48 if ($fh = fopen(preg_replace(
"/\&/is",
"&",
$u),
"r")) {
50 $t .= fread($fh, 1024);
53 return preg_replace(
"/.*<body[^>]*>(.*)<\/body>.*/is",
'$1', $t);
69 $qs = preg_replace(
"/^" . preg_quote($su,
'/') .
"(\&)?/s",
"",
sv(
'QUERY_STRING'));
70 if ($fh = fopen(
$u .
'?' . $qs,
"r")) {
72 $t .= fread($fh, 1024);
94 trigger_error(
'Function h() is deprecated', E_USER_DEPRECATED);
114 trigger_error(
'Function l() is deprecated', E_USER_DEPRECATED);
136 extract($GLOBALS, EXTR_REFS);
137 $__scripts = array();
138 preg_match_all(
'~#CMSimple (.*?)#~is', $__text, $__scripts);
139 if (count($__scripts[1]) > 0) {
140 $output = preg_replace(
'~#CMSimple (?!hide)(.*?)#~is',
'', $__text);
142 $__scripts[1] = array_reverse($__scripts[1]);
144 foreach ($__scripts[1] as $__script) {
145 if (!in_array(strtolower($__script), array(
'hide',
'remove'))) {
146 $__script = html_entity_decode($__script, ENT_QUOTES,
'UTF-8');
149 }
catch (ParseError $ex) {
150 trigger_error(
'Parse error: ' . $ex->getMessage(), E_USER_WARNING);
159 return $eval_script_output;
190 $message =
'<span class="xh_fail">' . $tx[
'error'][
'plugincall']
192 $re =
'/{{{(?:PLUGIN:)?([a-z_0-9]+)\s*\(?(.*?)\)?;?}}}/iu';
193 preg_match_all($re,
$text, $calls, PREG_SET_ORDER | PREG_OFFSET_CAPTURE);
195 foreach ($calls as $call) {
196 $arguments = preg_replace(
198 '/&(quot|#34);/i',
'/&(amp|#38);/i',
'/&(apos|#39);/i',
199 '/&(lt|#60);/i',
'/&(gt|#62);/i',
'/&(nbsp|#160);/i' 201 array(
'"',
'&',
'\'',
'<',
'>',
' '),
210 }
catch (ParseError $ex) {
212 trigger_error(
'Parse error: ' . $ex->getMessage(), E_USER_WARNING);
215 $results[] = sprintf($message,
$function);
218 $calls = array_reverse($calls);
219 $results = array_reverse($results);
220 foreach ($calls as
$i => $call) {
221 $length = strlen($call[0][0]);
222 $offset = $call[0][1];
245 return preg_replace_callback(
246 '/#(CMSimple .*?)#/is',
247 'XH_escapeCMSimpleScripting',
248 eval(
'return ' . $___expression .
';')
264 'CMSimple scripting not allowed in return value of plugin call',
267 return "#\xE2\x80\x8B{$matches[1]}#";
287 $result = substr($string, $offset, $length);
288 $string = substr($string, 0, $offset) . $replacement
289 . substr($string, $offset + $length);
327 if ($h[
$i] == $heading) {
328 $pattern =
'/.*?<!--XH_ml[1-9]:.*?-->/isu';
329 $body = preg_replace($pattern,
"", $c[
$i]);
330 $pattern =
'/#CMSimple (.*?)#/is';
354 function init_editor(array $elementClasses = array(), $initFile =
false)
358 $fn = $pth[
'folder'][
'plugins'] . $cf[
'editor'][
'external'] .
'/init.php';
359 if (!file_exists($fn)) {
363 $function =
'init_' . $cf[
'editor'][
'external'];
392 $fn = $pth[
'folder'][
'plugins'] . $cf[
'editor'][
'external'] .
'/init.php';
393 if (!file_exists($fn)) {
397 $function =
'include_' . $cf[
'editor'][
'external'];
429 trigger_error(
'No elementID given', E_USER_NOTICE);
433 $fn = $pth[
'folder'][
'plugins'] . $cf[
'editor'][
'external'] .
'/init.php';
434 if (!file_exists($fn)) {
438 $function = $cf[
'editor'][
'external'] .
'_replace';
472 if (error_reporting() > 0) {
473 $debugHint .=
'<div class="xh_debug">' .
"\n" 474 . $tx[
'message'][
'debug_mode'] .
"\n" 478 $adminMenuFunc = trim($cf[
'editmenu'][
'external']);
479 if ($adminMenuFunc ==
'' || !function_exists($adminMenuFunc)) {
480 $adminMenuFunc =
'XH_adminMenu';
483 if (count($errors) > 0) {
484 $errorList .=
'<div class="xh_debug_warnings"><ul>';
485 $errors = array_unique($errors);
486 foreach ($errors as $error) {
487 $errorList .=
'<li>' . $error .
'</li>';
489 $errorList .=
'</ul></div>';
491 if (isset($cf[
'editmenu'][
'scroll'])
492 && $cf[
'editmenu'][
'scroll'] ==
'true' 494 $id =
' id="xh_adminmenu_scrolling"';
496 $id =
' id="xh_adminmenu_fixed"';
499 $adminMenu = $adminMenuFunc(
XH_plugins(
true));
500 $replacement =
'$0' .
'<div' . $id .
'>' . addcslashes($debugHint,
'$\\')
501 . addcslashes($adminMenu,
'$\\')
502 .
'</div>' .
"\n" . addcslashes($errorList,
'$\\');
503 $html = preg_replace(
'~<body[^>]*>~i', $replacement, $html, 1);
507 $html = str_replace(
'</body',
"$bjs\n</body", $html);
523 trigger_error(
'Function ' . __FUNCTION__ .
'() is deprecated', E_USER_DEPRECATED);
525 if (!isset($GLOBALS[$name])) {
526 if (isset($_GET[$name])) {
527 $GLOBALS[$name] = $_GET[$name];
528 } elseif (isset($_POST[$name])) {
529 $GLOBALS[$name] = $_POST[$name];
531 $GLOBALS[$name] =
'';
545 if (isset($_SERVER[
$s])) {
561 return preg_replace(
"/(\r\n|\r|\n)+/",
"\n", $t);
575 $ws =
'[\x09-\x0d\x20]' 577 .
'|\xe1(\x9a\x80|\xa0\x8e)' 578 .
'|\xe2\x80[\x80-\x8a\xa8\xa9\xaf]' 581 return preg_replace(
'/(?:' . $ws .
')+/',
' ', $str);
593 return preg_replace(
"/(\r\n|\r|\n)+/",
"", $t);
608 return get_magic_quotes_gpc() ? stripslashes($t) : $t;
627 if (!is_readable($fl)
628 || ($download !=
'' && !preg_match(
'/.+\..+$/', $fl))
631 $o .=
'<p>File ' .
XH_hsc($fl) .
'</p>';
634 header(
'Content-Type: application/save-as');
635 header(
'Content-Disposition: attachment; filename="' . basename($fl) .
'"');
636 header(
'Content-Length:' . filesize($fl));
637 header(
'Content-Transfer-Encoding: binary');
655 function e($et, $ft, $fn)
659 $e .=
'<li><b>' . $tx[
'error'][$et] .
' ' . $tx[
'filetype'][$ft] .
'</b>' 660 .
'<br>' . $fn .
'</li>' .
"\n";
683 global
$edit,
$c,
$cl,
$h,
$u,
$l,
$su,
$s,
$tx,
$e,
$pth,
$pd_router,
$xh_publisher;
686 if ($contents ===
false) {
687 e(
'missing',
'content', $pth[
'file'][
'content']);
689 array(), array(), array(), array(), array(),
690 new XH\PageDataRouter(array(), array(), array(), array()),
694 list($u, $tooLong, $h, $l, $c, $pd_router, $removed) = array_values($contents);
701 $c[] =
'<!--XH_ml1:' . $tx[
'toc'][
'newpage'] .
'-->';
702 $h[] = trim(strip_tags($tx[
'toc'][
'newpage']));
709 $removed = array(
false);
710 $pd_router->appendNewPage(array(
'last_edit' =>
'0'));
715 foreach ($tooLong as
$i => $tl) {
717 $e .=
'<li><b>' . $tx[
'uri'][
'toolong'] .
'</b>' .
'<br>' 718 .
'<a href="?' . $u[
$i] .
'">' . $h[
$i] .
'</a>' .
'</li>';
722 foreach ($u as
$i => $url) {
723 if (($su == $url || $su == urlencode($url))
724 && (
XH_ADM && $edit || !$removed[
$i])
730 if ($u[
$j] == $u[$i]) {
732 $h[
$j] = $tx[
'toc'][
'dupl'] .
' ' . $duplicate;
769 if (isset($language)) {
770 $contentFolder = $pth[
'folder'][
'base'] .
'content/' . $language .
'/';
771 $contentFile = $contentFolder .
'content.htm';
772 $pageDataFile = $contentFolder .
'pagedata.php';
775 $contentFile = $pth[
'file'][
'content'];
776 $pageDataFile = $pth[
'file'][
'pagedata'];
777 $tx = $GLOBALS[
'tx'];
790 if (($content =
XH_readFile($contentFile)) ===
false) {
793 $content = preg_split(
'/(?=<!--XH_ml[1-9]:)/i', $content);
794 $content[] = preg_replace(
'/(.*?)<\/body>.*/isu',
'$1', array_pop($content));
795 $contentHead = array_shift($content);
798 foreach ($content as $page) {
800 preg_match(
'~<!--XH_ml([1-9]):(.*)-->~isU', $page,
$temp);
802 $temp_h[] = trim(xh_rmws(strip_tags(
$temp[2])));
811 $ancestors = array();
813 foreach ($temp_h as
$i => $heading) {
817 $temp =
$tx[
'toc'][
'empty'] .
' ' . $empty;
821 $ancestors = array_slice($ancestors, 0, $l[
$i]);
822 $url = implode($cf[
'uri'][
'seperator'], $ancestors);
824 $tooLong[] =
utf8_strlen($url) > $cf[
'uri'][
'length'];
828 $page_data_fields = $temp_data = array();
829 if (preg_match(
'/<\?php(.*?)\?>/isu', $contentHead, $m)) {
832 $page_data = array();
833 $hasPageData =
false;
834 foreach (
$c as
$i =>
$j) {
835 if (preg_match(
'/<\?php(.*?)\?>/is',
$j, $m)) {
837 $c[
$i] = preg_replace(
'/<\?php(.*?)\?>/is',
'',
$j);
840 $page_data[] = array();
844 if (empty($page_data_fields) && empty($temp_data) && !$hasPageData
845 && is_readable($pageDataFile)
847 include $pageDataFile;
856 $c[
$i] =
'#CMSimple hide# #CMSimple shead(404);#';
863 $cf[
'menu'][
'levels'] = count(
$l) ? max(
$l) : 1;
867 'too_long' => $tooLong,
872 'removed' => $removed
889 for (
$i = $s - 1;
$i > -1;
$i--) {
936 if ($x ==
'' && $cf[
'locator'][
'show_homepage'] ==
'true') {
937 return '<a href="' . $sn .
'?' . $u[0] .
'">';
941 ?
'<a href="' . $sn .
'?' . $u[
$i] . $x .
'">' 942 :
'<a href="' . $sn .
'?' . $x .
'">';
961 $exclude = array(
'robots',
'keywords',
'description');
962 $value = isset($tx[
'meta'][$n]) ? $tx[
'meta'][$n] : $cf[
'meta'][$n];
963 if ($n !=
'codepage' && !empty($value) && !($print && in_array($n, $exclude))) {
964 $content =
XH_hsc($value);
965 return '<meta name="' . $n .
'" content="' . $content .
'">' .
"\n";
986 $t .=
'<a href="' . $sn .
'?&' .
$i .
'">';
988 $t .= $tx[
'menu'][
$i];
1013 if (isset($tx[
'urichar'][
'org']) && isset($tx[
'urichar'][
'new'])) {
1046 $separator = $cf[
'uri'][
'word_separator'];
1047 $s = str_replace($search, $replace,
$s);
1048 $s = str_replace(
'+', $separator, urlencode(
$s));
1049 $s = trim(
$s, $separator);
1050 $s = preg_replace(
'/' . preg_quote($separator,
'/') .
'+/', $separator,
$s);
1066 if ($fd = opendir($dir)) {
1067 while (
false !== ($fn = readdir($fd))) {
1072 sort($fs, SORT_STRING);
1086 $pattern = str_replace(
'(.*?)', $script,
'/#CMSimple (.*?)#/is');
1087 return preg_match($pattern,
$text);
1128 return '<' .
$s .
'>';
1150 ($cgi || $iis) ?
'status: 401 Unauthorized' :
'HTTP/1.0 401 Unauthorized' 1152 } elseif (
$s ==
'403') {
1153 header(($cgi || $iis) ?
'status: 403 Forbidden' :
'HTTP/1.0 403 Forbidden');
1154 } elseif (
$s ==
'404') {
1155 if (function_exists(
'custom_404')) {
1159 ($cgi || $iis) ?
'status: 404 Not Found' :
'HTTP/1.0 404 Not Found' 1164 $title = $tx[
'error'][
$s];
1166 $o =
'<h1>' . $title .
'</h1>' .
$o;
1197 $filename = $pth[
'folder'][
'downloads'] .
'_XHdebug.txt';
1198 if (file_exists($filename)) {
1199 ini_set(
'display_errors', 1);
1200 $dbglevel = file_get_contents($filename);
1201 if (strlen($dbglevel) == 1) {
1202 set_error_handler(
'XH_debug');
1203 switch ($dbglevel) {
1208 error_reporting(E_ERROR | E_USER_WARNING | E_PARSE);
1211 error_reporting(E_ERROR | E_WARNING | E_USER_WARNING | E_PARSE);
1215 E_ERROR | E_WARNING | E_USER_WARNING | E_PARSE | E_NOTICE
1219 error_reporting(E_ALL ^ (E_NOTICE | E_WARNING | E_USER_WARNING));
1222 error_reporting(E_ALL ^ E_NOTICE);
1225 error_reporting(E_ALL);
1228 error_reporting(E_ERROR | E_USER_WARNING | E_PARSE);
1231 error_reporting(E_ERROR | E_USER_WARNING | E_PARSE);
1234 ini_set(
'display_errors', 0);
1237 return error_reporting() > 0;
1256 if (!(error_reporting() & $errno)) {
1263 $errtype =
'XH-ERROR';
1265 case E_USER_WARNING:
1266 $errtype =
'XH-WARNING';
1269 $errtype =
'XH-NOTICE';
1271 case E_USER_DEPRECATED:
1272 $errtype =
'XH-DEPRECATED';
1273 $backtrace = debug_backtrace(
false);
1274 $errfile = $backtrace[2][
'file'];
1275 $errline = $backtrace[2][
'line'];
1278 $errtype =
'WARNING';
1281 $errtype =
'NOTICE';
1284 $errtype =
'STRICT';
1287 $errtype =
'DEPRECATED';
1290 $errtype =
"Unknow error type [$errno]";
1293 $errors[] =
"<b>$errtype:</b> $errstr" .
'<br>' .
"$errfile:$errline" 1296 if ($errno === E_USER_ERROR) {
1297 die($errors[count($errors) - 1]);
1322 foreach ($arr as $elt) {
1323 if (is_array($elt)) {
1326 header(
'HTTP/1.0 400 Bad Request');
1327 header(
'Content-Type: text/html; charset=UTF-8');
1331 <
head><title>{$tx[
'title'][
'bad_request']}</title></
head>
1332 <body>{$tx[
'error'][
'badrequest']}</body>
1354 $config = preg_match(
'/config.php$/', $dst) ?
'config' :
'';
1355 if (!file_exists($dst)) {
1356 if (is_readable($src = dirname($dst) .
"/default$config.php")) {
1357 return copy($src, $dst);
1358 } elseif (is_readable($src = dirname($dst) .
"/en$config.php")) {
1359 return copy($src, $dst);
1380 static $helpFiles = array();
1384 'plugin_classes' =>
'/classes/',
1385 'plugin_config' =>
'/config/',
1386 'plugin_content' =>
'/content/',
1387 'plugin_css' =>
'/css/',
1388 'plugin_help' =>
'/help/',
1389 'plugin_includes' =>
'/includes/',
1390 'plugin_languages' =>
'/languages/' 1392 foreach ($folders as $key => $folder) {
1393 $pth[
'folder'][$key] = $pth[
'folder'][
'plugins'] .
$plugin . $folder;
1396 $pth[
'file'][
'plugin_index'] = $pth[
'folder'][
'plugin'] .
'index.php';
1397 $pth[
'file'][
'plugin_admin'] = $pth[
'folder'][
'plugin'] .
'admin.php';
1399 $pth[
'file'][
'plugin_language'] = $pth[
'folder'][
'plugin_languages']
1400 . strtolower($sl) .
'.php';
1402 $pth[
'file'][
'plugin_classes'] = $pth[
'folder'][
'plugin_classes']
1403 .
'required_classes.php';
1404 $pth[
'file'][
'plugin_config'] = $pth[
'folder'][
'plugin_config']
1406 $pth[
'file'][
'plugin_stylesheet'] = $pth[
'folder'][
'plugin_css']
1409 if (!isset($helpFiles[
$plugin])) {
1410 $helpFiles[
$plugin] = $pth[
'folder'][
'plugin_help']
1411 .
'help_' . strtolower($sl) .
'.htm';
1412 if (!file_exists($helpFiles[$plugin])) {
1413 $helpFiles[
$plugin] = $pth[
'folder'][
'plugin_help'] .
'help_en.htm';
1415 if (!file_exists($helpFiles[$plugin])
1416 && file_exists($pth[
'folder'][
'plugin_help'] .
'help.htm')
1418 $helpFiles[
$plugin] = $pth[
'folder'][
'plugin_help'] .
'help.htm';
1421 $pth[
'file'][
'plugin_help'] = $helpFiles[
$plugin];
1446 static $plugins = null;
1447 static $admPlugins = null;
1449 if (!isset($plugins)) {
1451 $admPlugins = array();
1452 $disabledPlugins = explode(
',', $cf[
'plugins'][
'disabled']);
1453 $disabledPlugins = array_map(
'trim', $disabledPlugins);
1454 if (is_dir($pth[
'folder'][
'plugins']) && ($dh = opendir($pth[
'folder'][
'plugins']))) {
1455 while (($fn = readdir($dh)) !==
false) {
1456 if (strpos($fn,
'.') !== 0
1457 && is_dir($pth[
'folder'][
'plugins'] . $fn)
1458 && !in_array($fn, $disabledPlugins)
1462 if (is_file($pth[
'file'][
'plugin_admin'])) {
1463 $admPlugins[] = $fn;
1469 natcasesort($plugins);
1470 $plugins = array_values($plugins);
1471 natcasesort($admPlugins);
1472 $admPlugins = array_values($admPlugins);
1474 return $admin ? $admPlugins : $plugins;
1486 if (isset($_COOKIE[
$s])) {
1487 return $_COOKIE[
$s];
1503 return isset($_SESSION[
'xh_password'])
1504 && $_SESSION[
'xh_password'] == $cf[
'security'][
'password']
1505 && isset($_SESSION[
'xh_user_agent'])
1506 && $_SESSION[
'xh_user_agent'] == md5($_SERVER[
'HTTP_USER_AGENT']);
1527 $timestamp = date(
'Y-m-d H:i:s');
1528 $message =
"$timestamp\t$type\t$module\t$category\t$description";
1530 $stream = fopen($pth[
'file'][
'log'],
'a');
1533 $ok = fwrite($stream, $message . PHP_EOL) !==
false;
1560 if ($f ==
'login' || $f ==
'xh_login_failed') {
1561 $cf[
'meta'][
'robots'] =
"noindex";
1562 $onload .=
'document.forms[\'login\'].elements[\'keycut\'].focus();';
1563 $message = ($f ==
'xh_login_failed')
1564 ?
XH_message(
'fail', $tx[
'login'][
'failure'])
1566 $f = $tx[
'menu'][
'login'];
1567 $o .=
'<div class="xh_login">' 1568 .
'<h1>' . $tx[
'menu'][
'login'] .
'</h1>' 1570 .
'<p><b>' . $tx[
'login'][
'warning'] .
'</b></p>' 1571 .
'<form id="login" name="login" action="' . $sn .
'?' . $su
1572 .
'" method="post">' 1573 .
'<input type="hidden" name="login" value="true">' 1574 .
'<input type="hidden" name="selected" value="' . $su .
'">' 1575 .
'<input type="password" name="keycut" id="passwd" value="">' 1577 .
'<input type="submit" name="submit" id="submit" value="' 1578 . $tx[
'menu'][
'login'] .
'">' 1580 if (!empty($cf[
'security'][
'email'])) {
1581 $o .=
'<a href="' . $sn .
'?&function=forgotten">' 1582 . $tx[
'title'][
'password_forgotten'] .
'</a>';
1584 $o .=
'<p><a href="' .
"$sn?$su" .
'">' . $tx[
'login'][
'back']
1604 $stream = fopen($filename,
'rb');
1607 $contents = stream_get_contents($stream);
1629 $stream = fopen($filename,
'cb');
1632 ftruncate($stream, 0);
1633 $res = fwrite($stream, $contents);
1656 static $callbacks = array();
1658 if (isset($callback)) {
1659 $callbacks[] = $callback;
1661 foreach ($callbacks as $callback) {
1685 static $callbacks = array();
1687 if (is_callable($param)) {
1688 $callbacks[] = $param;
1690 foreach ($callbacks as $callback) {
1691 $param = $callback($param);
1713 $ofn = $pth[
'folder'][
'corestyle'] .
'xhstyles.css';
1714 $expired = !file_exists($ofn) || filemtime($pth[
'file'][
'corestyle']) > filemtime($ofn);
1718 if (($ofp = fopen($ofn,
'r')) !==
false 1719 && fgets($ofp, 4096) && fgets($ofp, 4096)
1720 && ($oldPlugins = fgets($ofp, 4096))
1722 $oldPlugins = explode(
',', trim($oldPlugins,
" *\r\n"));
1723 $expired = $plugins != $oldPlugins;
1727 if ($ofp !==
false) {
1734 foreach ($plugins as
$plugin) {
1735 $fn = $pth[
'folder'][
'plugins'] . $plugin .
'/css/stylesheet.css';
1736 if (file_exists($fn) && filemtime($fn) > filemtime($ofn)) {
1746 PHP_EOL .
'/' . str_pad(
' ' . $pth[
'file'][
'corestyle'], 76,
'*', STR_PAD_LEFT) .
' */' 1747 . PHP_EOL . PHP_EOL . file_get_contents($pth[
'file'][
'corestyle'])
1749 foreach ($plugins as
$plugin) {
1750 $fn = $pth[
'folder'][
'plugins'] . $plugin .
'/css/stylesheet.css';
1751 if (file_exists($fn)) {
1752 $css = file_get_contents($fn);
1753 if (substr($css, 0, 3) ===
"\xEF\xBB\xBF") {
1754 $css = substr($css, 3);
1758 .
'/' . str_pad(
' ' . $fn, 76,
'*', STR_PAD_LEFT) .
' */' 1759 . PHP_EOL . PHP_EOL . $css;
1764 .
' * Automatically created by CMSimple_XH. DO NOT MODIFY!' . PHP_EOL
1765 .
' * ' . implode(
',', $plugins) . PHP_EOL
1766 .
' */' . PHP_EOL . PHP_EOL
1767 . implode(PHP_EOL . PHP_EOL,
$o);
1769 e(
'cntwriteto',
'stylesheet', $ofn);
1789 return preg_replace(
1790 '/url\(\s*(["\']?)(?!\s*["\']?\/|\s*["\']?http[s]?:)(.*?)(["\']?)\s*\)/s',
1791 "url(\$1../../plugins/$plugin/css/\$2\$3)",
1808 $class =
'xh_' . $type;
1809 $args = array_slice(func_get_args(), 2);
1810 $message = vsprintf($message, $args);
1811 $message =
XH_hsc($message);
1812 return '<p class="' . $class .
'">' . $message .
'</p>';
1831 $folders = array($pth[
'folder'][
'base'] .
'content/');
1832 foreach ($languages as $language) {
1833 $folders[] = $pth[
'folder'][
'base'] .
'content/' . $language .
'/';
1836 return $backup->execute();
1854 $path = $pth[
'folder'][
'base'] . $name;
1855 return is_dir($path) && preg_match(
'/^[A-z]{2}$/', $name)
1856 && file_exists($path .
'/.2lang');
1875 $replacePairs = array(
'{SITE}' => $site,
'{PAGE}' => $subtitle);
1876 $title = strtr($cf[
'title'][
'format'], $replacePairs);
1899 echo
'<!DOCTYPE html>',
"\n",
'<html',
1900 (strlen($sl) == 2 ?
" lang=\"$sl\"" :
''),
'>',
"\n";
1902 echo
'<head>',
"\n" .
head(),
1903 '<meta name="robots" content="noindex">',
"\n",
1904 '</head>',
"\n",
'<body class="', $bodyClass,
'"',
onload(),
'>',
"\n",
1905 $content,
$bjs,
'</body>',
"\n",
'</html>',
"\n";
1906 if (isset($_XH_csrfProtection)) {
1907 $_XH_csrfProtection->store();
1931 $src = $pth[
'folder'][
'corestyle'] .
'help_icon.png';
1932 $o =
'<div class="pl_tooltip">' 1933 .
'<img src="' . $src .
'" alt="' . $tx[
'editmenu'][
'help'] .
'">' 1934 .
'<div>' . $tooltip .
'</div>' 1951 $suffix = $regularOnly ?
'content' :
'[^.]+';
1952 return (
bool) preg_match(
'/^\d{8}_\d{6}_' . $suffix .
'.htm$/', $filename);
1968 $templates = array();
1969 if (is_dir($pth[
'folder'][
'templates']) && ($handle = opendir($pth[
'folder'][
'templates']))) {
1970 while ((
$file = readdir($handle)) !==
false) {
1971 $dir = $pth[
'folder'][
'templates'] .
$file;
1972 if (
$file[0] !=
'.' && is_dir($dir)
1973 && file_exists($dir .
'/template.htm')
1975 $templates[] =
$file;
1980 natcasesort($templates);
1997 $languages = array();
1998 if (is_dir($pth[
'folder'][
'language']) && ($handle = opendir($pth[
'folder'][
'language']))) {
1999 while ((
$file = readdir($handle)) !==
false) {
2000 if (preg_match(
'/^([a-z]{2})\.php$/i',
$file, $m)) {
2001 $languages[] = $m[1];
2006 natcasesort($languages);
2026 if (!isset($langs)) {
2028 if (is_dir($pth[
'folder'][
'base']) && ($dir = opendir($pth[
'folder'][
'base']))) {
2029 while (($entry = readdir($dir)) !==
false) {
2053 $parts = explode(
'/', $path);
2055 if ($parts[0] ===
'.' 2056 || $parts[0] ===
'..' && $sl !== $cf[
'language'][
'default']
2058 $part0 = array_shift($parts);
2060 if (empty($parts)) {
2063 if (($sl === $cf[
'language'][
'default'] || $part0 ===
'..')
2066 array_shift($parts);
2068 if (empty($parts)) {
2071 if ($parts[0] ===
'' || $parts[0] ===
'index.php') {
2072 array_shift($parts);
2074 return empty($parts);
2089 foreach (array(
'scheme',
'host',
'port',
'user',
'pass') as $key) {
2090 $ok = $ok && !isset($urlParts[$key]);
2110 $parts = parse_url($url);
2112 $parts[
'query'] = (isset($parts[
'query']) ? $parts[
'query'] .
'&' :
'');
2113 $parts[
'query'] .=
'print';
2114 $url = isset($parts[
'path']) ? $parts[
'path'] :
'';
2115 $url .=
'?' . $parts[
'query'];
2116 if (isset($parts[
'fragment'])) {
2117 $url .=
'#' . $parts[
'fragment'];
2120 return $matches[1] . $url . $matches[2];
2134 $regex =
'/(<a[^>]+href=(["\']))([^"\']*)\\2/iu';
2135 $content = preg_replace_callback($regex,
'XH_convertToPrintUrl', $pageContent);
2154 return json_decode($string);
2172 return json_encode($value);
2189 return json_last_error();
2206 if (!defined(
'ENT_SUBSTITUTE')) {
2208 $string = htmlspecialchars($string, ENT_COMPAT,
'UTF-8');
2210 $string = htmlspecialchars($string, ENT_COMPAT | ENT_SUBSTITUTE,
'UTF-8');
2231 if ($cf[
'mailform'][
'email'] ==
'') {
2254 $_stream = fopen($_filename,
'r');
2257 $_res = include $_filename;
2262 if (!isset($$_varname)) {
2263 $$_varname = array();
2265 return $_res !==
false ? $$_varname :
false;
2282 } elseif ($count >= 2 && $count <= 4) {
2311 $defaultFilename = $pth[
'folder'][
'cmsimple'] .
'defaultconfig.php';
2312 $filename = $pth[
'file'][
'config'];
2315 $defaultFilename = $pth[
'folder'][
'language'] .
'default.php';
2316 $filename = $pth[
'file'][
'language'];
2320 $varname =
'plugin_cf';
2321 $defaultFilename = $pth[
'folder'][
'plugin_config'] .
'defaultconfig.php';
2322 $filename = $pth[
'file'][
'plugin_config'];
2324 $varname =
'plugin_tx';
2325 $defaultFilename = $pth[
'folder'][
'plugin_languages'] .
'default.php';
2326 $filename = $pth[
'file'][
'plugin_language'];
2329 if (is_readable($defaultFilename)) {
2330 include $defaultFilename;
2332 $$varname = array();
2334 if (is_readable($filename)) {
2337 is_array($var) ? $var : array(),
2338 is_array($$varname) ? $$varname : array()
2358 foreach ($array1 as $key => $subarray1) {
2359 $subarray2 = isset($array2[$key]) ? $array2[$key] : array();
2360 $array2[$key] = $subarray1 + $subarray2;
2387 return rename($oldname, $newname);
2420 return preg_replace(
2421 '/\/' . preg_quote($sl,
'/') .
'\/$/',
2423 preg_replace(
'/\/index\.php$/',
'/', $sn)
2443 static $plugins = array();
2448 if (isset($plugins[$type])) {
2449 $result = $plugins[$type];
2450 natcasesort($result);
2451 return array_values($result);
2524 if (!
XH_ADM && isset($_SESSION[
'xh_password'])) {
2525 unset($_SESSION[
'xh_password']);
2528 if (error_reporting() <= 0) {
2529 $lastError = error_get_last();
2530 if (in_array($lastError[
'type'], array(E_ERROR, E_PARSE))) {
2531 echo $tx[
'error'][
'fatal'];
2551 if (class_exists(
'IntlDateFormatter',
false)) {
2552 $dateFormatter =
new IntlDateFormatter(
2553 $tx[
'locale'][
'all'] ? $tx[
'locale'][
'all'] : null,
2554 constant(
'IntlDateFormatter::' . strtoupper($cf[
'format'][
'date'])),
2555 constant(
'IntlDateFormatter::' . strtoupper($cf[
'format'][
'time']))
2557 return $dateFormatter->format($timestamp);
2559 return date($tx[
'lastupdate'][
'dateformat'], $timestamp);
2576 return flock($handle, $operation);
2591 $words = array_unique($words);
2592 usort($words,
function ($a, $b) {
2593 return strlen($b) - strlen($a);
2595 $patterns = array();
2596 foreach ($words as $word) {
2597 $word = trim($word);
2599 $patterns[] =
'/' . preg_quote($word,
'/') .
'(?![^<]*>)/isuU';
2602 return preg_replace($patterns,
'<span class="xh_find">$0</span>',
$text);
2620 $className = str_replace(
'_',
'\\', $className);
2622 $subpackages = explode(
'\\', $className);
2623 if (count($subpackages) <= 1) {
2626 $packages = array_splice($subpackages, 0, 1);
2627 $package = $packages[0];
2628 $classes = array_splice($subpackages, -1);
2629 $class = $classes[0];
2632 if ($package ==
'XH') {
2633 $folder = $pth[
'folder'][
'classes'];
2635 $folder = $pth[
'folder'][
'plugins'] . strtolower($package) .
'/classes/';
2637 foreach ($subpackages as $subpackage) {
2638 $folder .= strtolower($subpackage) .
'/';
2640 $filename = $folder . $class .
'.php';
2642 if (!file_exists($filename)) {
2646 include_once $filename;
2648 if (class_exists($className)) {
2649 class_alias($className, str_replace(
'\\',
'_', $className));
2666 if (session_id() ==
'') {
2668 file_put_contents(
"{$pth['folder']['cmsimple']}.sessionname", $sessionName);
2669 session_name($sessionName);
2691 $o =
'<h5>' . $tx[
'title'][
'cms'] .
'</h5>' 2692 .
'<ul><li><a href="http://cmsimple-xh.org">CMSimple_XH</a></li></ul>';
2693 $defaulttpl = $tx[
'subsite'][
'template'] ==
'' 2694 ? $cf[
'site'][
'template']
2695 : $tx[
'subsite'][
'template'];
2699 $tpltext .= $defaulttpl == $template
2700 ?
'<dt>' . $tx[
'template'][
'active'] . ucfirst($template) .
'</dt>' 2701 :
'<dt>' . ucfirst($template) .
'</dt>';
2702 $infoPath = $pth[
'folder'][
'templates'] .
'/' . $template .
'/templateinfo.htm';
2703 if (is_file($infoPath)) {
2705 strip_tags(file_get_contents($infoPath),
'<a><br><br/>'),
2711 $tpltext .= $tplinfo;
2713 $tpltext .=
'</dd>';
2717 $o .=
'<h5>' . $tx[
'title'][
'templates'] .
'</h5><dl>' . $tpltext .
'</dl>';
2722 $t .=
'<li><a href="' . $url .
'">' . ucfirst($plugin)
2726 $o .= $t?
'<h5>' . $tx[
'title'][
'plugins'] .
'</h5><ul>' . $t .
'</ul>' :
'';
2747 $standardPlugins = array(
2748 'fa',
'filebrowser',
'meta_tags',
'page_params',
'pagemanager' ,
'tinymce',
2749 'jquery',
'hi_updatecheck',
2751 if (in_array(
$plugin, $standardPlugins)) {
2754 $filename = $pth[
'folder'][
'plugins'] .
$plugin .
'/version.nfo';
2755 if (is_readable($filename)) {
2756 $contents = file_get_contents($filename);
2757 $contents = explode(
',', $contents);
2758 $url = $contents[5];
2790 if (
hide($s) && $cf[
'show_hidden'][
'path_locator'] !=
'true') {
2793 $firstPublishedPage = $xh_publisher->getFirstPublishedPage();
2794 if ($s == $firstPublishedPage) {
2796 } elseif ($title !=
'' && (!isset($h[$s]) || $h[$s] != $title)) {
2797 $res = array(array($title, null));
2798 } elseif ($f !=
'') {
2799 return array(array(ucfirst($f), null));
2800 } elseif ($s > $firstPublishedPage) {
2804 for (
$i = $s - 1;
$i > $firstPublishedPage;
$i--) {
2815 return array(array(
' ', null));
2817 if ($cf[
'locator'][
'show_homepage'] ==
'true') {
2820 array($tx[
'locator'][
'home'],
XH_getPageURL($firstPublishedPage))
2822 if ($s > $firstPublishedPage && $h[$s] == $title) {
2827 if ($s > $firstPublishedPage && $h[$s] == $title) {
2850 return $sn .
'?' . $u[$index];
2866 $queryString = ltrim(preg_replace(
'/&?selected=[^&]+/',
'', $_SERVER[
'QUERY_STRING']),
'&');
2868 $queryString =
"$selected&$queryString";
evaluate_cmsimple_scripting($__text, $__compat=true)
XH_logMessage($type, $module, $category, $description)
XH_evaluateSinglePluginCall($___expression)
utf8_substr($string, $offset, $length=null)
XH_debug($errno, $errstr, $errfile, $errline)
XH_isContentBackup($filename, $regularOnly=true)
XH_builtinTemplate($bodyClass)
XH_renameFile($oldname, $newname)
XH_checkValidUtf8(array $arr)
XH_includeVar($_filename, $_varname)
XH_isLanguageFolder($name)
XH_registeredFilebrowserPlugins()
XH_writeFile($filename, $contents)
XH_adjustStylesheetURLs($plugin, $css)
XH_createLanguageFile($dst)
XH_mailform($subject=null)
XH_registeredEditorPlugins()
XH_afterPluginLoading($callback=null)
const XH_URICHAR_SEPARATOR(preg_match('/cms.php/i', $_SERVER['PHP_SELF']))
if($cf['site']['compat']) $errors
XH_registerPluginType($type, $plugin=null)
editor_replace($elementID=false, $config='')
XH_lockFile($handle, $operation)
XH_formatDate($timestamp)
XH_uenc($s, array $search, array $replace)
XH_availableLocalizations()
XH_convertPrintUrls($pageContent)
XH_registeredPagemanagerPlugins()
if(!isset($cf['folders']['content'])) if($cf['site']['timezone'] !=='' &&function_exists('date_default_timezone_set')) $sl
const CMSIMPLE_ROOT($temp as $i)
evaluate_scripting($text, $compat=true)
foreach(XH_plugins() as $plugin) $_XH_csrfProtection
XH_highlightSearchWords(array $words, $text)
XH_unionOf2DArrays(array $array1, array $array2)
XH_spliceString(&$string, $offset, $length=0, $replacement='')
XH_escapeCMSimpleScripting(array $matches)
XH_registeredEditmenuPlugins()
init_editor(array $elementClasses=array(), $initFile=false)
utf8_bad_replace($string, $replace='?')
XH_afterFinalCleanUp($param)
XH_convertToPrintUrl(array $matches)
XH_isInternalUrl($urlParts)
evaluate_plugincall($text)
XH_readConfiguration($plugin=false, $language=false)
XH_message($type, $message)
if($su==uenc('site/cms info')) if(XH_ADM) if($s==-1 &&! $f && $o=='' && $su=='') if(XH_ADM) $output
XH_title($site, $subtitle)
XH_readContents($language=null)