/halogy/application/modules/pages/controllers/pages.php

https://bitbucket.org/haloweb/halogy-1.0/ · PHP · 457 lines · 327 code · 57 blank · 73 comment · 68 complexity · aec3f5cdccb858c518a0a8fedda8831f MD5 · raw file

  1. <?php
  2. /**
  3. * Halogy
  4. *
  5. * A user friendly, modular content management system for PHP 5.0
  6. * Built on CodeIgniter - http://codeigniter.com
  7. *
  8. * @package Halogy
  9. * @author Haloweb Ltd.
  10. * @copyright Copyright (c) 2008-2011, Haloweb Ltd.
  11. * @license http://halogy.com/license
  12. * @link http://halogy.com/
  13. * @since Version 1.0
  14. * @filesource
  15. */
  16. // ------------------------------------------------------------------------
  17. class Pages extends Controller {
  18. function Pages()
  19. {
  20. parent::Controller();
  21. // get siteID, if available
  22. if (defined('SITEID'))
  23. {
  24. $this->siteID = SITEID;
  25. }
  26. }
  27. function index()
  28. {
  29. if ($this->uri->segment(1))
  30. {
  31. // deprecated uri code (now its always just the uri string)
  32. $num = 1;
  33. $uri = '';
  34. while ($segment = $this->uri->segment($num))
  35. {
  36. $uri .= $segment.'/';
  37. $num ++;
  38. }
  39. $new_length = strlen($uri) - 1;
  40. $uri = substr($uri, 0, $new_length);
  41. }
  42. else
  43. {
  44. $uri = 'home';
  45. }
  46. $this->view($uri);
  47. }
  48. function view($page, $sendthru = '', $module = FALSE, $return = FALSE)
  49. {
  50. // set default parse file
  51. $parseFile = 'default';
  52. // check the page is not ajax or a return
  53. if (!$this->core->is_ajax() && !$return)
  54. {
  55. // check to see if the user is logged in as admin and has rights to edit the page inline
  56. if ($this->session->userdata('session_admin'))
  57. {
  58. $parseFile = 'view_template_inline';
  59. }
  60. }
  61. // handle web form
  62. if (count($_POST) && !$module)
  63. {
  64. if (!$sendthru['message'] = $this->core->web_form())
  65. {
  66. $sendthru['errors'] = validation_errors();
  67. }
  68. }
  69. // see if the cms is to generate a page from a module or a function of the site
  70. if ($module)
  71. {
  72. // set template tag
  73. $this->template->template['page:template'] = $page;
  74. // look up the page to see if there is any overriding meta data
  75. if ($metadata = $this->core->get_page(FALSE, substr($this->uri->uri_string(), 1)))
  76. {
  77. // redirect if set
  78. if ($metadata['redirect'])
  79. {
  80. $metadata['redirect'] = preg_replace('/^\//', '', $metadata['redirect']);
  81. redirect($metadata['redirect']);
  82. }
  83. if ($metadata['active'] ||
  84. (!$metadata['active'] && $this->session->userdata('session_admin') &&
  85. ((@in_array('pages_edit', $this->permission->permissions) && in_array('pages_all', $this->permission->permissions)) ||
  86. (!@in_array('pages_all', $this->permission->permissions) && $this->session->userdata('groupID') && $metadata['groupID'] == $this->session->userdata('groupID')))
  87. )
  88. )
  89. {
  90. // set a title as long as its not a default
  91. if ($metadata['title'] != $metadata['pageName'])
  92. {
  93. $sendthru['page:title'] = $metadata['title'];
  94. }
  95. // set meta data
  96. $sendthru['page:keywords'] = $metadata['keywords'];
  97. $sendthru['page:description'] = $metadata['description'];
  98. }
  99. else
  100. {
  101. show_404();
  102. }
  103. }
  104. // get template by name
  105. if ($pagedata = $this->core->get_module_template($page))
  106. {
  107. // get template and blocks from cms
  108. $module = $this->template->generate_template($pagedata);
  109. // merge the sendthru data with page data
  110. $template = (is_array($sendthru)) ? array_merge($module, $sendthru) : $module;
  111. // set a null title
  112. $template['page:title'] = (!isset($sendthru['page:title'])) ? $this->site->config['siteName'] : $sendthru['page:title'];
  113. // output data
  114. if ($return === FALSE)
  115. {
  116. $this->parser->parse($parseFile, $template);
  117. }
  118. else
  119. {
  120. return $this->parser->parse($parseFile, $template, TRUE);
  121. }
  122. }
  123. // else just show it from a file template
  124. else
  125. {
  126. // get module name
  127. $module = (is_string($module)) ? $module : $this->uri->segment(1);
  128. // get module template
  129. if ($file = @file_get_contents(APPPATH.'modules/'.$module.'/views/templates/'.$page.'.php'))
  130. {
  131. // make a template out of the file
  132. $module = $this->template->generate_template(FALSE, $file);
  133. // merge the sendthru data with page data
  134. $template = (is_array($sendthru)) ? array_merge($module, $sendthru) : $module;
  135. // set a null title
  136. $template['page:title'] = (!isset($sendthru['page:title'])) ? $this->site->config['siteName'] : $sendthru['page:title'];
  137. // output data
  138. if ($return === FALSE)
  139. {
  140. $this->parser->parse($parseFile, $template);
  141. }
  142. else
  143. {
  144. return $this->parser->parse($parseFile, $template, TRUE);
  145. }
  146. }
  147. else
  148. {
  149. show_error('Templating error!');
  150. }
  151. }
  152. }
  153. // else just grab the page from cms
  154. elseif ($this->session->userdata('session_admin') && $pagedata = $this->core->get_page(FALSE, $page))
  155. {
  156. // redirect if set
  157. if ($pagedata['redirect'])
  158. {
  159. $pagedata['redirect'] = preg_replace('/^\//', '', $pagedata['redirect']);
  160. redirect($pagedata['redirect']);
  161. }
  162. // show cms with admin functions
  163. if ((@in_array('pages_edit', $this->permission->permissions) && in_array('pages_all', $this->permission->permissions)) ||
  164. (!@in_array('pages_all', $this->permission->permissions) && $this->session->userdata('groupID') && $pagedata['groupID'] == $this->session->userdata('groupID')))
  165. {
  166. $versionIDs = array();
  167. // check that this is not the live version and then add page version
  168. if ($versions = $this->core->get_versions($pagedata['pageID']))
  169. {
  170. foreach ($versions as $version)
  171. {
  172. $versionIDs[] = $version['versionID'];
  173. }
  174. }
  175. if ((!$pagedata['versionID'] && !$pagedata['draftID']) || @in_array($pagedata['draftID'], $versionIDs))
  176. {
  177. $this->core->add_draft($pagedata['pageID']);
  178. redirect($this->uri->uri_string());
  179. }
  180. // set no cache headers
  181. $this->output->set_header('Cache-Control: no-Store, no-Cache, must-revalidate');
  182. $this->output->set_header('Expires: -1');
  183. // show admin inline editor
  184. $output = $this->core->generate_page($pagedata['pageID'], TRUE);
  185. // merge output with any other data
  186. $output = (is_array($sendthru)) ? array_merge($output, $sendthru) : $output;
  187. // output images
  188. $where = '';
  189. if (!@in_array('images_all', $this->permission->permissions))
  190. {
  191. $where['userID'] = $this->session->userdata('userID');
  192. }
  193. $images = $this->core->viewall('images', $where, array('dateCreated', 'desc'), 99);
  194. $output['images'] = $images['images'];
  195. // parse with main cms template
  196. if ($return === FALSE)
  197. {
  198. $this->parser->parse($parseFile, $output);
  199. }
  200. else
  201. {
  202. return $this->parser->parse($parseFile, $output, TRUE);
  203. }
  204. }
  205. // otherwise they are admin but they don't have permission to this page
  206. else
  207. {
  208. // just get normal page
  209. $output = $this->core->generate_page($pagedata['pageID']);
  210. // merge output with any other data
  211. $output = (is_array($sendthru)) ? array_merge($output, $sendthru) : $output;
  212. // parse with main cms template
  213. if ($return === FALSE)
  214. {
  215. $this->parser->parse($parseFile, $output);
  216. }
  217. else
  218. {
  219. return $this->parser->parse($parseFile, $output, TRUE);
  220. }
  221. }
  222. }
  223. // display normal page
  224. elseif ($pagedata = $this->core->get_active_page($page))
  225. {
  226. // redirect if set
  227. if ($pagedata['redirect'])
  228. {
  229. $pagedata['redirect'] = preg_replace('/^\//', '', $pagedata['redirect']);
  230. redirect($pagedata['redirect']);
  231. }
  232. // add view
  233. $this->core->add_view($pagedata['pageID']);
  234. // merge output with any other data
  235. $pagedata = (is_array($sendthru)) ? array_merge($pagedata, $sendthru) : $pagedata;
  236. // just get normal page
  237. $output = $this->core->generate_page($pagedata['pageID']);
  238. // merge output with any other data
  239. $output = (is_array($sendthru)) ? array_merge($output, $sendthru) : $output;
  240. // set no cache headers
  241. $this->output->set_header('Content-Type: text/html');
  242. // parse with main cms template
  243. if ($return === FALSE)
  244. {
  245. $this->parser->parse($parseFile, $output);
  246. }
  247. else
  248. {
  249. return $this->parser->parse($parseFile, $output, TRUE);
  250. }
  251. }
  252. // if nothing then 404 it!
  253. else
  254. {
  255. show_404();
  256. }
  257. }
  258. // file viewer
  259. function files($type = '', $ref = '')
  260. {
  261. // format filename
  262. $filenames = @explode('.', $ref);
  263. $extension = end($filenames);
  264. $filename = str_replace('.'.$extension, '', $ref);
  265. // css
  266. if ($type == 'css')
  267. {
  268. if ($include = $this->core->get_include($ref))
  269. {
  270. $this->output->set_header('Content-Type: text/css');
  271. $this->output->set_header('Expires: ' . gmdate('D, d M Y H:i:s', time()+14*24*60*60) . ' GMT');
  272. $this->output->set_output($include['body']);
  273. }
  274. else
  275. {
  276. show_404();
  277. }
  278. }
  279. // js
  280. elseif ($type == 'js')
  281. {
  282. if ($include = $this->core->get_include($ref))
  283. {
  284. $this->output->set_header('Content-Type: text/javascript');
  285. $this->output->set_header('Expires: ' . gmdate('D, d M Y H:i:s', time()+14*24*60*60) . ' GMT');
  286. $this->output->set_output($include['body']);
  287. }
  288. else
  289. {
  290. show_404();
  291. }
  292. }
  293. // images
  294. elseif ($type == 'images' || $type == 'gfx' | $type == 'thumbs')
  295. {
  296. if ($extension == 'gif')
  297. {
  298. $this->output->set_header('Content-Type: image/gif');
  299. }
  300. elseif ($extension == 'jpg' || $extension == 'jpeg')
  301. {
  302. $this->output->set_header('Content-Type: image/pjpeg');
  303. $this->output->set_header('Content-Type: image/jpeg');
  304. }
  305. elseif ($extension == 'png')
  306. {
  307. $this->output->set_header('Content-Type: image/png');
  308. }
  309. else
  310. {
  311. show_404();
  312. }
  313. // output image
  314. if ($image = $this->uploads->load_image($filename))
  315. {
  316. // set thumbnail
  317. $image = ($type == 'thumbs' && $thumb = $this->uploads->load_image($filename, TRUE)) ? $thumb : $image;
  318. $imageOutput = file_get_contents('.'.$image['src']);
  319. $fs = stat('.'.$image['src']);
  320. $this->output->set_header("Etag: ".sprintf('"%x-%x-%s"', $fs['ino'], $fs['size'],base_convert(str_pad($fs['mtime'],16,"0"),10,16)));
  321. $this->output->set_header('Expires: '.gmdate('D, d M Y H:i:s', time()+14*24*60*60) . ' GMT');
  322. $this->output->set_output($imageOutput);
  323. }
  324. else
  325. {
  326. show_404();
  327. }
  328. }
  329. // uploaded files
  330. elseif ($type == 'files')
  331. {
  332. // get the file, by reference or by filename
  333. if (@!$filenames[1])
  334. {
  335. $file = $this->uploads->load_file($ref, TRUE);
  336. }
  337. else
  338. {
  339. $file = $this->uploads->load_file($filename, TRUE);
  340. }
  341. if ($file)
  342. {
  343. if (@$file['error'] == 'expired')
  344. {
  345. show_error('Sorry, this download has now expired. Please contact support.');
  346. }
  347. elseif (@$file['error'] == 'premium')
  348. {
  349. show_error('This is a premium item and must be purchased in the shop.');
  350. }
  351. else
  352. {
  353. // set headers
  354. if ($extension == 'ico')
  355. {
  356. $this->output->set_header('Content-Type: image/x-icon');
  357. }
  358. elseif ($extension == 'swf')
  359. {
  360. $this->output->set_header('Content-Type: application/x-shockwave-flash');
  361. }
  362. else
  363. {
  364. $this->output->set_header("Pragma: public");
  365. $this->output->set_header("Expires: -1");
  366. $this->output->set_header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
  367. $this->output->set_header("Content-Type: application/force-download");
  368. $this->output->set_header("Content-Type: application/octet-stream");
  369. $this->output->set_header("Content-Length: " .(string)(filesize('.'.$file['src'])) );
  370. $this->output->set_header("Content-Disposition: attachment; filename=".$file['fileRef'].$file['extension']);
  371. $this->output->set_header("Content-Description: File Transfer");
  372. }
  373. // output file contents
  374. $output = file_get_contents('.'.$file['src']);
  375. $this->output->set_output($output);
  376. }
  377. }
  378. else
  379. {
  380. show_404();
  381. }
  382. }
  383. // else 404 it
  384. else
  385. {
  386. show_404();
  387. }
  388. }
  389. function _captcha_check()
  390. {
  391. if (!$this->core->captcha_check())
  392. {
  393. return FALSE;
  394. }
  395. else
  396. {
  397. return TRUE;
  398. }
  399. }
  400. }