public function checkSSL()
{
if ($this->requireSSL == 1) {
global $c;
$cp = new Permissions($c);
if (isset($cp)) {
if (!$cp->canWrite() && !$cp->canAddSubContent() && !$cp->canAdminPage() && !$cp->canApproveCollection()) {
if ($_SERVER['HTTPS'] != "on") {
$redirect = "https://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
header("Location:{$redirect}");
}
}
}
}
}
$successMessage = '"' . $oc->getCollectionName() . '" '.t('and all its children were successfully copied beneath').' "' . $dc->getCollectionName() . '"';
}
} else {
$nc2 = $oc->duplicate($dc);
if (is_object($nc2)) {
$successMessage = '"' . $oc->getCollectionName() . '" '.t('was successfully copied beneath').' "' . $dc->getCollectionName() . '"';
}
}
if (!is_object($nc2)) {
$error = t("An error occurred while attempting the copy operation.");
} else {
$newCID = $nc2->getCollectionID();
}
break;
case "MOVE":
if ($dcp->canApproveCollection() && $ocp->canApproveCollection()) {
$_SESSION['movePageSaveOldPagePath'] = $_REQUEST['saveOldPagePath'];
if ($_REQUEST['saveOldPagePath']) {
$nc2 = $oc->move($dc, true);
} else {
$nc2 = $oc->move($dc);
}
$successMessage = '"' . $oc->getCollectionName() . '" '.t('was moved beneath').' "' . $dc->getCollectionName() . '"';
} else {
$oc->markPendingAction('MOVE', $dc);
$successMessage = t("Your request to move \"%s\" beneath \"%s\" has been stored. Someone with approval rights will have to activate the change.", $oc->getCollectionName() , $dc->getCollectionName() );
}
$newCID = $oc->getCollectionID();
break;
}
} else {
$token = '&' . $valt->getParameter();
if (isset($cp)) {
$u = new User();
$username = $u->getUserName();
$vo = $c->getVersionObject();
$statusMessage = '';
if ($c->isCheckedOut()) {
if (!$c->isCheckedOutByMe()) {
$cantCheckOut = true;
$statusMessage .= t("%s is currently editing this page.", $c->getCollectionCheckedOutUserName());
}
}
if ($c->getCollectionPointerID() > 0) {
$statusMessage .= t("This page is an alias of one that actually appears elsewhere. ");
$statusMessage .= "<br/><a href='" . DIR_REL . "/" . DISPATCHER_FILENAME . "?cID=" . $c->getCollectionID() . "'>" . t('View/Edit Original') . "</a>";
if ($cp->canApproveCollection()) {
$statusMessage .= " | ";
$statusMessage .= "<a href='" . DIR_REL . "/" . DISPATCHER_FILENAME . "?cID=" . $c->getCollectionPointerOriginalID() . "&ctask=remove-alias" . $token . "'>" . t('Remove Alias') . "</a>";
}
} else {
if (is_object($vo)) {
if (!$vo->isApproved() && !$c->isEditMode()) {
$statusMessage .= t("This page is pending approval.");
if ($cp->canApproveCollection() && !$c->isCheckedOut()) {
$statusMessage .= "<br/><a href='" . DIR_REL . "/" . DISPATCHER_FILENAME . "?cID=" . $c->getCollectionID() . "&ctask=approve-recent" . $token . "'>" . t('Approve Version') . "</a>";
}
}
}
$pendingAction = $c->getPendingAction();
if ($pendingAction == 'MOVE') {
$statusMessage .= $statusMessage ? " | " : "";
/**
* render takes one argument - the item being rendered - and it can either be a path or a page object
* @access public
* @param string $view
* @param array $args
* @return void
*/
public function render($view, $args = null) {
try {
if (is_array($args)) {
extract($args);
}
// strip off a slash if there is one at the end
if (is_string($view)) {
if (substr($view, strlen($view) - 1) == '/') {
$view = substr($view, 0, strlen($view) - 1);
}
}
$wrapTemplateInTheme = false;
Events::fire('on_start', $this);
// Extract controller information from the view, and put it in the current context
if (!isset($this->controller)) {
$this->controller = Loader::controller($view);
$this->controller->setupAndRun();
}
if ($this->controller->getRenderOverride() != '') {
$view = $this->controller->getRenderOverride();
}
// Determine which inner item to load, load it, and stick it in $innerContent
$content = false;
ob_start();
if ($view instanceof Page) {
$viewPath = $view->getCollectionPath();
$this->viewPath = $viewPath;
$cFilename = $view->getCollectionFilename();
$ctHandle = $view->getCollectionTypeHandle();
$editMode = $view->isEditMode();
$c = $view;
$this->c = $c;
// $view is a page. It can either be a SinglePage or just a Page, but we're not sure at this point, unfortunately
if ($view->getCollectionTypeID() == 0 && $cFilename) {
$wrapTemplateInTheme = true;
if (file_exists(DIR_FILES_CONTENT. "{$cFilename}")) {
$content = DIR_FILES_CONTENT. "{$cFilename}";
} else if ($view->getPackageID() > 0) {
$file1 = DIR_PACKAGES . '/' . $view->getPackageHandle() . '/'. DIRNAME_PAGES . $cFilename;
$file2 = DIR_PACKAGES_CORE . '/' . $view->getPackageHandle() . '/'. DIRNAME_PAGES . $cFilename;
if (file_exists($file1)) {
$content = $file1;
} else if (file_exists($file2)) {
$content = $file2;
}
} else if (file_exists(DIR_FILES_CONTENT_REQUIRED . "{$cFilename}")) {
$content = DIR_FILES_CONTENT_REQUIRED. "{$cFilename}";
}
$themeFilename = $c->getCollectionHandle() . '.php';
} else {
if (file_exists(DIR_BASE . '/' . DIRNAME_PAGE_TYPES . '/' . $ctHandle . '.php')) {
$content = DIR_BASE . '/' . DIRNAME_PAGE_TYPES . '/' . $ctHandle . '.php';
$wrapTemplateInTheme = true;
} else if (file_exists(DIR_BASE_CORE. '/' . DIRNAME_PAGE_TYPES . '/' . $ctHandle . '.php')) {
$content = DIR_BASE_CORE . '/' . DIRNAME_PAGE_TYPES . '/' . $ctHandle . '.php';
$wrapTemplateInTheme = true;
} else if ($view->getPackageID() > 0) {
$file1 = DIR_PACKAGES . '/' . $view->getPackageHandle() . '/'. DIRNAME_PAGE_TYPES . '/' . $ctHandle . '.php';
$file2 = DIR_PACKAGES_CORE . '/' . $view->getPackageHandle() . '/'. DIRNAME_PAGE_TYPES . '/' . $ctHandle . '.php';
if (file_exists($file1)) {
$content = $file1;
$wrapTemplateInTheme = true;
} else if (file_exists($file2)) {
$content = $file2;
$wrapTemplateInTheme = true;
}
}
$themeFilename = $ctHandle . '.php';
}
} else if (is_string($view)) {
// if we're passing a view but our render override is not null, that means that we're passing
// a new view from within a controller. If that's the case, then we DON'T override the viewPath, we want to keep it
// In order to enable editable 404 pages, other editable pages that we render without actually visiting
if (defined('DB_DATABASE') && $view == '/page_not_found') {
$pp = Page::getByPath($view);
if (!$pp->isError()) {
$this->c = $pp;
}
}
$viewPath = $view;
if ($this->controller->getRenderOverride() != '' && $this->getCollectionObject() != null) {
// we are INSIDE a collection renderring a view. Which means we want to keep the viewPath that of the collection
$this->viewPath = $this->getCollectionObject()->getCollectionPath();
}
// we're just passing something like "/login" or whatever. This will typically just be
// internal Concrete stuff, but we also prepare for potentially having something in DIR_FILES_CONTENT (ie: the webroot)
if (file_exists(DIR_FILES_CONTENT . "/{$view}/" . FILENAME_COLLECTION_VIEW)) {
$content = DIR_FILES_CONTENT . "/{$view}/" . FILENAME_COLLECTION_VIEW;
} else if (file_exists(DIR_FILES_CONTENT . "/{$view}.php")) {
$content = DIR_FILES_CONTENT . "/{$view}.php";
} else if (file_exists(DIR_FILES_CONTENT_REQUIRED . "/{$view}/" . FILENAME_COLLECTION_VIEW)) {
$content = DIR_FILES_CONTENT_REQUIRED . "/{$view}/" . FILENAME_COLLECTION_VIEW;
} else if (file_exists(DIR_FILES_CONTENT_REQUIRED . "/{$view}.php")) {
$content = DIR_FILES_CONTENT_REQUIRED . "/{$view}.php";
} else if ($this->getCollectionObject() != null && $this->getCollectionObject()->isGeneratedCollection() && $this->getCollectionObject()->getPackageID() > 0) {
//This is a single_page associated with a package, so check the package views as well
$pagePkgPath = Package::getByID($this->getCollectionObject()->getPackageID())->getPackagePath();
if (file_exists($pagePkgPath . "/single_pages/{$view}/" . FILENAME_COLLECTION_VIEW)) {
$content = $pagePkgPath . "/single_pages/{$view}/" . FILENAME_COLLECTION_VIEW;
} else if (file_exists($pagePkgPath . "/single_pages/{$view}.php")) {
$content = $pagePkgPath . "/single_pages/{$view}.php";
}
}
$wrapTemplateInTheme = true;
$themeFilename = $view . '.php';
}
if (is_object($this->c)) {
$c = $this->c;
if (defined('DB_DATABASE') && $view == '/page_not_found') {
$view = $c;
$req = Request::get();
$req->setCurrentPage($c);
}
}
// Determine which outer item/theme to load
// obtain theme information for this collection
if (isset($this->themeOverride)) {
$theme = $this->themeOverride;
} else if ($this->controller->theme != false) {
$theme = $this->controller->theme;
} else if (($tmpTheme = $this->getThemeFromPath($viewPath)) != false) {
$theme = $tmpTheme;
} else if (is_object($this->c) && ($tmpTheme = $this->c->getCollectionThemeObject()) != false) {
$theme = $tmpTheme;
} else {
$theme = FILENAME_COLLECTION_DEFAULT_THEME;
}
$this->setThemeForView($theme, $themeFilename, $wrapTemplateInTheme);
// Now, if we're on an actual page, we retrieve all the blocks on the page
// and store their view states in the local cache (for the page). That way
// we can add header items and have them show up in the header BEFORE
// the block itself is actually loaded
if ($view instanceof Page) {
$_pageBlocks = $view->getBlocks();
$_pageBlocksGlobal = $view->getGlobalBlocks();
$_pageBlocks = array_merge($_pageBlocks, $_pageBlocksGlobal);
if ($view->supportsPageCache($_pageBlocks, $this->controller)) {
$pageContent = $view->getFromPageCache();
if ($pageContent != false) {
Events::fire('on_before_render', $this);
if (defined('APP_CHARSET')) {
header("Content-Type: text/html; charset=" . APP_CHARSET);
}
print($pageContent);
Events::fire('on_render_complete', $this);
if (ob_get_level() == OB_INITIAL_LEVEL) {
require(DIR_BASE_CORE . '/startup/shutdown.php');
exit;
}
return;
}
}
foreach($_pageBlocks as $b1) {
$btc = $b1->getInstance();
// now we inject any custom template CSS and JavaScript into the header
if('Controller' != get_class($btc)){
$btc->outputAutoHeaderItems();
}
$btc->runTask('on_page_view', array($view));
}
// do we have any custom menu plugins?
$cp = new Permissions($view);
if ($cp->canWrite() || $cp->canAddSubContent() || $cp->canAdminPage() || $cp->canApproveCollection()) {
$ih = Loader::helper('concrete/interface/menu');
$_interfaceItems = $ih->getPageHeaderMenuItems();
foreach($_interfaceItems as $_im) {
$_controller = $_im->getController();
$_controller->outputAutoHeaderItems();
}
unset($_interfaceItems);
unset($_im);
unset($_controller);
}
unset($_interfaceItems);
unset($_im);
unset($_controller);
// now, we output all the custom style records for the design tab in blocks/areas on the page
$c = $this->getCollectionObject();
$view->outputCustomStyleHeaderItems();
}
// finally, we include the theme (which was set by setTheme and will automatically include innerContent)
// disconnect from our db and exit
$this->controller->on_before_render();
extract($this->controller->getSets());
extract($this->controller->getHelperObjects());
if ($content != false) {
include($content);
}
$innerContent = ob_get_contents();
if (ob_get_level() > OB_INITIAL_LEVEL) {
ob_end_clean();
}
Events::fire('on_before_render', $this);
if (defined('APP_CHARSET')) {
header("Content-Type: text/html; charset=" . APP_CHARSET);
}
if (file_exists($this->theme)) {
ob_start();
include($this->theme);
$pageContent = ob_get_contents();
ob_end_clean();
$ret = Events::fire('on_page_output', $pageContent);
if($ret != '') {
print $ret;
} else {
print $pageContent;
}
if ($view instanceof Page) {
if ($view->supportsPageCache($_pageBlocks, $this->controller)) {
$view->addToPageCache($pageContent);
}
}
} else {
throw new Exception(t('File %s not found. All themes need default.php and view.php files in them. Consult concrete5 documentation on how to create these files.', $this->theme));
}
Events::fire('on_render_complete', $this);
if (ob_get_level() == OB_INITIAL_LEVEL) {
require(DIR_BASE_CORE . '/startup/shutdown.php');
exit;
}
} catch(ADODB_Exception $e) {
// if it's a database exception we go here.
if (Config::get('SITE_DEBUG_LEVEL') == DEBUG_DISPLAY_ERRORS) {
$this->renderError(t('An unexpected error occurred.'), $e->getMessage(), $e);
} else {
$this->renderError(t('An unexpected error occurred.'), t('A database error occurred while processing this request.'), $e);
}
// log if setup to do so
if (ENABLE_LOG_ERRORS) {
$l = new Log(LOG_TYPE_EXCEPTIONS, true, true);
$l->write(t('Exception Occurred: ') . $e->getMessage());
$l->write($e->getTraceAsString());
$l->close();
}
} catch (Exception $e) {
$this->renderError(t('An unexpected error occurred.'), $e->getMessage(), $e);
// log if setup to do so
if (ENABLE_LOG_ERRORS) {
$l = new Log(LOG_TYPE_EXCEPTIONS, true, true);
$l->write(t('Exception Occurred: ') . $e->getMessage());
$l->write($e->getTraceAsString());
$l->close();
}
}
}
<?php
defined('C5_EXECUTE') or die("Access Denied.");
$valt = Loader::helper('validation/token');
$fh = Loader::helper('file');
$token = '&' . $valt->getParameter();
$c = Page::getByID($_REQUEST['cID']);
$cID = $c->getCollectionID();
$cp = new Permissions($c);
$isCheckedOut = $c->isCheckedOut() && !$c->isEditMode();
if (!$cp->canReadVersions() && !$cp->canApproveCollection()) {
die(_("Access Denied."));
}
if ($_GET['vtask'] == 'view_version') {
?>
<?php
/*
we use the always-updated ID below so that Safari doesn't cache the iframe's contents. We probably shouldn't be
making a new iframe on every request to this anyway, but it doesn't happen very often and it represents a significant
hurdle to making it a bit of a better citizen, so we'll do it this way for now.
*/
?>
<iframe border="0" id="v<?php
echo time();
?>
" frameborder="0" height="100%" width="100%" src="<?php
echo BASE_URL . DIR_REL;
?>
/<?php
echo DISPATCHER_FILENAME;
<?php
defined('C5_EXECUTE') or die("Access Denied.");
$c = Page::getByID($_REQUEST['cID']);
$cp = new Permissions($c);
if (!$cp->canWrite()) {
die(_("Access Denied."));
}
$v = CollectionVersion::get($c, "RECENT", true);
if ($cp->canApproveCollection()) {
$approveChecked = "";
if (isset($_SESSION['checkInApprove'])) {
if ($_SESSION['checkInApprove'] == true) {
$approveChecked = " checked";
}
}
}
Loader::element('pane_header', array('c' => $c));
?>
<div class="ccm-pane-controls">
<div id="ccm-edit-collection">
<form method="post" id="ccm-check-in" action="<?php
echo DIR_REL;
?>
/<?php
echo DISPATCHER_FILENAME;
?>
?cID=<?php
echo $c->getCollectionID();
?>
&ctask=check-in">
function approve($doReindexImmediately = true)
{
$db = Loader::db();
$u = new User();
$uID = $u->getUserID();
$cvID = $this->cvID;
$cID = $this->cID;
$c = Page::getByID($cID, $this->cvID);
$ov = Page::getByID($cID, 'ACTIVE');
$oldHandle = $ov->getCollectionHandle();
$newHandle = $this->cvHandle;
// update a collection updated record
$dh = Loader::helper('date');
$db->query('update Collections set cDateModified = ? where cID = ?', array($dh->getLocalDateTime(), $cID));
// first we remove approval for the other version of this collection
$v = array($cID);
$q = "update CollectionVersions set cvIsApproved = 0 where cID = ?";
$r = $db->query($q, $v);
$ov->refreshCache();
// now we approve our version
$v2 = array($uID, $cID, $cvID);
$q2 = "update CollectionVersions set cvIsNew = 0, cvIsApproved = 1, cvApproverUID = ? where cID = ? and cvID = ?";
$r = $db->query($q2, $v2);
// next, we rescan our collection paths for the particular collection, but only if this isn't a generated collection
// I don't know why but this just isn't reliable. It might be a race condition with the cached page objects?
/*
if ((($oldHandle != $newHandle) || $oldHandle == '') && (!$c->isGeneratedCollection())) {
*/
$c->rescanCollectionPath();
//}
// check for related version edits. This only gets applied when we edit global areas.
if ($this->isNew()) {
$r = $db->Execute('select cRelationID, cvRelationID from CollectionVersionRelatedEdits where cID = ? and cvID = ?', array($cID, $cvID));
while ($row = $r->FetchRow()) {
$cn = Page::getByID($row['cRelationID'], $row['cvRelationID']);
$cnp = new Permissions($cn);
if ($cnp->canApproveCollection()) {
$v = $cn->getVersionObject();
if ($v->isNew()) {
$v->approve();
}
}
}
}
Events::fire('on_page_version_approve', $c);
$c->reindex(false, $doReindexImmediately);
$this->refreshCache();
}
<?
defined('C5_EXECUTE') or die("Access Denied.");
$c = Page::getByID($_REQUEST['cID']);
$cp = new Permissions($c);
if (!$cp->canWrite()) {
die(t("Access Denied."));
}
$v = CollectionVersion::get($c, "RECENT", true);
if ($cp->canApproveCollection()) {
$approveChecked = "";
if (isset($_SESSION['checkInApprove'])) {
if ($_SESSION['checkInApprove'] == true) {
$approveChecked = " checked";
}
}
}
Loader::element('pane_header', array('c'=>$c));
?>
<div class="ccm-pane-controls">
<div id="ccm-edit-collection">
<form method="post" id="ccm-check-in" action="<?php
echo DIR_REL;
?>
/<?php
echo DISPATCHER_FILENAME;
?>
?cID=<?php
$u = new User();
$username = $u->getUserName();
$vo = $c->getVersionObject();
$statusMessage = '';
if ($c->isCheckedOut()) {
if (!$c->isCheckedOutByMe()) {
$cantCheckOut = true;
$statusMessage .= t("%s is currently editing this page.", $c->getCollectionCheckedOutUserName());
}
}
if ($c->getCollectionPointerID() > 0) {
$statusMessage .= t("This page is an alias of one that actually appears elsewhere. ");
$statusMessage .= "<br/><a href='" . DIR_REL . "/" . DISPATCHER_FILENAME . "?cID=" . $c->getCollectionID() . "'>" . t('View/Edit Original') . "</a>";
if ($cp->canApproveCollection()) {
$statusMessage .= " | ";
$statusMessage .= "<a href='" . DIR_REL . "/" . DISPATCHER_FILENAME . "?cID=" . $c->getCollectionPointerOriginalID() . "&ctask=remove-alias" . $token . "'>" . t('Remove Alias') . "</a>";
}
} else {
if (is_object($vo)) {
if (!$vo->isApproved() && !$c->isEditMode()) {
$statusMessage .= t("This page is pending approval.");
if ($cp->canApproveCollection() && !$c->isCheckedOut()) {
$statusMessage .= "<br/><a href='" . DIR_REL . "/" . DISPATCHER_FILENAME . "?cID=" . $c->getCollectionID() . "&ctask=approve-recent" . $token . "'>" . t('Approve Version') . "</a>";
}
}
}
$pendingAction = $c->getPendingAction();
$u = new User();
$username = $u->getUserName();
$vo = $c->getVersionObject();
$statusMessage = '';
if ($c->isCheckedOut()) {
if (!$c->isCheckedOutByMe()) {
$cantCheckOut = true;
$statusMessage .= t("%s is currently editing this page.", $c->getCollectionCheckedOutUserName());
}
}
if ($c->getCollectionPointerID() > 0) {
$statusMessage .= t("This page is an alias of one that actually appears elsewhere. ");
$statusMessage .= "<br/><a href='" . DIR_REL . "/" . DISPATCHER_FILENAME . "?cID=" . $c->getCollectionID() . "'>" . t('View/Edit Original') . "</a>";
if ($cp->canApproveCollection()) {
$statusMessage .= " | ";
$statusMessage .= "<a href='" . DIR_REL . "/" . DISPATCHER_FILENAME . "?cID=" . $c->getCollectionPointerOriginalID() . "&ctask=remove-alias" . $token . "'>" . t('Remove Alias') . "</a>";
}
} else {
if (is_object($vo)) {
if (!$vo->isApproved() && !$c->isEditMode()) {
$statusMessage .= t("This page is pending approval.");
if ($cp->canApproveCollection() && !$c->isCheckedOut()) {
$statusMessage .= "<br/><a href='" . DIR_REL . "/" . DISPATCHER_FILENAME . "?cID=" . $c->getCollectionID() . "&ctask=approve-recent" . $token . "'>" . t('Approve Version') . "</a>";
}
}
}
$pendingAction = $c->getPendingAction();
