/** * Get a safe array of strings from an input parameter that is an array. * * @see cge_param::get_string() * @param array $params An associative array of input params * @param string $key The key to the associative array * @param string[] $dflt The default value to use if the key does not exist in the $params aray. */ public static function get_string_array($params, $key, $dflt = null) { $tmp = \cge_utils::get_param($params, $key, $dflt); if (!is_array($tmp)) { $tmp = array($tmp); } for ($i = 0, $n = count($tmp); $i < $n; $i++) { $tmp[$i] = html_entity_decode($tmp[$i]); $tmp[$i] = trim(strip_tags($tmp[$i])); } return $tmp; }
<?php if (!isset($gCms)) { exit; } if (!$this->CheckPermission('Modify Calendar') && !$this->CheckPermission('Add Calendar Events') && !$this->CheckPermission('Edit My Calendar Events')) { exit; } $start = cge_param::get_string($_REQUEST, 'start'); $end = cge_param::get_string($_REQUEST, 'end'); $showchildren = (int) cge_utils::get_param($params, 'showchildren', 0); $category = (int) cge_utils::get_param($params, 'category', -1); $keyword = trim(cge_utils::get_param($params, 'keyword')); $when = strtolower(trim(cge_utils::get_param($params, 'when', 'any'))); // when can only be used when start/end are not specified. $limit = cge_utils::get_param($params, 'limit', 1000); // 1000 is more than enough. debug_to_log(__FILE__); debug_to_log($_REQUEST); debug_to_log("{$start} - {$end}"); $st_ds = $db->DbTimeStamp($start); $en_ds = $db->DbTimeStamp($end); if ($start < 1 || $end < 1) { switch ($when) { case 'past': $start = 1; $end = time(); break; case 'future': $start = time(); $end = 2147483648.0;
<?php if (!isset($gCms)) { exit; } if (!$this->CheckPermission('Manage Calendar Attributes')) { return; } $this->SetCurrentTab('admin_manage_categories'); $catid = (int) cge_utils::get_param($params, 'catid'); if ($catid < 1) { $this->SetError($this->Lang('error_insufficientparams')); } try { \CGCalendar\category::delete($catid); $this->SetMessage($this->Lang('categorydeleted')); } catch (Exception $e) { $this->SetError($e->GetMessage()); } $this->RedirectToTab();
public static function cge_pageoptions($params, $smarty) { $current = trim(cge_utils::get_param($params, 'value')); $current = trim(cge_utils::get_param($params, 'selected')); $none = cge_utils::to_bool(cge_utils::get_param($params, 'none')); $params['current'] = $current; unset($params['value'], $params['selected'], $params['none']); $builder = new \CGExtensions\content_list_builder($params); $tmp = null; if ($none) { $mod = cge_utils::get_module(MOD_CGEXTENSIONS); $tmp .= '<option value="">' . $mod->Lang('none') . '</option>'; $tmp .= '<option disabled="disabled">---</option>'; } $tmp .= $builder->get_options(); return $tmp; }
} $results[] = $tmpa; $date = $tmp; break; } } return $results; } $events_to_categories_table_name = $this->events_to_categories_table_name; if (isset($params['cancel'])) { $this->Redirect($id, 'defaultadmin', $returnid, array("module_message" => $message)); } // // Gather parameters // $event_id = cge_utils::get_param($params, 'event_id', -1); $recurring_events = ''; $user_id = get_userid(FALSE) * -1 - 100; $categories = get_parameter_value($params, 'event_categories', -1); $event = $this->GetEvent($event_id); $this->GetEventFromParams($event, $params, true); $event_parent_id = $event_id; // permissions check if ($event_id < 1) { // adding if (!$this->CheckPermission('Modify Calendar') && !$this->CheckPermission('Add Calendar Events')) { $this->SetError($this->Lang('error_permission')); $this->RedirectToAdminTab(); } } else { // editing
function module_action_link($params, &$smarty) { $gCms = cmsms(); $mid = 'm1_'; $inline = FALSE; $module = $smarty->get_template_vars('nmodule'); if (!$module) { $module = $smarty->get_template_vars('actionmodule'); } $module = get_parameter_value($params, 'module', $module); if (!$module) { return; } unset($params['module']); $obj = cms_utils::get_module($module); if (!is_object($obj)) { return; } $text = $module; if (isset($params['text'])) { $text = trim($params['text']); unset($params['text']); } $title = ''; if (isset($params['title'])) { $title = trim($params['title']); unset($params['title']); } $confmessage = ''; if (isset($params['confmessage'])) { $confmessage = trim($params['confmessage']); unset($params['confmessage']); } $image = ''; if (isset($params['image'])) { $image = trim($params['image']); unset($params['image']); } $class = 'systemicon'; if (isset($params['class'])) { $class = trim($params['class']); unset($params['class']); } $action = 'default'; if (isset($params['action'])) { $action = $params['action']; unset($params['action']); } if (isset($params['id'])) { $mid = $params['id']; $inline = TRUE; unset($params['id']); } $imageonly = false; if (isset($params['imageonly'])) { $imageonly = true; unset($params['imageonly']); } $pageid = cms_utils::get_current_pageid(); if (isset($params['page'])) { // convert the page alias to an id $manager = $gCms->GetHierarchyManager(); $node = $manager->sureGetNodeByAlias($params['page']); if (isset($node)) { $content = $node->GetContent(); if (isset($content)) { $pageid = $content->Id(); } } else { $node = $manager->sureGetNodeById($params['page']); if (isset($node)) { $pageid = $params['detailpage']; } } unset($params['page']); } $urlonly = cge_utils::to_bool(cge_utils::get_param($params, 'urlonly', false)); if ($urlonly) { $urlonly = true; unset($params['urlonly']); } $jsfriendly = cge_utils::to_bool(cge_utils::get_param($params, 'jsfriendly', false)); if ($jsfriendly) { $jsfriendly = true; $urlonly = true; unset($params['jsfriendly']); } $forjs = cge_utils::to_bool(cge_utils::get_param($params, 'forjs', false)); if ($forjs) { $jsfriendly = true; $urlonly = true; unset($params['forjs']); } $forajax = cge_utils::to_bool(cge_utils::get_param($params, 'forajax', false)); if ($forajax) { $jsfriendly = true; $urlonly = true; $forajax = true; unset($params['forajax']); } $assign = ''; if (isset($params['assign'])) { $assign = trim($params['assign']); unset($params['assign']); } $addtext = ''; if ($title) { $addtext = 'title="' . $title . '"'; } if (!empty($image) && method_exists($obj, 'CreateImageLink') && $urlonly == false) { $output = $obj->CreateImageLink($mid, $action, $pageid, $text, $image, $params, $class, $confmessage, $imageonly, FALSE, $addtext); } else { $output = $obj->CreateLink($mid, $action, $pageid, $text, $params, $confmessage, $urlonly, $inline, $addtext); if ($urlonly && $jsfriendly) { $output = str_replace('amp;', '', $output); } if ($forajax) { if (strpos($output, '?') === FALSE) { $output .= '?showtemplate=false'; } else { $output .= '&showtemplate=false'; } } } // all done if (!empty($assign)) { $smarty->assign($assign, $output); return; } return $output; }
if (!isset($gCms)) { exit; } if (!$this->CheckPermission('Modify Calendar') && !$this->CheckPermission('Add Calendar Events') && !$this->CheckPermission('Edit My Calendar Events')) { exit; } $userid = null; if (!$this->CheckPermission('Modify Calendar')) { $userid = get_userid(FALSE) * -1 - 100; } $result = new stdClass(); $result->status = 0; $result->msg = $this->Lang('error_unknown'); try { $event_id = (int) cge_utils::get_param($params, 'event_id'); $delete_children = (int) cge_utils::get_param($params, 'delete_children', 0); // get the event (make sure it's valid, and we have permission to delete it, AND that it is not a parent) $query = 'SELECT * FROM ' . $this->events_table_name . ' WHERE event_id = ?'; $parms = array($event_id); if (!is_null($userid)) { $query .= ' AND event_created_by = ?'; $parms[] = $userid; } $event = $db->GetRow($query, array($event_id)); if (!$event) { throw new Exception($this->Lang('error_eventnotfound')); } if (!$delete_children) { // now make sure it's not a parent (don't wanna leave orphaned events lying around) $query = 'SELECT event_id FROM ' . $this->events_table_name . ' WHERE event_parent_id = ?'; $tmp = $db->GetOne($query, array($event_id));
/** * Render the output javascript and stylesheets into cachable files * and output the appropriate HTML tags. * * @param array $opts Options for this method (for further reference, see the {cgjs_render} smarty tag. * @return string HTML output code. */ public static function render($opts = null) { if (count(self::$_rlibs) == 0 && count(self::$_required) == 0) { return; } // nothing to do. // process options $options = array(); $options['excludes'] = array(); if (!cmsms()->is_frontend_request()) { // the cmsms admin console includes versions of these. $excludes = array(); $excludes[] = 'jquery'; $excludes[] = 'ui'; $excludes[] = 'fileupload'; $options['excludes'] = $excludes; } if (is_array($opts)) { $options = array_merge_recursive($options, $opts); } if (isset($options['no_jquery']) && !in_array('jquery', $options['excludes'])) { $options['excludes'][] = 'jquery'; } if (isset($options['excludes']) && count($options['excludes'])) { // clean up the excludes $out = array(); foreach ($options['excludes'] as &$str) { $str = strtolower(trim($str)); if (!$str) { continue; } if (!in_array($str, $out)) { $out[] = $str; } } $options['excludes'] = $out; } $options['lang'] = \CmsNlsOperations::get_current_language(); // expand some options to simple variables. $config = \cms_config::get_instance(); $cache_lifetime = isset($options['cache_lifetime']) ? (int) $options['cache_lifetime'] : 24; $cache_lifetime = (int) \cge_utils::get_param($config, 'cgejs_cachelife', $cache_lifetime); $cache_lifetime = max($cache_lifetime, 1); $nocache = isset($options['no_cache']) ? TRUE : FALSE; $nocache = \cge_utils::get_param($config, 'cgejs_nocache', $nocache); $nominify = isset($options['nominify']) ? TRUE : FALSE; // overrides anything in libs. $nominify = \cge_utils::get_param($config, 'cgejs_nominify', $nominify); $nocsssmarty = isset($options['nocsssmarty']) || $nominify ? TRUE : $nocache; $addkey = \cge_utils::get_param($options, 'addkey', ''); $do_js = isset($options['no_js']) ? FALSE : TRUE; $do_css = isset($options['no_css']) ? FALSE : TRUE; $js_fmt = '<script type="text/javascript" src="%s"></script>'; $css_fmt = '<link type="text/css" rel="stylesheet" href="%s"/>'; if ($nocache) { $nominify = true; } if (!$nominify) { require_once dirname(__DIR__) . '/jsmin.php'; } $get_relative_url = function ($filename) { $config = \cms_config::get_instance(); $relative_url = ''; if (startswith($filename, $config['root_path'])) { $relative_url = str_replace($config['root_path'], $config['root_url'], dirname($filename)); if (!endswith($relative_url, '/')) { $relative_url .= '/'; } if (startswith($relative_url, 'http:')) { $relative_url = substr($relative_url, 5); } if (startswith($relative_url, 'https:')) { $relative_url = substr($relative_url, 6); } } return $relative_url; }; $fix_css_urls = function ($css, $url_prefix) { $css_search = '#url\\(\\s*[\'"]?(.*?)[\'"]?\\s*\\)#'; $css_url_fix = function ($matches) use($url_prefix) { if (startswith($matches[1], 'data:')) { return $matches[0]; } if (startswith($matches[1], 'http:')) { return $matches[0]; } if (startswith($matches[1], 'https:')) { return $matches[0]; } if (startswith($matches[1], '//')) { return $matches[0]; } //$str = substr($matches[1],0,-1); $str = $matches[1]; return "url('{$url_prefix}{$str}')"; }; $out = preg_replace_callback($css_search, $css_url_fix, $css); return $out; }; $get_code = function ($rec, $type) use(&$get_relative_url, &$fix_css_urls) { $config = \cms_config::get_instance(); if ($type == "js") { $js = null; if (isset($rec->jsfile)) { $jsfile = $rec->jsfile; if (!is_array($jsfile)) { $jsfile = array($jsfile); } $js = null; foreach ($jsfile as $one_file) { $one_file = self::_expand_filename($one_file); $js .= "/* jsloader // javascript file {$one_file} */\n"; if (is_file($one_file)) { $js .= @file_get_contents($one_file); } } } else { if (isset($rec->jsurl)) { // cache this for at least 24 hours if (startswith($rec->jsurl, $config['root_url'])) { $fn = str_replace($config['root_url'], $config['root_path'], $rec->jsurl); if (is_file($fn)) { if (!endswith($js, "\n")) { $js .= "\n"; } $js .= "/* jsloader // javascript local file from url {$fn} */\n"; $js .= file_get_contents($fn); } } else { $crf = new \cge_cached_remote_file($rec->jsurl, 48 * 60); if ($crf->size()) { if (!endswith($js, "\n")) { $js .= "\n"; } $js .= "/* jsloader // javascript remote {$rec->jsurl} */\n"; $js .= $crf->file_get_contents(); } } } else { if (isset($rec->code)) { $js .= "/* jsloader // javascript inline code */\n"; $js .= $rec->code; } } } return $js; } else { // css $css = null; if (isset($rec->cssfile)) { $cssfile = $rec->cssfile; if (!is_array($cssfile)) { $cssfile = array($cssfile); } foreach ($cssfile as $one_file) { $one_file = self::_expand_filename($one_file); $tmp = file_get_contents($one_file); $css .= "/* jsloader//css file: {$one_file} */\n"; $relative_url = $get_relative_url($one_file); $tmp = $fix_css_urls($tmp, $relative_url); $css .= $tmp; } } else { if (isset($rec->cssname)) { if (version_compare(CMS_VERSION, '1.99-alpha0') < 0) { $query = 'SELECT css_id, css_name, css_text FROM ' . cms_db_prefix() . 'css WHERE css_name = ?'; $db = CmsApp::get_instance()->GetDb(); $row = $db->GetRow($query, array($rec->cssname)); if (!is_array($row)) { return; } $css = trim($row['css_text']); } else { $css = CmsLayoutStylesheet::load($rec->cssname)->get_content(); } } else { if (isset($rec->cssurl)) { if (startswith($rec->cssurl, $config['root_url'])) { $fn = str_replace($config['root_url'], $config['root_path'], $rec->cssurl); if (is_file($fn)) { $relative_url = $get_relative_url($fn); $tmp .= file_get_contents($fn); $tmp = $fix_css_urls($tmp, $relative_url); if (!endswith($css, "\n")) { $css .= "\n"; } $css .= "/* jsloader //css local file from url {$fn} */\n"; $css .= $tmp; } } else { $crf = new \cge_cached_remote_file($rec->cssurl, 48 * 60); if ($crf->size()) { if (!endswith($css, "\n")) { $css .= "\n"; } $css .= "/* jsloader//css remote {$rec->cssurl} */\n"; $css .= $crf->file_get_contents(); } } } else { if (isset($rec->styles)) { $css .= "/* jsloader//css inline code */\n"; $css .= $rec->styles; } } } } return $css; } }; $get_minified_code = function ($rec, $type) use(&$get_code) { /* check for a cached version of this code */ $fn = TMP_CACHE_LOCATION . '/cgejs_' . md5(__FILE__ . serialize($rec) . $type) . '.cache'; if (is_file($fn)) { return file_get_contents($fn); } // not in cache // calculate a prefix to go on top of the cache file, and test if we are really minifying $code = $prefix = null; $do_minify = TRUE; if ($type == 'js') { if (isset($rec->js_nominify) && $rec->js_nominify) { $do_minify = FALSE; } if ($do_minify && isset($rec->jsfile)) { $jsfile = $rec->jsfile; if (!is_array($jsfile)) { $jsfile = array($jsfile); } foreach ($jsfile as $one) { if (strpos($one, '.min') !== FALSE || strpos($one, '.pack') !== FALSE) { $do_minify = FALSE; break; } } } if ($do_minify && isset($rec->jsurl)) { if (strpos($rec->jsurl, '.min') !== FALSE || strpos($rec->jsurl, '.pack') !== FALSE) { $do_minify = FALSE; } } $prefix = "/* jsloader // cached javascript // "; if (isset($rec->name)) { $prefix .= $rec->name; } else { if (isset($rec->jsfile)) { if (is_string($rec->jsfile)) { $prefix .= $rec->jsfile; } else { $prefix .= $rec->jsfile[0]; } } else { if (isset($rec->code)) { $prefix .= 'inline code'; } } } $prefix .= " */\n"; } else { // CSS if (isset($rec->css_nominify) && $rec->css_nominify) { $do_minify = FALSE; } if ($do_minify && isset($rec->cssfile)) { $cssfile = $rec->cssfile; if (!is_array($cssfile)) { $cssfile = array($cssfile); } foreach ($cssfile as $one) { if (strpos($one, '.min') !== FALSE || strpos($one, '.pack') !== FALSE) { $do_minify = FALSE; break; } } } if ($do_minify && isset($rec->cssurl)) { if (strpos($rec->cssurl, '.min') !== FALSE || strpos($rec->cssurl, '.pack') !== FALSE) { $do_minify = FALSE; } } $prefix = "/* jsloader // cached css // "; if (isset($rec->name)) { $prefix .= $rec->name; } else { if (isset($rec->cssfile)) { if (is_string($rec->cssfile)) { $prefix .= $rec->cssfile; } else { $prefix .= $rec->cssfile[0]; } } else { $prefix .= 'inline code'; } } $prefix .= " */\n"; } // get the code. $code = $get_code($rec, $type); if ($code) { // got code... are we minifying and caching it? if ($do_minify) { $code = \JSMin::minify($code); $code = $prefix . $code; file_put_contents($fn, $code); } return $code; } }; // determine if we have to process all this cruft (which could potentially be very expensive) $sig = md5(serialize(self::$_rlibs) . serialize(self::$_required) . serialize($options) . $nocache . $nominify . $cache_lifetime); $cache_js = TMP_CACHE_LOCATION . "/cgejs_{$sig}.js"; $cache_css = TMP_CACHE_LOCATION . "/cgejs_{$sig}.css"; $do_js_tag = $do_css_tag = FALSE; $do_js2 = $do_css2 = FALSE; $do_processing = TRUE; if ($nocache) { // forced to rejenerate. $do_js2 = $do_css2 = TRUE; } else { /* we can cache */ $etime = time() - $cache_lifetime * 3600; if (is_file($cache_js)) { $mtime1 = @filemtime($cache_js); $do_js_tag = TRUE; if ($mtime1 < $etime) { // cache too olo, forced to rebuild $do_js2 = FALSE; } } else { // no file, gotta process. $do_js2 = TRUE; } if (is_file($cache_css)) { $mtime2 = @filemtime($cache_css); $do_css_tag = TRUE; if ($mtime2 < $etime) { // cache too old, forced to rebuild $do_css2 = FALSE; } } else { // no file, gotta process. $do_css2 = TRUE; } } if ($do_js2 || $do_css2) { // okay, we have work to do. static $list = null; if (is_null($list)) { // now expand all our dependencies. $list_0 = array(); $required = array_merge(self::$_rlibs, self::$_required); foreach ($required as $rec) { if (isset($rec->depends)) { self::_resolve_dependencies($rec, $list_0, $options['excludes']); } else { $sig = md5(serialize($rec)); $list_0[$sig] = $rec; } } // now check for callback items // and get their code... this may be an expensive process // note: may also have dependencies $list = array(); foreach ($list_0 as $rec) { if (isset($rec->callback)) { $tmp = call_user_func($rec->callback, $rec->name); if (is_object($tmp) && (isset($tmp->code) || isset($tmp->styles))) { $list[] = $tmp; } } else { $list[] = $rec; } } unset($required, $list_0); } // // process js // if ($do_js && $do_js2 && $list && count($list)) { $txt = null; foreach ($list as $rec) { if ($nominify) { $txt .= $get_code($rec, 'js'); } else { $txt .= $get_minified_code($rec, 'js'); } } if ($txt) { $do_js_tag = TRUE; file_put_contents($cache_js, $txt); } } // // process css // if ($do_css && $do_css2 && $list && count($list)) { $txt = null; foreach ($list as $rec) { if ($nominify) { $txt .= $get_code($rec, 'css'); } else { $txt .= $get_minified_code($rec, 'css'); } } if ($txt) { $do_css_tag = TRUE; file_put_contents($cache_css, $txt); } } // do_css } // do processing // do the output. if ($nocache) { $cache_js .= '?_t=' . time(); $cache_css .= '?_t=' . time(); } $out = null; if ($do_js_tag) { $cache_url = $config['root_url'] . '/tmp/cache/' . basename($cache_js); $out .= trim(sprintf($js_fmt, $cache_url)) . "\n"; } if ($do_css_tag) { $cache_url = $config['root_url'] . '/tmp/cache/' . basename($cache_css); $out .= trim(sprintf($css_fmt, $cache_url)) . "\n"; } // all freaking done return $out; }
$year = date('Y'); $month = date('m'); $day = -1; // get y/m/d from session $use_session = get_parameter_value($params, 'use_session'); if ($use_session) { $sessionkey = $use_session . cgcalendar_utils::get_sessionkey($params); list($year, $month, $day) = cgcalendar_utils::to_ymd($this->session_get($sessionkey . 'date', $thedate)); } // get y/m/d from params if (isset($params['date'])) { list($year, $month, $day) = cgcalendar_utils::to_ymd($params['date']); } else { $year = (int) cge_utils::get_param($params, 'year', $year); $month = (int) cge_utils::get_param($params, 'month', $month); $day = (int) cge_utils::get_param($params, 'day', $day); } $thedate = sprintf("%d-%d", (int) $year, (int) $month); if ($day > 0) { $thedate .= sprintf('-%d', (int) $day); } if ($day > 0) { $thedate .= sprintf('-%d', (int) $day); } if (!empty($sessionkey)) { $this->session_put($sessionkey . 'date', $thedate); $inline = 1; } $thedate_ut = strtotime($thedate); $last_day_of_month = date('t', $thedate_ut); $next = cgcalendar_utils::next_ymd($thedate);
} $userid = null; if (!$this->CheckPermission('Modify Calendar')) { $userid = get_userid(FALSE) * -1 - 100; } $result = new stdClass(); $result->status = 0; $result->msg = $this->Lang('error_unknown'); try { debug_to_log('admin_ajax_editevent'); debug_to_log($params); $event_id = (int) cge_utils::get_param($params, 'event_id'); $dayDelta = (int) cge_utils::get_param($params, 'dayDelta'); $minuteDelta = (int) cge_utils::get_param($params, 'minuteDelta'); $allDay = (int) cge_utils::get_param($params, 'allDay'); $move = (int) cge_utils::get_param($params, 'move', 0); if ($event_id < 1) { throw new Exception($this->Lang('error_insufficientparams')); } if ($dayDelta == 0 && $minuteDelta == 0 && $allDay == 0) { throw new Exception($this->Lang('error_insufficientparams')); } // get the event (make sure it's valid, and we have permission to edit it) $query = 'SELECT * FROM ' . $this->events_table_name . ' WHERE event_id = ?'; $parms = array($event_id); if (!is_null($userid)) { $query .= ' AND event_created_by = ?'; $parms[] = $userid; } $event = $db->GetRow($query, array($event_id)); if (!$event) {