function smarty_cms_prefilter_precompilefunc($tpl_output, &$smarty)
{
$result = explode(':', $smarty->_current_file);
if (count($result) > 1) {
if (startswith($result[0], 'tmp_')) {
$result[0] = 'template';
}
switch ($result[0]) {
case 'stylesheet':
Events::SendEvent('Core', 'StylesheetPreCompile', array('stylesheet' => &$tpl_output));
break;
case "content":
Events::SendEvent('Core', 'ContentPreCompile', array('content' => &$tpl_output));
break;
case "template":
Events::SendEvent('Core', 'TemplatePreCompile', array('template' => &$tpl_output));
break;
case "globalcontent":
Events::SendEvent('Core', 'GlobalContentPreCompile', array('global_content' => &$tpl_output));
break;
default:
break;
}
}
Events::SendEvent('Core', 'SmartyPreCompile', array('content' => &$tpl_output));
return $tpl_output;
}
function smarty_postfilter_postcompilefunc($tpl_output, &$template)
{
$smarty = $template->smarty;
$result = explode(':', $smarty->_current_file);
if (count($result) > 1) {
switch ($result[0]) {
case 'stylesheet':
Events::SendEvent('Core', 'StylesheetPostCompile', array('stylesheet' => &$tpl_output));
break;
case "content":
Events::SendEvent('Core', 'ContentPostCompile', array('content' => &$tpl_output));
break;
case "template":
case 'tpl_top':
case 'tpl_body':
case 'tpl_head':
Events::SendEvent('Core', 'TemplatePostCompile', array('template' => &$tpl_output, 'type' => $result[0]));
break;
case "globalcontent":
Events::SendEvent('Core', 'GlobalContentPostCompile', array('global_content' => &$tpl_output));
break;
default:
break;
}
}
Events::SendEvent('Core', 'SmartyPostCompile', array('content' => &$tpl_output));
return $tpl_output;
}
function smarty_cms_prefilter_precompilefunc($tpl_output, &$smarty)
{
global $gCms;
$result = explode(':', $smarty->_current_file);
if (count($result) > 1) {
if (startswith($result[0], 'tmp_')) {
$result[0] = 'template';
}
switch ($result[0]) {
case "content":
// foreach($gCms->modules as $key=>$value)
// {
// if ($gCms->modules[$key]['installed'] == true &&
// $gCms->modules[$key]['active'] == true)
// {
// $gCms->modules[$key]['object']->ContentPreCompile($tpl_output);
// }
// }
Events::SendEvent('Core', 'ContentPreCompile', array('content' => &$tpl_output));
break;
case "template":
// foreach($gCms->modules as $key=>$value)
// {
// if ($gCms->modules[$key]['installed'] == true &&
// $gCms->modules[$key]['active'] == true)
// {
// $gCms->modules[$key]['object']->TemplatePreCompile($tpl_output);
// }
// }
Events::SendEvent('Core', 'TemplatePreCompile', array('template' => &$tpl_output));
break;
case "globalcontent":
// foreach($gCms->modules as $key=>$value)
// {
// if ($gCms->modules[$key]['installed'] == true &&
// $gCms->modules[$key]['active'] == true)
// {
// $gCms->modules[$key]['object']->GlobalContentPreCompile($tpl_output);
// }
// }
Events::SendEvent('Core', 'GlobalContentPreCompile', array('global_content' => &$tpl_output));
break;
default:
break;
}
}
foreach ($gCms->modules as $key => $value) {
if ($gCms->modules[$key]['installed'] == true && $gCms->modules[$key]['active'] == true) {
$gCms->modules[$key]['object']->SmartyPreCompile($tpl_output);
}
}
Events::SendEvent('Core', 'SmartyPreCompile', array('content' => &$tpl_output));
return $tpl_output;
}
$validinfo = false;
}
}
if ($validinfo) {
$onetemplate = $templateops->LoadTemplateByID($template_id);
$onetemplate->name = $template;
$onetemplate->content = $content;
$onetemplate->stylesheet = $stylesheet;
$onetemplate->encoding = $encoding;
$onetemplate->active = $active;
Events::SendEvent('Core', 'EditTemplatePre', array('template' => &$onetemplate));
$result = $onetemplate->Save();
if ($result) {
#Make sure the new name is used if this is an apply
$orig_template = $template;
Events::SendEvent('Core', 'EditTemplatePost', array('template' => &$onetemplate));
// put mention into the admin log
audit($template_id, 'HTML-template: ' . $onetemplate->name, 'Edited');
if (!$apply) {
switch ($from) {
case 'content':
redirect("listcontent.php" . $urlext);
break;
case 'cssassoc':
redirect('templatecss.php' . $urlext . '&id=' . $cssid . '&type=template');
break;
case 'module_TemplateManager':
redirect('moduleinterface.php' . $urlext . '&module=TemplateManager');
break;
default:
redirect("listtemplates.php" . $urlext);
/**
* fetch method
* NOTE: Overwrites parent
*
* @param mixed $template
* @param int $cache_id
* @param mixed $parent
* @param boolean $display
* @param boolean $merge_tpl_vars
* @param boolean $no_output_filter
* @return mixed
*/
public function fetch($template = null, $cache_id = null, $compile_id = null, $parent = null, $display = false, $merge_tpl_vars = true, $no_output_filter = false)
{
$name = $template;
if (startswith($name, 'string:')) {
$name = 'string:';
}
debug_buffer('', 'Fetch ' . $name . ' start');
if (is_null($cache_id) || $cache_id === '') {
$cache_id = $this->_global_cache_id;
} else {
if ($cache_id[0] == '|') {
$cache_id = $this->_global_cache_id . $cache_id;
}
}
// send an event before fetching...this allows us to change template stuff.
if (cmsms()->is_frontend_request()) {
$parms = array('template' => &$template, 'cache_id' => &$cache_id, 'compile_id' => &$compile_id, 'display' => &$display, 'no_output_filter' => &$no_output_filter);
Events::SendEvent('Core', 'TemplatePreFetch', $parms);
}
$merge_tpl_vars = false;
// hack
$tmp = parent::fetch($template, $cache_id, $compile_id, $parent, $display, $merge_tpl_vars, $no_output_filter);
debug_buffer('', 'Fetch ' . $name . ' end');
return $tmp;
}
foreach ($media_type as $onetype) {
$types .= "{$onetype}, ";
}
if ($types != '') {
$types = substr($types, 0, -2);
#strip last space and comma
} else {
$types = '';
}
$newstylesheet->media_type = $types;
Events::SendEvent('Core', 'AddStylesheetPre', array('stylesheet' => &$newstylesheet));
$result = $newstylesheet->Save();
# we now have to check that everything went well
if ($result) {
#Sent the post event
Events::SendEvent('Core', 'AddStylesheetPost', array('stylesheet' => &$newstylesheet));
# it's ok, we record the operation in the admin log
audit($newstylesheet->id, 'Stylesheet: ' . $css_name, 'Added');
# and goes back to the css list
redirect("listcss.php" . $urlext);
return;
} else {
$error .= "<li>" . lang('errorinsertingcss') . "</li>";
}
}
}
}
include_once "header.php";
#******************************************************************************
# the user does not have access : error message
#******************************************************************************
// Begin output
//
// postprocess
if ($stripbackground) {
#$css = preg_replace('/(\w*?background-color.*?\:\w*?).*?(;.*?)/', '', $css);
$css = preg_replace('/(\\w*?background-color.*?\\:\\w*?).*?(;.*?)/', '\\1transparent\\2', $css);
$css = preg_replace('/(\\w*?background-image.*?\\:\\w*?).*?(;.*?)/', '', $css);
}
if (!isset($CMS_INSTALL_PAGE) && !isset($CMS_ADMIN_PAGE)) {
if (!class_exists('Events')) {
$fn = cms_join_path($config['root_path'], 'lib', 'classes', 'class.events.inc.php');
include $fn;
}
$parms = array();
$parms['content'] =& $css;
Events::SendEvent('Core', 'ContentStylesheet', $parms);
}
if (isset($config['output_compression']) && $config['output_compression'] && $config['debug'] != true) {
@ob_start('ob_gzhandler');
}
$max_age = (int) get_site_preference('css_max_age', 0);
header("Content-Type: text/css; charset={$encoding}");
$datestr = gmdate('D, d M Y H:i:s', $hashmtime) . ' GMT';
header("Last-Modified: " . $datestr);
if ($max_age > 0) {
$datestr = gmdate('D, d M Y H:i:s', $hashmtime + $max_age) . ' GMT';
header("Expires: " . $datestr);
header("Cache-Control: must-revalidate");
// no caching?
//header("Cache-Control: max-age=$max_age, s-max-age=$max_age, must-revalidate");
}
//eval('function testfunction'.rand().'() {'.$code.'}');
$buffer = ob_get_clean();
//add error
$error[] = preg_replace('/<br \\/>/', '', $buffer);
$validinfo = false;
} else {
ob_end_clean();
}
}
if ($validinfo) {
$new_usertag_id = $db->GenID(cms_db_prefix() . "userplugins_seq");
Events::SendEvent('Core', 'AddUserDefinedTagPre', array('id' => $new_usertag_id, 'name' => &$plugin_name, 'code' => &$code));
$query = "INSERT INTO " . cms_db_prefix() . "userplugins (userplugin_id, userplugin_name, code, create_date, modified_date) VALUES ({$new_usertag_id}, " . $db->qstr($plugin_name) . ", " . $db->qstr($code) . ", " . $db->DBTimeStamp(time()) . ", " . $db->DBTimeStamp(time()) . ")";
$result = $db->Execute($query);
if ($result) {
Events::SendEvent('Core', 'AddUserDefinedTagPost', array('id' => $new_usertag_id, 'name' => &$plugin_name, 'code' => &$code));
audit($new_usertag_id, $plugin_name, 'Added User Defined Tag');
redirect("listusertags.php" . $urlext . "&message=usertagadded");
return;
} else {
$error .= lang('errorinsertingtag');
}
}
}
}
include_once "header.php";
if (!$access) {
echo '<div class=\\"pageerrorcontainer\\"><p class="pageerror">' . lang('noaccessto', array(lang('addusertag'))) . '</p></div>';
} else {
if (FALSE == empty($error)) {
echo $themeObject->ShowErrors($error);
/**
* Delete the current content object from the database.
*
* @todo this function should return something, or throw an exception
*/
function Delete()
{
$gCms = cmsms();
global $debug_errors;
$config = $gCms->GetConfig();
Events::SendEvent('Core', 'ContentDeletePre', array('content' => &$this));
$db = $gCms->GetDb();
$result = false;
if (-1 > $this->mId) {
if (true == $config["debug"]) {
# :TODO: Translate the error message
$debug_errors .= "<p>Could not delete content : invalid Id</p>\n";
}
} else {
$query = "DELETE FROM " . cms_db_prefix() . "content WHERE content_id = ?";
$dbresult = $db->Execute($query, array($this->mId));
if (!$dbresult) {
if (true == $config["debug"]) {
# :TODO: Translate the error message
$debug_errors .= "<p>Error deleting content</p>\n";
}
}
// Fix the item_order if necessary
$query = "UPDATE " . cms_db_prefix() . "content SET item_order = item_order - 1 WHERE parent_id = ? AND item_order > ?";
$result = $db->Execute($query, array($this->ParentId(), $this->ItemOrder()));
$cachefilename = TMP_CACHE_LOCATION . '/contentcache.php';
@unlink($cachefilename);
// DELETE properties
$query = 'DELETE FROM ' . cms_db_prefix() . 'content_props WHERE content_id = ?';
$result = $db->Execute($query, array($this->mId));
$this->_props = null;
// Delete additional editors.
$query = 'DELETE FROM ' . cms_db_prefix() . 'additional_users WHERE content_id = ?';
$result = $db->Execute($query, array($this->mId));
$this->mAdditionalEditors = null;
// Delete route
if ($this->mURL != '') {
cms_route_manager::del_static($this->mURL);
}
}
Events::SendEvent('Core', 'ContentDeletePost', array('content' => &$this));
}
} catch (CmsEditContentException $e) {
$error .= "<li>" . $e->getMessage() . "</li>";
$validinfo = false;
}
}
if ($validinfo) {
$newtemplate = new Template();
$newtemplate->name = $template;
$newtemplate->content = $content;
//$newtemplate->stylesheet = $stylesheet;
$newtemplate->active = $active;
$newtemplate->default = 0;
Events::SendEvent('Core', 'AddTemplatePre', array('template' => &$newtemplate));
$result = $newtemplate->save();
if ($result) {
Events::SendEvent('Core', 'AddTemplatePost', array('template' => &$newtemplate));
// put mention into the admin log
audit($newtemplate->id, 'HTML-template: ' . $template, 'Added');
redirect($from);
return;
} else {
$error .= "<li>" . lang('errorinsertingtemplate') . "{$query}</li>";
}
}
}
}
include_once "header.php";
if (!$access) {
//echo "<div class=\"pageerrorcontainer\"><p class=\"pageerror\">".lang('noaccessto', array(lang('addtemplate')))."</p></div>";
$themeObject->ShowErrors(lang('noaccessto', lang('noaccessto', array(lang('addtemplate')))));
return;
/**
* Trigger an event.
* This function will call all registered event handlers for the event
*
* @final
* @param string The name of the event
* @param array The parameters associated with this event.
* @return void
*/
public final function SendEvent($eventname, $params)
{
Events::SendEvent($this->GetName(), $eventname, $params);
}
#Perform the adduser_pre callback
foreach ($gCms->modules as $key => $value) {
if ($gCms->modules[$key]['installed'] == true && $gCms->modules[$key]['active'] == true) {
$gCms->modules[$key]['object']->AddUserPre($newuser);
}
}
Events::SendEvent('Core', 'AddUserPre', array('user' => &$newuser));
$result = $newuser->save();
if ($result) {
#Perform the adduser_post callback
foreach ($gCms->modules as $key => $value) {
if ($gCms->modules[$key]['installed'] == true && $gCms->modules[$key]['active'] == true) {
$gCms->modules[$key]['object']->AddUserPost($newuser);
}
}
Events::SendEvent('Core', 'AddUserPost', array('user' => &$newuser));
# set some default preferences, based on the user creating this user
$adminid = get_userid();
$userid = $newuser->id;
set_preference($userid, 'wysiwyg', get_preference($adminid, 'wysiwyg'));
set_preference($userid, 'default_cms_language', get_preference($adminid, 'default_cms_language'));
set_preference($userid, 'admintheme', get_site_preference('logintheme', 'default'));
set_preference($userid, 'bookmarks', get_preference($adminid, 'bookmarks'));
set_preference($userid, 'recent', get_preference($adminid, 'recent'));
if ($assign_group_perm && isset($_POST['groups'])) {
$iquery = "insert into " . cms_db_prefix() . "user_groups (user_id,group_id) VALUES (?,?)";
foreach ($group_list as $thisGroup) {
if (isset($_POST['g' . $thisGroup->id]) && $_POST['g' . $thisGroup->id] == 1) {
$result = $db->Execute($iquery, array($userid, $thisGroup->id));
}
}
/**
* A utility function to load the specified global content blocks and call the GlobalContentPrecompile method.
*
* @ignore
* @access private
* @param array Array containing the name of 1 global content block
* @return void
*/
function global_content_regex_callback($matches)
{
$gCms = cmsms();
if (isset($matches[1])) {
$gcbops =& $gCms->GetGlobalContentOperations();
$oneblob = $gcbops->LoadHtmlBlobByName($matches[1]);
if ($oneblob) {
$text = $oneblob->content;
Events::SendEvent('Core', 'GlobalContentPreCompile', array('content' => &$text));
return $text;
} else {
return "<!-- Html blob '" . $matches[1] . "' does not exist -->";
}
} else {
return "<!-- Html blob has no name parameter -->";
}
}
$result = $db->Execute($query, array($userplugin_id));
if ($result && $result->RecordCount()) {
$row = $result->FetchRow();
$userplugin_name = $row['userplugin_name'];
}
Events::SendEvent('Core', 'DeleteUserDefinedTagPre', array('id' => $userplugin_id, 'name' => &$userplugin_name));
$query = 'SELECT event_id,handler_id,handler_order FROM ' . cms_db_prefix() . 'event_handlers
WHERE tag_name = ?';
$handlers = $db->GetArray($query, array($userplugin_name));
if (is_array($handlers) && count($handlers) > 0) {
$q1 = 'DELETE FROM ' . cms_db_prefix() . 'event_handlers WHERE handler_id = ?';
$q2 = 'UPDATE ' . cms_db_prefix() . 'event_handlers SET handler_order = (handler_order - 1)
WHERE handler_order > ? AND event_id = ?';
foreach ($handlers as $tmp) {
$hid = $tmp['handler_id'];
$eid = $tmp['event_id'];
$db->Execute($q1, array($hid));
$db->Execute($q2, array($tmp['handler_order'], $eid));
}
}
$query = "DELETE FROM " . cms_db_prefix() . "userplugins where userplugin_id = ?";
$result = $db->Execute($query, array($userplugin_id));
if ($result) {
Events::SendEvent('Core', 'DeleteUserDefinedTagPost', array('id' => $userplugin_id, 'name' => &$userplugin_name));
// put mention into the admin log
audit($userplugin_id, 'User Defined Tag: ' . $userplugin_name, 'Deleted');
}
}
}
redirect('listusertags.php' . $urlext . '&message=usertagdeleted');
# vim:ts=4 sw=4 noet
$userid = get_userid();
$access = check_permission($userid, 'Remove Groups');
# you can't delete admin group (also admin group it's the first group)
if (!$access) {
// no access
redirect("listgroups.php" . $urlext);
}
$result = false;
$gCms = cmsms();
$groupops = $gCms->GetGroupOperations();
$userops = $gCms->GetUserOperations();
$groupobj = $groupops->LoadGroupByID($group_id);
$group_name = $groupobj->name;
# check to make sure we're not a member of this group
if ($userops->UserInGroup($userid, $group_id)) {
# can't delete a group we're a member of.
redirect("listgroups.php" . $urlext);
}
// now do the work.
Events::SendEvent('Core', 'DeleteGroupPre', array('group' => &$groupobj));
if ($groupobj) {
$result = $groupobj->Delete();
}
Events::SendEvent('Core', 'DeleteGroupPost', array('group' => &$groupobj));
if ($result == true) {
// put mention into the admin log
audit($group_id, 'Admin User Group: ' . $group_name, 'Deleted');
}
}
redirect("listgroups.php" . $urlext);
# vim:ts=4 sw=4 noet
$CMS_ADMIN_PAGE = 1;
require_once "../include.php";
require_once "../lib/classes/class.template.inc.php";
$urlext = '?' . CMS_SECURE_PARAM_NAME . '=' . $_SESSION[CMS_USER_KEY];
check_login();
$group_id = -1;
if (isset($_GET["htmlblob_id"])) {
$htmlblob_id = $_GET["htmlblob_id"];
$htmlblob_name = "";
$userid = get_userid();
$access = check_permission($userid, 'Remove Global Content Blocks');
if ($access) {
$result = false;
$gCms = cmsms();
$gcbops = $gCms->GetGlobalContentOperations();
$templateops = $gCms->GetTemplateOperations();
$blobobj = $gcbops->LoadHtmlBlobByID($htmlblob_id);
$htmlblob_name = $blobobj->name;
if ($blobobj) {
Events::SendEvent('Core', 'DeleteGlobalContentPre', array('global_content' => &$blobobj));
$result = $blobobj->Delete();
}
if ($result == true) {
Events::SendEvent('Core', 'DeleteGlobalContentPost', array('global_content' => &$blobobj));
// put mention into the admin log
audit($htmlblob_id, 'Global Content Block: ' . $htmlblob_name, 'Deleted');
}
}
}
redirect("listhtmlblobs.php" . $urlext);
# vim:ts=4 sw=4 noet
if ($access) {
if (isset($_POST["editgroup"])) {
$validinfo = true;
if ($group == "") {
$validinfo = false;
$error .= "<li>" . lang('nofieldgiven', array(lang('groupname'))) . "</li>";
}
if ($validinfo) {
$groupobj = new Group();
$groupobj->id = $group_id;
$groupobj->name = $group;
$groupobj->active = $active;
Events::SendEvent('Core', 'EditGroupPre', array('group' => &$groupobj));
$result = $groupobj->save();
if ($result) {
Events::SendEvent('Core', 'EditGroupPost', array('group' => &$groupobj));
// put mention into the admin log
audit($groupobj->id, 'Admin User Group: ' . $groupobj->name, 'Edited');
redirect("listgroups.php" . $urlext);
return;
} else {
$error .= "<li>" . lang('errorupdatinggroup') . "</li>";
}
}
} else {
if ($group_id != -1) {
$query = "SELECT * from " . cms_db_prefix() . "groups WHERE group_id = ?";
$result = $db->Execute($query, array($group_id));
$row = $result->FetchRow();
$group = $row["group_name"];
$active = $row["active"];
$user_name = $oneuser->username;
$ownercount = $userops->CountPageOwnershipByID($user_id);
if ($ownercount > 0) {
$dodelete = false;
}
if ($dodelete) {
#Perform the deleteuser_pre callback
foreach ($gCms->modules as $key => $value) {
if ($gCms->modules[$key]['installed'] == true && $gCms->modules[$key]['active'] == true) {
$gCms->modules[$key]['object']->DeleteUserPre($oneuser);
}
}
Events::SendEvent('Core', 'DeleteUserPre', array('user' => &$oneuser));
$oneuser->Delete();
#Perform the deleteuser_post callback
foreach ($gCms->modules as $key => $value) {
if ($gCms->modules[$key]['installed'] == true && $gCms->modules[$key]['active'] == true) {
$gCms->modules[$key]['object']->DeleteUserPost($oneuser);
}
}
Events::SendEvent('Core', 'DeleteUserPost', array('user' => &$oneuser));
audit($user_id, $user_name, 'Deleted User');
}
}
}
if ($dodelete == true) {
redirect("listusers.php" . $urlext);
} else {
redirect("listusers.php" . $urlext . "&message=" . lang('erroruserinuse'));
}
# vim:ts=4 sw=4 noet
$tmp3[] = $k . '=' . $v;
}
$homepage = $tmp[0] . '?' . implode('&', $tmp3);
// and redirect.
$homepage = html_entity_decode($homepage);
redirect($homepage);
}
}
return;
#redirect("index.php");
} else {
if (isset($_POST['loginsubmit'])) {
//No error if changing languages
$error .= lang('usernameincorrect');
debug_buffer("Login failed. Error is: " . $error);
Events::SendEvent('Core', 'LoginFailed', array('user' => $_POST['username']));
// put mention into the admin log
$ip_login_failed = cms_utils::get_real_ip();
if ($ip_login_failed) {
// <- Silently ignore audit if return values is not ture, had admin XSS vulne.
audit('', '(IP: ' . $ip_login_failed . ') ' . "Admin Username: "******"loginsubmit"]);
}
}
}
// Language shizzle
cms_admin_sendheaders();
$homepage .= '?' . CMS_SECURE_PARAM_NAME . '=' . $_SESSION[CMS_USER_KEY];
}
$homepage = html_entity_decode($homepage);
redirect($homepage);
}
}
return;
#redirect("index.php");
} else {
if (isset($_POST['loginsubmit'])) {
//No error if changing languages
$error .= lang('usernameincorrect');
debug_buffer("Login failed. Error is: " . $error);
audit($username, $username, 'User Login Failed');
#Now call the event
Events::SendEvent('Core', 'LoginPost', $username);
} else {
debug_buffer($_POST["loginsubmit"]);
}
}
}
// Language shizzle
//header("Content-Encoding: " . get_encoding());
header("Content-Language: " . $current_language);
header("Content-Type: text/html; charset=" . get_encoding());
//CHANGED
$theme = get_site_preference('logintheme', 'default');
//echo "theme:$theme";
debug_buffer('debug is:' . $error);
if (file_exists(dirname(__FILE__) . "/themes/{$theme}/login.php")) {
include dirname(__FILE__) . "/themes/{$theme}/login.php";
$onestylesheet->media_query = $media_query;
Events::SendEvent('Core', 'EditStylesheetPre', array('stylesheet' => &$onestylesheet));
$result = $onestylesheet->Save();
// Update the css hash
// deprecated: this was used by the stylesheet.php function which we no longer distribute
// as of CMSMS 1.10.
$config = $gCms->GetConfig();
$hashfile = cms_join_path($config['root_path'], 'tmp', 'cache', 'csshash.dat');
$md5sum = md5($css_text);
$csshash = csscache_csvfile_to_hash($hashfile);
$csshash[$css_id] = $md5sum;
csscache_hash_to_csvfile($hashfile, $csshash);
if ($result) {
#Start using new name, just in case this is an apply
$orig_css_name = $css_name;
Events::SendEvent('Core', 'EditStylesheetPost', array('stylesheet' => &$onestylesheet));
// put mention into the admin log
audit($css_id, 'Stylesheet: ' . $css_name, 'Changed');
# we now have to check which templates are associated with this CSS and update their modified date.
$cssquery = "SELECT assoc_to_id FROM " . cms_db_prefix() . "css_assoc\n\t\t\t\t\tWHERE\tassoc_type\t\t= 'template'\n\t\t\t\t\tAND\t\tassoc_css_id\t= ?";
$cssresult = $db->Execute($cssquery, array($css_id));
# now updating templates
while ($cssresult && ($line = $cssresult->FetchRow())) {
$query = "UPDATE " . cms_db_prefix() . "templates SET modified_date = " . $db->DBTimeStamp(time()) . " \n\t\t\t\t\t\tWHERE template_id = '" . $line["assoc_to_id"] . "'";
$result = $db->Execute($query);
if (FALSE == $result) {
$error .= "<li>" . lang('errorupdatingtemplate') . "</li>";
}
}
if (!isset($_POST["apply"])) {
if ($from == 'templatecssassoc') {
}
// specified page not found, load the 404 error page.
$contentobj = $contentops->LoadContentFromAlias('error404', true);
if (is_object($contentobj)) {
// we have a 404 error page.
header("HTTP/1.0 404 Not Found");
header("Status: 404 Not Found");
} else {
// no 404 error page.
ErrorHandler404();
return;
}
}
}
// while trycount
Events::SendEvent('Core', 'ContentPostRender', array('content' => &$html));
$ct = cmsms()->get_variable('content-type');
if (!$ct) {
$ct = 'text/html';
}
header("Content-Type: {$ct}; charset=" . get_encoding());
echo $html;
@ob_flush();
$endtime = microtime();
$db =& cmsms()->GetDb();
if ($config['debug'] == TRUE || isset($config['show_performance_info']) && $showtemplate == true) {
$memory = function_exists('memory_get_usage') ? memory_get_usage() : 0;
$memory = $memory - $orig_memory;
$memory_peak = function_exists('memory_get_peak_usage') ? memory_get_peak_usage() : 0;
if (!is_sitedown() && $config["debug"] == true) {
echo "<p>Generated in " . microtime_diff($starttime, $endtime) . " seconds by CMS Made Simple using " . (isset($db->query_count) ? $db->query_count : '') . " SQL queries and {$memory} bytes of memory (peak memory usage was {$memory_peak})</p>";
continue;
}
// Send the ChangeGroupAssignPre event
Events::SendEvent('Core', 'ChangeGroupAssignPre', array('group' => $thisGroup, 'users' => $userops->LoadUsersInGroup($thisGroup->id)));
$query = "DELETE FROM " . cms_db_prefix() . "user_groups WHERE group_id = ? AND user_id != ?";
$result = $db->Execute($query, array($thisGroup->id, $userid));
$iquery = "INSERT INTO " . cms_db_prefix() . "user_groups (group_id, user_id, create_date, modified_date) VALUES (?,?,?,?)";
foreach ($_POST as $key => $value) {
if (strpos($key, "ug") == 0 && strpos($key, "ug") !== false) {
$keyparts = explode('_', $key);
if ($keyparts[2] == $thisGroup->id && $value == '1') {
$result = $db->Execute($iquery, array($thisGroup->id, $keyparts[1], $db->DBTimeStamp(time()), $db->DBTimeStamp(time())));
}
}
}
Events::SendEvent('Core', 'ChangeGroupAssignPost', array('group' => $thisGroup, 'users' => $userops->LoadUsersInGroup($thisGroup->id)));
audit($group_id, 'Group ID', lang('assignmentchanged'));
}
audit($userid, 'Group ID', lang('assignmentchanged'));
$message = lang('assignmentchanged');
}
$query = "SELECT u.user_id, u.username, ug.group_id FROM " . cms_db_prefix() . "users u LEFT JOIN " . cms_db_prefix() . "user_groups ug ON u.user_id = ug.user_id ORDER BY u.username";
$result = $db->Execute($query);
$user_struct = array();
while ($result && ($row = $result->FetchRow())) {
if (isset($user_struct[$row['user_id']])) {
$str =& $user_struct[$row['user_id']];
$str->group[$row['group_id']] = 1;
} else {
$thisUser = new stdClass();
$thisUser->group = array();
if (isset($_POST["additional_editors"])) {
$the_blob->ClearAuthors();
foreach ($_POST["additional_editors"] as $addt_user_id) {
$the_blob->AddAuthor($addt_user_id);
}
}
Events::SendEvent('Core', 'EditGlobalContentPre', array('global_content' => &$the_blob));
$result = $the_blob->save();
if ($result) {
// put mention into the admin log
audit($the_blob->id, 'Global Content Block: ' . $the_blob->name, 'Edited');
#Clear cache
$smarty = cmsms()->GetSmarty();
$smarty->clear_all_cache();
$smarty->clear_compiled_tpl();
Events::SendEvent('Core', 'EditGlobalContentPost', array('global_content' => &$the_blob));
if (!isset($_POST['apply'])) {
redirect('listhtmlblobs.php' . $urlext);
return;
}
} else {
$error .= "<li>" . lang('errorinsertingblob') . "</li>";
}
}
if ($ajax) {
header('Content-Type: text/xml');
print '<?xml version="1.0" encoding="UTF-8"?>';
print '<EditBlob>';
if ($error) {
print '<Response>Error</Response>';
print '<Details><![CDATA[' . $error . ']]></Details>';
}
redirect($thisurl);
}
if ($action == "uninstall") {
if (isset($gCms->modules[$module])) {
$modinstance = $gCms->modules[$module]['object'];
$result = $modinstance->Uninstall();
#now insert a record
if (!isset($result) || $result === FALSE) {
#now delete the record
$query = "DELETE FROM " . cms_db_prefix() . "modules WHERE module_name = ?";
$db->Execute($query, array($module));
#delete any dependencies
$query = "DELETE FROM " . cms_db_prefix() . "module_deps WHERE child_module = ?";
$db->Execute($query, array($module));
Events::SendEvent('Core', 'ModuleUninstalled', array('name' => $module));
#and show the uninstallpost if necessary...
if ($modinstance->UninstallPostMessage() != FALSE) {
//Redirect right away so that the uninstalled module is removed from the menu
redirect($thisurl . '&action=showpostuninstall&module=' . $module);
}
} else {
//TODO: Echo error
}
}
redirect($thisurl);
}
if ($action == 'showpostuninstall') {
// this is probably dead code now
if (isset($gCms->modules[$module])) {
$modinstance = $gCms->modules[$module]['object'];
function Delete()
{
$gCms = cmsms();
global $sql_queries, $debug_errors;
$config = $gCms->GetConfig();
Events::SendEvent('Core', 'ContentDeletePre', array('content' => &$this));
$db = $gCms->GetDb();
$result = false;
if (-1 > $this->mId) {
if (true == $config["debug"]) {
# :TODO: Translate the error message
$debug_errors .= "<p>Could not delete content : invalid Id</p>\n";
}
} else {
$query = "DELETE FROM " . cms_db_prefix() . "content WHERE content_id = ?";
$dbresult = $db->Execute($query, array($this->mId));
if (!$dbresult) {
if (true == $config["debug"]) {
# :TODO: Translate the error message
$debug_errors .= "<p>Error deleting content</p>\n";
}
}
// Fix the item_order if necessary
$query = "UPDATE " . cms_db_prefix() . "content SET item_order = item_order - 1 WHERE parent_id = ? AND item_order > ?";
$result = $db->Execute($query, array($this->ParentId(), $this->ItemOrder()));
// Remove the cross references
remove_cross_references($this->mId, 'content');
$cachefilename = TMP_CACHE_LOCATION . '/contentcache.php';
@unlink($cachefilename);
if (NULL != $this->mProperties) {
# :TODO: There might be some error checking there
$this->mProperties->Delete($this->mId);
} else {
if (true == $config["debug"]) {
# :TODO: Translate the error message
$debug_errors .= "<p>Error deleting : the content has no properties</p>\n";
}
}
}
Events::SendEvent('Core', 'ContentDeletePost', array('content' => &$this));
}
//catch the error
//eval('function testfunction'.rand().'() {'.$code.'}');
$buffer = ob_get_clean();
//add error
$error[] = preg_replace('/<br \\/>/', '', $buffer);
$validinfo = false;
} else {
ob_get_clean();
}
}
if ($validinfo) {
Events::SendEvent('Core', 'EditUserDefinedTagPre', array('id' => $userplugin_id, 'name' => &$plugin_name, 'code' => &$code));
$query = "UPDATE " . cms_db_prefix() . "userplugins SET userplugin_name = " . $db->qstr($plugin_name) . ", code = " . $db->qstr($code) . ", modified_date = " . $db->DBTimeStamp(time()) . " WHERE userplugin_id = " . $db->qstr($userplugin_id);
$result = $db->Execute($query);
if ($result) {
Events::SendEvent('Core', 'EditUserDefinedTagPost', array('id' => $userplugin_id, 'name' => &$plugin_name, 'code' => &$code));
audit($userplugin_id, $plugin_name, 'Edited User Defined Tag');
if (!isset($_POST['apply'])) {
redirect("listusertags.php" . $urlext . "&message=usertagupdated");
return;
}
} else {
$error[] = lang('errorupdatingusertag');
}
}
if ($ajax) {
header('Content-Type: text/xml');
print '<?xml version="1.0" encoding="UTF-8"?>';
print '<EditUserPlugin>';
if (sizeof($error)) {
print '<Response>Error</Response>';
}
// If success do action
if ($validinfo) {
$userobj->username = $username;
$userobj->firstname = $firstname;
$userobj->lastname = $lastname;
$userobj->email = $email;
if ($password != '') {
$userobj->SetPassword($password);
}
Events::SendEvent('Core', 'EditUserPre', array('user' => &$userobj));
$result = $userobj->Save();
if ($result) {
// put mention into the admin log
audit($userid, 'Admin Username: '******'Edited');
Events::SendEvent('Core', 'EditUserPost', array('user' => &$userobj));
$message = lang('accountupdated');
} else {
// throw exception? update just failed.
}
}
}
// end of account submit
/**
* Submit prefs
*/
if (isset($_POST['submit_prefs'])) {
# Get values from request and drive em to variables
$gcb_wysiwyg = isset($_POST['gcb_wysiwyg']) ? 1 : 0;
$wysiwyg = $_POST['wysiwyg'];
$syntaxhighlighter = $_POST['syntaxhighlighter'];
$userops = $gCms->GetUserOperations();
$thisuser =& $userops->LoadUserByID($_GET["toggleactive"]);
if ($thisuser) {
//modify users, is this enough?
$userid = get_userid();
$permission = check_permission($userid, 'Modify Users');
$result = false;
if ($permission) {
$thisuser->active == 1 ? $thisuser->active = 0 : ($thisuser->active = 1);
Events::SendEvent('Core', 'EditUserPre', array('user' => $thisuser));
$result = $thisuser->save();
}
if ($result) {
// put mention into the admin log
audit($userid, 'Admin Username: '******'Edited');
Events::SendEvent('Core', 'EditUserPost', array('user' => $thisuser));
} else {
$error .= "<li>" . lang('errorupdatinguser') . "</li>";
}
}
}
}
if (FALSE == empty($error)) {
echo $themeObject->ShowErrors('<ul class="error">' . $error . '</ul>');
}
?>
<div class="pagecontainer">
<div class="pageoverflow">
<?php
/**
* Loads modules from the filesystem. If loadall is true, then it will load all
* modules whether they're installed, or active. If it is false, then it will
* only load modules which are installed and active.
*
* @param boolean $loadall Should be load all modules?
* @param boolean $noadmin Should we skip all modules marked as admin only?
* @return void
*/
function LoadModules($loadall = false, $noadmin = false)
{
global $gCms;
$db =& $gCms->GetDb();
$cmsmodules =& $gCms->modules;
$dir = dirname(dirname(dirname(__FILE__))) . DIRECTORY_SEPARATOR . "modules";
if ($loadall == true) {
if ($handle = @opendir($dir)) {
while (($file = readdir($handle)) !== false) {
if (@is_file("{$dir}/{$file}/{$file}.module.php")) {
include_once "{$dir}/{$file}/{$file}.module.php";
} else {
unset($cmsmodules[$file]);
}
}
closedir($handle);
}
//Find modules and instantiate them
$allmodules = $this->FindModules();
foreach ($allmodules as $onemodule) {
if (class_exists($onemodule)) {
$newmodule = new $onemodule();
$name = $newmodule->GetName();
$cmsmodules[$name]['object'] = $newmodule;
$cmsmodules[$name]['installed'] = false;
$cmsmodules[$name]['active'] = false;
} else {
unset($cmsmodules[$name]);
}
}
}
#Figger out what modules are active and/or installed
#Load them if loadall is false
if (isset($db)) {
$query = '';
$where = array();
if ($noadmin) {
$where[] = 'admin_only = 0';
}
if ($loadall != true) {
$where[] = 'active = 1';
}
$query = 'SELECT * FROM ' . cms_db_prefix() . 'modules ';
if (count($where)) {
$query .= 'WHERE ' . implode(' AND ', $where);
}
$query .= ' ORDER by module_name';
$result =& $db->Execute($query);
while ($result && !$result->EOF) {
if (isset($result->fields['module_name'])) {
$modulename = $result->fields['module_name'];
if (isset($modulename)) {
if ($loadall == true) {
if (isset($cmsmodules[$modulename])) {
$cmsmodules[$modulename]['installed'] = true;
$cmsmodules[$modulename]['active'] = $result->fields['active'] == 1 ? true : false;
}
} else {
if ($result->fields['active'] == 1) {
if (@is_file("{$dir}/{$modulename}/{$modulename}.module.php")) {
#var_dump('loading module:' . $modulename);
include_once "{$dir}/{$modulename}/{$modulename}.module.php";
if (class_exists($modulename)) {
$newmodule = new $modulename();
$name = $newmodule->GetName();
global $CMS_VERSION;
$dbversion = $result->fields['version'];
#Check to see if there is an update and wether or not we should perform it
if (version_compare($dbversion, $newmodule->GetVersion()) == -1 && $newmodule->AllowAutoUpgrade() == TRUE) {
$newmodule->Upgrade($dbversion, $newmodule->GetVersion());
$query = "UPDATE " . cms_db_prefix() . "modules SET version = ? WHERE module_name = ?";
$db->Execute($query, array($newmodule->GetVersion(), $name));
Events::SendEvent('Core', 'ModuleUpgraded', array('name' => $name, 'oldversion' => $dbversion, 'newversion' => $newmodule->GetVersion()));
$dbversion = $newmodule->GetVersion();
}
#Check to see if version in db matches file version
if ($dbversion == $newmodule->GetVersion() && version_compare($newmodule->MinimumCMSVersion(), $CMS_VERSION) != 1) {
$cmsmodules[$name]['object'] = $newmodule;
$cmsmodules[$name]['installed'] = true;
$cmsmodules[$name]['active'] = $result->fields['active'] == 1 ? true : false;
} else {
unset($cmsmodules[$name]);
}
} else {
unset($cmsmodules[$modulename]);
}
} else {
unset($cmsmodules[$modulename]);
}
}
}
}
$result->MoveNext();
}
}
if ($result) {
$result->Close();
}
}
}
