$optimize['javascript'] = $cfg['IN_DEVELOPMENT_ENVIRONMENT'] ? false : 'JSmin'; // possible values: false, 'JSmin' $optimize['css3'] = $cfg['IN_DEVELOPMENT_ENVIRONMENT'] ? 'browser-fix' : 'browser-fix'; // possible values: false, 'remove', 'browser-fix' $cache = !$cfg['IN_DEVELOPMENT_ENVIRONMENT']; // only disable cache when in development environment $cachedir = BASE_PATH . '/lib/includes/cache'; $jsdir = getGETparam4FullFilePath('jsdir'); if (empty($jsdir)) { $jsdir = $cfg['rootdir'] . '/lib/includes/js'; } else { if ($jsdir[0] != '/') { $jsdir = $cfg['rootdir'] . $jsdir; } } $cssdir = getGETparam4FullFilePath('cssdir'); if (empty($cssdir)) { $cssdir = $cfg['rootdir'] . 'admin/img/styles'; } else { if ($cssdir[0] != '/') { $cssdir = $cfg['rootdir'] . $cssdir; } } $http_root = $cfg['rootdir']; $root = str_replace('\\', '/', cvt_abs_http_path2realpath($http_root, $cfg['rootdir'], BASE_PATH)); // Determine the directory and type we should use $type = getGETparam4IdOrNumber('type'); switch ($type) { case 'css': $http_base = path_remove_dot_segments($cssdir); $base = str_replace('\\', '/', cvt_abs_http_path2realpath($http_base, $cfg['rootdir'], BASE_PATH));
$base = str_replace('\\', '/', dirname(dirname(dirname(dirname(dirname(__FILE__)))))); define('BASE_PATH', $base); } // Include general configuration /*MARKER*/ require_once BASE_PATH . '/lib/sitemap.php'; // security check done ASAP if (!checkAuth() || empty($_SESSION['rc1']) || empty($_SESSION['rc2'])) { die("No external access to file"); } $do = getGETparam4IdOrNumber('do'); $status = getGETparam4IdOrNumber('status'); $status_message = getGETparam4DisplayHTML('msg'); // Set the default template $dir_temp = BASE_PATH . "/lib/templates/"; $get_temp = getGETparam4FullFilePath('template', $template[0] . '.tpl.html'); $chstatus = is_writable_ex($dir_temp . $get_temp); // @dev: to test the error feedback on read-only on Win+UNIX: add '|| 1' here. // Check for filename if (!empty($get_temp)) { if (@fopen($dir_temp . $get_temp, 'r')) { $handle = fopen($dir_temp . $get_temp, 'r'); // PHP5+ Feature $contents = stream_get_contents($handle); if (0) { // PHP4 Compatibility $flen = filesize($dir_temp . $get_temp); if ($flen > 0) { $contents = @fread($handle, $flen); } }
die_with_forged_failure_msg(__FILE__, __LINE__); // $ccms['lang']['auth']['featnotallowed'] } // Prevent PHP warning by setting default (null) values $do_action = getGETparam4IdOrNumber('action'); /** * * Save the edited template and check for authority * */ if ($do_action == 'save-template' && $_SERVER['REQUEST_METHOD'] == 'POST' && checkAuth()) { FbX::SetFeedbackLocation('template-editor.Manage.php'); try { // Only if current user has the rights if ($perm->is_level_okay('manageTemplate', $_SESSION['ccms_userLevel'])) { $filenoext = getGETparam4FullFilePath('template'); $filename = BASE_PATH . '/lib/templates/' . $filenoext; $content = getPOSTparam4RAWCONTENT('content'); // RAW CONTENT: the template may contain ANYTHING. if (is_writable_ex($filename)) { if (!($handle = fopen($filename, 'w'))) { throw new FbX($ccms['lang']['system']['error_openfile'] . ' (' . $filename . ').'); } if (fwrite($handle, $content) === FALSE) { fclose($handle); throw new FbX($ccms['lang']['system']['error_write'] . ' (' . $filename . ').'); } // Do on success fclose($handle); header('Location: ' . makeAbsoluteURI('template-editor.Manage.php?status=notice&msg=' . rawurlencode($ccms['lang']['backend']['settingssaved']) . '&template=' . $filenoext)); exit;