public function beforeSave()
{
$this->created_on = date('Y-m-d H:i:s');
$this->username = AuthUser::getRecord()->name;
$this->message = __($this->message, array(':username' => $this->username));
return true;
}
public function beforeSave()
{
$this->created_on = date("Y-m-d H:i:s");
if (!AuthUser::isLoggedIn()) {
$this->username = "******";
} else {
$this->username = AuthUser::getRecord()->name;
}
return true;
}
function filemanager_lang()
{
// filemanager available translations, fallback to 'english'
$trans = array('ca', 'cs', 'da', 'de', 'en', 'es', 'fi', 'fr', 'he', 'hu', 'it', 'ja', 'nl', 'pl', 'pt', 'ru', 'sv', 'vn', 'cn');
$user_lang = ($user = AuthUser::getRecord()) ? strtolower($user->language) : 'en';
$lang = in_array($user_lang, $trans) ? $user_lang : 'en';
if ($lang == 'cn') {
$lang = 'zh-cn';
}
return $lang;
}
public function import()
{
// Get current User if user don't exist in import file
$userId = AuthUser::getRecord()->id;
$xml = self::_removeNameSpacesInXml();
if (false == $xml) {
Flash::set('error', __('Invalid XML WordPress backup file.'));
redirect(get_url('plugin/wpdb_import/'));
}
self::_importCategories($xml, $userId);
self::_importContents($xml, $userId);
Flash::set('success', __('Import successful !'));
redirect(get_url('page'));
}
function CKEditorGetConfigs($key = null)
{
$tablename = TABLE_PREFIX . 'plugin_settings';
try {
$PDO = new PDO(DB_DSN, DB_USER, DB_PASS);
if ($PDO->getAttribute(PDO::ATTR_DRIVER_NAME) == 'mysql') {
$PDO->setAttribute(PDO::MYSQL_ATTR_USE_BUFFERED_QUERY, true);
}
} catch (PDOException $error) {
try {
require_once substrtruncate($_SERVER['SCRIPT_FILENAME'], '/plugins') . '/libraries/DoLite.php';
$PDO = new DoLite(DB_DSN, DB_USER, DB_PASS);
} catch (PDOException $error) {
die('DB Connection failed: ' . $error->getMessage());
}
}
Record::connection($PDO);
$PDO = Record::getConnection();
$PDO->exec("set names 'utf8'");
$sql = "SELECT name,value FROM {$tablename} WHERE plugin_id='ckeditor'";
$settings = array();
$stmt = $PDO->prepare($sql);
$stmt->execute();
while ($obj = $stmt->fetchObject()) {
$settings[$obj->name] = $obj->value;
}
// language setting
/**/
AuthUser::load();
$settings['editorLanguage'] = AuthUser::getRecord()->language;
/**/
if ($settings) {
if ($key && in_array($key, $settings)) {
return $settings[$key];
} else {
// return all
return $settings;
}
}
return false;
}
function mysql_function_date_format($date, $format)
{
return strftime($format, strtotime($date));
}
}
$__CMS_CONN__->sqliteCreateFunction('date_format', 'mysql_function_date_format', 2);
}
// DEFINED ONLY FOR BACKWARDS SUPPORT - to be taken out before 0.9.0
$__FROG_CONN__ = $__CMS_CONN__;
Record::connection($__CMS_CONN__);
Record::getConnection()->exec("set names 'utf8'");
Setting::init();
use_helper('I18n');
AuthUser::load();
if (AuthUser::isLoggedIn()) {
I18n::setLocale(AuthUser::getRecord()->language);
} else {
I18n::setLocale(Setting::get('language'));
}
// Only add the cron web bug when necessary
if (defined('USE_POORMANSCRON') && USE_POORMANSCRON && defined('POORMANSCRON_INTERVAL')) {
Observer::observe('page_before_execute_layout', 'run_cron');
function run_cron()
{
$cron = Cron::findByIdFrom('Cron', '1');
$now = time();
$last = $cron->getLastRunTime();
if ($now - $last > POORMANSCRON_INTERVAL) {
echo $cron->generateWebBug();
}
}
echo memory_usage();
?>
</p>
<?php
}
?>
<p id="site-links">
<?php
echo __('You are currently logged in as');
?>
<a href="<?php
echo get_url('user/edit/' . AuthUser::getId());
?>
"><?php
echo AuthUser::getRecord()->name;
?>
</a>
<span class="separator"> | </span>
<a id="site-view-link" href="<?php
echo URL_PUBLIC;
?>
" target="_blank"><?php
echo __('View Site');
?>
</a>
<span class="separator"> | </span>
<a href="<?php
echo get_url('login/logout' . '?csrf_token=' . SecureToken::generateToken(BASE_URL . 'login/logout'));
?>
"><?php
/**
* Validates whether a given secure token is still valid.
*
* The validateToken() method validates the token is valid by checking:
* - that the token is not expired (through the time),
* - the token is valid for this user,
* - the token is valid for this url
*
* It does so by reconstructing the token. If at any time during the valid
* period of the token, the username, user password or the url changed, the
* token is considered invalid.
*
* The token is also considered invalid if more than SecureToken::EXPIRES seconds
* have passed.
*
* @param string $token The token.
* @param string $url The url for which the token was generated.
* @return boolean True if the token is valid, otherwise false.
*/
public static final function validateToken($token, $url)
{
use_helper('Hash');
$hash = new Crypt_Hash('sha256');
AuthUser::load();
if (AuthUser::isLoggedIn()) {
$user = AuthUser::getRecord();
$target_url = str_replace('&', '&', $url);
$pwd = substr(bin2hex($hash->hash($user->password)), 5, 20);
$time = SecureToken::getTokenTime($user->username, $target_url);
if (microtime(true) - $time > self::EXPIRES) {
return false;
}
return bin2hex($hash->hash($user->username . $time . $target_url . $pwd . $user->salt)) === $token;
}
return false;
}
function registered_users_page_found($page)
{
// If login is required for the page
if ($page->getLoginNeeded() == Page::LOGIN_REQUIRED) {
AuthUser::load();
// Not Logged In
if (!AuthUser::isLoggedIn()) {
global $__FROG_CONN__;
// Get the current page id
$requested_page_id = $page->id();
// Let's get the page that is set as the login page to prevent any loopbacks
$getloginpage = 'SELECT * FROM ' . TABLE_PREFIX . "page WHERE behavior_id='login_page'";
$getloginpage = $__FROG_CONN__->prepare($getloginpage);
$getloginpage->execute();
while ($loginpage = $getloginpage->fetchObject()) {
$loginpage_id = $loginpage->id;
}
if ($requested_page_id != $loginpage_id) {
header('Location: ' . URL_PUBLIC . 'login');
}
} else {
// We need to check if the user has permission to access the page
global $__FROG_CONN__;
// Get requested page id
$requested_page_id = $page->id();
// Get permissions that are required for this page
$permissions_check = "SELECT * FROM " . TABLE_PREFIX . "permission_page WHERE page_id='{$requested_page_id}'";
$permissions_check = $__FROG_CONN__->prepare($permissions_check);
$permissions_check->execute();
$permission_array = array();
while ($permission = $permissions_check->fetchObject()) {
$page_permission = $permission->permission_id;
array_push($permission_array, $page_permission);
}
$permissions_count = count($permission_array);
AuthUser::load();
$userid = AuthUser::getRecord()->id;
// Get permissions that this user has
$user_permissions_check = "SELECT * FROM " . TABLE_PREFIX . "user_permission WHERE user_id='{$userid}'";
$user_permissions_check = $__FROG_CONN__->prepare($user_permissions_check);
$user_permissions_check->execute();
$user_permissions_array = array();
while ($user_permissions = $user_permissions_check->fetchObject()) {
$user_permission = $user_permissions->permission_id;
array_push($user_permissions_array, $user_permission);
}
$permission_result = array_intersect($permission_array, $user_permissions_array);
$permission_result_count = count($permission_result);
if ($permission_result_count >= 1) {
// display page as normal
} else {
// Let's get the authorisation required page
global $__FROG_CONN__;
$registration_settings = "SELECT * FROM " . TABLE_PREFIX . "registered_users_settings WHERE id='1'";
foreach ($__FROG_CONN__->query($registration_settings) as $row) {
$auth_required_page = $row['auth_required_page'];
}
header('Location: ' . URL_PUBLIC . '' . $auth_required_page . '');
}
}
}
}
function dashboard_log_plugin_disable($plugin)
{
$message = __('Plugin <b>:title</b> was disabled by :name', array(':title' => $plugin, ':name' => AuthUser::getRecord()->name));
dashboard_log_event($message, 'core');
}
/**
* Replaces the content of the 'body' part if a language specific part exists.
*
* @param Page $page Page object.
*/
function replaceContent($page)
{
$source = Plugin::getSetting('langsource', 'multi_lang');
$style = Plugin::getSetting('style', 'multi_lang');
if (!$source || !$style) {
return;
}
if ($source == 'header' && $style == 'tab') {
use_helper('I18n');
$found = false;
foreach (I18n::getPreferredLanguages() as $lang) {
if (Setting::get('language') == $lang) {
break;
}
if (isset($page->part->{$lang}) && !empty($page->part->{$lang}->content_html) && $page->part->{$lang}->content_html != '') {
$page->part->body->content_html = $page->part->{$lang}->content_html;
$found = true;
}
if ($found) {
break;
}
}
} else {
if ($source == 'preferences' && $style == 'tab') {
AuthUser::load();
if (AuthUser::isLoggedIn()) {
$lang = AuthUser::getRecord()->language;
if (isset($page->part->{$lang}) && !empty($page->part->{$lang}->content_html) && $page->part->{$lang}->content_html != '') {
$page->part->body->content_html = $page->part->{$lang}->content_html;
}
}
} else {
if ($source == 'header' && $style == 'page') {
use_helper('I18n');
foreach (I18n::getPreferredLanguages() as $lang) {
if (Setting::get('language') == $lang) {
break;
}
$uri = $lang . '/' . CURRENT_URI;
$page = Page::findByUri($uri);
if (false !== $page) {
redirect(BASE_URL . $uri);
}
}
} else {
if ($source == 'preferences' && $style == 'page') {
AuthUser::load();
if (AuthUser::isLoggedIn()) {
$lang = AuthUser::getRecord()->language;
$uri = $lang . '/' . CURRENT_URI;
$page = Page::findByUri($uri);
if (false !== $page) {
redirect(BASE_URL . $uri);
}
}
}
}
}
}
}
function dashboard_log_snippet_edit($snippet)
{
$linked_title = sprintf('<a href="%s">%s</a>', get_url('snippet/edit/' . $snippet->id), $snippet->name);
$data['ident'] = 'core';
$data['priority'] = DASHBOARD_LOG_NOTICE;
$data['message'] = __('Snippet <b>:title</b> was revised by :name', array(':title' => $linked_title, ':name' => AuthUser::getRecord()->name));
$entry = new DashboardLogEntry($data);
$entry->save();
}
// Get a DB connection
Record::connection($PDO);
$PDO = Record::getConnection();
$PDO->exec("set names 'utf8'");
// Query the DB for the plugin settings.
$sql = "SELECT name,value FROM {$tablename} WHERE plugin_id='tinymce'";
$stmt = $PDO->prepare($sql);
$stmt->execute();
// Build settings array with tinymce plugin settings
while ($obj = $stmt->fetchObject()) {
$settings[$obj->name] = $obj->value;
}
// Update settings
if ($settings) {
$image_list_dir = $settings['imagesdir'];
$image_public_path = $settings['imagesuri'];
$preview_css = $settings['cssuri'];
$listhidden = $settings['listhidden'];
AuthUser::load();
$tb_language = AuthUser::isLoggedIn() ? AuthUser::getRecord()->language : Setting::get('language');
}
// The 'g' argument is set, so we want to retrieve something.
if (isset($_GET['g'])) {
$get = $_GET['g'];
if ($get == 'css') {
header("Location: {$preview_css}");
exit;
} else {
exit;
}
}
function registered_users_page_found($page)
{
$PDO = Record::getConnection();
// If login is required for the page
if ($page->getLoginNeeded() == Page::LOGIN_REQUIRED) {
AuthUser::load();
// Not Logged In
if (!AuthUser::isLoggedIn()) {
// Get the current page id
$requested_page_id = $page->id();
// Let's get the page that is set as the login page to prevent any loopbacks
$getloginpage = 'SELECT * FROM ' . TABLE_PREFIX . "page WHERE behavior_id='login_page'";
$getloginpage = $PDO->prepare($getloginpage);
$getloginpage->execute();
while ($loginpage = $getloginpage->fetchObject()) {
$slug = $loginpage->slug;
print_r($loginpage);
}
if ($requested_page_id != $loginpage_id) {
header('Location: ' . BASE_URL . $slug);
}
} else {
// We need to check if the user has permission to access the page
// Get requested page id
$requested_page_id = $page->id();
// Get permissions that are required for this page
$permissions_check = "SELECT * FROM " . TABLE_PREFIX . "permission_page WHERE page_id='{$requested_page_id}'";
$permissions_check = $PDO->prepare($permissions_check);
$permissions_check->execute();
$permission_array = array();
while ($permission = $permissions_check->fetchObject()) {
$page_permission = $permission->permission_id;
array_push($permission_array, $page_permission);
}
$permissions_count = count($permission_array);
AuthUser::load();
$userid = AuthUser::getRecord()->id;
// Get permissions that this user has
/*
$user_permissions_check = "SELECT * FROM ".TABLE_PREFIX."user_permission WHERE user_id='$userid'";
$user_permissions_check = $__CMS_CONN__->prepare($user_permissions_check);
$user_permissions_check->execute();
$user_permissions_array = array();
while ($user_permissions = $user_permissions_check->fetchObject()) {
$user_permission = $user_permissions->permission_id;
array_push($user_permissions_array, $user_permission);
}*/
$roles = AuthUser::getRecord()->roles();
foreach ($roles as $role) {
$user_permissions_array[] = $role->id;
}
$permission_result = array_intersect($permission_array, $user_permissions_array);
$permission_result_count = count($permission_result);
if ($permission_result_count < 1 && AuthUser::getId() != 1) {
// Let's get the authorisation required page
$auth_required_page = Plugin::getSetting("auth_required_page", "registered_users");
header('Location: ' . URL_PUBLIC . '' . $auth_required_page . '');
}
}
}
}
public static function pluginDisable($plugin)
{
$replace = array(":title" => $plugin, ":author" => AuthUser::getRecord()->name);
$message = __("Plugin <b>:title</b> was disabled by :author.", $replace);
self::logEvent($message, "core");
}
public function beforeSave()
{
$this->created_on = date('Y-m-d H:i:s');
$this->username = AuthUser::getRecord()->name;
return true;
}
