if (isset($params['info']) && !empty($params['info'])) { $txt = trim($params['info']); for ($i = 0; $i < 5; $i++) { $tmp = cms_html_entity_decode($txt); if ($tmp == $txt) { break; } $txt = $tmp; } $smarty->assign('template_info', $txt); } } if (isset($params['moddesc'])) { $smarty->assign('module_description', trim($params['moddesc'])); } $title = trim($params['title']); for ($i = 0; $i < 5; $i++) { $tmp = cms_html_entity_decode($title); if ($tmp == $title) { break; } $title = $tmp; } $smarty->assign('title', cms_html_entity_decode($title)); $smarty->assign('prompt_templatename', $this->Lang('prompt_templatename')); $smarty->assign('prompt_template', $this->Lang('prompt_template')); $smarty->assign('template', $this->CreateSyntaxArea($id, $contents, 'templatecontent')); $smarty->assign('submit', $this->CreateInputSubmit($id, 'submitbutton', $this->Lang('submit'))); $smarty->assign('cancel', $this->CreateInputSubmit($id, 'cancel', $this->Lang('cancel'))); $smarty->assign('formend', $this->CreateFormEnd()); echo $this->ProcessTemplate('edittemplate.tpl');
} } echo "</td>\n"; if ($perm) { echo "<td class=\"pagepos icons_wide\"><a href=\"changegroupperm.php" . $urlext . "&group_id=" . $onegroup->id . "\">" . $image_permissions . "</a></td>\n"; } if ($assign) { echo "<td class=\"pagepos icons_wide\"><a href=\"changegroupassign.php" . $urlext . "&group_id=" . $onegroup->id . "\">" . $image_groupassign . "</a></td>\n"; } if ($edit) { echo "<td class=\"icons_wide\"><a href=\"editgroup.php" . $urlext . "&group_id=" . $onegroup->id . "\">"; echo $themeObject->DisplayImage('icons/system/edit.gif', lang('edit'), '', '', 'systemicon'); echo "</a></td>\n"; } if ($remove && $onegroup->id != 1 && !$userops->UserInGroup($userid, $onegroup->id)) { echo "<td class=\"icons_wide\"><a href=\"deletegroup.php" . $urlext . "&group_id=" . $onegroup->id . "\" onclick=\"return confirm('" . cms_html_entity_decode(lang('deleteconfirm', $onegroup->name)) . "');\">"; echo $themeObject->DisplayImage('icons/system/delete.gif', lang('delete'), '', '', 'systemicon'); echo "</a></td>\n"; } else { echo '<td class="icons_wide"> </td>' . "\n"; } echo "</tr>\n"; $currow == "row1" ? $currow = "row2" : ($currow = "row1"); } $counter++; } echo '</tbody>'; echo "</table>\n"; } if (check_permission($userid, 'Add Groups')) { ?>
$encoding = $onetemplate->encoding; $default = $onetemplate->default; $active = $onetemplate->active; $lastedited = $onetemplate->modified_date; } } } if (strlen($template) > 0) { $CMS_ADMIN_SUBTITLE = $template; } $addlScriptSubmit = ''; $modobj = cms_utils::get_syntax_highlighter_module(); if (is_object($modobj)) { $addlScriptSubmit = $modobj->SyntaxPageFormSubmit(); } $closestr = cms_html_entity_decode(lang('close')); $headtext = <<<EOSCRIPT <script type="text/javascript"> // <![CDATA[ jQuery(document).ready(function(){ jQuery('[name=apply]').live('click',function(){ var data = jQuery('#Edit_Template').find('input:not([type=submit]), select, textarea').serializeArray(); data.push({ 'name': 'ajax', 'value': 1}); data.push({ 'name': 'apply', 'value': 1 }); \$.post('{$_SERVER['REQUEST_URI']}',data,function(resultdata,text){ var event = jQuery.Event('cms_ajax_apply'); event.response = \$(resultdata).find('Response').text(); event.details = \$(resultdata).find('Details').text(); event.close = '{$closestr}'; jQuery('body').trigger(event); },'xml');
echo '<tbody>'; # this var is used to show each line with different color $currow = "row1"; # now showing each line while ($one = $result->FetchRow()) { # we store ids of templates found for them not to appear in the dropdown $csslist[] = $one["assoc_to_id"]; echo "<tr class=\"{$currow}\">\n"; if ($modifytpl) { echo "<td><a href=\"edittemplate.php" . $urlext . "&template_id=" . $one["assoc_to_id"] . "&from=cssassoc&cssid=" . $id . "\">" . $one["template_name"] . "</a></td>\n"; } else { echo "<td>" . $one['template_name'] . "</td>\n"; } # if user has right to delete if ($modify || $delasso) { echo "<td><a href=\"deletetemplateassoc.php" . $urlext . "&id=" . $id . "&template_id=" . $one["assoc_to_id"] . "&type={$type}\" onclick=\"return confirm('" . cms_html_entity_decode(lang('deleteassociationconfirm', $one['template_name'])) . "');\">"; echo $themeObject->DisplayImage('icons/system/delete.gif', lang('delete'), '', '', 'systemicon'); echo "</a></td>\n"; } else { echo "<td> </td>"; } echo "</tr>\n"; "row1" == $currow ? $currow = "row2" : ($currow = "row1"); } ## foreach echo '</tbody>'; echo "</table>\n"; } # end of if result if ($modify || $addasso) { # this var is used to store the css ids that should not appear in the
include 'function.importtemplate.php'; if ($template == 'prettyPhoto') { $this->SetPreference('default_template_contents', $templatecode); $this->SetPreference('current_template', $template); } } } // create preferences $this->SetPreference('singleimg_template', 'prettyPhoto'); $this->SetPreference('singleimg_template_html', '<a class="group" href="{$image->file|escape:\'url\'|replace:\'%2F\':\'/\'}" title="{$image->title}" rel="prettyPhoto"><img src="{$image->thumb|escape:\'url\'|replace:\'%2F\':\'/\'}" alt="{$image->title}" /></a>'); $this->SetPreference('urlprefix', 'gallery'); $this->SetPreference('allowed_extensions', 'jpg,jpeg,gif,png'); $this->SetPreference('maximagewidth', 800); $this->SetPreference('maximageheight', 640); $this->SetPreference('imagejpgquality', 80); $this->SetPreference('thumbjpgquality', 80); $this->SetPreference('use_permissions', false); $this->SetPreference('newgalleries_active', true); $this->SetPreference('use_comment_wysiwyg', false); $this->SetPreference('editdirdates', false); $this->SetPreference('editfiledates', false); $this->SetPreference('fe_folderpath', 'modules/Gallery/images/folder.png'); $this->SetPreference('be_folderpath', 'modules/Gallery/images/foldersmall.png'); // register an event that the Gallery will issue. // $this->CreateEvent( 'OnGalleryPreferenceChange' ); $this->AddEventHandler('Core', 'ContentPostRender', false); // insert defaults $query = "INSERT INTO " . cms_db_prefix() . "module_gallery (filename, filepath, filedate, fileorder, active, defaultfile, galleryid, title, comment) VALUES (?,?,?,-1,1,0,0,?,?)"; $db->Execute($query, array('', '', date("Y-m-d H:i:s", filemtime('../uploads/images/Gallery')), cms_html_entity_decode($this->Lang('friendlyname')), cms_html_entity_decode($this->Lang('defaultgallerycomment')))); $query = "INSERT INTO " . cms_db_prefix() . "module_gallery_props (fileid,templateid,hideparentlink) VALUES (?,?,?)"; $db->Execute($query, array(1, 0, 1));
} $params['detailpage'] = $detailpage; } if (isset($params['browsecat']) && $params['browsecat'] == 1) { $this->DoAction('browsecat', $id, $params, $returnid); return; } $entryarray = array(); $query1 = "\n SELECT \n mn.*, \n mnc.news_category_name, \n mnc.long_name, \n u.username, \n u.first_name,\n u.last_name \n FROM " . cms_db_prefix() . "module_news mn\n LEFT OUTER JOIN " . cms_db_prefix() . "module_news_categories mnc \n ON mnc.news_category_id = mn.news_category_id \n LEFT OUTER JOIN " . cms_db_prefix() . "users u \n ON u.user_id = mn.author_id \n WHERE \n status = 'published' \n AND\n "; $query2 = "\n SELECT count(mn.news_id) as count\n FROM " . cms_db_prefix() . "module_news mn\n LEFT OUTER JOIN " . cms_db_prefix() . "module_news_categories mnc \n ON mnc.news_category_id = mn.news_category_id \n LEFT OUTER JOIN " . cms_db_prefix() . "users u \n ON u.user_id = mn.author_id \n WHERE \n status = 'published' \n AND\n "; if (isset($params['category_id'])) { $query1 .= " ( mnc.news_category_id = '" . (int) $params['category_id'] . "' ) AND "; $query2 .= " ( mnc.news_category_id = '" . (int) $params['category_id'] . "' ) AND "; } else { if (isset($params["category"]) && $params["category"] != '') { $category = cms_html_entity_decode(trim($params['category'])); $categories = explode(',', $category); $query1 .= " ("; $query2 .= " ("; $count = 0; foreach ($categories as $onecat) { if ($count > 0) { $query1 .= ' OR '; $query2 .= ' OR '; } if (strpos($onecat, '|') !== FALSE || strpos($onecat, '*') !== FALSE) { $tmp = $db->qstr(trim(str_replace('*', '%', str_replace("'", '_', $onecat)))); $query1 .= "upper(mnc.long_name) like upper({$tmp})"; $query2 .= "upper(mnc.long_name) like upper({$tmp})"; } else { $tmp = $db->qstr(trim(str_replace("'", '_', $onecat)));
$url = "editcss.php" . $urlext . "&css_id=" . $row['assoc_css_id'] . "&from=templatecssassoc&templateid=" . $id; $tmp['editlink'] = '<a href="' . $url . '">' . $row['css_name'] . '</a>'; $tmp['editimg'] = '<a href="' . $url . '">' . $themeObject->DisplayImage('icons/system/edit.gif', lang('editcss'), '', '', 'systemicon') . '</a>'; if ($modify) { $downurl = 'listcssassoc.php' . $urlext . '&dir=down&cssid=' . $row['assoc_css_id'] . '&id=' . $id . '&type=template'; $upurl = 'listcssassoc.php' . $urlext . '&dir=up&cssid=' . $row['assoc_css_id'] . '&id=' . $id . '&type=template'; if ($idx > 0) { $tmp['uplink'] = '<a href="' . $upurl . '">' . $themeObject->DisplayImage('icons/system/arrow-u.gif', lang('up'), '', '', 'systemicon') . '</a>'; } if ($idx + 1 < $count) { $tmp['downlink'] = '<a href="' . $downurl . '">' . $themeObject->DisplayImage('icons/system/arrow-d.gif', lang('down'), '', '', 'systemicon') . '</a>'; } $idx++; } if ($delasso) { $tmp['deletelink'] = "<a href=\"deletecssassoc.php" . $urlext . "&id={$id}&css_id=" . $row["assoc_css_id"] . "&type={$type}\" onclick=\"return confirm('" . cms_html_entity_decode(lang('deleteassociationconfirm', $row["css_name"])) . "');\">" . $themeObject->DisplayImage('icons/system/delete.gif', lang('delete'), '', '', 'systemicon') . "</a>"; } $cssassoc[] = $tmp; } } else { redirect('listtemplates.php' . $urlext . '&message=' . lang('sqlerror', 'listcssassoc.php')); } if (count($cssassoc)) { $smarty->assign('cssassoc', $cssassoc); } # this var is used to store the css ids that should not appear in the # dropdown $notinto = ""; foreach ($csslist as $key) { $notinto .= "{$key},"; }
<?php if (!$this->CheckPermission('Modify Templates')) { // todo, permissions message here return; } if (!isset($params['template'])) { $this->_DisplayErrorPage($id, $params, $returnid, $this->Lang('error_insufficientparams')); return; } $template = cms_html_entity_decode($params['template']); $this->DeleteTemplate($template); $this->myRedirectToTab($id, 'uploadform_template');
// image type $val = $params['feu_input_' . $propname]; if (isset($_FILES[$id . 'feu_input_' . $propname]) && $_FILES[$id . 'feu_input_' . $propname]['size'] > 0) { // It is an upload file type $result = $this->ManageImageUpload($id, 'feu_input_', $propname, $uid); if ($result[0] == false) { $params['error'] = 1; $params['message'] = $this->Lang('error') . ' ' . $result[1]; $this->Redirect($id, 'changesettings', $returnid, $params); } $val = $result[1]; } } else { if (isset($params['feu_input_' . $propname])) { $val = trim($params['feu_input_' . $propname]); $val = cms_html_entity_decode($val); } else { continue; } } // check for forced unique values. if ($force_unique && !$this->IsUserPropertyValueUnique($uid, $propname, $val)) { $params['error'] = 1; $params['message'] = $this->Lang('error_user_nonunique_field_value', $propname); $this->Redirect($id, 'changesettings', $returnid, $params); } $ret = $this->SetUserPropertyFull($propname, $val, $uid); if ($ret == false) { $params['error'] = 1; $params['message'] = $this->Lang('error_settingproperty') . ' ' . $propname; $this->Redirect($id, 'changesettings', $returnid, $params);
$params['errors'] = $this->Lang('error_insufficientparams'); $this->Redirect($id, $the_action, $returnid, $params); return; } if (isset($params['cancel'])) { $module->_current_tab = $this->_current_tab; $module->RedirectToTab($id, $this->_current_tab, '', $the_action); } if (!isset($params['templatecontent'])) { $params['errors'] = $this->Lang('error_insufficientparams'); $module->Redirect($id, $params['origaction'], '', $params); return; } if (!isset($params['template'])) { $params['errors'] = $this->Lang('error_insufficientparams'); $module->Redirect($id, $params['origaction'], '', $params); return; } $module->SetTemplate($params['prefix'] . $params['template'], cms_html_entity_decode($params['templatecontent'], ENT_QUOTES, get_encoding())); audit('', $module->GetName(), 'Edited Tempalte ' . $params['prefix'] . $params['template']); if (isset($params['applybutton'])) { unset($params['applybutton']); $_SESSION['cge_edittemplate'] = $params; $this->Redirect($id, 'edittemplate', $returnid); } if ($this->_current_tab != '') { $module->_current_tab = $this->_current_tab; $module->RedirectToTab($id, '', '', $the_action); return; } $module->Redirect($id, $the_action);
function display_hierarchy(&$root, &$userid, $modifyall, &$users, &$menupos, &$openedArray, &$pagelist, &$image_true, &$image_set_false, &$image_set_true, &$upImg, &$downImg, &$viewImg, &$editImg, &$copyImg, &$deleteImg, &$expandImg, &$contractImg, &$mypages, &$page, $columnstodisplay, $author_allpages) { global $thisurl; global $urlext; global $currow; global $config; global $page; global $indent; if (empty($currow)) { $currow = 'row1'; } $children = $root->getChildren(false, true); $one = $root->getContent(); $thelist = ''; if (!(isset($one) && $one != NULL)) { audit($root->get_tag('id'), 'Core', 'failed to get content for valid content id ' . $root->get_tag('id')); return; } if (!array_key_exists($one->Owner(), $users)) { $userops = cmsms()->GetUserOperations(); $users[$one->Owner()] = $userops->LoadUserById($one->Owner()); } $display = 'none'; if (check_modify_all($userid) || check_ownership($userid, $one->Id()) || quick_check_authorship($one->Id(), $mypages)) { $display = 'edit'; } else { if (check_children($root, $mypages, $userid)) { $display = 'view'; } else { if (check_permission($userid, 'Manage All Content')) { $display = 'structure'; } } } $columns = array(); if ($display != 'none') { $thelist .= "<tr id=\"tr_" . $one->Id() . "\" class=\"{$currow}\">\n"; /* expand/collapse column */ $columns['expand'] = ' '; if ($columnstodisplay['expand']) { $txt = ''; if ($root->hasChildren()) { if (!in_array($one->Id(), $openedArray)) { $txt .= "<a class=\"expand\" href=\"{$thisurl}&content_id=" . $one->Id() . "&col=0&page=" . $page . "\" onclick=\"xajax_content_toggleexpand(" . $one->Id() . ", 'false'); return false;\">"; $txt .= $expandImg; $txt .= "</a>"; } else { $txt .= "<a class=\"contract\" href=\"{$thisurl}&content_id=" . $one->Id() . "&col=1&page=" . $page . "\" onclick=\"xajax_content_toggleexpand(" . $one->Id() . ", 'true'); return false;\">"; $txt .= $contractImg; $txt .= "</a>"; } } if (!empty($txt)) { $columns['expand'] = $txt; } } /* hierarchy column */ if ($columnstodisplay['hier']) { $columns['hier'] = $one->Hierarchy(); } /* page column */ if ($columnstodisplay['page']) { $columns['page'] = ' '; $txt = ''; if ($one->MenuText() != CMS_CONTENT_HIDDEN_NAME) { if ($indent) { for ($i = 0; $i < $root->getLevel(); $i++) { $txt .= "- "; } } $str = $one->MenuText(); if (get_site_preference('listcontent_showtitle', 0)) { $str = $one->Name(); } if ($display == 'edit') { $txt .= '<a class="tooltip" href="editcontent.php' . $urlext . '&content_id=' . $one->Id() . '&page=' . $page . '" title="' . cms_htmlentities($one->Name() . ' (' . $one->Alias() . ')', '', '', true) . '" onmouseover="document.getElementById(\'' . $one->Id() . '_info\').style.display = \'inline-block\';" onmouseout="document.getElementById(\'' . $one->Id() . '_info\').style.display = \'none\';"> ' . cms_htmlentities($str, '', '', true) . '<span id="' . $one->Id() . '_info"><strong>' . lang('content_id') . ':</strong> ' . $one->Id() . '<br /> <strong>' . lang('title') . ':</strong> ' . cms_htmlentities($one->Name()) . '<br /> <strong>' . lang('pagealias') . ':</strong> ' . $one->Alias() . '</span></a>'; } else { $txt .= cms_htmlentities($str, '', '', true); } } if (!empty($txt)) { $columns['page'] = $txt; } } /* alias column */ if ($columnstodisplay['alias']) { $columns['alias'] = ' '; $txt = ''; if (($one->HasUsableLink() || $one->Type() == 'errorpage') && $one->Alias() != '') { $txt = $one->Alias(); } if (!empty($txt)) { $columns['alias'] = $txt; } } /* url column */ if ($columnstodisplay['url']) { $columns['url'] = ' '; $txt = ''; if ($one->HasUsableLink() && $one->URL() != '') { $url = $one->URL(); if (strlen($url) > 30) { $url = '...' . substr($url, strlen($url) - 27); } $txt = $url; } if (!empty($txt)) { if (!prettyurls_ok()) { $txt = '<span style="color: red;" title="' . lang('prettyurls_noeffect') . '">' . $txt . '<span>'; } } if (!empty($txt)) { $columns['url'] = $txt; } } /* template column */ if ($columnstodisplay['template']) { $columns['template'] = ' '; $txt = ''; if ($one->Type() != 'pagelink' && $one->Type() != 'link' && $one->Type() != 'sectionheader' && $one->Type() != 'separator') { $template = TemplateOperations::get_instance()->LoadTemplateById($one->TemplateId()); if ($template && check_permission($userid, 'Modify Template')) { $txt .= "<a title=\"" . lang('edittemplate') . "\" href=\"edittemplate.php" . $urlext . "&template_id=" . $one->TemplateId() . "&from=content\">" . cms_htmlentities($template->name, '', '', true) . "</a>"; } else { if ($template) { $txt .= $template->name; } } } if (!empty($txt)) { $columns['template'] = $txt; } } /* friendly name column */ if ($columnstodisplay['friendlyname']) { $columns['friendlyname'] = $one->FriendlyName(); } /* owner column */ if ($columnstodisplay['owner']) { $columns['owner'] = ' '; if ($one->Owner() > -1) { $columns['owner'] = $users[$one->Owner()]->username; } } /* active column */ if ($columnstodisplay['active']) { $columns['active'] = ' '; $txt = ''; if (check_permission($userid, 'Manage All Content') && $one->Type() != 'errorpage') { if ($one->Active()) { $txt = $one->DefaultContent() ? $image_true : "<a href=\"{$thisurl}&setinactive=" . $one->Id() . "\" onclick=\"xajax_content_setinactive(" . $one->Id() . ");return false;\">" . $image_set_false . "</a>"; } else { $txt = "<a href=\"{$thisurl}&setactive=" . $one->Id() . "\" onclick=\"xajax_content_setactive(" . $one->Id() . ");return false;\">" . $image_set_true . "</a>"; } } if (!empty($txt)) { $columns['active'] = $txt; } } /* default content */ if ($columnstodisplay['default']) { $columns['default'] = ' '; $txt = ''; if (check_permission($userid, 'Manage All Content')) { if ($one->IsDefaultPossible()) { $txt = $one->DefaultContent() ? $image_true : "<a href=\"{$thisurl}&makedefault=" . $one->Id() . "\" onclick=\"if(confirm('" . cms_html_entity_decode(lang("confirmdefault", $one->Name())) . "')) xajax_content_setdefault(" . $one->Id() . ");return false;\">" . $image_set_true . "</a>"; } } if (!empty($txt)) { $columns['default'] = $txt; } } /* move column */ if ($columnstodisplay['move']) { // code for move up is simple $columns['move'] = ' '; $txt = ''; if (check_permission($userid, 'Manage All Content') || $author_allpages) { $sameLevel = $root->getSiblingCount(); if ($sameLevel > 1) { if ($one->ItemOrder() - 1 <= 0) { $txt .= "<a onclick=\"xajax_content_move(" . $one->Id() . ", " . $one->ParentId() . ", 'down'); return false;\" href=\"{$thisurl}&direction=down&content_id=" . $one->Id() . "&parent_id=" . $one->ParentId() . "&page=" . $page . "\">"; $txt .= $downImg; $txt .= "</a> "; } else { if ($one->ItemOrder() - 1 == $sameLevel - 1) { $txt .= " <a class=\"move_up\" onclick=\"xajax_content_move(" . $one->Id() . ", " . $one->ParentId() . ", 'up'); return false;\" href=\"{$thisurl}&direction=up&content_id=" . $one->Id() . "&parent_id=" . $one->ParentId() . "&page=" . $page . "\">"; $txt .= $upImg; $txt .= "</a>"; } else { $txt .= "<a onclick=\"xajax_content_move(" . $one->Id() . ", " . $one->ParentId() . ", 'down'); return false;\" href=\"{$thisurl}&direction=down&content_id=" . $one->Id() . "&parent_id=" . $one->ParentId() . "&page=" . $page . "\">"; $txt .= $downImg; $txt .= "</a> <a onclick=\"xajax_content_move(" . $one->Id() . ", " . $one->ParentId() . ", 'up'); return false;\" href=\"{$thisurl}&direction=up&content_id=" . $one->Id() . "&parent_id=" . $one->ParentId() . "&page=" . $page . "\">"; $txt .= $upImg; $txt .= "</a>"; } } } // $txt .= '<input clsss="hidden" type="text" name="order-'. $one->Id().'" value="'.$one->ItemOrder().'" class="order" />'; } if (!empty($txt)) { $columns['move'] = $txt; } // end of move code } /* view column */ if ($columnstodisplay['view']) { $columns['view'] = ' '; $txt = ''; $url = $one->GetURL(); if ($url != '' && $url != '#' && $one->IsViewable() && $one->Active()) { $txt .= "<a href=\"" . $url . "\" rel=\"external\" target=\"_blank\">"; $txt .= $viewImg . "</a>"; } if (!empty($txt)) { $columns['view'] = $txt; } } /* copy column */ if ($columnstodisplay['copy']) { $columns['copy'] = ' '; $txt = ''; if ($one->IsCopyable() && (check_permission($userid, 'Add Pages') && (check_ownership($userid, $one->Id()) || quick_check_authorship($one->Id(), $mypages)) || check_permission($userid, 'Manage All Content'))) { $txt .= '<a href="copycontent.php' . $urlext . '&content_id=' . $one->Id() . '">'; $txt .= $copyImg . "</a>"; } if (!empty($txt)) { $columns['copy'] = $txt; } } /* edit column */ if ($columnstodisplay['edit']) { $columns['edit'] = ' '; $txt = ''; if (check_modify_all($userid) || check_ownership($userid, $one->Id()) || quick_check_authorship($one->Id(), $mypages) || check_permission($userid, 'Manage All Content')) { // edit link $txt .= "<a href=\"editcontent.php" . $urlext . "&content_id=" . $one->Id() . "\">"; $txt .= $editImg; $txt .= "</a>"; } if (!empty($txt)) { $columns['edit'] = $txt; } } /* delete column */ if ($columnstodisplay['delete']) { $columns['delete'] = ' '; $txt = ''; if ($one->DefaultContent() != true) { if ($root->getChildrenCount() == 0 && (check_permission($userid, 'Remove Pages') && (check_ownership($userid, $one->Id()) || quick_check_authorship($one->Id(), $mypages)) || check_permission($userid, 'Manage All Content') || check_permission($userid, 'Modify Any Page'))) { //$txt .= "<a href=\"{$thisurl}&deletecontent=".$one->Id()."\" onclick=\"confirm('".cms_html_entity_decode(lang('deleteconfirm', $one->mName), true)."');\">"; $txt .= "<a href=\"{$thisurl}&deletecontent=" . $one->Id() . "\" onclick=\"if (confirm('" . cms_html_entity_decode(lang('deleteconfirm', $one->Name())) . "')) xajax_content_delete(" . $one->Id() . "); return false;\">"; $txt .= $deleteImg; $txt .= "</a>"; } } if (!empty($txt)) { $columns['delete'] = $txt; } } if ($columnstodisplay['multiselect']) { /* multiselect */ $columns['multiselect'] = ' '; $txt = ''; $remove = check_permission($userid, 'Remove Pages') ? 1 : 0; $structure = check_permission($userid, 'Manage All Content') ? 1 : 0; $editperms = check_permission($userid, 'Modify Any Page') || quick_check_authorship($one->Id(), $mypages) || check_ownership($userid, $one->Id()) ? 1 : 0; if (($structure == 1 || $remove == 1 && $editperms == 1) && $one->Type() != 'errorpage') { $txt .= '<label class="invisible" for="multicontent-' . $one->Id() . '">' . lang('toggle') . '</label><input type="checkbox" id="multicontent-' . $one->Id() . '" name="multicontent-' . $one->Id() . '" title="' . lang('toggle') . '"/>'; } if (!empty($txt)) { $columns['multiselect'] = $txt; } } /* done */ foreach ($columns as $name => $value) { if (!$columnstodisplay[$name]) { continue; } switch ($name) { case 'edit': case 'default': case 'view': case 'copy': case 'delete': case 'active': $thelist .= '<td class="pagepos">' . $value . "</td>\n"; break; case 'move': $thelist .= '<td class="move">' . $value . "</td>\n"; break; case 'multiselect': $thelist .= '<td class="checkbox">' . $value . "</td>\n"; break; default: $thelist .= '<td>' . $value . "</td>\n"; break; } } $thelist .= "</tr>\n"; $currow == "row1" ? $currow = "row2" : ($currow = "row1"); } $pagelist[] = $thelist; $indent = get_preference($userid, 'indent', true); if (in_array($one->Id(), $openedArray) && is_array($children) && count($children)) { // count through all the children and see if we can display the move column. $author_allpages = check_permission($userid, 'Reorder Content') && check_peer_authorship($userid, $children[0]->getId()); foreach ($children as $child) { display_hierarchy($child, $userid, $modifyall, $users, $menupos, $openedArray, $pagelist, $image_true, $image_set_false, $image_set_true, $upImg, $downImg, $viewImg, $editImg, $copyImg, $deleteImg, $expandImg, $contractImg, $mypages, $page, $columnstodisplay, $author_allpages); } } }
} // get the username and password $username = ''; if (isset($params['input_username'])) { $username = trim($params['input_username']); $username = cms_html_entity_decode($username); } $password = ''; if (isset($params['input_password'])) { $password = trim($params['input_password']); $password = cms_html_entity_decode($password); } $repeatpassword = ''; if (isset($params['input_repeatpassword'])) { $repeatpassword = trim($params['input_repeatpassword']); $repeatpassword = cms_html_entity_decode($repeatpassword); } // check if the username is valid if ($username == '') { $params['error'] = 1; if ($feusers->GetPreference('username_is_email')) { $params['message'] = $this->Lang('error_emptyemail'); } else { $params['message'] = $this->Lang('error_emptyusername'); } return $this->myRedirect($id, 'default', $returnid, $params); } //Ok, we have a valid $username, now we check to see //if we're checking the whitelist (or blacklist) and //and then if it matches... if ($this->GetPreference('enable_whitelist', '') != '') {
if (isset($params['prefix'])) { $prefix = trim($params['prefix']); } if (!isset($params['templatecontent'])) { $params['errors'] = $this->Lang('error_insufficientparams'); $module->Redirect($id, $params['origaction'], '', $params); return; } if ($template == "" || $prefix == "") { $params['errors'] = $this->Lang('error_insufficientparams'); $module->Redirect($id, $params['origaction'], '', $params); return; } $newtemplate = $prefix . $template; // check if this template already exists $txt = trim($module->GetTemplate($newtemplate)); if ($txt != "") { $params['errors'] = $this->Lang('error_templatenameexists'); $this->Redirect($id, $params['origaction'], '', $params); return; } // we're ready to set it $txt = cms_html_entity_decode($params['templatecontent'], ENT_QUOTES, get_encoding()); $module->SetTemplate($newtemplate, $txt); audit('', $module->GetName(), 'Added Template ' . $newtemplate); if ($this->_current_tab != '') { $module->_current_tab = $this->_current_tab; $module->RedirectToTab($id, '', '', $the_action); return; } $module->Redirect($id, $the_action);
echo $themeObject->DisplayImage('icons/system/copy.gif', lang('copy'), '', '', 'systemicon'); echo "</a></td>\n"; } else { echo "<td> </td>"; } // if user has right to edit if ($modify) { echo "<td class=\"icons_wide\"><a href=\"editcss.php" . $urlext . "&css_id=" . $one["css_id"] . "\">"; echo $themeObject->DisplayImage('icons/system/edit.gif', lang('edit'), '', '', 'systemicon'); echo "</a></td>\n"; } else { echo "<td> </td>"; } // if user has right to delete if ($delcss) { echo "<td class=\"icons_wide\"><a href=\"deletecss.php" . $urlext . "&css_id=" . $one["css_id"] . "\" onclick=\"return confirm('" . cms_html_entity_decode(lang('deleteconfirm', $one['css_name'])) . "');\">"; echo $themeObject->DisplayImage('icons/system/delete.gif', lang('delete'), '', '', 'systemicon'); echo "</a></td>\n"; } else { echo "<td> </td>"; } if ($delcss) { echo '<td><input type="checkbox" name="multistylesheet-' . $one['css_id'] . '" /></td>'; } else { echo '<td></td>'; } echo "</tr>\n"; "row1" == $currow ? $currow = "row2" : ($currow = "row1"); } $counter++; }
echo $themeObject->DisplayImage('icons/system/copy.gif', lang('copy'), '', '', 'systemicon'); echo "</a></td>\n"; } # edit template if ($edit) { echo "<td class=\"icons_wide\"><a href=\"edittemplate.php" . $urlext . "&template_id=" . $onetemplate->id . "\">"; echo $themeObject->DisplayImage('icons/system/edit.gif', lang('edit'), '', '', 'systemicon'); echo "</a></td>\n"; } # remove template if ($remove) { echo "<td class=\"icons_wide\">"; if ($onetemplate->default) { echo ' '; } else { echo "<a href=\"deletetemplate.php" . $urlext . "&template_id=" . $onetemplate->id . "\" onclick=\"return confirm('" . cms_html_entity_decode(lang('deleteconfirm', $onetemplate->name)) . "');\">"; echo $themeObject->DisplayImage('icons/system/delete.gif', lang('delete'), '', '', 'systemicon'); echo "</a>"; } echo "</td>\n"; } if ($onetemplate->default) { echo '<td> </td>'; } else { echo '<td><input type="checkbox" name="multitemplate-' . $onetemplate->id . '" /></td>'; } echo "</tr>\n"; $currow == "row1" ? $currow = "row2" : ($currow = "row1"); } $counter++; }
} if (!isset($params['feu_input_username']) || $params['feu_input_username'] == '') { $params['error'] = $this->Lang('error_missingusername'); include dirname(__FILE__) . '/function.user_loginform.php'; return; } if (!isset($params['feu_input_password']) || $params['feu_input_password'] == '') { $params['error'] = $this->Lang('error_missingpassword'); include dirname(__FILE__) . '/function.user_loginform.php'; return; } // now validate the password and username if (isset($params['only_groups'])) { $result = $this->Login($params['feu_input_username'], $params['feu_input_password'], $params['only_groups']); } else { $params['feu_input_password'] = cms_html_entity_decode($params['feu_input_password']); $result = $this->Login($params['feu_input_username'], $params['feu_input_password']); } if ($result[0] == false) { $params['error'] = $result[1]; include dirname(__FILE__) . '/function.user_loginform.php'; return; } $this->Audit(0, $this->Lang('friendlyname'), $this->Lang('frontenduser_loggedin') . ": " . $params['feu_input_username']); // // we're logged in // // store a cookie ? if (isset($params['feu_rememberme']) && $params['feu_rememberme'] == 1) { $this->SetLoginCookie($params['feu_input_username'], $params['feu_input_password']); }
echo '</thead>'; echo '<tbody>'; $curclass = "row1"; $tags = UserTagOperations::get_instance()->ListUserTags(); if (count($tags)) { foreach ($tags as $oneplugin => $label) { $tag = UserTagOperations::get_instance()->GetUserTag($oneplugin); echo "<tr class=\"" . $curclass . "\">\n"; echo "<td><a href=\"edituserplugin.php" . $urlext . "&userplugin_id=" . $oneplugin . "\">{$label}</a></td>\n"; echo "<td>" . listudt_summarize($tag['description'], 20) . "</td>\n"; echo "<td class=\"icons_wide\"><a href=\"runuserplugin.php" . $urlext . "&userplugin_id=" . $oneplugin . "\">"; echo $themeObject->DisplayImage('icons/system/run.gif', lang('run_udt'), '', '', 'systemicon') . "</a></td>\n"; echo "<td class=\"icons_wide\"><a href=\"edituserplugin.php" . $urlext . "&userplugin_id=" . $oneplugin . "\">"; echo $themeObject->DisplayImage('icons/system/edit.gif', lang('edit'), '', '', 'systemicon'); echo "</a></td>\n"; echo "<td class=\"icons_wide\"><a href=\"deleteuserplugin.php" . $urlext . "&userplugin_id=" . $oneplugin . "\" onclick=\"return confirm('" . cms_html_entity_decode(lang('deleteconfirm', $oneplugin)) . "');\">"; echo $themeObject->DisplayImage('icons/system/delete.gif', lang('delete'), '', '', 'systemicon'); echo "</a></td>\n"; echo "</tr>\n"; $curclass == "row1" ? $curclass = "row2" : ($curclass = "row1"); } } ?> </tbody> </table> <div class="pageoptions"> <p class="pageoptions"> <a href="adduserplugin.php<?php echo $urlext; ?> ">
if (isset($params['postdate_Month'])) { $postdate = mktime($params['postdate_Hour'], $params['postdate_Minute'], $params['postdate_Second'], $params['postdate_Month'], $params['postdate_Day'], $params['postdate_Year']); } if (isset($params['startdate_Month'])) { $startdate = mktime($params['startdate_Hour'], $params['startdate_Minute'], $params['startdate_Second'], $params['startdate_Month'], $params['startdate_Day'], $params['startdate_Year']); } if (isset($params['enddate_Month'])) { $enddate = mktime($params['enddate_Hour'], $params['enddate_Minute'], $params['enddate_Second'], $params['enddate_Month'], $params['enddate_Day'], $params['enddate_Year']); } $error = false; if ($startdate > $enddate) { $error = true; $smarty->assign('error', $this->Lang('startdatetoolate')); } if (isset($params['title'])) { $title = strip_tags(cms_html_entity_decode($params['title'])); } if ($title == '') { $error = true; $smarty->assign('error', $this->Lang('notitlegiven')); } if ($content == '') { $error = true; $smarty->assign('error', $this->Lang('nocontentgiven')); } // generate a new article id $articleid = $db->GenID(cms_db_prefix() . "module_news_seq"); if ($error == false) { // test file upload custom fields $qu = "SELECT id,name,type FROM " . cms_db_prefix() . "module_news_fielddefs \n WHERE type='file'"; $fields = $db->GetArray($qu);
echo "<td>{$oneuser->username}</td>\n"; } if ($oneuser->id != 1 && $oneuser->id != $userid) { echo "<td class=\"pagepos\"><a href=\"listusers.php" . $urlext . "&toggleactive=" . $oneuser->id . "\">" . ($oneuser->active == 1 ? $image_true : $image_false) . "</a></td>\n"; } else { echo "<td class=\"pagepos\"> </td>\n"; } if ($access_user) { echo "<td><a href=\"edituser.php" . $urlext . "&user_id=" . $oneuser->id . "\">"; echo $themeObject->DisplayImage('icons/system/edit.gif', lang('edit'), '', '', 'systemicon'); echo "</a></td>\n"; } else { echo "<td> </td>\n"; } if ($remove && $oneuser->id != 1 && $oneuser->id != $userid) { echo "<td><a href=\"deleteuser.php" . $urlext . "&user_id=" . $oneuser->id . "\" onclick=\"return confirm('" . cms_html_entity_decode(lang('deleteconfirm', $oneuser->username)) . "');\">"; echo $themeObject->DisplayImage('icons/system/delete.gif', lang('delete'), '', '', 'systemicon'); echo "</a></td>\n"; } else { echo "<td> </td>\n"; } echo "</tr>\n"; $currow == "row1" ? $currow = "row2" : ($currow = "row1"); } $counter++; } echo '</tbody>'; echo "</table>\n"; } if (check_permission($userid, 'Add Users')) { ?>
<?php if (!isset($gCms)) { exit; } $includesubdir = isset($params['dir']) && substr($params['dir'], -1) == "*" ? TRUE : FALSE; $params['dir'] = isset($params['dir']) ? rawurldecode(cms_html_entity_decode(trim(trim($params['dir'], "*"), "/"))) : ''; $number = isset($params['number']) && is_numeric($params['number']) ? $params['number'] : 6; $show = isset($params['show']) && in_array($params['show'], array('active', 'inactive', 'all')) ? $params['show'] : 'active'; $imgcount = 0; $itemcount = 0; $images = array(); $template = $this->GetPreference('current_template'); $urlprefix = $this->GetPreference('urlprefix', 'gallery'); if (is_dir(DEFAULT_GALLERY_PATH . $params['dir'])) { $smarty->assign('gallerytitle', htmlspecialchars(trim(substr($params['dir'], strrpos($params['dir'], '/')), "/"))); $smarty->assign('galleryid', ''); // get gallery info $galleryinfo = $this->_Getgalleryinfo($params['dir']); if (isset($params['template'])) { // override template settings with param template $templateprops = $this->_GetTemplateprops($params['template']); $galleryinfo['templateid'] = $templateprops['templateid']; $galleryinfo['template'] = $templateprops['template']; $galleryinfo['thumbwidth'] = $templateprops['thumbwidth']; $galleryinfo['thumbheight'] = $templateprops['thumbheight']; $galleryinfo['resizemethod'] = $templateprops['resizemethod']; } if (empty($galleryinfo['templateid'])) { // override template settings with default template $templateprops = $this->_GetTemplateprops($template);
$actioncol[] = "<a href=\"{$thisurl}&action=uninstall&module=" . $key . "\" onclick=\"return confirm('" . ($modinstance->UninstallPreMessage() !== FALSE ? cms_utf8entities($modinstance->UninstallPreMessage()) : lang('uninstallconfirm') . ' ' . $key) . "');\">" . lang('uninstall') . "</a>"; } else { // HAS DEPENDENTS =============== $result = $db->Execute("SELECT child_module from\n\t\t\t\t\t" . cms_db_prefix() . "module_deps WHERE parent_module='{$key}'"); $dependentof = array(); while ($result && ($row = $result->FetchRow())) { $dependentof[$row['child_module']] = ""; } $str = implode(array_keys($dependentof), ", "); //$activecol = ($dbm[$key]['Active']==true?$image_true:"<a href='{$thisurl}&action=settrue&module=".$key."'>".$image_false."</a>"); $statuscol[] = lang('hasdependents') . " (<strong>{$str}</strong>)"; // END HAS DEPENDENTS =========== } if (!$permsok) { $statuscol[] = lang('cantremove'); $actioncol[] = "<a href=\"{$thisurl}&action=chmod&module=" . $key . "\" onclick=\"return confirm('" . cms_html_entity_decode(lang('changepermissionsconfirm')) . "');\">" . lang('changepermissions') . "</a>"; } } } //Is there help? if (@$modinstance->GetHelp() != '') { $helpcol = "<a href=\"{$thisurl}&action=showmodulehelp&module=" . $key . "\">" . lang('help') . "</a>"; } //About is constructed from other details now $aboutcol = "<a href=\"{$thisurl}&action=showmoduleabout&module=" . $key . "\">" . lang('about') . "</a>"; // row output echo "<tr class=\"" . $curclass . "\">\n"; echo "<td>{$namecol}</td>"; echo "<td>{$versioncol}</td>"; if ($statusspans === true) { echo '<td colspan="3">' . implode('<br/>', $statuscol) . "</td>";
exit; } if (!$this->CheckPermission('Modify Templates')) { die('permission denied'); } # # Initialization # $this->SetCurrentTab('usernotifications'); if (isset($params['reset'])) { $fn = dirname(__FILE__) . '/templates/orig_usernotification_template.tpl'; if (file_exists($fn)) { $template = file_get_contents($fn); $this->SetTemplate(CGFEEDBACK_PREF_USERNOTIFICATION_TEMPLATE, $template); } } else { if (isset($params['is_html'])) { $this->SetPreference('usernotification_ishtml', (int) $params['is_html']); } if (isset($params['subject'])) { $this->SetPreference(CGFEEDBACK_PREF_USERNOTIFICATION_SUBJECT, trim($params['subject'])); } if (isset($params['usernotification_msg'])) { $txt = cms_html_entity_decode($params['usernotification_msg']); $this->SetTemplate(CGFEEDBACK_PREF_USERNOTIFICATION_TEMPLATE, $txt); } } $this->RedirectToTab($id); # # EOF #
} private function _cmp($a, $b) { if ($a->urltxt == $b->urltxt) { return 0; } return $a->urltxt < $b->urltxt ? -1 : 1; } function Sort() { usort($this->_ary, array($this, '_cmp')); } } if ($params['searchinput'] != '') { // Fix to prevent XSS like behaviour. See: http://www.securityfocus.com/archive/1/455417/30/0/threaded $params['searchinput'] = cms_html_entity_decode($params['searchinput']); $params['searchinput'] = strip_tags($params['searchinput']); @$this->SendEvent('SearchInitiated', array(trim($params['searchinput']))); $searchstarttime = microtime(); $smarty->assign('phrase', $params['searchinput']); $words = array_values($this->StemPhrase($params['searchinput'])); $nb_words = count($words); $max_weight = 1; $searchphrase = ''; if ($nb_words > 0) { $ary = array(); foreach ($words as $word) { $word = trim($word); $ary[] = "word = " . $db->qstr($word); } $searchphrase = implode(' OR ', $ary);
print '</EditContent>'; exit; } } } if (strlen($contentobj->Name()) > 0) { $CMS_ADMIN_SUBTITLE = $contentobj->Name(); } // Detect if a WYSIWYG is in use, and grab its form submit action $addlScriptSubmit = ''; $modobj = cms_utils::get_wysiwyg_module(); if ($modobj) { $addlScriptSubmit .= $modobj->WYSIWYGPageFormSubmit(); } $closestr = cms_html_entity_decode(lang('close')); $cancelstr = cms_html_entity_decode(lang('confirmcancel')); $headtext .= <<<EOSCRIPT <script type="text/javascript"> // <![CDATA[ jQuery(document).ready(function(){ jQuery('[name=cancel]').click(function(){ var tmp = jQuery(this).val(); if( tmp == '{$closestr}' ) { \treturn true; } else { \treturn confirm('{$cancelstr}'); } });
if ($tmp) { $category_id = $tmp; } } if (isset($params['cancel'])) { $this->RedirectContent($dest_page); } if (isset($params['submit'])) { if (isset($params['content'])) { $content = cms_html_entity_decode($params['content']); } if (isset($params['summary'])) { $summary = cms_html_entity_decode($params['summary']); } if (isset($params['extra'])) { $extra = cms_html_entity_decode($params['extra']); } if (isset($params['category_id'])) { $category_id = $params['category_id']; } if (isset($params['input_category'])) { $category_id = $params['input_category']; } if (isset($params['postdate_Month'])) { $postdate = mktime($params['postdate_Hour'], $params['postdate_Minute'], $params['postdate_Second'], $params['postdate_Month'], $params['postdate_Day'], $params['postdate_Year']); } if (isset($params['startdate_Month'])) { $startdate = mktime($params['startdate_Hour'], $params['startdate_Minute'], $params['startdate_Second'], $params['startdate_Month'], $params['startdate_Day'], $params['startdate_Year']); } if (isset($params['enddate_Month'])) { $enddate = mktime($params['enddate_Hour'], $params['enddate_Minute'], $params['enddate_Second'], $params['enddate_Month'], $params['enddate_Day'], $params['enddate_Year']);
$params['errors'] = $this->Lang('error_insufficientparams'); $this->Redirect($id, 'defaultadmin', '', $params); return; } // handle errors. if (isset($params['errors'])) { echo $this->ShowErrors($params['errors']); } $params['origaction'] = $params['action']; $contents = ""; if ($params['mode'] == 'add') { $this->smarty->assign('formstart', $this->CreateFormStart($id, 'do_addtemplate', $returnid, 'post', '', false, '', $params)); $this->smarty->assign('templatename', $this->CreateInputText($id, 'template', "", 40)); $this->smarty->assign('hidden', $this->CreateInputHidden($id, 'prefix', $params['prefix'])); if (isset($params['defaulttemplatepref']) && $params['defaulttemplatepref'] != '') { $contents = $this->GetPreference($params['defaulttemplatepref']); } } else { $this->smarty->assign('formstart', $this->CreateFormStart($id, 'do_edittemplate', $returnid, 'post', '', false, '', $params)); $this->smarty->assign('templatename', $params['template']); $this->smarty->assign('hidden', $this->CreateInputHidden($id, 'template', $params['template'])); $contents = $this->GetTemplate($params['prefix'] . $params['template']); } $this->smarty->assign('title', cms_html_entity_decode($params['title'])); $this->smarty->assign('prompt_templatename', $this->Lang('prompt_templatename')); $this->smarty->assign('prompt_template', $this->Lang('prompt_template')); $this->smarty->assign('template', $this->CreateSyntaxArea($id, $contents, 'templatecontent')); $this->smarty->assign('submit', $this->CreateInputSubmit($id, 'submitbutton', $this->Lang('submit'))); $this->smarty->assign('cancel', $this->CreateInputSubmit($id, 'cancel', $this->Lang('cancel'))); $this->smarty->assign('formend', $this->CreateFormEnd()); echo $this->ProcessTemplate('edittemplate.tpl');
echo '</thead>'; echo '<tbody>'; $currow = "row1"; // construct true/false button images $image_true = $themeObject->DisplayImage('icons/system/true.gif', lang('true'), '', '', 'systemicon'); $image_false = $themeObject->DisplayImage('icons/system/false.gif', lang('false'), '', '', 'systemicon'); $counter = 0; foreach ($marklist as $onemark) { if ($counter < $page * $limit && $counter >= $page * $limit - $limit) { echo "<tr class=\"{$currow}\">\n"; echo "<td><a href=\"editbookmark.php" . $urlext . "&bookmark_id=" . $onemark->bookmark_id . "\">" . $onemark->title . "</a></td>\n"; echo "<td>" . $onemark->url . "</td>\n"; echo "<td><a href=\"editbookmark.php" . $urlext . "&bookmark_id=" . $onemark->bookmark_id . "\">"; echo $themeObject->DisplayImage('icons/system/edit.gif', lang('edit'), '', '', 'systemicon'); echo "</a></td>\n"; echo "<td><a href=\"deletebookmark.php" . $urlext . "&bookmark_id=" . $onemark->bookmark_id . "\" onclick=\"return confirm('" . cms_html_entity_decode(lang('deleteconfirm', $onemark->title)) . "');\">"; echo $themeObject->DisplayImage('icons/system/delete.gif', lang('delete'), '', '', 'systemicon'); echo "</a></td>\n"; echo "</tr>\n"; $currow == "row1" ? $currow = "row2" : ($currow = "row1"); } $counter++; } echo '</tbody>'; echo "</table>\n"; } ?> <div class="pageoptions"> <p class="pageoptions"> <a href="addbookmark.php<?php echo $urlext;