diff options
| author | neoraider <devnull@localhost> | 2006-01-19 02:11:03 +0100 |
|---|---|---|
| committer | neoraider <devnull@localhost> | 2006-01-19 02:11:03 +0100 |
| commit | 6185e517923e4bc2e64cfc6bcd39c6df4b455316 (patch) | |
| tree | 16fbed1bb2fee5940ed08a91e69dd0604dc8bda3 | |
| parent | c630a2d50349c57660cfc98eb13ec71444b27610 (diff) | |
| download | neon-6185e517923e4bc2e64cfc6bcd39c6df4b455316.tar neon-6185e517923e4bc2e64cfc6bcd39c6df4b455316.zip | |
Cookie-Login aktiviert. Handler nochmal etwas ?berarbeitet. Seiten k?nnen jetzt bearbeitet werden.
| -rw-r--r-- | code/pages.inc.php | 37 | ||||
| -rw-r--r-- | code/user.inc.php | 8 | ||||
| -rw-r--r-- | handlers/default.inc.php | 32 | ||||
| -rw-r--r-- | handlers/phpexec.inc.php | 26 | ||||
| -rw-r--r-- | styles/GreenGrid/style.css | 14 | ||||
| -rw-r--r-- | templates/default | 4 |
6 files changed, 99 insertions, 22 deletions
diff --git a/code/pages.inc.php b/code/pages.inc.php index 541b0ea..f24f283 100644 --- a/code/pages.inc.php +++ b/code/pages.inc.php @@ -9,7 +9,7 @@ class Pages { function Get($name, $type) { if(!$this->Exists($name, $type)) { - $message = $GLOBALS['handlers']['default']->HandleErrorMessage('PageNotFound', array('page' => $name)); + $message = $GLOBALS['handlers']['default']->ErrorMessage('PageNotFound', array('page' => $name)); if(!$message['title']) $message['title'] = $name; @@ -19,7 +19,7 @@ $res = DBQuery('SELECT handler, data FROM pages WHERE name = ? AND type = ?', array($name, $type)); if(!$this->HasAccess($name, $type)) { - $message = $GLOBALS['handlers'][$res->fields[0]]->HandleErrorMessage('Forbidden', array('page' => $name)); + $message = $GLOBALS['handlers'][$res->fields[0]]->ErrorMessage('Forbidden', array('page' => $name)); if(!$message['title']) $message['title'] = $name; @@ -30,7 +30,33 @@ $data = array_map('stripslashes', $data); $data['_page'] = $name; - return $GLOBALS['handlers'][$res->fields[0]]->HandleContentData($data); + return $GLOBALS['handlers'][$res->fields[0]]->Get($data); + } + + function Edit($name, $type) { + if(!$this->Exists($name, $type)) { + $message = $GLOBALS['handlers']['default']->ErrorMessage('PageNotFound', array('page' => $name)); + + if(!$message['title']) $message['title'] = $name; + + return $message; + } + + $res = DBQuery('SELECT handler, data FROM pages WHERE name = ? AND type = ?', array($name, $type)); + + if(!$GLOBALS['user']->IsAdmin()) { + $message = $GLOBALS['handlers'][$res->fields[0]]->ErrorMessage('Forbidden', array('page' => $name)); + + if(!$message['title']) $message['title'] = $name; + + return $message; + } + + parse_str($res->fields[1], $data); + $data = array_map('stripslashes', $data); + $data['_page'] = $name; + + return $GLOBALS['handlers'][$res->fields[0]]->Edit($data); } function Exists($name, $type) { @@ -40,12 +66,9 @@ } function HasAccess($name, $type) { - $user = $GLOBALS['user']; - $res = DBQuery('SELECT access FROM pages WHERE name = ? AND type = ?', array($name, $type)); - return ((($user->GetUid() != 0) && ($user->GetGid() == 0)) - || ($res->fields[0] & (1 << $user->GetGid())) != 0); + return ($GLOBALS['user']->IsAdmin() || ($res->fields[0] & (1 << $GLOBALS['user']->GetGid())) != 0); } } diff --git a/code/user.inc.php b/code/user.inc.php index 34b12f2..4899612 100644 --- a/code/user.inc.php +++ b/code/user.inc.php @@ -53,6 +53,8 @@ $this->type = 'url'; $this->key = $sid . $id; + setcookie('login', $this->key); + return $id; } @@ -67,6 +69,12 @@ $this->type = ''; $this->key = ''; + + setcookie('login'); + } + + function IsAdmin() { + return ($this->uid != 0 && $this->gid == 0); } function GetUid() { diff --git a/handlers/default.inc.php b/handlers/default.inc.php index 2e2cd96..f273fdb 100644 --- a/handlers/default.inc.php +++ b/handlers/default.inc.php @@ -2,19 +2,37 @@ include('code/message.inc.php'); class default_handler { - function HandleContentData($data) { - $tr = array('<' => '<', '>' => '>', '&' => '&', '"' => '"', "\n" => '<br />', "\r" => ''); - + function Get($data) { if($data['title']) - $title = strtr($data['title'], $tr); + $title = strtr($data['title'], array('<' => '<', '>' => '>', '&' => '&', '"' => '"')); else $title = strtr($data['_page'], array(':' => ' - ')); - $content = '<h2>' . $title . '</h2>' . strtr($data['content'], $tr); + $content = '<h2>' . $title . '</h2>' . strtr($data['content'], array('<' => '<', '>' => '>', '&' => '&', + '"' => '"', "\n" => '<br />', "\r" => '')); return array('title' => $title, 'content' => $content); } - - function HandleErrorMessage($type, $data = array()) { + + function Edit($data) { + $title = 'Edit \'' . $data['_page'] . '\''; + + $content = '<form method="post" action="' . $GLOBALS['links']->GetNeonLink('Pages:Do') . '">'; + $content .= '<input type="hidden" name="do" value="edit" />'; + $content .= '<input type="hidden" name="id" value="' . $_POST['id'] . '" />'; + $content .= 'Titel: '; + $content .= '<input type="text" name="title" value="'; + $content .= strtr($data['title'], array('<' => '<', '>' => '>', '&' => '&', '"' => '"')); + $content .= '" size="70" /><br />'; + $content .= '<textarea name="content" class="pageedit" rows="25" cols="70">'; + $content .= strtr($data['content'], array('<' => '<', '>' => '>', '&' => '&', '"' => '"')); + $content .= '</textarea><br />'; + $content .= '<input type="submit" value="Änderungen übernehmen" />'; + $content .= '</form>'; + + return array('title' => $title, 'content' => $content); + } + + function ErrorMessage($type, $data = array()) { return array('content' => '<span class="error">' . Message($type, $data) . '</span>', 'title' => Message('error')); } } diff --git a/handlers/phpexec.inc.php b/handlers/phpexec.inc.php index 76ac18e..3754fd4 100644 --- a/handlers/phpexec.inc.php +++ b/handlers/phpexec.inc.php @@ -1,12 +1,11 @@ <?PHP include('code/message.inc.php'); + include('code/links.inc.php'); class phpexec_handler { - function HandleContentData($data) { - $tr = array('<' => '<', '>' => '>', '&' => '&', '"' => '"', "\n" => '<br />', "\r" => ''); - + function Get($data) { if($data['title']) - $title = strtr($data['title'], $tr); + $title = strtr($data['title'], array('<' => '<', '>' => '>', '&' => '&', '"' => '"')); else $title = strtr($data['_page'], array(':' => ' - ')); @@ -19,8 +18,23 @@ return array('title' => $title, 'content' => $content); } - - function HandleErrorMessage($type, $data = array()) { + + function Edit($data) { + $title = 'Edit \'' . $data['_page'] . '\''; + + $content = '<form method="post" action="' . $GLOBALS['links']->GetNeonLink('Pages:Do') . '">'; + $content .= '<input type="hidden" name="do" value="edit" />'; + $content .= '<input type="hidden" name="id" value="' . $_POST['id'] . '" />'; + $content .= '<textarea name="code" class="pageedit_phpexec" rows="25" cols="70">'; + $content .= strtr($data['code'], array('<' => '<', '>' => '>', '&' => '&', '"' => '"')); + $content .= '</textarea><br />'; + $content .= '<input type="submit" value="Änderungen übernehmen" />'; + $content .= '</form>'; + + return array('title' => $title, 'content' => $content); + } + + function ErrorMessage($type, $data = array()) { return array('content' => '<span class="error">' . Message($type, $data) . '</span>', 'title' => Message('error')); } } diff --git a/styles/GreenGrid/style.css b/styles/GreenGrid/style.css index 6a91eb0..4cb9f78 100644 --- a/styles/GreenGrid/style.css +++ b/styles/GreenGrid/style.css @@ -28,6 +28,20 @@ input, textarea, select { font-family:Larabiefont, Westminster, Courier, monospace; } +select.pagelist { + width:50%; + margin-bottom:0.8em; +} + +textarea.pageedit { + width:100%; + margin:0.8em 0; +} + +textarea.pageedit_phpexec { + width:100%; + margin-bottom:0.8em; +} div#content { text-align:justify; diff --git a/templates/default b/templates/default index 8768a7e..4392474 100644 --- a/templates/default +++ b/templates/default @@ -1,6 +1,6 @@ <?xml version="1.0" encoding="UTF-8" ?> -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" - "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" + "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html> <head> <title>$title</title> |