1 | <?php |
---|
2 | |
---|
3 | if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!'); |
---|
4 | |
---|
5 | function check_random_index_redirect() |
---|
6 | { |
---|
7 | global $conf; |
---|
8 | |
---|
9 | if (!empty($conf['ap_random_index_redirect'])) |
---|
10 | { |
---|
11 | $random_index_redirect = array(); |
---|
12 | foreach ($conf['ap_random_index_redirect'] as $random_url => $random_url_condition) |
---|
13 | { |
---|
14 | if (empty($random_url_condition) or eval($random_url_condition)) |
---|
15 | { |
---|
16 | $random_index_redirect[] = $random_url; |
---|
17 | } |
---|
18 | } |
---|
19 | if (!empty($random_index_redirect)) |
---|
20 | { |
---|
21 | redirect($random_index_redirect[mt_rand(0, count($random_index_redirect)-1)]); |
---|
22 | } |
---|
23 | } |
---|
24 | return true; |
---|
25 | } |
---|
26 | |
---|
27 | global $template, $user; |
---|
28 | |
---|
29 | $identifier = $page['ap_homepage'] ? $conf['AP']['homepage'] : $tokens[1]; |
---|
30 | |
---|
31 | // Retrieve page data |
---|
32 | $query = 'SELECT id, title, lang, content, users, groups, level, permalink, standalone |
---|
33 | FROM ' . ADD_PAGES_TABLE . ' |
---|
34 | '; |
---|
35 | $query .= is_numeric($identifier) ? |
---|
36 | 'WHERE id = '.$identifier.';' : |
---|
37 | 'WHERE permalink = "'.$identifier.'";'; |
---|
38 | |
---|
39 | $row = pwg_db_fetch_assoc(pwg_query($query)); |
---|
40 | |
---|
41 | // Page not found |
---|
42 | if (empty($row)) |
---|
43 | { |
---|
44 | if ($page['ap_homepage']) return; |
---|
45 | page_not_found('Requested page does not exist'); |
---|
46 | } |
---|
47 | |
---|
48 | // Redirect with permalink if exist |
---|
49 | if (is_numeric($identifier) and !empty($row['permalink']) and !$page['ap_homepage']) |
---|
50 | { |
---|
51 | redirect(make_index_url(array('section'=>'page')).'/'.$row['permalink']); |
---|
52 | } |
---|
53 | |
---|
54 | // Access controls |
---|
55 | if (!is_admin() or (!is_admin() xor $page['ap_homepage'])) |
---|
56 | { |
---|
57 | // authorized language |
---|
58 | if (!empty($row['lang']) and $row['lang'] != $user['language']) |
---|
59 | { |
---|
60 | if ($page['ap_homepage'] and check_random_index_redirect()) return; |
---|
61 | page_forbidden(l10n('You are not authorized to access the requested page'), make_index_url()); |
---|
62 | } |
---|
63 | |
---|
64 | // authorized level |
---|
65 | if ($user['level'] < $row['level']) |
---|
66 | { |
---|
67 | if ($page['ap_homepage'] and check_random_index_redirect()) return; |
---|
68 | page_forbidden(l10n('You are not authorized to access the requested page'), make_index_url()); |
---|
69 | } |
---|
70 | |
---|
71 | // authorized users |
---|
72 | if (isset($row['users'])) |
---|
73 | { |
---|
74 | $authorized_users = explode(',', $row['users']); |
---|
75 | if (!in_array($user['status'], $authorized_users)) |
---|
76 | { |
---|
77 | if ($page['ap_homepage'] and check_random_index_redirect()) return; |
---|
78 | page_forbidden(l10n('You are not authorized to access the requested page'), make_index_url()); |
---|
79 | } |
---|
80 | } |
---|
81 | |
---|
82 | // authorized groups |
---|
83 | if (!empty($row['groups'])) |
---|
84 | { |
---|
85 | $query = 'SELECT group_id |
---|
86 | FROM ' . USER_GROUP_TABLE . ' |
---|
87 | WHERE user_id = ' . $user['id'] . ' |
---|
88 | AND group_id IN (' . $row['groups'] . ') |
---|
89 | ;'; |
---|
90 | $groups = array_from_query($query, 'group_id'); |
---|
91 | if (empty($groups)) |
---|
92 | { |
---|
93 | if ($page['ap_homepage'] and check_random_index_redirect()) return; |
---|
94 | page_forbidden(l10n('You are not authorized to access the requested page'), make_index_url()); |
---|
95 | } |
---|
96 | } |
---|
97 | } |
---|
98 | |
---|
99 | // Display standalone page |
---|
100 | if ($row['standalone'] == 'true') |
---|
101 | { |
---|
102 | echo $row['content']; |
---|
103 | exit; |
---|
104 | } |
---|
105 | |
---|
106 | // Page initilization |
---|
107 | $page['section'] = 'additional_page'; |
---|
108 | |
---|
109 | $page['additional_page'] = array( |
---|
110 | 'id' => $row['id'], |
---|
111 | 'permalink' => @$row['permalink'], |
---|
112 | 'title' => trigger_event('AP_render_title', $row['title']), |
---|
113 | 'content' => trigger_event('AP_render_content', $row['content']), |
---|
114 | ); |
---|
115 | |
---|
116 | |
---|
117 | |
---|
118 | add_event_handler('loc_end_index', 'ap_set_index'); |
---|
119 | add_event_handler('loc_begin_page_header', 'ap_set_header'); |
---|
120 | |
---|
121 | function ap_set_header() |
---|
122 | { |
---|
123 | global $page, $title; |
---|
124 | |
---|
125 | if ($page['ap_homepage']) |
---|
126 | { |
---|
127 | $page['body_id'] = 'theHomePage'; |
---|
128 | } |
---|
129 | else |
---|
130 | { |
---|
131 | $page['body_id'] = 'theAdditionalPage'; |
---|
132 | $title = $page['additional_page']['title']; |
---|
133 | } |
---|
134 | } |
---|
135 | |
---|
136 | function ap_set_index() |
---|
137 | { |
---|
138 | global $template, $page, $conf; |
---|
139 | |
---|
140 | if (is_admin()) |
---|
141 | { |
---|
142 | $template->assign('U_EDIT', get_root_url().'admin.php?page=plugin-'.AP_DIR.'-edit_page&edit='.$page['additional_page']['id'].'&redirect=true'); |
---|
143 | } |
---|
144 | |
---|
145 | $title = $page['additional_page']['title']; |
---|
146 | if ($conf['AP']['show_home'] and !$page['ap_homepage']) |
---|
147 | { |
---|
148 | $title = '<a href="'.get_gallery_home_url().'">'.l10n('Home').'</a>'.$conf['level_separator'].$title; |
---|
149 | } |
---|
150 | |
---|
151 | $template->assign(array( |
---|
152 | 'TITLE' => $title, |
---|
153 | 'PLUGIN_INDEX_CONTENT_BEGIN' => $page['additional_page']['content'], |
---|
154 | ) |
---|
155 | ); |
---|
156 | |
---|
157 | $template->clear_assign(array('U_MODE_POSTED', 'U_MODE_CREATED')); |
---|
158 | } |
---|
159 | |
---|
160 | ?> |
---|