/** * A utility function to test if the supplied url path is valid for the supplied content id * * @param string The partial url path to test * @return boolean */ public static function is_valid_url($url, $content_id = '') { // check for starting or ending slashes if (startswith($url, '/') || endswith($url, '/')) { return FALSE; } // first check for invalid chars. $translated = munge_string_to_url($url, false, true); if (strtolower($translated) != strtolower($url)) { return FALSE; } cms_route_manager::load_routes(); $route = cms_route_manager::find_match($url); if (!$route) { return TRUE; } if ($route->is_content()) { if ($content_id == '' || $route->get_content() == $content_id) { return TRUE; } } return FALSE; }
/** * A utility function to test if the supplied url path is valid for the supplied content id * * @param string The partial url path to test * @return boolean */ public static function is_valid_url($url, $content_id = '') { // check for starting or ending slashes if (startswith($url, '/') || endswith($url, '/')) { return FALSE; } // first check for invalid chars. // strip off any extension (that is like 5 chars or less) $pos = strrpos($url, '.'); if ($pos !== FALSE) { // have an extension. $ext = substr($url, $pos + 1); if (strlen($ext) >= 5 || munge_string_to_url($ext, false, true) != strtolower($ext)) { return FALSE; } $tmp = substr($url, 0, $pos); if (munge_string_to_url($tmp, false, true) != strtolower($tmp)) { return FALSE; } } else { $translated = munge_string_to_url($url, false, true); if (strtolower($translated) != strtolower($url)) { return FALSE; } } cms_route_manager::load_routes(); $route = cms_route_manager::find_match($url, TRUE); if (!$route) { return TRUE; } if ($route->is_content()) { if ($content_id == '' || $route->get_content() == $content_id) { return TRUE; } } return FALSE; }
// check for starting or ending slashes if (startswith($news_url, '/') || endswith($news_url, '/')) { $error = $this->ShowErrors($this->Lang('error_invalidurl')); } if ($error === FALSE) { // check for invalid chars. $translated = munge_string_to_url($news_url, false, true); if (strtolower($translated) != strtolower($news_url)) { $error = $this->ShowErrors($this->Lang('error_invalidurl')); } } if ($error === FALSE) { // make sure this url isn't taken. $news_url = trim($news_url, " /\t\r\n"); cms_route_manager::load_routes(); $route = cms_route_manager::find_match($news_url); if ($route) { // we're adding an article, not editing... any matching route is bad. $error = $this->ShowErrors($this->Lang('error_invalidurl')); } } } // // database work // if ($error !== FAlSE) { echo $error; } else { $articleid = $db->GenID(cms_db_prefix() . "module_news_seq"); $query = 'INSERT INTO ' . cms_db_prefix() . 'module_news (news_id, news_category_id, news_title, news_data, summary, status, news_date, start_time, end_time, create_date, modified_date,author_id,news_extra,news_url) VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?)'; if ($useexp == 1) {
/** * A function tat, given the current request information will return * a pageid or an alias that should be used for the display * This method also handles matching routes and specifying which module * should be called with what parameters * * @internal * @access private * @return string */ function get_pageid_or_alias_from_url() { $gCms = cmsms(); $config = $gCms->GetConfig(); $contentops = $gCms->GetContentOperations(); $smarty = $gCms->GetSmarty(); $params =& $_REQUEST; if (isset($params['mact'])) { $ary = explode(',', cms_htmlentities($params['mact']), 4); $smarty->id = isset($ary[1]) ? $ary[1] : ''; } else { // old? $smarty->id = isset($params['id']) ? intval($params['id']) : ''; } $page = ''; if (isset($smarty->id) && isset($params[$smarty->id . 'returnid'])) { // get page from returnid parameter in module action $page = $params[$smarty->id . 'returnid']; } else { if (isset($config["query_var"]) && $config["query_var"] != '' && isset($_GET[$config["query_var"]])) { // using non friendly urls... get the page alias/id from the query var. $page = $_GET[$config["query_var"]]; } else { // either we're using pretty urls // or this is the default page. if (isset($_SERVER["REQUEST_URI"]) && !endswith($_SERVER['REQUEST_URI'], 'index.php')) { $matches = array(); if (preg_match('/.*index\\.php\\/(.*?)$/', $_SERVER['REQUEST_URI'], $matches)) { // pretty urls... grab all the stuff after the index.php $page = $matches[1]; } } } } // by here, if page is empty, use the default page id if ($page == '') { // assume default content $page = $contentops->GetDefaultContent(); } // by here, if we're not assuming pretty urls of any sort // and we have a value... we're done. if ($config['url_rewriting'] == 'none') { return $page; } // some kind of a pretty url. // strip off GET params. if (($tmp = strpos($page, '?')) !== FALSE) { $page = substr($page, 0, $tmp); } // strip off page extension if ($config['page_extension'] != '' && endswith($page, $config['page_extension'])) { $page = substr($page, 0, strlen($page) - strlen($config['page_extension'])); } // trim trailing / $page = rtrim($page, '/'); // see if there's a route that matches. $matched = false; $route = cms_route_manager::find_match($page); if (is_object($route)) { $matched = true; if ($route->is_content()) { // a route to a page. $page = $route->get_content(); } else { $matches = $route->get_results(); // it's a module route //Now setup some assumptions if (!isset($matches['id'])) { $matches['id'] = 'cntnt01'; } if (!isset($matches['action'])) { $matches['action'] = 'defaulturl'; } if (!isset($matches['inline'])) { $matches['inline'] = 0; } if (!isset($matches['returnid'])) { $matches['returnid'] = ''; } #Look for default page if (!isset($matches['module'])) { $matches['module'] = $route->get_dest(); } //Get rid of numeric matches foreach ($matches as $key => $val) { if (is_int($key)) { unset($matches[$key]); } else { if ($key != 'id') { $_REQUEST[$matches['id'] . $key] = $val; } } } //Now set any defaults that might not have been in the url $tmp = $route->get_defaults(); if (is_array($tmp) && count($tmp) > 0) { foreach ($tmp as $key => $val) { $_REQUEST[$matches['id'] . $key] = $val; if (array_key_exists($key, $matches)) { $matches[$key] = $val; } } } //Get a decent returnid if ($matches['returnid'] == '') { $matches['returnid'] = $contentops->GetDefaultPageID(); } // Put the resulting mact into the request so that the subsequent smarty plugins // can grab it... $_REQUEST['mact'] = $matches['module'] . ',' . $matches['id'] . ',' . $matches['action'] . ',' . $matches['inline']; $page = $matches['returnid']; $smarty->id = $matches['id']; } } // if no route matched... grab the alias from the last / if (($pos = strrpos($page, '/')) !== FALSE && $matched == false) { $page = substr($page, $pos + 1); } // if there's nothing use the default content. if (empty($page)) { // maybe it's the home page. $page = $contentops->GetDefaultContent(); } return $page; }