checkFTAN()) {
$admin->print_header();
$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'], ADMIN_URL.'/pages/modify.php?page_id='.$page_id );
}
// After check print the header
$admin->print_header();
$_action = (isset($_POST['action']) ? strtolower($_POST['action']) : '');
$_action = ($_action != 'save' ? 'edit' : 'save');
$mod_dir = (isset($_POST['mod_dir']) ? $_POST['mod_dir'] : '');
$_edit_file = (isset($_POST['edit_file']) ? $_POST['edit_file'] : '');
//check if given mod_dir + edit_file is valid path/file
$_realpath = realpath(WB_PATH.'/modules/'.$mod_dir.'/'.$_edit_file);
if($_realpath){
// realpath is a valid path, now test if it's inside WB_PATH
$_realpath = str_replace('\\','/', $_realpath);
$_fileValid = (strpos($_realpath, (str_replace('\\','/', WB_PATH))) !== false);
}
// check if all needed args are valid
if(!$page_id || !$section_id || !$_realpath || !$_fileValid) {
die('Invalid arguments passed - script stopped.');
}
// echo registerEditArea('code_area', 'css');
echo (function_exists('registerEditArea')) ? registerEditArea('code_area', 'css') : 'none';
// set default text output if varibles are not defined in the global WB language files
if(!isset($TEXT['HEADING_CSS_FILE'])) { $TEXT['HEADING_CSS_FILE'] = 'Actual module file: '; }
if(!isset($TEXT['TXT_EDIT_CSS_FILE'])) { $TEXT['TXT_EDIT_CSS_FILE'] = 'Edit the CSS definitions in the textarea below.'; }
// check if action is: save or edit
if($_action == 'save') {
// SAVE THE UPDATED CONTENTS TO THE CSS FILE
$css_content = '';
if (isset($_POST['css_data']) && strlen($_POST['css_data']) > 0) {
$css_content = stripslashes($_POST['css_data']);
}
$modFileName = WB_PATH .'/modules/' .$mod_dir .'/' .$_edit_file;
if(($fileHandle = fopen($modFileName, 'wb'))) {
if(fwrite($fileHandle, $css_content)) {
fclose($fileHandle);
$admin->print_success($TEXT['SUCCESS'], ADMIN_URL.'/pages/modify.php?page_id='.$page_id);
exit;
}
fclose($fileHandle);
}
$admin->print_error($TEXT['ERROR'], ADMIN_URL.'/pages/modify.php?page_id='.$page_id);
exit;
} else {
// MODIFY CONTENTS OF THE CSS FILE VIA TEXT AREA
// check which module file to edit (frontend.css, backend.css or '')
$css_file = (in_array($_edit_file, array('frontend.css', 'backend.css'))) ? $_edit_file : '';
// display output
if($css_file == '') {
// no valid module file to edit; display error message and backlink to modify.php
echo "Nothing to edit
";
echo "No valid module file exists for this module.
";
$output = "back";
echo $output;
} else {
// store content of the module file in variable
$css_content = @file_get_contents(WB_PATH .'/modules/' .$mod_dir .'/' .$css_file);
// write out heading
echo '' .$TEXT['HEADING_CSS_FILE'] .'"' .$css_file .'"
';
// include button to switch between frontend.css and backend.css (only shown if both files exists)
toggle_css_file($mod_dir, $css_file);
echo ''.$TEXT['TXT_EDIT_CSS_FILE'].'
';
$sScriptUrl = $_SERVER['SCRIPT_NAME'];
// output content of module file to textareas
?>
print_footer();