Project

General

Profile

« Previous | Next » 

Revision 1475

Added by Dietmar over 13 years ago

+ add SecureForm.mtab.php under mantennance by WebsiteBaker Community
! security fixes media, groups, users, sections
  1. change lang variable to remove upgrade-script
    ! reworked add sections in pages
    ! fix set empty href in show_menu2
    ! set show_menu2 version to 4.9.6
    ! reworked Droplet LoginBox, add redirect query
    - remove unneeded folder js
    ! set Droplet to version 1.1.0
    + add checkboxes to change frontend absolute url to relative urls
    ! set output_filter version to 0.2

View differences:

branches/2.8.x/CHANGELOG
11 11
! = Update/Change
12 12

  
13 13
------------------------------------- 2.8.2 ------------------------------------
14
13 Jul-2011 Build 1475 Dietmar Woellbrink (Luisehahne)
15
+ add SecureForm.mtab.php under mantennance by WebsiteBaker Community
16
! security fixes media, groups, users, sections
17
# change lang variable to remove upgrade-script
18
! reworked add sections in pages
19
! fix set empty href in show_menu2
20
! set show_menu2 version to 4.9.6 
21
! reworked Droplet LoginBox, add redirect query
22
- remove unneeded folder js
23
! set Droplet to version 1.1.0
24
+ add checkboxes to change frontend absolute url to relative urls
25
! set output_filter version to 0.2
14 26
12 Jul-2011 Build 1474 Werner v.d.Decken(DarkViper)
15 27
#  for security reasons the 'remember me' functionality is deaktivated in
16 28
   class login
branches/2.8.x/wb/admin/groups/groups.php
20 20
require('../../config.php');
21 21
require_once(WB_PATH.'/framework/class.admin.php');
22 22

  
23
// Create new database object
24
// $database = new database();
23
// Set parameter 'action' as alternative to javascript mechanism
24
$action = 'cancel';
25
// Set parameter 'action' as alternative to javascript mechanism
26
$action = (isset($_POST['modify']) ? 'modify' : $action );
27
$action = (isset($_POST['delete']) ? 'delete' : $action );
25 28

  
26
if(!isset($_POST['action']) OR ($_POST['action'] != "modify" AND $_POST['action'] != "delete")) {
27
	header("Location: index.php");
28
	exit(0);
29
}
29
switch ($action):
30
	case 'modify' :
30 31

  
31
// Set parameter 'action' as alternative to javascript mechanism
32
if(isset($_POST['modify']))
33
	$_POST['action'] = "modify";
34
if(isset($_POST['delete']))
35
	$_POST['action'] = "delete";
32
			// Create new admin object
33
			$admin = new admin('Access', 'groups_modify' );
34
			// Check if group group_id is a valid number and doesnt equal 1
35
			$group_id = intval($admin->checkIDKEY('group_id', 0, $_SERVER['REQUEST_METHOD']));
36
			if( ($group_id < 2 ) )
37
			{
38
				// if($admin_header) { $admin->print_header(); }
39
				$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'] );
40
			}
36 41

  
37
// Check if group group_id is a valid number and doesnt equal 1
38
if(!isset($_POST['group_id']) OR !is_numeric($_POST['group_id']) OR $_POST['group_id'] == 1) {
39
	header("Location: index.php");
40
	exit(0);
41
}
42
			// Get existing values
43
			$results = $database->query("SELECT * FROM ".TABLE_PREFIX."groups WHERE group_id = '".$group_id."'");
44
			$group = $results->fetchRow();
45
			// Setup template object
46
			$template = new Template(THEME_PATH.'/templates');
47
			$template->set_file('page', 'groups_form.htt');
48
			$template->set_block('page', 'main_block', 'main');
49
			$template->set_var(	array(
50
									'ACTION_URL' => ADMIN_URL.'/groups/save.php',
51
									'SUBMIT_TITLE' => $TEXT['SAVE'],
52
									'GROUP_ID' => $group['group_id'],
53
									'GROUP_NAME' => $group['name'],
54
									'ADVANCED_ACTION' => 'groups.php',
55
									'FTAN' => $admin->getFTAN()
56
								));
57
			// Tell the browser whether or not to show advanced options
58
			if( true == (isset( $_POST['advanced']) AND ( strpos( $_POST['advanced'], ">>") > 0 ) ) ) {
59
				$template->set_var('DISPLAY_ADVANCED', '');
60
				$template->set_var('DISPLAY_BASIC', 'display:none;');
61
				$template->set_var('ADVANCED', 'yes');
62
				$template->set_var('ADVANCED_BUTTON', '&lt;&lt; '.$TEXT['HIDE_ADVANCED']);
63
			} else {
64
				$template->set_var('DISPLAY_ADVANCED', 'display:none;');
65
				$template->set_var('DISPLAY_BASIC', '');
66
				$template->set_var('ADVANCED', 'no');
67
				$template->set_var('ADVANCED_BUTTON', $TEXT['SHOW_ADVANCED'].'  &gt;&gt;');
68
			}
42 69

  
43
if($_POST['action'] == 'modify') {
44
	// Create new admin object
45
	$admin = new admin('Access', 'groups_modify', false);
46
/*  */
47
	if (!$admin->checkFTAN())
48
	{
49
		$admin->print_header();
50
		$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS']);
51
	}
70
			// Explode system permissions
71
			$system_permissions = explode(',', $group['system_permissions']);
72
			// Check system permissions boxes
73
			foreach($system_permissions AS $name) {
74
					$template->set_var($name.'_checked', ' checked="checked"');
75
			}
76
			// Explode module permissions
77
			$module_permissions = explode(',', $group['module_permissions']);
78
			// Explode template permissions
79
			$template_permissions = explode(',', $group['template_permissions']);
52 80

  
53
	// Print header
54
	$admin->print_header();
55
	// Get existing values
56
	$results = $database->query("SELECT * FROM ".TABLE_PREFIX."groups WHERE group_id = '".$_POST['group_id']."'");
57
	$group = $results->fetchRow();
58
	// Setup template object
59
	$template = new Template(THEME_PATH.'/templates');
60
	$template->set_file('page', 'groups_form.htt');
61
	$template->set_block('page', 'main_block', 'main');
62
	$template->set_var(	array(
63
							'ACTION_URL' => ADMIN_URL.'/groups/save.php',
64
							'SUBMIT_TITLE' => $TEXT['SAVE'],
65
							'GROUP_ID' => $group['group_id'],
66
							'GROUP_NAME' => $group['name'],
67
							'ADVANCED_ACTION' => 'groups.php',
68
							'FTAN' => $admin->getFTAN()
69
						));
70
	// Tell the browser whether or not to show advanced options
71
	if( true == (isset( $_POST['advanced']) AND ( strpos( $_POST['advanced'], ">>") > 0 ) ) ) {
72
		$template->set_var('DISPLAY_ADVANCED', '');
73
		$template->set_var('DISPLAY_BASIC', 'display:none;');
74
		$template->set_var('ADVANCED', 'yes');
75
		$template->set_var('ADVANCED_BUTTON', '&lt;&lt; '.$TEXT['HIDE_ADVANCED']);
76
	} else {
77
		$template->set_var('DISPLAY_ADVANCED', 'display:none;');
78
		$template->set_var('DISPLAY_BASIC', '');
79
		$template->set_var('ADVANCED', 'no');
80
		$template->set_var('ADVANCED_BUTTON', $TEXT['SHOW_ADVANCED'].'  &gt;&gt;');
81
	}
81
			// Insert values into module list
82
			$template->set_block('main_block', 'module_list_block', 'module_list');
83
			$result = $database->query('SELECT * FROM `'.TABLE_PREFIX.'addons` WHERE `type` = "module" AND `function` = "page" ORDER BY `name`');
84
			if($result->numRows() > 0) {
85
				while($addon = $result->fetchRow()) {
86
					$template->set_var('VALUE', $addon['directory']);
87
					$template->set_var('NAME', $addon['name']);
88
					if(!is_numeric(array_search($addon['directory'], $module_permissions))) {
89
						$template->set_var('CHECKED', ' checked="checked"');
90
					} else {
91
						$template->set_var('CHECKED', '');
92
					}
93
					$template->parse('module_list', 'module_list_block', true);
94
				}
95
			}
82 96

  
83
	// Explode system permissions
84
	$system_permissions = explode(',', $group['system_permissions']);
85
	// Check system permissions boxes
86
	foreach($system_permissions AS $name) {
87
			$template->set_var($name.'_checked', ' checked="checked"');
88
	}
89
	// Explode module permissions
90
	$module_permissions = explode(',', $group['module_permissions']);
91
	// Explode template permissions
92
	$template_permissions = explode(',', $group['template_permissions']);
93
	
94
	// Insert values into module list
95
	$template->set_block('main_block', 'module_list_block', 'module_list');
96
	$result = $database->query('SELECT * FROM `'.TABLE_PREFIX.'addons` WHERE `type` = "module" AND `function` = "page" ORDER BY `name`');
97
	if($result->numRows() > 0) {
98
		while($addon = $result->fetchRow()) {
99
			$template->set_var('VALUE', $addon['directory']);
100
			$template->set_var('NAME', $addon['name']);
101
			if(!is_numeric(array_search($addon['directory'], $module_permissions))) {
102
				$template->set_var('CHECKED', ' checked="checked"');
103
			} else {
104
				$template->set_var('CHECKED', '');
97
			// Insert values into template list
98
			$template->set_block('main_block', 'template_list_block', 'template_list');
99
			$result = $database->query('SELECT * FROM `'.TABLE_PREFIX.'addons` WHERE `type` = "template" ORDER BY `name`');
100
			if($result->numRows() > 0) {
101
				while($addon = $result->fetchRow()) {
102
					$template->set_var('VALUE', $addon['directory']);
103
					$template->set_var('NAME', $addon['name']);
104
					if(!is_numeric(array_search($addon['directory'], $template_permissions))) {
105
						$template->set_var('CHECKED', ' checked="checked"');
106
					} else {
107
						$template->set_var('CHECKED', '');
108
					}
109
					$template->parse('template_list', 'template_list_block', true);
110
				}
105 111
			}
106
			$template->parse('module_list', 'module_list_block', true);
107
		}
108
	}
109
	
110
	// Insert values into template list
111
	$template->set_block('main_block', 'template_list_block', 'template_list');
112
	$result = $database->query('SELECT * FROM `'.TABLE_PREFIX.'addons` WHERE `type` = "template" ORDER BY `name`');
113
	if($result->numRows() > 0) {
114
		while($addon = $result->fetchRow()) {
115
			$template->set_var('VALUE', $addon['directory']);
116
			$template->set_var('NAME', $addon['name']);
117
			if(!is_numeric(array_search($addon['directory'], $template_permissions))) {
118
				$template->set_var('CHECKED', ' checked="checked"');
112

  
113
			// Insert language text and messages
114
			$template->set_var(array(
115
						'TEXT_RESET' => $TEXT['RESET'],
116
						'TEXT_ACTIVE' => $TEXT['ACTIVE'],
117
						'TEXT_DISABLED' => $TEXT['DISABLED'],
118
						'TEXT_PLEASE_SELECT' => $TEXT['PLEASE_SELECT'],
119
						'TEXT_USERNAME' => $TEXT['USERNAME'],
120
						'TEXT_PASSWORD' => $TEXT['PASSWORD'],
121
						'TEXT_RETYPE_PASSWORD' => $TEXT['RETYPE_PASSWORD'],
122
						'TEXT_DISPLAY_NAME' => $TEXT['DISPLAY_NAME'],
123
						'TEXT_EMAIL' => $TEXT['EMAIL'],
124
						'TEXT_GROUP' => $TEXT['GROUP'],
125
						'TEXT_SYSTEM_PERMISSIONS' => $TEXT['SYSTEM_PERMISSIONS'],
126
						'TEXT_MODULE_PERMISSIONS' => $TEXT['MODULE_PERMISSIONS'],
127
						'TEXT_TEMPLATE_PERMISSIONS' => $TEXT['TEMPLATE_PERMISSIONS'],
128
						'TEXT_NAME' => $TEXT['NAME'],
129
						'SECTION_PAGES' => $MENU['PAGES'],
130
						'SECTION_MEDIA' => $MENU['MEDIA'],
131
						'SECTION_MODULES' => $MENU['MODULES'],
132
						'SECTION_TEMPLATES' => $MENU['TEMPLATES'],
133
						'SECTION_LANGUAGES' => $MENU['LANGUAGES'],
134
						'SECTION_SETTINGS' => $MENU['SETTINGS'],
135
						'SECTION_USERS' => $MENU['USERS'],
136
						'SECTION_GROUPS' => $MENU['GROUPS'],
137
						'SECTION_ADMINTOOLS' => $MENU['ADMINTOOLS'],
138
						'TEXT_VIEW' => $TEXT['VIEW'],
139
						'TEXT_ADD' => $TEXT['ADD'],
140
						'TEXT_LEVEL' => $TEXT['LEVEL'],
141
						'TEXT_MODIFY' => $TEXT['MODIFY'],
142
						'TEXT_DELETE' => $TEXT['DELETE'],
143
						'TEXT_MODIFY_CONTENT' => $TEXT['MODIFY_CONTENT'],
144
						'TEXT_MODIFY_SETTINGS' => $TEXT['MODIFY_SETTINGS'],
145
						'HEADING_MODIFY_INTRO_PAGE' => $HEADING['MODIFY_INTRO_PAGE'],
146
						'TEXT_CREATE_FOLDER' => $TEXT['CREATE_FOLDER'],
147
						'TEXT_RENAME' => $TEXT['RENAME'],
148
						'TEXT_UPLOAD_FILES' => $TEXT['UPLOAD_FILES'],
149
						'TEXT_BASIC' => $TEXT['BASIC'],
150
						'TEXT_ADVANCED' => $TEXT['ADVANCED'],
151
						'CHANGING_PASSWORD' => $MESSAGE['USERS']['CHANGING_PASSWORD'],
152
						'HEADING_MODIFY_GROUP' => $HEADING['MODIFY_GROUP'],
153
					));
154

  
155
			// Parse template object
156
			$template->parse('main', 'main_block', false);
157
			$template->pparse('output', 'page');
158
			break;
159
		case 'delete' :
160
			// Create new admin object
161
			$admin = new admin('Access', 'groups_delete');
162
			$group_id = intval($admin->checkIDKEY('group_id', 0, $_SERVER['REQUEST_METHOD']));
163
			// Check if user id is a valid number and doesnt equal 1
164
			if( ($group_id < 2 ) )
165
			{
166
				// if($admin_header) { $admin->print_header(); }
167
				$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'] );
168
			}
169
			// Print header
170
			$admin->print_header();
171
			// Delete the group
172
			$database->query("DELETE FROM ".TABLE_PREFIX."groups WHERE group_id = '".$group_id."' LIMIT 1");
173
			if($database->is_error()) {
174
				$admin->print_error($database->get_error());
119 175
			} else {
120
				$template->set_var('CHECKED', '');
176
				// Delete users in the group
177
				$database->query("DELETE FROM ".TABLE_PREFIX."users WHERE group_id = '".$group_id."'");
178
				if($database->is_error()) {
179
					$admin->print_error($database->get_error());
180
				} else {
181
					$admin->print_success($MESSAGE['GROUPS']['DELETED']);
182
				}
121 183
			}
122
			$template->parse('template_list', 'template_list_block', true);
123
		}
124
	}
125
		
126
	// Insert language text and messages
127
	$template->set_var(array(
128
				'TEXT_RESET' => $TEXT['RESET'],
129
				'TEXT_ACTIVE' => $TEXT['ACTIVE'],
130
				'TEXT_DISABLED' => $TEXT['DISABLED'],
131
				'TEXT_PLEASE_SELECT' => $TEXT['PLEASE_SELECT'],
132
				'TEXT_USERNAME' => $TEXT['USERNAME'],
133
				'TEXT_PASSWORD' => $TEXT['PASSWORD'],
134
				'TEXT_RETYPE_PASSWORD' => $TEXT['RETYPE_PASSWORD'],
135
				'TEXT_DISPLAY_NAME' => $TEXT['DISPLAY_NAME'],
136
				'TEXT_EMAIL' => $TEXT['EMAIL'],
137
				'TEXT_GROUP' => $TEXT['GROUP'],
138
				'TEXT_SYSTEM_PERMISSIONS' => $TEXT['SYSTEM_PERMISSIONS'],
139
				'TEXT_MODULE_PERMISSIONS' => $TEXT['MODULE_PERMISSIONS'],
140
				'TEXT_TEMPLATE_PERMISSIONS' => $TEXT['TEMPLATE_PERMISSIONS'],
141
				'TEXT_NAME' => $TEXT['NAME'],
142
				'SECTION_PAGES' => $MENU['PAGES'],
143
				'SECTION_MEDIA' => $MENU['MEDIA'],
144
				'SECTION_MODULES' => $MENU['MODULES'],
145
				'SECTION_TEMPLATES' => $MENU['TEMPLATES'],
146
				'SECTION_LANGUAGES' => $MENU['LANGUAGES'],
147
				'SECTION_SETTINGS' => $MENU['SETTINGS'],
148
				'SECTION_USERS' => $MENU['USERS'],
149
				'SECTION_GROUPS' => $MENU['GROUPS'],
150
				'SECTION_ADMINTOOLS' => $MENU['ADMINTOOLS'],
151
				'TEXT_VIEW' => $TEXT['VIEW'],
152
				'TEXT_ADD' => $TEXT['ADD'],
153
				'TEXT_LEVEL' => $TEXT['LEVEL'],
154
				'TEXT_MODIFY' => $TEXT['MODIFY'],
155
				'TEXT_DELETE' => $TEXT['DELETE'],
156
				'TEXT_MODIFY_CONTENT' => $TEXT['MODIFY_CONTENT'],
157
				'TEXT_MODIFY_SETTINGS' => $TEXT['MODIFY_SETTINGS'],
158
				'HEADING_MODIFY_INTRO_PAGE' => $HEADING['MODIFY_INTRO_PAGE'],
159
				'TEXT_CREATE_FOLDER' => $TEXT['CREATE_FOLDER'],
160
				'TEXT_RENAME' => $TEXT['RENAME'],
161
				'TEXT_UPLOAD_FILES' => $TEXT['UPLOAD_FILES'],
162
				'TEXT_BASIC' => $TEXT['BASIC'],
163
				'TEXT_ADVANCED' => $TEXT['ADVANCED'],
164
				'CHANGING_PASSWORD' => $MESSAGE['USERS']['CHANGING_PASSWORD'],
165
				'HEADING_MODIFY_GROUP' => $HEADING['MODIFY_GROUP'],
166
			));
167
	
168
	// Parse template object
169
	$template->parse('main', 'main_block', false);
170
	$template->pparse('output', 'page');
171
} elseif($_POST['action'] == 'delete') {
172
	// Create new admin object
173
	$admin = new admin('Access', 'groups_delete', false);
174
/*  */
175
	if (!$admin->checkFTAN())
176
	{
177
		$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'], ADMIN_URL);
178
	}
179
	// Print header
180
	$admin->print_header();
181
	// Delete the group
182
	$database->query("DELETE FROM ".TABLE_PREFIX."groups WHERE group_id = '".$_POST['group_id']."' LIMIT 1");
183
	if($database->is_error()) {
184
		$admin->print_error($database->get_error());
185
	} else {
186
		// Delete users in the group
187
		$database->query("DELETE FROM ".TABLE_PREFIX."users WHERE group_id = '".$_POST['group_id']."'");
188
		if($database->is_error()) {
189
			$admin->print_error($database->get_error());
190
		} else {
191
			$admin->print_success($MESSAGE['GROUPS']['DELETED']);
192
		}
193
	}
194
}
184
			break;
185
	default:
186
			break;
187
endswitch;
195 188

  
196 189
// Print admin footer
197 190
$admin->print_footer();
branches/2.8.x/wb/admin/groups/index.php
53 53
	$template->parse('list', 'list_block', true);
54 54
	// Loop through groups
55 55
	while($group = $results->fetchRow()) {
56
		$template->set_var('VALUE', $group['group_id']);
56
		$template->set_var('VALUE',$admin->getIDKEY($group['group_id']));
57 57
		$template->set_var('NAME', $group['name']);
58 58
		$template->parse('list', 'list_block', true);
59 59
	}
......
195 195

  
196 196
// Print the admin footer
197 197
$admin->print_footer();
198

  
199
?>
branches/2.8.x/wb/admin/media/rename2.php
24 24
// Include the WB functions file
25 25
require_once(WB_PATH.'/framework/functions.php');
26 26

  
27
// Get list of file types to which we're supposed to append 'txt'
28
$get_result = $database->query("SELECT value FROM ".TABLE_PREFIX."settings WHERE name='rename_files_on_upload' LIMIT 1");
29
$file_extension_string = '';
30
if ($get_result->numRows()>0) {
31
	$fetch_result = $get_result->fetchRow();
32
	$file_extension_string = $fetch_result['value'];
33
}
34
$file_extensions=explode(",",$file_extension_string);
35

  
36 27
// Get the current dir
37
// $directory = $admin->get_post('dir');
38

  
39
// Target location
40 28
$requestMethod = '_'.strtoupper($_SERVER['REQUEST_METHOD']);
41 29
$directory = (isset(${$requestMethod}['dir'])) ? ${$requestMethod}['dir'] : '';
42
if($directory == '/') {
43
	$directory = '';
44
}
30
$directory = ($directory == '/') ?  '' : $directory;
45 31

  
46
// Check to see if it contains ..
32
$dirlink = 'browse.php?dir='.$directory;
33
$rootlink = 'browse.php?dir=';
34
// $file_id = intval($admin->get_post('id'));
35

  
36
// first Check to see if it contains ..
47 37
if (!check_media_path($directory)) {
48
	$admin->print_header();
49
	$admin->print_error($MESSAGE['MEDIA']['DIR_DOT_DOT_SLASH']);
38
	$admin->print_error($MESSAGE['MEDIA']['DIR_DOT_DOT_SLASH'],$rootlink, false);
50 39
}
51 40

  
52 41
// Get the temp id
53
$file_id = $admin->checkIDKEY('id', false, 'POST');
42
$file_id = intval($admin->checkIDKEY('id', false, $_SERVER['REQUEST_METHOD']));
54 43
if (!$file_id) {
55
	$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS']);
44
	$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'],$dirlink, false);
56 45
}
57 46

  
47
// Check for potentially malicious files and append 'txt' to their name
48
$rename_file_types  = str_replace(',','|',RENAME_FILES_ON_UPLOAD);
49
// hardcodet forbidden filetypes
50
$forbidden_file_types = 'phtml|php5|php4|php|cgi|pl|exe|com|bat|src|'.$rename_file_types;
58 51
// Get home folder not to show
59 52
$home_folders = get_home_folders();
60 53

  
......
62 55
if($handle = opendir(WB_PATH.MEDIA_DIRECTORY.'/'.$directory)) {
63 56
	// Loop through the files and dirs an add to list
64 57
   while (false !== ($file = readdir($handle))) {
58
		$info = pathinfo($file);
59
		$ext = isset($info['extension']) ? $info['extension'] : '';
65 60
		if(substr($file, 0, 1) != '.' AND $file != '.svn' AND $file != 'index.php') {
66
			if(is_dir(WB_PATH.MEDIA_DIRECTORY.$directory.'/'.$file)) {
67
				if(!isset($home_folders[$directory.'/'.$file])) {
68
					$DIR[] = $file;
61
			if( !preg_match('/'.$forbidden_file_types.'$/i', $ext) ) {
62
				if(is_dir(WB_PATH.MEDIA_DIRECTORY.$directory.'/'.$file)) {
63
					if(!isset($home_folders[$directory.'/'.$file])) {
64
						$DIR[] = $file;
65
					}
66
				} else {
67
					$FILE[] = $file;
69 68
				}
70
			} else {
71
				$FILE[] = $file;
72 69
			}
73 70
		}
74 71
	}
......
94 91
		}
95 92
	}
96 93
}
94

  
97 95
$file_id = $admin->getIDKEY($file_id);
96

  
98 97
if(!isset($rename_file)) {
99
	$admin->print_error($MESSAGE['MEDIA']['FILE_NOT_FOUND'], "browse.php?dir=$directory", false);
98
	$admin->print_error($MESSAGE['MEDIA']['FILE_NOT_FOUND'], $dirlink, false);
100 99
}
101 100

  
102 101
// Check if they entered a new name
......
121 120
// Join new name and extension
122 121
$name = $new_name.$extension;
123 122

  
123
$info = pathinfo(WB_PATH.MEDIA_DIRECTORY.$directory.'/'.$name);
124
$ext = isset($info['extension']) ? $info['extension'] : '';
125
$dots = (substr($info['basename'], 0, 1) == '.') || (substr($info['basename'], -1, 1) == '.');
126

  
127
if( preg_match('/'.$forbidden_file_types.'$/i', $ext) || $dots == '.' ) {
128
	$admin->print_error($MESSAGE['MEDIA']['CANNOT_RENAME'], "rename.php?dir=$directory&id=$file_id", false);
129
}
130

  
124 131
// Check if the name contains ..
125 132
if(strstr($name, '..')) {
126 133
	$admin->print_error($MESSAGE['MEDIA']['NAME_DOT_DOT_SLASH'], "rename.php?dir=$directory&id=$file_id", false);
......
136 143
	$admin->print_error($MESSAGE['MEDIA']['BLANK_NAME'], "rename.php?dir=$directory&id=$file_id", false);
137 144
}
138 145

  
139
// Check for potentially malicious files and append 'txt' to their name
140
foreach($file_extensions as $file_ext) {
141
	$file_ext_len=strlen($file_ext);
142
	if (substr($name,-$file_ext_len)==$file_ext) {
143
		$name.='.txt';
144
	}
145
}		
146
$info = pathinfo(WB_PATH.MEDIA_DIRECTORY.$directory.'/'.$rename_file);
147
$ext = isset($info['extension']) ? $info['extension'] : '';
148
$dots = (substr($info['basename'], 0, 1) == '.') || (substr($info['basename'], -1, 1) == '.');
146 149

  
150
if( preg_match('/'.$forbidden_file_types.'$/i', $ext) || $dots == '.' ) {
151
	$admin->print_error($MESSAGE['MEDIA']['CANNOT_RENAME'], "rename.php?dir=$directory&id=$file_id", false);
152
}
147 153

  
148 154
// Check if we should overwrite or not
149 155
if($admin->get_post('overwrite') != 'yes' AND file_exists(WB_PATH.MEDIA_DIRECTORY.$directory.'/'.$name) == true) {
......
160 166
    // feature freeze
161 167
	// require_once(ADMIN_PATH.'/media/dse.php');
162 168

  
163
	$admin->print_success($MESSAGE['MEDIA']['RENAMED'], "browse.php?dir=$directory");
169
	$admin->print_success($MESSAGE['MEDIA']['RENAMED'], $dirlink);
164 170
} else {
165 171
	$admin->print_error($MESSAGE['MEDIA']['CANNOT_RENAME'], "rename.php?dir=$directory&id=$file_id", false);
166 172
}
branches/2.8.x/wb/admin/media/browse.php
94 94
				$currentHome
95 95
				:
96 96
				$admin->strip_slashes($admin->get_get('dir')) ;
97

  
97 98
if($directory == '/' OR $directory == '\\') {
98 99
	$directory = '';
99 100
}
100 101

  
102
$dir_backlink = 'browse.php?dir='.$directory;
103

  
101 104
// Check to see if it contains ../
102 105
if (!check_media_path($directory)) {
103 106
	// $admin->print_header();
......
159 162

  
160 163
if($handle = opendir(WB_PATH.MEDIA_DIRECTORY.'/'.$directory)) {
161 164
	// Loop through the files and dirs an add to list
162
	while(false !== ($file = readdir($handle))) {
165
   while (false !== ($file = readdir($handle))) {
166
		$info = pathinfo($file);
167
		$ext = isset($info['extension']) ? $info['extension'] : '';
163 168
		if(substr($file, 0, 1) != '.' AND $file != '.svn' AND $file != 'index.php') {
164
			if(is_dir(WB_PATH.MEDIA_DIRECTORY.$directory.'/'.$file)) {
165
				if(!isset($home_folders[$directory.'/'.$file])) {
166
					$DIR[] = $file;
167
				}
168
			} else {
169
				$info = pathinfo($file);
170
				$ext = isset($info['extension']) ? $info['extension'] : '';
171
				if( !preg_match('/'.$forbidden_file_types.'$/i', $ext) ) {
169
			if( !preg_match('/'.$forbidden_file_types.'$/i', $ext) ) {
170
				if(is_dir(WB_PATH.MEDIA_DIRECTORY.$directory.'/'.$file)) {
171
					if(!isset($home_folders[$directory.'/'.$file])) {
172
						$DIR[] = $file;
173
					}
174
				} else {
172 175
					$FILE[] = $file;
173 176
				}
174 177
			}
......
186 189
								'NAME' => $name,
187 190
								'NAME_SLASHED' => addslashes($name),
188 191
								'TEMP_ID' => $admin->getIDKEY($temp_id),
192
								// 'TEMP_ID' => $temp_id,
189 193
								'LINK' => "browse.php?dir=$directory/$link_name",
190 194
								'LINK_TARGET' => '_self',
191 195
								'ROW_BG_COLOR' => $row_bg_color,
......
246 250
								'NAME' => $name,
247 251
								'NAME_SLASHED' => addslashes($name),
248 252
								'TEMP_ID' => $admin->getIDKEY($temp_id),
253
								// 'TEMP_ID' => $temp_id,
249 254
								'LINK' => WB_URL.MEDIA_DIRECTORY.$directory.'/'.$name,
250 255
								'LINK_TARGET' => '_blank',
251 256
								'ROW_BG_COLOR' => $row_bg_color,
branches/2.8.x/wb/admin/media/delete.php
26 26

  
27 27
// Get the current dir
28 28
$directory = $admin->get_get('dir');
29
if($directory == '/') {
30
	$directory = '';
31
}
29
$directory = ($directory == '/') ?  '' : $directory;
32 30

  
31
$dirlink = 'browse.php?dir='.$directory;
32
$rootlink = 'browse.php?dir=';
33

  
33 34
// Check to see if it contains ..
34 35
if (!check_media_path($directory)) {
35 36
	// $admin->print_header();
36
	$admin->print_error($MESSAGE['MEDIA']['DIR_DOT_DOT_SLASH'],WB_URL.'/admin/media/browse.php?dir=',false );
37
	$admin->print_error($MESSAGE['MEDIA']['DIR_DOT_DOT_SLASH'],$rootlink,false );
37 38
}
38 39

  
39
// Get the temp id
40
$file_id = $admin->checkIDKEY('id', false, 'GET');
40
// Get the file id
41
$file_id = $admin->checkIDKEY('id', false, $_SERVER['REQUEST_METHOD']);
41 42
if (!$file_id) {
42
	$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'], WB_URL.'/admin/media/browse.php?dir=',false);
43
	$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'], $dirlink,false);
43 44
}
44 45

  
45 46
// Get home folder not to show
......
52 53
if(!empty($currentdir)) {
53 54
	$usedFiles = $Dse->getMatchesFromDir( $directory, DseTwo::RETURN_USED);
54 55
}
55
print '<pre><strong>function '.__FUNCTION__.'();</strong>  basename: '.basename(__FILE__).'  line: '.__LINE__.' -> <br />';
56
print_r( $usedFiles ); print '</pre>'; // flush ();sleep(10); die();
57 56
*/
58 57
// Figure out what folder name the temp id is
59 58
if($handle = opendir(WB_PATH.MEDIA_DIRECTORY.'/'.$directory)) {
......
94 93

  
95 94
// Check to see if we could find an id to match
96 95
if(!isset($delete_file)) {
97
	$admin->print_error($MESSAGE['MEDIA']['FILE_NOT_FOUND'], "browse.php?dir=$directory", false);
96
	$admin->print_error($MESSAGE['MEDIA']['FILE_NOT_FOUND'], $dirlink, false);
98 97
}
99 98
$relative_path = WB_PATH.MEDIA_DIRECTORY.'/'.$directory.'/'.$delete_file;
100 99
// Check if the file/folder exists
101 100
if(!file_exists($relative_path)) {
102
	$admin->print_error($MESSAGE['MEDIA']['FILE_NOT_FOUND'], "browse.php?dir=$directory", false);	
101
	$admin->print_error($MESSAGE['MEDIA']['FILE_NOT_FOUND'], $dirlink, false);
103 102
}
104 103

  
105 104
// Find out whether its a file or folder
106 105
if($type == 'folder') {
107 106
	// Try and delete the directory
108 107
	if(rm_full_dir($relative_path)) {
109
		$admin->print_success($MESSAGE['MEDIA']['DELETED_DIR'], "browse.php?dir=$directory");
108
		$admin->print_success($MESSAGE['MEDIA']['DELETED_DIR'], $dirlink);
110 109
	} else {
111
		$admin->print_error($MESSAGE['MEDIA']['CANNOT_DELETE_DIR'], "browse.php?dir=$directory", false);
110
		$admin->print_error($MESSAGE['MEDIA']['CANNOT_DELETE_DIR'], $dirlink, false);
112 111
	}
113 112
} else {
114 113
	// Try and delete the file
115 114
	if(unlink($relative_path)) {
116
		$admin->print_success($MESSAGE['MEDIA']['DELETED_FILE'], "browse.php?dir=$directory");
115
		$admin->print_success($MESSAGE['MEDIA']['DELETED_FILE'], $dirlink);
117 116
	} else {
118
		$admin->print_error($MESSAGE['MEDIA']['CANNOT_DELETE_FILE'], "browse.php?dir=$directory", false);
117
		$admin->print_error($MESSAGE['MEDIA']['CANNOT_DELETE_FILE'], $dirlink, false);
119 118
	}
120 119
}
121 120

  
branches/2.8.x/wb/admin/media/create.php
18 18

  
19 19
// Print admin header
20 20
require('../../config.php');
21

  
21 22
require_once(WB_PATH.'/framework/class.admin.php');
23
// Include the WB functions file
24
require_once(WB_PATH.'/framework/functions.php');
25

  
22 26
// suppress to print the header, so no new FTAN will be set
23 27
$admin = new admin('Media', 'media_create', false);
24 28

  
25 29
// Get dir name and target location
26 30
$requestMethod = '_'.strtoupper($_SERVER['REQUEST_METHOD']);
27 31
$name = (isset(${$requestMethod}['name'])) ? ${$requestMethod}['name'] : '';
28
if($name == '') {
29
	header("Location: index.php");
30
	exit(0);
32

  
33
// Check to see if name or target contains ../
34
if(strstr($name, '..')) {
35
	$admin->print_header();
36
	$admin->print_error($MESSAGE['MEDIA']['NAME_DOT_DOT_SLASH']);
31 37
}
32 38

  
39
// Remove bad characters
40
$name = trim(media_filename($name),'.');
41

  
33 42
// Target location
34 43
$requestMethod = '_'.strtoupper($_SERVER['REQUEST_METHOD']);
35 44
$target = (isset(${$requestMethod}['target'])) ? ${$requestMethod}['target'] : '';
36
if($target == '') {
37
	header("Location: index.php");
38
	exit(0);
39
}
40 45

  
41
require_once(WB_PATH.'/framework/class.admin.php');
42
// suppress to print the header, so no new FTAN will be set
43
$admin = new admin('Media', 'media_create', false);
44 46
if (!$admin->checkFTAN())
45 47
{
46 48
	$admin->print_header();
......
49 51
// After check print the header
50 52
$admin->print_header();
51 53

  
52
// Include the WB functions file
53
require_once(WB_PATH.'/framework/functions.php');
54

  
55
// Check to see if name or target contains ../
56
if(strstr($name, '..')) {
57
	$admin->print_error($MESSAGE['MEDIA']['NAME_DOT_DOT_SLASH']);
58
}
59 54
if (!check_media_path($target, false)) {
60
	w_debug("target: $target");
61 55
	$admin->print_error($MESSAGE['MEDIA']['TARGET_DOT_DOT_SLASH']);
62 56
}
63 57

  
64
// Remove bad characters
65
$name = media_filename($name);
66
  
67 58
// Create relative path of the new dir name
68 59
$directory = WB_PATH.$target.'/'.$name;
69 60

  
70
/*  */
71 61
// Check to see if the folder already exists
72 62
if(file_exists($directory)) {
73 63
	$admin->print_error($MESSAGE['MEDIA']['DIR_EXISTS']);
74 64
}
75 65

  
76

  
77 66
if ( sizeof(createFolderProtectFile( $directory )) )
78 67
{
79 68
	$admin->print_error($MESSAGE['MEDIA']['DIR_NOT_MADE']);
branches/2.8.x/wb/admin/media/rename.php
26 26

  
27 27
// Get the current dir
28 28
$directory = $admin->get_get('dir');
29
if($directory == '/') {
30
	$directory = '';
31
}
29
$directory = ($directory == '/') ?  '' : $directory;
32 30

  
33
// Check to see if it contains ..
31
$dirlink = 'browse.php?dir='.$directory;
32
$rootlink = 'browse.php?dir=';
33
// $file_id = intval($admin->get_get('id'));
34

  
35
// first Check to see if it contains ..
34 36
if (!check_media_path($directory)) {
35
	$admin->print_error($MESSAGE['MEDIA']['DIR_DOT_DOT_SLASH'], "browse.php?dir=$directory", false);
37
	$admin->print_error($MESSAGE['MEDIA']['DIR_DOT_DOT_SLASH'],$rootlink, false);
36 38
}
37 39

  
38 40
// Get the temp id
39
$file_id = $admin->checkIDKEY('id', false, 'GET');
41
$file_id = intval($admin->checkIDKEY('id', false, $_SERVER['REQUEST_METHOD']));
40 42
if (!$file_id) {
41
	$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS']);
43
	$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'],$dirlink, false);
42 44
}
43 45

  
44 46
// Get home folder not to show
45 47
$home_folders = get_home_folders();
48
// Check for potentially malicious files and append 'txt' to their name
49
$rename_file_types  = str_replace(',','|',RENAME_FILES_ON_UPLOAD);
50
// hardcodet forbidden filetypes
51
$forbidden_file_types = 'phtml|php5|php4|php|cgi|pl|exe|com|bat|src|'.$rename_file_types;
46 52

  
47 53
// Figure out what folder name the temp id is
48 54
if($handle = opendir(WB_PATH.MEDIA_DIRECTORY.'/'.$directory)) {
49 55
	// Loop through the files and dirs an add to list
50 56
   while (false !== ($file = readdir($handle))) {
57
		$info = pathinfo($file);
58
		$ext = isset($info['extension']) ? $info['extension'] : '';
51 59
		if(substr($file, 0, 1) != '.' AND $file != '.svn' AND $file != 'index.php') {
52
			if(is_dir(WB_PATH.MEDIA_DIRECTORY.$directory.'/'.$file)) {
53
				if(!isset($home_folders[$directory.'/'.$file])) {
54
					$DIR[] = $file;
60
			if( !preg_match('/'.$forbidden_file_types.'$/i', $ext) ) {
61
				if(is_dir(WB_PATH.MEDIA_DIRECTORY.$directory.'/'.$file)) {
62
					if(!isset($home_folders[$directory.'/'.$file])) {
63
						$DIR[] = $file;
64
					}
65
				} else {
66
					$FILE[] = $file;
55 67
				}
56
			} else {
57
				$FILE[] = $file;
58 68
			}
59 69
		}
60 70
	}
71

  
61 72
	$temp_id = 0;
62 73
	if(isset($DIR)) {
63 74
		sort($DIR);
......
69 80
			}
70 81
		}
71 82
	}
83

  
72 84
	if(isset($FILE)) {
73 85
		sort($FILE);
74 86
		foreach($FILE AS $name) {
......
82 94
}
83 95

  
84 96
if(!isset($rename_file)) {
85
	$admin->print_error($MESSAGE['MEDIA']['FILE_NOT_FOUND'], "browse.php?dir=$directory", false);
97
	$admin->print_error($MESSAGE['MEDIA']['FILE_NOT_FOUND'], $dirlink, false);
86 98
}
87 99

  
88 100
// Setup template object
......
109 121
					'FILENAME' => $rename_file,
110 122
					'DIR' => $directory,
111 123
					'FILE_ID' => $admin->getIDKEY($file_id),
124
					// 'FILE_ID' => $file_id,
112 125
					'TYPE' => $type,
113 126
					'EXTENSION' => $extension,
114 127
					'FTAN' => $admin->getFTAN()
branches/2.8.x/wb/admin/media/upload.php
22 22
include_once('parameters.php');
23 23

  
24 24
require_once(WB_PATH.'/framework/class.admin.php');
25
require_once(WB_PATH.'/include/pclzip/pclzip.lib.php');	// Required to unzip file.
25
// require_once(WB_PATH.'/include/pclzip/pclzip.lib.php');	// Required to unzip file.
26 26
// suppress to print the header, so no new FTAN will be set
27 27
$admin = new admin('Media', 'media_upload', false);
28 28

  
......
52 52
$resizepath = str_replace(array('/',' '),'_',$target);
53 53

  
54 54
// Find out whether we should replace files or give an error
55
if($admin->get_post('overwrite') != '') {
56
	$overwrite = true;
57
} else {
58
	$overwrite = false;
59
}
55
$overwrite = ($admin->get_post('overwrite') != '') ? true : false;
60 56

  
61 57
// Get list of file types to which we're supposed to append 'txt'
62 58
$get_result=$database->query("SELECT value FROM ".TABLE_PREFIX."settings WHERE name='rename_files_on_upload' LIMIT 1");
......
65 61
	$fetch_result=$get_result->fetchRow();
66 62
	$file_extension_string=$fetch_result['value'];
67 63
}
64

  
68 65
$file_extensions=explode(",",$file_extension_string);
69 66
// get from settings and add to forbidden list
70 67
$rename_file_types  = str_replace(',','|',RENAME_FILES_ON_UPLOAD);
branches/2.8.x/wb/admin/start/index.php
64 64
}
65 65

  
66 66
$msg = (file_exists(WB_PATH.'/install/')) ?  $MESSAGE['START']['INSTALL_DIR_EXISTS'] : '';
67
$msg .= (file_exists(WB_PATH.'/upgrade-script.php')) ? '<br />'.$TEXT['DELETE'].' upgrade-script.php ' : '';
67
$msg .= (file_exists(WB_PATH.'/upgrade-script.php')) ? '<br />'.$MESSAGE['START_UPGRADE_SCRIPT_EXISTS'] : '';
68 68

  
69 69
// Check if installation directory still exists
70 70
if(file_exists(WB_PATH.'/install/') || file_exists(WB_PATH.'/upgrade-script.php') ) {
......
138 138

  
139 139
// Print admin footer
140 140
$admin->print_footer();
141

  
142
?>
branches/2.8.x/wb/admin/templates/details.php
33 33
	header("Location: index.php");
34 34
	exit(0);
35 35
} else {
36
	$file = preg_replace("/\W/", "", $admin->add_slashes($_POST['file']));  // fix secunia 2010-92-2
36
	$file = preg_replace("/\W/", "", $_POST['file']);  // fix secunia 2010-92-2
37 37
}
38 38

  
39 39
// Check if the template exists
branches/2.8.x/wb/admin/pages/index.php
28 28
?>
29 29
<script type="text/javascript" src="<?php print ADMIN_URL; ?>/pages/eggsurplus.js"></script>
30 30
<?php
31
/*
32
urlencode function and rawurlencode are mostly based on RFC 1738.
33
However, since 2005 the current RFC in use for URIs standard is RFC 3986.
34
Here is a function to encode URLs according to RFC 3986.
35
*/
36
function url_encode($string) {
37
    $string = html_entity_decode($string,ENT_QUOTES,'UTF-8');
38
    $entities = array('%21', '%2A', '%27', '%28', '%29', '%3B', '%3A', '%40', '%26', '%3D', '%2B', '%24', '%2C', '%2F', '%3F', '%25', '%23', '%5B', '%5D');
39
    $replacements = array('!', '*', "'", "(", ")", ";", ":", "@", "&", "=", "+", "$", ",", "/", "?", "%", "#", "[", "]");
40
    return str_replace($entities, $replacements, rawurlencode($string));
41
}
31

  
42 32
// fixes A URI contains impermissible characters or quotes around the URI are not closed.
43 33
$MESSAGE['PAGES_DELETE_CONFIRM'] = url_encode(  $MESSAGE['PAGES_DELETE_CONFIRM'] );
44 34

  
......
607 597

  
608 598
// Print admin
609 599
$admin->print_footer();
610

  
611
?>
branches/2.8.x/wb/admin/pages/settings2.php
56 56
// Get values
57 57
$page_title = str_replace(array("[[", "]]"), '', htmlspecialchars($admin->get_post_escaped('page_title')));
58 58
$menu_title = str_replace(array("[[", "]]"), '', htmlspecialchars($admin->get_post_escaped('menu_title')));
59
$page_code = (int) $admin->get_post_escaped('page_code');
59
$page_code = intval($admin->get_post('page_code')) ;
60 60
$description = str_replace(array("[[", "]]"), '', htmlspecialchars($admin->add_slashes($admin->get_post('description'))));
61 61
$keywords = str_replace(array("[[", "]]"), '', htmlspecialchars($admin->add_slashes($admin->get_post('keywords'))));
62
$parent = (int) $admin->get_post_escaped('parent'); // fix secunia 2010-91-3
62
$parent = intval($admin->get_post('parent')); // fix secunia 2010-91-3
63 63
$visibility = $admin->get_post_escaped('visibility');
64 64
if (!in_array($visibility, array('public', 'private', 'registered', 'hidden', 'none'))) {$visibility = 'public';} // fix secunia 2010-93-3
65
$template = preg_replace("/\W/", "", $admin->get_post_escaped('template')); // fix secunia 2010-93-3
66
$target = preg_replace("/\W/", "", $admin->get_post_escaped('target'));
65
$template = preg_replace("/\W/", "", $admin->get_post('template')); // fix secunia 2010-93-3
66
$target = preg_replace("/\W/", "", $admin->get_post('target'));
67 67
$admin_groups = $admin->get_post_escaped('admin_groups');
68 68
$viewing_groups = $admin->get_post_escaped('viewing_groups');
69
$searching = (int) $admin->get_post_escaped('searching');
69
$searching = intval($admin->get_post('searching'));
70 70
$language = strtoupper($admin->get_post('language'));
71 71
$language = (preg_match('/^[A-Z]{2}$/', $language) ? $language : DEFAULT_LANGUAGE);
72
$menu = (int) $admin->get_post_escaped('menu'); // fix secunia 2010-91-3
72
$menu = intval($admin->get_post('menu')); // fix secunia 2010-91-3
73 73

  
74 74
// Validate data
75 75
if($page_title == '' || substr($page_title,0,1)=='.')
......
325 325

  
326 326
// Print admin footer
327 327
$admin->print_footer();
328

  
329
?>
branches/2.8.x/wb/admin/pages/sections.php
28 28
/* */
29 29
$debug = false; // to show position and section_id
30 30
If(!defined('DEBUG')) { define('DEBUG',$debug);}
31
// Include the WB functions file
32
require_once(WB_PATH.'/framework/functions.php');
31 33
// Create new admin object
32 34
require_once(WB_PATH.'/framework/class.admin.php');
33
$admin = new admin('Pages', 'pages_modify');
35
$admin = new admin('Pages', 'pages_modify', false);
34 36

  
37
$action = 'show';
35 38
// Get page id
36
if(!isset($_GET['page_id']) || !is_numeric($_GET['page_id']))
37
{
38
	header("Location: index.php");
39
	exit(0);
40
} else {
41
	$page_id = $_GET['page_id'];
42
}
39
$requestMethod = '_'.strtoupper($_SERVER['REQUEST_METHOD']);
40
$page_id = intval((isset(${$requestMethod}['page_id'])) ? ${$requestMethod}['page_id'] : 0);
41
$action = ($page_id ? 'show' : $action);
42
// Get section id if there is one
43
$requestMethod = '_'.strtoupper($_SERVER['REQUEST_METHOD']);
44
$section_id = ((isset(${$requestMethod}['section_id'])) ? ${$requestMethod}['section_id']  : 0);
45
$action = ($section_id ? 'delete' : $action);
46
// Get module if there is one
47
$requestMethod = '_'.strtoupper($_SERVER['REQUEST_METHOD']);
48
$module = ((isset(${$requestMethod}['module'])) ? ${$requestMethod}['module']  : 0);
49
$action = ($module != '' ? 'add' : $action);
50
$admin_header = true;
51
$backlink = ADMIN_URL.'/pages/sections.php?page_id='.(int)$page_id;
43 52

  
44
/*
45
if( (!($page_id = $admin->checkIDKEY('page_id', 0, $_SERVER['REQUEST_METHOD']))) )
46
{
47
	$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS']);
48
	exit();
49
}
50
*/
51
/*
52
urlencode function and rawurlencode are mostly based on RFC 1738.
53
However, since 2005 the current RFC in use for URIs standard is RFC 3986.
54
Here is a function to encode URLs according to RFC 3986.
55
*/
56
function url_encode($string) {
57
    $string = html_entity_decode($string,ENT_QUOTES,'UTF-8');
58
    $entities = array('%20', '%21', '%2A', '%27', '%28', '%29', '%3B', '%3A', '%40', '%26', '%3D', '%2B', '%24', '%2C', '%2F', '%3F', '%25', '%23', '%5B', '%5D');
59
    $replacements = array(' ','!', '*', "'", "(", ")", ";", ":", "@", "&", "=", "+", "$", ",", "/", "?", "%", "#", "[", "]");
60
    return str_replace($entities, $replacements, rawurlencode($string));
61
}
53
switch ($action):
54
	case 'delete' :
62 55

  
63
// Check if we are supposed to add or delete a section
64
if(isset($_GET['section_id']) && is_numeric($_GET['section_id']))
65
{
66
	// Get more information about this section
67
	$section_id = $_GET['section_id'];
68
    $sql  = 'SELECT `module` FROM `'.TABLE_PREFIX.'sections` ';
69
    $sql .= 'WHERE `section_id` ='.$section_id;
70
    $query_section = $database->query($sql);
56
		if( ( !($section_id = intval($admin->checkIDKEY('section_id', 0, $_SERVER['REQUEST_METHOD'])) )) )
57
		{
58
			if($admin_header) { $admin->print_header(); }
59
			$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'],$backlink);
60
		}
71 61

  
72
	if($query_section->numRows() == 0)
73
    {
74
		$admin->print_error('Section not found');
75
	}
76
	$section = $query_section->fetchRow();
77
	// Include the modules delete file if it exists
78
	if(file_exists(WB_PATH.'/modules/'.$section['module'].'/delete.php'))
79
    {
80
		require(WB_PATH.'/modules/'.$section['module'].'/delete.php');
81
	}
82
    $sql  = 'DELETE FROM `'.TABLE_PREFIX.'sections` ';
83
    $sql .= 'WHERE `section_id` ='.$section_id.' LIMIT 1';
84
    $query_section = $database->query($sql);
62
		$action = 'show';
63
	    $sql  = 'SELECT `module` FROM `'.TABLE_PREFIX.'sections` ';
64
	    $sql .= 'WHERE `section_id` ='.$section_id;
65
        if( ( ($modulname = $database->get_one($sql)) == $module) && ($section_id > 0 ) ) {
66
			// Include the modules delete file if it exists
67
			if(file_exists(WB_PATH.'/modules/'.$modulname.'/delete.php'))
68
		    {
69
				require(WB_PATH.'/modules/'.$modulname.'/delete.php');
70
			}
71
		    $sql  = 'DELETE FROM `'.TABLE_PREFIX.'sections` ';
72
		    $sql .= 'WHERE `section_id` ='.(int)$section_id.' LIMIT 1';
73
			if( !$database->query($sql) ) {
74
				if($admin_header) { $admin->print_header(); }
75
				$admin->print_error($database->get_error(),$backlink);
76
			}  else {
77
				require_once(WB_PATH.'/framework/class.order.php');
78
				$order = new order(TABLE_PREFIX.'sections', 'position', 'section_id', 'page_id');
79
				$order->clean($page_id);
80
				$format = $TEXT['SECTION'].' %d  %s %s '.strtolower( $TEXT['DELETED']);
81
				$message = sprintf ($format,$section_id,strtoupper($modulname),strtolower($TEXT['SUCCESS']));
82
				if($admin_header) { $admin->print_header(); }
83
				$admin_header = false;
84
				unset($_POST);
85
				$admin->print_success($message, $backlink );
86
			}
87
        } else {
88
			if($admin_header) { $admin->print_header(); }
89
			$admin->print_error($module.' '.strtolower($TEXT['NOT_FOUND']),$backlink);
90
        }
85 91

  
86
	if($database->is_error())
87
    {
88
		$admin->print_error($database->get_error());
89
	} else {
90
		require(WB_PATH.'/framework/class.order.php');
92
		break;
93
	case 'add' :
94

  
95
		if (!$admin->checkFTAN())
96
		{
97
			$admin->print_header();
98
			$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'],$backlink);
99
		}
100
		$action = 'show';
101
		$module = preg_replace('/\W/', '', $module );  // fix secunia 2010-91-4
102
		require_once(WB_PATH.'/framework/class.order.php');
103
		// Get new order
91 104
		$order = new order(TABLE_PREFIX.'sections', 'position', 'section_id', 'page_id');
92
		$order->clean($page_id);
93
		$admin->print_success($TEXT['SUCCESS'], ADMIN_URL.'/pages/sections.php?page_id='.$page_id );
94
		$admin->print_footer();
95
		exit();
96
	}
97
} elseif(isset($_POST['module']) && $_POST['module'] != '')
98
{
99
	// Get section info
100
	$module = preg_replace("/\W/", "", $admin->add_slashes($_POST['module']));  // fix secunia 2010-91-4
101
	// Include the ordering class
102
	require(WB_PATH.'/framework/class.order.php');
103
	// Get new order
104
	$order = new order(TABLE_PREFIX.'sections', 'position', 'section_id', 'page_id');
105
	$position = $order->get_new($page_id);	
106
	// Insert module into DB
107
    $sql  = 'INSERT INTO `'.TABLE_PREFIX.'sections` SET ';
108
    $sql .= '`page_id` = '.$page_id.', ';
109
    $sql .= '`module` = "'.$module.'", ';
110
    $sql .= '`position` = '.$position.', ';
111
    $sql .= '`block`=1';
112
    $database->query($sql);
113
	// Get the section id
114
	$section_id = $database->get_one("SELECT LAST_INSERT_ID()");	
115
	// Include the selected modules add file if it exists
116
	if(file_exists(WB_PATH.'/modules/'.$module.'/add.php'))
117
    {
118
		require(WB_PATH.'/modules/'.$module.'/add.php');
119
	}
120
}
105
		$position = $order->get_new($page_id);
106
		// Insert module into DB
107
	    $sql  = 'INSERT INTO `'.TABLE_PREFIX.'sections` SET ';
108
	    $sql .= '`page_id` = '.(int)$page_id.', ';
109
	    $sql .= '`module` = \''.$module.'\', ';
110
	    $sql .= '`position` = '.(int)$position.', ';
111
	    $sql .= '`block` = 1';
112
        if($database->query($sql)) {
113
			// Get the section id
114
			$section_id = $database->get_one("SELECT LAST_INSERT_ID()");
115
			// Include the selected modules add file if it exists
116
			if(file_exists(WB_PATH.'/modules/'.$module.'/add.php'))
117
		    {
118
				require(WB_PATH.'/modules/'.$module.'/add.php');
119
			}
120
        } elseif ($database->is_error())  {
121
			if($admin_header) { $admin->print_header(); }
122
			$admin->print_error($database->get_error());
123
		}
124
		break;
125
	default:
126
		break;
127
endswitch;
121 128

  
122
// Get perms
123
// $database = new database();
124
$sql  = 'SELECT `admin_groups`,`admin_users` FROM `'.TABLE_PREFIX.'pages` ';
125
$sql .= 'WHERE `page_id` = '.$page_id;
126
$results = $database->query($sql);
129
switch ($action):
130
	default:
127 131

  
128
$results_array = $results->fetchRow();
129
$old_admin_groups = explode(',', $results_array['admin_groups']);
130
$old_admin_users = explode(',', $results_array['admin_users']);
131
$in_old_group = FALSE;
132
foreach($admin->get_groups_id() as $cur_gid)
133
{
134
	if (in_array($cur_gid, $old_admin_groups))
135
    {
136
		$in_old_group = TRUE;
137
	}
138
}
139
if((!$in_old_group) && !is_numeric(array_search($admin->get_user_id(), $old_admin_users)))
140
{
141
	$admin->print_error($MESSAGE['PAGES']['INSUFFICIENT_PERMISSIONS']);
142
}
132
		if($admin_header) { $admin->print_header(); }
133
		// Get perms
134
		$sql  = 'SELECT `admin_groups`,`admin_users` FROM `'.TABLE_PREFIX.'pages` ';
135
		$sql .= 'WHERE `page_id` = '.$page_id;
136
		$results = $database->query($sql);
143 137

  
144
// Get page details
145
// $database = new database();
146
$sql  = 'SELECT * FROM `'.TABLE_PREFIX.'pages` ';
147
$sql .= 'WHERE `page_id` = '.$page_id;
148
$results = $database->query($sql);
138
		$results_array = $results->fetchRow();
139
		$old_admin_groups = explode(',', $results_array['admin_groups']);
140
		$old_admin_users = explode(',', $results_array['admin_users']);
141
		$in_old_group = FALSE;
142
		foreach($admin->get_groups_id() as $cur_gid)
143
		{
144
			if (in_array($cur_gid, $old_admin_groups))
145
		    {
146
				$in_old_group = TRUE;
147
			}
148
		}
149
		if((!$in_old_group) && !is_numeric(array_search($admin->get_user_id(), $old_admin_users)))
150
		{
151
			$admin->print_header();
152
			$admin->print_error($MESSAGE['PAGES']['INSUFFICIENT_PERMISSIONS']);
153
		}
149 154

  
150
if($database->is_error())
151
{
152
	// $admin->print_header();
153
	$admin->print_error($database->get_error());
154
}
155
if($results->numRows() == 0)
156
{
157
	// $admin->print_header();
158
	$admin->print_error($MESSAGE['PAGES']['NOT_FOUND']);
159
}
160
$results_array = $results->fetchRow();
155
		// Get page details
156
		$sql  = 'SELECT * FROM `'.TABLE_PREFIX.'pages` ';
157
		$sql .= 'WHERE `page_id` = '.$page_id;
158
		$results = $database->query($sql);
161 159

  
162
// Set module permissions
163
$module_permissions = $_SESSION['MODULE_PERMISSIONS'];
160
		if($database->is_error())
161
		{
162
			// $admin->print_header();
163
			$admin->print_error($database->get_error());
164
		}
165
		if($results->numRows() == 0)
166
		{
167
			// $admin->print_header();
168
			$admin->print_error($MESSAGE['PAGES']['NOT_FOUND']);
169
		}
170
		$results_array = $results->fetchRow();
164 171

  
165
// Unset block var
166
unset($block);
167
// Include template info file (if it exists)
168
if($results_array['template'] != '')
169
{
170
	$template_location = WB_PATH.'/templates/'.$results_array['template'].'/info.php';
171
} else {
172
	$template_location = WB_PATH.'/templates/'.DEFAULT_TEMPLATE.'/info.php';
173
}
174
if(file_exists($template_location))
175
{
176
	require($template_location);
177
}
178
// Check if $menu is set
179
if(!isset($block[1]) || $block[1] == '')
180
{
181
	// Make our own menu list
182
	$block[1] = $TEXT['MAIN'];
183
}
172
		// Set module permissions
173
		$module_permissions = $_SESSION['MODULE_PERMISSIONS'];
184 174

  
185
/*-- load css files with jquery --*/
186
// include jscalendar-setup
187
$jscal_use_time = true; // whether to use a clock, too
188
require_once(WB_PATH."/include/jscalendar/wb-setup.php");
175
		// Unset block var
176
		unset($block);
177
		// Include template info file (if it exists)
178
		if($results_array['template'] != '')
179
		{
180
			$template_location = WB_PATH.'/templates/'.$results_array['template'].'/info.php';
181
		} else {
182
			$template_location = WB_PATH.'/templates/'.DEFAULT_TEMPLATE.'/info.php';
183
		}
184
		if(file_exists($template_location))
185
		{
186
			require($template_location);
187
		}
188
		// Check if $menu is set
189
		if(!isset($block[1]) || $block[1] == '')
190
		{
191
			// Make our own menu list
192
			$block[1] = $TEXT['MAIN'];
193
		}
189 194

  
190
// Setup template object
191
$template = new Template(THEME_PATH.'/templates');
192
$template->set_file('page', 'pages_sections.htt');
193
$template->set_block('page', 'main_block', 'main');
194
$template->set_block('main_block', 'module_block', 'module_list');
195
$template->set_block('main_block', 'section_block', 'section_list');
196
$template->set_block('section_block', 'block_block', 'block_list');
197
$template->set_block('main_block', 'calendar_block', 'calendar_list');
198
$template->set_var('FTAN', $admin->getFTAN());
195
		/*-- load css files with jquery --*/
196
		// include jscalendar-setup
197
		$jscal_use_time = true; // whether to use a clock, too
198
		require_once(WB_PATH."/include/jscalendar/wb-setup.php");
199 199

  
200
// set first defaults and messages
201
$template->set_var(array(
202
				'PAGE_ID' => $results_array['page_id'],
203
				// 'PAGE_IDKEY' => $admin->getIDKEY($results_array['page_id']),
204
				'PAGE_IDKEY' => $results_array['page_id'],
205
				'TEXT_PAGE' => $TEXT['PAGE'],
206
				'PAGE_TITLE' => ($results_array['page_title']),
207
				'MENU_TITLE' => ($results_array['menu_title']),
208
				'TEXT_CURRENT_PAGE' => $TEXT['CURRENT_PAGE'],
209
				'HEADING_MANAGE_SECTIONS' => $HEADING['MANAGE_SECTIONS'],
210
				'HEADING_MODIFY_PAGE' => $HEADING['MODIFY_PAGE'],
211
				'TEXT_CHANGE_SETTINGS' => $TEXT['CHANGE_SETTINGS'],
212
				'TEXT_ADD_SECTION' => $TEXT['ADD_SECTION'],
213
				'TEXT_ID' => 'ID',
214
				'TEXT_TYPE' => $TEXT['TYPE'],
215
				'TEXT_BLOCK' => $TEXT['BLOCK'],
216
				'TEXT_PUBL_START_DATE' => $TEXT{'PUBL_START_DATE'},
217
				'TEXT_PUBL_END_DATE' => $TEXT['PUBL_END_DATE'],
218
				'TEXT_ACTIONS' => $TEXT['ACTIONS'],
219
				'ADMIN_URL' => ADMIN_URL,
220
				'WB_URL' => WB_URL,
221
				'THEME_URL' => THEME_URL
222
				) 
223
			);
200
		// Setup template object
201
		$tpl = new Template(THEME_PATH.'/templates');
202
		$tpl->set_file('page', 'pages_sections.htt');
203
		$tpl->set_block('page', 'main_block', 'main');
204
		$tpl->set_block('main_block', 'module_block', 'module_list');
205
		$tpl->set_block('main_block', 'section_block', 'section_list');
206
		$tpl->set_block('section_block', 'block_block', 'block_list');
207
		$tpl->set_block('main_block', 'calendar_block', 'calendar_list');
208
		$tpl->set_var('FTAN', $admin->getFTAN());
224 209

  
225
// Insert variables
226
$template->set_var(array(
227
				'PAGE_ID' => $results_array['page_id'],
228
				// 'PAGE_IDKEY' => $admin->getIDKEY($results_array['page_id']),
229
				'PAGE_IDKEY' => $results_array['page_id'],
230
				'VAR_PAGE_TITLE' => $results_array['page_title'],
231
				'SETTINGS_LINK' => ADMIN_URL.'/pages/settings.php?page_id='.$results_array['page_id'],
232
				'MODIFY_LINK' => ADMIN_URL.'/pages/modify.php?page_id='.$results_array['page_id']
233
				)
234
			);
210
		// set first defaults and messages
211
		$tpl->set_var(array(
212
						'PAGE_ID' => $results_array['page_id'],
213
						// 'PAGE_IDKEY' => $admin->getIDKEY($results_array['page_id']),
214
						'PAGE_IDKEY' => $results_array['page_id'],
215
						'TEXT_PAGE' => $TEXT['PAGE'],
216
						'PAGE_TITLE' => ($results_array['page_title']),
217
						'MENU_TITLE' => ($results_array['menu_title']),
218
						'TEXT_CURRENT_PAGE' => $TEXT['CURRENT_PAGE'],
219
						'HEADING_MANAGE_SECTIONS' => $HEADING['MANAGE_SECTIONS'],
220
						'HEADING_MODIFY_PAGE' => $HEADING['MODIFY_PAGE'],
221
						'TEXT_CHANGE_SETTINGS' => $TEXT['CHANGE_SETTINGS'],
222
						'TEXT_ADD_SECTION' => $TEXT['ADD_SECTION'],
223
						'TEXT_ID' => 'ID',
224
						'TEXT_TYPE' => $TEXT['TYPE'],
225
						'TEXT_BLOCK' => $TEXT['BLOCK'],
226
						'TEXT_PUBL_START_DATE' => $TEXT{'PUBL_START_DATE'},
227
						'TEXT_PUBL_END_DATE' => $TEXT['PUBL_END_DATE'],
228
						'TEXT_ACTIONS' => $TEXT['ACTIONS'],
229
						'ADMIN_URL' => ADMIN_URL,
230
						'WB_URL' => WB_URL,
231
						'THEME_URL' => THEME_URL
232
						)
233
					);
235 234

  
236
$sql  = 'SELECT `section_id`,`module`,`position`,`block`,`publ_start`,`publ_end` ';
237
$sql .= 'FROM `'.TABLE_PREFIX.'sections` ';
238
$sql .= 'WHERE `page_id` = '.$page_id.' ';
239
$sql .= 'ORDER BY `position` ASC';
240
$query_sections = $database->query($sql);
235
		// Insert variables
236
		$tpl->set_var(array(
237
						'PAGE_ID' => $results_array['page_id'],
238
						// 'PAGE_IDKEY' => $admin->getIDKEY($results_array['page_id']),
239
						'PAGE_IDKEY' => $results_array['page_id'],
240
						'VAR_PAGE_TITLE' => $results_array['page_title'],
241
						'SETTINGS_LINK' => ADMIN_URL.'/pages/settings.php?page_id='.$results_array['page_id'],
242
						'MODIFY_LINK' => ADMIN_URL.'/pages/modify.php?page_id='.$results_array['page_id']
243
						)
244
					);
241 245

  
242
if($query_sections->numRows() > 0)
243
{
244
	$num_sections = $query_sections->numRows();
245
	while($section = $query_sections->fetchRow())
246
    {
247
		if(!is_numeric(array_search($section['module'], $module_permissions)))
248
        {
249
			// Get the modules real name
250
            $sql = 'SELECT `name` FROM `'.TABLE_PREFIX.'addons` ';
251
            $sql .= 'WHERE `directory` = "'.$section['module'].'"';
252
            if(!$database->get_one($sql) || !file_exists(WB_PATH.'/modules/'.$section['module']))
253
			{
254
				$edit_page = '<span class="module_disabled">'.$section['module'].'</span>';
255
			}else
256
			{
257
				$edit_page = '';
258
			}
259
			$edit_page_0 = '<a id="sid'.$section['section_id'].'" href="'.ADMIN_URL.'/pages/modify.php?page_id='.$results_array['page_id'];
260
			$edit_page_1 = $section['section_id'].'">'.$section['module'].'</a>';
261
			if(SECTION_BLOCKS)
262
            {
263
				if($edit_page == '')
264
				{
265
					if(defined('EDIT_ONE_SECTION') && EDIT_ONE_SECTION)
246
		$sql  = 'SELECT `section_id`,`module`,`position`,`block`,`publ_start`,`publ_end` ';
247
		$sql .= 'FROM `'.TABLE_PREFIX.'sections` ';
248
		$sql .= 'WHERE `page_id` = '.$page_id.' ';
249
		$sql .= 'ORDER BY `position` ASC';
250
		$query_sections = $database->query($sql);
251

  
252
		if($query_sections->numRows() > 0)
253
		{
254
			$num_sections = $query_sections->numRows();
255
			while($section = $query_sections->fetchRow())
256
		    {
257
				if(!is_numeric(array_search($section['module'], $module_permissions)))
258
		        {
259
					// Get the modules real name
260
		            $sql = 'SELECT `name` FROM `'.TABLE_PREFIX.'addons` ';
261
		            $sql .= 'WHERE `directory` = "'.$section['module'].'"';
262
		            if(!$database->get_one($sql) || !file_exists(WB_PATH.'/modules/'.$section['module']))
266 263
					{
267
						$edit_page = $edit_page_0.'&amp;wysiwyg='.$edit_page_1;
264
						$edit_page = '<span class="module_disabled">'.$section['module'].'</span>';
265
					}else
266
					{
267
						$edit_page = '';
268
					}
269
					$edit_page_0 = '<a id="sid'.$section['section_id'].'" href="'.ADMIN_URL.'/pages/modify.php?page_id='.$results_array['page_id'];
270
					$edit_page_1 = $section['section_id'].'">'.$section['module'].'</a>';
271
					if(SECTION_BLOCKS)
272
		            {
273
						if($edit_page == '')
274
						{
275
							if(defined('EDIT_ONE_SECTION') && EDIT_ONE_SECTION)
276
							{
277
								$edit_page = $edit_page_0.'&amp;wysiwyg='.$edit_page_1;
278
							} else {
279
								$edit_page = $edit_page_0.'#wb_'.$edit_page_1;
280
							}
281
						}
282
						$input_attribute = 'input_normal';
283
						$tpl->set_var(array(
284
								'STYLE_DISPLAY_SECTION_BLOCK' => ' style="visibility:visible;"',
285
								'NAME_SIZE' => 300,
286
								'INPUT_ATTRIBUTE' => $input_attribute,
287
								'VAR_SECTION_ID' => $section['section_id'],
288
								'VAR_SECTION_IDKEY' => $admin->getIDKEY($section['section_id']),
289
								// 'VAR_SECTION_IDKEY' => $section['section_id'],
290
								'VAR_POSITION' => $section['position'],
291
								'LINK_MODIFY_URL_VAR_MODUL_NAME' => $edit_page,
292
								'SELECT' => '',
293
								'SET_NONE_DISPLAY_OPTION' => ''
294
								)
295
							);
296
						// Add block options to the section_list
297
						$tpl->clear_var('block_list');
298
						foreach($block AS $number => $name)
299
		                {
300
							$tpl->set_var('NAME', htmlentities(strip_tags($name)));
301
							$tpl->set_var('VALUE', $number);
302
							$tpl->set_var('SIZE', 1);
303
							if($section['block'] == $number)
304
		                    {
305
								$tpl->set_var('SELECTED', ' selected="selected"');
306
							} else {
307
								$tpl->set_var('SELECTED', '');
308
							}
309
							$tpl->parse('block_list', 'block_block', true);
310
						}
268 311
					} else {
269
						$edit_page = $edit_page_0.'#wb_'.$edit_page_1;
312
						if($edit_page == '')
313
						{
314
							$edit_page = $edit_page_0.'#wb_'.$edit_page_1;
315
						}
316
						$input_attribute = 'input_normal';
317
						$tpl->set_var(array(
318
								'STYLE_DISPLAY_SECTION_BLOCK' => ' style="visibility:hidden;"',
319
								'NAME_SIZE' => 300,
320
								'INPUT_ATTRIBUTE' => $input_attribute,
321
								'VAR_SECTION_ID' => $section['section_id'],
322
								'VAR_SECTION_IDKEY' => $admin->getIDKEY($section['section_id']),
323
								// 'VAR_SECTION_IDKEY' => $section['section_id'],
324
								'VAR_POSITION' => $section['position'],
325
								'LINK_MODIFY_URL_VAR_MODUL_NAME' => $edit_page,
326
								'NAME' => htmlentities(strip_tags($block[1])),
327
								'VALUE' => 1,
328
								'SET_NONE_DISPLAY_OPTION' => ''
329
								)
330
							);
270 331
					}
271
				}
272
				$input_attribute = 'input_normal';
273
				$template->set_var(array(
274
						'STYLE_DISPLAY_SECTION_BLOCK' => ' style="visibility:visible;"',
275
						'NAME_SIZE' => 300,
276
						'INPUT_ATTRIBUTE' => $input_attribute,
277
						'VAR_SECTION_ID' => $section['section_id'],
278
						// 'VAR_SECTION_IDKEY' => $admin->getIDKEY($section['section_id']),
279
						'VAR_SECTION_IDKEY' => $section['section_id'],
280
						'VAR_POSITION' => $section['position'],
281
						'LINK_MODIFY_URL_VAR_MODUL_NAME' => $edit_page,
282
						'SELECT' => '',
283
						'SET_NONE_DISPLAY_OPTION' => ''
284
						)
285
					);
... This diff was truncated because it exceeds the maximum size that can be displayed.

Also available in: Unified diff