ConLite
/
ConLite
1
0
Fork 0
Code Issues 22 Pull-Requests Projekte 2 Releases 2 Wiki Aktivität

fixed #29

Dieser Commit ist enthalten in:
o.pinke 2022-05-23 18:49:34 +02:00
Ursprung 50553924d4
Commit d482a362af
6 geänderte Dateien mit 695 neuen und 954 gelöschten Zeilen
Statistiken anzeigen Patch-Datei herunterladen Vergleichs-Datei herunterladen Alle Dateien ausklappen Alle Dateien einklappen

53
conlite/external/frontend/config.php vendored
Datei anzeigen

@ -1,53 +0,0 @@
<?php
/**
* Project:
* Contenido Content Management System
*
* Description:
* <Description>
*
* Requirements:
* @con_php_req 5
* @con_template <Templatefiles>
* @con_notice <Notice>
*
*
* @package ContenidoBackendArea
* @version <version>
* @author <author>
* @copyright four for business AG <www.4fb.de>
* @license http://www.contenido.org/license/LIZENZ.txt
* @link http://www.4fb.de
* @link http://www.contenido.org
*
*
*
* {@internal
* created <date>
* modified 2008-07-04, bilal arslan, added security fix
*
* $Id$:
* }}
*
*/
if(!defined('CON_FRAMEWORK')) {
die('Illegal call');
}
// Relative path to contenido directory, for all inclusions, in most cases: "../contenido/"
$contenido_path = "!PATH!";
// If language isn't specified, set this client and language (ID)
$load_lang = "!LANG!";
$load_client = "!CLIENT!";
/* Various debugging options */
$frontend_debug["container_display"] = false;
$frontend_debug["module_display"] = false;
$frontend_debug["module_timing"] = false;
$frontend_debug["module_timing_summary"] = false;
/* Set to 1 to brute-force module regeneration */
$force = 0;
?>

16
conlite/external/frontend/dbfs.php vendored
Datei anzeigen

@ -8,9 +8,11 @@
* *
* Requirements: * Requirements:
* @con_php_req 5 * @con_php_req 5
* @con_template <Templatefiles>
* @con_notice <Notice>
*
* *
* @package ContenidoBackendArea * @package ContenidoBackendArea
* @version <version>
* @author unknown * @author unknown
* @copyright four for business AG <www.4fb.de> * @copyright four for business AG <www.4fb.de>
* @license http://www.contenido.org/license/LIZENZ.txt * @license http://www.contenido.org/license/LIZENZ.txt
@ -22,12 +24,14 @@
* {@internal * {@internal
* created unknown * created unknown
* modified 2008-06-16, H. Librenz - Hotfix: checking for potential unsecure calling * modified 2008-06-16, H. Librenz - Hotfix: checking for potential unsecure calling
* modified 2008-07-04, bilal arslan, added security fix * modified 2008-07-03, bilal arslan, added security fix
* modified 2010-05-20, Murat Purc, standardized Contenido startup and security check invocations, see [#CON-307]
* *
* $Id$: * $Id$:
* }} * }}
* *
*/ */
if (!defined("CON_FRAMEWORK")) { if (!defined("CON_FRAMEWORK")) {
define("CON_FRAMEWORK", true); define("CON_FRAMEWORK", true);
} }
@ -36,12 +40,8 @@ $contenido_path = '';
# include the config file of the frontend to init the Client and Language Id # include the config file of the frontend to init the Client and Language Id
include_once ("config.php"); include_once ("config.php");
// include security class and check request variables // Contenido startup process
include_once ($contenido_path . 'classes/class.security.php'); include_once ($contenido_path . 'includes/startup.php');
Contenido_Security::checkRequests();
include_once ($contenido_path . "includes/startup.php");
cInclude("includes", "functions.general.php");
if ($contenido) if ($contenido)
{ {

404
conlite/external/frontend/front_content.php vendored
Datei anzeigen

@ -1,4 +1,5 @@
<?php <?php
/** /**
* Project: * Project:
* Contenido Content Management System * Contenido Content Management System
@ -41,44 +42,37 @@
* @link http://www.4fb.de * @link http://www.4fb.de
* @link http://www.contenido.org * @link http://www.contenido.org
* @since file available since contenido release <= 4.6 * @since file available since contenido release <= 4.6
*
* {@internal
* created 2003-01-21
* modified 2008-06-16, H. Librenz, Hotfix: checking for potential unsecure call
* modified 2008-06-26, Frederic Schneider, add security fix
* modified 2008-07-02, Frederic Schneider, add more security fixes and include security_class
* modified 2008-08-29, Murat Purc, new way to execute chains
* modified 2008-09-07, Murat Purc, new chain 'Contenido.Frontend.AfterLoadPlugins'
* modified 2008-11-11, Andreas Lindner, added additional option to CEC_Hook::setConditions for frontend user acccess
* modified 2008-11-11, Andreas Lindner, Fixed typo in var name $iLangCheck (missing $)
* modified 2008-11-11, Andreas Lindner,
* modified 2008-11-18, Timo Trautmann: in backendeditmode also check if logged in backenduser has permission to view preview of page
* modified 2008-11-18, Murat Purc, add usage of Contenido_Url to create urls to frontend pages
* modified 2008-12-23, Murat Purc, fixed problems with Contenido_Url
* modified 2009-01-13, Murat Purc, changed handling of internal redirects
* modified 2009-03-02, Andreas Lindner, prevent $lang being wrongly set to 0
* modified 2009-04-16, OliverL, check return from Contenido.Frontend.HTMLCodeOutput
* modified 2009-10-23, Murat Purc, removed deprecated function (PHP 5.3 ready)
* modified 2009-10-27, Murat Purc, fixed/modified CEC_Hook, see [#CON-256]
* modified 2010-05-20, Murat Purc, moved security checks into startup process, see [#CON-307]
* modified 2010-09-23, Murat Purc, fixed $encoding handling, see [#CON-305]
* modified 2011-02-07, Dominik Ziegler, added exit after redirections to force their execution
* modified 2011-02-10, Dominik Ziegler, moved function declaration of IP_match out of front_content.php
*
* $Id$:
* }}
*
*/ */
if (!defined("CON_FRAMEWORK")) { if (!defined("CON_FRAMEWORK")) {
define("CON_FRAMEWORK", true); define("CON_FRAMEWORK", true);
} }
$contenido_path = ''; $contenido_path = '';
# include the config file of the frontend to init the Client and Language Id
include_once ("config.php");
# Contenido startup process // Set path to current frontend
$frontend_path = str_replace('\\', '/', realpath(dirname(__FILE__) . '/')) . '/';
// Include the environment definer file
include_once($frontend_path . 'environment.php');
if (defined('CL_ENVIRONMENT')) {
include_once($frontend_path . 'data/config/' . CL_ENVIRONMENT . '/config.php');
if (file_exists($frontend_path . 'data/config/' . CL_ENVIRONMENT . '/config.local.php')) {
@include($frontend_path . 'data/config/' . CL_ENVIRONMENT . '/config.local.php');
}
} else {
if(file_exists($frontend_path.'config.php')) {
include_once($frontend_path.'config.php');
}
if(file_exists($frontend_path.'config.local.php')) {
include_once($frontend_path.'config.local.php');
}
}
if (!is_file($contenido_path . 'includes/startup.php')) {
die("<h1>Fatal Error</h1><br>Couldn't include ConLite startup.");
}
include_once($contenido_path . 'includes/startup.php'); include_once($contenido_path . 'includes/startup.php');
cInclude("includes", "functions.con.php"); cInclude("includes", "functions.con.php");
@ -86,8 +80,7 @@ cInclude("includes", "functions.con2.php");
cInclude("includes", "functions.api.php"); cInclude("includes", "functions.api.php");
cInclude("includes", "functions.pathresolver.php"); cInclude("includes", "functions.pathresolver.php");
if ($cfg["use_pseudocron"] == true) if ($cfg["use_pseudocron"] == true) {
{
/* Include cronjob-Emulator */ /* Include cronjob-Emulator */
$oldpwd = getcwd(); $oldpwd = getcwd();
chdir($cfg["path"]["contenido"] . $cfg["path"]["cronjobs"]); chdir($cfg["path"]["contenido"] . $cfg["path"]["cronjobs"]);
@ -100,46 +93,33 @@ if ($cfg["use_pseudocron"] == true)
* PHPLIB application development toolkit * PHPLIB application development toolkit
* @see http://sourceforge.net/projects/phplib * @see http://sourceforge.net/projects/phplib
*/ */
if ($contenido) if (!empty($contenido)) {
{
//Backend //Backend
page_open(array('sess' => 'Contenido_Session', 'auth' => 'Contenido_Challenge_Crypt_Auth', 'perm' => 'Contenido_Perm')); page_open(array('sess' => 'Contenido_Session', 'auth' => 'Contenido_Challenge_Crypt_Auth', 'perm' => 'Contenido_Perm'));
i18nInit($cfg["path"]["contenido"] . $cfg["path"]["locale"], $belang); i18nInit($cfg["path"]["contenido"] . $cfg["path"]["locale"], $belang);
} } else {
else
{
//Frontend //Frontend
page_open(array('sess' => 'Contenido_Frontend_Session', 'auth' => 'Contenido_Frontend_Challenge_Crypt_Auth', 'perm' => 'Contenido_Perm')); page_open(array('sess' => 'Contenido_Frontend_Session', 'auth' => 'Contenido_Frontend_Challenge_Crypt_Auth', 'perm' => 'Contenido_Perm'));
} }
/**
* Bugfix
* @see http://contenido.org/forum/viewtopic.php?t=18291
*
* added by H. Librenz (2007-12-07)
*/
//includePluginConf();
/**
* fixed bugfix - using functions brokes variable scopes!
*
* added by H. Librenz (2007-12-21) based on an idea of A. Lindner
*/
require_once $cfg['path']['contenido'] . $cfg['path']['includes'] . 'functions.includePluginConf.php'; require_once $cfg['path']['contenido'] . $cfg['path']['includes'] . 'functions.includePluginConf.php';
$db = new DB_ConLite; // Call hook after plugins are loaded, added by Murat Purc, 2008-09-07
CEC_Hook::execute('Contenido.Frontend.AfterLoadPlugins');
$db = new DB_ConLite();
$sess->register("cfgClient"); $sess->register("cfgClient");
$sess->register("errsite_idcat"); $sess->register("errsite_idcat");
$sess->register("errsite_idart"); $sess->register("errsite_idart");
$sess->register("encoding"); $sess->register("encoding");
if ($cfgClient["set"] != "set") if (empty($cfgClient["set"]) || $cfgClient["set"] != "set") {
{
rereadClients(); rereadClients();
} }
# Check if this request is for a compressed file # Check if this request is for a compressed file
if ($_GET['action'] == 'get_compressed') { if (isset($_GET['action']) && $_GET['action'] == 'get_compressed') {
# Get the calling parameters # Get the calling parameters
$sFilename = ((isset($_GET['f'])) ? $_GET['f'] : $_GET['amp;f']); $sFilename = ((isset($_GET['f'])) ? $_GET['f'] : $_GET['amp;f']);
$sContentType = ((isset($_GET['c'])) ? $_GET['c'] : $_GET['amp;c']); $sContentType = ((isset($_GET['c'])) ? $_GET['c'] : $_GET['amp;c']);
@ -154,8 +134,7 @@ if ($_GET['action'] == 'get_compressed') {
// Call hook after plugins are loaded, added by Murat Purc, 2008-09-07 // Call hook after plugins are loaded, added by Murat Purc, 2008-09-07
CEC_Hook::execute('Contenido.Frontend.AfterLoadPlugins'); CEC_Hook::execute('Contenido.Frontend.AfterLoadPlugins');
if (!isset($encoding) || !is_array($encoding) || count($encoding) == 0) if (!isset($encoding) || !is_array($encoding) || count($encoding) == 0) {
{
// get encodings of all languages // get encodings of all languages
$encoding = array(); $encoding = array();
$sql = "SELECT idlang, encoding FROM " . $cfg["tab"]["lang"]; $sql = "SELECT idlang, encoding FROM " . $cfg["tab"]["lang"];
@ -170,11 +149,9 @@ if (!isset($encoding) || !is_array($encoding) || count($encoding) == 0)
// @TODO: Should be outsourced into startup process but requires a better detection (frontend or backend) // @TODO: Should be outsourced into startup process but requires a better detection (frontend or backend)
Contenido_Security::checkFrontendGlobals(); Contenido_Security::checkFrontendGlobals();
// update urlbuilder set http base path // update urlbuilder set http base path
Contenido_Url::getInstance()->getUrlBuilder()->setHttpBasePath($cfgClient[$client]['htmlpath']['frontend']); Contenido_Url::getInstance()->getUrlBuilder()->setHttpBasePath($cfgClient[$client]['htmlpath']['frontend']);
// Initialize language // Initialize language
if (!isset($lang)) { if (!isset($lang)) {
@ -202,11 +179,12 @@ if (!isset($lang)) {
} }
} }
if (!$sess->is_registered("lang") ) $sess->register("lang"); if (!$sess->is_registered("lang"))
if (!$sess->is_registered("client") ) $sess->register("client"); $sess->register("lang");
if (!$sess->is_registered("client"))
$sess->register("client");
if (isset ($username)) if (isset($username)) {
{
$auth->login_if(true); $auth->login_if(true);
} }
@ -219,8 +197,7 @@ header("Content-Type: text/html; charset={$encoding[$lang]}");
* if http global logout is set e.g. front_content.php?logout=true * if http global logout is set e.g. front_content.php?logout=true
* log out the current user. * log out the current user.
*/ */
if (isset ($logout)) if (isset($logout)) {
{
$auth->logout(true); $auth->logout(true);
$auth->unauth(true); $auth->unauth(true);
$auth->auth["uname"] = "nobody"; $auth->auth["uname"] = "nobody";
@ -229,8 +206,7 @@ if (isset ($logout))
/* /*
* local configuration * local configuration
*/ */
if (file_exists("config.local.php")) if (file_exists("config.local.php")) {
{
@ include ("config.local.php"); @ include ("config.local.php");
} }
@ -238,25 +214,19 @@ if (file_exists("config.local.php"))
* If the path variable was passed, try to resolve it to a Category Id * If the path variable was passed, try to resolve it to a Category Id
* e.g. front_content.php?path=/company/products/ * e.g. front_content.php?path=/company/products/
*/ */
if (isset($path) && strlen($path) > 1) if (isset($path) && strlen($path) > 1) {
{
/* Which resolve method is configured? */ /* Which resolve method is configured? */
if ($cfg["urlpathresolve"] == true) if ($cfg["urlpathresolve"] == true) {
{
$iLangCheck = 0; $iLangCheck = 0;
$idcat = prResolvePathViaURLNames($path, $iLangCheck); $idcat = prResolvePathViaURLNames($path, $iLangCheck);
} else {
}
else
{
$iLangCheck = 0; $iLangCheck = 0;
$idcat = prResolvePathViaCategoryNames($path, $iLangCheck); $idcat = prResolvePathViaCategoryNames($path, $iLangCheck);
if (($lang != $iLangCheck) && ((int) $iLangCheck != 0)) { if (($lang != $iLangCheck) && ((int) $iLangCheck != 0)) {
$lang = $iLangCheck; $lang = $iLangCheck;
} }
} }
} }
@ -267,20 +237,17 @@ $aParams = array (
); );
$errsite = 'Location: ' . Contenido_Url::getInstance()->buildRedirect($aParams); $errsite = 'Location: ' . Contenido_Url::getInstance()->buildRedirect($aParams);
/* /*
* Try to initialize variables $idcat, $idart, $idcatart, $idartlang * Try to initialize variables $idcat, $idart, $idcatart, $idartlang
* Note: These variables can be set via http globals e.g. front_content.php?idcat=41&idart=34&idcatart=35&idartlang=42 * Note: These variables can be set via http globals e.g. front_content.php?idcat=41&idart=34&idcatart=35&idartlang=42
* If not the values will be computed. * If not the values will be computed.
*/ */
if ($idart && !$idcat && !$idcatart) if ($idart && !$idcat && !$idcatart) {
{
/* Try to fetch the first idcat */ /* Try to fetch the first idcat */
$sql = "SELECT idcat FROM " . $cfg["tab"]["cat_art"] . " WHERE idart = '" . Contenido_Security::toInteger($idart) . "'"; $sql = "SELECT idcat FROM " . $cfg["tab"]["cat_art"] . " WHERE idart = '" . Contenido_Security::toInteger($idart) . "'";
$db->query($sql); $db->query($sql);
if ($db->next_record()) if ($db->next_record()) {
{
$idcat = $db->f("idcat"); $idcat = $db->f("idcat");
} }
} }
@ -288,16 +255,12 @@ if ($idart && !$idcat && !$idcatart)
unset($code); unset($code);
unset($markscript); unset($markscript);
if (!$idcatart) if (empty($idcatart)) {
{ if (empty($idart)) {
if (!$idart) if (empty($idcat)) {
{
if (!$idcat)
{
# Note: In earlier Contenido versions the information if an article is startarticle of a category has been stored # Note: In earlier Contenido versions the information if an article is startarticle of a category has been stored
# in relation con_cat_art. # in relation con_cat_art.
if ($cfg["is_start_compatible"] == true) if ($cfg["is_start_compatible"] == true) {
{
$sql = "SELECT $sql = "SELECT
idart, idart,
B.idcat B.idcat
@ -312,9 +275,7 @@ if (!$idcatart)
idclient='" . Contenido_Security::toInteger($client) . "' idclient='" . Contenido_Security::toInteger($client) . "'
ORDER BY ORDER BY
idtree ASC"; idtree ASC";
} } else {
else
{
# Note: Now the information if an article is startarticle of a category is stored in relation con_cat_lang. # Note: Now the information if an article is startarticle of a category is stored in relation con_cat_lang.
$sql = "SELECT $sql = "SELECT
A.idart, A.idart,
@ -343,7 +304,7 @@ if (!$idcatart)
$idart = $db->f("idart"); $idart = $db->f("idart");
$idcat = $db->f("idcat"); $idcat = $db->f("idcat");
} else { } else {
if($contenido) { if (!empty($contenido)) {
cInclude("includes", "functions.i18n.php"); cInclude("includes", "functions.i18n.php");
die(i18n("No start article for this category")); die(i18n("No start article for this category"));
} else { } else {
@ -357,25 +318,19 @@ if (!$idcatart)
} }
} else { } else {
$idart = -1; $idart = -1;
if ($cfg["is_start_compatible"] == true) if ($cfg["is_start_compatible"] == true) {
{
$sql = "SELECT idart FROM " . $cfg["tab"]["cat_art"] . " WHERE idcat='" . Contenido_Security::toInteger($idcat) . "' AND is_start='1'"; $sql = "SELECT idart FROM " . $cfg["tab"]["cat_art"] . " WHERE idcat='" . Contenido_Security::toInteger($idcat) . "' AND is_start='1'";
$db->query($sql); $db->query($sql);
if ($db->next_record()) if ($db->next_record()) {
{
$idart = $db->f("idart"); $idart = $db->f("idart");
} }
} } else {
else
{
$sql = "SELECT startidartlang FROM " . $cfg["tab"]["cat_lang"] . " WHERE idcat='" . Contenido_Security::toInteger($idcat) . "' AND idlang='" . Contenido_Security::toInteger($lang) . "'"; $sql = "SELECT startidartlang FROM " . $cfg["tab"]["cat_lang"] . " WHERE idcat='" . Contenido_Security::toInteger($idcat) . "' AND idlang='" . Contenido_Security::toInteger($lang) . "'";
$db->query($sql); $db->query($sql);
if ($db->next_record()) if ($db->next_record()) {
{ if ($db->f("startidartlang") != 0) {
if ($db->f("startidartlang") != 0)
{
$sql = "SELECT idart FROM " . $cfg["tab"]["art_lang"] . " WHERE idartlang='" . Contenido_Security::toInteger($db->f("startidartlang")) . "'"; $sql = "SELECT idart FROM " . $cfg["tab"]["art_lang"] . " WHERE idartlang='" . Contenido_Security::toInteger($db->f("startidartlang")) . "'";
$db->query($sql); $db->query($sql);
$db->next_record(); $db->next_record();
@ -384,25 +339,17 @@ if (!$idcatart)
} }
} }
if ($idart != -1) if ($idart != -1) {
{
} } else {
else
{
// error message in backend // error message in backend
if ($contenido) if ($contenido) {
{
cInclude("includes", "functions.i18n.php"); cInclude("includes", "functions.i18n.php");
die(i18n("No start article for this category")); die(i18n("No start article for this category"));
} } else {
else if ($error == 1) {
{
if ($error == 1)
{
echo "Fatal error: Could not display error page. Error to display was: 'No start article in this category'"; echo "Fatal error: Could not display error page. Error to display was: 'No start article in this category'";
} } else {
else
{
header($errsite); header($errsite);
exit; exit;
} }
@ -410,9 +357,7 @@ if (!$idcatart)
} }
} }
} }
} } else {
else
{
$sql = "SELECT idcat, idart FROM " . $cfg["tab"]["cat_art"] . " WHERE idcatart='" . Contenido_Security::toInteger($idcatart) . "'"; $sql = "SELECT idcat, idart FROM " . $cfg["tab"]["cat_art"] . " WHERE idcatart='" . Contenido_Security::toInteger($idcatart) . "'";
$db->query($sql); $db->query($sql);
@ -423,8 +368,7 @@ else
} }
/* Get idcatart */ /* Get idcatart */
if (0 != $idart && 0 != $idcat) if (0 != $idart && 0 != $idcat) {
{
$sql = "SELECT idcatart FROM " . $cfg["tab"]["cat_art"] . " WHERE idart = '" . Contenido_Security::toInteger($idart) . "' AND idcat = '" . Contenido_Security::toInteger($idcat) . "'"; $sql = "SELECT idcatart FROM " . $cfg["tab"]["cat_art"] . " WHERE idart = '" . Contenido_Security::toInteger($idart) . "' AND idcat = '" . Contenido_Security::toInteger($idcat) . "'";
$db->query($sql); $db->query($sql);
@ -435,8 +379,7 @@ if (0 != $idart && 0 != $idcat)
$idartlang = getArtLang($idart, $lang); $idartlang = getArtLang($idart, $lang);
if ($idartlang === false) if ($idartlang === false) {
{
header($errsite); header($errsite);
exit; exit;
} }
@ -454,8 +397,6 @@ if ($cfg["cache"]["disable"] != '1') {
$oCacheHandler->start($iStartTime); // $iStartTime ist optional und ist die startzeit des scriptes, z. b. am anfang von fron_content.php $oCacheHandler->start($iStartTime); // $iStartTime ist optional und ist die startzeit des scriptes, z. b. am anfang von fron_content.php
} }
// END: concache // END: concache
############################################## ##############################################
# BACKEND / FRONTEND EDITING # BACKEND / FRONTEND EDITING
############################################## ##############################################
@ -470,21 +411,18 @@ if ($cfg["cache"]["disable"] != '1') {
* The reason is to avoid cross-site scripting errors in the backend, if the backend domain differs from * The reason is to avoid cross-site scripting errors in the backend, if the backend domain differs from
* the frontend domain. * the frontend domain.
*/ */
if ($contenido) if ($contenido) {
{
$perm->load_permissions(); $perm->load_permissions();
/* Change mode edit / view */ /* Change mode edit / view */
if (isset ($changeview)) if (isset($changeview)) {
{
$sess->register("view"); $sess->register("view");
$view = $changeview; $view = $changeview;
} }
$col = new InUseCollection; $col = new InUseCollection;
if ($overrideid != "" && $overridetype != "") if ($overrideid != "" && $overridetype != "") {
{
$col->removeItemMarks($overridetype, $overrideid); $col->removeItemMarks($overridetype, $overrideid);
} }
/* Remove all own marks */ /* Remove all own marks */
@ -495,8 +433,7 @@ if ($contenido)
$sHtmlInUse = ''; $sHtmlInUse = '';
$sHtmlInUseMessage = ''; $sHtmlInUseMessage = '';
if ($inUse == true) if ($inUse == true) {
{
$disabled = 'disabled="disabled"'; $disabled = 'disabled="disabled"';
$sHtmlInUseCss = '<link rel="stylesheet" type="text/css" href="' . $cfg['path']['contenido_fullhtml'] . 'styles/inuse.css" />'; $sHtmlInUseCss = '<link rel="stylesheet" type="text/css" href="' . $cfg['path']['contenido_fullhtml'] . 'styles/inuse.css" />';
$sHtmlInUseMessage = $message; $sHtmlInUseMessage = $message;
@ -506,8 +443,7 @@ if ($contenido)
$db->query($sql); $db->query($sql);
$db->next_record(); $db->next_record();
$locked = $db->f("locked"); $locked = $db->f("locked");
if ($locked == 1) if ($locked == 1) {
{
$inUse = true; $inUse = true;
$disabled = 'disabled="disabled"'; $disabled = 'disabled="disabled"';
} }
@ -518,13 +454,11 @@ if ($contenido)
'Contenido.Frontend.AllowEdit', $lang, $idcat, $idart, $auth->auth['uid'] 'Contenido.Frontend.AllowEdit', $lang, $idcat, $idart, $auth->auth['uid']
); );
if ($perm->have_perm_area_action_item("con_editcontent", "con_editart", $idcat) && $inUse == false && $allow == true) if ($perm->have_perm_area_action_item("con_editcontent", "con_editart", $idcat) && $inUse == false && $allow == true) {
{
/* Create buttons for editing */ /* Create buttons for editing */
$edit_preview = '<table cellspacing="0" cellpadding="4" border="0">'; $edit_preview = '<table cellspacing="0" cellpadding="4" border="0">';
if ($view == "edit") if ($view == "edit") {
{
$edit_preview = '<tr> $edit_preview = '<tr>
<td width="18"> <td width="18">
<a title="Preview" style="font-family: Verdana; font-size: 10px; color: #000000; text-decoration: none" href="' . $sess->url("front_content.php?changeview=prev&idcat=$idcat&idart=$idart") . '"><img src="' . $cfg["path"]["contenido_fullhtml"] . $cfg["path"]["images"] . 'but_preview.gif" alt="Preview" title="Preview" border="0"></a> <a title="Preview" style="font-family: Verdana; font-size: 10px; color: #000000; text-decoration: none" href="' . $sess->url("front_content.php?changeview=prev&idcat=$idcat&idart=$idart") . '"><img src="' . $cfg["path"]["contenido_fullhtml"] . $cfg["path"]["images"] . 'but_preview.gif" alt="Preview" title="Preview" border="0"></a>
@ -533,9 +467,7 @@ if ($contenido)
<a title="Preview" style="font-family: Verdana; font-size: 10px; color: #000000; text-decoration: none" href="' . $sess->url("front_content.php?changeview=prev&idcat=$idcat&idart=$idart") . '">Preview</a> <a title="Preview" style="font-family: Verdana; font-size: 10px; color: #000000; text-decoration: none" href="' . $sess->url("front_content.php?changeview=prev&idcat=$idcat&idart=$idart") . '">Preview</a>
</td> </td>
</tr>'; </tr>';
} } else {
else
{
$edit_preview = '<tr> $edit_preview = '<tr>
<td width="18"> <td width="18">
<a title="Preview" style="font-family: Verdana; font-size: 10px; color: #000000; text-decoration: none" href="' . $sess->url("front_content.php?changeview=edit&idcat=$idcat&idart=$idart") . '"><img src="' . $cfg["path"]["contenido_fullhtml"] . $cfg["path"]["images"] . 'but_edit.gif" alt="Preview" title="Preview" border="0"></a> <a title="Preview" style="font-family: Verdana; font-size: 10px; color: #000000; text-decoration: none" href="' . $sess->url("front_content.php?changeview=edit&idcat=$idcat&idart=$idart") . '"><img src="' . $cfg["path"]["contenido_fullhtml"] . $cfg["path"]["images"] . 'but_edit.gif" alt="Preview" title="Preview" border="0"></a>
@ -547,14 +479,11 @@ if ($contenido)
} }
/* Display articles */ /* Display articles */
if ($cfg["is_start_compatible"] == true) if ($cfg["is_start_compatible"] == true) {
{
$sql = "SELECT idart, is_start FROM " . $cfg["tab"]["cat_art"] . " WHERE idcat='" . Contenido_Security::toInteger($idcat) . "' ORDER BY idart"; $sql = "SELECT idart, is_start FROM " . $cfg["tab"]["cat_art"] . " WHERE idcat='" . Contenido_Security::toInteger($idcat) . "' ORDER BY idart";
$db->query($sql); $db->query($sql);
} } else {
else
{
$sql = "SELECT idart FROM " . $cfg["tab"]["cat_art"] . " WHERE idcat='" . Contenido_Security::toInteger($idcat) . "' ORDER BY idart"; $sql = "SELECT idart FROM " . $cfg["tab"]["cat_art"] . " WHERE idcat='" . Contenido_Security::toInteger($idcat) . "' ORDER BY idart";
$db->query($sql); $db->query($sql);
@ -564,21 +493,15 @@ if ($contenido)
$edit_preview .= '<tr><td colspan="2"><table cellspacing="0" cellpadding="2" border="0"></tr><td style="font-family: verdana; font-size:10; color:#000000; text-decoration:none">Articles in category:<br>'; $edit_preview .= '<tr><td colspan="2"><table cellspacing="0" cellpadding="2" border="0"></tr><td style="font-family: verdana; font-size:10; color:#000000; text-decoration:none">Articles in category:<br>';
while ($db->next_record() && ($db->affected_rows() != 1)) while ($db->next_record() && ($db->affected_rows() != 1)) {
{
$class = "font-family:'Verdana'; font-size:10; color:#000000; text-decoration: underline; font-weight:normal"; $class = "font-family:'Verdana'; font-size:10; color:#000000; text-decoration: underline; font-weight:normal";
if (!isset ($idart)) if (!isset($idart)) {
{ if (isStartArticle(getArtLang($idart, $lang), $idcat, $lang)) {
if (isStartArticle(getArtLang($idart, $lang), $idcat, $lang))
{
$class = "font-family: verdana; font-size:10; color:#000000; text-decoration: underline ;font-weight:bold"; $class = "font-family: verdana; font-size:10; color:#000000; text-decoration: underline ;font-weight:bold";
} }
} } else {
else if ($idart == $db->f("idart")) {
{
if ($idart == $db->f("idart"))
{
$class = "font-family: verdana; font-size:10; color:#000000; text-decoration: underline; font-weight:bold"; $class = "font-family: verdana; font-size:10; color:#000000; text-decoration: underline; font-weight:bold";
} }
} }
@ -588,29 +511,23 @@ if ($contenido)
} }
$edit_preview .= '</td></tr></table></td></tr></table>'; $edit_preview .= '</td></tr></table></td></tr></table>';
} }
} // end if $contenido } // end if $contenido
/* If mode is 'edit' and user has permission to edit articles in the current category */ /* If mode is 'edit' and user has permission to edit articles in the current category */
if ($inUse == false && $allow == true && $view == "edit" && ($perm->have_perm_area_action_item("con_editcontent", "con_editart", $idcat))) if (empty($inUse) && (isset($allow) && $allow == true) && $view == "edit" && ($perm->have_perm_area_action_item("con_editcontent", "con_editart", $idcat))) {
{
cInclude("includes", "functions.tpl.php"); cInclude("includes", "functions.tpl.php");
cInclude("includes", "functions.con.php"); cInclude("includes", "functions.con.php");
include ($cfg["path"]["contenido"] . $cfg["path"]["includes"] . "include.con_editcontent.php"); include ($cfg["path"]["contenido"] . $cfg["path"]["includes"] . "include.con_editcontent.php");
} } else {
else
{
############################################## ##############################################
# FRONTEND VIEW # FRONTEND VIEW
############################################## ##############################################
/* Mark submenuitem 'Preview' in the Contenido Backend (Area: Contenido --> Articles --> Preview) */ /* Mark submenuitem 'Preview' in the Contenido Backend (Area: Contenido --> Articles --> Preview) */
if ($contenido) if ($contenido) {
{
$markscript = markSubMenuItem(4, true); $markscript = markSubMenuItem(4, true);
} }
@ -633,13 +550,11 @@ else
############################################## ##############################################
/* Check if code is expired, create new code if needed */ /* Check if code is expired, create new code if needed */
if ($db->f("createcode") == 0 && $force == 0 && $cfg['dceModEdit']['use'] !== true) if ($db->f("createcode") == 0 && $force == 0 && $cfg['dceModEdit']['use'] !== true && $cfg['dceLayEdit']['use'] !== true) {
{
$sql = "SELECT code FROM " . $cfg["tab"]["code"] . " WHERE idcatart = '" . Contenido_Security::toInteger($idcatart) . "' AND idlang = '" . Contenido_Security::toInteger($lang) . "'"; $sql = "SELECT code FROM " . $cfg["tab"]["code"] . " WHERE idcatart = '" . Contenido_Security::toInteger($idcatart) . "' AND idlang = '" . Contenido_Security::toInteger($lang) . "'";
$db->query($sql); $db->query($sql);
if ($db->num_rows() == 0) if ($db->num_rows() == 0) {
{
/* Include here for performance reasons */ /* Include here for performance reasons */
cInclude("includes", "functions.tpl.php"); cInclude("includes", "functions.tpl.php");
@ -649,30 +564,21 @@ else
$db->query($sql); $db->query($sql);
} }
if ($db->next_record()) if ($db->next_record()) {
{
$code = stripslashes($db->f("code")); $code = stripslashes($db->f("code"));
} } else {
else
{
if ($contenido) if ($contenido)
$code = "echo \"No code available.\";"; $code = "echo \"No code available.\";";
else else {
{ if ($error == 1) {
if ($error == 1)
{
echo "Fatal error: Could not display error page. Error to display was: 'No code available'"; echo "Fatal error: Could not display error page. Error to display was: 'No code available'";
} } else {
else
{
header($errsite); header($errsite);
exit; exit;
} }
} }
} }
} } else {
else
{
$sql = "DELETE FROM " . $cfg["tab"]["code"] . " WHERE idcatart = '" . Contenido_Security::toInteger($idcatart) . "'"; $sql = "DELETE FROM " . $cfg["tab"]["code"] . " WHERE idcatart = '" . Contenido_Security::toInteger($idcatart) . "'";
$db->query($sql); $db->query($sql);
@ -691,10 +597,12 @@ else
} }
/* Add mark Script to code if user is in the backend */ /* Add mark Script to code if user is in the backend */
if(!empty($markscript)) {
$code = preg_replace("/<\/head>/i", "$markscript\n</head>", $code, 1); $code = preg_replace("/<\/head>/i", "$markscript\n</head>", $code, 1);
}
/* If article is in use, display notification */ /* If article is in use, display notification */
if ($sHtmlInUseCss && $sHtmlInUseMessage) { if (!empty($sHtmlInUseCss) && !empty($sHtmlInUseMessage)) {
$code = preg_replace("/<\/head>/i", "$sHtmlInUseCss\n</head>", $code, 1); $code = preg_replace("/<\/head>/i", "$sHtmlInUseCss\n</head>", $code, 1);
$code = preg_replace("/(<body[^>]*)>/i", "\${1}> \n $sHtmlInUseMessage", $code, 1); $code = preg_replace("/(<body[^>]*)>/i", "\${1}> \n $sHtmlInUseMessage", $code, 1);
} }
@ -710,33 +618,26 @@ else
############################################## ##############################################
# protected categories # protected categories
############################################## ##############################################
if ($public == 0) if ($public == 0) {
{ if ($auth->auth["uid"] == "nobody") {
if ($auth->auth["uid"] == "nobody")
{
$sql = "SELECT user_id, value FROM " . $cfg["tab"]["user_prop"] . " WHERE type='frontend' and name='allowed_ip'"; $sql = "SELECT user_id, value FROM " . $cfg["tab"]["user_prop"] . " WHERE type='frontend' and name='allowed_ip'";
$db->query($sql); $db->query($sql);
while ($db->next_record()) while ($db->next_record()) {
{
$user_id = $db->f("user_id"); $user_id = $db->f("user_id");
$range = urldecode($db->f("value")); $range = urldecode($db->f("value"));
$slash = strpos($range, "/"); $slash = strpos($range, "/");
if ($slash == false) if ($slash == false) {
{
$netmask = "255.255.255.255"; $netmask = "255.255.255.255";
$network = $range; $network = $range;
} } else {
else
{
$network = substr($range, 0, $slash); $network = substr($range, 0, $slash);
$netmask = substr($range, $slash + 1, strlen($range) - $slash - 1); $netmask = substr($range, $slash + 1, strlen($range) - $slash - 1);
} }
if (IP_match($network, $netmask, $_SERVER["REMOTE_ADDR"])) if (IP_match($network, $netmask, $_SERVER["REMOTE_ADDR"])) {
{
$sql = "SELECT idright $sql = "SELECT idright
FROM " . $cfg["tab"]["rights"] . " AS A, FROM " . $cfg["tab"]["rights"] . " AS A,
" . $cfg["tab"]["actions"] . " AS B, " . $cfg["tab"]["actions"] . " AS B,
@ -744,18 +645,16 @@ else
WHERE B.name = 'front_allow' AND C.name = 'str' AND A.user_id = '" . Contenido_Security::escapeDB($user_id, $db2) . "' AND A.idcat = '" . Contenido_Security::toInteger($idcat) . "' WHERE B.name = 'front_allow' AND C.name = 'str' AND A.user_id = '" . Contenido_Security::escapeDB($user_id, $db2) . "' AND A.idcat = '" . Contenido_Security::toInteger($idcat) . "'
AND A.idarea = C.idarea AND B.idaction = A.idaction"; AND A.idarea = C.idarea AND B.idaction = A.idaction";
$db2 = new DB_ConLite; $db2 = new DB_ConLite();
$db2->query($sql); $db2->query($sql);
if ($db2->num_rows() > 0) if ($db2->num_rows() > 0) {
{
$auth->auth["uid"] = $user_id; $auth->auth["uid"] = $user_id;
$validated = 1; $validated = 1;
} }
} }
} }
if ($validated != 1) if ($validated != 1) {
{
// CEC to check category access // CEC to check category access
CEC_Hook::setBreakCondition(true, false); // break at "true", default value "false" CEC_Hook::setBreakCondition(true, false); // break at "true", default value "false"
$allow = CEC_Hook::executeWhileBreakCondition( $allow = CEC_Hook::executeWhileBreakCondition(
@ -763,9 +662,7 @@ else
); );
$auth->login_if(!$allow); $auth->login_if(!$allow);
} }
} } else {
else
{
// CEC to check category access // CEC to check category access
CEC_Hook::setBreakCondition(true, false); // break at "true", default value "false" CEC_Hook::setBreakCondition(true, false); // break at "true", default value "false"
$allow = CEC_Hook::executeWhileBreakCondition( $allow = CEC_Hook::executeWhileBreakCondition(
@ -780,8 +677,7 @@ else
$allow = true; $allow = true;
} }
if (!$allow) if (!$allow) {
{
header($errsite); header($errsite);
exit; exit;
} }
@ -791,47 +687,24 @@ else
############################################## ##############################################
# statistic # statistic
############################################## ##############################################
/* Sanity: If the statistic table doesn't contain an entry, create one */ $oStatCol = new cApiStatCollection();
$sql = "SELECT idcatart FROM ".$cfg["tab"]["stat"]." WHERE idcatart = '".Contenido_Security::toInteger($idcatart)."' AND idlang='".Contenido_Security::toInteger($lang)."'"; $oStatCol->trackView($idcatart);
$db->query($sql);
if ($db->next_record())
{
/* Update the statistics. */
$sql = "UPDATE ".$cfg["tab"]["stat"]." SET visited = visited + 1 WHERE idcatart = '".Contenido_Security::toInteger($idcatart)."' AND idclient = '".Contenido_Security::toInteger($client)."'
AND idlang = '".Contenido_Security::toInteger($lang)."'";
$db->query($sql);
}
else
{
/* Insert new record */
$next = $db->nextid($cfg["tab"]["stat"]);
$sql = "INSERT INTO ".$cfg["tab"]["stat"]." (visited, idcatart, idlang, idstat, idclient) VALUES ('1', '".Contenido_Security::toInteger($idcatart)."', '".Contenido_Security::toInteger($lang)."',
'".Contenido_Security::toInteger($next)."', '".Contenido_Security::toInteger($client)."')";
$db->query($sql);
}
/* /*
* Check if an article is start article of the category * Check if an article is start article of the category
*/ */
if ($cfg["is_start_compatible"] == true) if ($cfg["is_start_compatible"] == true) {
{
$sql = "SELECT is_start FROM " . $cfg["tab"]["cat_art"] . " WHERE idcatart='" . Contenido_Security::toInteger($idcatart) . "'"; $sql = "SELECT is_start FROM " . $cfg["tab"]["cat_art"] . " WHERE idcatart='" . Contenido_Security::toInteger($idcatart) . "'";
$db->query($sql); $db->query($sql);
$db->next_record(); $db->next_record();
$isstart = $db->f("is_start"); $isstart = $db->f("is_start");
} } else {
else
{
$sql = "SELECT startidartlang FROM " . $cfg["tab"]["cat_lang"] . " WHERE idcat='" . Contenido_Security::toInteger($idcat) . "' AND idlang = '" . Contenido_Security::toInteger($lang) . "'"; $sql = "SELECT startidartlang FROM " . $cfg["tab"]["cat_lang"] . " WHERE idcat='" . Contenido_Security::toInteger($idcat) . "' AND idlang = '" . Contenido_Security::toInteger($lang) . "'";
$db->query($sql); $db->query($sql);
$db->next_record(); $db->next_record();
if ($db->f("idartlang") == $idartlang) if ($db->f("idartlang") == $idartlang) {
{
$isstart = 1; $isstart = 1;
} } else {
else
{
$isstart = 0; $isstart = 0;
} }
} }
@ -843,13 +716,10 @@ else
$db->query($sql); $db->query($sql);
$db->next_record(); $db->next_record();
if (($db->f("timemgmt") == "1") && ($isstart != 1)) if (($db->f("timemgmt") == "1") && ($isstart != 1)) {
{
$sql = "SELECT online, redirect, redirect_url FROM " . $cfg["tab"]["art_lang"] . " WHERE idart='" . Contenido_Security::toInteger($idart) . "' AND idlang = '" . Contenido_Security::toInteger($lang) . "' $sql = "SELECT online, redirect, redirect_url FROM " . $cfg["tab"]["art_lang"] . " WHERE idart='" . Contenido_Security::toInteger($idart) . "' AND idlang = '" . Contenido_Security::toInteger($lang) . "'
AND NOW() > datestart AND NOW() < dateend"; AND NOW() > datestart AND NOW() < dateend";
} } else {
else
{
$sql = "SELECT online, redirect, redirect_url FROM " . $cfg["tab"]["art_lang"] . " WHERE idart='" . Contenido_Security::toInteger($idart) . "' AND idlang = '" . Contenido_Security::toInteger($lang) . "'"; $sql = "SELECT online, redirect, redirect_url FROM " . $cfg["tab"]["art_lang"] . " WHERE idart='" . Contenido_Security::toInteger($idart) . "' AND idlang = '" . Contenido_Security::toInteger($lang) . "'";
} }
@ -867,8 +737,7 @@ else
/* /*
* generate base url * generate base url
*/ */
if ($insert_base == "true") if ($insert_base == "true") {
{
$is_XHTML = getEffectiveSetting('generator', 'xhtml', "false"); $is_XHTML = getEffectiveSetting('generator', 'xhtml', "false");
$str_base_uri = $cfgClient[$client]["path"]["htmlpath"]; $str_base_uri = $cfgClient[$client]["path"]["htmlpath"];
@ -888,10 +757,8 @@ else
/* /*
* Handle online (offline) articles * Handle online (offline) articles
*/ */
if ($online) if ($online) {
{ if ($redirect == '1' && $redirect_url != '') {
if ($redirect == '1' && $redirect_url != '')
{
page_close(); page_close();
/* /*
* Redirect to the URL defined in article properties * Redirect to the URL defined in article properties
@ -907,11 +774,8 @@ else
} }
header("Location: $redirect_url"); header("Location: $redirect_url");
exit; exit;
} } else {
else if ($cfg["debug"]["codeoutput"]) {
{
if ($cfg["debug"]["codeoutput"])
{
echo "<textarea>" . clHtmlSpecialChars($code) . "</textarea>"; echo "<textarea>" . clHtmlSpecialChars($code) . "</textarea>";
} }
@ -940,24 +804,15 @@ else
// print output // print output
echo $htmlCode; echo $htmlCode;
} }
} }
} } else {
else
{
# if user is in the backend display offline articles # if user is in the backend display offline articles
if ($contenido) if ($contenido) {
{
eval("?>\n" . $code . "\n<?php\n"); eval("?>\n" . $code . "\n<?php\n");
} } else {
else if ($error == 1) {
{
if ($error == 1)
{
echo "Fatal error: Could not display error page. Error to display was: 'No contenido session variable set. Probable error cause: Start article in this category is not set on-line.'"; echo "Fatal error: Could not display error page. Error to display was: 'No contenido session variable set. Probable error cause: Start article in this category is not set on-line.'";
} } else {
else
{
header($errsite); header($errsite);
exit; exit;
} }
@ -981,16 +836,13 @@ if ($cfg["cache"]["disable"] != '1') {
/* /*
* configuration settings after the site is displayed. * configuration settings after the site is displayed.
*/ */
if (file_exists("config.after.php")) if (file_exists("config.after.php")) {
{
@ include ("config.after.php"); @ include ("config.after.php");
} }
if (isset ($savedlang)) if (isset($savedlang)) {
{
$lang = $savedlang; $lang = $savedlang;
} }
$db->disconnect(); $db->disconnect();
page_close(); page_close();
?>

55
conlite/external/frontend/front_crcloginform.inc.php vendored
Datei anzeigen

@ -1,40 +1,25 @@
<?php <?php
/** /**
* Project: * file: front_crcloginform.inc.php
* Contenido Content Management System
* *
* Description: * @package ConLite
* <Description> * @subpackage Frontend
* * @version $Rev$
* Requirements: * @author Ortwin Pinke
* @con_php_req 5 * @copyright conrepo.org
* @con_template <Templatefiles> * @link http://conlite.conrepo.org
* @con_notice <Notice>
*
*
* @package ContenidoBackendArea
* @version <version>
* @author Jan Lengowski * @author Jan Lengowski
* @copyright four for business AG <www.4fb.de> * @copyright four for business AG <www.4fb.de>
* @license http://www.contenido.org/license/LIZENZ.txt * @license http://www.contenido.org/license/LIZENZ.txt
* @link http://www.4fb.de * @link http://www.4fb.de
* @link http://www.contenido.org * @link http://www.contenido.org
* *
*
*
* {@internal
* created 2003-01-21
* modified 2005-09-29, Andreas Lindner
* modified 2008-07-04, bilal arslan, added security fix
* modified 2008-11-18, Murat Purc, add usage of Contenido_Url to create urls to frontend pages and redesign of HTML markup
* modified 2009-01-03, Murat Purc, synchronized with cms/front_crcloginform.inc.php
* modified 2011-02-07, Dominik Ziegler, fixed check of but_ok.gif and changed input type button to submit
*
* $Id$: * $Id$:
* }}
*
*/ */
/**
* security check
*/
if(!defined('CON_FRAMEWORK')) { if(!defined('CON_FRAMEWORK')) {
die('Illegal call'); die('Illegal call');
} }
@ -108,18 +93,17 @@ if ( file_exists($cfgClient[$client]['path']['frontend'] . 'images/but_ok.gif')
} }
?> ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" <!DOCTYPE html>
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html> <html>
<head> <head>
<meta http-equiv="Content-Type" content="text/html; charset=<?php echo $encoding[$lang] ?>" /> <meta charset="<?php echo $encoding[$lang] ?>" />
<title>:: :: :: :: Contenido Login</title> <title>:: :: :: :: Contenido Login</title>
<script type="text/javascript"><!-- <script type="text/javascript">
if (top != self) { if (top != self) {
top.location.href = self.location.href; top.location.href = self.location.href;
} }
// --></script> </script>
<style type="text/css"><!-- <style type="text/css">
* {margin:0; padding:0;} * {margin:0; padding:0;}
html, body {height: 100%;} html, body {height: 100%;}
body {background-color:#fff; font-family: Verdana, Arial, Helvetica, Sans-Serif; font-size: 11px; color:#000;} body {background-color:#fff; font-family: Verdana, Arial, Helvetica, Sans-Serif; font-size: 11px; color:#000;}
@ -134,7 +118,7 @@ if ( file_exists($cfgClient[$client]['path']['frontend'] . 'images/but_ok.gif')
#login .formHeader {font-weight:bold; background-color:<?php echo $cfg['color']['table_header'] ?>; border-bottom:1px solid <?php echo $cfg['color']['table_border'] ?>; padding:3px; margin-bottom:10px;} #login .formHeader {font-weight:bold; background-color:<?php echo $cfg['color']['table_header'] ?>; border-bottom:1px solid <?php echo $cfg['color']['table_border'] ?>; padding:3px; margin-bottom:10px;}
#login .formRow {padding:0 10px; height:31px;} #login .formRow {padding:0 10px; height:31px;}
#login .clear {clear:both;} #login .clear {clear:both;}
// --></style> </style>
</head> </head>
<body> <body>
@ -156,13 +140,14 @@ if ( file_exists($cfgClient[$client]['path']['frontend'] . 'images/but_ok.gif')
</form> </form>
</div> </div>
<script type="text/javascript"><!-- <script type="text/javascript">
<!--
if (document.login.username.value == '') { if (document.login.username.value == '') {
document.login.username.focus(); document.login.username.focus();
} else { } else {
document.login.password.focus(); document.login.password.focus();
} }
// --></script> // -->
</script>
</body> </body>
</html> </html>

147
conlite/external/frontend/includes/class.input.helper.php vendored
Datei anzeigen

@ -1,4 +1,5 @@
<?php <?php
/** /**
* Project: * Project:
* Contenido Content Management System * Contenido Content Management System
@ -26,14 +27,13 @@
* *
* $Id$: * $Id$:
*/ */
if (!defined('CON_FRAMEWORK')) { if (!defined('CON_FRAMEWORK')) {
die('Illegal call'); die('Illegal call');
} }
// Select box with additional functions for category and article selection // Select box with additional functions for category and article selection
class cHTMLInputSelectElement extends cHTMLSelectElement class cHTMLInputSelectElement extends cHTMLSelectElement {
{
/** /**
* Constructor. Creates an HTML select field (aka "DropDown"). * Constructor. Creates an HTML select field (aka "DropDown").
* *
@ -46,12 +46,10 @@ class cHTMLInputSelectElement extends cHTMLSelectElement
* *
* @return none * @return none
* */ * */
function cHTMLInputSelectElement ($sName, $iWidth = "", $sID = "", $bDisabled = false, $iTabIndex = null, $sAccessKey = "") function __construct($sName, $iWidth = "", $sID = "", $bDisabled = false, $iTabIndex = null, $sAccessKey = "") {
{
cHTMLSelectElement :: __construct($sName, $iWidth, $sID, $bDisabled, $iTabIndex, $sAccessKey); cHTMLSelectElement :: __construct($sName, $iWidth, $sID, $bDisabled, $iTabIndex, $sAccessKey);
} }
/** /**
* Function addArticles. Adds articles to select box values. * Function addArticles. Adds articles to select box values.
* *
@ -62,14 +60,12 @@ class cHTMLInputSelectElement extends cHTMLSelectElement
* *
* @return int Number of items added * @return int Number of items added
* */ * */
function addArticles ($iIDCat, $bColored = false, $bArtOnline = true, $sSpaces = "") function addArticles($iIDCat, $bColored = false, $bArtOnline = true, $sSpaces = "") {
{
global $cfg, $lang; global $cfg, $lang;
$oDB = new DB_ConLite; $oDB = new DB_Contenido;
if (is_numeric($iIDCat) && $iIDCat > 0) if (is_numeric($iIDCat) && $iIDCat > 0) {
{
$sSQL = "SELECT tblArtLang.title AS title, tblArtLang.idartlang AS idartlang, tblCatArt.idcat AS idcat, "; $sSQL = "SELECT tblArtLang.title AS title, tblArtLang.idartlang AS idartlang, tblCatArt.idcat AS idcat, ";
$sSQL .= "tblCatArt.idcatart AS idcatart, tblCatArt.is_start AS isstart, tblArtLang.online AS online, "; $sSQL .= "tblCatArt.idcatart AS idcatart, tblCatArt.is_start AS isstart, tblArtLang.online AS online, ";
$sSQL .= "tblCatLang.startidartlang as idstartartlang "; $sSQL .= "tblCatLang.startidartlang as idstartartlang ";
@ -95,13 +91,11 @@ class cHTMLInputSelectElement extends cHTMLSelectElement
return 0; return 0;
} else { } else {
$iCounter = count($this->_options); $iCounter = count($this->_options);
while ($oDB->next_record()) while ($oDB->next_record()) {
{
// Generate new option element // Generate new option element
$oOption = new cHTMLOptionElement($sSpaces . "&nbsp;&nbsp;&nbsp;" . substr(urldecode($oDB->f("title")), 0, 32), $oDB->f("idcatart")); $oOption = new cHTMLOptionElement($sSpaces . "&nbsp;&nbsp;&nbsp;" . substr(urldecode($oDB->f("title")), 0, 32), $oDB->f("idcatart"));
if ($bColored) if ($bColored) {
{
$bIsStartArticle = false; $bIsStartArticle = false;
if ($cfg["is_start_compatible"] == true && $oDB->f("isstart") == 1) { if ($cfg["is_start_compatible"] == true && $oDB->f("isstart") == 1) {
// Compatible mode and "start article" flag is set // Compatible mode and "start article" flag is set
@ -111,8 +105,7 @@ class cHTMLInputSelectElement extends cHTMLSelectElement
$bIsStartArticle = true; $bIsStartArticle = true;
} }
if ($bIsStartArticle) if ($bIsStartArticle) {
{
if ($oDB->f("online") == 0) { if ($oDB->f("online") == 0) {
// Start article, but offline -> red // Start article, but offline -> red
$oOption->setStyle("color: #ff0000;"); $oOption->setStyle("color: #ff0000;");
@ -152,11 +145,10 @@ class cHTMLInputSelectElement extends cHTMLSelectElement
* @return int Number of items added * @return int Number of items added
* */ * */
function addCategories($iMaxLevel = 0, $bColored = false, $bCatVisible = true, $bCatPublic = true, function addCategories($iMaxLevel = 0, $bColored = false, $bCatVisible = true, $bCatPublic = true,
$bWithArt = false, $bArtOnline = true) $bWithArt = false, $bArtOnline = true) {
{
global $cfg, $client, $lang; global $cfg, $client, $lang;
$oDB = new DB_ConLite; $oDB = new DB_Contenido;
$sSQL = "SELECT tblCat.idcat AS idcat, tblCatLang.name AS name, "; $sSQL = "SELECT tblCat.idcat AS idcat, tblCatLang.name AS name, ";
$sSQL .= "tblCatLang.visible AS visible, tblCatLang.public AS public, tblCatTree.level AS level "; $sSQL .= "tblCatLang.visible AS visible, tblCatLang.public AS public, tblCatTree.level AS level ";
@ -177,8 +169,7 @@ class cHTMLInputSelectElement extends cHTMLSelectElement
return false; return false;
} else { } else {
$iCounter = count($this->_options); $iCounter = count($this->_options);
while ($oDB->next_record()) while ($oDB->next_record()) {
{
$sSpaces = ""; $sSpaces = "";
$sStyle = ""; $sStyle = "";
$iID = $oDB->f("idcat"); $iID = $oDB->f("idcat");
@ -188,8 +179,7 @@ class cHTMLInputSelectElement extends cHTMLSelectElement
} }
// Generate new option element // Generate new option element
if (($bCatVisible && $oDB->f("visible") == 0) || if (($bCatVisible && $oDB->f("visible") == 0) || ($bCatPublic && $oDB->f("public") == 0)) {
($bCatPublic && $oDB->f("public") == 0)) {
// If category has to be visible or public and it isn't, don't add value // If category has to be visible or public and it isn't, don't add value
$sValue = ""; $sValue = "";
} else if ($bWithArt) { } else if ($bWithArt) {
@ -228,14 +218,12 @@ class cHTMLInputSelectElement extends cHTMLSelectElement
* *
* @return int Number of items added * @return int Number of items added
* */ * */
function addTypesFromArt ($iIDCatArt, $sTypeRange = "") function addTypesFromArt($iIDCatArt, $sTypeRange = "") {
{
global $cfg, $lang; global $cfg, $lang;
$oDB = new DB_ConLite; $oDB = new DB_Contenido;
if (is_numeric($iIDCatArt) && $iIDCatArt > 0) if (is_numeric($iIDCatArt) && $iIDCatArt > 0) {
{
$sSQL = "SELECT tblContent.typeid AS typeid, tblContent.idtype AS idtype, tblType.type AS type, tblType.description AS description, "; $sSQL = "SELECT tblContent.typeid AS typeid, tblContent.idtype AS idtype, tblType.type AS type, tblType.description AS description, ";
$sSQL .= "tblContent.value AS value "; $sSQL .= "tblContent.value AS value ";
$sSQL .= "FROM " . $cfg["tab"]["content"] . " AS tblContent, " . $cfg["tab"]["art_lang"] . " AS tblArtLang, "; $sSQL .= "FROM " . $cfg["tab"]["content"] . " AS tblContent, " . $cfg["tab"]["art_lang"] . " AS tblArtLang, ";
@ -255,8 +243,7 @@ class cHTMLInputSelectElement extends cHTMLSelectElement
if ($iCount == 0) { if ($iCount == 0) {
return false; return false;
} else { } else {
while ($oDB->next_record()) while ($oDB->next_record()) {
{
$sTypeIdentifier = "tblData.idtype = '" . $oDB->f('idtype') . "' AND tblData.typeid = '" . $oDB->f('typeid') . "'"; $sTypeIdentifier = "tblData.idtype = '" . $oDB->f('idtype') . "' AND tblData.typeid = '" . $oDB->f('typeid') . "'";
// Generate new option element // Generate new option element
@ -279,14 +266,10 @@ class cHTMLInputSelectElement extends cHTMLSelectElement
* *
* @return none * @return none
*/ */
function setSelected($aElements) function setSelected($aElements) {
{ if (is_array($this->_options) && is_array($aElements)) {
if (is_array($this->_options) && is_array($aElements)) foreach ($this->_options as $sKey => $oOption) {
{ if (in_array($oOption->getAttribute("value"), $aElements)) {
foreach ($this->_options as $sKey => $oOption)
{
if (in_array($oOption->getAttribute("value"), $aElements))
{
$oOption->setSelected(true); $oOption->setSelected(true);
$this->_options[$sKey] = $oOption; $this->_options[$sKey] = $oOption;
} else { } else {
@ -296,13 +279,13 @@ class cHTMLInputSelectElement extends cHTMLSelectElement
} }
} }
} }
} }
class UI_Config_Table class UI_Config_Table {
{
var $_sTplCellCode; var $_sTplCellCode;
var $_sTplTableFile; var $_sTplTableFile;
var $_sWidth; var $_sWidth;
var $_sBorder; var $_sBorder;
var $_sBorderColor; var $_sBorderColor;
@ -316,12 +299,10 @@ class UI_Config_Table
var $_aRowBgColor; var $_aRowBgColor;
var $_aRowExtra; var $_aRowExtra;
var $_bAddMultiSelJS; var $_bAddMultiSelJS;
var $_sColorLight; var $_sColorLight;
var $_sColorDark; var $_sColorDark;
function UI_Config_Table() function __construct() {
{
global $cfg; global $cfg;
$this->_sPadding = 2; $this->_sPadding = 2;
@ -333,98 +314,78 @@ class UI_Config_Table
$this->_sColorDark = $cfg['color']['table_dark']; $this->_sColorDark = $cfg['color']['table_dark'];
} }
function setCellTemplate($sCode) function setCellTemplate($sCode) {
{
$this->_sTplCellCode = $sCode; $this->_sTplCellCode = $sCode;
} }
function setTableTemplateFile($sPath) {
function setTableTemplateFile($sPath)
{
$this->_sTplTableFile = $sPath; $this->_sTplTableFile = $sPath;
} }
function setLightColor($sColor) function setLightColor($sColor) {
{
$this->_sColorLight = $sColor; $this->_sColorLight = $sColor;
} }
function setDarkColor($sColor) function setDarkColor($sColor) {
{
$this->_sColorDark = $sColor; $this->_sColorDark = $sColor;
} }
function setAddMultiSelJS($bEnabled = true) function setAddMultiSelJS($bEnabled = true) {
{
$this->_bAddMultiSelJS = (bool) $bEnabled; $this->_bAddMultiSelJS = (bool) $bEnabled;
} }
function setWidth ($sWidth) function setWidth($sWidth) {
{
$this->_sWidth = $sWidth; $this->_sWidth = $sWidth;
} }
function setPadding ($sPadding) function setPadding($sPadding) {
{
$this->_sPadding = $sPadding; $this->_sPadding = $sPadding;
} }
function setBorder ($sBorder) function setBorder($sBorder) {
{
$this->_sBorder = $sBorder; $this->_sBorder = $sBorder;
} }
function setBorderColor ($sBorderColor) function setBorderColor($sBorderColor) {
{
$this->_sBorderColor = $sBorderColor; $this->_sBorderColor = $sBorderColor;
} }
function setSolidBorder ($bSolidBorder = true) function setSolidBorder($bSolidBorder = true) {
{
$this->_bSolidBorder = (bool) $bSolidBorder; $this->_bSolidBorder = (bool) $bSolidBorder;
} }
function setCell ($sRow, $sCell, $sContent) function setCell($sRow, $sCell, $sContent) {
{
$this->_aCells[$sRow][$sCell] = $sContent; $this->_aCells[$sRow][$sCell] = $sContent;
$this->_aCellAlignment[$sRow][$sCell] = ""; $this->_aCellAlignment[$sRow][$sCell] = "";
} }
function setCellAlignment ($sRow, $sCell, $sAlignment) function setCellAlignment($sRow, $sCell, $sAlignment) {
{
$this->_aCellAlignment[$sRow][$sCell] = $sAlignment; $this->_aCellAlignment[$sRow][$sCell] = $sAlignment;
} }
function setCellVAlignment ($sRow, $sCell, $sAlignment) function setCellVAlignment($sRow, $sCell, $sAlignment) {
{
$this->_aCellVAlignment[$sRow][$sCell] = $sAlignment; $this->_aCellVAlignment[$sRow][$sCell] = $sAlignment;
} }
function setCellColspan ($sRow, $sCell, $iColSpan) function setCellColspan($sRow, $sCell, $iColSpan) {
{
$this->_aCellColSpan[$sRow][$sCell] = $iColSpan; $this->_aCellColSpan[$sRow][$sCell] = $iColSpan;
} }
function setCellClass ($sRow, $sCell, $sClass) function setCellClass($sRow, $sCell, $sClass) {
{
$this->_aCellClass[$sRow][$sCell] = $sClass; $this->_aCellClass[$sRow][$sCell] = $sClass;
} }
function setRowBgColor ($sRow, $sColor) function setRowBgColor($sRow, $sColor) {
{
$this->_aRowBgColor[$sRow] = $sColor; $this->_aRowBgColor[$sRow] = $sColor;
} }
function setRowExtra ($sRow, $sExtra) function setRowExtra($sRow, $sExtra) {
{
$this->_aRowExtra[$sRow] = $sExtra; $this->_aRowExtra[$sRow] = $sExtra;
} }
function _addMultiSelJS() function _addMultiSelJS() {
{
// Trick: To save multiple selections in <select>-Element, add some JS which saves the // Trick: To save multiple selections in <select>-Element, add some JS which saves the
// selection, comma separated in a hidden input field on change. // selection, comma separated in a hidden input field on change.
// Try ... catch prevents error messages, if function is added more than once // Try ... catch prevents error messages, if function is added more than once
// if (!fncUpdateSel) in JS has not worked... // if (!fncUpdateSel) in JS has not worked...
@ -456,8 +417,7 @@ class UI_Config_Table
return $sSkript; return $sSkript;
} }
function render($bPrint = false) function render($bPrint = false) {
{
$oTable = new Template; $oTable = new Template;
$oTable->reset(); $oTable->reset();
@ -469,24 +429,19 @@ class UI_Config_Table
$bDark = false; $bDark = false;
$sBgColor = ""; $sBgColor = "";
$bMultiSelJSAdded = false; $bMultiSelJSAdded = false;
if (is_array($this->_aCells)) if (is_array($this->_aCells)) {
{ foreach ($this->_aCells as $sRow => $aCells) {
foreach ($this->_aCells as $sRow => $aCells)
{
$iColCount++; $iColCount++;
//$bDark = !$bDark; //$bDark = !$bDark;
$sLine = ""; $sLine = "";
$iCount = 0; $iCount = 0;
foreach ($aCells as $sCell => $sData) foreach ($aCells as $sCell => $sData) {
{
$iCount++; $iCount++;
$sTplCell = $this->_sTplCellCode; $sTplCell = $this->_sTplCellCode;
if ($this->_bSolidBorder) if ($this->_bSolidBorder) {
{ if ($iCount < count($aCells)) {
if ($iCount < count($aCells))
{
if ($iColCount < count($this->_aCells)) { if ($iColCount < count($this->_aCells)) {
$sTplCell = str_replace('{EXTRA}', 'border: 0px; border-right: 1px; border-bottom: 1px; border-color: ' . $this->_sBorderColor . '; border-style: solid;', $sTplCell); $sTplCell = str_replace('{EXTRA}', 'border: 0px; border-right: 1px; border-bottom: 1px; border-color: ' . $this->_sBorderColor . '; border-style: solid;', $sTplCell);
} else { } else {
@ -569,5 +524,7 @@ class UI_Config_Table
return $sRendered; return $sRendered;
} }
} }
} }
?> ?>

2
nbproject/project.properties
Datei anzeigen

@ -1,6 +1,6 @@
auxiliary.org-netbeans-modules-php-smarty.smarty-framework=true auxiliary.org-netbeans-modules-php-smarty.smarty-framework=true
include.path=${php.global.include.path} include.path=${php.global.include.path}
php.version=PHP_80 php.version=PHP_81
source.encoding=UTF-8 source.encoding=UTF-8
src.dir=. src.dir=.
tags.asp=false tags.asp=false