| [ Index ] |
|
Code source de CMS made simple 1.0.5 |
1 <?php 2 #CMS - CMS Made Simple 3 #(c)2004 by Ted Kulp (wishy@users.sf.net) 4 #This project's homepage is: http://cmsmadesimple.sf.net 5 # 6 #This program is free software; you can redistribute it and/or modify 7 #it under the terms of the GNU General Public License as published by 8 #the Free Software Foundation; either version 2 of the License, or 9 #(at your option) any later version. 10 # 11 #This program is distributed in the hope that it will be useful, 12 #but WITHOUT ANY WARRANTY; without even the implied warranty of 13 #MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 #GNU General Public License for more details. 15 #You should have received a copy of the GNU General Public License 16 #along with this program; if not, write to the Free Software 17 #Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 18 # 19 #$Id: page.functions.php 3595 2006-12-18 15:19:13Z calguy1000 $ 20 21 /** 22 * Page related functions. Generally these are functions not necessarily 23 * related to content, but more to the underlying mechanisms of the system. 24 * 25 * @package CMS 26 */ 27 /** 28 * Checks to see if the user is logged in. If not, redirects the browser 29 * to the admin login. 30 * 31 * @since 0.1 32 * @param string no_redirect - If true, then don't redirect if not logged in 33 * @returns If they're logged in, true. If not logged in, false. 34 */ 35 function check_login($no_redirect = false) 36 { 37 global $gCms; 38 $config = $gCms->config; 39 40 //Handle a current login if one is in queue in the SESSION 41 if (isset($_SESSION['login_user_id'])) 42 { 43 debug_buffer("Found login_user_id. Going to generate the user object."); 44 generate_user_object($_SESSION['login_user_id']); 45 unset($_SESSION['login_user_id']); 46 } 47 48 if (isset($_SESSION['login_cms_language'])) 49 { 50 debug_buffer('Setting language to: ' . $_SESSION['login_cms_language']); 51 setcookie('cms_language', $_SESSION['login_cms_language']); 52 unset($_SESSION['login_cms_language']); 53 } 54 55 if (!isset($_SESSION["cms_admin_user_id"])) 56 { 57 debug_buffer('No session found. Now check for cookies'); 58 if (isset($_COOKIE["cms_admin_user_id"]) && isset($_COOKIE["cms_passhash"])) 59 { 60 debug_buffer('Cookies found, do a passhash check'); 61 if (check_passhash(isset($_COOKIE["cms_admin_user_id"]), isset($_COOKIE["cms_passhash"]))) 62 { 63 debug_buffer('passhash check succeeded... creating session object'); 64 generate_user_object($_COOKIE["cms_admin_user_id"]); 65 } 66 else 67 { 68 debug_buffer('passhash check failed... redirect to login'); 69 $_SESSION["redirect_url"] = $_SERVER["REQUEST_URI"]; 70 if (false == $no_redirect) 71 { 72 redirect($config["root_url"]."/".$config['admin_dir']."/login.php"); 73 } 74 return false; 75 } 76 } 77 else 78 { 79 debug_buffer('No cookies found. Redirect to login.'); 80 $_SESSION["redirect_url"] = $_SERVER["REQUEST_URI"]; 81 if (false == $no_redirect) 82 { 83 redirect($config["root_url"]."/".$config['admin_dir']."/login.php"); 84 } 85 return false; 86 } 87 } 88 else 89 { 90 debug_buffer('Session found. Moving on...'); 91 return true; 92 } 93 } 94 95 /** 96 * Gets the userid of the currently logged in user. 97 * 98 * @returns If they're logged in, the user id. If not logged in, false. 99 * @since 0.1 100 */ 101 function get_userid($check = true) 102 { 103 if ($check) 104 { 105 check_login(); //It'll redirect out to login if it fails 106 } 107 108 if (isset($_SESSION["cms_admin_user_id"])) 109 { 110 return $_SESSION["cms_admin_user_id"]; 111 } 112 else 113 { 114 return false; 115 } 116 } 117 118 function check_passhash($userid, $checksum) 119 { 120 $check = false; 121 122 global $gCms; 123 $db =& $gCms->GetDb(); 124 $config =& $gCms->GetConfig(); 125 126 global $gCms; 127 $userops =& $gCms->GetUserOperations(); 128 $oneuser =& $userops->LoadUserByID($userid); 129 130 if ($oneuser && $checksum == md5(md5($config['root_path'] . '--' . $oneuser->password))) 131 { 132 $check = true; 133 } 134 135 return $check; 136 } 137 138 /** 139 * Regenerates the user session information from a userid. This is basically used 140 * so that if the session expires, but the cookie still remains (site is left along 141 * for 20+ minutes with no interaction), the user won't have to relogin to regenerate 142 * the details. 143 * 144 * @since 0.5 145 */ 146 function generate_user_object($userid) 147 { 148 global $gCms; 149 $db =& $gCms->GetDb(); 150 $config =& $gCms->GetConfig(); 151 152 global $gCms; 153 $userops =& $gCms->GetUserOperations(); 154 $oneuser =& $userops->LoadUserByID($userid); 155 156 if ($oneuser) 157 { 158 $_SESSION['cms_admin_user_id'] = $userid; 159 $_SESSION['cms_admin_username'] = $oneuser->username; 160 setcookie('cms_admin_user_id', $oneuser->id); 161 setcookie('cms_passhash', md5(md5($config['root_path'] . '--' . $oneuser->password))); 162 } 163 } 164 165 /** 166 * Loads all permissions for a particular user into a global variable so we don't hit the db for every one. 167 * 168 * @since 0.8 169 */ 170 function load_all_permissions($userid) 171 { 172 global $gCms; 173 $db = &$gCms->GetDb(); 174 $variables = &$gCms->variables; 175 176 $perms = array(); 177 178 $query = "SELECT DISTINCT permission_name FROM ".cms_db_prefix()."user_groups ug INNER JOIN ".cms_db_prefix()."group_perms gp ON gp.group_id = ug.group_id INNER JOIN ".cms_db_prefix()."permissions p ON p.permission_id = gp.permission_id WHERE ug.user_id = ?"; 179 $result = &$db->Execute($query, array($userid)); 180 while ($result && !$result->EOF) 181 { 182 $perms[] =& $result->fields['permission_name']; 183 $result->MoveNext(); 184 } 185 186 if ($result) $result->Close(); 187 188 $variables['userperms'] = $perms; 189 } 190 191 /** 192 * Checks to see that the given userid has access to 193 * the given permission. 194 * 195 * @returns mixed If they have perimission, true. If they do not, false. 196 * @since 0.1 197 */ 198 function check_permission($userid, $permname) 199 { 200 $check = false; 201 202 global $gCms; 203 204 if (!isset($gCms->variables['userperms'])) 205 { 206 load_all_permissions($userid); 207 } 208 209 if (isset($gCms->variables['userperms'])) 210 { 211 if (in_array($permname, $gCms->variables['userperms']) || $userid == 1 ) 212 { 213 $check = true; 214 } 215 } 216 217 return $check; 218 } 219 220 /** 221 * Checks that the given userid is the owner of the given contentid. 222 * 223 * @returns mixed If they have ownership, true. If they do not, false. 224 * @since 0.1 225 */ 226 function check_ownership($userid, $contentid = '') 227 { 228 $check = false; 229 global $gCms; 230 231 if (!isset($gCms->variables['ownerpages'])) 232 { 233 $db =& $gCms->GetDb(); 234 235 $variables = &$gCms->variables; 236 $variables['ownerpages'] = array(); 237 238 $query = "SELECT content_id FROM ".cms_db_prefix()."content WHERE owner_id = ?"; 239 $result = &$db->Execute($query, array($userid)); 240 241 while ($result && !$result->EOF) 242 { 243 $variables['ownerpages'][] =& $result->fields['content_id']; 244 $result->MoveNext(); 245 } 246 247 if ($result) $result->Close(); 248 } 249 250 if (isset($gCms->variables['ownerpages'])) 251 { 252 if (in_array($contentid, $gCms->variables['ownerpages'])) 253 { 254 $check = true; 255 } 256 } 257 258 return $check; 259 } 260 261 /** 262 * Checks that the given userid has access to modify the given 263 * pageid. This would mean that they were set as additional 264 * authors/editors by the owner. 265 * 266 * @returns mixed If they have authorship, true. If they do not, false. 267 * @since 0.2 268 */ 269 function check_authorship($userid, $contentid = '') 270 { 271 $check = false; 272 global $gCms; 273 274 if (!isset($gCms->variables['authorpages'])) 275 { 276 $db =& $gCms->GetDb(); 277 278 $variables = &$gCms->variables; 279 $variables['authorpages'] = array(); 280 281 $query = "SELECT content_id FROM ".cms_db_prefix()."additional_users WHERE user_id = ?"; 282 $result = &$db->Execute($query, array($userid)); 283 284 while ($result && !$result->EOF) 285 { 286 $variables['authorpages'][] =& $result->fields['content_id']; 287 $result->MoveNext(); 288 } 289 290 if ($result) $result->Close(); 291 } 292 293 if (isset($gCms->variables['authorpages'])) 294 { 295 if (in_array($contentid, $gCms->variables['authorpages'])) 296 { 297 $check = true; 298 } 299 } 300 301 return $check; 302 } 303 304 /** 305 * Prepares an array with the list of the pages $userid is an author of 306 * 307 * @returns an array in whose elements are the IDs of the pages 308 * @since 0.11 309 */ 310 function author_pages($userid) 311 { 312 global $gCms; 313 $db =& $gCms->GetDb(); 314 $variables = &$gCms->variables; 315 if (!isset($variables['authorpages'])) 316 { 317 $db = &$gCms->GetDb(); 318 $variables['authorpages'] = array(); 319 320 $query = "SELECT content_id FROM ".cms_db_prefix()."content WHERE owner_id = " . $userid; 321 $result =& $db->Execute($query); 322 323 while ($result && !$result->EOF) 324 { 325 $variables['authorpages'][] =& $result->fields['content_id']; 326 $result->MoveNext(); 327 } 328 329 if ($result) $result->Close(); 330 331 $query = "SELECT content_id FROM ".cms_db_prefix()."additional_users WHERE user_id = ?"; 332 $result = &$db->Execute($query, array($userid)); 333 334 while ($result && !$result->EOF) 335 { 336 $variables['authorpages'][] =& $result->fields['content_id']; 337 $result->MoveNext(); 338 } 339 340 if ($result) $result->Close(); 341 } 342 343 return $variables['authorpages']; 344 } 345 346 /** 347 * Quickly checks that the given userid has access to modify the given 348 * pageid. This would mean that they were set as additional 349 * authors/editors by the owner. 350 * 351 * @returns mixed If they have authorship, true. If they do not, false. 352 * @since 0.11 353 */ 354 function quick_check_authorship($contentid, $hispages) 355 { 356 $check = false; 357 358 if (in_array($contentid, $hispages)) 359 { 360 $check = true; 361 } 362 363 return $check; 364 } 365 366 /** 367 * Put an event into the audit (admin) log. This should be 368 * done on most admin events for consistency. 369 * 370 * @since 0.3 371 */ 372 function audit($itemid, $itemname, $action) 373 { 374 global $gCms; 375 $db =& $gCms->GetDb(); 376 377 $userid = 0; 378 $username = ''; 379 380 if (isset($_SESSION["cms_admin_user_id"])) 381 { 382 $userid = $_SESSION["cms_admin_user_id"]; 383 } 384 else 385 { 386 if (isset($_SESSION['login_user_id'])) 387 { 388 $userid = $_SESSION['login_user_id']; 389 $username = $_SESSION['login_user_username']; 390 } 391 } 392 393 if (isset($_SESSION["cms_admin_username"])) 394 { 395 $username = $_SESSION["cms_admin_username"]; 396 } 397 398 if (!isset($userid) || $userid == "") { 399 $userid = 0; 400 } 401 402 $query = "INSERT INTO ".cms_db_prefix()."adminlog (timestamp, user_id, username, item_id, item_name, action) VALUES (?,?,?,?,?,?)"; 403 $db->Execute($query,array(time(),$userid,$username,$itemid,$itemname,$action)); 404 } 405 406 /** 407 * Loads a cache of site preferences so we only have to do it once. 408 * 409 * @since 0.6 410 */ 411 function load_site_preferences() 412 { 413 $value = ""; 414 415 global $gCms; 416 $db = &$gCms->GetDb(); 417 $siteprefs = &$gCms->siteprefs; 418 419 if ($db) 420 { 421 $query = "SELECT sitepref_name, sitepref_value from ".cms_db_prefix()."siteprefs"; 422 $result = &$db->Execute($query); 423 424 while ($result && !$result->EOF) 425 { 426 $siteprefs[$result->fields['sitepref_name']] = $result->fields['sitepref_value']; 427 $result->MoveNext(); 428 } 429 430 if ($result) $result->Close(); 431 } 432 433 return $value; 434 } 435 436 /** 437 * Gets the given site prefernce 438 * 439 * @since 0.6 440 */ 441 function get_site_preference($prefname, $defaultvalue = '') { 442 443 $value = $defaultvalue; 444 445 global $gCms; 446 $siteprefs = $gCms->siteprefs; 447 448 if (count($siteprefs) == 0) 449 { 450 load_site_preferences(); 451 } 452 453 if (isset($siteprefs[$prefname])) 454 { 455 $value = $siteprefs[$prefname]; 456 } 457 458 return $value; 459 } 460 461 /** 462 * Removes the given site preference 463 * 464 * @param string Preference name to remove 465 */ 466 function remove_site_preference($prefname,$regexp=false) 467 { 468 global $gCms; 469 $db =& $gCms->GetDb(); 470 471 $siteprefs = &$gCms->siteprefs; 472 473 $query = "DELETE from ".cms_db_prefix()."siteprefs WHERE sitepref_name = ?"; 474 if( $regexp == true ) 475 { 476 $query = "DELETE from ".cms_db_prefix()."siteprefs WHERE sitepref_name REGEXP ?"; 477 } 478 $result = $db->Execute($query, array($prefname)); 479 480 if (isset($siteprefs[$prefname])) 481 { 482 unset($siteprefs[$prefname]); 483 } 484 485 if ($result) $result->Close(); 486 } 487 488 /** 489 * Sets the given site perference with the given value. 490 * 491 * @since 0.6 492 */ 493 function set_site_preference($prefname, $value) 494 { 495 $doinsert = true; 496 497 global $gCms; 498 $db =& $gCms->GetDb(); 499 500 $siteprefs = &$gCms->siteprefs; 501 502 $query = "SELECT sitepref_value from ".cms_db_prefix()."siteprefs WHERE sitepref_name = ".$db->qstr($prefname); 503 $result = $db->Execute($query); 504 505 if ($result && $result->RecordCount() > 0) 506 { 507 $doinsert = false; 508 } 509 510 if ($result) $result->Close(); 511 512 if ($doinsert) 513 { 514 $query = "INSERT INTO ".cms_db_prefix()."siteprefs (sitepref_name, sitepref_value) VALUES (".$db->qstr($prefname).", ".$db->qstr($value).")"; 515 $db->Execute($query); 516 } 517 else 518 { 519 $query = "UPDATE ".cms_db_prefix()."siteprefs SET sitepref_value = ".$db->qstr($value)." WHERE sitepref_name = ".$db->qstr($prefname); 520 $db->Execute($query); 521 } 522 $siteprefs[$prefname] = $value; 523 } 524 525 function load_all_preferences($userid) 526 { 527 global $gCms; 528 $db = &$gCms->GetDb(); 529 $variables = &$gCms->userprefs; 530 531 $query = 'SELECT preference, value FROM '.cms_db_prefix().'userprefs WHERE user_id = ?'; 532 $result = &$db->Execute($query, array($userid)); 533 534 while ($result && !$result->EOF) 535 { 536 $variables[$result->fields['preference']] = $result->fields['value']; 537 $result->MoveNext(); 538 } 539 540 if ($result) $result->Close(); 541 } 542 543 /** 544 * Gets the given preference for the given userid. 545 * 546 * @since 0.3 547 */ 548 function get_preference($userid, $prefname, $default='') 549 { 550 global $gCms; 551 $db =& $gCms->GetDb(); 552 $userprefs = &$gCms->userprefs; 553 554 $result = ''; 555 556 if (!isset($gCms->userprefs)) 557 { 558 load_all_preferences($userid); 559 } 560 561 if (isset($gCms->userprefs)) 562 { 563 if (isset($userprefs[$prefname])) 564 { 565 $result = $userprefs[$prefname]; 566 } 567 else 568 { 569 $result = $default; 570 } 571 } 572 573 return $result; 574 } 575 576 /** 577 * Sets the given perference for the given userid with the given value. 578 * 579 * @since 0.3 580 */ 581 function set_preference($userid, $prefname, $value) 582 { 583 $doinsert = true; 584 585 global $gCms; 586 $db =& $gCms->GetDb(); 587 588 $userprefs = &$gCms->userprefs; 589 $userprefs[$prefname] = $value; 590 591 $query = "SELECT value from ".cms_db_prefix()."userprefs WHERE user_id = ? AND preference = ?"; 592 $result = $db->Execute($query, array($userid, $prefname)); 593 594 if ($result && $result->RecordCount() > 0) 595 { 596 $doinsert = false; 597 } 598 599 if ($result) $result->Close(); 600 601 if ($doinsert) 602 { 603 $query = "INSERT INTO ".cms_db_prefix()."userprefs (user_id, preference, value) VALUES (?,?,?)"; 604 $db->Execute($query, array($userid, $prefname, $value)); 605 } 606 else 607 { 608 $query = "UPDATE ".cms_db_prefix()."userprefs SET value = ? WHERE user_id = ? AND preference = ?"; 609 $db->Execute($query, array($value, $userid, $prefname)); 610 } 611 } 612 613 /** 614 * Returns the stylesheet for the given templateid. Returns a hash with encoding and stylesheet entries. 615 * 616 * @since 0.1 617 */ 618 function get_stylesheet($template_id, $media_type = '') 619 { 620 $result = array(); 621 $css = ""; 622 623 global $gCms; 624 $db =& $gCms->GetDb(); 625 $templateops =& $gCms->GetTemplateOperations(); 626 627 $templateobj = FALSE; 628 629 #Grab template id and make sure it's actually "somewhat" valid 630 if (isset($template_id) && is_numeric($template_id) && $template_id > -1) 631 { 632 #Ok, it's valid, let's load the bugger 633 $templateobj =& $templateops->LoadTemplateById($template_id); 634 } 635 636 #If it's valid after loading, then start the process... 637 if ($templateobj !== FALSE && ($templateobj->active == '1' || $templateobj->active == TRUE) ) 638 { 639 #Grab the encoding 640 if ($templateobj->encoding !== FALSE && $templateobj->encoding != '') 641 { 642 $result['encoding'] = $templateobj->encoding; 643 } 644 else 645 { 646 $result['encoding'] = get_encoding(); 647 } 648 649 #Load in the "standard" template CSS if media type is empty 650 if ($media_type == '') 651 { 652 if (isset($templateobj->stylesheet) && $templateobj->stylesheet != '') 653 { 654 $css .= $templateobj->stylesheet; 655 } 656 } 657 658 #Handle "advanced" CSS Management 659 $cssquery = "SELECT css_text FROM ".cms_db_prefix()."css c, ".cms_db_prefix()."css_assoc ca 660 WHERE css_id = assoc_css_id 661 AND assoc_type = 'template' 662 AND assoc_to_id = ? 663 AND c.media_type = ? ORDER BY ca.create_date"; 664 $cssresult =& $db->Execute($cssquery, array($template_id, $media_type)); 665 666 while ($cssresult && $cssline = $cssresult->FetchRow()) 667 { 668 $css .= "\n".$cssline['css_text']."\n"; 669 } 670 671 if ($cssresult) $cssresult->Close(); 672 } 673 else 674 { 675 $result['nostylesheet'] = true; 676 $result['encoding'] = get_encoding(); 677 } 678 679 #$css = preg_replace("/[\r\n]/", "", $css); //hack for tinymce 680 $result['stylesheet'] = $css; 681 682 return $result; 683 } 684 685 function get_stylesheet_media_types($template_id) 686 { 687 $result = array(); 688 689 global $gCms; 690 $db =& $gCms->GetDb(); 691 $templateops =& $gCms->GetTemplateOperations(); 692 693 $templateobj = FALSE; 694 695 #Grab template id and make sure it's actually "somewhat" valid 696 if (isset($template_id) && is_numeric($template_id) && $template_id > -1) 697 { 698 #Ok, it's valid, let's load the bugger 699 $templateobj = $templateops->LoadTemplateById($template_id); 700 if (isset($templateobj->stylesheet) && $templateobj->stylesheet != '') 701 { 702 $result[] = ''; 703 } 704 } 705 706 #If it's valid after loading, then start the process... 707 if ($templateobj !== FALSE && ($templateobj->active == '1' || $templateobj->active == TRUE) ) 708 { 709 #Handle "advanced" CSS Management 710 $cssquery = "SELECT DISTINCT media_type FROM ".cms_db_prefix()."css c, ".cms_db_prefix()."css_assoc 711 WHERE css_id = assoc_css_id 712 AND assoc_type = 'template' 713 AND assoc_to_id = ?"; 714 $cssresult = &$db->Execute($cssquery, array($template_id)); 715 716 while ($cssresult && !$cssresult->EOF) 717 { 718 if (!in_array($cssresult->fields['media_type'], $result)) 719 $result[] =& $cssresult->fields['media_type']; 720 $cssresult->MoveNext(); 721 } 722 723 if ($cssresult) $cssresult->Close(); 724 } 725 726 return $result; 727 } 728 729 /** 730 * Strips slashes from an array of values. 731 */ 732 function & stripslashes_deep(&$value) 733 { 734 if (is_array($value)) 735 { 736 $value = array_map('stripslashes_deep', $value); 737 } 738 elseif (!empty($value) && is_string($value)) 739 { 740 $value = stripslashes($value); 741 } 742 return $value; 743 } 744 745 function create_textarea($enablewysiwyg, $text, $name, $classname='', $id='', $encoding='', $stylesheet='', $width='80', $height='15',$forcewysiwyg='') 746 { 747 global $gCms; 748 $result = ''; 749 750 if ($enablewysiwyg == true) 751 { 752 reset($gCms->modules); 753 while (list($key) = each($gCms->modules)) 754 { 755 $value =& $gCms->modules[$key]; 756 if ($gCms->modules[$key]['installed'] == true && //is the module installed? 757 $gCms->modules[$key]['active'] == true && //us the module active? 758 $gCms->modules[$key]['object']->IsWYSIWYG()) //is it a wysiwyg module? 759 { 760 if ($forcewysiwyg=='') { 761 //get_preference(get_userid(), 'wysiwyg')!="" && //not needed as it won't match the wisiwyg anyway 762 if ($gCms->modules[$key]['object']->GetName()==get_preference(get_userid(), 'wysiwyg')) { 763 $result=$gCms->modules[$key]['object']->WYSIWYGTextarea($name,$width,$height,$encoding,$text,$stylesheet); 764 } 765 } else { 766 if ($gCms->modules[$key]['object']->GetName()==$forcewysiwyg) { 767 $result=$gCms->modules[$key]['object']->WYSIWYGTextarea($name,$width,$height,$encoding,$text,$stylesheet); 768 } 769 } 770 } 771 } 772 } 773 774 if ($result == '') 775 { 776 $result = '<textarea name="'.$name.'" cols="'.$width.'" rows="'.$height.'"'; 777 if ($classname != '') 778 { 779 $result .= ' class="'.$classname.'"'; 780 } 781 if ($id != '') 782 { 783 $result .= ' id="'.$id.'"'; 784 } 785 $result .= '>'.cms_htmlentities($text,ENT_NOQUOTES,get_encoding($encoding)).'</textarea>'; 786 } 787 788 return $result; 789 } 790 791 /* 792 * creates a textarea that does syntax highlighting on the source code. 793 * The following also needs to be added to the <form> tag for submit to work. 794 * if($use_javasyntax){echo 'onSubmit="textarea_submit( 795 * this, \'custom404,sitedown\');"';} 796 */ 797 function textarea_highlight($use_javasyntax, $text, $name, $class_name="syntaxHighlight", $syntax_type="HTML (Complex)", $id="", $encoding='') 798 { 799 if ($use_javasyntax) 800 { 801 $text = ereg_replace("\r\n", "<CMSNewLine>", $text); 802 $text = ereg_replace("\r", "<CMSNewLine>", $text); 803 $text = cms_htmlentities(ereg_replace("\n", "<CMSNewLine>", $text)); 804 805 // possible values for syntaxType are: Java, C/C++, LaTeX, SQL, 806 // Java Properties, HTML (Simple), HTML (Complex) 807 808 $output = '<applet name="CMSSyntaxHighlight" 809 code="org.CMSMadeSimple.Syntax.Editor.class" width="100%"> 810 <param name="cache_option" VALUE="Plugin"> 811 <param name="cache_archive" VALUE="SyntaxHighlight.jar"> 812 <param name="cache_version" VALUE="612.0.0.0"> 813 <param name="content" value="'.$text.'"> 814 <param name="syntaxType" value="'.$syntax_type.'"> 815 Sorry, the syntax highlighted textarea will not work with your 816 browser. Please use a different browser or turn off syntax 817 highlighting under user preferences. 818 </applet> 819 <input type="hidden" name="'.$name.'" value="">'; 820 821 } 822 else 823 { 824 $output = '<textarea name="'.$name.'" cols="80" rows="24" 825 class="'.$class_name.'"'; 826 if ($id<>"") 827 $output.=' id="'.$id.'"'; 828 $output.='>'.cms_htmlentities($text,ENT_NOQUOTES,get_encoding($encoding)).'</textarea>'; 829 } 830 831 return $output; 832 } 833 834 /* 835 * Displays the login form (frontend) 836 */ 837 function display_login_form() 838 { 839 return '<form method=post action="'.$_SERVER['PHP_SELF'].'">'. 840 'Name: <input type="text" name="login_name"><br>'. 841 'Password: <input type="password" name="login_password"><br>'. 842 '<input type="submit">'. 843 '</form>'; 844 } 845 846 /* 847 * check if the person has access to this file (frontend) 848 */ 849 function check_access($page_id) 850 { 851 global $gCms; 852 $db =& $gCms->GetDb(); 853 854 if (isset($_SESSION['login_name']) && isset($_SESSION['login_password'])) 855 { 856 return true; 857 } 858 859 if (isset($_POST['login_password']) && isset($_POST['login_name'])) 860 { 861 $login_password = trim($_POST['login_password']); 862 $login_name = trim($_POST['login_name']); 863 $query = 'SELECT user_id FROM '.cms_db_prefix().'frontend_users WHERE page_id = '.$page_id; 864 $result = $db->Execute($query); 865 if ($result && $result->RecordCount() > 0) 866 { 867 $query = 'SELECT user_id from '.cms_db_prefix().'users WHERE `username`=\''.$login_name.'\' AND `password`=\''.md5($login_password).'\''; 868 $result = $db->Execute($query); 869 if ($result && $result->RecordCount() > 0) 870 { 871 $_SESSION['login_name'] = $login_name; 872 $_SESSION['login_password'] = $login_password; 873 return true; 874 } 875 } 876 if ($result) $result->Close(); 877 } 878 return false; 879 } 880 881 /** 882 * Creates a string containing links to all the pages. 883 * @param page - the current page to display 884 * @param totalrows - the amount of items being listed 885 * @param limit - the amount of items to list per page 886 * @return a string containing links to all the pages (ex. next 1,2 prev) 887 */ 888 function pagination($page, $totalrows, $limit) 889 { 890 $page_string = ""; 891 $from = ($page * $limit) - $limit; 892 $numofpages = $totalrows / $limit; 893 if ($numofpages > 1) 894 { 895 if($page != 1) 896 { 897 $pageprev = $page-1; 898 $page_string .= "<a href=\"".$_SERVER['PHP_SELF']."?page=$pageprev\">".lang('previous')."</a> "; 899 } 900 else 901 { 902 $page_string .= lang('previous')." "; 903 } 904 for($i = 1; $i <= $numofpages; $i++) 905 { 906 if($i == $page) 907 { 908 $page_string .= $i." "; 909 } 910 else 911 { 912 $page_string .= "<a href=\"".$_SERVER['PHP_SELF']."?page=$i\">$i</a> "; 913 } 914 } 915 916 if(($totalrows % $limit) != 0) 917 { 918 if($i == $page) 919 { 920 $page_string .= $i." "; 921 } 922 else 923 { 924 $page_string .= "<a href=\"".$_SERVER['PHP_SELF']."?page=$i\">$i</a> "; 925 } 926 } 927 928 if(($totalrows - ($limit * $page)) > 0) 929 { 930 $pagenext = $page+1; 931 $page_string .= "<a href=\"".$_SERVER['PHP_SELF']."?page=$pagenext\">".lang('next')."</a>"; 932 } 933 else 934 { 935 $page_string .= lang('next')." "; 936 } 937 } 938 return $page_string; 939 } 940 941 942 function wysiwyg_form_submit() 943 { 944 global $gCms; 945 $result = ''; 946 947 $userid = get_userid(); 948 $wysiwyg = get_preference($userid, 'wysiwyg'); 949 950 if (isset($wysiwyg) && $wysiwyg != '') 951 { 952 #Perform the content title callback 953 reset($gCms->modules); 954 while (list($key) = each($gCms->modules)) 955 { 956 $value =& $gCms->modules[$key]; 957 if ($gCms->modules[$key]['installed'] == true && 958 $gCms->modules[$key]['active'] == true) 959 { 960 @ob_start(); 961 $gCms->modules[$key]['object']->WYSIWYGPageFormSubmit(); 962 $result = @ob_get_contents(); 963 @ob_end_clean(); 964 } 965 } 966 } 967 968 return $result; 969 } 970 971 /** 972 * Returns the currently configured database prefix. 973 * 974 * @since 0.4 975 */ 976 function cms_db_prefix() { 977 global $config; 978 return $config["db_prefix"]; 979 } 980 981 # vim:ts=4 sw=4 noet 982 ?>
titre
Description
Corps
titre
Description
Corps
titre
Description
Corps
titre
Corps
| Généré le : Tue Apr 3 18:50:37 2007 | par Balluche grâce à PHPXref 0.7 |