1: <?php
  2: /**
  3:  * This file contains the backend page for displaying all content of an article.
  4:  *
  5:  * @package Core
  6:  * @subpackage Backend
  7:  * @version SVN Revision $Rev:$
  8:  *
  9:  * @author Fulai Zhang
 10:  * @copyright four for business AG <www.4fb.de>
 11:  * @license http://www.contenido.org/license/LIZENZ.txt
 12:  * @link http://www.4fb.de
 13:  * @link http://www.contenido.org
 14:  */
 15: 
 16: defined('CON_FRAMEWORK') || die('Illegal call: Missing framework initialization - request aborted.');
 17: 
 18: $backendPath = cRegistry::getBackendPath();
 19: $backendUrl = cRegistry::getBackendUrl();
 20: 
 21: cInclude('includes', 'functions.str.php');
 22: cInclude('includes', 'functions.pathresolver.php');
 23: 
 24: if (!isset($idcat)) {
 25:     cRegistry::shutdown();
 26:     return;
 27: }
 28: 
 29: $edit = 'true';
 30: $scripts = '';
 31: 
 32: $page = new cGuiPage("con_content_list");
 33: 
 34: if (!($perm->have_perm_area_action($area, "savecontype") || $perm->have_perm_area_action_item($area, "savecontype", $idcat) || $perm->have_perm_area_action("con", "deletecontype") || $perm->have_perm_area_action_item("con", "deletecontype", $idcat))) {
 35:     // $page->displayCriticalError(i18n("Permission denied")); (Apparently one of the action files already displays this error message)
 36:     $page->abortRendering();
 37:     $page->render();
 38:     die();
 39: }
 40: 
 41: // save / set value
 42: if (($action == 'savecontype' || $action == 10)) {
 43:     if ($perm->have_perm_area_action($area, "savecontype") || $perm->have_perm_area_action_item($area, "savecontype", $idcat)) {
 44:         if ($data != '') {
 45:             $data = explode('||', substr($data, 0, -2));
 46:             foreach ($data as $value) {
 47:                 $value = explode('|', $value);
 48:                 if ($value[3] == '%$%EMPTY%$%') {
 49:                     $value[3] = '';
 50:                 } else {
 51:                     $value[3] = str_replace('%$%SEPERATOR%$%', '|', $value[3]);
 52:                 }
 53:                 conSaveContentEntry($value[0], 'CMS_' . $value[1], $value[2], $value[3]);
 54:             }
 55: 
 56:             conMakeArticleIndex($idartlang, $idart);
 57: 
 58:             // restore orginal values
 59:             $data = $_REQUEST['data'];
 60:             $value = $_REQUEST['value'];
 61: 
 62:             $notification->displayNotification("info", i18n("Changes saved"));
 63:         }
 64: 
 65:         conGenerateCodeForArtInAllCategories($idart);
 66:     } else {
 67:         $page->displayError(i18n("Permission denied"));
 68:     }
 69: } else if ($action == 'deletecontype') {
 70:     if ($perm->have_perm_area_action($Area, "deletecontype") || $perm->have_perm_area_action_item($area, "deletecontype", $idcat)) {
 71:        if (isset($_REQUEST['idcontent']) && is_numeric($_REQUEST['idcontent'])) {
 72:             $oContentColl = new cApiContentCollection();
 73: 
 74:             $linkedTypes = array(
 75:                 4 => 22, // if a CMS_IMG is deleted, the corresponding
 76:                          // CMS_IMAGEEDITOR will be deleted too
 77:                 22 => 4 // the same goes for the other way round
 78:             );
 79: 
 80:             $contentItem = new cApiContent((int) $_REQUEST["idcontent"]);
 81:             if (isset($linkedTypes[$contentItem->get("idtype")])) {
 82:                 $linkedIds = $oContentColl->getIdsByWhereClause("`idartlang`='" . $idartlang . "' AND `idtype`='" . $linkedTypes[$contentItem->get("idtype")] . "' AND `value`='" . $contentItem->get("value") . "'");
 83:                 foreach ($linkedIds as $linkedId) {
 84:                     $oContentColl->delete($linkedId);
 85:                 }
 86:             }
 87:             $oContentColl->delete((int) $_REQUEST['idcontent']);
 88:             $notification->displayNotification("info", i18n("Changes saved"));
 89: 
 90:             conGenerateCodeForArtInAllCategories($idart);
 91:         }
 92:     } else {
 93:         $page->displayError(i18n("Permission denied"));
 94:     }
 95: }
 96: 
 97: // get active value
 98: 
 99: $result = array();
100: $aList = array();
101: $currentTypes = array();
102: $sortID = array(
103:     "CMS_HTMLHEAD",
104:     "CMS_HEAD",
105:     "CMS_HTML",
106:     "CMS_TEXT",
107:     "CMS_IMG",
108:     "CMS_IMGDESCR",
109:     "CMS_IMGEDITOR",
110:     "CMS_LINK",
111:     "CMS_LINKTARGET",
112:     "CMS_LINKDESCR",
113:     "CMS_LINKEDITOR",
114:     "CMS_DATE",
115:     "CMS_TEASER",
116:     "CMS_FILELIST"
117: );
118: 
119: $aIdtype = array();
120: $sql = "SELECT DISTINCT typeid FROM %s WHERE idartlang = %d ORDER BY typeid";
121: $db->query($sql, $cfg["tab"]["content"], $_REQUEST["idartlang"]);
122: while ($db->nextRecord()) {
123:     $aIdtype[] = $db->f("typeid");
124: }
125: 
126: foreach ($sortID as $name) {
127:     // $sql = "SELECT b.idtype as idtype, b.type as name, a.typeid as id,
128:     // a.value as value FROM " . $cfg["tab"]["content"] . " as a, " .
129:     // $cfg["tab"]["type"] . " as b WHERE a.idartlang = " .
130:     // cSecurity::toInteger($_REQUEST["idartlang"]) . " AND a.idtype = b.idtype
131:     // AND b.type = '" . cSecurity::toString($name) . "' ORDER BY idtype,
132:     // typeid, idcontent";
133:     $sql = "SELECT b.idtype as idtype, b.type as name, a.typeid as id, a.value as value FROM %s AS a, %s AS b " . "WHERE a.idartlang = %d AND a.idtype = b.idtype AND b.type = '%s' ORDER BY idtype, typeid, idcontent";
134:     $db->query($sql, $cfg["tab"]["content"], $cfg["tab"]["type"], $_REQUEST["idartlang"], $name);
135:     while ($db->nextRecord() && $db->f("value") != '') {
136:         $result[$db->f("name")][$db->f("id")] = $db->f("value");
137:         if (!in_array($db->f("name"), $aList)) {
138:             $aList[$db->f("idtype")] = $db->f("name");
139:         }
140:     }
141: }
142: 
143: $currentTypes = _getCurrentTypes($currentTypes, $aList);
144: // print_r($currentTypes);
145: // create Layoutcode
146: // if ($action == 'con_content') {
147: // @fulai.zhang: Mark submenuitem 'Editor' in the CONTENIDO Backend (Area:
148: // Contenido --> Articles --> Editor)
149: $markSubItem = markSubMenuItem(4, true);
150: 
151: // Include tiny class
152: include($backendPath . 'external/wysiwyg/tinymce3/editorclass.php');
153: $oEditor = new cTinyMCEEditor('', '');
154: $oEditor->setToolbar('inline_edit');
155: 
156: // Get configuration for popup und inline tiny
157: $sConfigInlineEdit = $oEditor->getConfigInlineEdit();
158: $sConfigFullscreen = $oEditor->getConfigFullscreen();
159: 
160: // Replace vars in Script
161: 
162: // Set urls to file browsers
163: $page->set('s', 'IMAGE', $backendUrl . 'frameset.php?area=upl&contenido=' . $sess->id . '&appendparameters=imagebrowser');
164: $page->set('s', 'FILE', $backendUrl . 'frameset.php?area=upl&contenido=' . $sess->id . '&appendparameters=filebrowser');
165: $page->set('s', 'FLASH', $backendUrl . 'frameset.php?area=upl&contenido=' . $sess->id . '&appendparameters=imagebrowser');
166: $page->set('s', 'MEDIA', $backendUrl . 'frameset.php?area=upl&contenido=' . $sess->id . '&appendparameters=imagebrowser');
167: $page->set('s', 'FRONTEND', cRegistry::getFrontendUrl());
168: 
169: // Add tiny options
170: $page->set('s', 'TINY_OPTIONS', $sConfigInlineEdit);
171: $page->set('s', 'TINY_FULLSCREEN', $sConfigFullscreen);
172: $page->set('s', 'IDARTLANG', $idartlang);
173: $page->set('s', 'CLOSE', i18n('Close editor'));
174: $page->set('s', 'SAVE', i18n('Close editor and save changes'));
175: $page->set('s', 'QUESTION', i18n('Do you want to save changes?'));
176: 
177: if (getEffectiveSetting('system', 'insite_editing_activated', 'true') == 'false') {
178:     $page->set('s', 'USE_TINY', '');
179: } else {
180:     $page->set('s', 'USE_TINY', '1');
181: }
182: 
183: // Show path of selected category to user
184: $breadcrumb = renderBackendBreadcrumb($syncoptions, true, true);
185: $page->set('s', 'CATEGORY', $breadcrumb);
186: 
187: if (count($result) <= 0) {
188:     $page->displayInfo(i18n("Article has no raw data"));
189:     $page->abortRendering();
190:     // $layoutcode .= '<div>--- ' . i18n("none") . ' ---</div>';
191: } else {
192:     foreach ($aIdtype as $idtype) {
193:         foreach ($sortID as $name) {
194:             if (in_array($name, array_keys($result)) && $result[$name][$idtype] != '') {
195:                 if (in_array($name . "[" . $idtype . "]", $currentTypes)) {
196:                     $class = '';
197:                 } else {
198:                     $class = ' noactive';
199:                 }
200:                 $page->set("d", "EXTRA_CLASS", $class);
201:                 $page->set("d", "NAME", $name);
202:                 $page->set("d", "ID_TYPE", $idtype);
203:                 $page->next();
204:             }
205:         }
206:     }
207: }
208: 
209: // breadcrumb onclick
210: if (!isset($syncfrom)) {
211:     $syncfrom = -1;
212: }
213: $syncoptions = $syncfrom;
214: $page->set("s", "SYNCHOPTIONS", $syncoptions);
215: 
216: $page->set("s", "IDART", $idart);
217: $page->set("s", "IDCAT", $idcat);
218: $page->set("s", "IDLANG", $lang);
219: $page->set("s", "IDARTLANG", $idartlang);
220: $page->set("s", "IDCLIENT", $client);
221: 
222: // generate code
223: $code = _processCmsTags($aList, $result, true, $page->render(NULL, true));
224: 
225: if ($code == "0601") {
226:     markSubMenuItem("1");
227:     $code = "<script type='text/javascript'>location.href = '" . $backendUrl . "main.php?frame=4&area=con_content_list&action=con_content&idart=" . $idart . "&idcat=" . $idcat . "&contenido=" . $contenido . "'; /*console.log(location.href);*/</script>";
228: } else {
229:     // inject some additional markup
230:     $code = cString::iReplaceOnce("</head>", "$markSubItem $scripts\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=$encoding[$lang]\"></head>", $code);
231: }
232: 
233: if ($cfg["debug"]["codeoutput"]) {
234:     cDebug::out(conHtmlSpecialChars($code));
235: }
236: 
237: // show ContentTypeList
238: chdir(cRegistry::getFrontendPath());
239: eval("?>\n" . $code . "\n<?php\n");
240: // }
241: 
242: cRegistry::shutdown();
243: 
244: /**
245:  * Processes replacements of all existing CMS_...
246:  * tags within passed code
247:  *
248:  * @param array $aList CMS_...tags list
249:  * @param array $contentList all CMS variables
250:  * @param bool $saveKeywords Flag to save collected keywords during replacement
251:  *        process.
252:  * @param array $contentList Assoziative list of CMS variables
253:  */
254: function _processCmsTags($aList, $contentList, $saveKeywords = true, $layoutCode) {
255:     // #####################################################################
256:     // NOTE: Variables below are required in included/evaluated content type
257:     // codes!
258:     global $db, $db2, $sess, $cfg, $code, $cfgClient, $encoding, $notification;
259: 
260:     // NOTE: Variables below are additionally required in included/evaluated
261:     // content type codes within backend edit mode!
262:     global $edit, $editLink, $belang;
263: 
264:     $idcat = $_REQUEST['idcat'];
265:     $idart = $_REQUEST['idart'];
266:     $lang = $_REQUEST['lang'];
267:     $client = $_REQUEST['client'];
268:     $idartlang = $_REQUEST['idartlang'];
269:     $contenido = $_REQUEST['contenido'];
270: 
271:     // Get locked status (article freeze)
272:     $cApiArticleLanguage = new cApiArticleLanguage(cSecurity::toInteger($idartlang));
273:     $locked = $cApiArticleLanguage->getField('locked');
274: 
275:     // If article is locked show notification
276:     if ($locked == 1) {
277:         $notification->displayNotification('warning', i18n('This article is currently frozen and can not be edited!'));
278:     }
279: 
280:     if (!is_object($db2)) {
281:         $db2 = cRegistry::getDb();
282:     }
283:     // End: Variables required in content type codes
284:     // #####################################################################
285: 
286:     $match = array();
287:     $keycode = array();
288: 
289:     // $a_content is used by included/evaluated content type codes below
290:     $a_content = $contentList;
291: 
292:     // Select all cms_type entries
293:     $_typeList = array();
294:     $oTypeColl = new cApiTypeCollection();
295:     $oTypeColl->select();
296:     while ($oType = $oTypeColl->next()) {
297:         $_typeList[] = $oType->toObject();
298:     }
299: 
300:     // Replace all CMS_TAGS[]
301:     foreach ($_typeList as $_typeItem) {
302:         $key = strtolower($_typeItem->type);
303:         $type = $_typeItem->type;
304:         if (in_array($type, $aList)) {
305:             // Try to find all CMS_{type}[{number}] values, e. g. CMS_HTML[1]
306:             // $tmp = preg_match_all('/(' . $type . ')\[+([a-z0-9_]+)+\]/i',
307:             // $this->_layoutCode, $match);
308:             $tmp = preg_match_all('/(' . $type . '\[+(\d)+\])/i', $layoutCode, $match);
309: 
310:             $a_[$key] = $match[0];
311: 
312:             $success = array_walk($a_[$key], 'extractNumber');
313: 
314:             $search = array();
315:             $replacements = array();
316: 
317:             $backendPath = cRegistry::getBackendPath();
318: 
319:             $typeCodeFile = $backendPath . 'includes/type/code/include.' . $type . '.code.php';
320:             $cTypeClassFile = $backendPath . 'classes/content_types/class.content.type.' . strtolower(str_replace('CMS_', '', $type)) . '.php';
321:             // classname format: CMS_HTMLHEAD -> cContentTypeHtmlhead
322:             $className = 'cContentType' . ucfirst(strtolower(str_replace('CMS_', '', $type)));
323: 
324:             foreach ($a_[$key] as $val) {
325:                 if (cFileHandler::exists($cTypeClassFile)) {
326:                     $tmp = $a_content[$_typeItem->type][$val];
327:                     $cTypeObject = new $className($tmp, $val, $a_content);
328:                     if (cRegistry::isBackendEditMode() && $locked == 0) {
329:                         $tmp = $cTypeObject->generateEditCode();
330:                     } else {
331:                         $tmp = $cTypeObject->generateViewCode();
332:                     }
333:                 } else if (cFileHandler::exists($typeCodeFile)) {
334:                     // include CMS type code
335:                     include($typeCodeFile);
336:                 } elseif (!empty($_typeItem->code)) {
337:                     // old version, evaluate CMS type code
338:                     cDeprecated("Move code for $type from table into file system (contenido/includes/type/code/)");
339:                     eval($_typeItem->code);
340:                 }
341:                 $sql = "SELECT a.idcontent
342:                     FROM " . $cfg["tab"]["content"] . " as a, " . $cfg["tab"]["type"] . " as b
343:                     WHERE a.idartlang=" . cSecurity::toInteger($_REQUEST["idartlang"]) . " AND a.idtype=b.idtype AND a.typeid = " . cSecurity::toInteger($val) . " AND b.type = '" . cSecurity::toString($type) . "'
344:                     ORDER BY a.idartlang, a.idtype, a.typeid";
345:                 $db->query($sql);
346:                 while ($db->nextRecord()) {
347:                     $idcontent = $db->f("idcontent");
348:                 }
349:                 $backendUrl = cRegistry::getBackendUrl();
350: 
351:                 $search[$val] = sprintf('%s[%s]', $type, $val);
352:                 $path = $backendUrl . 'main.php?area=con_content_list&action=deletecontype&changeview=edit&idart=' . $idart . '&idartlang=' . $idartlang . '&idcat=' . $idcat . '&client=' . $client . '&lang=' . $lang . '&frame=4&contenido=' . $contenido . '&idcontent=' . $idcontent;
353:                 if ($_typeItem->idtype == 20 || $_typeItem->idtype == 21) {
354:                     $tmp = str_replace('";?>', '', $tmp);
355:                     $tmp = str_replace('<?php echo "', '', $tmp);
356:                     // echo
357:                     // "<textarea>"."?".">\n".stripslashes($tmp)."\n\";?"."><"."?php\n"."</textarea>";
358:                 }
359: 
360:                 if ($locked == 0) { // No freeze
361:                     $replacements[$val] = $tmp . '<a href="#" onclick="Con.showConfirmation(\'' . i18n("Are you sure you want to delete this content type from this article?") . '\', function() { Con.Tiny.setContent(\'1\',\'' . $path . '\'); });">
362:                 <img border="0" src="' . $backendUrl . 'images/delete.gif">
363:                 </a>';
364:                     $keycode[$type][$val] = $tmp . '<a href="#" onclick="Con.showConfirmation(\'' . i18n("Are you sure you want to delete this content type from this article?") . '\', function() { Con.Tiny.setContent(\'1\',\'' . $path . '\'); });">
365:                 <img border="0" src="' . $backendUrl . 'images/delete.gif">
366:                 </a>';
367:                 } else { // Freeze status
368:                     $replacements[$val] = $tmp;
369:                     $keycode[$type][$val] = $tmp;
370:                 }
371:             }
372: 
373:             $code = str_ireplace($search, $replacements, $layoutCode);
374:             // execute CEC hook
375:             $code = cApiCecHook::executeAndReturn('Contenido.Content.conGenerateCode', $code);
376:             $layoutCode = stripslashes($code);
377:         }
378:     }
379:     $layoutCode = str_ireplace("<<", "[", $layoutCode);
380:     $layoutCode = str_ireplace(">>", "]", $layoutCode);
381:     return $layoutCode;
382: }
383: 
384: /**
385:  * Processes get all existing active CMS_... tags within passed code
386:  *
387:  * @param array $r active CMS variables
388:  * @param array $aList CMS_...tags list
389:  */
390: function _getCurrentTypes($r, $aList) {
391:     $idcat = $_REQUEST['idcat'];
392:     $idart = $_REQUEST['idart'];
393:     $lang = $_REQUEST['lang'];
394:     $client = $_REQUEST['client'];
395:     global $db, $db2, $sess, $cfg, $code, $cfgClient, $encoding;
396: 
397:     // Select all cms_type entries
398:     $_typeList = array();
399:     $oTypeColl = new cApiTypeCollection();
400:     $oTypeColl->select();
401:     while ($oType = $oTypeColl->next()) {
402:         $_typeList[] = $oType->toObject();
403:     }
404: 
405:     // generate code
406:     $code = conGenerateCode($idcat, $idart, $lang, $client, false, false, false);
407:     foreach ($_typeList as $_typeItem) {
408:         $type = $_typeItem->type;
409:         if (in_array($type, $aList)) {
410:             // Try to find all CMS_{type}[{number}] values, e. g. CMS_HTML[1]
411:             $tmp = preg_match_all('/(' . $type . '\[+(\d)+\])/i', $code, $match);
412:             foreach ($match[0] as $s) {
413:                 if (!in_array($s, $r)) {
414:                     array_push($r, $s);
415:                 }
416:             }
417:         }
418:     }
419:     return $r;
420: }
421: