| 29 |
29 |
//$lang_dir = dirname(__FILE__).'/languages/';
|
| 30 |
30 |
//$lang = file_exists($lang_dir.LANGUAGE.'.php') ? LANGUAGE : 'EN';
|
| 31 |
31 |
//require_once($lang_dir.$lang.'.php');
|
| 32 |
|
//if( !isset($mLang->TEXT_PAGE_LANG_LOADED) ) { require($lang_dir.$lang.'.php'); }
|
|
32 |
//if( !isset($oLang->TEXT_PAGE_LANG_LOADED) ) { require($lang_dir.$lang.'.php'); }
|
| 33 |
33 |
|
| 34 |
34 |
// suppress to print the header, so no new FTAN will be set
|
| 35 |
35 |
$admin = new admin('Pages', 'pages_settings',false);
|
| 36 |
36 |
$pagetree_url = ADMIN_URL.'/pages/index.php';
|
|
37 |
$oDb = WbDatabase::getInstance();
|
|
38 |
$oReg = WbAdaptor::getInstance();
|
|
39 |
$oLang = Translate::getinstance();
|
|
40 |
$oLang->enableAddon('admin\pages');
|
| 37 |
41 |
|
| 38 |
|
$mLang = Translate::getinstance();
|
| 39 |
|
$mLang->enableAddon('admin\pages');
|
| 40 |
|
|
| 41 |
42 |
// Get page id
|
| 42 |
43 |
if(!isset($_POST['page_id']) || (isset($_POST['page_id']) && preg_match('/[^0-9a-z]/i',$_POST['page_id'])) )
|
| 43 |
44 |
{
|
| 44 |
45 |
header("Location: index.php");
|
| 45 |
46 |
exit(0);
|
| 46 |
47 |
} else {
|
| 47 |
|
// $page_id = $admin->checkIDKEY('page_id');
|
| 48 |
|
// $page_id = (int)$_POST['page_id']; || preg_match('/[^0-9a-f]/i',$_POST['page_id'])
|
| 49 |
48 |
if((!($page_id = $admin->checkIDKEY('page_id')))) {
|
| 50 |
49 |
$admin->print_header();
|
| 51 |
|
$admin->print_error($mLang->MESSAGE_GENERIC_SECURITY_ACCESS, $pagetree_url);
|
|
50 |
$admin->print_error($oLang->MESSAGE_GENERIC_SECURITY_ACCESS, $pagetree_url);
|
| 52 |
51 |
}
|
| 53 |
52 |
}
|
| 54 |
|
|
| 55 |
|
/*
|
| 56 |
|
if( (!($page_id = $admin->checkIDKEY('page_id', 0, $_SERVER['REQUEST_METHOD']))) )
|
| 57 |
|
{
|
| 58 |
|
$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS']);
|
| 59 |
|
}
|
| 60 |
|
*/
|
| 61 |
53 |
$target_url = ADMIN_URL.'/pages/settings.php?page_id='.$page_id;
|
| 62 |
54 |
|
| 63 |
55 |
if (!$admin->checkFTAN())
|
| 64 |
56 |
{
|
| 65 |
57 |
$admin->print_header();
|
| 66 |
|
$admin->print_error($mLang->MESSAGE_GENERIC_SECURITY_ACCESS,$target_url);
|
|
58 |
$admin->print_error($oLang->MESSAGE_GENERIC_SECURITY_ACCESS,$target_url);
|
| 67 |
59 |
}
|
| 68 |
60 |
|
| 69 |
61 |
// After check print the header
|
| ... | ... | |
| 72 |
64 |
if(isset($_POST['extendet_submit'])) {
|
| 73 |
65 |
// $val = (((($page_exented=='1') ? $page_exented : 0)) + 1) % 2;
|
| 74 |
66 |
$val = (defined('PAGE_EXTENDET') ? filter_var(PAGE_EXTENDET, FILTER_VALIDATE_BOOLEAN, FILTER_NULL_ON_FAILURE) : false);
|
| 75 |
|
$sql = (defined('PAGE_EXTENDET') ? 'UPDATE `' : 'INSERT INTO `') . TABLE_PREFIX . 'settings` SET ';
|
|
67 |
$sql = (defined('PAGE_EXTENDET') ? 'UPDATE `' : 'INSERT INTO `') . $oDb->TablePrefix . 'settings` SET ';
|
| 76 |
68 |
$sql .= '`name`=\'page_extendet\', ';
|
| 77 |
69 |
$sql .= '`value`=\''.($val ? 'false' : 'true').'\' ';
|
| 78 |
70 |
$sql .= (defined('PAGE_EXTENDET') ? 'WHERE `name`=\'page_extendet\'' : '');
|
| 79 |
|
if($database->query($sql)) {
|
|
71 |
if($oDb->doQuery($sql)) {
|
| 80 |
72 |
// redirect to backend
|
| 81 |
73 |
echo "<p style=\"text-align:center;\"> If the script</strong> could not be start automatically.\n" .
|
| 82 |
74 |
"Please click <a style=\"font-weight:bold;\" " .
|
| ... | ... | |
| 91 |
83 |
</script>";
|
| 92 |
84 |
|
| 93 |
85 |
} else {
|
| 94 |
|
$admin->print_error($database->get_error(), $target_url );
|
|
86 |
$admin->print_error($oDb->get_error(), $target_url );
|
| 95 |
87 |
}
|
| 96 |
88 |
}
|
| 97 |
89 |
|
| ... | ... | |
| 135 |
127 |
// Validate data
|
| 136 |
128 |
if($page_title == '' || substr($page_title,0,1)=='.')
|
| 137 |
129 |
{
|
| 138 |
|
$admin->print_error($mLang->PAGES_BLANK_PAGE_TITLE,$target_url);
|
|
130 |
$admin->print_error($oLang->PAGES_BLANK_PAGE_TITLE,$target_url);
|
| 139 |
131 |
}
|
| 140 |
132 |
if($menu_title == '' || substr($menu_title,0,1)=='.')
|
| 141 |
133 |
{
|
| 142 |
|
$admin->print_error($mLang->MESSAGE_PAGES_BLANK_MENU_TITLE,$target_url);
|
|
134 |
$admin->print_error($oLang->MESSAGE_PAGES_BLANK_MENU_TITLE,$target_url);
|
| 143 |
135 |
}
|
| 144 |
136 |
if($seo_title == '' || substr($seo_title,0,1)=='.')
|
| 145 |
137 |
{
|
| ... | ... | |
| 147 |
139 |
}
|
| 148 |
140 |
|
| 149 |
141 |
// Get existing perms
|
| 150 |
|
$sql = 'SELECT `parent`,`link`,`position`,`admin_groups`,`admin_users`,`menu_title` ';
|
| 151 |
|
$sql .= 'FROM `'.TABLE_PREFIX.'pages` WHERE `page_id`='.$page_id;
|
| 152 |
|
$results = $database->query($sql);
|
|
142 |
$sql = 'SELECT `parent`,`link`,`position`,`admin_groups`,`admin_users`,`menu_title` '
|
|
143 |
. 'FROM `'.$oDb->TablePrefix.'pages` '
|
|
144 |
. 'WHERE `page_id`='.$page_id;
|
|
145 |
$results = $oDb->doQuery($sql);
|
| 153 |
146 |
|
| 154 |
147 |
$results_array = $results->fetchRow(MYSQL_ASSOC);
|
| 155 |
148 |
$old_parent = $results_array['parent'];
|
| ... | ... | |
| 160 |
153 |
if(!$admin->ami_group_member($results_array['admin_groups']) &&
|
| 161 |
154 |
!$admin->is_group_match($admin->get_user_id(), $results_array['admin_users']))
|
| 162 |
155 |
{
|
| 163 |
|
$admin->print_error($mLang->MESSAGE_PAGES_INSUFFICIENT_PERMISSIONS);
|
|
156 |
$admin->print_error($oLang->MESSAGE_PAGES_INSUFFICIENT_PERMISSIONS);
|
| 164 |
157 |
}
|
| 165 |
158 |
// Setup admin groups
|
| 166 |
159 |
$aAdminGroups = (is_array($aAdminGroups) ? $aAdminGroups : array(1));
|
| ... | ... | |
| 193 |
186 |
if($parent != $old_parent)
|
| 194 |
187 |
{
|
| 195 |
188 |
// Include ordering class
|
| 196 |
|
require(WB_PATH.'/framework/class.order.php');
|
|
189 |
// require(WB_PATH.'/framework/class.order.php');
|
| 197 |
190 |
$order = new order(TABLE_PREFIX.'pages', 'position', 'page_id', 'parent');
|
| 198 |
191 |
// Get new order
|
| 199 |
192 |
$position = $order->get_new($parent);
|
| ... | ... | |
| 233 |
226 |
if( $denied )
|
| 234 |
227 |
{
|
| 235 |
228 |
// $link .= '_' .$page_id;
|
| 236 |
|
$admin->print_error($mLang->MESSAGE_PAGES_CANNOT_MODIFY_PROTECTED_FILE);
|
|
229 |
$admin->print_error($oLang->MESSAGE_PAGES_CANNOT_MODIFY_PROTECTED_FILE);
|
| 237 |
230 |
}
|
| 238 |
231 |
}
|
| 239 |
232 |
$filename = WB_PATH.PAGES_DIRECTORY.$link.PAGE_EXTENSION;
|
| ... | ... | |
| 254 |
247 |
|
| 255 |
248 |
// $database = new database();
|
| 256 |
249 |
// Check if a page with same page filename exists
|
| 257 |
|
$sql = 'SELECT COUNT(*) FROM `'.TABLE_PREFIX.'pages` '
|
|
250 |
$sql = 'SELECT COUNT(*) FROM `'.$oDb->TablePrefix.'pages` '
|
| 258 |
251 |
. 'WHERE `link` = \''.$link.'\' '
|
| 259 |
252 |
. 'AND `page_id` != '.$page_id;
|
| 260 |
|
if( ($iSamePages = intval($database->get_one($sql))) > 0 ){
|
| 261 |
|
$admin->print_error($mLang->MESSAGE_PAGES_PAGE_EXISTS, $target_url);
|
|
253 |
if( ($iSamePages = intval($oDb->getOne($sql))) > 0 ){
|
|
254 |
$admin->print_error($oLang->MESSAGE_PAGES_PAGE_EXISTS, $target_url);
|
| 262 |
255 |
}
|
| 263 |
|
|
| 264 |
|
//if($get_same_page = $database->query($sql)){
|
| 265 |
|
// if($get_same_page->numRows() > 0)
|
| 266 |
|
// {
|
| 267 |
|
// $admin->print_error($mLang->MESSAGE_PAGES_PAGE_EXISTS, $target_url);
|
| 268 |
|
// }
|
| 269 |
|
//}
|
| 270 |
|
|
| 271 |
|
// Update page with new order
|
| 272 |
|
//$sql = 'UPDATE `'.TABLE_PREFIX.'pages` SET `parent`='.$parent.', `position`='.$position.' WHERE `page_id`='.$page_id.'';
|
| 273 |
|
//$database->query($sql);
|
| 274 |
|
|
| 275 |
256 |
// Get page trail
|
| 276 |
257 |
$page_trail = get_page_trail($page_id);
|
| 277 |
|
|
| 278 |
258 |
// Update page settings in the pages table
|
| 279 |
|
$sql = 'UPDATE `'.TABLE_PREFIX.'pages` '
|
|
259 |
$sql = 'UPDATE `'.$oDb->TablePrefix.'pages` '
|
| 280 |
260 |
. 'SET `parent`='.$parent.', '
|
| 281 |
|
. '`page_title`=\''.$database->escapeString($page_title).'\', '
|
| 282 |
|
. '`tooltip`=\''.$database->escapeString($page_title).'\', '
|
| 283 |
|
. '`page_icon` =\''.$database->escapeString($sPageIcon).'\', '
|
| 284 |
|
. '`menu_title`=\''.$database->escapeString($menu_title).'\', '
|
| 285 |
|
. '`menu_icon_0` =\''.$database->escapeString($sMenuIcon0).'\', '
|
| 286 |
|
. '`menu_icon_1` =\''.$database->escapeString($sMenuIcon1).'\', '
|
|
261 |
. '`page_title`=\''.$oDb->escapeString($page_title).'\', '
|
|
262 |
. '`tooltip`=\''.$oDb->escapeString($page_title).'\', '
|
|
263 |
. '`page_icon` =\''.$oDb->escapeString($sPageIcon).'\', '
|
|
264 |
. '`menu_title`=\''.$oDb->escapeString($menu_title).'\', '
|
|
265 |
. '`menu_icon_0` =\''.$oDb->escapeString($sMenuIcon0).'\', '
|
|
266 |
. '`menu_icon_1` =\''.$oDb->escapeString($sMenuIcon1).'\', '
|
| 287 |
267 |
. '`menu`='.$menu.', '
|
| 288 |
268 |
. '`level`='.$level.', '
|
| 289 |
269 |
. '`page_trail`=\''.$page_trail.'\', '
|
| 290 |
270 |
. '`root_parent`='.$root_parent.', '
|
| 291 |
|
. '`link`=\''.$database->escapeString($link).'\', '
|
|
271 |
. '`link`=\''.$oDb->escapeString($link).'\', '
|
| 292 |
272 |
. '`template`=\''.$template.'\', '
|
| 293 |
273 |
. '`target`=\''.$target.'\', '
|
| 294 |
|
. '`description`=\''.$database->escapeString($description).'\', '
|
| 295 |
|
. '`keywords`=\''.$database->escapeString($keywords).'\', '
|
|
274 |
. '`description`=\''.$oDb->escapeString($description).'\', '
|
|
275 |
. '`keywords`=\''.$oDb->escapeString($keywords).'\', '
|
| 296 |
276 |
. '`position`='.$position.', '
|
| 297 |
277 |
. '`visibility`=\''.$visibility.'\', '
|
| 298 |
278 |
. '`searching`='.$searching.', '
|
| ... | ... | |
| 308 |
288 |
. '`page_code`='.$page_code.' '
|
| 309 |
289 |
. 'WHERE `page_id`='.$page_id;
|
| 310 |
290 |
|
| 311 |
|
if(!$database->query($sql)) {
|
|
291 |
if(!$oDb->doQuery($sql)) {
|
| 312 |
292 |
$target_url = ADMIN_URL.'/pages/settings.php?page_id='.$page_id;
|
| 313 |
|
$admin->print_error($database->get_error(), $target_url );
|
|
293 |
$admin->print_error($oDb->get_error(), $target_url );
|
| 314 |
294 |
}
|
| 315 |
295 |
|
| 316 |
296 |
// Clean old order if needed
|
| ... | ... | |
| 321 |
301 |
|
| 322 |
302 |
// using standard function by core,
|
| 323 |
303 |
function fix_page_trail($page_id) {
|
| 324 |
|
global $database,$admin,$target_url,$pagetree_url,$mLang;
|
| 325 |
|
|
|
304 |
global $admin, $target_url, $pagetree_url;
|
|
305 |
$oLang = Translate::getInstance();
|
|
306 |
$oDb = WbDatabase::getInstance();
|
| 326 |
307 |
$target_url = (isset($_POST['back_submit'])) ? $pagetree_url : $target_url;
|
| 327 |
308 |
|
| 328 |
309 |
// Work out level
|
| ... | ... | |
| 333 |
314 |
$page_trail = get_page_trail($page_id);
|
| 334 |
315 |
|
| 335 |
316 |
// Update page with new level and link
|
| 336 |
|
$sql = 'UPDATE `'.TABLE_PREFIX.'pages` '
|
|
317 |
$sql = 'UPDATE `'.$oDb->TablePrefix.'pages` '
|
| 337 |
318 |
. 'SET `root_parent` = '.$root_parent.', '
|
| 338 |
319 |
. '`level` = '.$level.', '
|
| 339 |
320 |
. '`page_trail` = \''.$page_trail.'\' '
|
| 340 |
321 |
.'WHERE `page_id` = '.$page_id;
|
| 341 |
322 |
|
| 342 |
|
if($database->query($sql)) {
|
| 343 |
|
$admin->print_success($mLang->MESSAGE_PAGES_SAVED_SETTINGS, $target_url );
|
|
323 |
if($oDb->doQuery($sql)) {
|
|
324 |
$admin->print_success($oLang->MESSAGE_PAGES_SAVED_SETTINGS, $target_url );
|
| 344 |
325 |
} else {
|
| 345 |
|
$admin->print_error($database->get_error(), $target_url );
|
|
326 |
$admin->print_error($oDb->get_error(), $target_url );
|
| 346 |
327 |
}
|
| 347 |
328 |
}
|
| 348 |
329 |
|
| ... | ... | |
| 363 |
344 |
|
| 364 |
345 |
if( !$bCanCreateAcessFiles )
|
| 365 |
346 |
{
|
| 366 |
|
$admin->print_error($mLang->MESSAGE_PAGES_CANNOT_CREATE_ACCESS_FILE, $target_url);
|
|
347 |
$admin->print_error($oLang->MESSAGE_PAGES_CANNOT_CREATE_ACCESS_FILE, $target_url);
|
| 367 |
348 |
} else {
|
| 368 |
349 |
// Create a new file in the /pages dir if title changed
|
| 369 |
350 |
$old_filename = WB_PATH.PAGES_DIRECTORY.$old_link.PAGE_EXTENSION;
|
| ... | ... | |
| 379 |
360 |
unlink($old_filename);
|
| 380 |
361 |
}
|
| 381 |
362 |
// Create access file
|
| 382 |
|
create_access_file($filename,$page_id,$level);
|
| 383 |
|
if(!file_exists($filename)) {
|
| 384 |
|
$admin->print_error($mLang->MESSAGE_PAGES_CANNOT_CREATE_ACCESS_FILE);
|
| 385 |
|
}
|
|
363 |
$sNewLink = str_replace($oReg->AppPath.$oReg->PagesDir, '', str_replace('\\', '/', $filename));
|
|
364 |
try{
|
|
365 |
$oAccFile = new AccessFile($oReg->AppPath.$oReg->PagesDir, $sNewLink, $page_id);
|
|
366 |
$oAccFile->write();
|
|
367 |
unset($oAccFile);
|
|
368 |
} catch (AccessFileException $e) {
|
|
369 |
$sMsg = $oLang->MESSAGE_PAGES_CANNOT_CREATE_ACCESS_FILE
|
|
370 |
. '<br />'.$e->getMessage();
|
|
371 |
$admin->print_error($sMsg);
|
|
372 |
}
|
|
373 |
// create_access_file($filename,$page_id,$level);
|
|
374 |
// if(!file_exists($filename)) {
|
|
375 |
// $admin->print_error($oLang->MESSAGE_PAGES_CANNOT_CREATE_ACCESS_FILE.'');
|
|
376 |
// }
|
| 386 |
377 |
// Move a directory for this page
|
| 387 |
378 |
if(is_writeable(WB_PATH.PAGES_DIRECTORY.$old_link.'/') && !is_dir(WB_PATH.PAGES_DIRECTORY.$link.'/'))
|
| 388 |
379 |
{
|
| ... | ... | |
| 420 |
411 |
unlink($old_subpage_file);
|
| 421 |
412 |
}
|
| 422 |
413 |
$sAccessFile = WB_PATH.PAGES_DIRECTORY.$new_sub_link.PAGE_EXTENSION;
|
| 423 |
|
create_access_file($sAccessFile, $sub['page_id'], $new_sub_level);
|
| 424 |
|
if(!file_exists($sAccessFile)) {
|
| 425 |
|
$admin->print_error($mLang->MESSAGE_PAGES_CANNOT_CREATE_ACCESS_FILE);
|
| 426 |
|
} else {
|
| 427 |
|
}
|
|
414 |
$sNewLink = str_replace($oReg->AppPath.$oReg->PagesDir, '', str_replace('\\', '/', $sAccessFile));
|
|
415 |
try {
|
|
416 |
$oAccFile = new AccessFile(WB_PATH.PAGES_DIRECTORY.'/', $sNewLink, $sub['page_id']);
|
|
417 |
$oAccFile->write();
|
|
418 |
unset($oAccFile);
|
|
419 |
} catch (AccessFileException $e) {
|
|
420 |
$sMsg = $oLang->MESSAGE_PAGES_CANNOT_CREATE_ACCESS_FILE
|
|
421 |
. '<br />'.$e->getMessage();
|
|
422 |
$admin->print_error($sMsg);
|
|
423 |
}
|
|
424 |
// create_access_file($sAccessFile, $sub['page_id'], $new_sub_level);
|
|
425 |
// if(!file_exists($sAccessFile)) {
|
|
426 |
// $admin->print_error($oLang->MESSAGE_PAGES_CANNOT_CREATE_ACCESS_FILE);
|
|
427 |
// }
|
| 428 |
428 |
}
|
| 429 |
429 |
}
|
| 430 |
430 |
}
|
! admin/pages/settings_save class AccessFile implemented