null, 'Logout.c' => null, 'Pages.c' => null, 'Pages:Copy.c' => null, 'Pages:Delete.c' => null, 'Pages:Edit.c' => null, 'Pages:Handle.c' => null, 'Pages:New.c' => null, 'Pages:Rename.c' => null, 'Privileges.c' => null, 'Privileges:Update.c' => null, 'Users.c' => null, 'Users:Delete.c' => null, 'Users:Group.c' => null, 'Users:Handle.c' => null, 'Users:New.c' => null, 'Users:Password.c' => null, 'Users:Rename.c' => null, 'Login.n' => null, 'default.e' => null, 'phpexec.e' => null ); function Get($page, $type, $extra = null) { if(!$this->Exists($page, $type)) return array('title' => $page, 'content' => ErrorMessage('PageNotFound', array('page' => $page))); if(!$this->HasAccess($page, $type)) return array('title' => $page, 'content' => ErrorMessage('Forbidden', array('page' => $page))); $pagedata = $this->GetPageData($page, $type); $data = $pagedata['data']; if($extra) $data = array_merge($data, $extra); $data['_page'] = $page; $data['_type'] = $type; return $GLOBALS['templates'][$pagedata['template']]->Get($data); } function GetEditor($page, $type) { if(!$this->Exists($page, $type)) return array('title' => $page, 'content' => ErrorMessage('PageNotFound', array('page' => $page))); if(!$GLOBALS['user']->IsAdmin()) return array('title' => $page, 'content' => ErrorMessage('Forbidden', array('page' => $page))); $pagedata = $this->GetPageData($page, $type); $data = $pagedata['data']; $data['_page'] = $page; $data['_type'] = $type; return $this->Get($pagedata['template'], 'e', array('_data' => $data)); } function Exists($page, $type) { if(array_key_exists($page . '.' . $type, $this->pages)) return true; if(array_key_exists($page . '.' . $type, $GLOBALS['modules']->pages)) return true; $res = $GLOBALS['db']->Execute('SELECT id FROM pages WHERE name = ? AND type = ?', array($page, $type)); return ($res->RecordCount() > 0); } function HasAccess($page, $type) { if(!$this->Exists($page, $type)) return false; if($GLOBALS['user']->IsAdmin()) return true; $gid = $GLOBALS['user']->gid; $access = $this->GetAccess($page, $type); return ((hexdec($access[$gid/4]) & (1 << ($gid%4))) != 0); } function GetPageData($page, $type) { if(!$this->Exists($page, $type)) return null; if(!$this->pages[$page . '.' . $type]) { $res = $GLOBALS['db']->Execute('SELECT template, data FROM pages WHERE name = ? AND type = ?', array($page, $type)); if($res->RecordCount()) { parse_str($res->fields[1], $data); $data = array_map('Unquote', $data); $this->pages[$page . '.' . $type] = array('name' => $page, 'type' => $type, 'template' => $res->fields[0], 'access' => '', 'data' => $data); } else { $filename = $GLOBALS['modules']->pages[$page . '.' . $type]; if(!$filename) $filename = 'pages/' . strtr($page, array(':' => '/')) . '.' . $type . '.xml'; $xmldata = $GLOBALS['xmlparser']->ParseFile($filename); if(!$xmldata) return null; $info = $GLOBALS['xmlparser']->FindTag($xmldata, 'info'); if(!$info) return null; $template = $GLOBALS['xmlparser']->FindTag($info, 'template'); if(!$template) return null; if(count($template['children']) != 1) return; if(!is_string($template['children'][0])) return; $template = $template['children'][0]; $access = $GLOBALS['xmlparser']->FindTag($info, 'access'); if(!$access) return null; if(count($access['children']) != 1) return; if(!is_string($access['children'][0])) return; $access = $access['children'][0]; $rawdata = $GLOBALS['xmlparser']->FindTag($xmldata, 'data'); $data = array(); foreach($rawdata['children'] as $field) { if(!is_array($field)) continue; if(count($field['children']) != 1) continue; $data[$field['tag']] = $field['children'][0]; } $this->pages[$page . '.' . $type] = array('name' => $page, 'type' => $type, 'template' => $template, 'access' => $access, 'data' => $data); } $res = $GLOBALS['db']->Execute('SELECT readaccess FROM privs WHERE name = ? AND type = ?', array($page, $type)); if($res->RecordCount()) $this->pages[$page . '.' . $type]['access'] = $res->fields[0]; } return $this->pages[$page . '.' . $type]; } function Add($name, $type, $template) { if($this->Exists($name, $type)) return false; $GLOBALS['db']->Execute('INSERT INTO pages (name, template, data, type) VALUES (?, ?, "", ?)', array($name, $template, $type)); return ($GLOBALS['db']->Affected_Rows() > 0); } function Edit($page, $type, $data) { $string = ''; foreach($data as $key => $val) $string .= urlencode($key) . '=' . urlencode($val) . '&'; $res = $GLOBALS['db']->Execute('SELECT id FROM pages WHERE name = ? AND type = ?', array($page, $type)); if($res->RecordCount()) { $GLOBALS['db']->Execute('UPDATE pages SET data = ? WHERE name = ? AND type = ?', array(substr($string, 0, -1), $page, $type)); return true; } $pagedata = $this->GetPageData($page, $type); $GLOBALS['db']->Execute('INSERT INTO privs (name, type, readaccess) VALUES (?, ?, ?)', array($page, $type, $pagedata['access'])); $GLOBALS['db']->Execute('INSERT INTO pages (name, template, data, type) VALUES (?, ?, ?, ?)', array($page, $pagedata['template'], $string, $type)); return ($GLOBALS['db']->Affected_Rows() > 0); } function Rename($page, $type, $new_name) { if($this->Exists($new_name, $type)) return false; $GLOBALS['db']->Execute('UPDATE privs SET name = ? WHERE name = ? AND type = ?', array($new_name, $page, $type)); $GLOBALS['db']->Execute('UPDATE pages SET name = ? WHERE name = ? AND type = ?', array($new_name, $page, $type)); return ($GLOBALS['db']->Affected_Rows() > 0); } function Copy($page, $type, $new_name) { if($this->Exists($new_name, $type)) return false; if(!$this->Exists($page, $type)) return false; $pagedata = $this->GetPageData($page, $type); $string = ''; foreach($pagedata['data'] as $key => $val) $string .= urlencode($key) . '=' . urlencode($val) . '&'; $GLOBALS['db']->Execute('INSERT INTO pages (name, template, data, type) VALUES (?, ?, ?, ?)', array($new_name, $pagedata['template'], $string, $type)); return ($GLOBALS['db']->Affected_Rows() > 0); } function Delete($page, $type) { $GLOBALS['db']->Execute('DELETE FROM privs WHERE name = ? AND type = ?', array($page, $type)); $GLOBALS['db']->Execute('DELETE FROM pages WHERE name = ? AND type = ?', array($page, $type)); return ($GLOBALS['db']->Affected_Rows() > 0); } function GetList() { $res = $GLOBALS['db']->Execute('SELECT name, type FROM pages'); $pages = array(); while($row = $res->FetchRow()) $pages[$row[0] . '.' . $row[1]] = null; $pages = array_keys(array_merge($pages, $this->pages, $GLOBALS['modules']->pages)); sort($pages); return $pages; } function GetAccess($page, $type) { $res = $GLOBALS['db']->Execute('SELECT readaccess FROM privs WHERE name = ? AND type = ?', array($page, $type)); if($res->RecordCount()) return $res->fields[0]; $pagedata = $this->GetPageData($page, $type); return $pagedata['access']; } function SetAccess($page, $type, $access) { $res = $GLOBALS['db']->Execute('SELECT id FROM privs WHERE name = ? AND type = ?', array($page, $type)); if($res->RecordCount()) { $GLOBALS['db']->Execute('UPDATE privs SET readaccess = ? WHERE name = ? AND type = ?', array($access, $page, $type)); return true; } $pagedata = $this->GetPageData($page, $type); if(strlen($access) > strlen($pagedata['access'])) { if(eregi('^' . $pagedata['access'] . '0+$', $access)) return true; } elseif(strlen($access) < strlen($pagedata['access'])) { if(eregi('^' . $access . '0+$', $pagedata['access'])) return true; } else { if(strcasecmp($access, $pagedata['access']) == 0) return true; } $GLOBALS['db']->Execute('INSERT INTO privs (name, type, readaccess) VALUES (?, ?, ?)', array($page, $type, $access)); return ($GLOBALS['db']->Affected_Rows() > 0); } } $GLOBALS['pages'] = new Pages; ?>