
296 Zeilen
9,8 KiB

2017-09-04 11:21:17 +00:00
* Project:
* Contenido Content Management System
* Description:
* Requirements:
* @con_php_req 5
* @package ContenidoBackendArea
* @version 0.2.1
* @author unknown
* @copyright four for business AG <>
* @license
* @link
* @link
* {@internal
* created unknown
* modified 2008-07-07, bilal arslan, added security fix
* modified 2008-07-08 Thorsten Granz, added option to disable menu hover effect. clicking is now possible again
* modified 2011-05-17, Ortwin Pinke, cleanup and bugfixing
2019-07-03 11:58:28 +00:00
* $Id$:
* }}
2017-09-04 11:21:17 +00:00
if (!defined('CON_FRAMEWORK')) {
die('Illegal call');
//Fuction checks if a plugin is already installed
function checkExistingPlugin($db, $sPluginname) {
#new install: all plugins are checked
if ($_SESSION["setuptype"] == "setup") {
return true;
2017-09-04 11:21:17 +00:00
$sPluginname = (string) $sPluginname;
$sTable = $_SESSION["dbprefix"] . "_nav_sub";
$sSql = "";
switch ($sPluginname) {
case 'plugin_conman':
$sSql = "SELECT * FROM %s WHERE idnavs='900'";
2017-09-04 11:21:17 +00:00
case 'plugin_content_allocation':
$sSql = "SELECT * FROM %s WHERE idnavs='800'";
2017-09-04 11:21:17 +00:00
case 'plugin_newsletter':
2017-09-04 11:21:17 +00:00
$sSql = "SELECT * FROM %s WHERE idnavs='610'";
case 'mod_rewrite':
2017-09-04 11:21:17 +00:00
$sSql = "SELECT * FROM %s WHERE idnavs='700' OR location='mod_rewrite/xml/;navigation/content/mod_rewrite'";
$sSql = "";
2017-09-04 11:21:17 +00:00
if ($sSql) {
$db->query(sprintf($sSql, $sTable));
if ($db->next_record()) {
return true;
2017-09-04 11:21:17 +00:00
return false;
* @param DB_Contenido $db
* @param string $table db-table name
function updateSystemProperties($db, $table) {
2017-09-04 11:21:17 +00:00
$aStandardvalues = array(array('type' => 'pw_request', 'name' => 'enable', 'value' => 'true'),
array('type' => 'system', 'name' => 'mail_sender_name', 'value' => ''),
array('type' => 'system', 'name' => 'mail_sender', 'value' => 'ConLite+Backend'),
array('type' => 'system', 'name' => 'mail_host', 'value' => 'localhost'),
array('type' => 'maintenance', 'name' => 'mode', 'value' => 'disabled'),
array('type' => 'edit_area', 'name' => 'activated', 'value' => 'true'),
array('type' => 'update', 'name' => 'check', 'value' => 'false'),
array('type' => 'update', 'name' => 'news_feed', 'value' => 'false'),
array('type' => 'update', 'name' => 'check_period', 'value' => '60'),
array('type' => 'system', 'name' => 'clickmenu', 'value' => 'false'),
array('type' => 'versioning', 'name' => 'activated', 'value' => 'true'),
array('type' => 'versioning', 'name' => 'prune_limit', 'value' => '0'),
array('type' => 'versioning', 'name' => 'path', 'value' => ''),
array('type' => 'system', 'name' => 'insight_editing_activated', 'value' => 'true')
foreach ($aStandardvalues as $aData) {
2017-09-04 11:21:17 +00:00
$sql = "SELECT value FROM %s WHERE type='" . $aData['type'] . "' AND name='" . $aData['name'] . "'";
$db->query(sprintf($sql, Contenido_Security::escapeDB($table, $db)));
if ($db->next_record()) {
$sValue = $db->f('value');
if ($sValue == '') {
$sql = "UPDATE %s SET value = '%s' WHERE type='%s' AND name='%s'";
2017-09-04 11:21:17 +00:00
$db->query(sprintf($sql, Contenido_Security::escapeDB($table, $db), $aData['value'], $aData['type'], $aData['name']));
} else {
$id = $db->nextid($table);
$sql = "INSERT INTO %s SET idsystemprop = '%s', type='%s', name='%s', value='%s'";
2017-09-04 11:21:17 +00:00
$db->query(sprintf($sql, Contenido_Security::escapeDB($table, $db), $id, $aData['type'], $aData['name'], $aData['value']));
2017-09-04 11:21:17 +00:00
function updateContenidoVersion($db, $table, $version) {
$sql = "SELECT idsystemprop FROM %s WHERE type='system' AND name='version'";
$db->query(sprintf($sql, Contenido_Security::escapeDB($table, $db)));
if ($db->next_record()) {
$sql = "UPDATE %s SET value = '%s' WHERE type='system' AND name='version'";
$db->query(sprintf($sql, Contenido_Security::escapeDB($table, $db), Contenido_Security::escapeDB($version, $db)));
} else {
$id = $db->nextid($table);
$sql = "INSERT INTO %s SET idsystemprop = '%s', type='system', name='version', value='%s'";
$db->query(sprintf($sql, Contenido_Security::escapeDB($table, $db), $id, Contenido_Security::escapeDB($version, $db)));
2017-09-04 11:21:17 +00:00
function getContenidoVersion($db, $table) {
$sql = "SELECT value FROM %s WHERE type='system' AND name='version'";
$db->query(sprintf($sql, Contenido_Security::escapeDB($table, $db)));
if ($db->next_record()) {
return $db->f("value");
} else {
return false;
2017-09-04 11:21:17 +00:00
function updateSysadminPassword($db, $table, $password) {
$sql = "SELECT password FROM %s WHERE username='sysadmin'";
$db->query(sprintf($sql, Contenido_Security::escapeDB($table, $db)));
if ($db->next_record()) {
$sql = "UPDATE %s SET password='%s' WHERE username='sysadmin'";
$db->query(sprintf($sql, Contenido_Security::escapeDB($table, $db), md5($password)));
return true;
} else {
return false;
2017-09-04 11:21:17 +00:00
function listClients($db, $table) {
$sql = "SELECT idclient, name, frontendpath, htmlpath FROM %s";
$db->query(sprintf($sql, Contenido_Security::escapeDB($table, $db)));
$clients = array();
while ($db->next_record()) {
$clients[$db->f("idclient")] = array("name" => $db->f("name"), "frontendpath" => $db->f("frontendpath"), "htmlpath" => $db->f("htmlpath"));
return $clients;
2017-09-04 11:21:17 +00:00
function updateClientPath($db, $table, $idclient, $frontendpath, $htmlpath) {
$sql = "UPDATE %s SET frontendpath='%s', htmlpath='%s' WHERE idclient='%s'";
$db->query(sprintf($sql, Contenido_Security::escapeDB($table, $db), Contenido_Security::escapeDB($frontendpath, $db), Contenido_Security::escapeDB($htmlpath, $db), Contenido_Security::escapeDB($idclient, $db)));
2017-09-04 11:21:17 +00:00
function stripLastSlash($sInput) {
if (substr($sInput, strlen($sInput) - 1, 1) == "/") {
$sInput = substr($sInput, 0, strlen($sInput) - 1);
return $sInput;
2017-09-04 11:21:17 +00:00
function getSystemDirectories($bOriginalPath = false) {
$root_path = __FILE__;
$root_path = str_replace("\\", "/", $root_path);
$root_path = dirname(dirname(dirname($root_path)));
$root_http_path = dirname(dirname($_SERVER["PHP_SELF"]));
$root_path = str_replace("\\", "/", $root_path);
$root_http_path = str_replace("\\", "/", $root_http_path);
$port = "";
$protocol = "http://";
if ($_SERVER["SERVER_PORT"] != 80) {
if ($_SERVER["SERVER_PORT"] == 443) {
$protocol = "https://";
} else {
$port = ":" . $_SERVER["SERVER_PORT"];
2017-09-04 11:21:17 +00:00
$root_http_path = $protocol . $_SERVER["SERVER_NAME"] . $port . $root_http_path;
if (substr($root_http_path, strlen($root_http_path) - 1, 1) == "/") {
$root_http_path = substr($root_http_path, 0, strlen($root_http_path) - 1);
if ($bOriginalPath == true) {
return array($root_path, $root_http_path);
2017-09-04 11:21:17 +00:00
2017-09-04 11:21:17 +00:00
if (isset($_SESSION["override_root_path"])) {
$root_path = $_SESSION["override_root_path"];
if (isset($_SESSION["override_root_http_path"])) {
$root_http_path = $_SESSION["override_root_http_path"];
$root_path = stripLastSlash($root_path);
$root_http_path = stripLastSlash($root_http_path);
return array($root_path, $root_http_path);
2017-09-04 11:21:17 +00:00
function findSimilarText($string1, $string2) {
for ($i = 0; $i < strlen($string1); $i++) {
if (substr($string1, 0, $i) != substr($string2, 0, $i)) {
return $i - 1;
2017-09-04 11:21:17 +00:00
return $i - 1;
2017-09-04 11:21:17 +00:00
function htmldecode($string) {
$trans_tbl = get_html_translation_table(HTML_ENTITIES);
$trans_tbl = array_flip($trans_tbl);
$ret = strtr($string, $trans_tbl);
return $ret;
2017-09-04 11:21:17 +00:00
function rereadClients_Setup() {
global $cfgClient;
global $errsite_idcat;
global $errsite_idart;
global $db;
global $cfg;
2017-09-04 11:21:17 +00:00
if (!is_object($db)) {
$db = new DB_Contenido;
2017-09-04 11:21:17 +00:00
$sql = "SELECT
2017-09-04 11:21:17 +00:00
" . $_SESSION["dbprefix"] . '_clients';
while ($db->next_record()) {
$cfgClient["set"] = "set";
$cfgClient[$db->f("idclient")]["path"]["frontend"] = $db->f("frontendpath");
$cfgClient[$db->f("idclient")]["path"]["htmlpath"] = $db->f("htmlpath");
$errsite_idcat[$db->f("idclient")] = $db->f("errsite_cat");
$errsite_idart[$db->f("idclient")] = $db->f("errsite_art");
$cfgClient[$db->f("idclient")]["images"] = $db->f("htmlpath") . "images/";
$cfgClient[$db->f("idclient")]["upload"] = "upload/";
$cfgClient[$db->f("idclient")]["htmlpath"]["frontend"] = $cfgClient[$db->f("idclient")]["path"]["htmlpath"];
$cfgClient[$db->f("idclient")]["upl"]["path"] = $cfgClient[$db->f("idclient")]["path"]["frontend"] . "upload/";
$cfgClient[$db->f("idclient")]["upl"]["htmlpath"] = $cfgClient[$db->f("idclient")]["htmlpath"]["frontend"] . "upload/";
$cfgClient[$db->f("idclient")]["upl"]["frontendpath"] = "upload/";
$cfgClient[$db->f("idclient")]["css"]["path"] = $cfgClient[$db->f("idclient")]["path"]["frontend"] . "css/";
$cfgClient[$db->f("idclient")]["js"]["path"] = $cfgClient[$db->f("idclient")]["path"]["frontend"] . "js/";
$cfgClient[$db->f("idclient")]["tpl"]["path"] = $cfgClient[$db->f("idclient")]["path"]["frontend"] . "templates/";
2017-09-04 11:21:17 +00:00