/** * for retrocompatibility with old AdminTab, old index.php * * @return void */ function runAdminTab($tab, $ajaxMode = false) { $ajaxMode = (bool) $ajaxMode; require_once _PS_ADMIN_DIR_ . '/init.php'; $cookie = Context::getContext()->cookie; if (empty($tab) && !sizeof($_POST)) { $tab = 'AdminDashboard'; $_POST['tab'] = $tab; $_POST['token'] = Tools::getAdminTokenLite($tab); } // $tab = $_REQUEST['tab']; if ($adminObj = checkingTab($tab)) { Context::getContext()->controller = $adminObj; // init is different for new tabs (AdminController) and old tabs (AdminTab) if ($adminObj instanceof AdminController) { if ($ajaxMode) { $adminObj->ajax = true; } $adminObj->path = dirname($_SERVER["PHP_SELF"]); $adminObj->run(); } else { if (!$ajaxMode) { require_once _PS_ADMIN_DIR_ . '/header.inc.php'; } $isoUser = Context::getContext()->language->id; $tabs = array(); $tabs = Tab::recursiveTab($adminObj->id, $tabs); $tabs = array_reverse($tabs); $bread = ''; foreach ($tabs as $key => $item) { $bread .= ' <img src="../img/admin/separator_breadcrumb.png" style="margin-right:5px" alt=">" />'; if (count($tabs) - 1 > $key) { $bread .= '<a href="?tab=' . $item['class_name'] . '&token=' . Tools::getAdminToken($item['class_name'] . intval($item['id_tab']) . (int) Context::getContext()->employee->id) . '">'; } $bread .= $item['name']; if (count($tabs) - 1 > $key) { $bread .= '</a>'; } } if (!$ajaxMode && Shop::isFeatureActive() && Shop::getContext() != Shop::CONTEXT_ALL && Context::getContext()->controller->multishop_context != Shop::CONTEXT_ALL) { echo '<div class="multishop_info">'; if (Shop::getContext() == Shop::CONTEXT_GROUP) { $shop_group = new ShopGroup((int) Shop::getContextShopGroupID()); printf(Translate::getAdminTranslation('You are configuring your store for group shop %s'), '<b>' . $shop_group->name . '</b>'); } elseif (Shop::getContext() == Shop::CONTEXT_SHOP) { printf(Translate::getAdminTranslation('You are configuring your store for shop %s'), '<b>' . Context::getContext()->shop->name . '</b>'); } echo '</div>'; } if (Validate::isLoadedObject($adminObj)) { if ($adminObj->checkToken()) { if ($ajaxMode) { // the differences with index.php is here $adminObj->ajaxPreProcess(); $action = Tools::getValue('action'); // no need to use displayConf() here if (!empty($action) && method_exists($adminObj, 'ajaxProcess' . Tools::toCamelCase($action))) { $adminObj->{'ajaxProcess' . Tools::toCamelCase($action)}(); } else { $adminObj->ajaxProcess(); } // @TODO We should use a displayAjaxError $adminObj->displayErrors(); if (!empty($action) && method_exists($adminObj, 'displayAjax' . Tools::toCamelCase($action))) { $adminObj->{'displayAjax' . $action}(); } else { $adminObj->displayAjax(); } } else { /* Filter memorization */ if (isset($_POST) && !empty($_POST) && isset($adminObj->table)) { foreach ($_POST as $key => $value) { if (is_array($adminObj->table)) { foreach ($adminObj->table as $table) { if (strncmp($key, $table . 'Filter_', 7) === 0 || strncmp($key, 'submitFilter', 12) === 0) { $cookie->{$key} = !is_array($value) ? $value : serialize($value); } } } elseif (strncmp($key, $adminObj->table . 'Filter_', 7) === 0 || strncmp($key, 'submitFilter', 12) === 0) { $cookie->{$key} = !is_array($value) ? $value : serialize($value); } } } if (isset($_GET) && !empty($_GET) && isset($adminObj->table)) { foreach ($_GET as $key => $value) { if (is_array($adminObj->table)) { foreach ($adminObj->table as $table) { if (strncmp($key, $table . 'OrderBy', 7) === 0 || strncmp($key, $table . 'Orderway', 8) === 0) { $cookie->{$key} = $value; } } } elseif (strncmp($key, $adminObj->table . 'OrderBy', 7) === 0 || strncmp($key, $adminObj->table . 'Orderway', 12) === 0) { $cookie->{$key} = $value; } } } $adminObj->displayConf(); $adminObj->postProcess(); $adminObj->displayErrors(); $adminObj->display(); include _PS_ADMIN_DIR_ . '/footer.inc.php'; } } else { if ($ajaxMode) { // If this is an XSS attempt, then we should only display a simple, secure page if (ob_get_level() && ob_get_length() > 0) { ob_clean(); } // ${1} in the replacement string of the regexp is required, because the token may begin with a number and mix up with it (e.g. $17) $url = preg_replace('/([&?]token=)[^&]*(&.*)?$/', '${1}' . $adminObj->token . '$2', $_SERVER['REQUEST_URI']); if (false === strpos($url, '?token=') && false === strpos($url, '&token=')) { $url .= '&token=' . $adminObj->token; } // we can display the correct url // die(Tools::jsonEncode(array(Translate::getAdminTranslation('Invalid security token'),$url))); die(Tools::jsonEncode(Translate::getAdminTranslation('Invalid security token'))); } else { // If this is an XSS attempt, then we should only display a simple, secure page if (ob_get_level() && ob_get_length() > 0) { ob_clean(); } // ${1} in the replacement string of the regexp is required, because the token may begin with a number and mix up with it (e.g. $17) $url = preg_replace('/([&?]token=)[^&]*(&.*)?$/', '${1}' . $adminObj->token . '$2', $_SERVER['REQUEST_URI']); if (false === strpos($url, '?token=') && false === strpos($url, '&token=')) { $url .= '&token=' . $adminObj->token; } $message = Translate::getAdminTranslation('Invalid security token'); echo '<html><head><title>' . $message . '</title></head><body style="font-family:Arial,Verdana,Helvetica,sans-serif;background-color:#EC8686"> <div style="background-color:#FAE2E3;border:1px solid #000000;color:#383838;font-weight:700;line-height:20px;margin:0 0 10px;padding:10px 15px;width:500px"> <img src="../img/admin/error2.png" style="margin:-4px 5px 0 0;vertical-align:middle"> ' . $message . ' </div>'; echo '<a href="' . htmlentities($url) . '" method="get" style="float:left;margin:10px"> <input type="button" value="' . Tools::htmlentitiesUTF8(Translate::getAdminTranslation('I understand the risks and I really want to display this page')) . '" style="height:30px;margin-top:5px" /> </a> <a href="index.php" method="get" style="float:left;margin:10px"> <input type="button" value="' . Tools::htmlentitiesUTF8(Translate::getAdminTranslation('Take me out of here!')) . '" style="height:40px" /> </a> </body></html>'; die; } } } } } }
public static function recursiveTab($id_tab, $tabs) { $admin_tab = Tab::getTab((int) Context::getContext()->language->id, $id_tab); $tabs[] = $admin_tab; if ($admin_tab['id_parent'] > 0) { $tabs = Tab::recursiveTab($admin_tab['id_parent'], $tabs); } return $tabs; }
/** * Set breadcrumbs array for the controller page */ public function initBreadcrumbs($tab_id = null, $tabs = null) { if (is_array($tabs) || count($tabs)) { $tabs = array(); } if (is_null($tab_id)) { $tab_id = $this->id; } $tabs = Tab::recursiveTab($tab_id, $tabs); $dummy = array('name' => '', 'href' => '', 'icon' => ''); $breadcrumbs2 = array('container' => $dummy, 'tab' => $dummy, 'action' => $dummy); if (isset($tabs[0])) { $breadcrumbs2['tab']['name'] = $tabs[0]['name']; $breadcrumbs2['tab']['href'] = __PS_BASE_URI__ . basename(_PS_ADMIN_DIR_) . '/' . $this->context->link->getAdminLink($tabs[0]['class_name']); if (!isset($tabs[1])) { $breadcrumbs2['tab']['icon'] = 'icon-' . $tabs[0]['class_name']; } } if (isset($tabs[1])) { $breadcrumbs2['container']['name'] = $tabs[1]['name']; $breadcrumbs2['container']['href'] = __PS_BASE_URI__ . basename(_PS_ADMIN_DIR_) . '/' . $this->context->link->getAdminLink($tabs[1]['class_name']); $breadcrumbs2['container']['icon'] = 'icon-' . $tabs[1]['class_name']; } /* content, edit, list, add, details, options, view */ switch ($this->display) { case 'add': $breadcrumbs2['action']['name'] = $this->l('Add', null, null, false); $breadcrumbs2['action']['icon'] = 'icon-plus'; break; case 'edit': $breadcrumbs2['action']['name'] = $this->l('Edit', null, null, false); $breadcrumbs2['action']['icon'] = 'icon-pencil'; break; case '': case 'list': $breadcrumbs2['action']['name'] = $this->l('List', null, null, false); $breadcrumbs2['action']['icon'] = 'icon-th-list'; break; case 'details': case 'view': $breadcrumbs2['action']['name'] = $this->l('View details', null, null, false); $breadcrumbs2['action']['icon'] = 'icon-zoom-in'; break; case 'options': $breadcrumbs2['action']['name'] = $this->l('Options', null, null, false); $breadcrumbs2['action']['icon'] = 'icon-cogs'; break; case 'generator': $breadcrumbs2['action']['name'] = $this->l('Generator', null, null, false); $breadcrumbs2['action']['icon'] = 'icon-flask'; break; } $this->context->smarty->assign(array('breadcrumbs2' => $breadcrumbs2, 'quick_access_current_link_name' => $breadcrumbs2['tab']['name'] . (isset($breadcrumbs2['action']) ? ' - ' . $breadcrumbs2['action']['name'] : ''), 'quick_access_current_link_icon' => $breadcrumbs2['container']['icon'])); /* BEGIN - Backward compatibility < 1.6.0.3 */ $this->breadcrumbs[] = $tabs[0]['name']; $navigationPipe = Configuration::get('PS_NAVIGATION_PIPE') ? Configuration::get('PS_NAVIGATION_PIPE') : '>'; $this->context->smarty->assign('navigationPipe', $navigationPipe); /* END - Backward compatibility < 1.6.0.3 */ }
/** * Set breadcrumbs array for the controller page */ public function initBreadcrumbs() { $tabs = array(); $tabs = Tab::recursiveTab($this->id, $tabs); $tabs = array_reverse($tabs); foreach ($tabs as $tab) { $this->breadcrumbs[] = $tab['name']; } }