Index: trunk/admin/editor/cmseditor/editor/filemanager/browser/default/connectors/php/commands.php
===================================================================
diff -u -N -r7821 -r7855
--- trunk/admin/editor/cmseditor/editor/filemanager/browser/default/connectors/php/commands.php (.../commands.php) (revision 7821)
+++ trunk/admin/editor/cmseditor/editor/filemanager/browser/default/connectors/php/commands.php (.../commands.php) (revision 7855)
@@ -46,16 +46,11 @@
echo "" ;
}
-function ValidateSID()
+function ValidateAdminSid()
{
- global $Config;
- if (isset($Config['K4Mode'])) {
- return true;
- }
- else {
$conn = GetADODbConnection();
$session_time = GetConfigValue('ses_timeout')+0;
- $sid = $_COOKIE['admin_sid'];
+ $sid = ($_COOKIE['admin_sid'])?$_COOKIE['admin_sid']:$_COOKIE['sid'];
$sql = "SELECT count( sd.sid )
FROM session_data AS sd
LEFT JOIN sessions AS s ON s.sid = sd.sid
@@ -65,9 +60,32 @@
AND s.expire + '".$session_time."' > unix_timestamp()";
if ($conn->GetOne($sql) > 0) {
return true;
- } else {
- echo "SESSION Validation FALSE";
+}
+function ValidateUserSid()
+{
+ $conn = GetADODbConnection();
+ $session_time = GetConfigValue('ses_timeout')+0;
+ $sid = $_COOKIE['sid'];
+ $sql = "SELECT count( sd.sid )
+ FROM sessions
+ sid = '".$sid."'
+ AND expire + '".$session_time."' > unix_timestamp()";
}
+ if ($conn->GetOne($sql) > 0)
+ return true;
+}
+function ValidateSID()
+{ global $Config;
+ if (isset($Config['K4Mode']))
+ return true;
+ else {
+ if ($Config['validate_type'] == 'user')
+ return ValidateUserSid();
+ elseif ($Config['validate_type'] == 'admin')
+ return ValidateAdminSid();
+ else
+ echo "SESSION Validation FALSE";
+
}
return false;
}
@@ -94,14 +112,21 @@
if ($application->isModuleEnabled('Proj-CMS')) {
$lang = $application->GetVar('m_lang');
- $query = 'SELECT CategoryId, NamedParentPath, l'.$lang.'_Title AS Title FROM '.TABLE_PREFIX.'Category ORDER By l'.$lang.'_Title';
- $pages = $application->Conn->Query($query);
+ $st =& $application->recallObject('st.-dummy');
+ $st_options = $application->getUnitOption('st'.'.ParentId', 'Fields');
+ $pages = $st_options['options'];
+ $page_ids = array_keys($pages);
+ $tpls = $application->Conn->GetCol('SELECT NamedParentPath, CategoryId FROM '.TABLE_PREFIX.'Category WHERE CategoryId IN ('.join(',', $page_ids).')', 'CategoryId');
+// $query = 'SELECT CategoryId, NamedParentPath, l'.$lang.'_Name AS Title FROM '.TABLE_PREFIX.'Category ORDER By l'.$lang.'_Title';
+// $pages = $application->Conn->Query($query);
+
$res = '';
- foreach ($pages as $page) {
- $page_path = preg_replace('/^content\//', '', strtolower($page['NamedParentPath']).'.html');
- $title = $page['Title'].' ('.$page_path.')';
- $res .= '';
+ foreach ($pages as $id => $title) {
+ $page_path = preg_replace('/^content\//', '', strtolower($tpls[$id]).'.html');
+ $title = $title.' ('.$page_path.')';
+ $real_url = $application->HREF($tpls[$id], '', null, 'index.php');
+ $res .= '';
}
}
else {
@@ -129,7 +154,6 @@
if ($rs && !$rs->EOF)
{
$default_lang_prefix = $rs->fields['value'];
- $lang_prefix = GetLangFromSid();
}
$query = "SELECT value FROM config WHERE name = 'cms_direct_mode'";
$rs = $conn->Execute($query);
@@ -162,11 +186,12 @@
if (!$system_tpl_ids)
$system_tpl_ids = '0';
if ( $cms_mode == 1 ) {
+ //$lang_prefix = $this->Application->GetVar('lang_prefix');
$query = "
SELECT st.*,
- IF(lb.".$lang_prefix."_content='' OR lb.".$lang_prefix."_content IS NULL,
+ IF(lb.".$default_lang_prefix."_content='' OR lb.".$default_lang_prefix."_content IS NULL,
st.st_path,
- lb.".$lang_prefix."_content
+ lb.".$default_lang_prefix."_content
) AS page_title
FROM
structure_templates AS st
@@ -193,8 +218,7 @@
working_blocks AS wb
ON
(st.st_id = wb.template_id) AND (wb.block_type = 3)
- WHERE
- st.st_parent_id = ".$st_id."
+ WHERE st.st_parent_id = ".$st_id."
AND st_id != ".$email_templates_folder_id."
AND st.st_id NOT IN ($system_tpl_ids)
AND st_path != '/cms%' " . $filter . "
@@ -254,7 +278,7 @@
function GetFoldersAndFiles( $resourceType, $currentFolder, $aParams = array('name','asc'))
{
- global $Config;
+ global $Config ;
// Map the virtual path to the local server path.
if (isset($Config['K4Mode']))
$date_format = "m/d/Y h:i A";
@@ -436,7 +460,7 @@
{
$sErrorNumber = '204' ;
} else {
- if ( ( count($arAllowed) == 0 || in_array( $sExtension, $arAllowed ) ) && ( count($arDenied) == 0 || !in_array( $sExtension, $arDenied ) ) )
+ if ( ( count($arAllowed) == 0 || in_array( strtolower($sExtension), $arAllowed ) ) && ( count($arDenied) == 0 || !in_array( strtoupper($sExtension), $arDenied ) ) )
{
if (rename($sServerDir.$aFilenames[0],$sServerDir.$aFilenames[1])) {
if (isset($Config['K4Mode'])) {
@@ -466,7 +490,7 @@
// Get the uploaded file name.
$sFileName = $oFile['name'] ;
$sOriginalFileName = $sFileName ;
- $sExtension = substr( $sFileName, ( strrpos($sFileName, '.') + 1 ) ) ;
+ $sExtension = strtolower(substr( $sFileName, ( strrpos($sFileName, '.') + 1 ) ) );
global $Config ;
$arAllowed = $Config['AllowedExtensions'][$resourceType] ;
$arDenied = $Config['DeniedExtensions'][$resourceType] ;
@@ -574,7 +598,6 @@
echo '' ;
}
}
-}
function GetLangFromSid() {