public function checkSSL() { if ($this->requireSSL == 1) { global $c; $cp = new Permissions($c); if (isset($cp)) { if (!$cp->canWrite() && !$cp->canAddSubContent() && !$cp->canAdminPage() && !$cp->canApproveCollection()) { if ($_SERVER['HTTPS'] != "on") { $redirect = "https://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']; header("Location:{$redirect}"); } } } } }
$successMessage = '"' . $oc->getCollectionName() . '" '.t('and all its children were successfully copied beneath').' "' . $dc->getCollectionName() . '"'; } } else { $nc2 = $oc->duplicate($dc); if (is_object($nc2)) { $successMessage = '"' . $oc->getCollectionName() . '" '.t('was successfully copied beneath').' "' . $dc->getCollectionName() . '"'; } } if (!is_object($nc2)) { $error = t("An error occurred while attempting the copy operation."); } else { $newCID = $nc2->getCollectionID(); } break; case "MOVE": if ($dcp->canApproveCollection() && $ocp->canApproveCollection()) { $_SESSION['movePageSaveOldPagePath'] = $_REQUEST['saveOldPagePath']; if ($_REQUEST['saveOldPagePath']) { $nc2 = $oc->move($dc, true); } else { $nc2 = $oc->move($dc); } $successMessage = '"' . $oc->getCollectionName() . '" '.t('was moved beneath').' "' . $dc->getCollectionName() . '"'; } else { $oc->markPendingAction('MOVE', $dc); $successMessage = t("Your request to move \"%s\" beneath \"%s\" has been stored. Someone with approval rights will have to activate the change.", $oc->getCollectionName() , $dc->getCollectionName() ); } $newCID = $oc->getCollectionID(); break; } } else {
$token = '&' . $valt->getParameter(); if (isset($cp)) { $u = new User(); $username = $u->getUserName(); $vo = $c->getVersionObject(); $statusMessage = ''; if ($c->isCheckedOut()) { if (!$c->isCheckedOutByMe()) { $cantCheckOut = true; $statusMessage .= t("%s is currently editing this page.", $c->getCollectionCheckedOutUserName()); } } if ($c->getCollectionPointerID() > 0) { $statusMessage .= t("This page is an alias of one that actually appears elsewhere. "); $statusMessage .= "<br/><a href='" . DIR_REL . "/" . DISPATCHER_FILENAME . "?cID=" . $c->getCollectionID() . "'>" . t('View/Edit Original') . "</a>"; if ($cp->canApproveCollection()) { $statusMessage .= " | "; $statusMessage .= "<a href='" . DIR_REL . "/" . DISPATCHER_FILENAME . "?cID=" . $c->getCollectionPointerOriginalID() . "&ctask=remove-alias" . $token . "'>" . t('Remove Alias') . "</a>"; } } else { if (is_object($vo)) { if (!$vo->isApproved() && !$c->isEditMode()) { $statusMessage .= t("This page is pending approval."); if ($cp->canApproveCollection() && !$c->isCheckedOut()) { $statusMessage .= "<br/><a href='" . DIR_REL . "/" . DISPATCHER_FILENAME . "?cID=" . $c->getCollectionID() . "&ctask=approve-recent" . $token . "'>" . t('Approve Version') . "</a>"; } } } $pendingAction = $c->getPendingAction(); if ($pendingAction == 'MOVE') { $statusMessage .= $statusMessage ? " | " : "";
/** * render takes one argument - the item being rendered - and it can either be a path or a page object * @access public * @param string $view * @param array $args * @return void */ public function render($view, $args = null) { try { if (is_array($args)) { extract($args); } // strip off a slash if there is one at the end if (is_string($view)) { if (substr($view, strlen($view) - 1) == '/') { $view = substr($view, 0, strlen($view) - 1); } } $wrapTemplateInTheme = false; Events::fire('on_start', $this); // Extract controller information from the view, and put it in the current context if (!isset($this->controller)) { $this->controller = Loader::controller($view); $this->controller->setupAndRun(); } if ($this->controller->getRenderOverride() != '') { $view = $this->controller->getRenderOverride(); } // Determine which inner item to load, load it, and stick it in $innerContent $content = false; ob_start(); if ($view instanceof Page) { $viewPath = $view->getCollectionPath(); $this->viewPath = $viewPath; $cFilename = $view->getCollectionFilename(); $ctHandle = $view->getCollectionTypeHandle(); $editMode = $view->isEditMode(); $c = $view; $this->c = $c; // $view is a page. It can either be a SinglePage or just a Page, but we're not sure at this point, unfortunately if ($view->getCollectionTypeID() == 0 && $cFilename) { $wrapTemplateInTheme = true; if (file_exists(DIR_FILES_CONTENT. "{$cFilename}")) { $content = DIR_FILES_CONTENT. "{$cFilename}"; } else if ($view->getPackageID() > 0) { $file1 = DIR_PACKAGES . '/' . $view->getPackageHandle() . '/'. DIRNAME_PAGES . $cFilename; $file2 = DIR_PACKAGES_CORE . '/' . $view->getPackageHandle() . '/'. DIRNAME_PAGES . $cFilename; if (file_exists($file1)) { $content = $file1; } else if (file_exists($file2)) { $content = $file2; } } else if (file_exists(DIR_FILES_CONTENT_REQUIRED . "{$cFilename}")) { $content = DIR_FILES_CONTENT_REQUIRED. "{$cFilename}"; } $themeFilename = $c->getCollectionHandle() . '.php'; } else { if (file_exists(DIR_BASE . '/' . DIRNAME_PAGE_TYPES . '/' . $ctHandle . '.php')) { $content = DIR_BASE . '/' . DIRNAME_PAGE_TYPES . '/' . $ctHandle . '.php'; $wrapTemplateInTheme = true; } else if (file_exists(DIR_BASE_CORE. '/' . DIRNAME_PAGE_TYPES . '/' . $ctHandle . '.php')) { $content = DIR_BASE_CORE . '/' . DIRNAME_PAGE_TYPES . '/' . $ctHandle . '.php'; $wrapTemplateInTheme = true; } else if ($view->getPackageID() > 0) { $file1 = DIR_PACKAGES . '/' . $view->getPackageHandle() . '/'. DIRNAME_PAGE_TYPES . '/' . $ctHandle . '.php'; $file2 = DIR_PACKAGES_CORE . '/' . $view->getPackageHandle() . '/'. DIRNAME_PAGE_TYPES . '/' . $ctHandle . '.php'; if (file_exists($file1)) { $content = $file1; $wrapTemplateInTheme = true; } else if (file_exists($file2)) { $content = $file2; $wrapTemplateInTheme = true; } } $themeFilename = $ctHandle . '.php'; } } else if (is_string($view)) { // if we're passing a view but our render override is not null, that means that we're passing // a new view from within a controller. If that's the case, then we DON'T override the viewPath, we want to keep it // In order to enable editable 404 pages, other editable pages that we render without actually visiting if (defined('DB_DATABASE') && $view == '/page_not_found') { $pp = Page::getByPath($view); if (!$pp->isError()) { $this->c = $pp; } } $viewPath = $view; if ($this->controller->getRenderOverride() != '' && $this->getCollectionObject() != null) { // we are INSIDE a collection renderring a view. Which means we want to keep the viewPath that of the collection $this->viewPath = $this->getCollectionObject()->getCollectionPath(); } // we're just passing something like "/login" or whatever. This will typically just be // internal Concrete stuff, but we also prepare for potentially having something in DIR_FILES_CONTENT (ie: the webroot) if (file_exists(DIR_FILES_CONTENT . "/{$view}/" . FILENAME_COLLECTION_VIEW)) { $content = DIR_FILES_CONTENT . "/{$view}/" . FILENAME_COLLECTION_VIEW; } else if (file_exists(DIR_FILES_CONTENT . "/{$view}.php")) { $content = DIR_FILES_CONTENT . "/{$view}.php"; } else if (file_exists(DIR_FILES_CONTENT_REQUIRED . "/{$view}/" . FILENAME_COLLECTION_VIEW)) { $content = DIR_FILES_CONTENT_REQUIRED . "/{$view}/" . FILENAME_COLLECTION_VIEW; } else if (file_exists(DIR_FILES_CONTENT_REQUIRED . "/{$view}.php")) { $content = DIR_FILES_CONTENT_REQUIRED . "/{$view}.php"; } else if ($this->getCollectionObject() != null && $this->getCollectionObject()->isGeneratedCollection() && $this->getCollectionObject()->getPackageID() > 0) { //This is a single_page associated with a package, so check the package views as well $pagePkgPath = Package::getByID($this->getCollectionObject()->getPackageID())->getPackagePath(); if (file_exists($pagePkgPath . "/single_pages/{$view}/" . FILENAME_COLLECTION_VIEW)) { $content = $pagePkgPath . "/single_pages/{$view}/" . FILENAME_COLLECTION_VIEW; } else if (file_exists($pagePkgPath . "/single_pages/{$view}.php")) { $content = $pagePkgPath . "/single_pages/{$view}.php"; } } $wrapTemplateInTheme = true; $themeFilename = $view . '.php'; } if (is_object($this->c)) { $c = $this->c; if (defined('DB_DATABASE') && $view == '/page_not_found') { $view = $c; $req = Request::get(); $req->setCurrentPage($c); } } // Determine which outer item/theme to load // obtain theme information for this collection if (isset($this->themeOverride)) { $theme = $this->themeOverride; } else if ($this->controller->theme != false) { $theme = $this->controller->theme; } else if (($tmpTheme = $this->getThemeFromPath($viewPath)) != false) { $theme = $tmpTheme; } else if (is_object($this->c) && ($tmpTheme = $this->c->getCollectionThemeObject()) != false) { $theme = $tmpTheme; } else { $theme = FILENAME_COLLECTION_DEFAULT_THEME; } $this->setThemeForView($theme, $themeFilename, $wrapTemplateInTheme); // Now, if we're on an actual page, we retrieve all the blocks on the page // and store their view states in the local cache (for the page). That way // we can add header items and have them show up in the header BEFORE // the block itself is actually loaded if ($view instanceof Page) { $_pageBlocks = $view->getBlocks(); $_pageBlocksGlobal = $view->getGlobalBlocks(); $_pageBlocks = array_merge($_pageBlocks, $_pageBlocksGlobal); if ($view->supportsPageCache($_pageBlocks, $this->controller)) { $pageContent = $view->getFromPageCache(); if ($pageContent != false) { Events::fire('on_before_render', $this); if (defined('APP_CHARSET')) { header("Content-Type: text/html; charset=" . APP_CHARSET); } print($pageContent); Events::fire('on_render_complete', $this); if (ob_get_level() == OB_INITIAL_LEVEL) { require(DIR_BASE_CORE . '/startup/shutdown.php'); exit; } return; } } foreach($_pageBlocks as $b1) { $btc = $b1->getInstance(); // now we inject any custom template CSS and JavaScript into the header if('Controller' != get_class($btc)){ $btc->outputAutoHeaderItems(); } $btc->runTask('on_page_view', array($view)); } // do we have any custom menu plugins? $cp = new Permissions($view); if ($cp->canWrite() || $cp->canAddSubContent() || $cp->canAdminPage() || $cp->canApproveCollection()) { $ih = Loader::helper('concrete/interface/menu'); $_interfaceItems = $ih->getPageHeaderMenuItems(); foreach($_interfaceItems as $_im) { $_controller = $_im->getController(); $_controller->outputAutoHeaderItems(); } unset($_interfaceItems); unset($_im); unset($_controller); } unset($_interfaceItems); unset($_im); unset($_controller); // now, we output all the custom style records for the design tab in blocks/areas on the page $c = $this->getCollectionObject(); $view->outputCustomStyleHeaderItems(); } // finally, we include the theme (which was set by setTheme and will automatically include innerContent) // disconnect from our db and exit $this->controller->on_before_render(); extract($this->controller->getSets()); extract($this->controller->getHelperObjects()); if ($content != false) { include($content); } $innerContent = ob_get_contents(); if (ob_get_level() > OB_INITIAL_LEVEL) { ob_end_clean(); } Events::fire('on_before_render', $this); if (defined('APP_CHARSET')) { header("Content-Type: text/html; charset=" . APP_CHARSET); } if (file_exists($this->theme)) { ob_start(); include($this->theme); $pageContent = ob_get_contents(); ob_end_clean(); $ret = Events::fire('on_page_output', $pageContent); if($ret != '') { print $ret; } else { print $pageContent; } if ($view instanceof Page) { if ($view->supportsPageCache($_pageBlocks, $this->controller)) { $view->addToPageCache($pageContent); } } } else { throw new Exception(t('File %s not found. All themes need default.php and view.php files in them. Consult concrete5 documentation on how to create these files.', $this->theme)); } Events::fire('on_render_complete', $this); if (ob_get_level() == OB_INITIAL_LEVEL) { require(DIR_BASE_CORE . '/startup/shutdown.php'); exit; } } catch(ADODB_Exception $e) { // if it's a database exception we go here. if (Config::get('SITE_DEBUG_LEVEL') == DEBUG_DISPLAY_ERRORS) { $this->renderError(t('An unexpected error occurred.'), $e->getMessage(), $e); } else { $this->renderError(t('An unexpected error occurred.'), t('A database error occurred while processing this request.'), $e); } // log if setup to do so if (ENABLE_LOG_ERRORS) { $l = new Log(LOG_TYPE_EXCEPTIONS, true, true); $l->write(t('Exception Occurred: ') . $e->getMessage()); $l->write($e->getTraceAsString()); $l->close(); } } catch (Exception $e) { $this->renderError(t('An unexpected error occurred.'), $e->getMessage(), $e); // log if setup to do so if (ENABLE_LOG_ERRORS) { $l = new Log(LOG_TYPE_EXCEPTIONS, true, true); $l->write(t('Exception Occurred: ') . $e->getMessage()); $l->write($e->getTraceAsString()); $l->close(); } } }
<?php defined('C5_EXECUTE') or die("Access Denied."); $valt = Loader::helper('validation/token'); $fh = Loader::helper('file'); $token = '&' . $valt->getParameter(); $c = Page::getByID($_REQUEST['cID']); $cID = $c->getCollectionID(); $cp = new Permissions($c); $isCheckedOut = $c->isCheckedOut() && !$c->isEditMode(); if (!$cp->canReadVersions() && !$cp->canApproveCollection()) { die(_("Access Denied.")); } if ($_GET['vtask'] == 'view_version') { ?> <?php /* we use the always-updated ID below so that Safari doesn't cache the iframe's contents. We probably shouldn't be making a new iframe on every request to this anyway, but it doesn't happen very often and it represents a significant hurdle to making it a bit of a better citizen, so we'll do it this way for now. */ ?> <iframe border="0" id="v<?php echo time(); ?> " frameborder="0" height="100%" width="100%" src="<?php echo BASE_URL . DIR_REL; ?> /<?php echo DISPATCHER_FILENAME;
<?php defined('C5_EXECUTE') or die("Access Denied."); $c = Page::getByID($_REQUEST['cID']); $cp = new Permissions($c); if (!$cp->canWrite()) { die(_("Access Denied.")); } $v = CollectionVersion::get($c, "RECENT", true); if ($cp->canApproveCollection()) { $approveChecked = ""; if (isset($_SESSION['checkInApprove'])) { if ($_SESSION['checkInApprove'] == true) { $approveChecked = " checked"; } } } Loader::element('pane_header', array('c' => $c)); ?> <div class="ccm-pane-controls"> <div id="ccm-edit-collection"> <form method="post" id="ccm-check-in" action="<?php echo DIR_REL; ?> /<?php echo DISPATCHER_FILENAME; ?> ?cID=<?php echo $c->getCollectionID(); ?> &ctask=check-in">
function approve($doReindexImmediately = true) { $db = Loader::db(); $u = new User(); $uID = $u->getUserID(); $cvID = $this->cvID; $cID = $this->cID; $c = Page::getByID($cID, $this->cvID); $ov = Page::getByID($cID, 'ACTIVE'); $oldHandle = $ov->getCollectionHandle(); $newHandle = $this->cvHandle; // update a collection updated record $dh = Loader::helper('date'); $db->query('update Collections set cDateModified = ? where cID = ?', array($dh->getLocalDateTime(), $cID)); // first we remove approval for the other version of this collection $v = array($cID); $q = "update CollectionVersions set cvIsApproved = 0 where cID = ?"; $r = $db->query($q, $v); $ov->refreshCache(); // now we approve our version $v2 = array($uID, $cID, $cvID); $q2 = "update CollectionVersions set cvIsNew = 0, cvIsApproved = 1, cvApproverUID = ? where cID = ? and cvID = ?"; $r = $db->query($q2, $v2); // next, we rescan our collection paths for the particular collection, but only if this isn't a generated collection // I don't know why but this just isn't reliable. It might be a race condition with the cached page objects? /* if ((($oldHandle != $newHandle) || $oldHandle == '') && (!$c->isGeneratedCollection())) { */ $c->rescanCollectionPath(); //} // check for related version edits. This only gets applied when we edit global areas. if ($this->isNew()) { $r = $db->Execute('select cRelationID, cvRelationID from CollectionVersionRelatedEdits where cID = ? and cvID = ?', array($cID, $cvID)); while ($row = $r->FetchRow()) { $cn = Page::getByID($row['cRelationID'], $row['cvRelationID']); $cnp = new Permissions($cn); if ($cnp->canApproveCollection()) { $v = $cn->getVersionObject(); if ($v->isNew()) { $v->approve(); } } } } Events::fire('on_page_version_approve', $c); $c->reindex(false, $doReindexImmediately); $this->refreshCache(); }
<? defined('C5_EXECUTE') or die("Access Denied."); $c = Page::getByID($_REQUEST['cID']); $cp = new Permissions($c); if (!$cp->canWrite()) { die(t("Access Denied.")); } $v = CollectionVersion::get($c, "RECENT", true); if ($cp->canApproveCollection()) { $approveChecked = ""; if (isset($_SESSION['checkInApprove'])) { if ($_SESSION['checkInApprove'] == true) { $approveChecked = " checked"; } } } Loader::element('pane_header', array('c'=>$c)); ?> <div class="ccm-pane-controls"> <div id="ccm-edit-collection"> <form method="post" id="ccm-check-in" action="<?php echo DIR_REL; ?> /<?php echo DISPATCHER_FILENAME; ?> ?cID=<?php
$u = new User(); $username = $u->getUserName(); $vo = $c->getVersionObject(); $statusMessage = ''; if ($c->isCheckedOut()) { if (!$c->isCheckedOutByMe()) { $cantCheckOut = true; $statusMessage .= t("%s is currently editing this page.", $c->getCollectionCheckedOutUserName()); } } if ($c->getCollectionPointerID() > 0) { $statusMessage .= t("This page is an alias of one that actually appears elsewhere. "); $statusMessage .= "<br/><a href='" . DIR_REL . "/" . DISPATCHER_FILENAME . "?cID=" . $c->getCollectionID() . "'>" . t('View/Edit Original') . "</a>"; if ($cp->canApproveCollection()) { $statusMessage .= " | "; $statusMessage .= "<a href='" . DIR_REL . "/" . DISPATCHER_FILENAME . "?cID=" . $c->getCollectionPointerOriginalID() . "&ctask=remove-alias" . $token . "'>" . t('Remove Alias') . "</a>"; } } else { if (is_object($vo)) { if (!$vo->isApproved() && !$c->isEditMode()) { $statusMessage .= t("This page is pending approval."); if ($cp->canApproveCollection() && !$c->isCheckedOut()) { $statusMessage .= "<br/><a href='" . DIR_REL . "/" . DISPATCHER_FILENAME . "?cID=" . $c->getCollectionID() . "&ctask=approve-recent" . $token . "'>" . t('Approve Version') . "</a>"; } } } $pendingAction = $c->getPendingAction();