diff --git a/cms/front_content.php b/cms/front_content.php index 0fb2500..eaeeccd 100644 --- a/cms/front_content.php +++ b/cms/front_content.php @@ -1,4 +1,5 @@ 'Contenido_Session', 'auth' => 'Contenido_Challenge_Crypt_Auth', 'perm' => 'Contenido_Perm')); - i18nInit($cfg["path"]["contenido"].$cfg["path"]["locale"], $belang); -} -else -{ + page_open(array('sess' => 'Contenido_Session', 'auth' => 'Contenido_Challenge_Crypt_Auth', 'perm' => 'Contenido_Perm')); + i18nInit($cfg["path"]["contenido"] . $cfg["path"]["locale"], $belang); +} else { //Frontend - page_open(array ('sess' => 'Contenido_Frontend_Session', 'auth' => 'Contenido_Frontend_Challenge_Crypt_Auth', 'perm' => 'Contenido_Perm')); + page_open(array('sess' => 'Contenido_Frontend_Session', 'auth' => 'Contenido_Frontend_Challenge_Crypt_Auth', 'perm' => 'Contenido_Perm')); } /** @@ -106,20 +102,19 @@ $sess->register("errsite_idcat"); $sess->register("errsite_idart"); $sess->register("encoding"); -if ($cfgClient["set"] != "set") -{ +if ($cfgClient["set"] != "set") { rereadClients(); } # Check if this request is for a compressed file if ($_GET['action'] == 'get_compressed') { # Get the calling parameters - $sFilename = ((isset($_GET['f'])) ? $_GET['f'] : $_GET['amp;f']); - $sContentType = ((isset($_GET['c'])) ? $_GET['c'] : $_GET['amp;c']); - + $sFilename = ((isset($_GET['f'])) ? $_GET['f'] : $_GET['amp;f']); + $sContentType = ((isset($_GET['c'])) ? $_GET['c'] : $_GET['amp;c']); + # Output the file using the class output() function Output_Compressor::output($cfgClient[$client]['path']['frontend'] . 'cache/', $sFilename, $sContentType); - + # Don't do anything else exit(); } @@ -127,8 +122,7 @@ if ($_GET['action'] == 'get_compressed') { // Call hook after plugins are loaded, added by Murat Purc, 2008-09-07 CEC_Hook::execute('Contenido.Frontend.AfterLoadPlugins'); -if (!isset($encoding) || !is_array($encoding) || count($encoding) == 0) -{ +if (!isset($encoding) || !is_array($encoding) || count($encoding) == 0) { // get encodings of all languages $encoding = array(); $sql = "SELECT idlang, encoding FROM " . $cfg["tab"]["lang"]; @@ -152,18 +146,18 @@ Contenido_Url::getInstance()->getUrlBuilder()->setHttpBasePath($cfgClient[$clien if (!isset($lang)) { // if there is an entry load_lang in frontend/config.php use it, else use the first language of this client - if(isset($load_lang)){ + if (isset($load_lang)) { // load_client is set in frontend/config.php $lang = $load_lang; - }else{ + } else { $sql = "SELECT B.idlang FROM - ".$cfg["tab"]["clients_lang"]." AS A, - ".$cfg["tab"]["lang"]." AS B + " . $cfg["tab"]["clients_lang"] . " AS A, + " . $cfg["tab"]["lang"] . " AS B WHERE - A.idclient='".Contenido_Security::toInteger($client)."' AND + A.idclient='" . Contenido_Security::toInteger($client) . "' AND A.idlang = B.idlang LIMIT 0,1"; @@ -175,11 +169,12 @@ if (!isset($lang)) { } } -if (!$sess->is_registered("lang") ) $sess->register("lang"); -if (!$sess->is_registered("client") ) $sess->register("client"); +if (!$sess->is_registered("lang")) + $sess->register("lang"); +if (!$sess->is_registered("client")) + $sess->register("client"); -if (isset ($username)) -{ +if (isset($username)) { $auth->login_if(true); } @@ -192,8 +187,7 @@ header("Content-Type: text/html; charset={$encoding[$lang]}"); * if http global logout is set e.g. front_content.php?logout=true * log out the current user. */ -if (isset ($logout)) -{ +if (isset($logout)) { $auth->logout(true); $auth->unauth(true); $auth->auth["uname"] = "nobody"; @@ -202,8 +196,7 @@ if (isset ($logout)) /* * local configuration */ -if (file_exists("config.local.php")) -{ +if (file_exists("config.local.php")) { @ include ("config.local.php"); } @@ -211,32 +204,26 @@ if (file_exists("config.local.php")) * If the path variable was passed, try to resolve it to a Category Id * e.g. front_content.php?path=/company/products/ */ -if (isset($path) && strlen($path) > 1) -{ +if (isset($path) && strlen($path) > 1) { /* Which resolve method is configured? */ - if ($cfg["urlpathresolve"] == true) - { + if ($cfg["urlpathresolve"] == true) { $iLangCheck = 0; $idcat = prResolvePathViaURLNames($path, $iLangCheck); - - } - else - { + } else { $iLangCheck = 0; $idcat = prResolvePathViaCategoryNames($path, $iLangCheck); - if(($lang != $iLangCheck) && ((int)$iLangCheck != 0)){ + if (($lang != $iLangCheck) && ((int) $iLangCheck != 0)) { $lang = $iLangCheck; } - } } // error page -$aParams = array ( - 'client' => $client, 'idcat' => $errsite_idcat[$client], 'idart' => $errsite_idart[$client], - 'lang' => $lang, 'error'=> '1' +$aParams = array( + 'client' => $client, 'idcat' => $errsite_idcat[$client], 'idart' => $errsite_idart[$client], + 'lang' => $lang, 'error' => '1' ); $errsite = 'Location: ' . Contenido_Url::getInstance()->buildRedirect($aParams); @@ -246,66 +233,58 @@ $errsite = 'Location: ' . Contenido_Url::getInstance()->buildRedirect($aParams); * Note: These variables can be set via http globals e.g. front_content.php?idcat=41&idart=34&idcatart=35&idartlang=42 * If not the values will be computed. */ -if ($idart && !$idcat && !$idcatart) -{ +if ($idart && !$idcat && !$idcatart) { /* Try to fetch the first idcat */ - $sql = "SELECT idcat FROM ".$cfg["tab"]["cat_art"]." WHERE idart = '".Contenido_Security::toInteger($idart)."'"; + $sql = "SELECT idcat FROM " . $cfg["tab"]["cat_art"] . " WHERE idart = '" . Contenido_Security::toInteger($idart) . "'"; $db->query($sql); - if ($db->next_record()) - { + if ($db->next_record()) { $idcat = $db->f("idcat"); } } -unset ($code); -unset ($markscript); +unset($code); +unset($markscript); -if (!$idcatart) -{ - if (!$idart) - { - if (!$idcat) - { +if (!$idcatart) { + if (!$idart) { + if (!$idcat) { # Note: In earlier Contenido versions the information if an article is startarticle of a category has been stored # in relation con_cat_art. - if ($cfg["is_start_compatible"] == true) - { + if ($cfg["is_start_compatible"] == true) { $sql = "SELECT idart, B.idcat FROM - ".$cfg["tab"]["cat_art"]." AS A, - ".$cfg["tab"]["cat_tree"]." AS B, - ".$cfg["tab"]["cat"]." AS C + " . $cfg["tab"]["cat_art"] . " AS A, + " . $cfg["tab"]["cat_tree"] . " AS B, + " . $cfg["tab"]["cat"] . " AS C WHERE A.idcat=B.idcat AND B.idcat=C.idcat AND is_start='1' AND - idclient='".Contenido_Security::toInteger($client)."' + idclient='" . Contenido_Security::toInteger($client) . "' ORDER BY idtree ASC"; - } - else - { + } else { # Note: Now the information if an article is startarticle of a category is stored in relation con_cat_lang. $sql = "SELECT A.idart, B.idcat FROM - ".$cfg["tab"]["cat_art"]." AS A, - ".$cfg["tab"]["cat_tree"]." AS B, - ".$cfg["tab"]["cat"]." AS C, - ".$cfg["tab"]["cat_lang"]." AS D, - ".$cfg["tab"]["art_lang"]." AS E + " . $cfg["tab"]["cat_art"] . " AS A, + " . $cfg["tab"]["cat_tree"] . " AS B, + " . $cfg["tab"]["cat"] . " AS C, + " . $cfg["tab"]["cat_lang"] . " AS D, + " . $cfg["tab"]["art_lang"] . " AS E WHERE A.idcat=B.idcat AND B.idcat=C.idcat AND D.startidartlang = E.idartlang AND - D.idlang='".Contenido_Security::toInteger($lang)."' AND + D.idlang='" . Contenido_Security::toInteger($lang) . "' AND E.idart=A.idart AND - E.idlang='".Contenido_Security::toInteger($lang)."' AND - idclient='".Contenido_Security::toInteger($client)."' + E.idlang='" . Contenido_Security::toInteger($lang) . "' AND + idclient='" . Contenido_Security::toInteger($client) . "' ORDER BY idtree ASC"; } @@ -316,40 +295,34 @@ if (!$idcatart) $idart = $db->f("idart"); $idcat = $db->f("idcat"); } else { - if($contenido) { + if ($contenido) { cInclude("includes", "functions.i18n.php"); die(i18n("No start article for this category")); } else { - if($error == 1) { + if ($error == 1) { die("Fatal error: Could not display error page. Error to display was: 'No start article in this category'"); } else { header($errsite); - exit; + exit; } } } } else { $idart = -1; - if ($cfg["is_start_compatible"] == true) - { - $sql = "SELECT idart FROM ".$cfg["tab"]["cat_art"]." WHERE idcat='".Contenido_Security::toInteger($idcat)."' AND is_start='1'"; + if ($cfg["is_start_compatible"] == true) { + $sql = "SELECT idart FROM " . $cfg["tab"]["cat_art"] . " WHERE idcat='" . Contenido_Security::toInteger($idcat) . "' AND is_start='1'"; $db->query($sql); - if ($db->next_record()) - { + if ($db->next_record()) { $idart = $db->f("idart"); } - } - else - { - $sql = "SELECT startidartlang FROM ".$cfg["tab"]["cat_lang"]." WHERE idcat='".Contenido_Security::toInteger($idcat)."' AND idlang='".Contenido_Security::toInteger($lang)."'"; + } else { + $sql = "SELECT startidartlang FROM " . $cfg["tab"]["cat_lang"] . " WHERE idcat='" . Contenido_Security::toInteger($idcat) . "' AND idlang='" . Contenido_Security::toInteger($lang) . "'"; $db->query($sql); - if ($db->next_record()) - { - if ($db->f("startidartlang") != 0) - { - $sql = "SELECT idart FROM ".$cfg["tab"]["art_lang"]." WHERE idartlang='".Contenido_Security::toInteger($db->f("startidartlang"))."'"; + if ($db->next_record()) { + if ($db->f("startidartlang") != 0) { + $sql = "SELECT idart FROM " . $cfg["tab"]["art_lang"] . " WHERE idartlang='" . Contenido_Security::toInteger($db->f("startidartlang")) . "'"; $db->query($sql); $db->next_record(); $idart = $db->f("idart"); @@ -357,36 +330,26 @@ if (!$idcatart) } } - if ($idart != -1) - { - } - else - { + if ($idart != -1) { + + } else { // error message in backend - if ($contenido) - { + if ($contenido) { cInclude("includes", "functions.i18n.php"); die(i18n("No start article for this category")); - } - else - { - if ($error == 1) - { + } else { + if ($error == 1) { echo "Fatal error: Could not display error page. Error to display was: 'No start article in this category'"; - } - else - { + } else { header($errsite); - exit; + exit; } } } } } -} -else -{ - $sql = "SELECT idcat, idart FROM ".$cfg["tab"]["cat_art"]." WHERE idcatart='".Contenido_Security::toInteger($idcatart)."'"; +} else { + $sql = "SELECT idcat, idart FROM " . $cfg["tab"]["cat_art"] . " WHERE idcatart='" . Contenido_Security::toInteger($idcatart) . "'"; $db->query($sql); $db->next_record(); @@ -396,9 +359,8 @@ else } /* Get idcatart */ -if (0 != $idart && 0 != $idcat) -{ - $sql = "SELECT idcatart FROM ".$cfg["tab"]["cat_art"]." WHERE idart = '".Contenido_Security::toInteger($idart)."' AND idcat = '".Contenido_Security::toInteger($idcat)."'"; +if (0 != $idart && 0 != $idcat) { + $sql = "SELECT idcatart FROM " . $cfg["tab"]["cat_art"] . " WHERE idart = '" . Contenido_Security::toInteger($idart) . "' AND idcat = '" . Contenido_Security::toInteger($idcat) . "'"; $db->query($sql); $db->next_record(); @@ -408,10 +370,9 @@ if (0 != $idart && 0 != $idcat) $idartlang = getArtLang($idart, $lang); -if ($idartlang === false) -{ +if ($idartlang === false) { header($errsite); - exit; + exit; } /* @@ -427,8 +388,6 @@ if ($cfg["cache"]["disable"] != '1') { $oCacheHandler->start($iStartTime); // $iStartTime ist optional und ist die startzeit des scriptes, z. b. am anfang von fron_content.php } // END: concache - - ############################################## # BACKEND / FRONTEND EDITING ############################################## @@ -443,44 +402,39 @@ if ($cfg["cache"]["disable"] != '1') { * The reason is to avoid cross-site scripting errors in the backend, if the backend domain differs from * the frontend domain. */ -if ($contenido) -{ +if ($contenido) { $perm->load_permissions(); /* Change mode edit / view */ - if (isset ($changeview)) - { + if (isset($changeview)) { $sess->register("view"); $view = $changeview; } $col = new InUseCollection; - if ($overrideid != "" && $overridetype != "") - { + if ($overrideid != "" && $overridetype != "") { $col->removeItemMarks($overridetype, $overrideid); } /* Remove all own marks */ $col->removeSessionMarks($sess->id); /* If the override flag is set, override a specific InUseItem */ - list ($inUse, $message) = $col->checkAndMark("article", $idartlang, true, i18n("Article is in use by %s (%s)"), true, $cfg['path']['contenido_fullhtml']."external/backendedit/front_content.php?changeview=edit&action=con_editart&idartlang=$idartlang&type=$type&typenr=$typenr&idart=$idart&idcat=$idcat&idcatart=$idcatart&client=$client&lang=$lang"); + list ($inUse, $message) = $col->checkAndMark("article", $idartlang, true, i18n("Article is in use by %s (%s)"), true, $cfg['path']['contenido_fullhtml'] . "external/backendedit/front_content.php?changeview=edit&action=con_editart&idartlang=$idartlang&type=$type&typenr=$typenr&idart=$idart&idcat=$idcat&idcatart=$idcatart&client=$client&lang=$lang"); $sHtmlInUse = ''; $sHtmlInUseMessage = ''; - if ($inUse == true) - { + if ($inUse == true) { $disabled = 'disabled="disabled"'; - $sHtmlInUseCss = ''; + $sHtmlInUseCss = ''; $sHtmlInUseMessage = $message; } - $sql = "SELECT locked FROM ".$cfg["tab"]["art_lang"]." WHERE idart='".Contenido_Security::toInteger($idart)."' AND idlang = '".Contenido_Security::toInteger($lang)."'"; + $sql = "SELECT locked FROM " . $cfg["tab"]["art_lang"] . " WHERE idart='" . Contenido_Security::toInteger($idart) . "' AND idlang = '" . Contenido_Security::toInteger($lang) . "'"; $db->query($sql); $db->next_record(); $locked = $db->f("locked"); - if ($locked == 1) - { + if ($locked == 1) { $inUse = true; $disabled = 'disabled="disabled"'; } @@ -488,47 +442,40 @@ if ($contenido) // CEC to check if the user has permission to edit articles in this category CEC_Hook::setBreakCondition(false, true); // break at "false", default value "true" $allow = CEC_Hook::executeWhileBreakCondition( - 'Contenido.Frontend.AllowEdit', $lang, $idcat, $idart, $auth->auth['uid'] + 'Contenido.Frontend.AllowEdit', $lang, $idcat, $idart, $auth->auth['uid'] ); - if ($perm->have_perm_area_action_item("con_editcontent", "con_editart", $idcat) && $inUse == false && $allow == true) - { + if ($perm->have_perm_area_action_item("con_editcontent", "con_editart", $idcat) && $inUse == false && $allow == true) { /* Create buttons for editing */ $edit_preview = ''; - if ($view == "edit") - { + if ($view == "edit") { $edit_preview = ''; - } - else - { + } else { $edit_preview = ''; } /* Display articles */ - if ($cfg["is_start_compatible"] == true) - { - $sql = "SELECT idart, is_start FROM ".$cfg["tab"]["cat_art"]." WHERE idcat='".Contenido_Security::toInteger($idcat)."' ORDER BY idart"; + if ($cfg["is_start_compatible"] == true) { + $sql = "SELECT idart, is_start FROM " . $cfg["tab"]["cat_art"] . " WHERE idcat='" . Contenido_Security::toInteger($idcat) . "' ORDER BY idart"; $db->query($sql); - } - else - { - $sql = "SELECT idart FROM ".$cfg["tab"]["cat_art"]." WHERE idcat='".Contenido_Security::toInteger($idcat)."' ORDER BY idart"; + } else { + $sql = "SELECT idart FROM " . $cfg["tab"]["cat_art"] . " WHERE idcat='" . Contenido_Security::toInteger($idcat) . "' ORDER BY idart"; $db->query($sql); } @@ -537,53 +484,41 @@ if ($contenido) $edit_preview .= '
- Preview + Preview - Preview + Preview
- Preview + Preview - Edit + Edit
Articles in category:
'; - while ($db->next_record() && ($db->affected_rows() != 1)) - { + while ($db->next_record() && ($db->affected_rows() != 1)) { $class = "font-family:'Verdana'; font-size:10; color:#000000; text-decoration: underline; font-weight:normal"; - if (!isset ($idart)) - { - if (isStartArticle(getArtLang($idart, $lang), $idcat, $lang)) - { + if (!isset($idart)) { + if (isStartArticle(getArtLang($idart, $lang), $idcat, $lang)) { $class = "font-family: verdana; font-size:10; color:#000000; text-decoration: underline ;font-weight:bold"; } - } - else - { - if ($idart == $db->f("idart")) - { + } else { + if ($idart == $db->f("idart")) { $class = "font-family: verdana; font-size:10; color:#000000; text-decoration: underline; font-weight:bold"; } } - $edit_preview .= "url("front_content.php?idart=".$db->f("idart")."&idcat=$idcat")."\">$a "; - $a ++; + $edit_preview .= "url("front_content.php?idart=" . $db->f("idart") . "&idcat=$idcat") . "\">$a "; + $a++; } $edit_preview .= '
'; - } - } // end if $contenido /* If mode is 'edit' and user has permission to edit articles in the current category */ -if ($inUse == false && $allow == true && $view == "edit" && ($perm->have_perm_area_action_item("con_editcontent", "con_editart", $idcat))) -{ +if ($inUse == false && $allow == true && $view == "edit" && ($perm->have_perm_area_action_item("con_editcontent", "con_editart", $idcat))) { cInclude("includes", "functions.tpl.php"); cInclude("includes", "functions.con.php"); - include ($cfg["path"]["contenido"].$cfg["path"]["includes"]."include.con_editcontent.php"); -} -else -{ + include ($cfg["path"]["contenido"] . $cfg["path"]["includes"] . "include.con_editcontent.php"); +} else { ############################################## # FRONTEND VIEW ############################################## /* Mark submenuitem 'Preview' in the Contenido Backend (Area: Contenido --> Articles --> Preview) */ - if ($contenido) - { + if ($contenido) { $markscript = markSubMenuItem(4, true); } @@ -593,10 +528,10 @@ else $sql = "SELECT createcode FROM - ".$cfg["tab"]["cat_art"]." + " . $cfg["tab"]["cat_art"] . " WHERE - idcat = '".Contenido_Security::toInteger($idcat)."' AND - idart = '".Contenido_Security::toInteger($idart)."'"; + idcat = '" . Contenido_Security::toInteger($idcat) . "' AND + idart = '" . Contenido_Security::toInteger($idart) . "'"; $db->query($sql); $db->next_record(); @@ -606,44 +541,36 @@ else ############################################## /* Check if code is expired, create new code if needed */ - if($db->f("createcode") == 0 && $force == 0 && $cfg['dceModEdit']['use'] !== true && $cfg['dceLayEdit']['use'] !== true) { - $sql = "SELECT code FROM ".$cfg["tab"]["code"]." WHERE idcatart = '".Contenido_Security::toInteger($idcatart)."' AND idlang = '".Contenido_Security::toInteger($lang)."'"; + if ($db->f("createcode") == 0 && $force == 0 && $cfg['dceModEdit']['use'] !== true && $cfg['dceLayEdit']['use'] !== true) { + $sql = "SELECT code FROM " . $cfg["tab"]["code"] . " WHERE idcatart = '" . Contenido_Security::toInteger($idcatart) . "' AND idlang = '" . Contenido_Security::toInteger($lang) . "'"; $db->query($sql); - if ($db->num_rows() == 0) - { + if ($db->num_rows() == 0) { /* Include here for performance reasons */ cInclude("includes", "functions.tpl.php"); conGenerateCode($idcat, $idart, $lang, $client); - $sql = "SELECT code FROM ".$cfg["tab"]["code"]." WHERE idcatart = '".Contenido_Security::toInteger($idcatart)."' AND idlang = '".Contenido_Security::toInteger($lang)."'"; + $sql = "SELECT code FROM " . $cfg["tab"]["code"] . " WHERE idcatart = '" . Contenido_Security::toInteger($idcatart) . "' AND idlang = '" . Contenido_Security::toInteger($lang) . "'"; $db->query($sql); } - if ($db->next_record()) - { + if ($db->next_record()) { $code = stripslashes($db->f("code")); - } - else - { + } else { if ($contenido) $code = "echo \"No code available.\";"; - else - { - if ($error == 1) - { + else { + if ($error == 1) { echo "Fatal error: Could not display error page. Error to display was: 'No code available'"; - } - else - { + } else { header($errsite); - exit; + exit; } } } } else { - $sql = "DELETE FROM ".$cfg["tab"]["code"]." WHERE idcatart = '".Contenido_Security::toInteger($idcatart)."'"; + $sql = "DELETE FROM " . $cfg["tab"]["code"] . " WHERE idcatart = '" . Contenido_Security::toInteger($idcatart) . "'"; $db->query($sql); cInclude("includes", "functions.con.php"); @@ -652,7 +579,7 @@ else conGenerateCode($idcat, $idart, $lang, $client); - $sql = "SELECT code FROM ".$cfg["tab"]["code"]." WHERE idcatart = '".Contenido_Security::toInteger($idcatart)."' AND idlang = '".Contenido_Security::toInteger($lang)."'"; + $sql = "SELECT code FROM " . $cfg["tab"]["code"] . " WHERE idcatart = '" . Contenido_Security::toInteger($idcatart) . "' AND idlang = '" . Contenido_Security::toInteger($lang) . "'"; $db->query($sql); $db->next_record(); @@ -670,7 +597,7 @@ else } /* Check if category is public */ - $sql = "SELECT public FROM ".$cfg["tab"]["cat_lang"]." WHERE idcat='".Contenido_Security::toInteger($idcat)."' AND idlang='".Contenido_Security::toInteger($lang)."'"; + $sql = "SELECT public FROM " . $cfg["tab"]["cat_lang"] . " WHERE idcat='" . Contenido_Security::toInteger($idcat) . "' AND idlang='" . Contenido_Security::toInteger($lang) . "'"; $db->query($sql); $db->next_record(); @@ -680,80 +607,68 @@ else ############################################## # protected categories ############################################## - if ($public == 0) - { - if ($auth->auth["uid"] == "nobody") - { - $sql = "SELECT user_id, value FROM ".$cfg["tab"]["user_prop"]." WHERE type='frontend' and name='allowed_ip'"; + if ($public == 0) { + if ($auth->auth["uid"] == "nobody") { + $sql = "SELECT user_id, value FROM " . $cfg["tab"]["user_prop"] . " WHERE type='frontend' and name='allowed_ip'"; $db->query($sql); - while ($db->next_record()) - { + while ($db->next_record()) { $user_id = $db->f("user_id"); $range = urldecode($db->f("value")); $slash = strpos($range, "/"); - if ($slash == false) - { + if ($slash == false) { $netmask = "255.255.255.255"; $network = $range; - } - else - { + } else { $network = substr($range, 0, $slash); - $netmask = substr($range, $slash +1, strlen($range) - $slash -1); + $netmask = substr($range, $slash + 1, strlen($range) - $slash - 1); } - if (IP_match($network, $netmask, $_SERVER["REMOTE_ADDR"])) - { + if (IP_match($network, $netmask, $_SERVER["REMOTE_ADDR"])) { $sql = "SELECT idright - FROM ".$cfg["tab"]["rights"]." AS A, - ".$cfg["tab"]["actions"]." AS B, - ".$cfg["tab"]["area"]." AS C - WHERE B.name = 'front_allow' AND C.name = 'str' AND A.user_id = '".Contenido_Security::escapeDB($user_id, $db2)."' AND A.idcat = '".Contenido_Security::toInteger($idcat)."' + FROM " . $cfg["tab"]["rights"] . " AS A, + " . $cfg["tab"]["actions"] . " AS B, + " . $cfg["tab"]["area"] . " AS C + WHERE B.name = 'front_allow' AND C.name = 'str' AND A.user_id = '" . Contenido_Security::escapeDB($user_id, $db2) . "' AND A.idcat = '" . Contenido_Security::toInteger($idcat) . "' AND A.idarea = C.idarea AND B.idaction = A.idaction"; $db2 = new DB_Contenido; $db2->query($sql); - if ($db2->num_rows() > 0) - { + if ($db2->num_rows() > 0) { $auth->auth["uid"] = $user_id; $validated = 1; } } } - if ($validated != 1) - { + if ($validated != 1) { // CEC to check category access CEC_Hook::setBreakCondition(true, false); // break at "true", default value "false" $allow = CEC_Hook::executeWhileBreakCondition( - 'Contenido.Frontend.CategoryAccess', $lang, $idcat, $auth->auth['uid'] + 'Contenido.Frontend.CategoryAccess', $lang, $idcat, $auth->auth['uid'] ); $auth->login_if(!$allow); } - } - else - { + } else { // CEC to check category access CEC_Hook::setBreakCondition(true, false); // break at "true", default value "false" $allow = CEC_Hook::executeWhileBreakCondition( - 'Contenido.Frontend.CategoryAccess', $lang, $idcat, $auth->auth['uid'] + 'Contenido.Frontend.CategoryAccess', $lang, $idcat, $auth->auth['uid'] ); /* - added 2008-11-18 Timo Trautmann - in backendeditmode also check if logged in backenduser has permission to view preview of page - */ + added 2008-11-18 Timo Trautmann + in backendeditmode also check if logged in backenduser has permission to view preview of page + */ if ($allow == false && $contenido && $perm->have_perm_area_action_item("con_editcontent", "con_editart", $idcat)) { $allow = true; } - if (!$allow) - { + if (!$allow) { header($errsite); - exit; + exit; } } } @@ -767,24 +682,18 @@ else /* * Check if an article is start article of the category */ - if ($cfg["is_start_compatible"] == true) - { - $sql = "SELECT is_start FROM ".$cfg["tab"]["cat_art"]." WHERE idcatart='".Contenido_Security::toInteger($idcatart)."'"; + if ($cfg["is_start_compatible"] == true) { + $sql = "SELECT is_start FROM " . $cfg["tab"]["cat_art"] . " WHERE idcatart='" . Contenido_Security::toInteger($idcatart) . "'"; $db->query($sql); $db->next_record(); $isstart = $db->f("is_start"); - } - else - { - $sql = "SELECT startidartlang FROM ".$cfg["tab"]["cat_lang"]." WHERE idcat='".Contenido_Security::toInteger($idcat)."' AND idlang = '".Contenido_Security::toInteger($lang)."'"; + } else { + $sql = "SELECT startidartlang FROM " . $cfg["tab"]["cat_lang"] . " WHERE idcat='" . Contenido_Security::toInteger($idcat) . "' AND idlang = '" . Contenido_Security::toInteger($lang) . "'"; $db->query($sql); $db->next_record(); - if ($db->f("idartlang") == $idartlang) - { + if ($db->f("idartlang") == $idartlang) { $isstart = 1; - } - else - { + } else { $isstart = 0; } } @@ -792,18 +701,15 @@ else ############################################## # time management ############################################## - $sql = "SELECT timemgmt FROM ".$cfg["tab"]["art_lang"]." WHERE idart='".Contenido_Security::toInteger($idart)."' AND idlang = '".Contenido_Security::toInteger($lang)."'"; + $sql = "SELECT timemgmt FROM " . $cfg["tab"]["art_lang"] . " WHERE idart='" . Contenido_Security::toInteger($idart) . "' AND idlang = '" . Contenido_Security::toInteger($lang) . "'"; $db->query($sql); $db->next_record(); - if (($db->f("timemgmt") == "1") && ($isstart != 1)) - { - $sql = "SELECT online, redirect, redirect_url FROM ".$cfg["tab"]["art_lang"]." WHERE idart='".Contenido_Security::toInteger($idart)."' AND idlang = '".Contenido_Security::toInteger($lang)."' + if (($db->f("timemgmt") == "1") && ($isstart != 1)) { + $sql = "SELECT online, redirect, redirect_url FROM " . $cfg["tab"]["art_lang"] . " WHERE idart='" . Contenido_Security::toInteger($idart) . "' AND idlang = '" . Contenido_Security::toInteger($lang) . "' AND NOW() > datestart AND NOW() < dateend"; - } - else - { - $sql = "SELECT online, redirect, redirect_url FROM ".$cfg["tab"]["art_lang"]." WHERE idart='".Contenido_Security::toInteger($idart)."' AND idlang = '".Contenido_Security::toInteger($lang)."'"; + } else { + $sql = "SELECT online, redirect, redirect_url FROM " . $cfg["tab"]["art_lang"] . " WHERE idart='" . Contenido_Security::toInteger($idart) . "' AND idlang = '" . Contenido_Security::toInteger($lang) . "'"; } $db->query($sql); @@ -813,15 +719,14 @@ else $redirect = $db->f("redirect"); $redirect_url = $db->f("redirect_url"); - @ eval ("\$"."redirect_url = \"$redirect_url\";"); // transform variables + @ eval("\$" . "redirect_url = \"$redirect_url\";"); // transform variables $insert_base = getEffectiveSetting('generator', 'basehref', "true"); /* * generate base url */ - if ($insert_base == "true") - { + if ($insert_base == "true") { $is_XHTML = getEffectiveSetting('generator', 'xhtml', "false"); $str_base_uri = $cfgClient[$client]["path"]["htmlpath"]; @@ -830,21 +735,19 @@ else $str_base_uri = CEC_Hook::executeAndReturn('Contenido.Frontend.BaseHrefGeneration', $str_base_uri); if ($is_XHTML == "true") { - $baseCode = ''; + $baseCode = ''; } else { - $baseCode = ''; + $baseCode = ''; } - $code = str_ireplace_once("", "\n".$baseCode, $code); + $code = str_ireplace_once("", "\n" . $baseCode, $code); } /* * Handle online (offline) articles */ - if ($online) - { - if ($redirect == '1' && $redirect_url != '') - { + if ($online) { + if ($redirect == '1' && $redirect_url != '') { page_close(); /* * Redirect to the URL defined in article properties @@ -860,12 +763,9 @@ else } header("Location: $redirect_url"); exit; - } - else - { - if ($cfg["debug"]["codeoutput"]) - { - echo ""; + } else { + if ($cfg["debug"]["codeoutput"]) { + echo ""; } /* @@ -876,11 +776,11 @@ else $aExclude = explode(',', getEffectiveSetting('frontend.no_outputbuffer', 'idart', '')); if (in_array(Contenido_Security::toInteger($idart), $aExclude)) { - eval ("?>\n".$code."\n\n" . $code . "\n\n".$code."\n\n" . $code . "\n\n".$code."\n\n" . $code . "\n