Implémentation des sécurités à tester
This commit is contained in:
parent
b7d1f9e1f1
commit
101da263fd
|
@ -211,7 +211,15 @@ class config extends common
|
||||||
*/
|
*/
|
||||||
public function siteMap()
|
public function siteMap()
|
||||||
{
|
{
|
||||||
|
// La page n'existe pas
|
||||||
|
if (
|
||||||
|
$this->getUser('permission', __CLASS__, __FUNCTION__) !== true
|
||||||
|
) {
|
||||||
|
// Valeurs en sortie
|
||||||
|
$this->addOutput([
|
||||||
|
'access' => false
|
||||||
|
]);
|
||||||
|
} else {
|
||||||
// Mettre à jour le site map
|
// Mettre à jour le site map
|
||||||
$successSitemap = $this->updateSitemap();
|
$successSitemap = $this->updateSitemap();
|
||||||
|
|
||||||
|
@ -223,6 +231,8 @@ class config extends common
|
||||||
]);
|
]);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Sauvegarde des données
|
* Sauvegarde des données
|
||||||
|
@ -455,7 +465,7 @@ class config extends common
|
||||||
'redditId' => $this->getInput('socialRedditId'),
|
'redditId' => $this->getInput('socialRedditId'),
|
||||||
'twitchId' => $this->getInput('socialTwitchId'),
|
'twitchId' => $this->getInput('socialTwitchId'),
|
||||||
'vimeoId' => $this->getInput('socialVimeoId'),
|
'vimeoId' => $this->getInput('socialVimeoId'),
|
||||||
'steamId' =>$this->getInput('socialSteamId'),
|
'steamId' => $this->getInput('socialSteamId'),
|
||||||
],
|
],
|
||||||
'smtp' => [
|
'smtp' => [
|
||||||
'enable' => $this->getInput('smtpEnable', helper::FILTER_BOOLEAN),
|
'enable' => $this->getInput('smtpEnable', helper::FILTER_BOOLEAN),
|
||||||
|
@ -464,7 +474,7 @@ class config extends common
|
||||||
'auth' => $this->getInput('smtpAuth', helper::FILTER_BOOLEAN),
|
'auth' => $this->getInput('smtpAuth', helper::FILTER_BOOLEAN),
|
||||||
'secure' => $this->getInput('smtpSecure', helper::FILTER_STRING_SHORT),
|
'secure' => $this->getInput('smtpSecure', helper::FILTER_STRING_SHORT),
|
||||||
'username' => $this->getInput('smtpUsername', helper::FILTER_STRING_SHORT),
|
'username' => $this->getInput('smtpUsername', helper::FILTER_STRING_SHORT),
|
||||||
'password' => helper::encrypt($this->getInput('smtpPassword', helper::FILTER_STRING_SHORT),$this->getInput('smtpHost', helper::FILTER_STRING_SHORT)),
|
'password' => helper::encrypt($this->getInput('smtpPassword', helper::FILTER_STRING_SHORT), $this->getInput('smtpHost', helper::FILTER_STRING_SHORT)),
|
||||||
'from' => $this->getInput('smtpFrom', helper::FILTER_MAIL, true),
|
'from' => $this->getInput('smtpFrom', helper::FILTER_MAIL, true),
|
||||||
],
|
],
|
||||||
'seo' => [
|
'seo' => [
|
||||||
|
@ -494,7 +504,8 @@ class config extends common
|
||||||
unlink($filename);
|
unlink($filename);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (file_exists('site/data/.backup')) unlink('site/data/.backup');
|
if (file_exists('site/data/.backup'))
|
||||||
|
unlink('site/data/.backup');
|
||||||
} else {
|
} else {
|
||||||
touch('site/data/.backup');
|
touch('site/data/.backup');
|
||||||
}
|
}
|
||||||
|
@ -574,7 +585,7 @@ class config extends common
|
||||||
}
|
}
|
||||||
|
|
||||||
// Sélecteur de délais, compléter avec la traduction en jours
|
// Sélecteur de délais, compléter avec la traduction en jours
|
||||||
foreach(self::$updateDelay as $key => $value) {
|
foreach (self::$updateDelay as $key => $value) {
|
||||||
self::$updateDelay[$key] = $key === 86400 ? $value . ' ' . helper::translate('jour') : $value . ' ' . helper::translate('jours');
|
self::$updateDelay[$key] = $key === 86400 ? $value . ' ' . helper::translate('jour') : $value . ' ' . helper::translate('jours');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -416,6 +416,15 @@ class install extends common
|
||||||
*/
|
*/
|
||||||
public function update()
|
public function update()
|
||||||
{
|
{
|
||||||
|
// Action interdite
|
||||||
|
if (
|
||||||
|
$this->getUser('permission', __CLASS__, __FUNCTION__) !== true
|
||||||
|
) {
|
||||||
|
// Valeurs en sortie
|
||||||
|
$this->addOutput([
|
||||||
|
'access' => false
|
||||||
|
]);
|
||||||
|
} else {
|
||||||
// Nouvelle version
|
// Nouvelle version
|
||||||
self::$newVersion = helper::getUrlContents(common::ZWII_UPDATE_URL . common::ZWII_UPDATE_CHANNEL . '/version');
|
self::$newVersion = helper::getUrlContents(common::ZWII_UPDATE_URL . common::ZWII_UPDATE_CHANNEL . '/version');
|
||||||
// Valeurs en sortie
|
// Valeurs en sortie
|
||||||
|
@ -425,5 +434,6 @@ class install extends common
|
||||||
'view' => 'update'
|
'view' => 'update'
|
||||||
]);
|
]);
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
|
@ -182,18 +182,14 @@ class page extends common
|
||||||
// $url prend l'adresse sans le token
|
// $url prend l'adresse sans le token
|
||||||
$page = $this->getUrl(2);
|
$page = $this->getUrl(2);
|
||||||
// La page n'existe pas
|
// La page n'existe pas
|
||||||
if ($this->getData(['page', $page]) === null) {
|
if (
|
||||||
|
$this->getUser('permission', __CLASS__, __FUNCTION__) !== true ||
|
||||||
|
$this->getData(['page', $page]) === null
|
||||||
|
) {
|
||||||
// Valeurs en sortie
|
// Valeurs en sortie
|
||||||
$this->addOutput([
|
$this->addOutput([
|
||||||
'access' => false
|
'access' => false
|
||||||
]);
|
]);
|
||||||
} // Action interdite
|
|
||||||
elseif ($this->checkCSRF()) {
|
|
||||||
// Valeurs en sortie
|
|
||||||
$this->addOutput([
|
|
||||||
'redirect' => helper::baseUrl() . 'page/edit/' . $page,
|
|
||||||
'notification' => helper::translate('Jeton invalide')
|
|
||||||
]);
|
|
||||||
}
|
}
|
||||||
// Impossible de supprimer la page d'accueil
|
// Impossible de supprimer la page d'accueil
|
||||||
elseif ($page === $this->getData(['locale', 'homePageId'])) {
|
elseif ($page === $this->getData(['locale', 'homePageId'])) {
|
||||||
|
@ -288,7 +284,10 @@ class page extends common
|
||||||
public function edit()
|
public function edit()
|
||||||
{
|
{
|
||||||
// La page n'existe pas
|
// La page n'existe pas
|
||||||
if ($this->getData(['page', $this->getUrl(2)]) === null) {
|
if (
|
||||||
|
$this->getUser('permission', __CLASS__, __FUNCTION__) !== true ||
|
||||||
|
$this->getData(['page', $this->getUrl(2)]) === null
|
||||||
|
) {
|
||||||
// Valeurs en sortie
|
// Valeurs en sortie
|
||||||
$this->addOutput([
|
$this->addOutput([
|
||||||
'access' => false
|
'access' => false
|
||||||
|
@ -602,9 +601,10 @@ class page extends common
|
||||||
* Retourne les informations sur les pages en omettant les clés CSS et JS qui occasionnent des bugs d'affichage dans l'éditeur de page
|
* Retourne les informations sur les pages en omettant les clés CSS et JS qui occasionnent des bugs d'affichage dans l'éditeur de page
|
||||||
* @return array tableau associatif des pages dans le menu
|
* @return array tableau associatif des pages dans le menu
|
||||||
*/
|
*/
|
||||||
public function getPageInfo() {
|
public function getPageInfo()
|
||||||
|
{
|
||||||
$p = $this->getData(['page']);
|
$p = $this->getData(['page']);
|
||||||
$d = array_map(function($d) {
|
$d = array_map(function ($d) {
|
||||||
unset($d["css"], $d["js"]);
|
unset($d["css"], $d["js"]);
|
||||||
return $d;
|
return $d;
|
||||||
}, $p);
|
}, $p);
|
||||||
|
|
|
@ -63,12 +63,10 @@ class plugin extends common
|
||||||
{
|
{
|
||||||
|
|
||||||
// Action interdite
|
// Action interdite
|
||||||
if ($this->checkCSRF()) {
|
if ($this->getUser('permission', __CLASS__, __FUNCTION__) !== true) {
|
||||||
// Valeurs en sortie
|
// Valeurs en sortie
|
||||||
$this->addOutput([
|
$this->addOutput([
|
||||||
'redirect' => helper::baseUrl() . 'plugin',
|
'access' => false
|
||||||
'state' => false,
|
|
||||||
'notification' => helper::translate('Action interdite')
|
|
||||||
]);
|
]);
|
||||||
} else {
|
} else {
|
||||||
// Suppression des dossiers
|
// Suppression des dossiers
|
||||||
|
@ -243,13 +241,14 @@ class plugin extends common
|
||||||
: helper::translate('Erreur inconnue, le module n\'est pas installé')
|
: helper::translate('Erreur inconnue, le module n\'est pas installé')
|
||||||
]);
|
]);
|
||||||
} else {
|
} else {
|
||||||
|
// Supprimer le dossier temporaire
|
||||||
|
$this->removeDir(self::TEMP_DIR . $tempFolder);
|
||||||
|
$zip->close();
|
||||||
return ([
|
return ([
|
||||||
'success' => false,
|
'success' => false,
|
||||||
'notification' => helper::translate('Erreur inconnue, le module n\'est pas installé')
|
'notification' => helper::translate('Erreur inconnue, le module n\'est pas installé')
|
||||||
]);
|
]);
|
||||||
// Supprimer le dossier temporaire
|
|
||||||
$this->removeDir(self::TEMP_DIR . $tempFolder);
|
|
||||||
$zip->close();
|
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
// Message de retour
|
// Message de retour
|
||||||
|
@ -266,6 +265,7 @@ class plugin extends common
|
||||||
public function upload()
|
public function upload()
|
||||||
{
|
{
|
||||||
// Soumission du formulaire
|
// Soumission du formulaire
|
||||||
|
|
||||||
if ($this->isPost()) {
|
if ($this->isPost()) {
|
||||||
// Installation d'un module
|
// Installation d'un module
|
||||||
$checkValidMaj = $this->getInput('configModulesCheck', helper::FILTER_BOOLEAN);
|
$checkValidMaj = $this->getInput('configModulesCheck', helper::FILTER_BOOLEAN);
|
||||||
|
@ -292,12 +292,10 @@ class plugin extends common
|
||||||
public function uploadItem()
|
public function uploadItem()
|
||||||
{
|
{
|
||||||
// Action interdite
|
// Action interdite
|
||||||
if ($this->checkCSRF()) {
|
if ($this->getUser('permission', __CLASS__, __FUNCTION__) !== true) {
|
||||||
// Valeurs en sortie
|
// Valeurs en sortie
|
||||||
$this->addOutput([
|
$this->addOutput([
|
||||||
'redirect' => helper::baseUrl() . 'store',
|
'access' => false
|
||||||
'state' => false,
|
|
||||||
'notification' => helper::translate('Action interdite')
|
|
||||||
]);
|
]);
|
||||||
} else {
|
} else {
|
||||||
// Récupérer le module en ligne
|
// Récupérer le module en ligne
|
||||||
|
@ -572,15 +570,12 @@ class plugin extends common
|
||||||
public function save()
|
public function save()
|
||||||
{
|
{
|
||||||
// Action interdite
|
// Action interdite
|
||||||
if ($this->checkCSRF()) {
|
if ($this->getUser('permission', __CLASS__, __FUNCTION__) !== true) {
|
||||||
// Valeurs en sortie
|
// Valeurs en sortie
|
||||||
$this->addOutput([
|
$this->addOutput([
|
||||||
'redirect' => helper::baseUrl() . 'plugin',
|
'access' => false
|
||||||
'state' => false,
|
|
||||||
'notification' => helper::translate('Action interdite')
|
|
||||||
]);
|
]);
|
||||||
} else {
|
} else {
|
||||||
|
|
||||||
// Créer un dossier temporaire
|
// Créer un dossier temporaire
|
||||||
$tmpFolder = self::TEMP_DIR . uniqid();
|
$tmpFolder = self::TEMP_DIR . uniqid();
|
||||||
if (!is_dir($tmpFolder)) {
|
if (!is_dir($tmpFolder)) {
|
||||||
|
@ -646,12 +641,10 @@ class plugin extends common
|
||||||
public function dataDelete()
|
public function dataDelete()
|
||||||
{
|
{
|
||||||
// Action interdite
|
// Action interdite
|
||||||
if ($this->checkCSRF()) {
|
if ($this->getUser('permission', __CLASS__, __FUNCTION__) !== true) {
|
||||||
// Valeurs en sortie
|
// Valeurs en sortie
|
||||||
$this->addOutput([
|
$this->addOutput([
|
||||||
'redirect' => helper::baseUrl() . 'plugin',
|
'access' => false
|
||||||
'state' => false,
|
|
||||||
'notification' => helper::translate('Action interdite')
|
|
||||||
]);
|
]);
|
||||||
} else {
|
} else {
|
||||||
$this->setData(['page', $this->getUrl(4), 'moduleId', '']);
|
$this->setData(['page', $this->getUrl(4), 'moduleId', '']);
|
||||||
|
@ -672,20 +665,16 @@ class plugin extends common
|
||||||
* 2 : i18n id
|
* 2 : i18n id
|
||||||
* 3 : moduleId
|
* 3 : moduleId
|
||||||
* 4 : pageId
|
* 4 : pageId
|
||||||
* 5 : CSRF
|
|
||||||
*/
|
*/
|
||||||
public function dataExport()
|
public function dataExport()
|
||||||
{
|
{
|
||||||
// Action interdite
|
// Action interdite
|
||||||
if ($this->checkCSRF()) {
|
if ($this->getUser('permission', __CLASS__, __FUNCTION__) !== true) {
|
||||||
// Valeurs en sortie
|
// Valeurs en sortie
|
||||||
$this->addOutput([
|
$this->addOutput([
|
||||||
'redirect' => helper::baseUrl() . 'plugin',
|
'access' => false
|
||||||
'state' => false,
|
|
||||||
'notification' => helper::translate('Action interdite')
|
|
||||||
]);
|
]);
|
||||||
} else {
|
} else {
|
||||||
|
|
||||||
// Créer un dossier temporaire
|
// Créer un dossier temporaire
|
||||||
$tmpFolder = self::TEMP_DIR . uniqid();
|
$tmpFolder = self::TEMP_DIR . uniqid();
|
||||||
if (!is_dir($tmpFolder)) {
|
if (!is_dir($tmpFolder)) {
|
||||||
|
@ -769,7 +758,6 @@ class plugin extends common
|
||||||
*/
|
*/
|
||||||
public function dataImport()
|
public function dataImport()
|
||||||
{
|
{
|
||||||
|
|
||||||
// Soumission du formulaire d'importation du module dans une page libre
|
// Soumission du formulaire d'importation du module dans une page libre
|
||||||
if ($this->isPost()) {
|
if ($this->isPost()) {
|
||||||
// Récupérer le fichier et le décompacter
|
// Récupérer le fichier et le décompacter
|
||||||
|
|
|
@ -105,7 +105,8 @@ class theme extends common
|
||||||
'2.4vmax' => '240%'
|
'2.4vmax' => '240%'
|
||||||
];
|
];
|
||||||
public static $headerHeights = [
|
public static $headerHeights = [
|
||||||
'unset' => 'Libre', // texte dynamique cf header.js.php
|
'unset' => 'Libre',
|
||||||
|
// texte dynamique cf header.js.php
|
||||||
'100px' => '100px',
|
'100px' => '100px',
|
||||||
'150px' => '150px',
|
'150px' => '150px',
|
||||||
'200px' => '200px',
|
'200px' => '200px',
|
||||||
|
@ -249,7 +250,9 @@ class theme extends common
|
||||||
{
|
{
|
||||||
// Soumission du formulaire
|
// Soumission du formulaire
|
||||||
if ($this->isPost()) {
|
if ($this->isPost()) {
|
||||||
$this->setData(['admin', [
|
$this->setData([
|
||||||
|
'admin',
|
||||||
|
[
|
||||||
'backgroundColor' => $this->getInput('adminBackgroundColor'),
|
'backgroundColor' => $this->getInput('adminBackgroundColor'),
|
||||||
'colorTitle' => $this->getInput('adminColorTitle'),
|
'colorTitle' => $this->getInput('adminColorTitle'),
|
||||||
'colorText' => $this->getInput('adminColorText'),
|
'colorText' => $this->getInput('adminColorText'),
|
||||||
|
@ -263,7 +266,8 @@ class theme extends common
|
||||||
'fontTitle' => $this->getInput('adminFontTitle'),
|
'fontTitle' => $this->getInput('adminFontTitle'),
|
||||||
'backgroundBlockColor' => $this->getInput('adminBackGroundBlockColor'),
|
'backgroundBlockColor' => $this->getInput('adminBackGroundBlockColor'),
|
||||||
'borderBlockColor' => $this->getInput('adminBorderBlockColor'),
|
'borderBlockColor' => $this->getInput('adminBorderBlockColor'),
|
||||||
]]);
|
]
|
||||||
|
]);
|
||||||
// Valeurs en sortie
|
// Valeurs en sortie
|
||||||
$this->addOutput([
|
$this->addOutput([
|
||||||
'notification' => helper::translate('Modifications enregistrées'),
|
'notification' => helper::translate('Modifications enregistrées'),
|
||||||
|
@ -318,7 +322,10 @@ class theme extends common
|
||||||
{
|
{
|
||||||
// Soumission du formulaire
|
// Soumission du formulaire
|
||||||
if ($this->isPost()) {
|
if ($this->isPost()) {
|
||||||
$this->setData(['theme', 'body', [
|
$this->setData([
|
||||||
|
'theme',
|
||||||
|
'body',
|
||||||
|
[
|
||||||
'backgroundColor' => $this->getInput('themeBodyBackgroundColor'),
|
'backgroundColor' => $this->getInput('themeBodyBackgroundColor'),
|
||||||
'image' => $this->getInput('themeBodyImage'),
|
'image' => $this->getInput('themeBodyImage'),
|
||||||
'imageAttachment' => $this->getInput('themeBodyImageAttachment'),
|
'imageAttachment' => $this->getInput('themeBodyImageAttachment'),
|
||||||
|
@ -327,7 +334,8 @@ class theme extends common
|
||||||
'imageSize' => $this->getInput('themeBodyImageSize'),
|
'imageSize' => $this->getInput('themeBodyImageSize'),
|
||||||
'toTopbackgroundColor' => $this->getInput('themeBodyToTopBackground'),
|
'toTopbackgroundColor' => $this->getInput('themeBodyToTopBackground'),
|
||||||
'toTopColor' => $this->getInput('themeBodyToTopColor')
|
'toTopColor' => $this->getInput('themeBodyToTopColor')
|
||||||
]]);
|
]
|
||||||
|
]);
|
||||||
// Valeurs en sortie
|
// Valeurs en sortie
|
||||||
$this->addOutput([
|
$this->addOutput([
|
||||||
'notification' => helper::translate('Modifications enregistrées'),
|
'notification' => helper::translate('Modifications enregistrées'),
|
||||||
|
@ -364,7 +372,10 @@ class theme extends common
|
||||||
'state' => false
|
'state' => false
|
||||||
]);
|
]);
|
||||||
} else {
|
} else {
|
||||||
$this->setData(['theme', 'footer', [
|
$this->setData([
|
||||||
|
'theme',
|
||||||
|
'footer',
|
||||||
|
[
|
||||||
'backgroundColor' => $this->getInput('themeFooterBackgroundColor'),
|
'backgroundColor' => $this->getInput('themeFooterBackgroundColor'),
|
||||||
'copyrightAlign' => $this->getInput('themeFooterCopyrightAlign'),
|
'copyrightAlign' => $this->getInput('themeFooterCopyrightAlign'),
|
||||||
'height' => $this->getInput('themeFooterHeight'),
|
'height' => $this->getInput('themeFooterHeight'),
|
||||||
|
@ -391,7 +402,8 @@ class theme extends common
|
||||||
'displaySearch' => $this->getInput('themeFooterDisplaySearch', helper::FILTER_BOOLEAN),
|
'displaySearch' => $this->getInput('themeFooterDisplaySearch', helper::FILTER_BOOLEAN),
|
||||||
'memberBar' => $this->getInput('themeFooterMemberBar', helper::FILTER_BOOLEAN),
|
'memberBar' => $this->getInput('themeFooterMemberBar', helper::FILTER_BOOLEAN),
|
||||||
'template' => $this->getInput('themeFooterTemplate')
|
'template' => $this->getInput('themeFooterTemplate')
|
||||||
]]);
|
]
|
||||||
|
]);
|
||||||
|
|
||||||
// Sauvegarder la configuration localisée
|
// Sauvegarder la configuration localisée
|
||||||
$this->setData(['locale', 'legalPageId', $this->getInput('configLegalPageId')]);
|
$this->setData(['locale', 'legalPageId', $this->getInput('configLegalPageId')]);
|
||||||
|
@ -453,7 +465,10 @@ class theme extends common
|
||||||
}
|
}
|
||||||
|
|
||||||
// Sauvegarder
|
// Sauvegarder
|
||||||
$this->setData(['theme', 'header', [
|
$this->setData([
|
||||||
|
'theme',
|
||||||
|
'header',
|
||||||
|
[
|
||||||
'backgroundColor' => $this->getInput('themeHeaderBackgroundColor'),
|
'backgroundColor' => $this->getInput('themeHeaderBackgroundColor'),
|
||||||
'font' => $this->getInput('themeHeaderFont'),
|
'font' => $this->getInput('themeHeaderFont'),
|
||||||
'fontSize' => $this->getInput('themeHeaderFontSize'),
|
'fontSize' => $this->getInput('themeHeaderFontSize'),
|
||||||
|
@ -475,7 +490,8 @@ class theme extends common
|
||||||
'feature' => $this->getInput('themeHeaderFeature'),
|
'feature' => $this->getInput('themeHeaderFeature'),
|
||||||
'featureContent' => $featureContent,
|
'featureContent' => $featureContent,
|
||||||
'featureFiles' => $files
|
'featureFiles' => $files
|
||||||
]]);
|
]
|
||||||
|
]);
|
||||||
// Modification de la position du menu selon la position de la bannière
|
// Modification de la position du menu selon la position de la bannière
|
||||||
if ($this->getData(['theme', 'header', 'position']) == 'site') {
|
if ($this->getData(['theme', 'header', 'position']) == 'site') {
|
||||||
$this->setData(['theme', 'menu', 'position', str_replace('body-', 'site-', $this->getData(['theme', 'menu', 'position']))]);
|
$this->setData(['theme', 'menu', 'position', str_replace('body-', 'site-', $this->getData(['theme', 'menu', 'position']))]);
|
||||||
|
@ -535,7 +551,10 @@ class theme extends common
|
||||||
{
|
{
|
||||||
// Soumission du formulaire
|
// Soumission du formulaire
|
||||||
if ($this->isPost()) {
|
if ($this->isPost()) {
|
||||||
$this->setData(['theme', 'menu', [
|
$this->setData([
|
||||||
|
'theme',
|
||||||
|
'menu',
|
||||||
|
[
|
||||||
'backgroundColor' => $this->getInput('themeMenuBackgroundColor'),
|
'backgroundColor' => $this->getInput('themeMenuBackgroundColor'),
|
||||||
'backgroundColorSub' => $this->getInput('themeMenuBackgroundColorSub'),
|
'backgroundColorSub' => $this->getInput('themeMenuBackgroundColorSub'),
|
||||||
'font' => $this->getInput('themeMenuFont'),
|
'font' => $this->getInput('themeMenuFont'),
|
||||||
|
@ -558,7 +577,8 @@ class theme extends common
|
||||||
'memberBar' => $this->getInput('themeMenuMemberBar', helper::FILTER_BOOLEAN),
|
'memberBar' => $this->getInput('themeMenuMemberBar', helper::FILTER_BOOLEAN),
|
||||||
'burgerLogo' => $this->getInput('themeMenuBurgerLogo'),
|
'burgerLogo' => $this->getInput('themeMenuBurgerLogo'),
|
||||||
'burgerContent' => $this->getInput('themeMenuBurgerContent')
|
'burgerContent' => $this->getInput('themeMenuBurgerContent')
|
||||||
]]);
|
]
|
||||||
|
]);
|
||||||
// Valeurs en sortie
|
// Valeurs en sortie
|
||||||
$this->addOutput([
|
$this->addOutput([
|
||||||
'notification' => helper::translate('Modifications enregistrées'),
|
'notification' => helper::translate('Modifications enregistrées'),
|
||||||
|
@ -676,7 +696,8 @@ class theme extends common
|
||||||
$this->setData([
|
$this->setData([
|
||||||
'font',
|
'font',
|
||||||
$type,
|
$type,
|
||||||
$fontId, [
|
$fontId,
|
||||||
|
[
|
||||||
'name' => $fontName,
|
'name' => $fontName,
|
||||||
'font-family' => $fontFamilyName,
|
'font-family' => $fontFamilyName,
|
||||||
'resource' => $ressource
|
'resource' => $ressource
|
||||||
|
@ -741,7 +762,8 @@ class theme extends common
|
||||||
$this->setData([
|
$this->setData([
|
||||||
'font',
|
'font',
|
||||||
$type,
|
$type,
|
||||||
$fontId, [
|
$fontId,
|
||||||
|
[
|
||||||
'name' => $fontName,
|
'name' => $fontName,
|
||||||
'font-family' => $fontFamilyName,
|
'font-family' => $fontFamilyName,
|
||||||
'resource' => $ressource
|
'resource' => $ressource
|
||||||
|
@ -775,11 +797,14 @@ class theme extends common
|
||||||
public function fontDelete()
|
public function fontDelete()
|
||||||
{
|
{
|
||||||
// Action interdite
|
// Action interdite
|
||||||
if ($this->checkCSRF()) {
|
if (
|
||||||
|
$this->getUser('permission', __CLASS__, __FUNCTION__) !== true ||
|
||||||
|
$this->checkCSRF()
|
||||||
|
) {
|
||||||
|
// Valeurs en sortie
|
||||||
// Valeurs en sortie
|
// Valeurs en sortie
|
||||||
$this->addOutput([
|
$this->addOutput([
|
||||||
'redirect' => helper::baseUrl() . 'theme/fonts',
|
'access' => false
|
||||||
'notification' => helper::translate('Action interdite')
|
|
||||||
]);
|
]);
|
||||||
}
|
}
|
||||||
// Suppression
|
// Suppression
|
||||||
|
@ -811,6 +836,15 @@ class theme extends common
|
||||||
*/
|
*/
|
||||||
public function reset()
|
public function reset()
|
||||||
{
|
{
|
||||||
|
// Action interdite
|
||||||
|
if (
|
||||||
|
$this->getUser('permission', __CLASS__, __FUNCTION__) !== true
|
||||||
|
) {
|
||||||
|
// Valeurs en sortie
|
||||||
|
$this->addOutput([
|
||||||
|
'access' => false
|
||||||
|
]);
|
||||||
|
} else {
|
||||||
// Réinitialisation
|
// Réinitialisation
|
||||||
$redirect = '';
|
$redirect = '';
|
||||||
switch ($this->getUrl(2)) {
|
switch ($this->getUrl(2)) {
|
||||||
|
@ -836,7 +870,7 @@ class theme extends common
|
||||||
'redirect' => $redirect,
|
'redirect' => $redirect,
|
||||||
'state' => true
|
'state' => true
|
||||||
]);
|
]);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -847,32 +881,52 @@ class theme extends common
|
||||||
{
|
{
|
||||||
// Soumission du formulaire
|
// Soumission du formulaire
|
||||||
if ($this->isPost()) {
|
if ($this->isPost()) {
|
||||||
$this->setData(['theme', 'title', [
|
$this->setData([
|
||||||
|
'theme',
|
||||||
|
'title',
|
||||||
|
[
|
||||||
'font' => $this->getInput('themeTitleFont'),
|
'font' => $this->getInput('themeTitleFont'),
|
||||||
'textColor' => $this->getInput('themeTitleTextColor'),
|
'textColor' => $this->getInput('themeTitleTextColor'),
|
||||||
'fontWeight' => $this->getInput('themeTitleFontWeight'),
|
'fontWeight' => $this->getInput('themeTitleFontWeight'),
|
||||||
'textTransform' => $this->getInput('themeTitleTextTransform')
|
'textTransform' => $this->getInput('themeTitleTextTransform')
|
||||||
]]);
|
]
|
||||||
$this->setData(['theme', 'text', [
|
]);
|
||||||
|
$this->setData([
|
||||||
|
'theme',
|
||||||
|
'text',
|
||||||
|
[
|
||||||
'font' => $this->getInput('themeTextFont'),
|
'font' => $this->getInput('themeTextFont'),
|
||||||
'fontSize' => $this->getInput('themeTextFontSize'),
|
'fontSize' => $this->getInput('themeTextFontSize'),
|
||||||
'textColor' => $this->getInput('themeTextTextColor'),
|
'textColor' => $this->getInput('themeTextTextColor'),
|
||||||
'linkColor' => $this->getInput('themeTextLinkColor')
|
'linkColor' => $this->getInput('themeTextLinkColor')
|
||||||
]]);
|
]
|
||||||
$this->setData(['theme', 'site', [
|
]);
|
||||||
|
$this->setData([
|
||||||
|
'theme',
|
||||||
|
'site',
|
||||||
|
[
|
||||||
'backgroundColor' => $this->getInput('themeSiteBackgroundColor'),
|
'backgroundColor' => $this->getInput('themeSiteBackgroundColor'),
|
||||||
'radius' => $this->getInput('themeSiteRadius'),
|
'radius' => $this->getInput('themeSiteRadius'),
|
||||||
'shadow' => $this->getInput('themeSiteShadow'),
|
'shadow' => $this->getInput('themeSiteShadow'),
|
||||||
'width' => $this->getInput('themeSiteWidth'),
|
'width' => $this->getInput('themeSiteWidth'),
|
||||||
'margin' => $this->getInput('themeSiteMargin', helper::FILTER_BOOLEAN)
|
'margin' => $this->getInput('themeSiteMargin', helper::FILTER_BOOLEAN)
|
||||||
]]);
|
]
|
||||||
$this->setData(['theme', 'button', [
|
]);
|
||||||
|
$this->setData([
|
||||||
|
'theme',
|
||||||
|
'button',
|
||||||
|
[
|
||||||
'backgroundColor' => $this->getInput('themeButtonBackgroundColor')
|
'backgroundColor' => $this->getInput('themeButtonBackgroundColor')
|
||||||
]]);
|
]
|
||||||
$this->setData(['theme', 'block', [
|
]);
|
||||||
|
$this->setData([
|
||||||
|
'theme',
|
||||||
|
'block',
|
||||||
|
[
|
||||||
'backgroundColor' => $this->getInput('themeBlockBackgroundColor'),
|
'backgroundColor' => $this->getInput('themeBlockBackgroundColor'),
|
||||||
'borderColor' => $this->getInput('themeBlockBorderColor')
|
'borderColor' => $this->getInput('themeBlockBorderColor')
|
||||||
]]);
|
]
|
||||||
|
]);
|
||||||
// Valeurs en sortie
|
// Valeurs en sortie
|
||||||
$this->addOutput([
|
$this->addOutput([
|
||||||
'notification' => helper::translate('Modifications enregistrées'),
|
'notification' => helper::translate('Modifications enregistrées'),
|
||||||
|
@ -913,7 +967,8 @@ class theme extends common
|
||||||
'notification' => $data['notification'],
|
'notification' => $data['notification'],
|
||||||
'state' => $data['success'],
|
'state' => $data['success'],
|
||||||
'view' => 'manage'
|
'view' => 'manage'
|
||||||
]);;
|
]);
|
||||||
|
;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
// Valeurs en sortie
|
// Valeurs en sortie
|
||||||
|
@ -1015,6 +1070,15 @@ class theme extends common
|
||||||
*/
|
*/
|
||||||
public function export()
|
public function export()
|
||||||
{
|
{
|
||||||
|
// Action interdite
|
||||||
|
if (
|
||||||
|
$this->getUser('permission', __CLASS__, __FUNCTION__) !== true
|
||||||
|
) {
|
||||||
|
// Valeurs en sortie
|
||||||
|
$this->addOutput([
|
||||||
|
'access' => false
|
||||||
|
]);
|
||||||
|
} else {
|
||||||
// Make zip
|
// Make zip
|
||||||
$zipFilename = $this->zipTheme($this->getUrl(2));
|
$zipFilename = $this->zipTheme($this->getUrl(2));
|
||||||
// Téléchargement du ZIP
|
// Téléchargement du ZIP
|
||||||
|
@ -1028,12 +1092,22 @@ class theme extends common
|
||||||
unlink(self::TEMP_DIR . $zipFilename);
|
unlink(self::TEMP_DIR . $zipFilename);
|
||||||
exit();
|
exit();
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Export du thème
|
* Export du thème
|
||||||
*/
|
*/
|
||||||
public function save()
|
public function save()
|
||||||
{
|
{
|
||||||
|
// Action interdite
|
||||||
|
if (
|
||||||
|
$this->getUser('permission', __CLASS__, __FUNCTION__) !== true
|
||||||
|
) {
|
||||||
|
// Valeurs en sortie
|
||||||
|
$this->addOutput([
|
||||||
|
'access' => false
|
||||||
|
]);
|
||||||
|
} else {
|
||||||
// Make zip
|
// Make zip
|
||||||
$zipFilename = $this->zipTheme($this->getUrl(2));
|
$zipFilename = $this->zipTheme($this->getUrl(2));
|
||||||
// Téléchargement du ZIP
|
// Téléchargement du ZIP
|
||||||
|
@ -1045,11 +1119,12 @@ class theme extends common
|
||||||
unlink(self::TEMP_DIR . $zipFilename);
|
unlink(self::TEMP_DIR . $zipFilename);
|
||||||
// Valeurs en sortie
|
// Valeurs en sortie
|
||||||
$this->addOutput([
|
$this->addOutput([
|
||||||
'notification' => '<b>' . $zipFilename . '</b>'. helper::translate('sauvegardé avec succès'),
|
'notification' => '<b>' . $zipFilename . '</b>' . helper::translate('sauvegardé avec succès'),
|
||||||
'redirect' => helper::baseUrl() . 'theme/manage',
|
'redirect' => helper::baseUrl() . 'theme/manage',
|
||||||
'state' => true
|
'state' => true
|
||||||
]);
|
]);
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* construction du zip Fonction appelée par export() et save()
|
* construction du zip Fonction appelée par export() et save()
|
||||||
|
|
|
@ -184,7 +184,7 @@ class user extends common
|
||||||
{
|
{
|
||||||
// Accès refusé
|
// Accès refusé
|
||||||
if (
|
if (
|
||||||
$this->getUser('permission', __CLASS__, __FUNCTION__) === false ||
|
$this->getUser('permission', __CLASS__, __FUNCTION__) !== true ||
|
||||||
// L'utilisateur n'existe pas
|
// L'utilisateur n'existe pas
|
||||||
$this->getData(['user', $this->getUrl(2)]) === null
|
$this->getData(['user', $this->getUrl(2)]) === null
|
||||||
// Groupe insuffisant
|
// Groupe insuffisant
|
||||||
|
@ -231,16 +231,13 @@ class user extends common
|
||||||
public function edit()
|
public function edit()
|
||||||
{
|
{
|
||||||
if (
|
if (
|
||||||
$this->getUser('permission', __CLASS__, __FUNCTION__) === false
|
$this->getUser('permission', __CLASS__, __FUNCTION__) !== true
|
||||||
) {
|
) {
|
||||||
|
|
||||||
// Valeurs en sortie
|
// Valeurs en sortie
|
||||||
$this->addOutput([
|
$this->addOutput([
|
||||||
'redirect' => helper::baseUrl() . 'user',
|
'access' => false
|
||||||
'notification' => helper::translate('Action interdite')
|
|
||||||
]);
|
]);
|
||||||
}
|
} else {
|
||||||
// Accès refusé
|
|
||||||
if (
|
if (
|
||||||
// L'utilisateur n'existe pas
|
// L'utilisateur n'existe pas
|
||||||
$this->getData(['user', $this->getUrl(2)]) === null
|
$this->getData(['user', $this->getUrl(2)]) === null
|
||||||
|
@ -379,6 +376,7 @@ class user extends common
|
||||||
]);
|
]);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Mot de passe perdu
|
* Mot de passe perdu
|
||||||
|
@ -532,14 +530,12 @@ class user extends common
|
||||||
public function profilEdit()
|
public function profilEdit()
|
||||||
{
|
{
|
||||||
if (
|
if (
|
||||||
$this->getUser('permission', __CLASS__, __FUNCTION__) === false ||
|
$this->getUser('permission', __CLASS__, __FUNCTION__) !== true ||
|
||||||
$this->checkCSRF()
|
$this->checkCSRF()
|
||||||
) {
|
) {
|
||||||
|
|
||||||
// Valeurs en sortie
|
// Valeurs en sortie
|
||||||
$this->addOutput([
|
$this->addOutput([
|
||||||
'redirect' => helper::baseUrl() . 'user',
|
'access' => false
|
||||||
'notification' => helper::translate('Action interdite')
|
|
||||||
]);
|
]);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -547,8 +543,8 @@ class user extends common
|
||||||
if ($this->isPost()) {
|
if ($this->isPost()) {
|
||||||
$this->setData([
|
$this->setData([
|
||||||
'profil',
|
'profil',
|
||||||
$this->getInput('profilEditGroup',helper::FILTER_STRING_LONG, true),
|
$this->getInput('profilEditGroup', helper::FILTER_STRING_LONG, true),
|
||||||
$this->getInput('profilEditProfil',helper::FILTER_STRING_LONG, true),
|
$this->getInput('profilEditProfil', helper::FILTER_STRING_LONG, true),
|
||||||
[
|
[
|
||||||
'name' => $this->getInput('profilEditName', helper::FILTER_STRING_SHORT, true),
|
'name' => $this->getInput('profilEditName', helper::FILTER_STRING_SHORT, true),
|
||||||
'readonly' => false,
|
'readonly' => false,
|
||||||
|
@ -805,7 +801,7 @@ class user extends common
|
||||||
public function profilDelete()
|
public function profilDelete()
|
||||||
{
|
{
|
||||||
if (
|
if (
|
||||||
$this->getUser('permission', __CLASS__, __FUNCTION__) === false ||
|
$this->getUser('permission', __CLASS__, __FUNCTION__) !== true ||
|
||||||
$this->getData(['profil', $this->getUrl(2), $this->getUrl(3)]) === null
|
$this->getData(['profil', $this->getUrl(2), $this->getUrl(3)]) === null
|
||||||
) {
|
) {
|
||||||
// Valeurs en sortie
|
// Valeurs en sortie
|
||||||
|
@ -814,7 +810,7 @@ class user extends common
|
||||||
]);
|
]);
|
||||||
// Suppression
|
// Suppression
|
||||||
} else {
|
} else {
|
||||||
$this->deleteData([ 'profil', $this->getUrl(2), $this->getUrl(3)]);
|
$this->deleteData(['profil', $this->getUrl(2), $this->getUrl(3)]);
|
||||||
// Valeurs en sortie
|
// Valeurs en sortie
|
||||||
$this->addOutput([
|
$this->addOutput([
|
||||||
'redirect' => helper::baseUrl() . $this->getUrl(0) . '/profil',
|
'redirect' => helper::baseUrl() . $this->getUrl(0) . '/profil',
|
||||||
|
|
|
@ -317,6 +317,14 @@ class blog extends common
|
||||||
*/
|
*/
|
||||||
public function comment()
|
public function comment()
|
||||||
{
|
{
|
||||||
|
if (
|
||||||
|
$this->getUser('permission', __CLASS__, __FUNCTION__) !== true
|
||||||
|
) {
|
||||||
|
// Valeurs en sortie
|
||||||
|
$this->addOutput([
|
||||||
|
'access' => false
|
||||||
|
]);
|
||||||
|
} else {
|
||||||
$comments = $this->getData(['module', $this->getUrl(0), 'posts', $this->getUrl(2), 'comment']);
|
$comments = $this->getData(['module', $this->getUrl(0), 'posts', $this->getUrl(2), 'comment']);
|
||||||
self::$commentsDelete = template::button('blogCommentDeleteAll', [
|
self::$commentsDelete = template::button('blogCommentDeleteAll', [
|
||||||
'class' => 'blogCommentDeleteAll buttonRed',
|
'class' => 'blogCommentDeleteAll buttonRed',
|
||||||
|
@ -365,6 +373,7 @@ class blog extends common
|
||||||
'view' => 'comment'
|
'view' => 'comment'
|
||||||
]);
|
]);
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Suppression de commentaire
|
* Suppression de commentaire
|
||||||
|
@ -372,20 +381,15 @@ class blog extends common
|
||||||
public function commentDelete()
|
public function commentDelete()
|
||||||
{
|
{
|
||||||
// Le commentaire n'existe pas
|
// Le commentaire n'existe pas
|
||||||
if ($this->getData(['module', $this->getUrl(0), 'posts', $this->getUrl(2), 'comment', $this->getUrl(3)]) === null) {
|
if (
|
||||||
|
$this->getUser('permission', __CLASS__, __FUNCTION__) !== true ||
|
||||||
|
$this->getData(['module', $this->getUrl(0), 'posts', $this->getUrl(2), 'comment', $this->getUrl(3)]) === null
|
||||||
|
) {
|
||||||
// Valeurs en sortie
|
// Valeurs en sortie
|
||||||
$this->addOutput([
|
$this->addOutput([
|
||||||
'access' => false
|
'access' => false
|
||||||
]);
|
]);
|
||||||
}
|
}
|
||||||
// Action interdite
|
|
||||||
elseif ($this->checkCSRF()) {
|
|
||||||
// Valeurs en sortie
|
|
||||||
$this->addOutput([
|
|
||||||
'redirect' => helper::baseUrl() . $this->getUrl(0) . '/config',
|
|
||||||
'notification' => helper::translate('Action interdite')
|
|
||||||
]);
|
|
||||||
}
|
|
||||||
// Suppression
|
// Suppression
|
||||||
else {
|
else {
|
||||||
$this->deleteData(['module', $this->getUrl(0), 'posts', $this->getUrl(2), 'comment', $this->getUrl(3)]);
|
$this->deleteData(['module', $this->getUrl(0), 'posts', $this->getUrl(2), 'comment', $this->getUrl(3)]);
|
||||||
|
@ -403,12 +407,12 @@ class blog extends common
|
||||||
*/
|
*/
|
||||||
public function commentDeleteAll()
|
public function commentDeleteAll()
|
||||||
{
|
{
|
||||||
// Action interdite
|
if (
|
||||||
if ($this->checkCSRF()) {
|
$this->getUser('permission', __CLASS__, __FUNCTION__) !== true
|
||||||
|
) {
|
||||||
// Valeurs en sortie
|
// Valeurs en sortie
|
||||||
$this->addOutput([
|
$this->addOutput([
|
||||||
'redirect' => helper::baseUrl() . $this->getUrl(0) . '/config',
|
'access' => false
|
||||||
'notification' => 'Action interdite'
|
|
||||||
]);
|
]);
|
||||||
}
|
}
|
||||||
// Suppression
|
// Suppression
|
||||||
|
@ -429,20 +433,15 @@ class blog extends common
|
||||||
public function commentApprove()
|
public function commentApprove()
|
||||||
{
|
{
|
||||||
// Le commentaire n'existe pas
|
// Le commentaire n'existe pas
|
||||||
if ($this->getData(['module', $this->getUrl(0), 'posts', $this->getUrl(2), 'comment', $this->getUrl(3)]) === null) {
|
if (
|
||||||
|
$this->getUser('permission', __CLASS__, __FUNCTION__) !== true ||
|
||||||
|
$this->getData(['module', $this->getUrl(0), 'posts', $this->getUrl(2), 'comment', $this->getUrl(3)]) === null
|
||||||
|
) {
|
||||||
// Valeurs en sortie
|
// Valeurs en sortie
|
||||||
$this->addOutput([
|
$this->addOutput([
|
||||||
'access' => false
|
'access' => false
|
||||||
]);
|
]);
|
||||||
}
|
}
|
||||||
// Action interdite
|
|
||||||
elseif ($this->checkCSRF()) {
|
|
||||||
// Valeurs en sortie
|
|
||||||
$this->addOutput([
|
|
||||||
'redirect' => helper::baseUrl() . $this->getUrl(0) . '/config',
|
|
||||||
'notification' => helper::translate('Action interdite')
|
|
||||||
]);
|
|
||||||
}
|
|
||||||
// Inversion du statut
|
// Inversion du statut
|
||||||
else {
|
else {
|
||||||
$approved = !$this->getData(['module', $this->getUrl(0), 'posts', $this->getUrl(2), 'comment', $this->getUrl(3), 'approval']);
|
$approved = !$this->getData(['module', $this->getUrl(0), 'posts', $this->getUrl(2), 'comment', $this->getUrl(3), 'approval']);
|
||||||
|
@ -593,8 +592,9 @@ class blog extends common
|
||||||
public function delete()
|
public function delete()
|
||||||
{
|
{
|
||||||
if (
|
if (
|
||||||
$this->getUser('permission', __CLASS__, __FUNCTION__) === false ||
|
$this->getUser('permission', __CLASS__, __FUNCTION__) !== true ||
|
||||||
$this->getData(['module', $this->getUrl(0), 'posts', $this->getUrl(2)]) === null) {
|
$this->getData(['module', $this->getUrl(0), 'posts', $this->getUrl(2)]) === null
|
||||||
|
) {
|
||||||
// Valeurs en sortie
|
// Valeurs en sortie
|
||||||
$this->addOutput([
|
$this->addOutput([
|
||||||
'access' => false
|
'access' => false
|
||||||
|
@ -617,12 +617,12 @@ class blog extends common
|
||||||
*/
|
*/
|
||||||
public function edit()
|
public function edit()
|
||||||
{
|
{
|
||||||
// Action interdite
|
if (
|
||||||
if ($this->checkCSRF()) {
|
$this->getUser('permission', __CLASS__, __FUNCTION__) !== true
|
||||||
|
) {
|
||||||
// Valeurs en sortie
|
// Valeurs en sortie
|
||||||
$this->addOutput([
|
$this->addOutput([
|
||||||
'redirect' => helper::baseUrl() . $this->getUrl(0) . '/config',
|
'access' => false
|
||||||
'notification' => helper::translate('Action interdite')
|
|
||||||
]);
|
]);
|
||||||
}
|
}
|
||||||
// L'article n'existe pas
|
// L'article n'existe pas
|
||||||
|
@ -857,7 +857,7 @@ class blog extends common
|
||||||
if ($articlePublishedOn <= time() and $articleIdsStates[$articleId]) {
|
if ($articlePublishedOn <= time() and $articleIdsStates[$articleId]) {
|
||||||
$articleIds[] = $articleId;
|
$articleIds[] = $articleId;
|
||||||
// Nombre de commentaires approuvés par article
|
// Nombre de commentaires approuvés par article
|
||||||
self::$comments[$articleId] = 0 ;
|
self::$comments[$articleId] = 0;
|
||||||
if (is_array($this->getData(['module', $this->getUrl(0), 'posts', $articleId, 'comment']))) {
|
if (is_array($this->getData(['module', $this->getUrl(0), 'posts', $articleId, 'comment']))) {
|
||||||
foreach ($this->getData(['module', $this->getUrl(0), 'posts', $articleId, 'comment']) as $commentId => $commentValue) {
|
foreach ($this->getData(['module', $this->getUrl(0), 'posts', $articleId, 'comment']) as $commentId => $commentValue) {
|
||||||
if ($this->getData(['module', $this->getUrl(0), 'posts', $articleId, 'comment', $commentId, 'approval'])) {
|
if ($this->getData(['module', $this->getUrl(0), 'posts', $articleId, 'comment', $commentId, 'approval'])) {
|
||||||
|
|
|
@ -266,12 +266,12 @@ class form extends common
|
||||||
*/
|
*/
|
||||||
public function export2csv()
|
public function export2csv()
|
||||||
{
|
{
|
||||||
// Action interdite
|
if (
|
||||||
if ($this->checkCSRF()) {
|
$this->getUser('permission', __CLASS__, __FUNCTION__) !== true
|
||||||
|
) {
|
||||||
// Valeurs en sortie
|
// Valeurs en sortie
|
||||||
$this->addOutput([
|
$this->addOutput([
|
||||||
'redirect' => helper::baseUrl() . $this->getUrl(0) . '/data',
|
'access' => false
|
||||||
'notification' => helper::translate('Action interdite')
|
|
||||||
]);
|
]);
|
||||||
} else {
|
} else {
|
||||||
$data = $this->getData(['module', $this->getUrl(0), 'data']);
|
$data = $this->getData(['module', $this->getUrl(0), 'data']);
|
||||||
|
@ -307,12 +307,12 @@ class form extends common
|
||||||
*/
|
*/
|
||||||
public function deleteall()
|
public function deleteall()
|
||||||
{
|
{
|
||||||
// Action interdite
|
if (
|
||||||
if ($this->checkCSRF()) {
|
$this->getUser('permission', __CLASS__, __FUNCTION__) !== true
|
||||||
|
) {
|
||||||
// Valeurs en sortie
|
// Valeurs en sortie
|
||||||
$this->addOutput([
|
$this->addOutput([
|
||||||
'redirect' => helper::baseUrl() . $this->getUrl(0) . '/data',
|
'access' => false
|
||||||
'notification' => helper::translate('Action interdite')
|
|
||||||
]);
|
]);
|
||||||
} else {
|
} else {
|
||||||
$data = ($this->getData(['module', $this->getUrl(0), 'data']));
|
$data = ($this->getData(['module', $this->getUrl(0), 'data']));
|
||||||
|
@ -344,11 +344,10 @@ class form extends common
|
||||||
public function delete()
|
public function delete()
|
||||||
{
|
{
|
||||||
// Action interdite
|
// Action interdite
|
||||||
if ($this->getUser('permission', __CLASS__, __FUNCTION__) === false) {
|
if ($this->getUser('permission', __CLASS__, __FUNCTION__) !== true) {
|
||||||
// Valeurs en sortie
|
// Valeurs en sortie
|
||||||
$this->addOutput([
|
$this->addOutput([
|
||||||
'redirect' => helper::baseUrl() . $this->getUrl(0) . '/data',
|
'access' => false
|
||||||
'notification' => helper::translate('Action interdite')
|
|
||||||
]);
|
]);
|
||||||
} else {
|
} else {
|
||||||
// La donnée n'existe pas
|
// La donnée n'existe pas
|
||||||
|
|
|
@ -499,7 +499,7 @@ class gallery extends common
|
||||||
public function delete()
|
public function delete()
|
||||||
{
|
{
|
||||||
// La galerie n'existe pas
|
// La galerie n'existe pas
|
||||||
if ($this->getUser('permission', __CLASS__, __FUNCTION__) === false ||
|
if ($this->getUser('permission', __CLASS__, __FUNCTION__) !== true ||
|
||||||
$this->getData(['module', $this->getUrl(0), 'content', $this->getUrl(2)]) === null) {
|
$this->getData(['module', $this->getUrl(0), 'content', $this->getUrl(2)]) === null) {
|
||||||
// Valeurs en sortie
|
// Valeurs en sortie
|
||||||
$this->addOutput([
|
$this->addOutput([
|
||||||
|
@ -535,14 +535,6 @@ class gallery extends common
|
||||||
*/
|
*/
|
||||||
public function edit()
|
public function edit()
|
||||||
{
|
{
|
||||||
// Action interdite
|
|
||||||
if ($this->checkCSRF()) {
|
|
||||||
// Valeurs en sortie
|
|
||||||
$this->addOutput([
|
|
||||||
'redirect' => helper::baseUrl() . $this->getUrl(0) . '/config',
|
|
||||||
'notification' => helper::translate('Action interdite')
|
|
||||||
]);
|
|
||||||
}
|
|
||||||
// Soumission du formulaire
|
// Soumission du formulaire
|
||||||
if ($this->isPost()) {
|
if ($this->isPost()) {
|
||||||
|
|
||||||
|
@ -845,14 +837,6 @@ class gallery extends common
|
||||||
*/
|
*/
|
||||||
public function theme()
|
public function theme()
|
||||||
{
|
{
|
||||||
// Action interdite
|
|
||||||
if ($this->checkCSRF()) {
|
|
||||||
// Valeurs en sortie
|
|
||||||
$this->addOutput([
|
|
||||||
'redirect' => helper::baseUrl() . $this->getUrl(0) . '/config',
|
|
||||||
'notification' => helper::translate('Action interdite')
|
|
||||||
]);
|
|
||||||
}
|
|
||||||
// Soumission du formulaire
|
// Soumission du formulaire
|
||||||
if ($this->isPost()) {
|
if ($this->isPost()) {
|
||||||
// Dossier de l'instance
|
// Dossier de l'instance
|
||||||
|
|
|
@ -365,8 +365,10 @@ class news extends common
|
||||||
public function delete()
|
public function delete()
|
||||||
{
|
{
|
||||||
// La news n'existe pas
|
// La news n'existe pas
|
||||||
if ($this->getUser('permission', __CLASS__, __FUNCTION__) === false ||
|
if (
|
||||||
$this->getData(['module', $this->getUrl(0), 'posts', $this->getUrl(2)]) === null) {
|
$this->getUser('permission', __CLASS__, __FUNCTION__) !== true ||
|
||||||
|
$this->getData(['module', $this->getUrl(0), 'posts', $this->getUrl(2)]) === null
|
||||||
|
) {
|
||||||
// Valeurs en sortie
|
// Valeurs en sortie
|
||||||
$this->addOutput([
|
$this->addOutput([
|
||||||
'access' => false
|
'access' => false
|
||||||
|
@ -389,16 +391,11 @@ class news extends common
|
||||||
*/
|
*/
|
||||||
public function edit()
|
public function edit()
|
||||||
{
|
{
|
||||||
// Action interdite
|
|
||||||
if ($this->checkCSRF()) {
|
|
||||||
// Valeurs en sortie
|
|
||||||
$this->addOutput([
|
|
||||||
'redirect' => helper::baseUrl() . $this->getUrl(0) . '/config',
|
|
||||||
'notification' => helper::translate('Action interdite')
|
|
||||||
]);
|
|
||||||
}
|
|
||||||
// La news n'existe pas
|
// La news n'existe pas
|
||||||
if ($this->getData(['module', $this->getUrl(0), 'posts', $this->getUrl(2)]) === null) {
|
if (
|
||||||
|
$this->getUser('permission', __CLASS__, __FUNCTION__) !== true ||
|
||||||
|
$this->getData(['module', $this->getUrl(0), 'posts', $this->getUrl(2)]) === null
|
||||||
|
) {
|
||||||
// Valeurs en sortie
|
// Valeurs en sortie
|
||||||
$this->addOutput([
|
$this->addOutput([
|
||||||
'access' => false
|
'access' => false
|
||||||
|
|
|
@ -51,10 +51,10 @@ class redirection extends common {
|
||||||
*/
|
*/
|
||||||
public function index() {
|
public function index() {
|
||||||
// Message si l'utilisateur peut éditer la page
|
// Message si l'utilisateur peut éditer la page
|
||||||
if(
|
if( $this->getUser('permission', __CLASS__, __FUNCTION__) !== true
|
||||||
$this->getUser('password') === $this->getInput('ZWII_USER_PASSWORD')
|
&& $this->getUser('password') === $this->getInput('ZWII_USER_PASSWORD')
|
||||||
AND $this->getUser('group') >= self::GROUP_MODERATOR
|
&& $this->getUser('group') >= self::GROUP_MODERATOR
|
||||||
AND $this->getUrl(1) !== 'force'
|
&& $this->getUrl(1) !== 'force'
|
||||||
) {
|
) {
|
||||||
// Valeurs en sortie
|
// Valeurs en sortie
|
||||||
$this->addOutput([
|
$this->addOutput([
|
||||||
|
|
Loading…
Reference in New Issue