/**
* afterSave
*
* @param CakeEvent $event
* @return boolean
*/
public function afterSave(CakeEvent $event)
{
$model = $event->subject;
$modelName = $model->name;
$modelId = null;
$revision = null;
$limit = null;
if (array_key_exists($modelName, Configure::read('RevisionControl.models')) && $model->data[$modelName]['id']) {
$modelId = $model->data[$modelName]['id'];
$limit = Configure::read('RevisionControl.limit');
$revisionControlMdl = ClassRegistry::init('RevisionControl.RevisionControl');
// 最新リビジョン番号を取得
$prevData = $revisionControlMdl->find('first', array('conditions' => array('model_name' => $modelName, 'model_id' => $modelId), 'order' => 'revision desc'));
if (isset($prevData['RevisionControl']['revision'])) {
$revision = intval($prevData['RevisionControl']['revision']) + 1;
} else {
$revision = 1;
}
// タイムスタンプデータを削除
$revData = array('RevisionControl' => array('model_name' => $modelName, 'model_id' => $modelId, 'revision' => $revision, 'deta_object' => serialize($model->data)));
// 更新ユーザ情報を追加
$user = BcUtil::loginUser();
if ($user) {
$revData['RevisionControl']['user_id'] = $user['id'];
}
// 保存
$revisionControlMdl->save($revData, false);
// リビジョン制限オーバーデータの削除
if ($limit) {
$revisionList = $revisionControlMdl->find('all', array('conditions' => array('model_name' => $modelName, 'model_id' => $modelId), 'order' => 'revision desc'));
$i = 0;
foreach ($revisionList as $data) {
if (++$i > $limit) {
$revisionControlMdl->delete(intval($data['RevisionControl']['id']));
}
}
}
}
return true;
}
/**
* Parses a string URL into an array. If a plugin key is found, it will be copied to the
* controller parameter
*
* @param string $url The URL to parse
* @return mixed false on failure, or an array of request parameters
*/
public function parse($url)
{
if (is_array($url)) {
return false;
}
if (BcUtil::isAdminSystem($url)) {
return false;
}
$request = Router::getRequest(true);
//管理システムにログインしているかつプレビューの場合は公開状態のステータスは無視する
$publish = true;
if (!empty($request->query['preview']) || !empty($request->query['force'])) {
$publish = false;
}
$sameUrl = false;
$site = BcSite::findCurrentSub(true);
if ($site) {
// 同一URL対応
$sameUrl = true;
$checkUrl = $site->makeUrl($request);
@header('Vary: User-Agent');
} else {
$site = BcSite::findCurrent(true);
if (!is_null($site->name)) {
if ($site->useSubDomain) {
$checkUrl = '/' . $site->alias . ($url ? $url : '/');
} else {
$checkUrl = $url ? $url : '/';
}
} else {
if (!empty($request->query['force']) && BcUtil::isAdminUser()) {
// =================================================================================================
// 2016/11/10 ryuring
// 別ドメインの際に、固定ページのプレビューで、正しくサイト情報を取得できない。
// そのため、文字列でリクエストアクションを送信し、URLでホストを判定する。
// =================================================================================================
$tmpSite = BcSite::findByUrl($url);
if (!is_null($tmpSite)) {
$site = $tmpSite;
}
}
$checkUrl = $url ? $url : '/';
}
}
$content = $this->getContent($checkUrl, $publish, false, $sameUrl, $site->useSubDomain);
if (!$content) {
$content = $this->getContent($checkUrl, $publish, true, $sameUrl, $site->useSubDomain);
}
if (!$content) {
return false;
}
// データが存在してもプレビューで管理システムにログインしていない場合はログイン画面に遷移
if ((!empty($request->query['preview']) || !empty($request->query['force'])) && !BcUtil::loginUser()) {
$_SESSION['Auth']['redirect'] = $_SERVER['REQUEST_URI'];
header('Location: ' . topLevelUrl(false) . baseUrl() . Configure::read('BcAuthPrefix.admin.alias') . '/users/login');
exit;
}
$Content = ClassRegistry::init('Content');
if ($content['Content']['alias_id'] && !$Content->isPublishById($content['Content']['alias_id'])) {
return false;
}
$request->params['Content'] = $content['Content'];
$request->params['Site'] = $content['Site'];
$url = $site->getPureUrl($url);
$params = $this->getParams($url, $content['Content']['url'], $content['Content']['plugin'], $content['Content']['type'], $content['Content']['entity_id'], $site->alias);
if ($params) {
return $params;
}
return false;
}
/**
* ログインユーザーのデータを取得する
*/
public function testLoginUser()
{
// ログインしていない場合
$result = BcUtil::loginUser();
$this->assertNull($result, 'ログインユーザーのデータを正しく取得できません');
// ログインしている場合
session_id('baser');
// 適当な文字列を与え強制的にコンソール上でセッションを有効にする
$Session = new CakeSession();
$Session->write('Auth.' . BcUtil::authSessionKey() . '.name', 'admin');
$result = BcUtil::loginUser();
$this->assertEquals($result['name'], 'admin', 'ログインユーザーのデータを正しく取得できません');
}
/**
* Before Validate
*
* @param array $options Options passed from Model::save().
* @return bool True if validate operation should continue, false to abort
*/
public function beforeValidate($options = [])
{
// コンテンツ一覧にて、コンテンツを登録した直後のリネーム処理までは新規追加とみなして処理を行う為、$create で判定させる
$create = false;
if (empty($this->data['Content']['id']) || !empty($options['firstCreate'])) {
$create = true;
}
// タイトルは強制的に255文字でカット
if (!empty($this->data['Content']['title'])) {
$this->data['Content']['title'] = mb_substr($this->data['Content']['title'], 0, 254, 'UTF-8');
}
if ($create) {
// IEのURL制限が2083文字の為、全て全角文字を想定し231文字でカット
if (!isset($this->data['Content']['name'])) {
$this->data['Content']['name'] = BcUtil::urlencode(mb_substr($this->data['Content']['title'], 0, 230, 'UTF-8'));
}
if (!isset($this->data['Content']['self_status'])) {
$this->data['Content']['self_status'] = false;
}
if (!isset($this->data['Content']['self_publish_begin'])) {
$this->data['Content']['self_publish_begin'] = null;
}
if (!isset($this->data['Content']['self_publish_end'])) {
$this->data['Content']['self_publish_end'] = null;
}
if (!isset($this->data['Content']['deleted'])) {
$this->data['Content']['deleted'] = false;
}
if (!isset($this->data['Content']['created_date'])) {
$this->data['Content']['created_date'] = date('Y-m-d H:i:s');
}
if (!isset($this->data['Content']['site_root'])) {
$this->data['Content']['site_root'] = 0;
}
if (!isset($this->data['Content']['exclude_search'])) {
$this->data['Content']['exclude_search'] = 0;
}
if (!isset($this->data['Content']['author_id'])) {
$user = BcUtil::loginUser('admin');
$this->data['Content']['author_id'] = $user['id'];
}
} else {
if (empty($this->data['Content']['modified_date'])) {
$this->data['Content']['modified_date'] = date('Y-m-d H:i:s');
}
if (isset($this->data['Content']['name'])) {
$this->data['Content']['name'] = BcUtil::urlencode(mb_substr($this->data['Content']['name'], 0, 230, 'UTF-8'));
}
if ($this->data['Content']['id'] == 1) {
unset($this->validate['name']);
}
}
// name の 重複チェック&リネーム
if (!empty($this->data['Content']['name'])) {
$contentId = null;
if (!empty($this->data['Content']['id'])) {
$contentId = $this->data['Content']['id'];
}
$this->data['Content']['name'] = $this->getUniqueName($this->data['Content']['name'], $this->data['Content']['parent_id'], $contentId);
}
return true;
}
/**
* View用のデータを読み込む。
* beforeRenderで呼び出される
*
* @return void
*/
private function __loadDataToView()
{
$this->set('subMenuElements', $this->subMenuElements);
// サブメニューエレメント
$this->set('crumbs', $this->crumbs);
// パンくずなび
$this->set('search', $this->search);
$this->set('help', $this->help);
$this->set('preview', $this->preview);
if (!empty($this->request->params['prefix'])) {
$currentPrefix = $this->request->params['prefix'];
} else {
$currentPrefix = 'front';
}
$this->set('currentPrefix', $currentPrefix);
$authPrefix = Configure::read('BcAuthPrefix.' . $currentPrefix);
$user = null;
if ($authPrefix) {
$sessionKey = BcUtil::getLoginUserSessionKey();
$user = BcUtil::loginUser($currentPrefix);
} else {
$sessionKey = Configure::read('BcAuthPrefix.admin.sessionKey');
$user = BcUtil::loginUser('admin');
}
/* ログインユーザー */
if (BC_INSTALLED && $user && $this->name != 'Installations' && !Configure::read('BcRequest.isUpdater') && !Configure::read('BcRequest.isMaintenance') && $this->name != 'CakeError') {
$this->set('user', $user);
if (!empty($this->request->params['admin'])) {
$this->set('favorites', $this->Favorite->find('all', array('conditions' => array('Favorite.user_id' => $user['id']), 'order' => 'Favorite.sort', 'recursive' => -1)));
}
}
$currentUserAuthPrefixes = array();
if ($this->Session->check('Auth.' . $sessionKey . '.UserGroup.auth_prefix')) {
$currentUserAuthPrefixes = explode(',', $this->Session->read('Auth.' . $sessionKey . '.UserGroup.auth_prefix'));
}
$this->set('currentUserAuthPrefixes', $currentUserAuthPrefixes);
/* 携帯用絵文字データの読込 */
// TODO 実装するかどうか検討する
/* if (isset($this->request->params['prefix']) && $this->request->params['prefix'] == 'mobile' && !empty($this->EmojiData)) {
$emojiData = $this->EmojiData->find('all');
$this->set('emoji',$this->Emoji->EmojiData($emojiData));
} */
}
/**
* [private] 確認画面から戻る
*
* @param mixed mail_content_id
* @return void
*/
public function _back($id)
{
$this->set('freezed', false);
$this->set('error', false);
$this->request->data['MailMessage']['auth_captcha'] = null;
$this->request->data['MailMessage']['captcha_id'] = null;
if ($this->dbDatas['mailFields']) {
$this->set('mailFields', $this->dbDatas['mailFields']);
}
//mailの重複チェックがある場合は、チェック用のデータを復帰
// ↓
// 2013/11/08 - gondoh mailヘッダインジェクション対策時に
// 確認画面にもhiddenタグ出力するよう変更したため削除
// >>> DELETE 2015/11/25 - gondoh view側で吸収するように変更
// $this->action = 'index'; //viewのボタンの表示の切り替えに必要なため変更
// <<<
$user = BcUtil::loginUser('admin');
if (!empty($user)) {
$this->set('editLink', array('admin' => true, 'plugin' => 'mail', 'controller' => 'mail_contents', 'action' => 'edit', $this->dbDatas['mailContent']['MailContent']['id']));
}
$this->set('mailContent', $this->dbDatas['mailContent']);
$this->render($this->dbDatas['mailContent']['MailContent']['form_template'] . DS . 'index');
}
/**
* コンテンツ並び順変更時間を更新する
*/
public function updateContentsSortLastModified()
{
$siteConfigs = $this->findExpanded();
$user = BcUtil::loginUser();
$siteConfigs['contents_sort_last_modified'] = date('Y-m-d H:i:s') . '|' . $user['id'];
$this->saveKeyValue($siteConfigs);
}
/**
* Before render
*
* @param Controller $controller
* @return void
*/
public function beforeRender(Controller $controller)
{
parent::beforeRender($controller);
if (BcUtil::isAdminSystem()) {
$controller->set('contentsSettings', $this->settings['items']);
// パンくずをセット
array_unshift($controller->crumbs, array('name' => 'コンテンツ一覧', 'url' => array('plugin' => null, 'controller' => 'contents', 'action' => 'index')));
if ($controller->subMenuElements && !in_array('contents', $controller->subMenuElements)) {
array_unshift($controller->subMenuElements, 'contents');
} else {
$controller->subMenuElements = ['contents'];
}
if ($this->useForm && in_array($controller->request->action, [$this->editAction, 'admin_edit_alias']) && !empty($controller->request->data['Content'])) {
// フォームをセット
$this->settingForm($controller, $controller->request->data['Content']['site_id'], $controller->request->data['Content']['id']);
// フォームを読み込む為のイベントを設定
// 内部で useForm を参照できない為、ここに記述。
// フォームの設定しかできないイベントになってしまっている。
// TODO 改善要
App::uses('BcContentsEventListener', 'Event');
CakeEventManager::instance()->attach(new BcContentsEventListener());
}
} else {
// ビューキャッシュ設定
if (empty($controller->request->query['preview'])) {
// @deprecated 5.0.0 since 4.0.0
// CakePHP3では、ビューキャッシュは廃止となる為、別の方法に移行する
if ($this->useViewCache && !BcUtil::loginUser('admin') && !isConsole() && !empty($controller->request->params['Content'])) {
$controller->helpers[] = 'BcCache';
$controller->cacheAction = $controller->Content->getCacheTime($controller->request->params['Content']);
}
}
}
}
/**
* [ADMIN] ファイル一覧を表示
*
* ファイルアップロード時にリダイレクトされた場合、
* RequestHandlerコンポーネントが作動しないので明示的に
* レイアウト、デバッグフラグの設定をする
*
* @param int $id 呼び出し元 識別ID
* @param string $filter
* @return void
* @access public
*/
public function admin_ajax_list($id = '')
{
Configure::write('debug', 0);
$default = array('named' => array('num' => $this->siteConfigs['admin_list_num']));
$this->setViewConditions('UploadFile', array('default' => $default, 'type' => 'get'));
$this->request->data['Filter'] = $this->passedArgs;
if (empty($this->request->data['Filter']['uploader_type'])) {
$this->request->data['Filter']['uploader_type'] = 'all';
}
if (!empty($this->request->data['Filter']['name'])) {
$this->request->data['Filter']['name'] = urldecode($this->request->data['Filter']['name']);
}
// =====================================================================
// setViewConditions で type を get に指定した場合、
// 自動的に $this->passedArgs['num'] 設定されないので明示的に取得
// TODO setViewConditions の仕様を見直す
// =====================================================================
if ($this->params['named']['num']) {
$this->Session->write('UploaderFilesAdminAjaxList.named.num', $this->params['named']['num']);
}
if ($this->Session->read('UploaderFilesAdminAjaxList.named.num')) {
$num = $this->Session->read('UploaderFilesAdminAjaxList.named.num');
} else {
$num = $this->siteConfigs['admin_list_num'];
}
$conditions = $this->_createAdminIndexConditions($this->request->data['Filter']);
// 管理ユーザ以外が利用時、ユーザ制限がOnになっていれば一覧に表示しない
$uploaderConfig = $this->UploaderConfig->findExpanded();
if (isset($uploaderConfig['use_permission']) && $uploaderConfig['use_permission'] && !BcUtil::isAdminUser()) {
$user = BcUtil::loginUser();
if ($user) {
$conditions['UploaderFile.user_id'] = $user['id'];
}
}
$this->paginate = array('conditions' => $conditions, 'fields' => array(), 'order' => 'created DESC', 'limit' => $num);
$dbDatas = $this->paginate('UploaderFile');
foreach ($dbDatas as $key => $dbData) {
$limited = !empty($dbData['UploaderFile']['publish_begin']) || !empty($dbData['UploaderFile']['publish_end']);
$files = $this->UploaderFile->filesExists($dbData['UploaderFile']['name'], $limited);
$dbData = Set::merge($dbData, array('UploaderFile' => $files));
$dbDatas[$key] = $dbData;
}
$this->set('installMessage', $this->checkInstall());
$uploaderConfig = $this->UploaderConfig->findExpanded();
$this->set('listId', $id);
$this->set('files', $dbDatas);
if (empty($uploaderConfig['layout_type'])) {
$layoutType = 'panel';
} else {
$layoutType = 'table';
}
$this->set('layoutType', $uploaderConfig['layout_type']);
}
<?php
/**
* baserCMS : Based Website Development Project <http://basercms.net>
* Copyright (c) baserCMS Users Community <http://basercms.net/community/>
*
* @copyright Copyright (c) baserCMS Users Community
* @link http://basercms.net baserCMS Project
* @package Baser.View
* @since baserCMS v 4.0.0
* @license http://basercms.net/license/index.html
*/
/**
* [ADMIN] 統合コンテンツ一覧
*/
$currentUser = BcUtil::loginUser('admin');
$this->BcBaser->js('admin/vendors/jquery.jstree-3.3.1/jstree.min', false);
$this->BcBaser->js('admin/contents/index', false, ['id' => 'AdminContentsIndexScript', 'data-isAdmin' => BcUtil::isAdminUser(), 'data-isUseMoveContents' => (bool) $currentUser['UserGroup']['use_move_contents'], 'data-adminPrefix' => Configure::read('BcAuthPrefix.admin.alias')]);
$this->BcBaser->js('admin/libs/jquery.bcTree', false);
$this->BcBaser->js(array('admin/libs/jquery.baser_ajax_data_list', 'admin/libs/jquery.baser_ajax_batch', 'admin/libs/baser_ajax_data_list_config', 'admin/libs/baser_ajax_batch_config'));
echo $this->BcForm->input('BcManageContent', array('type' => 'hidden', 'value' => $this->BcContents->getJsonSettings()));
?>
<script type="text/javascript">
</script>
<div id="AlertMessage" class="message" style="display:none"></div>
<div id="MessageBox" style="display:none"><div id="flashMessage" class="notice-message"></div></div>
public function isActionAvailable($type, $action, $entityId)
{
$user = BcUtil::loginUser('admin');
$url = $this->settings[$type]['url'][$action] . '/' . $entityId;
return $this->_Permission->check($url, $user['user_group_id']);
}