+
-
+
Index: branches/2.8.x/wb/admin/pages/settings.php
===================================================================
--- branches/2.8.x/wb/admin/pages/settings.php (revision 1913)
+++ branches/2.8.x/wb/admin/pages/settings.php (revision 1914)
@@ -4,8 +4,8 @@
* @category admin
* @package pages
* @author Ryan Djurovich, WebsiteBaker Project
- * @copyright 2009-2012, WebsiteBaker Org. e.V.
- * @link http://www.websitebaker2.org/
+ * @copyright 2009-2013, WebsiteBaker Org. e.V.
+ * @link http://www.websitebaker.org/
* @license http://www.gnu.org/licenses/gpl.html
* @platform WebsiteBaker 2.8.x
* @requirements PHP 5.2.2 and higher
@@ -86,8 +86,10 @@
}
} // end of function parent_list
/* -------------------------------------------------------------------------------------*/
- $mLang = ModLanguage::getInstance();
- $mLang->setLanguage(dirname(__FILE__).'/languages/', LANGUAGE, DEFAULT_LANGUAGE);
+// $mLang = ModLanguage::getInstance();
+// $mLang->setLanguage(dirname(__FILE__).'/languages/', LANGUAGE, DEFAULT_LANGUAGE);
+ $mLang = Translate::getinstance();
+ $mLang->enableAddon('admin\pages');
$sDisabled = ' disabled="disabled"';
$sSelected = ' selected="selected"';
$sChecked = ' checked="checked"';
@@ -103,7 +105,7 @@
if( ($oPages = $database->query($sql)) ) {
$aCurrentPage = $oPages->fetchRow(MYSQL_ASSOC);
// Work-out if we should set seo_title
- $aCurrentPage['seo_title'] = basename($aCurrentPage['link']);
+ $aCurrentPage['seo_title'] = basename($aCurrentPage['link']);
// Work-out if we should check for existing page_code
$field_set = isset($aCurrentPage['page_code']);
if( !$admin->ami_group_member($aCurrentPage['admin_groups']) &&
@@ -136,11 +138,11 @@
$oTpl->set_file('page', 'pages_settings.htt');
$oTpl->set_block('page', 'main_block', 'main');
$oTpl->set_var('FTAN', $admin->getFTAN());
-// $sShowIconDirText = $TEXT['EXPAND'].' ';
+// $sShowIconDirText = $mLang->TEXT_EXPAND'].' ';
$sql = 'SELECT `value` FROM `'.TABLE_PREFIX.'settings` WHERE `name` = \'page_extendet\'';
// if($page_extend = $database->get_one($sql)) {}
$page_extend = (defined('PAGE_EXTENDET') ? filter_var(PAGE_EXTENDET, FILTER_VALIDATE_BOOLEAN, FILTER_NULL_ON_FAILURE) : false);
- $sShowIconDirText = ($page_extend==true) ? $TEXT['HIDE_ADVANCED'] : $TEXT['SHOW_ADVANCED'];
+ $sShowIconDirText = ($page_extend==true) ? $mLang->TEXT_HIDE_ADVANCED : $mLang->TEXT_SHOW_ADVANCED;
$oTpl->set_var(array(
'PAGE_ID' => $aCurrentPage['page_id'],
@@ -154,8 +156,9 @@
'MODIFIED_BY' => $user['display_name'],
'MODIFIED_BY_USERNAME' => $user['username'],
'MODIFIED_WHEN' => $modified_ts,
- 'TEXT_SAVE_BACK' => $TEXT['SAVE'].' & '.$TEXT['BACK'],
+ 'TEXT_SAVE_BACK' => $mLang->TEXT_SAVE.' & '.$mLang->TEXT_BACK,
'TEXT_EXTENDED' => $sShowIconDirText,
+ 'VISIBILITY' => 'visibility',
'ADMIN_URL' => ADMIN_URL,
'WB_URL' => WB_URL,
'THEME_URL' => THEME_URL
@@ -207,7 +210,8 @@
$sTemplate = ($aCurrentPage['template'] == '' ? DEFAULT_TEMPLATE : $aCurrentPage['template']);
$sIconDir = str_replace('\\', '/', ((defined('PAGE_ICON_DIR') && PAGE_ICON_DIR != '') ? PAGE_ICON_DIR : MEDIA_DIRECTORY));
$sIconDir = str_replace('/*', '/'.$sTemplate, $sIconDir);
- $bIconDirHide = ($page_extend==true) ? '' : 'hide';
+ $bIconDirHide = ($page_extend==true) ? 'display:block;' : 'display:none;';
+
// $oTpl->set_var('ICON_DIR', WB_REL.$sIconDir);
$sHelp = replaceVars($mLang->HELP_PAGE_IMAGE_DIR, array('icon_dir'=>WB_REL.$sIconDir ) );
@@ -551,7 +555,7 @@
}
$aMenu = getTemplateInfo($aCurrentPage['template']);
// set menu[1] as default if there's no entry in info.php
- $aMenu[1] = (!isset($aMenu[1]) OR ($aMenu[1] == '')) ? $TEXT['MAIN'] : $aMenu[1];
+ $aMenu[1] = (!isset($aMenu[1]) OR ($aMenu[1] == '')) ? $mLang->TEXT_MAIN : $aMenu[1];
$oTpl->set_block('show_menu_list_block', 'menu_list_block', 'menu_list');
foreach($aMenu as $iIndex => $sMenuName) {
$aVars = array();
Index: branches/2.8.x/wb/admin/pages/default.ini
===================================================================
--- branches/2.8.x/wb/admin/pages/default.ini (nonexistent)
+++ branches/2.8.x/wb/admin/pages/default.ini (revision 1914)
@@ -0,0 +1,25 @@
+;
+;###############################################################################
+;### ###
+;### configurable settings for admin/pages ###
+;### ###
+;###############################################################################
+;
+[PagesEnvironment]
+AccessFileOverwrite = true
+;
+[ProtectedNames]
+List[] = account
+List[] = framework
+List[] = include
+List[] = install
+List[] = languages
+List[] = modules
+List[] = search
+List[] = temp
+List[] = templates
+List[] = index
+List[] = config
+List[] = upgrade-script
+List[] = intro
+;
\ No newline at end of file
Index: branches/2.8.x/wb/admin/pages/settings_save.php
===================================================================
--- branches/2.8.x/wb/admin/pages/settings_save.php (revision 1913)
+++ branches/2.8.x/wb/admin/pages/settings_save.php (revision 1914)
@@ -4,10 +4,10 @@
* @category admin
* @package pages
* @author Ryan Djurovich, WebsiteBaker Project
- * @copyright 2009-2012, WebsiteBaker Org. e.V.
- * @link http://www.websitebaker2.org/
+ * @copyright 2009-2013, WebsiteBaker Org. e.V.
+ * @link http://www.websitebaker.org/
* @license http://www.gnu.org/licenses/gpl.html
- * @platform WebsiteBaker 2.8.x
+ * @platform WebsiteBaker 2.8.4
* @requirements PHP 5.2.2 and higher
* @version $Id$
* @filesource $HeadURL$
@@ -26,15 +26,18 @@
}
if(!class_exists('admin', false)){ include(WB_PATH.'/framework/class.admin.php'); }
-$lang_dir = dirname(__FILE__).'/languages/';
-$lang = file_exists($lang_dir.LANGUAGE.'.php') ? LANGUAGE : 'EN';
+//$lang_dir = dirname(__FILE__).'/languages/';
+//$lang = file_exists($lang_dir.LANGUAGE.'.php') ? LANGUAGE : 'EN';
//require_once($lang_dir.$lang.'.php');
-if( !isset($TEXT['PAGE_LANG_LOADED']) ) { require($lang_dir.$lang.'.php'); }
+//if( !isset($mLang->TEXT_PAGE_LANG_LOADED) ) { require($lang_dir.$lang.'.php'); }
// suppress to print the header, so no new FTAN will be set
$admin = new admin('Pages', 'pages_settings',false);
$pagetree_url = ADMIN_URL.'/pages/index.php';
+$mLang = Translate::getinstance();
+$mLang->enableAddon('admin\pages');
+
// Get page id
if(!isset($_POST['page_id']) || (isset($_POST['page_id']) && preg_match('/[^0-9a-z]/i',$_POST['page_id'])) )
{
@@ -45,7 +48,7 @@
// $page_id = (int)$_POST['page_id']; || preg_match('/[^0-9a-f]/i',$_POST['page_id'])
if((!($page_id = $admin->checkIDKEY('page_id')))) {
$admin->print_header();
- $admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'], $pagetree_url);
+ $admin->print_error($mLang->MESSAGE_GENERIC_SECURITY_ACCESS, $pagetree_url);
}
}
@@ -60,7 +63,7 @@
if (!$admin->checkFTAN())
{
$admin->print_header();
- $admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'],$target_url);
+ $admin->print_error($mLang->MESSAGE_GENERIC_SECURITY_ACCESS,$target_url);
}
// After check print the header
@@ -74,7 +77,7 @@
$sql .= '`value`=\''.($val ? 'false' : 'true').'\' ';
$sql .= (defined('PAGE_EXTENDET') ? 'WHERE `name`=\'page_extendet\'' : '');
if($database->query($sql)) {
- // redirect to backend
+// redirect to backend
echo "
If the script could not be start automatically.\n" .
"Please click on this link to start the script!
\n";
@@ -96,14 +99,21 @@
if(!function_exists('directory_list')) { require(WB_PATH.'/framework/functions.php'); }
// Get values
-$page_title = str_replace(array("[[", "]]"), '', htmlspecialchars($admin->get_post_escaped('page_title')));
-$menu_title = str_replace(array("[[", "]]"), '', htmlspecialchars($admin->get_post_escaped('menu_title')));
-$seo_title = str_replace(array("[[", "]]"), '', htmlspecialchars($admin->get_post_escaped('seo_title')));
+//$page_title = str_replace(array("[[", "]]"), '', htmlspecialchars($admin->get_post_escaped('page_title')));
+//$menu_title = str_replace(array("[[", "]]"), '', htmlspecialchars($admin->get_post_escaped('menu_title')));
+//$seo_title = str_replace(array("[[", "]]"), '', htmlspecialchars($admin->get_post_escaped('seo_title')));
+//$description = str_replace(array("[[", "]]"), '', htmlspecialchars($admin->add_slashes($admin->get_post('description'))));
+//$keywords = str_replace(array("[[", "]]"), '', htmlspecialchars($admin->add_slashes($admin->get_post('keywords'))));
+
+$page_title = ($admin->StripCodeFromText($admin->get_post('page_title')));
+$menu_title = ($admin->StripCodeFromText($admin->get_post('menu_title')));
+$seo_title = ($admin->StripCodeFromText($admin->get_post('seo_title')));
+$description = ($admin->StripCodeFromText($admin->get_post('description')));
+$keywords = ($admin->StripCodeFromText($admin->get_post('keywords')));
+
$page_code = intval($admin->get_post('page_code')) ;
-$description = str_replace(array("[[", "]]"), '', htmlspecialchars($admin->add_slashes($admin->get_post('description'))));
-$keywords = str_replace(array("[[", "]]"), '', htmlspecialchars($admin->add_slashes($admin->get_post('keywords'))));
$parent = intval($admin->get_post('parent')); // fix secunia 2010-91-3
-$visibility = $admin->get_post_escaped('visibility');
+$visibility = $admin->StripCodeFromText($admin->get_post('visibility'));
if (!in_array($visibility, array('public', 'private', 'registered', 'hidden', 'none'))) {$visibility = 'public';} // fix secunia 2010-93-3
$template = preg_replace('/[^a-z0-9_-]/i', "", $admin->get_post('template')); // fix secunia 2010-93-3
$template = (($template == DEFAULT_TEMPLATE ) ? '' : $template);
@@ -129,7 +139,7 @@
}
if($menu_title == '' || substr($menu_title,0,1)=='.')
{
- $admin->print_error($MESSAGE['PAGES_BLANK_MENU_TITLE'],$target_url);
+ $admin->print_error($mLang->MESSAGE_PAGES_BLANK_MENU_TITLE,$target_url);
}
if($seo_title == '' || substr($seo_title,0,1)=='.')
{
@@ -139,7 +149,6 @@
// Get existing perms
$sql = 'SELECT `parent`,`link`,`position`,`admin_groups`,`admin_users`,`menu_title` ';
$sql .= 'FROM `'.TABLE_PREFIX.'pages` WHERE `page_id`='.$page_id;
-
$results = $database->query($sql);
$results_array = $results->fetchRow(MYSQL_ASSOC);
@@ -151,7 +160,7 @@
if(!$admin->ami_group_member($results_array['admin_groups']) &&
!$admin->is_group_match($admin->get_user_id(), $results_array['admin_users']))
{
- $admin->print_error($MESSAGE['PAGES_INSUFFICIENT_PERMISSIONS']);
+ $admin->print_error($mLang->MESSAGE_PAGES_INSUFFICIENT_PERMISSIONS);
}
// Setup admin groups
$aAdminGroups = (is_array($aAdminGroups) ? $aAdminGroups : array(1));
@@ -201,56 +210,67 @@
$root_parent = root_parent($parent);
} else {
// Work out level
- $level = level_count($page_id);
+ $level = level_count($page_id);
// Work out root parent
- $root_parent = root_parent($page_id);
+ $root_parent = root_parent($page_id);
}
+// preparing root_check to protect system directories and important files from being overwritten if PAGES_DIR = '/'
+ $denied = false;
+ $forbidden = array();
+ $aTempIniList = array();
+ $aTempIniList = parse_ini_file(dirname(__FILE__).'/default.ini',true);
+ $bAccessFileOverwrite = $aTempIniList['PagesEnvironment']['AccessFileOverwrite'];
+ $aTempIniList['ProtectedNames']['List'][] = (defined('ADMIN_DIRECTORY') ? trim(ADMIN_DIRECTORY,'/') : 'admin');
+ $aTempIniList['ProtectedNames']['List'][] = (defined('MEDIA_DIRECTORY') ? trim(MEDIA_DIRECTORY,'/') : 'media');
+ $aTempIniList['ProtectedNames']['List'][] = (defined('PAGES_DIRECTORY') ? trim(PAGES_DIRECTORY,'/') : 'pages');
+ $forbidden = $aTempIniList['ProtectedNames'];
$link = '/'.page_filename($seo_title);
-
+if( ($parent == '0') ) {
+ if( defined('PAGES_DIRECTORY') && trim(PAGES_DIRECTORY,'/')=='' ) {
// Work-out what the link should be
-if($parent == '0') {
- if($link == '/index' || $link == '/intro')
- {
- $link .= '_' .$page_id;
- $filename = WB_PATH.PAGES_DIRECTORY.$link .PAGE_EXTENSION;
-
- } else {
- $filename = WB_PATH.PAGES_DIRECTORY.$link.PAGE_EXTENSION;
+ $denied = in_array(trim($link,'/'), $forbidden['List']);
+ if( $denied )
+ {
+// $link .= '_' .$page_id;
+ $admin->print_error($mLang->MESSAGE_PAGES_CANNOT_MODIFY_PROTECTED_FILE);
+ }
}
+ $filename = WB_PATH.PAGES_DIRECTORY.$link.PAGE_EXTENSION;
} else {
$parent_section = '';
$parent_titles = array_reverse(get_parent_titles($parent));
- foreach($parent_titles AS $parent_title)
- {
+ foreach($parent_titles AS $parent_title) {
$parent_section .= '/'.page_filename($parent_title);
}
- if($parent_section == '/')
- {
- $parent_section = '';
- }
-
+ if($parent_section == '/') {
+ $parent_section = '';
+ }
$link = $parent_section.$link;
$filename = WB_PATH.PAGES_DIRECTORY.$link.PAGE_EXTENSION;
}
+// $database = new database();
// Check if a page with same page filename exists
-// $database = new database();
-$sql = 'SELECT `page_id`,`page_title` FROM `'.TABLE_PREFIX.'pages` WHERE `link` = "'.$link.'" AND `page_id` != '.$page_id;
+$sql = 'SELECT COUNT(*) FROM `'.TABLE_PREFIX.'pages` '
+ . 'WHERE `link` = \''.$link.'\' '
+ . 'AND `page_id` != '.$page_id;
+if( ($iSamePages = intval($database->get_one($sql))) > 0 ){
+ $admin->print_error($mLang->MESSAGE_PAGES_PAGE_EXISTS, $target_url);
+}
-$get_same_page = $database->query($sql);
+//if($get_same_page = $database->query($sql)){
+// if($get_same_page->numRows() > 0)
+// {
+// $admin->print_error($mLang->MESSAGE_PAGES_PAGE_EXISTS, $target_url);
+// }
+//}
-if($get_same_page->numRows() > 0)
-{
- $admin->print_error($MESSAGE['PAGES_PAGE_EXISTS'], $target_url);
-}
-
// Update page with new order
-$sql = 'UPDATE `'.TABLE_PREFIX.'pages` SET `parent`='.$parent.', `position`='.$position.' WHERE `page_id`='.$page_id.'';
-// $database = new database();
-$database->query($sql);
+//$sql = 'UPDATE `'.TABLE_PREFIX.'pages` SET `parent`='.$parent.', `position`='.$position.' WHERE `page_id`='.$page_id.'';
+//$database->query($sql);
// Get page trail
$page_trail = get_page_trail($page_id);
@@ -261,7 +281,7 @@
. '`page_title`=\''.$page_title.'\', '
. '`tooltip`=\''.$page_title.'\', '
. '`page_icon` =\''.$database->escapeString($sPageIcon).'\', '
- . '`menu_title`=\''.$menu_title.'\', '
+ . '`menu_title`=\''.$database->escapeString($menu_title).'\', '
. '`menu_icon_0` =\''.$database->escapeString($sMenuIcon0).'\', '
. '`menu_icon_1` =\''.$database->escapeString($sMenuIcon1).'\', '
. '`menu`='.$menu.', '
@@ -268,11 +288,11 @@
. '`level`='.$level.', '
. '`page_trail`=\''.$page_trail.'\', '
. '`root_parent`='.$root_parent.', '
- . '`link`=\''.$link.'\', '
+ . '`link`=\''.$database->escapeString($link).'\', '
. '`template`=\''.$template.'\', '
. '`target`=\''.$target.'\', '
- . '`description`=\''.$description.'\', '
- . '`keywords`=\''.$keywords.'\', '
+ . '`description`=\''.$database->escapeString($description).'\', '
+ . '`keywords`=\''.$database->escapeString($keywords).'\', '
. '`position`='.$position.', '
. '`visibility`=\''.$visibility.'\', '
. '`searching`='.$searching.', '
@@ -301,25 +321,26 @@
// using standard function by core,
function fix_page_trail($page_id) {
- global $database,$admin,$target_url,$pagetree_url,$MESSAGE;
+ global $database,$admin,$target_url,$pagetree_url,$mLang;
$target_url = (isset($_POST['back_submit'])) ? $pagetree_url : $target_url;
- // Work out level
+// Work out level
$level = level_count($page_id);
- // Work out root parent
+// Work out root parent
$root_parent = root_parent($page_id);
- // Work out page trail
+// Work out page trail
$page_trail = get_page_trail($page_id);
- // Update page with new level and link
- $sql = 'UPDATE `'.TABLE_PREFIX.'pages` SET ';
- $sql .= '`root_parent` = '.$root_parent.', ';
- $sql .= '`level` = '.$level.', ';
- $sql .= '`page_trail` = "'.$page_trail.'" ';
- $sql .= 'WHERE `page_id` = '.$page_id;
+// Update page with new level and link
+ $sql = 'UPDATE `'.TABLE_PREFIX.'pages` '
+ . 'SET `root_parent` = '.$root_parent.', '
+ . '`level` = '.$level.', '
+ . '`page_trail` = \''.$page_trail.'\' '
+ .'WHERE `page_id` = '.$page_id;
+
if($database->query($sql)) {
- $admin->print_success($MESSAGE['PAGES_SAVED_SETTINGS'], $target_url );
+ $admin->print_success($mLang->MESSAGE_PAGES_SAVED_SETTINGS, $target_url );
} else {
$admin->print_error($database->get_error(), $target_url );
}
@@ -339,68 +360,81 @@
$bCanCreateAcessFiles = make_dir(WB_PATH.PAGES_DIRECTORY);
$bCanCreateAcessFiles = (($bCanCreateAcessFiles==true) ? file_exists(WB_PATH) && is_writable(WB_PATH.PAGES_DIRECTORY) : false );
+
if( !$bCanCreateAcessFiles )
{
- $admin->print_error($MESSAGE['PAGES_CANNOT_CREATE_ACCESS_FILE'], $target_url);
+ $admin->print_error($mLang->MESSAGE_PAGES_CANNOT_CREATE_ACCESS_FILE, $target_url);
} else {
// Create a new file in the /pages dir if title changed
-
$old_filename = WB_PATH.PAGES_DIRECTORY.$old_link.PAGE_EXTENSION;
+ $sub_pages = get_subs($page_id, array());
+// $sub_pages = get_subs($sub_pages['0'], array());
- // First check if we need to create a new file
- if(($old_link != $link) || (!file_exists($old_filename)))
- {
- // Delete old file
+// First check if we need or force to create a new file
+ if( ($old_link != $link) || (!file_exists($filename)) || ( $bAccessFileOverwrite==true ) ) {
+// Delete old file
$old_filename = WB_PATH.PAGES_DIRECTORY.$old_link.PAGE_EXTENSION;
if(file_exists($old_filename))
{
unlink($old_filename);
}
-
- // Create access file
+// Create access file
create_access_file($filename,$page_id,$level);
if(!file_exists($filename)) {
- $admin->print_error($MESSAGE['PAGES_CANNOT_CREATE_ACCESS_FILE']);
+ $admin->print_error($mLang->MESSAGE_PAGES_CANNOT_CREATE_ACCESS_FILE);
}
- // Move a directory for this page
- if(is_readable(WB_PATH.PAGES_DIRECTORY.$old_link.'/') && is_dir(WB_PATH.PAGES_DIRECTORY.$old_link.'/'))
+// Move a directory for this page
+ if(is_writeable(WB_PATH.PAGES_DIRECTORY.$old_link.'/') && !is_dir(WB_PATH.PAGES_DIRECTORY.$link.'/'))
{
rename(WB_PATH.PAGES_DIRECTORY.$old_link.'/', WB_PATH.PAGES_DIRECTORY.$link.'/');
}
- // Update any pages that had the old link with the new one
+// Update any pages that had the old link with the new one
$old_link_len = strlen($old_link);
- $sql = '';
- $query_subs = $database->query("SELECT page_id,link,level FROM ".TABLE_PREFIX."pages WHERE link LIKE '%$old_link/%' ORDER BY LEVEL ASC");
-
- if($query_subs->numRows() > 0)
- {
- while($sub = $query_subs->fetchRow())
+// $query_subs = $database->query("SELECT page_id,link,level FROM ".TABLE_PREFIX."pages WHERE link LIKE '%$old_link/%' ORDER BY LEVEL ASC");
+ $sql = 'SELECT `page_id`,`link`,`level` FROM `'.TABLE_PREFIX.'pages` '
+ .'WHERE `link` LIKE \'%'.$old_link.'/%\' '
+ .'ORDER BY `level` ASC ';
+ if ($oResSubs = $database->query($sql) ) {
+ if($oResSubs->numRows() > 0)
{
- // Double-check to see if it contains old link
- if(substr($sub['link'], 0, $old_link_len) == $old_link) {
- // Get new link
- $replace_this = $old_link;
- $old_sub_link_len =strlen($sub['link']);
- $new_sub_link = $link.'/'.substr($sub['link'],$old_link_len+1,$old_sub_link_len);
- // Work out level
- $new_sub_level = level_count($sub['page_id']);
- // Update level and link
- $database->query("UPDATE ".TABLE_PREFIX."pages SET link = '$new_sub_link', level = '$new_sub_level' WHERE page_id = '".$sub['page_id']."' LIMIT 1");
- // Re-write the access file for this page
- $old_subpage_file = WB_PATH.PAGES_DIRECTORY.$new_sub_link.PAGE_EXTENSION;
- if(file_exists($old_subpage_file)) {
- unlink($old_subpage_file);
+ while($sub = $oResSubs->fetchRow(MYSQL_ASSOC))
+ {
+ // Double-check to see if it contains old link
+ if(substr($sub['link'], 0, $old_link_len) == $old_link) {
+ // Get new link
+ $replace_this = $old_link;
+ $old_sub_link_len =strlen($sub['link']);
+ $new_sub_link = $link.'/'.substr($sub['link'],$old_link_len+1,$old_sub_link_len);
+ // Work out level
+ $new_sub_level = level_count($sub['page_id']);
+ // Update level and link
+// $database->query("UPDATE ".TABLE_PREFIX."pages SET link = '$new_sub_link', level = '$new_sub_level' WHERE page_id = '".$sub['page_id']."' LIMIT 1");
+ $sql = 'UPDATE `'.TABLE_PREFIX.'pages` SET '
+ .'`link` = \''.$new_sub_link.'\', '
+ .'`level` = '.(int)$new_sub_level.' '
+ .'WHERE `page_id` = '.$sub['page_id'];
+ if( $database->query($sql) ) {
+ // Re-write the access file for this page
+ $old_subpage_file = WB_PATH.PAGES_DIRECTORY.$new_sub_link.PAGE_EXTENSION;
+ if(file_exists($old_subpage_file)) {
+ unlink($old_subpage_file);
+ }
+ $sAccessFile = WB_PATH.PAGES_DIRECTORY.$new_sub_link.PAGE_EXTENSION;
+ create_access_file($sAccessFile, $sub['page_id'], $new_sub_level);
+ if(!file_exists($sAccessFile)) {
+ $admin->print_error($mLang->MESSAGE_PAGES_CANNOT_CREATE_ACCESS_FILE);
+ } else {
+ }
+ }
}
- $sAccessFile = WB_PATH.PAGES_DIRECTORY.$new_sub_link.PAGE_EXTENSION;
- create_access_file($sAccessFile, $sub['page_id'], $new_sub_level);
- if(!file_exists($sAccessFile)) {
- $admin->print_error($MESSAGE['PAGES_CANNOT_CREATE_ACCESS_FILE']);
- }
-
}
}
}
}
}
+$dir = (WB_PATH.PAGES_DIRECTORY);
+//$aDebugMessage = rebuildFolderProtectFile($dir);
+//print '
function '.__FUNCTION__.'( '.''.' ); basename: '.basename(__FILE__).' line: '.__LINE__.' ->
';
+//print_r( $aDebugMessage ); print '
';
$admin->print_footer();
Index: branches/2.8.x/wb/admin/pages/languages/EN.php
===================================================================
--- branches/2.8.x/wb/admin/pages/languages/EN.php (revision 1913)
+++ branches/2.8.x/wb/admin/pages/languages/EN.php (revision 1914)
@@ -61,6 +61,8 @@
$MESSAGE['PAGES_LAST_MODIFIED'] = 'Last modification by';
$MESSAGE['PAGES_BLANK_SEO_TITLE'] = 'Please enter a Filename';
+$MESSAGE['PAGES_CANNOT_CREATE_PROTECTED_FILE'] = 'Protected File, Page cannot be add!';
+$MESSAGE['PAGES_CANNOT_MODIFY_PROTECTED_FILE'] = 'Geschützter Name, Page cannot be modified!';
$HELP['PAGE_IMAGE_DIR'] = '
The topical side picture path is
{{icon_dir}}.
';
@@ -70,7 +72,7 @@
$HELP['PAGE_CODE'] = '
If you see this field, you have registered the module for the multilingual facility.
';
$HELP['PAGE_CODE'] .= '
The first step is to be provided a side tree like in the help described
';
-$HELP['PAGE_CODE'] .= '
Multilingual Websites
';
+$HELP['PAGE_CODE'] .= '
Multilingual Websites
';
$HELP['PAGE_CODE'] .= '
The side linguistic tree is provided from the provided sides of the standard language (Options).
';
$HELP['PAGE_CODE'] .= '
They can update any time the side linguistic tree by click on the title! The assigned sides remain unchanged.
';
$HELP['PAGE_CODE'] .= '
If you have put a side into another language, confirm from this list the matching entry of the standard language
';
Index: branches/2.8.x/wb/admin/pages/languages/DE.php
===================================================================
--- branches/2.8.x/wb/admin/pages/languages/DE.php (revision 1913)
+++ branches/2.8.x/wb/admin/pages/languages/DE.php (revision 1914)
@@ -60,6 +60,10 @@
$TEXT['MENU_ICON_1_DIR'] = 'Verzeichnis Menübild hover';
$MESSAGE['PAGES_LAST_MODIFIED'] = 'Letze Änderung durch';
$MESSAGE['PAGES_BLANK_SEO_TITLE'] = 'Bitte geben Sie einen Dateinamen ein';
+$MESSAGE['PAGES_ADDED'] = 'Seite wurde erfolgreich hinzugefügt';
+$MESSAGE['PAGES_SAVED_SETTINGS'] = 'Seite wurde erfolgreich geändert!';
+$MESSAGE['PAGES_CANNOT_CREATE_PROTECTED_FILE'] = 'Geschützter Name, Seite kann nicht hinzugefügt werden!';
+$MESSAGE['PAGES_CANNOT_MODIFY_PROTECTED_FILE'] = 'Geschützter Name, Seite kann nicht geändert werden!';
$HELP['PAGE_IMAGE_DIR'] = '
Der aktuelle Seitenbildpfad ist
{{icon_dir}}.
';
$HELP['PAGE_IMAGE_DIR'] .='
Als Systemadministrator können Sie das Verzeichnis für Seiten-/Menuebilder unter Optionen Erweiterte Optionen in Servereinstellung ändern.
';
@@ -68,7 +72,7 @@
$HELP['PAGE_CODE'] = '
Wenn Sie dieses Feld sehen, haben Sie das Modul für die Mehrsprachigkeit registriert.
';
$HELP['PAGE_CODE'] .= '
Der erste Schritt ist einen Seitenbaum, wie in der WebsiteBaker Hilfe beschrieben, zu erstellen
';
-$HELP['PAGE_CODE'] .= '
Link: Mehrsprachige Webseiten
';
+$HELP['PAGE_CODE'] .= '
Link: Mehrsprachige Webseiten
';
$HELP['PAGE_CODE'] .= '
Der Seitensprachbaum wird aus den erstellten Seiten der Standardsprache (Standardeinstellungen in Optionen) erstellt.
';
$HELP['PAGE_CODE'] .= '
Sie können jederzeit den Standard Seitensprachbaum durch Klick auf den Titeltext aktualisieren! Die zugewiesenen Seiten bleiben unverändert.
';
$HELP['PAGE_CODE'] .= '
Wenn sie eine Seite in einer anderen Sprache angelegt haben, bestätigen Sie aus dieser Liste den dazugehörigen Eintrag der Standardsprache.
';
Index: branches/2.8.x/wb/admin/pages/modify.php
===================================================================
--- branches/2.8.x/wb/admin/pages/modify.php (revision 1913)
+++ branches/2.8.x/wb/admin/pages/modify.php (revision 1914)
@@ -4,13 +4,13 @@
* @category admin
* @package pages
* @author Ryan Djurovich, WebsiteBaker Project
- * @copyright 2009-2012, WebsiteBaker Org. e.V.
- * @link http://www.websitebaker2.org/
+ * @copyright 2009-2013, WebsiteBaker Org. e.V.
+ * @link http://www.websitebaker.org/
* @license http://www.gnu.org/licenses/gpl.html
- * @platform WebsiteBaker 2.8.x
+ * @platform WebsiteBaker 2.8.4
* @requirements PHP 5.2.2 and higher and higher
* @version $Id$
- * @filesource $HeadURL$
+ * @filesource $HeadURL$
* @lastmodified $Date$
*
*/
@@ -205,7 +205,7 @@
$query_sections = $database->query($sql);
if($query_sections->numRows() > 0)
{
- while($section = $query_sections->fetchRow())
+ while($section = $query_sections->fetchRow(MYSQL_ASSOC))
{
$section_id = $section['section_id'];
$module = $section['module'];
@@ -225,8 +225,8 @@
$block_name = '#' . (int) $section['block'];
}
}
- $sec_anchor = (defined( 'SEC_ANCHOR' ) && ( SEC_ANCHOR != '' ) ? 'id="'.SEC_ANCHOR.$section['section_id'].'"' : 'section_'.$section_id);
- print '
' . $TEXT['BLOCK'] . ': ' . $block_name;
+ $sSectionIdPrefix = (defined( 'SEC_ANCHOR' ) && ( SEC_ANCHOR != '' ) ? SEC_ANCHOR : 'Sec');
+ print '
' . $TEXT['BLOCK'] . ': ' . $block_name;
print ' Modul: ' . $section['module']." ";
print ' ID: ' . $section_id."
\n";
// }
Index: branches/2.8.x/wb/admin/pages/sections.php
===================================================================
--- branches/2.8.x/wb/admin/pages/sections.php (revision 1913)
+++ branches/2.8.x/wb/admin/pages/sections.php (revision 1914)
@@ -4,8 +4,8 @@
* @category admin
* @package pages
* @author Ryan Djurovich, WebsiteBaker Project
- * @copyright 2009-2012, WebsiteBaker Org. e.V.
- * @link http://www.websitebaker2.org/
+ * @copyright 2009-2013, WebsiteBaker Org. e.V.
+ * @link http://www.websitebaker.org/
* @license http://www.gnu.org/licenses/gpl.html
* @platform WebsiteBaker 2.8.x
* @requirements PHP 5.2.2 and higher
@@ -40,6 +40,8 @@
// Include the WB functions file
if(!function_exists('directory_list')) { require(WB_PATH.'/framework/functions.php'); }
+$mLang = Translate::getinstance();
+$mLang->enableAddon('admin\pages');
$action = 'show';
// Get page id
@@ -89,8 +91,8 @@
require_once(WB_PATH.'/framework/class.order.php');
$order = new order(TABLE_PREFIX.'sections', 'position', 'section_id', 'page_id');
$order->clean($page_id);
- $format = $TEXT['SECTION'].' %d %s %s '.strtolower( $TEXT['DELETED']);
- $message = sprintf ($format,$section_id,strtoupper($modulname),strtolower($TEXT['SUCCESS']));
+ $format = $mLang->TEXT_SECTION.' %d %s %s '.strtolower( $mLang->TEXT_DELETED);
+ $message = sprintf ($format,$section_id,strtoupper($modulname),strtolower($mLang->TEXT_SUCCESS));
if($admin_header) { $admin->print_header(); }
$admin_header = false;
unset($_POST);
@@ -98,7 +100,7 @@
}
} else {
if($admin_header) { $admin->print_header(); }
- $admin->print_error($module.' '.strtolower($TEXT['NOT_FOUND']),$backlink);
+ $admin->print_error($module.' '.strtolower($mLang->TEXT_NOT_FOUND),$backlink);
}
break;
@@ -221,12 +223,12 @@
}
foreach($block as $iIndex=>$sBlockTitle) {
if(trim($sBlockTitle) == '' ) {
- $block[$iIndex] = $TEXT['BLOCK'].'_'.$iIndex;
+ $block[$iIndex] = $mLang->TEXT_BLOCK.'_'.$iIndex;
}
}
}else {
// Make our own menu list
- $block = array(1, $TEXT['MAIN']);
+ $block = array(1, $mLang->TEXT_MAIN);
}
/*-- load css files with jquery --*/
// include jscalendar-setup
@@ -250,22 +252,22 @@
'PAGE_ID' => $results_array['page_id'],
// 'PAGE_IDKEY' => $admin->getIDKEY($results_array['page_id']),
'PAGE_IDKEY' => $results_array['page_id'],
- 'TEXT_PAGE' => $TEXT['PAGE'],
+ 'TEXT_PAGE' => $mLang->TEXT_PAGE,
'PAGE_TITLE' => ($results_array['page_title']),
'MENU_TITLE' => ($results_array['menu_title']),
- 'TEXT_CURRENT_PAGE' => $TEXT['CURRENT_PAGE'],
- 'TEXT_LAST_MODIFIED' => $TEXT['LAST_UPDATED_BY'],
+ 'TEXT_CURRENT_PAGE' => $mLang->TEXT_CURRENT_PAGE,
+ 'TEXT_LAST_MODIFIED' => $mLang->TEXT_LAST_UPDATED_BY,
'HEADING_MANAGE_SECTIONS' => $HEADING['MANAGE_SECTIONS'],
'HEADING_MODIFY_PAGE' => $HEADING['MODIFY_PAGE'],
- 'TEXT_CHANGE_SETTINGS' => $TEXT['CHANGE_SETTINGS'],
- 'TEXT_ADD_SECTION' => $TEXT['ADD_SECTION'],
- 'TEXT_SECTION' => $TEXT['SECTION'],
+ 'TEXT_CHANGE_SETTINGS' => $mLang->TEXT_CHANGE_SETTINGS,
+ 'TEXT_ADD_SECTION' => $mLang->TEXT_ADD_SECTION,
+ 'TEXT_SECTION' => $mLang->TEXT_SECTION,
'TEXT_ID' => 'ID',
- 'TEXT_TYPE' => $TEXT['TYPE'],
- 'TEXT_BLOCK' => $TEXT['BLOCK'],
+ 'TEXT_TYPE' => $mLang->TEXT_TYPE,
+ 'TEXT_BLOCK' => $mLang->TEXT_BLOCK,
'TEXT_PUBL_START_DATE' => $TEXT{'PUBL_START_DATE'},
- 'TEXT_PUBL_END_DATE' => $TEXT['PUBL_END_DATE'],
- 'TEXT_ACTIONS' => $TEXT['ACTIONS'],
+ 'TEXT_PUBL_END_DATE' => $mLang->TEXT_PUBL_END_DATE,
+ 'TEXT_ACTIONS' => $mLang->TEXT_ACTIONS,
'MODIFIED_BY' => $user['display_name'],
'MODIFIED_BY_USERNAME' => $user['username'],
'MODIFIED_WHEN' => $modified_ts,
@@ -330,7 +332,7 @@
if($query_sections->numRows() > 0)
{
$num_sections = $query_sections->numRows();
- while($section = $query_sections->fetchRow())
+ while($section = $query_sections->fetchRow(MYSQL_ASSOC))
{
if(!is_numeric(array_search($section['module'], $module_permissions)))
{
@@ -344,9 +346,9 @@
{
$edit_page = '';
}
- $sec_anchor = (defined( 'SEC_ANCHOR' ) && ( SEC_ANCHOR != '' ) ? SEC_ANCHOR : 'section_');
+ $sSectionIdPrefix = ( defined( 'SEC_ANCHOR' ) && ( SEC_ANCHOR != '' ) ? SEC_ANCHOR : 'Sec');
$edit_page_0 = '
' : '">';
+ $edit_page_1 = ($sSectionIdPrefix!='') ? '#'.$sSectionIdPrefix.$section['section_id'].'">' : '">';
$edit_page_1 .= $section['module'].'';
if(SECTION_BLOCKS)
{
@@ -421,7 +423,7 @@
{
$tpl->set_var('VALUE_PUBL_START', '');
} else {
- $tpl->set_var('VALUE_PUBL_START', date($jscal_format, $section['publ_start']));
+ $tpl->set_var('VALUE_PUBL_START', date($jscal_format, $section['publ_start']+TIMEZONE));
}
// set calendar start values
if($section['publ_end']==0)
@@ -428,7 +430,7 @@
{
$tpl->set_var('VALUE_PUBL_END', '');
} else {
- $tpl->set_var('VALUE_PUBL_END', date($jscal_format, $section['publ_end']));
+ $tpl->set_var('VALUE_PUBL_END', date($jscal_format, $section['publ_end']+TIMEZONE));
}
// Insert icons up and down
if($section['position'] != 1 )
@@ -545,10 +547,10 @@
$sql = 'SELECT `section_id` FROM `'.TABLE_PREFIX.'sections` ';
$sql .= 'WHERE `page_id` = '.$page_id.' AND `module` = "menu_link"';
$query_sections = $database->query($sql);
- $tpl->set_var('TEXT_PLEASE_SELECT', $TEXT['NONE']);
+ $tpl->set_var('TEXT_PLEASE_SELECT', $mLang->TEXT_NONE);
if($query_sections->numRows() == 0)
{
- $tpl->set_var('TEXT_PLEASE_SELECT', $TEXT['PLEASE_SELECT']);
+ $tpl->set_var('TEXT_PLEASE_SELECT', $mLang->TEXT_PLEASE_SELECT);
// Modules list
$sql = 'SELECT `name`,`directory`,`type` FROM `'.TABLE_PREFIX.'addons` ';
$sql .= 'WHERE `type` = "module" AND `function` = "page" AND `directory` != "menu_link" ';
@@ -581,16 +583,16 @@
// Insert language text and messages
$tpl->set_var(array(
'TEXT_MANAGE_SECTIONS' => $HEADING['MANAGE_SECTIONS'],
- 'TEXT_ARE_YOU_SURE' => $TEXT['ARE_YOU_SURE'],
- 'TEXT_TYPE' => $TEXT['TYPE'],
- 'TEXT_ADD' => $TEXT['ADD'],
- 'TEXT_SAVE' => $TEXT['SAVE'],
+ 'TEXT_ARE_YOU_SURE' => $mLang->TEXT_ARE_YOU_SURE,
+ 'TEXT_TYPE' => $mLang->TEXT_TYPE,
+ 'TEXT_ADD' => $mLang->TEXT_ADD,
+ 'TEXT_SAVE' => $mLang->TEXT_SAVE,
'TEXTLINK_MODIFY_PAGE' => $HEADING['MODIFY_PAGE'],
- 'TEXT_CALENDAR' => $TEXT['CALENDAR'],
- 'TEXT_DELETE_DATE' => $TEXT['DELETE_DATE'],
- 'TEXT_ADD_SECTION' => $TEXT['ADD_SECTION'],
- 'TEXT_MOVE_UP' => $TEXT['MOVE_UP'],
- 'TEXT_MOVE_DOWN' => $TEXT['MOVE_DOWN']
+ 'TEXT_CALENDAR' => $mLang->TEXT_CALENDAR,
+ 'TEXT_DELETE_DATE' => $mLang->TEXT_DELETE_DATE,
+ 'TEXT_ADD_SECTION' => $mLang->TEXT_ADD_SECTION,
+ 'TEXT_MOVE_UP' => $mLang->TEXT_MOVE_UP,
+ 'TEXT_MOVE_DOWN' => $mLang->TEXT_MOVE_DOWN
)
);
$tpl->parse('main', 'main_block', false);
Index: branches/2.8.x/wb/admin/pages/add.php
===================================================================
--- branches/2.8.x/wb/admin/pages/add.php (revision 1913)
+++ branches/2.8.x/wb/admin/pages/add.php (revision 1914)
@@ -4,21 +4,17 @@
* @category admin
* @package pages
* @author Ryan Djurovich, WebsiteBaker Project
- * @copyright 2009-2012, WebsiteBaker Org. e.V.
- * @link http://www.websitebaker2.org/
+ * @copyright 2009-2013, WebsiteBaker Org. e.V.
+ * @link http://www.websitebaker.org/
* @license http://www.gnu.org/licenses/gpl.html
* @platform WebsiteBaker 2.8.x
* @requirements PHP 5.2.2 and higher
* @version $Id$
- * @filesource $HeadURL$
+ * @filesource $HeadURL$
* @lastmodified $Date$
*
*/
-// Create new admin object and print admin header
-//require('../../config.php');
-//require_once(WB_PATH.'/framework/class.admin.php');
-// Create new admin object and print admin header
if(!defined('WB_URL'))
{
$config_file = realpath('../../config.php');
@@ -27,13 +23,17 @@
require($config_file);
}
}
+// Create new admin object and print admin header
if(!class_exists('admin', false)){ include(WB_PATH.'/framework/class.admin.php'); }
+$mLang = Translate::getinstance();
+$mLang->enableAddon('admin\pages');
+
// suppress to print the header, so no new FTAN will be set
$admin = new admin('Pages', 'pages_add', false);
if (!$admin->checkFTAN())
{
$admin->print_header();
- $admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS']);
+ $admin->print_error($mLang->MESSAGE_GENERIC_SECURITY_ACCESS);
}
// Include the WB functions file
@@ -40,9 +40,8 @@
require_once(WB_PATH.'/framework/functions.php');
// Get values
-//$title = $admin->get_post_escaped('title');
-//$title = htmlspecialchars($title);
-$title = str_replace(array("[[", "]]"), '', htmlspecialchars($admin->get_post_escaped('title')));
+//$title = str_replace(array("[[", "]]"), '', htmlspecialchars($admin->get_post_escaped('title')));
+$title = ($admin->StripCodeFromText($admin->get_post('title')));
$module = preg_replace('/[^a-z0-9_-]/i', "", $admin->get_post('type')); // fix secunia 2010-93-4
$parent = intval($admin->get_post('parent')); // fix secunia 2010-91-2
$visibility = $admin->get_post('visibility');
@@ -63,24 +62,24 @@
if ($parent!=0) {
if (!$admin->get_page_permission($parent,'admin'))
{
- $admin->print_error($MESSAGE['PAGES_INSUFFICIENT_PERMISSIONS']);
+ $admin->print_error($mLang->MESSAGE_PAGES_INSUFFICIENT_PERMISSIONS);
}
} elseif (!$admin->get_permission('pages_add_l0','system'))
{
- $admin->print_error($MESSAGE['PAGES_INSUFFICIENT_PERMISSIONS']);
+ $admin->print_error($mLang->MESSAGE_PAGES_INSUFFICIENT_PERMISSIONS);
}
// check module permissions:
if (!$admin->get_permission($module, 'module'))
{
- $admin->print_error($MESSAGE['PAGES_INSUFFICIENT_PERMISSIONS']);
+ $admin->print_error($mLang->MESSAGE_PAGES_INSUFFICIENT_PERMISSIONS);
}
// Validate data
if($title == '' || substr($title,0,1)=='.')
{
- $admin->print_error($title.'::'.$MESSAGE['PAGES_BLANK_PAGE_TITLE']);
+ $admin->print_error($title.'::'.$mLang->MESSAGE_PAGES_BLANK_PAGE_TITLE);
}
// Check to see if page created has needed permissions
@@ -96,7 +95,7 @@
}
if ($admin_perm_ok == false)
{
- $admin->print_error($MESSAGE['PAGES_INSUFFICIENT_PERMISSIONS']);
+ $admin->print_error($mLang->MESSAGE_PAGES_INSUFFICIENT_PERMISSIONS);
}
$admin_perm_ok = false;
foreach ($viewing_groups as $view_group)
@@ -108,7 +107,7 @@
}
if ($admin_perm_ok == false)
{
- $admin->print_error($MESSAGE['PAGES_INSUFFICIENT_PERMISSIONS']);
+ $admin->print_error($mLang->MESSAGE_PAGES_INSUFFICIENT_PERMISSIONS);
}
}
@@ -115,19 +114,32 @@
$admin_groups = implode(',', $admin_groups);
$viewing_groups = implode(',', $viewing_groups);
+// preparing root_check to protect system directories and important files from being overwritten if PAGES_DIR = '/'
+$denied = false;
+$forbidden = array();
+$aTempIniList = array();
+$aTempIniList = parse_ini_file(dirname(__FILE__).'/default.ini',true);
+$bAccessFileOverwrite = $aTempIniList['PagesEnvironment']['AccessFileOverwrite'];
+$aTempIniList['ProtectedNames']['List'][] = (defined('ADMIN_DIRECTORY') ? trim(ADMIN_DIRECTORY,'/') : 'admin');
+$aTempIniList['ProtectedNames']['List'][] = (defined('MEDIA_DIRECTORY') ? trim(MEDIA_DIRECTORY,'/') : 'media');
+$aTempIniList['ProtectedNames']['List'][] = (defined('PAGES_DIRECTORY') ? trim(PAGES_DIRECTORY,'/') : 'pages');
+$forbidden = $aTempIniList['ProtectedNames'];
+
+$link = '/'.page_filename($title);
// Work-out what the link and page filename should be
if($parent == '0')
{
- $link = '/'.page_filename($title);
// rename menu titles: index && intro to prevent clashes with intro page feature and WB core file /pages/index.php
- if($link == '/index' || $link == '/intro')
- {
- $sTmpFile = WB_PATH .PAGES_DIRECTORY .$link.PAGE_EXTENSION;
- $link .= (file_exists($sTmpFile)) ? '_0' : '';
- $filename = WB_PATH .PAGES_DIRECTORY .$link .PAGE_EXTENSION;
- } else {
- $filename = WB_PATH.PAGES_DIRECTORY.$link.PAGE_EXTENSION;
+ if( defined('PAGES_DIRECTORY') && trim(PAGES_DIRECTORY,'/')=='' ) {
+// Work-out what the link should be
+ $denied = in_array(trim($link,'/'), $forbidden['List']);
+ if( $denied )
+ {
+// $link .= '_'.$iNextPageId;
+ $admin->print_error($mLang->MESSAGE_PAGES_CANNOT_CREATE_PROTECTED_FILE);
+ }
}
+ $filename = WB_PATH.PAGES_DIRECTORY.$link.PAGE_EXTENSION;
} else {
$parent_section = '';
@@ -143,9 +155,17 @@
}
// Check if a page with same page filename exists
-$get_same_page = $database->query("SELECT page_id FROM ".TABLE_PREFIX."pages WHERE link = '$link'");
-if($get_same_page->numRows() > 0 OR file_exists(WB_PATH.PAGES_DIRECTORY.$link.PAGE_EXTENSION) OR file_exists(WB_PATH.PAGES_DIRECTORY.$link.'/'))
-{
+//$get_same_page = $database->query("SELECT page_id FROM ".TABLE_PREFIX."pages WHERE link = '$link'");
+//if($get_same_page->numRows() > 0 OR file_exists(WB_PATH.PAGES_DIRECTORY.$link.PAGE_EXTENSION) OR file_exists(WB_PATH.PAGES_DIRECTORY.$link.'/'))
+//{
+// $admin->print_error($MESSAGE['PAGES_PAGE_EXISTS']);
+//}
+$bLinkExists = file_exists(WB_PATH.PAGES_DIRECTORY.$link.PAGE_EXTENSION) || file_exists(WB_PATH.PAGES_DIRECTORY.$link);
+
+// UNLOCK TABLES
+$sql = 'SELECT COUNT(*) FROM `'.TABLE_PREFIX.'pages` '
+ . 'WHERE `link` = \''.$link.'\' ';
+if( (($iSamePages = intval($database->get_one($sql))) > 0) || $bLinkExists ){
$admin->print_error($MESSAGE['PAGES_PAGE_EXISTS']);
}
@@ -170,8 +190,8 @@
}
// Insert page into pages table
-$sql = 'INSERT INTO `'.TABLE_PREFIX.'pages` SET ';
-$sql .= '`parent` = '.$parent.', ';
+$sql = 'INSERT INTO `'.TABLE_PREFIX.'pages` ';
+$sql .= 'SET `parent` = '.$parent.', ';
$sql .= '`target` = "_top", ';
$sql .= '`page_title` = "'.$title.'", ';
$sql .= '`menu_title` = "'.$title.'", ';
@@ -187,16 +207,16 @@
$sql .= '`admin_groups` = "'.$admin_groups.'", ';
$sql .= '`viewing_groups` = "'.$viewing_groups.'"';
-$database->query($sql);
-
-if($database->is_error())
-{
- $admin->print_error($database->get_error());
+if(!$database->query($sql)) {
+ if($database->is_error())
+ {
+ $admin->print_error($database->get_error());
+ }
}
// Get the page id
-$page_id = $database->get_one("SELECT LAST_INSERT_ID()");
-
+//$page_id = $database->get_one("SELECT LAST_INSERT_ID()");
+$page_id = $database->LastInsertId;
// Work out level
$level = level_count($page_id);
// Work out root parent
@@ -204,22 +224,19 @@
// Work out page trail
$page_trail = get_page_trail($page_id);
+/*
+$database->query("UPDATE ".TABLE_PREFIX."pages SET link = '$link', level = '$level', root_parent = '$root_parent', page_trail = '$page_trail' WHERE page_id = '$page_id'");
+*/
// Update page with new level and link
$sql = 'UPDATE `'.TABLE_PREFIX.'pages` SET ';
$sql .= '`root_parent` = '.$root_parent.', ';
$sql .= '`level` = '.$level.', ';
-$sql .= '`link` = "'.$link.'", ';
-$sql .= '`page_trail` = "'.$page_trail.'"';
-$sql .= ((defined('PAGE_LANGUAGES') && PAGE_LANGUAGES)
- && $field_set
- && ($language == DEFAULT_LANGUAGE)
- && class_exists('m_MultiLingual_Lib')
- ? ', `page_code` = '.(int)$page_id.' ' : ' ');
+$sql .= '`link` = \''.$link.'\', ';
+$sql .= '`page_trail` = \''.$page_trail.'\'';
+$sql .= ((defined('PAGE_LANGUAGES') && PAGE_LANGUAGES) && $field_set && ($language == DEFAULT_LANGUAGE)
+ && class_exists('m_MultiLingual_Lib') ? ', `page_code` = '.(int)$page_id.' ' : ' ');
$sql .= 'WHERE `page_id` = '.$page_id;
$database->query($sql);
-/*
-$database->query("UPDATE ".TABLE_PREFIX."pages SET link = '$link', level = '$level', root_parent = '$root_parent', page_trail = '$page_trail' WHERE page_id = '$page_id'");
-*/
if($database->is_error())
{
$admin->print_error($database->get_error());
@@ -230,8 +247,8 @@
// Add new record into the sections table
// Insert module into DB
-$sql = 'INSERT INTO `'.TABLE_PREFIX.'sections` SET ';
-$sql .= '`page_id` = '.(int)$page_id.', ';
+$sql = 'INSERT INTO `'.TABLE_PREFIX.'sections` ';
+$sql .= 'SET `page_id` = '.(int)$page_id.', ';
$sql .= '`module` = \''.$module.'\', ';
$sql .= '`position` = '.(int)$position.', ';
$sql .= '`block` = \'1\', ';
@@ -251,7 +268,7 @@
create_access_file($filename, $page_id, $level);
if(!file_exists($filename)) {
- $admin->print_error($MESSAGE['PAGES_CANNOT_CREATE_ACCESS_FILE']);
+ $admin->print_error($mLang->MESSAGE_PAGES_CANNOT_CREATE_ACCESS_FILE);
}
// Check if there is a db error, otherwise say successful
@@ -258,8 +275,9 @@
if($database->is_error()) {
$admin->print_error($database->get_error().' (sections)');
} else {
- $admin->print_success($MESSAGE['PAGES_ADDED'], ADMIN_URL.'/pages/modify.php?page_id='.$page_id);
+ $admin->print_success($mLang->MESSAGE_PAGES_ADDED, ADMIN_URL.'/pages/modify.php?page_id='.$page_id);
}
+$mLang->disableAddon();
// Print admin footer
$admin->print_footer();
Index: branches/2.8.x/wb/admin/interface/version.php
===================================================================
--- branches/2.8.x/wb/admin/interface/version.php (revision 1913)
+++ branches/2.8.x/wb/admin/interface/version.php (revision 1914)
@@ -51,5 +51,5 @@
// check if defined to avoid errors during installation (redirect to admin panel fails if PHP error/warnings are enabled)
if(!defined('VERSION')) define('VERSION', '2.8.3');
-if(!defined('REVISION')) define('REVISION', '1913');
+if(!defined('REVISION')) define('REVISION', '1914');
if(!defined('SP')) define('SP', '');