Index: branches/2.8.x/wb/framework/class.admin.php
===================================================================
--- branches/2.8.x/wb/framework/class.admin.php (revision 1141)
+++ branches/2.8.x/wb/framework/class.admin.php (revision 1142)
@@ -1,450 +1,450 @@
-
- Copyright (C) 2004-2009, Ryan Djurovich
-
- Website Baker is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- Website Baker is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with Website Baker; if not, write to the Free Software
- Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
-
-*/
-
-/*
-
-Admin class
-
-This class will be used for every program that will be included
-in the administration section of Website Baker.
-
-*/
-
-if(!defined('WB_URL')) {
- header('Location: ../index.php');
- exit(0);
-}
-
-require_once(WB_PATH.'/framework/class.wb.php');
-
-// Include PHPLIB template class
-require_once(WB_PATH."/include/phplib/template.inc");
-
-// Get WB version
-require_once(ADMIN_PATH.'/interface/version.php');
-
-// Include EditArea wrapper functions
-require_once(WB_PATH . '/include/editarea/wb_wrapper_edit_area.php');
-
-/*
-Begin user changeable settings
-*/
-
-
-class admin extends wb {
- // Authenticate user then auto print the header
- function admin($section_name, $section_permission = 'start', $auto_header = true, $auto_auth = true) {
- $this->wb();
- global $MESSAGE;
- // Specify the current applications name
- $this->section_name = $section_name;
- $this->section_permission = $section_permission;
- // Authenticate the user for this application
- if($auto_auth == true) {
- // First check if the user is logged-in
- if($this->is_authenticated() == false) {
- header('Location: '.ADMIN_URL.'/login/index.php');
- exit(0);
- }
- // Now check if they are allowed in this section
- if($this->get_permission($section_permission) == false) {
- die($MESSAGE['ADMIN']['INSUFFICIENT_PRIVELLIGES']);
- }
- }
-
- // Check if the backend language is also the selected language. If not, send headers again.
- global $database;
- $get_user_language = @$database->query("SELECT language FROM ".TABLE_PREFIX.
- "users WHERE user_id = '" .(int) $this->get_user_id() ."'");
- $user_language = ($get_user_language) ? $get_user_language->fetchRow() : '';
- // prevent infinite loop if language file is not XX.php (e.g. DE_du.php)
- $user_language = substr($user_language[0],0,2);
- // obtain the admin folder (e.g. /admin)
- $admin_folder = str_replace(WB_PATH, '', ADMIN_PATH);
- if((LANGUAGE != $user_language) && file_exists(WB_PATH .'/languages/' .$user_language .'.php')
- && strpos($_SERVER['PHP_SELF'],$admin_folder.'/') !== false) {
- // check if page_id is set
- $page_id_url = (isset($_GET['page_id'])) ? '&page_id=' .(int) $_GET['page_id'] : '';
- $section_id_url = (isset($_GET['section_id'])) ? '§ion_id=' .(int) $_GET['section_id'] : '';
- if(isset($_SERVER['QUERY_STRING']) && $_SERVER['QUERY_STRING'] != '') { // check if there is an query-string
- header('Location: '.$_SERVER['PHP_SELF'] .'?lang='.$user_language .$page_id_url .$section_id_url.'&'.$_SERVER['QUERY_STRING']);
- } else {
- header('Location: '.$_SERVER['PHP_SELF'] .'?lang='.$user_language .$page_id_url .$section_id_url);
- }
- exit();
- }
-
- // Auto header code
- if($auto_header == true) {
- $this->print_header();
- }
- }
-
- // Print the admin header
- function print_header($body_tags = '') {
- // Get vars from the language file
- global $MENU;
- global $MESSAGE;
- global $TEXT;
- // Connect to database and get website title
- global $database;
- $get_title = $database->query("SELECT value FROM ".TABLE_PREFIX."settings WHERE name = 'website_title'");
- $title = $get_title->fetchRow();
- $header_template = new Template(THEME_PATH.'/templates');
- $header_template->set_file('page', 'header.htt');
- $header_template->set_block('page', 'header_block', 'header');
- if(defined('DEFAULT_CHARSET')) {
- $charset=DEFAULT_CHARSET;
- } else {
- $charset='utf-8';
- }
-
- // work out the URL for the 'View menu' link in the WB backend
- // if the page_id is set, show this page otherwise show the root directory of WB
- $view_url = WB_URL;
- if(isset($_GET['page_id'])) {
- // extract page link from the database
- $result = @$database->query("SELECT link FROM " .TABLE_PREFIX ."pages WHERE page_id = '" .(int) addslashes($_GET['page_id']) ."'");
- $row = @$result->fetchRow();
- if($row) $view_url .= PAGES_DIRECTORY .$row['link']. PAGE_EXTENSION;
- }
-
- $header_template->set_var( array(
- 'SECTION_NAME' => $MENU[strtoupper($this->section_name)],
- 'BODY_TAGS' => $body_tags,
- 'WEBSITE_TITLE' => ($title['value']),
- 'TEXT_ADMINISTRATION' => $TEXT['ADMINISTRATION'],
- 'CURRENT_USER' => $MESSAGE['START']['CURRENT_USER'],
- 'DISPLAY_NAME' => $this->get_display_name(),
- 'CHARSET' => $charset,
- 'LANGUAGE' => strtolower(LANGUAGE),
- 'VERSION' => VERSION,
- 'WB_URL' => WB_URL,
- 'ADMIN_URL' => ADMIN_URL,
- 'THEME_URL' => THEME_URL,
- 'TITLE_START' => $MENU['START'],
- 'TITLE_VIEW' => $MENU['VIEW'],
- 'TITLE_HELP' => $MENU['HELP'],
- 'TITLE_LOGOUT' => $MENU['LOGOUT'],
- 'URL_VIEW' => $view_url,
- 'URL_HELP' => 'http://www.websitebaker.org/help/'.WB_VERSION,
- 'BACKEND_MODULE_CSS' => $this->register_backend_modfiles('css'), // adds backend.css
- 'BACKEND_MODULE_JS' => $this->register_backend_modfiles('js') // adds backend.js
- )
- );
-
- // Create the menu
- $menu = array(
- array(ADMIN_URL.'/pages/index.php', '', $MENU['PAGES'], 'pages', 1),
- array(ADMIN_URL.'/media/index.php', '', $MENU['MEDIA'], 'media', 1),
- array(ADMIN_URL.'/addons/index.php', '', $MENU['ADDONS'], 'addons', 1),
- array(ADMIN_URL.'/preferences/index.php', '', $MENU['PREFERENCES'], 'preferences', 0),
- array(ADMIN_URL.'/settings/index.php', '', $MENU['SETTINGS'], 'settings', 1),
- array(ADMIN_URL.'/admintools/index.php', '', $MENU['ADMINTOOLS'], 'admintools', 1),
- array(ADMIN_URL.'/access/index.php', '', $MENU['ACCESS'], 'access', 1)
- );
- $header_template->set_block('header_block', 'linkBlock', 'link');
- foreach($menu AS $menu_item) {
- $link = $menu_item[0];
- $target = ($menu_item[1] == '') ? '_self' : $menu_item[1];
- $title = $menu_item[2];
- $permission_title = $menu_item[3];
- $required = $menu_item[4];
- $replace_old = array(ADMIN_URL, WB_URL, '/', 'index.php');
- if($required == false OR $this->get_link_permission($permission_title)) {
- $header_template->set_var('LINK', $link);
- $header_template->set_var('TARGET', $target);
- // If link is the current section apply a class name
- if($permission_title == strtolower($this->section_name)) {
- $header_template->set_var('CLASS', $menu_item[3] . ' current');
- } else {
- $header_template->set_var('CLASS', $menu_item[3]);
- }
- $header_template->set_var('TITLE', $title);
- // Print link
- $header_template->parse('link', 'linkBlock', true);
- }
- }
- $header_template->parse('header', 'header_block', false);
- $header_template->pparse('output', 'page');
- }
-
- // Print the admin footer
- function print_footer() {
- // include the required file for Javascript admin
- if(file_exists(WB_PATH.'/modules/jsadmin/jsadmin_backend_include.php')){
- @include(WB_PATH.'/modules/jsadmin/jsadmin_backend_include.php');
- }
- $footer_template = new Template(THEME_PATH.'/templates');
- $footer_template->set_file('page', 'footer.htt');
- $footer_template->set_block('page', 'footer_block', 'header');
- $footer_template->set_var(array(
- 'BACKEND_BODY_MODULE_JS' => $this->register_backend_modfiles_body('js'),
- 'WB_URL' => WB_URL,
- 'WB_PATH' => WB_PATH,
- 'ADMIN_URL' => ADMIN_URL,
- 'THEME_URL' => THEME_URL,
- ) );
- $footer_template->parse('header', 'footer_block', false);
- $footer_template->pparse('output', 'page');
- }
-
- // Return a system permission
- function get_permission($name, $type = 'system') {
- // Append to permission type
- $type .= '_permissions';
- // Check if we have a section to check for
- if($name == 'start') {
- return true;
- } else {
- // Set system permissions var
- $system_permissions = $this->get_session('SYSTEM_PERMISSIONS');
- // Set module permissions var
- $module_permissions = $this->get_session('MODULE_PERMISSIONS');
- // Set template permissions var
- $template_permissions = $this->get_session('TEMPLATE_PERMISSIONS');
- // Return true if system perm = 1
- if (isset($$type) && is_array($$type) && is_numeric(array_search($name, $$type))) {
- if($type == 'system_permissions') {
- return true;
- } else {
- return false;
- }
- } else {
- if($type == 'system_permissions') {
- return false;
- } else {
- return true;
- }
- }
- }
- }
-
- function get_user_details($user_id) {
- global $database;
- $query_user = "SELECT username,display_name FROM ".TABLE_PREFIX."users WHERE user_id = '$user_id'";
- $get_user = $database->query($query_user);
- if($get_user->numRows() != 0) {
- $user = $get_user->fetchRow();
- } else {
- $user['display_name'] = 'Unknown';
- $user['username'] = 'unknown';
- }
- return $user;
- }
-
- function get_page_details($page_id) {
- global $database;
- $query = "SELECT page_id,page_title,modified_by,modified_when FROM ".TABLE_PREFIX."pages WHERE page_id = '$page_id'";
- $results = $database->query($query);
- if($database->is_error()) {
- $this->print_header();
- $this->print_error($database->get_error());
- }
- if($results->numRows() == 0) {
- $this->print_header();
- $this->print_error($MESSAGE['PAGES']['NOT_FOUND']);
- }
- $results_array = $results->fetchRow();
- return $results_array;
- }
-
- /** Function get_page_permission takes either a numerical page_id,
- * upon which it looks up the permissions in the database,
- * or an array with keys admin_groups and admin_users
- */
- function get_page_permission($page,$action='admin') {
- if ($action!='viewing') $action='admin';
- $action_groups=$action.'_groups';
- $action_users=$action.'_users';
- if (is_array($page)) {
- $groups=$page[$action_groups];
- $users=$page[$action_users];
- } else {
- global $database;
- $results = $database->query("SELECT $action_groups,$action_users FROM ".TABLE_PREFIX."pages WHERE page_id = '$page'");
- $result = $results->fetchRow();
- $groups = explode(',', str_replace('_', '', $result[$action_groups]));
- $users = explode(',', str_replace('_', '', $result[$action_users]));
- }
-
- $in_group = FALSE;
- foreach($this->get_groups_id() as $cur_gid){
- if (in_array($cur_gid, $groups)) {
- $in_group = TRUE;
- }
- }
- if((!$in_group) AND !is_numeric(array_search($this->get_user_id(), $users))) {
- return false;
- }
- return true;
- }
-
-
- // Returns a system permission for a menu link
- function get_link_permission($title) {
- $title = str_replace('_blank', '', $title);
- $title = strtolower($title);
- // Set system permissions var
- $system_permissions = $this->get_session('SYSTEM_PERMISSIONS');
- // Set module permissions var
- $module_permissions = $this->get_session('MODULE_PERMISSIONS');
- if($title == 'start') {
- return true;
- } else {
- // Return true if system perm = 1
- if(is_numeric(array_search($title, $system_permissions))) {
- return true;
- } else {
- return false;
- }
- }
- }
-
- // Function to add optional module Javascript or CSS stylesheets into the section of the backend
- function register_backend_modfiles_body($file_id="js")
- {
- // sanity check of parameter passed to the function
- $file_id = strtolower($file_id);
- if($file_id !== "javascript" && $file_id !== "js")
- {
- return;
- }
- global $database;
- $body_links = "";
- // define default baselink and filename for optional module javascript and stylesheet files
- if($file_id == "js") {
- $base_link = '';
- $base_file = "backend_body.js";
- }
- // check if backend_body.js files needs to be included to the section of the backend
- if(isset($_GET['tool']))
- {
- // check if displayed page contains a installed admin tool
- $result = $database->query("SELECT * FROM " .TABLE_PREFIX ."addons
- WHERE type = 'module' AND function = 'tool' AND directory = '".addslashes($_GET['tool'])."'");
- if($result->numRows())
- {
- // check if admin tool directory contains a backend_body.js file to include
- $tool = $result->fetchRow();
- if(file_exists(WB_PATH ."/modules/" .$tool['directory'] ."/$base_file"))
- {
- // return link to the backend_body.js file
- return str_replace("{MODULE_DIRECTORY}", $tool['directory'], $base_link);
- }
- }
- } elseif(isset($_GET['page_id']) or isset($_POST['page_id']))
- {
- // check if displayed page in the backend contains a page module
- if (isset($_GET['page_id']))
- {
- $page_id = (int) addslashes($_GET['page_id']);
- } else {
- $page_id = (int) addslashes($_POST['page_id']);
- }
- // gather information for all models embedded on actual page
- $query_modules = $database->query("SELECT module FROM " .TABLE_PREFIX ."sections
- WHERE page_id=$page_id");
- while($row = $query_modules->fetchRow()) {
- // check if page module directory contains a backend_body.js file
- if(file_exists(WB_PATH ."/modules/" .$row['module'] ."/$base_file")) {
- // create link with backend_body.js source for the current module
- $tmp_link = str_replace("{MODULE_DIRECTORY}", $row['module'], $base_link);
- // ensure that backend_body.js is only added once per module type
- if(strpos($body_links, $tmp_link) === false) {
- $body_links .= $tmp_link ."\n";
- }
- }
- }
- // write out links with all external module javascript/CSS files, remove last line feed
- return rtrim($body_links);
- }
- }
-
-
- // Function to add optional module Javascript or CSS stylesheets into the section of the backend
- function register_backend_modfiles($file_id="css") {
- // sanity check of parameter passed to the function
- $file_id = strtolower($file_id);
- if($file_id !== "css" && $file_id !== "javascript" && $file_id !== "js") {
- return;
- }
-
- global $database;
- // define default baselink and filename for optional module javascript and stylesheet files
- $head_links = "";
- if($file_id == "css") {
- $base_link = '';
- $base_file = "backend.js";
- }
-
- // check if backend.js or backend.css files needs to be included to the section of the backend
- if(isset($_GET['tool'])) {
- // check if displayed page contains a installed admin tool
- $result = $database->query("SELECT * FROM " .TABLE_PREFIX ."addons
- WHERE type = 'module' AND function = 'tool' AND directory = '".addslashes($_GET['tool'])."'");
-
- if($result->numRows()) {
- // check if admin tool directory contains a backend.js or backend.css file to include
- $tool = $result->fetchRow();
- if(file_exists(WB_PATH ."/modules/" .$tool['directory'] ."/$base_file")) {
- // return link to the backend.js or backend.css file
- return str_replace("{MODULE_DIRECTORY}", $tool['directory'], $base_link);
- }
- }
- } elseif(isset($_GET['page_id']) or isset($_POST['page_id'])) {
- // check if displayed page in the backend contains a page module
- if (isset($_GET['page_id'])) {
- $page_id = (int) addslashes($_GET['page_id']);
- } else {
- $page_id = (int) addslashes($_POST['page_id']);
- }
-
- // gather information for all models embedded on actual page
- $query_modules = $database->query("SELECT module FROM " .TABLE_PREFIX ."sections
- WHERE page_id=$page_id");
-
- while($row = $query_modules->fetchRow()) {
- // check if page module directory contains a backend.js or backend.css file
- if(file_exists(WB_PATH ."/modules/" .$row['module'] ."/$base_file")) {
- // create link with backend.js or backend.css source for the current module
- $tmp_link = str_replace("{MODULE_DIRECTORY}", $row['module'], $base_link);
- // ensure that backend.js or backend.css is only added once per module type
- if(strpos($head_links, $tmp_link) === false) {
- $head_links .= $tmp_link ."\n";
- }
- }
- }
- // write out links with all external module javascript/CSS files, remove last line feed
- return rtrim($head_links);
- }
- }
-}
-
-?>
+
+ Copyright (C) 2004-2009, Ryan Djurovich
+
+ Website Baker is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ Website Baker is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with Website Baker; if not, write to the Free Software
+ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+
+*/
+
+/*
+
+Admin class
+
+This class will be used for every program that will be included
+in the administration section of Website Baker.
+
+*/
+
+if(!defined('WB_URL')) {
+ header('Location: ../index.php');
+ exit(0);
+}
+
+require_once(WB_PATH.'/framework/class.wb.php');
+
+// Include PHPLIB template class
+require_once(WB_PATH."/include/phplib/template.inc");
+
+// Get WB version
+require_once(ADMIN_PATH.'/interface/version.php');
+
+// Include EditArea wrapper functions
+require_once(WB_PATH . '/include/editarea/wb_wrapper_edit_area.php');
+
+/*
+Begin user changeable settings
+*/
+
+
+class admin extends wb {
+ // Authenticate user then auto print the header
+ function admin($section_name, $section_permission = 'start', $auto_header = true, $auto_auth = true) {
+ $this->wb();
+ global $MESSAGE;
+ // Specify the current applications name
+ $this->section_name = $section_name;
+ $this->section_permission = $section_permission;
+ // Authenticate the user for this application
+ if($auto_auth == true) {
+ // First check if the user is logged-in
+ if($this->is_authenticated() == false) {
+ header('Location: '.ADMIN_URL.'/login/index.php');
+ exit(0);
+ }
+ // Now check if they are allowed in this section
+ if($this->get_permission($section_permission) == false) {
+ die($MESSAGE['ADMIN']['INSUFFICIENT_PRIVELLIGES']);
+ }
+ }
+
+ // Check if the backend language is also the selected language. If not, send headers again.
+ global $database;
+ $get_user_language = @$database->query("SELECT language FROM ".TABLE_PREFIX.
+ "users WHERE user_id = '" .(int) $this->get_user_id() ."'");
+ $user_language = ($get_user_language) ? $get_user_language->fetchRow() : '';
+ // prevent infinite loop if language file is not XX.php (e.g. DE_du.php)
+ $user_language = substr($user_language[0],0,2);
+ // obtain the admin folder (e.g. /admin)
+ $admin_folder = str_replace(WB_PATH, '', ADMIN_PATH);
+ if((LANGUAGE != $user_language) && file_exists(WB_PATH .'/languages/' .$user_language .'.php')
+ && strpos($_SERVER['PHP_SELF'],$admin_folder.'/') !== false) {
+ // check if page_id is set
+ $page_id_url = (isset($_GET['page_id'])) ? '&page_id=' .(int) $_GET['page_id'] : '';
+ $section_id_url = (isset($_GET['section_id'])) ? '§ion_id=' .(int) $_GET['section_id'] : '';
+ if(isset($_SERVER['QUERY_STRING']) && $_SERVER['QUERY_STRING'] != '') { // check if there is an query-string
+ header('Location: '.$_SERVER['PHP_SELF'] .'?lang='.$user_language .$page_id_url .$section_id_url.'&'.$_SERVER['QUERY_STRING']);
+ } else {
+ header('Location: '.$_SERVER['PHP_SELF'] .'?lang='.$user_language .$page_id_url .$section_id_url);
+ }
+ exit();
+ }
+
+ // Auto header code
+ if($auto_header == true) {
+ $this->print_header();
+ }
+ }
+
+ // Print the admin header
+ function print_header($body_tags = '') {
+ // Get vars from the language file
+ global $MENU;
+ global $MESSAGE;
+ global $TEXT;
+ // Connect to database and get website title
+ global $database;
+ $get_title = $database->query("SELECT value FROM ".TABLE_PREFIX."settings WHERE name = 'website_title'");
+ $title = $get_title->fetchRow();
+ $header_template = new Template(THEME_PATH.'/templates');
+ $header_template->set_file('page', 'header.htt');
+ $header_template->set_block('page', 'header_block', 'header');
+ if(defined('DEFAULT_CHARSET')) {
+ $charset=DEFAULT_CHARSET;
+ } else {
+ $charset='utf-8';
+ }
+
+ // work out the URL for the 'View menu' link in the WB backend
+ // if the page_id is set, show this page otherwise show the root directory of WB
+ $view_url = WB_URL;
+ if(isset($_GET['page_id'])) {
+ // extract page link from the database
+ $result = @$database->query("SELECT link FROM " .TABLE_PREFIX ."pages WHERE page_id = '" .(int) addslashes($_GET['page_id']) ."'");
+ $row = @$result->fetchRow();
+ if($row) $view_url .= PAGES_DIRECTORY .$row['link']. PAGE_EXTENSION;
+ }
+
+ $header_template->set_var( array(
+ 'SECTION_NAME' => $MENU[strtoupper($this->section_name)],
+ 'BODY_TAGS' => $body_tags,
+ 'WEBSITE_TITLE' => ($title['value']),
+ 'TEXT_ADMINISTRATION' => $TEXT['ADMINISTRATION'],
+ 'CURRENT_USER' => $MESSAGE['START']['CURRENT_USER'],
+ 'DISPLAY_NAME' => $this->get_display_name(),
+ 'CHARSET' => $charset,
+ 'LANGUAGE' => strtolower(LANGUAGE),
+ 'VERSION' => VERSION,
+ 'WB_URL' => WB_URL,
+ 'ADMIN_URL' => ADMIN_URL,
+ 'THEME_URL' => THEME_URL,
+ 'TITLE_START' => $MENU['START'],
+ 'TITLE_VIEW' => $MENU['VIEW'],
+ 'TITLE_HELP' => $MENU['HELP'],
+ 'TITLE_LOGOUT' => $MENU['LOGOUT'],
+ 'URL_VIEW' => $view_url,
+ 'URL_HELP' => 'http://help.websitebaker.org/',
+ 'BACKEND_MODULE_CSS' => $this->register_backend_modfiles('css'), // adds backend.css
+ 'BACKEND_MODULE_JS' => $this->register_backend_modfiles('js') // adds backend.js
+ )
+ );
+
+ // Create the menu
+ $menu = array(
+ array(ADMIN_URL.'/pages/index.php', '', $MENU['PAGES'], 'pages', 1),
+ array(ADMIN_URL.'/media/index.php', '', $MENU['MEDIA'], 'media', 1),
+ array(ADMIN_URL.'/addons/index.php', '', $MENU['ADDONS'], 'addons', 1),
+ array(ADMIN_URL.'/preferences/index.php', '', $MENU['PREFERENCES'], 'preferences', 0),
+ array(ADMIN_URL.'/settings/index.php', '', $MENU['SETTINGS'], 'settings', 1),
+ array(ADMIN_URL.'/admintools/index.php', '', $MENU['ADMINTOOLS'], 'admintools', 1),
+ array(ADMIN_URL.'/access/index.php', '', $MENU['ACCESS'], 'access', 1)
+ );
+ $header_template->set_block('header_block', 'linkBlock', 'link');
+ foreach($menu AS $menu_item) {
+ $link = $menu_item[0];
+ $target = ($menu_item[1] == '') ? '_self' : $menu_item[1];
+ $title = $menu_item[2];
+ $permission_title = $menu_item[3];
+ $required = $menu_item[4];
+ $replace_old = array(ADMIN_URL, WB_URL, '/', 'index.php');
+ if($required == false OR $this->get_link_permission($permission_title)) {
+ $header_template->set_var('LINK', $link);
+ $header_template->set_var('TARGET', $target);
+ // If link is the current section apply a class name
+ if($permission_title == strtolower($this->section_name)) {
+ $header_template->set_var('CLASS', $menu_item[3] . ' current');
+ } else {
+ $header_template->set_var('CLASS', $menu_item[3]);
+ }
+ $header_template->set_var('TITLE', $title);
+ // Print link
+ $header_template->parse('link', 'linkBlock', true);
+ }
+ }
+ $header_template->parse('header', 'header_block', false);
+ $header_template->pparse('output', 'page');
+ }
+
+ // Print the admin footer
+ function print_footer() {
+ // include the required file for Javascript admin
+ if(file_exists(WB_PATH.'/modules/jsadmin/jsadmin_backend_include.php')){
+ @include(WB_PATH.'/modules/jsadmin/jsadmin_backend_include.php');
+ }
+ $footer_template = new Template(THEME_PATH.'/templates');
+ $footer_template->set_file('page', 'footer.htt');
+ $footer_template->set_block('page', 'footer_block', 'header');
+ $footer_template->set_var(array(
+ 'BACKEND_BODY_MODULE_JS' => $this->register_backend_modfiles_body('js'),
+ 'WB_URL' => WB_URL,
+ 'WB_PATH' => WB_PATH,
+ 'ADMIN_URL' => ADMIN_URL,
+ 'THEME_URL' => THEME_URL,
+ ) );
+ $footer_template->parse('header', 'footer_block', false);
+ $footer_template->pparse('output', 'page');
+ }
+
+ // Return a system permission
+ function get_permission($name, $type = 'system') {
+ // Append to permission type
+ $type .= '_permissions';
+ // Check if we have a section to check for
+ if($name == 'start') {
+ return true;
+ } else {
+ // Set system permissions var
+ $system_permissions = $this->get_session('SYSTEM_PERMISSIONS');
+ // Set module permissions var
+ $module_permissions = $this->get_session('MODULE_PERMISSIONS');
+ // Set template permissions var
+ $template_permissions = $this->get_session('TEMPLATE_PERMISSIONS');
+ // Return true if system perm = 1
+ if (isset($$type) && is_array($$type) && is_numeric(array_search($name, $$type))) {
+ if($type == 'system_permissions') {
+ return true;
+ } else {
+ return false;
+ }
+ } else {
+ if($type == 'system_permissions') {
+ return false;
+ } else {
+ return true;
+ }
+ }
+ }
+ }
+
+ function get_user_details($user_id) {
+ global $database;
+ $query_user = "SELECT username,display_name FROM ".TABLE_PREFIX."users WHERE user_id = '$user_id'";
+ $get_user = $database->query($query_user);
+ if($get_user->numRows() != 0) {
+ $user = $get_user->fetchRow();
+ } else {
+ $user['display_name'] = 'Unknown';
+ $user['username'] = 'unknown';
+ }
+ return $user;
+ }
+
+ function get_page_details($page_id) {
+ global $database;
+ $query = "SELECT page_id,page_title,modified_by,modified_when FROM ".TABLE_PREFIX."pages WHERE page_id = '$page_id'";
+ $results = $database->query($query);
+ if($database->is_error()) {
+ $this->print_header();
+ $this->print_error($database->get_error());
+ }
+ if($results->numRows() == 0) {
+ $this->print_header();
+ $this->print_error($MESSAGE['PAGES']['NOT_FOUND']);
+ }
+ $results_array = $results->fetchRow();
+ return $results_array;
+ }
+
+ /** Function get_page_permission takes either a numerical page_id,
+ * upon which it looks up the permissions in the database,
+ * or an array with keys admin_groups and admin_users
+ */
+ function get_page_permission($page,$action='admin') {
+ if ($action!='viewing') $action='admin';
+ $action_groups=$action.'_groups';
+ $action_users=$action.'_users';
+ if (is_array($page)) {
+ $groups=$page[$action_groups];
+ $users=$page[$action_users];
+ } else {
+ global $database;
+ $results = $database->query("SELECT $action_groups,$action_users FROM ".TABLE_PREFIX."pages WHERE page_id = '$page'");
+ $result = $results->fetchRow();
+ $groups = explode(',', str_replace('_', '', $result[$action_groups]));
+ $users = explode(',', str_replace('_', '', $result[$action_users]));
+ }
+
+ $in_group = FALSE;
+ foreach($this->get_groups_id() as $cur_gid){
+ if (in_array($cur_gid, $groups)) {
+ $in_group = TRUE;
+ }
+ }
+ if((!$in_group) AND !is_numeric(array_search($this->get_user_id(), $users))) {
+ return false;
+ }
+ return true;
+ }
+
+
+ // Returns a system permission for a menu link
+ function get_link_permission($title) {
+ $title = str_replace('_blank', '', $title);
+ $title = strtolower($title);
+ // Set system permissions var
+ $system_permissions = $this->get_session('SYSTEM_PERMISSIONS');
+ // Set module permissions var
+ $module_permissions = $this->get_session('MODULE_PERMISSIONS');
+ if($title == 'start') {
+ return true;
+ } else {
+ // Return true if system perm = 1
+ if(is_numeric(array_search($title, $system_permissions))) {
+ return true;
+ } else {
+ return false;
+ }
+ }
+ }
+
+ // Function to add optional module Javascript or CSS stylesheets into the section of the backend
+ function register_backend_modfiles_body($file_id="js")
+ {
+ // sanity check of parameter passed to the function
+ $file_id = strtolower($file_id);
+ if($file_id !== "javascript" && $file_id !== "js")
+ {
+ return;
+ }
+ global $database;
+ $body_links = "";
+ // define default baselink and filename for optional module javascript and stylesheet files
+ if($file_id == "js") {
+ $base_link = '';
+ $base_file = "backend_body.js";
+ }
+ // check if backend_body.js files needs to be included to the section of the backend
+ if(isset($_GET['tool']))
+ {
+ // check if displayed page contains a installed admin tool
+ $result = $database->query("SELECT * FROM " .TABLE_PREFIX ."addons
+ WHERE type = 'module' AND function = 'tool' AND directory = '".addslashes($_GET['tool'])."'");
+ if($result->numRows())
+ {
+ // check if admin tool directory contains a backend_body.js file to include
+ $tool = $result->fetchRow();
+ if(file_exists(WB_PATH ."/modules/" .$tool['directory'] ."/$base_file"))
+ {
+ // return link to the backend_body.js file
+ return str_replace("{MODULE_DIRECTORY}", $tool['directory'], $base_link);
+ }
+ }
+ } elseif(isset($_GET['page_id']) or isset($_POST['page_id']))
+ {
+ // check if displayed page in the backend contains a page module
+ if (isset($_GET['page_id']))
+ {
+ $page_id = (int) addslashes($_GET['page_id']);
+ } else {
+ $page_id = (int) addslashes($_POST['page_id']);
+ }
+ // gather information for all models embedded on actual page
+ $query_modules = $database->query("SELECT module FROM " .TABLE_PREFIX ."sections
+ WHERE page_id=$page_id");
+ while($row = $query_modules->fetchRow()) {
+ // check if page module directory contains a backend_body.js file
+ if(file_exists(WB_PATH ."/modules/" .$row['module'] ."/$base_file")) {
+ // create link with backend_body.js source for the current module
+ $tmp_link = str_replace("{MODULE_DIRECTORY}", $row['module'], $base_link);
+ // ensure that backend_body.js is only added once per module type
+ if(strpos($body_links, $tmp_link) === false) {
+ $body_links .= $tmp_link ."\n";
+ }
+ }
+ }
+ // write out links with all external module javascript/CSS files, remove last line feed
+ return rtrim($body_links);
+ }
+ }
+
+
+ // Function to add optional module Javascript or CSS stylesheets into the section of the backend
+ function register_backend_modfiles($file_id="css") {
+ // sanity check of parameter passed to the function
+ $file_id = strtolower($file_id);
+ if($file_id !== "css" && $file_id !== "javascript" && $file_id !== "js") {
+ return;
+ }
+
+ global $database;
+ // define default baselink and filename for optional module javascript and stylesheet files
+ $head_links = "";
+ if($file_id == "css") {
+ $base_link = '';
+ $base_file = "backend.js";
+ }
+
+ // check if backend.js or backend.css files needs to be included to the section of the backend
+ if(isset($_GET['tool'])) {
+ // check if displayed page contains a installed admin tool
+ $result = $database->query("SELECT * FROM " .TABLE_PREFIX ."addons
+ WHERE type = 'module' AND function = 'tool' AND directory = '".addslashes($_GET['tool'])."'");
+
+ if($result->numRows()) {
+ // check if admin tool directory contains a backend.js or backend.css file to include
+ $tool = $result->fetchRow();
+ if(file_exists(WB_PATH ."/modules/" .$tool['directory'] ."/$base_file")) {
+ // return link to the backend.js or backend.css file
+ return str_replace("{MODULE_DIRECTORY}", $tool['directory'], $base_link);
+ }
+ }
+ } elseif(isset($_GET['page_id']) or isset($_POST['page_id'])) {
+ // check if displayed page in the backend contains a page module
+ if (isset($_GET['page_id'])) {
+ $page_id = (int) addslashes($_GET['page_id']);
+ } else {
+ $page_id = (int) addslashes($_POST['page_id']);
+ }
+
+ // gather information for all models embedded on actual page
+ $query_modules = $database->query("SELECT module FROM " .TABLE_PREFIX ."sections
+ WHERE page_id=$page_id");
+
+ while($row = $query_modules->fetchRow()) {
+ // check if page module directory contains a backend.js or backend.css file
+ if(file_exists(WB_PATH ."/modules/" .$row['module'] ."/$base_file")) {
+ // create link with backend.js or backend.css source for the current module
+ $tmp_link = str_replace("{MODULE_DIRECTORY}", $row['module'], $base_link);
+ // ensure that backend.js or backend.css is only added once per module type
+ if(strpos($head_links, $tmp_link) === false) {
+ $head_links .= $tmp_link ."\n";
+ }
+ }
+ }
+ // write out links with all external module javascript/CSS files, remove last line feed
+ return rtrim($head_links);
+ }
+ }
+}
+
+?>
Index: branches/2.8.x/wb/modules/fckeditor/include.php
===================================================================
--- branches/2.8.x/wb/modules/fckeditor/include.php (revision 1141)
+++ branches/2.8.x/wb/modules/fckeditor/include.php (revision 1142)
@@ -1,119 +1,120 @@
-
- Copyright (C) 2004-2009, Ryan Djurovich
-
- Website Baker is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- Website Baker is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with Website Baker; if not, write to the Free Software
- Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
-
-*/
-
-function reverse_htmlentities($mixed) {
- $mixed = str_replace(array('>','<','"','&'), array('>','<','"','&'), $mixed);
- return $mixed;
-}
-
-function get_template_name() {
- // returns the template name of the current displayed page
-
- // Loading config.php is not needed here, it is loaded before. It breaks the module when the editor is called form another dir as WB_PATH/modules/mymodule
- // require_once('../../config.php');
- require_once(WB_PATH. '/framework/class.database.php');
-
- // work out default editor.css file for FCKEditor
- if(file_exists(WB_PATH .'/templates/' .DEFAULT_TEMPLATE .'/editor.css')) {
- $fck_template_dir = DEFAULT_TEMPLATE;
- } else {
- $fck_template_dir = "none";
- }
-
- // check if a editor.css file exists in the specified template directory of current page
- if (isset($_GET["page_id"]) && (int) $_GET["page_id"] > 0) {
- $pageid = (int) $_GET["page_id"];
-
- // obtain template folder of current page from the database
- if(!isset($admin)) {
- $database = new database();
- }
- $query_page = "SELECT template FROM " .TABLE_PREFIX ."pages WHERE page_id =$pageid";
- $pagetpl = $database->get_one($query_page); // if empty, default template is used
-
- // check if a specific template is defined for current page
- if(isset($pagetpl) && $pagetpl != '') {
- // check if a specify editor.css file is contained in that folder
- if(file_exists(WB_PATH.'/templates/'.$pagetpl.'/editor.css')) {
- $fck_template_dir = $pagetpl;
- }
- }
- }
- return $fck_template_dir;
-}
-
-function show_wysiwyg_editor($name, $id, $content, $width, $height) {
- // create new FCKEditor instance
- require_once(WB_PATH.'/modules/fckeditor/fckeditor/fckeditor.php');
- $oFCKeditor = new FCKeditor($name);
-
- // set defaults (Note: custom settings defined in: "/my_config/my_fckconfig.js" instead of "/editor/fckconfig.js")
- $oFCKeditor->BasePath = WB_URL.'/modules/fckeditor/fckeditor/';
- $oFCKeditor->Config['CustomConfigurationsPath'] = WB_URL .'/modules/fckeditor/wb_config/wb_fckconfig.js';
- $oFCKeditor->ToolbarSet = 'WBToolbar'; // toolbar defined in my_fckconfig.js
-
- // obtain template name of current page (if empty, no editor.css files exists)
- $template_name = get_template_name();
-
- // work out default CSS file to be used for FCK textarea
- if($template_name == "none") {
- // no editor.css file exists in default template folder, or template folder of current page
- $css_file = WB_URL .'/modules/fckeditor/wb_config/wb_fckeditorarea.css';
- } else {
- // editor.css file exists in default template folder or template folder of current page
- $css_file = WB_URL .'/templates/' .$template_name .'/editor.css';
- }
- // set CSS file depending on $css_file
- $oFCKeditor->Config['EditorAreaCSS'] = $css_file;
-
- // work out settings for the FCK "Style" toolbar
- if ($template_name == "none") {
- // no custom editor.css exists, use default XML definitions
- $oFCKeditor->Config['StylesXmlPath'] = WB_URL.'/modules/fckeditor/wb_config/wb_fckstyles.xml';
- } else {
- // file editor.css exists in template folder, parse it and create XML definitions
- $oFCKeditor->Config['StylesXmlPath'] = WB_URL.'/modules/fckeditor/css_to_xml.php?template_name=' .$template_name;
- }
-
- // custom templates can be defined via /wb_config/wb_fcktemplates.xml
- if(file_exists(WB_PATH .'/modules/fckeditor/wb_config/wb_fcktemplates.xml')) {
- $oFCKeditor->Config['TemplatesXmlPath'] = WB_URL.'/modules/fckeditor/wb_config/wb_fcktemplates.xml';
- }
-
- // set required file connectors (overwrite settings which may be made in fckconfig.js or my_fckconfig.js)
- $connectorPath = $oFCKeditor->BasePath.'editor/filemanager/connectors/php/connector.php';
- $oFCKeditor->Config['LinkBrowserURL'] = $oFCKeditor->BasePath.'editor/filemanager/browser/default/browser.html?Connector='
- .$connectorPath;
- $oFCKeditor->Config['ImageBrowserURL'] = $oFCKeditor->BasePath.'editor/filemanager/browser/default/browser.html?Connector='
- .$connectorPath;
- $oFCKeditor->Config['FlashBrowserURL'] = $oFCKeditor->BasePath.'editor/filemanager/browser/default/browser.html?Connector='
- .$connectorPath;
-
- $oFCKeditor->Value = reverse_htmlentities($content);
- $oFCKeditor->Height = $height;
- $oFCKeditor->Create();
-}
-
+
+ Copyright (C) 2004-2009, Ryan Djurovich
+
+ Website Baker is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ Website Baker is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with Website Baker; if not, write to the Free Software
+ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+
+*/
+
+function reverse_htmlentities($mixed) {
+ $mixed = str_replace(array('>','<','"','&'), array('>','<','"','&'), $mixed);
+ return $mixed;
+}
+
+function get_template_name() {
+ // returns the template name of the current displayed page
+
+ // Loading config.php is not needed here, it is loaded before. It breaks the module when the editor is called form another dir as WB_PATH/modules/mymodule
+ // require_once('../../config.php');
+ require_once(WB_PATH. '/framework/class.database.php');
+
+ // work out default editor.css file for FCKEditor
+ if(file_exists(WB_PATH .'/templates/' .DEFAULT_TEMPLATE .'/editor.css')) {
+ $fck_template_dir = DEFAULT_TEMPLATE;
+ } else {
+ $fck_template_dir = "none";
+ }
+
+ // check if a editor.css file exists in the specified template directory of current page
+ if (isset($_GET["page_id"]) && (int) $_GET["page_id"] > 0) {
+ $pageid = (int) $_GET["page_id"];
+
+ // obtain template folder of current page from the database
+ if(!isset($admin)) {
+ $database = new database();
+ }
+ $query_page = "SELECT template FROM " .TABLE_PREFIX ."pages WHERE page_id =$pageid";
+ $pagetpl = $database->get_one($query_page); // if empty, default template is used
+
+ // check if a specific template is defined for current page
+ if(isset($pagetpl) && $pagetpl != '') {
+ // check if a specify editor.css file is contained in that folder
+ if(file_exists(WB_PATH.'/templates/'.$pagetpl.'/editor.css')) {
+ $fck_template_dir = $pagetpl;
+ }
+ }
+ }
+ return $fck_template_dir;
+}
+
+function show_wysiwyg_editor($name, $id, $content, $width, $height) {
+ // create new FCKEditor instance
+ require_once(WB_PATH.'/modules/fckeditor/fckeditor/fckeditor.php');
+ $oFCKeditor = new FCKeditor($name);
+
+ // set defaults (Note: custom settings defined in: "/my_config/my_fckconfig.js" instead of "/editor/fckconfig.js")
+ $oFCKeditor->BasePath = WB_URL.'/modules/fckeditor/fckeditor/';
+ $oFCKeditor->Config['CustomConfigurationsPath'] = WB_URL .'/modules/fckeditor/wb_config/wb_fckconfig.js';
+ $oFCKeditor->ToolbarSet = 'WBToolbar'; // toolbar defined in my_fckconfig.js
+
+ // obtain template name of current page (if empty, no editor.css files exists)
+ $template_name = get_template_name();
+
+ // work out default CSS file to be used for FCK textarea
+ if($template_name == "none") {
+ // no editor.css file exists in default template folder, or template folder of current page
+ $css_file = WB_URL .'/modules/fckeditor/wb_config/wb_fckeditorarea.css';
+ } else {
+ // editor.css file exists in default template folder or template folder of current page
+ $css_file = WB_URL .'/templates/' .$template_name .'/editor.css';
+ }
+ // set CSS file depending on $css_file
+ $oFCKeditor->Config['EditorAreaCSS'] = $css_file;
+
+ // work out settings for the FCK "Style" toolbar
+ if ($template_name == "none") {
+ // no custom editor.css exists, use default XML definitions
+ $oFCKeditor->Config['StylesXmlPath'] = WB_URL.'/modules/fckeditor/wb_config/wb_fckstyles.xml';
+ } else {
+ // file editor.css exists in template folder, parse it and create XML definitions
+ $oFCKeditor->Config['StylesXmlPath'] = WB_URL.'/modules/fckeditor/css_to_xml.php?template_name=' .$template_name;
+ }
+
+ // custom templates can be defined via /wb_config/wb_fcktemplates.xml
+ if(file_exists(WB_PATH .'/modules/fckeditor/wb_config/wb_fcktemplates.xml')) {
+ $oFCKeditor->Config['TemplatesXmlPath'] = WB_URL.'/modules/fckeditor/wb_config/wb_fcktemplates.xml';
+ }
+
+ // set required file connectors (overwrite settings which may be made in fckconfig.js or my_fckconfig.js)
+ $connectorPath = $oFCKeditor->BasePath.'editor/filemanager/connectors/php/connector.php';
+ $oFCKeditor->Config['LinkBrowserURL'] = $oFCKeditor->BasePath.'editor/filemanager/browser/default/browser.html?Connector='
+ .$connectorPath;
+ $oFCKeditor->Config['ImageBrowserURL'] = $oFCKeditor->BasePath.'editor/filemanager/browser/default/browser.html?Connector='
+ .$connectorPath;
+ $oFCKeditor->Config['FlashBrowserURL'] = $oFCKeditor->BasePath.'editor/filemanager/browser/default/browser.html?Connector='
+ .$connectorPath;
+
+ $oFCKeditor->Value = reverse_htmlentities($content);
+ $oFCKeditor->Width = $width;
+ $oFCKeditor->Height = $height;
+ $oFCKeditor->Create();
+}
+
?>
\ No newline at end of file