[3609] | 1 | <?php |
---|
| 2 | |
---|
| 3 | if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!'); |
---|
| 4 | |
---|
[9345] | 5 | function check_random_index_redirect() |
---|
| 6 | { |
---|
| 7 | global $conf; |
---|
| 8 | |
---|
| 9 | if (!empty($conf['ap_random_index_redirect'])) |
---|
| 10 | { |
---|
| 11 | $random_index_redirect = array(); |
---|
| 12 | foreach ($conf['ap_random_index_redirect'] as $random_url => $random_url_condition) |
---|
| 13 | { |
---|
| 14 | if (empty($random_url_condition) or eval($random_url_condition)) |
---|
| 15 | { |
---|
| 16 | $random_index_redirect[] = $random_url; |
---|
| 17 | } |
---|
| 18 | } |
---|
| 19 | if (!empty($random_index_redirect)) |
---|
| 20 | { |
---|
| 21 | redirect($random_index_redirect[mt_rand(0, count($random_index_redirect)-1)]); |
---|
| 22 | } |
---|
| 23 | } |
---|
| 24 | return true; |
---|
| 25 | } |
---|
| 26 | |
---|
[9261] | 27 | global $template, $user; |
---|
[3609] | 28 | |
---|
[9323] | 29 | $identifier = $page['ap_homepage'] ? $conf['AP']['homepage'] : $tokens[1]; |
---|
[9261] | 30 | |
---|
[9310] | 31 | // Retrieve page data |
---|
[9350] | 32 | $query = 'SELECT id, title, lang, content, users, groups, level, permalink, standalone |
---|
[3609] | 33 | FROM ' . ADD_PAGES_TABLE . ' |
---|
[9261] | 34 | '; |
---|
| 35 | $query .= is_numeric($identifier) ? |
---|
| 36 | 'WHERE id = '.$identifier.';' : |
---|
| 37 | 'WHERE permalink = "'.$identifier.'";'; |
---|
[3609] | 38 | |
---|
[9310] | 39 | $row = pwg_db_fetch_assoc(pwg_query($query)); |
---|
[9261] | 40 | |
---|
[9312] | 41 | // Page not found |
---|
[9261] | 42 | if (empty($row)) |
---|
[3609] | 43 | { |
---|
[9272] | 44 | if ($page['ap_homepage']) return; |
---|
[9261] | 45 | page_not_found('Requested page does not exist'); |
---|
[3609] | 46 | } |
---|
| 47 | |
---|
[9312] | 48 | // Redirect with permalink if exist |
---|
[9272] | 49 | if (is_numeric($identifier) and !empty($row['permalink']) and !$page['ap_homepage']) |
---|
[9261] | 50 | { |
---|
[9660] | 51 | redirect(make_index_url(array('section'=>'page')).'/'.$row['permalink']); |
---|
[9261] | 52 | } |
---|
| 53 | |
---|
[9312] | 54 | // Access controls |
---|
| 55 | if (!is_admin() or (!is_admin() xor $page['ap_homepage'])) |
---|
[9272] | 56 | { |
---|
[9350] | 57 | // authorized language |
---|
| 58 | if (!empty($row['lang']) and $row['lang'] != $user['language']) |
---|
| 59 | { |
---|
| 60 | if ($page['ap_homepage'] and check_random_index_redirect()) return; |
---|
| 61 | page_forbidden(l10n('You are not authorized to access the requested page'), make_index_url()); |
---|
| 62 | } |
---|
| 63 | |
---|
[9312] | 64 | // authorized level |
---|
| 65 | if ($user['level'] < $row['level']) |
---|
| 66 | { |
---|
[9345] | 67 | if ($page['ap_homepage'] and check_random_index_redirect()) return; |
---|
[9350] | 68 | page_forbidden(l10n('You are not authorized to access the requested page'), make_index_url()); |
---|
[9312] | 69 | } |
---|
[9272] | 70 | |
---|
[9310] | 71 | // authorized users |
---|
[9312] | 72 | if (isset($row['users'])) |
---|
[3609] | 73 | { |
---|
[9310] | 74 | $authorized_users = explode(',', $row['users']); |
---|
[9312] | 75 | if (!in_array($user['status'], $authorized_users)) |
---|
[9310] | 76 | { |
---|
[9345] | 77 | if ($page['ap_homepage'] and check_random_index_redirect()) return; |
---|
[9350] | 78 | page_forbidden(l10n('You are not authorized to access the requested page'), make_index_url()); |
---|
[9310] | 79 | } |
---|
[3609] | 80 | } |
---|
| 81 | |
---|
[9310] | 82 | // authorized groups |
---|
| 83 | if (!empty($row['groups'])) |
---|
[3609] | 84 | { |
---|
[9312] | 85 | $query = 'SELECT group_id |
---|
| 86 | FROM ' . USER_GROUP_TABLE . ' |
---|
| 87 | WHERE user_id = ' . $user['id'] . ' |
---|
| 88 | AND group_id IN (' . $row['groups'] . ') |
---|
| 89 | ;'; |
---|
| 90 | $groups = array_from_query($query, 'group_id'); |
---|
| 91 | if (empty($groups)) |
---|
[9310] | 92 | { |
---|
[9345] | 93 | if ($page['ap_homepage'] and check_random_index_redirect()) return; |
---|
[9350] | 94 | page_forbidden(l10n('You are not authorized to access the requested page'), make_index_url()); |
---|
[9310] | 95 | } |
---|
[3609] | 96 | } |
---|
| 97 | } |
---|
| 98 | |
---|
[9310] | 99 | // Display standalone page |
---|
[9312] | 100 | if ($row['standalone'] == 'true') |
---|
[9270] | 101 | { |
---|
[9312] | 102 | echo $row['content']; |
---|
[9270] | 103 | exit; |
---|
| 104 | } |
---|
| 105 | |
---|
[9312] | 106 | // Page initilization |
---|
| 107 | $page['section'] = 'additional_page'; |
---|
| 108 | |
---|
| 109 | $page['additional_page'] = array( |
---|
| 110 | 'id' => $row['id'], |
---|
| 111 | 'permalink' => @$row['permalink'], |
---|
[9350] | 112 | 'title' => trigger_event('AP_render_title', $row['title']), |
---|
[9312] | 113 | 'content' => trigger_event('AP_render_content', $row['content']), |
---|
| 114 | ); |
---|
| 115 | |
---|
[9261] | 116 | add_event_handler('loc_end_index', 'ap_set_index'); |
---|
[8132] | 117 | |
---|
[9261] | 118 | function ap_set_index() |
---|
[3609] | 119 | { |
---|
[9261] | 120 | global $template, $page, $conf; |
---|
| 121 | |
---|
[12927] | 122 | if (is_admin()) |
---|
| 123 | { |
---|
| 124 | $template->assign('U_EDIT', get_root_url().'admin.php?page=plugin-'.AP_DIR.'-edit_page&edit='.$page['additional_page']['id'].'&redirect=true'); |
---|
| 125 | } |
---|
| 126 | |
---|
| 127 | $title = $page['additional_page']['title']; |
---|
| 128 | if ($conf['AP']['show_home'] and !$page['ap_homepage']) |
---|
| 129 | { |
---|
| 130 | $title = '<a href="'.get_gallery_home_url().'">'.l10n('Home').'</a>'.$conf['level_separator'].$title; |
---|
| 131 | } |
---|
| 132 | |
---|
[9261] | 133 | $template->assign(array( |
---|
[12927] | 134 | 'TITLE' => $title, |
---|
[9261] | 135 | 'PLUGIN_INDEX_CONTENT_BEGIN' => $page['additional_page']['content'], |
---|
| 136 | ) |
---|
| 137 | ); |
---|
[12927] | 138 | |
---|
[9261] | 139 | $template->clear_assign(array('U_MODE_POSTED', 'U_MODE_CREATED')); |
---|
[3609] | 140 | } |
---|
| 141 | |
---|
[3292] | 142 | ?> |
---|