function nonce($action = null)
{
echo get_nonce($action);
}
echo $i18n['ADD_COMPONENT'];
?>
</a>
<div class="clear"></div>
</div>
<form class="manyinputs" action="<?php
echo htmlentities($_SERVER['PHP_SELF'], ENT_QUOTES);
?>
" method="post" accept-charset="utf-8" >
<input type="hidden" id="id" value="<?php
echo @$count;
?>
" />
<input type="hidden" id="nonce" name="nonce" value="<?php
echo get_nonce("modify_components");
?>
" />
<p><input type="submit" class="submit" name="submitted" id="button" value="<?php
echo $i18n['SAVE_COMPONENTS'];
?>
" /> <?php
echo $i18n['OR'];
?>
<a class="cancel" href="theme.php"><?php
echo $i18n['CANCEL'];
?>
</a></p>
<div id="divTxt"></div>
<?php
<div class="edit-nav clearfix" >
<?php
exec_action(get_filename_id() . '-edit-nav');
?>
</div>
<?php
exec_action(get_filename_id() . '-body');
?>
<!-- user form -->
<form class="largeform" action="<?php
myself();
?>
" method="post" accept-charset="utf-8" >
<input id="nonce" name="nonce" type="hidden" value="<?php
echo get_nonce("save_profile");
?>
" />
<?php
if ($adding === true) {
?>
<input id="add" name="add" type="hidden" value="1" /> <?php
}
?>
<div class="leftsec">
<p><label for="user" ><?php
i18n('LABEL_USERNAME');
?>
:</label><input class="text" id="user" name="user" type="text" <?php
echo $adding === true ? '' : 'readonly';
function get_pages_menu_content($parent, $menu, $level)
{
global $pagesSorted;
$items = array();
foreach ($pagesSorted as $page) {
$items[(string) $page['url']] = $page;
}
if (count($items) > 0) {
foreach ($items as $page) {
$dash = "";
if ($page['parent'] != '') {
$parentdata = getXML(GSDATAPAGESPATH . $page['parent'] . '.xml');
$parentTitle = $parentdata->parent;
$dash = "<b>" . $parentTitle . "</b>:" . $page['parent'] . " ";
}
$menu .= '<tr id="tr-' . $page['url'] . '" >';
if ($page['title'] == '') {
$page['title'] = '[No Title] » <em>' . $page['url'] . '</em>';
}
if ($page['menuStatus'] != '') {
$page['menuStatus'] = ' <sup>[' . i18n_r('MENUITEM_SUBTITLE') . ']</sup>';
} else {
$page['menuStatus'] = '';
}
if ($page['private'] != '') {
$page['private'] = ' <sup>[' . i18n_r('PRIVATE_SUBTITLE') . ']</sup>';
} else {
$page['private'] = '';
}
if ($page['url'] == 'index') {
$homepage = ' <sup>[' . i18n_r('HOMEPAGE_SUBTITLE') . ']</sup>';
} else {
$homepage = '';
}
$menu .= '<td class="pagetitle">' . $dash . '<a title="' . i18n_r('EDITPAGE_TITLE') . ': ' . cl($page['title']) . '" href="cedit.php?id=' . $page['url'] . '" >' . cl($page['title']) . '</a><span class="showstatus toggle" >' . $homepage . $page['menuStatus'] . $page['private'] . '</span></td>';
$menu .= '<td style="width:80px;text-align:right;" ><span>' . shtDate($page['pubDate']) . '</span></td>';
$menu .= '<td class="secondarylink" >';
$menu .= '<a title="' . i18n_r('VIEWPAGE_TITLE') . ': ' . cl($page['title']) . '" target="_blank" href="' . find_url($page['url'], $page['parent']) . '">#</a>';
$menu .= '</td>';
if ($page['url'] != 'index') {
$menu .= '<td class="delete" ><a class="delconfirm" href="cdeletefile.php?id=' . $page['url'] . '&nonce=' . get_nonce("cdelete", "cdeletefile.php") . '" title="' . i18n_r('DELETEPAGE_TITLE') . ': ' . cl($page['title']) . '" >×</a></td>';
} else {
$menu .= '<td class="delete" ></td>';
}
$menu .= '</tr>';
}
}
return $menu;
}
foreach ($fields as $key => $value) {
$r[] = rawurlencode($key) . "=" . rawurlencode($value);
}
return implode($delim, $r);
//return complete base string
}
/**
* Returns typical headers needed for a request
* @param $consumer_key
* @param $nonce
*/
function auth_headers($consumer_key, $nonce = '')
{
return array('oauth_consumer_key' => $consumer_key, 'oauth_nonce' => $nonce, 'oauth_signature_method' => 'HMAC-SHA1', 'oauth_timestamp' => time(), 'oauth_version' => '1.0');
}
$nonce = get_nonce('https://api.elucidat.com/v2/releases/launch', $api_key, $api_secret);
$headers = auth_headers($api_key, $nonce);
$fields = array('release_code' => $release_code, 'name' => $learner_name, 'email_address' => $learner_email);
$result = call_elucidat($headers, $fields, 'GET', 'https://api.elucidat.com/v2/releases/launch', $api_secret);
?>
<!DOCTYPE html>
<!--[if IE 6]> <html class="no-js ie6 ie-lt9"> <![endif]-->
<!--[if IE 7]> <html class="no-js ie7 ie-lt9"> <![endif]-->
<!--[if IE 8]> <html class="no-js ie8 ie-lt9"> <![endif]-->
<!--[if IE 9]> <html class="no-js ie9"> <![endif]-->
<!--[if gt IE 9]><!--> <html class="no-js"> <!--<![endif]-->
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
<title>Elucidat website integration example</title>
<!-- viewport behaviour IMPORTANT -->
get_template('header', cl($SITENAME) . ' » ' . i18n_r('GENERAL_SETTINGS'));
?>
<?php
include 'template/include-nav.php';
?>
<div class="bodycontent clearfix">
<div id="maincontent">
<form class="largeform" action="<?php
myself();
?>
" method="post" accept-charset="utf-8" >
<input id="nonce" name="nonce" type="hidden" value="<?php
echo get_nonce("save_settings");
?>
" />
<div class="main">
<h3><?php
i18n('WEBSITE_SETTINGS');
?>
</h3>
<div class="leftsec">
<p><label for="sitenameinput" ><?php
i18n('LABEL_WEBSITE');
?>
:</label><input class="text" id="sitenameinput" name="sitename" type="text" value="<?php
if (isset($SITENAME1)) {
doNotify(i18n_r('FLUSHCACHE-SUCCESS'), 'success');
break;
case 'del-error':
doNotify('<b>' . i18n_r('ERROR') . ':</b> ' . i18n_r('ER_PROBLEM_DEL') . '.', 'error');
break;
case 'comp-success':
doNotify(i18n_r('ER_COMPONENT_SAVE') . '. <a href="components.php?undo&nonce=' . get_nonce("undo") . '">' . i18n_r('UNDO') . '</a>', 'success');
break;
case 'comp-restored':
doNotify(i18n_r('ER_COMPONENT_REST') . '. <a href="components.php?undo&nonce=' . get_nonce("undo") . '">' . i18n_r('UNDO') . '</a>', 'success');
break;
case 'profile-restored':
doNotify(i18n_r('ER_PROFILE_RESTORED') . '. <a href="profile.php?undo&nonce=' . get_nonce("undo") . '&userid=' . $userid . '">' . i18n_r('UNDO') . '</a>', 'success');
break;
case 'settings-restored':
doNotify(i18n_r('ER_OLD_RESTORED') . '. <a href="settings.php?undo&nonce=' . get_nonce("undo") . '">' . i18n_r('UNDO') . '</a>', 'success');
break;
default:
if (isset($error)) {
doNotify('<b>' . i18n_r('ERROR') . ':</b> ' . $error, 'error');
} elseif (isset($_GET['cancel'])) {
doNotify(i18n_r('ER_CANCELLED_FAIL'), 'error');
} elseif (isset($_GET['logout'])) {
doNotify(i18n_r('MSG_LOGGEDOUT'), 'info');
} elseif (!empty($err)) {
doNotify('<b>' . i18n_r('ERROR') . ':</b> ' . $err, 'error');
} elseif (isset($success)) {
doNotify($success, 'success');
}
break;
}
$plugin = antixss($pluginid);
change_plugin($pluginid);
redirect('plugins.php');
}
}
// Variable settings
login_cookie_check();
$counter = 0;
$table = null;
$pluginfiles = getFiles(GSPLUGINPATH);
sort($pluginfiles);
$needsupdate = false;
foreach ($pluginfiles as $fi) {
$pathExt = pathinfo($fi, PATHINFO_EXTENSION);
$pathName = pathinfo_filename($fi);
$setNonce = '&nonce=' . get_nonce("set", "plugins.php");
if ($pathExt == "php") {
if ($live_plugins[$fi] == 'true') {
$cls_Enabled = 'hidden';
$cls_Disabled = '';
$trclass = 'enabled';
} else {
$cls_Enabled = '';
$cls_Disabled = 'hidden';
$trclass = 'disabled';
}
$api_data = json_decode(get_api_details('plugin', $fi));
$updatelink = null;
if (is_object($api_data) && $api_data->status == 'successful') {
if ($api_data->version > $plugin_info[$pathName]['version']) {
$updatelink = '<br /><a class="updatelink" href="' . $api_data->path . '" target="_blank">' . i18n_r('UPDATE_AVAILABLE') . ' ' . $api_data->version . '</a>';
$count = "0";
$path = tsl(GSBACKUPSPATH . 'zip/');
$filenames = getFiles($path);
natsort($filenames);
rsort($filenames);
foreach ($filenames as $file) {
if ($file[0] != ".") {
$timestamp = explode('_', $file);
$name = lngDate($timestamp[0]);
clearstatcache();
$ss = stat($path . $file);
$size = fSize($ss['size']);
echo '<tr>
<td><a title="' . i18n_r('DOWNLOAD') . ' ' . $name . '" href="download.php?file=' . $path . $file . '&nonce=' . get_nonce("archive", "download.php") . '">' . $name . '</a></td>
<td style="width:70px;text-align:right;" ><span>' . $size . '</span></td>
<td class="delete" ><a class="delconfirm" title="' . i18n_r('DELETE_ARCHIVE') . ': ' . $name . '?" href="deletefile.php?zip=' . $file . '&nonce=' . get_nonce("delete", "deletefile.php") . '">×</a></td>
</tr>';
$count++;
}
}
?>
</table>
<p><em><b><span id="pg_counter"><?php
echo $count;
?>
</span></b> <?php
i18n('TOTAL_ARCHIVES');
?>
</em></p>
</div>
</div>
$nonce = $_GET['nonce'];
if (!check_nonce($nonce, "undo", "support.php")) {
die("CSRF detected!");
}
$ufile = 'cp_settings.xml';
undo($ufile, $path, $bakpath);
header('Location: support.php?rest=true');
}
if (isset($_GET['restored'])) {
$restored = 'true';
} else {
$restored = 'false';
}
// were changes submitted?
if (isset($_POST['submitted'])) {
$success = $i18n['SETTINGS_UPDATED'] . '. <a href="support.php?undo&nonce=' . get_nonce("restore", "support.php") . '">' . $i18n['UNDO'] . '</a>';
}
?>
<?php
get_template('header', cl($SITENAME) . ' » ' . $i18n['SUPPORT']);
?>
<h1><a href="<?php
echo $SITEURL;
?>
" target="_blank" ><?php
echo cl($SITENAME);
?>
</a> <span>»</span> <?php
echo $i18n['SUPPORT'];
} elseif ($err == 'false') {
echo '<div class="updated">' . $i18n['ER_SETTINGS_UPD'] . '. <a href="settings.php?undo&nonce=' . get_nonce("undo") . '">' . $i18n['UNDO'] . '</a></div>';
} elseif ($restored == 'true') {
echo '<div class="updated">' . $i18n['ER_OLD_RESTORED'] . '. <a href="settings.php?undo&nonce=' . get_nonce("undo") . '">' . $i18n['UNDO'] . '</a></div>';
} elseif (@$_GET['rest'] == 'true') {
echo '<div class="updated">' . $i18n['ER_OLD_RESTORED'] . '. <a href="support.php?undo&nonce=' . get_nonce("undo", "support.php") . '">' . $i18n['UNDO'] . '</a></div>';
} elseif ($err == 'true') {
echo '<div class="error"><b>' . $i18n['ERROR'] . ':</b> ' . @$msg . '</div>';
} elseif ($update == 'pwd-success') {
echo '<div class="updated">' . $i18n['ER_NEW_PWD_SENT'] . '. <a href="index.php">' . $i18n['LOGIN'] . '</a></div>';
} elseif ($update == 'pwd-error') {
echo '<div class="error"><b>' . $i18n['ERROR'] . ':</b> ' . $i18n['ER_SENDMAIL_ERR'] . '.</div>';
} elseif ($update == 'del-success') {
echo '<div class="updated">' . $i18n['ER_FILE_DEL_SUC'] . ': <b>' . $_GET['id'] . '</b></div>';
} elseif ($update == 'del-error') {
echo '<div class="error"><b>' . $i18n['ERROR'] . ':</b> ' . $i18n['ER_PROBLEM_DEL'] . '.</div>';
} elseif ($update == 'comp-success') {
echo '<div class="updated">' . $i18n['ER_COMPONENT_SAVE'] . '. <a href="components.php?undo&nonce=' . get_nonce("undo") . '">' . $i18n['UNDO'] . '</a></div>';
} elseif ($update == 'comp-restored') {
echo '<div class="updated">' . $i18n['ER_COMPONENT_REST'] . '. <a href="components.php?undo&nonce=' . get_nonce("undo") . '">' . $i18n['UNDO'] . '</a></div>';
} elseif (isset($_GET['cancel'])) {
echo '<div class="error">' . $i18n['ER_CANCELLED_FAIL'] . '</div>';
} elseif (isset($error)) {
echo '<div class="error">' . $error . '</div>';
} elseif (isset($success)) {
echo '<div class="updated">' . $success . '</div>';
} elseif (isset($_GET['err'])) {
echo '<div class="error"><b>' . $i18n['ERROR'] . ':</b> ' . $_GET['err'] . '</div>';
} elseif (isset($_GET['success'])) {
echo '<div class="updated">' . $_GET['success'] . '</div>';
}
<div id="maincontent">
<div class="main" >
<h3><?php
i18n('RESET_PASSWORD');
?>
</h3>
<p class="desc"><?php
i18n('MSG_PLEASE_EMAIL');
?>
</p>
<form class="login" action="" method="post" >
<input name="nonce" id="nonce" type="hidden" value="<?php
echo get_nonce("reset_password");
?>
"/>
<p><b><?php
i18n('LABEL_USERNAME');
?>
:</b><br /><input class="text" name="username" type="text" value="" /></p>
<p><input class="submit" type="submit" name="submitted" value="<?php
echo i18n_r('SEND_NEW_PWD');
?>
" /></p>
</form>
<p class="cta"><a href="<?php
echo $SITEURL;
?>
"><?php
?>
</a>
</div>
<div style="width:770px;margin:0px auto 2px auto;padding:0px 0px 0px 0px;color:black;font-size:18px;font-weight:bold;"><?php
echo $t_ct_code;
?>
</div>
<form method="post" action="codetester.php" style="width:760px;margin:0px auto 0px auto;padding:10px;background-color:#EEEEEE;-moz-border-radius:2px;-khtml-border-radius:2px;-webkit-border-radius:2px;border-radius:2px;">
<textarea name="sourcecode" rows="10" style="width:748px;margin:0px;padding:5px;border:1px solid #c0c0c0;"><?php
echo '' . trim(file_get_contents('codesource.php'));
?>
</textarea>
<input type="hidden" name="to" value="interpretcode" />
<input type="hidden" name="nonce" value="<?php
echo get_nonce();
/* Russell, 2012-11-10 */
?>
" />
<input type="submit" value="Interpret the code" class="submit" style="width:150px;margin:4px 0px 0px 0px;padding:0px;border:solid 1px silver;cursor:pointer;-moz-border-radius:2px;-khtml-border-radius:2px;-webkit-border-radius:2px;border-radius:2px;" />
</form>
<br />
<div style="width:770px;margin:0px auto 2px auto;padding:0px 0px 0px 0px;color:black;font-size:18px;font-weight:bold;"><?php
echo $t_ct_codeinterpreted;
?>
</div>
<div style="width:760px;margin:0px auto 0px auto;padding:10px;font-size:12px;background-color:#FFF3AF;-moz-border-radius:2px;-khtml-border-radius:2px;-webkit-border-radius:2px;border-radius:2px;"><?php
include 'codesource.php';
?>
</div>
$count = "0";
$path = tsl(GSBACKUPSPATH . 'zip/');
$filenames = getFiles($path);
natsort($filenames);
rsort($filenames);
foreach ($filenames as $file) {
if ($file != "." && $file != ".." && $file != ".htaccess") {
$timestamp = explode('_', $file);
$name = shtDate($timestamp[0]);
clearstatcache();
$ss = @stat($path . $file);
$size = fSize($ss['size']);
echo '<tr>
<td><a title="Download Archive ' . $name . '" target="_blank" href="download.php?file=' . $path . $file . '&nonce=' . get_nonce("archive", "download.php") . '">' . $name . '</a></td>
<td style="width:70px;text-align:right;" ><span>' . $size . '</span></td>
<td class="delete" ><a class="delconfirm" title="Delete Archive ' . $name . '?" href="deletefile.php?zip=' . $file . '&nonce=' . get_nonce("delete", "deletefile.php") . '">X</a></td>
</tr>';
$count++;
}
}
?>
</table>
<p><em><b><?php
echo $count;
?>
</b> <?php
echo $i18n['TOTAL_ARCHIVES'];
?>
</em></p>
</div>
</div>
function getPublishedPageHead($editing = true, $path = '')
{
global $id, $draftExists, $pageExists;
echo '<h3 class="floated">' . ($editing ? i18n_r('PAGE_EDIT_MODE') : i18n_r('CREATE_NEW_PAGE')) . '</h3>';
if (getDef('GSUSEDRAFTS', true) && $pageExists && getDef('GSSDRAFTSPUBLISHEDTAG', true)) {
echo '<div class="title label label-ok unselectable">' . i18n_r('LABEL_PUBLISHED') . '</div>';
}
echo '<!-- pill edit navigation -->', "\n", '<div class="edit-nav clearfix" >';
if ($editing) {
echo '<a class="pageview" href="' . $path . '" target="_blank" accesskey="' . find_accesskey(i18n_r('VIEW')) . '" >' . i18n_r('VIEW') . '</a>';
if ($path != '') {
echo '<a class="pageclone" href="pages.php?id=' . $id . '&action=clone&nonce=' . get_nonce("clone", "pages.php") . '" >' . i18n_r('CLONE') . '</a>';
}
}
exec_action(get_filename_id() . '-edit-nav');
echo "\n</div>";
}
echo '<a href="', find_url($url, $parent), '" target="_blank" accesskey="', find_accesskey(i18n_r('VIEW')), '" >', i18n_r('VIEW'), ' </a>';
}
?>
<a href="#" id="metadata_toggle" accesskey="<?php
echo find_accesskey(i18n_r('PAGE_OPTIONS'));
?>
" ><?php
i18n('PAGE_OPTIONS');
?>
</a>
<div class="clear" ></div>
</div>
<form class="largeform" id="editform" action="cchangedata.php" method="post" accept-charset="utf-8" >
<input id="nonce" name="nonce" type="hidden" value="<?php
echo get_nonce("cedit", "cedit.php");
?>
" />
<input id="author" name="post-author" type="hidden" value="<?php
echo $USR;
?>
" />
<!-- page title toggle screen -->
<p id="edit_window">
<label for="post-title" style="display:none;"><?php
i18n('PAGE_TITLE');
?>
</label>
<input class="text title" id="post-title" name="post-title" type="text" value="<?php
echo $title;
</a></li>
<?php
}
?>
<li id="cancel-updates" class="alertme"><a href="pages.php?cancel" ><?php
i18n('CANCEL');
?>
</a></li>
<?php
if ($url != 'index' && $url != '') {
?>
<li class="alertme" ><a href="deletefile.php?id=<?php
echo $url;
?>
&nonce=<?php
echo get_nonce("delete", "deletefile.php");
?>
" ><?php
echo strip_tags(i18n_r('ASK_DELETE'));
?>
</a></li>
<?php
}
?>
</ul>
</div>
</div>
<?php
if ($url != '') {
/**
* do changedata ajax save checking for legacy
* @param str $url [description]
* @param str $oldslug [description]
*/
function changedataAjaxSave($url, $oldslug)
{
global $draft, $pageIsNew;
if (isset($_POST['ajaxsave'])) {
// force redirects
//
// @todo we update the slug with the assigned slug, but there could be other things plugins need to do when adding a page,
// that needs to be available to the page after, things like custom link menus, actions etc.
// for now we redirect, so pagestack works since it is not implemented yet for ajax
if ($pageIsNew) {
redirect('edit.php?id=' . $url . '&nodraft&upd=edit-success&ptype=new', true);
}
// ajax response wrapper, still using html parsing for now
echo "<div>";
// if this was an autosave add autosave response
if (isset($_POST['autosave']) && $_POST['autosave'] == '1') {
echo '<div class="autosavenotify">' . sprintf(i18n_r('AUTOSAVE_NOTIFY'), output_time(date())) . '</div>';
}
// setup error checking vars and include error checking for notifications
$id = $url;
$update = 'edit-success';
$ptype = 'edit';
if ($url !== $oldslug) {
$oldid = $oldslug;
}
// if slug was changed set $oldid
$upddraft = $draft;
include 'template/error_checking.php';
// send new inputs for slug changes and new nonces
echo '<input id="nonce" name="nonce" type="hidden" value="' . get_nonce("edit", "edit.php") . '" />';
echo '<input id="existing-url" name="existing-url" type="hidden" value="' . $url . '" />';
echo '<input id="post-id" name="post-id" type="hidden" value="' . $url . '" />';
echo "</div>";
die;
}
}
/**
* Check Nonce
*
* @since 2.03
* @author tankmiche
* @uses get_nonce
*
* @param string $nonce
* @param string $action
* @param string $file Optional, default is empty string
* @return bool
*/
function check_nonce($nonce, $action, $file = "")
{
return $nonce === get_nonce($action, $file) || $nonce === get_nonce($action, $file, true);
}
/**
* get table row for pages display
*
* @since 3.4
* @param array $page page array
* @param int $level current level
* @param int $index current index
* @param int $parent parent index
* @param int $children number of children
* @return str html for table row
*/
function getPagesRow($page, $level, $index, $parent, $children)
{
$indentation = $menu = '';
// indentation
$indent = '<span class="tree-indent"></span>';
$last = '<span class="tree-indent indent-last">–</span>';
// add indents based on level
$indentation .= $level > 0 ? str_repeat($indent, $level - 1) : '';
$indentation .= $level > 0 ? $last : '';
// add indents or expanders
$isParent = $children > 0;
// add expanders in php
// $expander = '<span class="tree-expander tree-expander-expanded"></span>';
// $expander = $isParent ? $expander : '<span class="tree-indent"></span>';
// $indentation = $indentation . $expander;
// depth level identifiers
$class = 'depth-' . $level;
$class .= $isParent ? ' tree-parent' : '';
$menu .= '<tr id="tr-' . $page['url'] . '" class="' . $class . '" data-depth="' . $level . '">';
$pagetitle = $pagemenustatus = $pageprivate = $pagedraft = $pageindex = '';
if ($page['title'] == '') {
$pagetitle = '[No Title] » <em>' . $page['url'] . '</em>';
} else {
$pagetitle = $page['title'];
}
if ($page['menuStatus'] != '') {
$pagemenustatus = ' <span class="label label-ghost">' . i18n_r('MENUITEM_SUBTITLE') . '</span>';
}
if ($page['private'] != '') {
$pageprivate = ' <span class="label label-ghost">' . i18n_r('PRIVATE_SUBTITLE') . '</span>';
}
if (pageHasDraft($page['url'])) {
$pagedraft = ' <span class="label label-ghost">' . lowercase(i18n_r('LABEL_DRAFT')) . '</span>';
}
if ($page['url'] == getDef('GSINDEXSLUG')) {
$pageindex = ' <span class="label label-ghost">' . i18n_r('HOMEPAGE_SUBTITLE') . '</span>';
}
if (dateIsToday($page['pubDate'])) {
$pagepubdate = ' <span class="datetoday">' . output_date($page['pubDate']) . '</span>';
} else {
$pagepubdate = '<span>' . output_date($page['pubDate']) . "</span>";
}
$pagetitle = cl($pagetitle);
$menu .= '<td class="pagetitle">' . $indentation . '<a title="' . i18n_r('EDITPAGE_TITLE') . ': ' . var_out($pagetitle) . '" href="edit.php?id=' . $page['url'] . '" >' . $pagetitle . '</a>';
$menu .= '<div class="showstatus toggle" >' . $pageindex . $pagedraft . $pageprivate . $pagemenustatus . '</div></td>';
// keywords used for filtering
$menu .= '<td style="width:80px;text-align:right;" ><span>' . $pagepubdate . '</span></td>';
$menu .= '<td class="secondarylink" >';
$menu .= '<a title="' . i18n_r('VIEWPAGE_TITLE') . ': ' . var_out($pagetitle) . '" target="_blank" href="' . find_url($page['url'], $page['parent']) . '">#</a>';
$menu .= '</td>';
// add delete buttons, exclude index page
if ($page['url'] != 'index') {
$menu .= '<td class="delete" ><a class="delconfirm" href="deletefile.php?id=' . $page['url'] . '&nonce=' . get_nonce("delete", "deletefile.php") . '" title="' . i18n_r('DELETEPAGE_TITLE') . ': ' . cl($page['title']) . '" >×</a></td>';
} else {
$menu .= '<td class="delete" ></td>';
}
// add indexcolumn and tagcolumn for filtering
$menu .= '<td class="indexColumn hidden">' . strip_tags(lowercase($pagetitle . $pageindex . $pagemenustatus . $pageprivate . $pagedraft)) . '</div></td>';
// keywords used for filtering
$menu .= '<td class="tagColumn hidden">' . str_replace(',', ' ', $page['meta']) . '</div></td>';
// keywords used for filtering
$menu .= '</tr>';
return $menu;
}
function verify_nonce()
{
$nonce = get_nonce();
// Fetch the nonce from the last request
remove_nonce();
// clear it so it can't be used again now we have it locally
session_regenerate_id(true);
// replace old session, stops session fixation
// only verify if nonce is sent and matches what is expected
return isset($_POST['nonce']) and $_POST['nonce'] == $nonce;
}
<h3 class="floated"><?php
i18n('PAGE_BACKUPS');
?>
</h3>
<?php
if ($counter > 0) {
?>
<div class="edit-nav clearfix" ><a href="javascript:void(0)" id="filtertable" accesskey="<?php
echo find_accesskey(i18n_r('FILTER'));
?>
" ><?php
i18n('FILTER');
?>
</a> <a href="backups.php?deleteall&nonce=<?php
echo get_nonce("deleteall");
?>
" title="<?php
i18n('DELETE_ALL_BAK');
?>
" accesskey="<?php
echo find_accesskey(i18n_r('ASK_DELETE_ALL'));
?>
" class="confirmation" ><?php
i18n('ASK_DELETE_ALL');
?>
</a></div>
<div id="filter-search">
<form><input type="text" autocomplete="off" class="text" id="q" placeholder="<?php
echo strip_tags(lowercase(i18n_r('FILTER')));
?>
echo $id;
?>
&nonce=<?php
echo get_nonce("restore", "backup-edit.php");
?>
" accesskey="<?php
echo find_accesskey(i18n_r('ASK_RESTORE'));
?>
" ><?php
i18n('ASK_RESTORE');
?>
</a> <a href="backup-edit.php?p=delete&id=<?php
echo $id;
?>
&nonce=<?php
echo get_nonce("delete", "backup-edit.php");
?>
" title="<?php
i18n('DELETEPAGE_TITLE');
?>
: <?php
echo $title;
?>
?" id="delback" accesskey="<?php
echo find_accesskey(i18n_r('ASK_DELETE'));
?>
" class="delconfirm noajax" ><?php
i18n('ASK_DELETE');
?>
</a>
<div class="clear"></div>
if ($pluginid) {
if (check_nonce($nonce, "set_" . pathinfo_filename($pluginid), "plugins.php")) {
$plugin = antixss($pluginid);
change_plugin($plugin);
redirect('plugins.php?success=' . i18n_r('PLUGIN_UPDATED'));
} else {
redirect('plugins.php?error=' . i18n_r('ERROR_OCCURED'));
}
}
// Variable settings
$counter = 0;
$table = '';
$needsupdate = false;
$plugin_info_sorted = subval_sort($plugin_info, 'name');
foreach ($plugin_info_sorted as $pluginid => $plugininfo) {
$setNonce = '&nonce=' . get_nonce("set_" . $pluginid, "plugins.php");
// @todo disabled plugins have a version of (str) 'disabled', should be 0 or null
$pluginver = $plugininfo['version'] == 'disabled' ? 0 : $plugininfo['version'];
if (plugin_active($pluginid)) {
$cls_Enabled = 'hidden';
$cls_Disabled = '';
$trclass = 'enabled';
} else {
$cls_Enabled = '';
$cls_Disabled = 'hidden';
$trclass = 'disabled';
}
// get extend api for this plugin filename
$api_data = json_decode(get_api_details('plugin', $pluginid));
$updatelink = '';
// api success
<h3 class="floated"><?php
i18n('VIEWING');
?>
<?php
i18n('LOG_FILE');
?>
: ‘<em><?php
echo $log_name;
?>
</em>’</h3>
<div class="edit-nav" >
<a href="log.php?log=<?php
echo $log_name;
?>
&action=delete&nonce=<?php
echo get_nonce("delete");
?>
" accesskey="<?php
echo find_accesskey(i18n_r('CLEAR_ALL_DATA'));
?>
" title="<?php
i18n('CLEAR_ALL_DATA');
?>
<?php
echo $log_name;
?>
?" /><?php
i18n('CLEAR_THIS_LOG');
?>
</a>
<div class="clear"></div>
?>
<div class="error">
<p><?php
echo $error;
?>
</p>
</div>
<?php
}
?>
<form method="post" action="?id=backup&action=authorize_ftp">
<input type="hidden" name="_action" value="authorize_ftp" />
<input type="hidden" name="_nonce" value="<?php
echo get_nonce('authorize_ftp', $info['id']);
?>
" />
<p>
<label for="ftp_server">Server</label>
<input type="text" id="ftp_server" name="ftp_server" value="" />
</p>
<p>
<label for="ftp_username">Username</label>
<input type="text" id="ftp_username" name="ftp_username" value="" />
</p>
<p>
<label for="ftp_password">Password</label>
// file perms column
if ($showperms) {
$filePerms = substr(sprintf('%o', fileperms($path . $upload['name'])), -4);
if ($isUnixHost) {
$fileOwner = function_exists('posix_getpwuid') ? posix_getpwuid(fileowner($path . $upload['name'])) : '';
$fileOwnerName = isset($fileOwner['name']) ? $fileOwner['name'] : '';
} else {
$fileOwnerName = getenv('USERNAME');
}
echo '<td style="width:70px;text-align:right;"><span>' . $fileOwnerName . '/' . $filePerms . '</span></td>';
}
echo '<td class="file_date right"><span class="' . (dateIsToday($upload['date']) ? 'datetoday' : '') . '">' . output_date($upload['date']) . '</span></td>';
// delete
echo '<td class="delete">';
if ($allowdelete) {
echo '<a class="delconfirm" title="' . i18n_r('DELETE_FILE') . ': ' . htmlspecialchars($upload['name']) . '" href="deletefile.php?file=' . rawurlencode($upload['name']) . '&path=' . $urlPath . '&nonce=' . get_nonce("delete", "deletefile.php") . '">×</a>';
}
echo '</td></tr>';
}
}
exec_action('file-extras');
// @hook file-extras after file list table rows
echo '</tbody></table>';
if ($counter > 0) {
$sizedesc = '(' . fSize($totalsize) . ')';
} else {
$sizedesc = '';
}
$totalcount = (int) $counter + (int) $foldercount;
echo '<p><em><b><span id="pg_counter">' . $totalcount . '</span></b> ' . i18n_r('TOTAL_FILES') . ' ' . $sizedesc . '</em></p>';
?>
<?php
$content = file_get_contents($relative . 'theme/' . tsl($TEMPLATE) . $TEMPLATE_FILE);
?>
<form action="<?php
echo htmlentities($_SERVER['PHP_SELF'], ENT_QUOTES);
?>
?t=<?php
echo $TEMPLATE;
?>
&f=<?php
echo $TEMPLATE_FILE;
?>
" method="post" >
<input id="nonce" name="nonce" type="hidden" value="<?php
echo get_nonce("save");
?>
" />
<p><textarea name="content" id="codetext" ><?php
echo htmlentities($content, ENT_QUOTES, 'UTF-8');
?>
</textarea></p>
<input type="hidden" value="<?php
echo tsl($TEMPLATE) . $TEMPLATE_FILE;
?>
" name="edited_file" />
<?php
exec_action('theme-edit-extras');
?>
<p><input class="submit" type="submit" name="submitsave" value="<?php
echo $i18n['BTN_SAVECHANGES'];
<?php
include 'template/include-nav.php';
?>
<div class="bodycontent clearfix">
<div id="maincontent">
<div class="main">
<h3><?php
i18n('CHOOSE_THEME');
?>
</h3>
<form action="" method="post" accept-charset="utf-8" >
<input id="nonce" name="nonce" type="hidden" value="<?php
echo get_nonce("activate");
?>
" />
<?php
$theme_path = str_replace(GSROOTPATH, '', GSTHEMESPATH);
if ($SITEURL) {
echo '<p><b>' . i18n_r('THEME_PATH') . ': </b> <code>' . $SITEURL . $theme_path . $TEMPLATE . '/</code></p>';
}
?>
<p><select id="theme_select" class="text" style="width:250px;" name="template" >
<?php
echo $theme_options;
?>
</select> <input class="submit" type="submit" name="submitted" value="<?php
i18n('ACTIVATE_THEME');
?>
function DM_PE_getPages($parent, $menu, $level)
{
global $pagesSorted;
$items = array();
foreach ($pagesSorted as $page) {
if ($page['parent'] == $parent) {
$items[(string) $page['url']] = $page;
}
}
$toggleMenu = get_nonce("menu", "toggle.php");
$togglePrivate = get_nonce("private", "toggle.php");
$gsVersion = get_site_version(false);
if (count($items) > 0) {
foreach ($items as $page) {
$dash = "";
if ($page['parent'] != '') {
$page['parent'] = $page['parent'] . "/";
}
for ($i = 0; $i <= $level - 1; $i++) {
if ($i != $level - 1) {
$dash .= '<span> </span>';
} else {
$dash .= '<span> – </span>';
}
}
$delNonce = get_nonce("delete", "deletefile.php");
$cloneNonce = get_nonce("clone", "pages.php");
$menuNonce = get_nonce("menu", "toggle.php");
$privateNonce = get_nonce("private", "toggle.php");
$menu .= '<tr class="hover" id="tr-' . $page['url'] . '" >';
if ($page['title'] == '') {
$page['title'] = '[No Title] » <em>' . $page['url'] . '</em>';
}
if ($page['menuStatus'] != '') {
$page['menuStatus'] = ' <sup>[' . i18n_r('MENUITEM_SUBTITLE') . ']</sup>';
} else {
$page['menuStatus'] = '';
}
if ($page['private'] != '') {
$page['private'] = ' <sup>[' . i18n_r('PRIVATE_SUBTITLE') . ']</sup>';
} else {
$page['private'] = '';
}
if ($page['url'] == 'index') {
$homepage = ' <sup>[' . i18n_r('HOMEPAGE_SUBTITLE') . ']</sup>';
} else {
$homepage = '';
}
$menu .= '<td class="pagetitle">' . $dash . '<a title="' . i18n_r('EDITPAGE_TITLE') . ': ' . cl($page['title']) . '" href="edit.php?id=' . $page['url'] . '" >' . cl($page['title']) . '</a><span class="showstatus toggle" >' . $homepage . $page['menuStatus'] . $page['private'] . '</span></td>';
$menu .= '<td style="width:80px;text-align:left;" ><span>' . shtDate($page['pubDate']) . '</span></td>';
$menu .= '<td style="width:24px;text-align:right;" >';
/**
$menu .= '<a href="edit.php?id='.$page['url'].'"><img src="../plugins/DM_PE_pageedit/images/document_edit.gif" title="Edit Page" alt="Edit Page" /></a> ';
$menu .= '<a href="edit.php?parent='.$page['url'].'"><img src="../plugins/DM_PE_pageedit/images/document_right.gif" title="Create Child Page" alt="Create Child Page" /></a> ';
$menu .= '<a href="pages.php?id='.$page['url'].'&action=clone&nonce='.$cloneNonce.'"><img src="../plugins/DM_PE_pageedit/images/documents_duplicate.gif" title="Clone Page" alt="Clone Page" /></a> ';
if ($page['menuStatus'] != '' ) {
$menu .= '<a href="../plugins/DM_PE_pageedit/toggle.php?func=menu&id='.$page['url'].'&nonce='.$menuNonce.'" class="toggleMenu"><img src="../plugins/DM_PE_pageedit/images/menu.gif" title="Toggle Menu Off" alt="Toggle Menu Off" /></a> ';
} else {
$menu .= '<a href="../plugins/DM_PE_pageedit/toggle.php?func=menu&id='.$page['url'].'&nonce='.$menuNonce.'" class="toggleMenu"><img src="../plugins/DM_PE_pageedit/images/menu_off.gif" title="Toggle Menu On" alt="Toggle Menu On" /></a> ';
}
if ($page['private'] != '' ) {
$menu .= '<a href="../plugins/DM_PE_pageedit/toggle.php?func=private&id='.$page['url'].'&nonce='.$privateNonce.'" class="togglePrivate"><img src="../plugins/DM_PE_pageedit/images/security_off.gif" title="Toggle Private On" alt="Toggle Private On" /></a> ';
} else {
$menu .= '<a href="../plugins/DM_PE_pageedit/toggle.php?func=private&id='.$page['url'].'&nonce='.$privateNonce.'" class="togglePrivate"><img src="../plugins/DM_PE_pageedit/images/security.gif" title="Toggle Private Off" alt="Toggle Private Off" /></a> ';
}
$menu .= '<a title="'.i18n_r('VIEWPAGE_TITLE').': '. cl($page['title']) .'" target="_blank" href="'. find_url($page['url'],$page['parent']) .'"><img src="../plugins/DM_PE_pageedit/images/theme.gif" title="View Page" alt="View Page" /></a> ';
if ($page['url'] != 'index' ) {
$menu .= '<a href="deletefile.php?id='.$page['url'].'&nonce='.$delNonce.'" class="delconfirm" title="Delete Page: '.$page['url'].'"><img src="../plugins/DM_PE_pageedit/images/trash.gif" title="Delete Page" alt="Clone Page" /></a>';
} else {
$menu .= '';
}
**/
$menu .= '<div class="dropdown">';
$menu .= '<img src="images/icon_spacer.gif" alt="" class="sprite icon dropdownIcon ">';
/*
$menu .= '<ul class="dropdownmenu">';
$menu .= '<li id="save-close" ><a href="#" >Save & Close</a></li>';
$menu .= '<li><a href="pages.php?id=test&action=clone&nonce=16992ac218003b7b85b536aa5523af78468ae4c2" >Clone</a></li>';
$menu .= '<li id="cancel-updates" class="alertme"><a href="pages.php?cancel" >Cancel</a></li>';
$menu .= '<li class="alertme" ><a href="deletefile.php?id=test&nonce=b6ed4bcaf21d3a569ca66db6d2a39b9a30b5e8cb" >Delete</a></li>';
$menu .= '</ul>';
*/
$menu .= '</div>';
$menu .= '</td>';
$menu .= '</tr>';
$menu = DM_PE_getPages((string) $page['url'], $menu, $level + 1);
}
}
return $menu;
}
