ConLite
/
ConLite
1
0
Fork 0
Code Issues 22 Pull-Requests Projekte 2 Releases 2 Wiki Aktivität

clean up

Dieser Commit ist enthalten in:
o.pinke 2020-07-07 13:13:19 +02:00
Ursprung a7bab04278
Commit d2ccd7c3a9
1 geänderte Dateien mit 181 neuen und 292 gelöschten Zeilen
Statistiken anzeigen Patch-Datei herunterladen Vergleichs-Datei herunterladen Alle Dateien ausklappen Alle Dateien einklappen

291
cms/front_content.php
Datei anzeigen

@ -1,4 +1,5 @@
<?php <?php
/** /**
* Project: * Project:
* Contenido Content Management System * Contenido Content Management System
@ -42,7 +43,6 @@
* @link http://www.contenido.org * @link http://www.contenido.org
* @since file available since contenido release <= 4.6 * @since file available since contenido release <= 4.6
*/ */
if (!defined("CON_FRAMEWORK")) { if (!defined("CON_FRAMEWORK")) {
define("CON_FRAMEWORK", true); define("CON_FRAMEWORK", true);
} }
@ -59,8 +59,7 @@ cInclude("includes", "functions.con2.php");
cInclude("includes", "functions.api.php"); cInclude("includes", "functions.api.php");
cInclude("includes", "functions.pathresolver.php"); cInclude("includes", "functions.pathresolver.php");
if ($cfg["use_pseudocron"] == true) if ($cfg["use_pseudocron"] == true) {
{
/* Include cronjob-Emulator */ /* Include cronjob-Emulator */
$oldpwd = getcwd(); $oldpwd = getcwd();
chdir($cfg["path"]["contenido"] . $cfg["path"]["cronjobs"]); chdir($cfg["path"]["contenido"] . $cfg["path"]["cronjobs"]);
@ -73,14 +72,11 @@ if ($cfg["use_pseudocron"] == true)
* PHPLIB application development toolkit * PHPLIB application development toolkit
* @see http://sourceforge.net/projects/phplib * @see http://sourceforge.net/projects/phplib
*/ */
if ($contenido) if ($contenido) {
{
//Backend //Backend
page_open(array('sess' => 'Contenido_Session', 'auth' => 'Contenido_Challenge_Crypt_Auth', 'perm' => 'Contenido_Perm')); page_open(array('sess' => 'Contenido_Session', 'auth' => 'Contenido_Challenge_Crypt_Auth', 'perm' => 'Contenido_Perm'));
i18nInit($cfg["path"]["contenido"] . $cfg["path"]["locale"], $belang); i18nInit($cfg["path"]["contenido"] . $cfg["path"]["locale"], $belang);
} } else {
else
{
//Frontend //Frontend
page_open(array('sess' => 'Contenido_Frontend_Session', 'auth' => 'Contenido_Frontend_Challenge_Crypt_Auth', 'perm' => 'Contenido_Perm')); page_open(array('sess' => 'Contenido_Frontend_Session', 'auth' => 'Contenido_Frontend_Challenge_Crypt_Auth', 'perm' => 'Contenido_Perm'));
} }
@ -106,8 +102,7 @@ $sess->register("errsite_idcat");
$sess->register("errsite_idart"); $sess->register("errsite_idart");
$sess->register("encoding"); $sess->register("encoding");
if ($cfgClient["set"] != "set") if ($cfgClient["set"] != "set") {
{
rereadClients(); rereadClients();
} }
@ -127,8 +122,7 @@ if ($_GET['action'] == 'get_compressed') {
// Call hook after plugins are loaded, added by Murat Purc, 2008-09-07 // Call hook after plugins are loaded, added by Murat Purc, 2008-09-07
CEC_Hook::execute('Contenido.Frontend.AfterLoadPlugins'); CEC_Hook::execute('Contenido.Frontend.AfterLoadPlugins');
if (!isset($encoding) || !is_array($encoding) || count($encoding) == 0) if (!isset($encoding) || !is_array($encoding) || count($encoding) == 0) {
{
// get encodings of all languages // get encodings of all languages
$encoding = array(); $encoding = array();
$sql = "SELECT idlang, encoding FROM " . $cfg["tab"]["lang"]; $sql = "SELECT idlang, encoding FROM " . $cfg["tab"]["lang"];
@ -175,11 +169,12 @@ if (!isset($lang)) {
} }
} }
if (!$sess->is_registered("lang") ) $sess->register("lang"); if (!$sess->is_registered("lang"))
if (!$sess->is_registered("client") ) $sess->register("client"); $sess->register("lang");
if (!$sess->is_registered("client"))
$sess->register("client");
if (isset ($username)) if (isset($username)) {
{
$auth->login_if(true); $auth->login_if(true);
} }
@ -192,8 +187,7 @@ header("Content-Type: text/html; charset={$encoding[$lang]}");
* if http global logout is set e.g. front_content.php?logout=true * if http global logout is set e.g. front_content.php?logout=true
* log out the current user. * log out the current user.
*/ */
if (isset ($logout)) if (isset($logout)) {
{
$auth->logout(true); $auth->logout(true);
$auth->unauth(true); $auth->unauth(true);
$auth->auth["uname"] = "nobody"; $auth->auth["uname"] = "nobody";
@ -202,8 +196,7 @@ if (isset ($logout))
/* /*
* local configuration * local configuration
*/ */
if (file_exists("config.local.php")) if (file_exists("config.local.php")) {
{
@ include ("config.local.php"); @ include ("config.local.php");
} }
@ -211,25 +204,19 @@ if (file_exists("config.local.php"))
* If the path variable was passed, try to resolve it to a Category Id * If the path variable was passed, try to resolve it to a Category Id
* e.g. front_content.php?path=/company/products/ * e.g. front_content.php?path=/company/products/
*/ */
if (isset($path) && strlen($path) > 1) if (isset($path) && strlen($path) > 1) {
{
/* Which resolve method is configured? */ /* Which resolve method is configured? */
if ($cfg["urlpathresolve"] == true) if ($cfg["urlpathresolve"] == true) {
{
$iLangCheck = 0; $iLangCheck = 0;
$idcat = prResolvePathViaURLNames($path, $iLangCheck); $idcat = prResolvePathViaURLNames($path, $iLangCheck);
} else {
}
else
{
$iLangCheck = 0; $iLangCheck = 0;
$idcat = prResolvePathViaCategoryNames($path, $iLangCheck); $idcat = prResolvePathViaCategoryNames($path, $iLangCheck);
if (($lang != $iLangCheck) && ((int) $iLangCheck != 0)) { if (($lang != $iLangCheck) && ((int) $iLangCheck != 0)) {
$lang = $iLangCheck; $lang = $iLangCheck;
} }
} }
} }
@ -246,14 +233,12 @@ $errsite = 'Location: ' . Contenido_Url::getInstance()->buildRedirect($aParams);
* Note: These variables can be set via http globals e.g. front_content.php?idcat=41&idart=34&idcatart=35&idartlang=42 * Note: These variables can be set via http globals e.g. front_content.php?idcat=41&idart=34&idcatart=35&idartlang=42
* If not the values will be computed. * If not the values will be computed.
*/ */
if ($idart && !$idcat && !$idcatart) if ($idart && !$idcat && !$idcatart) {
{
/* Try to fetch the first idcat */ /* Try to fetch the first idcat */
$sql = "SELECT idcat FROM " . $cfg["tab"]["cat_art"] . " WHERE idart = '" . Contenido_Security::toInteger($idart) . "'"; $sql = "SELECT idcat FROM " . $cfg["tab"]["cat_art"] . " WHERE idart = '" . Contenido_Security::toInteger($idart) . "'";
$db->query($sql); $db->query($sql);
if ($db->next_record()) if ($db->next_record()) {
{
$idcat = $db->f("idcat"); $idcat = $db->f("idcat");
} }
} }
@ -261,16 +246,12 @@ if ($idart && !$idcat && !$idcatart)
unset($code); unset($code);
unset($markscript); unset($markscript);
if (!$idcatart) if (!$idcatart) {
{ if (!$idart) {
if (!$idart) if (!$idcat) {
{
if (!$idcat)
{
# Note: In earlier Contenido versions the information if an article is startarticle of a category has been stored # Note: In earlier Contenido versions the information if an article is startarticle of a category has been stored
# in relation con_cat_art. # in relation con_cat_art.
if ($cfg["is_start_compatible"] == true) if ($cfg["is_start_compatible"] == true) {
{
$sql = "SELECT $sql = "SELECT
idart, idart,
B.idcat B.idcat
@ -285,9 +266,7 @@ if (!$idcatart)
idclient='" . Contenido_Security::toInteger($client) . "' idclient='" . Contenido_Security::toInteger($client) . "'
ORDER BY ORDER BY
idtree ASC"; idtree ASC";
} } else {
else
{
# Note: Now the information if an article is startarticle of a category is stored in relation con_cat_lang. # Note: Now the information if an article is startarticle of a category is stored in relation con_cat_lang.
$sql = "SELECT $sql = "SELECT
A.idart, A.idart,
@ -330,25 +309,19 @@ if (!$idcatart)
} }
} else { } else {
$idart = -1; $idart = -1;
if ($cfg["is_start_compatible"] == true) if ($cfg["is_start_compatible"] == true) {
{
$sql = "SELECT idart FROM " . $cfg["tab"]["cat_art"] . " WHERE idcat='" . Contenido_Security::toInteger($idcat) . "' AND is_start='1'"; $sql = "SELECT idart FROM " . $cfg["tab"]["cat_art"] . " WHERE idcat='" . Contenido_Security::toInteger($idcat) . "' AND is_start='1'";
$db->query($sql); $db->query($sql);
if ($db->next_record()) if ($db->next_record()) {
{
$idart = $db->f("idart"); $idart = $db->f("idart");
} }
} } else {
else
{
$sql = "SELECT startidartlang FROM " . $cfg["tab"]["cat_lang"] . " WHERE idcat='" . Contenido_Security::toInteger($idcat) . "' AND idlang='" . Contenido_Security::toInteger($lang) . "'"; $sql = "SELECT startidartlang FROM " . $cfg["tab"]["cat_lang"] . " WHERE idcat='" . Contenido_Security::toInteger($idcat) . "' AND idlang='" . Contenido_Security::toInteger($lang) . "'";
$db->query($sql); $db->query($sql);
if ($db->next_record()) if ($db->next_record()) {
{ if ($db->f("startidartlang") != 0) {
if ($db->f("startidartlang") != 0)
{
$sql = "SELECT idart FROM " . $cfg["tab"]["art_lang"] . " WHERE idartlang='" . Contenido_Security::toInteger($db->f("startidartlang")) . "'"; $sql = "SELECT idart FROM " . $cfg["tab"]["art_lang"] . " WHERE idartlang='" . Contenido_Security::toInteger($db->f("startidartlang")) . "'";
$db->query($sql); $db->query($sql);
$db->next_record(); $db->next_record();
@ -357,25 +330,17 @@ if (!$idcatart)
} }
} }
if ($idart != -1) if ($idart != -1) {
{
} } else {
else
{
// error message in backend // error message in backend
if ($contenido) if ($contenido) {
{
cInclude("includes", "functions.i18n.php"); cInclude("includes", "functions.i18n.php");
die(i18n("No start article for this category")); die(i18n("No start article for this category"));
} } else {
else if ($error == 1) {
{
if ($error == 1)
{
echo "Fatal error: Could not display error page. Error to display was: 'No start article in this category'"; echo "Fatal error: Could not display error page. Error to display was: 'No start article in this category'";
} } else {
else
{
header($errsite); header($errsite);
exit; exit;
} }
@ -383,9 +348,7 @@ if (!$idcatart)
} }
} }
} }
} } else {
else
{
$sql = "SELECT idcat, idart FROM " . $cfg["tab"]["cat_art"] . " WHERE idcatart='" . Contenido_Security::toInteger($idcatart) . "'"; $sql = "SELECT idcat, idart FROM " . $cfg["tab"]["cat_art"] . " WHERE idcatart='" . Contenido_Security::toInteger($idcatart) . "'";
$db->query($sql); $db->query($sql);
@ -396,8 +359,7 @@ else
} }
/* Get idcatart */ /* Get idcatart */
if (0 != $idart && 0 != $idcat) if (0 != $idart && 0 != $idcat) {
{
$sql = "SELECT idcatart FROM " . $cfg["tab"]["cat_art"] . " WHERE idart = '" . Contenido_Security::toInteger($idart) . "' AND idcat = '" . Contenido_Security::toInteger($idcat) . "'"; $sql = "SELECT idcatart FROM " . $cfg["tab"]["cat_art"] . " WHERE idart = '" . Contenido_Security::toInteger($idart) . "' AND idcat = '" . Contenido_Security::toInteger($idcat) . "'";
$db->query($sql); $db->query($sql);
@ -408,8 +370,7 @@ if (0 != $idart && 0 != $idcat)
$idartlang = getArtLang($idart, $lang); $idartlang = getArtLang($idart, $lang);
if ($idartlang === false) if ($idartlang === false) {
{
header($errsite); header($errsite);
exit; exit;
} }
@ -427,8 +388,6 @@ if ($cfg["cache"]["disable"] != '1') {
$oCacheHandler->start($iStartTime); // $iStartTime ist optional und ist die startzeit des scriptes, z. b. am anfang von fron_content.php $oCacheHandler->start($iStartTime); // $iStartTime ist optional und ist die startzeit des scriptes, z. b. am anfang von fron_content.php
} }
// END: concache // END: concache
############################################## ##############################################
# BACKEND / FRONTEND EDITING # BACKEND / FRONTEND EDITING
############################################## ##############################################
@ -443,21 +402,18 @@ if ($cfg["cache"]["disable"] != '1') {
* The reason is to avoid cross-site scripting errors in the backend, if the backend domain differs from * The reason is to avoid cross-site scripting errors in the backend, if the backend domain differs from
* the frontend domain. * the frontend domain.
*/ */
if ($contenido) if ($contenido) {
{
$perm->load_permissions(); $perm->load_permissions();
/* Change mode edit / view */ /* Change mode edit / view */
if (isset ($changeview)) if (isset($changeview)) {
{
$sess->register("view"); $sess->register("view");
$view = $changeview; $view = $changeview;
} }
$col = new InUseCollection; $col = new InUseCollection;
if ($overrideid != "" && $overridetype != "") if ($overrideid != "" && $overridetype != "") {
{
$col->removeItemMarks($overridetype, $overrideid); $col->removeItemMarks($overridetype, $overrideid);
} }
/* Remove all own marks */ /* Remove all own marks */
@ -468,8 +424,7 @@ if ($contenido)
$sHtmlInUse = ''; $sHtmlInUse = '';
$sHtmlInUseMessage = ''; $sHtmlInUseMessage = '';
if ($inUse == true) if ($inUse == true) {
{
$disabled = 'disabled="disabled"'; $disabled = 'disabled="disabled"';
$sHtmlInUseCss = '<link rel="stylesheet" type="text/css" href="' . $cfg['path']['contenido_fullhtml'] . 'styles/inuse.css" />'; $sHtmlInUseCss = '<link rel="stylesheet" type="text/css" href="' . $cfg['path']['contenido_fullhtml'] . 'styles/inuse.css" />';
$sHtmlInUseMessage = $message; $sHtmlInUseMessage = $message;
@ -479,8 +434,7 @@ if ($contenido)
$db->query($sql); $db->query($sql);
$db->next_record(); $db->next_record();
$locked = $db->f("locked"); $locked = $db->f("locked");
if ($locked == 1) if ($locked == 1) {
{
$inUse = true; $inUse = true;
$disabled = 'disabled="disabled"'; $disabled = 'disabled="disabled"';
} }
@ -491,13 +445,11 @@ if ($contenido)
'Contenido.Frontend.AllowEdit', $lang, $idcat, $idart, $auth->auth['uid'] 'Contenido.Frontend.AllowEdit', $lang, $idcat, $idart, $auth->auth['uid']
); );
if ($perm->have_perm_area_action_item("con_editcontent", "con_editart", $idcat) && $inUse == false && $allow == true) if ($perm->have_perm_area_action_item("con_editcontent", "con_editart", $idcat) && $inUse == false && $allow == true) {
{
/* Create buttons for editing */ /* Create buttons for editing */
$edit_preview = '<table cellspacing="0" cellpadding="4" border="0">'; $edit_preview = '<table cellspacing="0" cellpadding="4" border="0">';
if ($view == "edit") if ($view == "edit") {
{
$edit_preview = '<tr> $edit_preview = '<tr>
<td width="18"> <td width="18">
<a title="Preview" style="font-family: Verdana; font-size: 10px; color: #000000; text-decoration: none" href="' . $sess->url("front_content.php?changeview=prev&idcat=$idcat&idart=$idart") . '"><img src="' . $cfg["path"]["contenido_fullhtml"] . $cfg["path"]["images"] . 'but_preview.gif" alt="Preview" title="Preview" border="0"></a> <a title="Preview" style="font-family: Verdana; font-size: 10px; color: #000000; text-decoration: none" href="' . $sess->url("front_content.php?changeview=prev&idcat=$idcat&idart=$idart") . '"><img src="' . $cfg["path"]["contenido_fullhtml"] . $cfg["path"]["images"] . 'but_preview.gif" alt="Preview" title="Preview" border="0"></a>
@ -506,9 +458,7 @@ if ($contenido)
<a title="Preview" style="font-family: Verdana; font-size: 10px; color: #000000; text-decoration: none" href="' . $sess->url("front_content.php?changeview=prev&idcat=$idcat&idart=$idart") . '">Preview</a> <a title="Preview" style="font-family: Verdana; font-size: 10px; color: #000000; text-decoration: none" href="' . $sess->url("front_content.php?changeview=prev&idcat=$idcat&idart=$idart") . '">Preview</a>
</td> </td>
</tr>'; </tr>';
} } else {
else
{
$edit_preview = '<tr> $edit_preview = '<tr>
<td width="18"> <td width="18">
<a title="Preview" style="font-family: Verdana; font-size: 10px; color: #000000; text-decoration: none" href="' . $sess->url("front_content.php?changeview=edit&idcat=$idcat&idart=$idart") . '"><img src="' . $cfg["path"]["contenido_fullhtml"] . $cfg["path"]["images"] . 'but_edit.gif" alt="Preview" title="Preview" border="0"></a> <a title="Preview" style="font-family: Verdana; font-size: 10px; color: #000000; text-decoration: none" href="' . $sess->url("front_content.php?changeview=edit&idcat=$idcat&idart=$idart") . '"><img src="' . $cfg["path"]["contenido_fullhtml"] . $cfg["path"]["images"] . 'but_edit.gif" alt="Preview" title="Preview" border="0"></a>
@ -520,14 +470,11 @@ if ($contenido)
} }
/* Display articles */ /* Display articles */
if ($cfg["is_start_compatible"] == true) if ($cfg["is_start_compatible"] == true) {
{
$sql = "SELECT idart, is_start FROM " . $cfg["tab"]["cat_art"] . " WHERE idcat='" . Contenido_Security::toInteger($idcat) . "' ORDER BY idart"; $sql = "SELECT idart, is_start FROM " . $cfg["tab"]["cat_art"] . " WHERE idcat='" . Contenido_Security::toInteger($idcat) . "' ORDER BY idart";
$db->query($sql); $db->query($sql);
} } else {
else
{
$sql = "SELECT idart FROM " . $cfg["tab"]["cat_art"] . " WHERE idcat='" . Contenido_Security::toInteger($idcat) . "' ORDER BY idart"; $sql = "SELECT idart FROM " . $cfg["tab"]["cat_art"] . " WHERE idcat='" . Contenido_Security::toInteger($idcat) . "' ORDER BY idart";
$db->query($sql); $db->query($sql);
@ -537,21 +484,15 @@ if ($contenido)
$edit_preview .= '<tr><td colspan="2"><table cellspacing="0" cellpadding="2" border="0"></tr><td style="font-family: verdana; font-size:10; color:#000000; text-decoration:none">Articles in category:<br>'; $edit_preview .= '<tr><td colspan="2"><table cellspacing="0" cellpadding="2" border="0"></tr><td style="font-family: verdana; font-size:10; color:#000000; text-decoration:none">Articles in category:<br>';
while ($db->next_record() && ($db->affected_rows() != 1)) while ($db->next_record() && ($db->affected_rows() != 1)) {
{
$class = "font-family:'Verdana'; font-size:10; color:#000000; text-decoration: underline; font-weight:normal"; $class = "font-family:'Verdana'; font-size:10; color:#000000; text-decoration: underline; font-weight:normal";
if (!isset ($idart)) if (!isset($idart)) {
{ if (isStartArticle(getArtLang($idart, $lang), $idcat, $lang)) {
if (isStartArticle(getArtLang($idart, $lang), $idcat, $lang))
{
$class = "font-family: verdana; font-size:10; color:#000000; text-decoration: underline ;font-weight:bold"; $class = "font-family: verdana; font-size:10; color:#000000; text-decoration: underline ;font-weight:bold";
} }
} } else {
else if ($idart == $db->f("idart")) {
{
if ($idart == $db->f("idart"))
{
$class = "font-family: verdana; font-size:10; color:#000000; text-decoration: underline; font-weight:bold"; $class = "font-family: verdana; font-size:10; color:#000000; text-decoration: underline; font-weight:bold";
} }
} }
@ -561,29 +502,23 @@ if ($contenido)
} }
$edit_preview .= '</td></tr></table></td></tr></table>'; $edit_preview .= '</td></tr></table></td></tr></table>';
} }
} // end if $contenido } // end if $contenido
/* If mode is 'edit' and user has permission to edit articles in the current category */ /* If mode is 'edit' and user has permission to edit articles in the current category */
if ($inUse == false && $allow == true && $view == "edit" && ($perm->have_perm_area_action_item("con_editcontent", "con_editart", $idcat))) if ($inUse == false && $allow == true && $view == "edit" && ($perm->have_perm_area_action_item("con_editcontent", "con_editart", $idcat))) {
{
cInclude("includes", "functions.tpl.php"); cInclude("includes", "functions.tpl.php");
cInclude("includes", "functions.con.php"); cInclude("includes", "functions.con.php");
include ($cfg["path"]["contenido"] . $cfg["path"]["includes"] . "include.con_editcontent.php"); include ($cfg["path"]["contenido"] . $cfg["path"]["includes"] . "include.con_editcontent.php");
} } else {
else
{
############################################## ##############################################
# FRONTEND VIEW # FRONTEND VIEW
############################################## ##############################################
/* Mark submenuitem 'Preview' in the Contenido Backend (Area: Contenido --> Articles --> Preview) */ /* Mark submenuitem 'Preview' in the Contenido Backend (Area: Contenido --> Articles --> Preview) */
if ($contenido) if ($contenido) {
{
$markscript = markSubMenuItem(4, true); $markscript = markSubMenuItem(4, true);
} }
@ -610,8 +545,7 @@ else
$sql = "SELECT code FROM " . $cfg["tab"]["code"] . " WHERE idcatart = '" . Contenido_Security::toInteger($idcatart) . "' AND idlang = '" . Contenido_Security::toInteger($lang) . "'"; $sql = "SELECT code FROM " . $cfg["tab"]["code"] . " WHERE idcatart = '" . Contenido_Security::toInteger($idcatart) . "' AND idlang = '" . Contenido_Security::toInteger($lang) . "'";
$db->query($sql); $db->query($sql);
if ($db->num_rows() == 0) if ($db->num_rows() == 0) {
{
/* Include here for performance reasons */ /* Include here for performance reasons */
cInclude("includes", "functions.tpl.php"); cInclude("includes", "functions.tpl.php");
@ -621,22 +555,15 @@ else
$db->query($sql); $db->query($sql);
} }
if ($db->next_record()) if ($db->next_record()) {
{
$code = stripslashes($db->f("code")); $code = stripslashes($db->f("code"));
} } else {
else
{
if ($contenido) if ($contenido)
$code = "echo \"No code available.\";"; $code = "echo \"No code available.\";";
else else {
{ if ($error == 1) {
if ($error == 1)
{
echo "Fatal error: Could not display error page. Error to display was: 'No code available'"; echo "Fatal error: Could not display error page. Error to display was: 'No code available'";
} } else {
else
{
header($errsite); header($errsite);
exit; exit;
} }
@ -680,33 +607,26 @@ else
############################################## ##############################################
# protected categories # protected categories
############################################## ##############################################
if ($public == 0) if ($public == 0) {
{ if ($auth->auth["uid"] == "nobody") {
if ($auth->auth["uid"] == "nobody")
{
$sql = "SELECT user_id, value FROM " . $cfg["tab"]["user_prop"] . " WHERE type='frontend' and name='allowed_ip'"; $sql = "SELECT user_id, value FROM " . $cfg["tab"]["user_prop"] . " WHERE type='frontend' and name='allowed_ip'";
$db->query($sql); $db->query($sql);
while ($db->next_record()) while ($db->next_record()) {
{
$user_id = $db->f("user_id"); $user_id = $db->f("user_id");
$range = urldecode($db->f("value")); $range = urldecode($db->f("value"));
$slash = strpos($range, "/"); $slash = strpos($range, "/");
if ($slash == false) if ($slash == false) {
{
$netmask = "255.255.255.255"; $netmask = "255.255.255.255";
$network = $range; $network = $range;
} } else {
else
{
$network = substr($range, 0, $slash); $network = substr($range, 0, $slash);
$netmask = substr($range, $slash + 1, strlen($range) - $slash - 1); $netmask = substr($range, $slash + 1, strlen($range) - $slash - 1);
} }
if (IP_match($network, $netmask, $_SERVER["REMOTE_ADDR"])) if (IP_match($network, $netmask, $_SERVER["REMOTE_ADDR"])) {
{
$sql = "SELECT idright $sql = "SELECT idright
FROM " . $cfg["tab"]["rights"] . " AS A, FROM " . $cfg["tab"]["rights"] . " AS A,
" . $cfg["tab"]["actions"] . " AS B, " . $cfg["tab"]["actions"] . " AS B,
@ -717,15 +637,13 @@ else
$db2 = new DB_Contenido; $db2 = new DB_Contenido;
$db2->query($sql); $db2->query($sql);
if ($db2->num_rows() > 0) if ($db2->num_rows() > 0) {
{
$auth->auth["uid"] = $user_id; $auth->auth["uid"] = $user_id;
$validated = 1; $validated = 1;
} }
} }
} }
if ($validated != 1) if ($validated != 1) {
{
// CEC to check category access // CEC to check category access
CEC_Hook::setBreakCondition(true, false); // break at "true", default value "false" CEC_Hook::setBreakCondition(true, false); // break at "true", default value "false"
$allow = CEC_Hook::executeWhileBreakCondition( $allow = CEC_Hook::executeWhileBreakCondition(
@ -733,9 +651,7 @@ else
); );
$auth->login_if(!$allow); $auth->login_if(!$allow);
} }
} } else {
else
{
// CEC to check category access // CEC to check category access
CEC_Hook::setBreakCondition(true, false); // break at "true", default value "false" CEC_Hook::setBreakCondition(true, false); // break at "true", default value "false"
$allow = CEC_Hook::executeWhileBreakCondition( $allow = CEC_Hook::executeWhileBreakCondition(
@ -750,8 +666,7 @@ else
$allow = true; $allow = true;
} }
if (!$allow) if (!$allow) {
{
header($errsite); header($errsite);
exit; exit;
} }
@ -767,24 +682,18 @@ else
/* /*
* Check if an article is start article of the category * Check if an article is start article of the category
*/ */
if ($cfg["is_start_compatible"] == true) if ($cfg["is_start_compatible"] == true) {
{
$sql = "SELECT is_start FROM " . $cfg["tab"]["cat_art"] . " WHERE idcatart='" . Contenido_Security::toInteger($idcatart) . "'"; $sql = "SELECT is_start FROM " . $cfg["tab"]["cat_art"] . " WHERE idcatart='" . Contenido_Security::toInteger($idcatart) . "'";
$db->query($sql); $db->query($sql);
$db->next_record(); $db->next_record();
$isstart = $db->f("is_start"); $isstart = $db->f("is_start");
} } else {
else
{
$sql = "SELECT startidartlang FROM " . $cfg["tab"]["cat_lang"] . " WHERE idcat='" . Contenido_Security::toInteger($idcat) . "' AND idlang = '" . Contenido_Security::toInteger($lang) . "'"; $sql = "SELECT startidartlang FROM " . $cfg["tab"]["cat_lang"] . " WHERE idcat='" . Contenido_Security::toInteger($idcat) . "' AND idlang = '" . Contenido_Security::toInteger($lang) . "'";
$db->query($sql); $db->query($sql);
$db->next_record(); $db->next_record();
if ($db->f("idartlang") == $idartlang) if ($db->f("idartlang") == $idartlang) {
{
$isstart = 1; $isstart = 1;
} } else {
else
{
$isstart = 0; $isstart = 0;
} }
} }
@ -796,13 +705,10 @@ else
$db->query($sql); $db->query($sql);
$db->next_record(); $db->next_record();
if (($db->f("timemgmt") == "1") && ($isstart != 1)) if (($db->f("timemgmt") == "1") && ($isstart != 1)) {
{
$sql = "SELECT online, redirect, redirect_url FROM " . $cfg["tab"]["art_lang"] . " WHERE idart='" . Contenido_Security::toInteger($idart) . "' AND idlang = '" . Contenido_Security::toInteger($lang) . "' $sql = "SELECT online, redirect, redirect_url FROM " . $cfg["tab"]["art_lang"] . " WHERE idart='" . Contenido_Security::toInteger($idart) . "' AND idlang = '" . Contenido_Security::toInteger($lang) . "'
AND NOW() > datestart AND NOW() < dateend"; AND NOW() > datestart AND NOW() < dateend";
} } else {
else
{
$sql = "SELECT online, redirect, redirect_url FROM " . $cfg["tab"]["art_lang"] . " WHERE idart='" . Contenido_Security::toInteger($idart) . "' AND idlang = '" . Contenido_Security::toInteger($lang) . "'"; $sql = "SELECT online, redirect, redirect_url FROM " . $cfg["tab"]["art_lang"] . " WHERE idart='" . Contenido_Security::toInteger($idart) . "' AND idlang = '" . Contenido_Security::toInteger($lang) . "'";
} }
@ -820,8 +726,7 @@ else
/* /*
* generate base url * generate base url
*/ */
if ($insert_base == "true") if ($insert_base == "true") {
{
$is_XHTML = getEffectiveSetting('generator', 'xhtml', "false"); $is_XHTML = getEffectiveSetting('generator', 'xhtml', "false");
$str_base_uri = $cfgClient[$client]["path"]["htmlpath"]; $str_base_uri = $cfgClient[$client]["path"]["htmlpath"];
@ -841,10 +746,8 @@ else
/* /*
* Handle online (offline) articles * Handle online (offline) articles
*/ */
if ($online) if ($online) {
{ if ($redirect == '1' && $redirect_url != '') {
if ($redirect == '1' && $redirect_url != '')
{
page_close(); page_close();
/* /*
* Redirect to the URL defined in article properties * Redirect to the URL defined in article properties
@ -860,11 +763,8 @@ else
} }
header("Location: $redirect_url"); header("Location: $redirect_url");
exit; exit;
} } else {
else if ($cfg["debug"]["codeoutput"]) {
{
if ($cfg["debug"]["codeoutput"])
{
echo "<textarea>" . clHtmlSpecialChars($code) . "</textarea>"; echo "<textarea>" . clHtmlSpecialChars($code) . "</textarea>";
} }
@ -893,24 +793,15 @@ else
// print output // print output
echo $htmlCode; echo $htmlCode;
} }
} }
} } else {
else
{
# if user is in the backend display offline articles # if user is in the backend display offline articles
if ($contenido) if ($contenido) {
{
eval("?>\n" . $code . "\n<?php\n"); eval("?>\n" . $code . "\n<?php\n");
} } else {
else if ($error == 1) {
{
if ($error == 1)
{
echo "Fatal error: Could not display error page. Error to display was: 'No contenido session variable set. Probable error cause: Start article in this category is not set on-line.'"; echo "Fatal error: Could not display error page. Error to display was: 'No contenido session variable set. Probable error cause: Start article in this category is not set on-line.'";
} } else {
else
{
header($errsite); header($errsite);
exit; exit;
} }
@ -934,13 +825,11 @@ if ($cfg["cache"]["disable"] != '1') {
/* /*
* configuration settings after the site is displayed. * configuration settings after the site is displayed.
*/ */
if (file_exists("config.after.php")) if (file_exists("config.after.php")) {
{
@ include ("config.after.php"); @ include ("config.after.php");
} }
if (isset ($savedlang)) if (isset($savedlang)) {
{
$lang = $savedlang; $lang = $savedlang;
} }