ConLite
/
ConLite
1
0
Fork 0
Code Issues 22 Pull-Requests Projekte 2 Releases 2 Wiki Aktivität

Updates for release 2.1.x

Dieser Commit ist enthalten in:
Oldperl 2019-10-25 16:00:47 +00:00
Ursprung 710dcc8d18
Commit 6bb130a4e9
5 geänderte Dateien mit 392 neuen und 458 gelöschten Zeilen
Statistiken anzeigen Patch-Datei herunterladen Vergleichs-Datei herunterladen Alle Dateien ausklappen Alle Dateien einklappen

7
conlite/classes/con2con/class.dirhandler.php
Datei anzeigen

@ -272,6 +272,7 @@ class cDirHandler {
* array containing file names as string, false on error
*/
public static function read($dirname, $recursive = false, $dirOnly = false, $fileOnly = false) {
$dirname = rtrim($dirname, '/') . '/';
if (!self::exists($dirname)) {
return false;
}
@ -279,7 +280,6 @@ class cDirHandler {
$dirContent = array();
if ($recursive == false) {
$dirHandle = opendir($dirname);
$dirContent = array();
while (false !== ($file = readdir($dirHandle))) {
if (!cFileHandler::fileNameIsDot($file)) {
@ -289,7 +289,9 @@ class cDirHandler {
$dirContent[] = $file;
}
// bugfix: is_dir only checked file name without path, thus returning everything most of the time
} else if ($fileOnly === true) { // get only files
}
if ($fileOnly == true && !$dirOnly) { // get only files
if (is_file($dirname . $file)) {
$dirContent[] = $file;
@ -323,7 +325,6 @@ class cDirHandler {
}
}
}
return $dirContent;
}

359
conlite/includes/functions.con2.php
Datei anzeigen

@ -1,4 +1,5 @@
<?php
/**
* Project:
* Contenido Content Management System
@ -24,8 +25,7 @@
*
* $Id$:
*/
if(!defined('CON_FRAMEWORK')) {
if (!defined('CON_FRAMEWORK')) {
die('Illegal call');
}
@ -42,8 +42,7 @@ if(!defined('CON_FRAMEWORK')) {
* @author Jan Lengowski <jan.lengowski@4fb.de>
* @copyright four for business AG <www.4fb.de>
*/
function conGenerateCode($idcat, $idart, $lang, $client, $layout = false)
{
function conGenerateCode($idcat, $idart, $lang, $client, $layout = false) {
global $frontend_debug, $_cecRegistry;
$debug = 0;
@ -60,10 +59,10 @@ function conGenerateCode($idcat, $idart, $lang, $client, $layout = false)
$sql = "SELECT
idcatart
FROM
".$cfg["tab"]["cat_art"]."
" . $cfg["tab"]["cat_art"] . "
WHERE
idcat = '".Contenido_Security::toInteger($idcat)."' AND
idart = '".Contenido_Security::toInteger($idart)."'";
idcat = '" . Contenido_Security::toInteger($idcat) . "' AND
idart = '" . Contenido_Security::toInteger($idart) . "'";
$db->query($sql);
$db->next_record();
@ -77,19 +76,18 @@ function conGenerateCode($idcat, $idart, $lang, $client, $layout = false)
$sql = "SELECT
a.idtplcfg AS idtplcfg
FROM
".$cfg["tab"]["art_lang"]." AS a,
".$cfg["tab"]["art"]." AS b
" . $cfg["tab"]["art_lang"] . " AS a,
" . $cfg["tab"]["art"] . " AS b
WHERE
a.idart = '".Contenido_Security::toInteger($idart)."' AND
a.idlang = '".Contenido_Security::escapeDB($lang, $db)."' AND
a.idart = '" . Contenido_Security::toInteger($idart) . "' AND
a.idlang = '" . Contenido_Security::escapeDB($lang, $db) . "' AND
b.idart = a.idart AND
b.idclient = '".Contenido_Security::escapeDB($client, $db)."'";
b.idclient = '" . Contenido_Security::escapeDB($client, $db) . "'";
$db->query($sql);
$db->next_record();
if ($db->f("idtplcfg") != 0)
{
if ($db->f("idtplcfg") != 0) {
/* Article is configured */
$idtplcfg = $db->f("idtplcfg");
@ -97,46 +95,41 @@ function conGenerateCode($idcat, $idart, $lang, $client, $layout = false)
if ($debug)
echo "configuration for article found: $idtplcfg<br><br>";
$a_c = array ();
$a_c = array();
$sql2 = "SELECT
*
FROM
".$cfg["tab"]["container_conf"]."
" . $cfg["tab"]["container_conf"] . "
WHERE
idtplcfg = '".Contenido_Security::toInteger($idtplcfg)."'
idtplcfg = '" . Contenido_Security::toInteger($idtplcfg) . "'
ORDER BY
number ASC";
$db2->query($sql2);
while ($db2->next_record())
{
while ($db2->next_record()) {
$a_c[$db2->f("number")] = $db2->f("container");
}
} else
{
} else {
/* Check whether category is
configured. */
$sql = "SELECT
a.idtplcfg AS idtplcfg
FROM
".$cfg["tab"]["cat_lang"]." AS a,
".$cfg["tab"]["cat"]." AS b
" . $cfg["tab"]["cat_lang"] . " AS a,
" . $cfg["tab"]["cat"] . " AS b
WHERE
a.idcat = '".Contenido_Security::toInteger($idcat)."' AND
a.idlang = '".Contenido_Security::escapeDB($lang, $db)."' AND
a.idcat = '" . Contenido_Security::toInteger($idcat) . "' AND
a.idlang = '" . Contenido_Security::escapeDB($lang, $db) . "' AND
b.idcat = a.idcat AND
b.idclient = '".Contenido_Security::escapeDB($client, $db)."'";
b.idclient = '" . Contenido_Security::escapeDB($client, $db) . "'";
$db->query($sql);
$db->next_record();
if ($db->f("idtplcfg") != 0)
{
if ($db->f("idtplcfg") != 0) {
/* Category is configured,
extract varstring */
@ -145,27 +138,23 @@ function conGenerateCode($idcat, $idart, $lang, $client, $layout = false)
if ($debug)
echo "configuration for category found: $idtplcfg<br><br>";
$a_c = array ();
$a_c = array();
$sql2 = "SELECT
*
FROM
".$cfg["tab"]["container_conf"]."
" . $cfg["tab"]["container_conf"] . "
WHERE
idtplcfg = '".Contenido_Security::toInteger($idtplcfg)."'
idtplcfg = '" . Contenido_Security::toInteger($idtplcfg) . "'
ORDER BY
number ASC";
$db2->query($sql2);
while ($db2->next_record())
{
while ($db2->next_record()) {
$a_c[$db2->f("number")] = $db2->f("container");
}
} else
{
} else {
/* Article nor Category
is configured. Creation of
@ -177,26 +166,22 @@ function conGenerateCode($idcat, $idart, $lang, $client, $layout = false)
$code = '<html><body>No code was created for this art in this category.</body><html>';
$sql = "SELECT * FROM ".$cfg["tab"]["code"]." WHERE idcatart='".Contenido_Security::toInteger($idcatart)."' AND idlang='".Contenido_Security::escapeDB($lang, $db)."'";
$sql = "SELECT * FROM " . $cfg["tab"]["code"] . " WHERE idcatart='" . Contenido_Security::toInteger($idcatart) . "' AND idlang='" . Contenido_Security::escapeDB($lang, $db) . "'";
$db->query($sql);
if ($db->next_record())
{
$sql = "UPDATE ".$cfg["tab"]["code"]." SET code='".Contenido_Security::escapeDB($code, $db)."', idlang='".Contenido_Security::escapeDB($lang, $db)."', idclient='".Contenido_Security::escapeDB($client, $db)."'
WHERE idcatart='".Contenido_Security::toInteger($idcatart)."' AND idlang='".Contenido_Security::escapeDB($lang, $db)."'";
if ($db->next_record()) {
$sql = "UPDATE " . $cfg["tab"]["code"] . " SET code='" . Contenido_Security::escapeDB($code, $db) . "', idlang='" . Contenido_Security::escapeDB($lang, $db) . "', idclient='" . Contenido_Security::escapeDB($client, $db) . "'
WHERE idcatart='" . Contenido_Security::toInteger($idcatart) . "' AND idlang='" . Contenido_Security::escapeDB($lang, $db) . "'";
$db->query($sql);
} else
{
$sql = "INSERT INTO ".$cfg["tab"]["code"]." (idcode, idcatart, code, idlang, idclient) VALUES ('".Contenido_Security::toInteger($db->nextid($cfg["tab"]["code"]))."', '".Contenido_Security::toInteger($idcatart)."',
'".Contenido_Security::escapeDB($code, $db)."', '".Contenido_Security::escapeDB($lang, $db)."', '".Contenido_Security::escapeDB($client, $db)."')";
} else {
$sql = "INSERT INTO " . $cfg["tab"]["code"] . " (idcode, idcatart, code, idlang, idclient) VALUES ('" . Contenido_Security::toInteger($db->nextid($cfg["tab"]["code"])) . "', '" . Contenido_Security::toInteger($idcatart) . "',
'" . Contenido_Security::escapeDB($code, $db) . "', '" . Contenido_Security::escapeDB($lang, $db) . "', '" . Contenido_Security::escapeDB($client, $db) . "')";
$db->query($sql);
}
return "0601";
}
}
/* Get IDLAY and IDMOD array */
@ -204,10 +189,10 @@ function conGenerateCode($idcat, $idart, $lang, $client, $layout = false)
a.idlay AS idlay,
a.idtpl AS idtpl
FROM
".$cfg["tab"]["tpl"]." AS a,
".$cfg["tab"]["tpl_conf"]." AS b
" . $cfg["tab"]["tpl"] . " AS a,
" . $cfg["tab"]["tpl_conf"] . " AS b
WHERE
b.idtplcfg = '".Contenido_Security::toInteger($idtplcfg)."' AND
b.idtplcfg = '" . Contenido_Security::toInteger($idtplcfg) . "' AND
b.idtpl = a.idtpl";
$db->query($sql);
@ -215,8 +200,7 @@ function conGenerateCode($idcat, $idart, $lang, $client, $layout = false)
$idlay = $db->f("idlay");
if ($layout != false)
{
if ($layout != false) {
$idlay = $layout;
}
@ -230,16 +214,15 @@ function conGenerateCode($idcat, $idart, $lang, $client, $layout = false)
number,
idmod
FROM
".$cfg["tab"]["container"]."
" . $cfg["tab"]["container"] . "
WHERE
idtpl = '".Contenido_Security::toInteger($idtpl)."'
idtpl = '" . Contenido_Security::toInteger($idtpl) . "'
ORDER BY
number ASC";
$db->query($sql);
while ($db->next_record())
{
while ($db->next_record()) {
$a_d[$db->f("number")] = $db->f("idmod");
}
@ -248,39 +231,36 @@ function conGenerateCode($idcat, $idart, $lang, $client, $layout = false)
$code = AddSlashes($raw_code);
/* Create code for all containers */
if ($idlay)
{
if ($idlay) {
tplPreparseLayout($idlay, $raw_code);
$tmp_returnstring = tplBrowseLayoutForContainers($idlay, $raw_code);
$a_container = explode("&", $tmp_returnstring);
foreach ($a_container as $key => $value)
{
foreach ($a_container as $key => $value) {
$sql = "SELECT * FROM ".$cfg["tab"]["mod"]." WHERE idmod='".$a_d[$value]."'";
$sql = "SELECT * FROM " . $cfg["tab"]["mod"] . " WHERE idmod='" . $a_d[$value] . "'";
$db->query($sql);
$db->next_record();
if (is_numeric($a_d[$value]))
{
$thisModule = '<?php $cCurrentModule = '. ((int) $a_d[$value]).'; ?>';
$thisContainer = '<?php $cCurrentContainer = '. ((int) $value).'; ?>';
if (is_numeric($a_d[$value])) {
$thisModule = '<?php $cCurrentModule = ' . ((int) $a_d[$value]) . '; ?>';
$thisContainer = '<?php $cCurrentContainer = ' . ((int) $value) . '; ?>';
}
/* dceModFileEdit (c)2009 www.dceonline.de */
if($cfg['dceModEdit']['use']
if ($cfg['dceModEdit']['use']
&& ($cfg['dceModEdit']['allModsFromFile'] == true
|| in_array((int) $a_d[$value], $cfg['dceModEdit']['modsFromFile']))) {
cInclude('classes', 'contenido/class.module.php');
$tmpModule = new cApiModule;
$tmpModule->loadByPrimaryKey($a_d[$value]);
$output = $thisModule.$thisContainer.$tmpModule->get("output");
$output = $thisModule . $thisContainer . $tmpModule->get("output");
unset($tmpModule);
} else {
$output = $thisModule.$thisContainer.$db->f("output");
$output = $thisModule . $thisContainer . $db->f("output");
}
/* dceModFileEdit (c)2009 www.dceonline.de */
$output = AddSlashes($output)."\n";
$output = AddSlashes($output) . "\n";
$template = $db->f("template");
@ -288,69 +268,60 @@ function conGenerateCode($idcat, $idart, $lang, $client, $layout = false)
$tmp1 = preg_split("/&/", $a_c[$value]);
$varstring = array ();
$varstring = array();
foreach ($tmp1 as $key1 => $value1)
{
foreach ($tmp1 as $key1 => $value1) {
$tmp2 = explode("=", $value1);
foreach ($tmp2 as $key2 => $value2)
{
foreach ($tmp2 as $key2 => $value2) {
$varstring["$tmp2[0]"] = $tmp2[1];
}
}
$CiCMS_Var = '$C'.$value.'CMS_VALUE';
$CiCMS_Var = '$C' . $value . 'CMS_VALUE';
$CiCMS_VALUE = '';
foreach ($varstring as $key3 => $value3)
{
foreach ($varstring as $key3 => $value3) {
$tmp = urldecode($value3);
$tmp = str_replace("\'", "'", $tmp);
$CiCMS_VALUE .= $CiCMS_Var.'['.$key3.']="'.$tmp.'"; ';
$CiCMS_VALUE .= $CiCMS_Var . '[' . $key3 . ']="' . $tmp . '"; ';
$output = str_replace("\$CMS_VALUE[$key3]", $tmp, $output);
$output = str_replace("CMS_VALUE[$key3]", $tmp, $output);
}
$output = str_replace("CMS_VALUE", $CiCMS_Var, $output);
$output = str_replace("\$".$CiCMS_Var, $CiCMS_Var, $output);
$output = str_replace("\$" . $CiCMS_Var, $CiCMS_Var, $output);
$output = preg_replace("/(CMS_VALUE\[)([0-9]*)(\])/i", "", $output);
if ($frontend_debug["container_display"] == true)
{
$fedebug .= "Container: CMS_CONTAINER[$value]".'\\\\n';
if ($frontend_debug["container_display"] == true) {
$fedebug .= "Container: CMS_CONTAINER[$value]" . '\\\\n';
}
if ($frontend_debug["module_display"] == true)
{
$fedebug .= "Modul: ".$db->f("name").'\\\\n';
if ($frontend_debug["module_display"] == true) {
$fedebug .= "Modul: " . $db->f("name") . '\\\\n';
}
if ($frontend_debug["module_timing_summary"] == true || $frontend_debug["module_timing"] == true)
{
$fedebug .= 'Eval-Time: $modtime'.$value.'\\\\n';
$output = '<?php $modstart'.$value.' = getmicrotime(); ?'.'>'.$output.'<?php $modend'.$value.' = getmicrotime()+0.001; $modtime'.$value.' = $modend'.$value.' - $modstart'.$value.'; ?'.'>';
if ($frontend_debug["module_timing_summary"] == true || $frontend_debug["module_timing"] == true) {
$fedebug .= 'Eval-Time: $modtime' . $value . '\\\\n';
$output = '<?php $modstart' . $value . ' = getmicrotime(); ?' . '>' . $output . '<?php $modend' . $value . ' = getmicrotime()+0.001; $modtime' . $value . ' = $modend' . $value . ' - $modstart' . $value . '; ?' . '>';
}
if ($fedebug != "")
{
$output = addslashes('<?php echo \'<img onclick="javascript:showmod'.$value.'();" src="'.$cfg['path']['contenido_fullhtml'].'images/but_preview.gif">\'; ?'.'>'."<br>").$output;
$output = $output.addslashes('<?php echo \'<script language="javascript">function showmod'.$value.' () { window.alert(\\\'\'. "'.addslashes($fedebug).'".\'\\\');} </script>\'; ?'.'>');
if ($fedebug != "") {
$output = addslashes('<?php echo \'<img onclick="javascript:showmod' . $value . '();" src="' . $cfg['path']['contenido_fullhtml'] . 'images/but_preview.gif">\'; ?' . '>' . "<br>") . $output;
$output = $output . addslashes('<?php echo \'<script language="javascript">function showmod' . $value . ' () { window.alert(\\\'\'. "' . addslashes($fedebug) . '".\'\\\');} </script>\'; ?' . '>');
}
if ($frontend_debug["module_timing_summary"] == true)
{
$output .= addslashes(' <?php $cModuleTimes["'.$value.'"] = $modtime'.$value.'; ?>');
$output .= addslashes(' <?php $cModuleNames["'.$value.'"] = "'.addslashes($db->f("name")).'"; ?>');
if ($frontend_debug["module_timing_summary"] == true) {
$output .= addslashes(' <?php $cModuleTimes["' . $value . '"] = $modtime' . $value . '; ?>');
$output .= addslashes(' <?php $cModuleNames["' . $value . '"] = "' . addslashes($db->f("name")) . '"; ?>');
}
/* Replace new containers */
$code = preg_replace("/<container( +)id=\\\\\"$value\\\\\"(.*)>(.*)<\/container>/Uis", "CMS_CONTAINER[$value]", $code);
$code = preg_replace("/<container( +)id=\\\\\"$value\\\\\"(.*)\/>/i", "CMS_CONTAINER[$value]", $code);
$code = str_ireplace("CMS_CONTAINER[$value]", "<?php $CiCMS_VALUE ?>\r\n".$output, $code);
$code = str_ireplace("CMS_CONTAINER[$value]", "<?php $CiCMS_VALUE ?>\r\n" . $output, $code);
$fedebug = "";
}
}
@ -358,23 +329,22 @@ function conGenerateCode($idcat, $idart, $lang, $client, $layout = false)
$sql = "SELECT
*
FROM
".$cfg["tab"]["content"]." AS A,
".$cfg["tab"]["art_lang"]." AS B,
".$cfg["tab"]["type"]." AS C
" . $cfg["tab"]["content"] . " AS A,
" . $cfg["tab"]["art_lang"] . " AS B,
" . $cfg["tab"]["type"] . " AS C
WHERE
A.idtype = C.idtype AND
A.idartlang = B.idartlang AND
B.idart = '".Contenido_Security::toInteger($idart)."' AND
B.idlang = '".Contenido_Security::escapeDB($lang, $db)."'";
B.idart = '" . Contenido_Security::toInteger($idart) . "' AND
B.idlang = '" . Contenido_Security::escapeDB($lang, $db) . "'";
$db->query($sql);
while ($db->next_record())
{
while ($db->next_record()) {
$a_content[$db->f("type")][$db->f("typeid")] = $db->f("value");
}
$sql = "SELECT idartlang, pagetitle FROM ".$cfg["tab"]["art_lang"]." WHERE idart='".Contenido_Security::toInteger($idart)."' AND idlang='".Contenido_Security::escapeDB($lang, $db)."'";
$sql = "SELECT idartlang, pagetitle FROM " . $cfg["tab"]["art_lang"] . " WHERE idart='" . Contenido_Security::toInteger($idart) . "' AND idlang='" . Contenido_Security::escapeDB($lang, $db) . "'";
$db->query($sql);
$db->next_record();
@ -389,87 +359,80 @@ function conGenerateCode($idcat, $idart, $lang, $client, $layout = false)
}
/* replace all CMS_TAGS[] */
$sql = "SELECT type, code FROM ".$cfg["tab"]["type"];
$sql = "SELECT type, code FROM " . $cfg["tab"]["type"];
$db->query($sql);
$match = array ();
while ($db->next_record())
{
$match = array();
while ($db->next_record()) {
$tmp = preg_match_all("/(".$db->f("type")."\[+\d+\])/i", $code, $match);
$tmp = preg_match_all("/(" . $db->f("type") . "\[+\d+\])/i", $code, $match);
$a_[strtolower($db->f("type"))] = $match[0];
$success = array_walk($a_[strtolower($db->f("type"))], 'extractNumber');
$search = array ();
$replacements = array ();
$search = array();
$replacements = array();
foreach ($a_[strtolower($db->f("type"))] as $val)
{
eval ($db->f("code"));
foreach ($a_[strtolower($db->f("type"))] as $val) {
eval($db->f("code"));
$search[$val] = $db->f("type")."[$val]";
$search[$val] = $db->f("type") . "[$val]";
$replacements[$val] = $tmp;
$keycode[$db->f("type")][$val] = $tmp;
}
$code = str_ireplace($search, $replacements, $code);
}
/* add/replace title */
if ($pagetitle != "")
{
if ($pagetitle != "") {
$code = preg_replace("/<title>.*?<\/title>/is", "{TITLE}", $code, 1);
if (strstr($code, "{TITLE}"))
{
if (strstr($code, "{TITLE}")) {
$code = str_ireplace("{TITLE}", addslashes("<title>$pagetitle</title>"), $code);
} else
{
$code = str_ireplace_once("</head>", addslashes("<title>".$pagetitle."</title>\n</head>"), $code);
} else {
$code = str_ireplace_once("</head>", addslashes("<title>" . $pagetitle . "</title>\n</head>"), $code);
}
} else
{
} else {
$code = str_replace('<title></title>', '', $code);
}
// metatags
$availableTags = conGetAvailableMetaTagTypes();
$metatags = array ();
$metatags = array();
foreach ($availableTags as $key => $value) {
$metavalue = conGetMetaValue($idartlang, $key);
if (strlen($metavalue) > 0) {
//$metatags[$value["name"]] = array(array("attribute" => $value["fieldname"], "value" => $metavalue), ...);
$metatags[] = array ($value["fieldname"] => $value["name"], 'content' => $metavalue);
$metatags[] = array($value["fieldname"] => $value["name"], 'content' => $metavalue);
}
}
// generator tag
$aVersion = explode('.', $cfg['version']);
$sCLVersion = $aVersion[0] . '.' . $aVersion[1];
$metatags[] = array ('name' => 'generator', 'content' => 'CMS ConLite ' . $sCLVersion);
$metatags[] = array('name' => 'generator', 'content' => 'CMS ConLite ' . $sCLVersion);
// charset/encoding tag
if(getEffectiveSetting('generator', 'html5', "false") == "true") {
if (getEffectiveSetting('generator', 'html5', "false") == "true") {
$metatags[] = array('charset' => $encoding[$lang]);
} else if(getEffectiveSetting('generator', 'xhtml', "false") == "true") {
$metatags[] = array ('http-equiv' => 'Content-Type', 'content' => 'application/xhtml+xml; charset='.$encoding[$lang]);
} else if (getEffectiveSetting('generator', 'xhtml', "false") == "true") {
$metatags[] = array('http-equiv' => 'Content-Type', 'content' => 'application/xhtml+xml; charset=' . $encoding[$lang]);
} else {
$metatags[] = array ('http-equiv' => 'Content-Type', 'content' => 'text/html; charset='.$encoding[$lang]);
$metatags[] = array('http-equiv' => 'Content-Type', 'content' => 'text/html; charset=' . $encoding[$lang]);
}
// check chains
$_cecIterator = $_cecRegistry->getIterator("Contenido.Content.CreateMetatags");
if($_cecIterator->count() > 0) {
if ($_cecIterator->count() > 0) {
$tmpMetatags = $metatags;
if(!is_array($tmpMetatags)) {
if (!is_array($tmpMetatags)) {
$tmpMetatags = array();
}
while($chainEntry = $_cecIterator->next()) {
while ($chainEntry = $_cecIterator->next()) {
$tmpMetatags = $chainEntry->execute($tmpMetatags);
}
@ -477,7 +440,7 @@ function conGenerateCode($idcat, $idart, $lang, $client, $layout = false)
//system metatags were merged to user meta tags
//and user meta tags were not longer replaced by system meta tags
/** @todo recode whole meta tag handling */
if(is_array($tmpMetatags)) {
if (is_array($tmpMetatags)) {
//check for all system meta tags if there is already a user meta tag
foreach ($tmpMetatags as $aAutValue) {
$bExists = false;
@ -517,10 +480,11 @@ function conGenerateCode($idcat, $idart, $lang, $client, $layout = false)
$sMetatags = '';
foreach ($metatags as $value) {
if(getEffectiveSetting('generator', 'html5', "false") == "true") {
if($value['name'] == 'date') continue;
if (getEffectiveSetting('generator', 'html5', "false") == "true") {
if ($value['name'] == 'date')
continue;
}
if(!empty($value['content'])) {
if (!empty($value['content'])) {
$value['content'] = clHtmlEntityDecode($value['content'], ENT_QUOTES, strtoupper($encoding[$lang]));
$value['content'] = htmlspecialchars_decode($value['content'], ENT_QUOTES);
}
@ -532,47 +496,44 @@ function conGenerateCode($idcat, $idart, $lang, $client, $layout = false)
/* HTML does not allow ID for meta tags */
$oMetaTagGen->removeAttribute("id");
/*Check if metatag already exists*/
if (preg_match('/(<meta(?:\s+)name(?:\s*)=(?:\s*)(?:\\\\"|\\\\\')(?:\s*)'.$value["name"].'(?:\s*)(?:\\\\"|\\\\\')(?:[^>]+)>\r?\n?)/i', $code, $aTmetatagfound)) {
$code = str_replace($aTmetatagfound[1], $oMetaTagGen->render()."\n", $code);
} else if(array_key_exists ("charset", $value)
/* Check if metatag already exists */
if (preg_match('/(<meta(?:\s+)name(?:\s*)=(?:\s*)(?:\\\\"|\\\\\')(?:\s*)' . $value["name"] . '(?:\s*)(?:\\\\"|\\\\\')(?:[^>]+)>\r?\n?)/i', $code, $aTmetatagfound)) {
$code = str_replace($aTmetatagfound[1], $oMetaTagGen->render() . "\n", $code);
} else if (array_key_exists("charset", $value)
&& preg_match('/(<meta(?:\s+)charset(?:\s*)=(?:\s*)(?:\\\\"|\\\\\')(?:\s*)(.*)(?:\s*)(?:\\\\"|\\\\\')(?:\s*)(?:\s*|\/)(?:[\^\>]+)\r?\n?)/i', $code, $aTmetatagfound)) {
$code = str_replace($aTmetatagfound[1], $oMetaTagGen->render()."\n", $code);
$code = str_replace($aTmetatagfound[1], $oMetaTagGen->render() . "\n", $code);
} else {
$sMetatags .= $oMetaTagGen->render()."\n";
$sMetatags .= $oMetaTagGen->render() . "\n";
}
}
/* Add meta tags */
$code = str_ireplace_once("</head>", $sMetatags."</head>", $code);
$code = str_ireplace_once("</head>", $sMetatags . "</head>", $code);
$code = str_ireplace_once("</html>", "<!-- This website is powered by ConLite, the lightweight content management system.\nFor more info and download visit www.conlite.org -->\n</html>", $code);
/* write code into the database */
$date = date("Y-m-d H:i:s");
if ($layout == false)
{
$sql = "SELECT * FROM ".$cfg["tab"]["code"]." WHERE idcatart = '".Contenido_Security::toInteger($idcatart)."' AND idlang = '".Contenido_Security::escapeDB($lang, $db)."'";
if ($layout == false) {
$sql = "SELECT * FROM " . $cfg["tab"]["code"] . " WHERE idcatart = '" . Contenido_Security::toInteger($idcatart) . "' AND idlang = '" . Contenido_Security::escapeDB($lang, $db) . "'";
$db->query($sql);
if ($db->next_record())
{
if ($db->next_record()) {
if ($debug)
echo "UPDATED code for lang:$lang, client:$client, idcatart:$idcatart";
$sql = "UPDATE ".$cfg["tab"]["code"]." SET code='".Contenido_Security::escapeDB($code, $db, false)."', idlang='".Contenido_Security::escapeDB($lang, $db)."', idclient='".Contenido_Security::escapeDB($client, $db)."'
WHERE idcatart='".Contenido_Security::toInteger($idcatart)."' AND idlang='".Contenido_Security::escapeDB($lang, $db)."'";
$sql = "UPDATE " . $cfg["tab"]["code"] . " SET code='" . Contenido_Security::escapeDB($code, $db, false) . "', idlang='" . Contenido_Security::escapeDB($lang, $db) . "', idclient='" . Contenido_Security::escapeDB($client, $db) . "'
WHERE idcatart='" . Contenido_Security::toInteger($idcatart) . "' AND idlang='" . Contenido_Security::escapeDB($lang, $db) . "'";
$db->query($sql);
} else
{
} else {
if ($debug)
echo "INSERTED code for lang:$lang, client:$client, idcatart:$idcatart";
$sql = "INSERT INTO ".$cfg["tab"]["code"]." (idcode, idcatart, code, idlang, idclient) VALUES ('".Contenido_Security::toInteger($db->nextid($cfg["tab"]["code"]))."', '".Contenido_Security::toInteger($idcatart)."',
'".Contenido_Security::escapeDB($code, $db, false)."', '".Contenido_Security::escapeDB($lang, $db)."', '".Contenido_Security::escapeDB($client, $db)."')";
$sql = "INSERT INTO " . $cfg["tab"]["code"] . " (idcode, idcatart, code, idlang, idclient) VALUES ('" . Contenido_Security::toInteger($db->nextid($cfg["tab"]["code"])) . "', '" . Contenido_Security::toInteger($idcatart) . "',
'" . Contenido_Security::escapeDB($code, $db, false) . "', '" . Contenido_Security::escapeDB($lang, $db) . "', '" . Contenido_Security::escapeDB($client, $db) . "')";
$db->query($sql);
}
$sql = "UPDATE ".$cfg["tab"]["cat_art"]." SET createcode = '0' WHERE idcatart='".Contenido_Security::toInteger($idcatart)."'";
$sql = "UPDATE " . $cfg["tab"]["cat_art"] . " SET createcode = '0' WHERE idcatart='" . Contenido_Security::toInteger($idcatart) . "'";
$db->query($sql);
}
@ -629,14 +590,15 @@ function conGetAvailableMetaTagTypes() {
*/
function conGetMetaValue($idartlang, $idmetatype) {
if($idartlang == 0) return;
if ($idartlang == 0)
return;
$oMetaTags = new cApiMetaTagCollection();
$oMetaTags->setWhere('idartlang', Contenido_Security::toInteger($idartlang));
$oMetaTags->setWhere('idmetatype', Contenido_Security::toInteger($idmetatype));
$oMetaTags->query();
if($oMetaTags->count() > 0) {
if ($oMetaTags->count() > 0) {
$sRet = $oMetaTags->next()->get('metavalue');
} else {
$sRet = "";
@ -655,26 +617,24 @@ function conGetMetaValue($idartlang, $idmetatype) {
* @author Timo A. Hummel <Timo.Hummel@4fb.de>
* @copyright four for business AG 2003
*/
function conSetMetaValue($idartlang, $idmetatype, $value)
{
function conSetMetaValue($idartlang, $idmetatype, $value) {
global $cfg;
$db = new DB_ConLite;
$sql = "DELETE FROM ".$cfg["tab"]["meta_tag"]."
WHERE idartlang = '".Contenido_Security::toInteger($idartlang)."'
AND idmetatype = '".Contenido_Security::toInteger($idmetatype)."'";
$sql = "DELETE FROM " . $cfg["tab"]["meta_tag"] . "
WHERE idartlang = '" . Contenido_Security::toInteger($idartlang) . "'
AND idmetatype = '" . Contenido_Security::toInteger($idmetatype) . "'";
$db->query($sql);
$nextid = $db->nextid($cfg["tab"]["meta_tag"]);
$sql = "INSERT INTO ".$cfg["tab"]["meta_tag"]." SET idartlang = '".Contenido_Security::toInteger($idartlang)."',
idmetatype = '".Contenido_Security::toInteger($idmetatype)."',
idmetatag = '".Contenido_Security::toInteger($nextid)."',
metavalue = '".Contenido_Security::escapeDB($value, $db)."'";
$sql = "INSERT INTO " . $cfg["tab"]["meta_tag"] . " SET idartlang = '" . Contenido_Security::toInteger($idartlang) . "',
idmetatype = '" . Contenido_Security::toInteger($idmetatype) . "',
idmetatag = '" . Contenido_Security::toInteger($nextid) . "',
metavalue = '" . Contenido_Security::escapeDB($value, $db) . "'";
$db->query($sql);
}
/**
@ -688,48 +648,41 @@ function conSetMetaValue($idartlang, $idmetatype, $value)
* Modified : 13.05.2004
* @copyright four for business AG 2003
*/
function conGenerateKeywords($client, $lang)
{
function conGenerateKeywords($client, $lang) {
global $cfg;
$db_art = new DB_ConLite;
$options = array ("img", "link", "linktarget", "swf"); // cms types to be excluded from indexing
$options = array("img", "link", "linktarget", "swf"); // cms types to be excluded from indexing
$sql = "SELECT
a.idart, b.idartlang
FROM
".$cfg["tab"]["art"]." AS a,
".$cfg["tab"]["art_lang"]." AS b
" . $cfg["tab"]["art"] . " AS a,
" . $cfg["tab"]["art_lang"] . " AS b
WHERE
a.idart = b.idart AND
a.idclient = ".Contenido_Security::escapeDB($client, $db)." AND
b.idlang = ".Contenido_Security::escapeDB($lang, $db);
a.idclient = " . Contenido_Security::escapeDB($client, $db) . " AND
b.idlang = " . Contenido_Security::escapeDB($lang, $db);
$db_art->query($sql);
$articles = array ();
while ($db_art->next_record())
{
$articles = array();
while ($db_art->next_record()) {
$articles[$db_art->f("idart")] = $db_art->f("idartlang");
}
if (count($articles) > 0)
{
foreach ($articles as $artid => $article_lang)
{
$article_content = array ();
if (count($articles) > 0) {
foreach ($articles as $artid => $article_lang) {
$article_content = array();
$article_content = conGetContentFromArticle($article_lang);
if (count($article_content) > 0)
{
if (count($article_content) > 0) {
$art_index = new Index($db_art);
$art_index->lang = $lang;
$art_index->start($artid, $article_content, 'auto', $options);
}
}
}
}
/**
@ -742,8 +695,7 @@ function conGenerateKeywords($client, $lang)
* Modified : 13.05.2004
* @copyright four for business AG 2003
*/
function conGetContentFromArticle($article_lang)
{
function conGetContentFromArticle($article_lang) {
global $cfg;
$db_con = new DB_ConLite;
@ -751,22 +703,21 @@ function conGetContentFromArticle($article_lang)
$sql = "SELECT
*
FROM
".$cfg["tab"]["content"]." AS A,
".$cfg["tab"]["art_lang"]." AS B,
".$cfg["tab"]["type"]." AS C
" . $cfg["tab"]["content"] . " AS A,
" . $cfg["tab"]["art_lang"] . " AS B,
" . $cfg["tab"]["type"] . " AS C
WHERE
A.idtype = C.idtype AND
A.idartlang = B.idartlang AND
A.idartlang = '".Contenido_Security::escapeDB($article_lang, $db_con)."' ";
A.idartlang = '" . Contenido_Security::escapeDB($article_lang, $db_con) . "' ";
$db_con->query($sql);
while ($db_con->next_record())
{
while ($db_con->next_record()) {
$a_content[$db_con->f("type")][$db_con->f("typeid")] = urldecode($db_con->f("value"));
}
return $a_content;
}
?>

2
conlite/includes/startup.php
Datei anzeigen

@ -71,7 +71,7 @@ if (!defined('CL_ENVIRONMENT')) {
*/
if (!defined('CL_VERSION')) {
define('CL_VERSION', '2.1.0');
define('CL_VERSION', '2.1.0');
}

30
conlite/plugins/mod_rewrite/files/htaccess_restrictive.txt
Datei anzeigen

@ -1,36 +1,30 @@
################################################################################
# CONTENIDO AMR plugin restrictive rewrite rules set.
# ConLite AMR plugin restrictive rewrite rules set.
#
# Contains strict rules, each rewrite exclusion must be set manually.
# - Exclude requests to directories usage/, contenido/, setup/, cms/upload/
# - Exclude requests to cms/front_content.php
# - Exclude requests to directories usage/, conlite/, setup/, cms/upload/
# - Exclude requests to cms/front_content.php, cms/dbfs.php
# - Pass thru requests to common ressources (pictures, movies, js, css, pdf)
#
# @version 0.0.1
# @version 1.0.0
# @author Ortwin Pinke <ortwin.pinke@php-backoffice.de>
# @author Murat Purc <murat@purc.de>
# @copyright four for business AG <www.4fb.de>
# @license http://www.contenido.org/license/LIZENZ.txt
# @link http://www.4fb.de
# @link http://www.contenido.org
# @copyright 2019 ConLite Team
# @link http://www.conlite.org
#
# Versions before 1.0 copyright 4fb, author Murat Purc
#
# $Id$
################################################################################
# Enable following lines to run PHP5 on 1und1.de (1and1.com)
#AddType x-mapp-php5 .php
#AddHandler x-mapp-php5 .php
<IfModule mod_rewrite.c>
# Enable rewrite engine
RewriteEngine on
# Specify a base URL-path for the rules
RewriteBase /cms
# Catch some common exploits in query string to get rid of them.
# NOTE: Conditions to prevent protocols (ftp, http[s]) in query string could
# be a disadvantage in some cases.
@ -42,7 +36,6 @@
RewriteCond %{QUERY_STRING} http[s]*://.*$ [NC]
RewriteRule ^.* - [F,L] # all matching conditions from above will end in nirvana
# Exclude some files and directories from rewriting
RewriteRule ^usage/.*$ - [L]
RewriteRule ^conlite/.*$ - [L]
@ -50,15 +43,14 @@
RewriteRule ^cms/upload/.*$ - [L]
RewriteRule ^cms/test/.*$ - [L]
RewriteRule ^cms/front_content.php.*$ - [L]
RewriteRule ^cms/dbfs.php.*$ - [L]
# Exclude common extensions from rewriting and pass remaining requests to
# front_content.php.
RewriteRule !\.(avi|css|doc|flv|gif|gzip|ico|jpeg|jpg|js|mov|mp3|pdf|png|ppt|rar|swf|txt|wav|wmv|xml|zip)$ front_content.php [NC,QSA,L]
RewriteRule !\.(avi|css|doc|flv|gif|gzip|ico|jpeg|jpg|js|mov|mp3|pdf|png|ppt|rar|svg|swf|txt|wav|wmv|xml|zip)$ front_content.php [NC,QSA,L]
</IfModule>
# Some rules to compress files.
# NOTE: Following settings are not mod rewrite specific, but enabling mod_deflate
# for some file types can help to reduce bandwith.

24
conlite/plugins/mod_rewrite/files/htaccess_simple.txt
Datei anzeigen

@ -1,33 +1,27 @@
################################################################################
# CONTENIDO AMR plugin simple rewrite rules set.
# ConLite AMR plugin simple rewrite rules set.
#
# Contains few easy to handle rewrite rules.
#
# @version 0.0.1
# @version 1.0.0
# @author Ortwin Pinke <ortwin.pinke@php-backoffice.de>
# @author Murat Purc <murat@purc.de>
# @copyright four for business AG <www.4fb.de>
# @license http://www.contenido.org/license/LIZENZ.txt
# @link http://www.4fb.de
# @link http://www.contenido.org
# @copyright 2019 ConLite Team
# @link http://www.conlite.org
#
# Versions before 1.0 copyright 4fb, author Murat Purc
#
# $Id$
################################################################################
# Enable following lines to run PHP5 on 1und1.de (1and1.com)
#AddType x-mapp-php5 .php
#AddHandler x-mapp-php5 .php
<IfModule mod_rewrite.c>
# Enable rewrite engine
RewriteEngine on
# Specify a base URL-path for the rules
RewriteBase /cms
# Catch some common exploits in query string to get rid of them
# NOTE: Conditions to prevent protocols (ftp, http[s]) in query string could
# be a disadvantage in some cases
@ -39,11 +33,9 @@
RewriteCond %{QUERY_STRING} http[s]*://.*$ [NC]
RewriteRule ^.* - [F,L] # all matching conditions from above will end in nirvana
# Rewrite request to root to front_content.php
RewriteRule ^$ front_content.php [QSA,L]
# Exclude following request from rewriting
# tests for favicon.ico, valid symlinks (-s), not empty files (-l) and folders (-d)
RewriteCond %{REQUEST_URI} ^/favicon.ico$ [OR]
@ -52,13 +44,11 @@
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^.*$ - [NC,L]
# Pass other requests to front_content.php
RewriteRule ^.*$ front_content.php [QSA,NC,L]
</IfModule>
# Some rules to compress files.
# NOTE: Following settings are not mod rewrite specific, but enabling mod_deflate
# for some file types can help to reduce bandwith.