Project

General

Profile

wb-2_10_x / branches / main / modules / edit_module_files.php @ 9

1
<?php
2
/**
3
 *
4
 * @category        backend
5
 * @package         modules
6
 * @author          WebsiteBaker Project
7
 * @copyright       Ryan Djurovich
8
 * @copyright       WebsiteBaker Org. e.V.
9
 * @link            http://www.websitebaker2.org/
10
 * @license         http://www.gnu.org/licenses/gpl.html
11
 * @platform        WebsiteBaker 2.8.3
12
 * @requirements    PHP 5.3.6 and higher
13
 * @version         $Id: edit_module_files.php 2 2017-07-02 15:14:29Z Manuela $
14
 * @filesource      $HeadURL: svn://isteam.dynxs.de/wb/2.10.x/branches/main/modules/edit_module_files.php $
15
 * @lastmodified    $Date: 2017-07-02 17:14:29 +0200 (Sun, 02 Jul 2017) $
16
 *
17
 */
18

    
19
// include required libraries
20
if(!defined('WB_PATH'))
21
{
22
    require(dirname(__DIR__).'/config.php');
23
}
24

    
25
// include edit area wrapper script
26
   require_once(WB_PATH.'/include/editarea/wb_wrapper_edit_area.php');
27
// include functions to edit the optional module CSS files (frontend.css, backend.css)
28
   require_once(WB_PATH.'/framework/module.functions.php');
29

    
30
// $admin_header = false;
31
    $admin_header = false;
32
// Tells script to update when this page was last updated
33
   $update_when_modified = false;
34
// show the info banner
35
//    $print_info_banner = true;
36
// Include WB admin wrapper script
37
    require(WB_PATH.'/modules/admin.php');
38
    if(!$admin->checkFTAN()) {
39
      $admin->print_header();
40
      $admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'], ADMIN_URL.'/pages/modify.php?page_id='.$page_id );
41
    }
42
// After check print the header
43
$admin->print_header();
44

    
45
   $_action = (isset($_POST['action']) ? strtolower($_POST['action']) : '');
46
   $_action = ($_action != 'save' ? 'edit' : 'save');
47
   $mod_dir = (isset($_POST['mod_dir']) ? $_POST['mod_dir'] : '');
48
   $_edit_file = (isset($_POST['edit_file']) ? $_POST['edit_file'] : '');
49
//check if given mod_dir + edit_file is valid path/file
50
   $_realpath = realpath(WB_PATH.'/modules/'.$mod_dir.'/'.$_edit_file);
51
   if($_realpath){
52
   // realpath is a valid path, now test if it's inside WB_PATH
53
      $_realpath = str_replace('\\','/', $_realpath);
54
      $_fileValid = (strpos($_realpath, (str_replace('\\','/', WB_PATH))) !== false);
55
   }
56
// check if all needed args are valid
57
   if(!$page_id || !$section_id || !$_realpath || !$_fileValid) {
58
      die('Invalid arguments passed - script stopped.');
59
   }
60

    
61
   // echo registerEditArea('code_area', 'css');
62
   echo (function_exists('registerEditArea')) ? registerEditArea('code_area', 'css') : 'none';
63
// set default text output if varibles are not defined in the global WB language files
64
   if(!isset($TEXT['HEADING_CSS_FILE'])) { $TEXT['HEADING_CSS_FILE'] = 'Actual module file: '; }
65
   if(!isset($TEXT['TXT_EDIT_CSS_FILE'])) { $TEXT['TXT_EDIT_CSS_FILE'] = 'Edit the CSS definitions in the textarea below.'; }
66

    
67
// check if action is: save or edit
68
   if($_action == 'save') {
69
   // SAVE THE UPDATED CONTENTS TO THE CSS FILE
70
      $css_content = '';
71
      if (isset($_POST['css_data']) && strlen($_POST['css_data']) > 0) {
72
         $css_content = stripslashes($_POST['css_data']);
73
      }
74
      $modFileName = WB_PATH .'/modules/' .$mod_dir .'/' .$_edit_file;
75
      if(($fileHandle = fopen($modFileName, 'wb'))) {
76
         if(fwrite($fileHandle, $css_content)) {
77
            fclose($fileHandle);
78
            $admin->print_success($TEXT['SUCCESS'], ADMIN_URL.'/pages/modify.php?page_id='.$page_id);
79
            exit;
80
         }
81
         fclose($fileHandle);
82
      }
83
      $admin->print_error($TEXT['ERROR'], ADMIN_URL.'/pages/modify.php?page_id='.$page_id);
84
      exit;
85
   } else {
86
   // MODIFY CONTENTS OF THE CSS FILE VIA TEXT AREA
87
   // check which module file to edit (frontend.css, backend.css or '')
88
      $css_file = (in_array($_edit_file, array('frontend.css', 'backend.css'))) ? $_edit_file : '';
89

    
90
   // display output
91
      if($css_file == '')   {
92
      // no valid module file to edit; display error message and backlink to modify.php
93
         echo "<h2>Nothing to edit</h2>";
94
         echo "<p>No valid module file exists for this module.</p>";
95
         $output  = "<a href=\"#\" onclick=\"javascript: window.location = '";
96
         $output .= ADMIN_URL ."/pages/modify.php?page_id=" .$page_id ."'\">back</a>";
97
         echo $output;
98
      } else {
99
      // store content of the module file in variable
100
      $css_content = @file_get_contents(WB_PATH .'/modules/' .$mod_dir .'/' .$css_file);
101
      // write out heading
102
      echo '<h2>' .$TEXT['HEADING_CSS_FILE'] .'"' .$css_file .'"</h2>';
103
      // include button to switch between frontend.css and backend.css (only shown if both files exists)
104
      toggle_css_file($mod_dir, $css_file);
105
      echo '<p>'.$TEXT['TXT_EDIT_CSS_FILE'].'</p>';
106
      $sScriptUrl = $_SERVER['SCRIPT_NAME'];
107
      // output content of module file to textareas
108
     ?><form name="edit_module_file" action="<?php echo $sScriptUrl;?>" method="post" style="margin: 0;">
109
        <?php echo $admin->getFTAN(); ?>
110
        <input type="hidden" name="page_id" value="<?php echo $page_id; ?>" />
111
        <input type="hidden" name="section_id" value="<?php echo $section_id; ?>" />
112
        <input type="hidden" name="mod_dir" value="<?php echo $mod_dir; ?>" />
113
        <input type="hidden" name="edit_file" value="<?php echo $css_file; ?>" />
114
        <input type="hidden" name="action" value="save" />
115
        <textarea id="code_area" name="css_data" cols="100" rows="25" wrap="VIRTUAL" style="margin:2px;width:100%;">
116
<?php echo htmlspecialchars($css_content); ?>
117
      </textarea>
118
           <table cellpadding="0" cellspacing="0" border="0" width="100%">
119
           <tr>
120
             <td class="left">
121
             <input name="save" type="submit" value="<?php echo $TEXT['SAVE'];?>" style="width: 100px; margin-top: 5px;" />
122
             </td>
123
              <td class="right">
124
               <input type="button" value="<?php echo $TEXT['CANCEL']; ?>"
125
                  onclick="javascript: window.location = '<?php echo ADMIN_URL;?>/pages/modify.php?page_id=<?php echo $page_id; ?>';"
126
                  style="width: 100px; margin-top: 5px;" />
127
              </td>
128
           </tr>
129
           </table>
130
      </form>
131
<?php
132
   }
133
}
134
// Print admin footer
135
$admin->print_footer();