()); } $phpwcms['preview_mode'] = true; } define('PREVIEW_MODE', $phpwcms['preview_mode']); //method to get the right action values //if there is only the ?alias try to find the right category if (isset($_GET["id"])) { $aktion = explode(',', $_GET["id"], 6); $aktion[0] = intval($aktion[0]); $aktion[1] = isset($aktion[1]) ? intval($aktion[1]) : 0; $aktion[2] = isset($aktion[2]) ? intval($aktion[2]) : 0; $aktion[3] = isset($aktion[3]) ? intval($aktion[3]) : 1; $aktion[4] = isset($aktion[4]) ? intval($aktion[4]) : 0;