" ;
$oCurrentFolder = opendir( $sServerDir ) ;
while ( $sFile = readdir( $oCurrentFolder ) )
{
if ( $sFile != '.' && $sFile != '..' && $sFile != 'CVS' && is_dir( $sServerDir . $sFile ) )
$aFolders[] = $sFile;
//echo '' ;
}
if (count($aFolders) > 0) {
natcasesort($aFolders);
foreach($aFolders AS $k=>$v) {
echo '' ;
}
}
closedir( $oCurrentFolder ) ;
// Close the "Folders" node.
echo "" ;
}
function ValidateAdminSid()
{
$conn = GetADODbConnection();
$session_time = GetConfigValue('ses_timeout')+0;
$sid = ($_COOKIE['admin_sid'])?$_COOKIE['admin_sid']:$_COOKIE['sid'];
$sql = "SELECT count( sd.sid )
FROM session_data AS sd
LEFT JOIN sessions AS s ON s.sid = sd.sid
WHERE sd.`name` = 'admin_mode'
AND sd.`value` = '1'
AND sd.sid = '".$sid."'
AND s.expire + '".$session_time."' > unix_timestamp()";
if ($conn->GetOne($sql) > 0) {
return true;
}
}
function ValidateUserSid()
{
$conn = GetADODbConnection();
$session_time = GetConfigValue('ses_timeout')+0;
$sid = $_COOKIE['sid'];
$sql = "SELECT count( sd.sid )
FROM sessions
sid = '".$sid."'
AND expire + '".$session_time."' > unix_timestamp()";
if ($conn->GetOne($sql) > 0) {
return true;
}
}
function ValidateSID()
{
global $Config;
if (isset($Config['K4Mode'])) {
return true;
}
else {
if ($Config['validate_type'] == 'user')
return ValidateUserSid();
elseif ($Config['validate_type'] == 'admin')
return ValidateAdminSid();
else
echo "SESSION Validation FALSE";
}
return false;
}
function GetCmsTree()
{
global $Config;
$ret = "";
if (isset($Config['K4Mode'])) {
$ret.= K4ReadCmsTree(0);
}
else {
$ret.= ReadCmsTree(0);
}
$ret.= "";
echo $ret;
}
function K4ReadCmsTree($cat_id, $level = 0)
{
$application =& kApplication::Instance();
$application->Init();
if ($application->isModuleEnabled('Proj-CMS')) {
$lang = $application->GetVar('m_lang');
$st =& $application->recallObject('st.-dummy');
$st_options = $application->getUnitOption('st'.'.ParentId', 'Fields');
$pages = $st_options['options'];
$page_ids = array_keys($pages);
$tpls = $application->Conn->GetCol('SELECT NamedParentPath, CategoryId FROM '.TABLE_PREFIX.'Category WHERE CategoryId IN ('.join(',', $page_ids).')', 'CategoryId');
// $query = 'SELECT CategoryId, NamedParentPath, l'.$lang.'_Name AS Title FROM '.TABLE_PREFIX.'Category ORDER By l'.$lang.'_Title';
// $pages = $application->Conn->Query($query);
$res = '';
foreach ($pages as $id => $title) {
$page_path = preg_replace('/^content\//', '', strtolower($tpls[$id]).'.html');
$title = $title.' ('.$page_path.')';
$real_url = $application->HREF($tpls[$id], '', null, 'index.php');
$res .= '';
}
}
else {
$lang = $application->GetVar('m_lang');
$query = 'SELECT PageId, Path, l'.$lang.'_Title AS Title FROM '.TABLE_PREFIX.'Pages ORDER By l'.$lang.'_Title';
$pages = $application->Conn->Query($query);
$res = '';
foreach ($pages as $page) {
$page_path = $page['Path'].'.html';
$title = $page['Title'].' ('.$page_path.')';
$res .= '';
}
}
return $res;
}
function ReadCmsTree($st_id, $level = 0)
{
$conn = GetADODbConnection();
$query = "SELECT value FROM config WHERE name = 'default_lang_prefix'";
$rs = $conn->Execute($query);
if ($rs && !$rs->EOF)
{
$default_lang_prefix = $rs->fields['value'];
}
$query = "SELECT value FROM config WHERE name = 'cms_direct_mode'";
$rs = $conn->Execute($query);
if ($rs && !$rs->EOF)
{
$cms_mode = $rs->fields['value'];
}
$query = "SELECT value FROM config WHERE name = 'email_templates_folder_id'";
$rs = $conn->Execute($query);
if ($rs && !$rs->EOF)
{
$email_templates_folder_id = $rs->fields['value'];
}
/*
$query = "SELECT value FROM config WHERE name = 'custom_cms'";
$rs = $conn->Execute($query);
if ($rs && !$rs->EOF)
{
$custom_cms = $rs->fields['value'];
}
*/
if (GetConfigValue('custom_cms')) {
$filter = 'AND st.st_name NOT IN (' . GetConfigValue('custom_cms') . ')';
}
else {
$filter = '';
}
if ( $email_templates_folder_id == "" ) $email_templates_folder_id = 0;
$system_tpl_ids = GetConfigValue('system_tpl_ids');
if (!$system_tpl_ids)
$system_tpl_ids = '0';
if ( $cms_mode == 1 ) {
//$lang_prefix = $this->Application->GetVar('lang_prefix');
$query = "
SELECT st.*,
IF(lb.".$default_lang_prefix."_content='' OR lb.".$default_lang_prefix."_content IS NULL,
st.st_path,
lb.".$default_lang_prefix."_content
) AS page_title
FROM
structure_templates AS st
LEFT JOIN
live_blocks AS lb
ON
(st.st_id = lb.template_id) AND (lb.block_type = 3)
WHERE st.st_parent_id = ".$st_id."
AND st_id != ".$email_templates_folder_id."
AND st.st_id NOT IN ($system_tpl_ids)
AND st_path != '/cms' " . $filter . "
ORDER BY st.st_order";
}
else {
$query = "
SELECT st.*,
IF(wb.".$default_lang_prefix."_content='' OR wb.".$default_lang_prefix."_content IS NULL,
st.st_path,
wb.".$default_lang_prefix."_content
) AS page_title
FROM
structure_templates AS st
LEFT JOIN
working_blocks AS wb
ON
(st.st_id = wb.template_id) AND (wb.block_type = 3)
WHERE st.st_parent_id = ".$st_id."
AND st_id != ".$email_templates_folder_id."
AND st.st_id NOT IN ($system_tpl_ids)
AND st_path != '/cms%' " . $filter . "
ORDER BY st.st_order";
}
$rs = $conn->Execute($query);
if ($rs && !$rs->EOF)
{
while ($rs && !$rs->EOF)
{
$page_path = ltrim($rs->fields['st_path'], '/');
//$page_path = SERVER_NAME.BASE_PATH.'/index.php?t='.$page_path;
//$page_path = $page_path;
$prefix='';
for ($i = 0; $i < $level; $i++)
$prefix .= '--';
if ($level > 0)
$prefix=$prefix.'- ';
/*
$page = ereg_replace("&","&",$rs->fields['page_title']);
$page = ereg_replace("\"",""",$page);
$page = ereg_replace("'","'",$page);
$page = ereg_replace("<","<",$page);
$page = ereg_replace(">",">",$page);
// echo $page."
";
//$page = htmlentities($rs->fields['page_title'],ENT_QUOTES);
$page = $rs->fields['page_title'];
$page = ereg_replace("ã","a",$page);
*/
$page = $rs->fields['page_title'];
$page = @html_entity_decode($page,ENT_NOQUOTES,'UTF-8');
$page = @htmlspecialchars($page);
//$page = ereg_replace("ã","a",$page);
$res .= '';
$res .= ReadCmsTree($rs->fields['st_id'], $level+1);
$rs->MoveNext();
}
return $res;
}
}
/*
$res .= '
fields['st_id'].']]>
';
*/
function GetConfigValue($var)
{
$conn = GetADODbConnection();
$query = "SELECT `value` FROM config WHERE `name` = '".$var."'";
return $conn->GetOne($query);
}
function GetFoldersAndFiles( $resourceType, $currentFolder, $aParams = array('name','asc'))
{
global $Config ;
// Map the virtual path to the local server path.
if (isset($Config['K4Mode']))
$date_format = "m/d/Y h:i A";
else
$date_format = GetConfigValue('date_format').' '.GetConfigValue('time_format');
$sServerDir = ServerMapFolder( $resourceType, $currentFolder ) ;
// Initialize the output buffers for "Folders" and "Files".
$aFolders = array();
$aFiles = array();
$aFileSizes = array();
$sFolders = '' ;
$sFiles = '' ;
$oCurrentFolder = opendir( $sServerDir ) ;
while ( $sFile = readdir( $oCurrentFolder ) )
{
if ( $sFile != '.' && $sFile != '..' && $sFile != 'CVS')
{
if ( is_dir( $sServerDir . $sFile ) )
$aFolders[]=$sFile;
else
{
$iFileSize = filesize( $sServerDir . $sFile ) ;
//$iFileSize[] = filesize( $sServerDir . $sFile ) ;
if ( $iFileSize > 0 )
{
$size = round( $iFileSize / 1024 );
$aFileSizes[] = ($size < 1)? 1:$size;// round( $iFileSize / 1024 ) ;
} else
$aFileSizes[] = $iFileSize;
$aFiles[] = $sFile;
$aFileDate[] = filectime($sServerDir.$sFile);
//$sFiles .= '' ;
}
}
}
if (count($aFolders) > 0) {
natcasesort($aFolders);
switch ($aParams[1])
{
case 'desc' :
$aFolders = array_reverse($aFolders, true);
break ;
}
foreach($aFolders AS $k=>$v) {
$sFolders .= '' ;
}
}
if (count($aFiles) > 0) {
if ($aParams[0] == 'name')
{
natcasesort($aFiles);
if ($aParams[1] == 'desc')
{
$aFiles = array_reverse($aFiles, true);
}
foreach($aFiles AS $fk=>$fv) {
$sFiles .= '' ;
}
}elseif ($aParams[0] == 'size') {
natcasesort($aFileSizes);
if ($aParams[1] == 'desc')
{
$aFileSizes = array_reverse($aFileSizes, true);
}
foreach($aFileSizes AS $fk=>$fv) {
$sFiles .= '' ;
}
} elseif ($aParams[0] == 'date') {
natcasesort($aFileDate);
if ($aParams[1] == 'desc')
{
$aFileDate = array_reverse($aFileDate, true);
}
foreach($aFileDate AS $fk=>$fv) {
$sFiles .= '' ;
}
}
}
/* while ( $sFile = readdir( $oCurrentFolder ) )
{
if ( $sFile != '.' && $sFile != '..' && $sFile != 'CVS')
{
if ( is_dir( $sServerDir . $sFile ) )
//$sFolders .= '' ;
else
{
$iFileSize = filesize( $sServerDir . $sFile ) ;
if ( $iFileSize > 0 )
{
$iFileSize = round( $iFileSize / 1024 ) ;
if ( $iFileSize < 1 ) $iFileSize = 1 ;
}
$sFiles .= '' ;
}
}
*/
if ($aParams[1] == "desc")
{
echo $sFiles ;
echo '' ;
echo $sFolders ;
echo '' ;
} else {
echo $sFolders ;
echo '' ;
echo $sFiles ;
echo '' ;
}
}
function CreateFolder( $resourceType, $currentFolder )
{
$sErrorNumber = '0' ;
$sErrorMsg = '' ;
if ( isset( $_GET['NewFolderName'] ) )
{
$sNewFolderName = $_GET['NewFolderName'] ;
// Map the virtual path to the local server path of the current folder.
$sServerDir = ServerMapFolder( $resourceType, $currentFolder ) ;
if ( is_writable( $sServerDir ) )
{
$sServerDir .= $sNewFolderName ;
$sErrorMsg = CreateServerFolder( $sServerDir ) ;
switch ( $sErrorMsg )
{
case '' :
$sErrorNumber = '0' ;
break ;
case 'Invalid argument' :
case 'No such file or directory' :
$sErrorNumber = '102' ; // Path too long.
break ;
default :
$sErrorNumber = '110' ;
break ;
}
}
else
$sErrorNumber = '103' ;
}
else
$sErrorNumber = '102' ;
// Create the "Error" node.
echo '' ;
}
function UpdateCmsBlocksK3($resourceType,$currentFolder,$file_from,$file_to)
{
global $Config ;
$Config['UserFilesPathNoBase'];
$original_str = $Config['UserFilesPathNoBase'].$resourceType.$currentFolder.addslashes($file_from);
$new_str = $Config['UserFilesPathNoBase'].$resourceType.$currentFolder.addslashes($file_to);
$conn = GetADODbConnection();
if ( GetConfigValue('multilingual_mode') == 1) {
$query="SELECT lang_prefix FROM lang ORDER BY lang_id";
$rs = $conn->Execute($query);
while ($rs && !$rs->EOF) {
$sql = "UPDATE live_blocks SET ".$rs->fields['lang_prefix']."_content = replace(".$rs->fields['lang_prefix']."_content,'".$original_str."','".$new_str."')";
$conn->Execute($sql);
$rs->MoveNext();
}
} else {
$lang_prefix = GetConfigValue('default_lang_prefix');
$sql = "UPDATE live_blocks SET ".$lang_prefix."_content = replace(".$lang_prefix."_content,'".$original_str."','".$new_str."')";
$conn->Execute($sql);
}
}
function RenameFile( $resourceType, $currentFolder , $aFilenames = array())
{
global $Config ;
if (count($aFilenames) == 2)
{
$sServerDir = ServerMapFolder( $resourceType, $currentFolder ) ;
$sExtension = substr( $aFilenames[1], ( strrpos($aFilenames[1], '.') + 1 ) ) ;
$arAllowed = $Config['AllowedExtensions'][$resourceType] ;
$arDenied = $Config['DeniedExtensions'][$resourceType] ;
if (file_exists($sServerDir.$aFilenames[1]) && is_file($sServerDir.$aFilenames[1]))
{
$sErrorNumber = '204' ;
} else {
if ( ( count($arAllowed) == 0 || in_array( strtolower($sExtension), $arAllowed ) ) && ( count($arDenied) == 0 || !in_array( strtoupper($sExtension), $arDenied ) ) )
{
if (rename($sServerDir.$aFilenames[0],$sServerDir.$aFilenames[1])) {
if (isset($Config['K4Mode'])) {
// Update CMS Blocks
} else
UpdateCmsBlocksK3($resourceType,$currentFolder,$aFilenames[0],$aFilenames[1]);
$sErrorNumber = "0";
} else
$sErrorNumber = '205' ;
} else
$sErrorNumber = '203' ;
}
$sErrorMsg = '';
echo '' ;
}
}
function FileUpload( $resourceType, $currentFolder )
{
$sErrorNumber = '0' ;
$sFileName = '' ;
if ( isset( $_FILES['NewFile'] ) && !is_null( $_FILES['NewFile']['tmp_name'] ) )
{
$oFile = $_FILES['NewFile'] ;
// Map the virtual path to the local server path.
$sServerDir = ServerMapFolder( $resourceType, $currentFolder ) ;
// Get the uploaded file name.
$sFileName = $oFile['name'] ;
$sOriginalFileName = $sFileName ;
$sExtension = strtolower(substr( $sFileName, ( strrpos($sFileName, '.') + 1 ) ) );
global $Config ;
$arAllowed = $Config['AllowedExtensions'][$resourceType] ;
$arDenied = $Config['DeniedExtensions'][$resourceType] ;
if ( ( count($arAllowed) == 0 || in_array( $sExtension, $arAllowed ) ) && ( count($arDenied) == 0 || !in_array( $sExtension, $arDenied ) ) )
{
$iCounter = 0 ;
while ( true )
{
$sFilePath = $sServerDir . $sFileName ;
if ( is_file( $sFilePath ) )
{
$iCounter++ ;
$sFileName = RemoveExtension( $sOriginalFileName ) . '(' . $iCounter . ').' . $sExtension ;
$sErrorNumber = '201' ;
}
else
{
move_uploaded_file( $oFile['tmp_name'], $sFilePath ) ;
if ( is_file( $sFilePath ) )
{
$oldumask = umask(0) ;
chmod( $sFilePath, 0666 ) ;
umask( $oldumask ) ;
}
break ;
}
}
}
else
$sErrorNumber = '202' ;
}
else
$sErrorNumber = '202' ;
echo '' ;
exit ;
}
function DeleteConfirmedFiles($resourceType, $currentFolder, $aFiles)
{ global $Config;
$sServerDir = ServerMapFolder( $resourceType, $currentFolder ) ;
foreach ($aFiles AS $k=>$v) {
@unlink($sServerDir.$v);
}
}
function DeleteFiles($resourceType, $currentFolder, $files = '', $confirm=0)
{
global $Config ;
if ($files == '') return;
//$files = rtrim("|",$files);
$aFiles=explode("|",$files);
if (count($aFiles) == 0) return;
$conn = GetADODbConnection();
$aLangs = array();
$multilang = GetConfigValue('multilingual_mode');
$def_lang_prefix = GetConfigValue('default_lang_prefix');
if ($multilang)
{
$query="SELECT lang_prefix FROM lang ORDER BY lang_id";
$rs = $conn->Execute($query);
while ($rs && !$rs->EOF) {
$aLangs[] = $rs->fields['lang_prefix'];
$rs->MoveNext();
}
}
else {
$aLangs[] = $def_lang_prefix;
}
$sErrorNumber = 230;
if ($confirm == 1) {
DeleteConfirmedFiles($resourceType, $currentFolder, $aFiles);
echo '' ;
}
if (!$confirm) {
foreach ($aFiles AS $k=>$v) {
$add_sql = '';
if ($v == '')
continue;
$deleted_file = $Config['UserFilesPathNoBase'].$resourceType.$currentFolder.addslashes($v);
for($i=0; $i 0) {
$add_sql = rtrim($add_sql," OR");
$sql = "SELECT lb1.template_id, lb2.".$def_lang_prefix."_content FROM live_blocks AS lb1
LEFT JOIN live_blocks AS lb2 ON lb2.template_id = lb1.template_id AND lb2.block_num = 20
WHERE".$add_sql;
$rs = $conn->Execute($sql);
while ($rs && !$rs->EOF) {
$used = 1;
$page = $rs->fields[$def_lang_prefix.'_content'];
$page = @html_entity_decode($page,ENT_NOQUOTES,'UTF-8');
$page = @htmlspecialchars($page);
$ret_xml.= '' ;
$rs->MoveNext();
}
}
}
if ($ret_xml && !$confirm)
echo $ret_xml;
if (!$ret_xml && !$confirm) {
DeleteConfirmedFiles($resourceType, $currentFolder, $aFiles);
echo '' ;
}
}
}
function GetLangFromSid() {
$sid = $_COOKIE['admin_sid'];
$conn = GetADODbConnection();
$sql = "SELECT value FROM session_data WHERE name = 'old_translation_language' AND sid = $sid";
$translation_language = $conn->GetOne($sql);
return $translation_language;
}
?>