Browse Source

clean up

develop
o.pinke 3 months ago
parent
commit
d2ccd7c3a9
1 changed files with 181 additions and 292 deletions
  1. +181
    -292
      cms/front_content.php

+ 181
- 292
cms/front_content.php View File

@@ -1,4 +1,5 @@
<?php

/**
* Project:
* Contenido Content Management System
@@ -42,7 +43,6 @@
* @link http://www.contenido.org
* @since file available since contenido release <= 4.6
*/

if (!defined("CON_FRAMEWORK")) {
define("CON_FRAMEWORK", true);
}
@@ -59,11 +59,10 @@ cInclude("includes", "functions.con2.php");
cInclude("includes", "functions.api.php");
cInclude("includes", "functions.pathresolver.php");

if ($cfg["use_pseudocron"] == true)
{
if ($cfg["use_pseudocron"] == true) {
/* Include cronjob-Emulator */
$oldpwd = getcwd();
chdir($cfg["path"]["contenido"].$cfg["path"]["cronjobs"]);
chdir($cfg["path"]["contenido"] . $cfg["path"]["cronjobs"]);
cInclude("includes", "pseudo-cron.inc.php");
chdir($oldpwd);
}
@@ -73,16 +72,13 @@ if ($cfg["use_pseudocron"] == true)
* PHPLIB application development toolkit
* @see http://sourceforge.net/projects/phplib
*/
if ($contenido)
{
if ($contenido) {
//Backend
page_open(array ('sess' => 'Contenido_Session', 'auth' => 'Contenido_Challenge_Crypt_Auth', 'perm' => 'Contenido_Perm'));
i18nInit($cfg["path"]["contenido"].$cfg["path"]["locale"], $belang);
}
else
{
page_open(array('sess' => 'Contenido_Session', 'auth' => 'Contenido_Challenge_Crypt_Auth', 'perm' => 'Contenido_Perm'));
i18nInit($cfg["path"]["contenido"] . $cfg["path"]["locale"], $belang);
} else {
//Frontend
page_open(array ('sess' => 'Contenido_Frontend_Session', 'auth' => 'Contenido_Frontend_Challenge_Crypt_Auth', 'perm' => 'Contenido_Perm'));
page_open(array('sess' => 'Contenido_Frontend_Session', 'auth' => 'Contenido_Frontend_Challenge_Crypt_Auth', 'perm' => 'Contenido_Perm'));
}

/**
@@ -106,20 +102,19 @@ $sess->register("errsite_idcat");
$sess->register("errsite_idart");
$sess->register("encoding");

if ($cfgClient["set"] != "set")
{
if ($cfgClient["set"] != "set") {
rereadClients();
}

# Check if this request is for a compressed file
if ($_GET['action'] == 'get_compressed') {
# Get the calling parameters
$sFilename = ((isset($_GET['f'])) ? $_GET['f'] : $_GET['amp;f']);
$sContentType = ((isset($_GET['c'])) ? $_GET['c'] : $_GET['amp;c']);
$sFilename = ((isset($_GET['f'])) ? $_GET['f'] : $_GET['amp;f']);
$sContentType = ((isset($_GET['c'])) ? $_GET['c'] : $_GET['amp;c']);
# Output the file using the class output() function
Output_Compressor::output($cfgClient[$client]['path']['frontend'] . 'cache/', $sFilename, $sContentType);
# Don't do anything else
exit();
}
@@ -127,8 +122,7 @@ if ($_GET['action'] == 'get_compressed') {
// Call hook after plugins are loaded, added by Murat Purc, 2008-09-07
CEC_Hook::execute('Contenido.Frontend.AfterLoadPlugins');

if (!isset($encoding) || !is_array($encoding) || count($encoding) == 0)
{
if (!isset($encoding) || !is_array($encoding) || count($encoding) == 0) {
// get encodings of all languages
$encoding = array();
$sql = "SELECT idlang, encoding FROM " . $cfg["tab"]["lang"];
@@ -152,18 +146,18 @@ Contenido_Url::getInstance()->getUrlBuilder()->setHttpBasePath($cfgClient[$clien
if (!isset($lang)) {

// if there is an entry load_lang in frontend/config.php use it, else use the first language of this client
if(isset($load_lang)){
if (isset($load_lang)) {
// load_client is set in frontend/config.php
$lang = $load_lang;
}else{
} else {

$sql = "SELECT
B.idlang
FROM
".$cfg["tab"]["clients_lang"]." AS A,
".$cfg["tab"]["lang"]." AS B
" . $cfg["tab"]["clients_lang"] . " AS A,
" . $cfg["tab"]["lang"] . " AS B
WHERE
A.idclient='".Contenido_Security::toInteger($client)."' AND
A.idclient='" . Contenido_Security::toInteger($client) . "' AND
A.idlang = B.idlang
LIMIT
0,1";
@@ -175,11 +169,12 @@ if (!isset($lang)) {
}
}

if (!$sess->is_registered("lang") ) $sess->register("lang");
if (!$sess->is_registered("client") ) $sess->register("client");
if (!$sess->is_registered("lang"))
$sess->register("lang");
if (!$sess->is_registered("client"))
$sess->register("client");

if (isset ($username))
{
if (isset($username)) {
$auth->login_if(true);
}

@@ -192,8 +187,7 @@ header("Content-Type: text/html; charset={$encoding[$lang]}");
* if http global logout is set e.g. front_content.php?logout=true
* log out the current user.
*/
if (isset ($logout))
{
if (isset($logout)) {
$auth->logout(true);
$auth->unauth(true);
$auth->auth["uname"] = "nobody";
@@ -202,8 +196,7 @@ if (isset ($logout))
/*
* local configuration
*/
if (file_exists("config.local.php"))
{
if (file_exists("config.local.php")) {
@ include ("config.local.php");
}

@@ -211,32 +204,26 @@ if (file_exists("config.local.php"))
* If the path variable was passed, try to resolve it to a Category Id
* e.g. front_content.php?path=/company/products/
*/
if (isset($path) && strlen($path) > 1)
{
if (isset($path) && strlen($path) > 1) {
/* Which resolve method is configured? */
if ($cfg["urlpathresolve"] == true)
{
if ($cfg["urlpathresolve"] == true) {

$iLangCheck = 0;
$idcat = prResolvePathViaURLNames($path, $iLangCheck);

}
else
{
} else {
$iLangCheck = 0;

$idcat = prResolvePathViaCategoryNames($path, $iLangCheck);
if(($lang != $iLangCheck) && ((int)$iLangCheck != 0)){
if (($lang != $iLangCheck) && ((int) $iLangCheck != 0)) {
$lang = $iLangCheck;
}

}
}

// error page
$aParams = array (
'client' => $client, 'idcat' => $errsite_idcat[$client], 'idart' => $errsite_idart[$client],
'lang' => $lang, 'error'=> '1'
$aParams = array(
'client' => $client, 'idcat' => $errsite_idcat[$client], 'idart' => $errsite_idart[$client],
'lang' => $lang, 'error' => '1'
);
$errsite = 'Location: ' . Contenido_Url::getInstance()->buildRedirect($aParams);

@@ -246,66 +233,58 @@ $errsite = 'Location: ' . Contenido_Url::getInstance()->buildRedirect($aParams);
* Note: These variables can be set via http globals e.g. front_content.php?idcat=41&idart=34&idcatart=35&idartlang=42
* If not the values will be computed.
*/
if ($idart && !$idcat && !$idcatart)
{
if ($idart && !$idcat && !$idcatart) {
/* Try to fetch the first idcat */
$sql = "SELECT idcat FROM ".$cfg["tab"]["cat_art"]." WHERE idart = '".Contenido_Security::toInteger($idart)."'";
$sql = "SELECT idcat FROM " . $cfg["tab"]["cat_art"] . " WHERE idart = '" . Contenido_Security::toInteger($idart) . "'";
$db->query($sql);

if ($db->next_record())
{
if ($db->next_record()) {
$idcat = $db->f("idcat");
}
}

unset ($code);
unset ($markscript);
unset($code);
unset($markscript);

if (!$idcatart)
{
if (!$idart)
{
if (!$idcat)
{
if (!$idcatart) {
if (!$idart) {
if (!$idcat) {
# Note: In earlier Contenido versions the information if an article is startarticle of a category has been stored
# in relation con_cat_art.
if ($cfg["is_start_compatible"] == true)
{
if ($cfg["is_start_compatible"] == true) {
$sql = "SELECT
idart,
B.idcat
FROM
".$cfg["tab"]["cat_art"]." AS A,
".$cfg["tab"]["cat_tree"]." AS B,
".$cfg["tab"]["cat"]." AS C
" . $cfg["tab"]["cat_art"] . " AS A,
" . $cfg["tab"]["cat_tree"] . " AS B,
" . $cfg["tab"]["cat"] . " AS C
WHERE
A.idcat=B.idcat AND
B.idcat=C.idcat AND
is_start='1' AND
idclient='".Contenido_Security::toInteger($client)."'
idclient='" . Contenido_Security::toInteger($client) . "'
ORDER BY
idtree ASC";
}
else
{
} else {
# Note: Now the information if an article is startarticle of a category is stored in relation con_cat_lang.
$sql = "SELECT
A.idart,
B.idcat
FROM
".$cfg["tab"]["cat_art"]." AS A,
".$cfg["tab"]["cat_tree"]." AS B,
".$cfg["tab"]["cat"]." AS C,
".$cfg["tab"]["cat_lang"]." AS D,
".$cfg["tab"]["art_lang"]." AS E
" . $cfg["tab"]["cat_art"] . " AS A,
" . $cfg["tab"]["cat_tree"] . " AS B,
" . $cfg["tab"]["cat"] . " AS C,
" . $cfg["tab"]["cat_lang"] . " AS D,
" . $cfg["tab"]["art_lang"] . " AS E
WHERE
A.idcat=B.idcat AND
B.idcat=C.idcat AND
D.startidartlang = E.idartlang AND
D.idlang='".Contenido_Security::toInteger($lang)."' AND
D.idlang='" . Contenido_Security::toInteger($lang) . "' AND
E.idart=A.idart AND
E.idlang='".Contenido_Security::toInteger($lang)."' AND
idclient='".Contenido_Security::toInteger($client)."'
E.idlang='" . Contenido_Security::toInteger($lang) . "' AND
idclient='" . Contenido_Security::toInteger($client) . "'
ORDER BY
idtree ASC";
}
@@ -316,40 +295,34 @@ if (!$idcatart)
$idart = $db->f("idart");
$idcat = $db->f("idcat");
} else {
if($contenido) {
if ($contenido) {
cInclude("includes", "functions.i18n.php");
die(i18n("No start article for this category"));
} else {
if($error == 1) {
if ($error == 1) {
die("Fatal error: Could not display error page. Error to display was: 'No start article in this category'");
} else {
header($errsite);
exit;
exit;
}
}
}
} else {
$idart = -1;
if ($cfg["is_start_compatible"] == true)
{
$sql = "SELECT idart FROM ".$cfg["tab"]["cat_art"]." WHERE idcat='".Contenido_Security::toInteger($idcat)."' AND is_start='1'";
if ($cfg["is_start_compatible"] == true) {
$sql = "SELECT idart FROM " . $cfg["tab"]["cat_art"] . " WHERE idcat='" . Contenido_Security::toInteger($idcat) . "' AND is_start='1'";
$db->query($sql);

if ($db->next_record())
{
if ($db->next_record()) {
$idart = $db->f("idart");
}
}
else
{
$sql = "SELECT startidartlang FROM ".$cfg["tab"]["cat_lang"]." WHERE idcat='".Contenido_Security::toInteger($idcat)."' AND idlang='".Contenido_Security::toInteger($lang)."'";
} else {
$sql = "SELECT startidartlang FROM " . $cfg["tab"]["cat_lang"] . " WHERE idcat='" . Contenido_Security::toInteger($idcat) . "' AND idlang='" . Contenido_Security::toInteger($lang) . "'";
$db->query($sql);

if ($db->next_record())
{
if ($db->f("startidartlang") != 0)
{
$sql = "SELECT idart FROM ".$cfg["tab"]["art_lang"]." WHERE idartlang='".Contenido_Security::toInteger($db->f("startidartlang"))."'";
if ($db->next_record()) {
if ($db->f("startidartlang") != 0) {
$sql = "SELECT idart FROM " . $cfg["tab"]["art_lang"] . " WHERE idartlang='" . Contenido_Security::toInteger($db->f("startidartlang")) . "'";
$db->query($sql);
$db->next_record();
$idart = $db->f("idart");
@@ -357,36 +330,26 @@ if (!$idcatart)
}
}

if ($idart != -1)
{
}
else
{
if ($idart != -1) {
} else {
// error message in backend
if ($contenido)
{
if ($contenido) {
cInclude("includes", "functions.i18n.php");
die(i18n("No start article for this category"));
}
else
{
if ($error == 1)
{
} else {
if ($error == 1) {
echo "Fatal error: Could not display error page. Error to display was: 'No start article in this category'";
}
else
{
} else {
header($errsite);
exit;
exit;
}
}
}
}
}
}
else
{
$sql = "SELECT idcat, idart FROM ".$cfg["tab"]["cat_art"]." WHERE idcatart='".Contenido_Security::toInteger($idcatart)."'";
} else {
$sql = "SELECT idcat, idart FROM " . $cfg["tab"]["cat_art"] . " WHERE idcatart='" . Contenido_Security::toInteger($idcatart) . "'";

$db->query($sql);
$db->next_record();
@@ -396,9 +359,8 @@ else
}

/* Get idcatart */
if (0 != $idart && 0 != $idcat)
{
$sql = "SELECT idcatart FROM ".$cfg["tab"]["cat_art"]." WHERE idart = '".Contenido_Security::toInteger($idart)."' AND idcat = '".Contenido_Security::toInteger($idcat)."'";
if (0 != $idart && 0 != $idcat) {
$sql = "SELECT idcatart FROM " . $cfg["tab"]["cat_art"] . " WHERE idart = '" . Contenido_Security::toInteger($idart) . "' AND idcat = '" . Contenido_Security::toInteger($idcat) . "'";

$db->query($sql);
$db->next_record();
@@ -408,10 +370,9 @@ if (0 != $idart && 0 != $idcat)

$idartlang = getArtLang($idart, $lang);

if ($idartlang === false)
{
if ($idartlang === false) {
header($errsite);
exit;
exit;
}

/*
@@ -427,8 +388,6 @@ if ($cfg["cache"]["disable"] != '1') {
$oCacheHandler->start($iStartTime); // $iStartTime ist optional und ist die startzeit des scriptes, z. b. am anfang von fron_content.php
}
// END: concache


##############################################
# BACKEND / FRONTEND EDITING
##############################################
@@ -443,44 +402,39 @@ if ($cfg["cache"]["disable"] != '1') {
* The reason is to avoid cross-site scripting errors in the backend, if the backend domain differs from
* the frontend domain.
*/
if ($contenido)
{
if ($contenido) {
$perm->load_permissions();

/* Change mode edit / view */
if (isset ($changeview))
{
if (isset($changeview)) {
$sess->register("view");
$view = $changeview;
}

$col = new InUseCollection;

if ($overrideid != "" && $overridetype != "")
{
if ($overrideid != "" && $overridetype != "") {
$col->removeItemMarks($overridetype, $overrideid);
}
/* Remove all own marks */
$col->removeSessionMarks($sess->id);
/* If the override flag is set, override a specific InUseItem */

list ($inUse, $message) = $col->checkAndMark("article", $idartlang, true, i18n("Article is in use by %s (%s)"), true, $cfg['path']['contenido_fullhtml']."external/backendedit/front_content.php?changeview=edit&action=con_editart&idartlang=$idartlang&type=$type&typenr=$typenr&idart=$idart&idcat=$idcat&idcatart=$idcatart&client=$client&lang=$lang");
list ($inUse, $message) = $col->checkAndMark("article", $idartlang, true, i18n("Article is in use by %s (%s)"), true, $cfg['path']['contenido_fullhtml'] . "external/backendedit/front_content.php?changeview=edit&action=con_editart&idartlang=$idartlang&type=$type&typenr=$typenr&idart=$idart&idcat=$idcat&idcatart=$idcatart&client=$client&lang=$lang");

$sHtmlInUse = '';
$sHtmlInUseMessage = '';
if ($inUse == true)
{
if ($inUse == true) {
$disabled = 'disabled="disabled"';
$sHtmlInUseCss = '<link rel="stylesheet" type="text/css" href="'.$cfg['path']['contenido_fullhtml'].'styles/inuse.css" />';
$sHtmlInUseCss = '<link rel="stylesheet" type="text/css" href="' . $cfg['path']['contenido_fullhtml'] . 'styles/inuse.css" />';
$sHtmlInUseMessage = $message;
}

$sql = "SELECT locked FROM ".$cfg["tab"]["art_lang"]." WHERE idart='".Contenido_Security::toInteger($idart)."' AND idlang = '".Contenido_Security::toInteger($lang)."'";
$sql = "SELECT locked FROM " . $cfg["tab"]["art_lang"] . " WHERE idart='" . Contenido_Security::toInteger($idart) . "' AND idlang = '" . Contenido_Security::toInteger($lang) . "'";
$db->query($sql);
$db->next_record();
$locked = $db->f("locked");
if ($locked == 1)
{
if ($locked == 1) {
$inUse = true;
$disabled = 'disabled="disabled"';
}
@@ -488,47 +442,40 @@ if ($contenido)
// CEC to check if the user has permission to edit articles in this category
CEC_Hook::setBreakCondition(false, true); // break at "false", default value "true"
$allow = CEC_Hook::executeWhileBreakCondition(
'Contenido.Frontend.AllowEdit', $lang, $idcat, $idart, $auth->auth['uid']
'Contenido.Frontend.AllowEdit', $lang, $idcat, $idart, $auth->auth['uid']
);

if ($perm->have_perm_area_action_item("con_editcontent", "con_editart", $idcat) && $inUse == false && $allow == true)
{
if ($perm->have_perm_area_action_item("con_editcontent", "con_editart", $idcat) && $inUse == false && $allow == true) {
/* Create buttons for editing */
$edit_preview = '<table cellspacing="0" cellpadding="4" border="0">';

if ($view == "edit")
{
if ($view == "edit") {
$edit_preview = '<tr>
<td width="18">
<a title="Preview" style="font-family: Verdana; font-size: 10px; color: #000000; text-decoration: none" href="'.$sess->url("front_content.php?changeview=prev&idcat=$idcat&idart=$idart").'"><img src="'.$cfg["path"]["contenido_fullhtml"].$cfg["path"]["images"].'but_preview.gif" alt="Preview" title="Preview" border="0"></a>
<a title="Preview" style="font-family: Verdana; font-size: 10px; color: #000000; text-decoration: none" href="' . $sess->url("front_content.php?changeview=prev&idcat=$idcat&idart=$idart") . '"><img src="' . $cfg["path"]["contenido_fullhtml"] . $cfg["path"]["images"] . 'but_preview.gif" alt="Preview" title="Preview" border="0"></a>
</td>
<td width="18">
<a title="Preview" style="font-family: Verdana; font-size: 10px; color: #000000; text-decoration: none" href="'.$sess->url("front_content.php?changeview=prev&idcat=$idcat&idart=$idart").'">Preview</a>
<a title="Preview" style="font-family: Verdana; font-size: 10px; color: #000000; text-decoration: none" href="' . $sess->url("front_content.php?changeview=prev&idcat=$idcat&idart=$idart") . '">Preview</a>
</td>
</tr>';
}
else
{
} else {
$edit_preview = '<tr>
<td width="18">
<a title="Preview" style="font-family: Verdana; font-size: 10px; color: #000000; text-decoration: none" href="'.$sess->url("front_content.php?changeview=edit&idcat=$idcat&idart=$idart").'"><img src="'.$cfg["path"]["contenido_fullhtml"].$cfg["path"]["images"].'but_edit.gif" alt="Preview" title="Preview" border="0"></a>
<a title="Preview" style="font-family: Verdana; font-size: 10px; color: #000000; text-decoration: none" href="' . $sess->url("front_content.php?changeview=edit&idcat=$idcat&idart=$idart") . '"><img src="' . $cfg["path"]["contenido_fullhtml"] . $cfg["path"]["images"] . 'but_edit.gif" alt="Preview" title="Preview" border="0"></a>
</td>
<td width="18">
<a title="Preview" style="font-family: Verdana; font-size: 10px; color: #000000; text-decoration: none" href="'.$sess->url("front_content.php?changeview=edit&idcat=$idcat&idart=$idart").'">Edit</a>
<a title="Preview" style="font-family: Verdana; font-size: 10px; color: #000000; text-decoration: none" href="' . $sess->url("front_content.php?changeview=edit&idcat=$idcat&idart=$idart") . '">Edit</a>
</td>
</tr>';
}

/* Display articles */
if ($cfg["is_start_compatible"] == true)
{
$sql = "SELECT idart, is_start FROM ".$cfg["tab"]["cat_art"]." WHERE idcat='".Contenido_Security::toInteger($idcat)."' ORDER BY idart";
if ($cfg["is_start_compatible"] == true) {
$sql = "SELECT idart, is_start FROM " . $cfg["tab"]["cat_art"] . " WHERE idcat='" . Contenido_Security::toInteger($idcat) . "' ORDER BY idart";

$db->query($sql);
}
else
{
$sql = "SELECT idart FROM ".$cfg["tab"]["cat_art"]." WHERE idcat='".Contenido_Security::toInteger($idcat)."' ORDER BY idart";
} else {
$sql = "SELECT idart FROM " . $cfg["tab"]["cat_art"] . " WHERE idcat='" . Contenido_Security::toInteger($idcat) . "' ORDER BY idart";

$db->query($sql);
}
@@ -537,53 +484,41 @@ if ($contenido)

$edit_preview .= '<tr><td colspan="2"><table cellspacing="0" cellpadding="2" border="0"></tr><td style="font-family: verdana; font-size:10; color:#000000; text-decoration:none">Articles in category:<br>';

while ($db->next_record() && ($db->affected_rows() != 1))
{
while ($db->next_record() && ($db->affected_rows() != 1)) {

$class = "font-family:'Verdana'; font-size:10; color:#000000; text-decoration: underline; font-weight:normal";
if (!isset ($idart))
{
if (isStartArticle(getArtLang($idart, $lang), $idcat, $lang))
{
if (!isset($idart)) {
if (isStartArticle(getArtLang($idart, $lang), $idcat, $lang)) {
$class = "font-family: verdana; font-size:10; color:#000000; text-decoration: underline ;font-weight:bold";
}
}
else
{
if ($idart == $db->f("idart"))
{
} else {
if ($idart == $db->f("idart")) {
$class = "font-family: verdana; font-size:10; color:#000000; text-decoration: underline; font-weight:bold";
}
}

$edit_preview .= "<a style=\"$class\" href=\"".$sess->url("front_content.php?idart=".$db->f("idart")."&idcat=$idcat")."\">$a</a>&nbsp;";
$a ++;
$edit_preview .= "<a style=\"$class\" href=\"" . $sess->url("front_content.php?idart=" . $db->f("idart") . "&idcat=$idcat") . "\">$a</a>&nbsp;";
$a++;
}

$edit_preview .= '</td></tr></table></td></tr></table>';

}

} // end if $contenido


/* If mode is 'edit' and user has permission to edit articles in the current category */
if ($inUse == false && $allow == true && $view == "edit" && ($perm->have_perm_area_action_item("con_editcontent", "con_editart", $idcat)))
{
if ($inUse == false && $allow == true && $view == "edit" && ($perm->have_perm_area_action_item("con_editcontent", "con_editart", $idcat))) {
cInclude("includes", "functions.tpl.php");
cInclude("includes", "functions.con.php");
include ($cfg["path"]["contenido"].$cfg["path"]["includes"]."include.con_editcontent.php");
}
else
{
include ($cfg["path"]["contenido"] . $cfg["path"]["includes"] . "include.con_editcontent.php");
} else {

##############################################
# FRONTEND VIEW
##############################################

/* Mark submenuitem 'Preview' in the Contenido Backend (Area: Contenido --> Articles --> Preview) */
if ($contenido)
{
if ($contenido) {
$markscript = markSubMenuItem(4, true);
}

@@ -593,10 +528,10 @@ else
$sql = "SELECT
createcode
FROM
".$cfg["tab"]["cat_art"]."
" . $cfg["tab"]["cat_art"] . "
WHERE
idcat = '".Contenido_Security::toInteger($idcat)."' AND
idart = '".Contenido_Security::toInteger($idart)."'";
idcat = '" . Contenido_Security::toInteger($idcat) . "' AND
idart = '" . Contenido_Security::toInteger($idart) . "'";

$db->query($sql);
$db->next_record();
@@ -606,44 +541,36 @@ else
##############################################

/* Check if code is expired, create new code if needed */
if($db->f("createcode") == 0 && $force == 0 && $cfg['dceModEdit']['use'] !== true && $cfg['dceLayEdit']['use'] !== true) {
$sql = "SELECT code FROM ".$cfg["tab"]["code"]." WHERE idcatart = '".Contenido_Security::toInteger($idcatart)."' AND idlang = '".Contenido_Security::toInteger($lang)."'";
if ($db->f("createcode") == 0 && $force == 0 && $cfg['dceModEdit']['use'] !== true && $cfg['dceLayEdit']['use'] !== true) {
$sql = "SELECT code FROM " . $cfg["tab"]["code"] . " WHERE idcatart = '" . Contenido_Security::toInteger($idcatart) . "' AND idlang = '" . Contenido_Security::toInteger($lang) . "'";
$db->query($sql);

if ($db->num_rows() == 0)
{
if ($db->num_rows() == 0) {
/* Include here for performance reasons */
cInclude("includes", "functions.tpl.php");

conGenerateCode($idcat, $idart, $lang, $client);

$sql = "SELECT code FROM ".$cfg["tab"]["code"]." WHERE idcatart = '".Contenido_Security::toInteger($idcatart)."' AND idlang = '".Contenido_Security::toInteger($lang)."'";
$sql = "SELECT code FROM " . $cfg["tab"]["code"] . " WHERE idcatart = '" . Contenido_Security::toInteger($idcatart) . "' AND idlang = '" . Contenido_Security::toInteger($lang) . "'";
$db->query($sql);
}

if ($db->next_record())
{
if ($db->next_record()) {
$code = stripslashes($db->f("code"));
}
else
{
} else {
if ($contenido)
$code = "echo \"No code available.\";";
else
{
if ($error == 1)
{
else {
if ($error == 1) {
echo "Fatal error: Could not display error page. Error to display was: 'No code available'";
}
else
{
} else {
header($errsite);
exit;
exit;
}
}
}
} else {
$sql = "DELETE FROM ".$cfg["tab"]["code"]." WHERE idcatart = '".Contenido_Security::toInteger($idcatart)."'";
$sql = "DELETE FROM " . $cfg["tab"]["code"] . " WHERE idcatart = '" . Contenido_Security::toInteger($idcatart) . "'";
$db->query($sql);

cInclude("includes", "functions.con.php");
@@ -652,7 +579,7 @@ else

conGenerateCode($idcat, $idart, $lang, $client);

$sql = "SELECT code FROM ".$cfg["tab"]["code"]." WHERE idcatart = '".Contenido_Security::toInteger($idcatart)."' AND idlang = '".Contenido_Security::toInteger($lang)."'";
$sql = "SELECT code FROM " . $cfg["tab"]["code"] . " WHERE idcatart = '" . Contenido_Security::toInteger($idcatart) . "' AND idlang = '" . Contenido_Security::toInteger($lang) . "'";

$db->query($sql);
$db->next_record();
@@ -670,7 +597,7 @@ else
}

/* Check if category is public */
$sql = "SELECT public FROM ".$cfg["tab"]["cat_lang"]." WHERE idcat='".Contenido_Security::toInteger($idcat)."' AND idlang='".Contenido_Security::toInteger($lang)."'";
$sql = "SELECT public FROM " . $cfg["tab"]["cat_lang"] . " WHERE idcat='" . Contenido_Security::toInteger($idcat) . "' AND idlang='" . Contenido_Security::toInteger($lang) . "'";

$db->query($sql);
$db->next_record();
@@ -680,80 +607,68 @@ else
##############################################
# protected categories
##############################################
if ($public == 0)
{
if ($auth->auth["uid"] == "nobody")
{
$sql = "SELECT user_id, value FROM ".$cfg["tab"]["user_prop"]." WHERE type='frontend' and name='allowed_ip'";
if ($public == 0) {
if ($auth->auth["uid"] == "nobody") {
$sql = "SELECT user_id, value FROM " . $cfg["tab"]["user_prop"] . " WHERE type='frontend' and name='allowed_ip'";
$db->query($sql);

while ($db->next_record())
{
while ($db->next_record()) {
$user_id = $db->f("user_id");

$range = urldecode($db->f("value"));
$slash = strpos($range, "/");

if ($slash == false)
{
if ($slash == false) {
$netmask = "255.255.255.255";
$network = $range;
}
else
{
} else {
$network = substr($range, 0, $slash);
$netmask = substr($range, $slash +1, strlen($range) - $slash -1);
$netmask = substr($range, $slash + 1, strlen($range) - $slash - 1);
}

if (IP_match($network, $netmask, $_SERVER["REMOTE_ADDR"]))
{
if (IP_match($network, $netmask, $_SERVER["REMOTE_ADDR"])) {
$sql = "SELECT idright
FROM ".$cfg["tab"]["rights"]." AS A,
".$cfg["tab"]["actions"]." AS B,
".$cfg["tab"]["area"]." AS C
WHERE B.name = 'front_allow' AND C.name = 'str' AND A.user_id = '".Contenido_Security::escapeDB($user_id, $db2)."' AND A.idcat = '".Contenido_Security::toInteger($idcat)."'
FROM " . $cfg["tab"]["rights"] . " AS A,
" . $cfg["tab"]["actions"] . " AS B,
" . $cfg["tab"]["area"] . " AS C
WHERE B.name = 'front_allow' AND C.name = 'str' AND A.user_id = '" . Contenido_Security::escapeDB($user_id, $db2) . "' AND A.idcat = '" . Contenido_Security::toInteger($idcat) . "'
AND A.idarea = C.idarea AND B.idaction = A.idaction";

$db2 = new DB_Contenido;
$db2->query($sql);

if ($db2->num_rows() > 0)
{
if ($db2->num_rows() > 0) {
$auth->auth["uid"] = $user_id;
$validated = 1;
}
}
}
if ($validated != 1)
{
if ($validated != 1) {
// CEC to check category access
CEC_Hook::setBreakCondition(true, false); // break at "true", default value "false"
$allow = CEC_Hook::executeWhileBreakCondition(
'Contenido.Frontend.CategoryAccess', $lang, $idcat, $auth->auth['uid']
'Contenido.Frontend.CategoryAccess', $lang, $idcat, $auth->auth['uid']
);
$auth->login_if(!$allow);
}
}
else
{
} else {
// CEC to check category access
CEC_Hook::setBreakCondition(true, false); // break at "true", default value "false"
$allow = CEC_Hook::executeWhileBreakCondition(
'Contenido.Frontend.CategoryAccess', $lang, $idcat, $auth->auth['uid']
'Contenido.Frontend.CategoryAccess', $lang, $idcat, $auth->auth['uid']
);

/*
added 2008-11-18 Timo Trautmann
in backendeditmode also check if logged in backenduser has permission to view preview of page
*/
added 2008-11-18 Timo Trautmann
in backendeditmode also check if logged in backenduser has permission to view preview of page
*/
if ($allow == false && $contenido && $perm->have_perm_area_action_item("con_editcontent", "con_editart", $idcat)) {
$allow = true;
}

if (!$allow)
{
if (!$allow) {
header($errsite);
exit;
exit;
}
}
}
@@ -767,24 +682,18 @@ else
/*
* Check if an article is start article of the category
*/
if ($cfg["is_start_compatible"] == true)
{
$sql = "SELECT is_start FROM ".$cfg["tab"]["cat_art"]." WHERE idcatart='".Contenido_Security::toInteger($idcatart)."'";
if ($cfg["is_start_compatible"] == true) {
$sql = "SELECT is_start FROM " . $cfg["tab"]["cat_art"] . " WHERE idcatart='" . Contenido_Security::toInteger($idcatart) . "'";
$db->query($sql);
$db->next_record();
$isstart = $db->f("is_start");
}
else
{
$sql = "SELECT startidartlang FROM ".$cfg["tab"]["cat_lang"]." WHERE idcat='".Contenido_Security::toInteger($idcat)."' AND idlang = '".Contenido_Security::toInteger($lang)."'";
} else {
$sql = "SELECT startidartlang FROM " . $cfg["tab"]["cat_lang"] . " WHERE idcat='" . Contenido_Security::toInteger($idcat) . "' AND idlang = '" . Contenido_Security::toInteger($lang) . "'";
$db->query($sql);
$db->next_record();
if ($db->f("idartlang") == $idartlang)
{
if ($db->f("idartlang") == $idartlang) {
$isstart = 1;
}
else
{
} else {
$isstart = 0;
}
}
@@ -792,18 +701,15 @@ else
##############################################
# time management
##############################################
$sql = "SELECT timemgmt FROM ".$cfg["tab"]["art_lang"]." WHERE idart='".Contenido_Security::toInteger($idart)."' AND idlang = '".Contenido_Security::toInteger($lang)."'";
$sql = "SELECT timemgmt FROM " . $cfg["tab"]["art_lang"] . " WHERE idart='" . Contenido_Security::toInteger($idart) . "' AND idlang = '" . Contenido_Security::toInteger($lang) . "'";
$db->query($sql);
$db->next_record();

if (($db->f("timemgmt") == "1") && ($isstart != 1))
{
$sql = "SELECT online, redirect, redirect_url FROM ".$cfg["tab"]["art_lang"]." WHERE idart='".Contenido_Security::toInteger($idart)."' AND idlang = '".Contenido_Security::toInteger($lang)."'
if (($db->f("timemgmt") == "1") && ($isstart != 1)) {
$sql = "SELECT online, redirect, redirect_url FROM " . $cfg["tab"]["art_lang"] . " WHERE idart='" . Contenido_Security::toInteger($idart) . "' AND idlang = '" . Contenido_Security::toInteger($lang) . "'
AND NOW() > datestart AND NOW() < dateend";
}
else
{
$sql = "SELECT online, redirect, redirect_url FROM ".$cfg["tab"]["art_lang"]." WHERE idart='".Contenido_Security::toInteger($idart)."' AND idlang = '".Contenido_Security::toInteger($lang)."'";
} else {
$sql = "SELECT online, redirect, redirect_url FROM " . $cfg["tab"]["art_lang"] . " WHERE idart='" . Contenido_Security::toInteger($idart) . "' AND idlang = '" . Contenido_Security::toInteger($lang) . "'";
}

$db->query($sql);
@@ -813,15 +719,14 @@ else
$redirect = $db->f("redirect");
$redirect_url = $db->f("redirect_url");

@ eval ("\$"."redirect_url = \"$redirect_url\";"); // transform variables
@ eval("\$" . "redirect_url = \"$redirect_url\";"); // transform variables

$insert_base = getEffectiveSetting('generator', 'basehref', "true");

/*
* generate base url
*/
if ($insert_base == "true")
{
if ($insert_base == "true") {
$is_XHTML = getEffectiveSetting('generator', 'xhtml', "false");

$str_base_uri = $cfgClient[$client]["path"]["htmlpath"];
@@ -830,21 +735,19 @@ else
$str_base_uri = CEC_Hook::executeAndReturn('Contenido.Frontend.BaseHrefGeneration', $str_base_uri);

if ($is_XHTML == "true") {
$baseCode = '<base href="'.$str_base_uri.'" />';
$baseCode = '<base href="' . $str_base_uri . '" />';
} else {
$baseCode = '<base href="'.$str_base_uri.'">';
$baseCode = '<base href="' . $str_base_uri . '">';
}

$code = str_ireplace_once("<head>", "<head>\n".$baseCode, $code);
$code = str_ireplace_once("<head>", "<head>\n" . $baseCode, $code);
}

/*
* Handle online (offline) articles
*/
if ($online)
{
if ($redirect == '1' && $redirect_url != '')
{
if ($online) {
if ($redirect == '1' && $redirect_url != '') {
page_close();
/*
* Redirect to the URL defined in article properties
@@ -860,12 +763,9 @@ else
}
header("Location: $redirect_url");
exit;
}
else
{
if ($cfg["debug"]["codeoutput"])
{
echo "<textarea>".clHtmlSpecialChars($code)."</textarea>";
} else {
if ($cfg["debug"]["codeoutput"]) {
echo "<textarea>" . clHtmlSpecialChars($code) . "</textarea>";
}

/*
@@ -876,11 +776,11 @@ else

$aExclude = explode(',', getEffectiveSetting('frontend.no_outputbuffer', 'idart', ''));
if (in_array(Contenido_Security::toInteger($idart), $aExclude)) {
eval ("?>\n".$code."\n<?php\n");
eval("?>\n" . $code . "\n<?php\n");
} else {
// write html output into output buffer and assign it to an variable
ob_start();
eval ("?>\n".$code."\n<?php\n");
eval("?>\n" . $code . "\n<?php\n");
$htmlCode = ob_get_contents();
ob_end_clean();

@@ -893,26 +793,17 @@ else
// print output
echo $htmlCode;
}

}
}
else
{
} else {
# if user is in the backend display offline articles
if ($contenido)
{
eval ("?>\n".$code."\n<?php\n");
}
else
{
if ($error == 1)
{
if ($contenido) {
eval("?>\n" . $code . "\n<?php\n");
} else {
if ($error == 1) {
echo "Fatal error: Could not display error page. Error to display was: 'No contenido session variable set. Probable error cause: Start article in this category is not set on-line.'";
}
else
{
} else {
header($errsite);
exit;
exit;
}
}
}
@@ -934,13 +825,11 @@ if ($cfg["cache"]["disable"] != '1') {
/*
* configuration settings after the site is displayed.
*/
if (file_exists("config.after.php"))
{
if (file_exists("config.after.php")) {
@ include ("config.after.php");
}

if (isset ($savedlang))
{
if (isset($savedlang)) {
$lang = $savedlang;
}



Loading…
Cancel
Save