function smarty_cms_prefilter_precompilefunc($tpl_output, &$smarty)
{
    $result = explode(':', $smarty->_current_file);
    if (count($result) > 1) {
        if (startswith($result[0], 'tmp_')) {
            $result[0] = 'template';
        }
        switch ($result[0]) {
            case 'stylesheet':
                Events::SendEvent('Core', 'StylesheetPreCompile', array('stylesheet' => &$tpl_output));
                break;
            case "content":
                Events::SendEvent('Core', 'ContentPreCompile', array('content' => &$tpl_output));
                break;
            case "template":
                Events::SendEvent('Core', 'TemplatePreCompile', array('template' => &$tpl_output));
                break;
            case "globalcontent":
                Events::SendEvent('Core', 'GlobalContentPreCompile', array('global_content' => &$tpl_output));
                break;
            default:
                break;
        }
    }
    Events::SendEvent('Core', 'SmartyPreCompile', array('content' => &$tpl_output));
    return $tpl_output;
}
function smarty_postfilter_postcompilefunc($tpl_output, &$template)
{
    $smarty = $template->smarty;
    $result = explode(':', $smarty->_current_file);
    if (count($result) > 1) {
        switch ($result[0]) {
            case 'stylesheet':
                Events::SendEvent('Core', 'StylesheetPostCompile', array('stylesheet' => &$tpl_output));
                break;
            case "content":
                Events::SendEvent('Core', 'ContentPostCompile', array('content' => &$tpl_output));
                break;
            case "template":
            case 'tpl_top':
            case 'tpl_body':
            case 'tpl_head':
                Events::SendEvent('Core', 'TemplatePostCompile', array('template' => &$tpl_output, 'type' => $result[0]));
                break;
            case "globalcontent":
                Events::SendEvent('Core', 'GlobalContentPostCompile', array('global_content' => &$tpl_output));
                break;
            default:
                break;
        }
    }
    Events::SendEvent('Core', 'SmartyPostCompile', array('content' => &$tpl_output));
    return $tpl_output;
}
示例#3
0
function smarty_cms_prefilter_precompilefunc($tpl_output, &$smarty)
{
    global $gCms;
    $result = explode(':', $smarty->_current_file);
    if (count($result) > 1) {
        if (startswith($result[0], 'tmp_')) {
            $result[0] = 'template';
        }
        switch ($result[0]) {
            case "content":
                // 				foreach($gCms->modules as $key=>$value)
                // 				{
                // 					if ($gCms->modules[$key]['installed'] == true &&
                // 						$gCms->modules[$key]['active'] == true)
                // 					{
                // 						$gCms->modules[$key]['object']->ContentPreCompile($tpl_output);
                // 					}
                // 				}
                Events::SendEvent('Core', 'ContentPreCompile', array('content' => &$tpl_output));
                break;
            case "template":
                // 				foreach($gCms->modules as $key=>$value)
                // 				{
                // 					if ($gCms->modules[$key]['installed'] == true &&
                // 						$gCms->modules[$key]['active'] == true)
                // 					{
                // 						$gCms->modules[$key]['object']->TemplatePreCompile($tpl_output);
                // 					}
                // 				}
                Events::SendEvent('Core', 'TemplatePreCompile', array('template' => &$tpl_output));
                break;
            case "globalcontent":
                // 				foreach($gCms->modules as $key=>$value)
                // 				{
                // 					if ($gCms->modules[$key]['installed'] == true &&
                // 						$gCms->modules[$key]['active'] == true)
                // 					{
                // 						$gCms->modules[$key]['object']->GlobalContentPreCompile($tpl_output);
                // 					}
                // 				}
                Events::SendEvent('Core', 'GlobalContentPreCompile', array('global_content' => &$tpl_output));
                break;
            default:
                break;
        }
    }
    foreach ($gCms->modules as $key => $value) {
        if ($gCms->modules[$key]['installed'] == true && $gCms->modules[$key]['active'] == true) {
            $gCms->modules[$key]['object']->SmartyPreCompile($tpl_output);
        }
    }
    Events::SendEvent('Core', 'SmartyPreCompile', array('content' => &$tpl_output));
    return $tpl_output;
}
示例#4
0
         $validinfo = false;
     }
 }
 if ($validinfo) {
     $onetemplate = $templateops->LoadTemplateByID($template_id);
     $onetemplate->name = $template;
     $onetemplate->content = $content;
     $onetemplate->stylesheet = $stylesheet;
     $onetemplate->encoding = $encoding;
     $onetemplate->active = $active;
     Events::SendEvent('Core', 'EditTemplatePre', array('template' => &$onetemplate));
     $result = $onetemplate->Save();
     if ($result) {
         #Make sure the new name is used if this is an apply
         $orig_template = $template;
         Events::SendEvent('Core', 'EditTemplatePost', array('template' => &$onetemplate));
         // put mention into the admin log
         audit($template_id, 'HTML-template: ' . $onetemplate->name, 'Edited');
         if (!$apply) {
             switch ($from) {
                 case 'content':
                     redirect("listcontent.php" . $urlext);
                     break;
                 case 'cssassoc':
                     redirect('templatecss.php' . $urlext . '&id=' . $cssid . '&type=template');
                     break;
                 case 'module_TemplateManager':
                     redirect('moduleinterface.php' . $urlext . '&module=TemplateManager');
                     break;
                 default:
                     redirect("listtemplates.php" . $urlext);
示例#5
0
 /**
  * fetch method
  * NOTE: Overwrites parent
  *
  * @param mixed $template
  * @param int $cache_id
  * @param mixed $parent
  * @param boolean $display
  * @param boolean $merge_tpl_vars
  * @param boolean $no_output_filter
  * @return mixed
  */
 public function fetch($template = null, $cache_id = null, $compile_id = null, $parent = null, $display = false, $merge_tpl_vars = true, $no_output_filter = false)
 {
     $name = $template;
     if (startswith($name, 'string:')) {
         $name = 'string:';
     }
     debug_buffer('', 'Fetch ' . $name . ' start');
     if (is_null($cache_id) || $cache_id === '') {
         $cache_id = $this->_global_cache_id;
     } else {
         if ($cache_id[0] == '|') {
             $cache_id = $this->_global_cache_id . $cache_id;
         }
     }
     // send an event before fetching...this allows us to change template stuff.
     if (cmsms()->is_frontend_request()) {
         $parms = array('template' => &$template, 'cache_id' => &$cache_id, 'compile_id' => &$compile_id, 'display' => &$display, 'no_output_filter' => &$no_output_filter);
         Events::SendEvent('Core', 'TemplatePreFetch', $parms);
     }
     $merge_tpl_vars = false;
     // hack
     $tmp = parent::fetch($template, $cache_id, $compile_id, $parent, $display, $merge_tpl_vars, $no_output_filter);
     debug_buffer('', 'Fetch ' . $name . ' end');
     return $tmp;
 }
示例#6
0
            foreach ($media_type as $onetype) {
                $types .= "{$onetype}, ";
            }
            if ($types != '') {
                $types = substr($types, 0, -2);
                #strip last space and comma
            } else {
                $types = '';
            }
            $newstylesheet->media_type = $types;
            Events::SendEvent('Core', 'AddStylesheetPre', array('stylesheet' => &$newstylesheet));
            $result = $newstylesheet->Save();
            # we now have to check that everything went well
            if ($result) {
                #Sent the post event
                Events::SendEvent('Core', 'AddStylesheetPost', array('stylesheet' => &$newstylesheet));
                # it's ok, we record the operation in the admin log
                audit($newstylesheet->id, 'Stylesheet: ' . $css_name, 'Added');
                # and goes back to the css list
                redirect("listcss.php" . $urlext);
                return;
            } else {
                $error .= "<li>" . lang('errorinsertingcss') . "</li>";
            }
        }
    }
}
include_once "header.php";
#******************************************************************************
# the user does not have access : error message
#******************************************************************************
示例#7
0
// Begin output
//
// postprocess
if ($stripbackground) {
    #$css = preg_replace('/(\w*?background-color.*?\:\w*?).*?(;.*?)/', '', $css);
    $css = preg_replace('/(\\w*?background-color.*?\\:\\w*?).*?(;.*?)/', '\\1transparent\\2', $css);
    $css = preg_replace('/(\\w*?background-image.*?\\:\\w*?).*?(;.*?)/', '', $css);
}
if (!isset($CMS_INSTALL_PAGE) && !isset($CMS_ADMIN_PAGE)) {
    if (!class_exists('Events')) {
        $fn = cms_join_path($config['root_path'], 'lib', 'classes', 'class.events.inc.php');
        include $fn;
    }
    $parms = array();
    $parms['content'] =& $css;
    Events::SendEvent('Core', 'ContentStylesheet', $parms);
}
if (isset($config['output_compression']) && $config['output_compression'] && $config['debug'] != true) {
    @ob_start('ob_gzhandler');
}
$max_age = (int) get_site_preference('css_max_age', 0);
header("Content-Type: text/css; charset={$encoding}");
$datestr = gmdate('D, d M Y H:i:s', $hashmtime) . ' GMT';
header("Last-Modified: " . $datestr);
if ($max_age > 0) {
    $datestr = gmdate('D, d M Y H:i:s', $hashmtime + $max_age) . ' GMT';
    header("Expires: " . $datestr);
    header("Cache-Control: must-revalidate");
    // no caching?
    //header("Cache-Control: max-age=$max_age, s-max-age=$max_age, must-revalidate");
}
示例#8
0
                //eval('function testfunction'.rand().'() {'.$code.'}');
                $buffer = ob_get_clean();
                //add error
                $error[] = preg_replace('/<br \\/>/', '', $buffer);
                $validinfo = false;
            } else {
                ob_end_clean();
            }
        }
        if ($validinfo) {
            $new_usertag_id = $db->GenID(cms_db_prefix() . "userplugins_seq");
            Events::SendEvent('Core', 'AddUserDefinedTagPre', array('id' => $new_usertag_id, 'name' => &$plugin_name, 'code' => &$code));
            $query = "INSERT INTO " . cms_db_prefix() . "userplugins (userplugin_id, userplugin_name, code, create_date, modified_date) VALUES ({$new_usertag_id}, " . $db->qstr($plugin_name) . ", " . $db->qstr($code) . ", " . $db->DBTimeStamp(time()) . ", " . $db->DBTimeStamp(time()) . ")";
            $result = $db->Execute($query);
            if ($result) {
                Events::SendEvent('Core', 'AddUserDefinedTagPost', array('id' => $new_usertag_id, 'name' => &$plugin_name, 'code' => &$code));
                audit($new_usertag_id, $plugin_name, 'Added User Defined Tag');
                redirect("listusertags.php" . $urlext . "&message=usertagadded");
                return;
            } else {
                $error .= lang('errorinsertingtag');
            }
        }
    }
}
include_once "header.php";
if (!$access) {
    echo '<div class=\\"pageerrorcontainer\\"><p class="pageerror">' . lang('noaccessto', array(lang('addusertag'))) . '</p></div>';
} else {
    if (FALSE == empty($error)) {
        echo $themeObject->ShowErrors($error);
示例#9
0
 /**
  * Delete the current content object from the database.
  *
  * @todo this function should return something, or throw an exception
  */
 function Delete()
 {
     $gCms = cmsms();
     global $debug_errors;
     $config = $gCms->GetConfig();
     Events::SendEvent('Core', 'ContentDeletePre', array('content' => &$this));
     $db = $gCms->GetDb();
     $result = false;
     if (-1 > $this->mId) {
         if (true == $config["debug"]) {
             # :TODO: Translate the error message
             $debug_errors .= "<p>Could not delete content : invalid Id</p>\n";
         }
     } else {
         $query = "DELETE FROM " . cms_db_prefix() . "content WHERE content_id = ?";
         $dbresult = $db->Execute($query, array($this->mId));
         if (!$dbresult) {
             if (true == $config["debug"]) {
                 # :TODO: Translate the error message
                 $debug_errors .= "<p>Error deleting content</p>\n";
             }
         }
         // Fix the item_order if necessary
         $query = "UPDATE " . cms_db_prefix() . "content SET item_order = item_order - 1 WHERE parent_id = ? AND item_order > ?";
         $result = $db->Execute($query, array($this->ParentId(), $this->ItemOrder()));
         $cachefilename = TMP_CACHE_LOCATION . '/contentcache.php';
         @unlink($cachefilename);
         // DELETE properties
         $query = 'DELETE FROM ' . cms_db_prefix() . 'content_props WHERE content_id = ?';
         $result = $db->Execute($query, array($this->mId));
         $this->_props = null;
         // Delete additional editors.
         $query = 'DELETE FROM ' . cms_db_prefix() . 'additional_users WHERE content_id = ?';
         $result = $db->Execute($query, array($this->mId));
         $this->mAdditionalEditors = null;
         // Delete route
         if ($this->mURL != '') {
             cms_route_manager::del_static($this->mURL);
         }
     }
     Events::SendEvent('Core', 'ContentDeletePost', array('content' => &$this));
 }
示例#10
0
            } catch (CmsEditContentException $e) {
                $error .= "<li>" . $e->getMessage() . "</li>";
                $validinfo = false;
            }
        }
        if ($validinfo) {
            $newtemplate = new Template();
            $newtemplate->name = $template;
            $newtemplate->content = $content;
            //$newtemplate->stylesheet = $stylesheet;
            $newtemplate->active = $active;
            $newtemplate->default = 0;
            Events::SendEvent('Core', 'AddTemplatePre', array('template' => &$newtemplate));
            $result = $newtemplate->save();
            if ($result) {
                Events::SendEvent('Core', 'AddTemplatePost', array('template' => &$newtemplate));
                // put mention into the admin log
                audit($newtemplate->id, 'HTML-template: ' . $template, 'Added');
                redirect($from);
                return;
            } else {
                $error .= "<li>" . lang('errorinsertingtemplate') . "{$query}</li>";
            }
        }
    }
}
include_once "header.php";
if (!$access) {
    //echo "<div class=\"pageerrorcontainer\"><p class=\"pageerror\">".lang('noaccessto', array(lang('addtemplate')))."</p></div>";
    $themeObject->ShowErrors(lang('noaccessto', lang('noaccessto', array(lang('addtemplate')))));
    return;
示例#11
0
 /**
  * Trigger an event.
  * This function will call all registered event handlers for the event
  *
  * @final
  * @param string The name of the event
  * @param array  The parameters associated with this event.
  * @return void
  */
 public final function SendEvent($eventname, $params)
 {
     Events::SendEvent($this->GetName(), $eventname, $params);
 }
示例#12
0
文件: adduser.php 项目: rasomu/chuza
 #Perform the adduser_pre callback
 foreach ($gCms->modules as $key => $value) {
     if ($gCms->modules[$key]['installed'] == true && $gCms->modules[$key]['active'] == true) {
         $gCms->modules[$key]['object']->AddUserPre($newuser);
     }
 }
 Events::SendEvent('Core', 'AddUserPre', array('user' => &$newuser));
 $result = $newuser->save();
 if ($result) {
     #Perform the adduser_post callback
     foreach ($gCms->modules as $key => $value) {
         if ($gCms->modules[$key]['installed'] == true && $gCms->modules[$key]['active'] == true) {
             $gCms->modules[$key]['object']->AddUserPost($newuser);
         }
     }
     Events::SendEvent('Core', 'AddUserPost', array('user' => &$newuser));
     # set some default preferences, based on the user creating this user
     $adminid = get_userid();
     $userid = $newuser->id;
     set_preference($userid, 'wysiwyg', get_preference($adminid, 'wysiwyg'));
     set_preference($userid, 'default_cms_language', get_preference($adminid, 'default_cms_language'));
     set_preference($userid, 'admintheme', get_site_preference('logintheme', 'default'));
     set_preference($userid, 'bookmarks', get_preference($adminid, 'bookmarks'));
     set_preference($userid, 'recent', get_preference($adminid, 'recent'));
     if ($assign_group_perm && isset($_POST['groups'])) {
         $iquery = "insert into " . cms_db_prefix() . "user_groups (user_id,group_id) VALUES (?,?)";
         foreach ($group_list as $thisGroup) {
             if (isset($_POST['g' . $thisGroup->id]) && $_POST['g' . $thisGroup->id] == 1) {
                 $result = $db->Execute($iquery, array($userid, $thisGroup->id));
             }
         }
/**
 * A utility function to load the specified global content blocks and call the GlobalContentPrecompile method.
 *
 * @ignore
 * @access private
 * @param array Array containing the name of 1 global content block
 * @return void
 */
function global_content_regex_callback($matches)
{
    $gCms = cmsms();
    if (isset($matches[1])) {
        $gcbops =& $gCms->GetGlobalContentOperations();
        $oneblob = $gcbops->LoadHtmlBlobByName($matches[1]);
        if ($oneblob) {
            $text = $oneblob->content;
            Events::SendEvent('Core', 'GlobalContentPreCompile', array('content' => &$text));
            return $text;
        } else {
            return "<!-- Html blob '" . $matches[1] . "' does not exist  -->";
        }
    } else {
        return "<!-- Html blob has no name parameter -->";
    }
}
示例#14
0
        $result = $db->Execute($query, array($userplugin_id));
        if ($result && $result->RecordCount()) {
            $row = $result->FetchRow();
            $userplugin_name = $row['userplugin_name'];
        }
        Events::SendEvent('Core', 'DeleteUserDefinedTagPre', array('id' => $userplugin_id, 'name' => &$userplugin_name));
        $query = 'SELECT event_id,handler_id,handler_order FROM ' . cms_db_prefix() . 'event_handlers 
                           WHERE tag_name = ?';
        $handlers = $db->GetArray($query, array($userplugin_name));
        if (is_array($handlers) && count($handlers) > 0) {
            $q1 = 'DELETE FROM ' . cms_db_prefix() . 'event_handlers WHERE handler_id = ?';
            $q2 = 'UPDATE ' . cms_db_prefix() . 'event_handlers SET handler_order = (handler_order - 1)
                            WHERE handler_order > ? AND event_id = ?';
            foreach ($handlers as $tmp) {
                $hid = $tmp['handler_id'];
                $eid = $tmp['event_id'];
                $db->Execute($q1, array($hid));
                $db->Execute($q2, array($tmp['handler_order'], $eid));
            }
        }
        $query = "DELETE FROM " . cms_db_prefix() . "userplugins where userplugin_id = ?";
        $result = $db->Execute($query, array($userplugin_id));
        if ($result) {
            Events::SendEvent('Core', 'DeleteUserDefinedTagPost', array('id' => $userplugin_id, 'name' => &$userplugin_name));
            // put mention into the admin log
            audit($userplugin_id, 'User Defined Tag: ' . $userplugin_name, 'Deleted');
        }
    }
}
redirect('listusertags.php' . $urlext . '&message=usertagdeleted');
# vim:ts=4 sw=4 noet
示例#15
0
    $userid = get_userid();
    $access = check_permission($userid, 'Remove Groups');
    # you can't delete admin group (also admin group it's the first group)
    if (!$access) {
        // no access
        redirect("listgroups.php" . $urlext);
    }
    $result = false;
    $gCms = cmsms();
    $groupops = $gCms->GetGroupOperations();
    $userops = $gCms->GetUserOperations();
    $groupobj = $groupops->LoadGroupByID($group_id);
    $group_name = $groupobj->name;
    # check to make sure we're not a member of this group
    if ($userops->UserInGroup($userid, $group_id)) {
        # can't delete a group we're a member of.
        redirect("listgroups.php" . $urlext);
    }
    // now do the work.
    Events::SendEvent('Core', 'DeleteGroupPre', array('group' => &$groupobj));
    if ($groupobj) {
        $result = $groupobj->Delete();
    }
    Events::SendEvent('Core', 'DeleteGroupPost', array('group' => &$groupobj));
    if ($result == true) {
        // put mention into the admin log
        audit($group_id, 'Admin User Group: ' . $group_name, 'Deleted');
    }
}
redirect("listgroups.php" . $urlext);
# vim:ts=4 sw=4 noet
示例#16
0
$CMS_ADMIN_PAGE = 1;
require_once "../include.php";
require_once "../lib/classes/class.template.inc.php";
$urlext = '?' . CMS_SECURE_PARAM_NAME . '=' . $_SESSION[CMS_USER_KEY];
check_login();
$group_id = -1;
if (isset($_GET["htmlblob_id"])) {
    $htmlblob_id = $_GET["htmlblob_id"];
    $htmlblob_name = "";
    $userid = get_userid();
    $access = check_permission($userid, 'Remove Global Content Blocks');
    if ($access) {
        $result = false;
        $gCms = cmsms();
        $gcbops = $gCms->GetGlobalContentOperations();
        $templateops = $gCms->GetTemplateOperations();
        $blobobj = $gcbops->LoadHtmlBlobByID($htmlblob_id);
        $htmlblob_name = $blobobj->name;
        if ($blobobj) {
            Events::SendEvent('Core', 'DeleteGlobalContentPre', array('global_content' => &$blobobj));
            $result = $blobobj->Delete();
        }
        if ($result == true) {
            Events::SendEvent('Core', 'DeleteGlobalContentPost', array('global_content' => &$blobobj));
            // put mention into the admin log
            audit($htmlblob_id, 'Global Content Block: ' . $htmlblob_name, 'Deleted');
        }
    }
}
redirect("listhtmlblobs.php" . $urlext);
# vim:ts=4 sw=4 noet
示例#17
0
if ($access) {
    if (isset($_POST["editgroup"])) {
        $validinfo = true;
        if ($group == "") {
            $validinfo = false;
            $error .= "<li>" . lang('nofieldgiven', array(lang('groupname'))) . "</li>";
        }
        if ($validinfo) {
            $groupobj = new Group();
            $groupobj->id = $group_id;
            $groupobj->name = $group;
            $groupobj->active = $active;
            Events::SendEvent('Core', 'EditGroupPre', array('group' => &$groupobj));
            $result = $groupobj->save();
            if ($result) {
                Events::SendEvent('Core', 'EditGroupPost', array('group' => &$groupobj));
                // put mention into the admin log
                audit($groupobj->id, 'Admin User Group: ' . $groupobj->name, 'Edited');
                redirect("listgroups.php" . $urlext);
                return;
            } else {
                $error .= "<li>" . lang('errorupdatinggroup') . "</li>";
            }
        }
    } else {
        if ($group_id != -1) {
            $query = "SELECT * from " . cms_db_prefix() . "groups WHERE group_id = ?";
            $result = $db->Execute($query, array($group_id));
            $row = $result->FetchRow();
            $group = $row["group_name"];
            $active = $row["active"];
示例#18
0
        $user_name = $oneuser->username;
        $ownercount = $userops->CountPageOwnershipByID($user_id);
        if ($ownercount > 0) {
            $dodelete = false;
        }
        if ($dodelete) {
            #Perform the deleteuser_pre callback
            foreach ($gCms->modules as $key => $value) {
                if ($gCms->modules[$key]['installed'] == true && $gCms->modules[$key]['active'] == true) {
                    $gCms->modules[$key]['object']->DeleteUserPre($oneuser);
                }
            }
            Events::SendEvent('Core', 'DeleteUserPre', array('user' => &$oneuser));
            $oneuser->Delete();
            #Perform the deleteuser_post callback
            foreach ($gCms->modules as $key => $value) {
                if ($gCms->modules[$key]['installed'] == true && $gCms->modules[$key]['active'] == true) {
                    $gCms->modules[$key]['object']->DeleteUserPost($oneuser);
                }
            }
            Events::SendEvent('Core', 'DeleteUserPost', array('user' => &$oneuser));
            audit($user_id, $user_name, 'Deleted User');
        }
    }
}
if ($dodelete == true) {
    redirect("listusers.php" . $urlext);
} else {
    redirect("listusers.php" . $urlext . "&message=" . lang('erroruserinuse'));
}
# vim:ts=4 sw=4 noet
示例#19
0
                    $tmp3[] = $k . '=' . $v;
                }
                $homepage = $tmp[0] . '?' . implode('&amp;', $tmp3);
                // and redirect.
                $homepage = html_entity_decode($homepage);
                redirect($homepage);
            }
        }
        return;
        #redirect("index.php");
    } else {
        if (isset($_POST['loginsubmit'])) {
            //No error if changing languages
            $error .= lang('usernameincorrect');
            debug_buffer("Login failed.  Error is: " . $error);
            Events::SendEvent('Core', 'LoginFailed', array('user' => $_POST['username']));
            // put mention into the admin log
            $ip_login_failed = cms_utils::get_real_ip();
            if ($ip_login_failed) {
                // <- Silently ignore audit if return values is not ture, had admin XSS vulne.
                audit('', '(IP: ' . $ip_login_failed . ') ' . "Admin Username: "******"loginsubmit"]);
        }
    }
}
// Language shizzle
cms_admin_sendheaders();
示例#20
0
文件: login.php 项目: rasomu/chuza
                    $homepage .= '?' . CMS_SECURE_PARAM_NAME . '=' . $_SESSION[CMS_USER_KEY];
                }
                $homepage = html_entity_decode($homepage);
                redirect($homepage);
            }
        }
        return;
        #redirect("index.php");
    } else {
        if (isset($_POST['loginsubmit'])) {
            //No error if changing languages
            $error .= lang('usernameincorrect');
            debug_buffer("Login failed.  Error is: " . $error);
            audit($username, $username, 'User Login Failed');
            #Now call the event
            Events::SendEvent('Core', 'LoginPost', $username);
        } else {
            debug_buffer($_POST["loginsubmit"]);
        }
    }
}
// Language shizzle
//header("Content-Encoding: " . get_encoding());
header("Content-Language: " . $current_language);
header("Content-Type: text/html; charset=" . get_encoding());
//CHANGED
$theme = get_site_preference('logintheme', 'default');
//echo "theme:$theme";
debug_buffer('debug is:' . $error);
if (file_exists(dirname(__FILE__) . "/themes/{$theme}/login.php")) {
    include dirname(__FILE__) . "/themes/{$theme}/login.php";
示例#21
0
 $onestylesheet->media_query = $media_query;
 Events::SendEvent('Core', 'EditStylesheetPre', array('stylesheet' => &$onestylesheet));
 $result = $onestylesheet->Save();
 // Update the css hash
 // deprecated:  this was used by the stylesheet.php function which we no longer distribute
 // as of CMSMS 1.10.
 $config = $gCms->GetConfig();
 $hashfile = cms_join_path($config['root_path'], 'tmp', 'cache', 'csshash.dat');
 $md5sum = md5($css_text);
 $csshash = csscache_csvfile_to_hash($hashfile);
 $csshash[$css_id] = $md5sum;
 csscache_hash_to_csvfile($hashfile, $csshash);
 if ($result) {
     #Start using new name, just in case this is an apply
     $orig_css_name = $css_name;
     Events::SendEvent('Core', 'EditStylesheetPost', array('stylesheet' => &$onestylesheet));
     // put mention into the admin log
     audit($css_id, 'Stylesheet: ' . $css_name, 'Changed');
     # we now have to check which templates are associated with this CSS and update their modified date.
     $cssquery = "SELECT assoc_to_id FROM " . cms_db_prefix() . "css_assoc\n\t\t\t\t\tWHERE\tassoc_type\t\t= 'template'\n\t\t\t\t\tAND\t\tassoc_css_id\t=  ?";
     $cssresult = $db->Execute($cssquery, array($css_id));
     # now updating templates
     while ($cssresult && ($line = $cssresult->FetchRow())) {
         $query = "UPDATE " . cms_db_prefix() . "templates SET modified_date = " . $db->DBTimeStamp(time()) . " \n\t\t\t\t\t\tWHERE template_id = '" . $line["assoc_to_id"] . "'";
         $result = $db->Execute($query);
         if (FALSE == $result) {
             $error .= "<li>" . lang('errorupdatingtemplate') . "</li>";
         }
     }
     if (!isset($_POST["apply"])) {
         if ($from == 'templatecssassoc') {
示例#22
0
        }
        // specified page not found, load the 404 error page.
        $contentobj = $contentops->LoadContentFromAlias('error404', true);
        if (is_object($contentobj)) {
            // we have a 404 error page.
            header("HTTP/1.0 404 Not Found");
            header("Status: 404 Not Found");
        } else {
            // no 404 error page.
            ErrorHandler404();
            return;
        }
    }
}
// while trycount
Events::SendEvent('Core', 'ContentPostRender', array('content' => &$html));
$ct = cmsms()->get_variable('content-type');
if (!$ct) {
    $ct = 'text/html';
}
header("Content-Type: {$ct}; charset=" . get_encoding());
echo $html;
@ob_flush();
$endtime = microtime();
$db =& cmsms()->GetDb();
if ($config['debug'] == TRUE || isset($config['show_performance_info']) && $showtemplate == true) {
    $memory = function_exists('memory_get_usage') ? memory_get_usage() : 0;
    $memory = $memory - $orig_memory;
    $memory_peak = function_exists('memory_get_peak_usage') ? memory_get_peak_usage() : 0;
    if (!is_sitedown() && $config["debug"] == true) {
        echo "<p>Generated in " . microtime_diff($starttime, $endtime) . " seconds by CMS Made Simple using " . (isset($db->query_count) ? $db->query_count : '') . " SQL queries and {$memory} bytes of memory (peak memory usage was {$memory_peak})</p>";
示例#23
0
            continue;
        }
        // Send the ChangeGroupAssignPre event
        Events::SendEvent('Core', 'ChangeGroupAssignPre', array('group' => $thisGroup, 'users' => $userops->LoadUsersInGroup($thisGroup->id)));
        $query = "DELETE FROM " . cms_db_prefix() . "user_groups WHERE group_id = ? AND user_id != ?";
        $result = $db->Execute($query, array($thisGroup->id, $userid));
        $iquery = "INSERT INTO " . cms_db_prefix() . "user_groups (group_id, user_id, create_date, modified_date) VALUES (?,?,?,?)";
        foreach ($_POST as $key => $value) {
            if (strpos($key, "ug") == 0 && strpos($key, "ug") !== false) {
                $keyparts = explode('_', $key);
                if ($keyparts[2] == $thisGroup->id && $value == '1') {
                    $result = $db->Execute($iquery, array($thisGroup->id, $keyparts[1], $db->DBTimeStamp(time()), $db->DBTimeStamp(time())));
                }
            }
        }
        Events::SendEvent('Core', 'ChangeGroupAssignPost', array('group' => $thisGroup, 'users' => $userops->LoadUsersInGroup($thisGroup->id)));
        audit($group_id, 'Group ID', lang('assignmentchanged'));
    }
    audit($userid, 'Group ID', lang('assignmentchanged'));
    $message = lang('assignmentchanged');
}
$query = "SELECT u.user_id, u.username, ug.group_id FROM " . cms_db_prefix() . "users u LEFT JOIN " . cms_db_prefix() . "user_groups ug ON u.user_id = ug.user_id ORDER BY u.username";
$result = $db->Execute($query);
$user_struct = array();
while ($result && ($row = $result->FetchRow())) {
    if (isset($user_struct[$row['user_id']])) {
        $str =& $user_struct[$row['user_id']];
        $str->group[$row['group_id']] = 1;
    } else {
        $thisUser = new stdClass();
        $thisUser->group = array();
示例#24
0
     if (isset($_POST["additional_editors"])) {
         $the_blob->ClearAuthors();
         foreach ($_POST["additional_editors"] as $addt_user_id) {
             $the_blob->AddAuthor($addt_user_id);
         }
     }
     Events::SendEvent('Core', 'EditGlobalContentPre', array('global_content' => &$the_blob));
     $result = $the_blob->save();
     if ($result) {
         // put mention into the admin log
         audit($the_blob->id, 'Global Content Block: ' . $the_blob->name, 'Edited');
         #Clear cache
         $smarty = cmsms()->GetSmarty();
         $smarty->clear_all_cache();
         $smarty->clear_compiled_tpl();
         Events::SendEvent('Core', 'EditGlobalContentPost', array('global_content' => &$the_blob));
         if (!isset($_POST['apply'])) {
             redirect('listhtmlblobs.php' . $urlext);
             return;
         }
     } else {
         $error .= "<li>" . lang('errorinsertingblob') . "</li>";
     }
 }
 if ($ajax) {
     header('Content-Type: text/xml');
     print '<?xml version="1.0" encoding="UTF-8"?>';
     print '<EditBlob>';
     if ($error) {
         print '<Response>Error</Response>';
         print '<Details><![CDATA[' . $error . ']]></Details>';
示例#25
0
     }
     redirect($thisurl);
 }
 if ($action == "uninstall") {
     if (isset($gCms->modules[$module])) {
         $modinstance = $gCms->modules[$module]['object'];
         $result = $modinstance->Uninstall();
         #now insert a record
         if (!isset($result) || $result === FALSE) {
             #now delete the record
             $query = "DELETE FROM " . cms_db_prefix() . "modules WHERE module_name = ?";
             $db->Execute($query, array($module));
             #delete any dependencies
             $query = "DELETE FROM " . cms_db_prefix() . "module_deps WHERE child_module = ?";
             $db->Execute($query, array($module));
             Events::SendEvent('Core', 'ModuleUninstalled', array('name' => $module));
             #and show the uninstallpost if necessary...
             if ($modinstance->UninstallPostMessage() != FALSE) {
                 //Redirect right away so that the uninstalled module is removed from the menu
                 redirect($thisurl . '&action=showpostuninstall&module=' . $module);
             }
         } else {
             //TODO: Echo error
         }
     }
     redirect($thisurl);
 }
 if ($action == 'showpostuninstall') {
     // this is probably dead code now
     if (isset($gCms->modules[$module])) {
         $modinstance = $gCms->modules[$module]['object'];
 function Delete()
 {
     $gCms = cmsms();
     global $sql_queries, $debug_errors;
     $config = $gCms->GetConfig();
     Events::SendEvent('Core', 'ContentDeletePre', array('content' => &$this));
     $db = $gCms->GetDb();
     $result = false;
     if (-1 > $this->mId) {
         if (true == $config["debug"]) {
             # :TODO: Translate the error message
             $debug_errors .= "<p>Could not delete content : invalid Id</p>\n";
         }
     } else {
         $query = "DELETE FROM " . cms_db_prefix() . "content WHERE content_id = ?";
         $dbresult = $db->Execute($query, array($this->mId));
         if (!$dbresult) {
             if (true == $config["debug"]) {
                 # :TODO: Translate the error message
                 $debug_errors .= "<p>Error deleting content</p>\n";
             }
         }
         // Fix the item_order if necessary
         $query = "UPDATE " . cms_db_prefix() . "content SET item_order = item_order - 1 WHERE parent_id = ? AND item_order > ?";
         $result = $db->Execute($query, array($this->ParentId(), $this->ItemOrder()));
         // Remove the cross references
         remove_cross_references($this->mId, 'content');
         $cachefilename = TMP_CACHE_LOCATION . '/contentcache.php';
         @unlink($cachefilename);
         if (NULL != $this->mProperties) {
             # :TODO: There might be some error checking there
             $this->mProperties->Delete($this->mId);
         } else {
             if (true == $config["debug"]) {
                 # :TODO: Translate the error message
                 $debug_errors .= "<p>Error deleting : the content has no properties</p>\n";
             }
         }
     }
     Events::SendEvent('Core', 'ContentDeletePost', array('content' => &$this));
 }
示例#27
0
         //catch the error
         //eval('function testfunction'.rand().'() {'.$code.'}');
         $buffer = ob_get_clean();
         //add error
         $error[] = preg_replace('/<br \\/>/', '', $buffer);
         $validinfo = false;
     } else {
         ob_get_clean();
     }
 }
 if ($validinfo) {
     Events::SendEvent('Core', 'EditUserDefinedTagPre', array('id' => $userplugin_id, 'name' => &$plugin_name, 'code' => &$code));
     $query = "UPDATE " . cms_db_prefix() . "userplugins SET userplugin_name = " . $db->qstr($plugin_name) . ", code = " . $db->qstr($code) . ", modified_date = " . $db->DBTimeStamp(time()) . " WHERE userplugin_id = " . $db->qstr($userplugin_id);
     $result = $db->Execute($query);
     if ($result) {
         Events::SendEvent('Core', 'EditUserDefinedTagPost', array('id' => $userplugin_id, 'name' => &$plugin_name, 'code' => &$code));
         audit($userplugin_id, $plugin_name, 'Edited User Defined Tag');
         if (!isset($_POST['apply'])) {
             redirect("listusertags.php" . $urlext . "&message=usertagupdated");
             return;
         }
     } else {
         $error[] = lang('errorupdatingusertag');
     }
 }
 if ($ajax) {
     header('Content-Type: text/xml');
     print '<?xml version="1.0" encoding="UTF-8"?>';
     print '<EditUserPlugin>';
     if (sizeof($error)) {
         print '<Response>Error</Response>';
示例#28
0
    }
    // If success do action
    if ($validinfo) {
        $userobj->username = $username;
        $userobj->firstname = $firstname;
        $userobj->lastname = $lastname;
        $userobj->email = $email;
        if ($password != '') {
            $userobj->SetPassword($password);
        }
        Events::SendEvent('Core', 'EditUserPre', array('user' => &$userobj));
        $result = $userobj->Save();
        if ($result) {
            // put mention into the admin log
            audit($userid, 'Admin Username: '******'Edited');
            Events::SendEvent('Core', 'EditUserPost', array('user' => &$userobj));
            $message = lang('accountupdated');
        } else {
            // throw exception? update just failed.
        }
    }
}
// end of account submit
/**
 * Submit prefs
 */
if (isset($_POST['submit_prefs'])) {
    # Get values from request and drive em to variables
    $gcb_wysiwyg = isset($_POST['gcb_wysiwyg']) ? 1 : 0;
    $wysiwyg = $_POST['wysiwyg'];
    $syntaxhighlighter = $_POST['syntaxhighlighter'];
示例#29
0
        $userops = $gCms->GetUserOperations();
        $thisuser =& $userops->LoadUserByID($_GET["toggleactive"]);
        if ($thisuser) {
            //modify users, is this enough?
            $userid = get_userid();
            $permission = check_permission($userid, 'Modify Users');
            $result = false;
            if ($permission) {
                $thisuser->active == 1 ? $thisuser->active = 0 : ($thisuser->active = 1);
                Events::SendEvent('Core', 'EditUserPre', array('user' => $thisuser));
                $result = $thisuser->save();
            }
            if ($result) {
                // put mention into the admin log
                audit($userid, 'Admin Username: '******'Edited');
                Events::SendEvent('Core', 'EditUserPost', array('user' => $thisuser));
            } else {
                $error .= "<li>" . lang('errorupdatinguser') . "</li>";
            }
        }
    }
}
if (FALSE == empty($error)) {
    echo $themeObject->ShowErrors('<ul class="error">' . $error . '</ul>');
}
?>

<div class="pagecontainer">
	<div class="pageoverflow">

<?php 
示例#30
0
 /**
  * Loads modules from the filesystem.  If loadall is true, then it will load all
  * modules whether they're installed, or active.  If it is false, then it will
  * only load modules which are installed and active.
  *
  * @param boolean $loadall Should be load all modules?
  * @param boolean $noadmin Should we skip all modules marked as admin only?
  * @return void
  */
 function LoadModules($loadall = false, $noadmin = false)
 {
     global $gCms;
     $db =& $gCms->GetDb();
     $cmsmodules =& $gCms->modules;
     $dir = dirname(dirname(dirname(__FILE__))) . DIRECTORY_SEPARATOR . "modules";
     if ($loadall == true) {
         if ($handle = @opendir($dir)) {
             while (($file = readdir($handle)) !== false) {
                 if (@is_file("{$dir}/{$file}/{$file}.module.php")) {
                     include_once "{$dir}/{$file}/{$file}.module.php";
                 } else {
                     unset($cmsmodules[$file]);
                 }
             }
             closedir($handle);
         }
         //Find modules and instantiate them
         $allmodules = $this->FindModules();
         foreach ($allmodules as $onemodule) {
             if (class_exists($onemodule)) {
                 $newmodule = new $onemodule();
                 $name = $newmodule->GetName();
                 $cmsmodules[$name]['object'] = $newmodule;
                 $cmsmodules[$name]['installed'] = false;
                 $cmsmodules[$name]['active'] = false;
             } else {
                 unset($cmsmodules[$name]);
             }
         }
     }
     #Figger out what modules are active and/or installed
     #Load them if loadall is false
     if (isset($db)) {
         $query = '';
         $where = array();
         if ($noadmin) {
             $where[] = 'admin_only = 0';
         }
         if ($loadall != true) {
             $where[] = 'active = 1';
         }
         $query = 'SELECT * FROM ' . cms_db_prefix() . 'modules ';
         if (count($where)) {
             $query .= 'WHERE ' . implode(' AND ', $where);
         }
         $query .= ' ORDER by module_name';
         $result =& $db->Execute($query);
         while ($result && !$result->EOF) {
             if (isset($result->fields['module_name'])) {
                 $modulename = $result->fields['module_name'];
                 if (isset($modulename)) {
                     if ($loadall == true) {
                         if (isset($cmsmodules[$modulename])) {
                             $cmsmodules[$modulename]['installed'] = true;
                             $cmsmodules[$modulename]['active'] = $result->fields['active'] == 1 ? true : false;
                         }
                     } else {
                         if ($result->fields['active'] == 1) {
                             if (@is_file("{$dir}/{$modulename}/{$modulename}.module.php")) {
                                 #var_dump('loading module:' . $modulename);
                                 include_once "{$dir}/{$modulename}/{$modulename}.module.php";
                                 if (class_exists($modulename)) {
                                     $newmodule = new $modulename();
                                     $name = $newmodule->GetName();
                                     global $CMS_VERSION;
                                     $dbversion = $result->fields['version'];
                                     #Check to see if there is an update and wether or not we should perform it
                                     if (version_compare($dbversion, $newmodule->GetVersion()) == -1 && $newmodule->AllowAutoUpgrade() == TRUE) {
                                         $newmodule->Upgrade($dbversion, $newmodule->GetVersion());
                                         $query = "UPDATE " . cms_db_prefix() . "modules SET version = ? WHERE module_name = ?";
                                         $db->Execute($query, array($newmodule->GetVersion(), $name));
                                         Events::SendEvent('Core', 'ModuleUpgraded', array('name' => $name, 'oldversion' => $dbversion, 'newversion' => $newmodule->GetVersion()));
                                         $dbversion = $newmodule->GetVersion();
                                     }
                                     #Check to see if version in db matches file version
                                     if ($dbversion == $newmodule->GetVersion() && version_compare($newmodule->MinimumCMSVersion(), $CMS_VERSION) != 1) {
                                         $cmsmodules[$name]['object'] = $newmodule;
                                         $cmsmodules[$name]['installed'] = true;
                                         $cmsmodules[$name]['active'] = $result->fields['active'] == 1 ? true : false;
                                     } else {
                                         unset($cmsmodules[$name]);
                                     }
                                 } else {
                                     unset($cmsmodules[$modulename]);
                                 }
                             } else {
                                 unset($cmsmodules[$modulename]);
                             }
                         }
                     }
                 }
                 $result->MoveNext();
             }
         }
         if ($result) {
             $result->Close();
         }
     }
 }