* @license http://www.contenido.org/license/LIZENZ.txt
* @link http://www.4fb.de
* @link http://www.contenido.org
* @since file available since contenido release <= 4.6
*/
if (!defined("CON_FRAMEWORK")) {
define("CON_FRAMEWORK", true);
}
$contenido_path = '';
# include the config file of the frontend to init the Client and Language Id
include_once ("config.php");
# Contenido startup process
include_once ($contenido_path . 'includes/startup.php');
cInclude("includes", "functions.con.php");
cInclude("includes", "functions.con2.php");
cInclude("includes", "functions.api.php");
cInclude("includes", "functions.pathresolver.php");
if ($cfg["use_pseudocron"] == true)
{
/* Include cronjob-Emulator */
$oldpwd = getcwd();
chdir($cfg["path"]["contenido"].$cfg["path"]["cronjobs"]);
cInclude("includes", "pseudo-cron.inc.php");
chdir($oldpwd);
}
/*
* Initialize the Database Abstraction Layer, the Session, Authentication and Permissions Handler of the
* PHPLIB application development toolkit
* @see http://sourceforge.net/projects/phplib
*/
if ($contenido)
{
//Backend
page_open(array ('sess' => 'Contenido_Session', 'auth' => 'Contenido_Challenge_Crypt_Auth', 'perm' => 'Contenido_Perm'));
i18nInit($cfg["path"]["contenido"].$cfg["path"]["locale"], $belang);
}
else
{
//Frontend
page_open(array ('sess' => 'Contenido_Frontend_Session', 'auth' => 'Contenido_Frontend_Challenge_Crypt_Auth', 'perm' => 'Contenido_Perm'));
}
/**
* Bugfix
* @see http://contenido.org/forum/viewtopic.php?t=18291
*
* added by H. Librenz (2007-12-07)
*/
//includePluginConf();
/**
* fixed bugfix - using functions brokes variable scopes!
*
* added by H. Librenz (2007-12-21) based on an idea of A. Lindner
*/
require_once $cfg['path']['contenido'] . $cfg['path']['includes'] . 'functions.includePluginConf.php';
$db = new DB_Contenido;
$sess->register("cfgClient");
$sess->register("errsite_idcat");
$sess->register("errsite_idart");
$sess->register("encoding");
if ($cfgClient["set"] != "set")
{
rereadClients();
}
# Check if this request is for a compressed file
if ($_GET['action'] == 'get_compressed') {
# Get the calling parameters
$sFilename = ((isset($_GET['f'])) ? $_GET['f'] : $_GET['amp;f']);
$sContentType = ((isset($_GET['c'])) ? $_GET['c'] : $_GET['amp;c']);
# Output the file using the class output() function
Output_Compressor::output($cfgClient[$client]['path']['frontend'] . 'cache/', $sFilename, $sContentType);
# Don't do anything else
exit();
}
// Call hook after plugins are loaded, added by Murat Purc, 2008-09-07
CEC_Hook::execute('Contenido.Frontend.AfterLoadPlugins');
if (!isset($encoding) || !is_array($encoding) || count($encoding) == 0)
{
// get encodings of all languages
$encoding = array();
$sql = "SELECT idlang, encoding FROM " . $cfg["tab"]["lang"];
$db->query($sql);
while ($db->next_record()) {
$encoding[$db->f('idlang')] = $db->f('encoding');
}
}
// Check frontend globals
// @TODO: Should be outsourced into startup process but requires a better detection (frontend or backend)
Contenido_Security::checkFrontendGlobals();
// update urlbuilder set http base path
Contenido_Url::getInstance()->getUrlBuilder()->setHttpBasePath($cfgClient[$client]['htmlpath']['frontend']);
// Initialize language
if (!isset($lang)) {
// if there is an entry load_lang in frontend/config.php use it, else use the first language of this client
if(isset($load_lang)){
// load_client is set in frontend/config.php
$lang = $load_lang;
}else{
$sql = "SELECT
B.idlang
FROM
".$cfg["tab"]["clients_lang"]." AS A,
".$cfg["tab"]["lang"]." AS B
WHERE
A.idclient='".Contenido_Security::toInteger($client)."' AND
A.idlang = B.idlang
LIMIT
0,1";
$db->query($sql);
$db->next_record();
$lang = $db->f("idlang");
}
}
if (!$sess->is_registered("lang") ) $sess->register("lang");
if (!$sess->is_registered("client") ) $sess->register("client");
if (isset ($username))
{
$auth->login_if(true);
}
/*
* Send HTTP header with encoding
*/
header("Content-Type: text/html; charset={$encoding[$lang]}");
/*
* if http global logout is set e.g. front_content.php?logout=true
* log out the current user.
*/
if (isset ($logout))
{
$auth->logout(true);
$auth->unauth(true);
$auth->auth["uname"] = "nobody";
}
/*
* local configuration
*/
if (file_exists("config.local.php"))
{
@ include ("config.local.php");
}
/*
* If the path variable was passed, try to resolve it to a Category Id
* e.g. front_content.php?path=/company/products/
*/
if (isset($path) && strlen($path) > 1)
{
/* Which resolve method is configured? */
if ($cfg["urlpathresolve"] == true)
{
$iLangCheck = 0;
$idcat = prResolvePathViaURLNames($path, $iLangCheck);
}
else
{
$iLangCheck = 0;
$idcat = prResolvePathViaCategoryNames($path, $iLangCheck);
if(($lang != $iLangCheck) && ((int)$iLangCheck != 0)){
$lang = $iLangCheck;
}
}
}
// error page
$aParams = array (
'client' => $client, 'idcat' => $errsite_idcat[$client], 'idart' => $errsite_idart[$client],
'lang' => $lang, 'error'=> '1'
);
$errsite = 'Location: ' . Contenido_Url::getInstance()->buildRedirect($aParams);
/*
* Try to initialize variables $idcat, $idart, $idcatart, $idartlang
* Note: These variables can be set via http globals e.g. front_content.php?idcat=41&idart=34&idcatart=35&idartlang=42
* If not the values will be computed.
*/
if ($idart && !$idcat && !$idcatart)
{
/* Try to fetch the first idcat */
$sql = "SELECT idcat FROM ".$cfg["tab"]["cat_art"]." WHERE idart = '".Contenido_Security::toInteger($idart)."'";
$db->query($sql);
if ($db->next_record())
{
$idcat = $db->f("idcat");
}
}
unset ($code);
unset ($markscript);
if (!$idcatart)
{
if (!$idart)
{
if (!$idcat)
{
# Note: In earlier Contenido versions the information if an article is startarticle of a category has been stored
# in relation con_cat_art.
if ($cfg["is_start_compatible"] == true)
{
$sql = "SELECT
idart,
B.idcat
FROM
".$cfg["tab"]["cat_art"]." AS A,
".$cfg["tab"]["cat_tree"]." AS B,
".$cfg["tab"]["cat"]." AS C
WHERE
A.idcat=B.idcat AND
B.idcat=C.idcat AND
is_start='1' AND
idclient='".Contenido_Security::toInteger($client)."'
ORDER BY
idtree ASC";
}
else
{
# Note: Now the information if an article is startarticle of a category is stored in relation con_cat_lang.
$sql = "SELECT
A.idart,
B.idcat
FROM
".$cfg["tab"]["cat_art"]." AS A,
".$cfg["tab"]["cat_tree"]." AS B,
".$cfg["tab"]["cat"]." AS C,
".$cfg["tab"]["cat_lang"]." AS D,
".$cfg["tab"]["art_lang"]." AS E
WHERE
A.idcat=B.idcat AND
B.idcat=C.idcat AND
D.startidartlang = E.idartlang AND
D.idlang='".Contenido_Security::toInteger($lang)."' AND
E.idart=A.idart AND
E.idlang='".Contenido_Security::toInteger($lang)."' AND
idclient='".Contenido_Security::toInteger($client)."'
ORDER BY
idtree ASC";
}
$db->query($sql);
if ($db->next_record()) {
$idart = $db->f("idart");
$idcat = $db->f("idcat");
} else {
if($contenido) {
cInclude("includes", "functions.i18n.php");
die(i18n("No start article for this category"));
} else {
if($error == 1) {
die("Fatal error: Could not display error page. Error to display was: 'No start article in this category'");
} else {
header($errsite);
exit;
}
}
}
} else {
$idart = -1;
if ($cfg["is_start_compatible"] == true)
{
$sql = "SELECT idart FROM ".$cfg["tab"]["cat_art"]." WHERE idcat='".Contenido_Security::toInteger($idcat)."' AND is_start='1'";
$db->query($sql);
if ($db->next_record())
{
$idart = $db->f("idart");
}
}
else
{
$sql = "SELECT startidartlang FROM ".$cfg["tab"]["cat_lang"]." WHERE idcat='".Contenido_Security::toInteger($idcat)."' AND idlang='".Contenido_Security::toInteger($lang)."'";
$db->query($sql);
if ($db->next_record())
{
if ($db->f("startidartlang") != 0)
{
$sql = "SELECT idart FROM ".$cfg["tab"]["art_lang"]." WHERE idartlang='".Contenido_Security::toInteger($db->f("startidartlang"))."'";
$db->query($sql);
$db->next_record();
$idart = $db->f("idart");
}
}
}
if ($idart != -1)
{
}
else
{
// error message in backend
if ($contenido)
{
cInclude("includes", "functions.i18n.php");
die(i18n("No start article for this category"));
}
else
{
if ($error == 1)
{
echo "Fatal error: Could not display error page. Error to display was: 'No start article in this category'";
}
else
{
header($errsite);
exit;
}
}
}
}
}
}
else
{
$sql = "SELECT idcat, idart FROM ".$cfg["tab"]["cat_art"]." WHERE idcatart='".Contenido_Security::toInteger($idcatart)."'";
$db->query($sql);
$db->next_record();
$idcat = $db->f("idcat");
$idart = $db->f("idart");
}
/* Get idcatart */
if (0 != $idart && 0 != $idcat)
{
$sql = "SELECT idcatart FROM ".$cfg["tab"]["cat_art"]." WHERE idart = '".Contenido_Security::toInteger($idart)."' AND idcat = '".Contenido_Security::toInteger($idcat)."'";
$db->query($sql);
$db->next_record();
$idcatart = $db->f("idcatart");
}
$idartlang = getArtLang($idart, $lang);
if ($idartlang === false)
{
header($errsite);
exit;
}
/*
* removed database roundtrip for checking
* if cache is enabled
* CON-115
* 2008-06-25 Thorsten Granz
*/
// START: concache, murat purc
if ($cfg["cache"]["disable"] != '1') {
cInclude('frontend', 'includes/concache.php');
$oCacheHandler = new cConCacheHandler($GLOBALS['cfgConCache'], $db);
$oCacheHandler->start($iStartTime); // $iStartTime ist optional und ist die startzeit des scriptes, z. b. am anfang von fron_content.php
}
// END: concache
##############################################
# BACKEND / FRONTEND EDITING
##############################################
/**
* If user has contenido-backend rights.
* $contenido <==> the cotenido backend session as http global
* In Backend: e.g. contenido/index.php?contenido=dac651142d6a6076247d3afe58c8f8f2
* Can also be set via front_content.php?contenido=dac651142d6a6076247d3afe58c8f8f2
*
* Note: In backend the file contenido/external/backendedit/front_content.php is included!
* The reason is to avoid cross-site scripting errors in the backend, if the backend domain differs from
* the frontend domain.
*/
if ($contenido)
{
$perm->load_permissions();
/* Change mode edit / view */
if (isset ($changeview))
{
$sess->register("view");
$view = $changeview;
}
$col = new InUseCollection;
if ($overrideid != "" && $overridetype != "")
{
$col->removeItemMarks($overridetype, $overrideid);
}
/* Remove all own marks */
$col->removeSessionMarks($sess->id);
/* If the override flag is set, override a specific InUseItem */
list ($inUse, $message) = $col->checkAndMark("article", $idartlang, true, i18n("Article is in use by %s (%s)"), true, $cfg['path']['contenido_fullhtml']."external/backendedit/front_content.php?changeview=edit&action=con_editart&idartlang=$idartlang&type=$type&typenr=$typenr&idart=$idart&idcat=$idcat&idcatart=$idcatart&client=$client&lang=$lang");
$sHtmlInUse = '';
$sHtmlInUseMessage = '';
if ($inUse == true)
{
$disabled = 'disabled="disabled"';
$sHtmlInUseCss = '';
$sHtmlInUseMessage = $message;
}
$sql = "SELECT locked FROM ".$cfg["tab"]["art_lang"]." WHERE idart='".Contenido_Security::toInteger($idart)."' AND idlang = '".Contenido_Security::toInteger($lang)."'";
$db->query($sql);
$db->next_record();
$locked = $db->f("locked");
if ($locked == 1)
{
$inUse = true;
$disabled = 'disabled="disabled"';
}
// CEC to check if the user has permission to edit articles in this category
CEC_Hook::setBreakCondition(false, true); // break at "false", default value "true"
$allow = CEC_Hook::executeWhileBreakCondition(
'Contenido.Frontend.AllowEdit', $lang, $idcat, $idart, $auth->auth['uid']
);
if ($perm->have_perm_area_action_item("con_editcontent", "con_editart", $idcat) && $inUse == false && $allow == true)
{
/* Create buttons for editing */
$edit_preview = '