openrat-cms

Unnamed repository; edit this file 'description' to name the repository.
Log | Files | Refs

commit 59b8fb960231c76db39f4c07c7369651877e5590
parent 8461a4f4a1d9bf0650f8c23590465c0e330f8773
Author: Jan Dankert <devnull@localhost>
Date:   Sat, 16 Dec 2017 23:33:32 +0100

Das CMS in eigene Module aufteilen. Das Modul cms-ui ist noch leer. Teile aus cms-core müssen nach cms-ui wandern, das ist aber aufwändiger und kommt später.

Diffstat:
action/.htaccess | 3---
action/Action.class.php | 782-------------------------------------------------------------------------------
action/ConfigurationAction.class.php | 117-------------------------------------------------------------------------------
action/ElementAction.class.php | 668-------------------------------------------------------------------------------
action/FileAction.class.php | 816-------------------------------------------------------------------------------
action/FilebrowserAction.class.php | 262-------------------------------------------------------------------------------
action/FolderAction.class.php | 1567-------------------------------------------------------------------------------
action/GroupAction.class.php | 322-------------------------------------------------------------------------------
action/GrouplistAction.class.php | 92-------------------------------------------------------------------------------
action/IndexAction.class.php | 394-------------------------------------------------------------------------------
action/LanguageAction.class.php | 276-------------------------------------------------------------------------------
action/LanguagelistAction.class.php | 149-------------------------------------------------------------------------------
action/LinkAction.class.php | 192-------------------------------------------------------------------------------
action/LoginAction.class.php | 2188-------------------------------------------------------------------------------
action/ModelAction.class.php | 210-------------------------------------------------------------------------------
action/ModellistAction.class.php | 119-------------------------------------------------------------------------------
action/ObjectAction.class.php | 481-------------------------------------------------------------------------------
action/PageAction.class.php | 881-------------------------------------------------------------------------------
action/PageelementAction.class.php | 1541-------------------------------------------------------------------------------
action/ProfileAction.class.php | 314-------------------------------------------------------------------------------
action/ProjectAction.class.php | 352-------------------------------------------------------------------------------
action/ProjectlistAction.class.php | 126-------------------------------------------------------------------------------
action/SearchAction.class.php | 239-------------------------------------------------------------------------------
action/StartAction.class.php | 1705-------------------------------------------------------------------------------
action/TemplateAction.class.php | 572-------------------------------------------------------------------------------
action/TemplatelistAction.class.php | 234-------------------------------------------------------------------------------
action/TitleAction.class.php | 135-------------------------------------------------------------------------------
action/TreeAction.class.php | 378-------------------------------------------------------------------------------
action/UrlAction.class.php | 190-------------------------------------------------------------------------------
action/UserAction.class.php | 507-------------------------------------------------------------------------------
action/UserlistAction.class.php | 88-------------------------------------------------------------------------------
action/WebdavAction.class.php | 1218-------------------------------------------------------------------------------
action/WorkbenchAction.class.php | 83-------------------------------------------------------------------------------
auth/Auth.class.php | 29-----------------------------
auth/CookieAuth.class.php | 32--------------------------------
auth/DatabaseAuth.class.php | 47-----------------------------------------------
auth/GuestAuth.class.php | 34----------------------------------
auth/HttpAuth.class.php | 43-------------------------------------------
auth/IdentAuth.class.php | 58----------------------------------------------------------
auth/InternalAuth.class.php | 98-------------------------------------------------------------------------------
auth/LdapAuth.class.php | 75---------------------------------------------------------------------------
auth/LdapUserDNAuth.class.php | 61-------------------------------------------------------------
auth/OpenIdAuth.class.php | 504-------------------------------------------------------------------------------
auth/RememberAuth.class.php | 62--------------------------------------------------------------
auth/SSLAuth.class.php | 28----------------------------
auth/SingleSignonAuth.class.php | 25-------------------------
auth/include.inc.php | 16----------------
init.php | 12++++++------
macro/Album.class.php | 93-------------------------------------------------------------------------------
macro/Atom.class.php | 142-------------------------------------------------------------------------------
macro/BlockMenu.class.php | 138-------------------------------------------------------------------------------
macro/BreadCrumb.class.php | 104-------------------------------------------------------------------------------
macro/CSVTable.class.php | 86-------------------------------------------------------------------------------
macro/ClassicMenu.class.php | 118-------------------------------------------------------------------------------
macro/CommonMenu.class.php | 102-------------------------------------------------------------------------------
macro/DoiMenu.class.php | 133-------------------------------------------------------------------------------
macro/GoogleMaps.class.php | 64----------------------------------------------------------------
macro/LanguageLinksForPage.class.php | 73-------------------------------------------------------------------------
macro/LastChanges.class.php | 164-------------------------------------------------------------------------------
macro/LastPage.class.php | 80-------------------------------------------------------------------------------
macro/Link.class.php | 57---------------------------------------------------------
macro/ListMenu.class.php | 116-------------------------------------------------------------------------------
macro/MainMenu.class.php | 82-------------------------------------------------------------------------------
macro/NextPage.class.php | 86-------------------------------------------------------------------------------
macro/OpenStreetMap.class.php | 64----------------------------------------------------------------
macro/PagesNavigation.class.php | 79-------------------------------------------------------------------------------
macro/RSSCreate.class.php | 171-------------------------------------------------------------------------------
macro/RSSReader.class.php | 181-------------------------------------------------------------------------------
macro/Sitemap.class.php | 120-------------------------------------------------------------------------------
macro/TableFromFile.class.php | 90-------------------------------------------------------------------------------
macro/TagCloud.class.php | 67-------------------------------------------------------------------
macro/TagList.class.php | 56--------------------------------------------------------
macro/TeaserList.class.php | 115-------------------------------------------------------------------------------
macro/Youtube.class.php | 60------------------------------------------------------------
model/.htaccess | 3---
model/Acl.class.php | 505-------------------------------------------------------------------------------
model/Element.class.php | 503-------------------------------------------------------------------------------
model/File.class.php | 710-------------------------------------------------------------------------------
model/Folder.class.php | 909-------------------------------------------------------------------------------
model/Group.class.php | 380-------------------------------------------------------------------------------
model/Language.class.php | 288-------------------------------------------------------------------------------
model/Link.class.php | 130-------------------------------------------------------------------------------
model/Model.class.php | 284-------------------------------------------------------------------------------
model/ModelBase.class.php | 18------------------
model/Object.class.php | 1376-------------------------------------------------------------------------------
model/ObjectFactory.php | 55-------------------------------------------------------
model/Page.class.php | 883-------------------------------------------------------------------------------
model/Project.class.php | 898-------------------------------------------------------------------------------
model/Template.class.php | 441-------------------------------------------------------------------------------
model/Url.class.php | 114-------------------------------------------------------------------------------
model/User.class.php | 1026-------------------------------------------------------------------------------
model/Value.class.php | 1689-------------------------------------------------------------------------------
model/include.inc.php | 23-----------------------
modules/cms-core/action/.htaccess | 3+++
modules/cms-core/action/Action.class.php | 782+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-core/action/ConfigurationAction.class.php | 117+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-core/action/ElementAction.class.php | 668+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-core/action/FileAction.class.php | 816+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-core/action/FilebrowserAction.class.php | 262+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-core/action/FolderAction.class.php | 1567+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-core/action/GroupAction.class.php | 322+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-core/action/GrouplistAction.class.php | 92+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-core/action/IndexAction.class.php | 394+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-core/action/LanguageAction.class.php | 276+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-core/action/LanguagelistAction.class.php | 149+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-core/action/LinkAction.class.php | 192+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-core/action/LoginAction.class.php | 2188+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-core/action/ModelAction.class.php | 210+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-core/action/ModellistAction.class.php | 119+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-core/action/ObjectAction.class.php | 481+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-core/action/PageAction.class.php | 881+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-core/action/PageelementAction.class.php | 1541+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-core/action/ProfileAction.class.php | 314+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-core/action/ProjectAction.class.php | 352+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-core/action/ProjectlistAction.class.php | 126+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-core/action/SearchAction.class.php | 239+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-core/action/StartAction.class.php | 1705+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-core/action/TemplateAction.class.php | 572+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-core/action/TemplatelistAction.class.php | 234+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-core/action/TitleAction.class.php | 135+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-core/action/TreeAction.class.php | 378+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-core/action/UrlAction.class.php | 190+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-core/action/UserAction.class.php | 507+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-core/action/UserlistAction.class.php | 88+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-core/action/WebdavAction.class.php | 1218+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-core/action/WorkbenchAction.class.php | 83+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-core/auth/Auth.class.php | 29+++++++++++++++++++++++++++++
modules/cms-core/auth/CookieAuth.class.php | 32++++++++++++++++++++++++++++++++
modules/cms-core/auth/DatabaseAuth.class.php | 47+++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-core/auth/GuestAuth.class.php | 34++++++++++++++++++++++++++++++++++
modules/cms-core/auth/HttpAuth.class.php | 43+++++++++++++++++++++++++++++++++++++++++++
modules/cms-core/auth/IdentAuth.class.php | 58++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-core/auth/InternalAuth.class.php | 98+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-core/auth/LdapAuth.class.php | 75+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-core/auth/LdapUserDNAuth.class.php | 61+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-core/auth/OpenIdAuth.class.php | 504+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-core/auth/RememberAuth.class.php | 62++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-core/auth/SSLAuth.class.php | 28++++++++++++++++++++++++++++
modules/cms-core/auth/SingleSignonAuth.class.php | 25+++++++++++++++++++++++++
modules/cms-core/auth/include.inc.php | 16++++++++++++++++
modules/cms-core/model/.htaccess | 3+++
modules/cms-core/model/Acl.class.php | 505+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-core/model/Element.class.php | 503+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-core/model/File.class.php | 710+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-core/model/Folder.class.php | 909+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-core/model/Group.class.php | 380+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-core/model/Language.class.php | 288+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-core/model/Link.class.php | 130+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-core/model/Model.class.php | 284+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-core/model/ModelBase.class.php | 18++++++++++++++++++
modules/cms-core/model/Object.class.php | 1376+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-core/model/ObjectFactory.php | 55+++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-core/model/Page.class.php | 883+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-core/model/Project.class.php | 898+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-core/model/Template.class.php | 441+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-core/model/Url.class.php | 114+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-core/model/User.class.php | 1026+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-core/model/Value.class.php | 1689+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-core/model/include.inc.php | 23+++++++++++++++++++++++
modules/cms-macros/macro/Album.class.php | 93+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-macros/macro/Atom.class.php | 142+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-macros/macro/BlockMenu.class.php | 138+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-macros/macro/BreadCrumb.class.php | 104+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-macros/macro/CSVTable.class.php | 86+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-macros/macro/ClassicMenu.class.php | 118+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-macros/macro/CommonMenu.class.php | 102+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-macros/macro/DoiMenu.class.php | 133+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-macros/macro/GoogleMaps.class.php | 64++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-macros/macro/LanguageLinksForPage.class.php | 73+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-macros/macro/LastChanges.class.php | 164+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-macros/macro/LastPage.class.php | 80+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-macros/macro/Link.class.php | 57+++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-macros/macro/ListMenu.class.php | 116+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-macros/macro/MainMenu.class.php | 82+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-macros/macro/NextPage.class.php | 86+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-macros/macro/OpenStreetMap.class.php | 64++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-macros/macro/PagesNavigation.class.php | 79+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-macros/macro/RSSCreate.class.php | 171+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-macros/macro/RSSReader.class.php | 181+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-macros/macro/Sitemap.class.php | 120+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-macros/macro/TableFromFile.class.php | 90+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-macros/macro/TagCloud.class.php | 67+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-macros/macro/TagList.class.php | 56++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-macros/macro/TeaserList.class.php | 115+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
modules/cms-macros/macro/Youtube.class.php | 60++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
185 files changed, 31195 insertions(+), 31195 deletions(-)

diff --git a/action/.htaccess b/action/.htaccess @@ -1,2 +0,0 @@ -order deny,allow -deny from all- \ No newline at end of file diff --git a/action/Action.class.php b/action/Action.class.php @@ -1,781 +0,0 @@ -<?php - -namespace { - - class ObjectNotFoundException extends Exception - { - } - - - define('OR_NOTICE_OK', 'ok'); - define('OR_NOTICE_WARN', 'warning'); - define('OR_NOTICE_ERROR', 'error'); - - define('OR_FILTER_ALPHA', 'abc'); - define('OR_FILTER_ALPHANUM', 'abc123'); - define('OR_FILTER_FILENAME', 'file'); - define('OR_FILTER_MAIL', 'mail'); - define('OR_FILTER_TEXT', 'text'); - define('OR_FILTER_FULL', 'full'); - define('OR_FILTER_NUMBER', '123'); - define('OR_FILTER_RAW', 'raw'); - define('OR_FILTER_ALL', 'all'); - - -} - - -namespace cms\action { - - use cms\model\User; - use \DomainException; - use \Html; - use \Session; -use \Logger; -use \Http; - use \template_engine\TemplateEngine; - use \Text; - use \XML; -use \JSON; -use \Exception; -use \LogicException; - -// OpenRat Content Management System -// Copyright (C) 2002-2012 Jan Dankert, cms@jandankert.de -// -// This program is free software; you can redistribute it and/or -// modify it under the terms of the GNU General Public License -// as published by the Free Software Foundation; either version 2 -// of the License, or (at your option) any later version. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License -// along with this program; if not, write to the Free Software -// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. - - - - - - /** - * Eltern-Klasse fuer alle Actions. - * - * Diese Klasse stellt grundlegende action-uebergreifende Methoden - * bereit. - * Dient als Ueberklasse fuer alle abgeleiteten Action-Klassen in - * diesem Package bzw. Verzeichnis. - * - * @author Jan Dankert - * @package openrat.actions - * @abstract - */ - class Action - { - public $db; - public $actionName; - public $subActionName; - public $actionClassName; - public $writable; - - public $publishing; - public $refresh; - - protected $templateVars = Array(); - - /** - * Aktuell angemeldeter Benutzer.<br> - * Wird in der Funktion "init()" gesetzt. - * - * @var Object Benutzer - */ - var $currentUser; - - - protected function setStyle($style) - { - $this->setControlVar("new_style", $style); - } - - - function nextView($viewName) - { - $this->setControlVar("next_view", $viewName); - } - - - /** - * Wird durch das Controller-Skript (do.php) nach der Kontruierung des Objektes aufgerufen. - * So koennen Unterklassen ihren eigenen Kontruktor besitzen, ohne den Superkontruktor - * (=diese Funktion) aufrufen zu m�ssen. - */ - public function init() - { - global $conf; - $this->writable = !$conf['security']['readonly']; - $this->publishing = !$conf['security']['nopublish']; - $this->currentUser = Session::getUser(); - - $this->templateVars['errors'] = array(); - $this->templateVars['notices'] = array(); - $this->templateVars['control'] = array(); - $this->templateVars['output'] = array(); - - header('Content-Language: ' . $conf['language']['language_code']); - - $this->refresh = false; - } - - - /** - * Liest eine Session-Variable - * - * @param String $varName Schl�ssel - * @return mixed - */ - protected function getSessionVar($varName) - { - global $SESS; - - if (!isset($SESS[$varName])) - return ''; - else return $SESS[$varName]; - } - - - /** - * Setzt eine Session-Variable - * - * @param string $varName Schluessel - * @param mixed $value Inhalt - * @return mixed - */ - protected function setSessionVar($varName, $value) - { - global $SESS; - - $SESS[$varName] = $value; - } - - - /** - * Ermittelt den Inhalt der gew�nschten Request-Variablen. - * Falls nicht vorhanden, wird "" zur�ckgegeben. - * - * @param String $varName Schl�ssel - * @return String Inhalt - */ - protected function getRequestVar($varName, $transcode = OR_FILTER_FULL) - { - global $REQ; - - if (!isset($REQ[$varName])) - return ''; - - - switch ($transcode) { - case OR_FILTER_ALPHA: - $white = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'; - break; - - case OR_FILTER_ALPHANUM: - $white = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789.,_-!?%&/()'; - break; - - case OR_FILTER_FILENAME: - // RFC 1738, Section 2.2: - // Thus, only alphanumerics, the special characters "$-_.+!*'(),", and - // reserved characters used for their reserved purposes may be used - // unencoded within a URL. - $white = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789$-_.+!*(),' . "'"; - break; - - case OR_FILTER_MAIL: - $white = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789._-@'; - break; - - case OR_FILTER_TEXT: - case OR_FILTER_FULL: - case OR_FILTER_ALL: - // Ausfiltern von Control-Chars ( ASCII < 32 außer CR,LF) und HTML (<,>) - $white = ''; - $white .= chr(10) . chr(13); // Line-Feed, Carriage-Return - for ($i = 32; $i <= 59; $i++) $white .= chr($i); // Zahlen - // 60: '<' - $white .= chr(61); - // 62: '>' - for ($i = 63; $i <= 126; $i++) $white .= chr($i); // abc - for ($i = 128; $i <= 255; $i++) $white .= chr($i); // Sonderzeichen incl. UTF-8, UTF-16 (beginnen mit Bit 1) - break; - - case OR_FILTER_NUMBER: - $white = '1234567890.'; - break; - - case OR_FILTER_RAW: - return $REQ[$varName]; - - default: - Http::serverError('Unknown request filter', 'not found: ' . $transcode); - return '?'; - } - - $value = $REQ[$varName]; - $newValue = Text::clean($value, $white); - - if (strlen($newValue) != strlen($value)) - $this->addNotice('', '', 'UNEXPECTED_CHARS', OR_NOTICE_WARN); - - return $newValue; - } - - - /** - * Ermittelt, ob der aktuelle Request eine Variable mit dem - * angegebenen Namen enth�lt. - * - * @param String $varName Schl�ssel - * @return boolean true, falls vorhanden. - */ - protected function hasRequestVar($varName) - { - global $REQ; - - return (isset($REQ[$varName]) && (!empty($REQ[$varName]) || $REQ[$varName] == '0')); - } - - - /** - * Ermittelt die aktuelle Id aus dem Request.<br> - * Um welche ID es sich handelt, ist abh�ngig von der Action. - * - * @return Integer - */ - protected function getRequestId() - { - if ($this->hasRequestVar('idvar')) - return intval($this->getRequestVar($this->getRequestVar('idvar'))); - else - return intval($this->getRequestVar(REQ_PARAM_ID)); - } - - - /** - * Setzt eine Variable f�r die Oberfl�che. - * - * @param String $varName Schl�ssel - * @param Mixed $value - */ - protected function setTemplateVar($varName, $value) - { - $this->templateVars['output'][$varName] = $value; - } - - - /** - * Setzt eine Variable f�r die Oberfl�che. - * - * @param String $varName Schl�ssel - * @param Mixed $value - */ - protected function setControlVar($varName, $value) - { - $this->templateVars['control'][$varName] = $value; - } - - - /** - * Setzt eine Liste von Variablen f�r die Oberfl�che. - * - * @param array $varList Assoziatives Array - */ - protected function setTemplateVars($varList) - { - foreach ($varList as $name => $value) { - $this->setTemplateVar($name, $value); - } - } - - - /** - * F�gt einen Validierungsfehler hinzu. - * - * @param String $name Name des validierten Eingabefeldes - * @param String Textschl�ssel der Fehlermeldung (optional) - */ - protected function addValidationError($name, $message = "COMMON_VALIDATION_ERROR", $vars = array(), $log = array()) - { - if (!empty($message)) - $this->addNotice('', '', $message, OR_NOTICE_ERROR, $vars, $log); - - $this->templateVars['errors'][] = $name; - } - - - public function handleResult($result) - { - // TODO - - } - - /** - * F�gt ein Meldung hinzu. - * - * @param String $type Typ des Objektes, zu dem diese Meldung geh�rt. - * @param String $name Name des Objektes, zu dem diese Meldung geh�rt. - * @param String $text Textschl�ssel der Fehlermeldung (optional) - * @param String $status Einer der Werte OR_NOTICE_(OK|WARN|ERROR) - * @param array $vars Variablen f�r den Textschl�ssel - * @param array $log Weitere Hinweistexte f�r diese Meldung. - */ - protected function addNotice($type, $name, $text, $status = OR_NOTICE_OK, $vars = array(), $log = array()) - { - if ($status === true) - $status = OR_NOTICE_OK; - elseif ($status === false) - $status = OR_NOTICE_ERROR; - - $this->templateVars['notice_status'] = $status; - $this->templateVars['status'] = $status; - $this->templateVars['success'] = ($status == OR_NOTICE_ERROR ? 'false' : 'true'); - - if ($status == OR_NOTICE_OK && isset($_COOKIE['or_ignore_ok_notices'])) - return; - - if (!is_array($log)) - $log = array($log); - - if (!is_array($vars)) - $vars = array($vars); - - $this->templateVars['notices'][] = array('type' => $type, - 'name' => $name, - 'key' => 'NOTICE_' . $text, - 'vars' => $vars, - 'text' => lang('NOTICE_' . $text, $vars), - 'log' => $log, - 'status' => $status); - } - - - /** - * Ausgabe des Templates.<br> - * <br> - * Erst hier soll die Ausgabe auf die Standardausgabe, also die - * Ausgabe f�r den Browser, starten.<br> - * <br> - */ - public function forward() - { - Session::close(); - global $conf; - - $db = db_connection(); - - if (is_object($db)) - $db->commit(); - - // Ablaufzeit für den Inhalt auf aktuelle Zeit setzen. - header('Expires: ' . substr(date('r', time() - date('Z')), 0, -5) . 'GMT', false); - - if ($conf['security']['content-security-policy']) - header('X-Content-Security-Policy: ' . 'allow \'self\'; img-src: *; script-src \'self\'; options inline-script'); - - - $httpAccept = getenv('HTTP_ACCEPT'); - $types = explode(',', $httpAccept); - - if (version_compare(PHP_VERSION, '4.3.0', '>=')) - Logger::trace('Output' . "\n" . print_r($this->templateVars, true)); - - // Weitere Variablen anreichern. - $this->templateVars['session'] = array('name' => session_name(), 'id' => session_id(), 'token' => token()); - $this->templateVars['version'] = OR_VERSION; - $this->templateVars['api'] = '2'; - - if (sizeof($types) == 1 && in_array('application/php-array', $types) || $this->getRequestVar('output') == 'php-array') { - if (version_compare(PHP_VERSION, '4.3.0', '<')) - Http::serverError('application/php-array is only available with PHP >= 4.3'); - - header('Content-Type: application/php-array; charset=UTF-8'); - echo print_r($this->templateVars, true); - exit; - } - - if (sizeof($types) == 1 && in_array('application/php-serialized', $types) || $this->getRequestVar('output') == 'php') { - header('Content-Type: application/php-serialized; charset=UTF-8'); - echo serialize($this->templateVars); - exit; - } - - if (sizeof($types) == 1 && in_array('application/json', $types) || $this->getRequestVar('output') == 'json') { - $json = new JSON(); - header('Content-Type: application/json; charset=UTF-8'); - if (function_exists('json_encode')) - // Native Methode ist schneller.. - echo json_encode($this->templateVars, JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES | JSON_NUMERIC_CHECK | JSON_PARTIAL_OUTPUT_ON_ERROR); - else - // Fallback, falls json_encode() nicht existiert... - echo $json->encode($this->templateVars); - exit; - } - - if (sizeof($types) == 1 && in_array('application/xml', $types) || $this->getRequestVar('output') == 'xml') { - require_once(OR_SERVICECLASSES_DIR . "XML.class." . PHP_EXT); - $xml = new XML(); - $xml->root = 'server'; // Name des XML-root-Elementes - header('Content-Type: application/xml; charset=UTF-8'); - echo $xml->encode($this->templateVars); - exit; - } - - header('Content-Type: text/html; charset=UTF-8'); - $this->setMenu(); - - $tplName = $this->actionName . '/' . $this->subActionName; - - -// if (isset($this->actionConfig[$this->subActionName]['target'])) -// $targetSubActionName = $this->actionConfig[$this->subActionName]['target']; -// else - $targetSubActionName = $this->subActionName; - - - global $REQ; - global $PHP_SELF; - global $HTTP_SERVER_VARS; - global $image_dir; - global $view; - - // Übertragen der Ausgabe-Variablen in den aktuellen Kontext - // - extract($this->templateVars['output']); - - // Setzen einiger Standard-Variablen - // - $tpl_dir = OR_THEMES_DIR . $conf['interface']['theme'] . '/pages/html/'; - $image_dir = OR_THEMES_EXT_DIR . $conf['interface']['theme'] . '/images/'; - - $user = Session::getUser(); - - $self = $HTTP_SERVER_VARS['PHP_SELF']; - - if (!empty($conf['interface']['override_title'])) - $cms_title = $conf['interface']['override_title']; - else - $cms_title = OR_TITLE . ' ' . OR_VERSION; - - $subActionName = $this->subActionName; - $actionName = $this->actionName; - $requestId = $this->getRequestId(); - - $iFile = 'themes/default/templates/' . $tplName . '.tpl.out.' . PHP_EXT; - - if (DEVELOPMENT) { - $srcXmlFilename = 'themes/default/templates/' . $tplName . '.tpl.src.xml'; - - // Das Template kompilieren. - // Aus dem XML wird eine PHP-Datei erzeugt. - try { - $te = new TemplateEngine(); - $te->compile($srcXmlFilename, $iFile); - unset($te); - } catch (Exception $e) { - throw new DomainException("Compilation failed for Template '$tplName'.", 0, $e); - } - header("X-CMS-Template-File: " . $iFile); - } - - - if (is_file($iFile)) - // Einbinden des Templates - require_once($iFile); - else - throw new LogicException("File '$iFile' not found."); - } - - - /** - * Ruft eine weitere Subaction auf. - * - * @param String $subActionName Name der n�chsten Subaction. Es muss eine Methode mit diesem Namen geben. - */ - protected function callSubAction($subActionName) - { - return; - - /* - * - if ( in_array($this->actionName,array('page','file','link','folder')) ) - Session::setSubaction( $subActionName ); - - $this->subActionName = $subActionName; - - Logger::trace("next subaction is '$subActionName'"); - - $this->$subActionName(); - */ - } - - - /** - * Ruft eine weitere Subaction auf. - * - * @param String $subActionName Name der n�chsten Subaction. Es muss eine Methode mit diesem Namen geben. - */ - protected function nextSubAction($subActionName) - { - $this->subActionName = $subActionName; - - Logger::trace("next subaction is '$subActionName'"); - - $methodName = $subActionName . ($_SERVER['REQUEST_METHOD'] == 'POST' ? 'Post' : 'View'); - $this->$methodName(); - } - - - /** - * Ermitteln, ob Benutzer Administratorrechte besitzt - * @return Boolean TRUE, falls der Benutzer ein Administrator ist. - */ - protected function userIsAdmin() - { - $user = Session::getUser(); - return is_object($user) && $user->isAdmin; - } - - - /** - * Ermitteln, ob Benutzer Administratorrechte besitzt - * @return Boolean TRUE, falls der Benutzer ein Administrator ist. - */ - public function userIsLoggedIn() - { - $user = Session::getUser(); - return is_object($user) && $user->isAdmin; - } - - - /** - * Ermitteln des Benutzerobjektes aus der Session - * @return User - */ - protected function getUserFromSession() - { - return Session::getUser(); - } - - - /** - * Benutzen eines sog. "Conditional GET". - * - * Diese Funktion setzt einen "Last-Modified"-HTTP-Header. - * Ist der Inhalt der Seite nicht neuer, so wird der Inhalt - * der Seite nicht ausgegeben, sondern nur HTTP-Status 304 - * ("304 not modified") gesetzt. - * Der Rest der Seite muss dann nicht mehr erzeugt werden, - * wodurch die Performance stark erhoeht werden kann. - * - * Credits: Danke an Charles Miller - * @see http://fishbowl.pastiche.org/2002/10/21/http_conditional_get_for_rss_hackers - * - * Gefunden auf: - * @see http://simon.incutio.com/archive/2003/04/23/conditionalGet - * - * @param Timestamp Letztes Aenderungsdatum des Objektes - */ - protected function lastModified($time, $expirationDuration = 0) - { - $user = Session::getUser(); - - // Conditional-Get eingeschaltet? - if (!config('cache', 'conditional_get')) - return; - - $expires = substr(date('r', time() + $expirationDuration - date('Z')), 0, -5) . 'GMT'; - $lastModified = substr(date('r', $time - date('Z')), 0, -5) . 'GMT'; - $etag = '"' . base_convert($time, 10, 36) . '"'; - - // Header senden - header('Expires: ' . $expires); - header('Last-Modified: ' . $lastModified); - header('ETag: ' . $etag); - - // Die vom Interpreter sonst automatisch gesetzten - // Header uebersteuern - header('Cache-Control: must-revalidate'); - header('Pragma:'); - - // See if the client has provided the required headers - $if_modified_since = isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) ? stripslashes($_SERVER['HTTP_IF_MODIFIED_SINCE']) : false; - $if_none_match = isset($_SERVER['HTTP_IF_NONE_MATCH']) ? stripslashes($_SERVER['HTTP_IF_NONE_MATCH']) : false; - - // Bug in Apache 2.2, mod_deflat adds '-gzip' to E-Tag - if (substr($if_none_match, -6) == '-gzip"') - $if_none_match = substr($if_none_match, 0, -6) . '"'; - - // At least one of the headers is there - check them - if ($if_none_match && $if_none_match != $etag) - return; // etag is there but doesn't match - - if ($if_modified_since && $if_modified_since != $lastModified) - return; // if-modified-since is there but doesn't match - - if (!$if_modified_since && !$if_none_match) - return; - - // Der entfernte Browser bzw. Proxy holt die Seite nun aus seinem Cache - header('HTTP/1.0 304 Not Modified'); - exit; // Sofortiges Skript-Ende - } - - - /** - * @param $max int max Anzahl der Sekunden, die die Seite im Browsercache bleiben darf - */ - protected function maxAge($max = 3600) - { - // Die Header "Last-Modified" und "ETag" wurden bereits in der - // Methode "lastModified()" gesetzt. - - header('Expires: ' . substr(date('r', time() - date('Z') + $max), 0, -5) . 'GMT'); - header('Pragma: '); // 'Pragma' ist Bullshit und - // wird von den meisten Browsern ignoriert. - header('Cache-Control: public, max-age=' . $max . ", s-maxage=" . $max); - } - - - protected function setMenu() - { - return; - - $windowMenu = array(); - $name = $this->actionConfig[$this->subActionName]['menu']; - $menuList = explode(',', $this->actionConfig['menu']['menu']); - //$menuList = explode(',',$this->actionConfig['menu'][$name]); - - if (isset($this->actionConfig[$this->subActionName]['menuaction'])) - $actionName = $this->actionConfig[$this->subActionName]['menuaction']; - else - $actionName = $this->subActionName; - - foreach ($menuList as $menuName) { - if (isset($this->actionConfig[$menuName]['alias'])) - $menuText = 'menu_' . $this->actionName . '_' . $this->actionConfig[$menuName]['alias']; - else - $menuText = 'menu_' . $this->actionName . '_' . $menuName; - - - $menuKey = 'accesskey_window_' . $menuName; - - $menuEntry = array('subaction' => $menuName, - 'text' => $menuText, - 'title' => $menuText . '_DESC', - 'key' => $menuKey); - - if ($this->checkMenu($menuName)) - $menuEntry['url'] = Html::url($actionName, $menuName, $this->getRequestId()); - - $windowMenu[] = $menuEntry; - } - $this->setTemplateVar('windowMenu', $windowMenu); - } - - - /** - * Ermittelt, ob der Men�punkt aktiv ist. - * Ob ein Men�punkt als aktiv angezeigt werden soll, steht meist erst zur Laufzeit fest. - * <br> - * Diese Methode kann von den Unterklassen �berschrieben werden. - * Falls diese Methode nicht �berschrieben wird, sind alle Men�punkte aktiv. - * - * @param String $name Logischer Name des Men�punktes - * @return boolean TRUE, wenn Men�punkt aktiv ist. - */ - protected function checkMenu($name) - { - // Standard: Alle Men�punkt sind aktiv. - return true; - } - - - /** - * Erzeugt einen Redirect auf einen bestimmte URL. - */ - protected function redirect($url) - { - $this->setControlVar('redirect', $url); - } - - - /** - * Sorgt dafür, dass alle anderen Views aktualisiert werden. - * - * Diese Methode sollte dann aufgerufen werden, wenn Objekte geändert werden - * und dies Einfluss auf andere Views hat. - */ - protected function refresh() - { - $this->refresh = true; - $this->setControlVar('refresh', true); - } - - - /** - * Setzt eine neue Perspektive für die Sitzung. - * - * @param String Name der Perspektive - */ - protected function setPerspective($name) - { - Session::set('perspective', $name); - $this->refresh(); - } - } - - -// TODO - nicht benutzt - interface ActionResult - { - public function getErrorField(); - - public function isSuccess(); - } - - class ActionResultSuccess implements ActionResult - { - public function isSuccess() - { - return true; - } - - public function getErrorField() - { - return null; - } - } - - class ActionResultError implements ActionResult - { - private $fieldName; - - public function __construct($name) - { - $this->fieldName = $name; - } - - public function isSuccess() - { - return false; - } - - public function getErrorField() - { - return $this->fieldName; - } - } - - -}- \ No newline at end of file diff --git a/action/ConfigurationAction.class.php b/action/ConfigurationAction.class.php @@ -1,116 +0,0 @@ -<?php - -namespace cms\action; - -// OpenRat Content Management System -// Copyright (C) 2002-2012 Jan Dankert, cms@jandankert.de -// -// This program is free software; you can redistribute it and/or -// modify it under the terms of the GNU General Public License -// as published by the Free Software Foundation; version 2. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License -// along with this program; if not, write to the Free Software -// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. - -use Session; -/** - * Action-Klasse fuer die Bearbeitung eines Template-Elementes. - * - * @author Jan Dankert - * @package openrat.actions - */ -class ConfigurationAction extends Action -{ - public $security = SECURITY_ADMIN; - - /** - * Konstruktor - */ - function __construct() - { - } - - - public function editView() - { - $this->nextSubAction('show'); - } - - - /** - * Anzeigen des Elementes - */ - function showView() - { - require_once('./util/config-default.php'); - $conf_default = $conf; - - $conf_cms = Session::getConfig(); - $conf_cms['system']['server'] = array( 'time' => date('r'), - 'os' => php_uname('s'), - 'host' => php_uname('n'), - 'release'=> php_uname('r'), - 'machine'=> php_uname('m'), - 'owner' => get_current_user(), - 'pid' => getmypid() ); - - - $conf_cms['system']['interpreter'] = array( 'version' => phpversion(), - 'SAPI' => php_sapi_name(), - 'session-name' => session_name(), - 'magic_quotes_gpc' => get_magic_quotes_gpc(), - 'magic_quotes_runtime'=> get_magic_quotes_runtime() ); - - unset($conf_cms['language']); - - foreach( array('upload_max_filesize', - 'file_uploads', - 'memory_limit', - 'max_execution_time', - 'post_max_size', - 'display_errors', - 'register_globals' - ) as $iniName ) - $conf_cms['system']['environment'][ $iniName ] = ini_get( $iniName ); - - $extensions = get_loaded_extensions(); - asort( $extensions ); - - foreach( $extensions as $id=>$extensionName ) - $conf_cms['system']['interpreter'][ 'extension' ][$extensionName] = 'loaded'; - - $flatDefaultConfig = flattenArray('',$conf_default); - $flatCMSConfig = flattenArray('',Session::getConfig()); - $flatConfig = flattenArray('',$conf_cms); - - $config = array(); - foreach( $flatConfig as $key=>$val ) - { - $config[] = array( 'key'=>$key,'value'=>$val,'class'=>(empty($flatCMSConfig[$key])?'readonly':(isset($flatDefaultConfig[$key]) && $flatDefaultConfig[$key]==$flatConfig[$key]?'default':'changed'))); - } - $this->setTemplateVar('config',$config ); - } -} - - -function flattenArray( $prefix,$arr ) -{ - $new = array(); - foreach( $arr as $key=>$val) - { - if ( is_array($val) ) - $new += flattenArray($prefix.$key.'.',$val); - else - $new[$prefix.$key] = $key=='password'?'*******************':$val; - } - return $new; -} - - -?>- \ No newline at end of file diff --git a/action/ElementAction.class.php b/action/ElementAction.class.php @@ -1,667 +0,0 @@ -<?php - -namespace cms\action; - - -use cms\model\Element; -use cms\model\Template; -use cms\model\Folder; -use cms\model\Object; -use Text; - - -// OpenRat Content Management System -// Copyright (C) 2002-2012 Jan Dankert, cms@jandankert.de -// -// This program is free software; you can redistribute it and/or -// modify it under the terms of the GNU General Public License -// as published by the Free Software Foundation; version 2. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License -// along with this program; if not, write to the Free Software -// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. - -/** - * Action-Klasse fuer die Bearbeitung eines Template-Elementes. - * - * @author Jan Dankert - * @package openrat.actions - */ -class ElementAction extends Action -{ - public $security = SECURITY_USER; - - var $element; - - private $template; - - /** - * Konstruktor - */ - function __construct() - { - if ( $this->getRequestId() == 0 ) - die('no element-id available'); - - $this->element = new Element( $this->getRequestId() ); - $this->element->load(); - - $this->setTemplateVar( 'elementid' ,$this->element->elementid ); - } - - - - /** - * Umbenennen des Elementes - */ - function editPost() - { - $this->element->name = $this->getRequestVar('name' ,OR_FILTER_ALPHANUM); - $this->element->desc = $this->getRequestVar('description','all' ); - - $this->element->save(); - $this->element->load(); - - $this->addNotice('element',$this->element->name,'SAVED',OR_NOTICE_OK); - } - - - - /** - * Umbenennen des Elementes - */ - function deleteView() - { - $this->setTemplateVar( 'name' ,$this->element->name ); - } - - - /** - * Entfernen des Elementes - */ - function deletePost() - { - if ( !$this->hasRequestVar('confirm') ) - { - $this->addValidationError('confirm'); - return; - } - - $type = $this->getRequestVar('type','abc'); - - if ( $type == 'value' ) - { - $this->element->deleteValues(); - $this->addNotice('element',$this->template->name,'DELETED',OR_NOTICE_OK); - } - elseif ( $type == 'all' ) - { - $this->element->delete(); - $this->addNotice('element',$this->template->name,'DELETED',OR_NOTICE_OK); - } - } - - - - /** - * Aendern des Element-Typs - */ - function typePost() - { - if ( !$this->userIsAdmin() && $this->getRequestVar('type') == 'code' ) - { - // Code-Elemente fuer Nicht-Administratoren nicht benutzbar - $this->addNotice('element',$this->template->name,'CANCELED',OR_NOTICE_ERROR); - } - else - { - // Neuen Typ setzen und speichern - $this->element->setType( $this->getRequestVar('type') ); - $this->addNotice('element',$this->element->name,'SAVED',OR_NOTICE_OK); - } - } - - - /** - * Anzeigen des Elementes - */ - function editView() - { - - // Name und Beschreibung - $this->setTemplateVar('name' ,$this->element->name); - - $this->setTemplateVar('description',$this->element->desc); - } - - - - function typeView - () - { - // Die verschiedenen Element-Typen - $types = array(); - - foreach( $this->element->getAvailableTypes() as $t ) - $types[ $t ] = 'EL_'.$t; - - // Code-Element nur fuer Administratoren (da voller Systemzugriff!) - if ( !$this->userIsAdmin() ) - unset( $types['code'] ); - - // Liste aller Elementtypen - $this->setTemplateVar('types',$types); - - // Aktueller Typ - $this->setTemplateVar('type',$this->element->type); - } - - - - /** - * Auswahlmaske f�r weitere Einstellungen zum Template-Element. - * - */ - function infoView() - { - $this->setTemplateVar('id' ,$this->element->elementid ); - $this->setTemplateVar('name',$this->element->name ); - } - - /** - * Auswahlmaske f�r weitere Einstellungen zum Template-Element. - * - */ - function propView() - { - global $conf; - $this->setTemplateVar('type',$this->element->type ); - - // Abhaengig vom aktuellen Element-Typ die Eigenschaften anzeigen - $properties = $this->element->getRelatedProperties(); - - foreach( $this->element->getRelatedProperties() as $propertyName ) - { - switch( $propertyName ) - { - case 'withIcon': - $this->setTemplateVar('with_icon' ,$this->element->withIcon ); - break; - - case 'allLanguages': - $this->setTemplateVar('all_languages',$this->element->allLanguages); - break; - - case 'writable': - $this->setTemplateVar('writable' ,$this->element->writable ); - break; - - case 'subtype': - - $convertToLang = false; - switch( $this->element->type ) - { - case 'info': - $subtypes = Array('db_id', - 'db_name', - 'project_id', - 'project_name', - 'language_id', - 'language_iso', - 'language_name', - 'page_id', - 'page_name', - 'page_desc', - 'page_fullfilename', - 'page_filename', - 'page_extension', - 'edit_url', - 'edit_fullurl', - 'lastch_user_username', - 'lastch_user_fullname', - 'lastch_user_mail', - 'lastch_user_desc', - 'lastch_user_tel', - 'create_user_username', - 'create_user_fullname', - 'create_user_mail', - 'create_user_desc', - 'create_user_tel', - 'act_user_username', - 'act_user_fullname', - 'act_user_mail', - 'act_user_desc', - 'act_user_tel' ); - $convertToLang = true; - break; - - case 'infodate': - case 'linkdate': - $subtypes = Array('date_published', - 'date_saved', - 'date_created' ); - $convertToLang = true; - break; - - case 'link': - $subtypes = Array( - 'file', - 'image', - 'image_data_uri', - 'page', - 'folder', - 'link' ); - $convertToLang = true; - break; - - case 'linkinfo': - $subtypes = Array('width', - 'height', - 'id', - 'name', - 'description', - 'mime-type', - 'lastch_user_username', - 'lastch_user_fullname', - 'lastch_user_mail', - 'lastch_user_desc', - 'lastch_user_tel', - 'create_user_username', - 'create_user_fullname', - 'create_user_mail', - 'create_user_desc', - 'create_user_tel', - 'filename', - 'full_filename' ); - $convertToLang = true; - break; - - case 'insert': - $subtypes = Array('inline', - 'ssi' ); - $convertToLang = true; - break; - - case 'dynamic': - - $files = Array(); - $handle = opendir ('./macro'); - while ( $file = readdir($handle) ) - { - $file = substr($file,0,strlen($file)-10); - if ( $file != '' ) - $files[$file] = $file; - } - closedir($handle); - - $subtypes = $files; - break; - - default: - $subtypes = array(); - break; - } - - if ( $convertToLang ) - { - foreach( $subtypes as $t=>$v ) - { - unset($subtypes[$t]); - $subtypes[$v] = lang('EL_'.$this->element->type.'_'.$v); - } - } - - // Variable $subtype muss existieren, um Anzeige des Feldes zu erzwingen. - if (!isset($this->element->subtype)) - $this->element->subtype=''; - - $this->setTemplateVar('subtypes',$subtypes ); - $this->setTemplateVar('subtype' ,$this->element->subtype); - - break; - - - case 'dateformat': - - $ini_date_format = $conf['date']['format']; - $dateformat = array(); - - $this->setTemplateVar('dateformat',''); - - foreach($ini_date_format as $idx=>$d) - { - if ( strpos($d,'%')!==FALSE ) - $dateformat[$idx] = strftime($d); - else - $dateformat[$idx] = date($d); - if ( $d == $this->element->dateformat ) - $this->setTemplateVar('dateformat',$idx); - } - - $this->setTemplateVar('dateformats',$dateformat); - - break; - - - // Eigenschaften Text und Text-Absatz - case 'defaultText': - - switch( $this->element->type ) - { - case 'longtext': - $this->setTemplateVar('default_longtext',$this->element->defaultText ); - break; - - case 'select': - case 'text': - $this->setTemplateVar('default_text' ,$this->element->defaultText ); - break; - } - break; - - - case 'htmlwiki': - if ( !$this->element->wiki && !$this->element->html ) - $format = 'none'; - elseif ( $this->element->wiki && !$this->element->html ) - $format = 'wiki'; - elseif ( !$this->element->wiki && $this->element->html ) - $format = 'html'; - elseif ( $this->element->wiki && $this->element->html ) - $format = 'wiki,html'; - - $this->setTemplateVar('format', $format ); - - $formatlist = array(); - $formatlist['none' ] = 'raw'; // Nur Text, ohne Auszeichnungen - // Für einfache Textelemente gibt es keinen HTML-Editor - if ( $this->element->type == 'longtext' ) - $formatlist['html' ] = 'html'; // Text mit HTML-Editor - $formatlist['wiki' ] = 'wiki'; // Text mit Markup, HTML nicht erlaubt - $formatlist['wiki,html'] = 'wikihtml'; // Text mit Markup, HTML erlaubt - - foreach( $formatlist as $t=>$v ) - $formatlist[$t] = array('lang'=>'EL_PROP_'.$v); - - $this->setTemplateVar('formatlist', $formatlist ); - break; - - case 'linktype': - $this->setTemplateVar('linktype', $this->element->wiki ); - $this->setTemplateVar('linktypelist', array('page','file','link') ); - break; - - case 'prefix': - $t = new Template( $this->element->templateid ); - - $elements = array(); - foreach( $t->getElements() as $element ) - { - if ( $element->type == 'link' ) - $elements[$element->name] = $element->name; - } - unset($t); - - $this->setTemplateVar('linkelements',$elements ); - - list($linkElementName,$targetElementName) = explode('%',$this->element->name.'%'); - $this->setTemplateVar('linkelement',$linkElementName ); - - break; - - case 'name': - - $names = array(); - - foreach( Template::getAll() as $tid=>$name ) - { - $t = new Template( $tid ); - $t->load(); - - foreach( $t->getElements() as $element ) - { - if ( !in_array($element->type,array('copy','linkinfo','link')) ) - $names[$element->name] = $t->name.' - '.$element->name.' ('.lang('EL_'.$element->type).')'; - } - unset($t); - } - - - $this->setTemplateVar('names',$names ); - - list($linkElementName,$targetElementName) = explode('%',$this->element->name.'%'); - $this->setTemplateVar('name',$targetElementName ); - break; - - // Eigenschaften PHP-Code - case 'code': - - switch( $this->element->type ) - { - - case 'select': - $this->setTemplateVar('select_items',$this->element->code ); - break; - - case 'dynamic': - - $className = $this->element->subtype; - $fileName = OR_DYNAMICCLASSES_DIR.'/'.$className.'.class.'.PHP_EXT; - - if ( is_file( $fileName ) ) - { - require( $fileName ); - - if ( class_exists($className) ) - { - $dynEl = new $className; - - $desc = array(); - - $description = $dynEl->description; - $paramList = array(); - - $old = $this->element->getDynamicParameters(); - $parameters = ''; - - foreach( get_object_vars($dynEl) as $paramName=>$paramDesc ) - { - if ( isset( $dynEl->$paramName ) ) - { - if ( is_object($dynEl->$paramName)) - continue; - if ( is_array($dynEl->$paramName)) - continue; - if ( in_array($paramName,array('output'))) - continue; - $paramList[$paramName] = $dynEl->$paramName; - - $parameters .= $paramName.':'; - if ( !empty($old[$paramName]) ) - $parameters .= $old[$paramName]; - else - $parameters .= $dynEl->$paramName; - $parameters .= "\n"; - } - } - - $this->setTemplateVar('dynamic_class_description',$dynEl->description ); - $this->setTemplateVar('dynamic_class_parameters' ,$paramList ); - $this->setTemplateVar('parameters' ,$parameters ); - } - } - - break; - - case 'code': - if ( $conf['security']['disable_dynamic_code'] ) - $this->addNotice('element',$this->element->name,'CODE_DISABLED',OR_NOTICE_WARN); - - $this->setTemplateVar('code',$this->element->code); - break; - } - break; - - - case 'decimals': - $this->setTemplateVar('decimals' ,$this->element->decimals ); - break; - - case 'decPoint': - $this->setTemplateVar('dec_point' ,$this->element->decPoint ); - break; - - case 'thousandSep': - $this->setTemplateVar('thousand_sep' ,$this->element->thousandSep ); - break; - - - // Eigenschaften Link - case 'defaultObjectId': - - $objects = array(); - - // Ermitteln aller verfuegbaren Objekt-IDs - foreach( Folder::getAllObjectIds() as $id ) - { - $o = new Object( $id ); - $o->load(); - - switch( $this->element->type ) - { - case 'list': - if ( !$o->isFolder ) - continue 2; - break; - - case 'link': - if ( !$o->isPage && !$o->isFile && !$o->isLink ) - continue 2; - break; - //Change tobias - case 'insert': - if ( !$o->isFolder && !$o->isPage && !$o->isFile && !$o->isLink ) - continue 2; - break; - //Change tobias end - default: - continue 2; - } - - $objects[ $id ] = lang( $o->getType() ).': '; - - if ( !$o->isRoot ) - { - $f = new Folder( $o->parentid ); - $f->load(); - $names = $f->parentObjectNames(false,true); - foreach( $names as $fid=>$name ) - $names[$fid] = Text::maxLength($name,15,'..',STR_PAD_BOTH); - $objects[ $id ] .= implode( FILE_SEP,$names ); - } - - $objects[ $id ] .= FILE_SEP.$o->name; - } - - asort( $objects ); // Sortieren - - $this->setTemplateVar('objects',$objects); - - $this->setTemplateVar('default_objectid',$this->element->defaultObjectId); - - break; - - - case 'folderObjectId': - - $folders = array(); - - // Ermitteln aller verf?gbaren Objekt-IDs - foreach( Folder::getAllFolders() as $id ) - { - $o = new Object( $id ); - $o->load(); - - $folders[ $id ] = ''; - if ( !$o->isRoot ) - { - $f = new Folder( $o->parentid ); - $f->load(); - $names = $f->parentObjectNames(true,true); - foreach( $names as $fid=>$name ) - $names[$fid] = Text::maxLength($name,15,'..',STR_PAD_BOTH); - $folders[ $id ] = implode( ' &raquo; ',$names ); - $folders[ $id ] .= ' &raquo; '; - } - $folders[ $id ] .= $o->name; - } - - asort( $folders ); // Sortieren - - $this->setTemplateVar('folders',$folders); - - $this->setTemplateVar('folderobjectid' ,$this->element->folderObjectId ); - - break; - - default: - throw new \LogicException('not an element property: '.$propertyName ); - } - } - } - - - - /** - * Speichern der Element-Eigenschaften - */ - function propPost() - { - global $conf; - $ini_date_format = $conf['date']['format']; - - if ( $this->hasRequestVar('dateformat')) - $this->element->dateformat = $ini_date_format[$this->getRequestVar('dateformat')]; - $this->element->subtype = $this->getRequestVar('subtype'); - - if ( $this->hasRequestVar('default_longtext')) - $this->element->defaultText = $this->getRequestVar('default_longtext',OR_FILTER_RAW); - else - $this->element->defaultText = $this->getRequestVar('default_text',OR_FILTER_ALPHANUM); - $this->element->wiki = in_array('wiki',explode(',',$this->getRequestVar('format'))); - $this->element->html = in_array('html',explode(',',$this->getRequestVar('format'))); - $this->element->withIcon = $this->getRequestVar('with_icon') != ''; - $this->element->allLanguages = $this->getRequestVar('all_languages') != ''; - $this->element->writable = $this->getRequestVar('writable') != ''; - $this->element->decimals = $this->getRequestVar('decimals'); - $this->element->decPoint = $this->getRequestVar('dec_point'); - $this->element->thousandSep = $this->getRequestVar('thousand_sep'); - $this->element->folderObjectId = $this->getRequestVar('folderobjectid' ); - $this->element->defaultObjectId = $this->getRequestVar('default_objectid'); - if ( $this->hasRequestVar('select_items')) - $this->element->code = $this->getRequestVar('select_items'); - else - $this->element->code = $this->getRequestVar('code' ,'raw'); - - if ( $this->hasRequestVar('name') ) - $this->element->name = $this->getRequestVar('name'); - - if ( $this->hasRequestVar('linkelement') ) - $this->element->setPrefix( $this->getRequestVar('linkelement') ); - - if ( $this->hasRequestVar('parameters')) - $this->element->code = $this->getRequestVar('parameters',OR_FILTER_RAW); - -// Html::debug($this->element); - $this->element->save(); - $this->addNotice('element',$this->element->name,'SAVED'); - - } -} - -?>- \ No newline at end of file diff --git a/action/FileAction.class.php b/action/FileAction.class.php @@ -1,815 +0,0 @@ -<?php - -namespace cms\action; - -use cms\model\Folder; -use cms\model\Object; -use cms\model\File; - -use Http; -use \Html; - -// OpenRat Content Management System -// Copyright (C) 2002-2012 Jan Dankert, cms@jandankert.de -// -// This program is free software; you can redistribute it and/or -// modify it under the terms of the GNU General Public License -// as published by the Free Software Foundation; either version 2 -// of the License, or (at your option) any later version. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License -// along with this program; if not, write to the Free Software -// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. - - -/** - * Action-Klasse zum Bearbeiten einer Datei - * @author $Author$ - * @version $Revision$ - * @package openrat.actions - */ -class FileAction extends ObjectAction -{ - public $security = SECURITY_USER; - - var $file; - var $defaultSubAction = 'show'; - - /** - * Konstruktor - */ - function __construct() - { - $this->file = new File( $this->getRequestId() ); - $this->file->load(); - } - - - /** - * Ersetzt den Inhalt mit einer anderen Datei - */ - public function editPost() - { - $upload = new Upload(); - - $this->file->filename = $upload->filename; - $this->file->extension = $upload->extension; - $this->file->size = $upload->size; - $this->file->save(); - - $this->file->value = $upload->value; - $this->file->saveValue(); - $this->file->setTimestamp(); - - //$setTemplateVar('tree_refresh',true); - $this->addNotice($this->file->getType(),$this->file->name,'VALUE_SAVED','ok'); - } - - - public function valuePost() - { - $this->file->value = $this->getRequestVar('value',OR_FILTER_RAW); - $this->file->saveValue(); - - $this->addNotice($this->file->getType(),$this->file->name,'VALUE_SAVED','ok'); - $this->file->setTimestamp(); - } - - - /** - * Abspeichern der Eigenschaften zu dieser Datei. - * - */ - function propPost() - { - // Eigenschaften speichern - $this->file->filename = $this->getRequestVar('filename' ,OR_FILTER_FILENAME); - $this->file->name = $this->getRequestVar('name' ,OR_FILTER_FULL ); - $this->file->extension = $this->getRequestVar('extension' ,OR_FILTER_FILENAME); - $this->file->desc = $this->getRequestVar('description',OR_FILTER_FULL ); - - $this->file->save(); - $this->file->setTimestamp(); - $this->addNotice($this->file->getType(),$this->file->name,'PROP_SAVED','ok'); - } - - - - /** - * Anzeigen des Inhaltes, der Inhalt wird samt Header direkt - * auf die Standardausgabe geschrieben - */ - function previewView() - { - $url = Html::url('file','show',$this->file->objectid,array('target'=>'none') ); - $this->setTemplateVar('preview_url',$url ); - - $this->setTemplateVar('image',$this->file->isImage() ); - - } - - - /** - * Anzeigen des Inhaltes, der Inhalt wird samt Header direkt - * auf die Standardausgabe geschrieben - */ - function showView() - { - $this->lastModified( $this->file->lastchangeDate ); - - if ( $this->file->extension == 'gz' ) - { - global $conf; - $mime_types = $conf['mime-types']; - - $pos = strrpos($this->file->filename,'.'); - if ( $pos === false ) - $ext = ''; - else - $ext = substr($this->file->filename,$pos+1); - - $ext = strtolower($ext); - - if ( !empty($mime_types[$ext]) ) - $mime_type = $mime_types[$ext]; - else - // Wenn kein Mime-Type gefunden, dann Standartwert setzen - $mime_type = OR_FILE_DEFAULT_MIMETYPE; - - header('Content-Type: '.$mime_type ); - header('Content-Encoding: gzip' ); - } - else - { - // Angabe Content-Type - header('Content-Type: '.$this->file->mimeType() ); - } - - header('X-File-Id: ' .$this->file->fileid ); - header('X-Id: ' .$this->file->id ); - - // Angabe Content-Disposition - // - Bild soll "inline" gezeigt werden - // - Dateiname wird benutzt, wenn der Browser das Bild speichern moechte - header('Content-Disposition: inline; filename='.$this->file->filenameWithExtension() ); - header('Content-Transfer-Encoding: binary' ); - header('Content-Description: '.$this->file->name ); - - $this->file->write(); // Bild aus Datenbank laden - - // Groesse des Bildes in Bytes - // Der Browser hat so die Moeglichkeit, einen Fortschrittsbalken zu zeigen - header('Content-Length: '.filesize($this->file->tmpfile()) ); - - if ( in_array( getenv('HTTP_ACCEPT'),array('application/php-array','application/php-serialized','application/json','application/xml'))) - { - $this->setTemplateVar('encoding', 'base64'); - $this->setTemplateVar('value' , base64_encode($this->file->tmpfile()) ); - } - // Unterscheidung, ob PHP-Code in der Datei ausgefuehrt werden soll. - elseif ( ( config('publish','enable_php_in_file_content')=='auto' && $this->file->getRealExtension()=='php') || - config('publish','enable_php_in_file_content')===true ) - // PHP-Code ausfuehren - require( $this->file->tmpfile() ); - else - // PHP-Code nicht ausfuehren, Datei direkt auf die Standardausgabe schreiben - readfile( $this->file->tmpfile() ); - exit; - } - - - function imageFormat() - { - if ( ! function_exists( 'imagetypes' ) ) - return 0; - - $ext = strtolower($this->file->getRealExtension()); - $types = imagetypes(); - $formats = array( 'gif' =>IMG_GIF, - 'jpg' =>IMG_JPG, - 'jpeg'=>IMG_JPG, - 'png' =>IMG_PNG ); - - if ( !isset($formats[$ext]) ) - return 0; - - if ( $types & $formats[$ext] ) - return $formats[$ext]; - - return 0; - } - - - - function imageExt() - { - switch( $this->imageFormat() ) - { - case IMG_GIF: - return 'GIF'; - case IMG_JPG: - return 'JPEG'; - case IMG_PNG: - return 'PNG'; - } - } - - - - function imageFormats() - { - if ( ! function_exists( 'imagetypes' ) ) - return array(); - - $types = imagetypes(); - $formats = array( IMG_GIF => 'gif', - IMG_JPG => 'jpeg', - IMG_PNG => 'png' ); - $formats2 = $formats; - - foreach( $formats as $b=>$f ) - if ( !($types & $b) ) - unset( $formats2[$b] ); - - return $formats2; - } - - - - /** - * Anzeigen des Inhaltes - */ - function sizeView() - { - $this->setTemplateVars( $this->file->getProperties() ); - - $format = $this->imageFormat(); - - if ( $format == 0 ) - { - $this->addNotice( 'image','','IMAGE_RESIZING_UNKNOWN_TYPE',OR_NOTICE_WARN); - } - - $formats = $this->imageFormats(); - - if ( empty($formats) ) - $this->addNotice( 'image','','IMAGE_RESIZING_NOT_AVAILABLE',OR_NOTICE_WARN); - - $sizes = array(); - foreach( array(10,25,50,75,100,125,150,175,200,250,300,350,400,500,600,800) as $s ) - $sizes[strval($s/100)] = $s.'%'; - - $jpeglist = array(); - for ($i=10; $i<=95; $i+=5) - $jpeglist[$i]=$i.'%'; - - $this->setTemplateVar('factors' ,$sizes ); - $this->setTemplateVar('jpeglist' ,$jpeglist ); - $this->setTemplateVar('formats' ,$formats ); - $this->setTemplateVar('format' ,$format ); - $this->setTemplateVar('factor' ,1 ); - - $this->file->getImageSize(); - $this->setTemplateVar('width' ,$this->file->width ); - $this->setTemplateVar('height',$this->file->height ); - $this->setTemplateVar('type' ,'input' ); - } - - - - - /** - * Bildgroesse eines Bildes aendern - */ - public function sizePost() - { - $width = intval($this->getRequestVar('width' )); - $height = intval($this->getRequestVar('height' )); - $jpegcompression = $this->getRequestVar('jpeg_compression') ; - $format = $this->getRequestVar('format' ) ; - $factor = $this->getRequestVar('factor' ) ; - - if ( $this->getRequestVar('type') == 'input' && - ! $this->hasRequestVar('width' ) && - ! $this->hasRequestVar('height') ) - { - $this->addValidationError('width','INPUT_NEW_IMAGE_SIZE' ); - $this->addValidationError('height',''); - $this->callSubAction('size'); - return; - } - - if ( $this->hasRequestVar('copy') ) - { - // Datei neu anlegen. - $imageFile = new File($this->file->objectid); - $imageFile->load(); - $imageFile->name = lang('copy_of').' '.$imageFile->name; - $imageFile->desription = lang('copy_of').' '.$imageFile->description; - $imageFile->filename = $imageFile->filename.'_resized_'.time(); - $imageFile->add(); - $imageFile->copyValueFromFile( $this->file->objectid ); - } - else - { - $imageFile = $this->file; - } - - if ( $this->getRequestVar('type') == 'factor') - { - $width = 0; - $height = 0; - } - else - { - $factor = 1; - } - - $imageFile->write(); - - $imageFile->imageResize( intval($width),intval($height),$factor,$this->imageFormat(),$format,$jpegcompression ); - $imageFile->setTimestamp(); - $imageFile->save(); // Um z.B. Groesse abzuspeichern - $imageFile->saveValue(); - - $this->addNotice($imageFile->getType(),$imageFile->name,'IMAGE_RESIZED','ok'); - } - - - function propView() - { - - global $conf; - - if ( $this->file->filename == $this->file->objectid ) - $this->file->filename = ''; - - // Eigenschaften der Datei uebertragen - $this->setTemplateVars( $this->file->getProperties() ); - - $this->setTemplateVar('size',number_format($this->file->size/1000,0,',','.').' kB' ); - $this->setTemplateVar('full_filename',$this->file->full_filename()); - - if ( is_file($this->file->tmpfile())) - { - $this->setTemplateVar('cache_filename' ,$this->file->tmpfile()); - $this->setTemplateVar('cache_filemtime',@filemtime($this->file->tmpfile())); - } - - // Alle Seiten mit dieser Datei ermitteln - $pages = $this->file->getDependentObjectIds(); - - $list = array(); - foreach( $pages as $id ) - { - $o = new Object( $id ); - $o->load(); - $list[$id] = array(); - $list[$id]['url' ] = Html::url('main','page',$id); - $list[$id]['name'] = $o->name; - } - asort( $list ); - $this->setTemplateVar('pages',$list); - $this->setTemplateVar('edit_filename',$conf['filename']['edit']); - } - - - public function infoView() - { - - global $conf; - - if ( $this->file->filename == $this->file->objectid ) - $this->file->filename = ''; - - // Eigenschaften der Datei uebertragen - $this->setTemplateVars( $this->file->getProperties() ); - - $this->setTemplateVar('size',number_format($this->file->size/1000,0,',','.').' kB' ); - $this->setTemplateVar('full_filename',$this->file->full_filename()); - - if ( is_file($this->file->tmpfile())) - { - $this->setTemplateVar('cache_filename' ,$this->file->tmpfile()); - $this->setTemplateVar('cache_filemtime',@filemtime($this->file->tmpfile())); - } - - // Alle Seiten mit dieser Datei ermitteln - $pages = $this->file->getDependentObjectIds(); - - $list = array(); - foreach( $pages as $id ) - { - $o = new Object( $id ); - $o->load(); - $list[$id] = array(); - $list[$id]['url' ] = Html::url('main','page',$id); - $list[$id]['name'] = $o->name; - } - asort( $list ); - $this->setTemplateVar('pages',$list); - $this->setTemplateVar('edit_filename',$conf['filename']['edit']); - } - - - /** - * Anzeigen des Inhaltes - */ - function editView() - { - global $conf; - // MIME-Types aus Datei lesen - $this->setTemplateVars( $this->file->getProperties() ); - } - - - /** - * Anzeigen des Inhaltes - */ - function upload() - { - } - - - /** - * Anzeigen des Inhaltes - */ - function valueView() - { - global $conf; - // MIME-Types aus Datei lesen - $this->setTemplateVars( $this->file->getProperties() ); - $this->setTemplateVar('value',$this->file->loadValue()); - } - - - /** - * Anzeigen des Inhaltes - */ - function extractView() - { - $this->setTemplateVars( $this->file->getProperties() ); - - $imageFormat = $this->imageFormat(); - } - - - /** - * Anzeigen des Inhaltes - */ - function uncompressView() - { - } - - - /** - * Anzeigen des Inhaltes - */ - function uncompressPost() - { - switch( $this->file->extension ) - { - case 'gz': - if ( $this->getRequestVar('replace') ) - { - if ( strcmp(substr($this->file->loadValue(),0,2),"\x1f\x8b")) - { - Http::serverError("Not GZIP format (See RFC 1952)"); - } - $method = ord(substr($this->file->loadValue(),2,1)); - if ( $method != 8 ) - { - Http::serverError("Unknown GZIP method: $method"); - } - $this->file->value = gzinflate( substr($this->file->loadValue(),10)); - $this->file->parse_filename( $this->file->filename ); - $this->file->save(); - $this->file->saveValue(); - } - else - { - $newFile = new File(); - $newFile->name = $this->file->name; - $newFile->parentid = $this->file->parentid; - $newFile->value = gzinflate( substr($this->file->loadValue(),10)); - $newFile->parse_filename( $this->file->filename ); - $newFile->add(); - } - - break; - - case 'bz2': - if ( $this->getRequestVar('replace') ) - { - $this->file->value = bzdecompress($this->file->loadValue()); - $this->file->parse_filename( $this->file->filename ); - $this->file->save(); - $this->file->saveValue(); - } - else - { - $newFile = new File(); - $newFile->name = $this->file->name; - $newFile->parentid = $this->file->parentid; - $newFile->value = bzdecompress( $this->file->loadValue() ); - $newFile->parse_filename( $this->file->filename ); - $newFile->add(); - } - - break; - - default: - die( 'cannot uncompress file with extension: '.$this->file->extension ); - } - - $this->addNotice('file',$this->file->name,'DONE',OR_NOTICE_OK); - $this->callSubAction('edit'); - } - - - - /** - * Anzeigen des Inhaltes - */ - function extractPost() - { - switch( $this->file->extension ) - { - case 'tar': - $folder = new Folder(); - $folder->parentid = $this->file->parentid; - $folder->name = $this->file->name; - $folder->filename = $this->file->filename; - $folder->add(); - - $tar = new ArchiveTar(); - $tar->openTAR( $this->file->loadValue() ); - - foreach( $tar->files as $file ) - { - $newFile = new File(); - $newFile->name = $file['name']; - $newFile->parentid = $folder->objectid; - $newFile->value = $file['file']; - $newFile->parse_filename( $file['name'] ); - $newFile->lastchangeDate = $file['time']; - $newFile->add(); - - $this->addNotice('file',$newFile->name,'ADDED'); - } - - unset($tar); - - break; - - case 'zip': - - $folder = new Folder(); - $folder->parentid = $this->file->parentid; - $folder->name = $this->file->name; - $folder->filename = $this->file->filename; - $folder->description = $this->file->fullFilename; - $folder->add(); - - $zip = new ArchiveUnzip(); - $zip->open( $this->file->loadValue() ); - - $lista = $zip->getList(); - - if(sizeof($lista)) foreach($lista as $fileName=>$trash){ - - - $newFile = new File(); - $newFile->name = basename($fileName); - $newFile->description = 'Extracted: '.$this->file->fullFilename.' -> '.$fileName; - $newFile->parentid = $folder->objectid; - $newFile->parse_filename( basename($fileName) ); - - $newFile->value = $zip->unzip($fileName); - $newFile->add(); - - $this->addNotice('file',$newFile->name,'ADDED'); - unset($newFile); - } - - $zip->close(); - unset($zip); - - break; - - default: - die( 'cannot extract file with extension: '.$this->file->extension ); - } - $this->callSubAction('edit'); - } - - - - /** - * Anzeigen des Inhaltes - */ - function compressView() - { - $formats = array(); - foreach( $this->getCompressionTypes() as $t ) - $formats[$t] = lang('compression_'.$t); - - $this->setTemplateVar('formats' ,$formats ); - } - - - - /** - * Anzeigen des Inhaltes - */ - function compressPost() - { - $format = $this->getRequestVar('format',OR_FILTER_ALPHANUM); - - switch( $format ) - { - case 'gz': - if ( $this->getRequestVar('replace',OR_FILTER_NUMBER)=='1' ) - { - $this->file->value = gzencode( $this->file->loadValue(),1 ); - $this->file->parse_filename( $this->file->filename.'.'.$this->file->extension.'.gz',FORCE_GZIP ); - $this->file->save(); - $this->file->saveValue(); - - } - else - { - $newFile = new File(); - $newFile->name = $this->file->name; - $newFile->parentid = $this->file->parentid; - $newFile->value = gzencode( $this->file->loadValue(),1 ); - $newFile->parse_filename( $this->file->filename.'.'.$this->file->extension.'.gz',FORCE_GZIP ); - $newFile->add(); - } - - break; - - case 'bzip2': - if ( $this->getRequestVar('replace')=='1' ) - { - $this->file->value = bzcompress( $this->file->loadValue() ); - $this->file->parse_filename( $this->file->filename.'.'.$this->file->extension.'.bz2' ); - $this->file->save(); - $this->file->saveValue(); - - } - else - { - $newFile = new File(); - $newFile->name = $this->file->name; - $newFile->parentid = $this->file->parentid; - $newFile->value = bzcompress( $this->file->loadValue() ); - $newFile->parse_filename( $this->file->filename.'.'.$this->file->extension.'.bz2' ); - $newFile->add(); - } - - break; - default: - die( 'unknown compress type: '.$format ); - } - - $this->addNotice('file',$this->file->name,'DONE',OR_NOTICE_OK); - $this->callSubAction('edit'); - } - - - /** - * Datei veroeffentlichen - */ - function pubView() - { - } - - - /** - * Datei veroeffentlichen - */ - function pubPost() - { - $this->file->publish(); - $this->file->publish->close(); - - $this->addNotice('file',$this->file->fullFilename,'PUBLISHED'.($this->file->publish->ok?'':'_ERROR'),$this->file->publish->ok,array(),$this->file->publish->log); - } - - - - function getCompressionTypes() - { - $compressionTypes = array(); - if ( function_exists('gzencode' ) ) $compressionTypes[] = 'gz'; - //if ( function_exists('gzencode' ) ) $compressionTypes[] = 'zip'; - if ( function_exists('bzipcompress') ) $compressionTypes[] = 'bz2'; - return $compressionTypes; - } - - function getArchiveTypes() - { - $archiveTypes = array(); - $archiveTypes[] = 'tar'; - $archiveTypes[] = 'zip'; - return $archiveTypes; - } - - - - function checkMenu( $name ) - { - $archiveTypes = $this->getArchiveTypes(); - $compressionTypes = $this->getCompressionTypes(); - - switch( $name ) - { - case 'uncompress': - return !readonly() && in_array($this->file->extension,$compressionTypes); - - case 'compress': - return !readonly() && !in_array($this->file->extension,$compressionTypes); - - case 'extract': - return !readonly() && in_array($this->file->extension,$archiveTypes); - - case 'size': - return !readonly() && $this->file->isImage(); - - case 'editvalue': - return !readonly() && substr($this->file->mimeType(),0,5)=='text/'; - - case 'aclform': - return !readonly(); - - default: - return true; - } - } - - - - /** - * Liefert die Struktur zu diesem Ordner: - * - Mit den übergeordneten Ordnern und - * - den in diesem Ordner enthaltenen Objekten - * - * Beispiel: - * <pre> - * - A - * - B - * - C (dieser Ordner) - * - Unterordner - * - Seite - * - Seite - * - Datei - * </pre> - */ - public function structureView() - { - - $structure = array(); - $tmp = &$structure; - $nr = 0; - - $folder = new Folder( $this->file->parentid ); - $parents = $folder->parentObjectNames(false,true); - - foreach( $parents as $id=>$name) - { - unset($children); - unset($o); - $children = array(); - $o = array('id'=>$id,'name'=>$name,'type'=>'folder','level'=>++$nr,'children'=>&$children); - - $tmp[$id] = &$o;; - - unset($tmp); - - $tmp = &$children; - } - - - - unset($children); - unset($id); - unset($name); - - $elementChildren = array(); - - $tmp[ $this->file->objectid ] = array('id'=>$this->file->objectid,'name'=>$this->file->name,'type'=>'file','self'=>true,'children'=>&$elementChildren); - - - //Html::debug($structure); - - $this->setTemplateVar('outline',$structure); - } -} - -?>- \ No newline at end of file diff --git a/action/FilebrowserAction.class.php b/action/FilebrowserAction.class.php @@ -1,261 +0,0 @@ -<?php - -namespace cms\action; - - -use Http; -use Session; -use \Html; - -// OpenRat Content Management System -// Copyright (C) 2002-2012 Jan Dankert, cms@jandankert.de -// -// This program is free software; you can redistribute it and/or -// modify it under the terms of the GNU General Public License -// as published by the Free Software Foundation; either version 2 -// of the License, or (at your option) any later version. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License -// along with this program; if not, write to the Free Software -// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. - - -/** - * Action-Klasse zum Bearbeiten einer Datei - * @author $Author$ - * @version $Revision$ - * @package openrat.actions - */ -class FilebrowserAction extends ObjectAction -{ - public $security = SECURITY_USER; - - var $command; - var $resourceType; - - /** - * Ordner - * - * @var String - */ - var $currentFolder; - - /** - * Aktueller Ordner - * - * @var Object - */ - var $folder; - - /** - * Konstruktor - */ - function __construct() - { - if ( $this->getRequestId() != 0 ) - { - $fid = $this->getRequestId(); - } - else - { - $project = Session::getProject(); - $fid = $project->getRootObjectId(); - } - - $this->folder = new Folder( $fid ); - $this->folder->load(); - - - } - - - - /** - * - */ - function show() - { - Http::notAuthorized('no subaction found'); - } - - - /** - * Datei-Upload. - * - */ - public function directuploadPost() - { - $upload = new Upload( $this->getRequestVar('name','abc') ); - - if ( !$upload->isValid() ) - { - echo 'Upload failed, reason: '.$upload->error; - } - else - { - $file = new File(); - $file->parentid = $this->folder->objectid; - $file->name = $upload->filename; - $file->filename = $upload->filename; - $file->extension = $upload->extension; - $file->value = $upload->value; - $file->add(); - - $newId = $file->objectid; - $newUrl = str_replace('&amp;','&',Html::url('file','show',$newId,array('oid'=>'__OID__'.$newId.'__'))); - - echo '<script type="text/javascript">' ; - echo 'window.parent.CKEDITOR.tools.callFunction('.$this->getRequestVar('CKEditorFuncNum',OR_FILTER_NUMBER).",'".$newUrl."','');</script>"; - echo '</script>' ; - echo 'OK' ; - } - - } - - - public function browseView() - { - global $conf_php; - $funcNum = $this->getRequestVar('CKEditorFuncNum',OR_FILTER_NUMBER); - - if ( ! $this->folder->isRoot ) - $this->setTemplateVar('up_url',Html::url('filebrowser','browse',$this->folder->parentid,array('CKEditorFuncNum'=>$funcNum))); - - $user = Session::getUser(); - $this->setTemplateVar('writable',$this->folder->hasRight(ACL_WRITE) ); - $this->setTemplateVar('style',$user->style ); - - $list = array(); - - // Schleife ueber alle Objekte in diesem Ordner - foreach( $this->folder->getObjects() as $o ) - { - $id = $o->objectid; - - if ( $o->hasRight(ACL_READ) ) - { - $list[$id]['name'] = Text::maxLaenge( 30,$o->name ); - $list[$id]['filename'] = Text::maxLaenge( 20,$o->filename ); - $list[$id]['desc'] = Text::maxLaenge( 30,$o->desc ); - if ( $list[$id]['desc'] == '' ) - $list[$id]['desc'] = lang('NO_DESCRIPTION_AVAILABLE'); - $list[$id]['desc'] = $list[$id]['desc'].' - '.lang('IMAGE').' '.$id; - - $list[$id]['type'] = $o->getType(); - - $list[$id]['icon' ] = $o->getType(); - $list[$id]['class'] = $o->getType(); - if ( $o->isFolder ) - $list[$id]['url' ] = Html::url('filebrowser','browse',$id,array('CKEditorFuncNum'=>$funcNum) ); - else - $list[$id]['url' ] = "javascript:window.top.opener.CKEDITOR.tools.callFunction($funcNum,'".Html::url('file','show',$id,array('oid'=>'__OID__'.$id.'__'))."','');window.top.close();window.top.opener.focus();"; - - - - if ( $o->getType() == 'file' ) - { - $file = new File( $id ); - $file->load(); - $list[$id]['desc'] .= ' - '.intval($file->size/1000).'kB'; - - if ( $file->isImage() ) - { - $list[$id]['icon' ] = 'image'; - $list[$id]['class'] = 'image'; - //$list[$id]['url' ] = Html::url('file','show',$id) nur sinnvoll bei Lightbox-Anzeige - } -// if ( substr($file->mimeType(),0,5) == 'text/' ) -// $list[$id]['icon'] = 'text'; - } - - $list[$id]['date'] = $o->lastchangeDate; - $list[$id]['user'] = $o->lastchangeUser; - } - } - - $this->setTemplateVar('object' ,$list ); - $this->setTemplateVar('CKEditorFuncNum',$funcNum ); - $this->setTemplateVar('token',token() ); - $this->setTemplateVar('id',$this->folder->objectid ); - } - - - public function addfolderPost() - { - - $filename = $this->getRequestVar('name'); - - if ( empty($filename) ) - { - $this->addNotice('folder',$this->name,'ADDED',OR_NOTICE_ERROR); - } - elseif( !$this->folder->hasRight(ACL_CREATE_FOLDER) ) - { - $this->addNotice('folder',$this->name,'ERROR',OR_NOTICE_ERROR); - } - elseif( $this->folder->hasFilename( $filename ) ) - { - $this->addNotice('folder',$this->name,'ERROR',OR_NOTICE_ERROR); - - } - else - { - $newFolder = new Folder(); - $newFolder->parentid = $this->folder->objectid; - $newFolder->filename = $filename; - $newFolder->name = $filename; - $newFolder->add(); - - $this->addNotice('folder',$this->folder->name,'ADDED',OR_NOTICE_OK); - } - } - - - - public function uploadPost() - { - if ( $this->hasRequestVar('name') ) - $name = $this->getRequestVar('name','abc'); - else - $name = 'file'; - - $upload = new Upload($name); - - if ( !$upload->isValid() ) - { - Html::debug($upload); - $this->addValidationError('file','COMMON_VALIDATION_ERROR',array(),$upload->error); - return; - } - // Pr�fen der maximal erlaubten Dateigr��e. - elseif ( $upload->size < 0 ) - { - // Maximale Dateigr��e ist �berschritten - $this->addValidationError('file','MAX_FILE_SIZE_EXCEEDED'); - return; - } - elseif( $upload->size > 0 ) - { - $file = new File(); - $file->desc = ''; - $file->filename = $upload->filename; - $file->name = $upload->filename; - $file->extension = $upload->extension; - $file->size = $upload->size; - $file->parentid = $this->folder->objectid; - - $file->value = $upload->value; - - $file->add(); // Datei hinzufuegen - $this->folder->setTimestamp(); - $this->addNotice('file',$file->name,'ADDED','ok'); - } - } -} - -?>- \ No newline at end of file diff --git a/action/FolderAction.class.php b/action/FolderAction.class.php @@ -1,1566 +0,0 @@ -<?php - -namespace cms\action; - -use ArchiveTar; -use cms\model\Template; -use cms\model\Page; -use cms\model\Folder; -use cms\model\Object; -use cms\model\File; -use cms\model\Link; - -use cms\model\Url; -use Http; -use Publish; -use Session; -use \Html; -use Text; -use Upload; - -// OpenRat Content Management System -// Copyright (C) 2002-2012 Jan Dankert, cms@jandankert.de -// -// This program is free software; you can redistribute it and/or -// modify it under the terms of the GNU General Public License -// as published by the Free Software Foundation; either version 2 -// of the License, or (at your option) any later version. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License -// along with this program; if not, write to the Free Software -// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. - - -/** - * Action-Klasse zum Bearbeiten eines Ordners - * @author $Author$ - * @version $Revision$ - * @package openrat.actions - */ - -class FolderAction extends ObjectAction -{ - public $security = SECURITY_USER; - - private $folder; - - public function __construct() - { - $this->folder = new Folder( $this->getRequestId() ); - $this->folder->load(); - } - - - - /** - * Neues Objekt anlegen.<br> - * Dies kann ein(e) Verzeichnis, Seite, Verkn�pfung oder Datei sein.<br> - */ - public function createPost() - { - global $conf; - $type = $this->getRequestVar('type' ); - - switch( $type ) - { - case 'folder': - $name = $this->getRequestVar('folder_name'); - - if ( !empty($name) ) - { - $f = new Folder(); - $f->name = $name; - $f->parentid = $this->folder->objectid; - $f->add(); - $this->folder->setTimestamp(); - $this->addNotice('folder',$f->name,'ADDED','ok'); - } - else - { - $this->addValidationError('folder_name'); - $this->callSubAction('create'); - } - break; - - case 'file': - $upload = new Upload(); - - if ( !$upload->isValid() ) - { - $this->addValidationError('file','COMMON_VALIDATION_ERROR',array(),$upload->error); - $this->callSubAction('createfile'); - return; - } - // Pr�fen der maximal erlaubten Dateigr��e. - elseif ( $upload->size > $this->maxFileSize() ) - { - // Maximale Dateigr��e ist �berschritten - $this->addValidationError('file','MAX_FILE_SIZE_EXCEEDED'); - $this->callSubAction('createfile'); - return; - } - elseif( $upload->size > 0 ) - { - $file = new File(); - $file->desc = ''; - $file->filename = $upload->filename; - $file->name = $upload->filename; - $file->extension = $upload->extension; - $file->size = $upload->size; - $file->parentid = $this->folder->objectid; - - $file->value = $upload->value; - - $file->add(); // Datei hinzufuegen - $this->folder->setTimestamp(); - $this->addNotice('file',$file->name,'ADDED','ok'); - } - - break; - - case 'page': - - $name = $this->getRequestVar('page_name'); - if ( !empty($name) ) - { - $page = new Page(); - $page->name = $name; - $page->templateid = $this->getRequestVar('page_templateid'); - $page->parentid = $this->folder->objectid; - $page->add(); - $this->folder->setTimestamp(); - - $this->addNotice('page',$page->name,'ADDED','ok'); - } - else - { - $this->addValidationError('page_name'); - $this->callSubAction('create'); - } - break; - - case 'link': - - $name = $this->getRequestVar('link_name'); - if ( !empty($name) ) - { - $link = new Link(); - $link->name = $name; - $link->parentid = $this->folder->objectid; - - $link->add(); - $this->folder->setTimestamp(); - - $this->addNotice('link',$link->name,'ADDED','ok'); - } - else - { - $this->addValidationError('link_name'); - $this->callSubAction('create'); - } - - break; - - case 'url': - - $urlValue = $this->getRequestVar('url'); - if ( !empty($urlValue) ) - { - $url = new Url(); - $url->name = $urlValue; - $url->parentid = $this->folder->objectid; - - $url->url = $urlValue; - - $url->add(); - $this->folder->setTimestamp(); - - $this->addNotice('url',$url->name,'ADDED','ok'); - } - else - { - $this->addValidationError('url'); - $this->callSubAction('create'); - } - - break; - - default: - $this->addValidationError('type'); - $this->callSubAction('create'); - - } - - } - - - - public function createfolderPost() - { - $type = $this->getRequestVar('type' ); - $name = $this->getRequestVar('name' ); - $filename = $this->getRequestVar('filename' ); - $description = $this->getRequestVar('description'); - - if ( !empty($name) ) - { - $f = new Folder(); - $f->name = $name; - $f->filename = $name; - $f->desc = $description; - $f->parentid = $this->folder->objectid; - - $f->add(); - $this->addNotice('folder',$f->name,'ADDED','ok'); - $this->setTemplateVar('objectid',$f->objectid); - } - else - { - $this->addValidationError('name'); - $this->callSubAction('createfolder'); - } - - $this->folder->setTimestamp(); - } - - - - public function createfilePost() - { - $type = $this->getRequestVar('type' ); - $name = $this->getRequestVar('name' ); - $filename = $this->getRequestVar('filename' ); - $description = $this->getRequestVar('description'); - - $file = new File(); - - // Die neue Datei wird über eine URL geladen und dann im CMS gespeichert. - if ( $this->hasRequestVar('url') ) - { - $url = $this->getRequestVar('url'); - $http = new Http(); - $http->setUrl( $url ); - - $ok = $http->request(); - - if ( !$ok ) - { - $this->addValidationError('url','COMMON_VALIDATION_ERROR',array(),$http->error); - $this->callSubAction('createfile'); - return; - } - - $file->desc = $description; - $file->filename = basename($url); - $file->name = !empty($name)?$name:basename($url); - $file->size = strlen($http->body); - $file->value = $http->body; - $file->parentid = $this->folder->objectid; - } - else - { - $upload = new Upload(); - - if ( $upload->isValid() ) - { - $file->desc = $description; - $file->filename = $upload->filename; - $file->name = !empty($name)?$name:$upload->filename; - $file->extension = $upload->extension; - $file->size = $upload->size; - $file->parentid = $this->folder->objectid; - - $file->value = $upload->value; - } - else - { - if ( $this->hasRequestVar('name') ) - { - $file->name = $this->getRequestVar('name'); - $file->desc = $this->getRequestVar('description'); - $file->filename = $this->getRequestVar('filename', OR_FILTER_FILENAME); - $file->parentid = $this->folder->objectid; - } - else - { - $this->addValidationError('file','COMMON_VALIDATION_ERROR',array(),$upload->error); - $this->callSubAction('createfile'); - return; - } - - } - } - - $file->add(); // Datei hinzufuegen - $this->addNotice('file',$file->name,'ADDED','ok'); - $this->setTemplateVar('objectid',$file->objectid); - - $this->folder->setTimestamp(); - } - - - - public function createlinkPost() - { - $name = $this->getRequestVar('name' ); - $filename = $this->getRequestVar('filename' ); - $description = $this->getRequestVar('description'); - - if ( !empty($name) ) - { - $link = new Link(); - $link->filename = $filename; - $link->name = $name; - $link->desc = $description; - $link->parentid = $this->folder->objectid; - - $link->linkedObjectId = $this->getRequestVar('targetobjectid'); - - $link->add(); - - $this->addNotice('link',$link->name,'ADDED','ok'); - $this->setTemplateVar('objectid',$link->objectid); - } - else - { - $this->addValidationError('name'); - $this->callSubAction('createlink'); - return; - } - - $this->folder->setTimestamp(); - } - - public function createurlPost() - { - $name = $this->getRequestVar('name' ); - $description = $this->getRequestVar('description'); - $filename = $this->getRequestVar('filename' ); - - if ( !empty($name) ) - { - $url = new Url(); - $url->filename = $filename; - $url->name = $name; - $url->desc = $description; - $url->parentid = $this->folder->objectid; - - $url->url = $this->getRequestVar('url'); - - $url->add(); - - $this->addNotice('url',$url->name,'ADDED','ok'); - $this->setTemplateVar('objectid',$url->objectid); - } - else - { - $this->addValidationError('name'); - $this->callSubAction('createurl'); - return; - } - - $this->folder->setTimestamp(); - } - - - - public function createpagePost() - { - $type = $this->getRequestVar('type' ); - $name = $this->getRequestVar('name' ); - $filename = $this->getRequestVar('filename' ); - $description = $this->getRequestVar('description'); - - if ( $this->getRequestVar('name') != '' ) - { - $page = new Page(); - $page->name = $name; - $page->desc = $description; - $page->filename = $filename; - $page->templateid = $this->getRequestVar('templateid'); - $page->parentid = $this->folder->objectid; - - $page->add(); - - $this->addNotice('page',$page->name,'ADDED','ok'); - $this->setTemplateVar('objectid',$page->objectid); - } - else - { - $this->addValidationError('name'); - $this->callSubAction('createpage'); - return; - } - - $this->folder->setTimestamp(); - } - - - - /** - * Abspeichern der Ordner-Eigenschaften. Ist der Schalter "delete" gesetzt, wird - * der Ordner stattdessen gel?scht. - */ - public function propPost() - { - // Ordnereigenschaften speichern - if ( $this->getRequestVar('name') != '' ) - $this->folder->name = $this->getRequestVar('name' ,'full'); - elseif ($this->getRequestVar('filename') != '' ) - $this->folder->name = $this->getRequestVar('filename',OR_FILTER_ALPHANUM); - else - { - $this->addValidationError('name'); - $this->addValidationError('filename'); - //$this->callSubAction('prop'); - return; - } - - $this->folder->filename = $this->getRequestVar('filename' ,OR_FILTER_ALPHANUM); - $this->folder->desc = $this->getRequestVar('description','full' ); - $this->folder->save(); - $this->addNotice($this->folder->getType(),$this->folder->name,'PROP_SAVED','ok'); - } - - - /** - * Reihenfolge von Objekten aendern. - */ - public function orderPost() - { - $ids = $this->folder->getObjectIds(); - $seq = 0; - - $order = explode(',',$this->getRequestVar('order') ); - - foreach( $order as $objectid ) - { - if ( ! in_array($objectid,$ids) ) - { - Http::serverError('Object-Id '.$objectid.' is not in this folder any more'); - } - $seq++; // Sequenz um 1 erhoehen - - $o = new Object( $objectid ); - $o->setOrderId( $seq ); - - unset( $o ); // Selfmade Garbage Collection :-) - } - - $this->addNotice($this->folder->getType(),$this->folder->name,'SEQUENCE_CHANGED','ok'); - $this->folder->setTimestamp(); - } - - - // Reihenfolge von Objekten aendern - public function changesequencePost() - { - $ids = $this->folder->getObjectIds(); - $seq = 0; - foreach( $ids as $id ) - { - $seq++; // Sequenz um 1 erhoehen - - // Die beiden Ordner vertauschen - if ( $id == $this->getRequestVar('objectid1') ) - $id = $this->getRequestVar('objectid2'); - elseif ( $id == $this->getRequestVar('objectid2') ) - $id = $this->getRequestVar('objectid1'); - - $o = new Object( $id ); - $o->setOrderId( $seq ); - - unset( $o ); // Selfmade Garbage Collection :-) - } - - $this->addNotice($this->folder->getType(),$this->folder->name,'SEQUENCE_CHANGED','ok'); - $this->folder->setTimestamp(); - - // Ordner anzeigen - $this->callSubAction('order'); - - } - - - private function OLD__________editPost() - { - $type = $this->getRequestVar('type'); // Typ der Aktion, z.B "copy" oder "move" - - switch( $type ) - { - case 'move': - case 'copy': - case 'link': - // Liste von m�glichen Zielordnern anzeigen - - $otherfolder = array(); - foreach( $this->folder->getAllFolders() as $id ) - { - $f = new Folder( $id ); - - // Beim Verkn�pfen muss im Zielordner die Berechtigung zum Erstellen - // von Verkn�pfungen vorhanden sein. - // - // Beim Verschieben und Kopieren muss im Zielordner die Berechtigung - // zum Erstellen von Ordner, Dateien oder Seiten vorhanden sein. - if ( ( $type=='link' && $f->hasRight( ACL_CREATE_LINK ) ) || - ( ( $type=='move' || $type == 'copy' ) && - ( $f->hasRight(ACL_CREATE_FOLDER) || $f->hasRight(ACL_CREATE_FILE) || $f->hasRight(ACL_CREATE_PAGE) ) ) ) - // Zielordner hinzuf�gen - $otherfolder[$id] = FILE_SEP.implode( FILE_SEP,$f->parentObjectNames(false,true) ); - } - - // Zielordner-Liste alphabetisch sortieren - asort( $otherfolder ); - - $this->setTemplateVar('folder',$otherfolder); - - break; - - case 'archive': - $this->setTemplateVar('ask_filename',''); - break; - - case 'delete': - $this->setTemplateVar('ask_commit',''); - break; - - default: - $this->addValidationError('type'); - return; - - } // switch - - $ids = $this->folder->getObjectIds(); - $objectList = array(); - - foreach( $ids as $id ) - { - // Nur, wenn Objekt ausgewaehlt wurde - if ( !$this->hasRequestVar('obj'.$id) ) - continue; - - $o = new Object( $id ); - $o->load(); - - // F�r die gew�nschte Aktion m�ssen pro Objekt die entsprechenden Rechte - // vorhanden sein. - if ( $type == 'copy' && $o->hasRight( ACL_READ ) || - $type == 'move' && $o->hasRight( ACL_DELETE ) || - $type == 'link' && $o->hasRight( ACL_READ ) || - $type == 'archive' && $o->hasRight( ACL_READ ) || - $type == 'delete' && $o->hasRight( ACL_DELETE ) ) - $objectList[ $id ] = $o->getProperties(); - } - - $this->setTemplateVar('type' ,$type ); - $this->setTemplateVar('objectlist',$objectList ); - - // Komma-separierte Liste von ausgew�hlten Objekt-Ids erzeugen - $this->setTemplateVar('ids',join(array_keys($objectList),',') ); - } - - - - /** - * Verschieben/Kopieren/Loeschen/Verknuepfen von mehreren Dateien in diesem Ordner - */ - public function editPost() - { - $type = $this->getRequestVar('type'); - $ids = explode(',',$this->getRequestVar('ids')); - $targetObjectId = $this->getRequestVar('targetobjectid'); - - // Prüfen, ob Schreibrechte im Zielordner bestehen. - switch( $type ) - { - case 'move': - case 'copy': - case 'link': - $f = new Folder( $targetObjectId ); - - // Beim Verkn�pfen muss im Zielordner die Berechtigung zum Erstellen - // von Verkn�pfungen vorhanden sein. - // - // Beim Verschieben und Kopieren muss im Zielordner die Berechtigung - // zum Erstellen von Ordner, Dateien oder Seiten vorhanden sein. - if ( ( $type=='link' && $f->hasRight( ACL_CREATE_LINK ) ) || - ( ( $type=='move' || $type == 'copy' ) && - ( $f->hasRight(ACL_CREATE_FOLDER) || $f->hasRight(ACL_CREATE_FILE) || $f->hasRight(ACL_CREATE_PAGE) ) ) ) - { - // OK - } - else - { - $this->addValidationError('targetobjectid','no_rights'); - return; - } - - break; - default: - } - - - $ids = $this->folder->getObjectIds(); - $objectList = array(); - - foreach( $ids as $id ) - { - // Nur, wenn Objekt ausgewaehlt wurde - if ( !$this->hasRequestVar('obj'.$id) ) - continue; - - $o = new Object( $id ); - $o->load(); - - // Fuer die gewuenschte Aktion muessen pro Objekt die entsprechenden Rechte - // vorhanden sein. - if ( $type == 'copy' && $o->hasRight( ACL_READ ) || - $type == 'move' && $o->hasRight( ACL_WRITE ) || - $type == 'link' && $o->hasRight( ACL_READ ) || - $type == 'archive' && $o->hasRight( ACL_READ ) || - $type == 'delete' && $o->hasRight( ACL_DELETE ) ) - $objectList[ $id ] = $o->getProperties(); - else - $this->addNotice($o->getType(),$o->name,'no_rights',OR_NOTICE_WARN); - } - - $ids = array_keys($objectList); - - if ( $type == 'archive' ) - { - require_once('serviceClasses/ArchiveTar.class.php'); - $tar = new ArchiveTar(); - $tar->files = array(); - - foreach( $ids as $id ) - { - $o = new Object( $id ); - $o->load(); - - if ( $o->isFile ) - { - $file = new File($id); - $file->load(); - - // Datei dem Archiv hinzufügen. - $info = array(); - $info['name'] = $file->filenameWithExtension(); - $info['file'] = $file->loadValue(); - $info['mode'] = 0600; - $info['size'] = $file->size; - $info['time'] = $file->lastchangeDate; - $info['user_id' ] = 1000; - $info['group_id'] = 1000; - $info['user_name' ] = 'nobody'; - $info['group_name'] = 'nobody'; - - $tar->numFiles++; - $tar->files[]= $info; - } - else - { - // Was anderes als Dateien ignorieren. - $this->addNotice($o->getType(),$o->name,'NOTHING_DONE',OR_NOTICE_WARN); - } - - } - - // TAR speichern. - $tarFile = new File(); - $tarFile->name = lang('GLOBAL_ARCHIVE').' '.$this->getRequestVar('filename'); - $tarFile->filename = $this->getRequestVar('filename'); - $tarFile->extension = 'tar'; - $tarFile->parentid = $this->folder->objectid; - - $tar->__generateTAR(); - $tarFile->value = $tar->tar_file; - $tarFile->add(); - } - else - { - foreach( $ids as $id ) - { - $o = new Object( $id ); - $o->load(); - - switch( $type ) - { - case 'move': - if ( $o->isFolder ) - { - $f = new Folder( $id ); - $allsubfolders = $f->getAllSubFolderIds(); - - // Plausibilisierungsprüfung: - // - // Wenn - // - Das Zielverzeichnis sich nicht in einem Unterverzeichnis des zu verschiebenen Ordners liegt - // und - // - Das Zielverzeichnis nicht der zu verschiebene Ordner ist - // dann verschieben - if ( !in_array($targetObjectId,$allsubfolders) && $id != $targetObjectId ) - { - $this->addNotice($o->getType(),$o->name,'MOVED','ok'); - $o->setParentId( $targetObjectId ); - } - else - { - $this->addNotice($o->getType(),$o->name,'ERROR','error'); - } - } - else - { - $o->setParentId( $targetObjectId ); - $this->addNotice($o->getType(),$o->name,'MOVED','ok'); - } - break; - - case 'copy': - switch( $o->getType() ) - { - case 'folder': - // Ordner zur Zeit nicht kopieren - // Funktion waere zu verwirrend - $this->addNotice($o->getType(),$o->name,'CANNOT_COPY_FOLDER','error'); - break; - - case 'file': - $f = new File( $id ); - $f->load(); - $f->filename = ''; - $f->name = lang('COPY_OF').' '.$f->name; - $f->parentid = $targetObjectId; - $f->add(); - $f->copyValueFromFile( $id ); - - $this->addNotice($o->getType(),$o->name,'COPIED','ok'); - break; - - case 'page': - $p = new Page( $id ); - $p->load(); - $p->filename = ''; - $p->name = lang('COPY_OF').' '.$p->name; - $p->parentid = $targetObjectId; - $p->add(); - $p->copyValuesFromPage( $id ); - $this->addNotice($o->getType(),$o->name,'COPIED','ok'); - break; - - case 'link': - $l = new Link( $id ); - $l->load(); - $l->filename = ''; - $l->name = lang('COPY_OF').' '.$l->name; - $l->parentid = $targetObjectId; - $l->add(); - $this->addNotice($o->getType(),$o->name,'COPIED','ok'); - break; - - default: - die('fatal: what type to delete?'); - } - $notices[] = lang('COPIED'); - break; - - case 'link': - - if ( $o->isFile || - $o->isPage ) // Nur Seiten oder Dateien sind verknuepfbar - { - $link = new Link(); - $link->parentid = $targetObjectId; - - $link->linkedObjectId = $id; - $link->isLinkToObject = true; - $link->name = lang('LINK_TO').' '.$o->name; - $link->add(); - $this->addNotice($o->getType(),$o->name,'LINKED','ok'); - } - else - { - $this->addNotice($o->getType(),$o->name,'ERROR','error'); - } - break; - - case 'delete': - - if ( $this->hasRequestVar('confirm') ) - { - switch( $o->getType() ) - { - case 'folder': - $f = new Folder( $id ); - $f->deleteAll(); - break; - - case 'file': - $f = new File( $id ); - $f->delete(); - break; - - case 'page': - $p = new Page( $id ); - $p->load(); - $p->delete(); - break; - - case 'link': - $l = new Link( $id ); - $l->delete(); - break; - - case 'url': - $u = new Url( $id ); - $u->delete(); - break; - - default: - throw new \LogicException("Error while deleting: Unknown type: {$o->getType()}"); - } - $this->addNotice($o->getType(),$o->name,'DELETED',OR_NOTICE_OK); - } - else - { - $this->addNotice($o->getType(),$o->name,'NOTHING_DONE',OR_NOTICE_WARN); - } - - break; - - default: - $this->addNotice($o->getType(),$o->name,'ERROR','error'); - } - - } - } - - $this->folder->setTimestamp(); - } - - - /** - * Reihenfolge von Objekten aendern. - */ - public function reorderPost() - { - $type = $this->getRequestVar('type'); - - switch( $type ) - { - case 'type': - $ids = $this->folder->getObjectIdsByType(); - break; - - case 'name': - $ids = $this->folder->getChildObjectIdsByName(); - break; - - case 'lastchange': - $ids = $this->folder->getObjectIdsByLastChange(); - break; - - case 'flip': - $ids = $this->folder->getObjectIds(); - $ids = array_reverse( $ids ); // Reihenfolge drehen - - break; - - default: - Http::sendStatus(400,'Bad request','Unknown reordertype: '.$type ); - } - - // Und jetzt die neu ermittelte Reihenfolge speichern - $seq = 0; - foreach( $ids as $id ) - { - $seq++; // Sequenz um 1 erhoehen - - $o = new Object( $id ); - $o->setOrderId( $seq ); - - unset( $o ); - } - $this->addNotice($this->folder->getType(),$this->folder->name,'SEQUENCE_CHANGED','ok'); - - $this->folder->setTimestamp(); - } - - - public function settopPost() - { - $o = new Object( $this->getRequestVar('objectid1') ); - $o->setOrderId( 1 ); - - $ids = $this->folder->getObjectIds(); - $seq = 1; - - foreach( $ids as $id ) - { - if ( $id != $this->getRequestVar('objectid1') ) - { - $seq++; // Sequenz um 1 erhoehen - - $o = new Object( $id ); - $o->setOrderId( $seq ); - - unset( $o ); // Selfmade Garbage Collection :-) - } - } - - $this->addNotice($this->folder->getType(),$this->folder->name,'SEQUENCE_CHANGED','ok'); - $this->folder->setTimestamp(); - - // Ordner anzeigen - $this->callSubAction('order'); - } - - - public function setbottomPost() - { - $ids = $this->folder->getObjectIds(); - $seq = 0; - - foreach( $ids as $id ) - { - if ( $id != $this->getRequestVar('objectid1') ) - { - $seq++; // Sequenz um 1 erhoehen - - $o = new Object( $id ); - $o->setOrderId( $seq ); - - unset( $o ); // Selfmade Garbage Collection :-) - } - } - - $seq++; // Sequenz um 1 erhoehen - $o = new Object( $this->getRequestVar('objectid1') ); - $o->setOrderId( $seq ); - - $this->addNotice($this->folder->getType(),$this->folder->name,'SEQUENCE_CHANGED','ok'); - $this->folder->setTimestamp(); - - // Ordner anzeigen - $this->callSubAction('order'); - - } - - - /** - * Alias für Methode 'create'. - */ - public function newView() - { - $this->nextSubAction('create'); - } - - - /** - * Alias für Methode 'create'. - */ - public function newPost() - { - $this->nextSubAction('create'); - } - - - public function createView() - { - // Maximale Dateigroesse. - $maxSizeBytes = $this->maxFileSize(); - $this->setTemplateVar('max_size' ,($maxSizeBytes/1024).' KB' ); - $this->setTemplateVar('maxlength',$maxSizeBytes ); - - $all_templates = Template::getAll(); - $this->setTemplateVar('templates' ,$all_templates ); - - if ( count($all_templates) == 0 ) - $this->addNotice('folder',$this->folder->name,'NO_TEMPLATES_AVAILABLE',OR_NOTICE_WARN); - - $this->setTemplateVar('objectid' ,$this->folder->objectid ); - } - - - - public function createfolderView() - { - $this->setTemplateVar('objectid' ,$this->folder->objectid ); - } - - - - /** - * Ermittelt die maximale Gr��e einer hochzuladenden Datei.<br> - * Der Wert wird aus der PHP- und OpenRat-Konfiguration ermittelt.<br> - * - * @return Integer maximale Dateigroesse in Bytes - */ - private function maxFileSize() - { - global $conf; - - // When querying memory size values: - // Many ini memory size values, such as upload_max_filesize, - // are stored in the php.ini file in shorthand notation. - // ini_get() will return the exact string stored in the php.ini file - // and NOT its integer equivalent. - $sizes = array(10*1024*1024*1024); // Init with 10GB enough? :) - - foreach( array('upload_max_filesize','post_max_size','memory_limit') as $var ) - { - $v = $this->stringToBytes(ini_get($var)); - - if ($v > 0 ) - $sizes[] = $v; - } - - $confMaxSize = intval($conf['content']['file']['max_file_size'])*1024; - if ( $confMaxSize > 0 ) - $sizes[] = $confMaxSize; - - return min($sizes); - } - - - /** - * Hochladen einer Datei. - * - */ - public function createfileView() - { - // Maximale Dateigroesse. - $maxSizeBytes = $this->maxFileSize(); - $this->setTemplateVar('max_size' ,($maxSizeBytes/1024).' KB' ); - $this->setTemplateVar('maxlength',$maxSizeBytes ); - - $this->setTemplateVar('objectid',$this->folder->objectid ); - } - - - /** - * Umwandlung von abgek�rzten Bytewerten ("Shorthand Notation") wie - * "4M" oder "500K" in eine ganzzahlige Byteanzahl.<br> - * <br> - * Quelle: http://de.php.net/manual/de/function.ini-get.php - * - * @param String Abgek�rzter Bytewert - * @return Integer Byteanzahl - */ - private function stringToBytes($val) - { - $val = trim($val); - $last = strtolower($val{strlen($val)-1}); - // Achtung: Der Trick ist das "Fallthrough", kein "break" vorhanden! - switch($last) - { - // The 'G' modifier is available since PHP 5.1.0 - case 'g': - $val *= 1024; - case 'm': - $val *= 1024; - case 'k': - $val *= 1024; - } - - return intval($val); - } - - - - public function createlinkView() - { - $this->setTemplateVar('objectid' ,$this->folder->objectid ); - } - - - public function createurlView() - { - } - - - public function createpageView() - { - $all_templates = Template::getAll(); - $this->setTemplateVar('templates' ,$all_templates ); - $this->setTemplateVar('objectid' ,$this->folder->objectid ); - - if ( count($all_templates) == 0 ) - $this->addNotice('folder',$this->folder->name,'NO_TEMPLATES_AVAILABLE',OR_NOTICE_WARN); - } - - - /** - * Anzeigen des Inhaltes, der Inhalt wird samt Header direkt - * auf die Standardausgabe geschrieben - */ - private function previewViewUnused() - { - $this->setTemplateVar('preview_url',Html::url('folder','show',$this->folder->objectid,array('target'=>'none') ) ); - } - - - - /** - * Anzeige aller Objekte in diesem Ordner. - */ - public function previewView() - { - global $conf_php; - - if ( ! $this->folder->isRoot ) - $this->setTemplateVar('up_url',Html::url('folder','show',$this->folder->parentid)); - - $list = array(); - - // Schleife ueber alle Objekte in diesem Ordner - foreach( $this->folder->getObjects() as $o ) - { - /* @var $o Object */ - - $id = $o->objectid; - - if ( $o->hasRight(ACL_READ) ) - { - $list[$id]['name'] = Text::maxLaenge( 30,$o->name ); - $list[$id]['filename'] = Text::maxLaenge( 20,$o->filename ); - $list[$id]['desc'] = Text::maxLaenge( 30,$o->desc ); - if ( $list[$id]['desc'] == '' ) - $list[$id]['desc'] = lang('NO_DESCRIPTION_AVAILABLE'); - $list[$id]['desc'] = $list[$id]['desc'].' - '.lang('IMAGE').' '.$id; - - $list[$id]['type'] = $o->getType(); - $list[$id]['id' ] = $id; - - $list[$id]['icon' ] = $o->getType(); - $list[$id]['class'] = $o->getType(); - $list[$id]['url' ] = Html::url($o->getType(),'',$id); - - if ( $o->getType() == 'file' ) - { - $file = new File( $id ); - $file->load(); - $list[$id]['desc'] .= ' - '.intval($file->size/1000).'kB'; - - if ( $file->isImage() ) - { - $list[$id]['icon' ] = 'image'; - $list[$id]['class'] = 'image'; - //$list[$id]['url' ] = Html::url('file','show',$id) nur sinnvoll bei Lightbox-Anzeige - } -// if ( substr($file->mimeType(),0,5) == 'text/' ) -// $list[$id]['icon'] = 'text'; - } - - $list[$id]['date'] = $o->lastchangeDate; - $list[$id]['user'] = $o->lastchangeUser; - } - } - - $this->setTemplateVar('object' ,$list ); - } - - - /** - * Anzeige aller Objekte in diesem Ordner. - */ - public function contentView() - { - global $conf_php; - - if ( ! $this->folder->isRoot ) - $this->setTemplateVar('up_url',Html::url('folder','show',$this->folder->parentid)); - - $this->setTemplateVar('writable',$this->folder->hasRight(ACL_WRITE) ); - - $list = array(); - - // Schleife ueber alle Objekte in diesem Ordner - foreach( $this->folder->getObjects() as $o ) - { - /* @var $o Object */ - $id = $o->objectid; - - if ( $o->hasRight(ACL_READ) ) - { - $list[$id]['name'] = Text::maxLaenge( 30,$o->name ); - $list[$id]['filename'] = Text::maxLaenge( 20,$o->filename ); - $list[$id]['desc'] = Text::maxLaenge( 30,$o->desc ); - if ( $list[$id]['desc'] == '' ) - $list[$id]['desc'] = lang('NO_DESCRIPTION_AVAILABLE'); - $list[$id]['desc'] = $list[$id]['desc'].' - '.lang('IMAGE').' '.$id; - - $list[$id]['type'] = $o->getType(); - $list[$id]['id' ] = $id; - - $list[$id]['icon' ] = $o->getType(); - $list[$id]['class'] = $o->getType(); - $list[$id]['url' ] = Html::url($o->getType(),'',$id); - - if ( $o->getType() == 'file' ) - { - $file = new File( $id ); - $file->load(); - $list[$id]['desc'] .= ' - '.intval($file->size/1000).'kB'; - - if ( $file->isImage() ) - { - $list[$id]['icon' ] = 'image'; - $list[$id]['class'] = 'image'; - //$list[$id]['url' ] = Html::url('file','show',$id) nur sinnvoll bei Lightbox-Anzeige - } -// if ( substr($file->mimeType(),0,5) == 'text/' ) -// $list[$id]['icon'] = 'text'; - } - - $list[$id]['date'] = $o->lastchangeDate; - $list[$id]['user'] = $o->lastchangeUser; - } - } - - $this->setTemplateVar('object' ,$list ); - } - - - public function editView() - { - global $conf_php; - - $this->setTemplateVar('writable',$this->folder->hasRight(ACL_WRITE) ); - - $list = array(); - - // Schleife ueber alle Objekte in diesem Ordner - foreach( $this->folder->getObjects() as $o ) - { - /* @var $o Object */ - $id = $o->objectid; - - if ( $o->hasRight(ACL_READ) ) - { - $list[$id]['objectid'] = $id; - $list[$id]['id' ] = 'obj'.$id; - $list[$id]['name' ] = $o->name; - $list[$id]['filename'] = $o->filename; - $list[$id]['desc' ] = $o->desc; - if ( $list[$id]['desc'] == '' ) - $list[$id]['desc'] = lang('NO_DESCRIPTION_AVAILABLE'); - $list[$id]['desc'] = 'ID '.$id.' - '.$list[$id]['desc']; - - $list[$id]['type'] = $o->getType(); - - $list[$id]['icon'] = $o->getType(); - - if ( $o->getType() == 'file' ) - { - $file = new File( $id ); - $file->load(); - $list[$id]['size'] = $file->size; - $list[$id]['desc'] .= ' - '.intval($file->size/1000).'kB'; - - if ( substr($file->mimeType(),0,6) == 'image/' ) - $list[$id]['icon'] = 'image'; -// if ( substr($file->mimeType(),0,5) == 'text/' ) -// $list[$id]['icon'] = 'text'; - } - - $list[$id]['url' ] = Html::url($o->getType(),'',$id); - $list[$id]['date'] = date( lang('DATE_FORMAT'),$o->lastchangeDate ); - $list[$id]['user'] = $o->lastchangeUser; - - if ( $this->hasRequestVar("markall") || $this->hasRequestVar('obj'.$id) ) - $this->setTemplateVar('obj'.$id,'1'); - } - } - - if ( $this->folder->hasRight(ACL_WRITE) ) - { - // Alle anderen Ordner ermitteln - $otherfolder = array(); - foreach( $this->folder->getAllFolders() as $id ) - { - $f = new Folder( $id ); - if ( $f->hasRight( ACL_WRITE ) ) - $otherfolder[$id] = FILE_SEP.implode( FILE_SEP,$f->parentObjectNames(false,true) ); - } - asort( $otherfolder ); - - $this->setTemplateVar('folder',$otherfolder); - - // URLs zum Umsortieren der Eintraege - $this->setTemplateVar('order_url' ,Html::url('folder','order',$this->folder->id) ); - } - - $actionList = array(); - $actionList[] = 'copy'; - $actionList[] = 'link'; - $actionList[] = 'archive'; - - if ( $this->folder->hasRight(ACL_WRITE) ) - { - $actionList[] = 'move'; - $actionList[] = 'delete'; - } - - $this->setTemplateVar('actionlist',$actionList ); - $this->setTemplateVar('defaulttype',$this->getRequestVar('type','alpha')); - - $this->setTemplateVar('object' ,$list ); - $this->setTemplateVar('act_objectid',$this->folder->id); - - $rootFolder = new Folder( Folder::getRootFolderId() ); - $rootFolder->load(); - - $this->setTemplateVar('properties' ,$this->folder->getProperties() ); - $this->setTemplateVar('rootfolderid' ,$rootFolder->id ); - $this->setTemplateVar('rootfoldername',$rootFolder->name); - } - - - - - public function rootView() - { - $rootFolder = new Folder( Folder::getRootFolderId() ); - $rootFolder->load(); - - $this->setTemplateVar('rootfolderid' ,$rootFolder->id ); - $this->setTemplateVar('rootfoldername',$rootFolder->name); - } - - - - /** - * Reihenfolge bearbeiten. - */ - public function orderView() - { - global $conf_php; - - $list = array(); - $last_objectid = 0; - - // Schleife ueber alle Objekte in diesem Ordner - foreach( $this->folder->getObjects() as $o ) - { - /* @var $o Object */ - $id = $o->objectid; - - if ( $o->hasRight(ACL_READ) ) - { - $list[$id]['id' ] = $id; - $list[$id]['name'] = Text::maxLength( $o->name ,30); - $list[$id]['filename'] = Text::maxLength( $o->filename ,20); - $list[$id]['desc'] = Text::maxLength( $o->desc ,30); - if ( $list[$id]['desc'] == '' ) - $list[$id]['desc'] = lang('NO_DESCRIPTION_AVAILABLE'); - $list[$id]['desc'] = 'ID '.$id.' - '.$list[$id]['desc']; - - $list[$id]['type'] = $o->getType(); - - $list[$id]['icon'] = $o->getType(); - - if ( $o->getType() == 'file' ) - { - $file = new File( $id ); - $file->load(); - $list[$id]['desc'] .= ' - '.intval($file->size/1000).'kB'; - - if ( $file->isImage() ) - $list[$id]['icon'] = 'image'; - } - - $list[$id]['url' ] = Html::url($o->getType(),'',$id); - $list[$id]['date'] = $o->lastchangeDate; - $list[$id]['user'] = $o->lastchangeUser; - - if ( $last_objectid != 0 && $o->hasRight(ACL_WRITE) ) - { - $list[$id ]['upurl' ] = Html::url('folder','changesequence',0,array( - 'objectid1'=>$id, - 'objectid2'=>$last_objectid)); - $list[$last_objectid]['downurl' ] = $list[$id]['upurl']; - $list[$last_objectid]['bottomurl'] = Html::url('folder','setbottom',0,array( - 'objectid1'=>$last_objectid)); - $list[$id ]['topurl' ] = Html::url('folder','settop',0,array( - 'objectid1'=>$id)); - } - - $last_objectid = $id; - } - } - - $this->setTemplateVar('flip_url' ,Html::url('folder','reorder',0,array('type'=>'flip' )) ); - $this->setTemplateVar('orderbyname_url' ,Html::url('folder','reorder',0,array('type'=>'name' )) ); - $this->setTemplateVar('orderbytype_url' ,Html::url('folder','reorder',0,array('type'=>'type' )) ); - $this->setTemplateVar('orderbylastchange_url',Html::url('folder','reorder',0,array('type'=>'lastchange')) ); - $this->setTemplateVar('object' ,$list ); - $this->setTemplateVar('act_objectid',$this->folder->id); - $this->setTemplateVar('token',token() ); - } - - - - /** - * Eigenschaften anzeigen. - */ - public function propView() - { - $this->setTemplateVars( $this->folder->getProperties() ); - } - - /** - * Infos anzeigen. - */ - public function infoView() - { - $this->setTemplateVars( $this->folder->getProperties() ); - $this->setTemplateVar( 'full_filename',$this->folder->full_filename() ); - } - - - - /** - * Liefert die Struktur zu diesem Ordner: - * - Mit den übergeordneten Ordnern und - * - den in diesem Ordner enthaltenen Objekten - * - * Beispiel: - * <pre> - * - A - * - B - * - C (dieser Ordner) - * - Unterordner - * - Seite - * - Seite - * - Datei - * </pre> - */ - public function structureView() - { - - $structure = array(); - $tmp = &$structure; - $nr = 0; - - $parents = $this->folder->parentObjectNames(false,true); - - foreach( $parents as $id=>$name) - { - //Html::debug($name,"Name"); - - unset($children); - unset($o); - $children = array(); - $o = array('id'=>$id,'name'=>$name,'type'=>'folder','level'=>++$nr,'children'=>&$children); - - if ( $id == $this->folder->objectid) - $o['self'] = true; - - $tmp[$id] = &$o;; - - unset($tmp); - - $tmp = &$children; - } - - - $contents = $this->folder->getObjects(); - - unset($children); - unset($o); - - $children = array(); - foreach( $contents as $o ) - { - /* @var $o Object */ - $children[$o->objectid] = array('id'=>$o->objectid,'name'=>$o->name,'type'=>$o->getType()); - } - $tmp+= $children; - - //Html::debug($structure); - - $this->setTemplateVar('outline',$structure); - } - - - public function pubView() - { - // Schalter nur anzeigen, wenn sinnvoll - $this->setTemplateVar('files' ,count($this->folder->getFiles()) > 0 ); - $this->setTemplateVar('pages' ,count($this->folder->getPages()) > 0 ); - $this->setTemplateVar('subdirs',count($this->folder->getSubFolderIds()) > 0 ); - - //$this->setTemplateVar('clean' ,$this->folder->isRoot ); - // Gefaehrliche Option, da dies bestehende Dateien, die evtl. nicht zum CMS gehören, überschreibt. - // Daher deaktiviert. - $this->setTemplateVar('clean' ,false ); - } - - - public function pubPost() - { - if ( !$this->folder->hasRight( ACL_PUBLISH ) ) - die('no rights for publish'); - - $subdirs = ( $this->hasRequestVar('subdirs') ); - $pages = ( $this->hasRequestVar('pages' ) ); - $files = ( $this->hasRequestVar('files' ) ); - - Session::close(); - $publish = new Publish(); - - $this->folder->publish = &$publish; - $this->folder->publish( $pages,$files,$subdirs ); - $this->folder->publish->close(); - - $list = array(); - foreach( $publish->publishedObjects as $o ) - $list[] = $o['full_filename']; - - if ( !$publish->ok ) - $this->addNotice('folder',$this->folder->name,'PUBLISHED_ERROR',OR_NOTICE_ERROR,array(),$publish->log); - else - $this->addNotice('folder',$this->folder->name,'PUBLISHED',OR_NOTICE_OK,array(),$list); - - // Wenn gewuenscht, das Zielverzeichnis aufraeumen - if ( $this->hasRequestVar('clean') ) - $publish->clean(); - } - - - - public function checkMenu( $name ) - { - switch( $name) - { - case 'createfolder': - return !readonly() && $this->folder->hasRight(ACL_CREATE_FOLDER); - - case 'createfile': - return !readonly() && $this->folder->hasRight(ACL_CREATE_FILE); - - case 'createlink': - return !readonly() && $this->folder->hasRight(ACL_CREATE_LINK); - - case 'createpage': - return !readonly() && $this->folder->hasRight(ACL_CREATE_PAGE); - - case 'remove': - return !readonly() && count($this->folder->getObjectIds()) == 0; - - case 'select': - case 'order': - case 'aclform': - return !readonly(); - - default: - return true; - } - } -}- \ No newline at end of file diff --git a/action/GroupAction.class.php b/action/GroupAction.class.php @@ -1,321 +0,0 @@ -<?php - -namespace cms\action; - -use cms\model\Acl; -use cms\model\User; -use cms\model\Project; -use cms\model\Group; -use cms\model\Object; -use cms\model\Language; - -use \Html; -// OpenRat Content Management System -// Copyright (C) 2002-2012 Jan Dankert, cms@jandankert.de -// -// This program is free software; you can redistribute it and/or -// modify it under the terms of the GNU General Public License -// as published by the Free Software Foundation; either version 2 -// of the License, or (at your option) any later version. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License -// along with this program; if not, write to the Free Software -// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. - - -/** - * Action-Klasse zum Bearbeiten einer Benutzergruppe. - * - * @author $Author$ - * @version $Revision$ - * @package openrat.actions - */ - -class GroupAction extends Action -{ - public $security = SECURITY_ADMIN; - - private $group; - - - function __construct() - { - $this->group = new Group( $this->getRequestId() ); - $this->group->load(); - $this->setTemplateVar( 'groupid',$this->group->groupid ); - } - - - - function removePost() - { - if ( $this->hasRequestVar('confirm') ) - { - $this->group->delete(); - - $this->addNotice('group',$this->group->name,'DELETED',OR_NOTICE_OK); - } - else - { - $this->addNotice('group',$this->group->name,'NOTHING_DONE',OR_NOTICE_WARN); - } - } - - - - function removeView() - { - $this->setTemplateVars( $this->group->getProperties() ); - } - - - - function editPost() - { - if ( $this->getRequestVar('name') != '' ) - { - $this->group->name = $this->getRequestVar('name'); - - $this->group->save(); - - $this->addNotice('group',$this->group->name,'SAVED','ok'); - } - else - { - $this->addValidationError('name'); - $this->callSubAction('edit'); - } - } - - - function adduser() - { - $this->setTemplateVar('users',$this->group->getOtherUsers()); - } - - - /** - * Benutzer zur Gruppe hinzuf�gen.<br> - * Es kann eine Liste oder eine einzelne Person zur Gruppe hinzugef�gt werden. - */ - function addusertogroup() - { - $userid = $this->getRequestVar('userid'); - - if ( is_array($userid)) - { - // Im Request steht eine Liste von User-Ids. - foreach( $userid as $uid ) - { - $this->group->addUser( $uid ); - } - $this->addNotice('group',$this->group->name,'USER_ADDED_TO_GROUP',OR_NOTICE_OK,array('count'=>count($userid))); - } - elseif( intval($userid) > 0 ) - { - // Nur 1 Benutzer hinzuf�gen. - $this->group->addUser( intval($userid) ); - $this->addNotice('group',$this->group->name,'USER_ADDED_TO_GROUP',OK_NOTICE_OK,array('count'=>'1')); - } - else - { - // Es wurde kein Benutzer ausgew�hlt. - $this->addNotice('group',$this->group->name,'NOTHING_DONE',OR_NOTICE_WARN); - } - } - - - - /** - * Einen Benutzer aus der Gruppe entfernen. - */ - function deluser() - { - $this->group->delUser( intval($this->getRequestVar('userid')) ); - - $this->addNotice('group',$this->group->name,'DELETED',OR_NOTICE_OK); - } - - - - /** - * Liste aller Gruppen. - */ - function listingView() - { - $list = array(); - - foreach( Group::getAll() as $id=>$name ) - { - $list[$id] = array(); - $list[$id]['url' ] = Html::url('main','group',$id,array(REQ_PARAM_TARGETSUBACTION=>'edit')); - $list[$id]['name'] = $name; - } - - $this->setTemplateVar('el', $list); - } - - - function editView() - { - $this->setTemplateVars( $this->group->getProperties() ); - } - - - - - - - /** - * Liste aller Benutzer in dieser Gruppe. - * - */ - function membershipsView() - { - // Mitgliedschaften ermitteln - // - $userliste = array(); - - $allUsers = User::listAll(); - - $actualGroupUsers = $this->group->getUsers(); - - foreach( $allUsers as $id=>$name ) - { - $hasUser = array_key_exists($id,$actualGroupUsers); - $varName = 'user'.$id; - $userliste[$id] = array('name' => $name, - 'id' => $id, - 'var' => $varName, - 'member' => $hasUser - ); - $this->setTemplateVar($varName,$hasUser); - } - $this->setTemplateVar('memberships',$userliste); - - global $conf; - if ($conf['security']['authorize']['type']=='ldap') - $this->addNotice('group',$this->group->name,'GROUPS_MAY_CONFLICT_WITH_LDAP',OR_NOTICE_WARN); - } - - - function membershipsPost() - { - $allUsers = User::listAll(); - $groupUsers = $this->group->getUsers(); - - foreach( $allUsers as $id=>$name ) - { - $hasUser = array_key_exists($id,$groupUsers); - - if ( !$hasUser && $this->hasRequestVar('user'.$id) ) - { - $this->group->addUser($id); - $this->addNotice('user',$name,'ADDED'); - } - - if ( $hasUser && !$this->hasRequestVar('user'.$id) ) - { - $this->group->delUser($id); - $this->addNotice('user',$name,'DELETED'); - } - } - } - - - - - - /** - * Anzeigen der Benutzerrechte - */ - function rightsView() - { - $rights = $this->group->getAllAcls(); - - $projects = array(); - - foreach( $rights as $acl ) - { - if ( !isset($projects[$acl->projectid])) - { - $projects[$acl->projectid] = array(); - $p = new Project($acl->projectid); - $p->load(); - $projects[$acl->projectid]['projectname'] = $p->name; - $projects[$acl->projectid]['rights' ] = array(); - } - - $right = array(); - - if ( $acl->languageid > 0 ) - { - $language = new Language($acl->languageid); - $language->load(); - $right['languagename'] = $language->name; - } - else - { - $right['languagename'] = lang('ALL_LANGUAGES'); - } - - - $o = new Object($acl->objectid); - $o->objectLoad(); - $right['objectname'] = $o->name; - $right['objectid' ] = $o->objectid; - $right['objecttype'] = $o->getType(); - - if ( $acl->groupid > 0 ) - { - $group = new Group($acl->groupid); - $group->load(); - $right['groupname'] = $group->name; - } - else - { - // Berechtigung f�r "alle". - } - - $right['bits'] = $acl->getProperties(); - - $projects[$acl->projectid]['rights'][] = $right; - } - - $this->setTemplateVar('projects' ,$projects ); - - $this->setTemplateVar('show',Acl::getAvailableRights() ); - } - - - - /** - * Men�. - * - * @param String $menu Men�eintrag. - * @return boolean TRUE, wenn Men�eintrag aktiv ist. - */ - function checkMenu( $menu ) - { - switch( $menu ) - { - case 'remove': - case 'add': - return !readonly(); - - case 'users': - return true; - case 'adduser': - // Benutzer k�nnen nur hinzugef�gt werden, wenn noch nicht alle - // in der Gruppe sind. - return !readonly() && count($this->group->getOtherUsers()) > 0; - default: - return true; - } - } -}- \ No newline at end of file diff --git a/action/GrouplistAction.class.php b/action/GrouplistAction.class.php @@ -1,91 +0,0 @@ -<?php - -namespace cms\action; - -use cms\model\Group; -// OpenRat Content Management System -// Copyright (C) 2002-2012 Jan Dankert, cms@jandankert.de -// -// This program is free software; you can redistribute it and/or -// modify it under the terms of the GNU General Public License -// as published by the Free Software Foundation; either version 2 -// of the License, or (at your option) any later version. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License -// along with this program; if not, write to the Free Software -// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. - - -/** - * Action-Klasse zum Bearbeiten einer Benutzergruppe. - * - * @author $Author$ - * @version $Revision$ - * @package openrat.actions - */ - -class GrouplistAction extends Action -{ - public $security = SECURITY_ADMIN; - - function __construct() - { - } - - - /** - * Liste aller Gruppen. - */ - function showView() - { - $list = array(); - - foreach( Group::getAll() as $id=>$name ) - { - $list[$id] = array(); - $list[$id]['id' ] = $id; - $list[$id]['name'] = $name; - } - - $this->setTemplateVar('el', $list); - } - - - function editView() - { - $this->nextSubAction('show'); - } - - - - function addView() - { - } - - - function addPost() - { - if ( $this->getRequestVar('name') != '') - { - $this->group = new Group(); - $this->group->name = $this->getRequestVar('name'); - $this->group->add(); - $this->addNotice('group',$this->group->name,'ADDED','ok'); - $this->callSubAction('listing'); - } - else - { - $this->addValidationError('name'); - $this->callSubAction('add'); - } - } - - - - -}- \ No newline at end of file diff --git a/action/IndexAction.class.php b/action/IndexAction.class.php @@ -1,393 +0,0 @@ -<?php - -namespace cms\action; - -use \Auth; -use cms\model\User; -use Exception; -use JSqueeze; -use Less_Parser; -use Logger; -use ObjectNotFoundException; -use Session; - - -// OpenRat Content Management System -// Copyright (C) 2002-2012 Jan Dankert, cms@jandankert.de -// -// This program is free software; you can redistribute it and/or -// modify it under the terms of the GNU General Public License -// as published by the Free Software Foundation; version 2. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License -// along with this program; if not, write to the Free Software -// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. - -/** - * Action-Klasse fuer die Anzeige der Hauptseite. - * - * @author Jan Dankert - * @package openrat.actions - */ -class IndexAction extends Action -{ - public $security = SECURITY_GUEST; - - - private $perspective; - - /** - * Konstruktor - */ - function __construct() - { - $this->perspective = Session::get('perspective'); - - if ( !empty($this->perspective)) - $this->lastModified( config('config','last_modification_time') ); - } - - - public function showView() - { - global $conf; - - // Schauen, ob eine Perspektive existiert. - if ( empty($this->perspective) ) - { - // Da keine Perspektive existiert, handelt es sich wohl um den - // ersten Aufruf in dieser Sitzung. - - // Versuchen, einen Benutzernamen zu ermitteln, der im Eingabeformular vorausgewählt wird. - $modules = explode(',',$conf['security']['modules']['autologin']); - - $username = ''; - foreach( $modules as $module) - { - Logger::debug('Auto-Login module: '.$module); - $moduleClass = $module.'Auth'; - $auth = new $moduleClass; - $username = $auth->username(); - - if ( !empty($username) ) - { - Logger::debug('Auto-Login for User '.$username); - break; // Benutzername gefunden. - } - } - - if ( !empty( $username ) ) - { - try - { - $user = User::loadWithName( $username ); - Session::setUser($user); - Logger::info('auto-login for user '.$username); - $this->setPerspective('start'); - } - catch( ObjectNotFoundException $e ) - { - Logger::warn('Username for autologin does not exist: '.$username); - $this->setPerspective('login'); - } - } - else - { - // Kein Auto-Login moeglich, die Anmeldemaske anzeigen. - $this->setPerspective('login'); - } - } - - // Theme für den angemeldeten Benuter ermitteln, dieser wird für - // den Link auf die CSS-Datei benoetigt. - $user = Session::getUser(); - if ( is_object($user) ) - $style = $user->style; - else - $style = config('interface','style','default'); - - $jsFiles = $this->getJSFiles(); - $cssFiles = $this->getCSSFiles(); - $themeCss = $this->getThemeCSS(); - - // HTML-Datei direkt einbinden. - require('themes/default/layout/index.php'); - exit; - } - - - private function getCSSFiles() - { - $productionCSSFile = OR_THEMES_DIR . 'default/production/combined.min.css'; - - if (PRODUCTION) - { - return array( - $productionCSSFile - ); - } - - $outFiles = array(); - - $css = array(); - $css[] = OR_THEMES_EXT_DIR . 'default/css/openrat-ui'; - $css[] = OR_THEMES_EXT_DIR . 'default/css/openrat-workbench'; - - // Komponentenbasiertes CSS - $elements = parse_ini_file(OR_THEMES_DIR . config('interface', 'theme') . '/include/elements.ini.' . PHP_EXT); - - foreach (array_keys($elements) as $c) - { - $componentCssFile = OR_MODULES_DIR . 'template-engine/components/html/' . $c . '/' . $c; - if (is_file($componentCssFile . '.less')) - $css[] = $componentCssFile; - } - - $modified = false; - foreach ($css as $cssF) - { - $lessFile = $cssF . '.less'; - $cssFile = $cssF . '.css'; - $cssMinFile = $cssF . '.min.css'; - - if (! is_file($lessFile)) - { - Logger::warn("Stylesheet not found: $lessFile"); - continue; - } - elseif (! is_file($cssFile) || ! is_writable($cssFile)) - { - Logger::warn("Stylesheet output file not found or not writable: $cssFile"); - continue; - } - elseif (! is_file($cssMinFile) || ! is_writable($cssMinFile)) - { - Logger::warn("Stylesheet output file not found or not writable: $cssMinFile"); - continue; - } - else - { - if (filemtime($lessFile) > filemtime($cssMinFile)) - { - // LESS-Source wurde geändert, CSS-Version muss aktualisiert werden. - $modified = true; - - // Den absoluten Pfad zur LESS-Datei ermitteln. Dieser wird vom LESS-Parser für den korrekten Link - // auf die LESS-Datei in der Sourcemap benötigt. - $pfx = substr(realpath($lessFile),0,0-strlen(basename($lessFile))); - - $parser = new Less_Parser(array( - 'sourceMap' => true, - 'indentation' => ' ', - 'outputSourceFiles' => false, - 'sourceMapBasepath' => $pfx - )); - - - $parser->parseFile( ltrim($lessFile,'./') ); - $source = $parser->getCss(); - - file_put_contents($cssFile, $source); - - $parser = new Less_Parser(array( - 'compress' => true, - 'sourceMap' => false, - 'indentation' => '' - )); - $parser->parseFile($lessFile); - $source = $parser->getCss(); - - - file_put_contents($cssMinFile, $source); - } - - $outFiles[] = $cssFile; - } - } - - if ($modified) - { - if ( !is_writable($productionCSSFile)) - { - Logger::warn('not writable: '.$productionCSSFile); - } - else - { - file_put_contents($productionCSSFile,''); - foreach ($css as $cssF) - { - $cssMinFile = $cssF . '.min.css'; - if ( is_file($cssMinFile)) - file_put_contents($productionCSSFile,file_get_contents($cssMinFile),FILE_APPEND); - } - } - } - - return $outFiles; - } - - - - private function getThemeCSS() - { - // Je Theme die Theme-CSS-Datei ausgeben. - $lessFile = OR_THEMES_EXT_DIR . 'default/css/openrat-theme.less'; - $css = ''; - - - foreach (array_keys(config('style')) as $styleId) - { - try - { - $parser = new Less_Parser(array( - 'sourceMap' => DEVELOPMENT, - 'indentation' => ' ', - 'outputSourceFiles' => false - )); - $parser->parseFile($lessFile,basename($lessFile)); - - $styleConfig = config('style-default') + config('style', $styleId); - $lessVars = array( - 'cms-theme-id' => strtolower($styleId), - 'cms-image-path' => 'themes/default/images/' - ); - - foreach ($styleConfig as $styleSetting => $value) - $lessVars['cms-' . strtolower(strtr($styleSetting, '_', '-'))] = $value; - $parser->modifyVars($lessVars); - $css .= $parser->getCss(); - } - catch (Exception $e) - { - $css .= "\n\n/* WARNING!\n LESS Parser failed on file '$lessFile'. Reason: " . $e->__toString() . " */\n\n"; - } - } - - if (PRODUCTION) - { - return $css; // Should we minify here? Bandwidth vs. cpu-load. - } - else - { - return $css; - } - } - - - - private function getJSFiles() - { - $productionJSFile = OR_THEMES_DIR . 'default/production/combined.min.js'; - - if (PRODUCTION) - { - return array( - $productionJSFile - ); - } - else - { - $js = array(); - $js[] = OR_THEMES_EXT_DIR . 'default/js/jquery-1.12.4'; - $js[] = OR_THEMES_EXT_DIR . 'default/js/jquery-ui/js/jquery-ui-1.8.16.custom'; - $js[] = OR_THEMES_EXT_DIR . 'default/js/jquery.scrollTo'; - // $js[] = OR_THEMES_EXT_DIR default/js/jquery.mjs.nestedSortable.js"></script> - - // Jquery-Plugins - $js[] = OR_THEMES_EXT_DIR . 'default/js/plugin/jquery-plugin-orHint'; - $js[] = OR_THEMES_EXT_DIR . 'default/js/plugin/jquery-plugin-orSearch'; - $js[] = OR_THEMES_EXT_DIR . 'default/js/plugin/jquery-plugin-orLinkify'; - $js[] = OR_THEMES_EXT_DIR . 'default/js/plugin/jquery-plugin-orTree'; - $js[] = OR_THEMES_EXT_DIR . 'default/js/plugin/jquery-plugin-orLoadView'; - $js[] = OR_THEMES_EXT_DIR . 'default/js/plugin/jquery-plugin-orAutoheight'; - $js[] = OR_THEMES_EXT_DIR . 'default/js/plugin/jquery-plugin-svg'; - $js[] = OR_THEMES_EXT_DIR . 'default/js/jquery-qrcode'; - // OpenRat internal JS - $js[] = OR_THEMES_EXT_DIR . 'default/js/openrat'; - $js[] = OR_THEMES_EXT_DIR . '../editor/markitup/markitup/jquery.markitup'; - $js[] = OR_THEMES_EXT_DIR . '../editor/editor/ckeditor'; - $js[] = OR_THEMES_EXT_DIR . '../editor/ace/src-min-noconflict/ace'; - $js[] = OR_THEMES_EXT_DIR . '../editor/editor/adapters/jquery'; - - // Komponentenbasiertes Javascript - $elements = parse_ini_file(OR_THEMES_DIR . config('interface', 'theme') . '/include/elements.ini.' . PHP_EXT); - - foreach (array_keys($elements) as $c) - { - $componentJsFile = OR_MODULES_DIR . '/template-engine/components/html/' . $c . '/' . $c; - if (is_file($componentJsFile . '.js')) - $js[] = $componentJsFile; - } - - $outDevJsFiles = array(); - $outProJsFiles = array(); - $lastModTime = 0; - - foreach ($js as $jsFile) - { - $jsFileMin = $jsFile . '.min.js'; - $jsFileNormal = $jsFile . '.js'; - - if (!is_file($jsFileNormal) && !is_file($jsFileMin)) - { - Logger::warn("No Javascript file found for $jsFile"); - continue; - } - elseif (is_file($jsFileNormal) && !is_file($jsFileMin)) - { - Logger::warn("No Min-Javascript file found for $jsFile"); - continue; - } - elseif (!is_file($jsFileNormal) && is_file($jsFileMin)) - { - // Nur eine Min-Version existiert. Das ist ok. - $outDevJsFiles[] = $jsFileMin; - $outProJsFiles[] = $jsFileMin; - $modTime = filemtime($jsFileMin); - } - else - { - if ( filemtime($jsFileNormal) > filemtime($jsFileMin) ) - { - if ( is_writable( $jsFileMin)) - $jz = new JSqueeze(); - file_put_contents( $jsFileMin, $jz->squeeze(file_get_contents($jsFileNormal))); - $modTime = time(); - } - else - { - $modTime = filemtime($jsFileMin); - } - $outDevJsFiles[] = $jsFileNormal; - $outProJsFiles[] = $jsFileMin; - } - $lastModTime = max($lastModTime, $modTime); - } - - if ($lastModTime > filemtime($productionJSFile)) - { - if (! is_writable($productionJSFile)) - { - Logger::warn("Not writable: " . $productionJSFile); - } - else - { - file_put_contents($productionJSFile, ''); - foreach ($outProJsFiles as $srcFile) - file_put_contents($productionJSFile, file_get_contents($srcFile), FILE_APPEND); - } - } - } - - return $outDevJsFiles; - } - - - -} -?>- \ No newline at end of file diff --git a/action/LanguageAction.class.php b/action/LanguageAction.class.php @@ -1,275 +0,0 @@ -<?php - -namespace cms\action; - -use cms\model\Language; -use Session; -use \Html; -// OpenRat Content Management System -// Copyright (C) 2002-2012 Jan Dankert, cms@jandankert.de -// -// This program is free software; you can redistribute it and/or -// modify it under the terms of the GNU General Public License -// as published by the Free Software Foundation; either version 2 -// of the License, or (at your option) any later version. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License -// along with this program; if not, write to the Free Software -// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. - - -/** - * Action-Klasse f?r die Bearbeitung einer Sprache - * @version $Id$ - * @author $Author$ - * @package openrat.actions - */ -class LanguageAction extends Action -{ - public $security = SECURITY_USER; - - var $defaultSubAction = 'listing'; - - /** - * Zu bearbeitende Sprache, wird im Kontruktor instanziiert - * @type Language - */ - var $language; - var $project; - - - /** - * Konstruktor - */ - function __construct() - { - $this->language = new Language( $this->getRequestId() ); - $this->language->load(); - - $this->project = Session::getProject(); - } - - - /** - * Setzen der Sprache als Standardsprache. - * Diese Sprache wird benutzt beim Ausw?hlen des Projektes sowie - * als Default-Sprache bei mehrsprachigen Webseiten ("content-negotiation") - */ - function setdefaultPost() - { - $this->language->setDefault(); - } - - - - /** - * Anzeigen der L�schbest�tigungs-Maske. - */ - function removeView() - { - $this->setTemplateVar('name' ,$this->language->name ); - } - - - /** - * L�schen der Sprache. - */ - function removePost() - { - if ( $this->getRequestVar('confirm') == '1' ) - $this->language->delete(); - } - - - function propView() - { - $this->nextSubAction('advanced'); - } - - /** - * Speichern der Sprache - */ - function advancedPost() - { - global $conf; - - if ( $this->hasRequestVar('name') ) - { - $this->language->name = $this->getRequestVar('name' ); - $this->language->isoCode = $this->getRequestVar('isocode'); - } - else - { - $countryList = $conf['countries']; - $iso = $this->getRequestVar('isocode'); - $this->language->name = $countryList[$iso]; - $this->language->isoCode = strtolower( $iso ); - } - - $this->language->save(); - } - - - - /** - * Speichern der Sprache - */ - function editPost() - { - global $conf; - - if ( $this->hasRequestVar('name') ) - { - $this->language->name = $this->getRequestVar('name' ); - $this->language->isoCode = $this->getRequestVar('isocode'); - } - else - { - $countryList = $conf['countries']; - $iso = $this->getRequestVar('isocode'); - $this->language->name = $countryList[$iso]; - $this->language->isoCode = strtolower( $iso ); - } - - $this->language->save(); - } - - - - function listingView() - { - global $conf; - $countryList = $conf['countries']; - - $list = array(); - - $actLanguage = Session::getProjectLanguage(); - $this->setTemplateVar('act_languageid',$actLanguage->languageid); - - foreach( $this->project->getLanguageIds() as $id ) - { - $l = new Language( $id ); - $l->load(); - - unset( $countryList[strtoupper($l->isoCode)] ); - - $list[$id] = array(); - $list[$id]['name' ] = $l->name; - $list[$id]['isocode'] = $l->isoCode; - - if ( $this->userIsAdmin() ) - { - $list[$id]['url' ] = Html::url('language','edit',$id, - array() ); - - if ( ! $l->isDefault ) - $list[$id]['default_url'] = Html::url( 'language','setdefault',$id ); - } - - if ( $actLanguage->languageid != $l->languageid ) - $list[$id]['select_url'] = Html::url( 'index','language',$id ); - } - -// if ( $this->userIsAdmin() ) -// { -// asort($countryList); -// $this->setTemplateVar('isocodes',$countryList); -// } - - $this->setTemplateVar('el',$list); - } - - - - function editView() - { - global $conf; - $countryList = $conf['countries']; - - foreach( $this->project->getLanguageIds() as $id ) - { - if ( $id == $this->language->languageid ) - continue; - - $l = new Language( $id ); - $l->load(); - - unset( $countryList[$l->isoCode] ); - } - - asort( $countryList ); - $this->setTemplateVar('isocodes' ,$countryList ); - $this->setTemplateVar('isocode' ,strtoupper($this->language->isoCode) ); - } - - - - function advancedView() - { - $this->setTemplateVar('isocode',$this->language->isoCode); - $this->setTemplateVar('name' ,$this->language->name ); - } - - - - - - function checkmenu( $menu ) - { - switch( $menu ) - { - case 'remove': - $actLanguage = Session::getProjectLanguage(); - return - !readonly() && - $this->userIsAdmin() && - isset($this->language) && - count( $this->language->getAll() ) >= 2 && - $actLanguage->languageid != $this->language->languageid; - - case 'add': - return - !readonly() && $this->userIsAdmin(); - - default: - return true; - } - } - - - /** - * Liefert die Struktur zu diesem Ordner: - * - Mit den übergeordneten Ordnern und - * - den in diesem Ordner enthaltenen Objekten - * - * Beispiel: - * <pre> - * - A - * - B - * - C (dieser Ordner) - * - Unterordner - * - Seite - * - Seite - * - Datei - * </pre> - */ - public function structureView() - { - $structure = array(); - $languagelistChildren = array(); - - $structure[0] = array('id'=>'0','name'=>lang('LANGUAGES'),'type'=>'languagelist','level'=>1,'children'=>&$languagelistChildren); - - $languagelistChildren[ $this->language->languageid ] = array('id'=>$this->language->languageid,'name'=>$this->language->name,'type'=>'language','self'=>true); - - - //Html::debug($structure); - - $this->setTemplateVar('outline',$structure); - } -}- \ No newline at end of file diff --git a/action/LanguagelistAction.class.php b/action/LanguagelistAction.class.php @@ -1,148 +0,0 @@ -<?php - -namespace cms\action; - -use cms\model\Language; - - - -use Session; -use \Html; - -// OpenRat Content Management System -// Copyright (C) 2002-2012 Jan Dankert, cms@jandankert.de -// -// This program is free software; you can redistribute it and/or -// modify it under the terms of the GNU General Public License -// as published by the Free Software Foundation; either version 2 -// of the License, or (at your option) any later version. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License -// along with this program; if not, write to the Free Software -// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. - - -/** - * Action-Klasse f?r die Bearbeitung einer Sprache - * @version $Id$ - * @author $Author$ - * @package openrat.actions - */ -class LanguagelistAction extends Action -{ - public $security = SECURITY_USER; - - - /** - * Konstruktor - */ - function __construct() - { - $this->project = Session::getProject(); - } - - - - function showView() - { - global $conf; - $countryList = $conf['countries']; - - $list = array(); - - $actLanguage = Session::getProjectLanguage(); - $this->setTemplateVar('act_languageid',$actLanguage->languageid); - - foreach( $this->project->getLanguageIds() as $id ) - { - $l = new Language( $id ); - $l->load(); - - unset( $countryList[strtoupper($l->isoCode)] ); - - $list[$id] = array(); - $list[$id]['name' ] = $l->name; - $list[$id]['isocode'] = $l->isoCode; - - if ( $this->userIsAdmin() ) - { - $list[$id]['id' ] = $id; - - if ( ! $l->isDefault ) - $list[$id]['default_url'] = Html::url( 'language','setdefault',$id ); - } - - if ( $actLanguage->languageid != $l->languageid ) - $list[$id]['select_url'] = Html::url( 'index','language',$id ); - } - -// if ( $this->userIsAdmin() ) -// { -// asort($countryList); -// $this->setTemplateVar('isocodes',$countryList); -// } - - $this->setTemplateVar('el',$list); - } - - - - function editView() - { - $this->nextSubAction('show'); - } - - - - - /** - * Sprache hinzufuegen - */ - function addView() - { - global $conf; - $countryList = $conf['countries']; - - $language = Session::getProjectLanguage(); - - foreach( $this->project->getLanguageIds() as $id ) - { - - if ( $id == $language->languageid ) - continue; - - $l = new Language( $id ); - $l->load(); - - unset( $countryList[$l->isoCode] ); - } - - asort( $countryList ); - $this->setTemplateVar('isocodes' ,$countryList ); - $this->setTemplateVar('isocode' ,'' ); - } - - - function addPost() - { - global $conf; - $countryList = $conf['countries']; - - // Hinzufuegen einer Sprache - $iso = $this->getRequestVar('isocode'); - $language = new Language(); - $language->projectid = $this->project->projectid; - $language->isoCode = $iso; - $language->name = $countryList[$iso]; - $language->add(); - - $this->addNotice('language',$language->name,'ADDED','ok'); - } - - -}- \ No newline at end of file diff --git a/action/LinkAction.class.php b/action/LinkAction.class.php @@ -1,191 +0,0 @@ -<?php - -namespace cms\action; - -use cms\model\Folder; -use cms\model\Link; - - - - - -use Session; - -// OpenRat Content Management System -// Copyright (C) 2002-2012 Jan Dankert, cms@jandankert.de -// -// This program is free software; you can redistribute it and/or -// modify it under the terms of the GNU General Public License -// as published by the Free Software Foundation; either version 2 -// of the License, or (at your option) any later version. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License -// along with this program; if not, write to the Free Software -// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. - - -/** - * Action-Klasse f?r Verkn?pfungen - * @version $Id$ - * @author $Author$ - * @package openrat.actions - */ -class LinkAction extends ObjectAction -{ - public $security = SECURITY_USER; - - private $link; - - /** - * Konstruktor - */ - function __construct() - { - $this->link = new Link( $this->getRequestId() ); - $this->link->load(); - } - - - - function remove() - { - $this->setTemplateVars( $this->link->getProperties() ); - } - - - - function delete() - { - if ( $this->hasRequestVar("delete") ) - { - $this->link->delete(); - $this->addNotice('link',$this->link->name,'DELETED'); - } - } - - - - /** - * Abspeichern der Eigenschaften - */ - function propPost() - { - // Wenn Name gefuellt, dann Datenbank-Update - if ( $this->getRequestVar('name') != '' ) - { - // Eigenschaften speichern - $this->link->name = $this->getRequestVar('name' ,'full'); - $this->link->desc = $this->getRequestVar('description','full'); - - $this->link->save(); - $this->link->setTimestamp(); - Session::setObject( $this->link ); - } - } - - - /** - * Abspeichern der Eigenschaften - */ - function editPost() - { - $this->link->linkedObjectId = $this->getRequestVar('targetobjectid'); - - $this->link->save(); - $this->link->setTimestamp(); - Session::setObject( $this->link ); - - $this->addNotice('link',$this->link->name,'SAVED',OR_NOTICE_OK); - } - - - - public function editView() - { - $this->setTemplateVars( $this->link->getProperties() ); - - // Typ der Verknuepfung - $this->setTemplateVar('type' ,$this->link->getType() ); - $this->setTemplateVar('targetobjectid' ,$this->link->linkedObjectId); - $this->setTemplateVar('targetobjectname',$this->link->name ); - } - - - - function propView() - { - $this->setTemplateVars( $this->link->getProperties() ); - $this->setTemplateVar('act_linkobjectid',$this->link->linkedObjectId); - } - - - - function infoView() - { - $this->setTemplateVars( $this->link->getProperties() ); - } - - - /** - * Liefert die Struktur zu diesem Ordner: - * - Mit den übergeordneten Ordnern und - * - den in diesem Ordner enthaltenen Objekten - * - * Beispiel: - * <pre> - * - A - * - B - * - C (dieser Ordner) - * - Unterordner - * - Seite - * - Seite - * - Datei - * </pre> - */ - public function structureView() - { - - $structure = array(); - $tmp = &$structure; - $nr = 0; - - $folder = new Folder( $this->link->parentid ); - $parents = $folder->parentObjectNames(false,true); - - foreach( $parents as $id=>$name) - { - unset($children); - unset($o); - $children = array(); - $o = array('id'=>$id,'name'=>$name,'type'=>'folder','level'=>++$nr,'children'=>&$children); - - $tmp[$id] = &$o;; - - unset($tmp); - - $tmp = &$children; - } - - - - unset($children); - unset($id); - unset($name); - - $elementChildren = array(); - - $tmp[ $this->link->objectid ] = array('id'=>$this->link->objectid,'name'=>$this->link->name,'type'=>'link','self'=>true,'children'=>&$elementChildren); - - // - //$elementChildren[$id] = array('id'=>$this->page->objectid.'_'.$id,'name'=>$name,'type'=>'pageelement','children'=>array() ); - - //Html::debug($structure); - - $this->setTemplateVar('outline',$structure); - } -}- \ No newline at end of file diff --git a/action/LoginAction.class.php b/action/LoginAction.class.php @@ -1,2187 +0,0 @@ -<?php - -namespace cms\action; - - -use cms\model\User; -use cms\model\Project; -use cms\model\Group; -use cms\model\Value; -use cms\model\Element; -use cms\model\Page; -use cms\model\Object; -use cms\model\Language; -use cms\model\Model; - - -use \database\Database; -use \DB; -use \DbUpdate; -use \Exception; -use \Http; -use \InternalAuth; -use \Logger; -use \ObjectNotFoundException; -use \OpenRatException; -use \security\Password; -use \Session; -use \Html; -use \Mail; -use \Text; - - -// OpenRat Content Management System -// Copyright (C) 2002-2007 Jan Dankert, jandankert@jandankert.de -// -// This program is free software; you can redistribute it and/or -// modify it under the terms of the GNU General Public License -// as published by the Free Software Foundation; version 2. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License -// along with this program; if not, write to the Free Software -// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. - - -define('PROJECTID_ADMIN',-1); - -/** - * Action-Klasse fuer die Start-Action - * @author $Author$ - * @version $Revision$ - * @package openrat.actions - */ - -class LoginAction extends Action -{ - public $security = SECURITY_GUEST; - - - /** - * Eine Datenbankverbindugn wird aufgebaut und initalisiert. - * - * @param $dbid Datenbank-Id - * @throws OpenRatException - */ - private function setDb( $dbid ) - { - global $conf; - - if ( !isset($conf['database'][$dbid] )) - Http::serverError( 'unknown DB-Id: '.$dbid ); - - $db = db_connection(); - if ( is_object($db) ) - $db->rollback(); - - try - { - $db = new Database( $conf['database'][$dbid] ); - $db->id = $dbid; - $db->start(); // Transaktion starten. - Session::setDatabase( $db ); - }catch(\Exception $e) - { - throw new OpenRatException('DATABASE_ERROR_CONNECTION',$e->getMessage() ); - } - } - - - /** - * Prueft, ob der Parameter 'dbid' übergeben wurde. - * @throws OpenRatException - */ - function checkForDb() - { - global $conf; - $dbid = $this->getRequestVar('dbid'); - - if ( $dbid != '' ) - $this->setDb( $dbid ); - } - - - /** - * @throws OpenRatException - */ - function setDefaultDb() - { - if ( $this->hasRequestVar(REQ_PARAM_DATABASE_ID) ) - { - $dbid = $this->getRequestVar(REQ_PARAM_DATABASE_ID); - } - else - { - global $conf; - - if ( !isset($conf['database']['default']) ) - Http::serverError('default-database not set'); - - $dbid = $conf['database']['default']; - } - - $this->setDb( $dbid ); - } - - - /** - * Führt ein Login durch. - * @param $name string Benutzername - * @param $pw string Password - * @param $pw1 string new Password - * @param $pw2 string new Password repeated - * @return bool - * @throws ObjectNotFoundException - */ - private function checkLogin($name, $pw, $pw1, $pw2 ) - { - Logger::debug( "Login user: '$name'.'" ); - - global $conf; - global $SESS; - - unset( $SESS['user'] ); - - - $db = db_connection(); - - if ( !is_object($db) ) - { - $this->addNotice('database','','DATABASE_CONNECTION_ERROR',OR_NOTICE_ERROR,array(),array('no connection')); - //$this->callSubAction('showlogin'); - return false; - } - - if ( !$db->available ) - { - $this->addNotice('database',$db->conf['description'],'DATABASE_CONNECTION_ERROR',OR_NOTICE_ERROR,array(),array('Database Error: '.$db->error)); - //$this->callSubAction('showlogin'); - return false; - } - - $ip = getenv("REMOTE_ADDR"); - - $user = new User(); - $user->name = $name; - - $ok = $user->checkPassword( $pw ); - - $mustChangePassword = $user->mustChangePassword; - - if ( $mustChangePassword ) - { - // Der Benutzer hat zwar ein richtiges Kennwort eingegeben, aber dieses ist abgelaufen. - // Wir versuchen hier, das neue zu setzen (sofern eingegeben). - if ( empty($pw1) ) - { - } - elseif ( $pw1 != $pw2 ) - { - $this->addValidationError('password1','PASSWORDS_DO_NOT_MATCH'); - $this->addValidationError('password2',''); - } - elseif ( strlen($pw2) < $conf['security']['password']['min_length'] ) - { - $this->addValidationError('password1','PASSWORD_MINLENGTH',array('minlength'=>$conf['security']['password']['min_length'])); - $this->addValidationError('password2',''); - } - else - { - // Kennw?rter identisch und lang genug. - $user->setPassword( $pw1,true ); - - // Das neue Kennwort ist gesetzt, die Anmeldung ist also doch noch gelungen. - $ok = true; - $mustChangePassword = false; - - $pw = $pw1; - } - } - - // Falls Login erfolgreich - if ( $ok ) - { - // Login war erfolgreich! - $user->load(); - $user->setCurrent(); - - if ($user->passwordAlgo != Password::bestAlgoAvailable() ) - // Re-Hash the password with a better hash algo. - $user->setPassword($pw); - - - Logger::info( "login successful for {$user->name} from IP $ip" ); - - return true; - } - else - { - Logger::info( "login failed for user {$user->name} from IP $ip" ); - - return false; - } - } - - - /** - * Anzeigen der Loginmaske. - * - * Es wird nur die Loginmaske angezeigt. - * @throws OpenRatException - */ - function loginView() - { - // Hier nie "304 not modified" setzen, da sonst keine - // Login-Fehlermeldung erscheinen kann. - global $conf; - - $sso = $conf['security']['sso']; - $ssl = $conf['security']['ssl']; - - $ssl_trust = false; - $ssl_user_var = ''; - extract( $ssl, EXTR_PREFIX_ALL, 'ssl' ); - - if ( $sso['enable'] ) - { - $authid = $this->getRequestVar( $sso['auth_param_name']); - - if ( empty( $authid) ) - Http::notAuthorized( 'no authorization data (no auth-id)'); - - if ( $sso['auth_param_serialized'] ) - $authid = unserialize( $authid ); - - $purl = parse_url($sso['url']); - // Verbindung zu URL herstellen. - $errno=0; $errstr=''; - $fp = fsockopen ($purl['host'],80, $errno, $errstr, 30); - if ( !$fp ) - { - echo "Connection failed: $errstr ($errno)"; - } - else - { - $http_get = $purl['path']; - if ( !empty($purl['query']) ) - $http_get .= '?'.$purl['query']; - - $header = array(); - - $header[] = "GET $http_get HTTP/1.0"; - $header[] ="Host: ".$purl['host']; - $header[] = "User-Agent: Mozilla/5.0 (OpenRat CMS Single Sign-on Check)"; - $header[] = "Connection: Close"; - - if ( $sso['cookie'] ) - { - $cookie = 'Cookie: '; - if ( is_array($authid)) - foreach( $authid as $cookiename=>$cookievalue) - $cookie .= $cookiename.'='.$cookievalue."; "; - else - $cookie .= $sso['cookie_name'].'='.$authid; - - $header[] = $cookie; - } - -// Html::debug($header); - fputs ($fp, implode("\r\n",$header)."\r\n\r\n"); - - $inhalt=array(); - while (!feof($fp)) { - $inhalt[] = fgets($fp,128); - } - fclose($fp); - - $html = implode('',$inhalt); -// Html::debug($html); - if ( !preg_match($sso['expect_regexp'],$html) ) - Http::notAuthorized('auth failed'); - $treffer=0; - if ( !preg_match($sso['username_regexp'],$html,$treffer) ) - Http::notAuthorized('auth failed'); - if ( !isset($treffer[1]) ) - Http::notAuthorized('authorization failed'); - - $username = $treffer[1]; - -// Html::debug( $treffer ); - $this->setDefaultDb(); - - $user = User::loadWithName( $username ); - - if ( ! $user->isValid( )) - Http::notAuthorized('authorization failed: user not found: '.$username); - - $user->setCurrent(); - - $this->callSubAction('show'); - } - } - - elseif ( $ssl_trust ) - { - if ( empty($ssl_user_var) ) - Http::serverError( 'please set environment variable name in ssl-configuration.' ); - - $username = getenv( $ssl_user_var ); - - if ( empty($username) ) - Http::notAuthorized( 'no username in client certificate ('.$ssl_user_var.') (or there is no client certificate...?)' ); - - $this->setDefaultDb(); - - $user = User::loadWithName( $username ); - - if ( !$user->isValid() ) - Http::serverError( 'unknown username: '.$username ); - - $user->setCurrent(); - - $this->callSubAction('show'); - } - - foreach( $conf['database'] as $dbid => $dbconf ) - { - if ( is_array($dbconf) && $dbconf['enabled'] ) - $dbids[$dbid] = array('key' => $dbid, - 'value' => empty($dbconf['name'])?$dbid:Text::maxLength($dbconf['name']), - 'title' => @$dbconf['description'] ); - } - - - if ( empty($dbids) ) - $this->addNotice('','','no_database_configuration',OR_NOTICE_WARN); - - if ( !isset($this->templateVars['login_name']) && isset($_COOKIE['or_username']) ) - $this->setTemplateVar('login_name',$_COOKIE['or_username']); - - if ( !isset($this->templateVars['login_name']) ) - $this->setTemplateVar('login_name',@$conf['security']['default']['username']); - - if ( @$this->templateVars['login_name']== @$conf['security']['default']['username']) - $this->setTemplateVar('login_password',@$conf['security']['default']['password']); - - $this->setTemplateVar( 'dbids',$dbids ); - - $db = Session::getDatabase(); - if ( is_object($db) ) - $this->setTemplateVar('actdbid',$db->id); - elseif( isset($this->templateVars['actid']) ) - ; - elseif ( isset($_COOKIE['or_dbid']) && isset($dbids[$_COOKIE['or_dbid']]) ) - // DB-Id aus dem Cookie lesen. - $this->setTemplateVar('actdbid',$_COOKIE['or_dbid'] ); - else - $this->setTemplateVar('actdbid',$conf['login']['default-database']); - - - // Den Benutzernamen aus dem Client-Zertifikat lesen und in die Loginmaske eintragen. - $ssl_user_var = $conf['security']['ssl']['client_cert_dn_env']; - if ( !empty($ssl_user_var) ) - { - $username = getenv( $ssl_user_var ); - - if ( empty($username) ) - { - // Nothing to do. - // if user has no valid client cert he could not access this form. - } - else { - - // Benutzername ist in Eingabemaske unver�nderlich - $this->setTemplateVar('force_username',$username); - } - - } - - $this->setTemplateVar('objectid' ,$this->getRequestVar('objectid' ,OR_FILTER_NUMBER) ); - $this->setTemplateVar('projectid' ,$this->getRequestVar('projectid' ,OR_FILTER_NUMBER) ); - $this->setTemplateVar('modelid' ,$this->getRequestVar('modelid' ,OR_FILTER_NUMBER) ); - $this->setTemplateVar('languageid',$this->getRequestVar('languageid',OR_FILTER_NUMBER) ); - - $this->setTemplateVar('register' ,$conf['login' ]['register' ]); - $this->setTemplateVar('send_password',$conf['login' ]['send_password']); - - // Versuchen, einen Benutzernamen zu ermitteln, der im Eingabeformular vorausgewählt wird. - $modules = explode(',',$conf['security']['modules']['preselect']); - - $username = ''; - foreach( $modules as $module) - { - Logger::debug('Preselecting module: '.$module); - $moduleClass = $module.'Auth'; - /** @var \Auth $auth */ - $auth = new $moduleClass; - $username = $auth->username(); - - if ( !empty($username) ) - { - Logger::debug('Preselecting User '.$username); - break; // Benutzername gefunden. - } - } - - $this->setTemplateVar('login_name',$username); - } - - - - /** - * Anzeigen der Loginmaske. - * - * Es wird nur die Loginmaske angezeigt. - * Hier nie "304 not modified" setzen, da sonst keine - * Login-Fehlermeldung erscheinen kann - */ - function openidView() - { - global $conf; - - foreach( $conf['database'] as $dbname=>$dbconf ) - { - if ( is_array($dbconf) && $dbconf['enabled'] ) - $dbids[$dbname] = array('key' =>$dbname, - 'value'=>Text::maxLength($dbconf['description']), - 'title'=>$dbconf['description'].(isset($dbconf['host'])?' ('.$dbconf['host'].')':'') ); - } - - $openid_provider = array(); - foreach( explode(',',$conf['security']['openid']['provider']['name']) as $provider ) - $openid_provider[$provider] = config('security','openid','provider.'.$provider.'.name'); - $this->setTemplateVar('openid_providers',$openid_provider); - $this->setTemplateVar('openid_user_identity',config('security','openid','user_identity')); - //$this->setTemplateVar('openid_provider','identity'); - - - if ( empty($dbids) ) - $this->addNotice('','','no_database_configuration',OR_NOTICE_WARN); - - if ( !isset($_COOKIE['or_username']) ) - $this->setTemplateVar('login_name',$_COOKIE['or_username']); - else - $this->setTemplateVar('login_name',$conf['security']['default']['username']); - - $this->setTemplateVar( 'dbids',$dbids ); - - $db = Session::getDatabase(); - if ( is_object($db) ) - $this->setTemplateVar('actdbid',$db->id); - else - $this->setTemplateVar('actdbid',$conf['database']['default']); - - $this->setTemplateVar('objectid' ,$this->getRequestVar('objectid' ,OR_FILTER_NUMBER) ); - $this->setTemplateVar('projectid' ,$this->getRequestVar('projectid' ,OR_FILTER_NUMBER) ); - $this->setTemplateVar('modelid' ,$this->getRequestVar('modelid' ,OR_FILTER_NUMBER) ); - $this->setTemplateVar('languageid',$this->getRequestVar('languageid',OR_FILTER_NUMBER) ); - - } - - - - /** - * Erzeugt ein Projekt-Auswahlmenue. - */ - function projectmenu() - { - $user = Session::getUser(); - - if ( $user->mustChangePassword ) - { - $this->addNotice( 'user',$user->name,'PASSWORD_TIMEOUT','warn' ); - $this->callSubAction( 'changepassword' ); // Zwang, das Kennwort zu ?ndern. - } - - - // Diese Seite gilt pro Sitzung. - $this->lastModified( $user->loginDate ); - - // Projekte ermitteln - $projects = $user->projects; - - $list = array(); - - foreach( $projects as $id=>$name ) - { - $p = array(); - $p['url' ] = Html::url('index','project',$id); - $p['name'] = $name; - $p['id' ] = $id; - - $tmpProject = new Project( $id ); - $p['defaultmodelid' ] = $tmpProject->getDefaultModelId(); - $p['defaultlanguageid'] = $tmpProject->getDefaultLanguageId(); - $p['models' ] = $tmpProject->getModels(); - $p['languages' ] = $tmpProject->getLanguages(); - - $list[] = $p; - } - - $this->setTemplateVar('projects',$list); - - if ( empty($list) ) - { - // Kein Projekt vorhanden. Eine Hinweismeldung ausgeben. - if ( $this->userIsAdmin() ) - // Administratoren bekommen bescheid, dass sie ein Projekt anlegen sollen - $this->addNotice('','','ADMIN_NO_PROJECTS_AVAILABLE',OR_NOTICE_WARN); - else - // Normale Benutzer erhalten eine Meldung, dass kein Projekt zur Verf?gung steht - $this->addNotice('','','NO_PROJECTS_AVAILABLE',OR_NOTICE_WARN); - } - - $this->metaValues(); - } - - - - /** - * Erzeugt eine Anwendungsliste. - */ - function applications() - { - global $conf; - - // Diese Seite gilt pro Sitzung. - $user = Session::getUser(); - $userGroups = $user->getGroups(); - $this->lastModified( $user->loginDate ); - - // Applikationen ermitteln - $list = array(); - foreach( $conf['applications'] as $id=>$app ) - { - if ( !is_array($app) ) - continue; - - if ( isset($app['group']) ) - if ( !in_array($app['group'],$userGroups) ) - continue; // Keine Berechtigung, da Benutzer nicht in Gruppe vorhanden. - - $p = array(); - $p['url'] = $app['url']; - $p['description'] = @$app['description']; - if ( isset($app['param']) ) - { - $p['url'] .= strpos($p['url'],'?')!==false?'&':'?'; - $p['url'] .= $app['param'].'='.session_id(); - } - $p['name'] = $app['name']; - - $list[] = $p; - } - - - $this->metaValues(); - $this->setTemplateVar('applications',$list); - } - - - - /** - * Ermittelt Meta-Angaben f?r den HTML-Kopf.<br> - * Falls der Browser die Meta-Angaben entsprechend auswertet, k?nnen ?ber feste Browser-Men?s - die Projekt direkt ausgew?hlt werden. - */ - function metaValues() - { - global $conf; - $metaList = array(); - - $user = Session::getUser(); - if ( is_object($user) ) - { - // Projekte ermitteln - $projects = $user->projects; - foreach( $projects as $id=>$name ) - { - $metaList[] = array('name' => 'chapter', - 'url' => Html::url('index','project',$id), - 'title'=> $name ); - } - - if ( $this->userIsAdmin() ) - { - $metaList[] = array('name' => 'appendix', - 'url' => Html::url('index','projectmenu',0 ), - 'title'=> lang('MENU_TREETITLE_ADMINISTRATION' ) ); - - $metaList[] = array('name' => 'chapter', - 'url' => Html::url('index','administration',0), - 'title'=> lang('administration') ); - } - - // Applikationen ermitteln - foreach( $conf['applications'] as $id=>$app ) - { - if ( !is_array($app) ) - continue; - $appUrl = $app['url']; - if ( isset($app['param']) ) - { - $appUrl .= strpos($appUrl,'?')!==false?'&':'?'; - $appUrl .= $app['param'].'='.session_id(); - } - - $metaList[] = array('name' => 'bookmark', - 'url' => $appUrl , - 'title'=> $app['name'] ); - } - } - - $project = Session::getProject(); - if ( is_object($project) && $project->projectid > 0 ) - { - $languages =$project->getLanguages(); - - foreach( $project->getModels() as $modelid=>$modelname ) - { - foreach( $languages as $languageid=>$languagename ) - { - - $metaList[] = array('name' => 'subsection', - 'url' => Html::url('index', - 'project', - $project->projectid, - array('languageid'=>$languageid, - 'modelid' =>$modelid) ), - 'title'=> $modelname.' - '.$languagename - ); - } - } - } - - $metaList[] = array('name' => 'author', - 'url' => $conf['login']['logo']['url'], - 'title'=> $conf['login']['logo']['url'] ); - - $metaList[] = array('name' => 'top', - 'url' => Html::url('index','logout',0 ), - 'title'=> 'Start' ); - - $metaList[] = array('name' => 'contents', - 'url' => Html::url('index','projectmenu',0 ), - 'title'=> lang('MENU_TREETITLE_PROJECTMENU' ) ); - - - $this->setTemplateVar('metaList',$metaList); - } - - - - /** - * Open-Id Login, ?berpr?fen der Anmeldung.<br> - * Spezifikation: http://openid.net/specs/openid-authentication-1_1.html<br> - * Kapitel "4.4. check_authentication"<br> - * <br> - * Im 2. Schritt (Mode "id_res") erfolgte ein Redirect vom Open-Id Provider an OpenRat zur?ck.<br> - * Wir befinden uns nun im darauf folgenden Request des Browsers.<br> - * <br> - * Es muss noch beim OpenId-Provider die Best?tigung eingeholt werden, danach ist der - * Benutzer angemeldet.<br> - */ - public function openidloginView() - { - global $conf; - $openId = Session::get('openid'); - - if ( !$openId->checkAuthentication() ) - { - Http::notAuthorized('OpenId-Login failed' ); - die(); - $this->addNotice('user',$openId->user,'LOGIN_OPENID_FAILED',OR_NOTICE_ERROR,array('name'=>$openId->user),array($openId->error) ); - $this->addValidationError('openid_url',''); - $this->callSubAction('showlogin'); - return; - } - - //Html::debug($openId); - - // Anmeldung wurde mit "is_valid:true" best?tigt. - // Der Benutzer ist jetzt eingeloggt. - $username = $openId->getUserFromIdentiy(); - - Logger::debug("OpenId-Login successful for $username"); - - if ( empty($username) ) - { - // Es konnte kein Benutzername ermittelt werden. - Http::notAuthorized('no username supplied by openid provider' ); - die(); - $this->addNotice('user',$username,'LOGIN_OPENID_FAILED','error',array('name'=>$username) ); - $this->addValidationError('openid_url',''); - $this->callSubAction('showlogin'); - return; - } - - $user = User::loadWithName( $username ); - - if ( $user->userid <=0) - { - // Benutzer ist (noch) nicht vorhanden. - if ( $conf['security']['openid']['add']) // Anlegen? - { - $user->name = $username; - $user->add(); - - $user->mail = @$openId->info['email']; - $user->fullname = @$openId->info['fullname']; - $user->save(); // Um E-Mail zu speichern (wird bei add() nicht gemacht) - } - else - { - Logger::debug("OpenId-Login failed for $username"); - // Benutzer ist nicht in Benutzertabelle vorhanden (und angelegt werden soll er auch nicht). - Http::notAuthorized('user',$username,'LOGIN_OPENID_FAILED','error',array('name'=>$username) ); - die(); - - $this->addNotice('user',$username,'LOGIN_OPENID_FAILED','error',array('name'=>$username) ); - $this->addValidationError('openid_url',''); - return; - } - } - else - { - // Benutzer ist bereits vorhanden. - if ( @$conf['security']['openid']['update_user']) - { - $user->fullname = @$openId->info['fullname']; - $user->mail = @$openId->info['email']; - $user->save(); - } - } - - Logger::info("User login successful: ".$username); - $user->setCurrent(); // Benutzer ist jetzt in der Sitzung. - - $this->setStyle( $user->style ); - $this->setPerspective('start'); - - $server = Http::getServer(); - Logger::debug("Redirecting to $server"); - header('Location: '.slashify($server) ); - exit(); - } - - - /** - * Login. - */ - function openidPost() - { - global $conf; - - $this->checkForDb(); - Session::setUser(''); - - if ( $conf['login']['nologin'] ) - Http::notAuthorized('login disabled'); - - $openid_user = $this->getRequestVar('openid_url' ); - $loginName = $this->getRequestVar('login_name' ,OR_FILTER_ALPHANUM); - $loginPassword = $this->getRequestVar('login_password',OR_FILTER_ALPHANUM); - $newPassword1 = $this->getRequestVar('password1' ,OR_FILTER_ALPHANUM); - $newPassword2 = $this->getRequestVar('password2' ,OR_FILTER_ALPHANUM); - - // Cookie setzen - setcookie('or_username',$loginName,time()+(60*60*24*30*12*2) ); - - // Login mit Open-Id. - if ( $this->hasRequestVar('openid_provider') && ($this->getRequestVar('openid_provider') != 'identity' || !empty($openid_user)) ) - { - $openId = new OpenId($this->getRequestVar('openid_provider'),$openid_user); - - if ( ! $openId->login() ) - { - $this->addNotice('user',$openid_user,'LOGIN_OPENID_FAILED','error',array('name'=>$openid_user),array($openId->error) ); - $this->addValidationError('openid_url',''); - $this->callSubAction('showlogin'); - return; - } - - Session::set('openid',$openId); - $this->redirect( $openId->getRedirectUrl() ); - return; - } - } - - - /** - * Synchronisiert die bisherigen Gruppen des Benutzers mit den Gruppen, die sich aus der Authentifzierung ergeben haben. - * - * @param $user User Benutzerobjekt - * @param $groups array $groups Einfaches Array von Gruppennamen. - */ - private function checkGroups($user, $groups) - { - if ( $groups == null ) - return; - - $oldGroups = $user->getGroups(); - - foreach( $oldGroups as $id=>$name) - { - if ( !in_array($name,$groups) ) - $user->delGroup($id); - } - - foreach( $groups as $name) - { - if ( ! in_array($name,$oldGroups)) - { - try - { - $group = Group::loadWithName( $name ); - $user->addGroup($group->groupid); - } - catch (ObjectNotFoundException $e) - { - // Gruppe fehlt. Anlegen? - if ( config('ldap','authorize','auto_add' ) ) - { - // Die Gruppe in der OpenRat-Datenbank hinzufuegen. - $g = new Group(); - $g->name = $group; - $g->add(); // Gruppe hinzufuegen - $user->addGroup($g->groupid); // Und Gruppe dem Benutzer hinzufuegen. - } - - } - } - } - } - - - /** - * Login. - * Zuerst wird die Datenbankverbindung aufgebaut und falls notwendig, aktualisiert. - */ - function loginPost() - { - global $conf; - - if ( $this->hasRequestVar('dbid')) - { - $dbid = $this->getRequestVar('dbid'); - - if ( !is_array($conf['database'][$dbid]) ) - $this->addValidationError('dbid'); - - try { - - - $db = new Database($conf['database'][$dbid], true); - $db->id = $dbid; - } - catch( Exception $e) { - throw new OpenRatException('DATABASE_ERROR_CONNECTION',$e->getMessage()); - } - - // Datenbank aktualisieren, sofern notwendig. - require_once( OR_DBCLASSES_DIR.'DbUpdate.class.'.PHP_EXT ); - $updater = new DbUpdate(); - $updater->update( $db ); - - unset($db); - } - - $this->checkForDb(); - - Session::setUser(''); // Altes Login entfernen. - - if ( $conf['login']['nologin'] ) - Http::notAuthorized('login disabled'); - - $loginName = $this->getRequestVar('login_name' ,OR_FILTER_ALPHANUM); - $loginPassword = $this->getRequestVar('login_password',OR_FILTER_ALPHANUM); - $newPassword1 = $this->getRequestVar('password1' ,OR_FILTER_ALPHANUM); - $newPassword2 = $this->getRequestVar('password2' ,OR_FILTER_ALPHANUM); - $token = $this->getRequestVar('user_token' ,OR_FILTER_ALPHANUM); - - // Der Benutzer hat zwar ein richtiges Kennwort eingegeben, aber dieses ist abgelaufen. - // Wir versuchen hier, das neue zu setzen (sofern eingegeben). - if ( empty($newPassword1) ) - { - // Kein neues Kennwort, - // nichts zu tun... - } - else - { - $auth = new InternalAuth(); - - if ( $auth->login($loginName, $loginPassword,$token) || $auth->mustChangePassword ) - { - if ( $newPassword1 != $newPassword2 ) - { - $this->addValidationError('password1','PASSWORDS_DO_NOT_MATCH'); - $this->addValidationError('password2',''); - return; - } - elseif ( strlen($newPassword1) < $conf['security']['password']['min_length'] ) - { - $this->addValidationError('password1','PASSWORD_MINLENGTH',array('minlength'=>$conf['security']['password']['min_length'])); - $this->addValidationError('password2',''); - return; - } - else - { - // Kennwoerter identisch und lang genug. - $user = User::loadWithName($loginName); - $user->setPassword( $newPassword1,true ); - - // Das neue gesetzte Kennwort für die weitere Authentifizierung benutzen. - $loginPassword = $newPassword1; - } - } - else - { - // Anmeldung gescheitert. - $this->addNotice('user',$loginName,'LOGIN_FAILED','error',array('name'=>$loginName) ); - $this->addValidationError('login_name' ,''); - $this->addValidationError('login_password',''); - return; - } - } - - // Cookie setzen - $cookieLifetime = 60*60*24*30*12*2; // 2 Jahre. - setcookie('or_username',$loginName ,time()+$cookieLifetime ); - setcookie('or_dbid' ,$this->getRequestVar('dbid'),time()+$cookieLifetime ); - - // Authentifzierungs-Module. - $modules = explode(',',$conf['security']['modules']['authenticate']); - - $loginOk = false; - $mustChangePassword = false; - $tokenFailed = false; - $groups = null; - $lastModule = null; - - // Jedes Authentifizierungsmodul durchlaufen, bis ein Login erfolgreich ist. - foreach( $modules as $module) - { - $moduleClass = $module.'Auth'; - $auth = new $moduleClass; - Logger::info('Trying to login with module '.$moduleClass); - $loginStatus = $auth->login( $loginName,$loginPassword, $token ); - $loginOk = $loginStatus === true || $loginStatus === OR_AUTH_STATUS_SUCCESS; - - if ( $loginStatus === OR_AUTH_STATUS_PW_EXPIRED ) - $mustChangePassword = true; - if ( $loginStatus === OR_AUTH_STATUS_TOKEN_NEEDED ) - $tokenFailed = true; - - if ( $loginOk ) - { - Logger::info('Login successful for '.$loginName); - $lastModule = $module; - - if ( isset($auth->groups ) ) - $groups = $auth->groups; - - break; // Login erfolgreich, erstes Modul gewinnt. - } - } - - /* - $loginOk = $this->checkLogin( $loginName, - $loginPassword, - $newPassword1, - $newPassword2 ); - */ - - - if ( $loginOk ) - { - - try - { - // Benutzer über den Benutzernamen laden. - $user = User::loadWithName($loginName); - $user->loginModuleName = $lastModule; -// Session::setUser($user); - $user->setCurrent(); - - if ($user->passwordAlgo != Password::bestAlgoAvailable() ) - // Re-Hash the password with a better hash algo. - $user->setPassword($loginPassword); - - } - catch( ObjectNotFoundException $ex ) - { - // Benutzer wurde zwar authentifiziert, ist aber in der - // internen Datenbank nicht vorhanden - if ( $conf['security']['newuser']['autoadd'] ) - { - // Neue Benutzer in die interne Datenbank uebernehmen. - $user = new User(); - $user->name = $loginName; - $user->fullname = $loginName; - $user->add(); - $user->save(); - } - else - { - // Benutzer soll nicht angelegt werden. - // Daher ist die Anmeldung hier gescheitert. - $loginOk = false; - } - } - } - - Password::delay(); - - $ip = getenv("REMOTE_ADDR"); - - if ( !$loginOk ) - { - // Anmeldung nicht erfolgreich - - Logger::debug("Login failed for user '$loginName' from IP $ip"); - - if ( $tokenFailed ) - { - // Token falsch. - $this->addNotice('user',$loginName,'LOGIN_FAILED_TOKEN_FAILED','error' ); - $this->addValidationError('user_token',''); - } - elseif ( $mustChangePassword ) - { - // Anmeldung gescheitert, Benutzer muss Kennwort ?ndern. - $this->addNotice('user',$loginName,'LOGIN_FAILED_MUSTCHANGEPASSWORD','error' ); - $this->addValidationError('password1',''); - $this->addValidationError('password2',''); - } - else - { - // Anmeldung gescheitert. - $this->addNotice('user',$loginName,'LOGIN_FAILED','error',array('name'=>$loginName) ); - $this->addValidationError('login_name' ,''); - $this->addValidationError('login_password',''); - } - - - //$this->callSubAction('login'); - return; - } - else - { - - Logger::debug("Login successful for user '$loginName' from IP $ip"); - - $this->checkGroups( $user, $groups ); - - if ( $this->hasRequestVar('remember') ) - { - // Cookie setzen - setcookie('or_username',$user->name ,time()+(60*60*24*30*12*2) ); - setcookie('or_token' ,$user->loginToken(),time()+(60*60*24*30*12*2) ); - } - - // Anmeldung erfolgreich. - if ( config('security','renew_session_login') ) - $this->recreateSession(); - - $this->addNotice('user',$user->name,'LOGIN_OK',OR_NOTICE_OK,array('name'=>$user->fullname)); - - $this->setStyle( $user->style ); - - $this->evaluateRequestVars(); - - $object = Session::getObject(); - // Falls noch kein Objekt ausgewaehlt, dann das zuletzt ge?nderte benutzen. - if ( !is_object($object) && @$conf['login']['start']['start_lastchanged_object'] ) - { - $objectid = Value::getLastChangedObjectByUserId($user->userid); - if ( Object::available($objectid)) - { - $object = new Object($objectid); - $object->load(); - Session::setObject($object); - - $project = new Project( $object->projectid ); - $project->load(); - Session::setProject( $project ); - - $language = new Language( isset($vars[REQ_PARAM_LANGUAGE_ID])&&Language::available($vars[REQ_PARAM_LANGUAGE_ID])?$vars[REQ_PARAM_LANGUAGE_ID]:$project->getDefaultLanguageId() ); - $language->load(); - Session::setProjectLanguage( $language ); - - $model = new Model( isset($vars[REQ_PARAM_MODEL_ID])&&Model::available($vars[REQ_PARAM_MODEL_ID])?$vars[REQ_PARAM_MODEL_ID]:$project->getDefaultModelId() ); - $model->load(); - Session::setProjectModel( $model ); - } - } - - $this->setStyle( $user->style ); // Benutzer-Style setzen - - $langFile = OR_LANGUAGE_DIR.'lang-'.$user->language.'.'.PHP_EXT; - - // Pruefen, ob Sprache vorhanden ist. - if ( !file_exists( $langFile ) ) - { - // Nur Warnung ins Log schreiben, keinen Fehler werfen - // Es ist möglich, dass Sprachen entfernt werden. - Logger::warn("Languagefile $langFile does not exist."); - } - else - { - require( $langFile ); - global $conf; - $conf['language'] = $lang; - $conf['language']['language_code'] = $user->language; - Session::setConfig( $conf ); - } - - - - // Entscheiden, welche Perspektive als erstes angezeigt werden soll. - - $allProjects = Project::getAllProjects(); - - if ( $conf['login']['start']['start_single_project'] && - count($allProjects) == 1 ) - { - // Das einzige Projekt sofort starten. - $projectIds = array_keys($allProjects); - - $project = new Project($projectIds[0]); - $project->load(); - $language = new Language( $project->getDefaultLanguageId() ); - $language->load(); - $model = new Model( $project->getDefaultModelId() ); - $model->load(); - - Session::setProject( $project ); - Session::setProjectLanguage( $language ); - Session::setProjectModel( $model ); - - - $this->setPerspective('normal'); - } - elseif ( $conf['login']['start']['start_lastchanged_object'] ) - { - $user = Session::getUser(); - $objectid = Value::getLastChangedObjectByUserId($user->userid); - if ( Object::available($objectid)) - { - // Das Projekt des zuletzt geänderten Objekts ermitteln - // und dieses Projekt starten. - $o = new Object( $objectid ); - $o->load(); - - $project = new Project($o->projectid); - $project->load(); - $language = new Language( $project->getDefaultLanguageId() ); - $language->load(); - $model = new Model( $project->getDefaultModelId() ); - $model->load(); - - Session::setProject( $project ); - Session::setProjectLanguage( $language ); - Session::setProjectModel( $model ); - - $this->setPerspective('normal'); - } - else - { - // Benutzer hat noch nie eine Änderung durchgefuehrt. - // Erstmal die Startseite anzeigen. - $this->setPerspective('start'); - } - } - - else - { - // Erstmal die Startseite anzeigen. - $this->setPerspective('start'); - } - } - - } - - - /** - * Benutzer meldet sich ab. - */ - function logoutPost() - { - global $conf; - - $user = Session::getUser(); - if ( is_object($user) ) - $this->setTemplateVar('login_username',$user->name); - - // Ausgew?hlte Objekte merken, um nach dem n?. Login wieder sofort auszuw?hlen. - $o = Session::getObject(); - if ( is_object($o) ) - $this->setTemplateVar('objectid',$o->objectid); - $p = Session::getProject(); - if ( is_object($p) ) - $this->setTemplateVar('projectid',$p->projectid); - $l = Session::getProjectLanguage(); - if ( is_object($l) ) - $this->setTemplateVar('languageid',$l->languageid); - $m = Session::getProjectModel(); - if ( is_object($m) ) - $this->setTemplateVar('modelid',$m->modelid); - $db = db_connection(); - if ( is_object($db) ) - $this->setTemplateVar('dbid',$db->id); - - /* - // Alle Variablen aus der Sitzung entfernen. - session_unset(); - - // Damit wird die Session gel�scht, nicht nur die Session-Daten! - if ( ini_get("session.use_cookies") ) - { - $params = session_get_cookie_params(); - setcookie( session_name(),'', time() - 3600, - $params["path"],$params["domain"],$params["secure"],$params["httponly"] ); - } - - // Loeschen der Session. - session_destroy(); - */ - if ( config('security','renew_session_logout') ) - $this->recreateSession(); - - session_unset(); - - if ( @$conf['theme']['compiler']['compile_at_logout'] ) - { - foreach( $conf['action'] as $actionName => $actionConfig ) - { - foreach( $actionConfig as $subActionName=>$subaction ) - { - if ( is_array($subaction) && - !isset($subaction['goto' ]) && - !isset($subaction['direct']) && - !isset($subaction['action']) && - !isset($subaction['async' ]) && - !isset($subaction['alias' ]) && - $subActionName != 'menu' ) - { - $engine = new template_engine\TemplateEngine(); - $engine->compile( strtolower(str_replace('Action','',$actionName)).'/'.$subActionName); - } - } - } - } - - // Login-Token löschen: - // Wenn der Benutzer sich abmelden will, dann soll auch die automatische - // Anmeldung deaktiviert werden. - setcookie('or_token' ,'',0 ); - - // Umleiten auf eine definierte URL.s - $redirect_url = @$conf['security']['logout']['redirect_url']; - - if ( !empty($redirect_url) ) - { - $this->redirect($redirect_url); - } - - Session::set('perspective','login'); - - // Style zurücksetzen. - // Der Style des Benutzers koennte auch stehen bleiben. Aber dann gäbe es Rückschlüsse darauf, wer zuletzt angemeldet war (Sicherheit!). - $this->setStyle( config('interface','style','default') ); - $this->refresh(); - } - - - - /** - * Benutzer meldet sich ab. - */ - function logoutView() - { - } - - - /** - * Ausw?hlen der Administration. - */ - function administration() - { - Session::setProject( new Project(-1) ); - } - - - - /** - * Ausgeben von maschinenlesbaren Benutzerinformationen. - * - * Diese Funktion dient dem Single-Signon f?r fremde Anwendungen, welche - * die Benutzerinformationen des angemeldeten Benutzers aus dieser - * Anwendung auslesen k?nnen. - */ - function userinfo() - { - $user = Session::getUser(); - $info = array('username' => $user->name, - 'fullname' => $user->fullname, - 'mail' => $user->mail, - 'telephone' => $user->tel, - 'style' => $user->style, - 'admin' => $user->isAdmin?'true':'false', - 'ldap' => $user->ldap_dn, - 'groups' => implode(',',$user->getGroups()), - 'description'=> $user->desc - ); - - // Wenn der HTTP-Parameter "xml" vorhanden ist, dann geben wir die - // Informationen per XML aus. - if ( $this->hasRequestVar('xml') ) - { - header('Content-Type: text/xml'); - echo '<userinfo>'; - foreach( $info as $n=>$i ) - echo '<'.$n.'>'.$i.'</'.$n.'>'."\n"; - echo '</userinfo>'; - - } - - // Sonst normale Textausgabe im INI-Datei-Format. - else - { - header('Content-Type: text/plain'); - foreach( $info as $n=>$i ) - echo $n.'="'.$i."\"\n"; - } - - exit; // Fertig. - } - - - function project() - { - $user = Session::getUser(); - if ( ! is_object($user) ) - { - $this->callSubAction('show'); - return; - } - - $this->evaluateRequestVars( array('projectid'=>$this->getRequestId()) ); - - Session::setUser( $user ); - } - - - function object() - { - $user = Session::getUser(); - if ( ! is_object($user) ) - { - $this->callSubAction('show'); - return; - } - - $this->evaluateRequestVars( array('objectid'=>$this->getRequestId()) ); - - Session::setUser( $user ); - } - - - function language() - { - $user = Session::getUser(); - if ( ! is_object($user) ) - { - $this->callSubAction('show'); - return; - } - - $this->evaluateRequestVars( array(REQ_PARAM_LANGUAGE_ID=>$this->getRequestId()) ); - } - - - function model() - { - $user = Session::getUser(); - if ( ! is_object($user) ) - { - $this->callSubAction('show'); - return; - } - - $this->evaluateRequestVars( array(REQ_PARAM_MODEL_ID=>$this->getRequestId()) ); - - $user = Session::getUser(); - } - - - /** - * Auswerten der Request-Variablen. - * - * @param Array $add - */ - function evaluateRequestVars( $add = array() ) - { - global $REQ; - $vars = $REQ + $add; - - $db = db_connection(); - if ( !is_object($db) ) - { - if ( isset($vars[REQ_PARAM_DATABASE_ID]) ) - $this->setDb($vars[REQ_PARAM_DATABASE_ID]); - else - Http::serverError('no database available.'); - } - else - { - // Pr�ft, ob die �bergebene Datenbank-Id mit der - // aktuellen �bereinstimmt. - // Falls nicht, muss ein Re-Login erfolgen. - if ( isset($vars[REQ_PARAM_DATABASE_ID]) ) - if ( $db->id != $vars[REQ_PARAM_DATABASE_ID] ) - { - $this->callSubAction('show'); - return; - } - } - - - if ( isset($vars[REQ_PARAM_OBJECT_ID]) && Object::available($vars[REQ_PARAM_OBJECT_ID]) ) - { - $object = new Object( $vars[REQ_PARAM_OBJECT_ID] ); - $object->objectLoadRaw(); - Session::setObject( $object ); - - $project = new Project( $object->projectid ); - $project->load(); - Session::setProject( $project ); - - $language = new Language( isset($vars[REQ_PARAM_LANGUAGE_ID])&&Language::available($vars[REQ_PARAM_LANGUAGE_ID])?$vars[REQ_PARAM_LANGUAGE_ID]:$project->getDefaultLanguageId() ); - $language->load(); - Session::setProjectLanguage( $language ); - - $model = new Model( isset($vars[REQ_PARAM_MODEL_ID])&&Model::available($vars[REQ_PARAM_MODEL_ID])?$vars[REQ_PARAM_MODEL_ID]:$project->getDefaultModelId() ); - $model->load(); - Session::setProjectModel( $model ); - } - elseif ( isset($vars[REQ_PARAM_LANGUAGE_ID]) && Language::available($vars[REQ_PARAM_LANGUAGE_ID]) ) - { - $language = new Language( $vars[REQ_PARAM_LANGUAGE_ID] ); - $language->load(); - Session::setProjectLanguage( $language ); - - $project = new Project( $language->projectid ); - $project->load(); - Session::setProject( $project ); - - $model = Session::getProjectModel(); - if ( !is_object($model) ) - { - $model = new Model( $project->getDefaultModelId() ); - $model->load(); - Session::setProjectModel( $model ); - } - - $object = Session::getObject(); - if ( is_object($object) && $object->projectid == $project->projectid ) - { - $object->objectLoadRaw(); - Session::setObject( $object ); - } - else - { - Session::setObject( '' ); - } - } - elseif ( isset($vars[REQ_PARAM_MODEL_ID]) && Model::available($vars[REQ_PARAM_MODEL_ID]) ) - { - $model = new Model( $vars[REQ_PARAM_MODEL_ID] ); - $model->load(); - Session::setProjectModel( $model ); - - $project = new Project( $model->projectid ); - $project->load(); - Session::setProject( $project ); - - $language = Session::getProjectLanguage(); - if ( !is_object($language) || $language->projectid != $project->projectid ) - { - $language = new Language( $project->getDefaultLanguageId() ); - $language->load(); - Session::setProjectLanguage( $language ); - } - - $object = Session::getObject(); - $object->objectLoadRaw(); - if ( is_object($object) && $object->projectid == $project->projectid ) - { - $object->objectLoadRaw(); - Session::setObject( $object ); - } - else - { - Session::setObject( '' ); - } - } - elseif ( isset($vars[REQ_PARAM_PROJECT_ID])&&Project::isAvailable($vars[REQ_PARAM_PROJECT_ID]) ) - { - $project = new Project( $vars[REQ_PARAM_PROJECT_ID] ); - $project->load(); - - Session::setProject( $project ); - - $language = new Language( isset($vars[REQ_PARAM_LANGUAGE_ID])&& Language::available($vars[REQ_PARAM_LANGUAGE_ID])?$vars[REQ_PARAM_LANGUAGE_ID]:$project->getDefaultLanguageId() ); - $language->load(); - Session::setProjectLanguage( $language ); - - $model = new Model( isset($vars[REQ_PARAM_MODEL_ID])&& Model::available($vars[REQ_PARAM_MODEL_ID])?$vars[REQ_PARAM_MODEL_ID]:$project->getDefaultModelId() ); - $model->load(); - Session::setProjectModel( $model ); - - $object = Session::getObject(); - if ( is_object($object) && $object->projectid == $project->projectid ) - { - $object->objectLoadRaw(); - Session::setObject( $object ); - } - else - { - Session::setObject( '' ); - } - } - } - - - function showtree() - { - Session::set('showtree',true ); - } - - - function hidetree() - { - Session::set('showtree',false ); - } - - - function switchuser() - { - $user = Session::getUser(); - - if ( ! $user->isAdmin ) - Http::notAuthorized(""); - - $this->recreateSession(); - - $newUser = new User( $this->getRequestId() ); - $newUser->load(); - - $newUser->setCurrent(); - } - - - function show() - { - global $conf; - global $PHP_AUTH_USER; - global $PHP_AUTH_PW; - - $user = Session::getUser(); - // Gast-Login - if ( ! is_object($user) ) - { - if ( $conf['security']['guest']['enable'] ) - { - $this->setDefaultDb(); - $username = $conf['security']['guest']['user']; - $user = User::loadWithName($username); - if ( $user->userid > 0 ) - $user->setCurrent(); - else - { - Logger::warn('Guest login failed, user not found: '.$username); - $this->addNotice('user',$username,'LOGIN_FAILED',OR_NOTICE_WARN,array('name'=>$username) ); - $user = null; - } - } - } - - if ( ! is_object($user) ) - { - switch( $conf['security']['login']['type'] ) - { - - // Authorization ueber HTTP - // - case 'http': - $ok = false; - - if ( isset($_SERVER['PHP_AUTH_USER']) ) - { - $this->setDefaultDb(); - $ok = $this->checkLogin( $_SERVER['PHP_AUTH_USER'],$_SERVER['PHP_AUTH_PW'] ); - } - - if ( ! $ok ) - { - header( 'WWW-Authenticate: Basic realm="'.OR_TITLE.' - '.lang('HTTP_REALM').'"' ); - header( 'HTTP/1.0 401 Unauthorized' ); - echo 'Authorization Required!'; - exit; - } - break; - - case 'form': - // Benutzer ist nicht angemeldet - $this->callSubAction( 'showlogin' ); // Anzeigen der Login-Maske - return; - break; - - default: - Http::serverError('Unknown auth-type: '.$conf['security']['login']['type'].'. Please check the configuration setting /security/login/type' ); - } - } - - if ( $user->mustChangePassword ) - { - $this->addNotice( 'user',$user->name,'PASSWORD_TIMEOUT','warn' ); - $this->callSubAction( 'changepassword' ); // Zwang, das Kennwort zu ?ndern. - } - - // Seite ?ndert sich nur 1x pro Session - $this->lastModified( $user->loginDate ); - - $projectid = intval( $this->getRequestVar('projectid' ) ); - $languageid = intval( $this->getRequestVar('languageid') ); - $modelid = intval( $this->getRequestVar('modelid' ) ); - $objectid = intval( $this->getRequestVar('objectid' ) ); - $elementid = intval( $this->getRequestVar('elementid' ) ); - - if ( $projectid != 0 ) - { - $project = new Project( $projectid ); - $project->load(); - Session::setProject($project); - } - elseif ( $languageid != 0 ) - { - $language = new Language( $languageid ); - $language->load(); - Session::setProjectLanguage($language); - } - elseif ( $modelid != 0 ) - { - $model = new Model( $modelid ); - $model->load(); - Session::setProjectModel($model); - } - elseif ( $objectid != 0 ) - { - $object = new Object( $objectid ); - $object->objectLoad(); - Session::setObject($object); - } - if ( $elementid != 0 ) - { - $element = new Element( $elementid ); - Session::setElement($element); - } - - $project = Session::getProject(); - $object = Session::getObject(); - $elementid = 0; - - if ( is_object($project) ) - { - if ( $project->projectid == PROJECTID_ADMIN ) - { - $project->name = lang('ADMINISTRATION'); - Session::setProject( $project ); - - Session::setProjectLanguage( '' ); - Session::setProjectModel ( '' ); - Session::setObject ( '' ); - } - - $this->setTemplateVar( 'title',$project->name ); - - if ( is_object($object) ) - { - $type = $object->getType(); - - if ( $type == 'page' ) - { - $page = new Page($object->objectid); - $page->load(); - $elementList = $page->getWritableElements(); - if ( count($elementList) == 1 ) - $elementid = current(array_keys($elementList)); - } - - if ( $elementid > 0 ) - $this->setTemplateVar( 'frame_src_main',Html::url('main','pageelement',$object->objectid,array('elementid'=>$elementid,'targetSubAction'=>'edit')) ); - else - $this->setTemplateVar( 'frame_src_main',Html::url('main',$type,$object->objectid) ); - } - else - { - $this->setTemplateVar( 'frame_src_main',Html::url('main','empty',0,array(REQ_PARAM_TARGETSUBACTION=>'blank')) ); - } - } - elseif ( is_object($project) && $project->projectid == PROJECTID_ADMIN ) - { - if ( $this->hasRequestVar('projectid') ) - $this->setTemplateVar( 'frame_src_main',Html::url('main','project',$this->getRequestVar('projectid')) ); - elseif ( $this->hasRequestVar('groupid') ) - $this->setTemplateVar( 'frame_src_main',Html::url('main','group' ,$this->getRequestVar('groupid' )) ); - elseif ( $this->hasRequestVar('userid') ) - $this->setTemplateVar( 'frame_src_main',Html::url('main','user' ,$this->getRequestVar('userid' )) ); - else - $this->setTemplateVar( 'frame_src_main',Html::url('main','empty',0,array(REQ_PARAM_TARGETSUBACTION=>'blank')) ); - } - else - { - $this->callSubAction( 'projectmenu' ); - } - - - $this->setTemplateVar( 'show_tree',(Session::get('showtree')==true) ); - - $this->setTemplateVar( 'frame_src_title' ,Html::url( 'title' ) ); - $this->setTemplateVar( 'frame_src_tree_menu' ,Html::url( 'treemenu' ) ); - $this->setTemplateVar( 'frame_src_tree_title',Html::url( 'treetitle' ) ); - $this->setTemplateVar( 'frame_src_tree' ,Html::url( 'tree' ,'load' ) ); - $this->setTemplateVar( 'frame_src_clipboard' ,Html::url( 'clipboard' ) ); - $this->setTemplateVar( 'frame_src_status' ,Html::url( 'status' ) ); - - $this->setTemplateVar( 'tree_width',$conf['interface']['tree_width'] ); - - $this->metaValues(); - } - - - - function checkMenu( $name ) - { - global $conf; - - switch( $name ) - { - case 'applications': - // Men?punkt "Anwendungen" wird nur angezeigt, wenn weitere Anwendungen - // konfiguriert sind. - return count(@$conf['applications']) > 0; - - case 'register': // Registrierung - // Nur, wenn aktiviert und gegen eigene Datenbank authentisiert wird. - return @$conf['login']['register'] && @$conf['security']['auth']['type'] == 'database'; - - case 'password': // Kennwort vergessen - // Nur, wenn aktiviert und gegen eigene Datenbank authentisiert wird. - // Deaktiviert, falls LDAP-Lookup aktiviert ist. - return @$conf['login']['send_password'] && @$conf['security']['auth']['type'] == 'database' - && !@$conf['security']['auth']['userdn']; - - case 'administration': - // "Administration" nat?rlich nur f?r Administratoren. - return $this->userIsAdmin(); - - case 'login': - return !@$conf['login']['nologin']; - - case 'logout': - return true; - - case 'projectmenu': - return true; - - default: - return false; - } - } - - - /** - * Maske anzeigen, um Benutzer zu registrieren. - */ - public function registerView() - { - - } - - - /** - * Registriercode erzeugen und per E-Mail dem Benutzer mitteilen. - * Maske anzeigen, damit Benuter Registriercode anzeigen kann. - */ - public function registercodeView() - { - global $conf; - foreach( $conf['database'] as $dbname=>$dbconf ) - { - if ( is_array($dbconf) && $dbconf['enabled'] ) - $dbids[$dbname] = $dbconf['description']; - } - - $this->setTemplateVar( 'dbids',$dbids ); - - $db = Session::getDatabase(); - if ( is_object($db) ) - $this->setTemplateVar('actdbid',$db->id); - else - $this->setTemplateVar('actdbid',$conf['database']['default']); - - - - } - - - - public function registerPost() - { - global $conf; - - Session::set('registerMail',$this->getRequestVar('mail') ); - - srand ((double)microtime()*1000003); - $registerCode = rand(); - - Session::set('registerCode',$registerCode ); - - $email_address = $this->getRequestVar('mail',OR_FILTER_MAIL); - - if ( ! Mail::checkAddress($email_address) ) - { - $this->addValidationError('mail'); - return; - } - - // E-Mail and die eingegebene Adresse verschicken - $mail = new Mail($email_address, - 'register_commit_code','register_commit_code'); - $mail->setVar('code',$registerCode); // Registrierungscode als Text-Variable - - if ( $mail->send() ) - { - $this->addNotice('','','mail_sent',OR_NOTICE_OK); - $this->nextView('registeruserdata'); - } - else - { - $this->addNotice('','','mail_not_sent',OR_NOTICE_ERROR,array(),$mail->error); - return; - } - - $this->nextView('registercode'); - } - - - /** - * Benutzerregistierung. - * Benutzer hat Best?tigungscode erhalten und eingegeben. - */ - function registercodePost() - { - global $conf; - $this->checkForDb(); - - $origRegisterCode = Session::get('registerCode'); - $inputRegisterCode = $this->getRequestVar('code'); - - if ( $origRegisterCode != $inputRegisterCode ) - { - // Best?tigungscode stimmt nicht. - $this->addValidationError('code','code_not_match'); - return; - } - - // Best?tigungscode stimmt ?berein. - // Neuen Benutzer anlegen. - - if ( !$this->hasRequestVar('username') ) - { - $this->addValidationError('username'); - return; - } - - $user = User::loadWithName( $this->getRequestVar('username') ); - if ( $user->isValid() ) - { - $this->addValidationError('username','USER_ALREADY_IN_DATABASE'); - return; - } - - if ( strlen($this->getRequestVar('password')) < $conf['security']['password']['min_length'] ) - { - $this->addValidationError('password','password_minlength',array('minlength'=>$conf['security']['password']['min_length'])); - return; - } - - $newUser = new User(); - $newUser->name = $this->getRequestVar('username'); - $newUser->add(); - - $newUser->mail = Session::get('registerMail'); - $newUser->save(); - - $newUser->setPassword( $this->getRequestVar('password'),true ); - - $this->addNotice('user',$newUser->name,'user_added','ok'); - - $this->nextView('login'); - } - - - - /** - * Vergessenes Kennwort zusenden lassen. - */ - function passwordView() - { - // TODO: Attribut "Password" abfragen - foreach( config('database') as $dbname=>$dbconf ) - { - $dbconf = $dbconf + config('database-default','defaults'); - if ( $dbconf['enabled'] ) - $dbids[$dbname] = $dbconf['description']; - } - - $this->setTemplateVar( 'dbids',$dbids ); - - - $db = Session::getDatabase(); - - if ( is_object($db) ) - $this->setTemplateVar('actdbid',$db->id); - else - $this->setTemplateVar('actdbid',config('database-default','default-id')); - } - - - /* - function changepassword() - { - } - */ - - - /* - function setnewpassword() - { - $oldPw = $this->getRequestVar('password_old' ); - $newPw1 = $this->getRequestVar('password_new_1'); - $newPw2 = $this->getRequestVar('password_new_2'); - - if ( $newPw1 == $newPw2 ) - { - // Aktuellen Benutzer aus der Sitzung ermitteln - $user = $this->getUserFromSession(); - - // Altes Kennwort pr?fen. - $ok = $user->checkPassword( $oldPw ); - - if ( $ok ) // Altes Kennwort ist ok. - { - $user->setPassword( $newPw1 ); // Setze neues Kennwort - $user->mustChangePassword = false; - Session::setUser($user); - $this->addNotice('user',$user->name,'password_set','ok'); - } - else - { - // Altes Kennwort falsch. - $this->addNotice('user',$user->name,'password_error','error'); - } - } - else - { - // Beide neuen Kennw?rter stimmen nicht ?berein - $this->addNotice('user',$user->name,'passwords_not_match','error'); - } - } - */ - - - /** - * Einen Kennwort-Anforderungscode an den Benutzer senden. - */ - function passwordPost() - { - if ( !$this->hasRequestVar('username') ) - { - $this->addValidationError('username'); - return; - } - - $this->checkForDb(); - - $user = User::loadWithName( $this->getRequestVar("username") ); - // Html::debug($user); - Password::delay(); - if ( $user->isValid() ) - { - srand ((double)microtime()*1000003); - $code = rand(); - $this->setSessionVar("password_commit_code",$code); - - $eMail = new Mail( $user->mail,'password_commit_code' ); - $eMail->setVar('name',$user->getName()); - $eMail->setVar('code',$code); - if ( $eMail->send() ) - $this->addNotice('user',$user->getName(),'mail_sent',OR_NOTICE_OK); - else - $this->addNotice('user',$user->getName(),'mail_not_sent',OR_NOTICE_ERROR,array(),$eMail->error); - - } - else - { - //$this->addNotice('','user','username_not_found'); - // Trotzdem vort?uschen, eine E-Mail zu senden, damit die G?ltigkeit - // eines Benutzernamens nicht von au?en gepr?ft werden kann. - // - $this->addNotice('user',$this->getRequestVar("username"),'mail_sent'); - - } - - $this->setSessionVar("password_commit_name",$user->name); - $this->nextView('passwordcode'); - } - - - - /** - * Anzeige Formular zum Eingeben des Kennwort-Codes. - * - */ - function passwordcodeView() - { - - } - - - /** - * Neues Kennwort erzeugen und dem Benutzer zusenden. - */ - function passwordcodePost() - { - $username = $this->getSessionVar("password_commit_name"); - - if ( $this->getRequestVar("code")=='' || - $this->getSessionVar("password_commit_code") != $this->getRequestVar("code") ) - { - $this->addValidationError('code','PASSWORDCODE_NOT_MATCH'); - return; - } - - $user = User::loadWithName( $username ); - - if ( !$user->isValid() ) - { - // Benutzer konnte nicht geladen werden. - $this->addNotice('user',$username,'error',OR_NOTICE_ERROR); - return; - } - - $newPw = User::createPassword(); // Neues Kennwort erzeugen. - - $eMail = new Mail( $user->mail,'password_new' ); - $eMail->setVar('name' ,$user->getName()); - $eMail->setVar('password',$newPw ); - - if ( $eMail->send() ) - { - $user->setPassword( $newPw, false ); // Kennwort muss beim n?. Login ge?ndert werden. - $this->addNotice('user',$username,'mail_sent',OR_NOTICE_OK); - } - else - { - // Sollte eigentlich nicht vorkommen, da der Benutzer ja auch schon den - // Code per E-Mail erhalten hat. - $this->addNotice('user',$username,'error',OR_NOTICE_ERROR,array(),$eMail->error); - } - } - - - /** - * Erzeugt eine neue Sitzung. - */ - function recreateSession() - { - - // PHP < 4.3.2 kennt die Funktion session_regenerate_id() nicht. - if ( version_compare(phpversion(),"4.3.2","<") ) - { - $randlen = 32; - $randval = "0123456789abcdefghijklmnopqrstuvwxyz"; - $newid = ""; - for ($i = 1; $i <= $randlen; $i++) - { - $newid .= substr($randval, rand(0,(strlen($randval) - 1)), 1); - } - session_id( $newid ); - } - elseif( version_compare(phpversion(),"4.3.2","==") ) - { - session_regenerate_id(); - - // Bug in PHP 4.3.2: Session-Cookie wird nicht neu gesetzt. - if ( ini_get("session.use_cookies") ) - setcookie( session_name(),session_id(),ini_get("session.cookie_lifetime"),"/" ); - } - elseif ( version_compare(phpversion(),"5.1.0",">") ) - { - session_regenerate_id(true); - } - else - { - // 5.1.0 > PHP >= 4.3.3 - } - } - - - function licenseView() - { - $software = array(); - - $software[] = array('name' =>'OpenRat Content Management System', - 'url' =>'http://www.openrat.de/', - 'license'=>'GPL v2'); - $software[] = array('name' =>'jQuery Core Javascript Framework', - 'url' =>'http://jquery.com/', - 'license'=>'MPL, GPL v2'); - $software[] = array('name' =>'jQuery UI Javascript Framework', - 'url' =>'http://jqueryui.com/', - 'license'=>'MPL, GPL v2'); - $software[] = array('name' =>'GeSHi - Generic Syntax Highlighter', - 'url' =>'http://qbnz.com/highlighter/', - 'license'=>'GPL v2'); - $software[] = array('name' =>'CKEditor', - 'url' =>'http://ckeditor.com/', - 'license'=>'GPL v2'); - $software[] = array('name' =>'960 Grid System CSS', - 'url' =>'http://960.gs/', - 'license'=>'GPL v3, MIT'); - $software[] = array('name' =>'TAR file format', - 'url' =>'http://www.phpclasses.org/package/529', - 'license'=>'LGPL'); - $software[] = array('name' =>'JSON file format', - 'url' =>'http://pear.php.net/pepr/pepr-proposal-show.php?id=198', - 'license'=>'BSD'); - - $this->setTemplateVar('software',$software); - } - - - function pingView() - { - echo "1"; - } -} - - -?>- \ No newline at end of file diff --git a/action/ModelAction.class.php b/action/ModelAction.class.php @@ -1,209 +0,0 @@ -<?php - -namespace cms\action; - -use cms\model\Model; - - - -use Session; -use \Html; - -// OpenRat Content Management System -// Copyright (C) 2002-2012 Jan Dankert, cms@jandankert.de -// -// This program is free software; you can redistribute it and/or -// modify it under the terms of the GNU General Public License -// as published by the Free Software Foundation; either version 2 -// of the License, or (at your option) any later version. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License -// along with this program; if not, write to the Free Software -// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. - - -/** - * Action-Klasse zum Bearbeiten eines Projetmodells - * @author $Author$ - * @version $Revision$ - * @package openrat.actions - */ -class ModelAction extends Action -{ - public $security = SECURITY_USER; - - var $defaultSubAction = 'listing'; - var $model; - - - function __construct() - { - $this->model = new Model( $this->getRequestId() ); - $this->model->load(); - - $this->project = Session::getProject(); - } - - - - - /** - * Entfernen der Variante.<br> - * Es wird ein Best�tigungsdialog angezeigt. - */ - function removeView() - { - $this->model->load(); - - $this->setTemplateVar( 'name',$this->model->name ); - } - - - /** - * Löschen des Models. - */ - function removePost() - { - if ( $this->hasRequestVar('confirm') ) - { - $this->model->delete(); - $this->addNotice('model',$this->model->name,'DONE',OR_NOTICE_OK); - } - else - { - $this->addNotice('model',$this->model->name,'NOTHING_DONE',OR_NOTICE_WARN); - } - } - - - - // Speichern eines Modells - function editPost() - { - if ( $this->getRequestVar('name') != '' ) - { - $this->model->name = $this->getRequestVar('name'); - $this->model->save(); - $this->addNotice('model',$this->model->name,'SAVED','ok'); - } - else - { - $this->addNotice('model',$this->model->name,'NOT_SAVED','error'); - } - - // Baum aktualisieren -// $this->setTemplateVar('tree_refresh',true); - } - - - function setdefaultPost() - { - if ( !$this->userIsAdmin() ) exit(); - - $this->model->setDefault(); - - $this->callSubAction('listing'); - } - - - function listingView() - { - global $conf_php; - $actModel = Session::getProjectModel(); - -// $var['act_modelid'] = $this->getSessionVar('modelid'); - - $list = array(); - foreach( $this->project->getModelIds() as $id ) - { - $m = new Model( $id ); - $m->load(); - - $list[$id]['name'] = $m->name; - - if ( $this->userIsAdmin() ) - $list[$id]['url' ] = Html::url('model','edit',$id, - array() ); - - if ( ! $m->isDefault && $this->userIsAdmin() ) - $list[$id]['default_url'] = Html::url('model','setdefault',$id); - - if ( $actModel->modelid != $m->modelid ) - $list[$id]['select_url' ] = Html::url('index','model',$id); - } - $this->setTemplateVar( 'el',$list ); - $this->setTemplateVar( 'add',$this->userIsAdmin() ); - } - - - /** - * Bearbeiten der Variante. - * Ermitteln aller Eigenschaften der Variante. - */ - function editView() - { - $this->model->load(); - - $this->setTemplateVars( $this->model->getProperties() ); - } - - - function checkmenu( $menu ) - { - switch( $menu ) - { - case 'remove': - $actModel = Session::getProjectModel(); - return - !readonly() && - $this->userIsAdmin() && - is_object($this->model) && - count( $this->model->getAll() ) >= 2 && - $actModel->modelid != $this->model->modelid; - - case 'add': - return - !readonly() && $this->userIsAdmin(); - - default: - return true; - } - } - - - /** - * Liefert die Struktur zu diesem Ordner: - * - Mit den übergeordneten Ordnern und - * - den in diesem Ordner enthaltenen Objekten - * - * Beispiel: - * <pre> - * - A - * - B - * - C (dieser Ordner) - * - Unterordner - * - Seite - * - Seite - * - Datei - * </pre> - */ - public function structureView() - { - $structure = array(); - $modellistChildren = array(); - - $structure[0] = array('id'=>'0','name'=>lang('MODELS'),'type'=>'modellist','level'=>1,'children'=>&$modellistChildren); - - $modellistChildren[ $this->model->modelid ] = array('id'=>$this->model->modelid,'name'=>$this->model->name,'type'=>'model','self'=>true); - - - //Html::debug($structure); - - $this->setTemplateVar('outline',$structure); - } -}- \ No newline at end of file diff --git a/action/ModellistAction.class.php b/action/ModellistAction.class.php @@ -1,118 +0,0 @@ -<?php - -namespace cms\action; - -use cms\model\Model; -use Html; -use Session; - -// OpenRat Content Management System -// Copyright (C) 2002-2012 Jan Dankert, cms@jandankert.de -// -// This program is free software; you can redistribute it and/or -// modify it under the terms of the GNU General Public License -// as published by the Free Software Foundation; either version 2 -// of the License, or (at your option) any later version. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License -// along with this program; if not, write to the Free Software -// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. - - -/** - * Action-Klasse zum Bearbeiten eines Projetmodells - * - * @author Jan Dankert - * @package openrat.actions - */ -class ModellistAction extends Action -{ - /** - * @var Model - */ - public $model; - - public $security = SECURITY_USER; - - private $project; - - function __construct() - { - if ( $this->getRequestId() != 0 ) - { - $this->model = new Model( $this->getRequestId() ); - $this->model->load(); - } - - $this->project = Session::getProject(); - } - - - function showView() - { - global $conf_php; - $actModel = Session::getProjectModel(); - -// $var['act_modelid'] = $this->getSessionVar('modelid'); - - $list = array(); - foreach( $this->project->getModelIds() as $id ) - { - $m = new Model( $id ); - $m->load(); - - $list[$id]['name'] = $m->name; - - if ( $this->userIsAdmin() ) - $list[$id]['id' ] = $id; - - if ( ! $m->isDefault && $this->userIsAdmin() ) - $list[$id]['default_url'] = Html::url('model','setdefault',$id); - - if ( $actModel->modelid != $m->modelid ) - $list[$id]['select_url' ] = Html::url('index','model',$id); - } - $this->setTemplateVar( 'el',$list ); - $this->setTemplateVar( 'add',$this->userIsAdmin() ); - } - - - /** - * Bearbeiten der Variante. - * Ermitteln aller Eigenschaften der Variante. - */ - function editView() - { - $this->nextSubAction('show'); - } - - - - - function addView() - { - } - - - function addPost() - { - $model = new Model(); - $model->projectid = $this->project->projectid; - $model->name = $this->getRequestVar('name'); - $model->add(); - - // Wenn kein Namen eingegeben, dann einen setzen. - if ( empty($model->name) ) - { - // Name ist "Variante <id>" - $model->name = lang('MODEL').' '.$model->modelid; - $model->save(); - } - } - -}- \ No newline at end of file diff --git a/action/ObjectAction.class.php b/action/ObjectAction.class.php @@ -1,480 +0,0 @@ -<?php - -namespace cms\action; - -use cms\model\Acl; -use cms\model\User; -use cms\model\Group; -use cms\model\Page; -use cms\model\Folder; -use cms\model\Object; -use cms\model\Language; -use cms\model\File; -use cms\model\Link; - -// OpenRat Content Management System -// Copyright (C) 2002-2012 Jan Dankert, cms@jandankert.de -// -// This program is free software; you can redistribute it and/or -// modify it under the terms of the GNU General Public License -// as published by the Free Software Foundation; either version 2 -// of the License, or (at your option) any later version. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License -// along with this program; if not, write to the Free Software -// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. - - -/** - * Action-Klasse zum Bearbeiten eines Ordners - * @author $Author$ - * @version $Revision$ - * @package openrat.actions - */ - -class ObjectAction extends Action -{ - public $security = SECURITY_USER; - - private $objectid; - - public function copyView() - { - $this->actionName = 'object'; - global $conf_php; - - $sourceObject = new Object( $this->getRequestId()); - $sourceObject->load(); - - $targetFolder = new Object( $this->getRequestVar('targetFolderId',OR_FILTER_NUMBER)); - $targetFolder->load(); - - $this->setTemplateVar('source' ,$sourceObject->getProperties() ); - $this->setTemplateVar('sourceId',$sourceObject->objectid ); - $this->setTemplateVar('target' ,$targetFolder->getProperties() ); - $this->setTemplateVar('targetId',$targetFolder->objectid ); - $this->setTemplateVar('types' ,array('move'=>'move','moveandlink'=>'moveandlink','copy'=>'copy','link'=>'link') ); - - if ( ! $targetFolder->hasRight(ACL_WRITE) ) - { - $this->addNotice('folder', $targetFolder->name, 'NOT_WRITABLE',OR_NOTICE_ERROR); - } - } - - - /** - * Ein Fileobjekt wird in einen neuen Ordner kopiert oder verschoben. - */ - public function copyPost() - { - $type = $this->getRequestVar('type'); - $targetObjectId = $this->getRequestVar('targetid',OR_FILTER_NUMBER); - $sourceObjectId = $this->getRequestVar('sourceid',OR_FILTER_NUMBER); - - $sourceObject = new Object( $sourceObjectId ); - $sourceObject->load(); - - $targetFolder = new Object( $targetObjectId ); - $targetFolder->load(); - - // Prüfen, ob Schreibrechte im Zielordner bestehen. - if ( ! $targetFolder->hasRight(ACL_WRITE) ) - { - $this->addNotice('folder', $targetFolder->name, 'NOT_WRITABLE',OR_NOTICE_ERROR); - return; - } - - switch( $type ) - { - case 'move': - - if ( $sourceObject->isFolder ) - { - $f = new Folder( $sourceObjectId ); - $allsubfolders = $f->getAllSubFolderIds(); - - // Plausibilisierungsprüfung: - // - // Wenn - // - Das Zielverzeichnis sich nicht in einem Unterverzeichnis des zu verschiebenen Ordners liegt - // und - // - Das Zielverzeichnis nicht der zu verschiebene Ordner ist - // dann verschieben - if ( in_array($targetObjectId,$allsubfolders) || $sourceObjectId == $targetObjectId ) - { - $this->addNotice('folder',$sourceObject->name,'ERROR',OR_NOTICE_ERROR); - return; - } - } - - // TODO: - // Beim Verschieben und Kopieren muss im Zielordner die Berechtigung - // zum Erstellen von Ordner, Dateien oder Seiten vorhanden sein. - $sourceObject->setParentId( $targetObjectId ); - $this->addNotice($sourceObject->type, $sourceObject->name, 'moved'); - break; - - case 'moveandlink': - - $oldParentId = $sourceObject->parentid; - - $sourceObject->setParentId( $targetObjectId ); - $this->addNotice($sourceObject->type, $sourceObject->name, 'moved'); - - $link = new Link(); - $link->parentid = $oldParentId; - $link->name = lang('LINK_TO').' '.$sourceObject->name; - $link->filename = $sourceObject->filename; - $link->linkedObjectId = $sourceObjectId; - $link->add(); - $this->addNotice('link', $link->name, 'added'); - - break; - - case 'copy': - - switch( $sourceObject->getType() ) - { - case 'folder': - // Ordner zur Zeit nicht kopieren - // Funktion waere zu verwirrend - $this->addNotice($sourceObject->getType(),$sourceObject->name,'CANNOT_COPY_FOLDER','error'); - break; - - case 'file': - $f = new File( $sourceObjectId ); - $f->load(); - $f->filename = ''; - $f->name = lang('COPY_OF').' '.$f->name; - $f->parentid = $targetObjectId; - $f->add(); - $f->copyValueFromFile( $sourceObjectId ); - - $this->addNotice($sourceObject->getType(),$sourceObject->name,'COPIED','ok'); - break; - - case 'page': - $p = new Page( $sourceObjectId ); - $p->load(); - $p->filename = ''; - $p->name = lang('COPY_OF').' '.$p->name; - $p->parentid = $targetObjectId; - $p->add(); - $p->copyValuesFromPage( $sourceObjectId ); - $this->addNotice($sourceObject->getType(),$sourceObject->name,'COPIED','ok'); - break; - - case 'link': - $l = new Link( $sourceObjectId ); - $l->load(); - $l->filename = ''; - $l->name = lang('COPY_OF').' '.$l->name; - $l->parentid = $targetObjectId; - $l->add(); - $this->addNotice($sourceObject->getType(),$sourceObject->name,'COPIED','ok'); - break; - - default: - Http::serverError('fatal: unknown type while deleting'); - } - break; - - case 'link': - - // Beim Verkn�pfen muss im Zielordner die Berechtigung zum Erstellen - // von Verkn�pfungen vorhanden sein. - if ( ! $targetFolder->hasRight(ACL_CREATE_LINK) ) - { - $this->addNotice('folder', $targetFolder->name, 'NOT_WRITABLE',OR_NOTICE_ERROR); - return; - } - - $link = new Link(); - $link->parentid = $targetObjectId; - $link->name = lang('LINK_TO').' '.$sourceObject->name; - $link->filename = $sourceObject->filename; - $link->linkedObjectId = $sourceObjectId; - $link->isLinkToObject = true; - $link->add(); - $this->addNotice('link', $link->name, 'added'); - // OK - break; - - default: - Http::serverError('Unknown type for copying'); - break; - } - - $targetFolder->setTimestamp(); - - } - - /** - * ACL zu einem Objekt setzen - * - * @access public - */ - function aclformPost() - { - $acl = new Acl(); - - $acl->objectid = $this->getRequestId(); - - // Nachschauen, ob der Benutzer ueberhaupt berechtigt ist, an - // diesem Objekt die ACLs zu aendern. - $o = new Object( $acl->objectid ); - - if ( !$o->hasRight( ACL_GRANT ) ) - die('uh?'); // Scheiss Hacker. - - // Handelt es sich um eine Benutzer- oder Gruppen ACL? - switch( $this->getRequestVar('type') ) - { - case 'user': - $acl->userid = $this->getRequestVar('userid' ); - - if ( $acl->userid <= 0 ) - { - $this->addValidationError('type' ); - $this->addValidationError('userid',''); - $this->callSubAction('aclform'); - return; - } - break; - case 'group': - $acl->groupid = $this->getRequestVar('groupid'); - if ( $acl->groupid <= 0 ) - { - $this->addValidationError('type' ); - $this->addValidationError('groupid',''); - $this->callSubAction('aclform'); - return; - } - break; - case 'all': - break; - default: - $this->addValidationError('type'); - $this->callSubAction('aclform'); - return; - } - - $acl->languageid = $this->getRequestVar(REQ_PARAM_LANGUAGE_ID); - - $acl->write = ( $this->hasRequestVar('write' ) ); - $acl->prop = ( $this->hasRequestVar('prop' ) ); - $acl->delete = ( $this->hasRequestVar('delete' ) ); - $acl->release = ( $this->hasRequestVar('release' ) ); - $acl->publish = ( $this->hasRequestVar('publish' ) ); - $acl->create_folder = ( $this->hasRequestVar('create_folder') ); - $acl->create_file = ( $this->hasRequestVar('create_file' ) ); - $acl->create_link = ( $this->hasRequestVar('create_link' ) ); - $acl->create_page = ( $this->hasRequestVar('create_page' ) ); - $acl->grant = ( $this->hasRequestVar('grant' ) ); - $acl->transmit = ( $this->hasRequestVar('transmit' ) ); - - $acl->add(); - - // Falls die Berechtigung vererbbar ist, dann diese sofort an - // Unterobjekte vererben. - if ( $acl->transmit ) - { - $folder = new Folder( $acl->objectid ); - $oids = $folder->getObjectIds(); - foreach( $folder->getAllSubfolderIds() as $sfid ) - { - $subfolder = new Folder( $sfid ); - $oids = array_merge($oids,$subfolder->getObjectIds()); - } - - foreach( $oids as $oid ) - { - $acl->objectid = $oid; - $acl->add(); - } - } - - - - - $this->addNotice('','','ADDED',OR_NOTICE_OK); - - $o->setTimestamp(); - } - - - - /** - * Alle Rechte anzeigen - */ - function rightsView() - { - $this->actionName = 'object'; - $o = new Object( $this->getRequestId() ); - $o->objectLoadRaw(); - $this->setTemplateVar( 'show',$o->getRelatedAclTypes() ); - $this->setTemplateVar( 'type',$o->getType() ); - - $acllist = array(); - - /* - foreach( $o->getAllInheritedAclIds() as $aclid ) - { - $acl = new Acl( $aclid ); - $acl->load(); - $key = 'au'.$acl->username.'g'.$acl->groupname.'a'.$aclid; - $acllist[$key] = $acl->getProperties(); - } - */ - - foreach( $o->getAllAclIds() as $aclid ) - { - $acl = new Acl( $aclid ); - $acl->load(); - $key = 'bu'.$acl->username.'g'.$acl->groupname.'a'.$aclid; - $acllist[$key] = $acl->getProperties(); - $acllist[$key]['aclid'] = $aclid; - } - ksort( $acllist ); - - $this->setTemplateVar('acls',$acllist ); - - $this->setTemplateVars( $o->getAssocRelatedAclTypes() ); - } - - - - /** - * Alle Rechte anzeigen - */ - function inheritView() - { - $this->actionName = 'object'; - - $o = new Object( $this->getRequestId() ); - $o->objectLoadRaw(); - $this->setTemplateVar( 'type',$o->getType() ); - - $acllist = array(); - $this->setTemplateVar('acls',$acllist ); - } - - - - /** - * - * @return unknown_type - */ - function inheritPost() - { - Session::close(); - - $folder = new Folder( $this->getRequestId() ); - $folder->load(); - - if ( ! $this->hasRequestVar('inherit') ) - { - $this->addNotice('folder',$folder->name,'NOTHING_DONE',OR_NOTICE_WARN); - return; - } - - - $aclids = $folder->getAllAclIds(); - - $newAclList = array(); - foreach( $aclids as $aclid ) - { - $acl = new Acl( $aclid ); - $acl->load(); - if ( $acl->transmit ) - $newAclList[] = $acl; - } - Logger::debug('inheriting '.count($newAclList).' acls'); - - $oids = $folder->getObjectIds(); - - foreach( $folder->getAllSubfolderIds() as $sfid ) - { - $subfolder = new Folder( $sfid ); - - $oids = array_merge($oids,$subfolder->getObjectIds()); - } - - foreach( $oids as $oid ) - { - $object = new Object( $oid ); - - // Die alten ACLs des Objektes löschen. - foreach( $object->getAllAclIds() as $aclid ) - { - $acl = new Acl( $aclid ); - $acl->objectid = $oid; - $acl->delete(); - Logger::debug('removing acl '.$aclid.' for object '.$oid); - } - - // Vererbbare ACLs des aktuellen Ordners anwenden. - foreach( $newAclList as $newAcl ) - { - $newAcl->objectid = $oid; - $newAcl->add(); - Logger::debug('adding new acl '.$newAcl->aclid.' for object '.$oid); - } - } - - $this->addNotice('folder',$folder->name,'SAVED',OR_NOTICE_OK); - } - - - /** - * Formular anzeigen, um Rechte hinzufuegen - */ - function aclformView() - { - $this->actionName = 'object'; - - $o = new Object( $this->getRequestId() ); - $o->objectLoadRaw(); - - $this->setTemplateVars( $o->getAssocRelatedAclTypes() ); - $this->setTemplateVar( 'show',$o->getRelatedAclTypes() ); - - $this->setTemplateVar('users' ,User::listAll() ); - $this->setTemplateVar('groups' ,Group::getAll() ); - - $languages = array(0=>lang('ALL_LANGUAGES')); - $languages += Language::getAll(); - $this->setTemplateVar('languages',$languages ); - $this->setTemplateVar('objectid' ,$o->objectid ); - $this->setTemplateVar('action' ,$this->actionName); - } - - - - /** - * Entfernen einer ACL - * - * @access protected - */ - function delaclPost() - { - $acl = new Acl($this->getRequestVar('aclid')); - $acl->objectid = $this->getRequestId(); - - // Nachschauen, ob der Benutzer ueberhaupt berechtigt ist, an - // diesem Objekt die ACLs zu aendern. - $o = new Object( $this->getRequestId() ); - - if ( !$o->hasRight( ACL_GRANT ) ) - Http::notAuthorized('no grant rights'); // Da wollte uns wohl einer vereimern. - - $acl->delete(); // Weg mit der ACL - - $this->addNotice('','','DELETED',OR_NOTICE_OK); - } -}- \ No newline at end of file diff --git a/action/PageAction.class.php b/action/PageAction.class.php @@ -1,880 +0,0 @@ -<?php - -namespace cms\action; - -use cms\model\Project; -use cms\model\Value; -use cms\model\Element; -use cms\model\Template; -use cms\model\Page; -use cms\model\Folder; -use cms\model\Object; -use cms\model\Language; -use cms\model\Model; -use \Html; -use Http; -use Logger; -use Session; - - -/** - * Action-Klasse zum Bearbeiten einer Seite - * @author $Author$ - * @version $Revision$ - * @package openrat.actions - */ - -class PageAction extends ObjectAction -{ - public $security = SECURITY_USER; - - var $page; - var $defaultSubAction = 'show'; - - - function __construct() - { - $this->page = new Page( $this->getRequestId() ); - $this->page->load(); - - // Hier kann leider nicht das Datum der letzten Änderung verwendet werden, - // da sich die Seite auch danach ändern kann, z.B. durch Includes anderer - // Seiten oder Änderung einer Vorlage oder Änderung des Dateinamens einer - // verlinkten Datei. - //$this->lastModified( time() ); - } - - - /** - * Alle Daten aus dem Formular speichern - */ - function formPost() - { - $this->page->public = true; - $this->page->simple = true; - - foreach( $this->page->getElements() as $elementid=>$name ) - { - if ( $this->hasRequestVar('saveid'.$elementid) ) - { - $value = new Value(); - $value->objectid = $this->page->objectid; - $value->pageid = Page::getPageIdFromObjectId( $value->objectid ); - $value->element = new Element( $elementid ); - $value->element->load(); - $value->publish = false; - $value->load(); - - // Eingegebenen Inhalt aus dem Request lesen - $inhalt = $this->getRequestVar( 'id'.$elementid ); - - // Den Inhalt speichern. - switch( $value->element->type ) - { - case 'number': - $value->number = $inhalt * pow(10,$value->element->decimals); - break; - - case 'date': - $value->date = strtotime( $inhalt ); - break; - - case 'text': - case 'longtext': - case 'select': - $value->text = $inhalt; - break; - - case 'link': - case 'list': - case 'insert': - $value->linkToObjectId = intval($inhalt); - break; - } - - $value->page = &$this->page; - - // Ermitteln, ob Inhalt sofort freigegeben werden kann und soll - if ( $this->page->hasRight( ACL_RELEASE ) && $this->hasRequestVar('release') ) - $value->publish = true; - else - $value->publish = false; - -// Html::debug($inhalt,'Eingabe'); -// Html::debug($value,'Inhalt'); - - // Inhalt speichern. - // Inhalt in allen Sprachen gleich? - if ( $value->element->allLanguages ) - { - // Inhalt fuer jede Sprache einzeln speichern. - $p = new Project(); - foreach( $p->getLanguageIds() as $languageid ) - { - $value->languageid = $languageid; - $value->save(); - } - } - else - { - // sonst nur 1x speichern (fuer die aktuelle Sprache) - $value->languageid = $this->getSessionVar(REQ_PARAM_LANGUAGE_ID); - $value->save(); - } - } - } - $this->page->setTimestamp(); // "Letzte Aenderung" setzen - - if ( $this->hasRequestVar('publish') ) - $this->callSubAction( 'pubnow' ); - else - $this->callSubAction( 'el' ); - } - - - /** - * Element speichern - * - * Der Inhalt eines Elementes wird abgespeichert - */ - function editPost() - { - $value = new Value(); - $language = Session::getProjectLanguage(); - $value->languageid = $language->languageid; - $value->objectid = $this->page->objectid; - $value->pageid = Page::getPageIdFromObjectId( $this->page->objectid ); - - if ( $this->hasRequestVar('elementid') ) - $value->element = new Element( $this->getRequestVar('elementid') ); - else - $value->element = Session::getElement(); - - $value->element->load(); - $value->publish = false; - $value->load(); - - $value->number = $this->getRequestVar('number') * pow(10,$value->element->decimals); - $value->linkToObjectId = intval($this->getRequestVar('linkobjectid')); - $value->text = $this->getRequestVar('text'); - - // Vorschau anzeigen - if ( $value->element->type=='longtext' && ($this->hasRequestVar('preview')||$this->hasRequestVar('addmarkup')) ) - { - if ( $this->hasRequestVar('preview') ) - { - $value->page = $this->page; - $value->simple = false; - $value->page->languageid = $value->languageid; - $value->page->load(); - $value->generate(); - $this->setTemplateVar('preview_text',$value->value ); - } - - if ( $this->hasRequestVar('addmarkup') ) - { - $addText = $this->getRequestVar('addtext'); - - if ( !empty($addText) ) // Nur, wenn ein Text eingegeben wurde - { - $addText = $this->getRequestVar('addtext'); - - if ( $this->hasRequestVar('strong') ) - $value->text .= '*'.$addText.'*'; - - if ( $this->hasRequestVar('emphatic') ) - $value->text .= '_'.$addText.'_'; - - if ( $this->hasRequestVar('link') ) - $value->text .= '"'.$addText.'"->"'.$this->getRequestVar('objectid').'"'; - } - - if ( $this->hasRequestVar('table') ) - $value->text .= "|$addText | |\n|$addText | |\n|$addText | |\n"; - - if ( $this->hasRequestVar('list') ) - $value->text .= "\n- ".$addText."\n".'- '.$addText."\n".'- '.$addText."\n"; - - if ( $this->hasRequestVar('numlist') ) - $value->text .= "\n# ".$addText."\n".'# '.$addText."\n".'# '.$addText."\n"; - - if ( $this->hasRequestVar('image') ) - $value->text .= '{'.$this->getRequestVar('objectid').'}'; - } - - // Ermitteln aller verlinkbaren Objekte (fuer Editor) - $objects = array(); - - foreach( Folder::getAllObjectIds() as $id ) - { - $o = new Object( $id ); - $o->load(); - - if ( $o->getType() != 'folder' ) - { - $f = new Folder( $o->parentid ); - $objects[ $id ] = lang( 'GLOBAL_'.$o->getType() ).': '; - $objects[ $id ] .= implode( FILE_SEP,$f->parentObjectNames(false,true) ); - $objects[ $id ] .= FILE_SEP.$o->name; - } - } - asort($objects); - $this->setTemplateVar( 'objects' ,$objects ); - - $this->setTemplateVar( 'release' ,$this->page->hasRight(ACL_RELEASE) ); - $this->setTemplateVar( 'publish' ,$this->page->hasRight(ACL_PUBLISH) ); - $this->setTemplateVar( 'html' ,$value->element->html ); - $this->setTemplateVar( 'wiki' ,$value->element->wiki ); - $this->setTemplateVar( 'text' ,$value->text ); - $this->setTemplateVar( 'name' ,$value->element->name ); - $this->setTemplateVar( 'desc' ,$value->element->desc ); - $this->setTemplateVar( 'objectid',$this->page->objectid ); - return; - } - - if ( $this->hasRequestVar('year') ) // Wird ein Datum gespeichert? - { - // Wenn ein ANSI-Datum eingegeben wurde, dann dieses verwenden - if ( $this->getRequestVar('ansidate') != $this->getRequestVar('ansidate_orig') ) - $value->date = strtotime($this->getRequestVar('ansidate') ); - else - // Sonst die Zeitwerte einzeln zu einem Datum zusammensetzen - $value->date = mktime( $this->getRequestVar('hour' ), - $this->getRequestVar('minute'), - $this->getRequestVar('second'), - $this->getRequestVar('month' ), - $this->getRequestVar('day' ), - $this->getRequestVar('year' ) ); - } - else $value->date = 0; // Datum nicht gesetzt. - - $value->text = $this->getRequestVar('text'); - - $value->page = new Page( $value->objectid ); - $value->page->load(); - - // Inhalt sofort freigegeben, wenn - // - Recht vorhanden - // - Freigabe gewuenscht - if ( $value->page->hasRight( ACL_RELEASE ) && $this->getRequestVar('release')!='' ) - $value->publish = true; - else - $value->publish = false; - - // Inhalt speichern - - // Wenn Inhalt in allen Sprachen gleich ist, dann wird der Inhalt - // fuer jede Sprache einzeln gespeichert. - if ( $value->element->allLanguages ) - { - $project = Session::getProject(); - foreach( $project->getLanguageIds() as $languageid ) - { - $value->languageid = $languageid; - $value->save(); - } - } - else - { - // sonst nur 1x speichern (fuer die aktuelle Sprache) - $value->save(); - } - - $this->page->setTimestamp(); // "Letzte Aenderung" setzen - - // Falls ausgewaehlt die Seite sofort veroeffentlichen - if ( $this->hasRequestVar('publish') ) - $this->callSubAction( 'pubnow' ); // Weiter zum veroeffentlichen - else - $this->callSubAction( 'el' ); // Element-Liste anzeigen - } - - - - /** - * Eigenschaften der Seite speichern - */ - function propPost() - { - if ( $this->getRequestVar('name')!='' ) - { - $this->page->name = $this->getRequestVar('name' ,OR_FILTER_FULL ); - $this->page->filename = $this->getRequestVar('filename' ,OR_FILTER_FILENAME); - $this->page->desc = $this->getRequestVar('description',OR_FILTER_FULL ); - - $this->page->save(); - $this->addNotice($this->page->getType(),$this->page->name,'PROP_SAVED','ok'); - - if ( $this->hasRequestVar('creationTimestamp') && $this->currentUser->isAdmin ) - $this->page->createDate = $this->getRequestVar('creationTimestamp',OR_FILTER_NUMBER); - $this->page->setCreationTimestamp(); - } - else - { - $this->addValidationError('name'); - } - } - - - - /** - * Die Eigenschaften der Seite anzeigen - */ - function propView() - { - $this->setTemplateVar('id',$this->page->objectid); - - $this->page->public = true; - $this->page->load(); - $this->page->full_filename(); - - if ( $this->page->filename == $this->page->objectid ) - $this->page->filename = ''; - - $this->setTemplateVars( $this->page->getProperties() ); - - if ( $this->userIsAdmin() ) - { - $this->setTemplateVar('template_url',Html::url('main','template',$this->page->templateid)); - } - - $template = new Template( $this->page->templateid ); - $template->load(); - $this->setTemplateVar('template_name',$template->name); - - // Alle Ordner ermitteln -// $this->setTemplateVar('act_folderobjectid',$this->page->parentid); -// -// $folders = array(); -// $folder = new Folder( $this->page->parentid ); - -// foreach( $folder->getOtherFolders() as $oid ) -// { -// $f = new Folder( $oid ); -// $folders[$oid] = implode( FILE_SEP,$f->parentObjectNames(true,true) ); -// } -// asort( $folders ); -// $this->setTemplateVar('folder',$folders); - - $templates = Array(); - foreach( Template::getAll() as $id=>$name ) - { - if ( $id != $this->page->templateid ) - $templates[$id]=$name; - } - $this->setTemplateVar('templates',$templates); - } - - - - /** - * Die Eigenschaften der Seite anzeigen - */ - function infoView() - { - $this->setTemplateVar('id',$this->page->objectid); - - $this->page->public = true; - $this->page->load(); - $this->page->full_filename(); - - if ( $this->page->filename == $this->page->objectid ) - $this->page->filename = ''; - - $this->setTemplateVars( $this->page->getProperties() ); - - if ( $this->userIsAdmin() ) - { - $this->setTemplateVar('template_url',Html::url('main','template',$this->page->templateid)); - } - - $template = new Template( $this->page->templateid ); - $template->load(); - $this->setTemplateVar('template_name',$template->name); - - - } - - - - - /** - * Austauschen der Vorlage vorbereiten - * - * Es wird ein Formualr erzeugt, in dem der Benutzer auswaehlen kann, welche Elemente - * in welches Element uebernommen werden sollen - */ - public function changetemplateselectelementsView() - { - $newTemplateId = $this->getRequestVar( 'newtemplateid' ); - - if ( $newTemplateId != 0 ) - { - $this->setTemplateVar('newtemplateid',$newTemplateId ); - - $oldElements = array(); - $oldTemplate = new Template( $this->page->templateid ); - $newTemplate = new Template( $newTemplateId ); - - foreach( $oldTemplate->getElementIds() as $elementid ) - { - $e = new Element( $elementid ); - $e->load(); - - if ( !$e->isWritable() ) - continue; - - $oldElement = array(); - $oldElement['name'] = $e->name.' - '.lang('EL_'.$e->type ); - $oldElement['id' ] = $e->elementid; - - $newElements = Array(); - $newElements[0] = lang('ELEMENT_DELETE_VALUES'); - - foreach( $newTemplate->getElementIds() as $newelementid ) - { - $ne = new Element( $newelementid ); - $ne->load(); - - // Nur neue Elemente anbieten, deren Typ identisch ist - if ( $ne->type == $e->type ) - $newElements[$newelementid] = lang('ELEMENT').': '.$ne->name.' - '.lang('EL_'.$e->type ); - } - $oldElement['newElementsName'] = 'from'.$e->elementid; - $oldElement['newElementsList'] = $newElements; - $oldElements[$elementid] = $oldElement; - } - $this->setTemplateVar('elements',$oldElements ); - } - else - { - $this->callSubAction('prop'); - } - } - - - - /** - * Die Vorlage der Seite austauschen - * - * Die Vorlage wird ausgetauscht, die Inhalte werden gemaess der Benutzereingaben kopiert - */ - public function changetemplateselectelementsPost() - { - $newTemplateId = $this->getRequestVar('newtemplateid'); - $replaceElementMap = Array(); - - $oldTemplate = new Template( $this->page->templateid ); - foreach( $oldTemplate->getElementIds() as $elementid ) - $replaceElementMap[$elementid] = $this->getRequestVar('from'.$elementid); - - if ( $newTemplateId != 0 ) - { - $this->page->replaceTemplate( $newTemplateId,$replaceElementMap ); - $this->addNotice('page',$this->page->name,'SAVED',OR_NOTICE_OK); - } - else - $this->addNotice('page',$this->page->name,'NOT_SAVED',OR_NOTICE_WARN); - } - - - - - /** - * Alle Elemente der Seite anzeigen - */ - function editView() - { - $this->page->public = true; - $this->page->simple = true; - $this->page->generate_elements(); - - $list = array(); - - // Schleife ueber alle Inhalte der Seite - foreach( $this->page->values as $id=>$value ) - { - // Element wird nur angezeigt, wenn es editierbar ist - if ( $value->element->isWritable() ) - { - $list[$id] = array(); - $list[$id]['name'] = $value->element->name; - $list[$id]['pageelementid' ] = $this->page->objectid.'_'.$id; - $list[$id]['desc'] = $value->element->desc; - $list[$id]['type'] = $value->element->type; - - $list[$id]['archive_count'] = intval($value->getCountVersions()); - if ( $list[$id]['archive_count'] > 0 ) - $list[$id]['archive_url'] = Html::url( 'pageelement','archive',$this->page->id,array('elementid'=>$id) ); - - // Inhalt anzeigen - $list[$id]['value'] = $value->value; - } - } - - $this->setTemplateVar('preview_url',Html::url('page','show',$this->page->objectid,array('withIcons'=>'1') ) ); - $this->setTemplateVar('properties',$this->page->getProperties() ); - $this->setTemplateVar('el',$list); - } - - - /** - * Alle editierbaren Felder in einem Formular bereitstellen - */ - function formView() - { - global $conf_php; - - $this->page->public = false; - $this->page->simple = true; - $this->page->generate_elements(); - - $list = array(); - - foreach( $this->page->values as $id=>$value ) - { - if ( $value->element->isWritable() ) - { - $list[$id] = array(); - $list[$id]['name'] = $value->element->name; - $list[$id]['desc'] = $value->element->desc; - $list[$id]['type'] = $value->element->type; - $list[$id]['id' ] = 'id'.$value->element->elementid; - $list[$id]['saveid'] = 'saveid'.$value->element->elementid; - - switch( $value->element->type ) - { - case 'text': - case 'longtext': - $list[$id]['value'] = $value->text; - break; - - case 'date': - $list[$id]['value'] = date( 'Y-m-d H:i:s',$value->date ); - break; - - case 'number': - $list[$id]['value'] = $value->number / pow(10,$value->element->decimals); - break; - - case 'select': - $list[$id]['list' ] = $value->element->getSelectItems(); - $list[$id]['value'] = $value->text; - break; - - case 'link': - $objects = array(); - - foreach( Folder::getAllObjectIds() as $oid ) - { - $o = new Object( $oid ); - $o->load(); - - if ( $o->getType() != 'folder' ) - { - $f = new Folder( $o->parentid ); - $f->load(); - - $objects[ $oid ] = lang( $o->getType() ).': '; - $objects[ $oid ] .= implode( ' &raquo; ',$f->parentObjectNames(false,true) ); - $objects[ $oid ] .= ' &raquo; '.$o->name; - } - } - - asort( $objects ); // Sortieren - - $list[$id]['list' ] = $objects; - $list[$id]['value'] = $value->linkToObjectId; - break; - - case 'list': - $objects = array(); - foreach( Folder::getAllFolders() as $oid ) - { - $f = new Folder( $oid ); - $f->load(); - - $objects[ $oid ] = lang( $f->getType() ).': '; - $objects[ $oid ] .= implode( ' &raquo; ',$f->parentObjectNames(false,true) ); - } - - asort( $objects ); // Sortieren - - $this->setTemplateVar('list' ,$objects); - $this->setTemplateVar('value',$this->value->linkToObjectId); - - break; - } - } - } - - $this->setTemplateVar( 'release',$this->page->hasRight(ACL_RELEASE) ); - $this->setTemplateVar( 'publish',$this->page->hasRight(ACL_PUBLISH) ); - - $this->setWindowMenu( 'elements' ); - $this->setTemplateVar('el',$list); - } - - - - /** - * Seite anzeigen - */ - function previewView() - { - $this->setTemplateVar('preview_url',Html::url('page','show',$this->page->objectid ) ); - } - - /** - * Seite anzeigen - */ - function showView() - { - // Seite definieren - if ( $this->hasRequestVar('withIcons') ) - $this->page->icons = true; - - $this->page->load(); - $this->page->generate(); - $this->page->write(); - - header('Content-Type: '.$this->page->mimeType().'; charset=UTF-8' ); - - // HTTP-Header mit Sprachinformation setzen. - $language = Session::getProjectLanguage(); - header('Content-Language: '.$language->isoCode); - - Logger::debug("preview page: ".$this->page->tmpfile() ); - - // Wenn - if ( ( config('publish','enable_php_in_page_content')=='auto' && $this->page->template->extension == 'php') || - config('publish','enable_php_in_page_content')===true ) - require( $this->page->tmpfile() ); - else - readfile( $this->page->tmpfile() ); - - exit(); - } - - - - /** - * Den Quellcode der Seite anzeigen - * - * Alle HTML-Sonderzeichen werden maskiert - */ - function src() - { - $language = Session::getProjectLanguage(); - $model = Session::getProjectModel(); - - $this->page->languageid = $language->languageid; - $this->page->modelid = $model->modelid; - - $this->page->withLanguage = config('publish','filename_language') == 'always' || count(Language::count()) > 1; - $this->page->withModel = config('publish','filename_type' ) == 'always' || count(Model::count() ) > 1; - - $this->page->public = true; - $this->page->load(); - - $src = $this->page->generate(); - - // HTML Highlighting - - //$src = preg_replace( '|<(.+)( .+)?'.'>|Us' , '<strong>&lt;$1</strong>$2<strong>&gt;</strong>', $src); - //$src = preg_replace( '|([a-zA-Z]+)="(.+)"|Us' , '<em>$1</em>=<var>"$2"</var>' , $src); - $src = htmlentities($src); - - $this->setTemplateVar('src',$src); - } - - - - - /** - * Die Eigenschaften der Seite anzeigen - */ - function changetemplateView() - { - $this->page->public = true; - $this->page->load(); - - $this->setTemplateVars( $this->page->getProperties() ); - - if ( $this->userIsAdmin() ) - { - $this->setTemplateVar('template_url',Html::url('main','template',$this->page->templateid)); - } - - $template = new Template( $this->page->templateid ); - $template->load(); - $this->setTemplateVar('template_name',$template->name); - - $templates = Array(); - foreach( Template::getAll() as $id=>$name ) - { - if ( $id != $this->page->templateid ) - $templates[$id]=$name; - } - $this->setTemplateVar('templates',$templates); - } - - - - - - /** - * Seite veroeffentlichen - * - * Es wird ein Formular angzeigt, mit dem die Seite veroeffentlicht - * werden kann - */ - function pubView() - { - } - - - - /** - * Seite veroeffentlichen - * - * Die Seite wird generiert. - */ - function pubPost() - { - if ( !$this->page->hasRight( ACL_PUBLISH ) ) - Http::notAuthorized( 'no right for publish' ); - - Session::close(); - - $this->page->public = true; - $this->page->publish(); - $this->page->publish->close(); - -// foreach( $this->page->publish->publishedObjects as $o ) -// { -// $this->addNotice($o['type'],$o['full_filename'],'PUBLISHED','ok'); -// } - - $this->addNotice( 'page', - $this->page->fullFilename, - 'PUBLISHED'.($this->page->publish->ok?'':'_ERROR'), - $this->page->publish->ok, - array(), - $this->page->publish->log ); - } - - - function setWindowMenu( $type ) { - switch( $type) - { - case 'elements': - $menu = array( array('subaction'=>'el' ,'text'=>'all'), - array('subaction'=>'form','text'=>'change' ) ); - $this->setTemplateVar('windowMenu',$menu); - break; - case 'acl': - $menu = array( array('subaction'=>'rights' ,'text'=>'show'), - array('subaction'=>'aclform','text'=>'add' ) ); - $this->setTemplateVar('windowMenu',$menu); - break; - - } - } - - - /** - * Stellt fest, welche Menüeinträge ggf. ausgeblendet werden. - * - * @see actionClasses/Action#checkMenu($name) - */ - function checkMenu( $menu ) { - - switch( $menu) - { - case 'changetemplate': - // Template nur austauschbar, wenn es mind. 2 gibt. - return (!readonly() && count(Template::getAll()) > 1); - - case 'aclform': - return !readonly(); - - case 'form': - return !readonly(); - - default: - return true; - - } - } - - - /** - * Liefert die Struktur zu diesem Ordner: - * - Mit den übergeordneten Ordnern und - * - den in diesem Ordner enthaltenen Objekten - * - * Beispiel: - * <pre> - * - A - * - B - * - C (dieser Ordner) - * - Unterordner - * - Seite - * - Seite - * - Datei - * </pre> - */ - public function structureView() - { - - $structure = array(); - $tmp = &$structure; - $nr = 0; - - $folder = new Folder( $this->page->parentid ); - $parents = $folder->parentObjectNames(false,true); - - foreach( $parents as $id=>$name) - { - unset($children); - unset($o); - $children = array(); - $o = array('id'=>$id,'name'=>$name,'type'=>'folder','level'=>++$nr,'children'=>&$children); - - $tmp[$id] = &$o;; - - unset($tmp); - - $tmp = &$children; - } - - - - unset($children); - unset($id); - unset($name); - - $elementChildren = array(); - - $tmp[ $this->page->objectid ] = array('id'=>$this->page->objectid,'name'=>$this->page->name,'type'=>'page','self'=>true,'children'=>&$elementChildren); - - $template = new Template( $this->page->templateid ); - $elements = $template->getElementNames(); - - foreach( $elements as $id=>$name ) - { - $elementChildren[$id] = array('id'=>$this->page->objectid.'_'.$id,'name'=>$name,'type'=>'pageelement','children'=>array() ); - } - - //Html::debug($structure); - - $this->setTemplateVar('outline',$structure); - } - - - - -} - -?>- \ No newline at end of file diff --git a/action/PageelementAction.class.php b/action/PageelementAction.class.php @@ -1,1540 +0,0 @@ -<?php - -namespace cms\action; - -use cms\model\User; -use cms\model\Value; -use cms\model\Element; -use cms\model\Template; -use cms\model\Page; -use cms\model\Folder; -use cms\model\Object; -use Html; -use Http; -use Session; -use Transformer; -use \Text; - -// OpenRat Content Management System -// Copyright (C) 2002-2012 Jan Dankert, cms@jandankert.de -// -// This program is free software; you can redistribute it and/or -// modify it under the terms of the GNU General Public License -// as published by the Free Software Foundation; either version 2 -// of the License, or (at your option) any later version. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License -// along with this program; if not, write to the Free Software -// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. - - -/** - * Action-Klasse zum Bearbeiten eines Seitenelementes - * @author $Author$ - * @version $Revision$ - * @package openrat.actions - */ -class PageelementAction extends Action -{ - public $security = SECURITY_USER; - - var $defaultSubAction = 'edit'; - - - /** - * Enthaelt das Seitenobjekt - * @type Object - */ - var $page; - - /** - * Enthaelt das Elementobjekt - * @type Object - */ - var $element; - - - /** - * Enth�lt den Inhalt - * - * @var Object - */ - var $value; - - - - /** - * Konstruktor - */ - function __construct() - { - $this->value = new Value(); - - $id = $this->getRequestVar('id'); - $ids = explode('_',$id); - if ( count($ids) > 1 ) - { - list( $pageid, $elementid ) = $ids; - } - else - { - $pageid = $this->getRequestId(); - $elementid = $this->getRequestVar('elementid'); - } - - if ( $pageid != 0 ) - { - $this->page = new Page( $pageid ); - $this->page->load(); - } - - if ( $elementid != 0 ) - { - $this->elementid = $elementid; - $this->element = new Element( $elementid ); - } - } - - - - /** - * Anzeigen des Element-Inhaltes. - */ - public function propView() - { - Http::noContent(); - - $language = Session::getProjectLanguage(); - $this->value->languageid = $language->languageid; - $this->value->objectid = $this->page->objectid; - $this->value->pageid = $this->page->pageid; - $this->value->page = $this->page; - $this->value->simple = false; - $this->value->element = &$this->element; - $this->value->element->load(); - $this->value->publish = false; - $this->value->load(); - - $this->setTemplateVar('name' ,$this->value->element->name ); - $this->setTemplateVar('description' ,$this->value->element->desc ); - $this->setTemplateVar('elementid' ,$this->value->element->elementid); - $this->setTemplateVar('element_type',$this->value->element->type ); - - $user = new User( $this->value->lastchangeUserId ); - $user->load(); - $this->setTemplateVar('lastchange_user',$user); - $this->setTemplateVar('lastchange_date',$this->value->lastchangeTimeStamp); - - $t = new Template( $this->page->templateid ); - $t->load(); - $this->setTemplateVar('template_name',$t->name ); - $this->setTemplateVar('template_url' ,Html::url('template','prop',$t->templateid) ); - - $this->setTemplateVar('element_name' ,$this->value->element->name ); - $this->setTemplateVar('element_url' ,Html::url('element','name',$this->value->element->elementid) ); - - } - - - - /** - * Anzeigen des Element-Inhaltes. - */ - public function infoView() - { - $language = Session::getProjectLanguage(); - $this->value->languageid = $language->languageid; - $this->value->objectid = $this->page->objectid; - $this->value->pageid = $this->page->pageid; - $this->value->page = $this->page; - $this->value->simple = false; - $this->value->element = &$this->element; - $this->value->element->load(); - $this->value->publish = false; - $this->value->load(); - - $this->setTemplateVar('name' ,$this->value->element->name ); - $this->setTemplateVar('description' ,$this->value->element->desc ); - $this->setTemplateVar('elementid' ,$this->value->element->elementid); - $this->setTemplateVar('element_type',$this->value->element->type ); - - $user = new User( $this->value->lastchangeUserId ); - $user->load(); - $this->setTemplateVar('lastchange_user',$user->getProperties()); - $this->setTemplateVar('lastchange_date',$this->value->lastchangeTimeStamp); - - $t = new Template( $this->page->templateid ); - $t->load(); - $this->setTemplateVar('template_name',$t->name ); - $this->setTemplateVar('template_id' ,$t->templateid ); - - $this->setTemplateVar('element_name' ,$this->value->element->name ); - $this->setTemplateVar('element_id' ,$this->value->element->elementid ); - - } - - - - /** - * Anzeigen des Element-Inhaltes. - */ - public function structureView() - { - $language = Session::getProjectLanguage(); - $this->value->languageid = $language->languageid; - $this->value->objectid = $this->page->objectid; - $this->value->pageid = $this->page->pageid; - $this->value->page = $this->page; - $this->value->simple = false; - $this->value->element = &$this->element; - $this->value->element->load(); - $this->value->publish = false; - $this->value->load(); - - if ( $this->value->element->type == 'longtext' && $this->value->element->wiki ) - { - $this->setTemplateVar('text',$this->value->text); - } - - } - - - - /** - * Normaler Editiermodus. - * - * Es wird ein Formular erzeugt, mit dem der Benutzer den Inhalt bearbeiten kann. - */ - public function editView() - { - $language = Session::getProjectLanguage(); - $this->value->languageid = $language->languageid; - $this->value->objectid = $this->page->objectid; - $this->value->pageid = $this->page->pageid; - $this->value->element = &$this->element; - $this->value->element->load(); - $this->value->publish = false; - - if ( intval($this->value->valueid)!=0 ) - $this->value->loadWithId(); - else - $this->value->load(); - - $this->setTemplateVar('name' ,$this->value->element->name ); - $this->setTemplateVar('desc' ,$this->value->element->desc ); - $this->setTemplateVar('elementid',$this->value->element->elementid); - $this->setTemplateVar('type' ,$this->value->element->type ); - $this->setTemplateVar('value_time',time() ); - - - $this->value->page = new Page( $this->page->objectid ); - $this->value->page->languageid = $this->value->languageid; - $this->value->page->load(); - - $this->setTemplateVar( 'objectid',$this->value->page->objectid ); - - if ( $this->value->page->hasRight(ACL_RELEASE) ) - $this->setTemplateVar( 'release',true ); - if ( $this->value->page->hasRight(ACL_PUBLISH) ) - $this->setTemplateVar( 'publish',false ); - - $funktionName = 'edit'.$this->value->element->type; - - if ( ! method_exists($this,$funktionName) ) - Http::serverError('Method does not exist: PageElementAction#'.$funktionName ); - - $this->$funktionName(); // Aufruf der Funktion "edit<Elementtyp>()". - } - - - - /** - * Vorschau. - */ - public function previewView() - { - $language = Session::getProjectLanguage(); - $this->value->languageid = $language->languageid; - $this->value->objectid = $this->page->objectid; - $this->value->pageid = $this->page->pageid; - $this->value->element = &$this->element; - $this->value->element->load(); - $this->value->publish = false; - $this->value->public = true; - $this->value->simple = true; - - if ( intval($this->value->valueid)!=0 ) - $this->value->loadWithId(); - else - $this->value->load(); - - - $this->value->page = new Page( $this->page->objectid ); - $this->value->page->languageid = $this->value->languageid; - $this->value->page->load(); - - $this->value->generate(); - $this->setTemplateVar('preview' ,$this->value->value ); - } - - - - /** - * Datum bearbeiten. - * - */ - private function editdate() - { - global $conf; - $date = $this->value->date; - - // Wenn Datum nicht vorhanden... - if ( $date == 0 ) - // ... dann aktuelles Datum (gerundet auf 1 Minute) verwenden - $date = intval(time()/60)*60; - - $this->setTemplateVar('ansidate',date( 'Y-m-d H:i:s',$date ) ); - $this->setTemplateVar('date' ,$date); - - if ( $this->getSessionVar('pageaction') != '' ) - $this->setTemplateVar('old_pageaction',$this->getSessionVar('pageaction')); - else $this->setTemplateVar('old_pageaction','show' ); - - - // Wenn Datum nicht vorhanden, dann aktuelles Datum verwenden - if ( $this->hasRequestVar('year') ) - { - $date = mktime( $this->getRequestVar('hour'), - $this->getRequestVar('minute'), - $this->getRequestVar('second'), - $this->getRequestVar('month'), - $this->getRequestVar('day'), - $this->getRequestVar('year') ); - } - $year = intval(date('Y',$date)); - $month = intval(date('n',$date)); - $day = intval(date('j',$date)); - $hour = intval(date('G',$date)); - $minute = intval(date('i',$date)); - $second = intval(date('s',$date)); - $this->setTemplateVar('year' ,$year ); - $this->setTemplateVar('month' ,$month ); - $this->setTemplateVar('day' ,$day ); - $this->setTemplateVar('hour' ,$hour ); - $this->setTemplateVar('minute',$minute ); - $this->setTemplateVar('second',$second ); - - $this->setTemplateVar('monthname',lang('DATE_MONTH'.date('n',$date)) ); - $this->setTemplateVar('yearname' ,date('Y',$date) ); - - - // Zwischenberechnungen - $heuteTag = intval(date('j')); - $monatLetzterTag = intval(date('t',$date)); - $monatErsterDatum = $date-(($day-1)*86400); - $wocheNr = date( 'W',$monatErsterDatum ); - $wochentagErster = date( 'w',$monatErsterDatum ); - - - $weekdayOffset = intval($conf['editor']['calendar']['weekday_offset']); - - // Alle Wochentage - $weekdays = array(); - for ( $i=0; $i<=6; $i++ ) - { - $wday = ($i+$weekdayOffset)%7; - $weekdays[$wday] = lang('DATE_WEEKDAY'.$wday); - } - - $this->setTemplateVar('weekdays',$weekdays); - - - $monat = array(); - $d = 0; - $begin = false; - do - { - $woche = array(); // Neue Woche - - for ( $i=0; $i<=6; $i++ ) // Alle Wochentage der Woche - { - $wday = ($i+$weekdayOffset)%7; - $tag = array(); // Neuer Tag - - if (!$begin && $wday == $wochentagErster) - $begin = true; - - if ( $begin && $d < $monatLetzterTag ) - { - $d++; - $tag['nr'] = $d; - $tag['today'] = ($year==date('Y') && $month==date('n') && $d==$heuteTag); - if ($d != $day) - $tag['url'] = Html::url( 'pageelement','edit','', - array('elementid'=>$this->element->elementid,'mode'=>'edit', - 'year' =>$year , - 'month' =>$month , - 'day' =>$d , - 'hour' =>$hour , - 'minute'=>$minute, - 'second'=>$second ) ); - else - $tag['url'] = ''; - } - else - { - $tag['nr' ]=''; - $tag['today' ]=false; - $tag['url' ]=''; - } - $woche[] = $tag; - - } - $monat[$wocheNr] = $woche; - $wocheNr++; - } - while( $d < $monatLetzterTag-1 ); - // Html::debug($monat); - $this->setTemplateVar('weeklist',$monat); - - $this->setTemplateVar('actdate' ,date( lang('DATE_FORMAT'),$date ) ); - $this->setTemplateVar('todayurl',Html::url( 'pageelement','edit','', - array('elementid'=>$this->element->elementid,'mode'=>'edit', - 'year' =>date('Y'), - 'month' =>date('n'), - 'day' =>date('j'), - 'hour' =>date('G'), - 'minute'=>date('i'), - 'second'=>date('s') ) ) ); - $this->setTemplateVar('lastyearurl',Html::url( 'pageelement','edit','', - array('elementid'=>$this->element->elementid,'mode'=>'edit', - 'year' =>$year-1, - 'month' =>$month , - 'day' =>$day , - 'hour' =>$hour , - 'minute'=>$minute, - 'second'=>$second ) ) ); - $this->setTemplateVar('nextyearurl',Html::url( 'pageelement','edit','', - array('elementid'=>$this->element->elementid,'mode'=>'edit', - 'year' =>$year+1 , - 'month' =>$month , - 'day' =>$day , - 'hour' =>$hour , - 'minute'=>$minute, - 'second'=>$second ) ) ); - $this->setTemplateVar('lastmonthurl',Html::url( 'pageelement','edit','', - array('elementid'=>$this->element->elementid,'mode'=>'edit', - 'year' =>$year , - 'month' =>$month-1, - 'day' =>$day , - 'hour' =>$hour , - 'minute'=>$minute, - 'second'=>$second ) ) ); - $this->setTemplateVar('nextmonthurl',Html::url( 'pageelement','edit','', - array('elementid'=>$this->element->elementid,'mode'=>'edit', - 'year' =>$year , - 'month' =>$month+1, - 'day' =>$day , - 'hour' =>$hour , - 'minute'=>$minute, - 'second'=>$second ) ) ); - - // $this->setTemplateVar('date' ,$date); - - - - if ( $this->getSessionVar('pageaction') != '' ) - $this->setTemplateVar('old_pageaction',$this->getSessionVar('pageaction')); - else $this->setTemplateVar('old_pageaction','show' ); - - - $all_years = array(); - $all_months = array(); - $all_days = array(); - $all_hours = array(); - $all_minutes = array(); - for( $i=$year-100; $i<=$year+100;$i++ ) $all_years [$i] = $i; - for( $i=1; $i<=12; $i++ ) $all_months [$i] = lang('DATE_MONTH'.$i); - for( $i=1; $i<=31; $i++ ) $all_days [$i] = str_pad($i,2,'0',STR_PAD_LEFT); - for( $i=0; $i<=23; $i++ ) $all_hours [$i] = str_pad($i,2,'0',STR_PAD_LEFT); - for( $i=0; $i<=59; $i++ ) $all_minutes[$i] = str_pad($i,2,'0',STR_PAD_LEFT); - - $this->setTemplateVar('all_years' ,$all_years ); - $this->setTemplateVar('all_months' ,$all_months ); - $this->setTemplateVar('all_days' ,$all_days ); - $this->setTemplateVar('all_hours' ,$all_hours ); - $this->setTemplateVar('all_minutes',$all_minutes); - $this->setTemplateVar('all_seconds',$all_minutes); - } - - - - /** - * Verkn�pfung bearbeiten. - * - */ - private function editlink() - { - $this->setTemplateVar('rootfolderid',Folder::getRootFolderId() ); - - // Ermitteln, welche Objekttypen verlinkt werden d�rfen. - $type = $this->value->element->subtype; - - if ( substr($type,0,5) == 'image' ) - $type = 'file'; - - if ( !in_array($type,array('file','page','link','folder')) ) - $types = array('file','page','link'); // Fallback: Der Link kann auf Seiten,Dateien und Verknüpfungen zeigen - else - $types = array($type); // gewünschten Typ verwenden - - $objects = array(); - - foreach( Folder::getAllObjectIds($types) as $id ) - { - $o = new Object( $id ); - $o->load(); - - // if ( in_array( $o->getType(),$types )) - // { - $f = new Folder( $o->parentid ); - // $f->load(); - - $objects[ $id ] = lang( $o->getType() ).': '; - $objects[ $id ] .= implode( FILE_SEP,$f->parentObjectNames(false,true) ); - $objects[ $id ] .= FILE_SEP.$o->name; - // } - } - - asort( $objects ); // Sortieren - - $this->setTemplateVar('objects' ,$objects); - $this->setTemplateVar('linkobjectid',$this->value->linkToObjectId); - - $this->setTemplateVar('types',implode(',',$types)); - - if ( $this->getSessionVar('pageaction') != '' ) - $this->setTemplateVar('old_pageaction',$this->getSessionVar('pageaction')); - else - $this->setTemplateVar('old_pageaction','show' ); - } - - - - function linkView() - { - $language = Session::getProjectLanguage(); - $this->value->languageid = $language->languageid; - $this->value->objectid = $this->page->objectid; - $this->value->pageid = $this->page->pageid; - $this->value->element = &$this->element; - $this->value->element->load(); - $this->value->publish = false; - $this->value->load(); - - $this->setTemplateVar('name' ,$this->value->element->name ); - $this->setTemplateVar('desc' ,$this->value->element->desc ); - - $this->setTemplateVar('rootfolderid' ,Folder::getRootFolderId() ); - - // Ermitteln, welche Objekttypen verlinkt werden d�rfen. - if ( empty($this->value->element->subtype) ) - $types = array('page','file','link'); // Fallback: Alle erlauben :) - else - $types = explode(',',$this->value->element->subtype ); - - $objects = array(); - - $objects[ 0 ] = lang('LIST_ENTRY_EMPTY'); // Wert "nicht ausgewählt" - - - $t = new Template( $this->page->templateid ); - - foreach( $t->getDependentObjectIds() as $id ) - { - $o = new Object( $id ); - $o->load(); - - // if ( in_array( $o->getType(),$types )) - // { - $f = new Folder( $o->parentid ); - // $f->load(); - - $objects[ $id ] = lang( $o->getType() ).': '; - $objects[ $id ] .= implode( FILE_SEP,$f->parentObjectNames(false,true) ); - $objects[ $id ] .= FILE_SEP.$o->name; - // } - } - - asort( $objects ); // Sortieren - - $this->setTemplateVar('objects' ,$objects); - $this->setTemplateVar('linkobjectid',$this->value->linkToObjectId); - - if ( $this->getSessionVar('pageaction') != '' ) - $this->setTemplateVar('old_pageaction',$this->getSessionVar('pageaction')); - else $this->setTemplateVar('old_pageaction','show' ); - - $this->value->page = new Page( $this->page->objectid ); - $this->value->page->languageid = $this->value->languageid; - $this->value->page->load(); - - $this->setTemplateVar( 'release',$this->value->page->hasRight(ACL_RELEASE) ); - $this->setTemplateVar( 'publish',$this->value->page->hasRight(ACL_PUBLISH) ); - - $this->setTemplateVar( 'objectid',$this->value->page->objectid ); - } - - - - /** - * Auswahlbox. - * - */ - private function editselect() - { - $this->setTemplateVar( 'items',$this->value->element->getSelectItems() ); - $this->setTemplateVar( 'text' ,$this->value->text ); - - - if ( $this->getSessionVar('pageaction') != '' ) - $this->setTemplateVar('old_pageaction',$this->getSessionVar('pageaction')); - else $this->setTemplateVar('old_pageaction','show' ); - } - - - - /** - * Einf�gen-Element. - * - */ - private function editlist() - { - $this->editinsert(); - } - - - - /** - * Einf�gen-Element. - * - */ - private function editinsert() - { - // Auswahl ueber alle Elementtypen - $objects = array(); - //Änderung der möglichen Types - $types = array('file','page','link'); - $objects[ 0 ] = lang('LIST_ENTRY_EMPTY'); // Wert "nicht ausgewählt" - //Auch Dateien dazu - foreach( Folder::getAllObjectIds($types) as $id ) - { - $f = new Folder( $id ); - $f->load(); - - $objects[ $id ] = lang( $f->getType() ).': '; - $objects[ $id ] .= implode( ' &raquo; ',$f->parentObjectNames(false,true) ); - } - - foreach( Folder::getAllFolders() as $id ) - { - $f = new Folder( $id ); - $f->load(); - - $objects[ $id ] = lang( $f->getType() ).': '; - $objects[ $id ] .= implode( ' &raquo; ',$f->parentObjectNames(false,true) ); - } - - asort( $objects ); // Sortieren - - $this->setTemplateVar('objects' ,$objects); - $this->setTemplateVar('linkobjectid',$this->value->linkToObjectId); - - - if ( $this->getSessionVar('pageaction') != '' ) - $this->setTemplateVar('old_pageaction',$this->getSessionVar('pageaction')); - else $this->setTemplateVar('old_pageaction','show' ); - } - - - - /** - * Zahl bearbeiten. - * - */ - private function editnumber() - { - $this->setTemplateVar('number',$this->value->number / pow(10,$this->value->element->decimals) ); - - if ( $this->getSessionVar('pageaction') != '' ) - $this->setTemplateVar('old_pageaction',$this->getSessionVar('pageaction')); - else $this->setTemplateVar('old_pageaction','show' ); - } - - - /** - * Ein Element der Seite bearbeiten - * - * Es wird ein Formular erzeugt, mit dem der Benutzer den Inhalt bearbeiten kann. - */ - private function editlongtext() - { - if ($this->value->element->wiki) - $this->setTemplateVar( 'editor','wiki' ); - elseif ($this->value->element->html) - $this->setTemplateVar( 'editor','html' ); - else - $this->setTemplateVar( 'editor','text' ); - - if ( !isset($this->templateVars['text'])) - // Möglicherweise ist die Ausgabevariable bereits gesetzt, wenn man bereits - // einen Text eingegeben hat (Vorschaufunktion). - $this->setTemplateVar( 'text',$this->linkifyOIDs( $this->value->text ) ); - - /* - * - if (! $this->isEditMode() ) - { - $this->value->generate(); // Inhalt erzeugen. - $this->setTemplateVar('text',$this->linkifyOIDs( $this->value->value )); - } - */ - - if ( $this->getSessionVar('pageaction') != '' ) - $this->setTemplateVar('old_pageaction',$this->getSessionVar('pageaction')); - else $this->setTemplateVar('old_pageaction','show' ); - - - - if ( $this->element->wiki ) - { - $project = Session::getProject(); - $languages = $project->getLanguages(); - - if ( count($languages) > 1 ) - { - $languages[$this->value->languageid] = $languages[$this->value->languageid].' *'; - $this->setTemplateVar('languages',$languages); - } - - if ( $this->hasRequestVar('otherlanguageid') ) - { - $lid = $this->getRequestVar('otherlanguageid'); - $otherValue = new Value(); - $otherValue->languageid = $lid; - $otherValue->pageid = $this->value->pageid; - $otherValue->element = $this->value->element; - $otherValue->elementid = $this->value->elementid; - $otherValue->publish = $this->value->publish; - $otherValue->load(); - $this->setTemplateVar('languagetext' ,wordwrap($otherValue->text,100) ); - $this->setTemplateVar('languagename' ,$languages[$lid] ); - $this->setTemplateVar('otherlanguageid',$lid ); - } - - if ( !isset($this->templateVars['text'])) - // Möglicherweise ist die Ausgabevariable bereits gesetzt, wenn man bereits - // einen Text eingegeben hat (Vorschaufunktion). - $this->setTemplateVar( 'text',$this->value->text ); - } - - } - - - - /** - * Ein Element der Seite bearbeiten - * - * Es wird ein Formular erzeugt, mit dem der Benutzer den Inhalt bearbeiten kann. - */ - private function edittext() - { - $this->setTemplateVar( 'text',$this->value->text ); - - if ( $this->getSessionVar('pageaction') != '' ) - $this->setTemplateVar('old_pageaction',$this->getSessionVar('pageaction')); - else $this->setTemplateVar('old_pageaction','show' ); - } - - - - /** - * Wiederherstellung eines alten Inhaltes. - */ - public function usePost() - { - $this->value->valueid = $this->getRequestVar('valueid'); - $this->value->loadWithId(); - $this->value->element = new Element( $this->value->elementid ); - - if ( $this->value->pageid != $this->page->pageid ) - Http::serverError( 'Cannot find value','page-id does not match' ); - - // Pruefen, ob Berechtigung zum Freigeben besteht - //$this->value->release = $this->page->hasRight(ACL_RELEASE); - $this->value->release = false; - - // Inhalt wieder herstellen, in dem er neu gespeichert wird. - $this->value->save(); - - $this->addNotice('pageelement',$this->value->element->name,'PAGEELEMENT_USE_FROM_ARCHIVE',OR_NOTICE_OK); - } - - - - /** - * Freigeben eines Inhaltes - */ - public function releasePost() - { - $this->value->valueid = intval($this->getRequestVar('valueid')); - $this->value->loadWithId(); - - if ( $this->value->pageid != $this->page->pageid ) - die( 'cannot release, bad page' ); - - // Pruefen, ob Berechtigung zum Freigeben besteht - if ( !$this->page->hasRight(ACL_RELEASE) ) - Http::notAuthorized( 'Cannot release','no right' ); - - // Inhalt freigeben - $this->value->release(); - - $this->addNotice('pageelement',$this->value->element->name,'PAGEELEMENT_RELEASED',OR_NOTICE_OK); - } - - - /** - * Erzeugt eine Liste aller Versionsst?nde zu diesem Inhalt - */ - public function historyView() - { - $this->page->public = true; - $this->page->simple = true; - $this->page->load(); - $this->value->page = &$this->page; - - $this->value->simple = true; - $language = Session::getProjectLanguage(); - $this->value->languageid = $language->languageid; - $this->value->objectid = $this->page->objectid; - $this->value->pageid = Page::getPageIdFromObjectId( $this->page->objectid ); - $this->value->element = &$this->element; - $this->value->element->load(); - - $list = array(); - // $version_list = array(); - $lfd_nr = 0; - - foreach( $this->value->getVersionList() as $value ) - { - $lfd_nr++; - $value->element = &$this->element; - $value->page = &$this->page; - $value->simple = true; - $value->generate(); - - - // $date = date( lang('DATE_FORMAT'),$value->lastchangeTimeStamp); - - // if ( in_array( $this->element->type,array('text','longtext') ) ) - // $version_list[ $value->valueid ] = '('.$lfd_nr.') '.$date; - - $zeile = array( 'value' => Text::maxLaenge( 50,$value->value), - 'objectid' => $this->page->objectid, - 'date' => $value->lastchangeTimeStamp, - 'lfd_nr' => $lfd_nr, - 'id' => $value->valueid, - 'valueid' => $value->valueid, - 'user' => $value->lastchangeUserName ); - - // Nicht aktive Inhalte k�nnen direkt bearbeitet werden und sind - // nach dem Speichern dann wieder aktiv (nat�rlich als n�chster/neuer Inhalt) - if ( ! $value->active ) - $zeile['useUrl'] = Html::url('pageelement','usevalue',$this->page->objectid,array('valueid' =>$value->valueid,'mode'=>'edit')); - - // Freigeben des Inhaltes. - // Nur das aktive Inhaltselement kann freigegeben werden. Nat�rlich auch nur, - // wenn es nicht schon freigegeben ist. - if ( ! $value->publish && $value->active ) - $zeile['releaseUrl'] = Html::url('pageelement','release',$this->page->objectid,array('valueid' =>$value->valueid )); - - $zeile['public'] = $value->publish; - $zeile['active'] = $value->active; - - $list[$lfd_nr] = $zeile; - - } - - if ( in_array( $this->value->element->type, array('longtext') ) && $lfd_nr >= 2 ) - { - $this->setTemplateVar('compareid',$list[$lfd_nr-1]['id']); - $this->setTemplateVar('withid' ,$list[$lfd_nr ]['id']); - } - - $this->setTemplateVar('name' ,$this->element->name); - $this->setTemplateVar('el' ,$list ); - } - - - /** - * Vergleicht 2 Versionen eines Inhaltes - */ - function diffView() - { - $value1id = $this->getRequestVar('compareid'); - $value2id = $this->getRequestVar('withid' ); - - // Wenn Value1-Id groesser als Value2-Id, dann Variablen tauschen - if ( $value1id == $value2id ) - { - $this->addValidationError('compareid' ); - $this->addValidationError('withid' ,''); - $this->callSubAction('archive'); - return; - } - - // Wenn Value1-Id groesser als Value2-Id, dann Variablen tauschen - if ( $value1id > $value2id ) - list($value1id,$value2id) = array( $value2id,$value1id ); - - - $value1 = new Value( $value1id ); - $value2 = new Value( $value2id ); - $value1->valueid = $value1id; - $value2->valueid = $value2id; - - $value1->loadWithId(); - $value2->loadWithId(); - - $this->setTemplateVar('date_left' ,$value1->lastchangeTimeStamp); - $this->setTemplateVar('date_right',$value2->lastchangeTimeStamp); - - $text1 = explode("\n",$value1->text); - $text2 = explode("\n",$value2->text); - - // Unterschiede feststellen. - $res_diff = Text::diff($text1,$text2); - - list( $text1,$text2 ) = $res_diff; - - $diff = array(); - $i = 0; - while( isset($text1[$i]) || isset($text2[$i]) ) - { - $line = array(); - - if ( isset($text1[$i]['text']) ) - $line['left'] = $text1[$i]; - - if ( isset($text2[$i]['text']) ) - $line['right'] = $text2[$i]; - - $i++; - $diff[] = $line; - } - $this->setTemplateVar('diff',$diff ); - } - - - - /** - * Ein Element der Seite speichern. - */ - public function editPost() - { - $this->element->load(); - $type = $this->element->type; - - if ( empty($type)) - die('Error: No element type available.'); - - $funktionName = 'save'.$type; - - $this->$funktionName(); // Aufruf Methode "save<ElementTyp>()" - } - - - - /** - * Element speichern - * - * Der Inhalt eines Elementes wird abgespeichert - */ - private function savetext() - { - $value = new Value(); - $language = Session::getProjectLanguage(); - $value->languageid = $language->languageid; - $value->objectid = $this->page->objectid; - $value->pageid = Page::getPageIdFromObjectId( $this->page->objectid ); - - if ( $this->hasRequestVar('elementid') ) - $value->element = new Element( $this->getRequestVar('elementid') ); - else - $value->element = Session::getElement(); - - $value->element->load(); - $value->publish = false; - $value->load(); - - if ( $this->hasRequestVar('linkobjectid') ) - $value->linkToObjectId = $this->getRequestVar('linkobjectid'); - else - $value->text = $this->getRequestVar('text','raw'); - - $this->afterSave($value); - } - - - - /** - * Nach dem Speichern weitere Dinge ausfuehren.<br> - * - Inhalt freigeben<br> - * - Seite veroeffentlichen<br> - * - Inhalt fuer andere Sprachen speichern<br> - * - Hinweis ueber erfolgtes Speichern ausgeben<br> - * <br> - * Nicht zu verwechseln mit <i>Aftershave</i> :) - */ - private function afterSave( $value ) - { - $value->page = new Page( $value->objectid ); - $value->page->load(); - - - // Inhalt sofort freigegeben, wenn - // - Recht vorhanden - // - Freigabe gewuenscht - if ( $value->page->hasRight( ACL_RELEASE ) && $this->hasRequestVar('release') ) - $value->publish = true; - else - $value->publish = false; - - // Up-To-Date-Check - $lastChangeTime = $value->getLastChangeTime(); - if ( $lastChangeTime > $this->getRequestVar('value_time') ) - { - $this->addNotice('pageelement',$value->element->name,'CONCURRENT_VALUE_CHANGE',OR_NOTICE_WARN,array('last_change_time'=>date(lang('DATE_FORMAT'),$lastChangeTime))); - } - - // Inhalt speichern - - // Wenn Inhalt in allen Sprachen gleich ist, dann wird der Inhalt - // fuer jede Sprache einzeln gespeichert. - if ( $value->element->allLanguages ) - { - $project = Session::getProject(); - foreach( $project->getLanguageIds() as $languageid ) - { - $value->languageid = $languageid; - $value->save(); - } - } - else - { - // sonst nur 1x speichern (fuer die aktuelle Sprache) - $value->save(); - } - - $this->addNotice('pageelement',$value->element->name,'SAVED',OR_NOTICE_OK); - $this->page->setTimestamp(); // "Letzte Aenderung" setzen - - // Falls ausgewaehlt die Seite sofort veroeffentlichen - if ( $value->page->hasRight( ACL_PUBLISH ) && $this->hasRequestVar('publish') ) - { - $this->page->publish(); - $this->addNotice('pageelement',$value->element->name,'PUBLISHED',OR_NOTICE_OK); - } - } - - - /** - * Element speichern - * - * Der Inhalt eines Elementes wird abgespeichert - */ - private function savelongtext() - { - global $conf; - $value = new Value(); - $language = Session::getProjectLanguage(); - $value->languageid = $language->languageid; - $value->objectid = $this->page->objectid; - $value->pageid = Page::getPageIdFromObjectId( $this->page->objectid ); - - if ( $this->hasRequestVar('elementid') ) - $value->element = new Element( $this->getRequestVar('elementid') ); - else - $value->element = Session::getElement(); - - $value->element->load(); - $value->publish = false; - $value->load(); - - - if ( $this->hasRequestVar('linkobjectid') ) - $value->linkToObjectId = $this->getRequestVar('linkobjectid'); - else - $value->text = $this->compactOIDs( $this->getRequestVar('text','raw') ); - - // Vorschau anzeigen - if ( $this->hasRequestVar('preview' ) || - $this->hasRequestVar('addmarkup') ) - { - $inputText = $this->getRequestVar('text','raw'); - - if ( $this->hasRequestVar('preview') ) - { - $value->page = $this->page; - $value->simple = false; - $value->page->languageid = $value->languageid; - $value->page->load(); - $value->generate(); - $this->setTemplateVar('preview',$value->value ); - } - - if ( $this->hasRequestVar('addmarkup') ) - { - $conf_tags = $conf['editor']['text-markup']; - - if ( $this->hasRequestVar('addtext') ) // Nur, wenn ein Text eingegeben wurde - { - $addText = $this->getRequestVar('addtext','raw'); - - if ( $this->hasRequestVar('strong') ) - $inputText .= $conf_tags['strong-begin'].$addText.$conf_tags['strong-end']; - - if ( $this->hasRequestVar('emphatic') ) - $inputText .= $conf_tags['emphatic-begin'].$addText.$conf_tags['emphatic-end']; - - if ( $this->hasRequestVar('link') ) - $inputText .= '"'.$addText.'"'.$conf_tags['linkto'].'"'.$this->parseOID($this->getRequestVar('objectid')).'"'; - } - - if ( $this->hasRequestVar('table') ) - $inputText .= "\n". - $conf_tags['table-cell-sep'].' '.$addText.' '.$conf_tags['table-cell-sep'].' '.$addText.' '.$conf_tags['table-cell-sep']."\n". - $conf_tags['table-cell-sep'].' '.$addText.' '.$conf_tags['table-cell-sep'].' '.$addText.' '.$conf_tags['table-cell-sep']."\n". - $conf_tags['table-cell-sep'].' '.$addText.' '.$conf_tags['table-cell-sep'].' '.$addText.' '.$conf_tags['table-cell-sep']."\n"; - - if ( $this->hasRequestVar('list') ) - $inputText .= "\n". - $conf_tags['list-unnumbered'].' '.$addText."\n". - $conf_tags['list-unnumbered'].' '.$addText."\n". - $conf_tags['list-unnumbered'].' '.$addText."\n"; - - if ( $this->hasRequestVar('numlist') ) - $inputText .= "\n". - $conf_tags['list-numbered'].' '.$addText."\n". - $conf_tags['list-numbered'].' '.$addText."\n". - $conf_tags['list-numbered'].' '.$addText."\n"; - - if ( $this->hasRequestVar('image') ) - $inputText .= $conf_tags['image-begin'].$this->parseOID($this->getRequestVar('objectid')).$conf_tags['image-end']; - } - - // Ermitteln aller verlinkbaren Objekte (fuer Editor) - /* - $objects = array(); - - foreach( Folder::getAllObjectIds() as $id ) - { - $o = new Object( $id ); - $o->load(); - - if ( $o->getType() != 'folder' ) - { - $f = new Folder( $o->parentid ); - $objects[ $id ] = lang( 'GLOBAL_'.$o->getType() ).': '; - $objects[ $id ] .= implode( FILE_SEP,$f->parentObjectNames(false,true) ); - $objects[ $id ] .= FILE_SEP.$o->name; - } - } - asort($objects); - $this->setTemplateVar( 'objects' ,$objects ); - */ - - $this->setTemplateVar( 'release' ,$this->page->hasRight(ACL_RELEASE) ); - $this->setTemplateVar( 'publish' ,$this->page->hasRight(ACL_PUBLISH) ); - $this->setTemplateVar( 'html' ,$value->element->html ); - $this->setTemplateVar( 'wiki' ,$value->element->wiki ); - $this->setTemplateVar( 'text' ,$inputText ); - $this->setTemplateVar( 'name' ,$value->element->name ); - $this->setTemplateVar( 'desc' ,$value->element->desc ); - $this->setTemplateVar( 'objectid',$this->page->objectid ); - - $this->setTemplateVar( 'mode' ,'edit' ); - } - else - { - $this->afterSave($value); - } - - } - - - /** - * Element speichern - * - * Der Inhalt eines Elementes wird abgespeichert - */ - private function savedate() - { - $value = new Value(); - $language = Session::getProjectLanguage(); - $value->languageid = $language->languageid; - $value->objectid = $this->page->objectid; - $value->pageid = Page::getPageIdFromObjectId( $this->page->objectid ); - - if ( $this->hasRequestVar('elementid') ) - $value->element = new Element( $this->getRequestVar('elementid') ); - else - $value->element = Session::getElement(); - - $value->element->load(); - $value->publish = false; - $value->load(); - - if ( $this->hasRequestVar('linkobjectid') ) - $value->linkToObjectId = $this->getRequestVar('linkobjectid'); - elseif ( $this->hasRequestVar('date') ) - // Wenn ein Timestamp übergeben wurde, dann dieses verwenden - $value->date = $this->getRequestVar('date'); - elseif ( $this->getRequestVar('ansidate') != $this->getRequestVar('ansidate_orig') ) - // Wenn ein ANSI-Datum eingegeben wurde, dann dieses verwenden - $value->date = strtotime($this->getRequestVar('ansidate') ); - else - // Sonst die Zeitwerte einzeln zu einem Datum zusammensetzen - $value->date = mktime( $this->getRequestVar('hour' ), - $this->getRequestVar('minute'), - $this->getRequestVar('second'), - $this->getRequestVar('month' ), - $this->getRequestVar('day' ), - $this->getRequestVar('year' ) ); - - $this->afterSave($value); - } - - - - /** - * Element speichern - * - * Der Inhalt eines Elementes wird abgespeichert - */ - private function saveselect() - { - $value = new Value(); - $language = Session::getProjectLanguage(); - $value->languageid = $language->languageid; - $value->objectid = $this->page->objectid; - $value->pageid = Page::getPageIdFromObjectId( $this->page->objectid ); - - if ( $this->hasRequestVar('elementid') ) - $value->element = new Element( $this->getRequestVar('elementid') ); - else - $value->element = Session::getElement(); - - $value->element->load(); - $value->publish = false; - $value->load(); - - $value->text = $this->getRequestVar('text'); - - $this->afterSave($value); - } - - - - /** - * Element speichern - * - * Der Inhalt eines Elementes wird abgespeichert - */ - private function savelink() - { - $value = new Value(); - $language = Session::getProjectLanguage(); - $value->languageid = $language->languageid; - $value->objectid = $this->page->objectid; - $value->pageid = Page::getPageIdFromObjectId( $this->page->objectid ); - - if ( $this->hasRequestVar('elementid') ) - $value->element = new Element( $this->getRequestVar('elementid') ); - else - $value->element = Session::getElement(); - - $value->element->load(); - $value->publish = false; - $value->load(); - - if ( $this->hasRequestVar('linkurl') ) - $value->linkToObjectId = $this->parseOID($this->getRequestVar('linkurl')); - else - $value->linkToObjectId = intval($this->getRequestVar('linkobjectid')); - - $this->afterSave($value); - } - - - - /** - * Element speichern - * - * Der Inhalt eines Elementes wird abgespeichert - */ - private function savelist() - { - $this->saveinsert(); - } - - - - /** - * Element speichern - * - * Der Inhalt eines Elementes wird abgespeichert - */ - private function saveinsert() - { - $value = new Value(); - $language = Session::getProjectLanguage(); - $value->languageid = $language->languageid; - $value->objectid = $this->page->objectid; - $value->pageid = Page::getPageIdFromObjectId( $this->page->objectid ); - - if ( $this->hasRequestVar('elementid') ) - $value->element = new Element( $this->getRequestVar('elementid') ); - else - $value->element = Session::getElement(); - - $value->element->load(); - $value->publish = false; - $value->load(); - - $value->linkToObjectId = intval($this->getRequestVar('linkobjectid')); - - $this->afterSave($value); - } - - - - /** - * Element speichern - * - * Der Inhalt eines Elementes wird abgespeichert - */ - private function savenumber() - { - $value = new Value(); - $language = Session::getProjectLanguage(); - $value->languageid = $language->languageid; - $value->objectid = $this->page->objectid; - $value->pageid = Page::getPageIdFromObjectId( $this->page->objectid ); - - if ( $this->hasRequestVar('elementid') ) - $value->element = new Element( $this->getRequestVar('elementid') ); - else - $value->element = Session::getElement(); - - $value->element->load(); - $value->publish = false; - $value->load(); - - if ( $this->hasRequestVar('linkobjectid') ) - $value->linkToObjectId = $this->getRequestVar('linkobjectid'); - else - $value->number = $this->getRequestVar('number') * pow(10,$value->element->decimals); - - $this->afterSave($value); - } - - - function exportlongtext() - { - $types = array(); - - foreach( array('odf','plaintext') as $type ) - { - $types[$type] = lang('FILETYPE_'.$type); - } - - $this->setTemplateVar('types',$types); - } - - - function importlongtext() - { - $types = array(); - - foreach( array('odf','plaintext') as $type ) - { - $types[$type] = lang('FILETYPE_'.$type); - } - $this->setTemplateVar('types',$types); - } - - - function doexportlongtext() - { - $type = $this->getRequestVar('type'); - switch($type) - { - case 'odf': - - // Angabe Content-Type - // header('Content-Type: '.$this->file->mimeType()); - // header('X-File-Id: '.$this->file->fileid); - - // header('Content-Disposition: inline; filename='.$this->id.'.odt'); - header('Content-Transfer-Encoding: binary'); - // header('Content-Description: '.$this->file->name); - - echo $this->createOdfDocument(); - - exit; - - default: - } - - exit; - } - - - /** - * ODF erzeugen.<br> - * vorerst ZURUECKGESTELLT! - * - * @return unknown - */ - private function createOdfDocument() - { - // TODO: ODF ist nicht ganz ohne. - $transformer = new Transformer(); - $transformer->text = $this->value->text; - $transformer->type = 'odf'; - $transformer->transform(); - return $transformer->text; - } - - - - /** - * Men�eintr�ge aktivieren/deaktivieren. - * - * @param String $name - * @return boolean - */ - function checkMenu( $name ) - { - $type = $this->element->type; - - switch( $name ) - { - case 'edit': - case 'prop': - return true; - - case 'archive': - // Archiv ist nur verf�gbar, wenn es mind. 1 Version des Inhaltes gibt. - - if ( $this->subActionName!='diff' && is_object($this->value) ) - return $this->value->getCountVersions() > 0; - else - return true; - - case 'link': - // Verkn�pfung zu anderen Seiten ist nur m�glich f�r - // Datum, Text, Textabsatz, Ganzzahl. - return in_array($type,array('date','text','longtext','number')); - - default: - return false; - } - } - - - function linkifyOIDs( $text ) - { - foreach( Text::parseOID($text) as $oid=>$t ) - { - $url = $this->page->path_to_object($oid); - $text = str_replace($t,'"'.$url.'"',$text); - } - - return $text; - } - - - function compactOIDs( $text ) - { - foreach( Text::parseOID($text) as $oid=>$t ) - { - $text = str_replace($t,'"?__OID__'.$oid.'__"',$text); - } - - return $text; - } - - - function parseOID( $text ) - { - $treffer = array(); - preg_match_all('/(.*)__OID__([0-9]+)__(.*)/', $text, $treffer,PREG_SET_ORDER); - - $oid = $treffer[0][2]; - - if ( !empty($oid) ) - return $oid; - else - return intval($text); - } - - /** - * Seite veroeffentlichen - * - * Es wird ein Formular angzeigt, mit dem die Seite veroeffentlicht - * werden kann - */ - public function pubView() - { - } - - - - /** - * Seite veroeffentlichen - * - * Die Seite wird generiert. - */ - function pubPost() - { - if ( !$this->page->hasRight( ACL_PUBLISH ) ) - Http::notAuthorized( 'no right for publish' ); - - $this->page->public = true; - $this->page->publish(); - $this->page->publish->close(); - -// foreach( $this->page->publish->publishedObjects as $o ) -// { -// $this->addNotice($o['type'],$o['full_filename'],'PUBLISHED','ok'); -// } - - $this->addNotice( 'page', - $this->page->fullFilename, - 'PUBLISHED'.($this->page->publish->ok?'':'_ERROR'), - $this->page->publish->ok, - array(), - $this->page->publish->log ); - } - -} - -?>- \ No newline at end of file diff --git a/action/ProfileAction.class.php b/action/ProfileAction.class.php @@ -1,313 +0,0 @@ -<?php - -namespace cms\action; - - -// OpenRat Content Management System -// Copyright (C) 2002-2012 Jan Dankert, cms@jandankert.de -// -// This program is free software; you can redistribute it and/or -// modify it under the terms of the GNU General Public License -// as published by the Free Software Foundation; either version 2 -// of the License, or (at your option) any later version. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License -// along with this program; if not, write to the Free Software -// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. -use LogicException; -use Mail; -use security\Base2n; -use \Session; - - -/** - * Action-Klasse zum Bearbeiten des Benutzerprofiles - * - * @author $Author$ - * @version $Revision$ - * @package openrat.actions - */ -class ProfileAction extends Action -{ - public $security = SECURITY_USER; - - private $user; - var $defaultSubAction = 'edit'; - - /** - * Konstruktor. - * Setzen der Benutzer-Objektes. - */ - function __construct() - { - $this->user = Session::getUser(); - } - - - /** - * Abspeichern des Profiles - */ - function editPost() - { - $this->user->fullname = $this->getRequestVar('fullname'); - $this->user->tel = $this->getRequestVar('tel' ); - $this->user->desc = $this->getRequestVar('desc' ); - $this->user->style = $this->getRequestVar('style' ); - $this->user->language = $this->getRequestVar('language'); - $this->user->timezone = $this->getRequestVar('timezone'); - $this->user->hotp = $this->hasRequestVar('hotp' ); - $this->user->totp = $this->hasRequestVar('totp' ); - - - $this->setStyle( $this->user->style ); // Style sofort anwenden - Session::setUser( $this->user ); - - if ( !empty($this->user->fullname) ) - { - $this->user->save(); - $this->setStyle($this->user->style); - $this->addNotice('user',$this->user->name,'SAVED','ok'); - } - else - { - $this->addValidationError('fullname'); - } - - - // Ausgewählte Sprache sofort verwenden. - $l = $this->getRequestVar('language'); - - $this->setLanguage($l); - } - - - - /** - * Anzeigen einer Maske zum Ändern des Kennwortes. - */ - function pwView() - { - // Kennwortänderung funktioniert natürlich nur in der internen Datenbank. - // - // Hier wird festgestellt, ob der Benutzer sich über die interne Datenbank angemeldet hat. - // Nur dann kann man auch sein Kennwort ändern. - $user = $this->getUserFromSession(); - $pwchangePossible = in_array( strtolower($user->loginModuleName), array('cookieauth','internal')); - $this->setTemplateVar('pwchange_enabled', $pwchangePossible); - } - - - - /** - * Anzeige einer Maske zum Ändern der E-Mail-Adresse - */ - function mailView() - { - } - - - - /* - * Es wird eine E-Mail mit einem Freischaltcode an die eingegebene Adresse geschickt. - */ - function mailPost() - { - srand ((double)microtime()*1000003); - $code = rand(); // Zufalls-Freischaltcode erzeugen - $newMail = $this->getRequestVar('mail'); - - if ( empty($newMail) ) - { - // Keine E-Mail-Adresse eingegeben. - $this->addValidationError('mail'); - return; - } - else - { - // Der Freischaltcode wird in der Sitzung gespeichert. - Session::set('mailChangeCode',$code ); - Session::set('mailChangeMail',$newMail); - - // E-Mail an die neue Adresse senden. - $mail = new Mail( $newMail,'mail_change_code' ); - $mail->setVar('code',$code ); - $mail->setVar('name',$this->user->getName()); - - if ( $mail->send() ) - { - $this->addNotice('user',$this->user->name,'mail_sent',OR_NOTICE_OK); // Meldung - $this->nextView('confirmmail'); - } - else - { - $this->addNotice('user',$this->user->name,'mail_not_sent',OR_NOTICE_ERROR,array(),$mail->error); // Meldung - return; - } - } - } - - - - /** - * Anzeige einer Maske, in die der Freischaltcode für das - * Ändern der E-Mail-Adresse eingetragen werden muss. - */ - function confirmmailView() - { - } - - - - /** - * Abspeichern der neuen E-Mail-Adresse - */ - function confirmmailPost() - { - $sessionCode = Session::get('mailChangeCode'); - $newMail = Session::get('mailChangeMail'); - $inputRegisterCode = $this->getRequestVar('code'); - - if ( $sessionCode == $inputRegisterCode ) - { - // Best�tigungscode stimmt �berein. - // E-Mail-Adresse �ndern. - $this->user->mail = $newMail; - $this->user->save(); - - $this->addNotice('user',$this->user->name,'SAVED',OR_NOTICE_OK); - } - else - { - // Best�tigungscode stimmt nicht. - $this->addValidationError('code','code_not_match'); - } - - } - - - - public function pwPost() - { - if ( ! $this->user->checkPassword( $this->getRequestVar('act_password') ) ) - { - $this->addValidationError('act_password'); - } - elseif ( $this->getRequestVar('password1') == '' ) - { - $this->addValidationError('password1'); - } - elseif ( $this->getRequestVar('password1') != $this->getRequestVar('password2') ) - { - $this->addValidationError('password2','PASSWORDS_DO_NOT_MATCH'); - } - elseif ( strlen($this->getRequestVar('password1'))<intval(config('security','password','min_length')) ) - { - $this->addValidationError('password1','PASSWORD_MINLENGTH',array('minlength'=>config('security','password','min_length'))); - } - else - { - $this->user->setPassword( $this->getRequestVar('password1') ); - $this->addNotice('user',$this->user->name,'SAVED','ok'); - } - } - - - - /** - * Anzeige aller Benutzer-Eigenschaften. - */ - function editView() - { - $issuer = urlencode(config('application','operator')); - $account = $this->user->name.'@'.$_SERVER['SERVER_NAME']; - - $base32 = new Base2n(5, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ234567', FALSE, TRUE, TRUE); - $secret = $base32->encode(hex2bin($this->user->otpSecret)); - $counter = $this->user->hotpCount; - - $this->setTemplateVars( $this->user->getProperties() ); - - $this->setTemplateVar( 'allstyles',$this->user->getAvailableStyles() ); - - $this->setTemplateVar('timezone_list',timezone_identifiers_list() ); - - $languages = explode(',',config('i18n','available')); - foreach($languages as $id=>$name) - { - unset($languages[$id]); - $languages[$name] = $name; - } - $this->setTemplateVar('language_list',$languages); - - $this->setTemplateVars( - $this->user->getProperties() + - array('totpSecretUrl' => "otpauth://totp/{$issuer}:{$account}?secret={$secret}&issuer={$issuer}", - 'hotpSecretUrl' => "otpauth://hotp/{$issuer}:{$account}?secret={$secret}&issuer={$issuer}&counter={$counter}" - ) - ); - - - } - - - - /** - * Anzeige aller Gruppen des angemeldeten Benutzers. - * - */ - function membershipsView() - { - $this->setTemplateVar( 'groups',$this->user->getGroups() ); - } - - - - /** - * @param String $name Menüpunkt - * @return boolean true, falls Menüpunkt zugelassen - */ - function checkMenu( $name ) - { - global $conf; - - switch( $name ) - { - case 'pwchange': - // Die Funktion "Kennwort setzen" ist nur aktiv, wenn als Authentifizierungs-Backend - // auch die interne Benutzerdatenbank eingesetzt wird. - return @$conf['security']['auth']['type'] == 'database' - && !@$conf['security']['auth']['userdn']; - - default: - return true; - } - } - - /** - * Setzt eine Sprache für den Benutzer. - * - * @param $l string Sprache - */ - public function setLanguage($l) - { - global $conf; - $langFile = OR_LANGUAGE_DIR . 'lang-' . $l . '.' . PHP_EXT; - - // Pruefen, ob Sprache vorhanden ist. - if (!file_exists($langFile)) - throw new LogicException("Languagefile $langFile does not exist."); - - $lang = array(); - require($langFile); // Setzt $lang - global $conf; - $conf['language'] = $lang; - $conf['language']['language_code'] = $l; - Session::setConfig($conf); - } - -}- \ No newline at end of file diff --git a/action/ProjectAction.class.php b/action/ProjectAction.class.php @@ -1,351 +0,0 @@ -<?php - -namespace cms\action; - -use cms\model\Project; -use cms\model\Folder; - -// OpenRat Content Management System -// Copyright (C) 2002-2012 Jan Dankert, cms@jandankert.de -// -// This program is free software; you can redistribute it and/or -// modify it under the terms of the GNU General Public License -// as published by the Free Software Foundation; either version 2 -// of the License, or (at your option) any later version. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License -// along with this program; if not, write to the Free Software -// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. - - -/** - * Action-Klasse zum Bearbeiten eines Projektes - * @author $Author$ - * @version $Revision$ - * @package openrat.actions - */ -class ProjectAction extends Action -{ - public $security = SECURITY_ADMIN; - - var $project; - var $defaultSubAction = 'listing'; - - - function __construct() - { - $this->project = new Project( $this->getRequestId() ); - $this->project->load(); - } - - - function editPost() - { - if ( $this->getRequestVar('name') != '') - { - $this->project->name = $this->getRequestVar('name' ,OR_FILTER_ALPHANUM); - $this->project->target_dir = $this->getRequestVar('target_dir' ,OR_FILTER_RAW ); - $this->project->ftp_url = $this->getRequestVar('ftp_url' ,OR_FILTER_RAW ); - $this->project->ftp_passive = $this->getRequestVar('ftp_passive' ,OR_FILTER_RAW ); - $this->project->cmd_after_publish = $this->getRequestVar('cmd_after_publish' ,OR_FILTER_RAW ); - $this->project->content_negotiation = $this->getRequestVar('content_negotiation',OR_FILTER_NUMBER ); - $this->project->cut_index = $this->getRequestVar('cut_index' ,OR_FILTER_NUMBER ); - - $this->addNotice('project',$this->project->name,'SAVED','ok'); - $this->project->save(); // speichern - - $root = new Folder( $this->project->getRootObjectId() ); - $root->setTimestamp(); - } - else - { - $this->addValidationError('name'); - $this->callSubAction('edit'); - } - } - - - - /** - * Liste aller Projekte anzeigen. - * - */ - function listingView() - { - global $conf_php; - - // Projekte ermitteln - $list = array(); - - foreach(Project::getAllProjects() as $id=> $name ) - { - $list[$id] = array(); - $list[$id]['url' ] = Html::url('project','edit',$id); - $list[$id]['use_url' ] = Html::url('tree' ,'load',0 ,array('projectid'=>$id,'target'=>'tree')); - $list[$id]['name' ] = $name; - } - $this->setTemplateVar('el',$list); - } - - - /** - * Auswaehlen und starten eines Projektes. - */ - function select() - { - $user = Session::getUser(); - $projects = $user->projects; - - // Administrator sieht Administrationsbereich - if ( $user->isAdmin ) - $projects = array_merge( array("-1"=>lang('ADMINISTRATION')),$projects ); - - // Projekte ermitteln - $list = array(); - - foreach( $projects as $id=>$name ) - { - $list[$id] = array(); - $list[$id]['url' ] = Html::url('index','project',$id); - $list[$id]['name'] = $name; - } - $this->setTemplateVar('el',$list); - } - - - /** - * Anzeige der Eigenschaften des Projektes. - */ - function editView() - { - $extraProperties = array('rootobjectid'=>$this->project->getRootObjectId()); - - $this->setTemplateVars( $this->project->getProperties() + $extraProperties ); - - } - - - function removeView() - { - $this->setTemplateVar( 'name',$this->project->name ); - } - - - function removePost() - { - if ( !$this->hasRequestVar('delete') ) - { - $this->addValidationError('delete'); - return; - } - - // Gesamtes Projekt loeschen - $this->project->delete(); - - $this->setTemplateVar('tree_refresh',true); - $this->addNotice('project',$this->project->name,'DELETED'); - } - - - - /** - * Anzeige View fuer Wartung. - */ - function maintenanceView() - { - } - - - - /** - * Wartung durchfuehren. - */ - function maintenancePost() - { - switch( $this->getRequestVar('type') ) - { - case 'check_files': - // Konsistenzprüfungen - $this->project->checkLostFiles(); - $status = empty($this->project->log) ? OR_NOTICE_OK : OR_NOTICE_ERROR; - - $this->addNotice('project',$this->project->name,'DONE',$status,array(),$this->project->log); - break; - - case 'check_limit': - // Alte Versionen löschen. - $this->project->checkLimit(); - $this->addNotice('project',$this->project->name,'DONE'); - break; - - default: - $this->addValidationError('type'); - return; - } - } - - - - /** - * Synchronisation mit dem Dateisystem. - */ - public function syncPost() - { - - } - - - /** - * Synchronisation mit dem Dateisystem. - */ - public function syncView() - { - global $conf; - $syncConf = $conf['sync']; - - if ( ! $syncConf['enabled'] ) - return; - - $syncDir = slashify($syncConf['directory']).$this->project->name; - - - } - - - /** - * Import aus dem Dateisystem. - */ - public function importView() - { - - } - - - /** - * Import aus dem Dateisystem. - */ - public function importPost() - { - - } - - - /** - * Export in Dateisystem. - */ - public function exportView() - { - - } - - - /** - * Export in Dateisystem. - */ - public function exportPost() - { - - } - - - /** - * Projekt exportieren. - */ - public function copyView() - { - - } - - - /** - * Projekt exportieren. - */ - public function copyPost() - { - $db = db_connection(); - $this->setTemplateVar( 'dbid',$db->id ); - - global $conf; - $dbids = array(); - - foreach( $conf['database'] as $dbname=>$dbconf ) - { - if ( is_array($dbconf) && $dbconf['enabled']) - $dbids[$dbname] = $dbconf['description']; - } - $this->setTemplateVar( 'dbids',$dbids ); - - - if ( $this->hasRequestVar('ok') ) - { - $this->project->export( $this->getRequestVar('dbid') ); - - $this->addNotice('project',$this->project->name,'DONE'); - $this->setTemplateVar('done',true); - } - } - - - - /** - * Ausgabe PHPINFO. - * - */ - function phpinfo() - { - global $conf; - if ( !@$conf['security']['show_system_info'] ) - Http::sendStatus(403,'Forbidden','Display of system information is disabled by configuration'); - - phpinfo(); - } - - - - - function infoView() - { - $this->setTemplateVar( 'info', $this->project->info() ); - } - - - - - /** - * @param String $name Menüpunkt - * @return boolean true, falls Menüpunkt zugelassen - */ - function checkMenu( $name ) - { - global $conf; - - switch( $name ) - { - case 'remove': - return !readonly(); - case 'maintenance': - return !readonly(); - - default: - return true; - } - } - - - /** - * Ermittelt die letzten Änderungen, die im aktuellen Projekt gemacht worden sind. - */ - public function historyView() - { - $result = $this->project->getLastChanges(); - - $this->setTemplateVar('timeline', $result); - } - - -}- \ No newline at end of file diff --git a/action/ProjectlistAction.class.php b/action/ProjectlistAction.class.php @@ -1,125 +0,0 @@ -<?php - -namespace cms\action; - -use cms\model\Project; - -// OpenRat Content Management System -// Copyright (C) 2002-2012 Jan Dankert, cms@jandankert.de -// -// This program is free software; you can redistribute it and/or -// modify it under the terms of the GNU General Public License -// as published by the Free Software Foundation; either version 2 -// of the License, or (at your option) any later version. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License -// along with this program; if not, write to the Free Software -// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. - - -/** - * Action-Klasse zum Bearbeiten eines Projektes - * @author $Author$ - * @version $Revision$ - * @package openrat.actions - */ -class ProjectlistAction extends Action -{ - public $security = SECURITY_ADMIN; - - function __construct() - { - } - - - public function editView() - { - $this->nextSubAction('show'); - } - - /** - * Liste aller Projekte anzeigen. - * - */ - public function showView() - { - global $conf_php; - - // Projekte ermitteln - $list = array(); - - foreach(Project::getAllProjects() as $id=> $name ) - { - $list[$id] = array(); - $list[$id]['id' ] = $id; - $list[$id]['name' ] = $name; - } - $this->setTemplateVar('projects',$list); - } - - - - function addView() - { - $this->setTemplateVar( 'projects',Project::getAllProjects() ); - } - - - /** - * Projekt hinzufuegen. - * - */ - function addPost() - { - if ( !$this->hasRequestVar('type') ) - { - $this->addValidationError('type'); - $this->callSubAction('add'); - return; - } - else - { - switch( $this->getRequestVar('type') ) - { - case 'empty': - if ( !$this->hasRequestVar('name') ) - { - $this->addValidationError('name'); - $this->callSubAction('add'); - return; - } - $this->project = new Project(); - $this->project->name = $this->getRequestVar('name'); - $this->project->add(); - $this->addNotice('project',$this->project->name,'ADDED'); - break; - case 'copy': - $db = db_connection(); - $project = new Project($this->getRequestVar('projectid')); - $project->load(); - $project->export($db->id); - $this->addNotice('project',$project->name,'DONE'); - break; - default: - Http::serverError('Unknown type while adding project '.$this->getRequestVar('type') ); - } - - } - } - - - /** - * Ermittelt die letzten Änderungen, die in allen Projekten gemacht worden sind. - */ - function historyView() - { - $result = Project::getAllLastChanges(); - $this->setTemplateVar('timeline', $result); - } - -}- \ No newline at end of file diff --git a/action/SearchAction.class.php b/action/SearchAction.class.php @@ -1,238 +0,0 @@ -<?php - -namespace cms\action; - -use cms\model\User; -use cms\model\Value; -use cms\model\Template; -use cms\model\Object; -use cms\model\File; - - - -use Session; -use \Html; - - - -// OpenRat Content Management System -// Copyright (C) 2002-2012 Jan Dankert, cms@jandankert.de -// -// This program is free software; you can redistribute it and/or -// modify it under the terms of the GNU General Public License -// as published by the Free Software Foundation; either version 2 -// of the License, or (at your option) any later version. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License -// along with this program; if not, write to the Free Software -// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. - - -define('SEARCH_FLAG_ID' , 1); -define('SEARCH_FLAG_NAME' , 2); -define('SEARCH_FLAG_FILENAME' , 4); -define('SEARCH_FLAG_DESCRIPTION', 8); -define('SEARCH_FLAG_VALUE' ,16); - - -/** - * Action-Klasse fuer die Suchfunktion. - * - * @author $Author$ - * @version $Revision$ - * @package openrat.actions - */ -class SearchAction extends Action -{ - public $security = SECURITY_USER; - - - /** - * leerer Kontruktor - */ - function __construct() - { - } - - - - public function editView() - { - $user = Session::getUser(); - $this->setTemplateVar( 'users' ,User::listAll() ); - $this->setTemplateVar( 'act_userid',$user->userid ); - } - - /** - * Durchf?hren der Suche - * und Anzeige der Ergebnisse - */ - public function resultView() - { - $suchText = $this->getRequestVar('text'); - $searchFlags = 0; - - if ( $this->hasRequestVar('id' ) ) $searchFlags |= SEARCH_FLAG_ID; - if ( $this->hasRequestVar('filename' ) ) $searchFlags |= SEARCH_FLAG_FILENAME; - if ( $this->hasRequestVar('name' ) ) $searchFlags |= SEARCH_FLAG_NAME; - if ( $this->hasRequestVar('description') ) $searchFlags |= SEARCH_FLAG_DESCRIPTION; - if ( $this->hasRequestVar('content' ) ) $searchFlags |= SEARCH_FLAG_VALUE; - - $this->performSearch($suchText, $searchFlags); - - /* - case 'lastchange_user': - $e = new Value(); - - $language = Session::getProjectLanguage(); - $e->languageid = $language->languageid; - - $listObjectIds = $e->getObjectIdsByLastChangeUserId( $this->getRequestVar('userid') ); - break; - }*/ - } - - - - /** - * Durchf?hren der Suche - * und Anzeige der Ergebnisse - */ - public function quicksearchView() - { - global $conf; - - $text = $this->getRequestVar('search'); - - $flag = $conf['search']['quicksearch']['flag']; - $searchFlags = 0; - if ( $flag['id' ] ) $searchFlags |= SEARCH_FLAG_ID; - if ( $flag['name' ] ) $searchFlags |= SEARCH_FLAG_NAME; - if ( $flag['filename' ] ) $searchFlags |= SEARCH_FLAG_FILENAME; - if ( $flag['description'] ) $searchFlags |= SEARCH_FLAG_DESCRIPTION; - if ( $flag['content' ] ) $searchFlags |= SEARCH_FLAG_VALUE; - - $this->performSearch($text, $searchFlags); - } - - - - /** - * Durchf?hren der Suche - * und Anzeige der Ergebnisse - */ - private function performSearch( $text, $flag) - { - global $conf; - - $listObjectIds = array(); - $listTemplateIds = array(); - - $project = Session::getProject(); - if ( is_object($project) && $project->projectid == -1 ) - { - $resultList = array(); - - $user = User::loadWithName($text); - if ( is_object($user) ) - { - $userResult = array( 'url' => Html::url('template','',$templateid), - 'type' => 'user', - 'name' => $user->name, - 'desc' => lang('NO_DESCRIPTION_AVAILABLE'), - 'lastchange_date' => 0 ); - } - $resultList[] = $userResult; - - $this->setTemplateVar( 'result',$resultList ); - } - else - { - if ( $flag & SEARCH_FLAG_ID && Object::available( intval($text) ) ) - $listObjectIds[] = intval( $text ); - - if ( $flag & SEARCH_FLAG_NAME ) - { - $o = new Object(); - $listObjectIds += $o->getObjectIdsByName( $text ); - } - - if ( $flag & SEARCH_FLAG_DESCRIPTION ) - { - $o = new Object(); - $listObjectIds += $o->getObjectIdsByDescription( $text ); - } - - if ( $flag & SEARCH_FLAG_FILENAME ) - { - $o = new Object(); - $listObjectIds += $o->getObjectIdsByFilename( $text ); - - $f = new File(); - $listObjectIds += $f->getObjectIdsByExtension( $text ); - } - - // Inhalte durchsuchen - if ( $flag & SEARCH_FLAG_VALUE ) - { - $e = new Value(); - $listObjectIds += $e->getObjectIdsByValue( $text ); - - $template = new Template(); - $listTemplateIds += $template->getTemplateIdsByValue( $text ); - } - - $this->explainResult( $listObjectIds, $listTemplateIds ); - } - - } - - - /** - * - */ - private function explainResult( $listObjectIds, $listTemplateIds ) - { - $resultList = array(); - - foreach( $listObjectIds as $objectid ) - { - $o = new Object( $objectid ); - $o->load(); - $resultList[$objectid] = array(); - $resultList[$objectid]['id' ] = $objectid; - $resultList[$objectid]['url' ] = Html::url($o->getType(),'',$objectid); - $resultList[$objectid]['type'] = $o->getType(); - $resultList[$objectid]['name'] = $o->name; - $resultList[$objectid]['lastchange_date'] = $o->lastchangeDate; - - if ( $o->desc != '' ) - $resultList[$objectid]['desc'] = $o->desc; - else - $resultList[$objectid]['desc'] = lang('NO_DESCRIPTION_AVAILABLE'); - } - - foreach( $listTemplateIds as $templateid ) - { - $t = new Template( $templateid ); - $t->load(); - $resultList['t'.$templateid] = array(); - $resultList['t'.$templateid]['id' ] = $templateid; - $resultList['t'.$templateid]['url' ] = Html::url('template','',$templateid); - $resultList['t'.$templateid]['type'] = 'template'; - $resultList['t'.$templateid]['name'] = $t->name; - $resultList['t'.$templateid]['desc'] = lang('NO_DESCRIPTION_AVAILABLE'); - $resultList['t'.$templateid]['lastchange_date'] = 0; - } - - $this->setTemplateVar( 'result',$resultList ); - } - -} - -?>- \ No newline at end of file diff --git a/action/StartAction.class.php b/action/StartAction.class.php @@ -1,1704 +0,0 @@ -<?php - -namespace cms\action; - -use cms\model\User; -use cms\model\Project; -use cms\model\Value; -use cms\model\Element; -use cms\model\Page; -use cms\model\Object; -use cms\model\Language; -use cms\model\Model; - - -use database\Database; -use Http; -use Logger; -use \security\Password; -use Session; -use \Html; -use \Mail; - -// OpenRat Content Management System -// Copyright (C) 2002-2007 Jan Dankert, jandankert@jandankert.de -// -// This program is free software; you can redistribute it and/or -// modify it under the terms of the GNU General Public License -// as published by the Free Software Foundation; version 2. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License -// along with this program; if not, write to the Free Software -// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. - - -if ( !defined('PROJECTID_ADMIN') ) - define('PROJECTID_ADMIN',-1); - -/** - * Action-Klasse fuer die Start-Action - * @author $Author$ - * @version $Revision$ - * @package openrat.actions - */ - -class StartAction extends Action -{ - public $security = SECURITY_USER; - - var $mustChangePassword = false; - - function setDb( $dbid ) - { - global $conf; - - if ( !isset($conf['database'][$dbid] )) - Http::serverError( 'unknown DB-Id: '.$dbid ); - - $db = db_connection(); - if ( is_object($db) ) - { - $db->rollback(); - } - - $db = new Database( $conf['database'][$dbid] ); - $db->id = $dbid; - $db->start(); - Session::setDatabase( $db ); - } - - - - function checkForDb() - { - global $conf; - $dbid = $this->getRequestVar('dbid'); - - if ( $dbid != '' ) - $this->setDb( $dbid ); - } - - - - function setDefaultDb() - { - if ( $this->hasRequestVar(REQ_PARAM_DATABASE_ID) ) - { - $dbid = $this->getRequestVar(REQ_PARAM_DATABASE_ID); - } - else - { - global $conf; - - if ( !isset($conf['database']['default']) ) - Http::serverError('default-database not set'); - - $dbid = $conf['database']['default']; - } - - $this->setDb( $dbid ); - } - - - - function checkLogin( $name,$pw,$pw1,$pw2 ) - { - Logger::debug( "login user $name" ); - - global $conf; - global $SESS; - - unset( $SESS['user'] ); - - - $db = db_connection(); - - if ( !$db->available ) - { - $this->addNotice('database',$db->conf['description'],'DATABASE_CONNECTION_ERROR',OR_NOTICE_ERROR,array(),array('Database Error: '.$db->error)); - $this->callSubAction('showlogin'); - return false; - } - - $ip = getenv("REMOTE_ADDR"); - - $user = new User(); - $user->name = $name; - - $ok = $user->checkPassword( $pw ); - - $this->mustChangePassword = $user->mustChangePassword; - - if ( $this->mustChangePassword ) - { - // Der Benutzer hat zwar ein richtiges Kennwort eingegeben, aber dieses ist abgelaufen. - // Wir versuchen hier, das neue zu setzen (sofern eingegeben). - if ( empty($pw1) ) - { - } - elseif ( $pw1 != $pw2 ) - { - $this->addValidationError('password1','PASSWORDS_DO_NOT_MATCH'); - $this->addValidationError('password2',''); - } - elseif ( strlen($pw2) < $conf['security']['password']['min_length'] ) - { - $this->addValidationError('password1','PASSWORD_MINLENGTH',array('minlength'=>$conf['security']['password']['min_length'])); - $this->addValidationError('password2',''); - } - else - { - // Kennw�rter identisch und lang genug. - $user->setPassword( $pw1,true ); - - // Das neue Kennwort ist gesetzt, die Anmeldung ist also doch noch gelungen. - $ok = true; - $this->mustChangePassword = false; - $user->mustChangePassword = false; - } - } - - // Falls Login erfolgreich - if ( $ok ) - { - // Login war erfolgreich! - $user->load(); - $user->setCurrent(); - Logger::info( 'login successful' ); - - return true; - } - else - { - Logger::info( "login for user $name failed" ); - - return false; - } - } - - - - /** - * Anzeigen der Loginmaske. - * - * Es wird nur die Loginmaske angezeigt. - * Hier nie "304 not modified" setzen, da sonst keine - * Login-Fehlermeldung erscheinen kann - */ - function loginView() - { - global $conf; - $sso = $conf['security']['sso']; - $ssl = $conf['security']['ssl']; - - $ssl_trust = false; - $ssl_user_var = ''; - extract( $ssl, EXTR_PREFIX_ALL, 'ssl' ); - - if ( $sso['enable'] ) - { - $authid = $this->getRequestVar( $sso['auth_param_name']); - - if ( empty( $authid) ) - Http::notAuthorized( 'no authorization data (no auth-id)'); - - if ( $sso['auth_param_serialized'] ) - $authid = unserialize( $authid ); - - $purl = parse_url($sso['url']); - // Verbindung zu URL herstellen. - $errno=0; $errstr=''; - $fp = fsockopen ($purl['host'],80, $errno, $errstr, 30); - if ( !$fp ) - { - echo "Connection failed: $errstr ($errno)"; - } - else - { - $http_get = $purl['path']; - if ( !empty($purl['query']) ) - $http_get .= '?'.$purl['query']; - - $header = array(); - - $header[] = "GET $http_get HTTP/1.0"; - $header[] ="Host: ".$purl['host']; - $header[] = "User-Agent: Mozilla/5.0 (OpenRat CMS Single Sign-on Check)"; - $header[] = "Connection: Close"; - - if ( $sso['cookie'] ) - { - $cookie = 'Cookie: '; - if ( is_array($authid)) - foreach( $authid as $cookiename=>$cookievalue) - $cookie .= $cookiename.'='.$cookievalue."; "; - else - $cookie .= $sso['cookie_name'].'='.$authid; - - $header[] = $cookie; - } - -// Html::debug($header); - fputs ($fp, implode("\r\n",$header)."\r\n\r\n"); - - $inhalt=array(); - while (!feof($fp)) { - $inhalt[] = fgets($fp,128); - } - fclose($fp);