From fcf5fcfe060db70af2c640190e1cff64bd3d03d8 Mon Sep 17 00:00:00 2001 From: Fred <23246457+fredtempez@users.noreply.github.com> Date: Sun, 30 Dec 2018 19:28:32 +0100 Subject: [PATCH 01/38] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index c3cd60e9..ff5a56f3 100755 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -# Zwii 9 Béta +# Zwii 9 Bêta Zwii est un CMS sans base de données (Flat-File) qui permet à ses utilisateurs de créer et gérer facilement un site web sans aucune connaissance en programmation. From 782313a1d4adba56c1dd284b2622ec4a35f62cb6 Mon Sep 17 00:00:00 2001 From: Fred <23246457+fredtempez@users.noreply.github.com> Date: Sun, 30 Dec 2018 19:36:16 +0100 Subject: [PATCH 02/38] Delete custom.css --- site/data/custom.css | 1 - 1 file changed, 1 deletion(-) delete mode 100644 site/data/custom.css diff --git a/site/data/custom.css b/site/data/custom.css deleted file mode 100644 index 97b499cf..00000000 --- a/site/data/custom.css +++ /dev/null @@ -1 +0,0 @@ -{"theme":{"body":{"backgroundColor":"rgba(138, 187, 244, 1)","image":"","imageAttachment":"scroll","imagePosition":"top center","imageRepeat":"no-repeat","imageSize":"auto"},"button":{"backgroundColor":"rgba(71, 123, 184, 1)"},"footer":{"backgroundColor":"rgba(138, 187, 244, 1)","copyrightAlign":"center","height":"5px","loginLink":"1","margin":false,"position":"body","socialsAlign":"center","text":"A propos<\/a>","textAlign":"center","textColor":"rgba(33, 34, 35, 1)","copyrightPosition":"center","textPosition":"center","socialsPosition":"hide"},"header":{"backgroundColor":"rgba(255, 255, 255, 0)","font":"Marvel","fontSize":"1.6em","fontWeight":"bold","height":"150px","image":"","imagePosition":"center center","imageRepeat":"no-repeat","margin":false,"position":"site","textAlign":"center","textColor":"rgba(132, 68, 7, 1)","textHide":false,"textTransform":"none","linkHome":false,"imageContainer":"auto"},"link":{"textColor":"rgba(71, 123, 184, 1)"},"menu":{"backgroundColor":"rgba(138, 187, 244, 1)","font":"Arimo","fontSize":"1em","fontWeight":"normal","height":"10px","loginLink":"","margin":false,"position":"body-top","textAlign":"left","textColor":"rgba(117, 106, 98, 1)","textTransform":"none"},"site":{"backgroundColor":"rgba(9, 47, 91, 1)","radius":"15px","shadow":"1px 1px 10px","width":"1170px"},"text":{"font":"Arvo","fontSize":"14px","textColor":"rgba(33, 34, 35, 1)"},"title":{"font":"Oswald","textColor":"rgba(71, 123, 184, 1)","fontWeight":"normal","textTransform":"none"}}} \ No newline at end of file From 0718a8e6dbb35bdce9f940db373c49577e12998d Mon Sep 17 00:00:00 2001 From: fredtempez Date: Wed, 2 Jan 2019 22:45:05 +0100 Subject: [PATCH 03/38] =?UTF-8?q?Accueil=20th=C3=A8me?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- core/module/theme/view/index/index.php | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/core/module/theme/view/index/index.php b/core/module/theme/view/index/index.php index 3a8877f6..0f7dc960 100755 --- a/core/module/theme/view/index/index.php +++ b/core/module/theme/view/index/index.php @@ -5,7 +5,7 @@ ): ?>
-
+
'buttonGrey', 'href' => helper::baseUrl(false), @@ -13,21 +13,21 @@ 'value' => 'Accueil' ]); ?>
-
+
helper::baseUrl() . $this->getUrl(0) . '/manage', 'ico' => 'download', 'value' => 'Gestion des thèmes' ]); ?>
-
+
helper::baseUrl() . $this->getUrl(0) . '/advanced', 'value' => 'Mode avancé', 'ico' => 'code' ]); ?>
-
+
'eye', 'value' => 'Zones cachées' @@ -37,7 +37,7 @@
-
+
'buttonGrey', 'href' => helper::baseUrl(false), @@ -45,14 +45,14 @@ 'value' => 'Accueil' ]); ?>
-
+
helper::baseUrl() . $this->getUrl(0) . '/manage', 'ico' => 'download', 'value' => 'Gestion des thèmes' ]); ?>
-
+
helper::baseUrl() . $this->getUrl(0) . '/advanced', 'value' => 'Mode avancé', From 3222aaf7d5d7d666f258e6fc09668bbf1ef8d699 Mon Sep 17 00:00:00 2001 From: fredtempez Date: Wed, 2 Jan 2019 23:55:43 +0100 Subject: [PATCH 04/38] mise en place editeur dans site --- core/core.php | 7 +++++-- core/module/page/page.php | 9 +++------ core/module/theme/theme.php | 20 +++++++++++++++++--- core/module/theme/view/site/site.php | 27 +++++++++++++++++++++++++++ 4 files changed, 52 insertions(+), 11 deletions(-) diff --git a/core/core.php b/core/core.php index 12ff46a6..54fad575 100644 --- a/core/core.php +++ b/core/core.php @@ -349,7 +349,8 @@ class common { 'backgroundColor' => 'rgba(255, 255, 255, 1)', 'radius' => '0', 'shadow' => '0', - 'width' => '1170px' + 'width' => '1170px', + 'blocks' => '100' ], 'text' => [ 'font' => 'Open+Sans', @@ -994,7 +995,9 @@ class common { } // Version 9.0.0 if($this->getData(['core', 'dataVersion']) < 900) { - + $this->setData(['theme', 'site', 'blocks','100']); + $this->setData(['theme', 'site', 'contentLeft','']); + $this->setData(['theme', 'site', 'contentRight','']); $this->setData(['core', 'dataVersion', 900]); $this->SaveData(); } diff --git a/core/module/page/page.php b/core/module/page/page.php index cccf8a38..bad7b1d4 100755 --- a/core/module/page/page.php +++ b/core/module/page/page.php @@ -24,19 +24,18 @@ class page extends common { ]; public static $moduleIds = []; - // Menu image public static $typeMenu = [ 'text' => 'Texte', 'icon' => 'Icône', 'icontitle' => 'Icône et bulle' ]; - // menu image // Position du module public static $modulePosition = [ 'bottom' => 'En bas', 'top' => 'En haut', 'free' => 'Libre' ]; + /** * Création */ @@ -46,12 +45,10 @@ class page extends common { $this->setData([ 'page', $pageId, - [ - // Menu icon + [ 'typeMenu' => 'text', 'iconUrl' => '', - 'disable' => false, - // Menu icon + 'disable' => false, 'content' => 'Contenu de votre nouvelle page.', 'hideTitle' => false, 'metaDescription' => '', diff --git a/core/module/theme/theme.php b/core/module/theme/theme.php index 7ee58d26..e7d0b5c0 100755 --- a/core/module/theme/theme.php +++ b/core/module/theme/theme.php @@ -201,9 +201,18 @@ class theme extends common { 'contain' => 'Image entière', 'cover' => 'Largeur adaptée au fond', '100% 100%' => 'Taille adaptée au fond' - ]; + public static $siteBlocks = [ + '100' => 'Une colonne', + '33-66' => 'Deux colonnes : 1/3 - 2/3', + '66-33' => 'Deux colonnes : 2/3 - 1/3', + '25-75' => 'Deux colonnes : 1/4 - 3/4', + '75-25' => 'Deux colonnes : 3/4 - 1/2', + '25-50-25' => 'Trois colonnes : 1/4 - 1/2 - 1/4' + ]; + + /** * Mode avancé */ @@ -424,7 +433,11 @@ class theme extends common { 'backgroundColor' => $this->getInput('themeSiteBackgroundColor'), 'radius' => $this->getInput('themeSiteRadius'), 'shadow' => $this->getInput('themeSiteShadow'), - 'width' => $this->getInput('themeSiteWidth') + 'width' => $this->getInput('themeSiteWidth'), + 'blocks' => $this->getInput('themeSiteBlocks'), + 'contentLeft' => (empty($this->getInput('themeSiteContentleft', null)) ? "

" : $this->getInput('themeSiteContentleft', null)), + 'contentRight' => (empty($this->getInput('themeSiteContentright', null)) ? "

" : $this->getInput('themeSiteContentright', null)) + ]]); // Valeurs en sortie $this->addOutput([ @@ -437,7 +450,8 @@ class theme extends common { $this->addOutput([ 'title' => 'Personnalisation du site', 'vendor' => [ - 'tinycolorpicker' + 'tinycolorpicker', + 'tinymce' ], 'view' => 'site' ]); diff --git a/core/module/theme/view/site/site.php b/core/module/theme/view/site/site.php index bf1e9f0f..2ae87269 100755 --- a/core/module/theme/view/site/site.php +++ b/core/module/theme/view/site/site.php @@ -131,4 +131,31 @@
+
+
+

Mise en page

+
+
+ 'Colonnes', + 'selected' => $this->getData(['theme', 'site', 'blocks']) + ]); ?> +
+
+
+
+ 'editorWysiwyg', + 'value' => $this->getData(['theme', 'site', 'contentRight']) + ]); ?> +
+
+ 'editorWysiwyg', + 'value' => $this->getData(['theme', 'site', 'contentLeft']) + ]); ?> +
+
+
+
\ No newline at end of file From 90d31b142b8c7f026816c97111edcc62971e39fd Mon Sep 17 00:00:00 2001 From: fredtempez Date: Thu, 3 Jan 2019 14:10:36 +0100 Subject: [PATCH 05/38] faille cerf delete page --- core/module/page/page.php | 68 ++++++++++++++++++++------------------- 1 file changed, 35 insertions(+), 33 deletions(-) diff --git a/core/module/page/page.php b/core/module/page/page.php index bad7b1d4..f2cd8f2b 100755 --- a/core/module/page/page.php +++ b/core/module/page/page.php @@ -74,39 +74,41 @@ class page extends common { * Suppression */ public function delete() { - // La page n'existe pas - if($this->getData(['page', $this->getUrl(2)]) === null) { - // Valeurs en sortie - $this->addOutput([ - 'access' => false - ]); - } - // Impossible de supprimer la page d'accueil - elseif($this->getUrl(2) === $this->getData(['config', 'homePageId'])) { - // Valeurs en sortie - $this->addOutput([ - 'redirect' => helper::baseUrl() . 'page/edit/' . $this->getUrl(2), - 'notification' => 'Impossible de supprimer la page d\'accueil' - ]); - } - // Impossible de supprimer une page contenant des enfants - elseif($this->getHierarchy($this->getUrl(2))) { - // Valeurs en sortie - $this->addOutput([ - 'redirect' => helper::baseUrl() . 'page/edit/' . $this->getUrl(2), - 'notification' => 'Impossible de supprimer une page contenant des enfants' - ]); - } - // Suppression - else { - $this->deleteData(['page', $this->getUrl(2)]); - $this->deleteData(['module', $this->getUrl(2)]); - // Valeurs en sortie - $this->addOutput([ - 'redirect' => helper::baseUrl(false), - 'notification' => 'Page supprimée', - 'state' => true - ]); + if($this->isPost()) { + // La page n'existe pas + if($this->getData(['page', $this->getUrl(2)]) === null) { + // Valeurs en sortie + $this->addOutput([ + 'access' => false + ]); + } + // Impossible de supprimer la page d'accueil + elseif($this->getUrl(2) === $this->getData(['config', 'homePageId'])) { + // Valeurs en sortie + $this->addOutput([ + 'redirect' => helper::baseUrl() . 'page/edit/' . $this->getUrl(2), + 'notification' => 'Impossible de supprimer la page d\'accueil' + ]); + } + // Impossible de supprimer une page contenant des enfants + elseif($this->getHierarchy($this->getUrl(2))) { + // Valeurs en sortie + $this->addOutput([ + 'redirect' => helper::baseUrl() . 'page/edit/' . $this->getUrl(2), + 'notification' => 'Impossible de supprimer une page contenant des enfants' + ]); + } + // Suppression + else { + $this->deleteData(['page', $this->getUrl(2)]); + $this->deleteData(['module', $this->getUrl(2)]); + // Valeurs en sortie + $this->addOutput([ + 'redirect' => helper::baseUrl(false), + 'notification' => 'Page supprimée', + 'state' => true + ]); + } } } From a15efd9b1a73cf4e0b23553df3b288b5d1e9942e Mon Sep 17 00:00:00 2001 From: fredtempez Date: Thu, 3 Jan 2019 14:12:14 +0100 Subject: [PATCH 06/38] faille csrf --- core/module/page/page.php | 65 ++++++++++++++++++++++----------------- 1 file changed, 36 insertions(+), 29 deletions(-) diff --git a/core/module/page/page.php b/core/module/page/page.php index cccf8a38..19e4db75 100755 --- a/core/module/page/page.php +++ b/core/module/page/page.php @@ -77,40 +77,47 @@ class page extends common { * Suppression */ public function delete() { - // La page n'existe pas - if($this->getData(['page', $this->getUrl(2)]) === null) { + if($this->isPost()) { + // La page n'existe pas + if($this->getData(['page', $this->getUrl(2)]) === null) { + // Valeurs en sortie + $this->addOutput([ + 'access' => false + ]); + } + // Impossible de supprimer la page d'accueil + elseif($this->getUrl(2) === $this->getData(['config', 'homePageId'])) { + // Valeurs en sortie + $this->addOutput([ + 'redirect' => helper::baseUrl() . 'page/edit/' . $this->getUrl(2), + 'notification' => 'Impossible de supprimer la page d\'accueil' + ]); + } + // Impossible de supprimer une page contenant des enfants + elseif($this->getHierarchy($this->getUrl(2))) { + // Valeurs en sortie + $this->addOutput([ + 'redirect' => helper::baseUrl() . 'page/edit/' . $this->getUrl(2), + 'notification' => 'Impossible de supprimer une page contenant des enfants' + ]); + } + // Suppression + else { + $this->deleteData(['page', $this->getUrl(2)]); + $this->deleteData(['module', $this->getUrl(2)]); + // Valeurs en sortie + $this->addOutput([ + 'redirect' => helper::baseUrl(false), + 'notification' => 'Page supprimée', + 'state' => true + ]); + } + } else { // Valeurs en sortie $this->addOutput([ 'access' => false ]); } - // Impossible de supprimer la page d'accueil - elseif($this->getUrl(2) === $this->getData(['config', 'homePageId'])) { - // Valeurs en sortie - $this->addOutput([ - 'redirect' => helper::baseUrl() . 'page/edit/' . $this->getUrl(2), - 'notification' => 'Impossible de supprimer la page d\'accueil' - ]); - } - // Impossible de supprimer une page contenant des enfants - elseif($this->getHierarchy($this->getUrl(2))) { - // Valeurs en sortie - $this->addOutput([ - 'redirect' => helper::baseUrl() . 'page/edit/' . $this->getUrl(2), - 'notification' => 'Impossible de supprimer une page contenant des enfants' - ]); - } - // Suppression - else { - $this->deleteData(['page', $this->getUrl(2)]); - $this->deleteData(['module', $this->getUrl(2)]); - // Valeurs en sortie - $this->addOutput([ - 'redirect' => helper::baseUrl(false), - 'notification' => 'Page supprimée', - 'state' => true - ]); - } } /** From e0e683f8905e7179ddc1b5280aec73b52c5f0eda Mon Sep 17 00:00:00 2001 From: fredtempez Date: Thu, 3 Jan 2019 14:18:23 +0100 Subject: [PATCH 07/38] acces false --- core/module/page/page.php | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/core/module/page/page.php b/core/module/page/page.php index f2cd8f2b..2f3d0cdf 100755 --- a/core/module/page/page.php +++ b/core/module/page/page.php @@ -109,6 +109,11 @@ class page extends common { 'state' => true ]); } + } else { + // Valeurs en sortie + $this->addOutput([ + 'access' => false + ]); } } From d90bfd0253548c6f7b18e3bc1176beb5eca0c93b Mon Sep 17 00:00:00 2001 From: fredtempez Date: Thu, 3 Jan 2019 15:07:11 +0100 Subject: [PATCH 08/38] =?UTF-8?q?donn=C3=A9es=20des=20blocs=20dans=20confi?= =?UTF-8?q?g=20plut=C3=B4t=20que=20theme?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- core/core.php | 8 +++++--- core/module/theme/theme.php | 7 ++++--- core/module/theme/view/site/site.php | 8 ++++---- 3 files changed, 13 insertions(+), 10 deletions(-) diff --git a/core/core.php b/core/core.php index 54fad575..68e2b719 100644 --- a/core/core.php +++ b/core/core.php @@ -56,7 +56,9 @@ class common { ], 'timezone' => 'Europe/Paris', 'title' => 'Zwii, votre site en quelques clics !', - 'itemsperPage' => 10 + 'itemsperPage' => 10, + 'contenLeft' => '', + 'contentRight' => '' ], 'core' => [ 'dataVersion' => 0, @@ -996,8 +998,8 @@ class common { // Version 9.0.0 if($this->getData(['core', 'dataVersion']) < 900) { $this->setData(['theme', 'site', 'blocks','100']); - $this->setData(['theme', 'site', 'contentLeft','']); - $this->setData(['theme', 'site', 'contentRight','']); + $this->setData(['config', 'contentLeft','']); + $this->setData(['config', 'contentRight','']); $this->setData(['core', 'dataVersion', 900]); $this->SaveData(); } diff --git a/core/module/theme/theme.php b/core/module/theme/theme.php index e7d0b5c0..304692da 100755 --- a/core/module/theme/theme.php +++ b/core/module/theme/theme.php @@ -435,9 +435,10 @@ class theme extends common { 'shadow' => $this->getInput('themeSiteShadow'), 'width' => $this->getInput('themeSiteWidth'), 'blocks' => $this->getInput('themeSiteBlocks'), - 'contentLeft' => (empty($this->getInput('themeSiteContentleft', null)) ? "

" : $this->getInput('themeSiteContentleft', null)), - 'contentRight' => (empty($this->getInput('themeSiteContentright', null)) ? "

" : $this->getInput('themeSiteContentright', null)) - + ]]); + $this->setData(['config', [ + 'contentLeft' => (empty($this->getInput('configContentleft', null)) ? "

" : $this->getInput('configContentleft', null)), + 'contentRight' => (empty($this->getInput('configContentright', null)) ? "

" : $this->getInput('configContentright', null)) ]]); // Valeurs en sortie $this->addOutput([ diff --git a/core/module/theme/view/site/site.php b/core/module/theme/view/site/site.php index 2ae87269..83f34a40 100755 --- a/core/module/theme/view/site/site.php +++ b/core/module/theme/view/site/site.php @@ -144,15 +144,15 @@
- 'editorWysiwyg', - 'value' => $this->getData(['theme', 'site', 'contentRight']) + 'value' => $this->getData(['config', 'contentRight']) ]); ?>
- 'editorWysiwyg', - 'value' => $this->getData(['theme', 'site', 'contentLeft']) + 'value' => $this->getData(['config', 'contentLeft']) ]); ?>
From e821fe2d8ad856ca50ef763e3d03e5b0eeb919d2 Mon Sep 17 00:00:00 2001 From: fredtempez Date: Thu, 3 Jan 2019 15:29:57 +0100 Subject: [PATCH 09/38] Mise en place du test de mise en place --- core/core.php | 2 +- core/layout/main.php | 41 ++++++++++++++++++++++++++--------------- 2 files changed, 27 insertions(+), 16 deletions(-) diff --git a/core/core.php b/core/core.php index 68e2b719..2b5092a2 100644 --- a/core/core.php +++ b/core/core.php @@ -57,7 +57,7 @@ class common { 'timezone' => 'Europe/Paris', 'title' => 'Zwii, votre site en quelques clics !', 'itemsperPage' => 10, - 'contenLeft' => '', + 'contentLeft' => '', 'contentRight' => '' ], 'core' => [ diff --git a/core/layout/main.php b/core/layout/main.php index 3a86ee70..fcffc5c5 100755 --- a/core/layout/main.php +++ b/core/layout/main.php @@ -33,11 +33,9 @@ getData(['theme', 'header', 'position']) === 'body'): ?> - getData(['theme','header','linkHome'])){ echo "" ;} ?> -
getUrl(0) === 'theme' AND $this->getUrl(1) === 'header') ): ?> - -
getData(['config', 'title']); ?>
- - -
- + getData(['theme','header','linkHome'])){echo "";} - ?> - - + ?> + getData(['theme', 'menu', 'position']) === 'body-second'): ?> -
showContent(); ?>
+ getData(['theme','site','blocks'])) { + case '33-66' : + break; + case '25-75' : + break; + case '25-50-25' : + break; + } + ?> +
showContent(); ?>
+ getData(['theme','site','blocks'])) { + case '66-33' : + break; + case '75-25' : + break; + case '25-50-25' : + break; + } + ?> + + getData(['theme', 'footer', 'position']) === 'site' // Affiche toujours le pied de page pour l'édition du thème From 61ff4dc49a7ceaf05b60ad802ae834b00be92583 Mon Sep 17 00:00:00 2001 From: fredtempez Date: Thu, 3 Jan 2019 17:11:26 +0100 Subject: [PATCH 10/38] Modification du timezone RFM --- core/vendor/filemanager/config/config.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/core/vendor/filemanager/config/config.php b/core/vendor/filemanager/config/config.php index fd6b13fa..cb063909 100755 --- a/core/vendor/filemanager/config/config.php +++ b/core/vendor/filemanager/config/config.php @@ -8,7 +8,7 @@ mb_http_input('UTF-8'); mb_language('uni'); mb_regex_encoding('UTF-8'); ob_start('mb_output_handler'); -date_default_timezone_set('Europe/Rome'); +date_default_timezone_set('Europe/Paris'); setlocale(LC_CTYPE, 'fr_FR'); //correct transliteration /* From 7c30cbe4e813ef59c913189789b840081ed5832b Mon Sep 17 00:00:00 2001 From: fredtempez Date: Thu, 3 Jan 2019 19:54:44 +0100 Subject: [PATCH 11/38] Display block ok --- core/core.php | 12 ++++--- core/layout/main.php | 54 +++++++++++++++++----------- core/module/theme/theme.php | 20 +++++------ core/module/theme/view/site/site.php | 18 +++++----- 4 files changed, 59 insertions(+), 45 deletions(-) diff --git a/core/core.php b/core/core.php index 2b5092a2..0b6930bc 100644 --- a/core/core.php +++ b/core/core.php @@ -56,9 +56,7 @@ class common { ], 'timezone' => 'Europe/Paris', 'title' => 'Zwii, votre site en quelques clics !', - 'itemsperPage' => 10, - 'contentLeft' => '', - 'contentRight' => '' + 'itemsperPage' => 10 ], 'core' => [ 'dataVersion' => 0, @@ -364,6 +362,10 @@ class common { 'fontWeight' => 'normal', 'textColor' => 'rgba(74, 105, 189, 1)', 'textTransform' => 'none' + ], + 'block' => [ + 'contentLeft' => '', + 'contentRight' => '' ] ] ]; @@ -998,8 +1000,8 @@ class common { // Version 9.0.0 if($this->getData(['core', 'dataVersion']) < 900) { $this->setData(['theme', 'site', 'blocks','100']); - $this->setData(['config', 'contentLeft','']); - $this->setData(['config', 'contentRight','']); + $this->setData(['theme', 'block', 'contentLeft','']); + $this->setData(['theme', 'block', 'contentRight','']); $this->setData(['core', 'dataVersion', 900]); $this->SaveData(); } diff --git a/core/layout/main.php b/core/layout/main.php index fcffc5c5..9ecd3899 100755 --- a/core/layout/main.php +++ b/core/layout/main.php @@ -116,28 +116,40 @@ - getData(['theme','site','blocks'])) { - case '33-66' : + getUrl(0) === 'theme' OR + $this->getUrl(0) === 'config' OR + $this->getUrl(0) === 'user' ) { ?> +
showContent(); ?>
+ getData(['theme','site','blocks'])); + $blockleft=$blockright=""; + switch (sizeof($blocks)) { + case 1 : // une colonne + $content = 'col'. $blocks[0] ; + break; + case 2 : // 2 blocks + if ($blocks[0] < $blocks[1]) { // détermine la position de la colonne + $blockright = 'col'. $blocks[0]; + $content = 'col'. $blocks[1] ; + } else { + $content = 'col' . $blocks[0]; + $blockleft = 'col' . $blocks[1]; + } break; - case '25-75' : - break; - case '25-50-25' : - break; - } - ?> -
showContent(); ?>
- getData(['theme','site','blocks'])) { - case '66-33' : - break; - case '75-25' : - break; - case '25-50-25' : - break; - } - ?> - + case 3 : // 3 blocks + $blockleft = 'col' . $blocks[0]; + $content = 'col' . $blocks[1]; + $blockright = 'col' . $blocks[2]; + } + ?> +
+
+
getData(['theme','block','contentLeft']);?>
+
showContent(); ?>
+
getData(['theme','block','contentRight']);?>
+
+
+ getData(['theme', 'footer', 'position']) === 'site' diff --git a/core/module/theme/theme.php b/core/module/theme/theme.php index 304692da..139f34c5 100755 --- a/core/module/theme/theme.php +++ b/core/module/theme/theme.php @@ -204,12 +204,12 @@ class theme extends common { ]; public static $siteBlocks = [ - '100' => 'Une colonne', - '33-66' => 'Deux colonnes : 1/3 - 2/3', - '66-33' => 'Deux colonnes : 2/3 - 1/3', - '25-75' => 'Deux colonnes : 1/4 - 3/4', - '75-25' => 'Deux colonnes : 3/4 - 1/2', - '25-50-25' => 'Trois colonnes : 1/4 - 1/2 - 1/4' + '12' => 'Une colonne', + '4-8' => 'Deux colonnes : 1/3 - 2/3', + '8-4' => 'Deux colonnes : 2/3 - 1/3', + '3-9' => 'Deux colonnes : 1/4 - 3/4', + '9-3' => 'Deux colonnes : 3/4 - 1/2', + '3-6-3' => 'Trois colonnes : 1/4 - 1/2 - 1/4' ]; @@ -434,11 +434,11 @@ class theme extends common { 'radius' => $this->getInput('themeSiteRadius'), 'shadow' => $this->getInput('themeSiteShadow'), 'width' => $this->getInput('themeSiteWidth'), - 'blocks' => $this->getInput('themeSiteBlocks'), + 'blocks' => $this->getInput('themeSiteBlocks') ]]); - $this->setData(['config', [ - 'contentLeft' => (empty($this->getInput('configContentleft', null)) ? "

" : $this->getInput('configContentleft', null)), - 'contentRight' => (empty($this->getInput('configContentright', null)) ? "

" : $this->getInput('configContentright', null)) + $this->setData(['theme','block', [ + 'contentLeft' => (empty($this->getInput('themeBlockContentLeft', null)) ? "

" : $this->getInput('themeBlockContentLeft', null)), + 'contentRight' => (empty($this->getInput('themeBlockContentRight', null)) ? "

" : $this->getInput('themeBlockContentRight', null)) ]]); // Valeurs en sortie $this->addOutput([ diff --git a/core/module/theme/view/site/site.php b/core/module/theme/view/site/site.php index 83f34a40..2dfaa2bd 100755 --- a/core/module/theme/view/site/site.php +++ b/core/module/theme/view/site/site.php @@ -143,17 +143,17 @@
-
- + 'editorWysiwyg', - 'value' => $this->getData(['config', 'contentRight']) - ]); ?> -
-
- 'editorWysiwyg', - 'value' => $this->getData(['config', 'contentLeft']) + 'value' => $this->getData(['theme','block', 'contentLeft']) ]); ?> +
+
+ 'editorWysiwyg', + 'value' => $this->getData(['theme','block', 'contentRight']) + ]); ?>
From 95d81bc83e02a90b9b13649165da6cbe2d8b5708 Mon Sep 17 00:00:00 2001 From: fredtempez Date: Thu, 3 Jan 2019 20:21:21 +0100 Subject: [PATCH 12/38] =?UTF-8?q?Exclure=20blocks=20des=20param=C3=A8tres?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- core/layout/main.php | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/core/layout/main.php b/core/layout/main.php index 9ecd3899..74ed943e 100755 --- a/core/layout/main.php +++ b/core/layout/main.php @@ -118,6 +118,8 @@ getUrl(0) === 'theme' OR $this->getUrl(0) === 'config' OR + $this->getUrl(0) === 'install' OR + $this->getUrl(0) === 'maintenance' OR $this->getUrl(0) === 'user' ) { ?>
showContent(); ?>
-
-
getData(['theme','block','contentLeft']);?>
-
showContent(); ?>
-
getData(['theme','block','contentRight']);?>
+
+
getData(['theme','block','contentLeft']);?>
+
showContent(); ?>
+
getData(['theme','block','contentRight']);?>
From 617bf3b9f642a123fd2b2ccfdd113a01da52ff07 Mon Sep 17 00:00:00 2001 From: fredtempez Date: Thu, 3 Jan 2019 20:46:32 +0100 Subject: [PATCH 13/38] Ajustements des messages --- site/file/source/screenshot.png | Bin 3939 -> 3937 bytes 1 file changed, 0 insertions(+), 0 deletions(-) diff --git a/site/file/source/screenshot.png b/site/file/source/screenshot.png index 31fcb04f0a8707933a69933451b85d925e078e02..0087e63688533de0ed4732ef44f1971c812b307b 100644 GIT binary patch delta 1243 zcmV<11SI?89^oFamkNJX6+J&kQj}Y2Nh?}bJl`+$@?TqJ)x-UMU#WRtGHUhw&(tH7 z>fvE+zWZBmf#J`x^@hqZRVDOy_GKTjX46aX8S3|Sr9E!$xW7HRwU;dUdc8Mk%Lcb= zd8NlazrTt(xSTX7R+T^9PS$#&ws%SR^)6?F;#&>Q*HS3Poee56`%d;&?2Z-2U5#mN zg|eF|u}Iik*o}p-DBmD&)QyF*DIm5v1yQNbE%YO^UI-DFrx~p zqfhNNtz>d8UBfJ9Q&o)c$2rF@r_(N}sco=ym-?B1wKac~rTt9#l=d#?KV!%Eark~8 z;`(3On!n0Y{N=Q=HCitXPAa5aZlw0P^Vc=QP_KWB#8boJC{@H_Dm^fzN)B_I zvvx^t_C@UY@$X7{PZs*c)Whdfqe7iEMh!wKUCHi0uczM+Px_h2#L%yV#8kuL=vBkw zDLpf#S`HI~=FL6U%^6(jHG7XwbE@u3Kd9|`5PyuBUtd)IULVxXCHE<@)LX8GW0=bu z8fsMI4Gn*_X5H?1FR@LA5=Ee*(F07hz?hRDXi1r-Bq^e0+|4mugG-i}E?Qz5CM3+$Eiw%*UCi!X z$uvy6nWjsKX>+O4`Q3h<>MXxF!NxMgVCwtG#kPNxmg%dmE}LHyk$uTW8~$D##VJ_{#C?cy%I@$4t2q+Zb@>INvN&1?w!hP7u=1CCd$6Saw_DP za+@mUHVJKoy^3tBkw(JV3Tz5C7RcCH6uC@=Tnd>?jg-kH${_%u2vH@Lm`g&5GSdoW z+<||lT3{_Q2AHl3mvK!lUCh%hG7S?gGc?P&CYLV$rgs&@8e~itCCN0oE(?<6j^wy5 zOWc-<S zal)NR!ldCBC{szzui;JGa~q!AuN4e7BUMDwlGCj#xO&@(F3vBMNrdUtg*tPb9Ai;8 z2LAwwUe`dm>CG`v#bPy6O~xxuwyfvtZX&xVt`Xz8EfvVvZc}8APEP!jQ}RL?X*J8qHA~3|2{k_?a(+lb z+Fq%7DN0^QLQ7MZlJ!3%A#5*Pt;sdZ$p~9Xu1mRk<$g#(OV=+XQZ>>z9(X%gG2^DXv!J zj&ipoA#EwnSLCg7-*OPPROKsjMVW0p2 delta 1245 zcmV<31S0$49^)RcmkNJVl^CUmjOr%sG?G?!iAF7TfQ&w)h?#`!85*qZLwLM}KBf`xb39zX6`FcUn`{?(2*5+pBU!*OYxu0x)drZ+U$;&3ols6RCK+{lv-M3lD+TU{s*U)pF@t{2IQ~L=2L%{ujYP{Q>UxbcAT(l zcDI^bbKCp)qnnAtLWOBl{nYJesw-!7pN~@Jcs?bt-0gKDjA_u)qaU>IWp2pfTxHnS zme^YuurbfcZqX}UGp&$z6iEtzY zBuJNGqckgsXqbPKGfYc@4HFTXdx%a{7HT>YA3@2T6aam-|y!`AT2Z&zVnR?sN7$e}^B3 z;r=hB{i&(^r7!Ddc&?+Vh{IK)@YLd}MaJq+Yo9%HTs40R_`F3tJ`#moMk1rr3RIxy zIlDJxmhWU<&yODTr=;<3tX)h#bviUD(^O#8B9+{phh4;W$2Q)7@;*mCln_xb*iruH>`&j@O|F_{o*^^-tyD{Y>Ita+@7Ry69#( zjIpt%rA~h^(A!pR-sgh*6xeP^n+s)JEs|SdY^KU=iZ&L=7Qm#KTO(m$QLvM+ZbcYb zY%B^k62eIfDUp#RS_&-?G|Nm0i82O+nVMoknkHS$(-p`xxoLvsrXiwYOwBUWAkyXB z&gI;bM9aCFWVnWxI-M__*XiD(%kzvJV=P7vue^VZTWLvdn!4iYwedL@+?NX_nx9~%`(#<(K6FBOuLe4a_{PAaa=*BM8R@glS`7|xh_cV zOM>LR$!M-qVYwS5O_gxARml~~xNcKmNwBt4Wn7Zm3uL%k+=|;NvYRP^LWot#Aw(e* zAqWWwMnXtJ5K$u&PDA(oR|ypvSCkbsj@@<%7+ zgdL^omy(pFb@a@%q# z%gG2kNv>W=u3kt&+D&ruUb%0%2tid&a`INWc_9mBdgbJba*Dd!U3uR7Hw Date: Thu, 3 Jan 2019 20:47:00 +0100 Subject: [PATCH 14/38] ajustement des messages --- core/layout/main.php | 4 ++-- core/module/theme/theme.php | 12 ++++++------ core/module/theme/view/site/site.php | 13 ++++++++----- 3 files changed, 16 insertions(+), 13 deletions(-) diff --git a/core/layout/main.php b/core/layout/main.php index 74ed943e..0472ce7d 100755 --- a/core/layout/main.php +++ b/core/layout/main.php @@ -131,11 +131,11 @@ break; case 2 : // 2 blocks if ($blocks[0] < $blocks[1]) { // détermine la position de la colonne - $blockright = 'col'. $blocks[0]; + $blockleft = 'col'. $blocks[0]; $content = 'col'. $blocks[1] ; } else { $content = 'col' . $blocks[0]; - $blockleft = 'col' . $blocks[1]; + $blockright = 'col' . $blocks[1]; } break; case 3 : // 3 blocks diff --git a/core/module/theme/theme.php b/core/module/theme/theme.php index 139f34c5..987db8e9 100755 --- a/core/module/theme/theme.php +++ b/core/module/theme/theme.php @@ -204,12 +204,12 @@ class theme extends common { ]; public static $siteBlocks = [ - '12' => 'Une colonne', - '4-8' => 'Deux colonnes : 1/3 - 2/3', - '8-4' => 'Deux colonnes : 2/3 - 1/3', - '3-9' => 'Deux colonnes : 1/4 - 3/4', - '9-3' => 'Deux colonnes : 3/4 - 1/2', - '3-6-3' => 'Trois colonnes : 1/4 - 1/2 - 1/4' + '12' => 'Un seul bloc, uniquement le site', + '4-8' => 'Deux blocs : 1/3 - 2/3', + '8-4' => 'Deux blocs : 2/3 - 1/3', + '3-9' => 'Deux blocs : 1/4 - 3/4', + '9-3' => 'Deux blocs : 3/4 - 1/2', + '3-6-3' => 'Trois blocs : 1/4 - 1/2 - 1/4' ]; diff --git a/core/module/theme/view/site/site.php b/core/module/theme/view/site/site.php index 2dfaa2bd..a657af2f 100755 --- a/core/module/theme/view/site/site.php +++ b/core/module/theme/view/site/site.php @@ -133,24 +133,27 @@
-

Mise en page

+

Mise en page

'Colonnes', - 'selected' => $this->getData(['theme', 'site', 'blocks']) - ]); ?> + 'label' => 'Répartition des blocs :', + 'help' => 'Le bloc la plus large abrite le contenu du site', + 'selected' => $this->getData(['theme', 'site', 'blocks']) + ]); ?>
-
+
'Contenu du bloc à gauche :', 'class' => 'editorWysiwyg', 'value' => $this->getData(['theme','block', 'contentLeft']) ]); ?>
'Contenu du bloc à droite :', 'class' => 'editorWysiwyg', 'value' => $this->getData(['theme','block', 'contentRight']) ]); ?> From 5cdb96d25f013ad4026b96f5262be949f467fc19 Mon Sep 17 00:00:00 2001 From: fredtempez Date: Fri, 4 Jan 2019 09:00:48 +0100 Subject: [PATCH 15/38] Id pour chaque bloc --- core/layout/main.php | 6 +++--- core/module/theme/resource/custom.css | 8 ++++++++ 2 files changed, 11 insertions(+), 3 deletions(-) diff --git a/core/layout/main.php b/core/layout/main.php index 0472ce7d..c4ad95c9 100755 --- a/core/layout/main.php +++ b/core/layout/main.php @@ -146,9 +146,9 @@ ?>
-
getData(['theme','block','contentLeft']);?>
-
showContent(); ?>
-
getData(['theme','block','contentRight']);?>
+
getData(['theme','block','contentLeft']);?>
+
showContent(); ?>
+
getData(['theme','block','contentRight']);?>
diff --git a/core/module/theme/resource/custom.css b/core/module/theme/resource/custom.css index 872f75c9..417491bc 100755 --- a/core/module/theme/resource/custom.css +++ b/core/module/theme/resource/custom.css @@ -15,6 +15,14 @@ body { #site { } +/* Blocs dans le site */ +#contentleft { +} +#contentright { +} +#contentsite { +} + /* Bannière */ header { } From 01b4acddf64d258a75077d1547899cb14375902d Mon Sep 17 00:00:00 2001 From: fredtempez Date: Fri, 4 Jan 2019 18:53:24 +0100 Subject: [PATCH 16/38] Stockage des blocs avec les pages --- core/core.php | 14 ++-- core/layout/main.php | 5 +- core/module/page/page.php | 69 ++++++++++++++- core/module/page/view/block/block.js.php | 102 +++++++++++++++++++++++ core/module/page/view/block/block.php | 33 ++++++++ core/module/theme/theme.php | 4 - core/module/theme/view/site/site.php | 41 +++------ 7 files changed, 220 insertions(+), 48 deletions(-) create mode 100644 core/module/page/view/block/block.js.php create mode 100644 core/module/page/view/block/block.php diff --git a/core/core.php b/core/core.php index 0b6930bc..7fb63773 100644 --- a/core/core.php +++ b/core/core.php @@ -362,10 +362,6 @@ class common { 'fontWeight' => 'normal', 'textColor' => 'rgba(74, 105, 189, 1)', 'textTransform' => 'none' - ], - 'block' => [ - 'contentLeft' => '', - 'contentRight' => '' ] ] ]; @@ -1000,8 +996,8 @@ class common { // Version 9.0.0 if($this->getData(['core', 'dataVersion']) < 900) { $this->setData(['theme', 'site', 'blocks','100']); - $this->setData(['theme', 'block', 'contentLeft','']); - $this->setData(['theme', 'block', 'contentRight','']); + $this->setData(['page', 'blockLeft', 'content','']); + $this->setData(['page', 'blockRight', 'content','']); $this->setData(['core', 'dataVersion', 900]); $this->SaveData(); } @@ -2138,13 +2134,17 @@ class layout extends common { if($this->getUser('group') >= self::GROUP_MODERATOR) { $leftItems .= '
    • '; $leftItems .= '
  • ' . template::ico('plus') . '
    • '; if( diff --git a/core/layout/main.php b/core/layout/main.php index c4ad95c9..48babb48 100755 --- a/core/layout/main.php +++ b/core/layout/main.php @@ -120,6 +120,7 @@ $this->getUrl(0) === 'config' OR $this->getUrl(0) === 'install' OR $this->getUrl(0) === 'maintenance' OR + $this->getUrl(0) === 'page' OR $this->getUrl(0) === 'user' ) { ?>
    showContent(); ?>
    -
    getData(['theme','block','contentLeft']);?>
    +
    getData(['page','blockLeft','content']);?>
    showContent(); ?>
    -
    getData(['theme','block','contentRight']);?>
    +
    getData(['page','blockRight','content']);?>
    diff --git a/core/module/page/page.php b/core/module/page/page.php index 2f3d0cdf..8f3b92c6 100755 --- a/core/module/page/page.php +++ b/core/module/page/page.php @@ -17,7 +17,8 @@ class page extends common { public static $actions = [ 'add' => self::GROUP_MODERATOR, 'delete' => self::GROUP_MODERATOR, - 'edit' => self::GROUP_MODERATOR + 'edit' => self::GROUP_MODERATOR, + 'block' => self::GROUP_ADMIN ]; public static $pagesNoParentId = [ '' => 'Aucune' @@ -31,9 +32,9 @@ class page extends common { ]; // Position du module public static $modulePosition = [ - 'bottom' => 'En bas', - 'top' => 'En haut', - 'free' => 'Libre' + 'bottom' => 'En bas', + 'top' => 'En haut', + 'free' => 'Libre' ]; /** @@ -117,6 +118,66 @@ class page extends common { } } + + /** + * Édition des blocs + */ + public function block () { + if($this->isPost()) { + $this->setData([ + 'page', + 'blockLeft', [ + 'typeMenu' => 'text', + 'iconUrl' => '', + 'disable' => true, + 'hideTitle' => false, + 'metaDescription' => '', + 'metaTitle' => '', + 'moduleId' => '', + 'parentPageId' => '', + 'modulePosition' => 'bottom', + 'position' => 0, + 'group' => self::GROUP_VISITOR, + 'targetBlank' => false, + 'title' => 'blockLeft', + 'content' => (empty($this->getInput('pageBlockLeftContent', null)) ? "

    " : $this->getInput('pageBlockLeftContent', null))] + ]); + $this->setData([ + 'page', + 'blockRight', [ + 'typeMenu' => 'text', + 'iconUrl' => '', + 'disable' => true, + 'hideTitle' => false, + 'metaDescription' => '', + 'metaTitle' => '', + 'moduleId' => '', + 'parentPageId' => '', + 'modulePosition' => 'bottom', + 'position' => 0, + 'group' => self::GROUP_VISITOR, + 'targetBlank' => false, + 'title' => 'blockRight', + 'content' => (empty($this->getInput('pageBlockRightContent', null)) ? "

    " : $this->getInput('pageBlockRightContent', null))] + ]); + $this->addOutput([ + 'redirect' => helper::baseUrl(), + 'notification' => 'Modifications enregistrées', + 'state' => true + ]); + } + + // Valeurs en sortie + $this->addOutput([ + 'title' => 'Édition des blocs', + 'vendor' => [ + 'tinymce' + ], + 'view' => 'block' + ]); + } + + /** * Édition */ diff --git a/core/module/page/view/block/block.js.php b/core/module/page/view/block/block.js.php new file mode 100644 index 00000000..d21cf5f7 --- /dev/null +++ b/core/module/page/view/block/block.js.php @@ -0,0 +1,102 @@ +/** + * This file is part of Zwii. + * + * For full copyright and license information, please see the LICENSE + * file that was distributed with this source code. + * + * @author Rémi Jean + * @copyright Copyright (C) 2008-2018, Rémi Jean + * @license GNU General Public License, version 3 + * @link http://zwiicms.com/ + */ + +/** + * Confirmation de suppression + */ +$("#pageEditDelete").on("click", function() { + var _this = $(this); + return core.confirm("Êtes-vous sûr de vouloir supprimer cette page ?", function() { + $(location).attr("href", _this.attr("href")); + }); +}); + +/** + * Bloque/Débloque le bouton de configuration au changement de module + */ +var pageEditModuleIdDOM = $("#pageEditModuleId"); +pageEditModuleIdDOM.on("change", function() { + if($(this).val() === "") { + $("#pageEditModuleConfig").addClass("disabled"); + $("#pageEditContentContainer").slideDown(); + } + else { + $("#pageEditModuleConfig").removeClass("disabled"); + $("#pageEditContentContainer").slideUp(); + } +}); + +/** + * Soumission du formulaire pour éditer le module + */ +$("#pageEditModuleConfig").on("click", function() { + $("#pageEditModuleRedirect").val(1); + $("#pageEditForm").trigger("submit"); +}); + +/** + * Affiche les pages en fonction de la page parent dans le choix de la position + */ +var hierarchy = getHierarchy()); ?>; +var pages = getData(['page'])); ?>; +$("#pageEditParentPageId").on("change", function() { + var positionDOM = $("#pageEditPosition"); + positionDOM.empty().append( + $("
    -
    +
    'colorPicker', 'label' => 'Boutons', @@ -82,6 +82,15 @@ ]); ?>
    +
    +
    + 'Répartition des blocs :', + 'help' => 'Pour éditer le contenu des blocs, sélectionnez \'Édition des blocs\' dans la liste des pages.', + 'selected' => $this->getData(['theme', 'site', 'blocks']) + ]); ?> +
    +
    @@ -131,34 +140,4 @@
    -
    -
    -

    Mise en page

    -
    -
    - 'Répartition des blocs :', - 'help' => 'Le bloc la plus large abrite le contenu du site', - 'selected' => $this->getData(['theme', 'site', 'blocks']) - ]); ?> -
    -
    -
    -
    - 'Contenu du bloc à gauche :', - 'class' => 'editorWysiwyg', - 'value' => $this->getData(['theme','block', 'contentLeft']) - ]); ?> -
    -
    - 'Contenu du bloc à droite :', - 'class' => 'editorWysiwyg', - 'value' => $this->getData(['theme','block', 'contentRight']) - ]); ?> -
    -
    -
    -
    \ No newline at end of file From acd65e7e2d093044e1631153d64298075dd442ca Mon Sep 17 00:00:00 2001 From: fredtempez Date: Fri, 4 Jan 2019 18:58:11 +0100 Subject: [PATCH 17/38] =?UTF-8?q?blocs=20=C3=A0=20gauche=20et=20=C3=A0=20d?= =?UTF-8?q?roite?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- CHANGES.MD | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGES.MD b/CHANGES.MD index 81d55457..bfa822bb 100644 --- a/CHANGES.MD +++ b/CHANGES.MD @@ -5,6 +5,7 @@ - Stockage distinct du thème et des autres données (core, config, page, module et users ) avec import des données d'une version 8 - Exporter un thème (avec les images) sous forme d'une archive ZIP à télécharger ou stocker dans Fichiers. - Importer un thème à partir des fichiers + - Deux blocs (colonnes) à droite ou à gauche contenant des informations fixes, le paramétage est dans le thème, mais les contenus sont stockés dans les pages. ## Verison 8.5.3 * Modification : From 418173956b0f3f41d1a9e5d01a1d5639537d7a7b Mon Sep 17 00:00:00 2001 From: fredtempez Date: Fri, 4 Jan 2019 21:51:21 +0100 Subject: [PATCH 18/38] =?UTF-8?q?filtre=20liste=20de=20page=20=C3=A0=20?= =?UTF-8?q?=C3=A9diter?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- core/core.php | 38 ++++++++++++++++++++++++++--- core/module/page/page.php | 7 ------ core/module/page/view/edit/edit.php | 4 +-- 3 files changed, 35 insertions(+), 14 deletions(-) diff --git a/core/core.php b/core/core.php index 7fb63773..3ce62f5d 100644 --- a/core/core.php +++ b/core/core.php @@ -176,6 +176,38 @@ class common { 'group' => self::GROUP_VISITOR, 'targetBlank' => false, 'title' => 'Contact' + ], + 'blockRight' => [ + 'typeMenu' => 'text', + 'iconUrl' => '', + 'disable' => false, + 'content' => '

    Bloc à droite du site

    ', + 'hideTitle' => false, + 'metaDescription' => '', + 'metaTitle' => '', + 'moduleId' => '', + 'modulePosition' => '', + 'parentPageId' => '', + 'position' => 0, + 'group' => self::GROUP_VISITOR, + 'targetBlank' => false, + 'title' => 'blockRight' + ], + 'blockLeft' => [ + 'typeMenu' => 'text', + 'iconUrl' => '', + 'disable' => false, + 'content' => '

    Bloc à gauche du site

    ', + 'hideTitle' => false, + 'metaDescription' => '', + 'metaTitle' => '', + 'moduleId' => '', + 'modulePosition' => '', + 'parentPageId' => '', + 'position' => 0, + 'group' => self::GROUP_VISITOR, + 'targetBlank' => false, + 'title' => 'blockLeft' ] ], 'module' => [ @@ -996,8 +1028,6 @@ class common { // Version 9.0.0 if($this->getData(['core', 'dataVersion']) < 900) { $this->setData(['theme', 'site', 'blocks','100']); - $this->setData(['page', 'blockLeft', 'content','']); - $this->setData(['page', 'blockRight', 'content','']); $this->setData(['core', 'dataVersion', 900]); $this->SaveData(); } @@ -2136,8 +2166,8 @@ class layout extends common { $leftItems .= ''; $currentPageId = $this->getData(['page', $this->getUrl(0)]) ? $this->getUrl(0) : $this->getUrl(2); foreach($this->getHierarchy(null, false) as $parentPageId => $childrenPageIds) { - if ($this->getData(['page', $parentPageId, 'title']) === 'blockLeft' - OR $this->getData(['page', $parentPageId, 'title']) === 'blockRight') { continue; } + if ($this->getData(['page', $parentPageId]) === 'blockLeft' + OR $this->getData(['page', $parentPageId]) === 'blockRight') { continue; } $leftItems .= ''; foreach($childrenPageIds as $childKey) { $leftItems .= ''; diff --git a/core/module/page/page.php b/core/module/page/page.php index 8f3b92c6..4acad103 100755 --- a/core/module/page/page.php +++ b/core/module/page/page.php @@ -75,7 +75,6 @@ class page extends common { * Suppression */ public function delete() { - if($this->isPost()) { // La page n'existe pas if($this->getData(['page', $this->getUrl(2)]) === null) { // Valeurs en sortie @@ -110,12 +109,6 @@ class page extends common { 'state' => true ]); } - } else { - // Valeurs en sortie - $this->addOutput([ - 'access' => false - ]); - } } diff --git a/core/module/page/view/edit/edit.php b/core/module/page/view/edit/edit.php index 2092d534..e9bc02e8 100755 --- a/core/module/page/view/edit/edit.php +++ b/core/module/page/view/edit/edit.php @@ -55,8 +55,7 @@
    -
    - +
    'Sélectionnez le type de menu.', 'label' => 'Type de menu', @@ -64,7 +63,6 @@ ]); ?>
    - 'Icône', 'value' => $this->getData(['page', $this->getUrl(2), 'iconUrl']) From 1481cc5aca3276111c882b6f130dc477f1d9cae6 Mon Sep 17 00:00:00 2001 From: fredtempez Date: Fri, 4 Jan 2019 22:08:18 +0100 Subject: [PATCH 19/38] =?UTF-8?q?filtrage=20bloc=20dans=20les=20page=20?= =?UTF-8?q?=C3=A0=20=C3=A9diter?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- core/core.php | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/core/core.php b/core/core.php index 3ce62f5d..3d8958dc 100644 --- a/core/core.php +++ b/core/core.php @@ -178,7 +178,7 @@ class common { 'title' => 'Contact' ], 'blockRight' => [ - 'typeMenu' => 'text', + 'typeMenu' => '', 'iconUrl' => '', 'disable' => false, 'content' => '

    Bloc à droite du site

    ', @@ -194,7 +194,7 @@ class common { 'title' => 'blockRight' ], 'blockLeft' => [ - 'typeMenu' => 'text', + 'typeMenu' => '', 'iconUrl' => '', 'disable' => false, 'content' => '

    Bloc à gauche du site

    ', @@ -2032,8 +2032,6 @@ class layout extends common { $targetBlank = $this->getData(['page', $childKey, 'targetBlank']) ? ' target="_blank"' : ''; // Mise en page du sous-item - // Menu Image - if ( $this->getData(['page',$childKey,'disable']) === true AND $this->getUser('password') !== $this->getInput('ZWII_USER_PASSWORD') ) @@ -2166,15 +2164,15 @@ class layout extends common { $leftItems .= ''; $currentPageId = $this->getData(['page', $this->getUrl(0)]) ? $this->getUrl(0) : $this->getUrl(2); foreach($this->getHierarchy(null, false) as $parentPageId => $childrenPageIds) { - if ($this->getData(['page', $parentPageId]) === 'blockLeft' - OR $this->getData(['page', $parentPageId]) === 'blockRight') { continue; } + if ($parentPageId === 'blockLeft' + OR $parentPageId === 'blockRight') { continue; } $leftItems .= ''; foreach($childrenPageIds as $childKey) { $leftItems .= ''; } } $leftItems .= ''; - $leftItems .= ''; + $leftItems .= ''; $leftItems .= ''; $leftItems .= '
  • ' . template::ico('plus') . '
    • '; if( From 547693709e3e905338aac86e456fd9ea18be973b Mon Sep 17 00:00:00 2001 From: fredtempez Date: Fri, 4 Jan 2019 23:27:35 +0100 Subject: [PATCH 20/38] Correction faille CSRF --- core/module/page/page.php | 79 ++++++++++++++++------------- core/module/page/view/edit/edit.php | 2 +- 2 files changed, 45 insertions(+), 36 deletions(-) diff --git a/core/module/page/page.php b/core/module/page/page.php index 4acad103..dde9efb1 100755 --- a/core/module/page/page.php +++ b/core/module/page/page.php @@ -75,43 +75,52 @@ class page extends common { * Suppression */ public function delete() { - // La page n'existe pas - if($this->getData(['page', $this->getUrl(2)]) === null) { - // Valeurs en sortie - $this->addOutput([ - 'access' => false - ]); - } - // Impossible de supprimer la page d'accueil - elseif($this->getUrl(2) === $this->getData(['config', 'homePageId'])) { - // Valeurs en sortie - $this->addOutput([ - 'redirect' => helper::baseUrl() . 'page/edit/' . $this->getUrl(2), - 'notification' => 'Impossible de supprimer la page d\'accueil' - ]); - } - // Impossible de supprimer une page contenant des enfants - elseif($this->getHierarchy($this->getUrl(2))) { - // Valeurs en sortie - $this->addOutput([ - 'redirect' => helper::baseUrl() . 'page/edit/' . $this->getUrl(2), - 'notification' => 'Impossible de supprimer une page contenant des enfants' - ]); - } - // Suppression - else { - $this->deleteData(['page', $this->getUrl(2)]); - $this->deleteData(['module', $this->getUrl(2)]); - // Valeurs en sortie - $this->addOutput([ - 'redirect' => helper::baseUrl(false), - 'notification' => 'Page supprimée', - 'state' => true - ]); - } + // $url prend l'adresse sans le token + $url = explode('&',$this->getUrl(2)); + // La page n'existe pas + if($this->getData(['page', $url[0]]) === null) { + // Valeurs en sortie + $this->addOutput([ + 'access' => false + ]); + } + // Impossible de supprimer la page d'accueil + elseif($url[0] === $this->getData(['config', 'homePageId'])) { + // Valeurs en sortie + $this->addOutput([ + 'redirect' => helper::baseUrl() . 'page/edit/' . $url[0], + 'notification' => 'Impossible de supprimer la page d\'accueil' + ]); + } + // Jeton incorrect + elseif($_GET['csrf'] !== $_SESSION['csrf']) { + // Valeurs en sortie + $this->addOutput([ + 'redirect' => helper::baseUrl() . 'page/edit/' . $url[0], + 'notification' => 'Suppression non autorisée' + ]); + } + // Impossible de supprimer une page contenant des enfants + elseif($this->getHierarchy($url[0])) { + // Valeurs en sortie + $this->addOutput([ + 'redirect' => helper::baseUrl() . 'page/edit/' . $url[0], + 'notification' => 'Impossible de supprimer une page contenant des enfants' + ]); + } + // Suppression + else { + $this->deleteData(['page', $url[0]]); + $this->deleteData(['module', $url[0]]); + // Valeurs en sortie + $this->addOutput([ + 'redirect' => helper::baseUrl(false), + 'notification' => 'Page supprimée', + 'state' => true + ]); + } } - /** * Édition des blocs */ diff --git a/core/module/page/view/edit/edit.php b/core/module/page/view/edit/edit.php index e9bc02e8..f3559600 100755 --- a/core/module/page/view/edit/edit.php +++ b/core/module/page/view/edit/edit.php @@ -13,7 +13,7 @@
    'buttonRed', - 'href' => helper::baseUrl() . 'page/delete/' . $this->getUrl(2), + 'href' => helper::baseUrl() . 'page/delete/' . $this->getUrl(2) . '&csrf=' . $_SESSION['csrf'], 'value' => 'Supprimer', 'ico' => 'cancel' ]); ?> From f93df1e243cb3dc258eefcf427f56fa8cc69483c Mon Sep 17 00:00:00 2001 From: fredtempez Date: Sat, 5 Jan 2019 22:31:59 +0100 Subject: [PATCH 21/38] correction faille CSRF --- core/module/page/page.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/core/module/page/page.php b/core/module/page/page.php index dde9efb1..a18e92e9 100755 --- a/core/module/page/page.php +++ b/core/module/page/page.php @@ -93,7 +93,8 @@ class page extends common { ]); } // Jeton incorrect - elseif($_GET['csrf'] !== $_SESSION['csrf']) { + elseif(isset ($_GET['csrf']) AND + $_GET['csrf'] !== $_SESSION['csrf']) { // Valeurs en sortie $this->addOutput([ 'redirect' => helper::baseUrl() . 'page/edit/' . $url[0], From bbc9a4306773d1b3f024e21467a2e60e12e6d581 Mon Sep 17 00:00:00 2001 From: fredtempez Date: Sat, 5 Jan 2019 22:35:26 +0100 Subject: [PATCH 22/38] Correctif faille CSRF --- core/module/page/page.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/core/module/page/page.php b/core/module/page/page.php index a18e92e9..6e232c23 100755 --- a/core/module/page/page.php +++ b/core/module/page/page.php @@ -93,7 +93,7 @@ class page extends common { ]); } // Jeton incorrect - elseif(isset ($_GET['csrf']) AND + elseif(!isset ($_GET['csrf']) AND $_GET['csrf'] !== $_SESSION['csrf']) { // Valeurs en sortie $this->addOutput([ From 0e6ae802337338befa3a12c3c4e43b4e6408f3d5 Mon Sep 17 00:00:00 2001 From: fredtempez Date: Sat, 5 Jan 2019 23:03:23 +0100 Subject: [PATCH 23/38] Correction faille CSRF --- core/module/page/page.php | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/core/module/page/page.php b/core/module/page/page.php index 6e232c23..ae247db6 100755 --- a/core/module/page/page.php +++ b/core/module/page/page.php @@ -93,8 +93,14 @@ class page extends common { ]); } // Jeton incorrect - elseif(!isset ($_GET['csrf']) AND - $_GET['csrf'] !== $_SESSION['csrf']) { + elseif(!isset($_GET['csrf'])) { + // Valeurs en sortie + $this->addOutput([ + 'redirect' => helper::baseUrl() . 'page/edit/' . $url[0], + 'notification' => 'Jeton invalide' + ]); + } + elseif ($_GET['csrf'] !== $_SESSION['csrf']) { // Valeurs en sortie $this->addOutput([ 'redirect' => helper::baseUrl() . 'page/edit/' . $url[0], From 1d6b03364a6b6d899555eedaa40329f5ad346738 Mon Sep 17 00:00:00 2001 From: fredtempez Date: Sat, 5 Jan 2019 23:46:42 +0100 Subject: [PATCH 24/38] Faille CSRF --- CHANGES.MD | 2 ++ 1 file changed, 2 insertions(+) diff --git a/CHANGES.MD b/CHANGES.MD index bfa822bb..8e14706f 100644 --- a/CHANGES.MD +++ b/CHANGES.MD @@ -6,6 +6,8 @@ - Exporter un thème (avec les images) sous forme d'une archive ZIP à télécharger ou stocker dans Fichiers. - Importer un thème à partir des fichiers - Deux blocs (colonnes) à droite ou à gauche contenant des informations fixes, le paramétage est dans le thème, mais les contenus sont stockés dans les pages. +- Correction : + - Faille CSRF lors de l'effacement d'une page ## Verison 8.5.3 * Modification : From 9473432852b960be13c3ffb3b2d6210c0aed9ebc Mon Sep 17 00:00:00 2001 From: fredtempez Date: Mon, 7 Jan 2019 19:46:25 +0100 Subject: [PATCH 25/38] update changes.md --- CHANGES.MD | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/CHANGES.MD b/CHANGES.MD index 8e14706f..15e67041 100644 --- a/CHANGES.MD +++ b/CHANGES.MD @@ -15,12 +15,12 @@ * Correction : - Appel de la génération de la capture d'écran OpenGraph quand le fichier est absent - CSS pour le footer des blocs et non des éléments - - #footersite, #footerbody : bloc footer dans et hors site - - #footersite, #footerbody a : liens du bloc footer dans et hors site + - \#footersite, \#footerbody : bloc footer dans et hors site + - \#footersite, \#footerbody a : liens du bloc footer dans et hors site - Bloc des colonnes dans et hors site : - - #footersiteLeft, #footerbodyLef - - #footersiteCenter, #footerbodyCenter - - #footersiteRight, #footerbodyRight + - \#footersiteLeft, \#footerbodyLef + - \#footersiteCenter, \#footerbodyCenter + - \#footersiteRight, \#footerbodyRight ## Verison 8.5.2 From 00ce3db5fe31c2b42911d272112081461c2b14e7 Mon Sep 17 00:00:00 2001 From: Fred <23246457+fredtempez@users.noreply.github.com> Date: Mon, 7 Jan 2019 22:39:17 +0100 Subject: [PATCH 26/38] Rename CHANGES.MD to CHANGES.md --- CHANGES.MD => CHANGES.md | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename CHANGES.MD => CHANGES.md (100%) diff --git a/CHANGES.MD b/CHANGES.md similarity index 100% rename from CHANGES.MD rename to CHANGES.md From 996f406a073baf62f17434b4d2d1304e785463e2 Mon Sep 17 00:00:00 2001 From: fredtempez Date: Tue, 8 Jan 2019 14:59:16 +0100 Subject: [PATCH 27/38] =?UTF-8?q?Taille=20de=20police=20par=20d=C3=A9faut?= =?UTF-8?q?=20dans=20le=20footer?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- core/layout/common.css | 9 +++++++++ core/module/theme/resource/custom.css | 13 ++++++++----- 2 files changed, 17 insertions(+), 5 deletions(-) diff --git a/core/layout/common.css b/core/layout/common.css index 1f7d7d19..87ad5fb5 100755 --- a/core/layout/common.css +++ b/core/layout/common.css @@ -423,6 +423,15 @@ footer .col4 { footer #footerSocials { font-size: 1.0em; } + +footer #footerSocials { + font-size: 1.0em; +} + +footer #footerCopyright, #footerText { + font-size: 0.8em; +} + footer #footerSocials span { color: #FFF; padding: 9px; diff --git a/core/module/theme/resource/custom.css b/core/module/theme/resource/custom.css index 417491bc..55e4f0cd 100755 --- a/core/module/theme/resource/custom.css +++ b/core/module/theme/resource/custom.css @@ -48,23 +48,26 @@ nav a.active { } /* Bas de page */ -#footersite, #footerbody { +footer { +} + +footer #footersite, #footerbody { } /* Liens du bas de page */ -#footersite, #footerbody a { +footer #footersite, #footerbody a { } /* footer bloc gauche */ -#footersiteLeft, #footerbodyLeft { +footer #footersiteLeft, #footerbodyLeft { } /* footer bloc central */ -#footersiteCenter, #footerbodyCenter { +footer #footersiteCenter, #footerbodyCenter { } /* footer bloc droite */ -#footersiteRight, #footerbodyRight { +footer #footersiteRight, #footerbodyRight { } /** From ee8545524817567b3076329c248b317f8ba3c565 Mon Sep 17 00:00:00 2001 From: fredtempez Date: Tue, 8 Jan 2019 17:55:18 +0100 Subject: [PATCH 28/38] Faille CSRF --- CHANGES.md | 3 +++ core/module/user/user.php | 26 ++++++++++++++++++++++---- module/blog/blog.php | 23 ++++++++++++++++++++--- module/gallery/gallery.php | 23 ++++++++++++++++++++--- module/news/news.php | 23 ++++++++++++++++++++--- 5 files changed, 85 insertions(+), 13 deletions(-) diff --git a/CHANGES.md b/CHANGES.md index 15e67041..dc1ec8da 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -8,6 +8,9 @@ - Deux blocs (colonnes) à droite ou à gauche contenant des informations fixes, le paramétage est dans le thème, mais les contenus sont stockés dans les pages. - Correction : - Faille CSRF lors de l'effacement d'une page + - Faille CSRF lors de l'effacement d'une galerie + - Faille CSRF lors de l'effacement d'un article de blog + - Faille CSRF lors de l'effacement d'un article de news ## Verison 8.5.3 * Modification : diff --git a/core/module/user/user.php b/core/module/user/user.php index a8559cfd..a35b479a 100755 --- a/core/module/user/user.php +++ b/core/module/user/user.php @@ -88,10 +88,13 @@ class user extends common { * Suppression */ public function delete() { + // + // $url prend l'adresse sans le token + $url = explode('&',$this->getUrl(2)); // Accès refusé if( // L'utilisateur n'existe pas - $this->getData(['user', $this->getUrl(2)]) === null + $this->getData(['user', $url[0]]) === null // Groupe insuffisant AND ($this->getUrl('group') < self::GROUP_MODERATOR) ) { @@ -100,8 +103,23 @@ class user extends common { 'access' => false ]); } + // Jeton incorrect + elseif(!isset($_GET['csrf'])) { + // Valeurs en sortie + $this->addOutput([ + 'redirect' => helper::baseUrl() . 'user', + 'notification' => 'Jeton invalide' + ]); + } + elseif ($_GET['csrf'] !== $_SESSION['csrf']) { + // Valeurs en sortie + $this->addOutput([ + 'redirect' => helper::baseUrl() . 'user', + 'notification' => 'Suppression non autorisée' + ]); + } // Bloque la suppression de son propre compte - elseif($this->getUser('id') === $this->getUrl(2)) { + elseif($this->getUser('id') === $url[0]) { // Valeurs en sortie $this->addOutput([ 'redirect' => helper::baseUrl() . 'user', @@ -110,7 +128,7 @@ class user extends common { } // Suppression else { - $this->deleteData(['user', $this->getUrl(2)]); + $this->deleteData(['user', $url[0]]); // Valeurs en sortie $this->addOutput([ 'redirect' => helper::baseUrl() . 'user', @@ -280,7 +298,7 @@ class user extends common { ]), template::button('userDelete' . $userId, [ 'class' => 'userDelete buttonRed', - 'href' => helper::baseUrl() . 'user/delete/' . $userId, + 'href' => helper::baseUrl() . 'user/delete/' . $userId. '&csrf=' . $_SESSION['csrf'], 'value' => template::ico('cancel') ]) ]; diff --git a/module/blog/blog.php b/module/blog/blog.php index 8c4bf930..e9c9619e 100755 --- a/module/blog/blog.php +++ b/module/blog/blog.php @@ -174,7 +174,7 @@ class blog extends common { ]), template::button('blogConfigDelete' . $articleIds[$i], [ 'class' => 'blogConfigDelete buttonRed', - 'href' => helper::baseUrl() . $this->getUrl(0) . '/delete/' . $articleIds[$i], + 'href' => helper::baseUrl() . $this->getUrl(0) . '/delete/' . $articleIds[$i] . '&csrf=' . $_SESSION['csrf'], 'value' => template::ico('cancel') ]) ]; @@ -190,16 +190,33 @@ class blog extends common { * Suppression */ public function delete() { + // $url prend l'adresse sans le token + $url = explode('&',$this->getUrl(2)); // L'article n'existe pas - if($this->getData(['module', $this->getUrl(0), $this->getUrl(2)]) === null) { + if($this->getData(['module', $this->getUrl(0), $url[0]]) === null) { // Valeurs en sortie $this->addOutput([ 'access' => false ]); } + // Jeton incorrect + elseif(!isset($_GET['csrf'])) { + // Valeurs en sortie + $this->addOutput([ + 'redirect' => helper::baseUrl(). $this->getUrl(0) . '/config', + 'notification' => 'Jeton invalide' + ]); + } + elseif ($_GET['csrf'] !== $_SESSION['csrf']) { + // Valeurs en sortie + $this->addOutput([ + 'redirect' => helper::baseUrl() . $this->getUrl(0) . '/config', + 'notification' => 'Suppression non autorisée' + ]); + } // Suppression else { - $this->deleteData(['module', $this->getUrl(0), $this->getUrl(2)]); + $this->deleteData(['module', $this->getUrl(0), $url[0]]); // Valeurs en sortie $this->addOutput([ 'redirect' => helper::baseUrl() . $this->getUrl(0) . '/config', diff --git a/module/gallery/gallery.php b/module/gallery/gallery.php index 9ce842a9..6d3d517b 100755 --- a/module/gallery/gallery.php +++ b/module/gallery/gallery.php @@ -59,7 +59,7 @@ class gallery extends common { ]), template::button('galleryConfigDelete' . $galleryId, [ 'class' => 'galleryConfigDelete buttonRed', - 'href' => helper::baseUrl() . $this->getUrl(0) . '/delete/' . $galleryId, + 'href' => helper::baseUrl() . $this->getUrl(0) . '/delete/' . $galleryId . '&csrf=' . $_SESSION['csrf'], 'value' => template::ico('cancel') ]) ]; @@ -93,16 +93,33 @@ class gallery extends common { * Suppression */ public function delete() { + // $url prend l'adresse sans le token + $url = explode('&',$this->getUrl(2)); // La galerie n'existe pas - if($this->getData(['module', $this->getUrl(0), $this->getUrl(2)]) === null) { + if($this->getData(['module', $this->getUrl(0), $url[0]]) === null) { // Valeurs en sortie $this->addOutput([ 'access' => false ]); } + // Jeton incorrect + elseif(!isset($_GET['csrf'])) { + // Valeurs en sortie + $this->addOutput([ + 'redirect' => helper::baseUrl() . 'config', + 'notification' => 'Jeton invalide' + ]); + } + elseif ($_GET['csrf'] !== $_SESSION['csrf']) { + // Valeurs en sortie + $this->addOutput([ + 'redirect' => helper::baseUrl() . 'config', + 'notification' => 'Suppression non autorisée' + ]); + } // Suppression else { - $this->deleteData(['module', $this->getUrl(0), $this->getUrl(2)]); + $this->deleteData(['module', $this->getUrl(0), $url[0]]); // Valeurs en sortie $this->addOutput([ 'redirect' => helper::baseUrl() . $this->getUrl(0) . '/config', diff --git a/module/news/news.php b/module/news/news.php index a57ccec8..93c0b5cf 100755 --- a/module/news/news.php +++ b/module/news/news.php @@ -100,7 +100,7 @@ class news extends common { ]), template::button('newsConfigDelete' . $newsIds[$i], [ 'class' => 'newsConfigDelete buttonRed', - 'href' => helper::baseUrl() . $this->getUrl(0) . '/delete/' . $newsIds[$i], + 'href' => helper::baseUrl() . $this->getUrl(0) . '/delete/' . $newsIds[$i] . '&csrf=' . $_SESSION['csrf'], 'value' => template::ico('cancel') ]) ]; @@ -116,16 +116,33 @@ class news extends common { * Suppression */ public function delete() { + // $url prend l'adresse sans le token + $url = explode('&',$this->getUrl(2)); // La news n'existe pas - if($this->getData(['module', $this->getUrl(0), $this->getUrl(2)]) === null) { + if($this->getData(['module', $this->getUrl(0), $url[0]]) === null) { // Valeurs en sortie $this->addOutput([ 'access' => false ]); } + // Jeton incorrect + elseif(!isset($_GET['csrf'])) { + // Valeurs en sortie + $this->addOutput([ + 'redirect' => helper::baseUrl(). $this->getUrl(0) . '/config', + 'notification' => 'Jeton invalide' + ]); + } + elseif ($_GET['csrf'] !== $_SESSION['csrf']) { + // Valeurs en sortie + $this->addOutput([ + 'redirect' => helper::baseUrl() . $this->getUrl(0) . '/config', + 'notification' => 'Suppression non autorisée' + ]); + } // Suppression else { - $this->deleteData(['module', $this->getUrl(0), $this->getUrl(2)]); + $this->deleteData(['module', $this->getUrl(0), $url[0]]); // Valeurs en sortie $this->addOutput([ 'redirect' => helper::baseUrl() . $this->getUrl(0) . '/config', From 56431f99db51696d82842ce83070a3644e58e96b Mon Sep 17 00:00:00 2001 From: fredtempez Date: Tue, 8 Jan 2019 22:28:08 +0100 Subject: [PATCH 29/38] =?UTF-8?q?Am=C3=A9lioration=20annulation=20multi=20?= =?UTF-8?q?colonne?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- core/layout/main.php | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/core/layout/main.php b/core/layout/main.php index 48babb48..4507da51 100755 --- a/core/layout/main.php +++ b/core/layout/main.php @@ -116,12 +116,9 @@ - getUrl(0) === 'theme' OR - $this->getUrl(0) === 'config' OR - $this->getUrl(0) === 'install' OR - $this->getUrl(0) === 'maintenance' OR - $this->getUrl(0) === 'page' OR - $this->getUrl(0) === 'user' ) { ?> + getData(['page',$this->getUrl(0)])) OR + is_null($this->getData(['module',$this->getUrl(0)])) OR + $this->getUrl(1) !== '' ) { ?>
    showContent(); ?>
    getData(['theme','site','blocks'])); @@ -150,7 +147,7 @@
    getData(['page','blockLeft','content']);?>
    showContent(); ?>
    getData(['page','blockRight','content']);?>
    -
    +
    From 47a594c1de5c156a18d92f7e29def5f4fb9836b9 Mon Sep 17 00:00:00 2001 From: fredtempez Date: Wed, 9 Jan 2019 18:38:50 +0100 Subject: [PATCH 30/38] Limiter le multi colonne aux seules pages --- core/layout/main.php | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/core/layout/main.php b/core/layout/main.php index 4507da51..7518a518 100755 --- a/core/layout/main.php +++ b/core/layout/main.php @@ -115,10 +115,12 @@
    - - getData(['page',$this->getUrl(0)])) OR - is_null($this->getData(['module',$this->getUrl(0)])) OR - $this->getUrl(1) !== '' ) { ?> + + getData(['page',$this->getUrl(0)]) === NULL OR + $this->getData(['module',$this->getUrl(0)]) === NULL OR + $this->getUrl(0) === 'page' OR + $this->getUrl(1) === 'config' + ) { ?>
    showContent(); ?>
    getData(['theme','site','blocks'])); From f2c77c355ce441c30837d48e3d6947fe3d6f96a4 Mon Sep 17 00:00:00 2001 From: fredtempez Date: Fri, 11 Jan 2019 09:46:33 +0100 Subject: [PATCH 31/38] =?UTF-8?q?Modif=20site=20defaut=20size=20et=20espac?= =?UTF-8?q?es=20ins=C3=A9cables=20footer?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- core/core.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/core/core.php b/core/core.php index 3d8958dc..758823e2 100644 --- a/core/core.php +++ b/core/core.php @@ -381,7 +381,7 @@ class common { 'backgroundColor' => 'rgba(255, 255, 255, 1)', 'radius' => '0', 'shadow' => '0', - 'width' => '1170px', + 'width' => '960px', 'blocks' => '100' ], 'text' => [ @@ -1932,12 +1932,12 @@ class layout extends common { } /** - * Affiche le coyright + * Affiche le cooyright */ public function showCopyright() { $items = '
    '; - $items .= 'Motorisé par Zwii'; - $items .= ' | Plan du site'; + $items .= 'Motorisé par Zwii'; + $items .= ' | Plan du site'; if( ( $this->getData(['theme', 'footer', 'loginLink']) From c1136f2dd3b9c6fcbd6f95a2bb949a44f7c4dac8 Mon Sep 17 00:00:00 2001 From: fredtempez Date: Fri, 11 Jan 2019 09:58:28 +0100 Subject: [PATCH 32/38] =?UTF-8?q?Modif=20site=20defaut=20size=20et=20espac?= =?UTF-8?q?es=20ins=C3=A9cables=20footer?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- core/core.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/core/core.php b/core/core.php index 3d8958dc..758823e2 100644 --- a/core/core.php +++ b/core/core.php @@ -381,7 +381,7 @@ class common { 'backgroundColor' => 'rgba(255, 255, 255, 1)', 'radius' => '0', 'shadow' => '0', - 'width' => '1170px', + 'width' => '960px', 'blocks' => '100' ], 'text' => [ @@ -1932,12 +1932,12 @@ class layout extends common { } /** - * Affiche le coyright + * Affiche le cooyright */ public function showCopyright() { $items = '
    '; - $items .= 'Motorisé par Zwii'; - $items .= ' | Plan du site'; + $items .= 'Motorisé par Zwii'; + $items .= ' | Plan du site'; if( ( $this->getData(['theme', 'footer', 'loginLink']) From d99f689010a506a6fc90f6bec6c8971f3964cb92 Mon Sep 17 00:00:00 2001 From: fredtempez Date: Fri, 11 Jan 2019 09:59:01 +0100 Subject: [PATCH 33/38] update rfm --- core/vendor/filemanager/UploadHandler.php | 11 +- core/vendor/filemanager/ajax_calls.php | 208 +- core/vendor/filemanager/config/config.php | 46 +- core/vendor/filemanager/css/rtl-style.css | Bin 6224 -> 6087 bytes core/vendor/filemanager/dialog.php | 330 +- core/vendor/filemanager/execute.php | 101 +- core/vendor/filemanager/force_download.php | 143 +- .../filemanager/include/mime_type_lib.php | 1 + core/vendor/filemanager/include/utils.php | 186 +- core/vendor/filemanager/js/include.js | 4 +- .../filemanager/js/jquery.fileupload-image.js | 4 +- .../filemanager/js/jquery.fileupload.js | 12 +- .../vendor/filemanager/js/modernizr.custom.js | 5 +- core/vendor/filemanager/js/plugins.js | 9158 ++++++++++++++++- core/vendor/filemanager/lang/cs.php | 48 +- core/vendor/filemanager/lang/de.php | 278 +- core/vendor/filemanager/lang/hu_HU.php | 48 +- core/vendor/filemanager/lang/languages.php | 1 + core/vendor/filemanager/lang/nl.php | 46 +- core/vendor/filemanager/lang/th_TH.php | 12 +- core/vendor/filemanager/plugin.min.js | 100 +- core/vendor/filemanager/upload.php | 331 +- 22 files changed, 10251 insertions(+), 822 deletions(-) diff --git a/core/vendor/filemanager/UploadHandler.php b/core/vendor/filemanager/UploadHandler.php index ed212191..780c54d3 100755 --- a/core/vendor/filemanager/UploadHandler.php +++ b/core/vendor/filemanager/UploadHandler.php @@ -380,6 +380,10 @@ class UploadHandler $file->error = $this->get_error_message('accept_file_types'); return false; } + if (preg_match($this->options['image_file_types'], $file->name) && function_exists('exif_imagetype') && !@exif_imagetype($uploaded_file)) { + $file->error = $this->get_error_message('accept_file_types'); + return false; + } if ($uploaded_file && is_uploaded_file($uploaded_file)) { $file_size = $this->get_file_size($uploaded_file); } else { @@ -519,7 +523,7 @@ class UploadHandler // Remove path information and dots around the filename, to prevent uploading // into different directories or replacing hidden system files. // Also remove control characters and spaces (\x00..\x20) around the filename: - $name = trim($this->basename(stripslashes($name)), ".\x00..\x20"); + $name = trim($this->basename(stripslashes($name)), "\x00..\x20"); // Use a timestamp for empty filenames: if (!$name) { $name = str_replace('.', '-', microtime(true)); @@ -1330,6 +1334,11 @@ class UploadHandler '', $content_disposition_header )) : null; + // TODO check + // if (isset($content_disposition_header) && !empty($content_disposition_header) ) { + // $file_name = str_replace('attachment; filename="', '', $content_disposition_header); + // $file_name = str_replace('"', '', $file_name); + // } // Parse the Content-Range header, which has the following form: // Content-Range: bytes 0-524287/2000000 $content_range_header = $this->get_server_var('HTTP_CONTENT_RANGE'); diff --git a/core/vendor/filemanager/ajax_calls.php b/core/vendor/filemanager/ajax_calls.php index 025d5cfe..0fe40f3f 100755 --- a/core/vendor/filemanager/ajax_calls.php +++ b/core/vendor/filemanager/ajax_calls.php @@ -1,8 +1,6 @@ send(); exit; } + + +//check $_GET['file'] +if(isset($_GET['file']) && !checkRelativePath($_GET['file'])) { + response(trans('wrong path').AddErrorLocation())->send(); + exit; +} + +//check $_POST['file'] +if(isset($_POST['path']) && !checkRelativePath($_POST['path'])) { + response(trans('wrong path').AddErrorLocation())->send(); + exit; +} + + $ftp = ftp_con($config); if(isset($_GET['action'])) @@ -52,7 +65,7 @@ if(isset($_GET['action'])) case 'filter': if (isset($_GET['type'])) { - if (isset($remember_text_filter) && $remember_text_filter) + if (isset($config['remember_text_filter']) && $config['remember_text_filter']) { $_SESSION['RF']["filter"] = $_GET['type']; } @@ -73,24 +86,10 @@ if(isset($_GET['action'])) $_SESSION['RF']["descending"] = $_GET['descending']; } break; - case 'image_size': // not used - $pos = strpos($_POST['path'], $upload_dir); - if ($pos !== false) - { - $info = getimagesize(substr_replace($_POST['path'], $current_path, $pos, strlen($upload_dir))); - response($info)->send(); - exit; - } - break; case 'save_img': $info = pathinfo($_POST['name']); - if ( - strpos($_POST['path'], '/') === 0 - || strpos($_POST['path'], '../') !== false - || strpos($_POST['path'], '..\\') !== false - || strpos($_POST['path'], './') === 0 - || (strpos($_POST['url'], 'http://s3.amazonaws.com/feather') !== 0 && strpos($_POST['url'], 'https://s3.amazonaws.com/feather') !== 0) + if ((strpos($_POST['url'], 'http://s3.amazonaws.com/feather') !== 0 && strpos($_POST['url'], 'https://s3.amazonaws.com/feather') !== 0) || $_POST['name'] != fix_filename($_POST['name'], $config) || ! in_array(strtolower($info['extension']), array( 'jpg', 'jpeg', 'png' )) ) @@ -106,7 +105,7 @@ if(isset($_GET['action'])) } if (!checkresultingsize(strlen($image_data))) { - response(sprintf(trans('max_size_reached'),$MaxSizeTotal).AddErrorLocation())->send(); + response(sprintf(trans('max_size_reached'),$config['MaxSizeTotal']).AddErrorLocation())->send(); exit; } if($ftp){ @@ -116,42 +115,36 @@ if(isset($_GET['action'])) $temp .=".".substr(strrchr($_POST['url'],'.'),1); file_put_contents($temp,$image_data); - $ftp->put($ftp_base_folder.$upload_dir . $_POST['path'] . $_POST['name'], $temp, FTP_BINARY); + $ftp->put($config['ftp_base_folder'].$config['upload_dir'] . $_POST['path'] . $_POST['name'], $temp, FTP_BINARY); create_img($temp,$temp,122,91); - $ftp->put($ftp_base_folder.$ftp_thumbs_dir. $_POST['path'] . $_POST['name'], $temp, FTP_BINARY); + $ftp->put($config['ftp_base_folder'].$config['ftp_thumbs_dir']. $_POST['path'] . $_POST['name'], $temp, FTP_BINARY); unlink($temp); }else{ - file_put_contents($current_path . $_POST['path'] . $_POST['name'],$image_data); - create_img($current_path . $_POST['path'] . $_POST['name'], $thumbs_base_path.$_POST['path'].$_POST['name'], 122, 91); + file_put_contents($config['current_path'] . $_POST['path'] . $_POST['name'],$image_data); + create_img($config['current_path'] . $_POST['path'] . $_POST['name'], $config['thumbs_base_path'].$_POST['path'].$_POST['name'], 122, 91); // TODO something with this function cause its blowing my mind new_thumbnails_creation( - $current_path.$_POST['path'], - $current_path.$_POST['path'].$_POST['name'], + $config['current_path'].$_POST['path'], + $config['current_path'].$_POST['path'].$_POST['name'], $_POST['name'], - $current_path, + $config['current_path'], $config ); } break; case 'extract': - if ( strpos($_POST['path'], '/') === 0 - || strpos($_POST['path'], '../') !== false - || strpos($_POST['path'], '..\\') !== false - || strpos($_POST['path'], './') === 0) - { - response(trans('wrong path'.AddErrorLocation()))->send(); - exit; + if(!$config['extract_files']){ + response(trans('wrong action').AddErrorLocation())->send(); } - if($ftp){ - $path = $ftp_base_url.$upload_dir . $_POST['path']; - $base_folder = $ftp_base_url.$upload_dir . fix_dirname($_POST['path']) . "/"; + $path = $config['ftp_base_url'].$config['upload_dir'] . $_POST['path']; + $base_folder = $config['ftp_base_url'].$config['upload_dir'] . fix_dirname($_POST['path']) . "/"; }else{ - $path = $current_path . $_POST['path']; - $base_folder = $current_path . fix_dirname($_POST['path']) . "/"; + $path = $config['current_path'] . $_POST['path']; + $base_folder = $config['current_path'] . fix_dirname($_POST['path']) . "/"; } $info = pathinfo($path); @@ -184,32 +177,28 @@ if(isset($_GET['action'])) $sizeTotalFinal += $aStat['size']; } if (!checkresultingsize($sizeTotalFinal)) { - response(sprintf(trans('max_size_reached'),$MaxSizeTotal).AddErrorLocation())->send(); + response(sprintf(trans('max_size_reached'),$config['MaxSizeTotal']).AddErrorLocation())->send(); exit; } - //make all the folders + //make all the folders and unzip into the folders for ($i = 0; $i < $zip->numFiles; $i++) { - $OnlyFileName = $zip->getNameIndex($i); - $FullFileName = $zip->statIndex($i); - if (substr($FullFileName['name'], -1, 1) == "/") - { - create_folder($base_folder . $FullFileName['name']); - } - } - //unzip into the folders - for ($i = 0; $i < $zip->numFiles; $i++) - { - $OnlyFileName = $zip->getNameIndex($i); $FullFileName = $zip->statIndex($i); - if ( ! (substr($FullFileName['name'], -1, 1) == "/")) - { - $fileinfo = pathinfo($OnlyFileName); - if (in_array(strtolower($fileinfo['extension']), $ext)) + if(checkRelativePath($FullFileName['name'])){ + if (substr($FullFileName['name'], -1, 1) == "/") { - copy('zip://' . $path . '#' . $OnlyFileName, $base_folder . $FullFileName['name']); + create_folder($base_folder . $FullFileName['name']); + } + + if ( ! (substr($FullFileName['name'], -1, 1) == "/")) + { + $fileinfo = pathinfo($FullFileName['name']); + if (in_array(strtolower($fileinfo['extension']), $config['ext'])) + { + copy('zip://' . $path . '#' . $FullFileName['name'], $base_folder . $FullFileName['name']); + } } } } @@ -234,7 +223,7 @@ if(isset($_GET['action'])) $phar = new PharData($path); $phar->decompressFiles(); $files = array(); - check_files_extensions_on_phar($phar, $files, '', $ext); + check_files_extensions_on_phar($phar, $files, '', $config); $phar->extractTo($base_folder, $files, true); break; @@ -246,22 +235,28 @@ if(isset($_GET['action'])) if($ftp){ unlink($path); - $ftp->putAll($base_folder, "/".$ftp_base_folder . $upload_dir . fix_dirname($_POST['path']), FTP_BINARY); + $ftp->putAll($base_folder, "/".$config['ftp_base_folder'] . $config['upload_dir'] . fix_dirname($_POST['path']), FTP_BINARY); deleteDir($base_folder); } break; case 'media_preview': + if(isset($_GET['file'])){ + $_GET['file'] = sanitize($_GET['file']); + } + if(isset($_GET['title'])){ + $_GET['title'] = sanitize($_GET['title']); + } if($ftp){ - $preview_file = $ftp_base_url.$upload_dir . $_GET['file']; + $preview_file = $config['ftp_base_url'].$config['upload_dir'] . $_GET['file']; }else{ - $preview_file = $current_path . $_GET["file"]; + $preview_file = $config['current_path'] . $_GET["file"]; } $info = pathinfo($preview_file); ob_start(); ?> - - +

    @@ -634,9 +633,9 @@ $class_ext = ''; $src = ''; if($ftp){ try{ - $files = $ftp->scanDir($ftp_base_folder.$upload_dir.$rfm_subfolder.$subdir); - if (!$ftp->isDir($ftp_base_folder.$ftp_thumbs_dir.$rfm_subfolder.$subdir)){ - create_folder(false,$ftp_base_folder.$ftp_thumbs_dir.$rfm_subfolder.$subdir,$ftp,$config); + $files = $ftp->scanDir($config['ftp_base_folder'].$config['upload_dir'].$rfm_subfolder.$subdir); + if (!$ftp->isDir($config['ftp_base_folder'].$config['ftp_thumbs_dir'].$rfm_subfolder.$subdir)){ + create_folder(false,$config['ftp_base_folder'].$config['ftp_thumbs_dir'].$rfm_subfolder.$subdir,$ftp,$config); } }catch(FtpClient\FtpException $e){ echo "Error: "; @@ -645,7 +644,7 @@ if($ftp){ die(); } }else{ - $files = scandir($current_path.$rfm_subfolder.$subdir); + $files = scandir($config['current_path'].$rfm_subfolder.$subdir); } $n_files= count($files); @@ -664,11 +663,14 @@ foreach($files as $k=>$file){ if($file['type']=='file'){ $current_files_number++; $file_ext = substr(strrchr($file['name'],'.'),1); + $is_dir = false; }else{ $current_folders_number++; $file_ext=trans('Type_dir'); + $is_dir = true; } $sorted[$k]=array( + 'is_dir'=>$is_dir, 'file'=>$file['name'], 'file_lcase'=>strtolower($file['name']), 'date'=>$date, @@ -680,16 +682,17 @@ foreach($files as $k=>$file){ if($file!="." && $file!=".."){ - if(is_dir($current_path.$rfm_subfolder.$subdir.$file)){ - $date=filemtime($current_path.$rfm_subfolder.$subdir. $file); + if(is_dir($config['current_path'].$rfm_subfolder.$subdir.$file)){ + $date=filemtime($config['current_path'].$rfm_subfolder.$subdir. $file); $current_folders_number++; - if($show_folder_size){ - list($size,$nfiles,$nfolders) = folder_info($current_path.$rfm_subfolder.$subdir.$file,false); + if($config['show_folder_size']){ + list($size,$nfiles,$nfolders) = folder_info($config['current_path'].$rfm_subfolder.$subdir.$file,false); } else { $size=0; } $file_ext=trans('Type_dir'); $sorted[$k]=array( + 'is_dir'=>true, 'file'=>$file, 'file_lcase'=>strtolower($file), 'date'=>$date, @@ -697,17 +700,18 @@ foreach($files as $k=>$file){ 'permissions' =>'', 'extension'=>fix_strtolower($file_ext) ); - if($show_folder_size){ + if($config['show_folder_size']){ $sorted[$k]['nfiles'] = $nfiles; $sorted[$k]['nfolders'] = $nfolders; } }else{ $current_files_number++; - $file_path=$current_path.$rfm_subfolder.$subdir.$file; + $file_path=$config['current_path'].$rfm_subfolder.$subdir.$file; $date=filemtime($file_path); $size=filesize($file_path); $file_ext = substr(strrchr($file,'.'),1); $sorted[$k]=array( + 'is_dir'=>false, 'file'=>$file, 'file_lcase'=>strtolower($file), 'date'=>$date, @@ -720,18 +724,52 @@ foreach($files as $k=>$file){ } } - function filenameSort($x, $y) { - return $x['file_lcase'] < $y['file_lcase']; + global $descending; + + if($x['is_dir'] !== $y['is_dir']){ + return $y['is_dir']; + } else { + return ($descending) + ? $x['file_lcase'] < $y['file_lcase'] + : $x['file_lcase'] >= $y['file_lcase']; + } } + function dateSort($x, $y) { - return $x['date'] < $y['date']; + global $descending; + + if($x['is_dir'] !== $y['is_dir']){ + return $y['is_dir']; + } else { + return ($descending) + ? $x['date'] < $y['date'] + : $x['date'] >= $y['date']; + } } + function sizeSort($x, $y) { - return $x['size'] < $y['size']; + global $descending; + + if($x['is_dir'] !== $y['is_dir']){ + return $y['is_dir']; + } else { + return ($descending) + ? $x['size'] < $y['size'] + : $x['size'] >= $y['size']; + } } + function extensionSort($x, $y) { - return $x['extension'] < $y['extension']; + global $descending; + + if($x['is_dir'] !== $y['is_dir']){ + return $y['is_dir']; + } else { + return ($descending) + ? $x['extension'] < $y['extension'] + : $x['extension'] >= $y['extension']; + } } switch($sort_by){ @@ -749,15 +787,12 @@ switch($sort_by){ break; } -if(!$descending){ - $sorted=array_reverse($sorted); -} - if($subdir!=""){ $sorted = array_merge(array(array('file'=>'..')),$sorted); } $files=$sorted; + ?>
    @@ -773,13 +808,13 @@ $files=$sorted;
    - + - + - + @@ -807,28 +842,28 @@ $files=$sorted;
    : - 0 or false){ ?> + 0 or false){ ?> - 0 or false){ ?> + 0 or false){ ?> - 0 or false){ ?> + 0 or false){ ?> - 0 or false){ ?> + 0 or false){ ?> - 0 or false){ ?> + 0 or false){ ?> - $file_number_limit_js){ ?> + $config['file_number_limit_js']){ ?> @@ -867,7 +902,7 @@ $files=$sorted; ?>
    • - +
  • ">
    • @@ -888,8 +923,8 @@ $files=$sorted;
  • ( ".trans('Files')." - ".$current_folders_number." ".trans('Folders');?>)
    • - -
  • + +
    • @@ -897,15 +932,15 @@ $files=$sorted;
    - isDir($ftp_base_folder.$upload_dir.$rfm_subfolder.$subdir)) || (!$ftp && @opendir($current_path.$rfm_subfolder.$subdir)===FALSE)){ ?> + isDir($config['ftp_base_folder'].$config['upload_dir'].$rfm_subfolder.$subdir)) || (!$ftp && @opendir($config['current_path'].$rfm_subfolder.$subdir)===FALSE)){ ?>
    There is an error! The upload folder there isn't. Check your config.php file.

    - -
    + +
    - +
    ">
    " href="javascript:void('')" data-sort="name">
    @@ -921,18 +956,17 @@ $files=$sorted;
      " id="main-item-container"> $file_number_limit_js && $file!=".." && stripos($file,$filter)===false)){ + if($file == '.' || ( substr($file, 0, 1) == '.' && isset( $file_array[ 'extension' ] ) && $file_array[ 'extension' ] == fix_strtolower(trans( 'Type_dir' ) )) || (isset($file_array['extension']) && $file_array['extension']!=fix_strtolower(trans('Type_dir'))) || ($file == '..' && $subdir == '') || in_array($file, $config['hidden_folders']) || ($filter!='' && $n_files>$config['file_number_limit_js'] && $file!=".." && stripos($file,$filter)===false)){ continue; } $new_name=fix_filename($file,$config); if($ftp && $file!='..' && $file!=$new_name){ //rename - rename_folder($current_path.$subdir.$file,$new_name,$ftp,$config); + rename_folder($config['current_path'].$subdir.$file,$new_name,$ftp,$config); $file=$new_name; } //add in thumbs folder if not exist @@ -961,7 +995,7 @@ $files=$sorted; $file_prevent_rename = isset($filePermissions[$file]['prevent_rename']) && $filePermissions[$file]['prevent_rename']; $file_prevent_delete = isset($filePermissions[$file]['prevent_delete']) && $filePermissions[$file]['prevent_delete']; } - ?>
      directory" data-type=""> + ?>
      directory" data-type=""> "/> @@ -969,13 +1003,13 @@ $files=$sorted; ">
      - .png" /> + .png" />
      - .png" /> + .png" />
      @@ -987,24 +1021,24 @@ $files=$sorted;
      -

      ">">

      +

      ">">

      - +
      - " title="" data-folder="1" data-permissions="" data-path=""> - - " title="" data-confirm="" data-path="" > - + " title="" data-folder="1" data-permissions=""> + + " title="" data-confirm="" > +
      @@ -1018,40 +1052,45 @@ $files=$sorted; foreach ($files as $nu=>$file_array) { $file=$file_array['file']; - if($file == '.' || $file == '..' || $file_array['extension']==fix_strtolower(trans('Type_dir')) || (!$config['ext_blacklist'] && !in_array(fix_strtolower($file_array['extension']), $ext)) || ($config['ext_blacklist'] && in_array(fix_strtolower($file_array['extension']), $config['ext_blacklist'])) || ($filter!='' && $n_files>$file_number_limit_js && stripos($file,$filter)===false)) + if($file == '.' || $file == '..' || $file_array['extension']==fix_strtolower(trans('Type_dir')) || !check_extension($file_array['extension'],$config) || ($filter!='' && $n_files>$config['file_number_limit_js'] && stripos($file,$filter)===false)) continue; - foreach ( $hidden_files as $hidden_file ) { + foreach ( $config['hidden_files'] as $hidden_file ) { if ( fnmatch($hidden_file, $file, FNM_PATHNAME) ) { continue 2; } } - $filename=substr($file, 0, '-' . (strlen($file_array['extension']) + 1)); + if(strlen($file_array['extension'])===0){ + $filename = $file; + } if(!$ftp){ - $file_path=$current_path.$rfm_subfolder.$subdir.$file; + $file_path=$config['current_path'].$rfm_subfolder.$subdir.$file; //check if file have illegal caracter if($file!=fix_filename($file,$config)){ $file1=fix_filename($file,$config); - $file_path1=($current_path.$rfm_subfolder.$subdir.$file1); + $file_path1=($config['current_path'].$rfm_subfolder.$subdir.$file1); if(file_exists($file_path1)){ $i = 1; $info=pathinfo($file1); - while(file_exists($current_path.$rfm_subfolder.$subdir.$info['filename'].".[".$i."].".$info['extension'])) { + while(file_exists($config['current_path'].$rfm_subfolder.$subdir.$info['filename'].".[".$i."].".$info['extension'])) { $i++; } $file1=$info['filename'].".[".$i."].".$info['extension']; - $file_path1=($current_path.$rfm_subfolder.$subdir.$file1); + $file_path1=($config['current_path'].$rfm_subfolder.$subdir.$file1); } $filename=substr($file1, 0, '-' . (strlen($file_array['extension']) + 1)); + if(strlen($file_array['extension'])===0){ + $filename = $file1; + } rename_file($file_path,fix_filename($filename,$config),$ftp,$config); $file=$file1; $file_array['extension']=fix_filename($file_array['extension'],$config); $file_path=$file_path1; } }else{ - $file_path = $config['ftp_base_url'].$upload_dir.$rfm_subfolder.$subdir.$file; + $file_path = $config['ftp_base_url'].$config['upload_dir'].$rfm_subfolder.$subdir.$file; } $is_img=false; @@ -1061,14 +1100,14 @@ $files=$sorted; $show_original_mini=false; $mini_src=""; $src_thumb=""; - if(in_array($file_array['extension'], $ext_img)){ + if(in_array($file_array['extension'], $config['ext_img'])){ $src = $file_path; $is_img=true; $img_width = $img_height = ""; if($ftp){ - $mini_src = $src_thumb = $config['ftp_base_url'].$ftp_thumbs_dir.$subdir. $file; - $creation_thumb_path = "/".$config['ftp_base_folder'].$ftp_thumbs_dir.$subdir. $file; + $mini_src = $src_thumb = $config['ftp_base_url'].$config['ftp_thumbs_dir'].$subdir. $file; + $creation_thumb_path = "/".$config['ftp_base_folder'].$config['ftp_thumbs_dir'].$subdir. $file; }else{ $creation_thumb_path = $mini_src = $src_thumb = $thumbs_path.$subdir. $file; @@ -1086,7 +1125,7 @@ $files=$sorted; } if($img_width<45 && $img_height<38){ - $mini_src=$current_path.$rfm_subfolder.$subdir.$file; + $mini_src=$config['current_path'].$rfm_subfolder.$subdir.$file; $show_original_mini=true; } } @@ -1096,10 +1135,10 @@ $files=$sorted; $no_thumb=false; if($src_thumb==""){ $no_thumb=true; - if(file_exists('img/'.$icon_theme.'/'.$file_array['extension'].".jpg")){ - $src_thumb ='img/'.$icon_theme.'/'.$file_array['extension'].".jpg"; + if(file_exists('img/'.$config['icon_theme'].'/'.$file_array['extension'].".jpg")){ + $src_thumb ='img/'.$config['icon_theme'].'/'.$file_array['extension'].".jpg"; }else{ - $src_thumb = "img/".$icon_theme."/default.jpg"; + $src_thumb = "img/".$config['icon_theme']."/default.jpg"; } $is_icon_thumb=true; } @@ -1108,15 +1147,15 @@ $files=$sorted; } $class_ext=0; - if (in_array($file_array['extension'], $ext_video)) { + if (in_array($file_array['extension'], $config['ext_video'])) { $class_ext = 4; $is_video=true; - }elseif (in_array($file_array['extension'], $ext_img)) { + }elseif (in_array($file_array['extension'], $config['ext_img'])) { $class_ext = 2; - }elseif (in_array($file_array['extension'], $ext_music)) { + }elseif (in_array($file_array['extension'], $config['ext_music'])) { $class_ext = 5; $is_audio=true; - }elseif (in_array($file_array['extension'], $ext_misc)) { + }elseif (in_array($file_array['extension'], $config['ext_misc'])) { $class_ext = 3; }else{ $class_ext = 1; @@ -1133,7 +1172,8 @@ $files=$sorted; $file_prevent_rename = isset($filePermissions[$file]['prevent_rename']) && $filePermissions[$file]['prevent_rename']; $file_prevent_delete = isset($filePermissions[$file]['prevent_delete']) && $filePermissions[$file]['prevent_delete']; } - ?>
      "> + ?> +
      ">
      @@ -1156,7 +1196,7 @@ $files=$sorted;
      -
      ">
      +
      ">
      " data-src=""> @@ -1167,7 +1207,7 @@ $files=$sorted;
      -

      "> +

      ">

      @@ -1183,30 +1223,31 @@ $files=$sorted; - + > + - + " title="" data-url="ajax_calls.php?action=media_preview&title=&file=" href="javascript:void('');" > - + - + - + - " title="" data-folder="0" data-permissions="" data-path=""> - + " title="" data-folder="0" data-permissions=""> + - " title="" data-confirm="" data-path=""> - + " title="" data-confirm=""> + @@ -1222,6 +1263,7 @@ $files=$sorted;
    +