/**
* Checks to see if the page in question is a valid composer draft for the logged in user
*/
protected static function isValidComposerPage($entry) {
$ct = CollectionType::getByID($entry->getCollectionTypeID());
if (!$ct->isCollectionTypeIncludedInComposer()) {
return false;
}
$cp = new Permissions($entry);
if (!$cp->canEditPageContents()) {
return false;
}
return true;
}
<?php
defined('C5_EXECUTE') or die("Access Denied.");
$json = Loader::helper('json');
$c = Page::getByID($_REQUEST['cID']);
$a = Area::get($c, $_GET['arHandle']);
if (!is_object($c) || !is_object($a)) {
$jsonData = array();
$jsonData['msg'] = t('Access Denied.');
echo $json->encode($jsonData);
exit;
}
$nvc = $c->getVersionToModify();
$cp = new Permissions($c);
$ap = new Permissions($a);
if (!$cp->canEditPageContents() || !$ap->canAddLayoutToArea()) {
$jsonData = array();
$jsonData['msg'] = t('Access Denied.');
echo $json->encode($jsonData);
exit;
}
$valt = Loader::helper('validation/token');
$token = '&' . $valt->getParameter();
if ($_GET['task'] == 'deletePreset') {
$layoutPreset = LayoutPreset::getByID($_REQUEST['lpID']);
if (is_object($layoutPreset)) {
$layout = $layoutPreset->getLayoutObject();
$layoutID = $layout->layoutID;
}
} else {
$layoutID = intval($_REQUEST['layoutID']);
} else {
?>
href="<?php
echo URL::to('/ccm/system/page/check_in', $c->getCollectionID(), $valt->generate());
?>
" data-panel-url="<?php
echo URL::to('/ccm/system/panels/page/check_in');
?>
"><?php
echo t('Save Changes');
}
?>
</a></li>
<?php
} else {
if ($permissions->canEditPageContents()) {
?>
<li class="ccm-toolbar-page-edit"><i class="fa fa-pencil mobile-leading-icon"></i><a
<?php
if ($c->isMasterCollection()) {
?>
data-disable-panel="check-in"<?php
}
?>
data-toolbar-action="check-out"
href="<?php
echo DIR_REL;
?>
/<?php
echo DISPATCHER_FILENAME;
?>
$c = Page::getByID($_REQUEST['cID']);
$a = Area::get($c, $_GET['arHandle']);
$ax = $a;
$cx = $c;
if (!is_object($a)) {
die('Invalid Area');
}
if ($a->isGlobalArea()) {
$cx = Stack::getByName($a->getAreaHandle());
$ax = Area::get($cx, STACKS_AREA_NAME);
}
$cp = new Permissions($cx);
$ap = new Permissions($ax);
$valt = Loader::helper('validation/token');
$token = '&' . $valt->getParameter();
if (!$cp->canEditPageContents()) {
die(t("Access Denied."));
}
$args = array('c' => $c, 'a' => $a, 'cp' => $cp, 'ap' => $ap, 'token' => $token);
Loader::element("dialog_header");
if ($a->isGlobalArea()) {
echo '<div class="ccm-ui"><div class="alert-message block-message warning">';
echo t('This is a global area. Content added here will be visible on every page that contains this area.');
echo '</div></div>';
}
switch ($_GET['atask']) {
case 'add':
$toolSection = "block_area_add_new";
$canViewPane = $ap->canAddBlocks();
break;
case 'add_from_stack':
switch ($cp->getError()) {
case COLLECTION_FORBIDDEN:
$v = View::getInstance();
$v->setCollectionObject($c);
$v->render('/page_forbidden');
break;
}
}
if (!$c->isActive() && !$cp->canViewPageVersions()) {
$v = View::getInstance();
$v->render('/page_not_found');
}
## If there's no error, then we build the collection, but first we load it with the appropriate
## version. We pass the function the collection object, as well as the collection permissions
## object, which the function will use to determine what version we get to see
if ($cp->canEditPageContents() || $cp->canEditPageProperties() || $cp->canViewPageVersions()) {
$cvID = $_REQUEST['cvID'] ? $_REQUEST['cvID'] : "RECENT";
$c->loadVersionObject($cvID);
}
$vp = new Permissions($c->getVersionObject());
if ($_REQUEST['ccm-disable-controls'] == true || intval($cvID) > 0) {
$v = View::getInstance();
$v->disableEditing();
$v->disableLinks();
}
// returns the $vp object, which we then check
if (is_object($vp) && $vp->isError()) {
// if we've gotten an error getting information about this particular collection
// than we load up the Content class, and get prepared to fire away
switch ($vp->getError()) {
case COLLECTION_NOT_FOUND:
defined('C5_EXECUTE') or die("Access Denied.");
use Concrete\Core\Attribute\Set as AttributeSet;
$cp = new Permissions($c);
$pk = PermissionKey::getByHandle('edit_page_properties');
$pk->setPermissionObject($c);
$asl = $pk->getMyAssignment();
$seoSet = AttributeSet::getByHandle('seo');
?>
<section>
<header><?php
echo t('Page Settings');
?>
</header>
<?php
if ($cp->canEditPageContents() || $cp->canEditPageTheme() || $cp->canEditPageProperties() || $cp->canEditPageTemplate()) {
?>
<menu class="ccm-panel-page-basics">
<?php
$pagetype = PageType::getByID($c->getPageTypeID());
if (is_object($pagetype) && $cp->canEditPageContents()) {
?>
<li>
<a href="#" data-launch-panel-detail="page-composer"
data-panel-detail-url="<?php
echo URL::to('/ccm/system/panels/details/page/composer');
?>
"
data-panel-transition="fade">
<?php
/**
* @param \Concrete\Core\Page\Page $c
*
* @return bool
*/
private function userCanEdit(\Concrete\Core\Page\Page $c)
{
static $canEdit;
if (!isset($canEdit)) {
$canEdit = false;
$me = $this->getCurrentUser();
if ($me !== null) {
$cp = new \Permissions($c);
if ($cp->canEditPageContents()) {
$canEdit = true;
}
}
}
return $canEdit;
}
<li class="ccm-toolbar-page-edit-mode-active ccm-toolbar-page-edit"><i
class="fa fa-pencil mobile-leading-icon"></i><a data-toolbar-action="check-in"
<? if ($vo->isNew() && !$c->isMasterCollection()) { ?>href="javascript:void(0)"
data-launch-panel="check-in"><?php echo t(
'Save Changes') ?><?
} else {
?>href="<?= URL::to(
'/ccm/system/page/check_in',
$c->getCollectionID(),
Loader::helper(
'validation/token')
->generate()) ?>" data-panel-url="<?= URL::to(
'/ccm/system/panels/page/check_in') ?>"><?php echo t(
'Save Changes') ?><?
} ?></a></li>
<? } else if ($permissions->canEditPageContents()) { ?>
<li class="ccm-toolbar-page-edit"><i class="fa fa-pencil mobile-leading-icon"></i><a
data-toolbar-action="check-out"
href="<?= DIR_REL ?>/<?= DISPATCHER_FILENAME ?>?cID=<?= $c->getCollectionID() ?>&ctask=check-out<?= $token ?>"><?php echo t(
'Edit this Page') ?></a></li>
<? } ?>
<li class="parent-ul"><i class="fa fa-cog mobile-leading-icon"></i><a href="#"><?php echo t(
'Page Properties') ?><i class="fa fa-caret-down"></i></a>
<ul class="list-unstyled">
<?
$pagetype = PageType::getByID($c->getPageTypeID());
if (is_object($pagetype) && $cp->canEditPageContents()) { ?>
<li><a class="dialog-launch" dialog-width="640" dialog-height="640"
dialog-modal="false" dialog-title="<?= t('Composer') ?>" href="<?= URL::to(
'/ccm/system/panels/details/page/composer') ?>?cID=<?= $cID ?>"><?= t(
'Composer') ?></a></li>
menuHTML += '</div>';
menuHTML += '<span class="label notice"><?php
echo t('Version %s', $c->getVersionID());
?>
</span>';
menuHTML += '<?php
echo t('Page currently in edit mode on %s', date(DATE_APP_GENERIC_MDYT));
?>
';
menuHTML += '</div>';
<? } else { ?>
menuHTML += '<div class="ccm-edit-overlay-actions">';
<? if ($cp->canEditPageContents()) { ?>
menuHTML += '<a id="ccm-nav-check-out" href="<? if (!$cantCheckOut) { ?><?php
echo DIR_REL;
?>
/<?php
echo DISPATCHER_FILENAME;
?>
?cID=<?php
echo $c->getCollectionID();
?>
&ctask=check-out<?php
echo $token;
?>
<? } else { ?>javascript:void(0);<? } ?>" class="btn primary <? if ($cantCheckOut) { ?> disabled <? } ?> launch-tooltip" <? if ($cantCheckOut) { ?>title="<?php
echo t('Someone has already checked this page out for editing.');
?>
<?php
defined('C5_EXECUTE') or die("Access Denied.");
$c = Page::getByID($_REQUEST['cID']);
$cp = new Permissions($c);
if (!$cp->canEditPageProperties() && !$cp->canEditPageContents()) {
die(t("Access Denied."));
}
$v = CollectionVersion::get($c, "RECENT", true);
if ($cp->canApprovePageVersions()) {
$approveChecked = "";
if (isset($_SESSION['checkInApprove'])) {
if ($_SESSION['checkInApprove'] == true) {
$approveChecked = " checked";
}
}
}
Loader::element('pane_header', array('c' => $c));
?>
<div class="ccm-pane-controls">
<div id="ccm-edit-collection">
<form method="post" id="ccm-check-in" action="<?php
echo DIR_REL;
?>
/<?php
echo DISPATCHER_FILENAME;
?>
?cID=<?php
echo $c->getCollectionID();
?>
&ctask=check-in">
<?php
defined('C5_EXECUTE') or die("Access Denied.");
use Concrete\Core\Attribute\Set as AttributeSet;
$cp = new Permissions($c);
$pk = PermissionKey::getByHandle('edit_page_properties');
$pk->setPermissionObject($c);
$asl = $pk->getMyAssignment();
$seoSet = AttributeSet::getByHandle('seo');
?>
<section>
<header><?php
echo t('Page Settings');
?>
</header>
<? if ($cp->canEditPageContents()
|| $cp->canEditPageTheme()
|| $cp->canEditPageProperties()
|| $cp->canEditPageTemplate()) { ?>
<menu class="ccm-panel-page-basics">
<?php
$pagetype = PageType::getByID($c->getPageTypeID());
if (is_object($pagetype) && $cp->canEditPageContents()) {
?>
<li>
<a href="#" data-launch-panel-detail="page-composer"
data-panel-detail-url="<?php
echo URL::to('/ccm/system/panels/details/page/composer');
?>
"
/**
* @param Page|View|Collection $page
* @param User $user
*/
public static function handleRequest($page)
{
if (!is_object($page)) {
return;
}
if (is_a($page, 'View')) {
$page = $page->getCollectionObject();
}
if (!is_object($page) || !is_a($page, 'Collection') || $page->isError()) {
return;
}
$db = Loader::db();
$ak = null;
$config = null;
$rs = $db->Query('select * from atHandleHttpsConfig where akEnabled = 1');
while ($row = $rs->FetchRow()) {
$ak = CollectionAttributeKey::getByID($row['akID']);
if (is_object($ak)) {
$config = $row;
break;
}
}
$rs->Close();
if (!is_object($ak)) {
return;
}
$akPage = $page;
for (;;) {
$handling = $akPage->getAttribute($ak);
if (!(is_string($handling) && strlen($handling))) {
$handling = $row['akDefaultRequirement'];
if (!(is_string($handling) && strlen($handling))) {
return;
}
}
if ($handling !== self::SSLHANDLING_INHERIT) {
break;
}
$cID = $akPage->getCollectionID();
if (empty($cID) || $cID == HOME_CID) {
break;
}
if (!is_a($akPage, 'Page')) {
// Need to load the Page object associated to the Collection object we received
$akPage = Page::getByID($cID, 'ACTIVE');
if (!is_object($akPage)) {
break;
}
}
$parentCID = $akPage->getCollectionParentID();
if (empty($parentCID)) {
break;
}
$akPage = Page::getByID($parentCID, 'ACTIVE');
if (!is_object($akPage) || $akPage->isError()) {
break;
}
}
$switchTo = '';
switch ($handling) {
case self::SSLHANDLING_REQUIRE_HTTP:
if (self::isHTTPSRequest()) {
$switchTo = 'http';
}
break;
case self::SSLHANDLING_REQUIRE_HTTPS:
if (!self::isHTTPSRequest()) {
$switchTo = 'https';
}
}
if (!strlen($switchTo)) {
return;
}
if (!$config['akRedirectEditors']) {
$user = User::isLoggedIn() ? new User() : null;
if (is_object($user) && $user->getUserID()) {
if (is_a($page, 'Collection')) {
$page = Page::getByID($page->getCollectionID());
}
$pp = new Permissions($page);
if (!$pp->isError()) {
if ($pp->canEditPageContents() || $pp->canEditPageProperties()) {
return;
}
}
}
}
$finalURL = '';
if ($config['akCustomDomains']) {
switch ($switchTo) {
case 'http':
$finalURL = $config['akHTTPDomain'];
break;
case 'https':
$finalURL = $config['akHTTPSDomain'];
break;
}
}
if (!strlen($finalURL)) {
$finalURL = $switchTo . '://' . self::getRequestDomain();
}
$request = Request::get();
$finalURL = rtrim($finalURL, '/') . trim(DIR_REL, '/') . '/' . @ltrim($request->getRequestPath(), '/');
if (isset($_SERVER) && is_array($_SERVER) && array_key_exists('QUERY_STRING', $_SERVER) && is_string($_SERVER['QUERY_STRING']) && strlen($_SERVER['QUERY_STRING'])) {
$finalURL .= '?' . $_SERVER['QUERY_STRING'];
}
@ob_clean();
if (!isset($_POST) || !is_array($_POST) || empty($_POST)) {
header('Location: ' . $finalURL);
} else {
?>
<!doctype html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html;charset=<?php
echo h(APP_CHARSET);
?>
">
<meta charset="<?php
echo h(APP_CHARSET);
?>
">
<script type="text/javascript">
window.onload = function() {
var F = document.all ? document.all('form') : document.getElementById('form');
F.submit();
};
</script>
</head>
<body>
<form id="form" method="POST" action="<?php
echo h($finalURL);
?>
"><?php
foreach ($_POST as $key => $value) {
self::writeFormPost($key, $value);
}
?>
</form>
</body>
</html><?php
}
die;
}
