[3609] | 1 | <?php |
---|
| 2 | |
---|
| 3 | if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!'); |
---|
| 4 | |
---|
[9345] | 5 | function check_random_index_redirect() |
---|
| 6 | { |
---|
| 7 | global $conf; |
---|
| 8 | |
---|
| 9 | if (!empty($conf['ap_random_index_redirect'])) |
---|
| 10 | { |
---|
| 11 | $random_index_redirect = array(); |
---|
| 12 | foreach ($conf['ap_random_index_redirect'] as $random_url => $random_url_condition) |
---|
| 13 | { |
---|
| 14 | if (empty($random_url_condition) or eval($random_url_condition)) |
---|
| 15 | { |
---|
| 16 | $random_index_redirect[] = $random_url; |
---|
| 17 | } |
---|
| 18 | } |
---|
| 19 | if (!empty($random_index_redirect)) |
---|
| 20 | { |
---|
| 21 | redirect($random_index_redirect[mt_rand(0, count($random_index_redirect)-1)]); |
---|
| 22 | } |
---|
| 23 | } |
---|
| 24 | return true; |
---|
| 25 | } |
---|
| 26 | |
---|
[9261] | 27 | global $template, $user; |
---|
[3609] | 28 | |
---|
[9323] | 29 | $identifier = $page['ap_homepage'] ? $conf['AP']['homepage'] : $tokens[1]; |
---|
[9261] | 30 | |
---|
| 31 | if (function_exists('get_extended_desc')) |
---|
| 32 | add_event_handler('AP_render_content', 'get_extended_desc'); |
---|
[3609] | 33 | |
---|
[9310] | 34 | // Retrieve page data |
---|
| 35 | $query = 'SELECT id, title , content, users, groups, level, permalink, standalone |
---|
[3609] | 36 | FROM ' . ADD_PAGES_TABLE . ' |
---|
[9261] | 37 | '; |
---|
| 38 | $query .= is_numeric($identifier) ? |
---|
| 39 | 'WHERE id = '.$identifier.';' : |
---|
| 40 | 'WHERE permalink = "'.$identifier.'";'; |
---|
[3609] | 41 | |
---|
[9310] | 42 | $row = pwg_db_fetch_assoc(pwg_query($query)); |
---|
[9261] | 43 | |
---|
[9312] | 44 | // Page not found |
---|
[9261] | 45 | if (empty($row)) |
---|
[3609] | 46 | { |
---|
[9272] | 47 | if ($page['ap_homepage']) return; |
---|
[9261] | 48 | page_not_found('Requested page does not exist'); |
---|
[3609] | 49 | } |
---|
| 50 | |
---|
[9312] | 51 | // Redirect with permalink if exist |
---|
[9272] | 52 | if (is_numeric($identifier) and !empty($row['permalink']) and !$page['ap_homepage']) |
---|
[9261] | 53 | { |
---|
| 54 | redirect(make_index_url().'/page/' . $row['permalink']); |
---|
| 55 | } |
---|
| 56 | |
---|
[9312] | 57 | // Access controls |
---|
| 58 | if (!is_admin() or (!is_admin() xor $page['ap_homepage'])) |
---|
[9272] | 59 | { |
---|
[9312] | 60 | // authorized level |
---|
| 61 | if ($user['level'] < $row['level']) |
---|
| 62 | { |
---|
[9345] | 63 | if ($page['ap_homepage'] and check_random_index_redirect()) return; |
---|
[9312] | 64 | page_forbidden(l10n('You are not authorized to access the requested page')); |
---|
| 65 | } |
---|
[9272] | 66 | |
---|
[9310] | 67 | // authorized users |
---|
[9312] | 68 | if (isset($row['users'])) |
---|
[3609] | 69 | { |
---|
[9310] | 70 | $authorized_users = explode(',', $row['users']); |
---|
[9312] | 71 | if (!in_array($user['status'], $authorized_users)) |
---|
[9310] | 72 | { |
---|
[9345] | 73 | if ($page['ap_homepage'] and check_random_index_redirect()) return; |
---|
[9310] | 74 | page_forbidden(l10n('You are not authorized to access the requested page')); |
---|
| 75 | } |
---|
[3609] | 76 | } |
---|
| 77 | |
---|
[9310] | 78 | // authorized groups |
---|
| 79 | if (!empty($row['groups'])) |
---|
[3609] | 80 | { |
---|
[9312] | 81 | $query = 'SELECT group_id |
---|
| 82 | FROM ' . USER_GROUP_TABLE . ' |
---|
| 83 | WHERE user_id = ' . $user['id'] . ' |
---|
| 84 | AND group_id IN (' . $row['groups'] . ') |
---|
| 85 | ;'; |
---|
| 86 | $groups = array_from_query($query, 'group_id'); |
---|
| 87 | if (empty($groups)) |
---|
[9310] | 88 | { |
---|
[9345] | 89 | if ($page['ap_homepage'] and check_random_index_redirect()) return; |
---|
[9310] | 90 | page_forbidden(l10n('You are not authorized to access the requested page')); |
---|
| 91 | } |
---|
[3609] | 92 | } |
---|
| 93 | } |
---|
| 94 | |
---|
[9310] | 95 | // Display standalone page |
---|
[9312] | 96 | if ($row['standalone'] == 'true') |
---|
[9270] | 97 | { |
---|
[9312] | 98 | echo $row['content']; |
---|
[9270] | 99 | exit; |
---|
| 100 | } |
---|
| 101 | |
---|
[9312] | 102 | // Page initilization |
---|
| 103 | $page['section'] = 'additional_page'; |
---|
| 104 | |
---|
| 105 | $page['additional_page'] = array( |
---|
| 106 | 'id' => $row['id'], |
---|
| 107 | 'permalink' => @$row['permalink'], |
---|
| 108 | 'title' => trigger_event('AP_render_content', $row['title']), |
---|
| 109 | 'content' => trigger_event('AP_render_content', $row['content']), |
---|
| 110 | ); |
---|
| 111 | |
---|
[9261] | 112 | add_event_handler('loc_end_index', 'ap_set_index'); |
---|
[8132] | 113 | |
---|
[9261] | 114 | function ap_set_index() |
---|
[3609] | 115 | { |
---|
[9261] | 116 | global $template, $page, $conf; |
---|
| 117 | |
---|
| 118 | $template->assign(array( |
---|
| 119 | 'TITLE' => $page['additional_page']['title'], |
---|
| 120 | 'PLUGIN_INDEX_CONTENT_BEGIN' => $page['additional_page']['content'], |
---|
| 121 | ) |
---|
| 122 | ); |
---|
| 123 | |
---|
[9323] | 124 | if ($conf['AP']['show_home'] and !$page['ap_homepage']) |
---|
[9261] | 125 | { |
---|
| 126 | $template->assign('PLUGIN_INDEX_ACTIONS' , ' |
---|
[9272] | 127 | <li><a href="'.make_index_url().'" title="' . l10n('return to homepage') . '"> |
---|
[9261] | 128 | <img src="' . $template->get_themeconf('icon_dir') . '/home.png" class="button" alt="' . l10n('home') . '"/></a> |
---|
| 129 | </li>'); |
---|
| 130 | } |
---|
| 131 | if (is_admin()) |
---|
| 132 | { |
---|
| 133 | $template->assign('U_EDIT', PHPWG_ROOT_PATH.'admin.php?page=plugin&section='.AP_DIR.'%2Fadmin%2Fadmin.php&tab=edit_page&edit='.$page['additional_page']['id'].'&redirect=true'); |
---|
| 134 | } |
---|
| 135 | $template->clear_assign(array('U_MODE_POSTED', 'U_MODE_CREATED')); |
---|
[3609] | 136 | } |
---|
| 137 | |
---|
[3292] | 138 | ?> |
---|