PageRenderTime 34ms CodeModel.GetById 10ms RepoModel.GetById 0ms app.codeStats 0ms

/admin/includes/modules/template-editor/template-editor.Manage.php

https://github.com/KenBoyer/CompactCMS
PHP | 334 lines | 230 code | 33 blank | 71 comment | 23 complexity | ef456c03f28a3ea2b1dec8fb2319da04 MD5 | raw file
    

  1. <?php
    2. 

  2. /* ************************************************************
    3. 

  3. Copyright (C) 2008 - 2010 by Xander Groesbeek (CompactCMS.nl)
    4. 

  4. Revision:   CompactCMS - v 1.4.2
    5. 

    6. 

  6. This file is part of CompactCMS.
    7. 

    8. 

  8. CompactCMS is free software: you can redistribute it and/or modify
    9. 

  9. it under the terms of the GNU General Public License as published by
    10. 

  10. the Free Software Foundation, either version 3 of the License, or
    11. 

  11. (at your option) any later version.
    12. 

    13. 

  13. CompactCMS is distributed in the hope that it will be useful,
    14. 

  14. but WITHOUT ANY WARRANTY; without even the implied warranty of
    15. 

  15. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    16. 

  16. GNU General Public License for more details.
    17. 

    18. 

  18. A reference to the original author of CompactCMS and its copyright
    19. 

  19. should be clearly visible AT ALL TIMES for the user of the back-
    20. 

  20. end. You are NOT allowed to remove any references to the original
    21. 

  21. author, communicating the product to be your own, without written
    22. 

  22. permission of the original copyright owner.
    23. 

    24. 

  24. You should have received a copy of the GNU General Public License
    25. 

  25. along with CompactCMS. If not, see <http://www.gnu.org/licenses/>.
    26. 

    27. 

  27. > Contact me for any inquiries.
    28. 

  28. > E: Xander@CompactCMS.nl
    29. 

  29. > W: http://community.CompactCMS.nl/forum
    30. 

  30. ************************************************************ */
    31. 

  31. 

  32. /* make sure no-one can run anything here if they didn't arrive through 'proper channels' */
    33. 

  33. if(!defined("COMPACTCMS_CODE")) { define("COMPACTCMS_CODE", 1); } /*MARKER*/
    34. 

  34. 

  35. /*
    36. 

  36. We're only processing form requests / actions here, no need to load the page content in sitemap.php, etc.
    37. 

  37. */
    38. 

  38. if (!defined('CCMS_PERFORM_MINIMAL_INIT')) { define('CCMS_PERFORM_MINIMAL_INIT', true); }
    39. 

  39. 

  40. 

  41. // Define default location
    42. 

  42. if (!defined('BASE_PATH'))
    43. 

  43. {
    44. 

  44. 	$base = str_replace('\\','/',dirname(dirname(dirname(dirname(dirname(__FILE__))))));
    45. 

  45. 	define('BASE_PATH', $base);
    46. 

  46. }
    47. 

  47. 

  48. // Include general configuration
    49. 

  49. /*MARKER*/require_once(BASE_PATH . '/lib/sitemap.php');
    50. 

  50. 

  51. 

  52. // security check done ASAP
    53. 

  53. if(!checkAuth() || empty($_SESSION['rc1']) || empty($_SESSION['rc2']))
    54. 

  54. {
    55. 

  55. 	die("No external access to file");
    56. 

  56. }
    57. 

  57. 

  58. 

  59. 

  60. $do = getGETparam4IdOrNumber('do');
    61. 

  61. $status = getGETparam4IdOrNumber('status');
    62. 

  62. $status_message = getGETparam4DisplayHTML('msg');
    63. 

  63. 

  64. 

  65. // Set the default template
    66. 

  66. $dir_temp = BASE_PATH . "/lib/templates/";
    67. 

  67. $get_temp = getGETparam4FullFilePath('template', $template[0].'.tpl.html');
    68. 

  68. $chstatus = is_writable_ex($dir_temp.$get_temp); // @dev: to test the error feedback on read-only on Win+UNIX: add '|| 1' here.
    69. 

  69. 

  70. // Check for filename
    71. 

  71. if(!empty($get_temp))
    72. 

  72. {
    73. 

  73. 	if(@fopen($dir_temp.$get_temp, "r"))
    74. 

  74. 	{
    75. 

  75. 		$handle = fopen($dir_temp.$get_temp, "r");
    76. 

  76. 		// PHP5+ Feature
    77. 

  77. 		$contents = stream_get_contents($handle);
    78. 

  78. 		if (0)
    79. 

  79. 		{
    80. 

  80. 			// PHP4 Compatibility
    81. 

  81. 			$flen = filesize($dir_temp.$get_temp);
    82. 

  82. 			if ($flen > 0)
    83. 

  83. 			{
    84. 

  84. 				$contents = @fread($handle, $flen);
    85. 

  85. 			}
    86. 

  86. 		}
    87. 

  87. 		fclose($handle);
    88. 

  88. 		$contents = str_replace("<br />", "<br>", $contents);
    89. 

  89. 	}
    90. 

  90. }
    91. 

  91. 

  92. 

  93. if(!$perm->is_level_okay('manageTemplate', $_SESSION['ccms_userLevel']))
    94. 

  94. {
    95. 

  95. 	$chstatus = false; // templates are viewable but NOT WRITABLE when user doesn't have permission to manage these.
    96. 

  96. }
    97. 

  97. 

  98. 

  99. 

  100. ?>
    101. 

  101. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
    102. 

  102. <html>
    103. 

  103. 	<head>
    104. 

  104. 		<meta http-equiv="Content-type" content="text/html; charset=utf-8" />
    105. 

  105. 		<title>Template Editing module</title>
    106. 

  106. 		<link rel="stylesheet" type="text/css" href="../../../../admin/img/styles/base.css,liquid.css,layout.css,sprite.css,last_minute_fixes.css" />
    107. 

  107. 		<!--[if IE]>
    108. 

  108. 			<link rel="stylesheet" type="text/css" href="../../../../admin/img/styles/ie.css" />
    109. 

  109. 		<![endif]-->
    110. 

  110. 	</head>
    111. 

  111. <body>
    112. 

  112. 	<div class="module" id="template-editor">
    113. 

  113. 		<?php
    114. 

  114. 		if(!$chstatus)
    115. 

  115. 		{
    116. 

  116. 		?>
    117. 

  117. 		<div class="span-25 last center-text error">
    118. 

  118. 			<p class="ss_has_sprite"><span class="ss_sprite_16 ss_error">&#160;</span><?php echo $ccms['lang']['template']['nowrite']; ?></p>
    119. 

  119. 		</div>
    120. 

  120. 		<?php
    121. 

  121. 		}
    122. 

  122. 		?>
    123. 

  123. 		<div class="span-15 clear">
    124. 

  124. 			<h1 class="editor"><?php echo $ccms['lang']['template']['manage']; ?></h1>
    125. 

  125. 		</div>
    126. 

  126. 

  127. 		<div class="span-10 right last">
    128. 

  128. 			<form action="<?php echo $_SERVER['PHP_SELF']; ?>" id="changeTmp" method="get" class="right" accept-charset="utf-8">
    129. 

  129. 				<label for="template"><?php echo $ccms['lang']['backend']['template'];?></label>
    130. 

  130. 				<select class="text" onChange="document.getElementById('changeTmp').submit();" id="template" name="template">
    131. 

  131. 					<?php
    132. 

  132. 					for ($x = 0; $x < count($template); $x++)
    133. 

  133. 					{
    134. 

  134. 					?>
    135. 

  135. 						<optgroup label="<?php echo ucfirst($template[$x]); ?>">
    136. 

  136. 							<option <?php echo ($get_temp == $template[$x].'.tpl.html') ? 'selected="selected"' : ''; ?> value="<?php echo $template[$x]; ?>.tpl.html"><?php echo ucfirst($template[$x]).': '.strtolower($ccms['lang']['backend']['template']); ?></option>
    137. 

  137. 							<?php
    138. 

  138. 

  139. 							// Get CSS and other text-editable files which are part of the engine
    140. 

  140. 							$cssfiles = array();
    141. 

  141. 							if ($handle = opendir($dir_temp.$template[$x].'/'))
    142. 

  142. 							{
    143. 

  143. 								while (false !== ($file = readdir($handle)))
    144. 

  144. 								{
    145. 

  145. 									if ($file != "." && $file != "..")
    146. 

  146. 									{
    147. 

  147. 										switch (strtolower(substr($file, strrpos($file, '.') + 1)))
    148. 

  148. 										{
    149. 

  149. 										case 'css':
    150. 

  150. 										case 'js':
    151. 

  151. 										case 'php':
    152. 

  152. 										case 'xml':
    153. 

  153. 										case 'htm':
    154. 

  154. 										case 'html':
    155. 

  155. 										case 'txt':
    156. 

  156. 											$cssfiles[$x][] = $file;
    157. 

  157. 											break;
    158. 

  158. 

  159. 										default:
    160. 

  160. 											// don't list image files and such
    161. 

  161. 											break;
    162. 

  162. 										}
    163. 

  163. 									}
    164. 

  164. 								}
    165. 

  165. 								closedir($handle);
    166. 

  166. 							}
    167. 

  167. 

  168. 							foreach ($cssfiles[$x] as $css)
    169. 

  169. 							{
    170. 

  170. 							?>
    171. 

  171. 								<option <?php echo ($get_temp == $template[$x].'/'.$css) ? 'selected="selected"' : ''; ?> value="<?php echo $template[$x].'/'.$css; ?>"><?php echo ucfirst($template[$x]).': '.$css; ?></option>
    172. 

  172. 							<?php
    173. 

  173. 							}
    174. 

  174. 							?>
    175. 

  175. 						</optgroup>
    176. 

  176. 					<?php
    177. 

  177. 					}
    178. 

  178. 					?>
    179. 

  179. 				</select>
    180. 

  180. 			</form>
    181. 

  181. 		</div>
    182. 

  182. 		<hr class="space span-25 clear"/>
    183. 

  183. 

  184. 		<?php
    185. 

  185. 		/*
    186. 

  186. 		??? ALWAYS saying 'settings saved' instead of the attached message in the old code? Must've been a bug...
    187. 

    188. 

  188. 		Changed to mimic the layout in the other files...
    189. 

  189. 		*/
    190. 

  190. 		?>
    191. 

  191. 		<div class="center-text <?php echo $status; ?> span-25 clear">
    192. 

  192. 			<?php
    193. 

  193. 			if(!empty($status_message))
    194. 

  194. 			{
    195. 

  195. 				echo '<p class="ss_has_sprite"><span class="ss_sprite_16 '.($status == 'notice' ? 'ss_accept' : 'ss_error').'">&#160;</span>'.$status_message.'</p>';
    196. 

  196. 			}
    197. 

  197. 			?>
    198. 

  198. 		</div>
    199. 

  199. 

  200. 		<form action="template-editor.Process.php?template=<?php echo $get_temp; ?>&action=save-template" method="post" accept-charset="utf-8">
    201. 

  201. 			<textarea id="content" name="content"><?php echo htmlspecialchars(trim($contents), ENT_COMPAT, 'UTF-8'); ?></textarea>
    202. 

  202. 

  203. 			<input type="hidden" name="template" value="<?php echo $get_temp; ?>" id="template" />
    204. 

  204. 			<div class="right">
    205. 

  205. 				<?php
    206. 

  206. 				if($chstatus)
    207. 

  207. 				{
    208. 

  208. 				?>
    209. 

  209. 					<button type="submit" name="do" id="submit"><span class="ss_sprite_16 ss_disk">&#160;</span><?php echo $ccms['lang']['editor']['savebtn']; ?></button>
    210. 

  210. 				<?php
    211. 

  211. 				}
    212. 

  212. 				?>
    213. 

  213. 				<a class="button" href="../../../index.php" onClick="return confirmation();" title="<?php echo $ccms['lang']['editor']['cancelbtn']; ?>"><span class="ss_sprite_16 ss_cross">&#160;</span><?php echo $ccms['lang']['editor']['cancelbtn']; ?></a>
    214. 

  214. 			</div>
    215. 

  215. 		</form>
    216. 

  216. 

  217. <?php
    218. 

  218. if ($cfg['IN_DEVELOPMENT_ENVIRONMENT'])
    219. 

  219. {
    220. 

  220. ?>
    221. 

  221. 	<textarea id="jslog" class="log span-25 last clear" readonly="readonly">
    222. 

  222. 	</textarea>
    223. 

  223. <?php
    224. 

  224. }
    225. 

  225. ?>
    226. 

  226. 

  227. 	</div>
    228. 

  228. <?php
    229. 

  229. 

  230. // TODO: call edit_area_compressor.php only from the combiner: combine.inc.php when constructing the edit_area.js file for the first time.
    231. 

  231. 

  232. ?>
    233. 

  233. 		<script type="text/javascript">
    234. 

  234. 

  235. 

  236. function confirmation()
    237. 

  237. {
    238. 

  238. 	var answer = <?php echo (strpos($cfg['verify_alert'], 'X') !== false ? 'confirm("'.$ccms['lang']['editor']['confirmclose'].'")' : 'true'); ?>;
    239. 

  239. 	if(answer)
    240. 

  240. 	{
    241. 

  241. 		return !close_mochaUI_window_or_goto_url("<?php echo makeAbsoluteURI($cfg['rootdir'] . 'admin/index.php'); ?>", 'sys-tmp_ccms');
    242. 

  242. 	}
    243. 

  243. 	return false;
    244. 

  244. }
    245. 

  245. 

  246. 

  247. <?php
    248. 

  248. $js_files = array(
    249. 

  249. 	$cfg['rootdir'] . 'lib/includes/js/the_goto_guy.js',
    250. 

  250. 	$cfg['rootdir'] . 'lib/includes/js/mootools-core.js,mootools-more.js'
    251. 

  251. );
    252. 

  252. 

  253. if ($cfg['USE_JS_DEVELOPMENT_SOURCES'])
    254. 

  254. {
    255. 

  255. 	$js_files[] = $cfg['rootdir'] . 'lib/includes/js/edit_area/edit_area_ccms.js';
    256. 

  256. }
    257. 

  257. else
    258. 

  258. {
    259. 

  259. 	$js_files[] = $cfg['rootdir'] . 'lib/includes/js/edit_area/edit_area_ccms.js';
    260. 

  260. }
    261. 

  261. 

  262. /*
    263. 

  263. be aware that the edit_area code assumes a 'onLoad' event will be triggered AFTER it is
    264. 

  264. loaded, which is ONLY PROBABLY TRUE when the edit_area code is loaded by <script> tags
    265. 

  265. in the page header or HTML itself and NOT TRUE when edit_Area itself is loaded through
    266. 

  266. a lazyloader, like we do.
    267. 

    268. 

  268. Hence, we need to execute the edit_area onLoad event code manually at a time when we
    269. 

  269. can be certain the edit_area code is really loaded.
    270. 

  270. That's what the 'loaded' check and call in the code below is for.
    271. 

  271. */
    272. 

  272. $eaLanguage = $cfg['editarea_language'];
    273. 

  273. $EAsyntax = cvt_extension2EAsyntax($dir_temp.$get_temp);
    274. 

  274. $driver_code = <<<EOT42
    275. 

  275. 

  276. 		if (editAreaLoader.win != "loaded")
    277. 

  277. 		{
    278. 

  278. 			editAreaLoader.window_loaded();
    279. 

  279. 		}
    280. 

  280. 

  281. 		/*
    282. 

  282. 		resize event has the problem that it is triggered continually when in IE (and tests reveal it's similar in FF3)
    283. 

  283. 		and we do NOT want to spend CPU cycles on repeated updates of the MUI window sizes all the time, so we follow the
    284. 

  284. 		advice found here:
    285. 

    286. 

  286. 		http://mbccs.blogspot.com/2007/11/fixing-window-resize-event-in-ie.html
    287. 

  287. 		http://mootools-users.660466.n2.nabble.com/Moo-Detecting-window-resize-td3713058.html
    288. 

  288. 		*/
    289. 

  289. 		var resizeTimeout;
    290. 

  290. 

  291. 		var realResize = function(){
    292. 

  292. 

  293. 			//alert('template editor: resize event');
    294. 

  294. 		};
    295. 

  295. 

  296. 		window.addEvent('resize', function(e){
    297. 

  297. 			\$clear(resizeTimeout);
    298. 

  298. 			resizeTimeout = realResize.delay(200, this);
    299. 

  299. 		});
    300. 

  300. 

  301. 		// initialisation
    302. 

  302. 

  303. 		// make sure we only specify a /supported/ syntax; if we spec something else, edit_area will NOT show up!
    304. 

  304. 		if (!editAreaLoader.init(
    305. 

  305. 				{
    306. 

  306. 					id: "content",
    307. 

  307. 					start_highlight: true,
    308. 

  308. 					allow_resize: 'both',
    309. 

  309. 					//min_width: 400,
    310. 

  310. 					//min_height: 125,
    311. 

  311. 					allow_toggle: true,
    312. 

  312. 					word_wrap: true,
    313. 

  313. 					language: "$eaLanguage",
    314. 

  314. 					syntax: "$EAsyntax",
    315. 

  315. 					ignore_unsupported_syntax: true
    316. 

  316. 				}))
    317. 

  317. 		{
    318. 

  318. 			alert('failed to start the EditArea JS control; error code: ' + (0 + editAreaLoader.error_code));
    319. 

  319. 		}
    320. 

  320. 		/*
    321. 

  321. 		for (syn in editAreaLoader.load_syntax)
    322. 

  322. 		{
    323. 

  323. 			alert("syntax: " + syn);
    324. 

  324. 		}
    325. 

  325. 		*/
    326. 

  326. 

  327. EOT42;
    328. 

  328. 

  329. echo generateJS4lazyloadDriver($js_files, $driver_code);
    330. 

  330. ?>
    331. 

  331. </script>
    332. 

  332. <script type="text/javascript" src="../../../../lib/includes/js/lazyload/lazyload.js" charset="utf-8"></script>
    333. 

  333. </body>
    334. 

  334. </html>
    335.