function __grab($action, $redirect_on_error = true)
{
$domain = str_replace("http://", '', URL);
$mandatory_fields = array("_a" => strtoupper($action), "_b" => $this->_parent->getConfigVar("build", "symphony"), "_DOMAIN" => $domain);
foreach ($mandatory_fields as $key => $val) {
$d[] = $key . "=" . urlencode($val);
}
$mandatory_fields = implode("&", $d);
if (trim($this->_postfields) != "") {
$mandatory_fields .= "&" . ltrim($this->_postfields, '&');
}
$this->setopt("POSTFIELDS", $mandatory_fields);
$data = $this->exec();
$this->flush();
if ($data === false && $redirect_on_error) {
General::redirect(URL . "/symphony/?page=/system/message/");
}
return $data;
}
@chmod($dest, intval($Admin->getConfigVar("write_mode", "file"), 8));
###
# Delegate: Upload
# Description: File successfully uploaded. Path to it is provided.
$CampfireManager->notifyMembers('Upload', CURRENTPAGE, array('file' => $dest));
General::redirect($Admin->getCurrentPageURL() . "&_f=upload-success&filter=" . str_replace("workspace", "", $_POST['destination']));
##Moving Failed
} else {
General::redirect($Admin->getCurrentPageURL() . "&_f=upload-fail&filter=" . $_REQUEST['filter']);
}
##Could not move the file
} else {
General::redirect($Admin->getCurrentPageURL() . "&_f=upload-fail&filter=" . $_REQUEST['filter']);
}
}
$checked = @array_keys($_POST['items']);
switch ($_POST["with-selected"]) {
case 'delete':
###
# Delegate: Delete
# Description: Prior to deletion of files. Array of files selected is provided. This can be manipulated.
$CampfireManager->notifyMembers('Delete', CURRENTPAGE, array('files' => &$checked));
foreach ($checked as $f) {
if (!preg_match('/\\/workspace\\//i', $f)) {
break;
}
@unlink($f);
}
General::redirect($Admin->getCurrentPageURL() . "&_f=deleted&filter=" . $_REQUEST['filter']);
break;
}
$fields['validator'] = intval($fields['validator']);
$fields['validation_rule'] = NULL;
}
if ($fields['type'] == 'checkbox') {
$fields['default_state'] = isset($fields['default_state']) ? 'checked' : 'unchecked';
} else {
$fields['default_state'] = 'na';
}
include_once TOOLKIT . "/class.customfieldmanager.php";
$CustomFieldManager = new CustomFieldManager($Admin);
$CustomField =& $CustomFieldManager->create();
$CustomField->set('id', $field_id);
foreach ($fields as $key => $val) {
$CustomField->set($key, $val);
}
if ($CustomField->commit()) {
$Admin->rebuildWorkspaceConfig();
$Admin->flush_cache(array("entries", "customfields"));
###
# Delegate: Edit
# Description: After editing a customfield. ID is provided.
$CampfireManager->notifyMembers('Edit', CURRENTPAGE, array('customfield_id' => $field_id));
if (@array_key_exists("save", $_POST['action'])) {
General::redirect($Admin->getCurrentPageURL() . "&id=" . $field_id . "&_f=saved");
}
General::redirect(URL . "/symphony/?page=/structure/customfields/");
}
}
}
}
}
<?php
/***
*
* Symphony web publishing system
*
* Copyright 2004–2006 Twenty One Degrees Pty. Ltd.
*
* @version 1.7
* @licence https://github.com/symphonycms/symphony-1.7/blob/master/LICENCE
*
***/
if (!@is_file(WORKSPACE . "/masters/" . $_REQUEST['file'] . ".xsl")) {
General::redirect(URL . "/symphony/?page=/blueprint/masters/new/");
}
$Admin->addScriptToHead('assets/editor.js');
$GLOBALS['pageTitle'] = 'Masters > ' . $_REQUEST['file'];
$fields = array();
$sql = "SELECT t1.*, t2.* " . "FROM `tbl_masters` as t1 " . "LEFT JOIN `tbl_metadata` as t2 ON t2.relation_id = t1.id AND t2.class = 'master' " . "WHERE t1.name = '" . $_REQUEST['file'] . "' " . "GROUP BY t1.id " . "LIMIT 1";
$fields = $DB->fetchRow(0, $sql);
$fields["name"] = $_REQUEST['file'];
$fields["body"] = @file_get_contents(WORKSPACE . "/masters/" . $_REQUEST['file'] . ".xsl");
$fields['data_sources'] = @explode(",", $fields['data_sources']);
$fields['events'] = @explode(",", $fields['events']);
$utilities = $DB->fetch("SELECT DISTINCT t1.*\n\t\t\t\t\t\t\t FROM `tbl_utilities` as t1\n\t\t\t\t\t\t\t LEFT JOIN `tbl_utilities2datasources` as t2 ON t1.id = t2.utility_id\n\t\t\t\t\t\t\t LEFT JOIN `tbl_utilities2events` as t3 ON t1.id = t3.utility_id\n\t\t\t\t\t\t\t WHERE (t2.`data_source` IS NULL AND t3.`event` IS NULL)\n\t\t\t\t\t\t\t OR (t2.`data_source` IN ('" . @implode("', '", $fields['data_sources']) . "')\n\t\t\t\t\t\t\t OR t3.`event` IN ('" . @implode("', '", $fields['events']) . "'))");
$date = $Admin->getDateObj();
if (defined("__SYM_ENTRY_MISSINGFIELDS__")) {
$Admin->pageAlert("required", array(@implode(", ", $required)), false, 'error');
}
if (isset($_GET['_f'])) {
switch ($_GET['_f']) {
if (isset($_POST['action']['uninstall'])) {
$service = $_REQUEST['name'];
###
# Delegate: Uninstall
# Description: Triggered prior to any uninstallation. Array of selected services is provided.
# This cannot be modified.
$CampfireManager->notifyMembers('Uninstall', CURRENTPAGE, array('service' => $service));
list($owner, $name) = explode('/', $service);
$CampfireManager->uninstall($name, $owner);
General::redirect(URL . '/symphony/?page=/campfire/&_f=complete-uninstall');
} elseif (isset($_POST['action']['install'])) {
$service = $_REQUEST['name'];
###
# Delegate: Install
# Description: Notifies of installing a Campfire services. service name is provided.
# This cannot be modified.
$CampfireManager->notifyMembers('Install', CURRENTPAGE, array('service' => $service));
list($owner, $name) = explode('/', $service);
$CampfireManager->install($name, $owner);
General::redirect(URL . '/symphony/?page=/campfire/&_f=complete-install');
} elseif (isset($_POST['action']['update'])) {
$service = $_REQUEST['name'];
###
# Delegate: Update
# Description: Notifies of updating a Campfire services. service name is provided.
# This cannot be modified.
$CampfireManager->notifyMembers('Update', CURRENTPAGE, array('service' => $service));
list($owner, $name) = explode('/', $service);
$CampfireManager->update($name, $owner);
General::redirect(URL . '/symphony/?page=/campfire/&_f=complete-update');
}
* Symphony web publishing system
*
* Copyright 2004–2006 Twenty One Degrees Pty. Ltd.
*
* @version 1.7
* @licence https://github.com/symphonycms/symphony-1.7/blob/master/LICENCE
*
***/
if (!is_file('../manifest/config.php')) {
die("<h2>Error</h2><p>Symphony Engine could not be loaded.</p>");
}
require_once '../manifest/config.php';
//Fix for double login problem
$url_bits = parse_url(URL);
if ($_SERVER['HTTP_HOST'] != $url_bits['host'] && $_SERVER['HTTP_HOST'] != $url_bits['host'] . ':' . $url_bits['port']) {
General::redirect(URL . "/symphony/?" . $_SERVER['QUERY_STRING']);
exit;
}
require_once LIBRARY . "/class.admin.php";
$Admin =& new Admin(array("start_session" => true, "config" => $settings));
$Admin->addHeaderToPage("Content-Type", "text/html; charset=UTF-8");
$dbDriver = $Admin->getConfigVar("driver", "database");
if (!class_exists($dbDriver)) {
$dbDriver = "MySQL";
}
$DB = new $dbDriver($Admin->getConfigVar("database"));
if (!$DB->isConnected()) {
$Admin->fatalError(NULL, "<p>There was a problem establishing a connection to the MySQL server. Check that the details in your configuration file <code>/manifest/config.php</code> are correct.</p>", true, true);
}
if (!$DB->getSelected()) {
$Admin->fatalError(NULL, "<p>There was a problem establishing a connection to the specified database. Check that the details in your configuration file <code>/manifest/config.php</code> are correct.</p>", true, true);
$fields['author_column'] = isset($fields['author_column']) ? 'show' : 'hide';
$fields['date_column'] = isset($fields['date_column']) ? 'show' : 'hide';
$fields['calendar_show'] = isset($fields['calendar_show']) ? 'show' : 'hide';
#$fields['valid_xml_column'] = (isset($fields['valid_xml_column']) ? 'show' : 'hide');
$fields['columns'][$current_primary_field] = 'on';
$visable = @array_keys($fields['columns']);
if (isset($fields['columns'])) {
unset($fields['columns']);
}
if ($DB->update($fields, "tbl_sections", "WHERE `id` = '" . $section_id . "'")) {
$DB->query("DELETE FROM `tbl_sections_visible_columns` WHERE `section_id` = '{$section_id}'");
if (is_array($visable) && !empty($visable)) {
foreach ($visable as $v) {
$DB->query("INSERT INTO `tbl_sections_visible_columns` VALUES ('{$v}', '{$section_id}')");
}
}
$Admin->updateMetadata("section", $section_id);
$Admin->rebuildWorkspaceConfig();
$Admin->flush_cache(array("entries", "comments"));
###
# Delegate: Edit
# Description: After editing a Section. The ID is provided.
$CampfireManager->notifyMembers('Edit', CURRENTPAGE, array('section_id' => $section_id));
if (@array_key_exists("save", $_POST['action'])) {
General::redirect($Admin->getCurrentPageURL() . "&id=" . $section_id . "&_f=saved");
}
General::redirect(URL . "/symphony/?page=/structure/sections/");
}
}
}
}
<?php
/***
*
* Symphony web publishing system
*
* Copyright 2004–2006 Twenty One Degrees Pty. Ltd.
*
* @version 1.7
* @licence https://github.com/symphonycms/symphony-1.7/blob/master/LICENCE
*
***/
if ($Admin->authorIsLoggedIn()) {
General::redirect(URL . "/symphony/");
}
switch ($_GET['_f']) {
case "error":
$error = "Login invalid. <a href=\"" . URL . "/symphony/?page=/login/&forgot\">Forgot your password?</a>";
break;
}
if ((isset($_REQUEST['forgot']) || $_f == "forgot") && $_f != "newpass") {
?>
<form action="<?php
print $Admin->getCurrentPageURL();
?>
" method="post">
<h2><span>Symphony – Email Login Details</span></h2>
<fieldset>
<?php
if (isset($error)) {
# Delegate: Edit
# Description: After saving the page. The Page's database ID is provided.
$CampfireManager->notifyMembers('Edit', CURRENTPAGE, array('page_id' => $page_id));
if (@array_key_exists("output", $_POST['action'])) {
General::redirect(URL . "/" . $Admin->resolvePagePath($page_id) . "/?debug");
}
if (@array_key_exists("save", $_POST['action'])) {
General::redirect($Admin->getCurrentPageURL() . "&id={$page_id}&_f=saved");
}
General::redirect(URL . "/symphony/?page=/blueprint/pages/&id={$page_id}&_f=saved");
}
}
}
}
}
}
if (@array_key_exists("delete", $_POST['action'])) {
$page_id = $_REQUEST['id'];
###
# Delegate: Delete
# Description: Prior to deletion. Provided with Page's database ID
$CampfireManager->notifyMembers('Delete', CURRENTPAGE, array('page' => $page_id));
$page = $DB->fetchRow(0, "SELECT * FROM tbl_pages WHERE `id` = '{$page_id}'");
$DB->delete("tbl_pages", "WHERE `id` = '{$page_id}'");
$DB->delete("tbl_pages_hierarchy", "WHERE `entry_id` = '{$page_id}'");
$DB->delete("tbl_metadata", "WHERE `relation_id` = '{$page_id}' AND `class` = 'page'");
$DB->query("UPDATE tbl_pages SET `sortorder` = (`sortorder` + 1) WHERE `sortorder` < '{$page_id}'");
unlink(WORKSPACE . "/pages/" . $page['handle'] . ".xsl");
$Admin->flush_cache(array("pages"));
General::redirect(URL . "/symphony/?page=/blueprint/pages/&_f=deleted");
}
/***
*
* Symphony web publishing system
*
* Copyright 2004–2006 Twenty One Degrees Pty. Ltd.
*
* @version 1.7
* @licence https://github.com/symphonycms/symphony-1.7/blob/master/LICENCE
*
***/
$Admin->addScriptToHead('assets/editor.js');
$fields = array();
$dsPath = DATASOURCES . "/data." . $_REQUEST['file'] . ".php";
if (!@is_file($dsPath)) {
General::redirect(URL . "/symphony/?page=/blueprint/datasources/new/");
}
$sections = $DB->fetch("SELECT * FROM `tbl_sections`");
$xml_fields = array();
##Entries
$xml_fields['entries'] = array("date", "time", "rfc822-date", "pagination-info", "author::first-name", "author::last-name", "author::email", "author::username");
##Authors
$xml_fields['authors'] = array("entry-count", "first-name", "last-name", "email", "username", "status", "auth-token", "email-hash");
##Comments
$xml_fields['comments'] = array("spam", "author", "date", "time", "rfc822-date", "pagination-info", "authorised", "message", "url", "email", "email-hash");
$DSM = new DatasourceManager(array('parent' => &$Admin));
$oDataSource = $DSM->create($_REQUEST['file']);
$about = $oDataSource->about();
$GLOBALS['pageTitle'] = 'Data Sources > ' . $about['name'];
$allow_parse = $oDataSource->allowEditorToParse();
$type = $oDataSource->getType();
<?php
/***
*
* Symphony web publishing system
*
* Copyright 2004–2006 Twenty One Degrees Pty. Ltd.
*
* @version 1.7
* @licence https://github.com/symphonycms/symphony-1.7/blob/master/LICENCE
*
***/
if (!$Admin->authorIsOwner()) {
$Admin->fatalError('Access Denied', '<p>Access denied. You are not authorised to access this page.</p>', true, true);
}
if (isset($_POST['action']['sync'])) {
$retval = $Admin->synchroniseWorkspace();
General::redirect($Admin->getCurrentPageURL() . '&' . ($retval ? 'sync=complete' : 'sync=failed'));
} elseif (isset($_POST['action']['uninstall'])) {
$Admin->uninstall();
$Admin->fatalError('Uninstall Successful', '<p>Any Campfire Services have been left intact, along with the <code>symphony</code> folder, <code>index.php</code> and your database.</p><p>To complete the uninstall you will need to remove the aforementioned items manually.</p>', true);
}
define("__SYM_ENTRY_MISSINGFIELDS__", true);
} elseif ($fields['password'] != $fields['password_confirm']) {
$Admin->pageAlert("password-mismatch", NULL, false, 'error');
} elseif ($authorManager->fetchByUsername($fields['username'])) {
$Admin->pageAlert("duplicate", array("An Author", "username"), false, 'error');
} else {
$author =& $authorManager->create();
$author->set('textformat', $fields['textformat']);
$author->set('superuser', $fields['superuser']);
$author->set('owner', '0');
$author->set('email', $fields['email']);
$author->set('username', $fields['username']);
$author->set('firstname', General::sanitize($fields['firstname']));
$author->set('lastname', General::sanitize($fields['lastname']));
$author->set('last_refresh', NULL);
$author->set('last_session', NULL);
$author->set('password', md5($fields['password']));
$author->set('allow_sections', @implode(",", $fields['allow_sections']));
$author->set('auth_token_active', $fields['auth_token_active'] ? $fields['auth_token_active'] : 'no');
if ($author_id = $author->commit()) {
###
# Delegate: Create
# Description: Creation of a new Author. The ID of the author is provided.
$CampfireManager->notifyMembers('Create', CURRENTPAGE, array('author_id' => $author_id));
if (@array_key_exists("save", $_POST['action'])) {
General::redirect(URL . "/symphony/?page=/settings/authors/edit/&id={$author_id}&_f=saved");
}
General::redirect(URL . "/symphony/?page=/settings/authors/&_f=saved");
}
}
}
<?php
/***
*
* Symphony web publishing system
*
* Copyright 2004–2006 Twenty One Degrees Pty. Ltd.
*
* @version 1.7
* @licence https://github.com/symphonycms/symphony-1.7/blob/master/LICENCE
*
***/
$Admin->addScriptToHead('assets/editor.js');
if (!isset($_REQUEST['id'])) {
General::redirect(URL . "/symphony/?page=/blueprint/utilities/new/");
}
$fields = array();
if (isset($_REQUEST['id'])) {
$sql = "SELECT t1.*, t2.* " . "FROM `tbl_utilities` as t1 " . "LEFT JOIN `tbl_metadata` as t2 ON t2.relation_id = t1.id AND t2.class = 'transformation' " . "WHERE t1.id = '" . $_REQUEST['id'] . "' " . "GROUP BY t1.id " . "LIMIT 1";
$fields = $DB->fetchRow(0, $sql);
$GLOBALS['pageTitle'] = 'Utilities > ' . $fields['name'];
$fields['data_source'] = $DB->fetchCol('data_source', "SELECT `data_source` FROM `tbl_utilities2datasources` WHERE utility_id = '" . $_REQUEST['id'] . "'");
$fields['events'] = $DB->fetchCol('event', "SELECT `event` FROM `tbl_utilities2events` WHERE utility_id = '" . $_REQUEST['id'] . "'");
$fields["body"] = @file_get_contents(WORKSPACE . "/utilities/" . $fields['handle'] . ".xsl");
}
if (defined("__SYM_ENTRY_MISSINGFIELDS__")) {
$Admin->pageAlert("required", array(@implode(", ", $required)), false, 'error');
}
$date = $Admin->getDateObj();
if (isset($_GET['_f'])) {
switch ($_GET['_f']) {
<?php
/***
*
* Symphony web publishing system
*
* Copyright 2004–2006 Twenty One Degrees Pty. Ltd.
*
* @version 1.7
* @licence https://github.com/symphonycms/symphony-1.7/blob/master/LICENCE
*
***/
if (isset($_POST['action']['apply'])) {
$checked = @array_keys($_POST['items']);
if (!empty($checked) && is_array($checked)) {
switch ($_POST["with-selected"]) {
case 'delete':
###
# Delegate: Delete
# Description: Prior to deletion of entries. Section ID and Array of Entries is provided.
# The array can be manipulated
$CampfireManager->notifyMembers('Delete', CURRENTPAGE, array('section_id' => $_REQUEST['_sid'], 'entry_id' => &$checked));
include_once TOOLKIT . "/class.entrymanager.php";
$entryManager = new EntryManager($Admin);
$entryManager->delete($checked);
$Admin->flush_cache(array("entries", "authors", "comments"));
General::redirect($Admin->getCurrentPageURL() . "&_sid=" . $_REQUEST['_sid'] . "&_f=complete");
}
}
}
$fields = $_POST['fields'];
} elseif ($author_id) {
$sql = "SELECT * " . "FROM `tbl_authors` " . "WHERE `id` = '" . addslashes($_GET['id']) . "' ";
if ($fields = $DB->fetchRow(0, $sql)) {
$fields['allow_sections'] = @explode(",", $fields['allow_sections']);
} else {
General::redirect(URL . "/symphony/?page=/settings/authors/new/");
}
} else {
General::redirect(URL . "/symphony/?page=/settings/authors/new/");
}
if (!$Admin->authorIsOwner() && !($isOwner = $author_id == $Admin->getAuthorID())) {
if (!$Admin->authorIsSuper()) {
General::redirect(URL . "/symphony/?page=/settings/authors/summary/&id={$author_id}");
} elseif ($fields['superuser'] == '1' || $fields['owner'] == '1') {
General::redirect(URL . "/symphony/?page=/settings/authors/summary/&id={$author_id}");
}
}
$date = $Admin->getDateObj();
if (isset($_GET['_f'])) {
switch ($_GET['_f']) {
case "saved":
$Admin->pageAlert("saved-time", array("Author profile", date("h:i:sa", $date->get(true, false))));
break;
}
}
$GLOBALS['pageTitle'] = 'Authors > ' . $fields['firstname'] . ' ' . $fields['lastname'];
if (defined("__SYM_ENTRY_MISSINGFIELDS__")) {
$Admin->pageAlert("required", array(@implode(", ", $required)), false, 'error');
}
$TFM = new TextformatterManager(array('parent' => &$Admin));
<?php
if (!isset($_REQUEST['auth'])) {
General::redirect(URL . '/symphony/');
}
$ch = new Gateway();
$ch->init();
$ch->setopt("URL", URL . '/symphony/ajax/');
$ch->setopt("POST", 1);
$ch->setopt("POSTFIELDS", array('action' => 'status', 'token' => $_REQUEST['auth'], 'mode' => 'full'));
$data = $ch->exec();
$parser = new XmlDoc();
$parser->parseString($data);
$doc = $parser->getArray();
unset($parser);
$obDate = $Admin->getDateObj();
$rss = new XMLElement('rss');
$rss->setAttribute('version', '2.0');
$channel = new XMLElement('channel');
$channel->addChild(new XMLElement('title', $Admin->getConfigVar('sitename', 'general')));
$channel->addChild(new XMLElement('link', URL));
$channel->addChild(new XMLElement('description', $Admin->getConfigVar('sitename', 'general') . ' Status Feed'));
$channel->addChild(new XMLElement('language', 'en-us'));
$channel->addChild(new XMLElement('generator', 'Symphony ' . $Admin->getConfigVar('build', 'symphony')));
function flattenFragment($f, $type)
{
$f = $f[$type];
$flattened = array();
$flattened['attributes'] = $f['attributes'];
$flattened['data'] = array();
unset($f['attributes']);
require_once LIBRARY . "/core/class.general.php";
require_once LIBRARY . "/core/class.lang.php";
require_once LIBRARY . "/core/class.utilities.php";
##To prevent users that are logged in from getting maintenance pages, ensure the URL matches
##the one speficied in the config file.
$url_bits = parse_url(URL);
if ($_SERVER['HTTP_HOST'] != $url_bits['host'] && $_SERVER['HTTP_HOST'] != $url_bits['host'] . ':' . $url_bits['port']) {
##Clean up the query string
$query = str_replace("page=" . $_REQUEST['page'], "", $_SERVER['QUERY_STRING']);
$query = ltrim($query, "&");
##Reconstruct the correct URL and redirect them there
$destination = URL . "/" . $_REQUEST['page'] . "/" . ($query != "" ? "?{$query}" : "");
$destination = rtrim($destination, "/") . "/";
##Lets the browser know its a 301 page
header("HTTP/1.1 301 Moved Permanently");
General::redirect($destination);
exit;
}
##
require_once LIBRARY . "/core/class.xsltprocess.php";
require_once LIBRARY . "/core/class.symphonylog.php";
require_once LIBRARY . "/core/class.mysql.php";
require_once LIBRARY . "/core/class.symdate.php";
require_once LIBRARY . "/core/class.configuration.php";
require_once LIBRARY . "/core/class.xmlelement.php";
require_once LIBRARY . "/core/class.gateway.php";
require_once TOOLKIT . "/class.xmlrepair.php";
require_once LIBRARY . "/core/class.manager.php";
require_once LIBRARY . "/core/class.eventmanager.php";
require_once LIBRARY . "/core/class.datasourcemanager.php";
require_once LIBRARY . "/core/class.textformattermanager.php";
<?php
/***
*
* Symphony web publishing system
*
* Copyright 2004–2006 Twenty One Degrees Pty. Ltd.
*
* @version 1.7
* @licence https://github.com/symphonycms/symphony-1.7/blob/master/LICENCE
*
***/
if (!@is_file(WORKSPACE . $_REQUEST['file'])) {
General::redirect(URL . "/symphony/?page=/blueprint/assets/new/");
}
$Admin->addScriptToHead('assets/editor.js');
$type = General::getExtension($_REQUEST['file']);
$GLOBALS['pageTitle'] = 'Assets > ' . basename($_REQUEST['file']);
$fields = General::getFileMeta(WORKSPACE . $_REQUEST['file']);
$fields["name"] = basename($_REQUEST['file']);
$ignore = array("events", "data-sources", "text-formatters", "pages", "masters", "utilities");
$fields["location"] = "/workspace" . dirname($_REQUEST['file']) . "/";
$fields["type"] = $type;
$fields["body"] = @file_get_contents(WORKSPACE . $_REQUEST['file']);
if (defined("__SYM_ENTRY_MISSINGFIELDS__")) {
$Admin->pageAlert("required", array(@implode(", ", $required)), false, 'error');
}
$date = $Admin->getDateObj();
if (isset($_GET['_f'])) {
switch ($_GET['_f']) {
case "saved":
*
* Copyright 2004–2006 Twenty One Degrees Pty. Ltd.
*
* @version 1.7
* @licence https://github.com/symphonycms/symphony-1.7/blob/master/LICENCE
*
***/
$checked = @array_keys($_POST['items']);
switch ($_POST["with-selected"]) {
case 'delete':
$sql = "SELECT `primary_field` FROM `tbl_sections`";
$primary_fields = $DB->fetchCol('primary_field', $sql);
$fieldsList = array_map('intval', $checked);
$fieldsList = array_diff($fieldsList, $primary_fields);
if (is_array($fieldsList) && !empty($fieldsList)) {
###
# Delegate: Delete
# Description: Prior to deleting a custom field.
# Array of fields is provided. This can be manipulated
$CampfireManager->notifyMembers('Delete', CURRENTPAGE, array('customfields' => &$fieldsList));
include_once TOOLKIT . "/class.customfieldmanager.php";
$CustomFieldManager = new CustomFieldManager($Admin);
foreach ($fieldsList as $id) {
$CustomFieldManager->delete($id);
}
$Admin->rebuildWorkspaceConfig();
$Admin->flush_cache(array("entries", "customfields"));
General::redirect($Admin->getCurrentPageURL() . "&_f=complete");
}
break;
}
*
* Copyright 2004–2006 Twenty One Degrees Pty. Ltd.
*
* @version 1.7
* @licence https://github.com/symphonycms/symphony-1.7/blob/master/LICENCE
*
***/
print '<?xml version="1.0" encoding="utf-8"?>';
$date = new SymDate($Admin->getConfigVar("time_zone", "region"), $Admin->getConfigVar("date_format", "region"));
$GLOBALS['pageTitle'] = "Activity Logs";
$date = new SymDate($Admin->getConfigVar("time_zone", "region"), $Admin->getConfigVar("date_format", "region"));
$log = array();
if (@is_file(LOGS . "/" . $_REQUEST["_l"] . ".log")) {
$log = General::str2array(@file_get_contents(LOGS . "/" . $_REQUEST["_l"] . ".log"), false);
} else {
General::redirect("?page=/settings/logs/");
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
<head>
<title>Symphony – <?php
print $GLOBALS['pageTitle'];
?>
</title>
<link rel="stylesheet" type="text/css" media="screen" href="assets/debug.css" />
<script type="text/javascript" src="assets/main.js"></script>
</head>
}
}
if (is_array($errors)) {
define("__SYM_MISSINGFIELDS__", true);
} else {
$settings['region']['dst'] = $settings['region']['dst'] ? 'yes' : 'no';
$settings['symphony']['allow_workspace_synchronisation'] = $settings['symphony']['allow_workspace_synchronisation'] ? '1' : '0';
if ($settings['region']['dst'] != $Admin->getConfigVar('dst', 'region') || $settings['region']['time_zone'] != $Admin->getConfigVar('time_zone', 'region')) {
$repairEntries = true;
}
foreach ($settings as $set => $values) {
foreach ($values as $key => $val) {
$Admin->setConfigVar($key, $val, $set);
}
}
if ($repairEntries) {
require_once TOOLKIT . '/class.entrymanager.php';
$em = new EntryManager($Admin);
$em->repairEntryLocalPublishDates();
}
$Admin->saveConfig();
if (!$errors) {
$Admin->flush_cache("ALL");
###
# Delegate: Save
# Description: Saving of system preferences.
$CampfireManager->notifyMembers('Save', CURRENTPAGE);
General::redirect($Admin->getCurrentPageURL() . "&_f=saved");
}
}
}
}
$change_handle = $Admin->getConfigVar("allow_primary_field_handles_to_change", "symphony");
$change_handle = intval($change_handle);
$change_handle = $change_handle == 1 ? true : false;
$retval = $entryManager->edit($entry_id, $data['custom'], $newPublishTimestamp, 'real', $change_handle);
if (!$retval) {
define("__SYM_DB_INSERT_FAILED__", true);
} else {
$Admin->flush_cache(array("entries", "authors"));
###
# Delegate: Edit
# Description: Editing an entry. Section and Entry ID are provided.
$CampfireManager->notifyMembers('Edit', CURRENTPAGE, array('section_id' => $section_id, 'entry_id' => $entry_id));
if (@array_key_exists("save", $_POST['action'])) {
General::redirect($Admin->getCurrentPageURL() . "&_sid={$section_id}&id={$entry_id}&_f=saved");
}
General::redirect(URL . "/symphony/?page=/publish/section/&_sid={$section_id}");
}
}
}
if (@array_key_exists("delete", $_POST['action'])) {
###
# Delegate: Delete
# Description: Prior to deleting an entry. Both Section and Entry ID are provided.
$CampfireManager->notifyMembers('Delete', CURRENTPAGE, array('section_id' => $_REQUEST['_sid'], 'entry_id' => $_REQUEST['id']));
include_once TOOLKIT . "/class.entrymanager.php";
$entryManager = new EntryManager($Admin);
$entryManager->delete($_REQUEST['id']);
$Admin->flush_cache(array("entries", "authors", "comments"));
General::redirect(URL . "/symphony/?page=/publish/section/&_f=complete&_sid=" . $_REQUEST['_sid']);
}
$date = $Admin->getDateObj();
if ($entry_id) {
if ($fields = $entryManager->fetchEntriesByID($entry_id, false, true)) {
$can_edit = true;
$GLOBALS['pageTitle'] = $section['name'] . ' > ' . strip_tags($fields['fields'][$fields['primary_field']]['value']);
foreach ($fields['fields'] as $key => $f) {
$fields['custom'][$key] = $f['value_raw'];
}
if ($fields['type'] != "") {
$fields['custom'][$fields['primary_field']] = "[" . $fields['type'] . "] " . $fields['custom'][$fields['primary_field']];
}
} else {
General::redirect(URL . "/symphony/?page=/publish/section/new/&_sid=" . $section_id);
}
} else {
General::redirect(URL . "/symphony/?page=/publish/section/new/&_sid=" . $section_id);
}
if (isset($_GET['_f'])) {
switch ($_GET['_f']) {
case "saved":
$Admin->pageAlert("saved-time", array("Entry", date("h:i:sa", $date->get(true, false))));
break;
}
}
if (defined("__SYM_ENTRY_MISSINGFIELDS__")) {
$Admin->pageAlert("required", array(@implode(", ", $entryManager->fetchEntryRequiredFields($section_id, true))), false, 'error');
} elseif (defined("__SYM_ENTRY_VALIDATION_ERROR__")) {
$Admin->pageAlert("validation", __SYM_ENTRY_VALIDATION_ERROR__, false, 'error');
} elseif (defined("__SYM_ENTRY_FIELD_XSLT_ERROR__")) {
$Admin->pageAlert("xslt-validation", __SYM_ENTRY_FIELD_XSLT_ERROR__, false, 'error');
} else {
##Write the file
if (!($write = General::writeFile(WORKSPACE . "/pages/" . $fields['handle'] . ".xsl", $fields['body'], $Admin->getConfigVar("write_mode", "file")))) {
$Admin->pageAlert("write-failed", array("Page"), false, 'error');
} else {
##No longer need the body text
unset($fields['body']);
##Insert the new data
if (!$DB->insert($fields, "tbl_pages")) {
define("__SYM_DB_INSERT_FAILED__", true);
} else {
$page_id = $DB->getInsertID();
##Ensure our metadata for the page is set
$Admin->updateMetadata("page", $page_id);
$Admin->flush_cache(array("pages"));
$Admin->rebuildWorkspaceConfig();
###
# Delegate: Create
# Description: After saving the Page. The Page's database ID is provided.
$CampfireManager->notifyMembers('Create', CURRENTPAGE, array('page_id' => $page_id));
if (@array_key_exists("output", $_POST['action'])) {
General::redirect(URL . "/symphony/?page=/blueprint/pages/view/&type=page&handle=" . $fields['handle']);
}
if (@array_key_exists("save", $_POST['action'])) {
General::redirect(URL . "/symphony/?page=/blueprint/pages/edit/&id={$page_id}&_f=saved");
}
General::redirect(URL . "/symphony/?page=/blueprint/pages/&id={$page_id}&_f=saved");
}
}
}
}
}
foreach ($datasources as $d) {
$DB->query("INSERT INTO tbl_utilities2datasources VALUES ('', '{$id}', '{$d}')");
}
} else {
$DB->query("INSERT INTO tbl_utilities2datasources VALUES ('', '{$id}', NULL)");
}
## Events
$DB->query("DELETE FROM `tbl_utilities2events` WHERE `utility_id` = '{$id}'");
if (is_array($events) && !empty($events)) {
foreach ($events as $e) {
$DB->query("INSERT INTO tbl_utilities2events VALUES ('', '{$id}', '{$e}')");
}
} else {
$DB->query("INSERT INTO tbl_utilities2events VALUES ('', '{$id}', NULL)");
}
##Ensure our metadata for the page is set
$Admin->updateMetadata("utility", $id);
$Admin->rebuildWorkspaceConfig();
###
# Delegate: Create
# Description: After saving the Utility. The Utility's database ID is provided.
$CampfireManager->notifyMembers('Create', CURRENTPAGE, array('utility_id' => $id));
if (@array_key_exists("save", $_POST['action'])) {
General::redirect(URL . "/symphony/?page=/blueprint/utilities/edit/&id={$id}&_f=saved");
}
General::redirect(URL . "/symphony/?page=/blueprint/components/");
}
}
}
}
}
} else {
$var['DEFINES LIST'] = $defines_list;
}
foreach ($var as $key => $val) {
if (trim($val) == '') {
$val = 'NULL';
}
$fields['body'] = str_replace("<!-- {$key} -->", $val, $fields['body']);
}
$file = DATASOURCES . "/data." . $handle . ".php";
##Duplicate
if (@is_file($file)) {
$Admin->pageAlert("duplicate", array("An Data Source", "name"), false, 'error');
##Write the file
} elseif (!is_writable(dirname($file)) || !($write = General::writeFile($file, $fields['body'], $Admin->getConfigVar("write_mode", "file")))) {
$Admin->pageAlert("write-failed", array("Data Source"), false, 'error');
} else {
##Clean out the cache
$Admin->flush_cache("ALL");
###
# Delegate: Create
# Description: After saving the datasource, the file path is provided and an array
# of variables set by the editor
$CampfireManager->notifyMembers('Create', CURRENTPAGE, array('file' => $file, 'defines' => $defines, 'var' => $var));
if (@array_key_exists("save", $_POST['action'])) {
General::redirect(URL . "/symphony/?page=/blueprint/datasources/edit/&file={$handle}&_f=saved");
}
General::redirect(URL . "/symphony/?page=/blueprint/controllers/");
}
}
}
$actionParts = array_keys($_POST['action']);
$action = end($actionParts);
##Login Attempted
if ($action == "login") {
if (empty($_POST['username']) || empty($_POST['password']) || !$Admin->login($_POST['username'], $_POST['password'])) {
###
# Delegate: LoginFailure
# Description: Failed login attempt. Username is provided.
$CampfireManager->notifyMembers('LoginFailure', CURRENTPAGE, array('username' => $_POST['username']));
General::redirect(URL . "/symphony/?page=/login/&_f=error");
}
###
# Delegate: LoginSuccess
# Description: Successful login attempt. Username is provided.
$CampfireManager->notifyMembers('LoginSuccess', CURRENTPAGE, array('username' => $_POST['username']));
General::redirect(URL . "/symphony/?page=" . str_replace('&', '&', $Admin->_nav[0]['children'][0]['link']));
##Reset of password requested
} elseif ($action == "reset") {
$author = $DB->fetchRow(0, "SELECT `id`, `email`, `firstname` FROM `tbl_authors` WHERE `email` = '" . $_POST['email'] . "'");
if (!empty($author)) {
if (!($token = $DB->fetchVar("token", 0, "SELECT `token` FROM `tbl_forgotpass` WHERE `author_id` = " . $author['id']))) {
$token = substr(md5(time()), 0, 8);
$DB->insert(array("author_id" => $author['id'], "token" => $token), "tbl_forgotpass");
}
General::sendEmail($author['email'], "*****@*****.**", "Symphony Concierge", "New Symphony Account Password", "Hi " . $author['firstname'] . ",\nA new password has been requested " . "for your account. To change your password please click on the following " . "link: \n\n\t" . URL . "/symphony/?page=/login/&action=resetpass&_t=" . $token . "\n\n" . "If you did not ask for a new password, please disregard this email.\n\nBest " . "Regards,\nThe Symphony Team");
###
# Delegate: PasswordResetSuccess
# Description: A successful password reset has taken place. Author ID is provided
$CampfireManager->notifyMembers('PasswordResetSuccess', CURRENTPAGE, array('author_id' => $author['id']));
$_f = "newpass";
$error = "You have been sent an email with instructions.";
$password_changed = false;
if (trim($fields['password']) != "" && trim($fields['new_password']) != "") {
$author->set('password', md5($fields['new_password']));
$password_changed = true;
}
if ($author->commit()) {
if ($_REQUEST['id'] == $Admin->getAuthorID()) {
$args = unserialize($_COOKIE[__SYM_COOKIE__]);
$Admin->login($args['username'], !$password_changed ? $args['password'] : md5($fields['new_password']), true, true);
}
###
# Delegate: Edit
# Description: After editing an author. ID of the author is provided.
$CampfireManager->notifyMembers('Edit', CURRENTPAGE, array("author_id" => $_REQUEST['id']));
if (@array_key_exists("save", $_POST['action'])) {
General::redirect(URL . "/symphony/?page=/settings/authors/edit/&id=" . $_REQUEST['id'] . "&_f=saved");
}
General::redirect(URL . "/symphony/?page=/settings/authors/&_f=saved");
}
}
}
}
if (@array_key_exists("delete", $_POST['action'])) {
###
# Delegate: Delete
# Description: Prior to deleting an author. ID is provided.
$CampfireManager->notifyMembers('Delete', CURRENTPAGE, array("author_id" => $author_id));
$authorManager->delete($author_id);
$Admin->flush_cache(array("entries", "authors", "comments"));
General::redirect(URL . "/symphony/?page=/settings/authors/&_f=complete");
}
function getContent($page = NULL, $isAction = false, $silent = false)
{
$this->_currentPage = URL . "/symphony/?page=" . $page;
$dir = "content";
if ($isAction) {
$dir = "actions";
}
if ($this->authorIsLoggedIn()) {
if (trim($page, "/") == "") {
General::redirect(URL . "/symphony/?page=" . str_replace('&', '&', $this->_nav[0]['children'][0]['link']));
}
if (stristr($page, "campfire/service") !== false) {
$parts = explode("/", trim($page, "/"));
$parts = array_slice($parts, 2);
$owner = array_shift($parts);
$service = array_shift($parts);
if (empty($parts)) {
$parts = array("index");
}
$path = CAMPFIRE . "/{$owner}/{$service}/interface/" . ($isAction ? "action" : "content") . "." . implode("_", $parts) . ".php";
} else {
$page_real = trim($page, '/');
$page_real = "sym_" . str_replace("/", "_", $page_real);
$user_access_level = "author";
if ($this->authorIsOwner()) {
$user_access_level = "owner";
} elseif ($this->authorIsSuper()) {
$user_access_level = "super";
}
$page_limit = "author";
foreach ($this->_nav as $item) {
if (General::in_array_multi($page, $item['children'])) {
if (isset($item['limit'])) {
$page_limit = $item['limit'];
} elseif (is_array($item['children'])) {
foreach ($item['children'] as $c) {
if ($c['link'] == $page && isset($c['limit'])) {
$page_limit = $c['limit'];
}
}
}
} elseif ($page == $item['link'] && isset($item['limit'])) {
$page_limit = $item['limit'];
}
}
$can_access = false;
if ($page_limit == "author") {
$can_access = true;
} elseif ($page_limit == "super" && ($user_access_level == "super" || $user_access_level == "owner")) {
$can_access = true;
} elseif ($page_limit == "owner" && $user_access_level == "owner") {
$can_access = true;
}
if (!$can_access) {
if (!$silent) {
$this->fatalError("Access Denied", "<p>Access denied. You are not authorised to access this page.</p>", true, true);
}
return false;
}
$path = CORE . "/" . $dir . "/" . $page_real . ".php";
}
if (@is_file($path)) {
return $path;
}
if (!$silent) {
$this->fatalError("Page Not Found", "<p>The page you were looking for could not be found.</p>", true, true);
}
return false;
} else {
return CORE . "/" . $dir . "/sym_login.php";
}
}
}
}
$Admin->setConfigVar("ip-blacklist", @implode(', ', $new_blacklist), "commenting");
$Admin->saveConfig();
$Admin->flush_cache(array("comments", "entries", "authors"));
}
}
$DB->query("UPDATE `tbl_metadata` SET `creator_ip` = '" . $fields['author_ip'] . "'\n\t\t\t\t\t\tWHERE `class` = 'comment' AND `relation_id` = '" . $_REQUEST['id'] . "' LIMIT 1");
unset($fields['author_ip']);
unset($fields['blacklist']);
if ($DB->update($fields, "tbl_comments", "WHERE `id` = '" . $_REQUEST['id'] . "'")) {
$Admin->updateMetadata("comment", $_REQUEST['id'], false);
$Admin->flush_cache(array("comments", "entries", "authors"));
###
# Delegate: Edit
# Description: Saving of a comment. Comment ID is provided
$CampfireManager->notifyMembers('Edit', CURRENTPAGE, array('comment_id' => $_REQUEST['id']));
General::redirect(URL . "/symphony/?page=/publish/comments/&_f=saved&id=" . $_REQUEST["id"]);
}
}
} elseif (array_key_exists("delete", $_POST['action'])) {
$comment_id = $_REQUEST['id'];
###
# Delegate: Delete
# Description: Prior to deletion of a comment. Comment ID is provided, this can be manipulated
$CampfireManager->notifyMembers('Delete', CURRENTPAGE, array('comment_id' => &$comment_id));
$DB->delete("tbl_comments", "WHERE `id` = '{$comment_id}' LIMIT 1");
$DB->delete("tbl_metadata", "WHERE `relation_id` = '{$comment_id}' AND `class` = 'comment' LIMIT 1");
$Admin->flush_cache(array("comments", "entries", "authors"));
General::redirect(URL . "/symphony/?page=/publish/comments/&_f=complete");
}
