29 |
29 |
//$lang_dir = dirname(__FILE__).'/languages/';
|
30 |
30 |
//$lang = file_exists($lang_dir.LANGUAGE.'.php') ? LANGUAGE : 'EN';
|
31 |
31 |
//require_once($lang_dir.$lang.'.php');
|
32 |
|
//if( !isset($mLang->TEXT_PAGE_LANG_LOADED) ) { require($lang_dir.$lang.'.php'); }
|
|
32 |
//if( !isset($oLang->TEXT_PAGE_LANG_LOADED) ) { require($lang_dir.$lang.'.php'); }
|
33 |
33 |
|
34 |
34 |
// suppress to print the header, so no new FTAN will be set
|
35 |
35 |
$admin = new admin('Pages', 'pages_settings',false);
|
36 |
36 |
$pagetree_url = ADMIN_URL.'/pages/index.php';
|
|
37 |
$oDb = WbDatabase::getInstance();
|
|
38 |
$oReg = WbAdaptor::getInstance();
|
|
39 |
$oLang = Translate::getinstance();
|
|
40 |
$oLang->enableAddon('admin\pages');
|
37 |
41 |
|
38 |
|
$mLang = Translate::getinstance();
|
39 |
|
$mLang->enableAddon('admin\pages');
|
40 |
|
|
41 |
42 |
// Get page id
|
42 |
43 |
if(!isset($_POST['page_id']) || (isset($_POST['page_id']) && preg_match('/[^0-9a-z]/i',$_POST['page_id'])) )
|
43 |
44 |
{
|
44 |
45 |
header("Location: index.php");
|
45 |
46 |
exit(0);
|
46 |
47 |
} else {
|
47 |
|
// $page_id = $admin->checkIDKEY('page_id');
|
48 |
|
// $page_id = (int)$_POST['page_id']; || preg_match('/[^0-9a-f]/i',$_POST['page_id'])
|
49 |
48 |
if((!($page_id = $admin->checkIDKEY('page_id')))) {
|
50 |
49 |
$admin->print_header();
|
51 |
|
$admin->print_error($mLang->MESSAGE_GENERIC_SECURITY_ACCESS, $pagetree_url);
|
|
50 |
$admin->print_error($oLang->MESSAGE_GENERIC_SECURITY_ACCESS, $pagetree_url);
|
52 |
51 |
}
|
53 |
52 |
}
|
54 |
|
|
55 |
|
/*
|
56 |
|
if( (!($page_id = $admin->checkIDKEY('page_id', 0, $_SERVER['REQUEST_METHOD']))) )
|
57 |
|
{
|
58 |
|
$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS']);
|
59 |
|
}
|
60 |
|
*/
|
61 |
53 |
$target_url = ADMIN_URL.'/pages/settings.php?page_id='.$page_id;
|
62 |
54 |
|
63 |
55 |
if (!$admin->checkFTAN())
|
64 |
56 |
{
|
65 |
57 |
$admin->print_header();
|
66 |
|
$admin->print_error($mLang->MESSAGE_GENERIC_SECURITY_ACCESS,$target_url);
|
|
58 |
$admin->print_error($oLang->MESSAGE_GENERIC_SECURITY_ACCESS,$target_url);
|
67 |
59 |
}
|
68 |
60 |
|
69 |
61 |
// After check print the header
|
... | ... | |
72 |
64 |
if(isset($_POST['extendet_submit'])) {
|
73 |
65 |
// $val = (((($page_exented=='1') ? $page_exented : 0)) + 1) % 2;
|
74 |
66 |
$val = (defined('PAGE_EXTENDET') ? filter_var(PAGE_EXTENDET, FILTER_VALIDATE_BOOLEAN, FILTER_NULL_ON_FAILURE) : false);
|
75 |
|
$sql = (defined('PAGE_EXTENDET') ? 'UPDATE `' : 'INSERT INTO `') . TABLE_PREFIX . 'settings` SET ';
|
|
67 |
$sql = (defined('PAGE_EXTENDET') ? 'UPDATE `' : 'INSERT INTO `') . $oDb->TablePrefix . 'settings` SET ';
|
76 |
68 |
$sql .= '`name`=\'page_extendet\', ';
|
77 |
69 |
$sql .= '`value`=\''.($val ? 'false' : 'true').'\' ';
|
78 |
70 |
$sql .= (defined('PAGE_EXTENDET') ? 'WHERE `name`=\'page_extendet\'' : '');
|
79 |
|
if($database->query($sql)) {
|
|
71 |
if($oDb->doQuery($sql)) {
|
80 |
72 |
// redirect to backend
|
81 |
73 |
echo "<p style=\"text-align:center;\"> If the script</strong> could not be start automatically.\n" .
|
82 |
74 |
"Please click <a style=\"font-weight:bold;\" " .
|
... | ... | |
91 |
83 |
</script>";
|
92 |
84 |
|
93 |
85 |
} else {
|
94 |
|
$admin->print_error($database->get_error(), $target_url );
|
|
86 |
$admin->print_error($oDb->get_error(), $target_url );
|
95 |
87 |
}
|
96 |
88 |
}
|
97 |
89 |
|
... | ... | |
135 |
127 |
// Validate data
|
136 |
128 |
if($page_title == '' || substr($page_title,0,1)=='.')
|
137 |
129 |
{
|
138 |
|
$admin->print_error($mLang->PAGES_BLANK_PAGE_TITLE,$target_url);
|
|
130 |
$admin->print_error($oLang->PAGES_BLANK_PAGE_TITLE,$target_url);
|
139 |
131 |
}
|
140 |
132 |
if($menu_title == '' || substr($menu_title,0,1)=='.')
|
141 |
133 |
{
|
142 |
|
$admin->print_error($mLang->MESSAGE_PAGES_BLANK_MENU_TITLE,$target_url);
|
|
134 |
$admin->print_error($oLang->MESSAGE_PAGES_BLANK_MENU_TITLE,$target_url);
|
143 |
135 |
}
|
144 |
136 |
if($seo_title == '' || substr($seo_title,0,1)=='.')
|
145 |
137 |
{
|
... | ... | |
147 |
139 |
}
|
148 |
140 |
|
149 |
141 |
// Get existing perms
|
150 |
|
$sql = 'SELECT `parent`,`link`,`position`,`admin_groups`,`admin_users`,`menu_title` ';
|
151 |
|
$sql .= 'FROM `'.TABLE_PREFIX.'pages` WHERE `page_id`='.$page_id;
|
152 |
|
$results = $database->query($sql);
|
|
142 |
$sql = 'SELECT `parent`,`link`,`position`,`admin_groups`,`admin_users`,`menu_title` '
|
|
143 |
. 'FROM `'.$oDb->TablePrefix.'pages` '
|
|
144 |
. 'WHERE `page_id`='.$page_id;
|
|
145 |
$results = $oDb->doQuery($sql);
|
153 |
146 |
|
154 |
147 |
$results_array = $results->fetchRow(MYSQL_ASSOC);
|
155 |
148 |
$old_parent = $results_array['parent'];
|
... | ... | |
160 |
153 |
if(!$admin->ami_group_member($results_array['admin_groups']) &&
|
161 |
154 |
!$admin->is_group_match($admin->get_user_id(), $results_array['admin_users']))
|
162 |
155 |
{
|
163 |
|
$admin->print_error($mLang->MESSAGE_PAGES_INSUFFICIENT_PERMISSIONS);
|
|
156 |
$admin->print_error($oLang->MESSAGE_PAGES_INSUFFICIENT_PERMISSIONS);
|
164 |
157 |
}
|
165 |
158 |
// Setup admin groups
|
166 |
159 |
$aAdminGroups = (is_array($aAdminGroups) ? $aAdminGroups : array(1));
|
... | ... | |
193 |
186 |
if($parent != $old_parent)
|
194 |
187 |
{
|
195 |
188 |
// Include ordering class
|
196 |
|
require(WB_PATH.'/framework/class.order.php');
|
|
189 |
// require(WB_PATH.'/framework/class.order.php');
|
197 |
190 |
$order = new order(TABLE_PREFIX.'pages', 'position', 'page_id', 'parent');
|
198 |
191 |
// Get new order
|
199 |
192 |
$position = $order->get_new($parent);
|
... | ... | |
233 |
226 |
if( $denied )
|
234 |
227 |
{
|
235 |
228 |
// $link .= '_' .$page_id;
|
236 |
|
$admin->print_error($mLang->MESSAGE_PAGES_CANNOT_MODIFY_PROTECTED_FILE);
|
|
229 |
$admin->print_error($oLang->MESSAGE_PAGES_CANNOT_MODIFY_PROTECTED_FILE);
|
237 |
230 |
}
|
238 |
231 |
}
|
239 |
232 |
$filename = WB_PATH.PAGES_DIRECTORY.$link.PAGE_EXTENSION;
|
... | ... | |
254 |
247 |
|
255 |
248 |
// $database = new database();
|
256 |
249 |
// Check if a page with same page filename exists
|
257 |
|
$sql = 'SELECT COUNT(*) FROM `'.TABLE_PREFIX.'pages` '
|
|
250 |
$sql = 'SELECT COUNT(*) FROM `'.$oDb->TablePrefix.'pages` '
|
258 |
251 |
. 'WHERE `link` = \''.$link.'\' '
|
259 |
252 |
. 'AND `page_id` != '.$page_id;
|
260 |
|
if( ($iSamePages = intval($database->get_one($sql))) > 0 ){
|
261 |
|
$admin->print_error($mLang->MESSAGE_PAGES_PAGE_EXISTS, $target_url);
|
|
253 |
if( ($iSamePages = intval($oDb->getOne($sql))) > 0 ){
|
|
254 |
$admin->print_error($oLang->MESSAGE_PAGES_PAGE_EXISTS, $target_url);
|
262 |
255 |
}
|
263 |
|
|
264 |
|
//if($get_same_page = $database->query($sql)){
|
265 |
|
// if($get_same_page->numRows() > 0)
|
266 |
|
// {
|
267 |
|
// $admin->print_error($mLang->MESSAGE_PAGES_PAGE_EXISTS, $target_url);
|
268 |
|
// }
|
269 |
|
//}
|
270 |
|
|
271 |
|
// Update page with new order
|
272 |
|
//$sql = 'UPDATE `'.TABLE_PREFIX.'pages` SET `parent`='.$parent.', `position`='.$position.' WHERE `page_id`='.$page_id.'';
|
273 |
|
//$database->query($sql);
|
274 |
|
|
275 |
256 |
// Get page trail
|
276 |
257 |
$page_trail = get_page_trail($page_id);
|
277 |
|
|
278 |
258 |
// Update page settings in the pages table
|
279 |
|
$sql = 'UPDATE `'.TABLE_PREFIX.'pages` '
|
|
259 |
$sql = 'UPDATE `'.$oDb->TablePrefix.'pages` '
|
280 |
260 |
. 'SET `parent`='.$parent.', '
|
281 |
|
. '`page_title`=\''.$database->escapeString($page_title).'\', '
|
282 |
|
. '`tooltip`=\''.$database->escapeString($page_title).'\', '
|
283 |
|
. '`page_icon` =\''.$database->escapeString($sPageIcon).'\', '
|
284 |
|
. '`menu_title`=\''.$database->escapeString($menu_title).'\', '
|
285 |
|
. '`menu_icon_0` =\''.$database->escapeString($sMenuIcon0).'\', '
|
286 |
|
. '`menu_icon_1` =\''.$database->escapeString($sMenuIcon1).'\', '
|
|
261 |
. '`page_title`=\''.$oDb->escapeString($page_title).'\', '
|
|
262 |
. '`tooltip`=\''.$oDb->escapeString($page_title).'\', '
|
|
263 |
. '`page_icon` =\''.$oDb->escapeString($sPageIcon).'\', '
|
|
264 |
. '`menu_title`=\''.$oDb->escapeString($menu_title).'\', '
|
|
265 |
. '`menu_icon_0` =\''.$oDb->escapeString($sMenuIcon0).'\', '
|
|
266 |
. '`menu_icon_1` =\''.$oDb->escapeString($sMenuIcon1).'\', '
|
287 |
267 |
. '`menu`='.$menu.', '
|
288 |
268 |
. '`level`='.$level.', '
|
289 |
269 |
. '`page_trail`=\''.$page_trail.'\', '
|
290 |
270 |
. '`root_parent`='.$root_parent.', '
|
291 |
|
. '`link`=\''.$database->escapeString($link).'\', '
|
|
271 |
. '`link`=\''.$oDb->escapeString($link).'\', '
|
292 |
272 |
. '`template`=\''.$template.'\', '
|
293 |
273 |
. '`target`=\''.$target.'\', '
|
294 |
|
. '`description`=\''.$database->escapeString($description).'\', '
|
295 |
|
. '`keywords`=\''.$database->escapeString($keywords).'\', '
|
|
274 |
. '`description`=\''.$oDb->escapeString($description).'\', '
|
|
275 |
. '`keywords`=\''.$oDb->escapeString($keywords).'\', '
|
296 |
276 |
. '`position`='.$position.', '
|
297 |
277 |
. '`visibility`=\''.$visibility.'\', '
|
298 |
278 |
. '`searching`='.$searching.', '
|
... | ... | |
308 |
288 |
. '`page_code`='.$page_code.' '
|
309 |
289 |
. 'WHERE `page_id`='.$page_id;
|
310 |
290 |
|
311 |
|
if(!$database->query($sql)) {
|
|
291 |
if(!$oDb->doQuery($sql)) {
|
312 |
292 |
$target_url = ADMIN_URL.'/pages/settings.php?page_id='.$page_id;
|
313 |
|
$admin->print_error($database->get_error(), $target_url );
|
|
293 |
$admin->print_error($oDb->get_error(), $target_url );
|
314 |
294 |
}
|
315 |
295 |
|
316 |
296 |
// Clean old order if needed
|
... | ... | |
321 |
301 |
|
322 |
302 |
// using standard function by core,
|
323 |
303 |
function fix_page_trail($page_id) {
|
324 |
|
global $database,$admin,$target_url,$pagetree_url,$mLang;
|
325 |
|
|
|
304 |
global $admin, $target_url, $pagetree_url;
|
|
305 |
$oLang = Translate::getInstance();
|
|
306 |
$oDb = WbDatabase::getInstance();
|
326 |
307 |
$target_url = (isset($_POST['back_submit'])) ? $pagetree_url : $target_url;
|
327 |
308 |
|
328 |
309 |
// Work out level
|
... | ... | |
333 |
314 |
$page_trail = get_page_trail($page_id);
|
334 |
315 |
|
335 |
316 |
// Update page with new level and link
|
336 |
|
$sql = 'UPDATE `'.TABLE_PREFIX.'pages` '
|
|
317 |
$sql = 'UPDATE `'.$oDb->TablePrefix.'pages` '
|
337 |
318 |
. 'SET `root_parent` = '.$root_parent.', '
|
338 |
319 |
. '`level` = '.$level.', '
|
339 |
320 |
. '`page_trail` = \''.$page_trail.'\' '
|
340 |
321 |
.'WHERE `page_id` = '.$page_id;
|
341 |
322 |
|
342 |
|
if($database->query($sql)) {
|
343 |
|
$admin->print_success($mLang->MESSAGE_PAGES_SAVED_SETTINGS, $target_url );
|
|
323 |
if($oDb->doQuery($sql)) {
|
|
324 |
$admin->print_success($oLang->MESSAGE_PAGES_SAVED_SETTINGS, $target_url );
|
344 |
325 |
} else {
|
345 |
|
$admin->print_error($database->get_error(), $target_url );
|
|
326 |
$admin->print_error($oDb->get_error(), $target_url );
|
346 |
327 |
}
|
347 |
328 |
}
|
348 |
329 |
|
... | ... | |
363 |
344 |
|
364 |
345 |
if( !$bCanCreateAcessFiles )
|
365 |
346 |
{
|
366 |
|
$admin->print_error($mLang->MESSAGE_PAGES_CANNOT_CREATE_ACCESS_FILE, $target_url);
|
|
347 |
$admin->print_error($oLang->MESSAGE_PAGES_CANNOT_CREATE_ACCESS_FILE, $target_url);
|
367 |
348 |
} else {
|
368 |
349 |
// Create a new file in the /pages dir if title changed
|
369 |
350 |
$old_filename = WB_PATH.PAGES_DIRECTORY.$old_link.PAGE_EXTENSION;
|
... | ... | |
379 |
360 |
unlink($old_filename);
|
380 |
361 |
}
|
381 |
362 |
// Create access file
|
382 |
|
create_access_file($filename,$page_id,$level);
|
383 |
|
if(!file_exists($filename)) {
|
384 |
|
$admin->print_error($mLang->MESSAGE_PAGES_CANNOT_CREATE_ACCESS_FILE);
|
385 |
|
}
|
|
363 |
$sNewLink = str_replace($oReg->AppPath.$oReg->PagesDir, '', str_replace('\\', '/', $filename));
|
|
364 |
try{
|
|
365 |
$oAccFile = new AccessFile($oReg->AppPath.$oReg->PagesDir, $sNewLink, $page_id);
|
|
366 |
$oAccFile->write();
|
|
367 |
unset($oAccFile);
|
|
368 |
} catch (AccessFileException $e) {
|
|
369 |
$sMsg = $oLang->MESSAGE_PAGES_CANNOT_CREATE_ACCESS_FILE
|
|
370 |
. '<br />'.$e->getMessage();
|
|
371 |
$admin->print_error($sMsg);
|
|
372 |
}
|
|
373 |
// create_access_file($filename,$page_id,$level);
|
|
374 |
// if(!file_exists($filename)) {
|
|
375 |
// $admin->print_error($oLang->MESSAGE_PAGES_CANNOT_CREATE_ACCESS_FILE.'');
|
|
376 |
// }
|
386 |
377 |
// Move a directory for this page
|
387 |
378 |
if(is_writeable(WB_PATH.PAGES_DIRECTORY.$old_link.'/') && !is_dir(WB_PATH.PAGES_DIRECTORY.$link.'/'))
|
388 |
379 |
{
|
... | ... | |
420 |
411 |
unlink($old_subpage_file);
|
421 |
412 |
}
|
422 |
413 |
$sAccessFile = WB_PATH.PAGES_DIRECTORY.$new_sub_link.PAGE_EXTENSION;
|
423 |
|
create_access_file($sAccessFile, $sub['page_id'], $new_sub_level);
|
424 |
|
if(!file_exists($sAccessFile)) {
|
425 |
|
$admin->print_error($mLang->MESSAGE_PAGES_CANNOT_CREATE_ACCESS_FILE);
|
426 |
|
} else {
|
427 |
|
}
|
|
414 |
$sNewLink = str_replace($oReg->AppPath.$oReg->PagesDir, '', str_replace('\\', '/', $sAccessFile));
|
|
415 |
try {
|
|
416 |
$oAccFile = new AccessFile(WB_PATH.PAGES_DIRECTORY.'/', $sNewLink, $sub['page_id']);
|
|
417 |
$oAccFile->write();
|
|
418 |
unset($oAccFile);
|
|
419 |
} catch (AccessFileException $e) {
|
|
420 |
$sMsg = $oLang->MESSAGE_PAGES_CANNOT_CREATE_ACCESS_FILE
|
|
421 |
. '<br />'.$e->getMessage();
|
|
422 |
$admin->print_error($sMsg);
|
|
423 |
}
|
|
424 |
// create_access_file($sAccessFile, $sub['page_id'], $new_sub_level);
|
|
425 |
// if(!file_exists($sAccessFile)) {
|
|
426 |
// $admin->print_error($oLang->MESSAGE_PAGES_CANNOT_CREATE_ACCESS_FILE);
|
|
427 |
// }
|
428 |
428 |
}
|
429 |
429 |
}
|
430 |
430 |
}
|
! admin/pages/settings_save class AccessFile implemented