fixed #29

1 year ago · d482a362af
parent 50553924d4
commit d482a362af
6 changed files with 753 additions and 1012 deletions
--- a/conlite/external/frontend/config.php
+++ b/conlite/external/frontend/config.php
@ -1,53 +0,0 @@
-<?php
-/**
- * Project: 
- * Contenido Content Management System
- * 
- * Description: 
- * <Description>
- * 
- * Requirements: 
- * @con_php_req 5
- * @con_template <Templatefiles>
- * @con_notice <Notice>
- * 
- *
- * @package    ContenidoBackendArea
- * @version    <version>
- * @author     <author>
- * @copyright  four for business AG <www.4fb.de>
- * @license    http://www.contenido.org/license/LIZENZ.txt
- * @link       http://www.4fb.de
- * @link       http://www.contenido.org
- * 
- * 
- * 
- * {@internal 
- *   created  <date>
- *   modified 2008-07-04, bilal arslan, added security fix
- *
- *   $Id$:
- * }}
- * 
- */
- if(!defined('CON_FRAMEWORK')) {
-   die('Illegal call');
-}
- 
-// Relative path to contenido directory, for all inclusions, in most cases: "../contenido/"
-$contenido_path = "!PATH!";
-
-// If language isn't specified, set this client and language (ID)
-$load_lang		= "!LANG!";
-$load_client	= "!CLIENT!";
-
-/* Various debugging options */
-$frontend_debug["container_display"]		= false;
-$frontend_debug["module_display"]			= false;
-$frontend_debug["module_timing"]			= false;
-$frontend_debug["module_timing_summary"]	= false;
-
-/* Set to 1 to brute-force module regeneration */
-$force = 0;
-
-?>
--- a/conlite/external/frontend/dbfs.php
+++ b/conlite/external/frontend/dbfs.php
@ -8,9 +8,11 @@
 * 
 * Requirements: 
 * @con_php_req 5
+ * @con_template <Templatefiles>
+ * @con_notice <Notice>
+ * 
 *
 * @package    ContenidoBackendArea
- * @version    <version>
 * @author     unknown
 * @copyright  four for business AG <www.4fb.de>
 * @license    http://www.contenido.org/license/LIZENZ.txt
@ -20,15 +22,17 @@
 * 
 * 
 * {@internal 
- *  created  unknown
- *  modified 2008-06-16, H. Librenz - Hotfix: checking for potential unsecure calling 
- *  modified 2008-07-04, bilal arslan, added security fix
+ *   created  unknown
+ *   modified 2008-06-16, H. Librenz - Hotfix: checking for potential unsecure calling
+ *   modified 2008-07-03, bilal arslan, added security fix
+ *   modified 2010-05-20, Murat Purc, standardized Contenido startup and security check invocations, see [#CON-307]
 *
 *   $Id$:
 * }}
 * 
 */
- if (!defined("CON_FRAMEWORK")) {
+
+if (!defined("CON_FRAMEWORK")) {
    define("CON_FRAMEWORK", true);
 }

@ -36,12 +40,8 @@ $contenido_path = '';
 # include the config file of the frontend to init the Client and Language Id
 include_once ("config.php");

-// include security class and check request variables
-include_once ($contenido_path . 'classes/class.security.php');
-Contenido_Security::checkRequests();
-
-include_once ($contenido_path . "includes/startup.php");
-cInclude("includes", "functions.general.php");
+// Contenido startup process
+include_once ($contenido_path . 'includes/startup.php');

 if ($contenido)
 {
--- a/conlite/external/frontend/front_content.php
+++ b/conlite/external/frontend/front_content.php
--- a/conlite/external/frontend/front_crcloginform.inc.php
+++ b/conlite/external/frontend/front_crcloginform.inc.php
@ -1,40 +1,25 @@
 <?php
 /**
- * Project: 
- * Contenido Content Management System
+ * file: front_crcloginform.inc.php
 * 
- * Description: 
- * <Description>
- * 
- * Requirements: 
- * @con_php_req 5
- * @con_template <Templatefiles>
- * @con_notice <Notice>
- * 
- *
- * @package    ContenidoBackendArea
- * @version    <version>
+ * @package    ConLite
+ * @subpackage Frontend
+ * @version    $Rev$
+ * @author     Ortwin Pinke
+ * @copyright  conrepo.org
+ * @link       http://conlite.conrepo.org
 * @author     Jan Lengowski
 * @copyright  four for business AG <www.4fb.de>
 * @license    http://www.contenido.org/license/LIZENZ.txt
 * @link       http://www.4fb.de
 * @link       http://www.contenido.org
- * 
- * 
- * 
- * {@internal 
- *   created  2003-01-21
- *   modified 2005-09-29, Andreas Lindner
- *   modified 2008-07-04, bilal arslan, added security fix
- *   modified 2008-11-18, Murat Purc, add usage of Contenido_Url to create urls to frontend pages and redesign of HTML markup
- *   modified 2009-01-03, Murat Purc, synchronized with cms/front_crcloginform.inc.php
- *   modified 2011-02-07, Dominik Ziegler, fixed check of but_ok.gif and changed input type button to submit
 *
 *   $Id$:
- * }}
- * 
 */

+/**
+ * security check
+ */
 if(!defined('CON_FRAMEWORK')) {
  die('Illegal call');
 }
@ -108,18 +93,17 @@ if ( file_exists($cfgClient[$client]['path']['frontend'] . 'images/but_ok.gif')
 }

 ?>
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
-   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<!DOCTYPE html>
 <html>
 <head>
-    <meta http-equiv="Content-Type" content="text/html; charset=<?php echo $encoding[$lang] ?>" /> 
+    <meta charset="<?php echo $encoding[$lang] ?>" /> 
    <title>:: :: :: :: Contenido Login</title>
-    <script type="text/javascript"><!--
+    <script type="text/javascript">
    if (top != self) {
        top.location.href = self.location.href;
    }
-    // --></script>
-    <style type="text/css"><!--
+    </script>
+    <style type="text/css">
    * {margin:0; padding:0;}
    html, body {height: 100%;}
    body {background-color:#fff; font-family: Verdana, Arial, Helvetica, Sans-Serif; font-size: 11px; color:#000;}
@ -134,7 +118,7 @@ if ( file_exists($cfgClient[$client]['path']['frontend'] . 'images/but_ok.gif')
    #login .formHeader {font-weight:bold; background-color:<?php echo $cfg['color']['table_header'] ?>; border-bottom:1px solid <?php echo $cfg['color']['table_border'] ?>; padding:3px; margin-bottom:10px;}
    #login .formRow {padding:0 10px; height:31px;}
    #login .clear {clear:both;}
-    // --></style>
+    </style>
 </head>
 <body>

@ -156,13 +140,14 @@ if ( file_exists($cfgClient[$client]['path']['frontend'] . 'images/but_ok.gif')
    </form>
 </div>

-<script type="text/javascript"><!--
-if (document.login.username.value == '') {
-    document.login.username.focus();
-} else {
-    document.login.password.focus();
-}
-// --></script>
-
+<script type="text/javascript">
+    <!--
+    if (document.login.username.value == '') {
+        document.login.username.focus();
+    } else {
+        document.login.password.focus();
+    }
+    // -->
+</script>
 </body>
-</html>
+</html>
--- a/conlite/external/frontend/includes/class.input.helper.php
+++ b/conlite/external/frontend/includes/class.input.helper.php
--- a/nbproject/project.properties
+++ b/nbproject/project.properties
@ -1,6 +1,6 @@
 auxiliary.org-netbeans-modules-php-smarty.smarty-framework=true
 include.path=${php.global.include.path}
-php.version=PHP_80
+php.version=PHP_81
 source.encoding=UTF-8
 src.dir=.
 tags.asp=false