'index.php',"name" => get_lang('PlatformAdmin')); if(!empty($action)){ $interbreadcrumb[]=array('url' => 'configure_homepage.php',"name" => get_lang('ConfigureHomePage')); switch($action){ case "edit_top": $tool_name=get_lang("EditHomePage"); break; case "edit_news": $tool_name=get_lang("EditNews"); break; case "edit_notice": $tool_name=get_lang("EditNotice"); break; case "insert_link": $tool_name=get_lang("InsertLink"); break; case "edit_link": $tool_name=get_lang("EditLink"); break; } } //The global logic for language priorities should be: //- take language selected when connecting ($_SESSION['user_language_choice']) // or last language selected (taken from select box into SESSION by global.inc.php) // or, if unavailable; //- take default user language ($_SESSION['_user']['language']) - which is taken from // the database in local.inc.php or, if unavailable; //- take platform language (taken from the database campus setting 'platformLanguage') // Then if a language file doesn't exist, it should be created. // The default language for the homepage should use the default platform language // (if nothing else is selected), which means the 'no-language' file should be taken // to fill a new 'language-specified' language file, and then only the latter should be // modified. The original 'no-language' files should never be modified. // ----- Language selection ----- // The final language selected and used everywhere in this script follows the rules // described above and is put into "$lang". Because this script includes // global.inc.php, the variables used for language purposes below are considered safe. $lang = ''; //el for "Edit Language" if(!empty($_SESSION['user_language_choice'])) { $lang=$_SESSION['user_language_choice']; } elseif(!empty($_SESSION['_user']['language'])) { $lang=$_SESSION['_user']['language']; } else { $lang=get_setting('platformLanguage'); } // ----- Ensuring availability of main files in the corresponding language ----- if ($_configuration['multiple_access_urls']==true) { $access_url_id = api_get_current_access_url_id(); if ($access_url_id != -1){ $url_info = api_get_access_url($access_url_id); // "http://" and the final "/" replaced $url = substr($url_info['url'],7,strlen($url_info['url'])-8); $clean_url = replace_dangerous_char($url); $clean_url = str_replace('/','-',$clean_url); $clean_url = $clean_url.'/'; $homep = '../../home/'; //homep for Home Path $homep_new = '../../home/'.$clean_url; //homep for Home Path added the url $new_url_dir = api_get_path(SYS_PATH).'home/'.$clean_url; //we create the new dir for the new sites if (!is_dir($new_url_dir)){ umask(0); $perm = api_get_setting('permissions_for_new_directories'); $perm = octdec(!empty($perm)?$perm:'0755'); mkdir($new_url_dir, $perm); } } } else { $homep_new =''; $homep = '../../home/'; //homep for Home Path } $menuf = 'home_menu'; //menuf for Menu File $newsf = 'home_news'; //newsf for News File $topf = 'home_top'; //topf for Top File $noticef = 'home_notice'; //noticef for Notice File $ext = '.html'; //ext for HTML Extension - when used frequently, variables are // faster than hardcoded strings $homef = array($menuf,$newsf,$topf,$noticef); // If language-specific file does not exist, create it by copying default file foreach($homef as $my_file) { if ($_configuration['multiple_access_urls']==true) { if (!file_exists($homep_new.$my_file.'_'.$lang.$ext)) { copy($homep.$my_file.$ext,$homep_new.$my_file.'_'.$lang.$ext); } } else { if (!file_exists($homep.$my_file.'_'.$lang.$ext)) { copy($homep.$my_file.$ext,$homep.$my_file.'_'.$lang.$ext); } } } if ($_configuration['multiple_access_urls']==true) { $homep = $homep_new; } // Check WCAG settings and prepare edition using WCAG $errorMsg=''; if (api_get_setting('wcag_anysurfer_public_pages')=='true') { $errorMsg=WCAG_Rendering::request_validation(); } // Filter link param $link = ''; if(!empty($_GET['link'])) { $link=$_GET['link']; // If the link parameter is suspicious, empty it if(strstr($link,'/') || !strstr($link,'.html') || strstr($link,'\\')) { $link=''; $action=''; } } global $_configuration; // Start analysing requested actions if(!empty($action)) { if($_POST['formSent']) { //variables used are $homep for home path, $menuf for menu file, $newsf // for news file, $topf for top file, $noticef for noticefile, // $ext for '.html' switch($action) { case 'edit_top': // Filter $home_top=''; if (api_get_setting('wcag_anysurfer_public_pages')=='true') { $home_top=WCAG_Rendering::prepareXHTML(); } else { $home_top=trim(stripslashes($_POST['home_top'])); } // Write if (file_exists($homep.$topf.'_'.$lang.$ext)) { if(is_writable($homep.$topf.'_'.$lang.$ext)) { $fp=fopen($homep.$topf.'_'.$lang.$ext,"w"); fputs($fp,$home_top); fclose($fp); } else { $errorMsg=get_lang('HomePageFilesNotWritable'); } } else { //File does not exist $fp=fopen($homep.$topf.'_'.$lang.$ext,"w"); fputs($fp,$home_top); fclose($fp); } break; case 'edit_notice': // Filter $notice_title=trim(strip_tags(stripslashes($_POST['notice_title']))); $notice_text=trim(str_replace(array("\r","\n"),array("","
"),strip_tags(stripslashes($_POST['notice_text']),''))); /*if(empty($notice_title)) { $errorMsg=get_lang('PleaseEnterNoticeTitle'); } elseif(empty($notice_text)) { $errorMsg=get_lang('PleaseEnterNoticeText'); }*/ if(empty($notice_title) || empty($notice_text)){ $errorMsg=get_lang('NoticeWillBeNotDisplayed'); } // Write if(file_exists($homep.$noticef.'_'.$lang.$ext)) { if(is_writable($homep.$noticef.'_'.$lang.$ext)) { $fp=fopen($homep.$noticef.'_'.$lang.$ext,"w"); if($errorMsg==''){ fputs($fp,"$notice_title
\n$notice_text"); } else { fputs($fp,""); } fclose($fp); } else { $errorMsg.="
\n".get_lang('HomePageFilesNotWritable'); } } else { //File does not exist $fp=fopen($homep.$noticef.'_'.$lang.$ext,"w"); fputs($fp,"$notice_title
\n$notice_text"); fclose($fp); } break; case 'edit_news': //Filter //$s_languages_news=$_POST["news_languages"]; if (api_get_setting('wcag_anysurfer_public_pages')=='true') { $home_news=WCAG_rendering::prepareXHTML(); } else { $home_news=trim(stripslashes($_POST['home_news'])); } //Write if($s_languages_news!="all"){ if(file_exists($homep.$newsf.'_'.$s_languages_news.$ext)){ if(is_writable($homep.$newsf.'_'.$s_languages_news.$ext)){ $fp=fopen($homep.$newsf.'_'.$s_languages_news.$ext,"w"); fputs($fp,$home_news); fclose($fp); } else{ $errorMsg=get_lang('HomePageFilesNotWritable'); } } //File not exists else{ $fp=fopen($homep.$newsf.'_'.$s_languages_news.$ext,"w"); fputs($fp,$home_news); fclose($fp); } } else //we update all the news file { $_languages=api_get_languages(); foreach($_languages["name"] as $key => $value){ $english_name=$_languages["folder"][$key]; if(file_exists($homep.$newsf.'_'.$english_name.$ext)){ if(is_writable($homep.$newsf.'_'.$english_name.$ext)){ $fp=fopen($homep.$newsf.'_'.$english_name.$ext,"w"); fputs($fp,$home_news); fclose($fp); } else{ $errorMsg=get_lang('HomePageFilesNotWritable'); } } //File not exists else{ $fp=fopen($homep.$newsf.'_'.$english_name.$ext,"w"); fputs($fp,$home_news); fclose($fp); } } } break; case 'insert_link': case 'edit_link': $link_index=intval($_POST['link_index']); $insert_where=intval($_POST['insert_where']); $link_name=trim(stripslashes($_POST['link_name'])); $link_url=trim(stripslashes($_POST['link_url'])); // WCAG if (api_get_setting('wcag_anysurfer_public_pages')=='true') { $link_html=WCAG_Rendering::prepareXHTML(); } else { $link_html=trim(stripslashes($_POST['link_html'])); } $filename=trim(stripslashes($_POST['filename'])); $target_blank=$_POST['target_blank']?true:false; if($link_url == 'http://') { $link_url=''; } elseif(!empty($link_url) && !strstr($link_url,'://')) { $link_url='http://'.$link_url; } if(!is_writable($homep.$menuf.'_'.$lang.$ext)) { $errorMsg=get_lang('HomePageFilesNotWritable'); } elseif(empty($link_name)) { $errorMsg=get_lang('PleaseEnterLinkName'); } else { // New links are added as new files in the home/ directory if($action == 'insert_link' || empty($filename) || strstr($filename,'/') || !strstr($filename,'.html')) { $filename=replace_dangerous_char($link_name,'strict').'.html'; } // "home_" prefix for links are renamed to "user_" prefix (to avoid name clash with existing home page files) if(!empty($filename)) { $filename=str_replace('home_','user_',$filename); } // If the typical language suffix is not found in the file name, // replace the ".html" suffix by "_en.html" or the active menu language if(!strstr($filename,'_'.$lang.$ext)) { $filename=str_replace($ext,'_'.$lang.$ext,$filename); } // Get the contents of home_menu_en.html (or active menu language // version) into $home_menu as an array of one entry per line $home_menu=file($homep.$menuf.'_'.$lang.$ext); // Prepare place to insert the new link into (default is end of file) if($insert_where < -1 || $insert_where > (sizeof($home_menu) - 1)) { $insert_where=sizeof($home_menu) - 1; } // For each line of the file, remove trailing spaces and special chars foreach($home_menu as $key=>$enreg) { $home_menu[$key]=trim($enreg); } // If the given link url is empty, then replace the link url by a link to the link file created if(empty($link_url)) { $link_url=api_get_path(WEB_PATH).'index.php?include='.urlencode($filename); // If the file doesn't exist, then create it and // fill it with default text if(!file_exists(api_get_path(SYS_PATH).'home/'.$filename)) { $fp=@fopen(api_get_path(SYS_PATH).'home/'.$filename,'w'); if($fp) { fputs($fp,get_lang('MyTextHere')); fclose($fp); } } } // If the requested action is to edit a link, open the file and // write to it (if the file doesn't exist, create it) if($action == 'edit_link' && !empty($link_html)) { $fp=@fopen(api_get_path(SYS_PATH).'home/'.$filename,'w'); if($fp) { fputs($fp,$link_html); fclose($fp); } } // If the requested action is to create a link, make some room // for the new link in the home_menu array at the requested place // and insert the new link there if($action == 'insert_link') { for($i=sizeof($home_menu);$i;$i--) { if($i > $insert_where) { $home_menu[$i]=$home_menu[$i-1]; } else { break; } } $home_menu[$insert_where+1]='
  • '.$link_name.'
    • '; } else // If the request is about a link edition, change the link { $home_menu[$link_index]='
  • '.$link_name.'
    • '; } // Re-build the file from the home_menu array $home_menu=implode("\n",$home_menu); // Write if (file_exists($homep.$menuf.'_'.$lang.$ext)) { if (is_writable($homep.$menuf.'_'.$lang.$ext)) { $fp=fopen($homep.$menuf.'_'.$lang.$ext,"w"); fputs($fp,$home_menu); fclose($fp); if (file_exists($homep.$menuf.$ext)) { if (is_writable($homep.$menuf.$ext)) { $fpo=fopen($homep.$menuf.$ext,"w"); fputs($fpo,$home_menu); fclose($fpo); } } } else { $errorMsg=get_lang('HomePageFilesNotWritable'); } } else //File does not exist { $fp=fopen($homep.$menuf.'_'.$lang.$ext,"w"); fputs($fp,$home_menu); fclose($fp); } } break; } //end of switch($action) if(empty($errorMsg)) { header('Location: '.api_get_self()); exit(); } } else { //if POST[formSent] is not set switch($action) { case 'open_link': // Previously, filtering of GET['link'] was done here but it left // a security threat. Filtering has now been moved outside conditions break; case 'delete_link': // A link is deleted by getting the file into an array, removing the // link and re-writing the array to the file $link_index=intval($_GET['link_index']); $home_menu=file($homep.$menuf.'_'.$lang.$ext); foreach($home_menu as $key=>$enreg) { if($key == $link_index) { unset($home_menu[$key]); } else { $home_menu[$key]=trim($enreg); } } $home_menu=implode("\n",$home_menu); $fp=fopen($homep.$menuf.'_'.$lang.$ext,'w'); fputs($fp,$home_menu); fclose($fp); if (file_exists($homep.$menuf.$ext)) { if (is_writable($homep.$menuf.$ext)) { $fpo=fopen($homep.$menuf.$ext,'w'); fputs($fpo,$home_menu); fclose($fpo); } } header('Location: '.api_get_self()); exit(); break; case 'edit_top': // This request is only the preparation for the update of the home_top $home_top = ''; if(is_file($homep.$topf.'_'.$lang.$ext) && is_readable($homep.$topf.'_'.$lang.$ext)) { $home_top=file_get_contents($homep.$topf.'_'.$lang.$ext); } elseif(is_file($homep.$topf.$lang.$ext) && is_readable($homep.$topf.$lang.$ext)) { $home_top=file_get_contents($homep.$topf.$lang.$ext); } else { $errorMsg=get_lang('HomePageFilesNotReadable'); } break; case 'edit_notice': // This request is only the preparation for the update of the home_notice $home_notice = ''; if(is_file($homep.$noticef.'_'.$lang.$ext) && is_readable($homep.$noticef.'_'.$lang.$ext)) { $home_notice=file($homep.$noticef.'_'.$lang.$ext); } elseif(is_file($homep.$noticef.$lang.$ext) && is_readable($homep.$noticef.$lang.$ext)) { $home_notice=file($homep.$noticef.$lang.$ext); } else { $errorMsg=get_lang('HomePageFilesNotReadable'); } $notice_title=strip_tags($home_notice[0]); $notice_text=strip_tags(str_replace('
    ',"\n",$home_notice[1]),''); break; case 'edit_news': // This request is the preparation for the update of the home_news page $home_news = ''; if(is_file($homep.$newsf.'_'.$lang.$ext) && is_readable($homep.$newsf.'_'.$lang.$ext)) { $home_news=file_get_contents($homep.$newsf.'_'.$lang.$ext); // $home_news=file($homep.$newsf.$ext); // $home_news=implode('',$home_news); } elseif(is_file($homep.$newsf.$lang.$ext) && is_readable($homep.$newsf.$lang.$ext)) { $home_news=file_get_contents($homep.$newsf.$lang.$ext); } else { $errorMsg=get_lang('HomePageFilesNotReadable'); } break; case 'insert_link': // This request is the preparation for the addition of an item in home_menu $home_menu = ''; if(is_file($homep.$menuf.'_'.$lang.$ext) && is_readable($homep.$menuf.'_'.$lang.$ext)) { $home_menu=file($homep.$menuf.'_'.$lang.$ext); } elseif(is_file($homep.$menuf.$lang.$ext) && is_readable($homep.$menuf.$lang.$ext)) { $home_menu=file($homep.$menuf.$lang.$ext); } else { $errorMsg=get_lang('HomePageFilesNotReadable'); } break; case 'edit_link': // This request is the preparation for the edition of the links array $home_menu = ''; if(is_file($homep.$menuf.'_'.$lang.$ext) && is_readable($homep.$menuf.'_'.$lang.$ext)) { $home_menu=file($homep.$menuf.'_'.$lang.$ext); } elseif(is_file($homep.$menuf.$lang.$ext) && is_readable($homep.$menuf.$lang.$ext)) { $home_menu=file($homep.$menuf.$lang.$ext); } else { $errorMsg=get_lang('HomePageFilesNotReadable'); } $link_index=intval($_GET['link_index']); $target_blank=false; $link_name=''; $link_url=''; // For each line of the home_menu file foreach($home_menu as $key=>$enreg) { // Check if the current item is the one we want to update if($key == $link_index) { // This is the link we want to update // Check if the target should be "_blank" if(strstr($enreg,'target="_blank"')) { $target_blank=true; } // Remove dangerous HTML tags from the link itself (this is an // additional measure in case a link previously contained // unsecure tags) $link_name=strip_tags($enreg); // Get the contents of "href" attribute in $link_url $enreg=explode('href="',$enreg); list($link_url)=explode('"',$enreg[sizeof($enreg)-1]); // If the link contains the web root of this portal, then strip // it off and keep only the name of the file that needs edition if(strstr($link_url,$_configuration['root_web']) && strstr($link_url,'?include=')) { $link_url=explode('?include=',$link_url); $filename=$link_url[sizeof($link_url)-1]; if(!strstr($filename,'/') && strstr($filename,'.html')) { // Get oonly the contents of the link file $link_html=file(api_get_path(SYS_PATH).'home/'.$filename); $link_html=implode('',$link_html); $link_url=''; } else { $filename=''; } } break; } } break; }//end of second switch($action) (when POST['formSent'] was not set, yet) }// end of "else" in if($_POST['formSent']) condition } else //if $action is empty, then prepare a list of the course categories to display (?) { $result=api_sql_query("SELECT name FROM $tbl_category WHERE parent_id IS NULL ORDER BY tree_pos",__FILE__,__LINE__); $Categories=api_store_result($result); } // ------------------------- // ---- Display section ---- // ------------------------- Display::display_header($tool_name); //api_display_tool_title($tool_name); switch($action){ case 'open_link': if(!empty($link)) { // $link is only set in case of action=open_link and is filtered include($homep.$link); } break; case 'edit_notice': //------------ Display for edit_notice case -------------- ?>
    '; Display::display_normal_message($errorMsg); //echo ''; } ?>
    '.get_lang('LetThoseFieldsEmptyToHideTheNotice').''; ?>
    :
    :
     
    'margin: 0px;')); $renderer =& $form->defaultRenderer(); $renderer->setFormTemplate('{content}
    '); $renderer->setElementTemplate('{element}'); $renderer->setRequiredNoteTemplate(''); $form->addElement('header', '', $tool_name); $form->addElement('hidden', 'formSent', '1'); $form->addElement('hidden', 'link_index', $action == 'edit_link' ? $link_index : '0'); $form->addElement('hidden', 'filename', $action == 'edit_link' ? $filename : ''); $form->addElement('html', ''.get_lang('LinkName').' :'); $default['link_name'] = api_htmlentities($link_name, ENT_QUOTES, $charset); $form->addElement('text', 'link_name', get_lang('LinkName'), array('size' => '30', 'maxlength' => '50')); $form->addElement('html', ''); $form->addElement('html', ''.get_lang('LinkURL').' ('.get_lang('Optional').') :'); $default['link_url'] = empty($link_url) ? 'http://' : api_htmlentities($link_url, ENT_QUOTES, $charset); $form->addElement('text', 'link_url', get_lang('LinkName'), array('size' => '30', 'maxlength' => '100', 'style' => 'width: 350px;')); $form->addElement('html', ''); if($action == 'insert_link') { $form->addElement('html', ''.get_lang('InsertThisLink').' :'); $form->addElement('html', ''); } $form->addElement('html', ''.get_lang('OpenInNewWindow').''); $target_blank_checkbox = & $form->addElement('checkbox', 'target_blank', '', ' '.get_lang('Yes'), 1); if ($target_blank) $target_blank_checkbox->setChecked(true); $form->addElement('html', ''); //if($action == 'edit_link' && empty($link_url)) if ($action == 'edit_link' && (empty($link_url) || $link_url == 'http://')) { $form->addElement('html', ''); } else { $form->addElement('html', ''); } $form->setDefaults($default); $form->display(); $fck_attribute = null; break; case 'edit_top': case 'edit_news': if($action == 'edit_top') { $name= $topf; $open = $home_top; } else { $name = $newsf; $open=@file_get_contents($homep.$newsf.'_'.$lang.$ext); } if(!empty($errorMsg)) { Display::display_normal_message($errorMsg); //main API } $fck_attribute['ToolbarSet'] = "EditHomePage"; $fck_attribute['Width'] = '100%'; $fck_attribute['Height'] = '400'; $default = array(); $form = new FormValidator('configure_homepage_'.$action, 'post', api_get_self().'?action='.$action, '', array('style' => 'margin: 0px;')); $renderer =& $form->defaultRenderer(); $renderer->setHeaderTemplate(''); $renderer->setFormTemplate('
    '); $form->addElement('html', '
    '); if (api_get_setting('wcag_anysurfer_public_pages')=='true') { $form->addElement('html', WCAG_Rendering::create_xhtml(isset($_POST['link_html'])?$_POST['link_html']:$link_html)); } else { $default['link_html'] = isset($_POST['link_html']) ? $_POST['link_html'] : $link_html; $form->add_html_editor('link_html', ''); } $form->addElement('html', '
    '); $form->addElement('style_submit_button', null, get_lang('Save'), 'class="save"'); $form->addElement('html', '
     '); $form->addElement('style_submit_button', null, get_lang('Save'), 'class="save"'); $form->addElement('html', '
    {content}
    '); $renderer->setElementTemplate('{element}'); $renderer->setRequiredNoteTemplate(''); $form->addElement('hidden', 'formSent', '1'); if($action == 'edit_news'){ $_languages=api_get_languages(); $html = ''.get_lang('ChooseNewsLanguage').' : '; $html .= ''; $form->addElement('html', $html); } if (api_get_setting('wcag_anysurfer_public_pages')=='true') { //TODO: review these lines // Print WCAG-specific HTML editor $html = ''; //$html .= '