From fb3f6972ebc1542dba768565353f33c19a96da7c Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 8 Aug 2016 14:21:43 +0200 Subject: [PATCH] Work on module website Conflicts: htdocs/websites/index.php --- htdocs/public/websites/index.php | 12 ++- htdocs/public/websites/styles.css.php | 139 ++++++++++++++++++++++++++ htdocs/websites/index.php | 53 +++++++--- 3 files changed, 186 insertions(+), 18 deletions(-) create mode 100644 htdocs/public/websites/styles.css.php diff --git a/htdocs/public/websites/index.php b/htdocs/public/websites/index.php index 4625bc1573a..8c83a1daebc 100644 --- a/htdocs/public/websites/index.php +++ b/htdocs/public/websites/index.php @@ -17,8 +17,8 @@ /** * \file htdocs/public/websites/index.php - * \ingroup core - * \brief A redirect page to an error + * \ingroup website + * \brief Page to output pages * \author Laurent Destailleur */ @@ -90,14 +90,14 @@ if (empty($pageid)) // Security: Delete string ../ into $original_file global $dolibarr_main_data_root; -if ($pageid == 'css') +if ($pageid == 'css') // No more used ? { header('Content-type: text/css'); // Important: Following code is to avoid page request by browser and PHP CPU at each Dolibarr page access. //if (empty($dolibarr_nocache)) header('Cache-Control: max-age=3600, public, must-revalidate'); //else header('Cache-Control: no-cache'); - $original_file=$dolibarr_main_data_root.'/websites/'.$website.'/styles.css'; + $original_file=$dolibarr_main_data_root.'/websites/'.$website.'/styles.css.php'; } else { @@ -142,7 +142,11 @@ if (! file_exists($original_file_osencoded)) exit; } + +// Output page content +print "\n".''."\n"; include_once $original_file_osencoded; + if (is_object($db)) $db->close(); diff --git a/htdocs/public/websites/styles.css.php b/htdocs/public/websites/styles.css.php new file mode 100644 index 00000000000..5a736affc25 --- /dev/null +++ b/htdocs/public/websites/styles.css.php @@ -0,0 +1,139 @@ + + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ + +/** + * \file htdocs/public/websites/styles.css.php + * \ingroup website + * \brief Page to output style page + * \author Laurent Destailleur + */ + +define('NOTOKENRENEWAL',1); // Disables token renewal +define("NOLOGIN",1); +define("NOCSRFCHECK",1); // We accept to go on this page from external web site. +if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU','1'); +if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML','1'); +if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX','1'); + +/** + * Header empty + * + * @return void + */ +function llxHeader() { } +/** + * Footer empty + * + * @return void + */ +function llxFooter() { } + +require '../../master.inc.php'; +require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; + + +$error=0; +$website=GETPOST('website', 'alpha'); +$pageid=GETPOST('page', 'alpha')?GETPOST('page', 'alpha'):GETPOST('pageid', 'alpha'); + +$accessallowed = 1; +$type=''; + + +/* + * View + */ + +$appli=constant('DOL_APPLICATION_TITLE'); +if (!empty($conf->global->MAIN_APPLICATION_TITLE)) $appli=$conf->global->MAIN_APPLICATION_TITLE; + +//print 'Directory with '.$appli.' websites.
'; + +if (empty($pageid)) +{ + require_once DOL_DOCUMENT_ROOT.'/websites/class/website.class.php'; + require_once DOL_DOCUMENT_ROOT.'/websites/class/websitepage.class.php'; + + $object=new Website($db); + $object->fetch(0, $website); + + $objectpage=new WebsitePage($db); + $array=$objectpage->fetchAll($object->id); + + if (count($array) > 0) + { + $firstrep=reset($array); + $pageid=$firstrep->id; + } +} +if (empty($pageid)) +{ + $langs->load("website"); + print $langs->trans("PreviewOfSiteNotYetAvailable"); + exit; +} + +// Security: Delete string ../ into $original_file +global $dolibarr_main_data_root; + +$original_file=$dolibarr_main_data_root.'/websites/'.$website.'/styles.css.php'; + +// Find the subdirectory name as the reference +$refname=basename(dirname($original_file)."/"); + +// Security: +// Limite acces si droits non corrects +if (! $accessallowed) +{ + accessforbidden(); +} + +// Security: +// On interdit les remontees de repertoire ainsi que les pipe dans +// les noms de fichiers. +if (preg_match('/\.\./',$original_file) || preg_match('/[<>|]/',$original_file)) +{ + dol_syslog("Refused to deliver file ".$original_file); + $file=basename($original_file); // Do no show plain path of original_file in shown error message + dol_print_error(0,$langs->trans("ErrorFileNameInvalid",$file)); + exit; +} + +clearstatcache(); + +$filename = basename($original_file); + +// Output file on browser +dol_syslog("styles.css.php include $original_file $filename content-type=$type"); +$original_file_osencoded=dol_osencode($original_file); // New file name encoded in OS encoding charset + +// This test if file exists should be useless. We keep it to find bug more easily +if (! file_exists($original_file_osencoded)) +{ + $langs->load("website"); + print $langs->trans("RequestedPageHasNoContentYet", $pageid); + //dol_print_error(0,$langs->trans("ErrorFileDoesNotExists",$original_file)); + exit; +} + + +// Output page content +require_once $original_file_osencoded; + + +if (is_object($db)) $db->close(); + diff --git a/htdocs/websites/index.php b/htdocs/websites/index.php index 19f72486c3f..8fdd09c30ae 100644 --- a/htdocs/websites/index.php +++ b/htdocs/websites/index.php @@ -123,7 +123,7 @@ if ($pageid > 0 && $action != 'add') global $dolibarr_main_data_root; $pathofwebsite=$dolibarr_main_data_root.'/websites/'.$website; -$filecss=$pathofwebsite.'/styles.css'; +$filecss=$pathofwebsite.'/styles.css.php'; $filetpl=$pathofwebsite.'/page'.$pageid.'.tpl.php'; // Define $urlwithroot @@ -276,7 +276,10 @@ if ($action == 'updatecss') $db->rollback(); }*/ - $csscontent = GETPOST('WEBSITE_CSS_INLINE'); + $csscontent ='"."\n"; + $csscontent .= GETPOST('WEBSITE_CSS_INLINE'); dol_mkdir($pathofwebsite); file_put_contents($filecss, $csscontent); @@ -379,15 +382,26 @@ if ($action == 'updatecontent') if (! $error) { $db->commit(); - setEventMessages($langs->trans("Saved"), null, 'mesgs'); + // Now create the .tpl file dol_mkdir($pathofwebsite); dol_delete_file($filetpl); - file_put_contents($filetpl, $objectpage->content); + + $tplcontent = ''."\n"; + $tplcontent.= '
'."\n"; + $tplcontent.= ''."\n"; + $tplcontent.= '
'."\n"; + $tplcontent.= ''."\n"; + $tplcontent.= $objectpage->content."\n"; + $tplcontent.= ''."\n"; +//var_dump($filetpl);exit; + $result = file_put_contents($filetpl, $tplcontent); if (! empty($conf->global->MAIN_UMASK)) @chmod($filetpl, octdec($conf->global->MAIN_UMASK)); - - header("Location: ".$_SERVER["PHP_SELF"].'?website='.$website.'&pageid='.$pageid); + + setEventMessages($langs->trans("Saved"), null, 'mesgs'); + + header("Location: ".$_SERVER["PHP_SELF"].'?website='.$website.'&pageid='.$pageid); exit; } else @@ -555,16 +569,17 @@ if (count($object->records) > 0) else $out.=''; $out.=''; print $out; - print ''; - print ''; + + print ''; //print $form->selectarray('page', $array); if ($website && $pageid > 0) { print ' - '.$langs->trans("RealURL").' '; $realurl=$urlwithroot.'/public/websites/index.php?website='.$website.'&page='.$pageid; - print ' '; - print ''.$langs->trans("ViewPageInNewTab").''; + print ' '; + print ''.$langs->trans("ViewPageInNewTab").''; // View page in new Tab + //print ''; } print ''; @@ -586,14 +601,15 @@ if (count($object->records) > 0) print ''; //print ''.dol_escape_htmltag($langs->trans("EditPageMeta")).''; //print ''.dol_escape_htmltag($langs->trans("EditPageContent")).''; + print ''; } } if (! in_array($action, array('editcss','editmenu','create'))) { if ($action != 'preview') print ''; - if (preg_match('/^create/',$action)) print ''; - if (preg_match('/^edit/',$action)) print ''; + if (preg_match('/^create/',$action)) print ''; + if (preg_match('/^edit/',$action)) print ''; } print ''; @@ -735,8 +751,17 @@ if ($action == 'editcontent') /* * Editing global variables not related to a specific theme */ + + $csscontent = @file_get_contents($filecss); + + $contentforedit = ''; + /*$contentforedit.=''."\n";*/ + $contentforedit .= $objectpage->content; + require_once DOL_DOCUMENT_ROOT.'/core/class/doleditor.class.php'; - $doleditor=new DolEditor('PAGE_CONTENT',$objectpage->content,'',500,'Full','',true,true,true,5,60); + $doleditor=new DolEditor('PAGE_CONTENT',$contentforedit,'',500,'Full','',true,true,true,5,60); $doleditor->Create(); } @@ -750,7 +775,7 @@ if ($action == 'preview') { $objectpage->fetch($pageid); - print "\n".''."\n"; + print "\n".''."\n"; $csscontent = @file_get_contents($filecss);