3 |
3 |
*
|
4 |
4 |
* @category admin
|
5 |
5 |
* @package pages
|
6 |
|
* @author WebsiteBaker Project
|
7 |
|
* @copyright 2004-2009, Ryan Djurovich
|
8 |
|
* @copyright 2009-2011, Website Baker Org. e.V.
|
|
6 |
* @author Ryan Djurovich, WebsiteBaker Project
|
|
7 |
* @copyright 2009-2012, WebsiteBaker Org. e.V.
|
9 |
8 |
* @link http://www.websitebaker2.org/
|
10 |
9 |
* @license http://www.gnu.org/licenses/gpl.html
|
11 |
10 |
* @platform WebsiteBaker 2.8.x
|
... | ... | |
25 |
24 |
$admin = new admin('Pages', 'pages_settings',false);
|
26 |
25 |
|
27 |
26 |
// Get page id
|
28 |
|
if(!isset($_POST['page_id']) || preg_match('/[^0-9a-f]/i',$_POST['page_id']))
|
|
27 |
if(!isset($_POST['page_id']) || (isset($_POST['page_id'])&& !preg_match('/[^0-9a-f]/i',$_POST['page_id'])) )
|
29 |
28 |
{
|
30 |
29 |
header("Location: index.php");
|
31 |
30 |
exit(0);
|
32 |
31 |
} else {
|
33 |
32 |
// $page_id = $admin->checkIDKEY('page_id');
|
34 |
|
// $page_id = (int)$_POST['page_id'];
|
|
33 |
// $page_id = (int)$_POST['page_id']; || preg_match('/[^0-9a-f]/i',$_POST['page_id'])
|
35 |
34 |
if((!($page_id = $admin->checkIDKEY('page_id')))) {
|
36 |
35 |
$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'], ADMIN_URL.'/pages/index.php');
|
37 |
36 |
}
|
... | ... | |
86 |
85 |
// Validate data
|
87 |
86 |
if($page_title == '' || substr($page_title,0,1)=='.')
|
88 |
87 |
{
|
89 |
|
$admin->print_error($MESSAGE['PAGES']['BLANK_PAGE_TITLE']);
|
|
88 |
$admin->print_error($MESSAGE['PAGES_BLANK_PAGE_TITLE']);
|
90 |
89 |
}
|
91 |
90 |
if($menu_title == '' || substr($menu_title,0,1)=='.')
|
92 |
91 |
{
|
93 |
|
$admin->print_error($MESSAGE['PAGES']['BLANK_MENU_TITLE']);
|
|
92 |
$admin->print_error($MESSAGE['PAGES_BLANK_MENU_TITLE']);
|
94 |
93 |
}
|
95 |
94 |
|
96 |
95 |
// Get existing perms
|
... | ... | |
102 |
101 |
$old_link = $results_array['link'];
|
103 |
102 |
$old_position = $results_array['position'];
|
104 |
103 |
|
105 |
|
if(!$admin->ami_group_member($results_array['admin_groups']) &&
|
106 |
|
!$admin->is_group_match($admin->get_user_id(), $results_array['admin_users']))
|
107 |
|
{
|
108 |
|
$admin->print_error($MESSAGE['PAGES']['INSUFFICIENT_PERMISSIONS']);
|
|
104 |
if($admin->ami_group_member('1')) {
|
|
105 |
if(!$admin->ami_group_member($results_array['admin_groups']) &&
|
|
106 |
!$admin->is_group_match($admin->get_user_id(), $results_array['admin_users']))
|
|
107 |
{
|
|
108 |
$admin->print_error($MESSAGE['PAGES_INSUFFICIENT_PERMISSIONS']);
|
|
109 |
}
|
|
110 |
// Setup admin groups
|
|
111 |
$aAdminGroups = (is_array($aAdminGroups) ? $aAdminGroups : array(1));
|
|
112 |
array_unshift($aAdminGroups, 1);
|
|
113 |
$sAdminGroups = implode(',', array_unique($aAdminGroups, SORT_REGULAR));
|
|
114 |
$sAdminGroups = (preg_match('/^,|[^0-9,]|,,|,$/', $sAdminGroups) ? '1' : $sAdminGroups);
|
|
115 |
|
|
116 |
$aAdminUsers = (is_array($aAdminUsers) ? $aAdminUsers : array());
|
|
117 |
$sAdminUsers = implode(',', array_diff($aAdminUsers, array(0)));
|
|
118 |
$sAdminUsers = (preg_match('/^,|[^0-9,]|,,|,$/', $sAdminUsers) ? array() : $sAdminUsers);
|
109 |
119 |
}
|
110 |
120 |
|
111 |
|
// Setup admin groups
|
112 |
|
$aAdminGroups = (is_array($aAdminGroups) ? $aAdminGroups : array(1));
|
113 |
|
array_unshift($aAdminGroups, 1);
|
114 |
|
$sAdminGroups = implode(',', array_unique($aAdminGroups, SORT_REGULAR));
|
115 |
|
$sAdminGroups = (preg_match('/^,|[^0-9,]|,,|,$/', $sAdminGroups) ? '1' : $sAdminGroups);
|
116 |
|
|
117 |
|
$aAdminUsers = (is_array($aAdminUsers) ? $aAdminUsers : array());
|
118 |
|
$sAdminUsers = implode(',', array_diff($aAdminUsers, array(0)));
|
119 |
|
$sAdminUsers = (preg_match('/^,|[^0-9,]|,,|,$/', $sAdminUsers) ? array() : $sAdminUsers);
|
120 |
|
|
121 |
121 |
$aViewingGroups = (is_array($aViewingGroups) ? $aViewingGroups : array(1));
|
122 |
122 |
array_unshift($aViewingGroups, 1);
|
123 |
123 |
$sViewingGroups = implode(',', array_unique($aViewingGroups, SORT_REGULAR));
|
... | ... | |
193 |
193 |
|
194 |
194 |
if($get_same_page->numRows() > 0)
|
195 |
195 |
{
|
196 |
|
$admin->print_error($MESSAGE['PAGES']['PAGE_EXISTS']);
|
|
196 |
$admin->print_error($MESSAGE['PAGES_PAGE_EXISTS']);
|
197 |
197 |
}
|
198 |
198 |
|
199 |
199 |
// Update page with new order
|
... | ... | |
225 |
225 |
. '`position`='.$position.', '
|
226 |
226 |
. '`visibility`=\''.$visibility.'\', '
|
227 |
227 |
. '`searching`='.$searching.', '
|
228 |
|
. '`language`=\''.$language.'\', '
|
229 |
|
. '`admin_groups`=\''.$sAdminGroups.'\', '
|
230 |
|
. '`admin_users`=\''.$sAdminUsers.'\', '
|
|
228 |
. '`language`=\''.$language.'\', ';
|
|
229 |
if($admin->ami_group_member('1')) {
|
|
230 |
$sql .= ''
|
|
231 |
. '`admin_groups`=\''.$sAdminGroups.'\', '
|
|
232 |
. '`admin_users`=\''.$sAdminUsers.'\', ';
|
|
233 |
}
|
|
234 |
$sql .= ''
|
231 |
235 |
. '`viewing_groups`=\''.$sViewingGroups.'\', '
|
232 |
236 |
. '`viewing_users`=\''.$sViewingUsers.'\', '
|
233 |
237 |
. '`page_code`='.$page_code.' '
|
234 |
238 |
. 'WHERE `page_id`='.$page_id;
|
|
239 |
|
235 |
240 |
if(!$database->query($sql)) {
|
236 |
241 |
$target_url = ADMIN_URL.'/pages/settings.php?page_id='.$page_id;
|
237 |
242 |
$admin->print_error($database->get_error(), $target_url );
|
... | ... | |
247 |
252 |
// Create a new file in the /pages dir if title changed
|
248 |
253 |
if(!is_writable(WB_PATH.PAGES_DIRECTORY.'/'))
|
249 |
254 |
{
|
250 |
|
$admin->print_error($MESSAGE['PAGES']['CANNOT_CREATE_ACCESS_FILE']);
|
|
255 |
$admin->print_error($MESSAGE['PAGES_CANNOT_CREATE_ACCESS_FILE']);
|
251 |
256 |
} else {
|
252 |
257 |
$old_filename = WB_PATH.PAGES_DIRECTORY.$old_link.PAGE_EXTENSION;
|
253 |
258 |
// First check if we need to create a new file
|
... | ... | |
334 |
339 |
{
|
335 |
340 |
$admin->print_error($database->get_error(), $target_url );
|
336 |
341 |
} else {
|
337 |
|
$admin->print_success($MESSAGE['PAGES']['SAVED_SETTINGS'], $target_url );
|
|
342 |
$admin->print_success($MESSAGE['PAGES_SAVED_SETTINGS'], $target_url );
|
338 |
343 |
}
|
339 |
344 |
|
340 |
345 |
// Print admin footer
|