Project

General

Profile

« Previous | Next » 

Revision 2080

Added by darkviper almost 11 years ago

! admin/pages/settings_save class AccessFile implemented

View differences:

branches/2.8.x/CHANGELOG
11 11
! = Update/Change
12 12
===============================================================================
13 13

  
14
07 Jan-2014 Build 2080 Manuela v.d.Decken(DarkViper)
15
! admin/pages/settings_save class AccessFile implemented
14 16
07 Jan-2014 Build 2079 Manuela v.d.Decken(DarkViper)
15 17
! modules/output_filter added new field `opf` in mod_output_filter.sql
16 18
07 Jan-2014 Build 2078 Manuela v.d.Decken(DarkViper)
branches/2.8.x/wb/admin/pages/settings_save.php
29 29
//$lang_dir = dirname(__FILE__).'/languages/';
30 30
//$lang = file_exists($lang_dir.LANGUAGE.'.php') ? LANGUAGE : 'EN';
31 31
//require_once($lang_dir.$lang.'.php');
32
//if( !isset($mLang->TEXT_PAGE_LANG_LOADED) ) { require($lang_dir.$lang.'.php'); }
32
//if( !isset($oLang->TEXT_PAGE_LANG_LOADED) ) { require($lang_dir.$lang.'.php'); }
33 33

  
34 34
// suppress to print the header, so no new FTAN will be set
35 35
$admin = new admin('Pages', 'pages_settings',false);
36 36
$pagetree_url = ADMIN_URL.'/pages/index.php';
37
$oDb   = WbDatabase::getInstance();
38
$oReg  = WbAdaptor::getInstance();
39
$oLang = Translate::getinstance();
40
$oLang->enableAddon('admin\pages');
37 41

  
38
$mLang = Translate::getinstance();
39
$mLang->enableAddon('admin\pages');
40

  
41 42
// Get page id
42 43
if(!isset($_POST['page_id']) || (isset($_POST['page_id']) && preg_match('/[^0-9a-z]/i',$_POST['page_id'])) )
43 44
{
44 45
	header("Location: index.php");
45 46
	exit(0);
46 47
} else {
47
//	$page_id = $admin->checkIDKEY('page_id');
48
//	$page_id = (int)$_POST['page_id']; || preg_match('/[^0-9a-f]/i',$_POST['page_id'])
49 48
	if((!($page_id = $admin->checkIDKEY('page_id')))) {
50 49
		$admin->print_header();
51
		$admin->print_error($mLang->MESSAGE_GENERIC_SECURITY_ACCESS, $pagetree_url);
50
		$admin->print_error($oLang->MESSAGE_GENERIC_SECURITY_ACCESS, $pagetree_url);
52 51
	}
53 52
}
54

  
55
/*
56
if( (!($page_id = $admin->checkIDKEY('page_id', 0, $_SERVER['REQUEST_METHOD']))) )
57
{
58
	$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS']);
59
}
60
*/
61 53
$target_url = ADMIN_URL.'/pages/settings.php?page_id='.$page_id;
62 54

  
63 55
if (!$admin->checkFTAN())
64 56
{
65 57
	$admin->print_header();
66
	$admin->print_error($mLang->MESSAGE_GENERIC_SECURITY_ACCESS,$target_url);
58
	$admin->print_error($oLang->MESSAGE_GENERIC_SECURITY_ACCESS,$target_url);
67 59
}
68 60

  
69 61
// After check print the header
......
72 64
if(isset($_POST['extendet_submit'])) {
73 65
//	$val = (((($page_exented=='1') ? $page_exented : 0)) + 1) % 2;
74 66
	$val = (defined('PAGE_EXTENDET') ? filter_var(PAGE_EXTENDET, FILTER_VALIDATE_BOOLEAN, FILTER_NULL_ON_FAILURE) : false);
75
	$sql  = (defined('PAGE_EXTENDET') ? 'UPDATE `' : 'INSERT INTO `') . TABLE_PREFIX . 'settings` SET ';
67
	$sql  = (defined('PAGE_EXTENDET') ? 'UPDATE `' : 'INSERT INTO `') . $oDb->TablePrefix . 'settings` SET ';
76 68
	$sql .= '`name`=\'page_extendet\', ';
77 69
	$sql .= '`value`=\''.($val ? 'false' : 'true').'\' ';
78 70
	$sql .= (defined('PAGE_EXTENDET') ? 'WHERE `name`=\'page_extendet\'' : '');
79
    if($database->query($sql)) {
71
    if($oDb->doQuery($sql)) {
80 72
// redirect to backend
81 73
echo "<p style=\"text-align:center;\"> If the script</strong> could not be start automatically.\n" .
82 74
     "Please click <a style=\"font-weight:bold;\" " .
......
91 83
</script>";
92 84

  
93 85
    } else {
94
    	$admin->print_error($database->get_error(), $target_url );
86
    	$admin->print_error($oDb->get_error(), $target_url );
95 87
    }
96 88
}
97 89

  
......
135 127
// Validate data
136 128
if($page_title == '' || substr($page_title,0,1)=='.')
137 129
{
138
	$admin->print_error($mLang->PAGES_BLANK_PAGE_TITLE,$target_url);
130
	$admin->print_error($oLang->PAGES_BLANK_PAGE_TITLE,$target_url);
139 131
}
140 132
if($menu_title == '' || substr($menu_title,0,1)=='.')
141 133
{
142
	$admin->print_error($mLang->MESSAGE_PAGES_BLANK_MENU_TITLE,$target_url);
134
	$admin->print_error($oLang->MESSAGE_PAGES_BLANK_MENU_TITLE,$target_url);
143 135
}
144 136
if($seo_title == '' || substr($seo_title,0,1)=='.')
145 137
{
......
147 139
}
148 140

  
149 141
// Get existing perms
150
$sql  = 'SELECT `parent`,`link`,`position`,`admin_groups`,`admin_users`,`menu_title` ';
151
$sql .= 'FROM `'.TABLE_PREFIX.'pages` WHERE `page_id`='.$page_id;
152
$results = $database->query($sql);
142
$sql = 'SELECT `parent`,`link`,`position`,`admin_groups`,`admin_users`,`menu_title` '
143
     . 'FROM `'.$oDb->TablePrefix.'pages` '
144
     . 'WHERE `page_id`='.$page_id;
145
$results = $oDb->doQuery($sql);
153 146

  
154 147
$results_array = $results->fetchRow(MYSQL_ASSOC);
155 148
$old_parent = $results_array['parent'];
......
160 153
	if(!$admin->ami_group_member($results_array['admin_groups']) &&
161 154
	   !$admin->is_group_match($admin->get_user_id(), $results_array['admin_users']))
162 155
	{
163
		$admin->print_error($mLang->MESSAGE_PAGES_INSUFFICIENT_PERMISSIONS);
156
		$admin->print_error($oLang->MESSAGE_PAGES_INSUFFICIENT_PERMISSIONS);
164 157
	}
165 158
	// Setup admin groups
166 159
	$aAdminGroups = (is_array($aAdminGroups) ? $aAdminGroups : array(1));
......
193 186
if($parent != $old_parent)
194 187
{
195 188
	// Include ordering class
196
	require(WB_PATH.'/framework/class.order.php');
189
//	require(WB_PATH.'/framework/class.order.php');
197 190
	$order = new order(TABLE_PREFIX.'pages', 'position', 'page_id', 'parent');
198 191
	// Get new order
199 192
	$position = $order->get_new($parent);
......
233 226
		if( $denied )
234 227
		{
235 228
//			$link .= '_' .$page_id;
236
			$admin->print_error($mLang->MESSAGE_PAGES_CANNOT_MODIFY_PROTECTED_FILE);
229
			$admin->print_error($oLang->MESSAGE_PAGES_CANNOT_MODIFY_PROTECTED_FILE);
237 230
		}
238 231
	}
239 232
	$filename = WB_PATH.PAGES_DIRECTORY.$link.PAGE_EXTENSION;
......
254 247

  
255 248
// $database = new database();
256 249
// Check if a page with same page filename exists
257
$sql = 'SELECT COUNT(*) FROM `'.TABLE_PREFIX.'pages` '
250
$sql = 'SELECT COUNT(*) FROM `'.$oDb->TablePrefix.'pages` '
258 251
     . 'WHERE `link` = \''.$link.'\' '
259 252
     .   'AND `page_id` != '.$page_id;
260
if( ($iSamePages = intval($database->get_one($sql))) > 0 ){
261
	$admin->print_error($mLang->MESSAGE_PAGES_PAGE_EXISTS, $target_url);
253
if( ($iSamePages = intval($oDb->getOne($sql))) > 0 ){
254
	$admin->print_error($oLang->MESSAGE_PAGES_PAGE_EXISTS, $target_url);
262 255
}
263

  
264
//if($get_same_page = $database->query($sql)){
265
//	if($get_same_page->numRows() > 0)
266
//	{
267
//		$admin->print_error($mLang->MESSAGE_PAGES_PAGE_EXISTS, $target_url);
268
//	}
269
//}
270

  
271
// Update page with new order
272
//$sql = 'UPDATE `'.TABLE_PREFIX.'pages` SET `parent`='.$parent.', `position`='.$position.' WHERE `page_id`='.$page_id.'';
273
//$database->query($sql);
274

  
275 256
// Get page trail
276 257
$page_trail = get_page_trail($page_id);
277

  
278 258
// Update page settings in the pages table
279
$sql = 'UPDATE `'.TABLE_PREFIX.'pages` '
259
$sql = 'UPDATE `'.$oDb->TablePrefix.'pages` '
280 260
	 . 'SET `parent`='.$parent.', '
281
	 .     '`page_title`=\''.$database->escapeString($page_title).'\', '
282
	 .     '`tooltip`=\''.$database->escapeString($page_title).'\', '
283
	 .     '`page_icon` =\''.$database->escapeString($sPageIcon).'\', '
284
	 .     '`menu_title`=\''.$database->escapeString($menu_title).'\', '
285
	 .     '`menu_icon_0` =\''.$database->escapeString($sMenuIcon0).'\', '
286
	 .     '`menu_icon_1` =\''.$database->escapeString($sMenuIcon1).'\', '
261
	 .     '`page_title`=\''.$oDb->escapeString($page_title).'\', '
262
	 .     '`tooltip`=\''.$oDb->escapeString($page_title).'\', '
263
	 .     '`page_icon` =\''.$oDb->escapeString($sPageIcon).'\', '
264
	 .     '`menu_title`=\''.$oDb->escapeString($menu_title).'\', '
265
	 .     '`menu_icon_0` =\''.$oDb->escapeString($sMenuIcon0).'\', '
266
	 .     '`menu_icon_1` =\''.$oDb->escapeString($sMenuIcon1).'\', '
287 267
	 .     '`menu`='.$menu.', '
288 268
	 .     '`level`='.$level.', '
289 269
	 .     '`page_trail`=\''.$page_trail.'\', '
290 270
	 .     '`root_parent`='.$root_parent.', '
291
	 .     '`link`=\''.$database->escapeString($link).'\', '
271
	 .     '`link`=\''.$oDb->escapeString($link).'\', '
292 272
	 .     '`template`=\''.$template.'\', '
293 273
	 .     '`target`=\''.$target.'\', '
294
	 .     '`description`=\''.$database->escapeString($description).'\', '
295
	 .     '`keywords`=\''.$database->escapeString($keywords).'\', '
274
	 .     '`description`=\''.$oDb->escapeString($description).'\', '
275
	 .     '`keywords`=\''.$oDb->escapeString($keywords).'\', '
296 276
	 .     '`position`='.$position.', '
297 277
	 .     '`visibility`=\''.$visibility.'\', '
298 278
	 .     '`searching`='.$searching.', '
......
308 288
	 . '`page_code`='.$page_code.' '
309 289
	 . 'WHERE `page_id`='.$page_id;
310 290

  
311
if(!$database->query($sql)) {
291
if(!$oDb->doQuery($sql)) {
312 292
	$target_url = ADMIN_URL.'/pages/settings.php?page_id='.$page_id;
313
	$admin->print_error($database->get_error(), $target_url );
293
	$admin->print_error($oDb->get_error(), $target_url );
314 294
}
315 295

  
316 296
// Clean old order if needed
......
321 301

  
322 302
// using standard function by core,
323 303
function fix_page_trail($page_id) {
324
	global $database,$admin,$target_url,$pagetree_url,$mLang;
325

  
304
	global $admin, $target_url, $pagetree_url;
305
    $oLang = Translate::getInstance();
306
    $oDb   = WbDatabase::getInstance();
326 307
	$target_url = (isset($_POST['back_submit'])) ? $pagetree_url : $target_url;
327 308
	
328 309
// Work out level
......
333 314
	$page_trail = get_page_trail($page_id);
334 315

  
335 316
// Update page with new level and link
336
	$sql  = 'UPDATE `'.TABLE_PREFIX.'pages` '
317
	$sql  = 'UPDATE `'.$oDb->TablePrefix.'pages` '
337 318
	      . 'SET `root_parent` = '.$root_parent.', '
338 319
	      .     '`level` = '.$level.', '
339 320
	      .     '`page_trail` = \''.$page_trail.'\' '
340 321
	      .'WHERE `page_id` = '.$page_id;
341 322

  
342
	if($database->query($sql)) {
343
		$admin->print_success($mLang->MESSAGE_PAGES_SAVED_SETTINGS, $target_url );
323
	if($oDb->doQuery($sql)) {
324
		$admin->print_success($oLang->MESSAGE_PAGES_SAVED_SETTINGS, $target_url );
344 325
	} else {
345
		$admin->print_error($database->get_error(), $target_url );
326
		$admin->print_error($oDb->get_error(), $target_url );
346 327
	}
347 328
}
348 329

  
......
363 344

  
364 345
if( !$bCanCreateAcessFiles )
365 346
{
366
	$admin->print_error($mLang->MESSAGE_PAGES_CANNOT_CREATE_ACCESS_FILE, $target_url);
347
	$admin->print_error($oLang->MESSAGE_PAGES_CANNOT_CREATE_ACCESS_FILE, $target_url);
367 348
} else {
368 349
// Create a new file in the /pages dir if title changed
369 350
	$old_filename = WB_PATH.PAGES_DIRECTORY.$old_link.PAGE_EXTENSION;
......
379 360
			unlink($old_filename);
380 361
		}
381 362
// Create access file
382
		create_access_file($filename,$page_id,$level);
383
		if(!file_exists($filename)) {
384
			$admin->print_error($mLang->MESSAGE_PAGES_CANNOT_CREATE_ACCESS_FILE);
385
		}
363
        $sNewLink = str_replace($oReg->AppPath.$oReg->PagesDir, '', str_replace('\\', '/', $filename));
364
        try{
365
            $oAccFile = new AccessFile($oReg->AppPath.$oReg->PagesDir, $sNewLink, $page_id);
366
            $oAccFile->write();
367
            unset($oAccFile);
368
        } catch (AccessFileException $e) {
369
            $sMsg = $oLang->MESSAGE_PAGES_CANNOT_CREATE_ACCESS_FILE
370
                  . '<br />'.$e->getMessage();
371
            $admin->print_error($sMsg);
372
        }
373
//		create_access_file($filename,$page_id,$level);
374
//		if(!file_exists($filename)) {
375
//			$admin->print_error($oLang->MESSAGE_PAGES_CANNOT_CREATE_ACCESS_FILE.'');
376
//		}
386 377
// Move a directory for this page
387 378
		if(is_writeable(WB_PATH.PAGES_DIRECTORY.$old_link.'/') && !is_dir(WB_PATH.PAGES_DIRECTORY.$link.'/'))
388 379
		{
......
420 411
								unlink($old_subpage_file);
421 412
							}
422 413
							$sAccessFile = WB_PATH.PAGES_DIRECTORY.$new_sub_link.PAGE_EXTENSION;
423
							create_access_file($sAccessFile, $sub['page_id'], $new_sub_level);
424
							if(!file_exists($sAccessFile)) {
425
								$admin->print_error($mLang->MESSAGE_PAGES_CANNOT_CREATE_ACCESS_FILE);
426
							} else {
427
							}
414
                            $sNewLink = str_replace($oReg->AppPath.$oReg->PagesDir, '', str_replace('\\', '/', $sAccessFile));
415
                            try {
416
                                $oAccFile = new AccessFile(WB_PATH.PAGES_DIRECTORY.'/', $sNewLink, $sub['page_id']);
417
                                $oAccFile->write();
418
                                unset($oAccFile);
419
                            } catch (AccessFileException $e) {
420
                                $sMsg = $oLang->MESSAGE_PAGES_CANNOT_CREATE_ACCESS_FILE
421
                                      . '<br />'.$e->getMessage();
422
                                $admin->print_error($sMsg);
423
                            }
424
//							create_access_file($sAccessFile, $sub['page_id'], $new_sub_level);
425
//							if(!file_exists($sAccessFile)) {
426
//								$admin->print_error($oLang->MESSAGE_PAGES_CANNOT_CREATE_ACCESS_FILE);
427
//							}
428 428
						}
429 429
					}
430 430
				}
branches/2.8.x/wb/admin/interface/version.php
51 51

  
52 52
// check if defined to avoid errors during installation (redirect to admin panel fails if PHP error/warnings are enabled)
53 53
if(!defined('VERSION')) define('VERSION', '2.8.4');
54
if(!defined('REVISION')) define('REVISION', '2079');
54
if(!defined('REVISION')) define('REVISION', '2080');
55 55
if(!defined('SP')) define('SP', '');

Also available in: Unified diff