13.2.02 warning blog vide

This reverts commit fc69015448.

.gitignore

@@ -9,4 +9,5 @@ site/i18n/*.json
 core/vendor/tinymce/link_list.json
 robots.txt
 sitemap.xml
-.gitignore
+.gitignore
+core/module/config/tool/data.key

CHANGES.md

@@ -1,5 +1,43 @@
 # Changelog
 
+## Version 13.2.02
+
+Corrige un warning quand un module blog ou news ne contient pas d'article.
+
+
+## Version 13.2.01
+
+### Correction
+
+Modification de la fonction d'écriture des données de la classe jsonDB dans le but de s'assurer de l'intégrité des données écrites. Un trafic intense en pointe sur des fichiers volumineux et sur un serveur peu puissant pouvait occasionner des erreurs d'écriture ou un mauvais formatage des données json.
+
+## Version 13.1.08
+
+### Corrections
+
+- Corrige des erreurs quand une page parente ou des pages enfants ont des permissions limitées.
+- Module Search 3.1 : initialisation du module après installation dans une page sans configration par l'utilisateur.
+
+### Améliorations
+
+- Sauvegarde de l'état des sélecteurs dans les tables des fontes et des utilisateurs.
+- Ajoute des contrôles d'intégrité des bases de données Json lors des opérations de chargement et de sauvegarde.
+- Fournit une interface pour le contrôle des sauvegardes automatisées et de leur nettoyage par script CRON.
+
+## Version 13.1.07
+
+### Corrections
+
+- Corrige une dépréciation de la sortie de la fonction Usort dans RFM.
+- Module slider 6.4 : corrige plusieurs bugs dans les fonctions de tri
+
+## Version 13.1.06
+
+### Corrections
+
+- Ajout d'utilisateur, étiquette non sauvegardée.
+- Slider, corrige un tri non pris en compte.
+
 ## Version 13.1.05
 
 ### Corrections

LISEZMOI.md

@@ -1,4 +1,4 @@
-# ZwiiCMS 13.1.05
+# ZwiiCMS 13.2.02
 
 Zwii est un CMS sans base de données (flat-file) qui permet de créer et gérer facilement un site web sans aucune connaissance en programmation.
 

README.md

@@ -1,4 +1,4 @@
-# ZwiiCMS 13.1.05
+# ZwiiCMS 13.2.02
 
 Zwii is a database-less (flat-file) CMS that allows you to easily create and manage a web site without any programming knowledge.
 

core/class/helper.class.php

@@ -77,7 +77,7 @@ class helper
 				// Créer la variable
 				$data = array_merge($data, [$text => '']);
 			}
-			file_put_contents('site/i18n/' . $to . '.json', json_encode($data, JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES | JSON_PRETTY_PRINT), LOCK_EX);
+			file_put_contents('site/i18n/' . $to . '.json', json_encode($data, JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES | JSON_PRETTY_PRINT));
 
 		}
 	}

core/class/jsondb/JsonDb.class.php

@@ -18,6 +18,12 @@ class JsonDb extends \Prowebcraft\Dot
     protected $db = '';
     protected $data = null;
     protected $config = [];
+    // Tentative d'encodage après échec
+    const MAX_JSON_ENCODE_ATTEMPTS = 5;
+    // Tentative d'écriture après échec
+    const MAX_FILE_WRITE_ATTEMPTS = 5;
+    // Délais entre deux tentaives
+    const RETRY_DELAY_SECONDS = 1;
 
     public function __construct($config = [])
     {
@@ -121,10 +127,10 @@ class JsonDb extends \Prowebcraft\Dot
             } else {
                 if ($this->config['backup']) {
                     try {
-                        //todo make backup of database
                         copy($this->config['dir'] . DIRECTORY_SEPARATOR . $this->config['name'], $this->config['dir'] . DIRECTORY_SEPARATOR . $this->config['name'] . '.backup');
                     } catch (\Exception $e) {
-
+                        error_log('Erreur de chargement : ' . $e);
+                        exit('Erreur de chargement : ' . $e);
                     }
                 }
             }
@@ -142,20 +148,40 @@ class JsonDb extends \Prowebcraft\Dot
      */
     public function save()
     {
-        $v = json_encode($this->data, JSON_UNESCAPED_UNICODE | JSON_FORCE_OBJECT);
-        $l = strlen($v);
-        $t = 0;
-        while ($t < 5) {
-            $w = file_put_contents($this->db, $v); // Multi user get a locker
-            if ($w == $l) {
+        // Encode les données au format JSON avec les options spécifiées
+        $encoded_data = json_encode($this->data, JSON_UNESCAPED_UNICODE | JSON_FORCE_OBJECT | JSON_PRETTY_PRINT);
+
+        // Vérifie la longueur de la chaîne JSON encodée
+        $encoded_length = strlen($encoded_data);
+
+        // Initialise le compteur de tentatives
+        $attempt = 0;
+
+        // Tente d'encoder les données en JSON et de les sauvegarder jusqu'à 5 fois en cas d'échec
+        while ($attempt < 5) {
+            // Essaye d'écrire les données encodées dans le fichier de base de données
+            $write_result = file_put_contents($this->db, $encoded_data, LOCK_EX); // Les utilisateurs multiples obtiennent un verrou
+
+            // Vérifie si l'écriture a réussi
+            if ($write_result === $encoded_length) {
+                // Sort de la boucle si l'écriture a réussi
                 break;
             }
-            $t++;
-        }
-        if ($w !== $l) {
-            error_log('Erreur d\'écriture, les données n\'ont pas été sauvegardées.');
-            exit('Erreur d\'écriture, les données n\'ont pas été sauvegardées.');
+
+            // Incrémente le compteur de tentatives
+            $attempt++;
+
+            // Attente
+            sleep(1);
         }
 
+        // Vérifie si l'écriture a échoué même après plusieurs tentatives
+        if ($write_result !== $encoded_length) {
+            // Enregistre un message d'erreur dans le journal des erreurs
+            error_log('Erreur d\'écriture, les données n\'ont pas été sauvegardées.');
+
+            // Affiche un message d'erreur et termine le script
+            exit('Erreur d\'écriture, les données n\'ont pas été sauvegardées.');
+        }
     }
 }

core/class/layout.class.php

@@ -151,7 +151,7 @@ class layout extends common
             }
             echo '</div>';
         }
-        echo '</main></section>';
+        echo '</section></main>';
     }
 
     /**

core/class/router.class.php

@@ -61,17 +61,17 @@ class core extends common
 
 		// Crée le fichier de personnalisation avancée
 		if (file_exists(self::DATA_DIR . 'custom.css') === false) {
-			file_put_contents(self::DATA_DIR . 'custom.css', file_get_contents('core/module/theme/resource/custom.css'));
+			$this->secure_file_put_contents(self::DATA_DIR . 'custom.css', file_get_contents('core/module/theme/resource/custom.css'));
 			chmod(self::DATA_DIR . 'custom.css', 0755);
 		}
 		// Crée le fichier de personnalisation
 		if (file_exists(self::DATA_DIR . 'theme.css') === false) {
-			file_put_contents(self::DATA_DIR . 'theme.css', '');
+			$this->secure_file_put_contents(self::DATA_DIR . 'theme.css', '');
 			chmod(self::DATA_DIR . 'theme.css', 0755);
 		}
 		// Crée le fichier de personnalisation de l'administration
 		if (file_exists(self::DATA_DIR . 'admin.css') === false) {
-			file_put_contents(self::DATA_DIR . 'admin.css', '');
+			$this->secure_file_put_contents(self::DATA_DIR . 'admin.css', '');
 			chmod(self::DATA_DIR . 'admin.css', 0755);
 		}
 
@@ -273,7 +273,7 @@ class core extends common
 			$css .= '#footerCopyright{text-align:' . $this->getData(['theme', 'footer', 'copyrightAlign']) . '}';
 
 			// Enregistre la personnalisation
-			file_put_contents(self::DATA_DIR . 'theme.css', $css);
+			$this->secure_file_put_contents(self::DATA_DIR . 'theme.css', $css);
 
 			// Effacer le cache pour tenir compte de la couleur de fond TinyMCE
 			header("Expires: Tue, 01 Jan 2000 00:00:00 GMT");
@@ -367,7 +367,7 @@ class core extends common
 			// Bordure du contour TinyMCE
 			$css .= '.mce-tinymce{border: 1px solid ' . $this->getData(['admin', 'borderBlockColor']) . '!important;}';
 			// Enregistre la personnalisation
-			file_put_contents(self::DATA_DIR . 'admin.css', $css);
+			$this->secure_file_put_contents(self::DATA_DIR . 'admin.css', $css);
 		}
 	}
 	/**

core/core.php

@@ -51,7 +51,7 @@ class common
 	const ACCESS_TIMER = 1800;
 
 	// Numéro de version
-	const ZWII_VERSION = '13.1.05';
+	const ZWII_VERSION = '13.2.02';
 
 	// URL autoupdate
 	const ZWII_UPDATE_URL = 'https://forge.chapril.org/ZwiiCMS-Team/cms-update/raw/branch/master/';
@@ -60,6 +60,18 @@ class common
 	// Valeurs possibles multiple de 10, 10 autorise 9 profils, 100 autorise 99 profils
 	const MAX_PROFILS = 10;
 
+	const MAX_FILE_WRITE_ATTEMPTS = 5;
+	
+	/**
+	 * Nombre maximal de tentatives d'encodage JSON
+	 */
+	const MAX_JSON_ENCODE_ATTEMPTS = 3;
+
+	/**
+	 * Temps d'attente entre les tentatives en secondes
+	 */
+	const RETRY_DELAY_SECONDS = 1;
+
 
 	public static $actions = [];
 	public static $coreModuleIds = [
@@ -347,6 +359,7 @@ class common
 		// Instanciation de la classe des entrées / sorties
 		$this->jsonDB(self::$siteContent);
 
+
 		// Installation fraîche, initialisation des modules
 		if ($this->user === []) {
 			foreach ($this->dataFiles as $stageId => $item) {
@@ -589,10 +602,48 @@ class common
 	public function setPage($page, $value, $lang)
 	{
 
-		return file_put_contents(self::DATA_DIR . $lang . '/content/' . $page . '.html', $value);
+		return $this->secure_file_put_contents(self::DATA_DIR . $lang . '/content/' . $page . '.html', $value);
 	}
 
+	/**
+	 * Écrit les données dans un fichier avec plusieurs tentatives d'écriture et verrouillage
+	 *
+	 * @param string $filename Le nom du fichier
+	 * @param string $data Les données à écrire dans le fichier
+	 * @param int $flags Les drapeaux optionnels à passer à la fonction $this->secure_file_put_contents
+	 * @return bool True si l'écriture a réussi, sinon false
+	 */
+	function secure_file_put_contents($filename, $data, $flags = 0)
+	{
 
+		// Initialise le compteur de tentatives
+		$attempts = 0;
+
+		// Convertit les données en chaîne de caractères
+		$serialized_data = serialize($data);
+
+		// Vérifie la longueur des données
+		$data_length = strlen($serialized_data);
+
+		// Effectue jusqu'à 5 tentatives d'écriture
+		while ($attempts < 5) {
+			// Essaye d'écrire les données dans le fichier avec verrouillage exclusif
+			$write_result = file_put_contents($filename, $data, LOCK_EX | $flags);
+
+			// Vérifie si l'écriture a réussi
+			if ($write_result !== false && $write_result === $data_length) {
+				// Sort de la boucle si l'écriture a réussi
+				return true;
+			}
+
+			// Incrémente le compteur de tentatives
+			$attempts++;
+		}
+
+		// Échec de l'écriture après plusieurs tentatives
+		return false;
+	}
+	
 
 	/**
 	 * Effacer les données de la page
@@ -706,65 +757,65 @@ class common
 	 * Appelée par le core uniquement
 	 */
 
-	private function buildHierarchy()
-	{
-
-		$pages = helper::arrayColumn($this->getData(['page']), 'position', 'SORT_ASC');
-		// Parents
-		foreach ($pages as $pageId => $pagePosition) {
-			if (
-				// Page parent
-				$this->getData(['page', $pageId, 'parentPageId']) === ""
-				// Ignore les pages dont l'utilisateur n'a pas accès
-				and ($this->getData(['page', $pageId, 'group']) === self::GROUP_VISITOR
-					or ($this->getUser('password') === $this->getInput('ZWII_USER_PASSWORD')
-						//and $this->getUser('group') >= $this->getData(['page', $pageId, 'group'])
-						// Modification qui tient compte du profil de la page
-						and ($this->getUser('group') * self::MAX_PROFILS + $this->getUser('profil')) >= ($this->getData(['page', $pageId, 'group']) * self::MAX_PROFILS + $this->getData(['page', $pageId, 'profil']))
-
-					)
-				)
-			) {
-				if ($pagePosition !== 0) {
-					$this->hierarchy['visible'][$pageId] = [];
-				}
-				if ($this->getData(['page', $pageId, 'block']) === 'bar') {
-					$this->hierarchy['bar'][$pageId] = [];
-				}
-				$this->hierarchy['all'][$pageId] = [];
-			}
-		}
-		// Enfants
-		foreach ($pages as $pageId => $pagePosition) {
-			if (
-				// Page parent
-				$parentId = $this->getData(['page', $pageId, 'parentPageId'])
-				// Ignore les pages dont l'utilisateur n'a pas accès
-				and (
-					($this->getData(['page', $pageId, 'group']) === self::GROUP_VISITOR
-						and $this->getData(['page', $parentId, 'group']) === self::GROUP_VISITOR
-					)
-					or ($this->getUser('password') === $this->getInput('ZWII_USER_PASSWORD')
-						//and $this->getUser('group') >= $this->getData(['page', $parentId, 'group'])
-						//and $this->getUser('group') >= $this->getData(['page', $pageId, 'group'])
-
-						// Modification qui tient compte du profil de la page
-						and ($this->getUser('group') * self::MAX_PROFILS + $this->getUser('profil')) >= ($this->getData(['page', $this->$parentId, 'group']) * self::MAX_PROFILS + $this->getData(['page', $this->$parentId, 'profil']))
-						and ($this->getUser('group') * self::MAX_PROFILS + $this->getUser('profil')) >= ($this->getData(['page', $this->$pageId, 'group']) * self::MAX_PROFILS + $this->getData(['page', $pageId, 'profil']))
-
-					)
-				)
-			) {
-				if ($pagePosition !== 0) {
-					$this->hierarchy['visible'][$parentId][] = $pageId;
-				}
-				if ($this->getData(['page', $pageId, 'block']) === 'bar') {
-					$this->hierarchy['bar'][$pageId] = [];
-				}
-				$this->hierarchy['all'][$parentId][] = $pageId;
-			}
-		}
-	}
+	 private function buildHierarchy()
+	 {
+ 
+		 $pages = helper::arrayColumn($this->getData(['page']), 'position', 'SORT_ASC');
+		 // Parents
+		 foreach ($pages as $pageId => $pagePosition) {
+			 if (
+				 // Page parent
+				 $this->getData(['page', $pageId, 'parentPageId']) === ""
+				 // Ignore les pages dont l'utilisateur n'a pas accès
+				 and ($this->getData(['page', $pageId, 'group']) === self::GROUP_VISITOR
+					 or ($this->getUser('password') === $this->getInput('ZWII_USER_PASSWORD')
+						 //and $this->getUser('group') >= $this->getData(['page', $pageId, 'group'])
+						 // Modification qui tient compte du profil de la page
+						 and ($this->getUser('group') * self::MAX_PROFILS + $this->getUser('profil')) >= ($this->getData(['page', $pageId, 'group']) * self::MAX_PROFILS + $this->getData(['page', $pageId, 'profil']))
+ 
+					 )
+				 )
+			 ) {
+				 if ($pagePosition !== 0) {
+					 $this->hierarchy['visible'][$pageId] = [];
+				 }
+				 if ($this->getData(['page', $pageId, 'block']) === 'bar') {
+					 $this->hierarchy['bar'][$pageId] = [];
+				 }
+				 $this->hierarchy['all'][$pageId] = [];
+			 }
+		 }
+		 // Enfants
+		 foreach ($pages as $pageId => $pagePosition) {
+ 
+			 if (
+				 // Page parent
+				 $parentId = $this->getData(['page', $pageId, 'parentPageId'])
+				 // Ignore les pages dont l'utilisateur n'a pas accès
+				 and (
+					 (
+						 $this->getData(['page', $pageId, 'group']) === self::GROUP_VISITOR
+						 and
+						 $this->getData(['page', $parentId, 'group']) === self::GROUP_VISITOR
+					 )
+					 or (
+						 $this->getUser('password') === $this->getInput('ZWII_USER_PASSWORD')
+						 and
+						 $this->getUser('group') * self::MAX_PROFILS + $this->getUser('profil')) >= ($this->getData(['page', $pageId, 'group']) * self::MAX_PROFILS + $this->getData(['page', $pageId, 'profil'])
+ 
+					 )
+				 )
+			 ) {
+				 if ($pagePosition !== 0) {
+					 $this->hierarchy['visible'][$parentId][] = $pageId;
+				 }
+				 if ($this->getData(['page', $pageId, 'block']) === 'bar') {
+					 $this->hierarchy['bar'][$pageId] = [];
+				 }
+				 $this->hierarchy['all'][$parentId][] = $pageId;
+			 }
+		 }
+	 }
 
 	/**
 	 * Génère un fichier json avec la liste des pages
@@ -1068,8 +1119,9 @@ class common
 			}
 			// Articles du blog
 			if (
-				$this->getData(['page', $parentPageId, 'moduleId']) === 'blog' &&
-				!empty($this->getData(['module', $parentPageId]))
+				$this->getData(['page', $parentPageId, 'moduleId']) === 'blog'
+				&& !empty($this->getData(['module', $parentPageId]))
+				&& $this->getData(['module', $parentPageId, 'posts'])
 			) {
 				foreach ($this->getData(['module', $parentPageId, 'posts']) as $articleId => $article) {
 					if ($this->getData(['module', $parentPageId, 'posts', $articleId, 'state']) === true) {
@@ -1121,7 +1173,7 @@ class common
 			}
 			$sitemap->updateRobots();
 		} else {
-			file_put_contents('robots.txt', 'User-agent: *' . PHP_EOL . 'Disallow: /');
+			$this->secure_file_put_contents('robots.txt', 'User-agent: *' . PHP_EOL . 'Disallow: /');
 		}
 
 		// Submit your sitemaps to Google, Yahoo, Bing and Ask.com
@@ -1398,7 +1450,7 @@ class common
 		$dataLog .= $message ? $this->getUrl() . ';' . $message : $this->getUrl();
 		$dataLog .= PHP_EOL;
 		if ($this->getData(['config', 'connect', 'log'])) {
-			file_put_contents(self::DATA_DIR . 'journal.log', $dataLog, FILE_APPEND);
+			$this->secure_file_put_contents(self::DATA_DIR . 'journal.log', $dataLog, FILE_APPEND);
 		}
 	}
 

core/include/update.inc.php

@@ -135,7 +135,7 @@ if ($this->getData(['core', 'dataVersion']) < 10200) {
 	}
 	// Créer les en-têtes du journal
 	$d = 'Date;Heure;IP;Id;Action' . PHP_EOL;
-	file_put_contents(self::DATA_DIR . 'journal.log', $d);
+	$this->secure_file_put_contents(self::DATA_DIR . 'journal.log', $d);
 	// Init préservation htaccess
 	$this->setData(['config', 'autoUpdateHtaccess', false]);
 	// Options de barre de membre simple
@@ -459,7 +459,7 @@ if ($this->getData(['core', 'dataVersion']) < 11000) {
 	}
 	foreach ($hierarchy as $parentKey => $parent) {
 		$content = $this->getData(['page', $parent, 'content']);
-		//file_put_contents(self::DATA_DIR . self::$siteContent . '/content/' . $parent . '.html', $content);
+		//$this->secure_file_put_contents(self::DATA_DIR . self::$siteContent . '/content/' . $parent . '.html', $content);
 		$this->setPage($parent, $content, 'fr');
 		$this->setData(['page', $parent, 'content', $parent . '.html']);
 	}
@@ -982,7 +982,7 @@ if ($this->getData(['core', 'dataVersion']) < 12309) {
 			$d = json_decode(file_get_contents(self::DATA_DIR . $key . '/locale.json'), true);
 			$d = array_merge($d['locale'], ['poweredPageLabel' => 'Motorisé par']);
 			$t['locale'] = $d;
-			file_put_contents(self::DATA_DIR . $key . '/locale.json', json_encode($t));
+			$this->secure_file_put_contents(self::DATA_DIR . $key . '/locale.json', $t);
 		}
 	}
 

core/module/config/config.php

@@ -534,7 +534,7 @@ class config extends common
 						'</IfModule>' . PHP_EOL .
 						'# URL rewriting' . PHP_EOL;
 					$fileContent = str_replace('# URL rewriting', $rewriteData, $fileContent);
-					file_put_contents(
+					$this->secure_file_put_contents(
 						'.htaccess',
 						$fileContent
 					);
@@ -550,7 +550,7 @@ class config extends common
 					$fileContent = file_get_contents('.htaccess');
 					$fileContent = explode('# URL rewriting', $fileContent);
 					$fileContent = $fileContent[0] . '# URL rewriting' . $fileContent[2];
-					file_put_contents(
+					$this->secure_file_put_contents(
 						'.htaccess',
 						$fileContent
 					);
@@ -654,10 +654,10 @@ class config extends common
 		) {
 			// Ecrire les fichiers de script
 			if ($this->geturl(2) === 'head') {
-				file_put_contents(self::DATA_DIR . 'head.inc.html', $this->getInput('configScriptHead', null));
+				$this->secure_file_put_contents(self::DATA_DIR . 'head.inc.html', $this->getInput('configScriptHead', null));
 			}
 			if ($this->geturl(2) === 'body') {
-				file_put_contents(self::DATA_DIR . 'body.inc.html', $this->getInput('configScriptBody', null));
+				$this->secure_file_put_contents(self::DATA_DIR . 'body.inc.html', $this->getInput('configScriptBody', null));
 			}
 			// Valeurs en sortie
 			$this->addOutput([
@@ -699,7 +699,7 @@ class config extends common
 				unlink(self::DATA_DIR . 'journal.log');
 				// Créer les en-têtes des journaux
 				$d = 'Date;Heure;IP;Id;Action' . PHP_EOL;
-				file_put_contents(self::DATA_DIR . 'journal.log', $d);
+				$this->secure_file_put_contents(self::DATA_DIR . 'journal.log', $d);
 				// Valeurs en sortie
 				$this->addOutput([
 					'title' => helper::translate('Configuration'),
@@ -775,7 +775,7 @@ class config extends common
 			ob_start();
 			$fileName = self::TEMP_DIR . 'blacklist.log';
 			$d = 'Date dernière tentative;Heure dernière tentative;Id;Adresse IP;Nombre d\'échecs' . PHP_EOL;
-			file_put_contents($fileName, $d);
+			$this->secure_file_put_contents($fileName, $d);
 			if (file_exists($fileName)) {
 				$d = $this->getData(['blacklist']);
 				$data = '';
@@ -783,7 +783,7 @@ class config extends common
 					$data .= helper::dateUTF8('%Y %m %d', $item['lastFail'], self::$i18nUI) . ' - ' . helper::dateUTF8('%H:%M', time(), self::$i18nUI);
 					$data .= $key . ';' . $item['ip'] . ';' . $item['connectFail'] . PHP_EOL;
 				}
-				file_put_contents($fileName, $data, FILE_APPEND);
+				$this->secure_file_put_contents($fileName, $data, FILE_APPEND);
 				header('Content-Description: File Transfer');
 				header('Content-Type: application/octet-stream');
 				header('Content-Transfer-Encoding: binary');

core/module/config/tool/.htaccess

@@ -0,0 +1,4 @@
+<Files "data.key">
+    Order Allow,Deny
+    Deny from all
+</Files>

core/module/config/tool/autobackup.php

@@ -0,0 +1,47 @@
+<?php
+
+/*
+Ce script PHP est conçu pour être appelé via une requête HTTP GET avec une clé spécifique pour déclencher la création d'une archive ZIP de sauvegarde.
+
+Exemple d'appel dans une URL :
+http://example.com/chemin/vers/autobackup.php?key=your_secret_key
+
+La clé doit être fournie en tant que paramètre "key" dans l'URL et correspondre à celle stockée dans le fichier "data.key" pour que la création de l'archive soit autorisée. Si la clé est valide, le script parcourt le répertoire spécifié et ajoute les fichiers à l'archive ZIP. Si la clé est invalide ou absente, le script affiche un message d'erreur et termine son exécution.
+
+*/
+
+// Vérification de la clé
+if (isset ($_GET['key'])) {
+    $key = $_GET['key'];
+    $storedKey = file_get_contents('data.key');
+    if ($key !== $storedKey) {
+        http_response_code(401);
+        exit();
+    }
+    // Création du ZIP
+    $filter = ['backup', 'tmp'];
+    $fileName = date('Y-m-d-H-i-s', time()) . '-rolling-backup.zip';
+    $zip = new ZipArchive();
+    $zip->open('../../../../site/backup/' . $fileName, ZipArchive::CREATE | ZipArchive::OVERWRITE);
+    $directory = '../../../../site';
+    $files = new RecursiveIteratorIterator(
+        new RecursiveCallbackFilterIterator(
+            new RecursiveDirectoryIterator(
+                $directory,
+                RecursiveDirectoryIterator::SKIP_DOTS
+            ),
+            function ($fileInfo, $key, $iterator) use ($filter) {
+                return $fileInfo->isFile() || !in_array($fileInfo->getBaseName(), $filter);
+            }
+        )
+    );
+    foreach ($files as $name => $file) {
+        if (!$file->isDir()) {
+            $filePath = $file->getRealPath();
+            $relativePath = substr($filePath, strlen(realpath($directory)) + 1);
+            $zip->addFile($filePath, $relativePath);
+        }
+    }
+    $zip->close();
+    http_response_code(201);
+}

core/module/config/tool/cleanautobackup.php

@@ -0,0 +1,49 @@
+<?php
+
+/*
+Ce script PHP est conçu pour supprimer les fichiers ayant l'extension 'tar.gz' dans un répertoire de sauvegarde si leur dernière modification remonte à un certain nombre de jours spécifié via une requête HTTP GET.
+
+Exemple d'appel dans une URL avec le nombre de jours spécifié :
+http://example.com/chemin/vers/script.php?days=7&key=your_secret_key
+
+Le script vérifie également la présence et la validité d'une clé spécifique pour déclencher son exécution. La clé doit être fournie en tant que paramètre "key" dans l'URL et correspondre à celle stockée dans le fichier "data.key" pour que la suppression des fichiers soit autorisée. Si la clé est invalide ou absente, le script affiche un message d'erreur et termine son exécution.
+
+*/
+
+// Vérification de la clé
+if (isset ($_GET['key'])) {
+    // Récupération de la clé fournie en GET
+    $key = $_GET['key'];
+
+    // Récupération de la clé stockée dans le fichier data.key
+    $storedKey = file_get_contents('data.key');
+
+    // Vérification de correspondance entre les clés
+    if ($key !== $storedKey) {
+        http_response_code(401);
+        exit();
+    }
+
+    // Récupère le nombre de jours à partir de la variable GET 'days'
+    $days = isset ($_GET['days']) ? (int) $_GET['days'] : 1; // Par défaut à 1 si non spécifié
+
+    // Chemin vers le répertoire contenant les fichiers
+    $directory = '../../../../site/backup/'; // Remplacez par le chemin réel
+
+    // Convertit le nombre de jours en secondes
+    $timeLimit = strtotime("-$days days");
+
+    // Crée un nouvel objet DirectoryIterator
+    foreach (new DirectoryIterator($directory) as $file) {
+        // Vérifie si l'élément courant est un fichier et a l'extension 'tar.gz'
+        if ($file->isFile() && $file->getExtension() === 'tar.gz') {
+            // Vérifie si le fichier a été modifié avant la limite de temps
+            if ($file->getMTime() < $timeLimit) {
+                // Supprime le fichier
+                unlink($file->getRealPath());
+            }
+        }
+    }
+    // Si la clé est manquante, affiche un message d'erreur et arrête l'exécution du script
+    http_response_code(201);
+}

core/module/config/view/script/script.php

@@ -7,7 +7,7 @@
 			'value' => template::ico('left')
         ]); ?>
     </div>
-    <div class="col2 offset8">
+    <div class="col2 offset9">
         <?php echo template::submit('configManageSubmit', [
             'value' => 'Valider',
             'ico' => 'check'

core/module/install/install.php

@@ -292,7 +292,7 @@ class install extends common
 				case 2:
 					$success = true;
 					$message = '';
-					file_put_contents(self::TEMP_DIR . 'update.tar.gz', helper::getUrlContents(common::ZWII_UPDATE_URL . common::ZWII_UPDATE_CHANNEL . '/update.tar.gz'));
+					$this->secure_file_put_contents(self::TEMP_DIR . 'update.tar.gz', helper::getUrlContents(common::ZWII_UPDATE_URL . common::ZWII_UPDATE_CHANNEL . '/update.tar.gz'));
 					$md5origin = helper::getUrlContents(common::ZWII_UPDATE_URL . common::ZWII_UPDATE_CHANNEL . '/update.md5');
 					$md5origin = explode(' ', $md5origin);
 					$md5target = md5_file(self::TEMP_DIR . 'update.tar.gz');
@@ -401,7 +401,7 @@ class install extends common
 								'</IfModule>' . PHP_EOL .
 								'# URL rewriting' . PHP_EOL;
 							$fileContent = str_replace('# URL rewriting', $rewriteData, $fileContent);
-							$success = file_put_contents(
+							$success = $this->secure_file_put_contents(
 								'.htaccess',
 								$fileContent
 							);

core/module/language/language.php

@@ -99,7 +99,7 @@ class language extends common
 				is_array($descripteur['language'][$lang])
 			) {
 				if ($this->setData(['language', $lang, $descripteur['language'][$lang]])) {
-					$success = file_put_contents(self::I18N_DIR . $lang . '.json', json_encode($languageData, JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES | JSON_PRETTY_PRINT));
+					$success = $this->secure_file_put_contents(self::I18N_DIR . $lang . '.json', $languageData);
 					$success = is_int($success) ? true : false;
 				}
 			}
@@ -430,7 +430,7 @@ class language extends common
 				$this->setData(['locale', $data['locale']]);
 			} else {
 				// Sauver sur le disque
-				file_put_contents(self::DATA_DIR . $lang . '/locale.json', json_encode($data, JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES | JSON_PRETTY_PRINT), LOCK_EX);
+				$this->secure_file_put_contents(self::DATA_DIR . $lang . '/locale.json', $data);
 			}
 
 			// Valeurs en sortie
@@ -512,7 +512,7 @@ class language extends common
 					$data[$key] = $target;
 				}
 			}
-			file_put_contents(self::I18N_DIR . $lang . '.json', json_encode($data, JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES | JSON_PRETTY_PRINT), LOCK_EX);
+			$this->secure_file_put_contents(self::I18N_DIR . $lang . '.json', $data);
 
 			// Mettre à jour le descripteur
 			$this->setData([
@@ -546,7 +546,7 @@ class language extends common
 				$data[$key] = '';
 			}
 		}
-		file_put_contents(self::I18N_DIR . $lang . '.json', json_encode($data, JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES | JSON_PRETTY_PRINT), LOCK_EX);
+		$this->secure_file_put_contents(self::I18N_DIR . $lang . '.json', $data);
 
 		//  Tableau des chaines à traduire dans la langue sélectionnée
 		foreach ($data as $key => $value) {

core/module/page/page.php

@@ -177,7 +177,7 @@ class page extends common
 			if (!is_dir(self::DATA_DIR . self::$siteContent . '/content')) {
 				mkdir(self::DATA_DIR . self::$siteContent . '/content', 0755);
 			}
-			//file_put_contents(self::DATA_DIR . self::$siteContent . '/content/' . $pageId . '.html', '<p>Contenu de votre nouvelle page.</p>');
+			//$this->secure_file_put_contents(self::DATA_DIR . self::$siteContent . '/content/' . $pageId . '.html', '<p>Contenu de votre nouvelle page.</p>');
 			$this->setPage($pageId, '<p>Contenu de votre nouvelle page.</p>', self::$siteContent);
 
 			// Met à jour le sitemap

core/module/plugin/plugin.php

@@ -314,7 +314,7 @@ class plugin extends common
 				mkdir(self::FILE_DIR . 'source/modules', 0755);
 			}
 			// Sauver les données du fichiers
-			file_put_contents(self::FILE_DIR . 'source/modules/' . $moduleFile, $moduleData);
+			$this->secure_file_put_contents(self::FILE_DIR . 'source/modules/' . $moduleFile, $moduleData);
 
 			// Installation directe
 			if (file_exists(self::FILE_DIR . 'source/modules/' . $moduleFile)) {
@@ -592,7 +592,7 @@ class plugin extends common
 			$fileName = $moduleId . str_replace('.', '-', $infoModule[$moduleId]['version']) . '.zip';
 
 			// Régénération du descripteur du module
-			file_put_contents(self::MODULE_DIR . $moduleId . '/enum.json', json_encode($infoModule[$moduleId], JSON_UNESCAPED_UNICODE));
+			$this->secure_file_put_contents(self::MODULE_DIR . $moduleId . '/enum.json', $infoModule[$moduleId]);
 
 			// Construire l'archive
 			$this->makeZip($tmpFolder . $fileName, self::MODULE_DIR . $moduleId);

core/module/theme/theme.php

@@ -304,7 +304,7 @@ class theme extends common
 			$this->isPost()
 		) {
 			// Enregistre le CSS
-			file_put_contents(self::DATA_DIR . 'custom.css', $this->getInput('themeAdvancedCss', null));
+			$this->secure_file_put_contents(self::DATA_DIR . 'custom.css', $this->getInput('themeAdvancedCss', null));
 			// Valeurs en sortie
 			$this->addOutput([
 				'notification' => helper::translate('Modifications enregistrées'),
@@ -1290,7 +1290,7 @@ class theme extends common
 		}
 		// Sauvegarder la chaîne modifiée
 		if ($count > 0) {
-			file_put_contents($file, $data);
+			$this->secure_file_put_contents($file, $data);
 		}
 		// Retourner le nombre d'occurrences
 		return ($count);
@@ -1396,8 +1396,8 @@ class theme extends common
 		}
 
 		// Enregistre la personnalisation
-		file_put_contents(self::DATA_DIR . 'font/font.html', $fileContent);
+		$this->secure_file_put_contents(self::DATA_DIR . 'font/font.html', $fileContent);
 		// Enregistre la personnalisation
-		file_put_contents(self::DATA_DIR . 'font/font.css', $fileContentCss);
+		$this->secure_file_put_contents(self::DATA_DIR . 'font/font.css', $fileContentCss);
 	}
 }

core/module/theme/view/font/font.js.php

@@ -19,6 +19,7 @@ $('#dataTables').DataTable({
         url: "core/vendor/datatables/french.json",
     },
     locale: 'fr',
+    stateSave: true,
     "columnDefs": [{
             target: 5,
             orderable: false,

core/module/user/user.php

@@ -133,7 +133,7 @@ class user extends common
 					'accessTimer' => null,
 					'accessCsrf' => null,
 					'language' => $this->getInput('userAddLanguage', helper::FILTER_STRING_SHORT),
-					'tags' => ''
+					'tags' => $this->getInput('userAddTags', helper::FILTER_STRING_SHORT),
 				]
 			]);
 
@@ -739,9 +739,9 @@ class user extends common
 		}
 
 		// Chemin vers les dossiers du gestionnaire de fichier
-		self::$sharePath = $this->getSubdirectories('./site/file/source');
+		self::$sharePath = $this->getSubdirectories('site/file/source');
 		self::$sharePath = array_flip(self::$sharePath);
-		self::$sharePath = array_merge(['./site/file/source/' => 'Tous les dossiers'], self::$sharePath);
+		self::$sharePath = array_merge(['site/file/source/' => 'Tous les dossiers'], self::$sharePath);
 		self::$sharePath = array_merge([null => 'Aucun dossier'], self::$sharePath);
 
 		// Liste des modules installés
@@ -896,9 +896,9 @@ class user extends common
 		}
 
 		// Chemin vers les dossiers du gestionnaire de fichier
-		self::$sharePath = $this->getSubdirectories('./site/file/source');
+		self::$sharePath = $this->getSubdirectories('site/file/source');
 		self::$sharePath = array_flip(self::$sharePath);
-		self::$sharePath = array_merge(['./site/file/source/' => 'Tous les dossiers'], self::$sharePath);
+		self::$sharePath = array_merge(['site/file/source/' => 'Tous les dossiers'], self::$sharePath);
 		self::$sharePath = array_merge([null => 'Aucun dossier'], self::$sharePath);
 
 		// Liste des modules installés

core/module/user/view/index/index.js.php

@@ -28,6 +28,7 @@ $(document).ready((function () {
             url: "core/vendor/datatables/french.json",
         },
         locale: 'fr',
+        stateSave: true,
         "columnDefs": [
             {
                 target: 5,

core/vendor/filemanager/dialog.php

@@ -864,50 +864,54 @@ if ($config['upload_files']) { ?>
 
     switch ($sort_by) {
         case 'date':
-            //usort($sorted, 'dateSort');
             usort($sorted, function($x, $y) use ($descending) {
                 if ($x['is_dir'] !== $y['is_dir']) {
                     return $y['is_dir'] ? 1 : -1;
                 } else {
-                    return ($descending)
-                        ? $x['size'] < $y['size']
-                        : $x['size'] >= $y['size'];
+                    if ($descending) {
+                        return ($x['size'] < $y['size']) ? -1 : ($x['size'] > $y['size'] ? 1 : 0);
+                    } else {
+                        return ($x['size'] > $y['size']) ? -1 : ($x['size'] < $y['size'] ? 1 : 0);
+                    }
                 }
             });
             break;
         case 'size':
-            //usort($sorted, 'sizeSort');
             usort($sorted, function($x, $y) use ($descending) {
                 if ($x['is_dir'] !== $y['is_dir']) {
                     return $y['is_dir'] ? 1 : -1;
                 } else {
-                    return ($descending)
-                        ? $x['date'] < $y['date']
-                        : $x['date'] >= $y['date'];
+                    if ($descending) {
+                        return ($x['date'] < $y['date']) ? -1 : ($x['date'] > $y['date'] ? 1 : 0);
+                    } else {
+                        return ($x['date'] > $y['date']) ? -1 : ($x['date'] < $y['date'] ? 1 : 0);
+                    }
                 }
             });
-            break;
         case 'extension':
-            //usort($sorted, 'extensionSort');
             usort($sorted, function($x, $y) use ($descending) {
                 if ($x['is_dir'] !== $y['is_dir']) {
                     return $y['is_dir'] ? 1 : -1;
                 } else {
-                    return ($descending)
-                        ? ($x['extension'] < $y['extension'] ? 1 : 0)
-                        : ($x['extension'] >= $y['extension'] ? 1 : 0);
+                    if ($descending) {
+                        return strcasecmp($x['extension'], $y['extension']);
+                    } else {
+                        return -strcasecmp($x['extension'], $y['extension']);
+                    }
                 }
             });
+            
             break;
         default:
-            // usort($sorted, 'filenameSort');
             usort($sorted, function($x, $y) use ($descending) {
                 if ($x['is_dir'] !== $y['is_dir']) {
                     return $y['is_dir'] ? 1 : -1;
                 } else {
-                    return ($descending)
-                    ? ($x['file_lcase'] < $y['file_lcase'] ? 1 : ($x['file_lcase'] == $y['file_lcase'] ? 0 : -1))
-                    : ($x['file_lcase'] >= $y['file_lcase'] ? 1 : ($x['file_lcase'] == $y['file_lcase'] ? 0 : -1));
+                    if ($descending) {
+                        return strcasecmp($x['file_lcase'], $y['file_lcase']);
+                    } else {
+                        return -strcasecmp($x['file_lcase'], $y['file_lcase']);
+                    }
                 }
             });
             break;

module/blog/blog.php

@@ -16,7 +16,7 @@
 class blog extends common
 {
 
-	const VERSION = '7.5';
+	const VERSION = '7.6';
 	const REALNAME = 'Blog';
 	const DELETE = true;
 	const UPDATE = '0.0';

module/blog/changes.md

@@ -1,3 +1,5 @@
+# Version 7.6
+- Mise à jour RSS Feed
 # Version 7.5
 - Bug paramètre de localisation erroné
 # Version 7.4

module/blog/vendor/FeedWriter/CHANGELOG.md

@@ -0,0 +1,74 @@
+# Change Log
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](http://keepachangelog.com/) .
+
+## [v1.1.2] - 2023-05-25
+### Changed
+- Throw an exception if required feed elements are set with ```NULL``` value. See issue #46.
+
+## [v1.1.1] - 2016-11-19
+### Changed
+- Improved the documentation.
+- Changed to PSR-4 autoloader in composer.json.
+
+### Fixed
+- Item::addElement did not method chain in error conditions.
+
+## [v1.1.0] - 2016-11-08
+### Added
+- Support for multiple element values.
+- Support for a feed description in ATOM feeds.
+- Support for ATOM feeds without ```link``` elements.
+- Support for a feed image in RSS 1.0 and ATOM feeds.
+
+### Changed
+- The script does now throw Exceptions instead of stopping the PHP interpreter on error conditions.
+- The unique identifier for ATOM feeds / entries use the feed / entry title for generating the ID (previously the feed / entry link).
+- Some URI schemes for ```Item::setId``` were wrongly allowed.
+- The parameter order of the ```Feed::setImage``` method was changed.
+
+### Fixed
+- Fixed slow generation of the feed with huge amounts of feed entries (like 40k entries).
+- Fixed PHP warning when ```Feed::setChannelAbout``` for RSS 1.0 feeds was not called.
+- A feed element was generated twice if the element content & attribute value was ```NULL```.
+- The detection of twice the same link with ```rel=alternate```, ```hreflang``` & ```type``` did not work.
+
+### Removed
+- The deprecated method ```Item::setEnclosure``` was removed. Use ```Item::addEnclosure``` instead.
+
+## [v1.0.4] - 2016-04-17
+### Changed
+- The unique identifier for ATOM feed entries is now compliant to the ATOM standard.
+
+### Fixed
+- Filter more invalid XML chars.
+- Fixed a PHP warning displayed if ```Feed::setTitle``` or ```Feed::setLink``` was not called.
+
+## [v1.0.3] - 2015-11-11
+### Added
+- Method for removing tags which were CDATA encoded.
+ 
+### Fixed
+- Fixed error when the filtering of invalid XML chars failed.
+- Fixed missing docblock documentation.
+
+## [v1.0.2] - 2015-01-23
+### Fixed
+- Fixed a wrong docblock return data type.
+
+## [v1.0.1] - 2014-09-21
+### Fixed
+- Filter invalid XML chars.
+
+## v1.0 - 2014-09-14
+
+
+[Unreleased]: https://github.com/mibe/FeedWriter/compare/v1.1.2...HEAD
+[v1.1.2]: https://github.com/mibe/FeedWriter/compare/v1.1.1...v1.1.2
+[v1.1.1]: https://github.com/mibe/FeedWriter/compare/v1.1.0...v1.1.1
+[v1.1.0]: https://github.com/mibe/FeedWriter/compare/v1.0.4...v1.1.0
+[v1.0.4]: https://github.com/mibe/FeedWriter/compare/v1.0.3...v1.0.4
+[v1.0.3]: https://github.com/mibe/FeedWriter/compare/v1.0.2...v1.0.3
+[v1.0.2]: https://github.com/mibe/FeedWriter/compare/v1.0.1...v1.0.2
+[v1.0.1]: https://github.com/mibe/FeedWriter/compare/v1.0...v1.0.1

module/blog/vendor/FeedWriter/Feed.php

@@ -2,10 +2,11 @@
 namespace FeedWriter;
 
 use \DateTime;
+use \DateTimeInterface;
 
 /*
  * Copyright (C) 2008 Anis uddin Ahmad <anisniit@gmail.com>
- * Copyright (C) 2010-2016 Michael Bemmerl <mail@mx-server.de>
+ * Copyright (C) 2010-2016, 2022 Michael Bemmerl <mail@mx-server.de>
  *
  * This file is part of the "Universal Feed Writer" project.
  *
@@ -76,6 +77,13 @@ abstract class Feed
     */
     private $version       = null;
 
+    /**
+    * Contains the encoding of this feed.
+    *
+    * @var string
+    */
+    private $encoding      = 'utf-8';
+
     /**
      * Constructor
      *
@@ -87,9 +95,6 @@ abstract class Feed
     {
         $this->version = $version;
 
-        // Setting default encoding
-        $this->encoding = 'utf-8';
-
         // Setting default value for essential channel element
         $this->setTitle($version . ' Feed');
 
@@ -396,9 +401,13 @@ abstract class Feed
     * @access   public
     * @param    string $title value of 'title' channel tag
     * @return   self
+    * @throws   \InvalidArgumentException if the title is empty or NULL.
     */
     public function setTitle($title)
     {
+        if (empty($title))
+            throw new \InvalidArgumentException('The title may not be empty or NULL.');
+
         return $this->setChannelElement('title', $title);
     }
 
@@ -406,15 +415,15 @@ abstract class Feed
     * Set the date when the feed was lastly updated.
     *
     * This adds the 'updated' element to the feed. The value of the date parameter
-    * can be either an instance of the DateTime class, an integer containing a UNIX
+    * can be either a class implementing DateTimeInterface, an integer containing a UNIX
     * timestamp or a string which is parseable by PHP's 'strtotime' function.
     *
     * Not supported in RSS1 feeds.
     *
     * @access   public
-    * @param    DateTime|int|string  Date which should be used.
+    * @param    DateTimeInterface|int|string  Date which should be used.
     * @return   self
-    * @throws   \InvalidArgumentException if the given date is not an instance of DateTime, a UNIX timestamp or a date string.
+    * @throws   \InvalidArgumentException if the given date is not an implementation of DateTimeInterface, a UNIX timestamp or a date string.
     * @throws   InvalidOperationException if this method is called on an RSS1 feed.
     */
     public function setDate($date)
@@ -425,7 +434,7 @@ abstract class Feed
         // The feeds have different date formats.
         $format = $this->version == Feed::ATOM ? \DATE_ATOM : \DATE_RSS;
 
-        if ($date instanceof DateTime)
+        if ($date instanceof DateTimeInterface || $date instanceof DateTime)
             $date = $date->format($format);
         else if(is_numeric($date) && $date >= 0)
             $date = date($format, $date);
@@ -438,7 +447,7 @@ abstract class Feed
             $date = date($format, $timestamp);
         }
         else
-            throw new \InvalidArgumentException('The given date is not an instance of DateTime, a UNIX timestamp or a date string.');
+            throw new \InvalidArgumentException('The given date is not an implementation of DateTimeInterface, a UNIX timestamp or a date string.');
 
         if ($this->version == Feed::ATOM)
             $this->setChannelElement('updated', $date);
@@ -454,9 +463,13 @@ abstract class Feed
     * @access   public
     * @param    string  $description Description of the feed.
     * @return   self
+    * @throws   \InvalidArgumentException if the description is empty or NULL.
     */
     public function setDescription($description)
     {
+        if (empty($description))
+            throw new \InvalidArgumentException('The description may not be empty or NULL.');
+
         if ($this->version != Feed::ATOM)
             $this->setChannelElement('description', $description);
         else
@@ -471,9 +484,13 @@ abstract class Feed
     * @access   public
     * @param    string $link value of 'link' channel tag
     * @return   self
+    * @throws   \InvalidArgumentException if the link is empty or NULL.
     */
     public function setLink($link)
     {
+        if (empty($link))
+            throw new \InvalidArgumentException('The link may not be empty or NULL.');
+
         if ($this->version == Feed::ATOM)
             $this->setAtomLink($link);
         else
@@ -667,7 +684,7 @@ abstract class Feed
     /**
     * Replace invalid XML characters.
     *
-    * @link http://www.phpwact.org/php/i18n/charsets#xml See utf8_for_xml() function
+    * @link https://web.archive.org/web/20160608013721/http://www.phpwact.org:80/php/i18n/charsets#xml See utf8_for_xml() function
     * @link http://www.w3.org/TR/REC-xml/#charsets
     * @link https://github.com/mibe/FeedWriter/issues/30
     *
@@ -906,7 +923,7 @@ abstract class Feed
             $out .= "</rdf:Seq>" . PHP_EOL . "</items>" . PHP_EOL . "</channel>" . PHP_EOL;
 
             // An image has its own element after the channel elements.
-            if (array_key_exists('image', $this->data))
+            if (array_key_exists('Image', $this->data))
                 $out .= $this->makeNode('image', $this->data['Image'], array('rdf:about' => $this->data['Image']['url']));
         } else if ($this->version == Feed::ATOM) {
             // ATOM feeds have a unique feed ID. Use the title channel element as key.

module/blog/vendor/FeedWriter/Item.php

@@ -2,6 +2,7 @@
 namespace FeedWriter;
 
 use \DateTime;
+use \DateTimeInterface;
 
 /*
  * Copyright (C) 2008 Anis uddin Ahmad <anisniit@gmail.com>
@@ -217,19 +218,19 @@ class Item
     /**
     * Set the 'date' element of the feed item.
     *
-    * The value of the date parameter can be either an instance of the
-    * DateTime class, an integer containing a UNIX timestamp or a string
+    * The value of the date parameter can be either a class implementing
+    * DateTimeInterface, an integer containing a UNIX timestamp or a string
     * which is parseable by PHP's 'strtotime' function.
     *
     * @access   public
-    * @param    DateTime|int|string $date Date which should be used.
+    * @param    DateTimeInterface|int|string $date Date which should be used.
     * @return   self
     * @throws   \InvalidArgumentException if the given date was not parseable.
     */
     public function setDate($date)
     {
         if (!is_numeric($date)) {
-            if ($date instanceof DateTime)
+            if ($date instanceof DateTimeInterface || $date instanceof DateTime)
                 $date = $date->getTimestamp();
             else {
                 $date = strtotime($date);
@@ -277,7 +278,7 @@ class Item
     * Attach a external media to the feed item.
     * Not supported in RSS 1.0 feeds.
     *
-    * See RFC 4288 for syntactical correct MIME types.
+    * See RFC 6838 for syntactical correct MIME types.
     *
     * Note that you should avoid the use of more than one enclosure in one item,
     * since some RSS aggregators don't support it.
@@ -288,7 +289,8 @@ class Item
     * @param    string  $type     The MIME type attribute of the media.
     * @param    boolean $multiple Specifies if multiple enclosures are allowed
     * @return   self
-    * @link     https://tools.ietf.org/html/rfc4288
+    * @link     https://tools.ietf.org/html/rfc6838
+    * @link     http://www.iana.org/assignments/media-types/media-types.xhtml
     * @throws   \InvalidArgumentException if the length or type parameter is invalid.
     * @throws   InvalidOperationException if this method is called on RSS1 feeds.
     */
@@ -389,7 +391,7 @@ class Item
             // Check if the given ID is an valid URI scheme (see RFC 4287 4.2.6)
             // The list of valid schemes was generated from http://www.iana.org/assignments/uri-schemes
             // by using only permanent or historical schemes.
-            $validSchemes = array('aaa', 'aaas', 'about', 'acap', 'acct', 'cap', 'cid', 'coap', 'coaps', 'crid', 'data', 'dav', 'dict', 'dns', 'example', 'fax', 'file', 'filesystem', 'ftp', 'geo', 'go', 'gopher', 'h323', 'http', 'https', 'iax', 'icap', 'im', 'imap', 'info', 'ipp', 'ipps', 'iris', 'iris.beep', 'iris.lwz', 'iris.xpc', 'iris.xpcs', 'jabber', 'ldap', 'mailserver', 'mailto', 'mid', 'modem', 'msrp', 'msrps', 'mtqp', 'mupdate', 'news', 'nfs', 'ni', 'nih', 'nntp', 'opaquelocktoken', 'pack', 'pkcs11', 'pop', 'pres', 'prospero', 'reload', 'rtsp', 'rtsps', 'rtspu', 'service', 'session', 'shttp', 'sieve', 'sip', 'sips', 'sms', 'snews', 'snmp', 'soap.beep', 'soap.beeps', 'stun', 'stuns', 'tag', 'tel', 'telnet', 'tftp', 'thismessage', 'tip', 'tn3270', 'turn', 'turns', 'tv', 'urn', 'vemmi', 'videotex', 'vnc', 'wais', 'ws', 'wss', 'xcon', 'xcon-userid', 'xmlrpc.beep', 'xmlrpc.beeps', 'xmpp', 'z39.50', 'z39.50r', 'z39.50s');
+            $validSchemes = array('aaa', 'aaas', 'about', 'acap', 'acct', 'bb', 'cap', 'cid', 'coap', 'coap+tcp', 'coap+ws', 'coaps', 'coaps+tcp', 'coaps+ws', 'crid', 'data', 'dav', 'dict', 'dns', 'drop', 'dtn', 'example', 'fax', 'file', 'filesystem', 'ftp', 'geo', 'go', 'gopher', 'grd', 'h323', 'http', 'https', 'iax', 'icap', 'im', 'imap', 'info', 'ipn', 'ipp', 'ipps', 'iris', 'iris.beep', 'iris.lwz', 'iris.xpc', 'iris.xpcs', 'jabber', 'ldap', 'leaptofrogans', 'mailserver', 'mailto', 'mid', 'modem', 'msrp', 'msrps', 'mt', 'mtqp', 'mupdate', 'news', 'nfs', 'ni', 'nih', 'nntp', 'opaquelocktoken', 'p1', 'pack', 'pkcs11', 'pop', 'pres', 'prospero', 'reload', 'rtsp', 'rtsps', 'rtspu', 'service', 'session', 'shttp (OBSOLETE)', 'sieve', 'sip', 'sips', 'sms', 'snews', 'snmp', 'soap.beep', 'soap.beeps', 'stun', 'stuns', 'tag', 'tel', 'telnet', 'tftp', 'thismessage', 'tip', 'tn3270', 'turn', 'turns', 'tv', 'upt', 'urn', 'vemmi', 'videotex', 'vnc', 'wais', 'wpid', 'ws', 'wss', 'xcon', 'xcon-userid', 'xmlrpc.beep', 'xmlrpc.beeps', 'xmpp', 'z39.50', 'z39.50r', 'z39.50s');
             $found = FALSE;
             $checkId = strtolower($id);
 

module/blog/vendor/FeedWriter/README.md

@@ -12,6 +12,11 @@ Once a feed is fully composed with its items, the feed class can generate the ne
 
 If you don't have **PHP 5.3** available on your system there is a version supporting **PHP 5.0** and above. See the `legacy-php-5.0` branch.
 
+## Installation  
+You can install via [Composer](https://getcomposer.org/).  
+
+    composer require mibe/feedwriter
+
 ## Documentation
 
 The documentation can be found in the `gh-pages` branch, or on [GitHub Pages](https://mibe.github.io/FeedWriter/).
@@ -40,3 +45,6 @@ In chronological order:
 - Pavel Khakhlou
 - Daniel
 - Tino Goratsch
+- John
+- Özgür Görgülü
+- Jan Tojnar

module/news/changes.md

@@ -1,3 +1,5 @@
+# Version 5.5
+- Mise à jour RSS Feed
 # Version 5.4
 - Bug paramètre de localisation erroné
 # Version 5.3

module/news/news.php

@@ -16,7 +16,7 @@
 class news extends common
 {
 
-	const VERSION = '5.4';
+	const VERSION = '5.5';
 	const REALNAME = 'News';
 	const DATADIRECTORY = self::DATA_DIR . 'news/';
 

module/news/vendor/FeedWriter/CHANGELOG.md

@@ -0,0 +1,74 @@
+# Change Log
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](http://keepachangelog.com/) .
+
+## [v1.1.2] - 2023-05-25
+### Changed
+- Throw an exception if required feed elements are set with ```NULL``` value. See issue #46.
+
+## [v1.1.1] - 2016-11-19
+### Changed
+- Improved the documentation.
+- Changed to PSR-4 autoloader in composer.json.
+
+### Fixed
+- Item::addElement did not method chain in error conditions.
+
+## [v1.1.0] - 2016-11-08
+### Added
+- Support for multiple element values.
+- Support for a feed description in ATOM feeds.
+- Support for ATOM feeds without ```link``` elements.
+- Support for a feed image in RSS 1.0 and ATOM feeds.
+
+### Changed
+- The script does now throw Exceptions instead of stopping the PHP interpreter on error conditions.
+- The unique identifier for ATOM feeds / entries use the feed / entry title for generating the ID (previously the feed / entry link).
+- Some URI schemes for ```Item::setId``` were wrongly allowed.
+- The parameter order of the ```Feed::setImage``` method was changed.
+
+### Fixed
+- Fixed slow generation of the feed with huge amounts of feed entries (like 40k entries).
+- Fixed PHP warning when ```Feed::setChannelAbout``` for RSS 1.0 feeds was not called.
+- A feed element was generated twice if the element content & attribute value was ```NULL```.
+- The detection of twice the same link with ```rel=alternate```, ```hreflang``` & ```type``` did not work.
+
+### Removed
+- The deprecated method ```Item::setEnclosure``` was removed. Use ```Item::addEnclosure``` instead.
+
+## [v1.0.4] - 2016-04-17
+### Changed
+- The unique identifier for ATOM feed entries is now compliant to the ATOM standard.
+
+### Fixed
+- Filter more invalid XML chars.
+- Fixed a PHP warning displayed if ```Feed::setTitle``` or ```Feed::setLink``` was not called.
+
+## [v1.0.3] - 2015-11-11
+### Added
+- Method for removing tags which were CDATA encoded.
+ 
+### Fixed
+- Fixed error when the filtering of invalid XML chars failed.
+- Fixed missing docblock documentation.
+
+## [v1.0.2] - 2015-01-23
+### Fixed
+- Fixed a wrong docblock return data type.
+
+## [v1.0.1] - 2014-09-21
+### Fixed
+- Filter invalid XML chars.
+
+## v1.0 - 2014-09-14
+
+
+[Unreleased]: https://github.com/mibe/FeedWriter/compare/v1.1.2...HEAD
+[v1.1.2]: https://github.com/mibe/FeedWriter/compare/v1.1.1...v1.1.2
+[v1.1.1]: https://github.com/mibe/FeedWriter/compare/v1.1.0...v1.1.1
+[v1.1.0]: https://github.com/mibe/FeedWriter/compare/v1.0.4...v1.1.0
+[v1.0.4]: https://github.com/mibe/FeedWriter/compare/v1.0.3...v1.0.4
+[v1.0.3]: https://github.com/mibe/FeedWriter/compare/v1.0.2...v1.0.3
+[v1.0.2]: https://github.com/mibe/FeedWriter/compare/v1.0.1...v1.0.2
+[v1.0.1]: https://github.com/mibe/FeedWriter/compare/v1.0...v1.0.1

module/news/vendor/FeedWriter/Feed.php

@@ -2,10 +2,11 @@
 namespace FeedWriter;
 
 use \DateTime;
+use \DateTimeInterface;
 
 /*
  * Copyright (C) 2008 Anis uddin Ahmad <anisniit@gmail.com>
- * Copyright (C) 2010-2016 Michael Bemmerl <mail@mx-server.de>
+ * Copyright (C) 2010-2016, 2022 Michael Bemmerl <mail@mx-server.de>
  *
  * This file is part of the "Universal Feed Writer" project.
  *
@@ -76,6 +77,13 @@ abstract class Feed
     */
     private $version       = null;
 
+    /**
+    * Contains the encoding of this feed.
+    *
+    * @var string
+    */
+    private $encoding      = 'utf-8';
+
     /**
      * Constructor
      *
@@ -87,9 +95,6 @@ abstract class Feed
     {
         $this->version = $version;
 
-        // Setting default encoding
-        $this->encoding = 'utf-8';
-
         // Setting default value for essential channel element
         $this->setTitle($version . ' Feed');
 
@@ -396,9 +401,13 @@ abstract class Feed
     * @access   public
     * @param    string $title value of 'title' channel tag
     * @return   self
+    * @throws   \InvalidArgumentException if the title is empty or NULL.
     */
     public function setTitle($title)
     {
+        if (empty($title))
+            throw new \InvalidArgumentException('The title may not be empty or NULL.');
+
         return $this->setChannelElement('title', $title);
     }
 
@@ -406,15 +415,15 @@ abstract class Feed
     * Set the date when the feed was lastly updated.
     *
     * This adds the 'updated' element to the feed. The value of the date parameter
-    * can be either an instance of the DateTime class, an integer containing a UNIX
+    * can be either a class implementing DateTimeInterface, an integer containing a UNIX
     * timestamp or a string which is parseable by PHP's 'strtotime' function.
     *
     * Not supported in RSS1 feeds.
     *
     * @access   public
-    * @param    DateTime|int|string  Date which should be used.
+    * @param    DateTimeInterface|int|string  Date which should be used.
     * @return   self
-    * @throws   \InvalidArgumentException if the given date is not an instance of DateTime, a UNIX timestamp or a date string.
+    * @throws   \InvalidArgumentException if the given date is not an implementation of DateTimeInterface, a UNIX timestamp or a date string.
     * @throws   InvalidOperationException if this method is called on an RSS1 feed.
     */
     public function setDate($date)
@@ -425,7 +434,7 @@ abstract class Feed
         // The feeds have different date formats.
         $format = $this->version == Feed::ATOM ? \DATE_ATOM : \DATE_RSS;
 
-        if ($date instanceof DateTime)
+        if ($date instanceof DateTimeInterface || $date instanceof DateTime)
             $date = $date->format($format);
         else if(is_numeric($date) && $date >= 0)
             $date = date($format, $date);
@@ -438,7 +447,7 @@ abstract class Feed
             $date = date($format, $timestamp);
         }
         else
-            throw new \InvalidArgumentException('The given date is not an instance of DateTime, a UNIX timestamp or a date string.');
+            throw new \InvalidArgumentException('The given date is not an implementation of DateTimeInterface, a UNIX timestamp or a date string.');
 
         if ($this->version == Feed::ATOM)
             $this->setChannelElement('updated', $date);
@@ -454,9 +463,13 @@ abstract class Feed
     * @access   public
     * @param    string  $description Description of the feed.
     * @return   self
+    * @throws   \InvalidArgumentException if the description is empty or NULL.
     */
     public function setDescription($description)
     {
+        if (empty($description))
+            throw new \InvalidArgumentException('The description may not be empty or NULL.');
+
         if ($this->version != Feed::ATOM)
             $this->setChannelElement('description', $description);
         else
@@ -471,9 +484,13 @@ abstract class Feed
     * @access   public
     * @param    string $link value of 'link' channel tag
     * @return   self
+    * @throws   \InvalidArgumentException if the link is empty or NULL.
     */
     public function setLink($link)
     {
+        if (empty($link))
+            throw new \InvalidArgumentException('The link may not be empty or NULL.');
+
         if ($this->version == Feed::ATOM)
             $this->setAtomLink($link);
         else
@@ -667,7 +684,7 @@ abstract class Feed
     /**
     * Replace invalid XML characters.
     *
-    * @link http://www.phpwact.org/php/i18n/charsets#xml See utf8_for_xml() function
+    * @link https://web.archive.org/web/20160608013721/http://www.phpwact.org:80/php/i18n/charsets#xml See utf8_for_xml() function
     * @link http://www.w3.org/TR/REC-xml/#charsets
     * @link https://github.com/mibe/FeedWriter/issues/30
     *
@@ -906,7 +923,7 @@ abstract class Feed
             $out .= "</rdf:Seq>" . PHP_EOL . "</items>" . PHP_EOL . "</channel>" . PHP_EOL;
 
             // An image has its own element after the channel elements.
-            if (array_key_exists('image', $this->data))
+            if (array_key_exists('Image', $this->data))
                 $out .= $this->makeNode('image', $this->data['Image'], array('rdf:about' => $this->data['Image']['url']));
         } else if ($this->version == Feed::ATOM) {
             // ATOM feeds have a unique feed ID. Use the title channel element as key.

module/news/vendor/FeedWriter/Item.php

@@ -2,6 +2,7 @@
 namespace FeedWriter;
 
 use \DateTime;
+use \DateTimeInterface;
 
 /*
  * Copyright (C) 2008 Anis uddin Ahmad <anisniit@gmail.com>
@@ -217,19 +218,19 @@ class Item
     /**
     * Set the 'date' element of the feed item.
     *
-    * The value of the date parameter can be either an instance of the
-    * DateTime class, an integer containing a UNIX timestamp or a string
+    * The value of the date parameter can be either a class implementing
+    * DateTimeInterface, an integer containing a UNIX timestamp or a string
     * which is parseable by PHP's 'strtotime' function.
     *
     * @access   public
-    * @param    DateTime|int|string $date Date which should be used.
+    * @param    DateTimeInterface|int|string $date Date which should be used.
     * @return   self
     * @throws   \InvalidArgumentException if the given date was not parseable.
     */
     public function setDate($date)
     {
         if (!is_numeric($date)) {
-            if ($date instanceof DateTime)
+            if ($date instanceof DateTimeInterface || $date instanceof DateTime)
                 $date = $date->getTimestamp();
             else {
                 $date = strtotime($date);
@@ -277,7 +278,7 @@ class Item
     * Attach a external media to the feed item.
     * Not supported in RSS 1.0 feeds.
     *
-    * See RFC 4288 for syntactical correct MIME types.
+    * See RFC 6838 for syntactical correct MIME types.
     *
     * Note that you should avoid the use of more than one enclosure in one item,
     * since some RSS aggregators don't support it.
@@ -288,7 +289,8 @@ class Item
     * @param    string  $type     The MIME type attribute of the media.
     * @param    boolean $multiple Specifies if multiple enclosures are allowed
     * @return   self
-    * @link     https://tools.ietf.org/html/rfc4288
+    * @link     https://tools.ietf.org/html/rfc6838
+    * @link     http://www.iana.org/assignments/media-types/media-types.xhtml
     * @throws   \InvalidArgumentException if the length or type parameter is invalid.
     * @throws   InvalidOperationException if this method is called on RSS1 feeds.
     */
@@ -389,7 +391,7 @@ class Item
             // Check if the given ID is an valid URI scheme (see RFC 4287 4.2.6)
             // The list of valid schemes was generated from http://www.iana.org/assignments/uri-schemes
             // by using only permanent or historical schemes.
-            $validSchemes = array('aaa', 'aaas', 'about', 'acap', 'acct', 'cap', 'cid', 'coap', 'coaps', 'crid', 'data', 'dav', 'dict', 'dns', 'example', 'fax', 'file', 'filesystem', 'ftp', 'geo', 'go', 'gopher', 'h323', 'http', 'https', 'iax', 'icap', 'im', 'imap', 'info', 'ipp', 'ipps', 'iris', 'iris.beep', 'iris.lwz', 'iris.xpc', 'iris.xpcs', 'jabber', 'ldap', 'mailserver', 'mailto', 'mid', 'modem', 'msrp', 'msrps', 'mtqp', 'mupdate', 'news', 'nfs', 'ni', 'nih', 'nntp', 'opaquelocktoken', 'pack', 'pkcs11', 'pop', 'pres', 'prospero', 'reload', 'rtsp', 'rtsps', 'rtspu', 'service', 'session', 'shttp', 'sieve', 'sip', 'sips', 'sms', 'snews', 'snmp', 'soap.beep', 'soap.beeps', 'stun', 'stuns', 'tag', 'tel', 'telnet', 'tftp', 'thismessage', 'tip', 'tn3270', 'turn', 'turns', 'tv', 'urn', 'vemmi', 'videotex', 'vnc', 'wais', 'ws', 'wss', 'xcon', 'xcon-userid', 'xmlrpc.beep', 'xmlrpc.beeps', 'xmpp', 'z39.50', 'z39.50r', 'z39.50s');
+            $validSchemes = array('aaa', 'aaas', 'about', 'acap', 'acct', 'bb', 'cap', 'cid', 'coap', 'coap+tcp', 'coap+ws', 'coaps', 'coaps+tcp', 'coaps+ws', 'crid', 'data', 'dav', 'dict', 'dns', 'drop', 'dtn', 'example', 'fax', 'file', 'filesystem', 'ftp', 'geo', 'go', 'gopher', 'grd', 'h323', 'http', 'https', 'iax', 'icap', 'im', 'imap', 'info', 'ipn', 'ipp', 'ipps', 'iris', 'iris.beep', 'iris.lwz', 'iris.xpc', 'iris.xpcs', 'jabber', 'ldap', 'leaptofrogans', 'mailserver', 'mailto', 'mid', 'modem', 'msrp', 'msrps', 'mt', 'mtqp', 'mupdate', 'news', 'nfs', 'ni', 'nih', 'nntp', 'opaquelocktoken', 'p1', 'pack', 'pkcs11', 'pop', 'pres', 'prospero', 'reload', 'rtsp', 'rtsps', 'rtspu', 'service', 'session', 'shttp (OBSOLETE)', 'sieve', 'sip', 'sips', 'sms', 'snews', 'snmp', 'soap.beep', 'soap.beeps', 'stun', 'stuns', 'tag', 'tel', 'telnet', 'tftp', 'thismessage', 'tip', 'tn3270', 'turn', 'turns', 'tv', 'upt', 'urn', 'vemmi', 'videotex', 'vnc', 'wais', 'wpid', 'ws', 'wss', 'xcon', 'xcon-userid', 'xmlrpc.beep', 'xmlrpc.beeps', 'xmpp', 'z39.50', 'z39.50r', 'z39.50s');
             $found = FALSE;
             $checkId = strtolower($id);
 

module/news/vendor/FeedWriter/README.md

@@ -12,6 +12,11 @@ Once a feed is fully composed with its items, the feed class can generate the ne
 
 If you don't have **PHP 5.3** available on your system there is a version supporting **PHP 5.0** and above. See the `legacy-php-5.0` branch.
 
+## Installation  
+You can install via [Composer](https://getcomposer.org/).  
+
+    composer require mibe/feedwriter
+
 ## Documentation
 
 The documentation can be found in the `gh-pages` branch, or on [GitHub Pages](https://mibe.github.io/FeedWriter/).
@@ -40,3 +45,6 @@ In chronological order:
 - Pavel Khakhlou
 - Daniel
 - Tino Goratsch
+- John
+- Özgür Görgülü
+- Jan Tojnar

module/search/changes.md

@@ -1,3 +1,5 @@
+# Version 3.1
+- Initialise un module installé dans une page sans avoir ouvert la page de configuration sans lancer de mise à jour.
 # Version 3.0
 - Gestion des permissions intégrée dans le module
 # Version 2.8

module/search/search.php

@@ -20,7 +20,7 @@
 class search extends common
 {
 
-	const VERSION = '3.0';
+	const VERSION = '3.1';
 	const REALNAME = 'Recherche';
 	const DATADIRECTORY = self::DATA_DIR . 'search/';
 
@@ -173,8 +173,8 @@ class search extends common
 	public function index()
 	{
 
-		// Mise à jour des données de module
-		$this->update();
+		// Initialise un module non configuré
+		$this->init();
 
 		if (
 			$this->isPost()

module/slider/changes.md

@@ -1,3 +1,7 @@
+# Version 6.4
+- Corrige plusieurs bugs dans les fonctions de tri
+# Version 6.3
+- Corrige un tri non fonctionnel.
 # Version 6.2
 - Applique les profils
 # Version 6.1

module/slider/slider.php

@@ -27,7 +27,7 @@ class slider extends common
 		'index' => self::GROUP_VISITOR
 	];
 
-	const VERSION = '6.2';
+	const VERSION = '6.4';
 	const REALNAME = 'Carrousel';
 	const DELETE = true;
 	const UPDATE = '0.0';
@@ -237,12 +237,12 @@ class slider extends common
 				}
 			}
 			// Tri des images pour affichage de la liste dans la page d'édition
-			switch ($this->getData(['module', $this->getUrl(0), 'theme', 'tri'])) {
+			switch ($this->getData(['module', $this->getUrl(0), 'theme', 'sort'])) {
 				case 'dsc':
-					krsort(self::$pictures, SORT_NATURAL | SORT_FLAG_CASE);
+					ksort(self::$pictures, SORT_NATURAL | SORT_FLAG_CASE);
 					break;
 				case 'asc':
-					ksort(self::$pictures, SORT_NATURAL | SORT_FLAG_CASE);
+					krsort(self::$pictures, SORT_NATURAL | SORT_FLAG_CASE);
 					break;
 				case 'rand':
 				case 'none':
@@ -385,16 +385,31 @@ class slider extends common
 			}
 
 			// Tri des images par ordre alphabétique, alphabétique inverse, aléatoire ou pas
-			switch ($this->getData(['module', $galleryId, 'config', 'tri'])) {
-				case 'SORT_DSC':
-					krsort(self::$pictures, SORT_NATURAL | SORT_FLAG_CASE);
+			switch ($this->getData(['module', $galleryId, 'theme', 'sort'])) {
+				case 'desc':
+					uksort(self::$pictures, function ($a, $b) {
+						return strcmp(basename($a), basename($b));
+					});
 					break;
-				case 'SORT_ASC':
-					ksort(self::$pictures, SORT_NATURAL | SORT_FLAG_CASE);
+				case 'asc':
+					uksort(self::$pictures, function ($a, $b) {
+						return strcmp(basename($b), basename($a));
+					});
 					break;
-				case 'RAND':
+				case 'rand':
+					// Récupérer les clés du tableau
+					$keys = array_keys(self::$pictures);
+					// Mélanger les clés
+					shuffle($keys);
+					// Créer un nouveau tableau avec les clés mélangées
+					$shuffledPictures = [];
+					foreach ($keys as $key) {
+						$shuffledPictures[$key] = self::$pictures[$key];
+					}
+					// Mettre à jour le tableau initial avec le nouveau tableau mélangé
+					self::$pictures = $shuffledPictures;
 					break;
-				case 'NONE':
+				case 'none':
 					break;
 				default:
 					break;
@@ -445,7 +460,7 @@ class slider extends common
 						'speed' => 1000,
 						'timeout' => 3000,
 						'namespace' => 'centered-btns',
-						'tri' => 'RAND',
+						'sort' => 'RAND',
 					],
 					'directory' => null,
 					'legends' => [],