define("MESSAGE_PAGE_NEW_GROUPS_DESC", 1457); define("MESSAGE_PAGE_NEW_GROUPS_NO_RIGHTS_DESC", 1458); define("MESSAGE_PAGE_NEW_GROUPS_NO_RIGHTS", 1459); define("MESSAGE_PAGE_WEBSITES_DESC", 1460); define("MESSAGE_PAGE_WEBSITES", 1461); define("MESSAGE_PAGE_THUMBNAIL_DESC", 1462); define("MESSAGE_PAGE_THUMBNAIL", 1463); define("MESSAGE_PAGE_XML_DEFINITION_DESC", 1464); define("MESSAGE_PAGE_XML_FILE", 1465); define("MESSAGE_PAGE_XML_DEFINITION_USAGE_DESC", 1466); define("MESSAGE_PAGE_DEFAULT_ROWS", 1467); define("MESSAGE_PAGE_SAVE_AND_REGEN", 1548); define("MESSAGE_PAGE_SAVE_AND_REGEN_DESC", 1550); define("MESSAGE_PAGE_INCORRECT_FORM_VALUES", 682); $winId = sensitiveIO::request('winId', '', 'templateWindow'); $templateId = sensitiveIO::request('template', 'sensitiveIO::isPositiveInteger', 'createTemplate'); //load interface instance $view = CMS_view::getInstance(); //set default display mode for this page $view->setDisplayMode(CMS_view::SHOW_RAW); //This file is an admin file. Interface must be secure $view->setSecure(); //CHECKS user has templates clearance if (!$cms_user->hasAdminClearance(CLEARANCE_ADMINISTRATION_EDIT_TEMPLATES)) { //templates CMS_grandFather::raiseError('User has no rights template editions'); $view->setActionMessage($cms_language->getMessage(MESSAGE_ERROR_NO_RIGHTS_FOR_TEMPLATES)); $view->show(); } //load template if any if (sensitiveIO::isPositiveInteger($templateId)) {
if ($field->getValue('searchable')) { $objectType = $field->getTypeObject(); if (!method_exists($objectType, 'getListOfNamesForObject')) { $possibleTargets[] = $fieldID; } } } //get all search datas from requests $keywords = sensitiveIO::request('items_' . $object->getID() . '_kwrds', '', ''); $keywordsOptions = sensitiveIO::request('items_' . $object->getID() . '_kwrds_options', array('any', 'all', 'phrase', 'beginswith'), 'any'); $keywordsTarget = sensitiveIO::request('kwrds_target_' . $object->getID(), $possibleTargets, -1); $dateFrom = sensitiveIO::request('items_dtfrm', '', ''); $dateEnd = sensitiveIO::request('items_dtnd', '', ''); $sort = sensitiveIO::request('sort_' . $object->getID(), '', ''); $status = sensitiveIO::request('status_' . $object->getID(), '', ''); $direction = sensitiveIO::request('direction_' . $object->getID(), '', ''); // Set default session search options CMS_session::setSessionVar('items_' . $object->getID() . '_kwrds', $keywords); //CMS_session::setSessionVar('items_'.$object->getID().'_kwrds_options', $keywordsOptions); CMS_session::setSessionVar('kwrds_target_' . $object->getID(), $keywordsTarget); CMS_session::setSessionVar("items_dtfrm", $dateFrom); CMS_session::setSessionVar("items_dtnd", $dateEnd); CMS_session::setSessionVar('sort_' . $object->getID(), $sort); CMS_session::setSessionVar('status_' . $object->getID(), $status); CMS_session::setSessionVar('direction_' . $object->getID(), $direction); //Add all subobjects to search if any foreach ($objectFields as $fieldID => $field) { if (isset($fields[$fieldID])) { CMS_session::setSessionVar('items_' . $object->getID() . '_' . $fieldID, $fields[$fieldID]); } }
$filelabel = sensitiveIO::request('filelabel'); $filename = sensitiveIO::request('filename'); //block flash $width = sensitiveIO::request('flashwidth'); $height = sensitiveIO::request('flashheight'); $name = sensitiveIO::request('flashname'); $version = sensitiveIO::request('flashversion'); $params = sensitiveIO::request('flashparams'); $flashvars = sensitiveIO::request('flashvars'); $attributes = sensitiveIO::request('flashattributes'); //block image $imagelink = sensitiveIO::request('imagelink'); $imagelabel = sensitiveIO::request('imagelabel'); $zoomname = sensitiveIO::request('zoomname'); //block link $linktext = sensitiveIO::request('link'); //unset requests to avoid them to have interaction with evaluated page codes sensitiveIO::unsetRequest(array_keys($_REQUEST)); //try to instanciate the requested page $cms_page = CMS_tree::getPageByID($currentPage); //instanciate page and check if user has view rights on it if (isset($cms_page) && $cms_page->hasError()) { CMS_grandFather::raiseError('Error on page : ' . $cms_page->getID()); $view->show(); } //check for edit rights for user if (!$cms_user->hasPageClearance($cms_page->getID(), CLEARANCE_PAGE_EDIT)) { CMS_grandFather::raiseError('Error, user has no rights on page : ' . $cms_page->getID()); $view->show(); } //check for lock
//load interface instance $view = CMS_view::getInstance(); //set default display mode for this page $view->setDisplayMode(CMS_view::SHOW_JSON); //This file is an admin file. Interface must be secure $view->setSecure(); define("MESSAGE_ERROR_MODULE_RIGHTS", 570); define("MESSAGE_CATEGORY_PROTECTED", 1730); define("MESSAGE_CATEGORY_PROTECTED_DESC", 1731); function checkCatId($catId) { return io::strpos($catId, 'cat') === 0 && sensitiveIO::isPositiveInteger(io::substr($catId, 3)); } $codename = sensitiveIO::request('module'); $rootId = io::substr(sensitiveIO::request('node', 'checkCatId', 'cat0'), 3); $maxDepth = sensitiveIO::request('maxDepth', 'sensitiveIO::isPositiveInteger', 2); if (!$codename) { CMS_grandFather::raiseError('Unknown module ...'); $view->show(); } //load module $module = CMS_modulesCatalog::getByCodename($codename); if (!$module) { CMS_grandFather::raiseError('Unknown module or module for codename : ' . $codename); $view->show(); } //CHECKS user has module clearance if (!$cms_user->hasModuleClearance($codename, CLEARANCE_MODULE_EDIT)) { CMS_grandFather::raiseError('User has no rights on module : ' . $codename); $view->setActionMessage($cms_language->getmessage(MESSAGE_ERROR_MODULE_RIGHTS, array($module->getLabel($cms_language)))); $view->show();
define("MESSAGE_FLASHVAR_INFO", 544); define("MESSAGE_FLASHVAR", 545); define("MESSAGE_ATTRIBUT_INFO", 546); define("MESSAGE_ATTRIBUT", 547); define("MESSAGE_ERROR_FORMAT", 549); define("MESSAGE_ADVANCED_PARAMETERS", 566); define("MESSAGE_PAGE_INCORRECT_FORM_VALUES", 682); $winId = sensitiveIO::request('winId', '', 'blockFlashWindow'); $currentPage = sensitiveIO::request('page', 'sensitiveIO::isPositiveInteger', CMS_session::getPageID()); $tpl = sensitiveIO::request('template', 'sensitiveIO::isPositiveInteger'); $rowId = sensitiveIO::request('rowType', 'sensitiveIO::isPositiveInteger'); $rowTag = sensitiveIO::request('rowTag'); $cs = sensitiveIO::request('cs'); $blockId = sensitiveIO::request('block'); $blockClass = sensitiveIO::request('blockClass'); $value = sensitiveIO::request('value'); //load page $cms_page = CMS_tree::getPageByID($currentPage); if ($cms_page->hasError()) { CMS_grandFather::raiseError('Selected page (' . $currentPage . ') has error ...'); $view->show(); } //check user rights if (!$cms_user->hasPageClearance($cms_page->getID(), CLEARANCE_PAGE_EDIT)) { CMS_grandFather::raiseError('Error, user has no rights on page : ' . $cms_page->getID()); $view->show(); } //get block datas if (class_exists($blockClass)) { $cms_block = new $blockClass(); $cms_block->initializeFromBasicAttributes($blockId);
require_once dirname(__FILE__) . '/../../cms_rc_admin.php'; //load interface instance $view = CMS_view::getInstance(); //set default display mode for this page $view->setDisplayMode(CMS_view::SHOW_JSON); //This file is an admin file. Interface must be secure $view->setSecure(); //get search vars $search = sensitiveIO::request('search'); $letter = sensitiveIO::request('letter'); $sort = sensitiveIO::request('sort'); $dir = sensitiveIO::request('dir'); $start = sensitiveIO::request('start', 'sensitiveIO::isPositiveInteger', 0); $limit = sensitiveIO::request('limit', 'sensitiveIO::isPositiveInteger', CMS_session::getRecordsPerPage()); $userId = sensitiveIO::request('userId', 'sensitiveIO::isPositiveInteger'); $filter = sensitiveIO::request('filter') ? true : false; $groupsDatas = array(); $groupsDatas['groups'] = array(); if (!$cms_user->hasAdminClearance(CLEARANCE_ADMINISTRATION_EDITUSERS)) { CMS_grandFather::raiseError('User has no users management rights ...'); $view->setContent($groupsDatas); $view->show(); } //load user's groups if any if ($userId) { $userGroups = CMS_profile_usersGroupsCatalog::getGroupsOfUser($userId, true); } else { $userGroups = array(); } if ($userId && $filter) { //search users
* * @package Automne * @subpackage admin * @author Sébastien Pauchet <*****@*****.**> */ require_once dirname(__FILE__) . '/../../cms_rc_admin.php'; //load interface instance $view = CMS_view::getInstance(); //set default display mode for this page $view->setDisplayMode(CMS_view::SHOW_JSON); //This file is an admin file. Interface must be secure $view->setSecure(); $keyword = sensitiveIO::request('keyword'); $elements = sensitiveIO::request('elements', 'is_array', array()); $start = sensitiveIO::request('start', 'sensitiveIO::isPositiveInteger', 0); $limit = sensitiveIO::request('limit', 'sensitiveIO::isPositiveInteger', 0); $results = $scores = array(); //Users search if (in_array('users', $elements)) { $usersResults = CMS_profile_usersCatalog::search($keyword, '', '', 'score', 'desc', 0, 0, false, false, $usersScore); if ($usersResults) { foreach ($usersResults as $resultId) { if (isset($usersScore[$resultId])) { $scores[$usersScore[$resultId]][] = array('users', $resultId); } else { $scores[0][] = array('users', $resultId); } } //pr('Users :'); //pr($usersResults); //pr($rowsScore);
define("MESSAGE_PAGE_DONT_FINALIZE_IF_ERRORS", 1178); define("MESSAGE_PAGE_FIELD_CONFIRM", 1179); define("MESSAGE_PAGE_RESUME_PATCH", 1192); //CHECKS user has admin clearance if (!$cms_user->hasAdminClearance(CLEARANCE_ADMINISTRATION_EDITVALIDATEALL)) { CMS_grandFather::raiseError('User has no administration rights'); echo $cms_language->getMessage(MESSAGE_PAGE_NO_SERVER_RIGHTS); exit; } //ignore user abort to avoid interuption of process @ignore_user_abort(true); @set_time_limit(9000); //Controler vars $filename = sensitiveIO::request('filename'); $force = sensitiveIO::request('force'); $cms_action = sensitiveIO::request('cms_action'); $cms_message = ''; $content = ''; // +----------------------------------------------------------------------+ // | PATCH MANAGEMENT | // +----------------------------------------------------------------------+ //verbose fonction, only send a message to user. function verbose($text) { global $content; $content .= $text . "<br />"; } //report fonction, send a message to user and can stop process if it's an error. function report($text, $isErrror = false) { global $report, $force, $cms_language, $content;
$action = sensitiveIO::request('action', array('properties', 'definition', 'printcs', 'regenerate', 'copy')); $templateId = sensitiveIO::request('templateId', ''); //Properties vars vars $label = sensitiveIO::request('label'); $description = sensitiveIO::request('description'); $image = sensitiveIO::request('image'); $definitionfile = sensitiveIO::request('definitionfile'); $groups = sensitiveIO::request('groups', 'is_array', array()); $newgroups = sensitiveIO::request('newgroup') ? array_map('trim', preg_split("/[;,]+/", sensitiveIO::request('newgroup'))) : array(); $selectedWebsites = sensitiveIO::request('websites') ? explode(',', sensitiveIO::request('websites')) : array(); $nouserrights = sensitiveIO::request('nouserrights') ? true : false; //definition $definition = sensitiveIO::request('definition'); $regenerate = sensitiveIO::request('regenerate') ? true : false; //printable CS $printableCS = sensitiveIO::request('printableCS') ? explode(',', sensitiveIO::request('printableCS')) : array(); //load interface instance $view = CMS_view::getInstance(); //set default display mode for this page $view->setDisplayMode(CMS_view::SHOW_JSON); //This file is an admin file. Interface must be secure $view->setSecure(); //CHECKS user has templates clearance if (!$cms_user->hasAdminClearance(CLEARANCE_ADMINISTRATION_EDIT_TEMPLATES)) { //templates CMS_grandFather::raiseError('User has no rights template editions'); $view->setActionMessage($cms_language->getMessage(MESSAGE_ERROR_NO_RIGHTS_FOR_TEMPLATES)); $view->show(); } //load template if any if (sensitiveIO::isPositiveInteger($templateId)) {
// +----------------------------------------------------------------------+ // | Author: Sébastien Pauchet <*****@*****.**> | // +----------------------------------------------------------------------+ // // $Id: module-parameters.php,v 1.6 2010/03/08 16:41:18 sebastien Exp $ /** * PHP page : Load module parameters window. * Used accross an Ajax request render module properties window. * * @package Automne * @subpackage admin * @author Sébastien Pauchet <*****@*****.**> */ require_once dirname(__FILE__) . '/../../cms_rc_admin.php'; $codename = sensitiveIO::request('module', CMS_modulesCatalog::getAllCodenames()); $winId = sensitiveIO::request('winId', '', 'moduleParametersWindow'); define("MESSAGE_TOOLBAR_HELP", 1073); define("MESSAGE_PAGE_SAVE", 952); define("MESSAGE_PAGE_MODULE_PARAMS", 678); define("MESSAGE_PAGE_AUTOMNE_PARAMS", 679); define("MESSAGE_TOOLBAR_HELP_MESSAGE", 680); define("MESSAGE_PAGE_UPDATE_PARAMS", 681); define("MESSAGE_PAGE_FORM_INCORRECT", 682); //load interface instance $view = CMS_view::getInstance(); //set default display mode for this page $view->setDisplayMode(CMS_view::SHOW_RAW); //This file is an admin file. Interface must be secure $view->setSecure(); //CHECKS if (!$cms_user->hasAdminClearance(CLEARANCE_ADMINISTRATION_EDITVALIDATEALL)) {
define("MESSAGE_PAGE_ALL_FILES_SUPPORT", 559); define("MESSAGE_PAGE_LIB_GD_VERIF", 560); //load interface instance $view = CMS_view::getInstance(); //set default display mode for this page $view->setDisplayMode(CMS_view::SHOW_JSON); //This file is an admin file. Interface must be secure $view->setSecure(); $width = sensitiveIO::request('width', 'sensitiveIO::isPositiveInteger', 0); $height = sensitiveIO::request('height', 'sensitiveIO::isPositiveInteger', 0); $cropTop = sensitiveIO::request('cropTop', 'sensitiveIO::isPositiveInteger', 0); $cropBottom = sensitiveIO::request('cropBottom', 'sensitiveIO::isPositiveInteger', 0); $cropLeft = sensitiveIO::request('cropLeft', 'sensitiveIO::isPositiveInteger', 0); $cropRight = sensitiveIO::request('cropRight', 'sensitiveIO::isPositiveInteger', 0); $autocrop = sensitiveIO::request('autocrop') ? true : false; $image = sensitiveIO::request('image'); $return = array('error' => '', 'filepath' => '', 'filename' => ''); $image = new CMS_image($image, CMS_file::WEBROOT); //Check image if (!$image->exists()) { CMS_grandFather::raiseError('Can\'t find queried image : ' . $image->getFilename()); $return['error'] = $cms_language->getJsMessage(MESSAGE_PAGE_NO_IMG); $view->setContent($return); $view->show(); } if (!function_exists('imagecreatefromgif')) { CMS_grandFather::raiseError('Can\'t find imagecreatefromgif, please install GD library.'); $return['error'] = $cms_language->getJsMessage(MESSAGE_PAGE_GIF_SUPPORT); $view->setContent($return); $view->show(); }
//load interface instance $view = CMS_view::getInstance(); //set default display mode for this page $view->setDisplayMode(CMS_view::SHOW_RAW); //This file is an admin file. Interface must be secure $view->setSecure(); $pageUrl = sensitiveIO::request('pageUrl'); $pageId = sensitiveIO::request('pageId', 'sensitiveIO::isPositiveInteger'); $from = sensitiveIO::request('from', 'sensitiveIO::isPositiveInteger'); $fromtab = sensitiveIO::request('fromTab', array('edit', 'edited', 'public')); $tab = sensitiveIO::request('tab', array('edit', 'edited', 'public')); $followRedirect = sensitiveIO::request('followRedirect') ? true : false; $regenerate = sensitiveIO::request('regenerate') ? true : false; $reload = sensitiveIO::request('reload') ? true : false; $noreload = sensitiveIO::request('noreload') ? true : false; $unlock = sensitiveIO::request('unlock') ? true : false; //Default tab to open if ($tab && !$fromtab) { $fromtab = $tab; } elseif (!$fromtab) { $fromtab = 'public'; } if (!$pageUrl && !$pageId && !$from) { CMS_grandFather::raiseError('Missing page parameter ...'); $view->show(); } elseif (!$pageUrl && !$pageId) { $pageId = $from; } $jscontent = ''; $isAutomne = $querystring = false; //current http host
$description = sensitiveIO::request('description'); //alerts $alerts = sensitiveIO::request('alerts'); //users $userId = sensitiveIO::request('userId', 'sensitiveIO::isPositiveInteger'); //modules $moduleCodename = sensitiveIO::request('module', CMS_modulesCatalog::getAllCodenames()); $access = (int) sensitiveIO::request('access'); $validation = (int) sensitiveIO::request('validation'); $templates = sensitiveIO::request('templates', '', array()); $rows = sensitiveIO::request('rows', '', array()); //categories rights $rights = sensitiveIO::request('rights'); $catIds = sensitiveIO::request('catIds'); //admin rights $admin = sensitiveIO::request('admin', '', array()); //load interface instance $view = CMS_view::getInstance(); //set default display mode for this page $view->setDisplayMode(CMS_view::SHOW_JSON); //This file is an admin file. Interface must be secure $view->setSecure(); //check user rights if (!$cms_user->hasAdminClearance(CLEARANCE_ADMINISTRATION_EDITUSERS)) { CMS_grandFather::raiseError('User has no users management rights ...'); $view->show(); } //load user if any if ($groupId) { $group = CMS_profile_usersGroupsCatalog::getByID($groupId); if (!$group || $group->hasError()) {
* PHP page : Load page users-groups search window. * Used accross an Ajax request. Render users-groups search. * * @package Automne * @subpackage admin * @author Sébastien Pauchet <*****@*****.**> */ require_once dirname(__FILE__) . '/../../cms_rc_admin.php'; define("MESSAGE_TOOLBAR_HELP", 1073); define("MESSAGE_PAGE_STANDARD_MODULE_LABEL", 213); define("MESSAGE_PAGE_USER_GROUP_PROFILE", 408); define("MESSAGE_PAGE_SEARCH_USER_GROUP_INFO", 409); define("MESSAGE_PAGE_USERS_LABEL", 926); define("MESSAGE_PAGE_GROUPS_LABEL", 837); $winId = sensitiveIO::request('winId', '', 'usersGroupsWindow'); $type = sensitiveIO::request('type') && in_array($_REQUEST['type'], array('users', 'groups')) ? $_REQUEST['type'] . 'Panel' : 'usersPanel'; //load interface instance $view = CMS_view::getInstance(); //set default display mode for this page $view->setDisplayMode(CMS_view::SHOW_RAW); //This file is an admin file. Interface must be secure $view->setSecure(); //check user rights if (!$cms_user->hasAdminClearance(CLEARANCE_ADMINISTRATION_EDITUSERS)) { CMS_grandFather::raiseError('User has no users management rights ...'); $view->show(); } $jscontent = <<<END \tvar usersGroupsWindow = Ext.getCmp('{$winId}'); \t//set window title \tusersGroupsWindow.setTitle('{$cms_language->getJsMessage(MESSAGE_PAGE_USER_GROUP_PROFILE)}');
* @author Sébastien Pauchet <*****@*****.**> */ require_once dirname(__FILE__) . '/../../../../cms_rc_admin.php'; define("MESSAGE_TOOLBAR_HELP", 1073); define("MESSAGE_PAGE_ERROR_NO_PLUGIN", 280); define("MESSAGE_PAGE_TAB_DISABLED_SELECT_TEXT", 523); define("MESSAGE_PAGE_TAB_DISABLED_NO_SELECT_TEXT", 524); //load interface instance $view = CMS_view::getInstance(); //set default display mode for this page $view->setDisplayMode(CMS_view::SHOW_RAW); //This file is an admin file. Interface must be secure $view->setSecure(); $winId = sensitiveIO::request('winId'); $id = sensitiveIO::request('id'); $content = sensitiveIO::request('content'); //get ids from wysiwyg if ($id) { $ids = explode('-', $id); $selectedPluginID = (int) $ids[1]; $selectedItem = (int) $ids[2]; } else { $selectedPluginID = $selectedItem = 0; } //Select WYSIWYG Plugin $pluginDefinitions = CMS_poly_object_catalog::getAllPluginDefinitionsForObject(); //check for user rights $availablePlugin = array(); $availablePluginCount = 0; if (sizeof($pluginDefinitions)) { foreach ($pluginDefinitions as $id => $pluginDefinition) {
define("MESSAGE_PAGE_FILTER", 1515); define("MESSAGE_PAGE_ACTIVATE", 1517); define("MESSAGE_PAGE_DESACTIVATE", 1518); define("MESSAGE_PAGE_VIEW_INACTIVE_ROWS", 1522); define("MESSAGE_PAGE_DELETE_CONFIRM", 1523); define("MESSAGE_PAGE_DUPLICATE", 1520); define("MESSAGE_ACTION_DUPLICATE_SELECTED", 1521); define("MESSAGE_PAGE_MODULES", 999); //load interface instance $view = CMS_view::getInstance(); //set default display mode for this page $view->setDisplayMode(CMS_view::SHOW_RAW); //This file is an admin file. Interface must be secure $view->setSecure(); $winId = sensitiveIO::request('winId'); $fatherId = sensitiveIO::request('fatherId'); if (!$winId) { CMS_grandFather::raiseError('Unknown window Id ...'); $view->show(); } //CHECKS user has row edition clearance if (!$cms_user->hasAdminClearance(CLEARANCE_ADMINISTRATION_TEMPLATES)) { //rows CMS_grandFather::raiseError('User has no rights on rows editions'); $view->setActionMessage($cms_language->getMessage(MESSAGE_ERROR_NO_RIGHTS_FOR_ROWS)); $view->show(); } //usefull vars $recordsPerPage = CMS_session::getRecordsPerPage(); // // Search Panel
define("MESSAGE_PAGE_COPY_KEEP_CONTENT", 357); define("MESSAGE_PAGE_COPY_NOTKEEP_CONTENT", 358); define("MESSAGE_PAGE_COPY_KEEP_TEMPLATE", 359); define("MESSAGE_PAGE_COPY_NOTKEEP_TEMPLATE", 360); define("MESSAGE_PAGE_COPY_CONFIRM", 361); define("MESSAGE_PAGE_CANCEL", 180); define("MESSAGE_PAGE_COPY", 499); define("MESSAGE_PAGE_REPLACE_TEMPLATE_DESC", 700); //load interface instance $view = CMS_view::getInstance(); //set default display mode for this page $view->setDisplayMode(CMS_view::SHOW_RAW); //This file is an admin file. Interface must be secure $view->setSecure(); $winId = sensitiveIO::request('winId', '', 'copyPageWindow'); $currentPage = sensitiveIO::request('currentPage', 'sensitiveIO::isPositiveInteger'); //try to instanciate the requested page $cms_page = CMS_tree::getPageByID($currentPage); //instanciate page and check if user has view rights on it if (isset($cms_page) && $cms_page->hasError() || !is_object($cms_page)) { CMS_grandFather::raiseError('Error on page : ' . $cms_page->getID()); $view->show(); } //check for view rights for user if (!$cms_user->hasPageClearance($cms_page->getID(), CLEARANCE_PAGE_VIEW)) { CMS_grandFather::raiseError('Error, user has no rights on page : ' . $cms_page->getID()); $view->show(); } $pageId = $cms_page->getID(); $pageTitle = sensitiveIO::sanitizeJSString($cms_page->getTitle(true)); $onClick = base64_encode("\n\tthis.node.select();\n");
// | The license text is bundled with this package in the file | // | LICENSE-GPL, and is available through the world-wide-web at | // | http://www.gnu.org/copyleft/gpl.html. | // +----------------------------------------------------------------------+ // | Author: Sébastien Pauchet <*****@*****.**> | // +----------------------------------------------------------------------+ // // $Id: tree-lineage.php,v 1.3 2010/03/08 16:41:22 sebastien Exp $ /** * PHP page : Load tree window infos * Used accross an Ajax request render page tree in the tree window * * @package Automne * @subpackage admin * @author Sébastien Pauchet <*****@*****.**> */ require_once dirname(__FILE__) . '/../../cms_rc_admin.php'; //load interface instance $view = CMS_view::getInstance(); //set default display mode for this page $view->setDisplayMode(CMS_view::SHOW_JSON); //This file is an admin file. Interface must be secure $view->setSecure(); $rootId = (int) sensitiveIO::request('root', 'sensitiveIO::isPositiveInteger', APPLICATION_ROOT_PAGE_ID); $nodeId = (int) sensitiveIO::request('node', 'sensitiveIO::isPositiveInteger', APPLICATION_ROOT_PAGE_ID); $lineage = CMS_tree::getLineage($rootId, $nodeId, false); if (!$lineage) { $lineage = array(); } $view->setContent($lineage); $view->show();
// +----------------------------------------------------------------------+ // // $Id: server-scripts-controler.php,v 1.6 2010/03/08 16:41:21 sebastien Exp $ /** * PHP controler : Receive actions on server * Used accross an Ajax request to process one server action * * @package Automne * @subpackage admin * @author Sébastien Pauchet <*****@*****.**> */ require_once dirname(__FILE__) . '/../../cms_rc_admin.php'; //Controler vars $action = sensitiveIO::request('action', array('regenerate-all', 'regenerate-tree', 'regenerate-pages', 'restart-scripts', 'stop-scripts', 'clear-scripts')); $page = sensitiveIO::request('page', 'sensitiveIO::isPositiveInteger'); $pages = sensitiveIO::request('pages'); define("MESSAGE_PAGE_NO_SCRIPTS_RIGHTS", 794); define("MESSAGE_ACTION_ALL_PAGES_SUBMITED", 795); define("MESSAGE_ACTION_N_PAGES_SUBMITED", 796); define("MESSAGE_ACTION_N_PAGES_REGENERATED", 797); define("MESSAGE_ERROR_NO_PAGES_FOUND", 798); define("MESSAGE_ACTION_N_PAGES_REGENERATION_ERROR", 1602); //load interface instance $view = CMS_view::getInstance(); //set default display mode for this page $view->setDisplayMode(CMS_view::SHOW_RAW); //This file is an admin file. Interface must be secure $view->setSecure(); //CHECKS user has scripts admin clearance if (!$cms_user->hasAdminClearance(CLEARANCE_ADMINISTRATION_REGENERATEPAGES)) { CMS_grandFather::raiseError('User has no regeneration rights');
define("MESSAGE_PAGE_NO_ITEM", 530); define("MESSAGE_PAGE_ITEM_NON_EXISTENT", 531); define("MESSAGE_ERROR_MODULE_RIGHTS", 570); //load interface instance $view = CMS_view::getInstance(); //set default display mode for this page $view->setDisplayMode(CMS_view::SHOW_JSON); //This file is an admin file. Interface must be secure $view->setSecure(); //get search vars $objectId = sensitiveIO::request('objectId', 'sensitiveIO::isPositiveInteger'); $codename = sensitiveIO::request('module', CMS_modulesCatalog::getAllCodenames()); $fieldId = sensitiveIO::request('fieldId', 'sensitiveIO::isPositiveInteger'); $removeIds = sensitiveIO::request('removeIds'); $removeIds = $removeIds ? explode(',', $removeIds) : array(); $query = sensitiveIO::request('query'); $objectsDatas = array(); $objectsDatas['objects'] = array(); if (!$codename) { CMS_grandFather::raiseError('Unknown module ...'); $view->setContent($objectsDatas); $view->show(); } //load module $module = CMS_modulesCatalog::getByCodename($codename); if (!$module || !$module->isPolymod()) { CMS_grandFather::raiseError('Unknown module or module is not polymod for codename : ' . $codename); $view->show(); } //CHECKS user has module clearance if (!$cms_user->hasModuleClearance($codename, CLEARANCE_MODULE_EDIT)) {
* * @package Automne * @subpackage admin * @author Sébastien Pauchet <*****@*****.**> */ define("ENABLE_HTML_COMPRESSION", false); require_once dirname(__FILE__) . '/../../cms_rc_admin.php'; define('MESSAGE_PAGE_NO_LOGS', 1608); define("MESSAGE_PAGE_NO_SERVER_RIGHTS", 748); //CHECKS user has admin clearance if (!$cms_user->hasAdminClearance(CLEARANCE_ADMINISTRATION_EDITVALIDATEALL)) { CMS_grandFather::raiseError('User has no administration rights'); echo $cms_language->getMessage(MESSAGE_PAGE_NO_SERVER_RIGHTS); exit; } $date = sensitiveIO::request('date'); $errorFile = ''; $gzip = false; $now = new CMS_date(); $now->setNow(true); $requestedDate = new CMS_date(); $requestedDate->setFormat($cms_language->getDateFormat()); $requestedDate->setLocalizedDate($date); if (!$requestedDate->hasError()) { if (CMS_date::compare($requestedDate, $now, '==')) { $errorFile = PATH_MAIN_FS . '/' . CMS_grandFather::ERROR_LOG; } else { $gzip = true; $requestedDate->moveDate('+1 day'); $errorFile = PATH_LOGS_FS . '/' . CMS_grandFather::ERROR_LOG . '-' . $requestedDate->getLocalizedDate('Y-m-d') . '.gz'; }
define("MESSAGE_PAGE_REDIR_TYPE_INFO", 20); define("MESSAGE_PAGE_REDIR_TYPE_DESC", 21); define("MESSAGE_PAGE_PROTECTED", 22); define("MESSAGE_PAGE_PROTECTED_INFO", 23); define("MESSAGE_PAGE_PROTECTED_DESC", 24); define("MESSAGE_PAGE_SELECT_PAGE_REDIRECTION", 30); //load interface instance $view = CMS_view::getInstance(); //set default display mode for this page $view->setDisplayMode(CMS_view::SHOW_RAW); //This file is an admin file. Interface must be secure $view->setSecure(); $winId = sensitiveIO::request('winId'); $fatherId = sensitiveIO::request('fatherId', 'sensitiveIO::isPositiveInteger'); $aliasId = sensitiveIO::request('alias', 'sensitiveIO::isPositiveInteger'); $pageId = sensitiveIO::request('page', 'io::isPositiveInteger'); $codename = 'cms_aliases'; //CHECKS user has module clearance if (!$cms_user->hasModuleClearance($codename, CLEARANCE_MODULE_EDIT)) { CMS_grandFather::raiseError('Error, user has no rights on module : ' . $codename); $view->show(); } //instanciate module $cms_module = CMS_modulesCatalog::getByCodename($codename); // Current alias object to manipulate if ($aliasId) { $item = CMS_module_cms_aliases::getByID($aliasId); if (io::isPositiveInteger($item->getParent())) { $parentAlias = CMS_module_cms_aliases::getByID($item->getParent()); } } else {
define("MESSAGE_LEGEND", 529); define("MESSAGE_ALL_FILES", 530); define("MESSAGE_LINK", 133); define("MESSAGE_LINK_IMAGE_ZOOM", 561); define("MESSAGE_LINK_OTHER", 562); define("MESSAGE_PAGE_INCORRECT_FORM_VALUES", 682); $winId = sensitiveIO::request('winId', '', 'blockImageWindow'); $currentPage = sensitiveIO::request('page', 'sensitiveIO::isPositiveInteger', CMS_session::getPageID()); $tpl = sensitiveIO::request('template', 'sensitiveIO::isPositiveInteger'); $rowId = sensitiveIO::request('rowType', 'sensitiveIO::isPositiveInteger'); $rowTag = sensitiveIO::request('rowTag'); $cs = sensitiveIO::request('cs'); $blockId = sensitiveIO::request('block'); $blockClass = sensitiveIO::request('blockClass'); $minWidth = sensitiveIO::request('minWidth', 'sensitiveIO::isPositiveInteger', 0); $maxWidth = sensitiveIO::request('maxWidth', 'sensitiveIO::isPositiveInteger', 0); //load page $cms_page = CMS_tree::getPageByID($currentPage); if ($cms_page->hasError()) { CMS_grandFather::raiseError('Selected page (' . $currentPage . ') has error ...'); $view->show(); } //check user rights if (!$cms_user->hasPageClearance($cms_page->getID(), CLEARANCE_PAGE_EDIT)) { CMS_grandFather::raiseError('Error, user has no rights on page : ' . $cms_page->getID()); $view->show(); } //get block datas if (class_exists($blockClass)) { $cms_block = new $blockClass(); $cms_block->initializeFromBasicAttributes($blockId);
define("MESSAGE_PAGE_STYLESHEET", 1486); define("MESSAGE_PAGE_WYSIWYG", 1487); define("MESSAGE_PAGE_JAVASCRIPT", 1488); define("MESSAGE_ACTION_DELETE_FILE", 1500); define("MESSAGE_ERROR_DELETE_FILE", 1501); define("MESSAGE_ACTION_UPDATE_FILE", 1502); define("MESSAGE_ERROR_UPDATE_FILE", 1503); define("MESSAGE_ACTION_CREATE_FILE", 1504); define("MESSAGE_ERROR_CREATE_FILE_EXTENSION", 1505); define("MESSAGE_ERROR_CREATE_FILE_EXISTS", 1506); define("MESSAGE_PAGE_TXT", 273); //Controler vars $action = sensitiveIO::request('action', array('delete', 'update', 'create')); $node = sensitiveIO::request('node', 'checkNode', ''); $definition = sensitiveIO::request('definition'); $filelabel = sensitiveIO::request('filelabel', 'checkFile', ''); //load interface instance $view = CMS_view::getInstance(); //set default display mode for this page $view->setDisplayMode(CMS_view::SHOW_JSON); //This file is an admin file. Interface must be secure $view->setSecure(); //CHECKS user has module clearance if (!$cms_user->hasAdminClearance(CLEARANCE_ADMINISTRATION_EDIT_TEMPLATES)) { CMS_grandFather::raiseError('User has no rights on page templates ...'); $view->show(); } if (!$node && $action != 'create') { CMS_grandFather::raiseError('Unknown node ...'); $view->show(); }
// | The license text is bundled with this package in the file | // | LICENSE-GPL, and is available through the world-wide-web at | // | http://www.gnu.org/copyleft/gpl.html. | // +----------------------------------------------------------------------+ // | Author: Sébastien Pauchet <*****@*****.**> | // +----------------------------------------------------------------------+ /** * PHP page : Load help detail window. * Used accross an Ajax request. Render help informations. * * @package Automne * @subpackage admin * @author Sébastien Pauchet <*****@*****.**> */ require_once dirname(__FILE__) . '/../../cms_rc_admin.php'; $winId = sensitiveIO::request('winId', '', 'atmHelpWindow'); define("MESSAGE_TOOLBAR_HELP", 1073); define("MESSAGE_PAGE_UNKNOWN", 670); define("MESSAGE_PAGE_NEVER", 671); define("MESSAGE_PAGE_VERSION", 542); define("MESSAGE_PAGE_ABOUT_MESSAGE", 672); define("MESSAGE_TOOLBAR_HELP_MESSAGE", 673); define("MESSAGE_PAGE_TITLE", 644); //load interface instance $view = CMS_view::getInstance(); //set default display mode for this page $view->setDisplayMode(CMS_view::SHOW_RAW); //This file is an admin file. Interface must be secure $view->setSecure(); if (!defined('MOD_POLYMOD_CODENAME')) { define('MOD_POLYMOD_CODENAME', 'polymod');
define("MESSAGE_PAGE_CREATE_CSS", 1489); define("MESSAGE_PAGE_EDIT_CSS", 1490); define("MESSAGE_PAGE_CREATE_JS", 1491); define("MESSAGE_PAGE_EDIT_JS", 1492); define("MESSAGE_PAGE_EDIT_WYSIWYG", 1493); define("MESSAGE_TOOLBAR_HELP_DESC", 1494); define("MESSAGE_PAGE_DEFINITION", 1495); define("MESSAGE_PAGE_CREATE_FILE", 1744); define("MESSAGE_PAGE_TXT", 273); function checkNode($value) { return $value != 'source' && io::strpos($value, '..') === false; } //Controler vars $winId = sensitiveIO::request('winId', '', 'printTemplateWindow'); $node = sensitiveIO::request('node', 'checkNode', ''); //load interface instance $view = CMS_view::getInstance(); //set default display mode for this page $view->setDisplayMode(CMS_view::SHOW_RAW); //This file is an admin file. Interface must be secure $view->setSecure(); //CHECKS user has module clearance if (!$cms_user->hasAdminClearance(CLEARANCE_ADMINISTRATION_EDIT_TEMPLATES)) { CMS_grandFather::raiseError('User has no rights on page templates ...'); $view->show(); } $allowedFiles = array('less' => array('name' => $cms_language->getMessage(MESSAGE_PAGE_STYLESHEET), 'class' => 'atm-css'), 'css' => array('name' => $cms_language->getMessage(MESSAGE_PAGE_STYLESHEET), 'class' => 'atm-css'), 'xml' => array('name' => $cms_language->getMessage(MESSAGE_PAGE_WYSIWYG), 'class' => 'atm-xml'), 'js' => array('name' => $cms_language->getMessage(MESSAGE_PAGE_JAVASCRIPT), 'class' => 'atm-js'), 'txt' => array('name' => $cms_language->getMessage(MESSAGE_PAGE_TXT), 'class' => 'atm-txt')); $file = PATH_REALROOT_FS . '/' . $node; if (!is_file($file) && !is_dir($file)) { CMS_grandFather::raiseError('Queried file does not exists.');
$content = $codeTopaste; } else { $selectedContent = $selectedContent ? $selectedContent : ' '; $content = $selectedContent; } break; case 'setRowParameters': $tpl = sensitiveIO::request('template', 'sensitiveIO::isPositiveInteger'); $rowId = sensitiveIO::request('rowType', 'sensitiveIO::isPositiveInteger'); $rowTag = sensitiveIO::request('rowTag'); $cs = sensitiveIO::request('cs'); $currentPage = sensitiveIO::request('page', 'sensitiveIO::isPositiveInteger', CMS_session::getPageID()); $blockId = sensitiveIO::request('block'); $blockClass = sensitiveIO::request('blockClass'); $value = sensitiveIO::request('value', 'is_array'); $codename = sensitiveIO::request('module', CMS_modulesCatalog::getAllCodenames()); $cms_page = CMS_tree::getPageByID($currentPage); //RIGHTS CHECK if (!is_object($cms_page) || $cms_page->hasError() || !$cms_user->hasPageClearance($cms_page->getID(), CLEARANCE_PAGE_EDIT) || !$cms_user->hasModuleClearance(MOD_STANDARD_CODENAME, CLEARANCE_MODULE_EDIT)) { CMS_grandFather::raiseError('Insufficient rights on page ' . $cms_page->getID()); break; } //CHECKS user has module clearance if (!$cms_user->hasModuleClearance($codename, CLEARANCE_MODULE_EDIT)) { CMS_grandFather::raiseError('Error, user has no rights on module : ' . $codename); break; } //ARGUMENTS CHECK if (!$cs || !$rowTag || !$rowId || !$blockId) { CMS_grandFather::raiseError('Data missing ...'); break;
define("MESSAGE_PAGE_DATE_FORMAT", 1692); define("MESSAGE_PAGE_EXCLUDED_MODULES", 1693); define("MESSAGE_PAGE_EDIT_SELECTED", 1694); define("MESSAGE_PAGE_CREATE_NEW_LANGUAGE", 1695); //check user rights if (!$cms_user->hasAdminClearance(CLEARANCE_ADMINISTRATION_EDITVALIDATEALL)) { CMS_grandFather::raiseError('User has no rights on language management'); $view->show(); } //load interface instance $view = CMS_view::getInstance(); //set default display mode for this page $view->setDisplayMode(CMS_view::SHOW_RAW); //This file is an admin file. Interface must be secure $view->setSecure(); $winId = sensitiveIO::request('winId'); if (!$winId) { CMS_grandFather::raiseError('Unknown window Id ...'); $view->show(); } //usefull vars $searchURL = PATH_ADMIN_WR . '/languages-datas.php'; $editURL = PATH_ADMIN_WR . '/language.php'; $itemsControlerURL = PATH_ADMIN_WR . '/languages-controler.php'; $jscontent = <<<END \tvar moduleObjectWindow = Ext.getCmp('{$winId}'); \tmoduleObjectWindow.setTitle('{$cms_language->getJsMessage(MESSAGE_PAGE_LANGUAGE_MANAGEMENT)}'); \t \t//define search function into window (to be accessible by parent window) \tmoduleObjectWindow.search = function() { \t\tif (!moduleObjectWindow.ok) {
// | Author: Sébastien Pauchet <*****@*****.**> | // +----------------------------------------------------------------------+ // // $Id: page-previsualization.php,v 1.5 2010/03/08 16:41:19 sebastien Exp $ /** * PHP page : page previsualization * Used to view the page edited data. * * @package Automne * @subpackage admin * @author Antoine Pouch <*****@*****.**> & * @author Sébastien Pauchet <*****@*****.**> */ require_once dirname(__FILE__) . '/../../cms_rc_admin.php'; $currentPage = sensitiveIO::request('currentPage', 'sensitiveIO::isPositiveInteger', CMS_session::getPageID()); $draft = sensitiveIO::request('draft') ? true : false; //unset request to avoid it to have interaction with page code sensitiveIO::unsetRequest(array('draft', 'currentPage')); //CHECKS if (!SensitiveIO::isPositiveInteger($currentPage)) { die("Invalid page"); } //view edited or edition mode ? $cms_visual_mode = $draft ? PAGE_VISUALMODE_HTML_EDITION : PAGE_VISUALMODE_HTML_EDITED; $cms_page = CMS_tree::getPageByID($currentPage); if (!$cms_user->hasPageClearance($cms_page->getID(), CLEARANCE_PAGE_EDIT)) { die('No rigths on page ...'); exit; } //unset vars to avoid interraction with page unset($currentPage);
*/ require_once dirname(__FILE__) . '/../../cms_rc_admin.php'; define("MESSAGE_ERROR_MODULE_RIGHTS", 570); //load interface instance $view = CMS_view::getInstance(); //set default display mode for this page $view->setDisplayMode(CMS_view::SHOW_JSON); //This file is an admin file. Interface must be secure $view->setSecure(); //Controler vars $action = sensitiveIO::request('action', array('save')); $code = sensitiveIO::request('code'); $selectedCode = sensitiveIO::request('selectedCode'); $dateFormat = sensitiveIO::request('dateformat'); $modulesDenied = sensitiveIO::request('modulesDenied'); $admin = sensitiveIO::request('admin') ? true : false; //set default content $content = array('success' => false); //check user rights if (!$cms_user->hasAdminClearance(CLEARANCE_ADMINISTRATION_EDITVALIDATEALL)) { CMS_grandFather::raiseError('User has no rights on language management'); $view->setContent($content); $view->show(); } if (!$action) { $view->setContent($content); CMS_grandFather::raiseError('Unknown action ... ' . $action); $view->show(); } if (!$code && !$selectedCode) { CMS_grandFather::raiseError('Missing language code ... ');