ZwiiCMS-Team/ZwiiCMS
ZwiiCMS-Team/ZwiiCMS
10
9
Fork 3
Code Releases 156 Activity

Merge branch '13000' of https://forge.chapril.org/ZwiiCMS-TEAM/ZwiiCMS into 13000

Browse Source
This commit is contained in:
Fred Tempez 2023-07-06 17:05:08 +02:00
commit 13af9832f7
30 changed files with 528 additions and 438 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
CHANGES.md
View File

@ -1,10 +1,16 @@
# Changelog
## Version 12.4.00
## Version 13.0.00
# Améliorations
- Gestion des groupes de profils d'utilisateurs.
- Sécurise l'accès aux fonctions sensibles du CLMS.
- Améliore la gestion de la base de données et la génération du fichier de journalisation.
- Stockage des données JSON, forçage au format objet.
- Correction de bugs mineurs dans la sauvegarde des modules installés.
## Version 12.4.00
- L'ID de session n'est plus transmise dans l'URL, les modules distribués ont été actualisés.
- Corrections de bug dans le module Blog, merci de consulter le fichier changes.log du module.
## Version 12.3.11
- Interdit la création d'une langue autrement que par un administrateur.

2
LISEZMOI.md
View File

@ -1,4 +1,4 @@
# ZwiiCMS 12.3.11
# ZwiiCMS 13.0.00
Zwii est un CMS sans base de données (flat-file) qui permet de créer et gérer facilement un site web sans aucune connaissance en programmation.

2
README.md
View File

@ -1,4 +1,4 @@
# ZwiiCMS 12.3.11
# ZwiiCMS 13.0.00
Zwii is a database-less (flat-file) CMS that allows you to easily create and manage a web site without any programming knowledge.

14
core/class/layout.class.php
View File

@ -575,7 +575,7 @@ class layout extends common
and $this->getUser('password') !== $this->getInput('ZWII_USER_PASSWORD')
) or ($this->getData(['page', $parentPageId, 'disable']) === true
and $this->getUser('password') === $this->getInput('ZWII_USER_PASSWORD')
and $this->getUser('group') < self::GROUP_MODERATOR
and $this->getUser('group') < self::GROUP_EDITOR
)
) {
$pageUrl = ($this->getData(['locale', 'homePageId']) === $this->getUrl(0)) ? helper::baseUrl(false) : helper::baseUrl() . $this->getUrl(0);
@ -641,7 +641,7 @@ class layout extends common
and $this->getUser('password') !== $this->getInput('ZWII_USER_PASSWORD')
) or ($this->getData(['page', $childKey, 'disable']) === true
and $this->getUser('password') === $this->getInput('ZWII_USER_PASSWORD')
and $this->getUser('group') < self::GROUP_MODERATOR
and $this->getUser('group') < self::GROUP_EDITOR
)
) {
$pageUrl = ($this->getData(['locale', 'homePageId']) === $this->getUrl(0)) ? helper::baseUrl(false) : helper::baseUrl() . $this->getUrl(0);
@ -876,7 +876,7 @@ class layout extends common
// Items de gauche
$leftItems = '';
// Sélecteur de langues
if ($this->getUser('group') >= self::GROUP_MODERATOR) {
if ($this->getUser('group') >= self::GROUP_EDITOR) {
$c = 0;
$leftItem = '';
foreach (self::$languages as $key => $value) {
@ -893,7 +893,7 @@ class layout extends common
}
}
// Liste des pages
if ($this->getUser('group') >= self::GROUP_MODERATOR) {
if ($this->getUser('group') >= self::GROUP_EDITOR) {
$leftItems .= '<li><select id="barSelectPage">';
$leftItems .= '<option value="">' . helper::translate('Pages du site') . '</option>';
$leftItems .= '<optgroup label="' . helper::translate('Pages orphelines') . '">';
@ -1006,7 +1006,7 @@ class layout extends common
// Items de droite
$rightItems = '';
if (
$this->getUser('group') >= self::GROUP_MODERATOR
$this->getUser('group') >= self::GROUP_EDITOR
&& $this->getUser(
'permission',
'filemanager'
@ -1066,7 +1066,7 @@ class layout extends common
}
}
if (
$this->getUser('group') >= self::GROUP_MODERATOR
$this->getUser('group') >= self::GROUP_EDITOR
&& $this->getUser('permission', 'user', 'edit')
) {
@ -1153,7 +1153,7 @@ class layout extends common
$vars .= 'var baseUrlQs = ' . json_encode(helper::baseUrl()) . ';';
if (
$this->getUser('password') === $this->getInput('ZWII_USER_PASSWORD')
and $this->getUser('group') >= self::GROUP_MODERATOR
and $this->getUser('group') >= self::GROUP_EDITOR
) {
$vars .= 'var privateKey = ' . json_encode(md5_file(self::DATA_DIR . 'core.json')) . ';';
}

2
core/class/router.class.php
View File

@ -541,7 +541,7 @@ class core extends common
and $this->getUser('password') !== $this->getInput('ZWII_USER_PASSWORD')
) or ($this->getData(['page', $this->getUrl(0), 'disable']) === true
and $this->getUser('password') === $this->getInput('ZWII_USER_PASSWORD')
and $this->getUser('group') < self::GROUP_MODERATOR
and $this->getUser('group') < self::GROUP_EDITOR
)
) {
$access = false;

10
core/core.php
View File

@ -27,7 +27,7 @@ class common
const GROUP_BANNED = -1;
const GROUP_VISITOR = 0;
const GROUP_MEMBER = 1;
const GROUP_MODERATOR = 2;
const GROUP_EDITOR = 2;
const GROUP_ADMIN = 3;
const SIGNATURE_ID = 1;
const SIGNATURE_PSEUDO = 2;
@ -136,24 +136,24 @@ class common
self::GROUP_BANNED => 'Banni',
self::GROUP_VISITOR => 'Visiteur',
self::GROUP_MEMBER => 'Membre',
self::GROUP_MODERATOR => 'Éditeur',
self::GROUP_EDITOR => 'Éditeur',
self::GROUP_ADMIN => 'Administrateur'
];
public static $groupEdits = [
self::GROUP_BANNED => 'Banni',
self::GROUP_MEMBER => 'Membre',
self::GROUP_MODERATOR => 'Éditeur',
self::GROUP_EDITOR => 'Éditeur',
self::GROUP_ADMIN => 'Administrateur'
];
public static $groupNews = [
self::GROUP_MEMBER => 'Membre',
self::GROUP_MODERATOR => 'Éditeur',
self::GROUP_EDITOR => 'Éditeur',
self::GROUP_ADMIN => 'Administrateur'
];
public static $groupPublics = [
self::GROUP_VISITOR => 'Visiteur',
self::GROUP_MEMBER => 'Membre',
self::GROUP_MODERATOR => 'Éditeur',
self::GROUP_EDITOR => 'Éditeur',
self::GROUP_ADMIN => 'Administrateur'
];

28
core/include/update.inc.php
View File

@ -974,8 +974,8 @@ if ($this->getData(['core', 'dataVersion']) < 12309) {
// tableau des langues installées
if (is_dir(self::DATA_DIR . $key)) {
$d = json_decode(file_get_contents(self::DATA_DIR . $key . '/locale.json'), true);
$d = array_merge($d['locale'],['poweredPageLabel' => 'Motorisé par']);
$t ['locale'] = $d;
$d = array_merge($d['locale'], ['poweredPageLabel' => 'Motorisé par']);
$t['locale'] = $d;
file_put_contents(self::DATA_DIR . $key . '/locale.json', json_encode($t));
}
}
@ -985,8 +985,8 @@ if ($this->getData(['core', 'dataVersion']) < 12309) {
}
// Version 12.4.00
if ($this->getData(['core', 'dataVersion']) < 12400) {
if ($this->getData(['core', 'dataVersion']) < 13000) {
// Nettoyage du dossier de langue d'installation'
if (file_exists('core/vendor/tinymce/langs/langs.zip'))
unlink('core/vendor/tinymce/langs/langs.zip');
@ -999,15 +999,27 @@ if ($this->getData(['core', 'dataVersion']) < 12400) {
if (file_exists('core/module/install/ressource/i18n/gr_GR.json'))
unlink('core/module/install/ressource/i18n/gr_GR.json');
// Création du dossier partga pour les nouveaux droits
// Création du dossier partage pour les nouveaux droits
if (!is_dir(self::FILE_DIR . 'source/partage')) {
mkdir(self::FILE_DIR . 'source/partage');
}
// Efface le script router.php
if (file_exists('core/class/router.class.php'))
unlink('core/class/router.class.php');
// if (file_exists('core/class/router.class.php'))
// unlink('core/class/router.class.php');
// Ajouter le prénom comme pseudo et le pseudo comme signature
foreach ($this->getData(['user']) as $userId => $userIds) {
switch ($this->getData(['user', $userId, 'group'])) {
case '1':
case '2':
$this->setData(['user', $userId, 'profil', 1]);
break;
default:
$this->setData(['user', $userId, 'profil', 0]);
break;
}
}
// Mise à jour
$this->setData(['core', 'dataVersion', 12400]);
$this->setData(['core', 'dataVersion', 13000]);
}

256
core/module/config/config.php
View File

@ -367,10 +367,10 @@ class config extends common
}
// Lire le contenu de l'archive dans le tableau files
/*
for ($i = 0; $i < $zip->numFiles; $i++) {
$stat = $zip->statIndex($i);
$files[] = (basename($stat['name']));
}*/
for ($i = 0; $i < $zip->numFiles; $i++) {
$stat = $zip->statIndex($i);
$files[] = (basename($stat['name']));
}*/
// Extraction de l'archive dans un dossier temporaire
$tmpDir = uniqid(8);
$success = $zip->extractTo(self::TEMP_DIR . $tmpDir);
@ -647,26 +647,36 @@ class config extends common
public function logReset()
{
if (file_exists(self::DATA_DIR . 'journal.log')) {
unlink(self::DATA_DIR . 'journal.log');
// Créer les en-têtes des journaux
$d = 'Date;Heure;IP;Id;Action' . PHP_EOL;
file_put_contents(self::DATA_DIR . 'journal.log', $d);
// Action interdite
if (
$this->getUser('permission', __CLASS__, __FUNCTION__) !== true
) {
// Valeurs en sortie
$this->addOutput([
'title' => helper::translate('Configuration'),
'view' => 'index',
'notification' => helper::translate('Journal réinitialisé avec succès'),
'state' => true
'access' => false
]);
} else {
// Valeurs en sortie
$this->addOutput([
'title' => helper::translate('Configuration'),
'view' => 'index',
'notification' => helper::translate('Aucun journal à effacer'),
'state' => false
]);
if (file_exists(self::DATA_DIR . 'journal.log')) {
unlink(self::DATA_DIR . 'journal.log');
// Créer les en-têtes des journaux
$d = 'Date;Heure;IP;Id;Action' . PHP_EOL;
file_put_contents(self::DATA_DIR . 'journal.log', $d);
// Valeurs en sortie
$this->addOutput([
'title' => helper::translate('Configuration'),
'view' => 'index',
'notification' => helper::translate('Journal réinitialisé avec succès'),
'state' => true
]);
} else {
// Valeurs en sortie
$this->addOutput([
'title' => helper::translate('Configuration'),
'view' => 'index',
'notification' => helper::translate('Aucun journal à effacer'),
'state' => false
]);
}
}
}
@ -677,25 +687,35 @@ class config extends common
*/
public function logDownload()
{
$fileName = self::DATA_DIR . 'journal.log';
if (file_exists($fileName)) {
ob_start();
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename="' . $fileName . '"');
header('Content-Length: ' . filesize($fileName));
ob_clean();
ob_end_flush();
readfile($fileName);
exit();
} else {
// Action interdite
if (
$this->getUser('permission', __CLASS__, __FUNCTION__) !== true
) {
// Valeurs en sortie
$this->addOutput([
'title' => helper::translate('Configuration'),
'view' => 'index',
'notification' => helper::translate('Aucun fichier journal à télécharger'),
'state' => false
'access' => false
]);
} else {
$fileName = self::DATA_DIR . 'journal.log';
if (file_exists($fileName)) {
ob_start();
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename="' . $fileName . '"');
header('Content-Length: ' . filesize($fileName));
ob_clean();
ob_end_flush();
readfile($fileName);
exit();
} else {
// Valeurs en sortie
$this->addOutput([
'title' => helper::translate('Configuration'),
'view' => 'index',
'notification' => helper::translate('Aucun fichier journal à télécharger'),
'state' => false
]);
}
}
}
@ -704,36 +724,46 @@ class config extends common
*/
public function blacklistDownload()
{
ob_start();
$fileName = self::TEMP_DIR . 'blacklist.log';
$d = 'Date dernière tentative;Heure dernière tentative;Id;Adresse IP;Nombre d\'échecs' . PHP_EOL;
file_put_contents($fileName, $d);
if (file_exists($fileName)) {
$d = $this->getData(['blacklist']);
$data = '';
foreach ($d as $key => $item) {
$data .= helper::dateUTF8('%Y %m %d', $item['lastFail']) . ' - ' . helper::dateUTF8('%H:%M', time());
$data .= $key . ';' . $item['ip'] . ';' . $item['connectFail'] . PHP_EOL;
}
file_put_contents($fileName, $data, FILE_APPEND);
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Transfer-Encoding: binary');
header('Content-Disposition: attachment; filename="' . $fileName . '"');
header('Content-Length: ' . filesize($fileName));
ob_clean();
ob_end_flush();
readfile($fileName);
unlink(self::TEMP_DIR . 'blacklist.log');
exit();
} else {
// Action interdite
if (
$this->getUser('permission', __CLASS__, __FUNCTION__) !== true
) {
// Valeurs en sortie
$this->addOutput([
'title' => helper::translate('Confighelper::translate(uration'),
'view' => 'index',
'notification' => helper::translate('Aucune liste noire à télécharger'),
'state' => false
'access' => false
]);
} else {
ob_start();
$fileName = self::TEMP_DIR . 'blacklist.log';
$d = 'Date dernière tentative;Heure dernière tentative;Id;Adresse IP;Nombre d\'échecs' . PHP_EOL;
file_put_contents($fileName, $d);
if (file_exists($fileName)) {
$d = $this->getData(['blacklist']);
$data = '';
foreach ($d as $key => $item) {
$data .= helper::dateUTF8('%Y %m %d', $item['lastFail']) . ' - ' . helper::dateUTF8('%H:%M', time());
$data .= $key . ';' . $item['ip'] . ';' . $item['connectFail'] . PHP_EOL;
}
file_put_contents($fileName, $data, FILE_APPEND);
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Transfer-Encoding: binary');
header('Content-Disposition: attachment; filename="' . $fileName . '"');
header('Content-Length: ' . filesize($fileName));
ob_clean();
ob_end_flush();
readfile($fileName);
unlink(self::TEMP_DIR . 'blacklist.log');
exit();
} else {
// Valeurs en sortie
$this->addOutput([
'title' => helper::translate('Confighelper::translate(uration'),
'view' => 'index',
'notification' => helper::translate('Aucune liste noire à télécharger'),
'state' => false
]);
}
}
}
@ -743,23 +773,33 @@ class config extends common
public function blacklistReset()
{
if (file_exists(self::DATA_DIR . 'blacklist.json')) {
$this->setData(['blacklist', []]);
// Action interdite
if (
$this->getUser('permission', __CLASS__, __FUNCTION__) !== true
) {
// Valeurs en sortie
$this->addOutput([
'title' => helper::translate('Configuration'),
'view' => 'index',
'notification' => helper::translate('Liste noire réinitialisée avec succès'),
'state' => true
'access' => false
]);
} else {
// Valeurs en sortie
$this->addOutput([
'title' => helper::translate('Configuration'),
'view' => 'index',
'notification' => helper::translate('Aucune liste noire à effacer'),
'state' => false
]);
if (file_exists(self::DATA_DIR . 'blacklist.json')) {
$this->setData(['blacklist', []]);
// Valeurs en sortie
$this->addOutput([
'title' => helper::translate('Configuration'),
'view' => 'index',
'notification' => helper::translate('Liste noire réinitialisée avec succès'),
'state' => true
]);
} else {
// Valeurs en sortie
$this->addOutput([
'title' => helper::translate('Configuration'),
'view' => 'index',
'notification' => helper::translate('Aucune liste noire à effacer'),
'state' => false
]);
}
}
}
@ -768,16 +808,26 @@ class config extends common
*/
public function copyBackups()
{
// Action interdite
if (
$this->getUser('permission', __CLASS__, __FUNCTION__) !== true
) {
// Valeurs en sortie
$this->addOutput([
'access' => false
]);
} else {
$success = $this->copyDir(self::BACKUP_DIR, self::FILE_DIR . 'source/backup');
$success = $this->copyDir(self::BACKUP_DIR, self::FILE_DIR . 'source/backup');
// Valeurs en sortie
$this->addOutput([
'title' => helper::translate('Configuration'),
'view' => 'index',
'notification' => $success ? helper::translate('Copie terminée avec succès') : helper::translate('Copie terminée avec des erreurs'),
'state' => $success
]);
// Valeurs en sortie
$this->addOutput([
'title' => helper::translate('Configuration'),
'view' => 'index',
'notification' => $success ? helper::translate('Copie terminée avec succès') : helper::translate('Copie terminée avec des erreurs'),
'state' => $success
]);
}
}
/**
@ -785,22 +835,32 @@ class config extends common
*/
public function delBackups()
{
$path = realpath(self::BACKUP_DIR);
$success = $fail = 0;
foreach (new RecursiveIteratorIterator(new RecursiveDirectoryIterator($path)) as $filename) {
if (strpos($filename, '.zip')) {
// Action interdite
if (
$this->getUser('permission', __CLASS__, __FUNCTION__) !== true
) {
// Valeurs en sortie
$this->addOutput([
'access' => false
]);
} else {
$path = realpath(self::BACKUP_DIR);
$success = $fail = 0;
foreach (new RecursiveIteratorIterator(new RecursiveDirectoryIterator($path)) as $filename) {
if (strpos($filename, '.zip')) {
$r = unlink($filename);
$success = $r === true ? $success + 1 : $success;
$fail = $r === false ? $fail + 1 : $fail;
$r = unlink($filename);
$success = $r === true ? $success + 1 : $success;
$fail = $r === false ? $fail + 1 : $fail;
}
}
// Valeurs en sortie
$this->addOutput([
'title' => helper::translate('Configuration'),
'view' => 'index',
'notification' => $success . helper::translate('Fichiers effacés') . ' - ' . helper::translate('Échecs') . ': ' . $fail,
'state' => true
]);
}
// Valeurs en sortie
$this->addOutput([
'title' => helper::translate('Configuration'),
'view' => 'index',
'notification' => $success . helper::translate('Fichiers effacés') . ' - ' . helper::translate('Échecs') . ': ' . $fail,
'state' => true
]);
}
}

288
core/module/install/install.php
View File

@ -273,147 +273,157 @@ class install extends common
*/
public function steps()
{
switch ($this->getInput('step', helper::FILTER_INT)) {
// Préparation
case 1:
$success = true;
$message = '';
// RAZ la mise à jour auto
$this->setData(['core', 'updateAvailable', false]);
// Backup du dossier Data
helper::autoBackup(self::BACKUP_DIR, ['backup', 'tmp', 'file']);
// Sauvegarde htaccess
if ($this->getData(['config', 'autoUpdateHtaccess'])) {
$success = copy('.htaccess', '.htaccess' . '.bak');
$message = 'Erreur de copie du fichier htaccess';
}
// Nettoyage des fichiers d'installation précédents
if (file_exists(self::TEMP_DIR . 'update.tar.gz') && $success) {
$success = $success || unlink(self::TEMP_DIR . 'update.tar.gz');
$message = 'Impossible d\'effacer la mise à jour précédente';
}
if (file_exists(self::TEMP_DIR . 'update.tar') && $success) {
$success = $success || unlink(self::TEMP_DIR . 'update.tar');
$message = 'Impossible d\'effacer la mise à jour précédente';
}
// Valeurs en sortie
$this->addOutput([
'display' => self::DISPLAY_JSON,
'content' => [
'success' => $success,
'data' => $success ? null : json_encode($message, JSON_UNESCAPED_UNICODE)
]
]);
break;
// Téléchargement
case 2:
file_put_contents(self::TEMP_DIR . 'update.tar.gz', helper::getUrlContents(common::ZWII_UPDATE_URL . common::ZWII_UPDATE_CHANNEL . '/update.tar.gz'));
$md5origin = helper::getUrlContents(common::ZWII_UPDATE_URL . common::ZWII_UPDATE_CHANNEL . '/update.md5');
$md5origin = explode(' ', $md5origin);
$md5target = md5_file(self::TEMP_DIR . 'update.tar.gz');
// Valeurs en sortie
$this->addOutput([
'display' => self::DISPLAY_JSON,
'content' => [
'success' => $md5origin[0] === $md5target,
'data' => $md5origin[0] === $md5target ? null : json_encode('Erreur de téléchargement ou de somme de contrôle', JSON_UNESCAPED_UNICODE)
]
]);
break;
// Installation
case 3:
$success = true;
// Check la réécriture d'URL avant d'écraser les fichiers
$rewrite = helper::checkRewrite();
// Décompression et installation
try {
// Décompression dans le dossier de fichier temporaires
$pharData = new PharData(self::TEMP_DIR . 'update.tar.gz');
$pharData->decompress();
// Installation
$pharData->extractTo(__DIR__ . '/../../../', null, true);
} catch (Exception $e) {
$success = $e->getMessage();
}
// Nettoyage du dossier
if (file_exists(self::TEMP_DIR . 'update.tar.gz')) {
unlink(self::TEMP_DIR . 'update.tar.gz');
}
if (file_exists(self::TEMP_DIR . 'update.tar')) {
unlink(self::TEMP_DIR . 'update.tar');
}
// Valeurs en sortie
$this->addOutput([
'display' => self::DISPLAY_JSON,
'content' => [
'success' => $success,
'data' => $rewrite
]
]);
break;
// Configuration
case 4:
$success = true;
$message = '';
$rewrite = $this->getInput('data');
// Réécriture d'URL
if ($rewrite === 'true') { // Ajout des lignes dans le .htaccess
$fileContent = file_get_contents('.htaccess');
$rewriteData = PHP_EOL .
'# URL rewriting' . PHP_EOL .
'<IfModule mod_rewrite.c>' . PHP_EOL .
"\tRewriteEngine on" . PHP_EOL .
"\tRewriteBase " . helper::baseUrl(false, false) . PHP_EOL .
"\tRewriteCond %{REQUEST_FILENAME} !-f" . PHP_EOL .
"\tRewriteCond %{REQUEST_FILENAME} !-d" . PHP_EOL .
"\tRewriteRule ^(.*)$ index.php?$1 [L]" . PHP_EOL .
'</IfModule>' . PHP_EOL .
'# URL rewriting' . PHP_EOL;
$fileContent = str_replace('# URL rewriting', $rewriteData, $fileContent);
$r = file_put_contents(
'.htaccess',
$fileContent
);
$success = $r === false ? false : true;
$message = $r === false ? 'Le fichier htaccess n\'a pas été restauré' : null;
}
// Recopie htaccess
if (
$this->getData(['config', 'autoUpdateHtaccess']) &&
$success && file_exists('.htaccess.bak')
) {
// L'écraser avec le backup
$success = $success || copy('.htaccess.bak', '.htaccess');
// Effacer le backup
unlink('.htaccess.bak');
}
/**
* Met à jour les dictionnaires des langues depuis les modèles installés
*/
// Langues installées
$installedUI = $this->getData(['language']);
// Langues disponibles avec la mise à jour
require_once('core/module/install/ressource/defaultdata.php');
$default = init::$defaultData['language'];
foreach ($installedUI as $key => $value) {
if ($default[$key]['version'] > $value['version']) {
copy('core/module/install/ressource/i18n/' . $key . '.json', self::I18N_DIR . $key . '.json');
$this->setData(['language', $key, $default[$key]]);
// Action interdite
if (
$this->getUser('permission', __CLASS__, __FUNCTION__) !== true
) {
// Valeurs en sortie
$this->addOutput([
'access' => false
]);
} else {
switch ($this->getInput('step', helper::FILTER_INT)) {
// Préparation
case 1:
$success = true;
$message = '';
// RAZ la mise à jour auto
$this->setData(['core', 'updateAvailable', false]);
// Backup du dossier Data
helper::autoBackup(self::BACKUP_DIR, ['backup', 'tmp', 'file']);
// Sauvegarde htaccess
if ($this->getData(['config', 'autoUpdateHtaccess'])) {
$success = copy('.htaccess', '.htaccess' . '.bak');
$message = 'Erreur de copie du fichier htaccess';
}
// Nettoyage des fichiers d'installation précédents
if (file_exists(self::TEMP_DIR . 'update.tar.gz') && $success) {
$success = $success || unlink(self::TEMP_DIR . 'update.tar.gz');
$message = 'Impossible d\'effacer la mise à jour précédente';
}
if (file_exists(self::TEMP_DIR . 'update.tar') && $success) {
$success = $success || unlink(self::TEMP_DIR . 'update.tar');
$message = 'Impossible d\'effacer la mise à jour précédente';
}
// Valeurs en sortie
$this->addOutput([
'display' => self::DISPLAY_JSON,
'content' => [
'success' => $success,
'data' => $success ? null : json_encode($message, JSON_UNESCAPED_UNICODE)
]
]);
break;
// Téléchargement
case 2:
file_put_contents(self::TEMP_DIR . 'update.tar.gz', helper::getUrlContents(common::ZWII_UPDATE_URL . common::ZWII_UPDATE_CHANNEL . '/update.tar.gz'));
$md5origin = helper::getUrlContents(common::ZWII_UPDATE_URL . common::ZWII_UPDATE_CHANNEL . '/update.md5');
$md5origin = explode(' ', $md5origin);
$md5target = md5_file(self::TEMP_DIR . 'update.tar.gz');
// Valeurs en sortie
$this->addOutput([
'display' => self::DISPLAY_JSON,
'content' => [
'success' => $md5origin[0] === $md5target,
'data' => $md5origin[0] === $md5target ? null : json_encode('Erreur de téléchargement ou de somme de contrôle', JSON_UNESCAPED_UNICODE)
]
]);
break;
// Installation
case 3:
$success = true;
// Check la réécriture d'URL avant d'écraser les fichiers
$rewrite = helper::checkRewrite();
// Décompression et installation
try {
// Décompression dans le dossier de fichier temporaires
$pharData = new PharData(self::TEMP_DIR . 'update.tar.gz');
$pharData->decompress();
// Installation
$pharData->extractTo(__DIR__ . '/../../../', null, true);
} catch (Exception $e) {
$success = $e->getMessage();
}
// Nettoyage du dossier
if (file_exists(self::TEMP_DIR . 'update.tar.gz')) {
unlink(self::TEMP_DIR . 'update.tar.gz');
}
if (file_exists(self::TEMP_DIR . 'update.tar')) {
unlink(self::TEMP_DIR . 'update.tar');
}
// Valeurs en sortie
$this->addOutput([
'display' => self::DISPLAY_JSON,
'content' => [
'success' => $success,
'data' => $rewrite
]
]);
break;
// Configuration
case 4:
$success = true;
$message = '';
$rewrite = $this->getInput('data');
// Réécriture d'URL
if ($rewrite === 'true') { // Ajout des lignes dans le .htaccess
$fileContent = file_get_contents('.htaccess');
$rewriteData = PHP_EOL .
'# URL rewriting' . PHP_EOL .
'<IfModule mod_rewrite.c>' . PHP_EOL .
"\tRewriteEngine on" . PHP_EOL .
"\tRewriteBase " . helper::baseUrl(false, false) . PHP_EOL .
"\tRewriteCond %{REQUEST_FILENAME} !-f" . PHP_EOL .
"\tRewriteCond %{REQUEST_FILENAME} !-d" . PHP_EOL .
"\tRewriteRule ^(.*)$ index.php?$1 [L]" . PHP_EOL .
'</IfModule>' . PHP_EOL .
'# URL rewriting' . PHP_EOL;
$fileContent = str_replace('# URL rewriting', $rewriteData, $fileContent);
$r = file_put_contents(
'.htaccess',
$fileContent
);
$success = $r === false ? false : true;
$message = $r === false ? 'Le fichier htaccess n\'a pas été restauré' : null;
}
// Recopie htaccess
if (
$this->getData(['config', 'autoUpdateHtaccess']) &&
$success && file_exists('.htaccess.bak')
) {
// L'écraser avec le backup
$success = $success || copy('.htaccess.bak', '.htaccess');
// Effacer le backup
unlink('.htaccess.bak');
}
}
// Valeurs en sortie
$this->addOutput([
'display' => self::DISPLAY_JSON,
'content' => [
'success' => $success,
'data' => json_encode($message, JSON_UNESCAPED_UNICODE)
]
]);
/**
* Met à jour les dictionnaires des langues depuis les modèles installés
*/
// Langues installées
$installedUI = $this->getData(['language']);
// Langues disponibles avec la mise à jour
require_once('core/module/install/ressource/defaultdata.php');
$default = init::$defaultData['language'];
foreach ($installedUI as $key => $value) {
if ($default[$key]['version'] > $value['version']) {
copy('core/module/install/ressource/i18n/' . $key . '.json', self::I18N_DIR . $key . '.json');
$this->setData(['language', $key, $default[$key]]);
}
}
// Valeurs en sortie
$this->addOutput([
'display' => self::DISPLAY_JSON,
'content' => [
'success' => $success,
'data' => json_encode($message, JSON_UNESCAPED_UNICODE)
]
]);
}
}
}

4
core/module/install/ressource/defaultdata.php
View File

@ -390,7 +390,7 @@ class init extends common
]
],
'2' => [
'name' => 'Membre',
'name' => 'Membre avec droit de partage',
'readonly' => false,
'comment' => 'Accède aux pages réservées et à un dossier partagé',
'filemanager' => true,
@ -475,7 +475,7 @@ class init extends common
],
'2' => [
'1' => [
'name' => 'Modérateur',
'name' => 'Editeur simple',
'readonly' => false,
'comment' => 'Édition des pages',
'filemanager' => true,

12
core/module/page/page.php
View File

@ -18,12 +18,12 @@ class page extends common
{
public static $actions = [
'add' => self::GROUP_MODERATOR,
'delete' => self::GROUP_MODERATOR,
'edit' => self::GROUP_MODERATOR,
'duplicate' => self::GROUP_MODERATOR,
'jsEditor' => self::GROUP_MODERATOR,
'cssEditor' => self::GROUP_MODERATOR
'add' => self::GROUP_EDITOR,
'delete' => self::GROUP_EDITOR,
'edit' => self::GROUP_EDITOR,
'duplicate' => self::GROUP_EDITOR,
'jsEditor' => self::GROUP_EDITOR,
'cssEditor' => self::GROUP_EDITOR
];
public static $pagesNoParentId = [
'' => 'Aucune'

32
core/module/plugin/plugin.php
View File

@ -580,7 +580,7 @@ class plugin extends common
]);
} else {
// Créer un dossier temporaire
$tmpFolder = self::TEMP_DIR . uniqid();
$tmpFolder = self::TEMP_DIR . uniqid() . '/';
if (!is_dir($tmpFolder)) {
mkdir($tmpFolder, 0755);
}
@ -590,21 +590,19 @@ class plugin extends common
// Descripteur de l'archive
$infoModule = helper::getModules();
//Nom de l'archive
$fileName = $moduleId . $infoModule[$moduleId]['version'] . '.zip';
// Régénération du module
$success = file_put_contents(self::MODULE_DIR . $moduleId . '/enum.json', json_encode($infoModule[$moduleId], JSON_UNESCAPED_UNICODE));
//Nom de l'archive
$fileName = $moduleId . str_replace('.', '-', $infoModule[$moduleId]['version']) . '.zip';
// Régénération du descripteur du module
file_put_contents(self::MODULE_DIR . $moduleId . '/enum.json', json_encode($infoModule[$moduleId], JSON_UNESCAPED_UNICODE));
// Construire l'archive
$this->makeZip(self::TEMP_DIR . $fileName, self::MODULE_DIR . $moduleId);
$this->makeZip( $tmpFolder . $fileName, self::MODULE_DIR . $moduleId);
switch ($action) {
case 'filemanager':
if (!file_exists(self::FILE_DIR . 'source/modules')) {
mkdir(self::FILE_DIR . 'source/modules');
}
$success = $success || copy(self::TEMP_DIR . $fileName, self::FILE_DIR . 'source/modules/' . $moduleId . '.zip');
$success = copy($tmpFolder . $fileName, self::FILE_DIR . 'source/modules/' . $fileName );
// Valeurs en sortie
$this->addOutput([
@ -612,24 +610,20 @@ class plugin extends common
'notification' => $success ? helper::translate('Archive copiée dans le dossier Modules du gestionnaire de fichier') : helper::translate('Erreur de copie'),
'state' => $success
]);
// Nettoyage
unlink(self::TEMP_DIR . $fileName);
$this->removeDir($tmpFolder);
break;
case 'download':
default:
// Téléchargement du ZIP
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Transfer-Encoding: binary');
header('Content-Disposition: attachment; filename="' . $fileName . '"');
header('Content-Length: ' . filesize(self::TEMP_DIR . $fileName));
readfile(self::TEMP_DIR . $fileName);
// Nettoyage du dossier
unlink(self::TEMP_DIR . $fileName);
header('Content-Length: ' . filesize($tmpFolder. $fileName));
readfile($tmpFolder . $fileName);
exit();
}
// Nettoyage
unlink(self::TEMP_DIR . $fileName);
$this->removeDir($tmpFolder);
}
}

150
core/module/theme/theme.php
View File

@ -1016,81 +1016,91 @@ class theme extends common
public function import($zipName = '')
{
// Action interdite
if (
$zipName !== '' &&
file_exists($zipName)
$this->getUser('permission', __CLASS__, __FUNCTION__) !== true
) {
// Init variables de retour
$success = false;
$notification = '';
// Dossier temporaire
$tempFolder = uniqid();
// Ouvrir le zip
$zip = new ZipArchive();
if ($zip->open($zipName) === TRUE) {
mkdir(self::TEMP_DIR . $tempFolder, 0755);
$zip->extractTo(self::TEMP_DIR . $tempFolder);
$modele = '';
// Archive de thème ?
if (
file_exists(self::TEMP_DIR . $tempFolder . '/site/data/custom.css')
and file_exists(self::TEMP_DIR . $tempFolder . '/site/data/theme.css')
and file_exists(self::TEMP_DIR . $tempFolder . '/site/data/theme.json')
) {
$modele = 'theme';
}
if (
file_exists(self::TEMP_DIR . $tempFolder . '/site/data/admin.json')
and file_exists(self::TEMP_DIR . $tempFolder . '/site/data/admin.css')
) {
$modele = 'admin';
}
if (!empty($modele)) {
// traiter l'archive
$success = $zip->extractTo('.');
// Valeurs en sortie
$this->addOutput([
'access' => false
]);
} else {
// Substitution des fontes Google
if ($modele = 'theme') {
$c = $this->subFont(self::DATA_DIR . 'theme.json');
// Un remplacement nécessite la régénération de la feuille de style
if (
$c > 0
and file_exists(self::DATA_DIR . 'theme.css')
) {
unlink(self::DATA_DIR . 'theme.css');
}
}
if ($modele = 'admin') {
$c = $this->subFont(self::DATA_DIR . 'admin.json');
// Un remplacement nécessite la régénération de la feuille de style
if (
$c > 0
and file_exists(self::DATA_DIR . 'admin.css')
) {
unlink(self::DATA_DIR . 'admin.css');
}
}
// traitement d'erreur
$notification = $success ? helper::translate('Thème importé') : helper::translate('Erreur lors de l\'extraction, vérifiez les permissions');
} else {
// pas une archive de thème
$success = false;
$notification = helper::translate('Archive de thème invalide');
}
// Supprimer le dossier temporaire même si le thème est invalide
$this->removeDir(self::TEMP_DIR . $tempFolder);
$zip->close();
} else {
// erreur à l'ouverture
if (
$zipName !== '' &&
file_exists($zipName)
) {
// Init variables de retour
$success = false;
$notification = helper::translate('Impossible d\'ouvrir l\'archive');
}
return (['success' => $success, 'notification' => $notification]);
}
$notification = '';
// Dossier temporaire
$tempFolder = uniqid();
// Ouvrir le zip
$zip = new ZipArchive();
if ($zip->open($zipName) === TRUE) {
mkdir(self::TEMP_DIR . $tempFolder, 0755);
$zip->extractTo(self::TEMP_DIR . $tempFolder);
$modele = '';
// Archive de thème ?
if (
file_exists(self::TEMP_DIR . $tempFolder . '/site/data/custom.css')
and file_exists(self::TEMP_DIR . $tempFolder . '/site/data/theme.css')
and file_exists(self::TEMP_DIR . $tempFolder . '/site/data/theme.json')
) {
$modele = 'theme';
}
if (
file_exists(self::TEMP_DIR . $tempFolder . '/site/data/admin.json')
and file_exists(self::TEMP_DIR . $tempFolder . '/site/data/admin.css')
) {
$modele = 'admin';
}
if (!empty($modele)) {
// traiter l'archive
$success = $zip->extractTo('.');
return (['success' => false, 'notification' => helper::translate('Archive non spécifiée ou introuvable')]);
// Substitution des fontes Google
if ($modele = 'theme') {
$c = $this->subFont(self::DATA_DIR . 'theme.json');
// Un remplacement nécessite la régénération de la feuille de style
if (
$c > 0
and file_exists(self::DATA_DIR . 'theme.css')
) {
unlink(self::DATA_DIR . 'theme.css');
}
}
if ($modele = 'admin') {
$c = $this->subFont(self::DATA_DIR . 'admin.json');
// Un remplacement nécessite la régénération de la feuille de style
if (
$c > 0
and file_exists(self::DATA_DIR . 'admin.css')
) {
unlink(self::DATA_DIR . 'admin.css');
}
}
// traitement d'erreur
$notification = $success ? helper::translate('Thème importé') : helper::translate('Erreur lors de l\'extraction, vérifiez les permissions');
} else {
// pas une archive de thème
$success = false;
$notification = helper::translate('Archive de thème invalide');
}
// Supprimer le dossier temporaire même si le thème est invalide
$this->removeDir(self::TEMP_DIR . $tempFolder);
$zip->close();
} else {
// erreur à l'ouverture
$success = false;
$notification = helper::translate('Impossible d\'ouvrir l\'archive');
}
return (['success' => $success, 'notification' => $notification]);
}
return (['success' => false, 'notification' => helper::translate('Archive non spécifiée ou introuvable')]);
}
}

19
core/module/user/user.php
View File

@ -66,7 +66,7 @@ class user extends common
public static $groupProfils = [
self::GROUP_MEMBER => 'Membre',
self::GROUP_MODERATOR => 'Editeur'
self::GROUP_EDITOR => 'Editeur'
];
/**
@ -98,8 +98,8 @@ class user extends common
// Profil
$group = $this->getInput('userAddGroup', helper::FILTER_INT, true);
$profil = null;
if ($group > 1 || $group < 2) {
$profil = 0;
if ($group === 1 || $group === 2) {
$profil = $this->getInput('userAddProfil' . $group, helper::FILTER_INT);
}
@ -191,7 +191,7 @@ class user extends common
// L'utilisateur n'existe pas
$this->getData(['user', $this->getUrl(2)]) === null
// Groupe insuffisant
and ($this->getUrl('group') < self::GROUP_MODERATOR)
and ($this->getUrl('group') < self::GROUP_EDITOR)
) {
// Valeurs en sortie
$this->addOutput([
@ -251,7 +251,7 @@ class user extends common
and $this->getUrl('group') <= self::GROUP_VISITOR
)
// Impossible d'éditer un autre utilisateur
or ($this->getUrl('group') < self::GROUP_MODERATOR)
or ($this->getUrl('group') < self::GROUP_EDITOR)
)
) {
// Valeurs en sortie
@ -303,8 +303,8 @@ class user extends common
$newlastname = $this->getData(['user', $this->getUrl(2), 'lastname']);
}
// Profil
$profil = null;
if ($newGroup > 1 || $newGroup < 2) {
$profil = 0;
if ($newGroup === 1 || $newGroup === 2) {
$profil = $this->getInput('userEditProfil' . $newGroup, helper::FILTER_INT);
}
// Modifie l'utilisateur
@ -503,7 +503,7 @@ class user extends common
];
} elseif (
$groupId == self::GROUP_MEMBER ||
$groupId == self::GROUP_MODERATOR
$groupId == self::GROUP_EDITOR
) {
// Enumérer les sous groupes MEMBER et MODERATOR
foreach ($groupData as $subGroupId => $subGroupData) {
@ -1014,7 +1014,8 @@ class user extends common
else {
// Soumission du formulaire
if (
$this->getUser('permission', __CLASS__, __FUNCTION__) === true &&
// Tous les suers peuvent réinitialiser
// $this->getUser('permission', __CLASS__, __FUNCTION__) === true &&
$this->isPost()
) {
// Double vérification pour le mot de passe

10
core/module/user/view/add/add.php
View File

@ -102,8 +102,8 @@
]); ?>
</div>
<div class="userAddGroupProfil displayNone"
id="userAddGroupProfil<?php echo self::GROUP_MODERATOR; ?>">
<?php echo template::select('userAddProfil' . self::GROUP_MODERATOR, $module::$userProfils[self::GROUP_MODERATOR], [
id="userAddGroupProfil<?php echo self::GROUP_EDITOR; ?>">
<?php echo template::select('userAddProfil' . self::GROUP_EDITOR, $module::$userProfils[self::GROUP_EDITOR], [
'label' => 'Profil',
]); ?>
</div>
@ -116,9 +116,9 @@
]);
?>
</div>
<div id="userCommentProfil<?php echo self::GROUP_MODERATOR; ?>" class="col12 displayNone userCommentProfil">
<?php echo template::textarea('useraddProfilComment2' . self::GROUP_MODERATOR, [
"value" => implode("\n",$module::$userProfilsComments[self::GROUP_MODERATOR])
<div id="userCommentProfil<?php echo self::GROUP_EDITOR; ?>" class="col12 displayNone userCommentProfil">
<?php echo template::textarea('useraddProfilComment2' . self::GROUP_EDITOR, [
"value" => implode("\n",$module::$userProfilsComments[self::GROUP_EDITOR])
]);
?>
</div>

10
core/module/user/view/edit/edit.php
View File

@ -123,8 +123,8 @@
]); ?>
</div>
<div class="userEditGroupProfil displayNone"
id="userEditGroupProfil<?php echo self::GROUP_MODERATOR; ?>">
<?php echo template::select('userEditProfil' . self::GROUP_MODERATOR, $module::$userProfils[self::GROUP_MODERATOR], [
id="userEditGroupProfil<?php echo self::GROUP_EDITOR; ?>">
<?php echo template::select('userEditProfil' . self::GROUP_EDITOR, $module::$userProfils[self::GROUP_EDITOR], [
'label' => 'Profil',
'selected' => $this->getData(['user', $this->getUrl(2), 'profil'])
]); ?>
@ -138,9 +138,9 @@
]);
?>
</div>
<div id="userCommentProfil<?php echo self::GROUP_MODERATOR; ?>" class="col12 displayNone userCommentProfil">
<?php echo template::textarea('useraddProfilComment2' . self::GROUP_MODERATOR, [
"value" => implode("\n",$module::$userProfilsComments[self::GROUP_MODERATOR])
<div id="userCommentProfil<?php echo self::GROUP_EDITOR; ?>" class="col12 displayNone userCommentProfil">
<?php echo template::textarea('useraddProfilComment2' . self::GROUP_EDITOR, [
"value" => implode("\n",$module::$userProfilsComments[self::GROUP_EDITOR])
]);
?>
</div>

2
core/module/user/view/profilEdit/profilEdit.php
View File

@ -51,7 +51,7 @@
</div>
</div>
</div>
<?php if ($this->getUrl(2) >= self::GROUP_MODERATOR): ?>
<?php if ($this->getUrl(2) >= self::GROUP_EDITOR): ?>
<div class="row">
<div class="col12">
<div class="block">

53
module/blog/blog.php
View File

@ -27,15 +27,15 @@ class blog extends common
const EDIT_ALL = 'all';
public static $actions = [
'add' => self::GROUP_MODERATOR,
'comment' => self::GROUP_MODERATOR,
'commentApprove' => self::GROUP_MODERATOR,
'commentDelete' => self::GROUP_MODERATOR,
'commentDeleteAll' => self::GROUP_MODERATOR,
'config' => self::GROUP_MODERATOR,
'option' => self::GROUP_MODERATOR,
'delete' => self::GROUP_MODERATOR,
'edit' => self::GROUP_MODERATOR,
'add' => self::GROUP_EDITOR,
'comment' => self::GROUP_EDITOR,
'commentApprove' => self::GROUP_EDITOR,
'commentDelete' => self::GROUP_EDITOR,
'commentDeleteAll' => self::GROUP_EDITOR,
'config' => self::GROUP_EDITOR,
'option' => self::GROUP_EDITOR,
'delete' => self::GROUP_EDITOR,
'edit' => self::GROUP_EDITOR,
'index' => self::GROUP_VISITOR,
'rss' => self::GROUP_VISITOR
];
@ -697,7 +697,7 @@ class blog extends common
ksort(self::$users);
foreach (self::$users as $userId => &$userFirstname) {
// Les membres ne sont pas éditeurs, les exclure de la liste
if ($this->getData(['user', $userId, 'group']) < self::GROUP_MODERATOR) {
if ($this->getData(['user', $userId, 'group']) < self::GROUP_EDITOR) {
unset(self::$users[$userId]);
}
$userFirstname = $userFirstname . ' ' . $this->getData(['user', $userId, 'lastname']) . ' (' . self::$groupEdits[$this->getData(['user', $userId, 'group'])] . ')';
@ -904,24 +904,21 @@ class blog extends common
*/
public function signature($userId)
{
if ($this->getUser('permission', __CLASS__, __FUNCTION__) !== true) {
switch ($this->getData(['user', $userId, 'signature'])) {
case 1:
return $userId;
break;
case 2:
return $this->getData(['user', $userId, 'pseudo']);
break;
case 3:
return $this->getData(['user', $userId, 'firstname']) . ' ' . $this->getData(['user', $userId, 'lastname']);
break;
case 4:
return $this->getData(['user', $userId, 'lastname']) . ' ' . $this->getData(['user', $userId, 'firstname']);
break;
default:
return $this->getData(['user', $userId, 'firstname']);
}
switch ($this->getData(['user', $userId, 'signature'])) {
case 1:
return $userId;
break;
case 2:
return $this->getData(['user', $userId, 'pseudo']);
break;
case 3:
return $this->getData(['user', $userId, 'firstname']) . ' ' . $this->getData(['user', $userId, 'lastname']);
break;
case 4:
return $this->getData(['user', $userId, 'lastname']) . ' ' . $this->getData(['user', $userId, 'firstname']);
break;
default:
return $this->getData(['user', $userId, 'firstname']);
}
}
}

2
module/blog/enum.json
View File

@ -1 +1 @@
{"name":"blog","realName":"Blog","version":"6.8","update":"0.0","delete":true,"dataDirectory":""}
{"name":"blog","realName":"Blog","version":"6.9","update":"0.0","delete":true,"dataDirectory":""}

2
module/blog/view/article/article.php
View File

@ -29,7 +29,7 @@
or (
// Groupe
($this->getData(['module', $this->getUrl(0), 'posts', $this->getUrl(1), 'editConsent']) === self::GROUP_ADMIN
or $this->getData(['module', $this->getUrl(0), 'posts', $this->getUrl(1), 'editConsent']) === self::GROUP_MODERATOR)
or $this->getData(['module', $this->getUrl(0), 'posts', $this->getUrl(1), 'editConsent']) === self::GROUP_EDITOR)
and $this->getUser('group') >= $this->getData(['module', $this->getUrl(0), 'posts', $this->getUrl(1), 'editConsent'])
)
or (

2
module/blog/view/index/index.php
View File

@ -62,7 +62,7 @@
or (
// Groupe
($this->getData(['module', $this->getUrl(0), 'posts', $articleId, 'editConsent']) === self::GROUP_ADMIN
or $this->getData(['module', $this->getUrl(0), 'posts', $articleId, 'editConsent']) === self::GROUP_MODERATOR)
or $this->getData(['module', $this->getUrl(0), 'posts', $articleId, 'editConsent']) === self::GROUP_EDITOR)
and $this->getUser('group') >= $this->getData(['module', $this->getUrl(0), 'posts', $articleId, 'editConsent'])
)
or (

1
module/form/changes.md
View File

@ -1,6 +1,7 @@
# Version 3.10
- Bloque l'effacement selon le profil
- Masque le code de vérification
- Export des données en CSV impossible
# Version 3.9
- Redirection des pages orphelines
# Version 3.8

2
module/form/enum.json
View File

@ -1 +1 @@
{"name":"form","realName":"Formulaire","version":"3.9","update":"0.0","delete":true,"dataDirectory":""}
{"name":"form","realName":"Formulaire","version":"3.10","update":"0.0","delete":true,"dataDirectory":""}

16
module/form/form.php
View File

@ -22,13 +22,13 @@ class form extends common
const DATADIRECTORY = ''; // Contenu localisé inclus par défaut (page.json et module.json)
public static $actions = [
'config' => self::GROUP_MODERATOR,
'option' => self::GROUP_MODERATOR,
'data' => self::GROUP_MODERATOR,
'delete' => self::GROUP_MODERATOR,
'deleteall' => self::GROUP_MODERATOR,
'config' => self::GROUP_EDITOR,
'option' => self::GROUP_EDITOR,
'data' => self::GROUP_EDITOR,
'delete' => self::GROUP_EDITOR,
'deleteall' => self::GROUP_EDITOR,
'index' => self::GROUP_VISITOR,
'export2csv' => self::GROUP_MODERATOR,
'export2csv' => self::GROUP_EDITOR,
];
public static $data = [];
@ -235,7 +235,7 @@ class form extends common
{
$data = $this->getData(['module', $this->getUrl(0), 'data']);
if (
$this->getUser('permission', __CLASS__, __FUNCTION__) !== true &&
$this->getUser('permission', __CLASS__, __FUNCTION__) === true &&
$data
) {
// Pagination
@ -297,7 +297,7 @@ class form extends common
fclose($fp);
// Valeurs en sortie
$this->addOutput([
'notification' => sprintf(helper::translate('Export CSV effectué dans %1 '), $csvfilename),
'notification' => sprintf(helper::translate('Export CSV effectué dans %s '), $csvfilename ),
'redirect' => helper::baseUrl() . $this->getUrl(0) . '/data',
'state' => true
]);

2
module/gallery/enum.json
View File

@ -1 +1 @@
{"name":"gallery","realName":"Galerie","version":"3.8","update":"0.0","delete":true,"dataDirectory":"site\/data\/gallery\/"}
{"name":"gallery","realName":"Galerie","version":"3.9","update":"0.0","delete":true,"dataDirectory":"site\/data\/gallery\/"}

18
module/gallery/gallery.php
View File

@ -44,15 +44,15 @@ class gallery extends common
public static $config = [];
public static $actions = [
'config' => self::GROUP_MODERATOR,
'delete' => self::GROUP_MODERATOR,
'dirs' => self::GROUP_MODERATOR,
'sortGalleries' => self::GROUP_MODERATOR,
'sortPictures' => self::GROUP_MODERATOR,
'edit' => self::GROUP_MODERATOR,
'add' => self::GROUP_MODERATOR,
'theme' => self::GROUP_MODERATOR,
'option' => self::GROUP_MODERATOR,
'config' => self::GROUP_EDITOR,
'delete' => self::GROUP_EDITOR,
'dirs' => self::GROUP_EDITOR,
'sortGalleries' => self::GROUP_EDITOR,
'sortPictures' => self::GROUP_EDITOR,
'edit' => self::GROUP_EDITOR,
'add' => self::GROUP_EDITOR,
'theme' => self::GROUP_EDITOR,
'option' => self::GROUP_EDITOR,
'index' => self::GROUP_VISITOR
];

2
module/news/enum.json
View File

@ -1 +1 @@
{"name":"news","realName":"News","version":"4.3","update":"0.0","delete":true,"dataDirectory":"site\/data\/news\/"}
{"name":"news","realName":"News","version":"4.4","update":"0.0","delete":true,"dataDirectory":"site\/data\/news\/"}

10
module/news/news.php
View File

@ -21,13 +21,13 @@ class news extends common
const DATADIRECTORY = self::DATA_DIR . 'news/';
public static $actions = [
'add' => self::GROUP_MODERATOR,
'config' => self::GROUP_MODERATOR,
'add' => self::GROUP_EDITOR,
'config' => self::GROUP_EDITOR,
// Edition des news
'option' => self::GROUP_MODERATOR,
'option' => self::GROUP_EDITOR,
// paramétrage des news
'delete' => self::GROUP_MODERATOR,
'edit' => self::GROUP_MODERATOR,
'delete' => self::GROUP_EDITOR,
'edit' => self::GROUP_EDITOR,
'index' => self::GROUP_VISITOR,
'rss' => self::GROUP_VISITOR
];

4
module/redirection/redirection.php
View File

@ -21,7 +21,7 @@ class redirection extends common
const DATADIRECTORY = ''; // Contenu localisé inclus par défaut (page.json et module.json)
public static $actions = [
'config' => self::GROUP_MODERATOR,
'config' => self::GROUP_EDITOR,
'index' => self::GROUP_VISITOR
];
@ -60,7 +60,7 @@ class redirection extends common
if (
$this->getUser('permission', __CLASS__, __FUNCTION__) !== true
&& $this->getUser('password') === $this->getInput('ZWII_USER_PASSWORD')
&& $this->getUser('group') >= self::GROUP_MODERATOR
&& $this->getUser('group') >= self::GROUP_EDITOR
&& $this->getUrl(1) !== 'force'
) {
// Valeurs en sortie

3
module/search/search.php
View File

@ -26,7 +26,7 @@ class search extends common
public static $actions = [
'index' => self::GROUP_VISITOR,
'config' => self::GROUP_MODERATOR
'config' => self::GROUP_EDITOR
];
// Variables pour l'affichage des résultats
@ -177,7 +177,6 @@ class search extends common
$this->update();
if (
$this->getUser('permission', __CLASS__, __FUNCTION__) === true &&
$this->isPost()
) {
//Initialisations variables