Revision 1503
Added by Dietmar about 13 years ago
branches/2.8.x/CHANGELOG | ||
---|---|---|
12 | 12 |
|
13 | 13 |
=============================== FEATURES FREEZE ================================ |
14 | 14 |
----------------------------------- Fixes 2.8.2 -------------------------------- |
15 |
18 Aug-2011 Build 1503 Dietmar Woellbrink (Luisehahne) |
|
16 |
! change sql statements to strict in module droplets |
|
17 |
! fix vars in compatibility mode for versions before 2.8.1 in frontend.functions.php |
|
15 | 18 |
11 Aug-2011 Build 1502 Werner v.d.Decken(DarkViper) |
16 | 19 |
# fixed c&p mistake |
17 | 20 |
11 Aug-2011 Build 1501 Werner v.d.Decken(DarkViper) |
branches/2.8.x/wb/admin/interface/version.php | ||
---|---|---|
52 | 52 |
|
53 | 53 |
// check if defined to avoid errors during installation (redirect to admin panel fails if PHP error/warnings are enabled) |
54 | 54 |
if(!defined('VERSION')) define('VERSION', '2.8.2'); |
55 |
if(!defined('REVISION')) define('REVISION', '1502'); |
|
55 |
if(!defined('REVISION')) define('REVISION', '1503'); |
branches/2.8.x/wb/framework/frontend.functions.php | ||
---|---|---|
23 | 23 |
} |
24 | 24 |
/* -------------------------------------------------------- */ |
25 | 25 |
// compatibility mode for versions before 2.8.1 |
26 |
$admin = $wb;
|
|
27 |
$default_link = $wb->default_link;
|
|
28 |
$page_trail = $wb->page_trail;
|
|
29 |
$page_description = $wb->page_description;
|
|
30 |
$page_keywords = $wb->page_keywords;
|
|
31 |
$page_link = $wb->link;
|
|
26 |
if(isset($wb)) {$admin = $wb; }
|
|
27 |
if(isset($wb->default_link)) { $default_link = $wb->default_link; }
|
|
28 |
if(isset($wb->page_trail)) {$page_trail = $wb->page_trail; }
|
|
29 |
if(isset($wb->page_description)) {$page_description = $wb->page_description;}
|
|
30 |
if(isset($wb->page_keywords)) {$page_keywords = $wb->page_keywords;}
|
|
31 |
if(isset($wb->link)) {$page_link = $wb->link;}
|
|
32 | 32 |
|
33 | 33 |
$include_head_link_css = ''; |
34 | 34 |
$include_body_links = ''; |
branches/2.8.x/wb/modules/droplets/delete_droplet.php | ||
---|---|---|
24 | 24 |
require_once(WB_PATH.'/framework/functions.php'); |
25 | 25 |
|
26 | 26 |
$module_edit_link = ADMIN_URL .'/admintools/tool.php?tool=droplets'; |
27 |
// check website baker platform (with WB 2.7, Admin-Tools were moved out of settings dialogue) |
|
27 |
|
|
28 | 28 |
if(file_exists(ADMIN_PATH .'/admintools/tool.php')) { |
29 | 29 |
$admintool_link = ADMIN_URL .'/admintools/index.php'; |
30 | 30 |
$admin = new admin('admintools', 'admintools'); |
31 |
} else { |
|
32 |
$admintool_link = ADMIN_URL .'/settings/index.php?advanced=yes#administration_tools"'; |
|
33 |
$admin = new admin('Settings', 'settings_advanced'); |
|
34 | 31 |
} |
35 | 32 |
|
36 | 33 |
// Get id |
37 |
$droplet_id = $admin->checkIDKEY('droplet_id', false, 'GET');
|
|
34 |
$droplet_id = intval($admin->checkIDKEY('droplet_id', false, 'GET'));
|
|
38 | 35 |
if (!$droplet_id) { |
39 | 36 |
$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'], $module_edit_link); |
40 | 37 |
exit(); |
41 | 38 |
} |
39 |
$sql = 'DELETE FROM `'.TABLE_PREFIX.'mod_droplets` '; |
|
40 |
$sql .= 'WHERE id = '.$droplet_id; |
|
42 | 41 |
|
43 | 42 |
// Delete droplet |
44 |
$database->query("DELETE FROM ".TABLE_PREFIX."mod_droplets WHERE id = '$droplet_id' LIMIT 1");
|
|
43 |
$database->query($sql);
|
|
45 | 44 |
|
46 | 45 |
// Check if there is a db error, otherwise say successful |
47 | 46 |
if($database->is_error()) { |
branches/2.8.x/wb/modules/droplets/info.php | ||
---|---|---|
16 | 16 |
* @lastmodified $Date$ |
17 | 17 |
* |
18 | 18 |
*/ |
19 |
/* -------------------------------------------------------- */ |
|
20 |
// Must include code to stop this file being accessed directly |
|
21 |
if(!defined('WB_PATH')) { |
|
19 | 22 |
|
23 |
require_once(dirname(dirname(dirname(__FILE__))).'/framework/globalExceptionHandler.php'); |
|
24 |
throw new IllegalFileException(); |
|
25 |
} |
|
26 |
/* -------------------------------------------------------- */ |
|
27 |
|
|
20 | 28 |
$module_directory = 'droplets'; |
21 | 29 |
$module_name = 'Droplets'; |
22 | 30 |
$module_function = 'tool'; |
23 |
$module_version = '1.1.0';
|
|
31 |
$module_version = '1.2.0';
|
|
24 | 32 |
$module_platform = '2.8.x'; |
25 | 33 |
$module_author = 'Ruud and pcwacht'; |
26 | 34 |
$module_license = 'GNU General Public License'; |
27 | 35 |
$module_description = 'This tool allows you to manage your local Droplets.'; |
28 |
|
|
29 |
$module_home = 'http://www.websitebakers.com/pages/droplets/about-droplets.php'; |
|
30 |
$module_guid = '9F2AC2DF-C3E1-4E15-BA4C-2A86E37FE6E5'; |
branches/2.8.x/wb/modules/droplets/droplets.php | ||
---|---|---|
22 | 22 |
* 1.0.3, optimize, reduce memory consumption, increase speed, remove CSS, enable nested droplets |
23 | 23 |
* |
24 | 24 |
*/ |
25 |
/* -------------------------------------------------------- */ |
|
26 |
// Must include code to stop this file being accessed directly |
|
27 |
if(!defined('WB_PATH')) { |
|
25 | 28 |
|
26 |
// Must include code to stop this file being access directly |
|
27 |
if(defined('WB_PATH') == false) { die("Cannot access this file directly"); } |
|
29 |
require_once(dirname(dirname(dirname(__FILE__))).'/framework/globalExceptionHandler.php'); |
|
30 |
throw new IllegalFileException(); |
|
31 |
} |
|
32 |
/* -------------------------------------------------------- */ |
|
28 | 33 |
|
29 | 34 |
function do_eval($_x_codedata, $_x_varlist, &$wb_page_data) |
30 | 35 |
{ |
... | ... | |
112 | 117 |
} |
113 | 118 |
return $wb_page_data; |
114 | 119 |
} |
115 |
|
|
116 |
?> |
branches/2.8.x/wb/modules/droplets/example/EmailFilter.php | ||
---|---|---|
1 |
//:Emailfiltering on your output - output filtering with the options below - Mailto links can be encrypted by a Javascript |
|
2 |
//:usage: [[EmailFilter]] |
|
3 |
|
|
4 |
// You can configure the output filtering with the options below. |
|
5 |
// Tip: Mailto links can be encrypted by a Javascript function. |
|
6 |
// To make use of this option, one needs to add the PHP code |
|
7 |
// register_frontend_modfiles('js'); |
|
8 |
// into the <head> section of the index.php of your template. |
|
9 |
// Without this modification, only the @ character in the mailto part will be replaced. |
|
10 |
|
|
11 |
// Basic Email Configuration: |
|
12 |
// Filter Email addresses in text 0 = no, 1 = yes - default 1 |
|
13 |
$filter_settings['email_filter'] = '1'; |
|
14 |
|
|
15 |
// Filter Email addresses in mailto links 0 = no, 1 = yes - default 1 |
|
16 |
$filter_settings['mailto_filter'] = '1'; |
|
17 |
|
|
18 |
// Email Replacements, replace the '@' and the '.' by default (at) and (dot) |
|
19 |
$filter_settings['at_replacement'] = '(at)'; |
|
20 |
$filter_settings['dot_replacement'] = '(dot)'; |
|
21 |
|
|
22 |
// No need to change stuff underneatch unless you know what you are doing. |
|
23 |
|
|
24 |
// work out the defined output filter mode: possible output filter modes: [0], 1, 2, 3, 6, 7 |
|
25 |
// 2^0 * (0.. disable, 1.. enable) filtering of mail addresses in text |
|
26 |
// 2^1 * (0.. disable, 1.. enable) filtering of mail addresses in mailto links |
|
27 |
// 2^2 * (0.. disable, 1.. enable) Javascript mailto encryption (only if mailto filtering enabled) |
|
28 |
|
|
29 |
// only filter output if we are supposed to |
|
30 |
if($filter_settings['email_filter'] != '1' && $filter_settings['mailto_filter'] != '1'){ |
|
31 |
// nothing to do ... |
|
32 |
return true; |
|
33 |
} |
|
34 |
|
|
35 |
// check if non mailto mail addresses needs to be filtered |
|
36 |
$output_filter_mode = ($filter_settings['email_filter'] == '1') ? 1 : 0; // 0|1 |
|
37 |
|
|
38 |
// check if mailto mail addresses needs to be filtered |
|
39 |
if($filter_settings['mailto_filter'] == '1') |
|
40 |
{ |
|
41 |
$output_filter_mode = $output_filter_mode + 2; // 0|2 |
|
42 |
|
|
43 |
// check if Javascript mailto encryption is enabled (call register_frontend_functions in the template) |
|
44 |
$search_pattern = '/<.*src=\".*\/mdcr.js.*>/iU'; |
|
45 |
if(preg_match($search_pattern, $wb_page_data)) |
|
46 |
{ |
|
47 |
$output_filter_mode = $output_filter_mode + 4; // 0|4 |
|
48 |
} |
|
49 |
} |
|
50 |
|
|
51 |
// define some constants so we do not call the database in the callback function again |
|
52 |
define('OUTPUT_FILTER_MODE', (int) $output_filter_mode); |
|
53 |
define('OUTPUT_FILTER_AT_REPLACEMENT', $filter_settings['at_replacement']); |
|
54 |
define('OUTPUT_FILTER_DOT_REPLACEMENT', $filter_settings['dot_replacement']); |
|
55 |
|
|
56 |
// function to filter mail addresses embedded in text or mailto links before outputing them on the frontend |
|
57 |
if (!function_exists('filter_mail_addresses')) { |
|
58 |
function filter_mail_addresses($match) { |
|
59 |
|
|
60 |
// check if required output filter mode is defined |
|
61 |
if(!(defined('OUTPUT_FILTER_MODE') && defined('OUTPUT_FILTER_MODE') && defined('OUTPUT_FILTER_MODE'))) { |
|
62 |
return $match[0]; |
|
63 |
} |
|
64 |
|
|
65 |
$search = array('@', '.'); |
|
66 |
$replace = array(OUTPUT_FILTER_AT_REPLACEMENT ,OUTPUT_FILTER_DOT_REPLACEMENT); |
|
67 |
|
|
68 |
// check if the match contains the expected number of subpatterns (6|8) |
|
69 |
if(count($match) == 8) { |
|
70 |
/** |
|
71 |
OUTPUT FILTER FOR EMAIL ADDRESSES EMBEDDED IN TEXT |
|
72 |
**/ |
|
73 |
|
|
74 |
// 1.. text mails only, 3.. text mails + mailto (no JS), 7 text mails + mailto (JS) |
|
75 |
if(!in_array(OUTPUT_FILTER_MODE, array(1,3,7))) return $match[0]; |
|
76 |
|
|
77 |
// do not filter mail addresses included in input tags (<input ... value = "test@mail) |
|
78 |
if (strpos($match[6], 'value') !== false) return $match[0]; |
|
79 |
|
|
80 |
// filtering of non mailto email addresses enabled |
|
81 |
return str_replace($search, $replace, $match[0]); |
|
82 |
|
|
83 |
} elseif(count($match) == 6) { |
|
84 |
/** |
|
85 |
OUTPUT FILTER FOR EMAIL ADDRESSES EMBEDDED IN MAILTO LINKS |
|
86 |
**/ |
|
87 |
|
|
88 |
// 2.. mailto only (no JS), 3.. text mails + mailto (no JS), 6.. mailto only (JS), 7.. all filters active |
|
89 |
if(!in_array(OUTPUT_FILTER_MODE, array(2,3,6,7))) return $match[0]; |
|
90 |
|
|
91 |
// check if last part of the a href link: >xxxx</a> contains a email address we need to filter |
|
92 |
$pattern = '#[A-Z0-9._%+-]+@(?:[A-Z0-9-]+\.)+[A-Z]{2,4}#i'; |
|
93 |
if(preg_match_all($pattern, $match[5], $matches)) { |
|
94 |
foreach($matches as $submatch) { |
|
95 |
foreach($submatch as $value) { |
|
96 |
// replace all . and all @ in email address parts by (dot) and (at) strings |
|
97 |
$match[5] = str_replace($value, str_replace($search, $replace, $value), $match[5]); |
|
98 |
} |
|
99 |
} |
|
100 |
} |
|
101 |
|
|
102 |
// check if Javascript encryption routine is enabled |
|
103 |
if(in_array(OUTPUT_FILTER_MODE, array(6,7))) { |
|
104 |
/** USE JAVASCRIPT ENCRYPTION FOR MAILTO LINKS **/ |
|
105 |
|
|
106 |
// extract possible class and id attribute from ahref link |
|
107 |
preg_match('/class\s*?=\s*?("|\')(.*?)\1/ix', $match[0], $class_attr); |
|
108 |
$class_attr = empty($class_attr) ? '' : 'class="' . $class_attr[2] . '" '; |
|
109 |
preg_match('/id\s*?=\s*?("|\')(.*?)\1/ix', $match[0], $id_attr); |
|
110 |
$id_attr = empty($id_attr) ? '' : 'id="' . $id_attr[2] . '" '; |
|
111 |
|
|
112 |
// preprocess mailto link parts for further usage |
|
113 |
$search = array('@', '.', '_', '-'); $replace = array('F', 'Z', 'X', 'K'); |
|
114 |
$email_address = str_replace($search, $replace, strtolower($match[2])); |
|
115 |
$email_subject = rawurlencode(html_entity_decode($match[3])); |
|
116 |
|
|
117 |
// create a random encryption key for the Caesar cipher |
|
118 |
mt_srand((double)microtime()*1000000); // (PHP < 4.2.0) |
|
119 |
$shift = mt_rand(1, 25); |
|
120 |
|
|
121 |
// encrypt the email using an adapted Caesar cipher |
|
122 |
$encrypted_email = ""; |
|
123 |
for($i = strlen($email_address) -1; $i > -1; $i--) { |
|
124 |
if(preg_match('#[FZXK0-9]#', $email_address[$i], $characters)) { |
|
125 |
$encrypted_email .= $email_address[$i]; |
|
126 |
} else { |
|
127 |
$encrypted_email .= chr((ord($email_address[$i]) -97 + $shift) % 26 + 97); |
|
128 |
} |
|
129 |
} |
|
130 |
$encrypted_email .= chr($shift + 97); |
|
131 |
|
|
132 |
// build the encrypted Javascript mailto link |
|
133 |
$mailto_link = "<a {$class_attr}{$id_attr}href=\"javascript:mdcr('$encrypted_email','$email_subject')\">" .$match[5] ."</a>"; |
|
134 |
|
|
135 |
return $mailto_link; |
|
136 |
|
|
137 |
} else { |
|
138 |
/** DO NOT USE JAVASCRIPT ENCRYPTION FOR MAILTO LINKS **/ |
|
139 |
|
|
140 |
// as minimum protection, replace replace @ in the mailto part by (at) |
|
141 |
// dots are not transformed as this would transform my.name@domain.com into: my(dot)name(at)domain(dot)com |
|
142 |
|
|
143 |
// rebuild the mailto link from the subpatterns (at the missing characters " and </a>") |
|
144 |
return $match[1] .str_replace('@', OUTPUT_FILTER_AT_REPLACEMENT, $match[2]) .$match[3] .'"' .$match[4] .$match[5] .'</a>'; |
|
145 |
// if you want to protect both, @ and dots, comment out the line above and remove the comment from the line below |
|
146 |
// return $match[1] .str_replace($search, $replace, $match[2]) .$match[3] .'"' .$match[4] .$match[5] .'</a>'; |
|
147 |
} |
|
148 |
|
|
149 |
} |
|
150 |
|
|
151 |
// number of subpatterns do not match the requirements ... do nothing |
|
152 |
return $match[0]; |
|
153 |
} |
|
154 |
} |
|
155 |
|
|
156 |
// first search part to find all mailto email addresses |
|
157 |
$pattern = '#(<a[^<]*href\s*?=\s*?"\s*?mailto\s*?:\s*?)([A-Z0-9._%+-]+@(?:[A-Z0-9-]+\.)+[A-Z]{2,4})([^"]*?)"([^>]*>)(.*?)</a>'; |
|
158 |
// second part to find all non mailto email addresses |
|
159 |
$pattern .= '|(value\s*=\s*"|\')??\b([A-Z0-9._%+-]+@(?:[A-Z0-9-]+\.)+[A-Z]{2,4})\b#i'; |
|
160 |
|
|
161 |
// Sub 1:\b(<a.[^<]*href\s*?=\s*?"\s*?mailto\s*?:\s*?) --> "<a id="yyy" class="xxx" href = " mailto :" ignoring white spaces |
|
162 |
// Sub 2:([A-Z0-9._%+-]+@(?:[A-Z0-9-]+\.)+[A-Z]{2,4}) --> the email address in the mailto: part of the mail link |
|
163 |
// Sub 3:([^"]*?)" --> possible ?Subject&cc... stuff attached to the mail address |
|
164 |
// Sub 4:([^>]*>) --> all class or id statements after the mailto but before closing ..> |
|
165 |
// Sub 5:(.*?)</a>\b --> the mailto text; all characters between >xxxxx</a> |
|
166 |
// Sub 6:|\b([A-Z0-9._%+-]+@(?:[A-Z0-9-]+\.)+[A-Z]{2,4})\b --> email addresses which may appear in the text (require word boundaries) |
|
167 |
$content = $wb_page_data; |
|
168 |
// find all email addresses embedded in the content and filter them using a callback function |
|
169 |
$content = preg_replace_callback($pattern, 'filter_mail_addresses', $content); |
|
170 |
$wb_page_data = $content; |
|
171 |
return true; |
|
172 |
|
|
1 |
//:Emailfiltering on your output - dummy Droplet |
|
2 |
//:usage: [[EmailFilter]] |
|
3 |
return ''; |
branches/2.8.x/wb/modules/droplets/example/Lorem.php | ||
---|---|---|
7 | 7 |
$lorem[] = "Nam liber tempor cum soluta nobis eleifend option congue nihil imperdiet doming id quod mazim placerat facer possim assum. Lorem ipsum dolor sit amet, consectetuer adipiscing elit, sed diam nonummy nibh euismod tincidunt ut laoreet dolore magna aliquam erat volutpat. Ut wisi enim ad minim veniam, quis nostrud exerci tation ullamcorper suscipit lobortis nisl ut aliquip ex ea commodo consequat.<br /><br />"; |
8 | 8 |
$lorem[] = "Cras consequat magna ac tellus. Duis sed metus sit amet nunc faucibus blandit. Fusce tempus cursus urna. Sed bibendum, dolor et volutpat nonummy, wisi justo convallis neque, eu feugiat leo ligula nec quam. Nulla in mi. Integer ac mauris vel ligula laoreet tristique. Nunc eget tortor in diam rhoncus vehicula. Nulla quis mi. Fusce porta fringilla mauris. Vestibulum sed dolor. Aliquam tincidunt interdum arcu. Vestibulum eget lacus. Curabitur pellentesque egestas lectus. Duis dolor. Aliquam erat volutpat. Aliquam erat volutpat. Duis egestas rhoncus dui. Sed iaculis, metus et mollis tincidunt, mauris dolor ornare odio, in cursus justo felis sit amet arcu. Aenean sollicitudin. Duis lectus leo, eleifend mollis, consequat ut, venenatis at, ante.<br /><br />"; |
9 | 9 |
$lorem[] = "Consetetur sadipscing elitr, sed diam nonumy eirmod tempor invidunt ut labore et dolore magna aliquyam erat, sed diam voluptua. At vero eos et accusam et justo duo dolores et ea rebum. Stet clita kasd gubergren, no sea takimata sanctus est Lorem ipsum dolor sit amet. Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod tempor invidunt ut labore et dolore magna aliquyam erat, sed diam voluptua. At vero eos et accusam et justo duo dolores et ea rebum. Stet clita kasd gubergren, no sea takimata sanctus est Lorem ipsum dolor sit amet. Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod tempor invidunt ut labore et dolore magna aliquyam erat, sed diam voluptua. At vero eos et accusam et justo duo dolores et ea rebum. Stet clita kasd gubergren, no sea takimata sanctus est Lorem ipsum dolor sit amet.<br /><br />"; |
10 |
|
|
10 |
if (!isset($blocks)) $blocks=1; |
|
11 | 11 |
$blocks = (int)$blocks - 1; |
12 | 12 |
if ($blocks <= 0) $blocks = 0; |
13 | 13 |
if ($blocks > 5) $blocks = 5; |
branches/2.8.x/wb/modules/droplets/install.php | ||
---|---|---|
16 | 16 |
* @lastmodified $Date$ |
17 | 17 |
* |
18 | 18 |
*/ |
19 |
// Must include code to stop this file being access directly |
|
20 |
if(defined('WB_PATH') == false) { die("Cannot access this file directly"); } |
|
19 |
/* -------------------------------------------------------- */ |
|
20 |
// Must include code to stop this file being accessed directly |
|
21 |
if(!defined('WB_PATH')) { |
|
21 | 22 |
|
23 |
require_once(dirname(dirname(dirname(__FILE__))).'/framework/globalExceptionHandler.php'); |
|
24 |
throw new IllegalFileException(); |
|
25 |
} |
|
26 |
/* -------------------------------------------------------- */ |
|
27 |
|
|
22 | 28 |
global $admin; |
23 | 29 |
|
24 |
$table = TABLE_PREFIX .'mod_droplets';
|
|
25 |
$database->query("DROP TABLE IF EXISTS `$table`");
|
|
30 |
$sql = 'DROP TABLE IF EXISTS `'.TABLE_PREFIX.'mod_droplets` ';
|
|
31 |
$database->query($sql);
|
|
26 | 32 |
|
27 |
$database->query("CREATE TABLE `$table` (
|
|
28 |
`id` INT NOT NULL auto_increment,
|
|
29 |
`name` VARCHAR(32) NOT NULL,
|
|
30 |
`code` LONGTEXT NOT NULL ,
|
|
31 |
`description` TEXT NOT NULL,
|
|
32 |
`modified_when` INT NOT NULL default '0',
|
|
33 |
`modified_by` INT NOT NULL default '0',
|
|
34 |
`active` INT NOT NULL default '0',
|
|
35 |
`admin_edit` INT NOT NULL default '0',
|
|
36 |
`admin_view` INT NOT NULL default '0',
|
|
37 |
`show_wysiwyg` INT NOT NULL default '0',
|
|
38 |
`comments` TEXT NOT NULL,
|
|
39 |
PRIMARY KEY ( `id` )
|
|
40 |
)"
|
|
41 |
); |
|
33 |
$sql = 'CREATE TABLE IF NOT EXISTS `'.TABLE_PREFIX.'mod_droplets` ( ';
|
|
34 |
$sql .= '`id` INT NOT NULL auto_increment, ';
|
|
35 |
$sql .= '`name` VARCHAR(32) CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL, ';
|
|
36 |
$sql .= '`code` LONGTEXT CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL , ';
|
|
37 |
$sql .= '`description` TEXT CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL, ';
|
|
38 |
$sql .= '`modified_when` INT NOT NULL default \'0\', ';
|
|
39 |
$sql .= '`modified_by` INT NOT NULL default \'0\', ';
|
|
40 |
$sql .= '`active` INT NOT NULL default \'0\', ';
|
|
41 |
$sql .= '`admin_edit` INT NOT NULL default \'0\', ';
|
|
42 |
$sql .= '`admin_view` INT NOT NULL default \'0\', ';
|
|
43 |
$sql .= '`show_wysiwyg` INT NOT NULL default \'0\', ';
|
|
44 |
$sql .= '`comments` TEXT CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL, ';
|
|
45 |
$sql .= 'PRIMARY KEY ( `id` ) ';
|
|
46 |
$sql .= ') ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci';
|
|
47 |
$database->query($sql);
|
|
42 | 48 |
|
43 | 49 |
//add all droplets from the droplet subdirectory |
44 |
$folder=opendir(WB_PATH.'/modules/droplets/example/.');
|
|
50 |
$folder=opendir(WB_PATH.'/modules/droplets/example/.'); |
|
45 | 51 |
$names = array(); |
46 | 52 |
while ($file = readdir($folder)) { |
47 | 53 |
$ext=strtolower(substr($file,-4)); |
48 | 54 |
if ($ext==".php"){ |
49 | 55 |
if ($file<>"index.php" ) { |
50 |
$names[count($names)] = $file;
|
|
56 |
$names[count($names)] = $file; |
|
51 | 57 |
} |
52 | 58 |
} |
53 | 59 |
} |
... | ... | |
71 | 77 |
$name = substr($dropfile,0,-4); |
72 | 78 |
$modified_when = time(); |
73 | 79 |
$modified_by = method_exists($admin, 'get_user_id') ? $admin->get_user_id() : 1; |
74 |
$database->query("INSERT INTO `$table` |
|
75 |
(name, code, description, comments, active, modified_when, modified_by) |
|
76 |
VALUES |
|
77 |
('$name', '$droplet', '$description', '$comments', '1', '$modified_when', '$modified_by')"); |
|
80 |
$sql = 'INSERT INTO `'.TABLE_PREFIX.'mod_droplets` SET '; |
|
81 |
$sql .= '`name` = \''.$name.'\', '; |
|
82 |
$sql .= '`code` = \''.$droplet.'\', '; |
|
83 |
$sql .= '`description` = \''.$description.'\', '; |
|
84 |
$sql .= '`comments` = \''.$comments.'\', '; |
|
85 |
$sql .= '`active` = 1, '; |
|
86 |
$sql .= '`modified_when` = '.$modified_when.', '; |
|
87 |
$sql .= '`modified_by` = '.$modified_by; |
|
88 |
$database->query($sql); |
|
78 | 89 |
|
79 | 90 |
// do not output anything if this script is called during fresh installation |
80 | 91 |
if (method_exists($admin, 'get_user_id')) echo "Droplet import: $name<br/>"; |
81 |
}
|
|
92 |
} |
|
82 | 93 |
} |
83 | 94 |
|
84 | 95 |
function getDropletCodeFromFile ( $dropletfile ) { |
85 |
$data = "";
|
|
96 |
$data = '';
|
|
86 | 97 |
$filename = WB_PATH."/modules/droplets/example/".$dropletfile; |
87 | 98 |
if (file_exists($filename)) { |
88 | 99 |
$filehandle = fopen ($filename, "r"); |
... | ... | |
92 | 103 |
} |
93 | 104 |
return $data; |
94 | 105 |
} |
95 |
?> |
branches/2.8.x/wb/modules/droplets/readme/readme.html | ||
---|---|---|
1 |
<html> |
|
2 |
|
|
3 |
<head> |
|
4 |
<title>Droplets</title> |
|
5 |
<link href="readme.css" rel="stylesheet" type="text/css" media="screen" /> |
|
6 |
</head> |
|
7 |
|
|
8 |
<body> |
|
9 |
<small><font color="#7f7f7f">Droplets Help</font></small><br /> |
|
10 |
<h2> <img src="../img/droplets_logo.png" alt="" width="297" height="81" border="0"></h2> <br /> |
|
11 |
Droplets are small chunks of php code (just like the code module) that can be included in your template or any other content section. <br /> |
|
12 |
Including a droplet is done by encapsulating the droplet name in double brackets. <br /> |
|
13 |
If you want to use the droplet "ModifiedWhen" (to show the last modified date and time of the current page) you only need to add <b>[[ModifiedWhen]]</b> to your template or WYSIWYG contentpage. <br /> |
|
14 |
<br /> |
|
15 |
You are encouraged to create your own droplets and share them with the community. <br /> |
|
16 |
<br /> |
|
17 |
<h3>Installation</h3> |
|
18 |
<br /> |
|
19 |
Droplets are installed as a admin tool. The installation is done using the normal "Add module" page in the WB backend. <br /> |
|
20 |
When the installation is successfull, there is a new tool added to the Admin-Tools menu. <br /> |
|
21 |
Clicking the tool will display the current installed droplets, and a button to create your own. <br /> |
|
22 |
<br /> |
|
23 |
<h3>Getting Droplets</h3> |
|
24 |
<br /> |
|
25 |
A fast growing number of Droplets are available for use, you can use the <a href="http://www.websitebakers.com/pages/droplets/official-library.php" target="_new">Official Droplets Library</a> in the AMASP project website, or you can search the WB Forum. <br /> |
|
26 |
<br /> |
|
27 |
<h3>Coding Droplets</h3> |
|
28 |
<br /> |
|
29 |
Droplets run in PHP mode, no <font color="#ff0000"><?php</font> or <font color="#ff0000">?></font> is allowed in the code! If any of these tags are found in the code they will be removed. Your code will not run as expected. <br /> |
|
30 |
The droplet code can NOT echo or print data to the output stream directly. The Droplet name is replaced by the return value of the PHP code.<br /> |
|
31 |
Example: [[HelloWorld]] <br /> |
|
32 |
<br /> |
|
33 |
<font color="#ff0000">Wrong code:</font> echo "Hello World"; <br /> |
|
34 |
<font color="#339966">Correct code:</font> return "Hello World"; <br /> |
|
35 |
<br /> |
|
36 |
Since version 0.3 Droplets can modify the complete page content. <br /> |
|
37 |
When the Droplet is called, an extra variable ($wb_page_data) is made available. |
|
38 |
This variable holds all the content of your current generated webpage. |
|
39 |
You can modify any part of this content simply by replacing it in the variable. There is no need to return this variable, the Droplet code will process changed content automatically.<br /><br /> |
|
40 |
|
|
41 |
Since version 0.3 Droplets will check the PHP code you have saved for validity. <br /> |
|
42 |
When the code will not execute correctly a red flashing icon will apear in the backend Droplets list. <br /> |
|
43 |
The standard blue icon is no guarantee that the Droplets does what you would expect it to do, it will just tell you if the code is valid PHP code.<br /><br /> |
|
44 |
|
|
45 |
Since version 0.3 Droplets you do not need to return any data. When you end your code with <pre>return true;</pre> there will not be an errormessage. The processed Droplet tag will be removed.<br /> |
|
46 |
|
|
47 |
<br /> |
|
48 |
<h3>PHP color coding</h3> |
|
49 |
<br /> |
|
50 |
The Droplets edit page is ready to use the EditArea module. This module creates a color coded editor for PHP code. <br /> |
|
51 |
EditArea comes as a seperate module (installed as an admin tool). <br /> |
|
52 |
Use the WB Forum or the <a href="http://www.websitebakers.com/" target="_new">AMASP</a> project to find the latest EditArea download. <br /> |
|
53 |
<br /> |
|
54 |
<h3>More Information</h3> |
|
55 |
<br /> |
|
56 |
More information (including localized help) can be found on the <a href="http://www.websitebakers.com/pages/droplets/about-droplets.php" target="_new">Droplets pages</a> of the AMASP project website. <br /> |
|
57 |
<br /> |
|
58 |
<br /> |
|
59 |
<br /> |
|
60 |
</body> |
|
61 |
|
|
1 |
<html> |
|
2 |
|
|
3 |
<head> |
|
4 |
<title>Droplets</title> |
|
5 |
<link href="readme.css" rel="stylesheet" type="text/css" media="screen" /> |
|
6 |
</head> |
|
7 |
|
|
8 |
<body> |
|
9 |
<small><font color="#7f7f7f">Droplets Help</font></small><br /> |
|
10 |
<h2> <img src="../img/droplets_logo.png" alt="" width="297" height="81" border="0"></h2> <br /> |
|
11 |
Droplets are small chunks of php code (just like the code module) that can be included in your template or any other content section. <br /> |
|
12 |
Including a droplet is done by encapsulating the droplet name in double brackets. <br /> |
|
13 |
If you want to use the droplet "ModifiedWhen" (to show the last modified date and time of the current page) you only need to add <b>[[ModifiedWhen]]</b> to your template or WYSIWYG contentpage. <br /> |
|
14 |
<br /> |
|
15 |
You are encouraged to create your own droplets and share them with the community. <br /> |
|
16 |
<br /> |
|
17 |
<h3>Installation</h3> |
|
18 |
<br /> |
|
19 |
Droplets are installed as a admin tool. The installation is done using the normal "Add module" page in the WB backend. <br /> |
|
20 |
When the installation is successfull, there is a new tool added to the Admin-Tools menu. <br /> |
|
21 |
Clicking the tool will display the current installed droplets, and a button to create your own. <br /> |
|
22 |
<br /> |
|
23 |
<h3>Getting Droplets</h3> |
|
24 |
<br /> |
|
25 |
A fast growing number of Droplets are available for use, you can use the <a href="http://www.websitebakers.com/pages/droplets/official-library.php" target="_new">Official Droplets Library</a> in the AMASP project website, or you can search the WB Forum. <br /> |
|
26 |
<br /> |
|
27 |
<h3>Coding Droplets</h3> |
|
28 |
<br /> |
|
29 |
Droplets run in PHP mode, no <font color="#ff0000"><?php</font> or <font color="#ff0000">?></font> is allowed in the code! If any of these tags are found in the code they will be removed. Your code will not run as expected. <br /> |
|
30 |
The droplet code can NOT echo or print data to the output stream directly. The Droplet name is replaced by the return value of the PHP code.<br /> |
|
31 |
Example: [[HelloWorld]] <br /> |
|
32 |
<br /> |
|
33 |
<font color="#ff0000">Wrong code:</font> echo "Hello World"; <br /> |
|
34 |
<font color="#339966">Correct code:</font> return "Hello World"; <br /> |
|
35 |
<br /> |
|
36 |
Since version 0.3 Droplets can modify the complete page content. <br /> |
|
37 |
When the Droplet is called, an extra variable ($wb_page_data) is made available. |
|
38 |
This variable holds all the content of your current generated webpage. |
|
39 |
You can modify any part of this content simply by replacing it in the variable. There is no need to return this variable, the Droplet code will process changed content automatically.<br /><br /> |
|
40 |
|
|
41 |
Since version 0.3 Droplets will check the PHP code you have saved for validity. <br /> |
|
42 |
When the code will not execute correctly a red flashing icon will apear in the backend Droplets list. <br /> |
|
43 |
The standard blue icon is no guarantee that the Droplets does what you would expect it to do, it will just tell you if the code is valid PHP code.<br /><br /> |
|
44 |
|
|
45 |
Since version 0.3 Droplets you do not need to return any data. When you end your code with <pre>return true;</pre> there will not be an errormessage. The processed Droplet tag will be removed.<br /> |
|
46 |
|
|
47 |
<br /> |
|
48 |
<h3>PHP color coding</h3> |
|
49 |
<br /> |
|
50 |
The Droplets edit page is ready to use the EditArea module. This module creates a color coded editor for PHP code. <br /> |
|
51 |
<br /> |
|
52 |
<br /> |
|
53 |
</body> |
|
54 |
|
|
62 | 55 |
</html> |
branches/2.8.x/wb/modules/droplets/uninstall.php | ||
---|---|---|
16 | 16 |
* @lastmodified $Date$ |
17 | 17 |
* |
18 | 18 |
*/ |
19 |
/* -------------------------------------------------------- */ |
|
20 |
// Must include code to stop this file being accessed directly |
|
21 |
if(!defined('WB_PATH')) { |
|
19 | 22 |
|
20 |
// prevent this file from being accessed directly |
|
21 |
if(!defined('WB_PATH')) die(header('Location: ../index.php')); |
|
23 |
require_once(dirname(dirname(dirname(__FILE__))).'/framework/globalExceptionHandler.php'); |
|
24 |
throw new IllegalFileException(); |
|
25 |
} |
|
26 |
/* -------------------------------------------------------- */ |
|
22 | 27 |
|
23 |
$table = TABLE_PREFIX .'mod_droplets'; |
|
24 |
$database->query("DROP TABLE IF EXISTS `$table`"); |
|
25 |
|
|
26 |
?> |
|
28 |
$sql = 'DROP TABLE IF EXISTS `'.TABLE_PREFIX.'mod_droplets` '; |
|
29 |
$database->query($sql); |
branches/2.8.x/wb/modules/droplets/tool.php | ||
---|---|---|
16 | 16 |
* @lastmodified $Date$ |
17 | 17 |
* |
18 | 18 |
*/ |
19 |
/* -------------------------------------------------------- */ |
|
20 |
// Must include code to stop this file being accessed directly |
|
21 |
if(!defined('WB_PATH')) { |
|
19 | 22 |
|
20 |
// Must include code to stop this file being access directly |
|
21 |
if(defined('WB_PATH') == false) { die("Cannot access this file directly"); } |
|
23 |
require_once(dirname(dirname(dirname(__FILE__))).'/framework/globalExceptionHandler.php'); |
|
24 |
throw new IllegalFileException(); |
|
25 |
} |
|
26 |
/* -------------------------------------------------------- */ |
|
22 | 27 |
|
23 | 28 |
// Load Language file |
24 | 29 |
if(LANGUAGE_LOADED) { |
... | ... | |
37 | 42 |
} |
38 | 43 |
|
39 | 44 |
// Get userid for showing admin only droplets or not |
40 |
$loggedin_user = $admin->get_user_id();
|
|
45 |
$loggedin_user = ($admin->ami_group_member('1') ? 1 : $admin->user_id());
|
|
41 | 46 |
$loggedin_group = $admin->get_groups_id(); |
42 | 47 |
$admin_user = ( ($admin->get_home_folder() == '') && ($admin->ami_group_member('1') ) || ($loggedin_user == '1')); |
43 | 48 |
|
... | ... | |
45 | 50 |
$admintool_url = ADMIN_URL .'/admintools/index.php'; |
46 | 51 |
|
47 | 52 |
//removes empty entries from the table so they will not be displayed |
48 |
$database->query("DELETE FROM ".TABLE_PREFIX."mod_droplets WHERE name=''"); |
|
53 |
$sql = 'DELETE FROM '.TABLE_PREFIX.'mod_droplets '; |
|
54 |
$sql .= 'WHERE name = \'\' '; |
|
55 |
$database->query($sql); |
|
56 |
|
|
49 | 57 |
?> |
50 | 58 |
|
51 | 59 |
<br /> |
... | ... | |
68 | 76 |
|
69 | 77 |
<h2><?php echo $TEXT['MODIFY'].'/'.$TEXT['DELETE'].' '.$DR_TEXT['DROPLETS']; ?></h2> |
70 | 78 |
<?php |
71 |
// if ($loggedin_user == '1') { |
|
72 |
if ($admin_user) { |
|
73 |
$query_droplets = $database->query("SELECT * FROM ".TABLE_PREFIX."mod_droplets ORDER BY modified_when DESC"); |
|
74 |
} else { |
|
75 |
$query_droplets = $database->query("SELECT * FROM ".TABLE_PREFIX."mod_droplets WHERE admin_view <> '1' ORDER BY modified_when DESC"); |
|
79 |
|
|
80 |
$sql = 'SELECT * FROM `'.TABLE_PREFIX.'mod_droplets` '; |
|
81 |
if (!$admin_user) { |
|
82 |
$sql .= 'WHERE `admin_view` <> 1 '; |
|
76 | 83 |
} |
84 |
$sql .= 'ORDER BY `modified_when` DESC'; |
|
85 |
$query_droplets = $database->query($sql); |
|
77 | 86 |
$num_droplets = $query_droplets->numRows(); |
78 | 87 |
if($num_droplets > 0) { |
79 | 88 |
?> |
... | ... | |
99 | 108 |
$modified_user = $TEXT['UNKNOWN']; |
100 | 109 |
$modified_userid = 0; |
101 | 110 |
} |
111 |
$iDropletIdKey = $admin->getIDKEY($droplet['id']); |
|
102 | 112 |
$comments = str_replace(array("\r\n", "\n", "\r"), '<br />', $droplet['comments']); |
103 | 113 |
if (!strpos($comments,"[[")) $comments = "Use: [[".$droplet['name']."]]<br />".$comments; |
104 | 114 |
$comments = str_replace(array("[[", "]]"), array('<b>[[',']]</b>'), $comments); |
105 | 115 |
$valid_code = check_syntax($droplet['code']); |
106 | 116 |
if (!$valid_code === true) $comments = '<font color=\'red\'><strong>'.$DR_TEXT['INVALIDCODE'].'</strong></font><br /><br />'.$comments; |
107 | 117 |
$unique_droplet = check_unique ($droplet['name']); |
108 |
if ($unique_droplet === false) $comments = '<font color=\'red\'><strong>'.$DR_TEXT['NOTUNIQUE'].'</strong></font><br /><br />'.$comments;
|
|
118 |
if ($unique_droplet === false ) {$comments = '<font color=\'red\'><strong>'.$DR_TEXT['NOTUNIQUE'].'</strong></font><br /><br />'.$comments;}
|
|
109 | 119 |
$comments = '<span>'.$comments.'</span>'; |
110 | 120 |
?> |
111 |
|
|
121 |
|
|
112 | 122 |
<tr class="row_<?php echo $row; ?>" > |
113 | 123 |
<td > |
114 |
<a href="<?php echo WB_URL; ?>/modules/droplets/modify_droplet.php?droplet_id=<?php echo $admin->getIDKEY($droplet['id']); ?>" title="<?php echo $TEXT['MODIFY']; ?>">
|
|
115 |
<img src="<?php echo THEME_URL; ?>/images/modify_16.png" border="0" alt="Modify" />
|
|
124 |
<a href="<?php echo WB_URL; ?>/modules/droplets/modify_droplet.php?droplet_id=<?php echo $iDropletIdKey; ?>" title="<?php echo $TEXT['MODIFY']; ?>">
|
|
125 |
<img src="<?php echo THEME_URL; ?>/images/modify_16.png" border="0" alt="Modify" /> |
|
116 | 126 |
</a> |
117 | 127 |
</td> |
118 | 128 |
<td > |
119 |
<a href="<?php echo WB_URL; ?>/modules/droplets/modify_droplet.php?droplet_id=<?php echo $admin->getIDKEY($droplet['id']); ?>" class="tooltip">
|
|
129 |
<a href="<?php echo WB_URL; ?>/modules/droplets/modify_droplet.php?droplet_id=<?php echo $iDropletIdKey; ?>" class="tooltip">
|
|
120 | 130 |
<?php if ($valid_code && $unique_droplet) { ?><img src="<?php echo WB_URL; ?>/modules/droplets/img/droplet.png" border="0" alt=""/> |
121 | 131 |
<?php } else { ?><img src="<?php echo WB_URL; ?>/modules/droplets/img/invalid.gif" border="0" title="" alt=""/><?php } ?> |
122 | 132 |
<?php echo $droplet['name']; ?><?php echo $comments; ?> |
... | ... | |
129 | 139 |
<b><?php if($droplet['active'] == 1){ echo '<span style="color: green;">'. $TEXT['YES']. '</span>'; } else { echo '<span style="color: red;">'.$TEXT['NO'].'</span>'; } ?></b> |
130 | 140 |
</td> |
131 | 141 |
<td > |
132 |
<a href="javascript: confirm_link('<?php echo $TEXT['ARE_YOU_SURE']; ?>', '<?php echo WB_URL; ?>/modules/droplets/delete_droplet.php?droplet_id=<?php echo $admin->getIDKEY($droplet['id']); ?>');" title="<?php echo $TEXT['DELETE']; ?>">
|
|
142 |
<a href="javascript: confirm_link('<?php echo $TEXT['ARE_YOU_SURE']; ?>', '<?php echo WB_URL; ?>/modules/droplets/delete_droplet.php?droplet_id=<?php echo $iDropletIdKey; ?>');" title="<?php echo $TEXT['DELETE']; ?>">
|
|
133 | 143 |
<img src="<?php echo THEME_URL; ?>/images/delete_16.png" border="0" alt="X" /> |
134 | 144 |
</a> |
135 | 145 |
</td> |
... | ... | |
153 | 163 |
|
154 | 164 |
function check_unique($name) { |
155 | 165 |
global $database; |
156 |
$query_droplets = $database->query("SELECT name FROM ".TABLE_PREFIX."mod_droplets WHERE name = '$name'"); |
|
157 |
return ($query_droplets->numRows() == 1); |
|
166 |
$retVal = 0; |
|
167 |
$sql = 'SELECT COUNT(*) FROM `'.TABLE_PREFIX.'mod_droplets` '; |
|
168 |
$sql .= 'WHERE `name` = \''.$name.'\''; |
|
169 |
$retVal = intval($database->get_one($sql)); |
|
170 |
return ($retVal == 1); |
|
158 | 171 |
} |
branches/2.8.x/wb/modules/droplets/modify_droplet.php | ||
---|---|---|
27 | 27 |
$admin = new admin('admintools', 'admintools'); |
28 | 28 |
|
29 | 29 |
// Get id |
30 |
$droplet_id = $admin->checkIDKEY('droplet_id', false, 'GET');
|
|
30 |
$droplet_id = intval($admin->checkIDKEY('droplet_id', false, 'GET'));
|
|
31 | 31 |
if (!$droplet_id) { |
32 |
$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'], $module_edit_link); |
|
33 |
exit(); |
|
32 |
$admin->print_error('IDKEY::'.$MESSAGE['GENERIC_SECURITY_ACCESS'], $module_edit_link); |
|
34 | 33 |
} |
35 |
|
|
34 |
/* |
|
36 | 35 |
// check if backend.css file needs to be included into the <body></body> of modify.php |
37 | 36 |
if(!method_exists($admin, 'register_backend_modfiles') && file_exists(WB_PATH ."/modules/droplets/backend.css")) { |
38 | 37 |
echo '<style type="text/css">'; |
39 | 38 |
include(WB_PATH .'/modules/droplets/backend.css'); |
40 | 39 |
echo "n</style>n"; |
41 | 40 |
} |
42 |
|
|
41 |
*/ |
|
43 | 42 |
// Load Language file |
44 | 43 |
if(LANGUAGE_LOADED) { |
45 | 44 |
if(!file_exists(WB_PATH.'/modules/droplets/languages/'.LANGUAGE.'.php')) { |
... | ... | |
50 | 49 |
} |
51 | 50 |
require_once(WB_PATH . '/include/editarea/wb_wrapper_edit_area.php'); |
52 | 51 |
echo registerEditArea ('contentedit','php',true,'both',true,true,600,450,'search, fullscreen, |, undo, redo, |, select_font,|, highlight, reset_highlight, |, help'); |
53 |
|
|
54 | 52 |
|
55 | 53 |
$modified_when = time(); |
56 |
$modified_by = $admin->get_user_id(); |
|
54 |
$modified_by = ($admin->ami_group_member('1') ? 1 : $admin->user_id()); |
|
55 |
$sOverviewDroplets = $TEXT['LIST_OPTIONS'].' '.$DR_TEXT['DROPLETS']; |
|
57 | 56 |
|
58 | 57 |
// Get header and footer |
59 |
$query_content = $database->query("SELECT * FROM ".TABLE_PREFIX."mod_droplets WHERE id = '$droplet_id'"); |
|
58 |
$sql = 'SELECT * FROM `'.TABLE_PREFIX.'mod_droplets` '; |
|
59 |
$sql .= 'WHERE id = '.$droplet_id; |
|
60 |
$sql .= ''; |
|
61 |
|
|
62 |
$query_content = $database->query($sql); |
|
63 |
|
|
60 | 64 |
$fetch_content = $query_content->fetchRow(); |
61 | 65 |
$content = (htmlspecialchars($fetch_content['code'])); |
62 | 66 |
?> |
63 | 67 |
<h4 style="margin: 0; border-bottom: 1px solid #DDD; padding-bottom: 5px;"> |
64 |
<a href="<?php echo $admintool_link;?>"><?php echo $HEADING['ADMINISTRATION_TOOLS']; ?></a> |
|
68 |
<a href="<?php echo $admintool_link;?>" title="<?php echo $HEADING['ADMINISTRATION_TOOLS']; ?>"><?php echo $HEADING['ADMINISTRATION_TOOLS']; ?></a>
|
|
65 | 69 |
-> |
66 |
<a href="<?php echo $module_edit_link;?>">Droplet Edit</a> |
|
70 |
<a href="<?php echo $module_edit_link;?>" title="<?php echo $sOverviewDroplets ?>" alt="<?php echo $sOverviewDroplets ?>">Droplet Edit</a>
|
|
67 | 71 |
</h4> |
68 | 72 |
<br /> |
69 | 73 |
<form name="modify" action="<?php echo WB_URL; ?>/modules/droplets/save_droplet.php" method="post" style="margin: 0;"> |
70 | 74 |
<input type="hidden" name="data_codepress" value="" /> |
71 |
<input type="hidden" name="droplet_id" value="<?php echo $droplet_id; ?>" />
|
|
75 |
<input type="hidden" name="droplet_id" value="<?php echo $admin->getIDKEY($droplet_id); ?>" />
|
|
72 | 76 |
<input type="hidden" name="show_wysiwyg" value="<?php echo $fetch_content['show_wysiwyg']; ?>" /> |
73 | 77 |
<?php echo $admin->getFTAN(); ?> |
74 | 78 |
|
... | ... | |
167 | 171 |
<?php |
168 | 172 |
} |
169 | 173 |
?> |
170 |
|
|
171 | 174 |
</td> |
172 | 175 |
<td align="right"> |
173 | 176 |
<button class="cancel" type="button" onclick="javascript: window.location = '<?php echo $module_edit_link; ?>';"><?php echo $TEXT['CANCEL']; ?></button> |
... | ... | |
179 | 182 |
|
180 | 183 |
// Print admin footer |
181 | 184 |
$admin->print_footer(); |
182 |
|
|
183 |
?> |
branches/2.8.x/wb/modules/droplets/add_droplet.php | ||
---|---|---|
21 | 21 |
|
22 | 22 |
require_once(WB_PATH.'/framework/class.admin.php'); |
23 | 23 |
require_once(WB_PATH.'/framework/functions.php'); |
24 |
$admin = new admin('admintools','admintools',false,false);
|
|
24 |
$admin = new admin('admintools','admintools',true,false);
|
|
25 | 25 |
if($admin->get_permission('admintools') == true) { |
26 |
|
|
26 |
|
|
27 | 27 |
$admintool_link = ADMIN_URL .'/admintools/index.php'; |
28 | 28 |
$module_edit_link = ADMIN_URL .'/admintools/tool.php?tool=droplets'; |
29 |
$admin = new admin('admintools', 'admintools'); |
|
29 |
// $admin = new admin('admintools', 'admintools');
|
|
30 | 30 |
|
31 | 31 |
$modified_when = time(); |
32 |
$modified_by = $admin->get_user_id();
|
|
32 |
$modified_by = intval($admin->get_user_id());
|
|
33 | 33 |
|
34 | 34 |
// Insert new row into database |
35 |
$database->query("INSERT INTO ".TABLE_PREFIX."mod_droplets (active,modified_when,modified_by) VALUES ('1','$modified_when','$modified_by' )"); |
|
35 |
$sql = 'INSERT INTO `'.TABLE_PREFIX.'mod_droplets` SET '; |
|
36 |
$sql .= '`active` = 1, '; |
|
37 |
$sql .= '`modified_when` = '.$modified_when.', '; |
|
38 |
$sql .= '`modified_by` = '.$modified_by.' '; |
|
39 |
$database->query($sql); |
|
36 | 40 |
|
37 | 41 |
// Get the id |
38 |
$droplet_id = $database->get_one("SELECT LAST_INSERT_ID()");
|
|
42 |
$droplet_id = intval($database->get_one("SELECT LAST_INSERT_ID()"));
|
|
39 | 43 |
|
40 | 44 |
// Say that a new record has been added, then redirect to modify page |
41 | 45 |
if($database->is_error()) { |
... | ... | |
44 | 48 |
$admin->print_success($TEXT['SUCCESS'], WB_URL.'/modules/droplets/modify_droplet.php?droplet_id='. $admin->getIDKEY($droplet_id)); |
45 | 49 |
} |
46 | 50 |
|
47 |
// Print admin footer |
|
48 |
$admin->print_footer(); |
|
49 | 51 |
} else { |
50 |
die(header('Location: ../../index.php')); |
|
51 |
} |
|
52 |
?> |
|
52 |
$admin->print_error($database->get_error(), $module_edit_link); |
|
53 |
} |
|
54 |
|
|
55 |
// Print admin footer |
|
56 |
$admin->print_footer(); |
branches/2.8.x/wb/modules/droplets/backup_droplets.php | ||
---|---|---|
27 | 27 |
$admintool_link = ADMIN_URL .'/admintools/index.php'; |
28 | 28 |
$module_edit_link = ADMIN_URL .'/admintools/tool.php?tool=droplets'; |
29 | 29 |
$template_edit_link = ADMIN_URL .'/admintools/tool.php?tool=templateedit'; |
30 |
$sOverviewDroplets = $TEXT['LIST_OPTIONS']; |
|
30 | 31 |
|
31 | 32 |
// protect from CSRF |
32 |
$id = $admin->checkIDKEY('id', false, 'GET');
|
|
33 |
$id = intval($admin->checkIDKEY('id', false, 'GET'));
|
|
33 | 34 |
if (!$id or $id != 999) { |
34 | 35 |
$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'], $module_edit_link); |
35 |
exit(); |
|
36 | 36 |
} |
37 | 37 |
|
38 | 38 |
?> |
39 | 39 |
<h4 style="margin: 0; border-bottom: 1px solid #DDD; padding-bottom: 5px;"> |
40 |
<a href="<?php echo $admintool_link;?>"><?php echo $HEADING['ADMINISTRATION_TOOLS']; ?></a> |
|
40 |
<a href="<?php echo $admintool_link;?>" title="<?php echo $HEADING['ADMINISTRATION_TOOLS']; ?>"><?php echo $HEADING['ADMINISTRATION_TOOLS']; ?></a>
|
|
41 | 41 |
-> |
42 |
<a href="<?php echo $module_edit_link;?>">Droplets</a>
|
|
42 |
<a href="<?php echo $module_edit_link;?>" title="<?php echo $sOverviewDroplets ?>" alt="<?php echo $sOverviewDroplets ?>">Droplet Edit</a>
|
|
43 | 43 |
</h4> |
44 | 44 |
<?php |
45 | 45 |
|
... | ... | |
47 | 47 |
$temp_file = '/modules/droplets/backup-droplets.zip'; |
48 | 48 |
// make the temporary working directory |
49 | 49 |
mkdir($temp_dir); |
50 |
$query_droplets = $database->query("SELECT * FROM ".TABLE_PREFIX."mod_droplets ORDER BY modified_when DESC"); |
|
50 |
$sql = 'SELECT * FROM `'.TABLE_PREFIX.'mod_droplets` '; |
|
51 |
$sql .= 'ORDER BY `modified_when` DESC'; |
|
52 |
$query_droplets = $database->query($sql); |
|
51 | 53 |
while($droplet = $query_droplets->fetchRow()) { |
52 | 54 |
echo 'Saving: '.$droplet["name"].'.php<br />'; |
53 | 55 |
$sFile = $temp_dir.$droplet["name"].'.php'; |
... | ... | |
69 | 71 |
else { |
70 | 72 |
echo '<br /><br />Backup created - <a href="'.WB_URL.$temp_file.'">Download</a>'; |
71 | 73 |
} |
74 |
|
|
72 | 75 |
delete_directory ( $temp_dir ); |
73 |
$admin->print_footer(); |
|
74 | 76 |
|
75 | 77 |
function delete_directory($dirname) { |
76 | 78 |
if (is_dir($dirname)) |
... | ... | |
89 | 91 |
rmdir($dirname); |
90 | 92 |
return true; |
91 | 93 |
} |
94 |
|
|
95 |
$admin->print_footer(); |
branches/2.8.x/wb/modules/droplets/upgrade.php | ||
---|---|---|
16 | 16 |
* @lastmodified $Date$ |
17 | 17 |
* |
18 | 18 |
*/ |
19 |
/* -------------------------------------------------------- */ |
|
20 |
// Must include code to stop this file being accessed directly |
|
21 |
if(!defined('WB_PATH')) { |
|
19 | 22 |
|
20 |
if(!defined('WB_PATH')) die(header('Location: ../../index.php')); |
|
23 |
require_once(dirname(dirname(dirname(__FILE__))).'/framework/globalExceptionHandler.php'); |
|
24 |
throw new IllegalFileException(); |
|
25 |
} |
|
26 |
/* -------------------------------------------------------- */ |
|
21 | 27 |
|
22 |
$table = TABLE_PREFIX .'mod_droplets'; |
|
23 |
|
|
24 |
$info = $database->query("SELECT * from `$table` limit 0,1" ); |
|
25 |
$fields = $info->fetchRow(); |
|
26 |
if (!array_key_exists("admin_edit", $fields)) { |
|
27 |
/** |
|
28 |
* Call from the upgrade-script |
|
29 |
*/ |
|
30 |
|
|
31 |
if (function_exists('db_add_field')) { |
|
32 |
db_add_field("admin_edit", 'mod_droplets', "INT NOT NULL default '0'"); |
|
33 |
db_add_field("admin_view", 'mod_droplets', "INT NOT NULL default '0'"); |
|
34 |
db_add_field("show_wysiwyg", 'mod_droplets', "INT NOT NULL default '0'"); |
|
35 |
} else { |
|
36 |
/** |
|
37 |
* Not call by the upgrade-script |
|
38 |
*/ |
|
39 |
$database->query("ALTER TABLE `$table` ( |
|
40 |
`admin_edit` INT NOT NULL default '0', |
|
41 |
`admin_view` INT NOT NULL default '0', |
|
42 |
`show_wysiwyg` INT NOT NULL default '0' |
|
43 |
)"); |
|
44 |
} |
|
45 |
} |
|
46 |
?> |
|
28 |
$table_name = TABLE_PREFIX .'mod_droplets'; |
|
29 |
$description = 'INT NOT NULL default 0 '; |
|
30 |
$database->field_add($table_name,'show_wysiwyg',$description.'AFTER `active`' ); |
|
31 |
$database->field_add($table_name,'admin_view',$description.'AFTER `active`' ); |
|
32 |
$database->field_add($table_name,'admin_edit',$description.'AFTER `active`' ); |
branches/2.8.x/wb/modules/droplets/save_droplet.php | ||
---|---|---|
18 | 18 |
*/ |
19 | 19 |
|
20 | 20 |
require('../../config.php'); |
21 |
|
|
22 | 21 |
// Get id |
22 |
/* |
|
23 | 23 |
if(!isset($_POST['droplet_id']) OR !is_numeric($_POST['droplet_id'])) { |
24 | 24 |
header("Location: ".ADMIN_URL."/pages/index.php"); |
25 | 25 |
} else { |
26 | 26 |
$droplet_id = (int) $_POST['droplet_id']; |
27 | 27 |
} |
28 |
*/ |
|
29 |
|
|
28 | 30 |
// Include WB admin wrapper script |
29 | 31 |
require_once(WB_PATH.'/framework/class.admin.php'); |
30 | 32 |
require_once(WB_PATH.'/framework/functions.php'); |
31 | 33 |
|
34 |
$admintool_link = ADMIN_URL .'/admintools/index.php'; |
|
32 | 35 |
$module_edit_link = ADMIN_URL .'/admintools/tool.php?tool=droplets'; |
33 |
// check website baker platform (with WB 2.7, Admin-Tools were moved out of settings dialogue) |
|
34 |
if(file_exists(ADMIN_PATH .'/admintools/tool.php')) { |
|
35 |
$admintool_link = ADMIN_URL .'/admintools/index.php'; |
|
36 |
$admin = new admin('admintools', 'admintools',false); |
|
37 |
} else { |
|
38 |
$admintool_link = ADMIN_URL .'/settings/index.php?advanced=yes#administration_tools"'; |
|
39 |
$admin = new admin('Settings', 'settings_advanced',false); |
|
40 |
} |
|
41 | 36 |
|
42 |
if (!$admin->checkFTAN()) |
|
43 |
{ |
|
37 |
$admin = new admin('admintools', 'admintools',false); |
|
38 |
|
|
39 |
$droplet_id = intval($admin->checkIDKEY('droplet_id', false, 'POST')); |
|
40 |
|
|
41 |
if(!$admin->checkFTAN() || !$droplet_id ) { |
|
44 | 42 |
$admin->print_header(); |
45 |
$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'], $module_edit_link); |
|
43 |
$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'], $module_edit_link );
|
|
46 | 44 |
} |
47 | 45 |
$admin->print_header(); |
48 | 46 |
|
... | ... | |
58 | 56 |
$description = $admin->add_slashes($admin->get_post('description')); |
59 | 57 |
$tags = array('<?php', '?>' , '<?'); |
60 | 58 |
$content = $admin->add_slashes(str_replace($tags, '', $_POST['savecontent'])); |
61 |
|
|
62 | 59 |
$comments = $admin->add_slashes($admin->get_post('comments')); |
63 | 60 |
$modified_when = time(); |
64 |
$modified_by = (int) $admin->get_user_id();
|
|
61 |
$modified_by = (int) $admin->get_user_id(); |
|
65 | 62 |
} |
66 | 63 |
|
67 | 64 |
// Update row |
68 |
$database->query("UPDATE ".TABLE_PREFIX."mod_droplets SET name = '$title', active = '$active', admin_view = '$admin_view', admin_edit = '$admin_edit', show_wysiwyg = '$show_wysiwyg', description = '$description', code = '$content', comments = '$comments', modified_when = '$modified_when', modified_by = '$modified_by' WHERE id = '$droplet_id'"); |
|
65 |
$sql = 'UPDATE `'.TABLE_PREFIX.'mod_droplets` SET '; |
|
66 |
$sql .= '`name` = \''.$title.'\', '; |
|
67 |
$sql .= '`active` = '.$active.', '; |
|
68 |
$sql .= '`admin_view` = '.$admin_view.', '; |
|
69 |
$sql .= '`admin_edit` = '.$admin_edit.', '; |
|
70 |
$sql .= '`show_wysiwyg` = '.$show_wysiwyg.', '; |
|
71 |
$sql .= '`description` = \''.$description.'\', '; |
|
72 |
$sql .= '`code` = \''.$content.'\', '; |
|
73 |
$sql .= '`comments` = \''.$comments.'\', '; |
|
74 |
$sql .= '`modified_when` = '.$modified_when.', '; |
|
75 |
$sql .= '`modified_by` = '.$modified_by.' '; |
|
76 |
$sql .= 'WHERE `id` = '.$droplet_id; |
|
77 |
$database->query($sql); |
|
69 | 78 |
|
70 | 79 |
// Check if there is a db error, otherwise say successful |
71 | 80 |
if($database->is_error()) { |
Also available in: Unified diff
change sql statements to strict in module droplets
fix vars in compatibility mode for versions before 2.8.1 in frontend.functions.php