File includes/functions.mod.php | CMS CONTENIDO 4.9.0

  1: <?php
  2: /**
  3:  * This file contains the CONTENIDO module functions.
  4:  *
  5:  * @package          Core
  6:  * @subpackage       Backend
  7:  * @version          SVN Revision $Rev:$
  8:  *
  9:  * @author           Jan Lengowski
 10:  * @copyright        four for business AG <www.4fb.de>
 11:  * @license          http://www.contenido.org/license/LIZENZ.txt
 12:  * @link             http://www.4fb.de
 13:  * @link             http://www.contenido.org
 14:  */
 15: 
 16: defined('CON_FRAMEWORK') || die('Illegal call: Missing framework initialization - request aborted.');
 17: 
 18: cInclude('includes', 'functions.tpl.php');
 19: cInclude('includes', 'functions.con.php');
 20: 
 21: // @fixme: Document me!
 22: function modEditModule($idmod, $name, $description, $input, $output, $template, $type = '') {
 23:     global $db, $client, $cfgClient, $auth, $cfg, $sess, $area, $area_tree, $perm, $frame;
 24:     $description = stripslashes($description);
 25: 
 26:     $date = date('Y-m-d H:i:s');
 27:     $author = $auth->auth['uname'];
 28:     $contenidoModuleHandler = '';
 29:     $messageIfError = '';
 30: 
 31:     // Alias for modul name for the file system
 32:     $alias = strtolower(cModuleHandler::getCleanName($name));
 33: 
 34:     // Track version
 35:     $oVersion = new cVersionModule($idmod, $cfg, $cfgClient, $db, $client, $area, $frame);
 36:     $oVersion->createNewVersion();
 37: 
 38:     if (!$idmod) {
 39:         $cApiModuleCollection = new cApiModuleCollection();
 40:         $cApiModule = $cApiModuleCollection->create($name);
 41: 
 42:         $idmod = $cApiModule->get('idmod');
 43: 
 44:         cInclude('includes', 'functions.rights.php');
 45:         createRightsForElement('mod', $idmod);
 46:         $contenidoModuleHandler = new cModuleHandler($idmod);
 47:     } else {
 48:         $cApiModule = new cApiModule($idmod);
 49:         $contenidoModuleHandler = new cModuleHandler($idmod);
 50:     }
 51: 
 52:     // Save contents of input or output
 53:     $retInput = $contenidoModuleHandler->saveInput(stripslashes($input));
 54:     $retOutput = $contenidoModuleHandler->saveOutput(stripslashes($output));
 55: 
 56:     // clear the client cache if the module code has changed
 57:     if ($retInput || $retOutput) {
 58:         $purge = new cSystemPurge();
 59:         $purge->clearClientCache($client);
 60:     }
 61: 
 62:     if ($cApiModule->get('alias') != stripslashes($alias) || $cApiModule->get('template') != stripslashes($template) || $cApiModule->get('description') != stripslashes($description) || $cApiModule->get('type') != stripslashes($type)) {
 63:         // Rename the module if the name changed
 64:         $change = false;
 65:         $oldName = $cApiModule->get('alias');
 66: 
 67:         if ($cApiModule->get('alias') != $alias) {
 68:             $change = true;
 69:             // if modul exist show massage
 70:             if ($contenidoModuleHandler->modulePathExistsInDirectory($alias)) {
 71:                 cRegistry::addErrorMessage(i18n('Module name exist in module directory, please choose another name.'));
 72:                 $page = new cGuiPage('generic_page');
 73:                 $page->abortRendering();
 74:                 $page->render();
 75:                 die();
 76:             }
 77:         }
 78: 
 79:         // Name of modul changed
 80:         if ($change == true) {
 81:             cRegistry::addInfoMessage(i18n('Renamed module successfully!'));
 82:             $cApiModule->set('name', $name);
 83:             $cApiModule->set('template', $template);
 84:             $cApiModule->set('description', $description);
 85:             $cApiModule->set('type', $type);
 86:             $cApiModule->set('lastmodified', date('Y-m-d H:i:s'));
 87: 
 88:             // False: The new name of modul dont exist im modul dir
 89:             if ($contenidoModuleHandler->renameModul($oldName, $alias) == false) {
 90:                 cRegistry::addWarningMessage(i18n("Can't rename module, is a module file open?! Saving only database changes!"));
 91:             } else {
 92:                 $cApiModule->set('alias', $alias);
 93:             }
 94: 
 95:             $cApiModule->store();
 96: 
 97:             // Set the new module name
 98:             $contenidoModuleHandler->changeModuleName($alias);
 99:             // Ssave input and output in file
100:             if ($contenidoModuleHandler->saveInput(stripslashes($input)) == false) {
101:                 $messageIfError .= '<br>' . i18n("Can't save input !");
102:             }
103: 
104:             if ($contenidoModuleHandler->saveOutput(stripslashes($output)) == false) {
105:                 $messageIfError .= '<br>' . i18n("Can't save output !");
106:             }
107: 
108:             if ($contenidoModuleHandler->saveInfoXML($name, $description, $type, $alias) == false) {
109:                 $messageIfError .= '<br>' . i18n("Can't save xml module info file!");
110:             }
111: 
112:             // Display error
113:             if ($messageIfError != '') {
114:                 cRegistry::addErrorMessage($messageIfError);
115:                 // Set the old name because module could not rename
116:                 $cApiModule->set('name', $oldName);
117:                 $cApiModule->store();
118:             }
119:         } else {
120:             $cApiModule->set('name', $name);
121:             $cApiModule->set('template', $template);
122:             $cApiModule->set('description', $description);
123:             $cApiModule->set('type', $type);
124:             $cApiModule->set('lastmodified', date('Y-m-d H:i:s'));
125:             $cApiModule->set('alias', $alias);
126:             $cApiModule->store();
127: 
128:             if ($contenidoModuleHandler->saveInfoXML($name, $description, $type, $alias) == false) {
129:                 cRegistry::addErrorMessage(i18n("Can't save xml module info file!"));
130:             }
131: 
132:             if ($retInput == true && $retOutput == true) {
133:                 cRegistry::addInfoMessage(i18n('Saved module successfully!'));
134:             } else {
135:                 $messageIfError = '<br>' . i18n("Can't save input !");
136:                 $messageIfError .= '<br>' . i18n("Can't save output !");
137:                 cRegistry::addErrorMessage($messageIfError);
138:             }
139:         }
140:     } else {
141:         // No changes for save
142:         if ($retInput == true && $retOutput == true) {
143:             cRegistry::addInfoMessage(i18n('Saved module successfully!'));
144:         } else {
145:             $messageIfError = i18n("Can't save input !");
146:             $messageIfError .= ' ' . i18n("Can't save output !");
147:             cRegistry::addErrorMessage($messageIfError);
148:         }
149:     }
150: 
151:     return $idmod;
152: }
153: 
154: // @fixme: Document me!
155: function modDeleteModule($idmod) {
156:     global $db, $sess, $client, $cfg, $area_tree, $perm;
157: 
158:     $sql = 'DELETE FROM ' . $cfg['tab']['mod'] . ' WHERE idmod = ' . (int) $idmod . ' AND idclient = ' . (int) $client;
159:     $db->query($sql);
160: 
161:     // Delete rights for element
162:     cInclude('includes', 'functions.rights.php');
163:     deleteRightsForElement('mod', $idmod);
164: }
165: 
166: // $code: Code to evaluate
167: // $id: Unique ID for the test function
168: // $mode: true if start in php mode, otherwise false
169: // Returns true or false
170: // @fixme: Document me!
171: function modTestModule($code, $id, $output = false) {
172:     global $cfg, $modErrorMessage;
173: 
174:     $magicvalue = 0;
175: 
176:     $db = cRegistry::getDb();
177: 
178:     // Put a $ in front of all CMS variables to prevent PHP error messages
179:     $sql = 'SELECT type FROM ' . $cfg['tab']['type'];
180:     $db->query($sql);
181:     while ($db->nextRecord()) {
182:         $code = str_replace($db->f('type') . '[', '$' . $db->f('type') . '[', $code);
183:     }
184: 
185:     $code = preg_replace(',\[(\d+)?CMS_VALUE\[(\d+)\](\d+)?\],i', '[\1\2\3]', $code);
186:     $code = str_replace('CMS_VALUE', '$CMS_VALUE', $code);
187:     $code = str_replace('CMS_VAR', '$CMS_VAR', $code);
188: 
189:     // If the module is an output module, escape PHP since all output modules
190:     // enter php mode
191:     if ($output == true) {
192:         $code = "?>\n" . $code . "\n<?php";
193:     }
194: 
195:     // Looks ugly: Paste a function declarator in front of the code
196:     $code = 'function foo' . $id . ' () {' . $code;
197:     $code .= "\n}\n";
198: 
199:     // Set the magic value
200:     $code .= '$magicvalue = 941;';
201: 
202:     // To parse the error message, we prepend and append a phperror tag in front
203:     // of the output
204:     $sErs = ini_get('error_prepend_string'); // Save current setting (see below)
205:     $sEas = ini_get('error_append_string'); // Save current setting (see below)
206:     @ini_set('error_prepend_string', '<phperror>');
207:     @ini_set('error_append_string', '</phperror>');
208: 
209:     // Turn off output buffering and error reporting, eval the code
210:     ob_start();
211:     $display_errors = ini_get('display_errors');
212:     @ini_set('display_errors', true);
213:     $output = eval($code);
214:     @ini_set('display_errors', $display_errors);
215: 
216:     // Get the buffer contents and turn it on again
217:     $output = ob_get_contents();
218:     ob_end_clean();
219: 
220:     // Remove the prepend and append settings
221:     /*
222:      * 19.09.2006: Following lines have been disabled, as ini_restore has been
223:      * disabled by some hosters as there is a security leak in PHP (PHP <= 5.1.6
224:      * & <= 4.4.4)
225:      */
226:     // ini_restore('error_prepend_string');
227:     // ini_restore('error_append_string');
228:     @ini_set('error_prepend_string', $sErs); // Restoring settings (see above)
229:     @ini_set('error_append_string', $sEas); // Restoring settings (see above)
230: 
231:     // Strip out the error message
232:     $start = strpos($output, '<phperror>');
233:     $end = strpos($output, '</phperror>');
234: 
235:     // More stripping: Users shouldnt see where the file is located, but they
236:     // should see the error line
237:     if ($start !== false) {
238:         $start = strpos($output, 'eval()');
239: 
240:         $modErrorMessage = substr($output, $start, $end - $start);
241: 
242:         // Kill that HTML formatting
243:         $modErrorMessage = str_replace('<b>', '', $modErrorMessage);
244:         $modErrorMessage = str_replace('</b>', '', $modErrorMessage);
245:         $modErrorMessage = str_replace('<br>', '', $modErrorMessage);
246:         $modErrorMessage = str_replace('<br />', '', $modErrorMessage);
247:     }
248: 
249:     // Check if there are any php short tags in code, and display error
250:     $bHasShortTags = false;
251:     if (preg_match('/<\?\s+/', $code) && $magicvalue == 941) {
252:         $bHasShortTags = true;
253:         $modErrorMessage = i18n('Please do not use short open tags. (Use <?php instead of <?).');
254:     }
255: 
256:     // Now, check if the magic value is 941. If not, the function didn't compile
257:     if ($magicvalue != 941 || $bHasShortTags) {
258:         return false;
259:     } else {
260:         return true;
261:     }
262: }
263:
Packages

Classes

Functions
