function __grab($action, $redirect_on_error = true) { $domain = str_replace("http://", '', URL); $mandatory_fields = array("_a" => strtoupper($action), "_b" => $this->_parent->getConfigVar("build", "symphony"), "_DOMAIN" => $domain); foreach ($mandatory_fields as $key => $val) { $d[] = $key . "=" . urlencode($val); } $mandatory_fields = implode("&", $d); if (trim($this->_postfields) != "") { $mandatory_fields .= "&" . ltrim($this->_postfields, '&'); } $this->setopt("POSTFIELDS", $mandatory_fields); $data = $this->exec(); $this->flush(); if ($data === false && $redirect_on_error) { General::redirect(URL . "/symphony/?page=/system/message/"); } return $data; }
@chmod($dest, intval($Admin->getConfigVar("write_mode", "file"), 8)); ### # Delegate: Upload # Description: File successfully uploaded. Path to it is provided. $CampfireManager->notifyMembers('Upload', CURRENTPAGE, array('file' => $dest)); General::redirect($Admin->getCurrentPageURL() . "&_f=upload-success&filter=" . str_replace("workspace", "", $_POST['destination'])); ##Moving Failed } else { General::redirect($Admin->getCurrentPageURL() . "&_f=upload-fail&filter=" . $_REQUEST['filter']); } ##Could not move the file } else { General::redirect($Admin->getCurrentPageURL() . "&_f=upload-fail&filter=" . $_REQUEST['filter']); } } $checked = @array_keys($_POST['items']); switch ($_POST["with-selected"]) { case 'delete': ### # Delegate: Delete # Description: Prior to deletion of files. Array of files selected is provided. This can be manipulated. $CampfireManager->notifyMembers('Delete', CURRENTPAGE, array('files' => &$checked)); foreach ($checked as $f) { if (!preg_match('/\\/workspace\\//i', $f)) { break; } @unlink($f); } General::redirect($Admin->getCurrentPageURL() . "&_f=deleted&filter=" . $_REQUEST['filter']); break; }
$fields['validator'] = intval($fields['validator']); $fields['validation_rule'] = NULL; } if ($fields['type'] == 'checkbox') { $fields['default_state'] = isset($fields['default_state']) ? 'checked' : 'unchecked'; } else { $fields['default_state'] = 'na'; } include_once TOOLKIT . "/class.customfieldmanager.php"; $CustomFieldManager = new CustomFieldManager($Admin); $CustomField =& $CustomFieldManager->create(); $CustomField->set('id', $field_id); foreach ($fields as $key => $val) { $CustomField->set($key, $val); } if ($CustomField->commit()) { $Admin->rebuildWorkspaceConfig(); $Admin->flush_cache(array("entries", "customfields")); ### # Delegate: Edit # Description: After editing a customfield. ID is provided. $CampfireManager->notifyMembers('Edit', CURRENTPAGE, array('customfield_id' => $field_id)); if (@array_key_exists("save", $_POST['action'])) { General::redirect($Admin->getCurrentPageURL() . "&id=" . $field_id . "&_f=saved"); } General::redirect(URL . "/symphony/?page=/structure/customfields/"); } } } } }
<?php /*** * * Symphony web publishing system * * Copyright 2004–2006 Twenty One Degrees Pty. Ltd. * * @version 1.7 * @licence https://github.com/symphonycms/symphony-1.7/blob/master/LICENCE * ***/ if (!@is_file(WORKSPACE . "/masters/" . $_REQUEST['file'] . ".xsl")) { General::redirect(URL . "/symphony/?page=/blueprint/masters/new/"); } $Admin->addScriptToHead('assets/editor.js'); $GLOBALS['pageTitle'] = 'Masters > ' . $_REQUEST['file']; $fields = array(); $sql = "SELECT t1.*, t2.* " . "FROM `tbl_masters` as t1 " . "LEFT JOIN `tbl_metadata` as t2 ON t2.relation_id = t1.id AND t2.class = 'master' " . "WHERE t1.name = '" . $_REQUEST['file'] . "' " . "GROUP BY t1.id " . "LIMIT 1"; $fields = $DB->fetchRow(0, $sql); $fields["name"] = $_REQUEST['file']; $fields["body"] = @file_get_contents(WORKSPACE . "/masters/" . $_REQUEST['file'] . ".xsl"); $fields['data_sources'] = @explode(",", $fields['data_sources']); $fields['events'] = @explode(",", $fields['events']); $utilities = $DB->fetch("SELECT DISTINCT t1.*\n\t\t\t\t\t\t\t FROM `tbl_utilities` as t1\n\t\t\t\t\t\t\t LEFT JOIN `tbl_utilities2datasources` as t2 ON t1.id = t2.utility_id\n\t\t\t\t\t\t\t LEFT JOIN `tbl_utilities2events` as t3 ON t1.id = t3.utility_id\n\t\t\t\t\t\t\t WHERE (t2.`data_source` IS NULL AND t3.`event` IS NULL)\n\t\t\t\t\t\t\t OR (t2.`data_source` IN ('" . @implode("', '", $fields['data_sources']) . "')\n\t\t\t\t\t\t\t OR t3.`event` IN ('" . @implode("', '", $fields['events']) . "'))"); $date = $Admin->getDateObj(); if (defined("__SYM_ENTRY_MISSINGFIELDS__")) { $Admin->pageAlert("required", array(@implode(", ", $required)), false, 'error'); } if (isset($_GET['_f'])) { switch ($_GET['_f']) {
if (isset($_POST['action']['uninstall'])) { $service = $_REQUEST['name']; ### # Delegate: Uninstall # Description: Triggered prior to any uninstallation. Array of selected services is provided. # This cannot be modified. $CampfireManager->notifyMembers('Uninstall', CURRENTPAGE, array('service' => $service)); list($owner, $name) = explode('/', $service); $CampfireManager->uninstall($name, $owner); General::redirect(URL . '/symphony/?page=/campfire/&_f=complete-uninstall'); } elseif (isset($_POST['action']['install'])) { $service = $_REQUEST['name']; ### # Delegate: Install # Description: Notifies of installing a Campfire services. service name is provided. # This cannot be modified. $CampfireManager->notifyMembers('Install', CURRENTPAGE, array('service' => $service)); list($owner, $name) = explode('/', $service); $CampfireManager->install($name, $owner); General::redirect(URL . '/symphony/?page=/campfire/&_f=complete-install'); } elseif (isset($_POST['action']['update'])) { $service = $_REQUEST['name']; ### # Delegate: Update # Description: Notifies of updating a Campfire services. service name is provided. # This cannot be modified. $CampfireManager->notifyMembers('Update', CURRENTPAGE, array('service' => $service)); list($owner, $name) = explode('/', $service); $CampfireManager->update($name, $owner); General::redirect(URL . '/symphony/?page=/campfire/&_f=complete-update'); }
* Symphony web publishing system * * Copyright 2004–2006 Twenty One Degrees Pty. Ltd. * * @version 1.7 * @licence https://github.com/symphonycms/symphony-1.7/blob/master/LICENCE * ***/ if (!is_file('../manifest/config.php')) { die("<h2>Error</h2><p>Symphony Engine could not be loaded.</p>"); } require_once '../manifest/config.php'; //Fix for double login problem $url_bits = parse_url(URL); if ($_SERVER['HTTP_HOST'] != $url_bits['host'] && $_SERVER['HTTP_HOST'] != $url_bits['host'] . ':' . $url_bits['port']) { General::redirect(URL . "/symphony/?" . $_SERVER['QUERY_STRING']); exit; } require_once LIBRARY . "/class.admin.php"; $Admin =& new Admin(array("start_session" => true, "config" => $settings)); $Admin->addHeaderToPage("Content-Type", "text/html; charset=UTF-8"); $dbDriver = $Admin->getConfigVar("driver", "database"); if (!class_exists($dbDriver)) { $dbDriver = "MySQL"; } $DB = new $dbDriver($Admin->getConfigVar("database")); if (!$DB->isConnected()) { $Admin->fatalError(NULL, "<p>There was a problem establishing a connection to the MySQL server. Check that the details in your configuration file <code>/manifest/config.php</code> are correct.</p>", true, true); } if (!$DB->getSelected()) { $Admin->fatalError(NULL, "<p>There was a problem establishing a connection to the specified database. Check that the details in your configuration file <code>/manifest/config.php</code> are correct.</p>", true, true);
$fields['author_column'] = isset($fields['author_column']) ? 'show' : 'hide'; $fields['date_column'] = isset($fields['date_column']) ? 'show' : 'hide'; $fields['calendar_show'] = isset($fields['calendar_show']) ? 'show' : 'hide'; #$fields['valid_xml_column'] = (isset($fields['valid_xml_column']) ? 'show' : 'hide'); $fields['columns'][$current_primary_field] = 'on'; $visable = @array_keys($fields['columns']); if (isset($fields['columns'])) { unset($fields['columns']); } if ($DB->update($fields, "tbl_sections", "WHERE `id` = '" . $section_id . "'")) { $DB->query("DELETE FROM `tbl_sections_visible_columns` WHERE `section_id` = '{$section_id}'"); if (is_array($visable) && !empty($visable)) { foreach ($visable as $v) { $DB->query("INSERT INTO `tbl_sections_visible_columns` VALUES ('{$v}', '{$section_id}')"); } } $Admin->updateMetadata("section", $section_id); $Admin->rebuildWorkspaceConfig(); $Admin->flush_cache(array("entries", "comments")); ### # Delegate: Edit # Description: After editing a Section. The ID is provided. $CampfireManager->notifyMembers('Edit', CURRENTPAGE, array('section_id' => $section_id)); if (@array_key_exists("save", $_POST['action'])) { General::redirect($Admin->getCurrentPageURL() . "&id=" . $section_id . "&_f=saved"); } General::redirect(URL . "/symphony/?page=/structure/sections/"); } } } }
<?php /*** * * Symphony web publishing system * * Copyright 2004–2006 Twenty One Degrees Pty. Ltd. * * @version 1.7 * @licence https://github.com/symphonycms/symphony-1.7/blob/master/LICENCE * ***/ if ($Admin->authorIsLoggedIn()) { General::redirect(URL . "/symphony/"); } switch ($_GET['_f']) { case "error": $error = "Login invalid. <a href=\"" . URL . "/symphony/?page=/login/&forgot\">Forgot your password?</a>"; break; } if ((isset($_REQUEST['forgot']) || $_f == "forgot") && $_f != "newpass") { ?> <form action="<?php print $Admin->getCurrentPageURL(); ?> " method="post"> <h2><span>Symphony – Email Login Details</span></h2> <fieldset> <?php if (isset($error)) {
# Delegate: Edit # Description: After saving the page. The Page's database ID is provided. $CampfireManager->notifyMembers('Edit', CURRENTPAGE, array('page_id' => $page_id)); if (@array_key_exists("output", $_POST['action'])) { General::redirect(URL . "/" . $Admin->resolvePagePath($page_id) . "/?debug"); } if (@array_key_exists("save", $_POST['action'])) { General::redirect($Admin->getCurrentPageURL() . "&id={$page_id}&_f=saved"); } General::redirect(URL . "/symphony/?page=/blueprint/pages/&id={$page_id}&_f=saved"); } } } } } } if (@array_key_exists("delete", $_POST['action'])) { $page_id = $_REQUEST['id']; ### # Delegate: Delete # Description: Prior to deletion. Provided with Page's database ID $CampfireManager->notifyMembers('Delete', CURRENTPAGE, array('page' => $page_id)); $page = $DB->fetchRow(0, "SELECT * FROM tbl_pages WHERE `id` = '{$page_id}'"); $DB->delete("tbl_pages", "WHERE `id` = '{$page_id}'"); $DB->delete("tbl_pages_hierarchy", "WHERE `entry_id` = '{$page_id}'"); $DB->delete("tbl_metadata", "WHERE `relation_id` = '{$page_id}' AND `class` = 'page'"); $DB->query("UPDATE tbl_pages SET `sortorder` = (`sortorder` + 1) WHERE `sortorder` < '{$page_id}'"); unlink(WORKSPACE . "/pages/" . $page['handle'] . ".xsl"); $Admin->flush_cache(array("pages")); General::redirect(URL . "/symphony/?page=/blueprint/pages/&_f=deleted"); }
/*** * * Symphony web publishing system * * Copyright 2004–2006 Twenty One Degrees Pty. Ltd. * * @version 1.7 * @licence https://github.com/symphonycms/symphony-1.7/blob/master/LICENCE * ***/ $Admin->addScriptToHead('assets/editor.js'); $fields = array(); $dsPath = DATASOURCES . "/data." . $_REQUEST['file'] . ".php"; if (!@is_file($dsPath)) { General::redirect(URL . "/symphony/?page=/blueprint/datasources/new/"); } $sections = $DB->fetch("SELECT * FROM `tbl_sections`"); $xml_fields = array(); ##Entries $xml_fields['entries'] = array("date", "time", "rfc822-date", "pagination-info", "author::first-name", "author::last-name", "author::email", "author::username"); ##Authors $xml_fields['authors'] = array("entry-count", "first-name", "last-name", "email", "username", "status", "auth-token", "email-hash"); ##Comments $xml_fields['comments'] = array("spam", "author", "date", "time", "rfc822-date", "pagination-info", "authorised", "message", "url", "email", "email-hash"); $DSM = new DatasourceManager(array('parent' => &$Admin)); $oDataSource = $DSM->create($_REQUEST['file']); $about = $oDataSource->about(); $GLOBALS['pageTitle'] = 'Data Sources > ' . $about['name']; $allow_parse = $oDataSource->allowEditorToParse(); $type = $oDataSource->getType();
<?php /*** * * Symphony web publishing system * * Copyright 2004–2006 Twenty One Degrees Pty. Ltd. * * @version 1.7 * @licence https://github.com/symphonycms/symphony-1.7/blob/master/LICENCE * ***/ if (!$Admin->authorIsOwner()) { $Admin->fatalError('Access Denied', '<p>Access denied. You are not authorised to access this page.</p>', true, true); } if (isset($_POST['action']['sync'])) { $retval = $Admin->synchroniseWorkspace(); General::redirect($Admin->getCurrentPageURL() . '&' . ($retval ? 'sync=complete' : 'sync=failed')); } elseif (isset($_POST['action']['uninstall'])) { $Admin->uninstall(); $Admin->fatalError('Uninstall Successful', '<p>Any Campfire Services have been left intact, along with the <code>symphony</code> folder, <code>index.php</code> and your database.</p><p>To complete the uninstall you will need to remove the aforementioned items manually.</p>', true); }
define("__SYM_ENTRY_MISSINGFIELDS__", true); } elseif ($fields['password'] != $fields['password_confirm']) { $Admin->pageAlert("password-mismatch", NULL, false, 'error'); } elseif ($authorManager->fetchByUsername($fields['username'])) { $Admin->pageAlert("duplicate", array("An Author", "username"), false, 'error'); } else { $author =& $authorManager->create(); $author->set('textformat', $fields['textformat']); $author->set('superuser', $fields['superuser']); $author->set('owner', '0'); $author->set('email', $fields['email']); $author->set('username', $fields['username']); $author->set('firstname', General::sanitize($fields['firstname'])); $author->set('lastname', General::sanitize($fields['lastname'])); $author->set('last_refresh', NULL); $author->set('last_session', NULL); $author->set('password', md5($fields['password'])); $author->set('allow_sections', @implode(",", $fields['allow_sections'])); $author->set('auth_token_active', $fields['auth_token_active'] ? $fields['auth_token_active'] : 'no'); if ($author_id = $author->commit()) { ### # Delegate: Create # Description: Creation of a new Author. The ID of the author is provided. $CampfireManager->notifyMembers('Create', CURRENTPAGE, array('author_id' => $author_id)); if (@array_key_exists("save", $_POST['action'])) { General::redirect(URL . "/symphony/?page=/settings/authors/edit/&id={$author_id}&_f=saved"); } General::redirect(URL . "/symphony/?page=/settings/authors/&_f=saved"); } } }
<?php /*** * * Symphony web publishing system * * Copyright 2004–2006 Twenty One Degrees Pty. Ltd. * * @version 1.7 * @licence https://github.com/symphonycms/symphony-1.7/blob/master/LICENCE * ***/ $Admin->addScriptToHead('assets/editor.js'); if (!isset($_REQUEST['id'])) { General::redirect(URL . "/symphony/?page=/blueprint/utilities/new/"); } $fields = array(); if (isset($_REQUEST['id'])) { $sql = "SELECT t1.*, t2.* " . "FROM `tbl_utilities` as t1 " . "LEFT JOIN `tbl_metadata` as t2 ON t2.relation_id = t1.id AND t2.class = 'transformation' " . "WHERE t1.id = '" . $_REQUEST['id'] . "' " . "GROUP BY t1.id " . "LIMIT 1"; $fields = $DB->fetchRow(0, $sql); $GLOBALS['pageTitle'] = 'Utilities > ' . $fields['name']; $fields['data_source'] = $DB->fetchCol('data_source', "SELECT `data_source` FROM `tbl_utilities2datasources` WHERE utility_id = '" . $_REQUEST['id'] . "'"); $fields['events'] = $DB->fetchCol('event', "SELECT `event` FROM `tbl_utilities2events` WHERE utility_id = '" . $_REQUEST['id'] . "'"); $fields["body"] = @file_get_contents(WORKSPACE . "/utilities/" . $fields['handle'] . ".xsl"); } if (defined("__SYM_ENTRY_MISSINGFIELDS__")) { $Admin->pageAlert("required", array(@implode(", ", $required)), false, 'error'); } $date = $Admin->getDateObj(); if (isset($_GET['_f'])) { switch ($_GET['_f']) {
<?php /*** * * Symphony web publishing system * * Copyright 2004–2006 Twenty One Degrees Pty. Ltd. * * @version 1.7 * @licence https://github.com/symphonycms/symphony-1.7/blob/master/LICENCE * ***/ if (isset($_POST['action']['apply'])) { $checked = @array_keys($_POST['items']); if (!empty($checked) && is_array($checked)) { switch ($_POST["with-selected"]) { case 'delete': ### # Delegate: Delete # Description: Prior to deletion of entries. Section ID and Array of Entries is provided. # The array can be manipulated $CampfireManager->notifyMembers('Delete', CURRENTPAGE, array('section_id' => $_REQUEST['_sid'], 'entry_id' => &$checked)); include_once TOOLKIT . "/class.entrymanager.php"; $entryManager = new EntryManager($Admin); $entryManager->delete($checked); $Admin->flush_cache(array("entries", "authors", "comments")); General::redirect($Admin->getCurrentPageURL() . "&_sid=" . $_REQUEST['_sid'] . "&_f=complete"); } } }
$fields = $_POST['fields']; } elseif ($author_id) { $sql = "SELECT * " . "FROM `tbl_authors` " . "WHERE `id` = '" . addslashes($_GET['id']) . "' "; if ($fields = $DB->fetchRow(0, $sql)) { $fields['allow_sections'] = @explode(",", $fields['allow_sections']); } else { General::redirect(URL . "/symphony/?page=/settings/authors/new/"); } } else { General::redirect(URL . "/symphony/?page=/settings/authors/new/"); } if (!$Admin->authorIsOwner() && !($isOwner = $author_id == $Admin->getAuthorID())) { if (!$Admin->authorIsSuper()) { General::redirect(URL . "/symphony/?page=/settings/authors/summary/&id={$author_id}"); } elseif ($fields['superuser'] == '1' || $fields['owner'] == '1') { General::redirect(URL . "/symphony/?page=/settings/authors/summary/&id={$author_id}"); } } $date = $Admin->getDateObj(); if (isset($_GET['_f'])) { switch ($_GET['_f']) { case "saved": $Admin->pageAlert("saved-time", array("Author profile", date("h:i:sa", $date->get(true, false)))); break; } } $GLOBALS['pageTitle'] = 'Authors > ' . $fields['firstname'] . ' ' . $fields['lastname']; if (defined("__SYM_ENTRY_MISSINGFIELDS__")) { $Admin->pageAlert("required", array(@implode(", ", $required)), false, 'error'); } $TFM = new TextformatterManager(array('parent' => &$Admin));
<?php if (!isset($_REQUEST['auth'])) { General::redirect(URL . '/symphony/'); } $ch = new Gateway(); $ch->init(); $ch->setopt("URL", URL . '/symphony/ajax/'); $ch->setopt("POST", 1); $ch->setopt("POSTFIELDS", array('action' => 'status', 'token' => $_REQUEST['auth'], 'mode' => 'full')); $data = $ch->exec(); $parser = new XmlDoc(); $parser->parseString($data); $doc = $parser->getArray(); unset($parser); $obDate = $Admin->getDateObj(); $rss = new XMLElement('rss'); $rss->setAttribute('version', '2.0'); $channel = new XMLElement('channel'); $channel->addChild(new XMLElement('title', $Admin->getConfigVar('sitename', 'general'))); $channel->addChild(new XMLElement('link', URL)); $channel->addChild(new XMLElement('description', $Admin->getConfigVar('sitename', 'general') . ' Status Feed')); $channel->addChild(new XMLElement('language', 'en-us')); $channel->addChild(new XMLElement('generator', 'Symphony ' . $Admin->getConfigVar('build', 'symphony'))); function flattenFragment($f, $type) { $f = $f[$type]; $flattened = array(); $flattened['attributes'] = $f['attributes']; $flattened['data'] = array(); unset($f['attributes']);
require_once LIBRARY . "/core/class.general.php"; require_once LIBRARY . "/core/class.lang.php"; require_once LIBRARY . "/core/class.utilities.php"; ##To prevent users that are logged in from getting maintenance pages, ensure the URL matches ##the one speficied in the config file. $url_bits = parse_url(URL); if ($_SERVER['HTTP_HOST'] != $url_bits['host'] && $_SERVER['HTTP_HOST'] != $url_bits['host'] . ':' . $url_bits['port']) { ##Clean up the query string $query = str_replace("page=" . $_REQUEST['page'], "", $_SERVER['QUERY_STRING']); $query = ltrim($query, "&"); ##Reconstruct the correct URL and redirect them there $destination = URL . "/" . $_REQUEST['page'] . "/" . ($query != "" ? "?{$query}" : ""); $destination = rtrim($destination, "/") . "/"; ##Lets the browser know its a 301 page header("HTTP/1.1 301 Moved Permanently"); General::redirect($destination); exit; } ## require_once LIBRARY . "/core/class.xsltprocess.php"; require_once LIBRARY . "/core/class.symphonylog.php"; require_once LIBRARY . "/core/class.mysql.php"; require_once LIBRARY . "/core/class.symdate.php"; require_once LIBRARY . "/core/class.configuration.php"; require_once LIBRARY . "/core/class.xmlelement.php"; require_once LIBRARY . "/core/class.gateway.php"; require_once TOOLKIT . "/class.xmlrepair.php"; require_once LIBRARY . "/core/class.manager.php"; require_once LIBRARY . "/core/class.eventmanager.php"; require_once LIBRARY . "/core/class.datasourcemanager.php"; require_once LIBRARY . "/core/class.textformattermanager.php";
<?php /*** * * Symphony web publishing system * * Copyright 2004–2006 Twenty One Degrees Pty. Ltd. * * @version 1.7 * @licence https://github.com/symphonycms/symphony-1.7/blob/master/LICENCE * ***/ if (!@is_file(WORKSPACE . $_REQUEST['file'])) { General::redirect(URL . "/symphony/?page=/blueprint/assets/new/"); } $Admin->addScriptToHead('assets/editor.js'); $type = General::getExtension($_REQUEST['file']); $GLOBALS['pageTitle'] = 'Assets > ' . basename($_REQUEST['file']); $fields = General::getFileMeta(WORKSPACE . $_REQUEST['file']); $fields["name"] = basename($_REQUEST['file']); $ignore = array("events", "data-sources", "text-formatters", "pages", "masters", "utilities"); $fields["location"] = "/workspace" . dirname($_REQUEST['file']) . "/"; $fields["type"] = $type; $fields["body"] = @file_get_contents(WORKSPACE . $_REQUEST['file']); if (defined("__SYM_ENTRY_MISSINGFIELDS__")) { $Admin->pageAlert("required", array(@implode(", ", $required)), false, 'error'); } $date = $Admin->getDateObj(); if (isset($_GET['_f'])) { switch ($_GET['_f']) { case "saved":
* * Copyright 2004–2006 Twenty One Degrees Pty. Ltd. * * @version 1.7 * @licence https://github.com/symphonycms/symphony-1.7/blob/master/LICENCE * ***/ $checked = @array_keys($_POST['items']); switch ($_POST["with-selected"]) { case 'delete': $sql = "SELECT `primary_field` FROM `tbl_sections`"; $primary_fields = $DB->fetchCol('primary_field', $sql); $fieldsList = array_map('intval', $checked); $fieldsList = array_diff($fieldsList, $primary_fields); if (is_array($fieldsList) && !empty($fieldsList)) { ### # Delegate: Delete # Description: Prior to deleting a custom field. # Array of fields is provided. This can be manipulated $CampfireManager->notifyMembers('Delete', CURRENTPAGE, array('customfields' => &$fieldsList)); include_once TOOLKIT . "/class.customfieldmanager.php"; $CustomFieldManager = new CustomFieldManager($Admin); foreach ($fieldsList as $id) { $CustomFieldManager->delete($id); } $Admin->rebuildWorkspaceConfig(); $Admin->flush_cache(array("entries", "customfields")); General::redirect($Admin->getCurrentPageURL() . "&_f=complete"); } break; }
* * Copyright 2004–2006 Twenty One Degrees Pty. Ltd. * * @version 1.7 * @licence https://github.com/symphonycms/symphony-1.7/blob/master/LICENCE * ***/ print '<?xml version="1.0" encoding="utf-8"?>'; $date = new SymDate($Admin->getConfigVar("time_zone", "region"), $Admin->getConfigVar("date_format", "region")); $GLOBALS['pageTitle'] = "Activity Logs"; $date = new SymDate($Admin->getConfigVar("time_zone", "region"), $Admin->getConfigVar("date_format", "region")); $log = array(); if (@is_file(LOGS . "/" . $_REQUEST["_l"] . ".log")) { $log = General::str2array(@file_get_contents(LOGS . "/" . $_REQUEST["_l"] . ".log"), false); } else { General::redirect("?page=/settings/logs/"); } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"> <head> <title>Symphony – <?php print $GLOBALS['pageTitle']; ?> </title> <link rel="stylesheet" type="text/css" media="screen" href="assets/debug.css" /> <script type="text/javascript" src="assets/main.js"></script> </head>
} } if (is_array($errors)) { define("__SYM_MISSINGFIELDS__", true); } else { $settings['region']['dst'] = $settings['region']['dst'] ? 'yes' : 'no'; $settings['symphony']['allow_workspace_synchronisation'] = $settings['symphony']['allow_workspace_synchronisation'] ? '1' : '0'; if ($settings['region']['dst'] != $Admin->getConfigVar('dst', 'region') || $settings['region']['time_zone'] != $Admin->getConfigVar('time_zone', 'region')) { $repairEntries = true; } foreach ($settings as $set => $values) { foreach ($values as $key => $val) { $Admin->setConfigVar($key, $val, $set); } } if ($repairEntries) { require_once TOOLKIT . '/class.entrymanager.php'; $em = new EntryManager($Admin); $em->repairEntryLocalPublishDates(); } $Admin->saveConfig(); if (!$errors) { $Admin->flush_cache("ALL"); ### # Delegate: Save # Description: Saving of system preferences. $CampfireManager->notifyMembers('Save', CURRENTPAGE); General::redirect($Admin->getCurrentPageURL() . "&_f=saved"); } } }
} $change_handle = $Admin->getConfigVar("allow_primary_field_handles_to_change", "symphony"); $change_handle = intval($change_handle); $change_handle = $change_handle == 1 ? true : false; $retval = $entryManager->edit($entry_id, $data['custom'], $newPublishTimestamp, 'real', $change_handle); if (!$retval) { define("__SYM_DB_INSERT_FAILED__", true); } else { $Admin->flush_cache(array("entries", "authors")); ### # Delegate: Edit # Description: Editing an entry. Section and Entry ID are provided. $CampfireManager->notifyMembers('Edit', CURRENTPAGE, array('section_id' => $section_id, 'entry_id' => $entry_id)); if (@array_key_exists("save", $_POST['action'])) { General::redirect($Admin->getCurrentPageURL() . "&_sid={$section_id}&id={$entry_id}&_f=saved"); } General::redirect(URL . "/symphony/?page=/publish/section/&_sid={$section_id}"); } } } if (@array_key_exists("delete", $_POST['action'])) { ### # Delegate: Delete # Description: Prior to deleting an entry. Both Section and Entry ID are provided. $CampfireManager->notifyMembers('Delete', CURRENTPAGE, array('section_id' => $_REQUEST['_sid'], 'entry_id' => $_REQUEST['id'])); include_once TOOLKIT . "/class.entrymanager.php"; $entryManager = new EntryManager($Admin); $entryManager->delete($_REQUEST['id']); $Admin->flush_cache(array("entries", "authors", "comments")); General::redirect(URL . "/symphony/?page=/publish/section/&_f=complete&_sid=" . $_REQUEST['_sid']); }
$date = $Admin->getDateObj(); if ($entry_id) { if ($fields = $entryManager->fetchEntriesByID($entry_id, false, true)) { $can_edit = true; $GLOBALS['pageTitle'] = $section['name'] . ' > ' . strip_tags($fields['fields'][$fields['primary_field']]['value']); foreach ($fields['fields'] as $key => $f) { $fields['custom'][$key] = $f['value_raw']; } if ($fields['type'] != "") { $fields['custom'][$fields['primary_field']] = "[" . $fields['type'] . "] " . $fields['custom'][$fields['primary_field']]; } } else { General::redirect(URL . "/symphony/?page=/publish/section/new/&_sid=" . $section_id); } } else { General::redirect(URL . "/symphony/?page=/publish/section/new/&_sid=" . $section_id); } if (isset($_GET['_f'])) { switch ($_GET['_f']) { case "saved": $Admin->pageAlert("saved-time", array("Entry", date("h:i:sa", $date->get(true, false)))); break; } } if (defined("__SYM_ENTRY_MISSINGFIELDS__")) { $Admin->pageAlert("required", array(@implode(", ", $entryManager->fetchEntryRequiredFields($section_id, true))), false, 'error'); } elseif (defined("__SYM_ENTRY_VALIDATION_ERROR__")) { $Admin->pageAlert("validation", __SYM_ENTRY_VALIDATION_ERROR__, false, 'error'); } elseif (defined("__SYM_ENTRY_FIELD_XSLT_ERROR__")) { $Admin->pageAlert("xslt-validation", __SYM_ENTRY_FIELD_XSLT_ERROR__, false, 'error'); } else {
##Write the file if (!($write = General::writeFile(WORKSPACE . "/pages/" . $fields['handle'] . ".xsl", $fields['body'], $Admin->getConfigVar("write_mode", "file")))) { $Admin->pageAlert("write-failed", array("Page"), false, 'error'); } else { ##No longer need the body text unset($fields['body']); ##Insert the new data if (!$DB->insert($fields, "tbl_pages")) { define("__SYM_DB_INSERT_FAILED__", true); } else { $page_id = $DB->getInsertID(); ##Ensure our metadata for the page is set $Admin->updateMetadata("page", $page_id); $Admin->flush_cache(array("pages")); $Admin->rebuildWorkspaceConfig(); ### # Delegate: Create # Description: After saving the Page. The Page's database ID is provided. $CampfireManager->notifyMembers('Create', CURRENTPAGE, array('page_id' => $page_id)); if (@array_key_exists("output", $_POST['action'])) { General::redirect(URL . "/symphony/?page=/blueprint/pages/view/&type=page&handle=" . $fields['handle']); } if (@array_key_exists("save", $_POST['action'])) { General::redirect(URL . "/symphony/?page=/blueprint/pages/edit/&id={$page_id}&_f=saved"); } General::redirect(URL . "/symphony/?page=/blueprint/pages/&id={$page_id}&_f=saved"); } } } } }
foreach ($datasources as $d) { $DB->query("INSERT INTO tbl_utilities2datasources VALUES ('', '{$id}', '{$d}')"); } } else { $DB->query("INSERT INTO tbl_utilities2datasources VALUES ('', '{$id}', NULL)"); } ## Events $DB->query("DELETE FROM `tbl_utilities2events` WHERE `utility_id` = '{$id}'"); if (is_array($events) && !empty($events)) { foreach ($events as $e) { $DB->query("INSERT INTO tbl_utilities2events VALUES ('', '{$id}', '{$e}')"); } } else { $DB->query("INSERT INTO tbl_utilities2events VALUES ('', '{$id}', NULL)"); } ##Ensure our metadata for the page is set $Admin->updateMetadata("utility", $id); $Admin->rebuildWorkspaceConfig(); ### # Delegate: Create # Description: After saving the Utility. The Utility's database ID is provided. $CampfireManager->notifyMembers('Create', CURRENTPAGE, array('utility_id' => $id)); if (@array_key_exists("save", $_POST['action'])) { General::redirect(URL . "/symphony/?page=/blueprint/utilities/edit/&id={$id}&_f=saved"); } General::redirect(URL . "/symphony/?page=/blueprint/components/"); } } } } }
} else { $var['DEFINES LIST'] = $defines_list; } foreach ($var as $key => $val) { if (trim($val) == '') { $val = 'NULL'; } $fields['body'] = str_replace("<!-- {$key} -->", $val, $fields['body']); } $file = DATASOURCES . "/data." . $handle . ".php"; ##Duplicate if (@is_file($file)) { $Admin->pageAlert("duplicate", array("An Data Source", "name"), false, 'error'); ##Write the file } elseif (!is_writable(dirname($file)) || !($write = General::writeFile($file, $fields['body'], $Admin->getConfigVar("write_mode", "file")))) { $Admin->pageAlert("write-failed", array("Data Source"), false, 'error'); } else { ##Clean out the cache $Admin->flush_cache("ALL"); ### # Delegate: Create # Description: After saving the datasource, the file path is provided and an array # of variables set by the editor $CampfireManager->notifyMembers('Create', CURRENTPAGE, array('file' => $file, 'defines' => $defines, 'var' => $var)); if (@array_key_exists("save", $_POST['action'])) { General::redirect(URL . "/symphony/?page=/blueprint/datasources/edit/&file={$handle}&_f=saved"); } General::redirect(URL . "/symphony/?page=/blueprint/controllers/"); } } }
$actionParts = array_keys($_POST['action']); $action = end($actionParts); ##Login Attempted if ($action == "login") { if (empty($_POST['username']) || empty($_POST['password']) || !$Admin->login($_POST['username'], $_POST['password'])) { ### # Delegate: LoginFailure # Description: Failed login attempt. Username is provided. $CampfireManager->notifyMembers('LoginFailure', CURRENTPAGE, array('username' => $_POST['username'])); General::redirect(URL . "/symphony/?page=/login/&_f=error"); } ### # Delegate: LoginSuccess # Description: Successful login attempt. Username is provided. $CampfireManager->notifyMembers('LoginSuccess', CURRENTPAGE, array('username' => $_POST['username'])); General::redirect(URL . "/symphony/?page=" . str_replace('&', '&', $Admin->_nav[0]['children'][0]['link'])); ##Reset of password requested } elseif ($action == "reset") { $author = $DB->fetchRow(0, "SELECT `id`, `email`, `firstname` FROM `tbl_authors` WHERE `email` = '" . $_POST['email'] . "'"); if (!empty($author)) { if (!($token = $DB->fetchVar("token", 0, "SELECT `token` FROM `tbl_forgotpass` WHERE `author_id` = " . $author['id']))) { $token = substr(md5(time()), 0, 8); $DB->insert(array("author_id" => $author['id'], "token" => $token), "tbl_forgotpass"); } General::sendEmail($author['email'], "*****@*****.**", "Symphony Concierge", "New Symphony Account Password", "Hi " . $author['firstname'] . ",\nA new password has been requested " . "for your account. To change your password please click on the following " . "link: \n\n\t" . URL . "/symphony/?page=/login/&action=resetpass&_t=" . $token . "\n\n" . "If you did not ask for a new password, please disregard this email.\n\nBest " . "Regards,\nThe Symphony Team"); ### # Delegate: PasswordResetSuccess # Description: A successful password reset has taken place. Author ID is provided $CampfireManager->notifyMembers('PasswordResetSuccess', CURRENTPAGE, array('author_id' => $author['id'])); $_f = "newpass"; $error = "You have been sent an email with instructions.";
$password_changed = false; if (trim($fields['password']) != "" && trim($fields['new_password']) != "") { $author->set('password', md5($fields['new_password'])); $password_changed = true; } if ($author->commit()) { if ($_REQUEST['id'] == $Admin->getAuthorID()) { $args = unserialize($_COOKIE[__SYM_COOKIE__]); $Admin->login($args['username'], !$password_changed ? $args['password'] : md5($fields['new_password']), true, true); } ### # Delegate: Edit # Description: After editing an author. ID of the author is provided. $CampfireManager->notifyMembers('Edit', CURRENTPAGE, array("author_id" => $_REQUEST['id'])); if (@array_key_exists("save", $_POST['action'])) { General::redirect(URL . "/symphony/?page=/settings/authors/edit/&id=" . $_REQUEST['id'] . "&_f=saved"); } General::redirect(URL . "/symphony/?page=/settings/authors/&_f=saved"); } } } } if (@array_key_exists("delete", $_POST['action'])) { ### # Delegate: Delete # Description: Prior to deleting an author. ID is provided. $CampfireManager->notifyMembers('Delete', CURRENTPAGE, array("author_id" => $author_id)); $authorManager->delete($author_id); $Admin->flush_cache(array("entries", "authors", "comments")); General::redirect(URL . "/symphony/?page=/settings/authors/&_f=complete"); }
function getContent($page = NULL, $isAction = false, $silent = false) { $this->_currentPage = URL . "/symphony/?page=" . $page; $dir = "content"; if ($isAction) { $dir = "actions"; } if ($this->authorIsLoggedIn()) { if (trim($page, "/") == "") { General::redirect(URL . "/symphony/?page=" . str_replace('&', '&', $this->_nav[0]['children'][0]['link'])); } if (stristr($page, "campfire/service") !== false) { $parts = explode("/", trim($page, "/")); $parts = array_slice($parts, 2); $owner = array_shift($parts); $service = array_shift($parts); if (empty($parts)) { $parts = array("index"); } $path = CAMPFIRE . "/{$owner}/{$service}/interface/" . ($isAction ? "action" : "content") . "." . implode("_", $parts) . ".php"; } else { $page_real = trim($page, '/'); $page_real = "sym_" . str_replace("/", "_", $page_real); $user_access_level = "author"; if ($this->authorIsOwner()) { $user_access_level = "owner"; } elseif ($this->authorIsSuper()) { $user_access_level = "super"; } $page_limit = "author"; foreach ($this->_nav as $item) { if (General::in_array_multi($page, $item['children'])) { if (isset($item['limit'])) { $page_limit = $item['limit']; } elseif (is_array($item['children'])) { foreach ($item['children'] as $c) { if ($c['link'] == $page && isset($c['limit'])) { $page_limit = $c['limit']; } } } } elseif ($page == $item['link'] && isset($item['limit'])) { $page_limit = $item['limit']; } } $can_access = false; if ($page_limit == "author") { $can_access = true; } elseif ($page_limit == "super" && ($user_access_level == "super" || $user_access_level == "owner")) { $can_access = true; } elseif ($page_limit == "owner" && $user_access_level == "owner") { $can_access = true; } if (!$can_access) { if (!$silent) { $this->fatalError("Access Denied", "<p>Access denied. You are not authorised to access this page.</p>", true, true); } return false; } $path = CORE . "/" . $dir . "/" . $page_real . ".php"; } if (@is_file($path)) { return $path; } if (!$silent) { $this->fatalError("Page Not Found", "<p>The page you were looking for could not be found.</p>", true, true); } return false; } else { return CORE . "/" . $dir . "/sym_login.php"; } }
} } $Admin->setConfigVar("ip-blacklist", @implode(', ', $new_blacklist), "commenting"); $Admin->saveConfig(); $Admin->flush_cache(array("comments", "entries", "authors")); } } $DB->query("UPDATE `tbl_metadata` SET `creator_ip` = '" . $fields['author_ip'] . "'\n\t\t\t\t\t\tWHERE `class` = 'comment' AND `relation_id` = '" . $_REQUEST['id'] . "' LIMIT 1"); unset($fields['author_ip']); unset($fields['blacklist']); if ($DB->update($fields, "tbl_comments", "WHERE `id` = '" . $_REQUEST['id'] . "'")) { $Admin->updateMetadata("comment", $_REQUEST['id'], false); $Admin->flush_cache(array("comments", "entries", "authors")); ### # Delegate: Edit # Description: Saving of a comment. Comment ID is provided $CampfireManager->notifyMembers('Edit', CURRENTPAGE, array('comment_id' => $_REQUEST['id'])); General::redirect(URL . "/symphony/?page=/publish/comments/&_f=saved&id=" . $_REQUEST["id"]); } } } elseif (array_key_exists("delete", $_POST['action'])) { $comment_id = $_REQUEST['id']; ### # Delegate: Delete # Description: Prior to deletion of a comment. Comment ID is provided, this can be manipulated $CampfireManager->notifyMembers('Delete', CURRENTPAGE, array('comment_id' => &$comment_id)); $DB->delete("tbl_comments", "WHERE `id` = '{$comment_id}' LIMIT 1"); $DB->delete("tbl_metadata", "WHERE `relation_id` = '{$comment_id}' AND `class` = 'comment' LIMIT 1"); $Admin->flush_cache(array("comments", "entries", "authors")); General::redirect(URL . "/symphony/?page=/publish/comments/&_f=complete"); }