// Fill albums array $albums[] = $file; } } closedir($handle); sort($albums, SORT_STRING); // to make sure $count[] array is in sync with the $albums[] array, we need to perform this extra round AFTER the sort() operation. foreach ($albums as $key => $file) { // Count files in album $images = fileList(BASE_PATH . '/media/albums/' . $file); $count[$key] = count($images); } } $album = getGETparam4Filename('album'); $album_path = in_array($album, $albums) ? BASE_PATH . '/media/albums/' . $album : null; $page_id = getGETparam4IdOrNumber('page_id'); $preview_checkcode = GenerateNewPreviewCode($page_id); $tinyMCE_required = false; $textarea4descr_id = str2variablename('lightbox_' . $page_id . (!empty($album) ? '_' . $album : '')); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html> <head> <meta http-equiv="Content-type" content="text/html; charset=utf-8" /> <title>Lightbox module</title> <link rel="stylesheet" type="text/css" href="../../../admin/img/styles/base.css,liquid.css,layout.css,sprite.css,last_minute_fixes.css" /> <link rel="stylesheet" type="text/css" href="modLightbox.css" /> <!--[if IE]> <link rel="stylesheet" type="text/css" href="../../../admin/img/styles/ie.css" /> <![endif]--> </head>
define('CCMS_PERFORM_MINIMAL_INIT', true); } // Define default location if (!defined('BASE_PATH')) { $base = str_replace('\\', '/', dirname(dirname(dirname(dirname(dirname(__FILE__)))))); define('BASE_PATH', $base); } // Include general configuration /*MARKER*/ require_once BASE_PATH . '/lib/sitemap.php'; // security check done ASAP if (!checkAuth() || empty($_SESSION['rc1']) || empty($_SESSION['rc2'])) { die("No external access to file"); } $do = getGETparam4IdOrNumber('do'); $status = getGETparam4IdOrNumber('status'); $status_message = getGETparam4DisplayHTML('msg'); // Set the default template $dir_temp = BASE_PATH . "/lib/templates/"; $get_temp = getGETparam4FullFilePath('template', $template[0] . '.tpl.html'); $chstatus = is_writable_ex($dir_temp . $get_temp); // @dev: to test the error feedback on read-only on Win+UNIX: add '|| 1' here. // Check for filename if (!empty($get_temp)) { if (@fopen($dir_temp . $get_temp, 'r')) { $handle = fopen($dir_temp . $get_temp, 'r'); // PHP5+ Feature $contents = stream_get_contents($handle); if (0) { // PHP4 Compatibility $flen = filesize($dir_temp . $get_temp);
> Contact me for any inquiries. > E: Xander@CompactCMS.nl > W: http://community.CompactCMS.nl/forum ************************************************************ */ /* make sure no-one can run anything here if they didn't arrive through 'proper channels' */ if (!defined("COMPACTCMS_CODE")) { die('Illegal entry point!'); } /*MARKER*/ // Load news preferences //$pageID = getGETparam4Filename('page'); $page_id = $ccms['page_id']; $page_name = $ccms['page_name']; $do = getGETparam4IdOrNumber('do'); $id = getGETparam4IdOrNumber('id'); $is_printing = $ccms['printing'] == 'Y'; if (!empty($page_id)) { $rsCfg = $db->SelectSingleRow($cfg['db_prefix'] . 'cfgnews', array('page_id' => MySQL::SQLValue($page_id, MySQL::SQLVALUE_NUMBER))); if ($db->ErrorNumber() != 0) { $db->Kill(); } } $locale = $rsCfg ? $rsCfg->showLocale : $cfg['locale']; // no need to check whether the given page is a news page; if it isn't we wouldn't have arrived here... // Set front-end language SetUpLanguageAndLocale($locale); // Do actions for overview $newsrows = false; if (empty($id)) { $newsID = false;
$type = getGETparam4IdOrNumber('type'); switch ($type) { case 'css': $http_base = path_remove_dot_segments($cssdir); $base = str_replace('\\', '/', cvt_abs_http_path2realpath($http_base, $cfg['rootdir'], BASE_PATH)); break; case 'javascript': $http_base = path_remove_dot_segments($jsdir); $base = str_replace('\\', '/', cvt_abs_http_path2realpath($http_base, $cfg['rootdir'], BASE_PATH)); break; default: send_response_status_header(503); // Not Implemented exit; } $extra_JS_callback = getGETparam4IdOrNumber('cb'); $only_when_expression = trim(getGETparam4MathExpression('only-when', '')); /*MARKER*/ require_once BASE_PATH . '/lib/includes/browscap/browscap/Browscap.php'; $client_browser = new Browscap(BASE_PATH . '/lib/includes/cache'); $client_browser->localFile = BASE_PATH . '/lib/includes/browscap-data/php_browscap.ini'; $client_browser = $client_browser->getBrowser(); /* * we would have liked to calculate the version 'float' value from the ["MajorVer"] and ["MinorVer"] entries, * but then we'd be screwed when you got versions like '3.01' which would be encoded as 3 and 1. * * On the other hand we cannot assume the ["Version"] entry has just a single point. After all, there's nothing * stopping the format from speccing for example '3.01.2750' and again we'ld be screwed if we casted such an * entry to float without watching out. So we do it the hard way and pick ["Version"] and strip off anything * past the second '.' dot in there. */
if (!defined('CCMS_PERFORM_MINIMAL_INIT')) { define('CCMS_PERFORM_MINIMAL_INIT', true); } // Define default location if (!defined('BASE_PATH')) { $base = str_replace('\\', '/', dirname(dirname(dirname(dirname(dirname(__FILE__)))))); define('BASE_PATH', $base); } // Include general configuration /*MARKER*/ require_once BASE_PATH . '/lib/sitemap.php'; // security check done ASAP if (!checkAuth() || empty($_SESSION['rc1']) || empty($_SESSION['rc2'])) { die("No external access to file"); } $do = getGETparam4IdOrNumber('do'); $btn_backup = getPOSTparam4IdOrNumber('btn_backup'); if ($do == 'backup' && $btn_backup == 'dobackup') { // Include back-up functions /*MARKER*/ require_once './functions.php'; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html> <head> <meta http-equiv="Content-type" content="text/html; charset=utf-8" /> <title>Back-up & Restore module</title> <link rel="stylesheet" type="text/css" href="../../../../admin/img/styles/base.css,liquid.css,layout.css,sprite.css,last_minute_fixes.css" /> <!--[if IE]> <link rel="stylesheet" type="text/css" href="../../../../admin/img/styles/ie.css" />
// Include general configuration /*MARKER*/ require_once BASE_PATH . '/lib/sitemap.php'; class FbX extends CcmsAjaxFbException { } // nasty way to do 'shorthand in PHP -- I do miss my #define macros! :'-| // Some security functions /* make darn sure only authenticated users can get past this point in the code */ if (empty($_SESSION['ccms_userID']) || empty($_SESSION['ccms_userName']) || !checkAuth()) { // this situation should've caught inside sitemap.php-->security.inc.php above! This is just a safety measure here. die_with_forged_failure_msg(__FILE__, __LINE__); // $ccms['lang']['auth']['featnotallowed'] } // Prevent PHP warning by setting default (null) values $do_action = getGETparam4IdOrNumber('action'); /** * * Create a new user as posted by an authorized user * */ if ($do_action == 'add-user' && $_SERVER['REQUEST_METHOD'] == 'POST' && checkAuth()) { FbX::SetFeedbackLocation('user-management.Manage.php'); try { // Only if current user has the rights if ($perm->is_level_okay('manageUsers', $_SESSION['ccms_userLevel'])) { //$i=count(array_filter($_POST)); //if($i <= 6) error if (empty($_POST['userPass'])) { throw new FbX($ccms['lang']['system']['error_tooshort']); }
$r = trim($t, '_.'); echo "\nORIG: [" . htmlentities($t) . "]\nRES: [" . htmlentities($r) . "]\n"; } } // fake a POST submit through a GET request so we can easily diag/debug event requests: if (!isset($_POST)) { $_POST = array(); } foreach ($_GET as $k => $v) { $_POST[$k] = $v; } } // the reason why TinyMCE invoked us (IFF it was TinyMCE!) $req_type = getGETparam4IdOrNumber('editor_req_type'); /* An alternative to handle the 'type' parameter passed by TinyMCE to the FileManager frontend, is to convert it in the frontend and then set the 'filter' FM option. */ $filter_expression = null; switch ($req_type) { case 'image': $filter_expression = 'image/'; break; case 'media': $filter_expression = 'video/'; break; } $browser = new FileManager(array('directory' => BASE_PATH . '/media/', 'thumbnailPath' => $cfg['rootdir'] . '/media/Thumbnails/', 'assetBasePath' => $cfg['rootdir'] . '/lib/includes/js/mootools-filemanager/Assets', 'chmod' => 0777, 'filter' => $filter_expression, 'allowExtChange' => true, 'UploadIsAuthorized_cb' => 'FM_IsAuthorized', 'DownloadIsAuthorized_cb' => 'FM_IsAuthorized', 'CreateIsAuthorized_cb' => 'FM_IsAuthorized', 'DestroyIsAuthorized_cb' => 'FM_IsAuthorized', 'MoveIsAuthorized_cb' => 'FM_IsAuthorized')); // log request data: FM_vardumper($browser, 'init' . getGETparam4IdOrNumber('event')); $browser->fireEvent(getGETparam4IdOrNumber('event'));
if (!empty($_SESSION['ccms_userID']) && !empty($_SESSION['ccms_userName']) && checkAuth()) { $qry = ''; if (!empty($status) || !empty($status_message)) { $qry = '?status=' . rawurlencode($status) . '&msg=' . rawurlencode(!empty($status_message) ? $status_message : $ccms['lang']['system']['error_general']); } header('Location: ' . makeAbsoluteURI($cfg['rootdir'] . 'admin/index.php') . $qry); exit; } // Check for ./install directory if ($cfg['install_dir_exists'] && !$cfg['install_dir_override']) { die('<strong>Security risk: the installation directory is still present.</strong><br/>Either first <a href="../../_install/">run the installer</a>, or remove the <em>./_install</em> directory, before accessing <a href="../../admin/">the back-end</a>.'); } $userName = strtolower(getPOSTparam4IdOrNumber('userName')); // also allow logon actions where the user is already 'pre-configured'; easy logon! if (empty($userName)) { $userName = strtolower(getGETparam4IdOrNumber('logon_user')); } // Do authentication if (isset($_POST['submit']) && $_SERVER['REQUEST_METHOD'] == 'POST') { /* * This code does NOT require that the submitted data (user+pass) originates from the * web form below and was entered in the same session (as we don't have the checkAuth() * condition checked in the if(...) above). * * This is intentional: users may store the login credentials in any form and still log * in. However, it also means that we must be aware that the current POST data can be * entirely malicious, hence we MUST perform rigorous checks -- which one would require * anyhow when logging in. * * To prevent SQL injection attacks against this form, we make sure the POST-ed data * does not contain any wildcards or trickery which makes our validation query below
// prevent PHP barfing a hairball in E_STRICT: if (!isset($_POST) || empty($_POST[$var])) { return $def; } return strval($_POST[$var]); } function SESSION2str($var, $def = '') { // prevent PHP barfing a hairball in E_STRICT: if (!isset($_SESSION) || empty($_SESSION[$var])) { return $def; } return strval($_SESSION[$var]); } // Check whether this is a send request $action_type = getGETparam4IdOrNumber('do'); // debugging: if ($cfg['IN_DEVELOPMENT_ENVIRONMENT'] && 0) { $extra = array('action_type' => $action_type, 'req_method_is_post' => $_SERVER['REQUEST_METHOD'] == 'POST', 'captcha-on' => USE_CAPTCHA_AGAINST_SPAM, 'captcha-match-a' => POST2str('verification', 'x'), 'captcha-match-b' => SESSION2str('ccms_captcha', 'y'), 'captcha-match' => POST2str('verification', 'x') == SESSION2str('ccms_captcha', 'y'), 'honeypot-on' => USE_HONEYTRAP_AGAINST_SPAM, 'honeypot-check1' => POST2str('email', '') == '', 'honeypot-check2-a' => POST2str('darling_jar', 'x'), 'honeypot-check2-b' => SESSION2str('ccms_contactform_honeypot', 'y'), 'honeypot-check2' => POST2str('darling_jar', 'x') == SESSION2str('ccms_contactform_honeypot', 'y')); dump_request_to_logfile($extra); } $error = null; $success = null; $is_form_post = false; /* Fetch values early, so we can keep their content on error: message is not immediately lost to user on faulty submit. Security notes: Considering the fact that we keep POST-ed data around when the POST itself is deemed
} // Continue with content update $page_idcode = explode('-', getPOSTparam4IdOrNumber('id'), 2); $page_id = filterParam4Number(count($page_idcode) == 2 ? $page_idcode[1] : 0); $dest = getGETparam4IdOrNumber('part'); if ($page_id > 0 && !empty($dest)) { $values = array(); // [i_a] make sure $values is an empty array to start with here $values[$dest] = MySQL::SQLValue($content, MySQL::SQLVALUE_TEXT); if (!$db->UpdateRow($cfg['db_prefix'] . 'pages', $values, array('page_id' => MySQL::SQLValue($page_id, MySQL::SQLVALUE_NUMBER)))) { $db->Kill(); } else { echo $content; } } else { die($ccms['lang']['system']['error_forged'] . ' (' . __FILE__ . ', ' . __LINE__ . ', ' . getGETparam4IdOrNumber('id') . ')'); } } else { die($ccms['lang']['system']['error_forged'] . ' (' . __FILE__ . ', ' . __LINE__ . ')'); } exit; } /** * * Change the page/file name inline. * * To make it a proper transaction, first try to change the filename, and only if that succeeds edit the database record. * */ if ($do_action == 'liverename' && $_SERVER['REQUEST_METHOD'] == 'POST' && checkAuth()) { $page_idcode = explode('-', getPOSTparam4IdOrNumber('id'), 2);
/*MARKER*/ require_once BASE_PATH . '/admin/includes/security.inc.php'; } // DATABASE == // All set! Now this statement will connect to the database if (!$db->Open($cfg['db_name'], $cfg['db_host'], $cfg['db_user'], $cfg['db_pass'])) { $db->Kill($ccms['lang']['system']['error_database']); } // ENVIRONMENT == // Some variables to help this file orientate on its environment $current = basename(filterParam4FullFilePath($_SERVER['REQUEST_URI'])); // [i_a] $curr_page was identical (enough) to $pagereq before $pagereq = checkSpecialPageName(getGETparam4Filename('page'), SPG_GIVE_PAGENAME); $ccms['pagereq'] = $pagereq; $ccms['printing'] = getGETparam4boolYN('printing', 'N'); $preview = getGETparam4IdOrNumber('preview'); // in fact, it's a hash plus ID! $preview = IsValidPreviewCode($preview); $ccms['preview'] = $preview ? 'Y' : 'N'; //$ccms['responsecode'] = null; // default: 200 : OK //$ccms['page_id'] = false; //$ccms['page_name'] = false; //$ccms['content'] = false; //$ccms['template'] = null; // This files' current version $ccms['ccms_version'] = $v = "1.4.2"; // preparation for plugins, et.c which want to load JavaScript files through the template: $ccms['CSS.required_files'] = array(); $ccms['CSS.inline'] = array(); $ccms['JS.required_files'] = array(); $ccms['JS.done'] = array();