diff --git a/4dev/database/update/edit_update_missing_cuid.sql b/4dev/database/update/edit_update_missing_cuid.sql new file mode 100755 index 00000000..968eba46 --- /dev/null +++ b/4dev/database/update/edit_update_missing_cuid.sql @@ -0,0 +1,17 @@ +-- 2019/9/10 UPDATE missing cuid in edit_* tables + +UPDATE edit_access SET cuid = random_string(12) WHERE cuid IS NULL; +UPDATE edit_access_data SET cuid = random_string(12) WHERE cuid IS NULL; +UPDATE edit_access_right SET cuid = random_string(12) WHERE cuid IS NULL; +UPDATE edit_access_user SET cuid = random_string(12) WHERE cuid IS NULL; +UPDATE edit_group SET cuid = random_string(12) WHERE cuid IS NULL; +UPDATE edit_language SET cuid = random_string(12) WHERE cuid IS NULL; +UPDATE edit_log SET cuid = random_string(12) WHERE cuid IS NULL; +UPDATE edit_menu_group SET cuid = random_string(12) WHERE cuid IS NULL; +UPDATE edit_page SET cuid = random_string(12) WHERE cuid IS NULL; +UPDATE edit_page_access SET cuid = random_string(12) WHERE cuid IS NULL; +UPDATE edit_page_content SET cuid = random_string(12) WHERE cuid IS NULL; +UPDATE edit_query_string SET cuid = random_string(12) WHERE cuid IS NULL; +UPDATE edit_scheme SET cuid = random_string(12) WHERE cuid IS NULL; +UPDATE edit_user SET cuid = random_string(12) WHERE cuid IS NULL; +UPDATE edit_visible_group SET cuid = random_string(12) WHERE cuid IS NULL; diff --git a/www/admin/smarty_test.php b/www/admin/smarty_test.php index 9b054396..2ffa5807 100755 --- a/www/admin/smarty_test.php +++ b/www/admin/smarty_test.php @@ -15,6 +15,7 @@ $TEMPLATE_NAME = 'smarty_test.tpl'; $CSS_NAME = 'smart_test.css'; $USE_PROTOTYPE = false; $USE_JQUERY = true; +$JS_DATEPICKR = false; if ($USE_PROTOTYPE) { $ADMIN_JAVASCRIPT = 'edit.pt.js'; $JS_NAME = 'prototype.test.js'; diff --git a/www/includes/admin_header.inc b/www/includes/admin_header.inc index e9c3683d..585485d0 100644 --- a/www/includes/admin_header.inc +++ b/www/includes/admin_header.inc @@ -22,6 +22,8 @@ extract($_POST, EXTR_SKIP); //------------------------------ library include start // set output to quiet for load of classes & session settings ob_start(); +// set the session name +define('SET_SESSION_NAME', EDIT_SESSION_NAME); //------------------------------ library include end //------------------------------ basic variable settings start @@ -39,7 +41,7 @@ if (session_id() && $_SESSION['DEFAULT_LANG']) { if (array_key_exists('action', $_POST) && $_POST['action'] != 'download_csv') { header("Content-type: text/html; charset=".$encoding); } -if ($AJAX_PAGE && !$ZIP_STREAM) { +if (isset($AJAX_PAGE) && isset($ZIP_STREAM) && $AJAX_PAGE && !$ZIP_STREAM) { header("Content-Type: application/json; charset=UTF-8"); } //------------------------------ basic variable settings start @@ -84,7 +86,7 @@ if (!$login->login) { //------------------------------ page rights start // flag if to show the edit access id drop down list // check if we have more than one EA ID -$cms->DATA['show_ea_extra'] = $login->acl['acl']['show_ea_extra']; +$cms->DATA['show_ea_extra'] = $login->acl['show_ea_extra']; //------------------------------ page rights ned // automatic hide for DEBUG messages on live server diff --git a/www/includes/admin_set_paths.inc b/www/includes/admin_set_paths.inc index 6e5b1654..933f1995 100644 --- a/www/includes/admin_set_paths.inc +++ b/www/includes/admin_set_paths.inc @@ -36,7 +36,7 @@ if (!isset($CONTENT_INCLUDE)) { } $FORM_NAME = !isset($FORM_NAME) || !$FORM_NAME ? str_replace(".php", "", $cms->page_name) : $FORM_NAME; // set local page title -$L_TITLE = ucfirst(str_replace('_', ' ', $cms->getPageName(1))).' - '.$G_TITLE; +$L_TITLE = ucfirst(str_replace('_', ' ', $cms->getPageName(1))).(defined(G_TITLE) ? ' - '.G_TITLE : ''); // strip tpl and replace it with inc // php include file per page $cms->INC_TEMPLATE_NAME = str_replace(".tpl", ".inc", $CONTENT_INCLUDE); @@ -78,7 +78,7 @@ if (file_exists($cms->includes.$cms->INC_TEMPLATE_NAME) && include($cms->includes.$cms->INC_TEMPLATE_NAME); } // only CSS/JS/etc include stuff if we have non AJAX page -if (!$AJAX_PAGE) { +if (isset($AJAX_PAGE) && !$AJAX_PAGE) { // check for template include if (isset($USE_INCLUDE_TEMPLATE) && $USE_INCLUDE_TEMPLATE === true && !isset($TEMPLATE_NAME)) { $TEMPLATE_NAME = $CONTENT_INCLUDE; @@ -135,9 +135,9 @@ if (false === strstr(BASE.INCLUDES.LANG.CONTENT_PATH, $cms->lang_dir) || } } -if (!$AJAX_PAGE) { +if (isset($AJAX_PAGE) && !$AJAX_PAGE) { // javascript translate data as template for auto translate - if (!$TEMPLATE_TRANSLATE) { + if (empty($TEMPLATE_TRANSLATE)) { $TEMPLATE_TRANSLATE = 'jsTranslate_'.$lang.'.tpl'; $cms->debug('LANG', 'Load lang: '.$lang.', for page file '.$TEMPLATE_TRANSLATE); } else { diff --git a/www/includes/admin_smarty.inc b/www/includes/admin_smarty.inc index 985e217c..2cc4d056 100644 --- a/www/includes/admin_smarty.inc +++ b/www/includes/admin_smarty.inc @@ -16,6 +16,31 @@ if ($cms->HEADER['USE_PROTOTYPE']) { // jquery and prototype should not be used together $cms->HEADER['USE_JQUERY'] = isset($USE_JQUERY) ? $USE_JQUERY : USE_JQUERY; // don't use either of those two together +// check if we have an external file with the template name +if (file_exists($cms->includes.$cms->INC_TEMPLATE_NAME) && is_file($cms->includes.$cms->INC_TEMPLATE_NAME)) { + include($cms->includes.$cms->INC_TEMPLATE_NAME); +} +// additional per page Javascript include +$cms->JS_INCLUDE = ''; +if (file_exists($cms->javascript.$cms->JS_TEMPLATE_NAME) && is_file($cms->javascript.$cms->JS_TEMPLATE_NAME)) { + $cms->JS_INCLUDE = $cms->javascript.$cms->JS_TEMPLATE_NAME; +} +// per page css file +$cms->CSS_INCLUDE = ''; +if (file_exists($cms->css.$cms->CSS_TEMPLATE_NAME) && is_file($cms->css.$cms->CSS_TEMPLATE_NAME)) { + $cms->CSS_INCLUDE = $cms->css.$cms->CSS_TEMPLATE_NAME; +} +// optional CSS file +$cms->CSS_SPECIAL_INCLUDE = ''; +if (file_exists($cms->css.$cms->CSS_SPECIAL_TEMPLATE_NAME) && is_file($cms->css.$cms->CSS_SPECIAL_TEMPLATE_NAME)) { + $cms->CSS_SPECIAL_INCLUDE = $cms->css.$cms->CSS_SPECIAL_TEMPLATE_NAME; +} +// optional JS file +$cms->JS_SPECIAL_INCLUDE = ''; +if (file_exists($cms->javascript.$cms->JS_SPECIAL_TEMPLATE_NAME) && is_file($cms->javascript.$cms->JS_SPECIAL_TEMPLATE_NAME)) { + $cms->JS_SPECIAL_INCLUDE = $cms->javascript.$cms->JS_SPECIAL_TEMPLATE_NAME; +} + // the actual include files for javascript (per page) $cms->HEADER['JS_INCLUDE'] = $cms->JS_INCLUDE; $cms->HEADER['CSS_INCLUDE'] = $cms->CSS_INCLUDE; @@ -54,6 +79,9 @@ $cms->DATA['CONTENT_INCLUDE'] = $CONTENT_INCLUDE; // LANG $cms->DATA['LANG'] = $lang; $cms->DATA['TINYMCE_LANG'] = $lang_short; +$cms->DATA['USE_TINY_MCE'] = isset($USE_TINY_MCE) ? $USE_TINY_MCE : false; +$cms->DATA['JS_DATEPICKR'] = isset($JS_DATEPICKR) ? $JS_DATEPICKR : false; +$cms->DATA['JS_FLATPICKR'] = isset($JS_FLATPICKR) ? $JS_FLATPICKR : false; // debug data, if DEBUG flag is on, this data is print out $cms->DEBUG_DATA['debug_error_msg'] = $cms->runningTime(); diff --git a/www/includes/table_arrays/array_edit_pages.inc b/www/includes/table_arrays/array_edit_pages.inc index 466523ae..33de53cf 100644 --- a/www/includes/table_arrays/array_edit_pages.inc +++ b/www/includes/table_arrays/array_edit_pages.inc @@ -92,7 +92,7 @@ $edit_pages = array ( 'content_alias_edit_page_id' => array ( 'value' => isset($GLOBALS['content_alias_edit_page_id']) ? $GLOBALS['content_alias_edit_page_id'] : '', 'output_name' => 'Content Alias Source', - 'int' => 1, + 'int_null' => 1, 'type' => 'drop_down_db', // query creation 'select_distinct' => 0, diff --git a/www/lib/CoreLibs/ACL/Login.inc b/www/lib/CoreLibs/ACL/Login.inc index f1e7b144..1475f3af 100644 --- a/www/lib/CoreLibs/ACL/Login.inc +++ b/www/lib/CoreLibs/ACL/Login.inc @@ -541,12 +541,13 @@ class Login extends \CoreLibs\DB\IO } // user has permission to THIS page } // user was not enabled or other login error if ($this->login_error) { + $login_error_date_first = ''; if ($res['login_error_count'] == 0) { - $login_error_date_first = ', login_error_date_first = NOW()'; + $login_error_date_first = ", login_error_date_first = NOW()"; } // update login error count for this user $q = "UPDATE edit_user "; - $q .= "SET login_error_count = login_error_count + 1, login_error_date_last = NOW() $login_error_date_first "; + $q .= "SET login_error_count = login_error_count + 1, login_error_date_last = NOW() ".$login_error_date_first." "; $q .= "WHERE edit_user_id = ".$res['edit_user_id']; $this->dbExec($q); // totally lock the user if error max is reached diff --git a/www/lib/CoreLibs/Admin/Backend.inc b/www/lib/CoreLibs/Admin/Backend.inc index b02035b2..0c4b5996 100644 --- a/www/lib/CoreLibs/Admin/Backend.inc +++ b/www/lib/CoreLibs/Admin/Backend.inc @@ -159,9 +159,12 @@ class Backend extends \CoreLibs\DB\IO } // get the session pages array - $pages = $_SESSION["PAGES"]; - if (!is_array($pages)) { - $pages = array (); + $PAGES = $_SESSION['PAGES']; + if (!isset($PAGES) || !is_array($PAGES)) { + $PAGES = array (); + } + foreach ($PAGES as $PAGE_CUID => $PAGE_DATA) { + $pages[] = $PAGE_DATA; } // $this->debug('pages', $this->print_ar($pages)); // if flag is 0, then we show all, else, we show only the matching flagges array points @@ -170,10 +173,10 @@ class Backend extends \CoreLibs\DB\IO for ($i = 0, $iMax = count($pages); $i < $iMax; $i ++) { $show = 0; // is it visible in the menu & is it online - if ($pages[$i]["menu"] && $pages[$i]["online"]) { + if ($pages[$i]['menu'] && $pages[$i]['online']) { // check if it falls into our flag if we have a flag if ($flag) { - foreach ($pages[$i]["visible"] as $name => $key) { + foreach ($pages[$i]['visible'] as $name => $key) { if ($key == $flag) { $show = 1; } @@ -185,43 +188,51 @@ class Backend extends \CoreLibs\DB\IO if ($show) { // if it is popup, write popup arrayound - if ($pages[$i]["popup"]) { - $type = "popup"; + if (isset($pages[$i]['popup']) && $pages[$i]['popup']) { + $type = 'popup'; } else { - $type = "normal"; + $type = 'normal'; + $pages[$i]['popup'] = 0; } $query_string = ''; - if (count($pages[$i]["query"])) { - for ($j = 0, $jMax = count($pages[$i]["query"]); $j < $jMax; $j ++) { + if (count($pages[$i]['query'])) { + for ($j = 0, $jMax = count($pages[$i]['query']); $j < $jMax; $j ++) { if (strlen($query_string)) { - $query_string .= "&"; + $query_string .= '&'; } - $query_string .= $pages[$i]["query"][$j]["name"]."="; - if (!$pages[$i]["query"][$j]["dynamic"]) { - $query_string .= urlencode($pages[$i]["query"][$j]["value"]); + $query_string .= $pages[$i]['query'][$j]['name'].'='; + if (!$pages[$i]['query'][$j]['dynamic']) { + $query_string .= urlencode($pages[$i]['query'][$j]['value']); } else { - $query_string .= $_GET[$pages[$i]["query"][$j]["value"]] ? urlencode($_GET[$pages[$i]["query"][$j]["value"]]) : urlencode($_POST[$pages[$i]["query"][$j]["value"]]); + $query_string .= $_GET[$pages[$i]['query'][$j]['value']] ? urlencode($_GET[$pages[$i]['query'][$j]['value']]) : urlencode($_POST[$pages[$i]['query'][$j]['value']]); } } } - $url = $pages[$i]["filename"]; + $url = $pages[$i]['filename']; if (strlen($query_string)) { - $url .= "?".$query_string; + $url .= '?'.$query_string; } - $name = $pages[$i]["page_name"]; + $name = $pages[$i]['page_name']; // if page name matchs -> set selected flag $selected = 0; - if ($this->getPageName() == $pages[$i]["filename"]) { + if ($this->getPageName() == $pages[$i]['filename']) { $selected = 1; $this->page_name = $name; } // last check, is this menu point okay to show $enabled = 0; - if ($this->adbShowMenuPoint($pages[$i]["filename"])) { + if ($this->adbShowMenuPoint($pages[$i]['filename'])) { $enabled = 1; } // write in to view menu array - array_push($this->menu, array("name" => $this->l->__($name), "url" => $url, "selected" => $selected, "enabled" => $enabled, "type" => $type)); + array_push($this->menu, array( + 'name' => $this->l->__($name), + 'url' => $url, + 'selected' => $selected, + 'enabled' => $enabled, + 'popup' => $type == 'popup' ? 1 : 0, + 'type' => $type + )); } // show page } // online and in menu } // for each page diff --git a/www/lib/CoreLibs/Basic.inc b/www/lib/CoreLibs/Basic.inc index 14810c1c..8109cfbe 100644 --- a/www/lib/CoreLibs/Basic.inc +++ b/www/lib/CoreLibs/Basic.inc @@ -689,7 +689,7 @@ class Basic $fn = str_replace('##LOGID##', $rpl_string, $fn); // log id (like a log file prefix) if ($this->log_per_run) { - if ($GLOBALS['LOG_FILE_UNIQUE_ID']) { + if (isset($GLOBALS['LOG_FILE_UNIQUE_ID'])) { $this->log_file_unique_id = $GLOBALS['LOG_FILE_UNIQUE_ID']; } if (!$this->log_file_unique_id) { diff --git a/www/lib/CoreLibs/Output/Form/Generate.inc b/www/lib/CoreLibs/Output/Form/Generate.inc index a9d7719f..676b597f 100644 --- a/www/lib/CoreLibs/Output/Form/Generate.inc +++ b/www/lib/CoreLibs/Output/Form/Generate.inc @@ -804,7 +804,7 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO $query .= " WHERE ".$this->table_array[$element_name]['where']; } // not self where - if (!empty($this->table_array[$element_name]['where_not_self'])) { + if (!empty($this->table_array[$element_name]['where_not_self']) && isset($this->table_array[$this->int_pk_name]['value']) && $this->table_array[$this->int_pk_name]['value']) { // check if query has where already if (strstr($query, 'WHERE') === false) { $query .= " WHERE "; @@ -1447,14 +1447,14 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO $no_write[$i] = 1; } // $this->debug('REF ELEMENT', "[$i] [".$prfx.$el_name."]: MANDATORY: ".isset($data_array['mandatory'])." SET: ".isset($_POST[$prfx.$el_name][$i]).", EMPTY: ".empty($_POST[$prfx.$el_name][$i])." | DO ACTION ".((!isset($_POST[$prfx.$el_name][$i]) || (isset($_POST[$prfx.$el_name][$i]) && empty($_POST[$prfx.$el_name][$i]))) ? 'YES' : 'NO')." => NO WRITE: ".$no_write[$i]); - if (isset($reference_array['enable_name']) && - isset($reference_array['delete']) && - !isset($_POST[$reference_array['enable_name']][$i]) + if (!empty($reference_array['enable_name']) && + isset($reference_array['delete']) && $reference_array['delete'] && + (!isset($_POST[$reference_array['enable_name']][$i]) || empty($_POST[$reference_array['enable_name']][$i])) ) { $no_write[$i] = 1; } // $this->debug('REF ELEMENT', "[$i] [".$prfx.$el_name."]: ENABLED NAME: ".isset($reference_array['enable_name']).", DELETE: ".isset($reference_array['delete']).", NOT ENABLED FOR POS: ".(isset($reference_array['enable_name']) ? isset($_POST[$reference_array['enable_name']][$i]) : '-')); - // $this->debug('REF ELEMENT', "[$i] [".$prfx.$el_name."]: WRITE: ".$no_write[$i]); + $this->debug('REF ELEMENT', "[$i] [".$prfx.$el_name."]: WRITE: ".$no_write[$i]); // flag if data is in the text field and we are in a reference data set if (isset($reference_array['type']) && $reference_array['type'] == 'reference_data') { if ($data_array['type'] == 'text' && isset($_POST[$prfx.$el_name][$i])) { @@ -1472,7 +1472,7 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO $q_begin[$i] = 'UPDATE '.$table_name.' SET '; $q_end[$i] = ' WHERE '.$el_name.' = '.$_POST[$prfx.$el_name][$i]; $type[$i] = 'update'; - // $this->debug('REF ELEMENT', 'SET UPDATE'); + $this->debug('REF ELEMENT', 'SET UPDATE'); } elseif (isset($data_array['pk_id']) && !empty($data_array['pk_id']) && empty($_POST[$prfx.$el_name][$i]) @@ -1481,7 +1481,7 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO $q_middle[$i] = ') VALUES ('; $q_end[$i] = ')'; $type[$i] = 'insert'; - // $this->debug('REF ELEMENT', 'SET INSERT'); + $this->debug('REF ELEMENT', 'SET INSERT'); } // $this->debug('REF ELEMENT', "[$i] [".$prfx.$el_name."] PK SET: ".isset($data_array['pk_id']).'/'.empty($data_array['pk_id']).', KEY SET: '.empty($_POST[$prfx.$el_name][$i])." -> TYPE: ".(isset($type[$i]) ? $type[$i] : '-')); // write all data (insert/update) because I don't know until all are processed if it is insert or update diff --git a/www/media/video/.gitignore b/www/media/video/.gitignore new file mode 100644 index 00000000..d6b7ef32 --- /dev/null +++ b/www/media/video/.gitignore @@ -0,0 +1,2 @@ +* +!.gitignore