public static function view($removefieldset = false)
{
if (!self::$_started) {
return;
}
self::$timeEnd = self::getmicrotime();
$time = sprintf('%.5f', self::$timeEnd - self::$timeStart);
$files = sprintf('%.5f', self::$filesTime);
$rapportSQL = sprintf('%.2f', 100 * self::$totalTime / $time);
$rapportPHP = 100 - $rapportSQL;
$memoryPeak = round(memory_get_peak_usage() / 1048576, 3);
$content = 'File ' . $_SERVER['SCRIPT_NAME'] . "\n" . 'Loaded in ' . $time . ' seconds' . "\n" . 'Loaded PHP files : ' . self::$filesLoaded . "\n" . 'SQL requests : ' . sprintf('%.5f', self::$totalTime) . ' seconds (' . self::$sqlNbRequests . ' requests)' . "\n" . '% SQL/PHP : ' . $rapportSQL . ' / ' . $rapportPHP . ' %' . "\n" . 'Memory Peak : ' . $memoryPeak . 'Mo' . "\n";
if (function_exists('xdebug_get_profiler_filename') && xdebug_get_profiler_filename()) {
$content .= 'XDebug Profile : ' . xdebug_get_profiler_filename() . "\n";
}
if (function_exists('xdebug_get_profiler_filename') && xdebug_get_tracefile_name()) {
$content .= 'XDebug Trace : ' . xdebug_get_tracefile_name() . "\n";
}
$content .= 'User : '******' (' . CMS_session::getUserId() . ')' : 'none') . "\n";
$content .= 'Session Id ' . Zend_Session::getId() . "\n";
//$content .= 'Current page '.CMS_session::getPageID()."\n";
if (VIEW_SQL && $_SERVER["SCRIPT_NAME"] != PATH_ADMIN_WR . '/stat.php') {
$stat = array('stat_time_start' => self::$timeStart, 'stat_time_end' => self::$timeEnd, 'stat_total_time' => self::$totalTime, 'stat_sql_nb_requests' => self::$sqlNbRequests, 'stat_sql_table' => self::$sqlTable, 'stat_content_name' => basename($_SERVER["SCRIPT_NAME"]), 'stat_files_table' => self::$filesTable, 'stat_memory_table' => self::$memoryTable, 'stat_memory_peak' => $memoryPeak, 'stat_files_loaded' => self::$filesLoaded);
$statName = 'stat_' . md5(rand());
//save stats to cache (for 10 min)
$cache = new CMS_cache($statName, 'atm-stats', 600, false);
if ($cache) {
$cache->save($stat);
}
}
$content = !$removefieldset ? '<fieldset style="width:200px;" class="atm-debug"><legend>Debug Statistics</legend><pre>' . $content . '</pre>' : 'Debug Statistics :' . "\n" . $content;
if (isset($statName)) {
$content .= '<a href="' . PATH_ADMIN_WR . '/stat.php?stat=' . $statName . '" target="_blank">View statistics detail</a>';
}
//end xhprof profiling
if (defined('APPLICATION_ENABLE_PROFILING') && APPLICATION_ENABLE_PROFILING && function_exists('xhprof_disable')) {
$xhprof_data = xhprof_disable();
include_once APPLICATION_XHPROF_ROOT_FS . "/xhprof_lib/utils/xhprof_lib.php";
include_once APPLICATION_XHPROF_ROOT_FS . "/xhprof_lib/utils/xhprof_runs.php";
$xhprof_runs = new XHProfRuns_Default();
$profileName = md5($_SERVER['REQUEST_URI']);
$run_id = $xhprof_runs->save_run($xhprof_data, md5($_SERVER['REQUEST_URI']));
$content .= '<br /><a href="' . APPLICATION_XHPROF_URI . 'xhprof_html/index.php?run=' . $run_id . '&source=' . $profileName . '" target="_blank">View profiling detail</a>';
}
$content .= !$removefieldset ? '</fieldset>' : '';
return $content;
}
/**
* Constructor.
* initialize object.
*
* @param string $hash the cache hash to use
* @param string $type : the type of the cache to use
* @param mixed $lifetime : the cache lifetime
* @return void
* @access public
*/
function __construct($hash, $type, $lifetime = null, $contextAware = false)
{
if ($contextAware) {
$this->_parameters['hash'] = $hash . '_' . CMS_session::getContextHash();
$this->_context = true;
} else {
$this->_parameters['hash'] = $hash;
}
//normalize cache lifetime
if ($lifetime == 'false' || $lifetime == '0' || $lifetime === false || $lifetime === 0) {
$lifetime = false;
}
if ($lifetime == 'true' || $lifetime == 'auto' || $lifetime == '1' || $lifetime === true || $lifetime === 1) {
//this definition do not use PHP so use default cache lifetime
$lifetime = CACHE_MODULES_DEFAULT_LIFETIME;
//set this cache as auto lifetime
$this->_auto = true;
}
if (io::isPositiveInteger($lifetime)) {
$lifetime = (int) $lifetime;
}
$this->_parameters['type'] = io::sanitizeAsciiString($type);
$this->_parameters['lifetime'] = $lifetime ? $lifetime : null;
//check cache dir
$cachedir = new CMS_file(PATH_CACHE_FS . '/' . $this->_parameters['type'], CMS_file::FILE_SYSTEM, CMS_file::TYPE_DIRECTORY);
if (!$cachedir->exists()) {
$cachedir->writeTopersistence();
}
//Cache options
$frontendOptions = array('lifetime' => $this->_parameters['lifetime'], 'caching' => $this->_parameters['lifetime'] === null ? false : CACHE_MODULES_DATAS, 'automatic_cleaning_factor' => 50, 'automatic_serialization' => true);
$backendOptions = array('cache_dir' => PATH_CACHE_FS . '/' . $this->_parameters['type'], 'cache_file_umask' => octdec(FILES_CHMOD), 'hashed_directory_umask' => octdec(DIRS_CHMOD), 'hashed_directory_level' => 2);
// getting a Zend_Cache_Core object
if (!class_exists('Zend_Cache')) {
die('not found ....');
}
try {
$this->_cache = Zend_Cache::factory('Core', 'File', $frontendOptions, $backendOptions);
} catch (Zend_Cache_Exception $e) {
$this->raiseError($e->getMessage());
return false;
}
if (!isset($this->_cache) || !is_object($this->_cache)) {
$this->raiseError('Error : Zend cache object does not exists');
return false;
}
}
$allclearances = CMS_profile::getAllModuleClearances();
$moduleAccess = '';
foreach ($allclearances as $clearance => $messages) {
$standardDisableNone = false;
if ($moduleCodename == MOD_STANDARD_CODENAME && $clearance == CLEARANCE_PAGE_NONE) {
$standardDisableNone = true;
}
$moduleAccess .= "{\n\t\tboxLabel:\t\t'<span ext:qtip=\"" . $cms_language->getJSMessage($messages['description']) . "\" class=\"atm-help\">" . $cms_language->getJSMessage($messages['label']) . "</span>',\n\t\tname:\t\t\t'{$moduleCodename}-access-{$profileId}',\n\t\t" . ($clearance == CLEARANCE_MODULE_NONE ? "id:'{$moduleCodename}-access-{$profileId}'," : '') . "\n\t\tinputValue:\t\t" . $clearance . ",\n\t\tchecked:\t\t" . ($moduleClearance == $clearance ? 'true' : 'false') . ",\n\t\tdisabled:\t\t" . ($standardDisableNone || $disableFields || !$cms_user->hasModuleClearance($moduleCodename, $clearance) ? 'true' : 'false') . "\n\t},";
}
//validations clearance
$moduleAccess .= "{\n\tboxLabel:\t\t'<span ext:qtip=\"" . $cms_language->getJSMessage(MESSAGE_PAGE_AUTH_VALIDATION_USER_ADMINISTRATOR) . "\" class=\"atm-help\">" . $cms_language->getJSMessage(MESSAGE_PAGE_VALIDATION_RIGHTS) . "</span>',\n\tid:\t\t\t\t'{$moduleCodename}-validate-{$profileId}',\n\tinputValue:\t\t'1',\n\txtype:\t\t\t'checkbox',\n\tchecked:\t\t" . ($profile->hasValidationClearance($moduleCodename) ? 'true' : 'false') . ",\n\tdisabled:\t\t" . ($disableFields || !$cms_user->hasValidationClearance($moduleCodename) ? 'true' : 'false') . "\n}";
$moduleAccessSubmit = '';
if (!$disableFields) {
$moduleAccessSubmit = ",buttons:[{\n\t\ttext:\t\t\t'" . $cms_language->getJSMessage(MESSAGE_PAGE_SAVE) . "',\n\t\ticonCls:\t\t'atm-pic-validate',\n\t\txtype:\t\t\t'button',\n\t\tanchor:\t\t\t'',\n\t\thandler:\t\tfunction() {\n\t\t\tvar access = Ext.getCmp('{$moduleCodename}-access-{$profileId}');\n\t\t\tvar validation = Ext.getCmp('{$moduleCodename}-validate-{$profileId}');\n\t\t\tAutomne.server.call('{$controler}', Ext.emptyFn, {\n\t\t\t\tuserId:\t\t\t'{$userId}',\n\t\t\t\tgroupId:\t\t'{$groupId}',\n\t\t\t\taction:\t\t\t'module-rights',\n\t\t\t\taccess:\t\t\taccess.getGroupValue(),\n\t\t\t\tvalidation:\t\t(validation.getValue() ? 1 : 0),\n\t\t\t\tmodule:\t\t\t'{$moduleCodename}'\n\t\t\t});\n\t\t}\n\t}]";
}
$maxDepth = sensitiveIO::isPositiveInteger(CMS_session::getSessionVar("modules_clearances_max_depth")) ? CMS_session::getSessionVar("modules_clearances_max_depth") : 3;
$moduleElements = "{\n\tid:\t\t\t\t'categories-rights-{$moduleCodename}-{$profileId}',\n\thtml:\t\t\t'',\n\tborder:\t\t\tfalse,\n\txtype:\t\t\t'atmPanel',\n\tautoLoad:\t\t{\n\t\turl:\t\t'modules-categories-rights.php',\n\t\tparams:\t\t\t{\n\t\t\tuserId:\t\t\t'{$userId}',\n\t\t\tgroupId:\t\t'{$groupId}',\n\t\t\tmodule:\t\t\t'{$moduleCodename}'\n\t\t},\n\t\tnocache:\ttrue,\n\t\tscope:\t\tExt.emptyFn\n\t},\n\tlisteners:{'render':function(panel) {\n\t\tpanel.getUpdater().on('update', function() {\n\t\t\tif (Ext.fly('maxDepth-{$moduleCodename}-{$profileId}')) {\n\t\t\t\tvar maxDepthField = new Ext.form.NumberField({\n\t\t\t\t\tapplyTo:\t\t'maxDepth-{$moduleCodename}-{$profileId}',\n\t\t\t\t\tmaxValue:\t\t20,\n\t\t\t\t\tminValue:\t\t2,\n\t\t\t\t\tallowDecimals:\tfalse,\n\t\t\t\t\tallowNegative:\tfalse\n\t\t\t\t});\n\t\t\t\tmaxDepthField.on('valid', function() {\n\t\t\t\t\tthis.update({\n\t\t\t\t\t\turl:\t\t'modules-categories-rights.php',\n\t\t\t\t\t\tparams:\t\t\t{\n\t\t\t\t\t\t\tuserId:\t\t\t'{$userId}',\n\t\t\t\t\t\t\tgroupId:\t\t'{$groupId}',\n\t\t\t\t\t\t\tmodule:\t\t\t'{$moduleCodename}',\n\t\t\t\t\t\t\tmaxDepth:\t\tmaxDepthField.getValue()\n\t\t\t\t\t\t},\n\t\t\t\t\t\tnocache:\ttrue,\n\t\t\t\t\t\tscope:\t\tExt.emptyFn\n\t\t\t\t\t});\n\t\t\t\t}, this, {buffer:300});\n\t\t\t}\n\t\t});\n\t}}\n}";
//rights specific to standard module
if ($moduleCodename == MOD_STANDARD_CODENAME) {
//TEMPLATES
$templategroups = CMS_pageTemplatesCatalog::getAllGroups();
//Create templates checkboxes
$templatesCheckboxes = $templateGroupsSubmit = '';
if ($templategroups) {
foreach ($templategroups as $templategroup) {
// Check if in template groups denied
$checked = !$profile->hasTemplateGroupsDenied($templategroup) ? 'checked="true"' : '';
$disabled = $cms_user->hasTemplateGroupsDenied($templategroup) || $disableFields || $profile->hasAdminClearance(CLEARANCE_ADMINISTRATION_EDITVALIDATEALL) ? ' disabled="disabled"' : '';
$templatesCheckboxes .= '<label for="template-' . base64_encode($templategroup) . '-' . $moduleCodename . '-' . $profileId . '"><input type="checkbox" name="templates[' . base64_encode($templategroup) . ']" id="template-' . base64_encode($templategroup) . '-' . $moduleCodename . '-' . $profileId . '" ' . $checked . $disabled . ' /> ' . $templategroup . '</label> ';
}
if (!$disableFields) {
/**
* This function add method to swith between the row/block display in page edition
*
* @return string : the javascript to add
* @access private
*/
function switchRows()
{
$switchRows = '<script type="text/javascript">
var viewWhat = "' . CMS_session::getSessionVar('viewWhat') . '";
function switchView() {
var rowElements = new Array(';
$count = 0;
foreach (CMS_session::getSessionVar('switchRow') as $aRowID) {
if ($count) {
$switchRows .= ',';
}
$count++;
$switchRows .= '"' . $aRowID . '"';
}
$switchRows .= ');
var blockElements = new Array(';
$count = 0;
foreach (CMS_session::getSessionVar('switchBlock') as $aBlockID) {
if ($count) {
$switchRows .= ',';
}
$count++;
$switchRows .= '"' . $aBlockID . '"';
}
$switchRows .= ');
if (viewWhat=="block") {
for (var i=0; i<rowElements.length; i++) {
if (document.getElementById(rowElements[i])) {
document.getElementById(rowElements[i]).className = "showit";
}
}
for (var i=0; i<blockElements.length; i++) {
if (document.getElementById(blockElements[i])) {
document.getElementById(blockElements[i]).className = "hideit";
}
}
viewWhat = "row";
} else {
for (var i=0; i<rowElements.length; i++) {
if (document.getElementById(rowElements[i])) {
document.getElementById(rowElements[i]).className = "hideit";
}
}
for (var i=0; i<blockElements.length; i++) {
if (document.getElementById(blockElements[i])) {
document.getElementById(blockElements[i]).className = "showit";
}
}
viewWhat = "block";
}
return true;
}
if (viewWhat=="row") {
viewWhat = "block";
//on windows load switch row/block view
CMS_addEvent(window, \'load\', function() {switchView();});
}
</script>';
if (isset($this) && is_a($this, 'CMS_dialog')) {
$this->setJavascript($switchRows);
return true;
} else {
return $switchRows;
}
}
$dialog->show();
exit;
} else {
$updateErrors = array();
foreach ($errors as $anError) {
$updateErrors[] = $anError;
}
CMS_session::setSessionVar('patchErrors', $updateErrors);
}
break;
}
$dialog = new CMS_dialog();
$content = '';
$dialog->setTitle($cms_language->getMessage(MESSAGE_PAGE_TITLE));
//correct first error of the array
$errors = CMS_session::getSessionVar('patchErrors');
$error = $errors[0];
//button message
$validate_msg = !is_array($errors[1]) ? MESSAGE_PAGE_RETURN_TO_PATCH : MESSAGE_PAGE_NEXT_ERROR;
switch ($error['no']) {
case 5:
//try to update a protected file (UPDATE.DENY)
$content .= $cms_language->getMessage(MESSAGE_PAGE_ERROR_5_LABEL) . '<br /><br />';
$installParams = array_map("trim", explode("\t", $error['command']));
//get files
$file = $installParams[1];
$content .= '
' . $cms_language->getMessage(MESSAGE_PAGE_ORIGINAL_PROTECTED_FILE) . ' :
<div class="cms_code">
' . (file_exists(PATH_REALROOT_FS . $file) ? highlight_file(PATH_REALROOT_FS . $file, true) : '') . '
</div>
/**
* Returns XHTML formatted form fields for this Href
*
* @param CMS_language $cms_language, the language to build the form with
* @param string $module, the module codename (default : MOD_STANDARD_CODENAME)
* @param constant $dataLocation, the current data location (RESOURCE_DATA_LOCATION_EDITED (default), RESOURCE_DATA_LOCATION_PUBLIC, etc.)
* @param array $options, array of possible link options (default false : all options actived)
* Example :
* Array (
* 'label' => true|false, // Link has label ?
* 'internal' => true|false, // Link can target an Automne page ?
* 'external' => true|false, // Link can target an external resource ?
* 'file' => true|false, // Link can target a file ?
* 'destination'=> true|false, // Can select a destination for the link ?
* 'no_admin' => true|false, // Deprecated : Remove all admin class reference (default = false)
* 'admin' => true|false, // Use admin JS and classes instead of direct actions (default = true)
* 'currentPage'=> int|false, // Current page to open tree panel (default : CMS_tree::getRoot())
* )
* @return string HTML formated expected
* @access public
*/
function getHTMLFields($cms_language, $module = MOD_STANDARD_CODENAME, $dataLocation = RESOURCE_DATA_LOCATION_EDITED, $options = false)
{
global $cms_user;
if (!is_a($this->_href, 'CMS_href')) {
$this->raiseError("\$this->_href isn't a CMS_href");
return '';
}
$tdClass = $tdClassLight = $tdClassDark = $inputClass = '';
if (!isset($options['no_admin']) || $options['no_admin'] === false) {
$tdClass = ' class="admin"';
$tdClassLight = ' class="admin_lightgreybg"';
$tdClassDark = ' class="admin_darkgreybg"';
$inputClass = ' class="admin_input_text"';
}
$s = '';
if (!isset($options['destination']) || $options['destination'] == true) {
$s .= '
<script type="text/javascript">
if (typeof CMS_openPopUpPage != "function") {
function CMS_openPopUpPage(href, id, width, height) {
if (href != "") {
pagePopupWin = window.open(href, \'CMS_page_\'+id, \'width=\'+width+\',height=\'+height+\',resizable=yes,menubar=no,toolbar=no,scrollbars=yes,status=no,left=0,top=0\');
}
}
}
</script>';
}
$s .= '
<table>';
if (!isset($options['label']) || $options['label'] == true) {
$s .= '
<!-- link label -->
<tr>
<th' . $tdClass . '><span class="admin_text_alert">*</span> ' . $cms_language->getMessage(self::MESSAGE_PAGE_LINK_LABEL) . '</th>
<td' . $tdClassLight . ' colspan="2"><input style="width:100%;" type="text"' . $inputClass . ' name="' . $this->_prefix . 'link_label" value="' . io::htmlspecialchars($this->_href->getLabel()) . '" /></td>
</tr>';
}
$checked = $this->_href->getLinkType() == RESOURCE_LINK_TYPE_NONE ? ' checked="checked"' : '';
$rowspan = 4;
if (isset($options['internal']) && $options['internal'] == false) {
$rowspan--;
}
if (isset($options['external']) && $options['external'] == false) {
$rowspan--;
}
if (isset($options['file']) && $options['file'] == false) {
$rowspan--;
}
$s .= '
<tr>
<th' . $tdClass . ' rowspan="' . $rowspan . '"><span class="admin_text_alert">*</span> ' . $cms_language->getMessage(self::MESSAGE_PAGE_LINK_DESTINATION) . '</th>
<td' . $tdClassDark . '><input type="radio" id="' . $this->_prefix . 'link_type_0" name="' . $this->_prefix . 'link_type" value="' . RESOURCE_LINK_TYPE_NONE . '"' . $checked . ' /></td>
<td' . $tdClassDark . '><label for="' . $this->_prefix . 'link_type_0">' . $cms_language->getMessage(self::MESSAGE_PAGE_NOLINK) . '</label></td>
</tr>
';
if (!isset($options['internal']) || $options['internal'] == true) {
$checked = $this->_href->getLinkType() == RESOURCE_LINK_TYPE_INTERNAL ? ' checked="checked"' : '';
// Build tree link
$grand_root = isset($options['currentPage']) && sensitiveIO::isPositiveInteger($options['currentPage']) ? CMS_tree::getPageByID($options['currentPage']) : CMS_tree::getRoot();
$grand_rootID = $grand_root->getID();
if ($cms_user && is_a($cms_user, 'CMS_profile_user')) {
if (!$cms_user->hasPageClearance($grand_rootID, CLEARANCE_PAGE_VIEW)) {
// If user don't have any clearance view for page root : search a "first root" and viewable page sections
$sections_roots = array();
$sections_roots = $cms_user->getViewablePageClearanceRoots();
if ($sections_roots) {
CMS_session::setSessionVar('sectionsRoots', $sections_roots);
$sections_roots = array_reverse($sections_roots);
foreach ($sections_roots as $pageID) {
$lineages[count(CMS_tree::getLineage($grand_rootID, $pageID, false))] = $pageID;
}
}
ksort($lineages);
$grand_rootID = array_shift($lineages);
}
}
if (!isset($options['admin']) || $options['admin'] == false) {
//build tree link
$href = '/automne/admin-v3/tree.php';
$href .= '?root=' . $grand_rootID;
$href .= '&heading=' . $cms_language->getMessage(self::MESSAGE_PAGE_TREEH1);
$href .= '&encodedOnClick=' . base64_encode("window.opener.document.getElementById('" . $this->_prefix . "link_internal').value = '%s';self.close();");
$href .= '&encodedPageLink=' . base64_encode('false');
$treeLink = '<a href="' . $href . '"' . $tdClass . ' target="_blank"><img src="' . PATH_ADMIN_IMAGES_WR . '/tree.gif" border="0" align="absmiddle" /></a>';
} else {
$treeLink = '<a href="#" onclick="Automne.view.tree(\'' . $this->_prefix . 'link_internal\', \'' . sensitiveIO::sanitizeJSString($cms_language->getMessage(self::MESSAGE_PAGE_TREEH1)) . '\', \'' . $grand_rootID . '\')"><img src="' . PATH_ADMIN_IMAGES_WR . '/tree.gif" border="0" align="absmiddle" /></a>';
}
$s .= '<tr>
<td' . $tdClassLight . '><input type="radio" id="' . $this->_prefix . 'link_type_1" name="' . $this->_prefix . 'link_type" value="' . RESOURCE_LINK_TYPE_INTERNAL . '"' . $checked . ' /></td>
<td' . $tdClassLight . '>
<label for="' . $this->_prefix . 'link_type_1">' . $cms_language->getMessage(self::MESSAGE_PAGE_INTERNALLINK) . '</label>
<input type="text"' . $inputClass . ' id="' . $this->_prefix . 'link_internal" name="' . $this->_prefix . 'link_internal" value="' . $this->_href->getInternalLink() . '" size="6" />
' . $treeLink . '
</td>
</tr>';
}
if (!isset($options['external']) || $options['external'] == true) {
$checked = $this->_href->getLinkType() == RESOURCE_LINK_TYPE_EXTERNAL ? ' checked="checked"' : '';
$s .= '
<tr>
<td' . $tdClassDark . '><input type="radio" id="' . $this->_prefix . 'link_type_2" name="' . $this->_prefix . 'link_type" value="' . RESOURCE_LINK_TYPE_EXTERNAL . '"' . $checked . ' /></td>
<td' . $tdClassDark . '>
<label for="' . $this->_prefix . 'link_type_2">' . $cms_language->getMessage(self::MESSAGE_PAGE_EXTERNALLINK) . '</label>
<input type="text"' . $inputClass . ' id="' . $this->_prefix . 'link_external" name="' . $this->_prefix . 'link_external" value="' . io::htmlspecialchars($this->_href->getExternalLink()) . '" size="30" />
</td>
</tr>
';
}
if (!isset($options['file']) || $options['file'] == true) {
$checked = $this->_href->getLinkType() == RESOURCE_LINK_TYPE_FILE ? ' checked="checked"' : '';
$s .= '
<tr>
<td' . $tdClassLight . '><input type="radio" id="' . $this->_prefix . 'link_type_3" name="' . $this->_prefix . 'link_type" value="' . RESOURCE_LINK_TYPE_FILE . '"' . $checked . ' /></td>
<td' . $tdClassLight . '>
<label for="' . $this->_prefix . 'link_type_3">' . $cms_language->getMessage(self::MESSAGE_PAGE_LINKFILE) . '</label>
<input type="file"' . $inputClass . ' name="' . $this->_prefix . 'link_file" /><br />
<label for="' . $this->_prefix . 'link_edit_linkfile"><input type="checkbox" id="' . $this->_prefix . 'link_edit_linkfile" name="' . $this->_prefix . 'link_edit_linkfile" value="1" /> ' . $cms_language->getMessage(self::MESSAGE_PAGE_FIELD_EDITFILE) . '</label>';
if ($this->_href->getFileLink(false, $module, $dataLocation)) {
$s .= '<br />' . $cms_language->getMessage(self::MESSAGE_PAGE_EXISTING_FILE) . ' : <a href="' . $this->_href->getFileLink(true, $module, $dataLocation) . '" target="_blank">' . $this->_href->getFileLink(false, $module, $dataLocation) . '</a>';
} else {
$s .= '<br />' . $cms_language->getMessage(self::MESSAGE_PAGE_EXISTING_FILE) . ' : ' . $cms_language->getMessage(self::MESSAGE_PAGE_NO_FILE);
}
$s .= ' </td>
</tr>';
}
if (!isset($options['destination']) || $options['destination'] == true) {
$popup = $this->_href->getPopup();
$checked_pop = isset($popup['width']) && $popup['width'] > 0 ? ' checked="checked"' : '';
$checked_top = isset($popup['width']) && $popup['width'] <= 0 && $this->_href->getTarget() == '_top' ? ' checked="checked"' : '';
$checked_bl = isset($popup['width']) && $popup['width'] <= 0 && $this->_href->getTarget() == '_blank' ? ' checked="checked"' : '';
if (!$checked_pop && !$checked_top && !$checked_bl) {
$checked_top = ' checked="checked"';
}
$width = isset($popup['width']) ? $popup['width'] : 0;
$height = isset($popup['height']) ? $popup['height'] : 0;
$s .= '
<!-- Link target -->
<tr>
<th' . $tdClass . ' rowspan="3">' . $cms_language->getMessage(self::MESSAGE_PAGE_LINK_SHOW) . '</th>
<td' . $tdClassDark . '><input type="radio" id="' . $this->_prefix . 'link_target_top" name="' . $this->_prefix . 'link_target" value="top"' . $checked_top . ' /></td>
<td' . $tdClassDark . '>
<label for="' . $this->_prefix . 'link_target_top"><img src="' . PATH_ADMIN_IMAGES_WR . '/pic_link_top.gif" alt="" border="0" align="absmiddle" />
' . $cms_language->getMessage(self::MESSAGE_PAGE_TARGET_TOP) . '</label>
</td>
</tr>
<tr>
<td' . $tdClassLight . '><input type="radio" id="' . $this->_prefix . 'link_target_blank" name="' . $this->_prefix . 'link_target" value="blank"' . $checked_bl . ' /></td>
<td' . $tdClassLight . '>
<label for="' . $this->_prefix . 'link_target_blank"><img src="' . PATH_ADMIN_IMAGES_WR . '/pic_link_blank.gif" alt="" border="0" align="absmiddle" />
' . $cms_language->getMessage(self::MESSAGE_PAGE_TARGET_BLANK) . '</label>
</td>
</tr>
<tr>
<td' . $tdClassDark . '><input type="radio" id="' . $this->_prefix . 'link_target_popup" name="' . $this->_prefix . 'link_target" value="popup"' . $checked_pop . ' /></td>
<td' . $tdClassDark . '>
<label for="' . $this->_prefix . 'link_target_popup"><img src="' . PATH_ADMIN_IMAGES_WR . '/pic_link_top.gif" alt="" border="0" align="absmiddle" />
' . $cms_language->getMessage(self::MESSAGE_PAGE_TARGET_POPUP) . ' : </label>
' . $cms_language->getMessage(self::MESSAGE_PAGE_POPUP_WIDTH) . ' <input type="text"' . $inputClass . ' name="' . $this->_prefix . 'link_popup_width" value="' . $width . '" size="3" />
' . $cms_language->getMessage(self::MESSAGE_PAGE_POPUP_HEIGHT) . ' <input type="text"' . $inputClass . ' name="' . $this->_prefix . 'link_popup_height" value="' . $height . '" size="3" />
</td>
</tr>';
}
$s .= '</table>';
return $s;
}
/**
* Start the scripts process queue.
* Remove the lock file then relaunch the script if force is true
*
* @param boolean $force Set to true if you wish to remove the lock file before launch
* @return void
* @access public
* @static
*/
static function startScript($force = false)
{
if (USE_BACKGROUND_REGENERATOR) {
$forceRestart = '';
if ($force) {
$forceRestart = ' -F';
} elseif (processManager::hasRunningScript()) {
return false;
}
//test if we're on windows or linux, for the output redirection
if (APPLICATION_IS_WINDOWS) {
if (realpath(PATH_PHP_CLI_WINDOWS) === false) {
CMS_grandFather::raiseError("Unknown CLI location : " . PATH_PHP_CLI_WINDOWS . ", please check your configuration.");
return false;
}
// Create the BAT file
$command = '@echo off' . "\r\n" . 'start /B /LOW ' . realpath(PATH_PHP_CLI_WINDOWS) . ' ' . realpath(PATH_PACKAGES_FS . '\\scripts\\script.php') . ' -m ' . REGENERATION_THREADS . $forceRestart;
$replace = array('program files (x86)' => 'progra~2', 'program files' => 'progra~1', 'documents and settings' => 'docume~1');
$command = str_ireplace(array_keys($replace), $replace, $command);
if (!@touch(PATH_WINDOWS_BIN_FS . "/script.bat")) {
CMS_grandFather::_raiseError("CMS_scriptsManager : startScript : Create file error : " . PATH_WINDOWS_BIN_FS . "/script.bat");
return false;
}
$fh = @fopen(PATH_WINDOWS_BIN_FS . "/script.bat", "wb");
if (is_resource($fh)) {
if (!@fwrite($fh, $command, io::strlen($command))) {
CMS_grandFather::raiseError("Save file error : script.bat");
}
@fclose($fh);
}
$WshShell = new COM("WScript.Shell");
$oExec = $WshShell->Run(str_ireplace(array_keys($replace), $replace, realpath(PATH_WINDOWS_BIN_FS . '\\script.bat')), 0, false);
} else {
$error = '';
if (!defined('PATH_PHP_CLI_UNIX') || !PATH_PHP_CLI_UNIX) {
$return = CMS_patch::executeCommand('which php 2>&1', $error);
if ($error) {
CMS_grandFather::raiseError('Error when finding php CLI with command "which php", please check your configuration : ' . $error);
return false;
}
if (io::substr($return, 0, 1) != '/') {
CMS_grandFather::raiseError('Can\'t find php CLI with command "which php", please check your configuration.');
return false;
}
$return = CMS_patch::executeCommand("cd " . PATH_REALROOT_FS . "; php " . PATH_PACKAGES_FS . "/scripts/script.php -m " . REGENERATION_THREADS . $forceRestart . " > /dev/null 2>&1 &", $error);
if ($error) {
CMS_grandFather::raiseError('Error during execution of script command (cd ' . PATH_REALROOT_FS . '; php ' . PATH_PACKAGES_FS . '/scripts/script.php -m ' . REGENERATION_THREADS . $forceRestart . '), please check your configuration : ' . $error);
return false;
}
} else {
$return = CMS_patch::executeCommand(PATH_PHP_CLI_UNIX . ' -v 2>&1', $error);
if ($error) {
CMS_grandFather::raiseError('Error when testing php CLI with command "' . PATH_PHP_CLI_UNIX . ' -v", please check your configuration : ' . $error);
return false;
}
if (io::strpos(io::strtolower($return), '(cli)') === false) {
CMS_grandFather::raiseError(PATH_PHP_CLI_UNIX . ' is not the CLI version');
return false;
}
$return = CMS_patch::executeCommand("cd " . PATH_REALROOT_FS . "; " . PATH_PHP_CLI_UNIX . " " . PATH_PACKAGES_FS . "/scripts/script.php -m " . REGENERATION_THREADS . $forceRestart . " > /dev/null 2>&1 &", $error);
if ($error) {
CMS_grandFather::raiseError('Error during execution of script command (cd ' . PATH_REALROOT_FS . '; ' . PATH_PHP_CLI_UNIX . ' ' . PATH_PACKAGES_FS . '/scripts/script.php -m ' . REGENERATION_THREADS . $forceRestart . '), please check your configuration : ' . $error);
return false;
}
}
//CMS_grandFather::log($return);
//CMS_grandFather::log("cd ".PATH_REALROOT_FS."; php ".PATH_PACKAGES_FS."/scripts/script.php -m ".REGENERATION_THREADS.$forceRestart." > /dev/null 2>&1 &");
//@system("cd ".PATH_REALROOT_FS."; php ".PATH_PACKAGES_FS."/scripts/script.php -m ".REGENERATION_THREADS.$forceRestart." > /dev/null 2>&1 &");
}
} else {
CMS_session::setSessionVar('start_script', true);
}
}
<tr>
<td width="150" class="admin">
' . $cms_language->getMessage(MESSAGE_PAGE_FIELD_LANGUAGE) . ' :</td>
<td width="350" class="admin">';
$all_languages = CMS_languagesCatalog::getAllLanguages(MOD_CMS_FORMS_CODENAME);
foreach ($all_languages as $aLanguage) {
$checked = $aLanguage->getCode() == $items_language->getCode() ? ' checked="checked"' : '';
$content .= '
<label><input name="items_language" type="radio" value="' . $aLanguage->getCode() . '"' . $checked . ' onclick="submit();" /> ' . $aLanguage->getLabel() . '</label>';
}
$content .= '</td>
</tr>';
// Categories
$a_all_categories = CMS_forms_formularCategories::getAllCategoriesAsArray($cms_language, true);
if (sizeof($a_all_categories)) {
$s_categories_listbox = CMS_moduleCategories_catalog::getListBox(array('field_name' => 'items_ctg', 'items_possible' => $a_all_categories, 'default_value' => CMS_session::getSessionVar("items_ctg"), 'attributes' => 'class="admin_input_text" style="width:250px;"'));
$content .= '
<tr>
<td class="admin">' . $cms_language->getMessage(MESSAGE_PAGE_FIELD_CATEGORY, false, MOD_CMS_FORMS_CODENAME) . ' :</td>
<td class="admin">' . $s_categories_listbox . '</td>
</tr>';
}
$content .= '
<tr>
<td class="admin" colspan="2">
<input type="submit" class="admin_input_submit" value="' . $cms_language->getMessage(MESSAGE_PAGE_ACTION_SHOW) . '" /></td>
</tr>
</form>
</table></fieldset><br />';
$content .= $cms_language->getMessage(MESSAGE_PAGE_HEADING1, false, MOD_CMS_FORMS_CODENAME) . '<br /><br />';
$items = $search->search();
verbose('Read install file...');
$installFile = new CMS_file(PATH_TMP_FS . "/install");
if ($installFile->exists()) {
$install = $installFile->readContent("array");
} else {
report('Error : File ' . PATH_TMP_FS . '/install does not exists ... This file is not a valid Automne patch.', true);
}
$installError = $automnePatch->checkInstall($install, $errorsInfos);
if ($installError) {
report('Error : Invalid install file :');
$stopProcess = $automnePatch->canCorrectErrors($errorsInfos) ? false : true;
report($installError, $stopProcess);
if (!$force) {
//if process continue, then we can correct patch errors.
//save errors infos
CMS_session::setSessionVar('patchErrors', $errorsInfos);
//go to errors correction page
$send = '
<div id="correctUpdateErrors"></div>
<script type="text/javascript">
Ext.getCmp(\'serverWindow\').correctUpdateErrors();
</script>';
$content .= $send;
echo $content;
exit;
}
} else {
verbose('-> Install file is correct.');
}
//start Installation process
report('Start applying patch file...');
/**
* Check if a session token is expired for a given token name
*
* @param string $name, token name to check
* @return boolean : true if token is expired or false otherwise
* @access public
*/
public static function tokenIsExpired($name)
{
//if session token check is disabled, always return false (token never expire)
if (!defined('SESSION_TOKEN_CHECK') || !SESSION_TOKEN_CHECK) {
return false;
}
$tokensDatas = CMS_session::getSessionVar('atm-tokens');
$tokens = $tokensDatas['tokens'];
$tokensTime = $tokensDatas['time'];
$expiredTokens = $tokensDatas['expired'];
$time = time();
if (!isset($tokens[$name]) || isset($tokens[$name]) && $time - $tokensTime[$name] > SESSION_TOKEN_MAXAGE) {
return true;
}
return false;
}
define("MESSAGE_PAGE_ACTION_MOVE_ERROR", 158);
define("MESSAGE_PAGE_STANDARD_MODULE_LABEL", 213);
define("MESSAGE_PAGE_MODULES", 264);
define("MESSAGE_PAGE_MODULES_PARAMETERS", 807);
define("MESSAGE_PAGE_ARCHIVES", 859);
define("MESSAGE_PAGE_ERROR_PAGE_NEVER_VALIDATED", 867);
define("MESSAGE_PAGE_ERROR_MOVE_ROOT", 868);
define("MESSAGE_PAGE_ERROR_FATHER_IS_DESCENDANT", 869);
define("MESSAGE_PAGE_ERROR_FATHER_SIBLINGS_NEVER_VALIDATED", 870);
define("MESSAGE_PAGE_TASK_PENDING", 1090);
define("MESSAGE_PAGE_NO_VALIDATIONS_PENDING", 1113);
define("MESSAGE_PAGE_ERROR_FATHER_IS_IDENTICAL", 1319);
//Action management
if (isset($_GET["cms_action"]) && $_GET["cms_action"] == "displace") {
if ($cms_user->hasAdminClearance(CLEARANCE_ADMINISTRATION_REGENERATEPAGES)) {
$cms_page = CMS_session::getPage();
$father = CMS_tree::getPageByID($_GET["new_father"]);
//augment the execution time, because things here can be quite lengthy
@set_time_limit(9000);
//ignore user abort to avoid interuption of process
@ignore_user_abort(true);
if ($error = CMS_tree::movePage($cms_page, $father)) {
switch ($error) {
case "PAGE_NEVER_VALIDATED":
$errmsg = $cms_language->getMessage(MESSAGE_PAGE_ERROR_PAGE_NEVER_VALIDATED);
break;
case "MOVE_ROOT":
$errmsg = $cms_language->getMessage(MESSAGE_PAGE_ERROR_MOVE_ROOT);
break;
case "FATHER_IS_DESCENDANT":
$errmsg = $cms_language->getMessage(MESSAGE_PAGE_ERROR_FATHER_IS_DESCENDANT);
/**
* Factory, instanciate a sender from current context
*
* @return CMS_forms_sender
*/
function getSenderForContext()
{
//sender does not exists in DB so create a new one*/
$obj = new CMS_forms_sender();
$obj->setAttribute('sessionID', Zend_Session::getId());
if (io::isPositiveInteger(CMS_session::getUserID())) {
$obj->setAttribute('userID', CMS_session::getUserID());
}
$obj->setAttribute('clientIP', @$_SERVER["REMOTE_ADDR"]);
if (isset($_SERVER["HTTP_ACCEPT_LANGUAGE"])) {
$obj->setAttribute('languages', @$_SERVER["HTTP_ACCEPT_LANGUAGE"]);
}
$obj->setAttribute('userAgent', @$_SERVER["HTTP_USER_AGENT"]);
return $obj;
}
$view->addJavascript($jscontent);
//set form HTML
$content = '<div class="x-panel x-form-label-left" style="width: 374px;">
<div class="x-panel-tl">
<div class="x-panel-tr">
<div class="x-panel-tc"></div>
</div>
</div>
<div class="x-panel-bwrap">
<div class="x-panel-ml">
<div class="x-panel-mr">
<div class="x-panel-mc">
<div style="width: 362px; height: 126px;" class="x-panel-body">
<form id="loginForm" class="x-form" method="post" action="' . $_SERVER['SCRIPT_NAME'] . '">
<input name="cms_action" value="login" type="hidden" />
<input name="atm-token" value="' . CMS_session::getToken('login') . '" type="hidden" />
<div class="x-form-item" tabindex="-1">
<label for="loginField" style="width: 90px;" class="x-form-item-label">' . $cms_language->getMessage(MESSAGE_PAGE_LOGIN) . ':</label>
<div class="x-form-element" style="padding-left: 95px;">
<input style="width: 240px;" class="x-form-text x-form-field" autocomplete="on" id="loginField" name="login" type="text" value="' . (isset($_POST['login']) ? io::htmlspecialchars($_POST['login']) : '') . '" />
</div>
<div class="x-form-clear-left"></div>
</div>
<div class="x-form-item" tabindex="-1">
<label for="passField" style="width: 90px;" class="x-form-item-label">' . $cms_language->getMessage(MESSAGE_PAGE_PASSWORD) . ':</label>
<div class="x-form-element" style="padding-left: 95px;">
<input style="width: 240px;" class="x-form-text x-form-field" autocomplete="on" id="passField" name="pass" type="password" value="' . (isset($_POST['pass']) ? io::htmlspecialchars($_POST['pass']) : '') . '" />
</div>
<div class="x-form-clear-left"></div>
</div>
<div class="x-form-item" tabindex="-1">
/**
* This function is called to catch and launch all FE forms actions
*
* @param array $formIDs : the forms ids to check for actions
* @param integer $pageID : the current page id
* @param boolean $public : the data status
* @param string $languageCode : the language code used
* @param reference array $polymodFormsError : the forms error status to return
* @param reference array $polymodFormsItem : reference to the forms item
* @return boolean : true on success, false on failure
* @access public
* @static
*/
static function formActions($formIDs, $pageID, $languageCode, $public, &$polymodFormsError, &$polymodFormsItems)
{
global $cms_language, $cms_user;
if (!is_array($formIDs)) {
return false;
}
foreach ($formIDs as $formID) {
if (io::request('formID') && io::request('formID') == $formID) {
if (!isset($cms_language) || $cms_language->getCode() != $languageCode) {
$cms_language = new CMS_language($languageCode);
}
//instanciate item
$item = '';
if (io::request('object', 'io::isPositiveInteger', '')) {
//check user rights on module
$module = CMS_poly_object_catalog::getModuleCodenameForObjectType(io::request('object'));
//Check user rights
//here assume than user should only need the view right on module, because admin right allow Automne administration access
if (!is_object($cms_user) || !$cms_user->hasModuleClearance($module, CLEARANCE_MODULE_VIEW)) {
CMS_grandFather::raiseError('No user found or user has no administration rights on module ' . $module);
return false;
}
//instanciate object
$object = CMS_poly_object_catalog::getObjectDefinition(io::request('object'));
if ($object && io::request('item', 'io::isPositiveInteger', '')) {
$search = new CMS_object_search($object, false);
$search->addWhereCondition('item', io::request('item'));
$items = $search->search();
if (isset($items[io::request('item')])) {
$item = $items[io::request('item')];
} else {
$item = new CMS_poly_object($object->getID());
}
} else {
$item = new CMS_poly_object($object->getID());
}
}
if (is_object($item) && !$item->hasError()) {
//get item fieldsObjects
$fieldsObjects =& $item->getFieldsObjects();
//checks and assignments
$item->setDebug(false);
//first, check mandatory values
foreach ($fieldsObjects as $fieldID => $aFieldObject) {
//if field is part of formular
if (isset($_REQUEST['polymodFields'][$fieldID])) {
if (!$item->checkMandatory($fieldID, $_REQUEST, '')) {
$polymodFormsError[$formID]['required'][$fieldID] = $fieldID;
}
}
}
//second, set values for all fields
foreach ($fieldsObjects as $fieldID => $aFieldObject) {
//if field is part of formular
if (isset($_REQUEST['polymodFields'][$fieldID])) {
//if form use a callback, call it
//do not use call_user_function here
$funcName = 'form_' . $formID . '_' . $fieldID;
if (!$item->setValues($fieldID, $_REQUEST, '')) {
$polymodFormsError[$formID]['malformed'][] = $fieldID;
} elseif (!isset($polymodFormsError[$formID]['required'][$fieldID]) && function_exists('form_' . $formID . '_' . $fieldID) && !$funcName($formID, $fieldID, $item)) {
$polymodFormsError[$formID]['malformed'][] = $fieldID;
}
}
}
//set publication dates if needed
if (isset($_REQUEST['polymodFields']) && $_REQUEST['polymodFields']) {
if ($object->isPrimaryResource()) {
// Dates management
$dt_beg = new CMS_date();
$dt_beg->setDebug(false);
$dt_beg->setFormat($cms_language->getDateFormat());
$dt_end = new CMS_date();
$dt_end->setDebug(false);
$dt_end->setFormat($cms_language->getDateFormat());
if (!($dt_set_1 = $dt_beg->setLocalizedDate(@$_REQUEST["pub_start"], true))) {
$polymodFormsError[$formID]['malformed'][] = 'pub_start';
}
if (!($dt_set_2 = $dt_end->setLocalizedDate(@$_REQUEST["pub_end"], true))) {
$polymodFormsError[$formID]['malformed'][] = 'pub_end';
}
//if $dt_beg && $dt_end, $dt_beg must be lower than $dt_end
if (!$dt_beg->isNull() && !$dt_end->isNull()) {
if (CMS_date::compare($dt_beg, $dt_end, '>')) {
$polymodFormsError[$formID]['malformed'][] = 'pub_start';
$polymodFormsError[$formID]['malformed'][] = 'pub_end';
$dt_set_1 = $dt_set_2 = false;
}
}
if ($dt_set_1 && $dt_set_2) {
$item->setPublicationDates($dt_beg, $dt_end);
}
}
}
//Check form token
if (!isset($_POST["atm-token"]) || !CMS_session::checkToken(MOD_POLYMOD_CODENAME . '-' . $formID, $_POST["atm-token"])) {
$polymodFormsError[$formID]['error'][] = 'form-token';
return false;
} else {
//Token is used so expire it
CMS_session::expireToken(MOD_POLYMOD_CODENAME . '-' . $formID);
}
if (!$polymodFormsError[$formID]) {
//save the data
if (!$item->writeToPersistence()) {
$polymodFormsError[$formID]['error'][] = 'write';
$polymodFormsError[$formID]['filled'] = 0;
} else {
$polymodFormsError[$formID]['filled'] = 1;
//if form use a callback, call it
//do not use call_user_function here
$funcName = 'form_' . $formID;
if (function_exists('form_' . $formID) && !$funcName($formID, $item)) {
$polymodFormsError[$formID]['filled'] = 0;
$polymodFormsError[$formID]['error'][] = 'callback';
}
}
//if item is a primary resource, unlock it
if ($object->isPrimaryResource()) {
$item->unlock();
}
} else {
$polymodFormsError[$formID]['filled'] = 0;
}
//save item for later use
$polymodFormsItems[$formID] = $item;
} else {
$polymodFormsError[$formID]['filled'] = 0;
$polymodFormsError[$formID]['error'][] = 'right';
CMS_grandFather::raiseError('No item found or user has no administration rights on item... ');
return false;
}
}
}
return true;
}
$profileId = $profile->getId();
if (!isset($profile) || $profile->hasError()) {
CMS_grandFather::raiseError('Unknown profile for given Id : ' . $profileId);
$view->show();
}
// +----------------------------------------------------------------------+
// | Session management |
// +----------------------------------------------------------------------+
//Set max depth (iterations count)
if ($maxDepth) {
CMS_session::setSessionVar("modules_clearances_max_depth", $maxDepth);
}
if (!sensitiveIO::isPositiveInteger(CMS_session::getSessionVar("modules_clearances_max_depth"))) {
CMS_session::setSessionVar("modules_clearances_max_depth", 3);
}
$maxDepth = CMS_session::getSessionVar("modules_clearances_max_depth");
// Colors used to visualize access level
$clearance_colors = array(CLEARANCE_MODULE_NONE => '#FF7E71', CLEARANCE_MODULE_VIEW => '#e2faaa', CLEARANCE_MODULE_EDIT => '#CFE779', CLEARANCE_MODULE_MANAGE => '#85A122');
$bg_color_selected = "#fdf5a2";
//if user belongs to groups, all fields are disabled
$disableFields = $profile->hasAdminClearance(CLEARANCE_ADMINISTRATION_EDITVALIDATEALL) || $isUser && sizeof(CMS_profile_usersGroupsCatalog::getGroupsOfUser($profile, true)) ? true : false;
//unique hash relative to user module
$hash = md5($moduleCodename . '-' . $profileId);
/**
* Module Elements rights
* (This is recycled code from the V3)
*/
if (!function_exists("build_items_tree")) {
/**
* Recursive function to build items tree.
*
/**
* Test user auto login to see if it is active
*
* @return boolean true if autologin is active, false otherwise
* @access public
* @static
*/
function autoLoginActive()
{
if (!isset($_COOKIE[CMS_session::getAutoLoginCookieName()])) {
return false;
}
$attrs = @explode("|", base64_decode($_COOKIE[CMS_session::getAutoLoginCookieName()]));
$id_ses = (int) $attrs[0];
$session_id = $attrs[1];
if ($id_ses > 0 && $session_id) {
$sql = "\n\t\t\t\tselect\n\t\t\t\t\t*\n\t\t\t\tfrom\n\t\t\t\t\tsessions\n\t\t\t\twhere\n\t\t\t\t\tid_ses = '" . SensitiveIO::sanitizeSQLString($id_ses) . "'\n\t\t\t\t\tand phpid_ses = '" . SensitiveIO::sanitizeSQLString($session_id) . "'\n\t\t\t\t\tand cookie_expire_ses != '0000-00-00 00:00:00'\n\t\t\t";
if (CHECK_REMOTE_IP_MASK && isset($_SERVER['REMOTE_ADDR'])) {
//Check for a range in IPv4 or for the exact address in IPv6
if (filter_var($_SERVER['REMOTE_ADDR'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) {
$a_ip_seq = explode(".", $_SERVER['REMOTE_ADDR']);
$sql .= "and remote_addr_ses like '" . SensitiveIO::sanitizeSQLString($a_ip_seq[0] . "." . $a_ip_seq[1] . ".") . "%'\n\t\t\t\t\t";
} else {
$sql .= "and remote_addr_ses = '" . SensitiveIO::sanitizeSQLString($_SERVER['REMOTE_ADDR']) . "'\n\t\t\t\t\t";
}
}
$q = new CMS_query($sql);
if ($q->getNumRows() == 1) {
return true;
}
}
return false;
}
}
//debug
if (SYSTEM_DEBUG && $cms_user->hasAdminClearance(CLEARANCE_ADMINISTRATION_EDITVALIDATEALL)) {
$welcomeMsg .= '<br /><br /><span class="atm-red">' . $cms_language->getJsMessage(MESSAGE_PAGE_DEBUG) . '</span> ' . $cms_language->getJsMessage(MESSAGE_PAGE_PRESS_F2_FOR_LOG);
}
$jscontent = '
//show front page in tab
Automne.tabPanels.getActiveTab().setFrameURL(\'' . PATH_REALROOT_WR . '/\');
Automne.tabPanels.getActiveTab().reload();
//load interface
Automne.load(' . sensitiveIO::jsonEncode($userSessionsInfos) . ');
//display welcome message
Automne.message.show(\'' . sensitiveIO::sanitizeJSString($welcome) . '\', \'' . sensitiveIO::sanitizeJSString($welcomeMsg) . '\', \'\', 6);
';
//add all JS locales
$jscontent .= CMS_session::getJSLocales();
$view->addJavascript($jscontent);
$view->show(CMS_view::SHOW_RAW);
} else {
unset($cms_user);
}
break;
}
//Send Login form window
$applicationLabel = io::htmlspecialchars(APPLICATION_LABEL);
$loginURL = PATH_ADMIN_WR . '/login-form.php?_ts=' . time();
$rootPath = PATH_REALROOT_WR;
$jscontent = <<<END
\tvar loginWindow = new Automne.frameWindow({
\t\ttitle: \t\t\t'{$cms_language->getJsMessage(MESSAGE_PAGE_TITLE, array($applicationLabel))}',
\t\tid:\t\t\t\t'loginWindow',
$a_all_categories = CMS_moduleCategories_catalog::getAllCategoriesAsArray($cms_user, $cms_module->getCodename(), $cms_language);
if (!sizeof($a_all_categories)) {
//user has no right on categories so he can't edit/create items
header("Location: " . $cms_module->getAdminFrontendPath(PATH_RELATIVETO_WEBROOT) . "?cms_message_id=65&" . session_name() . "=" . session_id());
exit;
}
$s_categories_listboxes = CMS_moduleCategories_catalog::getListBoxes(array('field_name' => 'ids', 'items_possible' => $a_all_categories, 'items_selected' => $item_relations->getCategoriesIds(), 'select_width' => '250px', 'select_height' => '120px', 'form_name' => 'frmitem'));
// Default check statuses for radios
$public = array();
$public[1] = $item->getAttribute('public') === true ? ' checked="checked"' : '';
$public[0] = $item->getAttribute('public') === false ? ' checked="checked"' : '';
$content = '
<table border="0" cellpadding="3" cellspacing="2">
<form name="frmitem" action="' . $_SERVER["SCRIPT_NAME"] . '" method="post" enctype="multipart/form-data" onSubmit="getSelectedOptionsInField_ids();">
<input type="hidden" name="cms_action" value="validate" />
<input type="hidden" name="language" value="' . CMS_session::getSessionVar("items_language") . '" />
<input id="itemId" type="hidden" name="item" value="' . $item->getID() . '" />
<tr>
<td class="admin" align="right">
<span class="admin_text_alert">*</span> ' . $cms_language->getMessage(MESSAGE_PAGE_FIELD_LABEL, false, MOD_CMS_FORMS_CODENAME) . ' :</td>
<td class="admin">
<input type="text" size="30" class="admin_input_text" name="name" value="' . io::htmlspecialchars($item->getAttribute('name')) . '" /></td>
</tr>
<tr>
<td class="admin" align="right">
<span class="admin_text_alert">*</span> ' . $cms_language->getMessage(MESSAGE_PAGE_FIELD_RECEIVEDATA, false, MOD_CMS_FORMS_CODENAME) . ' :</td>
<td class="admin">
<input id="frm_open" type="radio" name="public" value="1"' . $public[1] . ' /><label for="frm_open">' . $cms_language->getMessage(MESSAGE_PAGE_FIELD_FORM_OPEN, false, MOD_CMS_FORMS_CODENAME) . '</label>
<input id="frm_closed" type="radio" name="public" value="-1"' . $public[0] . ' /><label for="frm_closed">' . $cms_language->getMessage(MESSAGE_PAGE_FIELD_FORM_CLOSED, false, MOD_CMS_FORMS_CODENAME) . '</label>
</td>
</tr>
$view->setSecure();
$winId = sensitiveIO::request('winId');
$fatherId = sensitiveIO::request('fatherId');
if (!$winId) {
CMS_grandFather::raiseError('Unknown window Id ...');
$view->show();
}
//CHECKS user has row edition clearance
if (!$cms_user->hasAdminClearance(CLEARANCE_ADMINISTRATION_TEMPLATES)) {
//rows
CMS_grandFather::raiseError('User has no rights on rows editions');
$view->setActionMessage($cms_language->getMessage(MESSAGE_ERROR_NO_RIGHTS_FOR_ROWS));
$view->show();
}
//usefull vars
$recordsPerPage = CMS_session::getRecordsPerPage();
//
// Search Panel
//
$searchPanel = '';
// Keywords
$searchPanel .= "{\n\tfieldLabel:\t\t'{$cms_language->getJSMessage(MESSAGE_PAGE_BY_NAME_DESCRIPTION)}',\n\txtype:\t\t\t'textfield',\n\tname: \t\t\t'keyword',\n\tvalue:\t\t\t'',\n\tminLength:\t\t3,\n\tanchor:\t\t\t'-20px',\n\tvalidateOnBlur:\tfalse,\n\tlisteners:\t\t{\n\t\t'valid':{\n\t\t\tfn: \t\t\trowWindow.search, \n\t\t\toptions:\t\t{buffer:300}\n\t\t},\n\t\t'invalid':{\n\t\t\tfn: function(field, event) {\n\t\t\t\tif (!isNaN(parseInt(field.getValue()))) {\n\t\t\t\t\tfield.clearInvalid();\n\t\t\t\t\tfield.fireEvent('valid', field);\n\t\t\t\t} else if (!field.getValue()) {\n\t\t\t\t\tfield.clearInvalid();\n\t\t\t\t}\n\t\t\t}, \n\t\t\toptions:\t\t{buffer:300}\n\t\t}\n\t}\n},";
$allGroups = CMS_rowsCatalog::getAllGroups();
natcasesort($allGroups);
if ($allGroups) {
$columns = sizeof($allGroups) < 2 ? sizeof($allGroups) : 2;
$searchPanel .= "{\n\t\txtype: \t\t'checkboxgroup',\n\t\tfieldLabel: '{$cms_language->getJSMessage(MESSAGE_PAGE_GROUPS)}',\n\t\tcolumns: \t{$columns},\n\t\titems: [";
foreach ($allGroups as $aGroup) {
$searchPanel .= "{boxLabel: '{$aGroup}', inputValue:'{$aGroup}', name: 'groups[]', listeners: {'check':rowWindow.search}},";
}
//remove last comma from groups
// check if there are other sortable object than creation date
if (count($items_possible) > 1) {
$sortValue = CMS_session::getSessionVar('sort_' . $object->getID());
$sortValue = $sortValue ? $sortValue : 'objectID';
$sortValues = array();
foreach ($items_possible as $key => $label) {
$sortValues[] = array('id' => $key, 'label' => $label);
}
$sortValues = sensitiveIO::jsonEncode($sortValues);
$sortItem = "{\n\t\txtype:\t\t\t\t'combo',\n\t\tname:\t\t\t\t'sort_{$object->getID()}',\n\t\thiddenName:\t\t \t'sort_{$object->getID()}',\n\t\tforceSelection:\t\ttrue,\n\t\tfieldLabel:\t\t\t'{$cms_language->getJSMessage(MESSAGE_PAGE_FIELD_SORT, false, MOD_POLYMOD_CODENAME)}',\n\t\tmode:\t\t\t\t'local',\n\t\ttriggerAction:\t\t'all',\n\t\tvalueField:\t\t\t'id',\n\t\tdisplayField:\t\t'label',\n\t\tvalue:\t\t\t\t'{$sortValue}',\n\t\tanchor:\t\t\t\t'98%',\n\t\tstore:\t\t\t\tnew Ext.data.JsonStore({\n\t\t\tfields:\t\t\t\t['id', 'label'],\n\t\t\tdata:\t\t\t\t{$sortValues}\n\t\t}),\n\t\tallowBlank:\t\t \tfalse,\n\t\tselectOnFocus:\t\ttrue,\n\t\teditable:\t\t\tfalse,\n\t\tvalidateOnBlur:\t\tfalse,\n\t\tlisteners:\t\t\t{'valid':moduleObjectWindow.search}\n\t}";
} else {
$sortItem = "{\n\t\txtype:\t\t\t\t'textfield',\n\t\tfieldLabel:\t\t\t'{$cms_language->getJSMessage(MESSAGE_PAGE_FIELD_SORT, false, MOD_POLYMOD_CODENAME)}',\n\t\tanchor:\t\t\t\t'98%',\n\t\tdisabled:\t\t\ttrue,\n\t\tvalue:\t\t\t\t'{$items_possible['objectID']}',\n\t\tlisteners:\t\t\t{'valid':moduleObjectWindow.search}\n\t}";
}
// build direction select
$items_possible = array('asc' => $cms_language->getMessage(MESSAGE_PAGE_FIELD_ASC, false, MOD_POLYMOD_CODENAME), 'desc' => $cms_language->getMessage(MESSAGE_PAGE_FIELD_DESC, false, MOD_POLYMOD_CODENAME));
$dirValue = CMS_session::getSessionVar('direction_' . $object->getID());
$dirValue = $dirValue ? $dirValue : 'desc';
$dirValues = array();
foreach ($items_possible as $key => $label) {
$dirValues[] = array('id' => $key, 'label' => $label);
}
$dirValues = sensitiveIO::jsonEncode($dirValues);
$searchPanel .= "{\n\tlayout:\t\t\t'column',\n\txtype:\t\t\t'panel',\n\tborder:\t\t\tfalse,\n\tanchor:\t\t\t'-20px',\n\titems:[{\n\t\tcolumnWidth:\t.65,\n\t\tlayout: \t\t'form',\n\t\tborder:\t\t\tfalse,\n\t\titems: \t\t\t[{$sortItem}]\n\t},{\n\t\tcolumnWidth:\t.35,\n\t\tlayout: \t\t'form',\n\t\tborder:\t\t\tfalse,\n\t\titems: [{\n\t\t\txtype:\t\t\t\t'combo',\n\t\t\tname:\t\t\t\t'direction_{$object->getID()}',\n\t\t\thiddenName:\t\t \t'direction_{$object->getID()}',\n\t\t\tforceSelection:\t\ttrue,\n\t\t\tfieldLabel:\t\t\t' ',\n\t\t\tlabelSeparator:\t\t'',\n\t\t\tmode:\t\t\t\t'local',\n\t\t\ttriggerAction:\t\t'all',\n\t\t\tvalueField:\t\t\t'id',\n\t\t\tdisplayField:\t\t'label',\n\t\t\tvalue:\t\t\t\t'{$dirValue}',\n\t\t\tanchor:\t\t\t\t'100%',\n\t\t\tstore:\t\t\t\tnew Ext.data.JsonStore({\n\t\t\t\tfields:\t\t\t\t['id', 'label'],\n\t\t\t\tdata:\t\t\t\t{$dirValues}\n\t\t\t}),\n\t\t\tvalidateOnBlur:\t\tfalse,\n\t\t\tallowBlank:\t\t \tfalse,\n\t\t\tselectOnFocus:\t\ttrue,\n\t\t\teditable:\t\t\tfalse,\n\t\t\tlisteners:\t\t\t{'valid':moduleObjectWindow.search}\n\t\t}]\n\t}]\n},";
$description = sensitiveIO::sanitizeJSString($object->getDescription($cms_language));
if ($description) {
$searchPanel .= "{\n\t\txtype:\t\t\t'panel',\n\t\tborder:\t\t\tfalse,\n\t\thtml:\t\t\t'<div style=\"color:grey;padding-top:15px;\">{$description}</div>'\n\t},";
}
//check for included file
$filename = PATH_ADMIN_FS . '/inc/' . $codename . "_" . $objectId . "_" . $cms_language->getCode() . ".inc.php";
if (file_exists($filename)) {
ob_start();
*
* @package Automne
* @subpackage admin
* @author Sébastien Pauchet <*****@*****.**>
*/
require_once dirname(__FILE__) . '/../../cms_rc_frontend.php';
define("MESSAGE_PAGE_TITLE", 51);
define("MESSAGE_PAGE_LOADING", 1321);
//load language object
$language = CMS_languagesCatalog::getDefaultLanguage(true);
//load interface instance
$view = CMS_view::getInstance();
//Disconnect user
if (io::request('cms_action') == 'logout') {
//Disconnect user
CMS_session::authenticate(array('disconnect' => true));
//Reset session (start fresh)
Zend_Session::destroy();
//Redirect
header("Location: " . PATH_ADMIN_WR . '/');
exit;
}
//set main and ext CSS
$view->addCSSFile('ext');
$view->addCSSFile('main');
$view->addCSSFile('codemirror');
if (SYSTEM_DEBUG) {
$view->addCSSFile('debug');
}
//set needed JS files
if (SYSTEM_DEBUG) {
/**
* Function to get current time in microsecond
*/
function getmicrotime()
{
return CMS_stats::getmicrotime();
}
// Start output buffering for compression so we don't prevent
// headers from being sent if there's a blank line in an included file
if (!defined('HTML_COMPRESSION_STARTED') && APPLICATION_EXEC_TYPE != 'cli') {
ob_start('atm_compress_handler');
}
//Session operations
if (APPLICATION_CONFIG_LOADED && APPLICATION_EXEC_TYPE == 'http') {
//Start Automne session
CMS_session::init();
//load current user if exists
$cms_user = CMS_session::getUser();
$cms_context = new CMS_context();
if ($cms_user) {
$cms_language = $cms_user->getLanguage();
} else {
unset($cms_user);
}
}
//force module standard loading
if (!class_exists('CMS_module_standard')) {
die('Cannot find standard module ...');
}
//regenerate current page if needed
atm_regen();
* @author Sébastien Pauchet <*****@*****.**>
*/
require_once dirname(__FILE__) . '/../../cms_rc_admin.php';
//load interface instance
$view = CMS_view::getInstance();
//set default display mode for this page
$view->setDisplayMode(CMS_view::SHOW_JSON);
//This file is an admin file. Interface must be secure
$view->setSecure();
//get search vars
$search = sensitiveIO::request('search');
$letter = sensitiveIO::request('letter');
$sort = sensitiveIO::request('sort');
$dir = sensitiveIO::request('dir');
$start = sensitiveIO::request('start', 'sensitiveIO::isPositiveInteger', 0);
$limit = sensitiveIO::request('limit', 'sensitiveIO::isPositiveInteger', CMS_session::getRecordsPerPage());
$userId = sensitiveIO::request('userId', 'sensitiveIO::isPositiveInteger');
$filter = sensitiveIO::request('filter') ? true : false;
$groupsDatas = array();
$groupsDatas['groups'] = array();
if (!$cms_user->hasAdminClearance(CLEARANCE_ADMINISTRATION_EDITUSERS)) {
CMS_grandFather::raiseError('User has no users management rights ...');
$view->setContent($groupsDatas);
$view->show();
}
//load user's groups if any
if ($userId) {
$userGroups = CMS_profile_usersGroupsCatalog::getGroupsOfUser($userId, true);
} else {
$userGroups = array();
}
//add message if any
if ($cms_message) {
$dialog->setActionMessage($cms_message);
}
//add back link
if ($backLink) {
//links are coded in query string and so ? are replaced by §§ and ampersands are replaced with § to avoid confusion
$bl = str_replace(chr(167) . chr(167), "?", $backLink);
$bl = str_replace(chr(167), "&", $bl);
$dialog->setBackLink(SensitiveIO::sanitizeHTMLString($bl));
}
//first make a diff beetween current queried Root and all user sections to see wich sections missing.
$getRoot = array($startRoot);
$displayed = array();
$cms_root = CMS_tree::getRoot();
$sectionsRoots = CMS_session::getSessionVar('sectionsRoots');
foreach ($getRoot as $aRootID) {
if ($pages[$aRootID]) {
$treeRoot = $pages[$aRootID];
} else {
$treeRoot = CMS_tree::getPageByID($aRootID);
$pages[$aRootID] = $treeRoot;
}
if (!$treeRoot || $treeRoot->hasError()) {
die("Unknown tree root to display ...");
}
$lineages[$aRootID] = CMS_tree::getLineage($cms_root->getID(), $treeRoot->getID(), false);
if (is_array($sectionsRoots)) {
foreach ($lineages[$aRootID] as $aLineagePage) {
if (in_array($aLineagePage, $sectionsRoots)) {
//remove this section to all user sections
/**
* Get content for this formular means a PHP/XHTML source code executable
* representing full working form
*
* @param constant $actionParams : add some params to form execution (default : false, return form just as it is in db)
* - self::REMOVE_FORM_SUBMIT : form can't be submitted, throw js alert message
* - self::ALLOW_FORM_SUBMIT : form can be submitted, add form action, hidden fields, selected values, etc. (used in public mode)
* @param array $fieldsError : add an array of error fields' id
* @access public
* @return XHTML string
*/
function getContent($actionParams = false, $fieldsError = array())
{
global $cms_language;
if ($actionParams === false) {
return $this->_source;
}
$source = $this->_source;
switch ($actionParams) {
case self::REMOVE_FORM_SUBMIT:
//disable submit with javascript
$source = str_replace('<form ', '<form onsubmit="alert(\'' . addslashes($cms_language->getMessage(self::MESSAGE_CMS_FORMS_SUBMIT_NOT_ALLOWED, false, MOD_CMS_FORMS_CODENAME)) . '\');return false;" ', $source);
break;
case self::ALLOW_FORM_SUBMIT:
//get fields
$fields = $this->getFields(true);
$referer = isset($_REQUEST['referer']) ? sensitiveIO::sanitizeHTMLString($_REQUEST['referer']) : null;
//and add already selected values (from $_POST global values)
//$xml2Array = new CMS_xml2Array(str_replace('&', '&',io::decodeEntities($source)));
$xml2Array = new CMS_xml2Array($source, CMS_xml2Array::XML_ENCLOSE | CMS_xml2Array::XML_PROTECT_ENTITIES);
//parse XHTML form content
$xmlArray = $xml2Array->getParsedArray();
//add already selected values
$this->_fillSelectedFormValues($xmlArray, $fields, $fieldsError);
//then convert back into XHTML
$source = $xml2Array->toXML($xmlArray);
//add target and hidden fields
$source = preg_replace('#<form([^>]+)>#U', '<form action="' . $_SERVER["SCRIPT_NAME"] . (isset($_SERVER['QUERY_STRING']) ? '?' . sensitiveIO::sanitizeHTMLString($_SERVER['QUERY_STRING']) : '') . '#formAnchor' . $this->getID() . '" method="post" enctype="multipart/form-data"\\1>' . "\n" . '<input type="hidden" name="cms_action" value="validate" />' . "\n" . '<input type="hidden" name="atm-token" value="' . CMS_session::getToken(MOD_CMS_FORMS_CODENAME) . '" />' . "\n" . '<input type="hidden" name="formID" value="' . $this->getID() . '" />' . "\n" . '<input type="hidden" name="referer" value="' . $referer . '" />' . "\n", $source);
//pr(io::htmlspecialchars($source));
break;
}
return $source;
}
$cms_message = $cms_language->getMessage(MESSAGE_ACTION_OPERATION_DONE);
} else {
$cms_message = $cms_language->getMessage(MESSAGE_PAGE_ACTION_ORDERING_ERROR);
}
}
break;
}
if ($_GET["records_per_page"]) {
CMS_session::setRecordsPerPage($_GET["records_per_page"]);
}
if ($_GET["bookmark"]) {
CMS_session::setBookmark($_GET["bookmark"]);
}
$websites = CMS_websitesCatalog::getAll('order');
$records_per_page = CMS_session::getRecordsPerPage();
$bookmark = CMS_session::getBookmark();
$pages = ceil(sizeof($websites) / $records_per_page);
$first_record = ($bookmark - 1) * $records_per_page;
$dialog = new CMS_dialog();
$content = '';
$dialog->setTitle($cms_language->getMessage(MESSAGE_PAGE_TITLE));
if ($cms_message) {
$dialog->setActionMessage($cms_message);
} elseif (io::request('cms_message_id', 'io::isPositiveInteger')) {
$dialog->setActionMessage($cms_language->getMessage(io::request('cms_message_id')));
}
$content .= '
<script language="JavaScript" type="text/javascript" src="' . PATH_ADMIN_WR . '/v3/js/coordinates.js"></script>
<script language="JavaScript" type="text/javascript" src="' . PATH_ADMIN_WR . '/v3/js/drag.js"></script>
<script language="JavaScript" type="text/javascript" src="' . PATH_ADMIN_WR . '/v3/js/dragsort.js"></script>
<script language="JavaScript" type="text/javascript">
} elseif ($limitToOrderedItems) {
//If we must limit to some specific items ordered (usually used for polymod multi_poly_object field)
$search->addWhereCondition("itemsOrdered", $limitToOrderedItems);
} else {
// Params : paginate limit
$search->setAttribute('itemsPerPage', $limit);
$search->setAttribute('page', $start / $limit);
// Params : set default direction direction
if (!CMS_session::getSessionVar('direction_' . $object->getID())) {
CMS_session::setSessionVar('direction_' . $object->getID(), 'desc');
}
// Params : order
if (CMS_session::getSessionVar('sort_' . $object->getID())) {
$search->addOrderCondition(CMS_session::getSessionVar('sort_' . $object->getID()), CMS_session::getSessionVar('direction_' . $object->getID()));
} else {
$search->addOrderCondition('objectID', CMS_session::getSessionVar('direction_' . $object->getID()));
}
}
//launch search
$search->search(CMS_object_search::POLYMOD_SEARCH_RETURN_INDIVIDUALS_OBJECTS);
// Vars for lists output purpose and pages display, see further
$itemsDatas['total'] = $search->getNumRows();
//Get parsed result definition
if ($resultsDefinition) {
$definitionParsing = new CMS_polymod_definition_parsing($resultsDefinition, true, CMS_polymod_definition_parsing::PARSE_MODE);
}
//loop on results items
while ($item = $search->getNextResult()) {
//Process actions on item if any
//Unlock item
if ($unlock && $object->isPrimaryResource()) {
if (!$cms_page->isUseable() || $followRedirect) {
if (!$cms_page->isUseable()) {
//page is deleted, go to root
$cms_page = CMS_tree::getRoot();
}
//redirect to subpage if any redirection exists
$redirectlink = $cms_page->getRedirectLink(true);
while ($redirectlink->hasValidHREF() && sensitiveIO::IsPositiveInteger($redirectlink->getInternalLink())) {
$cms_page = new CMS_page($redirectlink->getInternalLink());
$redirectlink = $cms_page->getRedirectLink(true);
}
$pageId = $cms_page->getID();
}
pr('View page : ' . $cms_page->getID() . ($reload ? ' (Force reload queried by interface)' : ''));
//set page into user context
CMS_session::setPage($cms_page);
//for the page, create all javascript informations needed
$hasPreviz = $hasPublic = $hasDraft = $isEditable = $hasLock = $hasRedirect = false;
//which panels can be seen by user (according to his rights)
//this array represent the order of each panel (left to right)
$userPanels = array('search' => array('type' => 'searchPanel', 'visible' => true), 'tree' => array('type' => 'winPanel', 'visible' => false), 'favorite' => array('type' => 'favoritePanel', 'visible' => $cms_user->hasModuleClearance(MOD_STANDARD_CODENAME, CLEARANCE_MODULE_VIEW)), 'action' => array('type' => 'menuPanel', 'visible' => false), 'add' => array('type' => 'winPanel', 'visible' => false), 'properties' => array('type' => 'winPanel', 'visible' => false), 'edit' => array('type' => 'framePanel', 'visible' => false), 'edited' => array('type' => 'framePanel', 'visible' => false), 'public' => array('type' => 'framePanel', 'visible' => true), 'nopages' => array('type' => 'framePanel', 'visible' => false), 'norights' => array('type' => 'framePanel', 'visible' => false));
//check for public page
if ($cms_user->hasPageClearance($cms_page->getID(), CLEARANCE_PAGE_VIEW)) {
if ($cms_page->getPublication() == RESOURCE_PUBLICATION_PUBLIC) {
$hasPublic = true;
}
}
//check for tree access
if ($cms_user->hasViewvablePages()) {
$userPanels['tree']['visible'] = true;
}
// | Author: Antoine Pouch <*****@*****.**> & |
// | Author: Sébastien Pauchet <*****@*****.**> |
// +----------------------------------------------------------------------+
//
// $Id: page-previsualization.php,v 1.5 2010/03/08 16:41:19 sebastien Exp $
/**
* PHP page : page previsualization
* Used to view the page edited data.
*
* @package Automne
* @subpackage admin
* @author Antoine Pouch <*****@*****.**> &
* @author Sébastien Pauchet <*****@*****.**>
*/
require_once dirname(__FILE__) . '/../../cms_rc_admin.php';
$currentPage = sensitiveIO::request('currentPage', 'sensitiveIO::isPositiveInteger', CMS_session::getPageID());
$draft = sensitiveIO::request('draft') ? true : false;
//unset request to avoid it to have interaction with page code
sensitiveIO::unsetRequest(array('draft', 'currentPage'));
//CHECKS
if (!SensitiveIO::isPositiveInteger($currentPage)) {
die("Invalid page");
}
//view edited or edition mode ?
$cms_visual_mode = $draft ? PAGE_VISUALMODE_HTML_EDITION : PAGE_VISUALMODE_HTML_EDITED;
$cms_page = CMS_tree::getPageByID($currentPage);
if (!$cms_user->hasPageClearance($cms_page->getID(), CLEARANCE_PAGE_EDIT)) {
die('No rigths on page ...');
exit;
}
//unset vars to avoid interraction with page
/**
* Get current context hash (usually used for cache)
*
* @param array $datas, additionnal datas to use for cache
* @return string : the current context cache
* @access public
* @static
*/
static function getContextHash($datas = array())
{
return CMS_session::getContextHash($datas);
}
