public static function ipBlockContent($content, $data)
{
if ($data['blockName'] == "main") {
$pagePassword = Service::pagePassword();
$pageId = Model::getPageId();
if ($pagePassword && !ipAdminId()) {
if (isset($_SESSION['pagePassword']) && is_array($_SESSION['pagePassword']) && in_array($pageId, $_SESSION['pagePassword'])) {
return $content;
}
$data['form'] = Helper::createForm();
$postPassword = ipRequest()->getPost('pagePassword');
if ($postPassword && $postPassword == $pagePassword) {
if (isset($_SESSION['pagePassword']) && is_array($_SESSION['pagePassword'])) {
$_SESSION['pagePassword'][] = $pageId;
} else {
$_SESSION['pagePassword'] = array();
$_SESSION['pagePassword'][] = $pageId;
}
return $content;
} elseif ($postPassword) {
$data['error'] = __('Incorrect password', 'PagePassword', false);
}
return ipView('view/password.php', $data)->render();
}
}
return $content;
}
public static function ipJs($jsFiles)
{
if (ipGetOption('ConcatenateJsCss.disableInAdmin', 1) && ipAdminId() || ipStorage()->get('ConcatenateJsCss', 'concatenationInProgress') > time()) {
return $jsFiles;
}
ipStorage()->set('ConcatenateJsCss', 'concatenationInProgress', time() + 60);
//if some CSS / JS links to the website itself, we may have an infinite recursion. So we have to disable ourself during the concatenation
$tinymceUrl = ipFileUrl('Ip/Internal/Core/assets/js/tiny_mce');
$answer = array('concatenateJsCss_tinymce_fix' => array('type' => 'content', 'value' => "var tinyMCEPreInit = {\n suffix: '.min',\n base: '" . $tinymceUrl . "',\n query: ''\n};", 'attributes' => array(), 'cacheFix' => false));
$chunk = array();
foreach ($jsFiles as &$file) {
if ($file['type'] == 'content') {
//we have faced a piece of inline JS. It can't be concatenated. We have to split concatenated JS in to two parts.
if (!empty($chunk)) {
$answer = array_merge($answer, self::concatenateChunk($chunk));
}
$chunk = array();
//add current inline content JS
$answer[] = $file;
} else {
$chunk[] = $file;
}
}
if (!empty($chunk)) {
$answer = array_merge($answer, self::concatenateChunk($chunk));
}
ipStorage()->remove('ConcatenateJsCss', 'concatenationInProgress');
return $answer;
}
public static function ipBeforeController()
{
if (ipAdminId()) {
ipAddJs('assets/floatImage.js');
}
ipAddCss('assets/floatImage.css');
}
public static function ipBeforeController()
{
$request = \Ip\ServiceLocator::request();
$sessionLifetime = ini_get('session.gc_maxlifetime');
if (!$sessionLifetime) {
$sessionLifetime = 120;
}
if ($sessionLifetime > 30) {
$sessionLifetime = $sessionLifetime - 20;
}
ipAddJsVariable('ipSessionRefresh', $sessionLifetime);
if (ipConfig()->isDebugMode()) {
ipAddJs('Ip/Internal/Core/assets/ipCore/jquery.js', null, 10);
// default, global jQuery
ipAddJs('Ip/Internal/Core/assets/ipCore/console.log.js', null, 10);
ipAddJs('Ip/Internal/Core/assets/ipCore/functions.js');
ipAddJs('Ip/Internal/Core/assets/ipCore/jquery.tools.form.js');
ipAddJs('Ip/Internal/Core/assets/ipCore/form/color.js');
ipAddJs('Ip/Internal/Core/assets/ipCore/form/file.js');
ipAddJs('Ip/Internal/Core/assets/ipCore/form/richtext.js');
ipAddJs('Ip/Internal/Core/assets/ipCore/form/repositoryFile.js');
ipAddJs('Ip/Internal/Core/assets/ipCore/form/url.js');
ipAddJs('Ip/Internal/Core/assets/ipCore/form.js');
ipAddJs('Ip/Internal/Core/assets/ipCore/validator.js');
ipAddJs('Ip/Internal/Core/assets/ipCore/widgets.js');
ipAddJs('Ip/Internal/Core/assets/ipCore/ipCore.js');
} else {
ipAddJs('Ip/Internal/Core/assets/ipCore.min.js', null, 10);
}
//Form init
$validatorTranslations = array('Ip-admin' => static::validatorLocalizationData('Ip-admin'), ipContent()->getCurrentLanguage()->getCode() => static::validatorLocalizationData('Ip'));
ipAddJsVariable('ipValidatorTranslations', $validatorTranslations);
if (ipAdminId() || \Ip\Internal\Admin\Model::isLoginPage() || \Ip\Internal\Admin\Model::isPasswordResetPage()) {
if (ipConfig()->isDebugMode()) {
ipAddJs('Ip/Internal/Core/assets/admin/managementMode.js');
ipAddJs('Ip/Internal/Core/assets/admin/functions.js');
ipAddJs('Ip/Internal/Core/assets/admin/validator.js');
ipAddJs('Ip/Internal/Core/assets/admin/bootstrap/bootstrap.js');
ipAddJs('Ip/Internal/Core/assets/admin/bootstrap-switch/bootstrap-switch.js');
} else {
ipAddJs('Ip/Internal/Core/assets/admin.min.js', null, 10);
}
ipAddJs('Ip/Internal/Core/assets/tinymce/pastePreprocess.js');
ipAddJs('Ip/Internal/Core/assets/tinymce/default.js');
}
if (ipAdminId()) {
ipAddJs('Ip/Internal/Core/assets/js/tiny_mce/jquery.tinymce.min.js');
ipAddJs('Ip/Internal/Core/assets/js/tiny_mce/tinymce.min.js');
ipAddJsVariable('ipBrowseLinkModalTemplate', ipView('view/browseLinkModal.php')->render());
ipAddJs('Ip/Internal/Core/assets/ipCore/plupload/plupload.full.js');
ipAddJs('Ip/Internal/Core/assets/ipCore/plupload/plupload.browserplus.js');
ipAddJs('Ip/Internal/Core/assets/ipCore/plupload/plupload.gears.js');
ipAddJs('Ip/Internal/Core/assets/ipCore/plupload/jquery.plupload.queue/jquery.plupload.queue.js');
if (is_file(ipThemeFile('setup/admin.js'))) {
ipAddJs(ipThemeUrl('setup/admin.js'));
}
ipAddCss('Ip/Internal/Core/assets/admin/admin.css');
}
}
/**
* @param $info
* @return \Ip\Response\Redirect
*/
public static function ipExecuteController($info)
{
$page = ipContent()->getCurrentPage();
if ($page && $page->getRedirectUrl() && !ipAdminId()) {
return new \Ip\Response\Redirect($page->getRedirectUrl());
}
return null;
}
public static function ipBeforeController()
{
if (ipAdminId()) {
ipAddJs('assets/FontAwesomeField.js');
ipAddCss('assets/FontAwesomeField.css');
}
ipAddCss('Plugin/FontAwesomeIcons/assets/css/font-awesome.min.css');
}
public static function removePermission($permission, $administratorId = null)
{
if ($administratorId === null) {
$administratorId = ipAdminId();
}
$condition = array('permission' => $permission, 'administratorId' => $administratorId);
ipDb()->delete('permission', $condition);
}
/**
* @param \Ip\Response $response
* @return mixed
*/
public static function ipSendResponse($response)
{
if (ipGetOption('MaintenanceMode.enabled') == 1 && ipAdminId() === false) {
if (substr(ipRequest()->getRelativePath(), 0, 5) != 'admin') {
return new \Ip\Response(ipGetOption('MaintenanceMode.content'));
}
}
return $response;
}
public function delete()
{
ipRequest()->mustBePost();
$userId = ipRequest()->getPost('id');
if (!$userId) {
throw new \Ip\Exception('Missing required parameters');
}
if ($userId == ipAdminId()) {
throw new \Ip\Exception("Can't delete yourself");
}
Service::delete($userId);
$data = array('status' => 'ok');
return new \Ip\Response\Json($data);
}
public function hasPermission($permission, $administratorId = null)
{
if (in_array($permission, array('InlineManagement'))) {
$permission = 'Content';
}
if ($administratorId == null) {
$administratorId = ipAdminId();
}
if (!isset($this->permissions[$administratorId])) {
$this->permissions[$administratorId] = AdminPermissionsModel::getUserPermissions($administratorId);
}
$answer = isset($this->permissions[$administratorId][$permission]) || isset($this->permissions[$administratorId]['Super admin']);
$answer = ipFilter('ipAdminPermission', $answer, array('permission' => $permission, 'administratorId' => $administratorId));
return $answer;
}
public static function ipBeforeController()
{
//show admin submenu if needed
if (ipRoute()->isAdmin()) {
ipAddJs('Ip/Internal/Core/assets/js/jquery-ui/jquery-ui.js');
ipAddCss('Ip/Internal/Core/assets/js/jquery-ui/jquery-ui.css');
$submenu = Submenu::getSubmenuItems();
$submenu = ipFilter('ipAdminSubmenu', $submenu);
if ($submenu) {
ipResponse()->setLayoutVariable('submenu', $submenu);
}
}
// Show admin toolbar if admin is logged in:
if (ipAdminId() && !ipRequest()->getRequest('pa') || ipRequest()->getRequest('aa') && ipAdminId()) {
if (!ipRequest()->getQuery('ipDesignPreview') && !ipRequest()->getQuery('disableAdminNavbar')) {
ipAddJs('Ip/Internal/Admin/assets/admin.js');
ipAddJsVariable('ipAdminNavbar', static::getAdminNavbarHtml());
}
}
// Show popup with autogenerated user information if needed
$adminIsAutogenerated = ipStorage()->get('Ip', 'adminIsAutogenerated');
if ($adminIsAutogenerated) {
$adminId = \Ip\Internal\Admin\Backend::userId();
$admin = \Ip\Internal\Administrators\Model::getById($adminId);
ipAddJs('Ip/Internal/Admin/assets/adminIsAutogenerated.js');
$data = array('adminUsername' => $admin['username'], 'adminPassword' => ipStorage()->get('Ip', 'adminIsAutogenerated'), 'adminEmail' => $admin['email']);
ipAddJsVariable('ipAdminIsAutogenerated', ipView('view/adminIsAutoGenerated.php', $data)->render());
}
if (ipContent()->getCurrentPage()) {
// initialize management
if (ipIsManagementState()) {
if (!ipRequest()->getQuery('ipDesignPreview') && !ipRequest()->getQuery('disableManagement')) {
\Ip\Internal\Content\Helper::initManagement();
}
}
//show page content
$response = ipResponse();
$response->setDescription(\Ip\ServiceLocator::content()->getDescription());
$response->setKeywords(ipContent()->getKeywords());
$response->setTitle(ipContent()->getTitle());
}
}
/**
* @param $info
* @return array|null
* @throws \Ip\Exception
*/
public static function ipRouteAction_70($info)
{
$result = \Ip\ServiceLocator::router()->match(rtrim($info['relativeUri'], '/'), ipRequest());
if (!$result) {
return null;
}
if (is_callable($result['action'])) {
unset($result['plugin'], $result['controller']);
}
if (empty($result['page'])) {
if ($info['relativeUri'] == '') {
$pageId = ipContent()->getDefaultPageId();
$page = \Ip\Internal\Pages\Service::getPage($pageId);
} else {
$languageCode = ipContent()->getCurrentLanguage()->getCode();
$page = \Ip\Internal\Pages\Service::getPageByUrl($languageCode, $info['relativeUri']);
}
if ($page && (!$page['isSecured'] || !ipAdminId())) {
$result['page'] = new \Ip\Page($page);
}
}
return $result;
}
protected function init()
{
$this->firstTimeThisYear = true;
$this->firstTimeThisMonth = true;
$this->firstTimeThisWeek = true;
$this->firstTimeThisDay = true;
$this->firstTimeThisHour = true;
$this->lastTime = null;
$lastExecution = ipStorage()->get('Cron', 'lastExecutionEnd', null);
$lastExecutionStart = ipStorage()->get('Cron', 'lastExecutionStart', null);
if ($lastExecution < $lastExecutionStart) {
// if last cron execution failed to finish
$lastExecution = $lastExecutionStart;
}
if ($lastExecution && !(ipRequest()->getQuery('test', 0) && ipAdminId())) {
$this->firstTimeThisYear = date('Y') != date('Y', $lastExecution);
$this->firstTimeThisMonth = date('Y-m') != date('Y-m', $lastExecution);
$this->firstTimeThisWeek = date('Y-w') != date('Y-w', $lastExecution);
$this->firstTimeThisDay = date('Y-m-d') != date('Y-m-d', $lastExecution);
$this->firstTimeThisHour = date('Y-m-d H') != date('Y-m-d H', $lastExecution);
$this->lastTime = $lastExecution;
}
}
/**
* Handle uploads made using PlUpload library
* @param bool $secureFolder
* @throws \Ip\Exception\Repository\Upload
*/
public function handlePlupload($secureFolder)
{
if (!$secureFolder && !ipAdminId()) {
throw new \Ip\Exception\Repository\Upload("Trying to upload image to temporary directory without permission.");
}
if ($secureFolder) {
$targetDir = ipFile('file/secure/tmp/');
} else {
$targetDir = ipFile('file/tmp/');
}
if ($secureFolder) {
$sizeLimit = ipGetOption('Repository.publicUploadLimit', 4000);
if ($this->folderSize($targetDir) > $sizeLimit * 1000000) {
//4000 Mb by default
ipLog()->error("Repository.publicUploadLimitReached: IP: `{ip}`. CurrentLimit `{limit}Mb`. Please update Repository.publicUploadLimit option to increase the limits.", array('ip' => $_SERVER['REMOTE_ADDR'], 'limit' => $sizeLimit));
throw new \Ip\Exception("Upload limit reached");
}
}
// Get parameters
$chunk = isset($_REQUEST["chunk"]) ? $_REQUEST["chunk"] : 0;
$chunks = isset($_REQUEST["chunks"]) ? $_REQUEST["chunks"] : 0;
$fileName = isset($_REQUEST["name"]) ? $_REQUEST["name"] : '';
// Clean the fileName for security reasons
$fileName = \Ip\Internal\File\Functions::cleanupFileName($fileName);
// Make sure the fileName is unique but only if chunking is disabled
if ($chunks < 2 && file_exists($targetDir . $fileName)) {
$fileName = \Ip\Internal\File\Functions::genUnoccupiedName($fileName, $targetDir);
}
//security check
$fileExtension = strtolower(substr($fileName, strrpos($fileName, '.') + 1));
$whiteListExtensions = array('jpg', 'jpeg', 'jpe', 'gif', 'png', 'bmp', 'tif', 'tiff', 'ico', 'asf', 'asx', 'wmv', 'wmx', 'wm', 'avi', 'divx', 'flv', 'mov', 'qt', 'mpeg', 'mpg', 'mpe', 'mp4', 'm4v', 'ogv', 'webm', 'mkv', 'txt', 'asc', 'c', 'cc', 'h', 'csv', 'tsv', 'ics', 'rtx', 'css', 'htm', 'html', 'vtt', 'mp3', 'm4a', 'm4b', 'ra', 'ram', 'wav', 'ogg', 'oga', 'mid', 'midi', 'wma', 'wax', 'mka', 'rtf', 'js', 'pdf', 'class', 'tar', 'zip', 'gz', 'gzip', 'rar', '7z', 'doc', 'pot', 'pps', 'ppt', 'wri', 'xla', 'xls', 'xlt', 'xlw', 'mdb', 'mpp', 'docx', 'docm', 'dotx', 'dotm', 'eps', 'xlsx', 'xlsm', 'xlsb', 'xltx', 'xltm', 'xlam', 'pptx', 'pptm', 'ppsx', 'ppsm', 'potx', 'potm', 'ppam', 'sldx', 'sldm', 'onetoc', 'onetoc2', 'onetmp', 'onepkg', 'odt', 'odp', 'ods', 'odg', 'odc', 'odb', 'odf', 'wp', 'wpd', 'key', 'numbers', 'pages', 'xml', 'json', 'iso', 'aac', 'img', 'psd', 'ai', 'sql', 'swf', 'svg');
$whiteListExtensions = ipFilter('ipWhiteListExtensions', $whiteListExtensions);
if (!empty($fileExtension) && !in_array($fileExtension, $whiteListExtensions)) {
//security risk
throw new \Ip\Exception\Repository\Upload\ForbiddenFileExtension("Files with extension (." . esc($fileExtension) . ") are not permitted for security reasons.", array('extension' => $fileExtension, 'filename' => $fileName));
}
//end security check
// Look for the content type header
$contentType = null;
if (isset($_SERVER["HTTP_CONTENT_TYPE"])) {
$contentType = $_SERVER["HTTP_CONTENT_TYPE"];
}
if (isset($_SERVER["CONTENT_TYPE"])) {
$contentType = $_SERVER["CONTENT_TYPE"];
}
// Handle non multipart uploads older WebKit versions didn't support multipart in HTML5
if (strpos($contentType, "multipart") !== false) {
if (!isset($_FILES['file']['tmp_name']) || !is_uploaded_file($_FILES['file']['tmp_name'])) {
throw new \Ip\Exception\Repository\Upload("Failed to move uploaded file.");
}
// Open temp file
$out = fopen($targetDir . $fileName, $chunk == 0 ? "wb" : "ab");
if (!$out) {
throw new \Ip\Exception\Repository\Upload("Failed to open output stream.");
}
//mark this file as uploaded by current user
$this->setFileUploadedByThisUser($targetDir . $fileName);
// Read binary input stream and append it to temp file
$in = fopen($_FILES['file']['tmp_name'], "rb");
if (!$in) {
throw new \Ip\Exception\Repository\Upload("Failed to open input stream.");
}
while ($buff = fread($in, 4096)) {
fwrite($out, $buff);
}
fclose($in);
fclose($out);
@unlink($_FILES['file']['tmp_name']);
} else {
// Open temp file
$out = fopen($targetDir . '/' . $fileName, $chunk == 0 ? "wb" : "ab");
if (!$out) {
throw new \Ip\Exception\Repository\Upload("Failed to open output stream.");
}
// Read binary input stream and append it to temp file
$in = fopen("php://input", "rb");
if (!$in) {
throw new \Ip\Exception\Repository\Upload("Failed to open input stream.");
}
while ($buff = fread($in, 4096)) {
if (function_exists('set_time_limit')) {
set_time_limit(30);
}
fwrite($out, $buff);
}
fclose($in);
fclose($out);
}
$this->uploadedFileName = $fileName;
$this->uploadedFile = $targetDir . $fileName;
$this->targetDir = $targetDir;
}
/**
* If in management state and the last revision was published, create a new revision.
* @ignore
*/
public function getCurrentRevision()
{
if ($this->currentRevision !== null) {
return $this->currentRevision;
}
if (!$this->currentPage) {
return null;
}
$revision = null;
$pageId = $this->currentPage->getId();
if (ipRequest()->getQuery('_revision') && ipAdminId()) {
$revisionId = ipRequest()->getQuery('_revision');
$revision = \Ip\Internal\Revision::getRevision($revisionId);
if ($revision['pageId'] != $pageId) {
$revision = null;
}
}
if (!$revision && ipIsManagementState()) {
$revision = \Ip\Internal\Revision::getLastRevision($pageId);
if ($revision['isPublished']) {
$duplicatedId = \Ip\Internal\Revision::duplicateRevision($revision['revisionId']);
$revision = \Ip\Internal\Revision::getRevision($duplicatedId);
}
}
if (!$revision) {
$revision = \Ip\Internal\Revision::getPublishedRevision($this->currentPage->getId());
}
$this->currentRevision = $revision;
return $this->currentRevision;
}
public function sendUsageStatisticsAjax()
{
ipRequest()->mustBePost();
$usageStatistics = false;
// Send stats just after admin login
if (isset($_SESSION['module']['system']['adminJustLoggedIn'])) {
$usageStatistics = array('action' => 'Admin.login', 'data' => array('admin' => ipAdminId()));
// Removing session variable to send these stats only once
unset($_SESSION['module']['system']['adminJustLoggedIn']);
}
// if we have some kind of definition then we send data
if ($usageStatistics !== false) {
\Ip\Internal\System\Model::sendUsageStatistics($usageStatistics);
}
return \Ip\Response\JsonRpc::result('ok');
}
public function generateJavascript()
{
$cacheVersion = $this->getCacheVersion();
$javascriptFiles = $this->getJavascript();
$javascriptFilesSorted = array();
foreach ($javascriptFiles as $level) {
foreach ($level as &$file) {
if ($file['type'] == 'file' && $file['cacheFix']) {
$file['value'] .= (strpos($file['value'], '?') !== false ? '&' : '?') . $cacheVersion;
}
}
$javascriptFilesSorted = array_merge($javascriptFilesSorted, $level);
}
$revision = $this->getCurrentRevision();
$page = ipContent()->getCurrentPage();
$javascriptFilesSorted = ipFilter('ipJs', $javascriptFilesSorted);
$language = ipContent()->getCurrentLanguage();
$data = array('ip' => array('baseUrl' => ipConfig()->baseUrl(), 'safeMode' => \Ip\Internal\Admin\Service::isSafeMode(), 'languageId' => $language->getId(), 'languageUrl' => $language->getLink(), 'languageCode' => $language->getCode(), 'languageTextDirection' => $language->getTextDirection(), 'theme' => ipConfig()->theme(), 'pageId' => $page ? $page->getId() : null, 'revisionId' => $revision['revisionId'], 'securityToken' => \Ip\ServiceLocator::application()->getSecurityToken(), 'developmentEnvironment' => ipConfig()->isDevelopmentEnvironment(), 'debugMode' => ipconfig()->isDebugMode(), 'isManagementState' => ipIsManagementState(), 'isAdminState' => ipAdminId() ? 1 : 0, 'isAdminNavbarDisabled' => ipRequest()->getQuery('disableAdminNavbar') ? 1 : 0), 'javascriptVariables' => $this->getJavascriptVariables(), 'javascript' => $javascriptFilesSorted);
$javascript = ipView('Ip/Internal/Config/view/javascript.php', $data)->render();
$javascript = ipFilter('ipJavaScript', $javascript);
return $javascript;
}
?>
</div><!-- /col-lg-4 -->
<div class="col-lg-4">
<p><?php
echo ipBlock('block2')->asStatic()->render();
?>
</p>
</div><!-- /col-lg-4 -->
<div class="col-lg-4">
<?php
echo ipSlot('text', array('id' => 'text5', 'tag' => 'h4', 'default' => __('StanleyIP', 'Stanley', false), 'class' => ''));
?>
<p>This cute theme was created to showcase your work in a simple way. Use it wisely.</p>
<p><?php
echo sprintf(__('Drag & drop with %s', 'Air'), '<a href="http://www.impresspages.org">ImpressPages</a>');
?>
</p>
</div><!-- /col-lg-4 -->
</div>
</div>
</div>
<?php
if (!ipAdminId()) {
echo ipAddJs('assets/js/bootstrap.min.js');
}
echo ipJs();
?>
</body>
</html>
public static function ipBeforeController()
{
if (ipAdminId()) {
ipAddJs('assets/breadcrumb.js');
}
}
protected function backendOnly()
{
if (!ipAdminId()) {
throw new \Exception('This controller can be accessed only by administrator');
}
}
