-
Notifications
You must be signed in to change notification settings - Fork 19
/
index.php
128 lines (112 loc) · 4.89 KB
/
index.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
<?php
/* Reminder: always indent with 4 spaces (no tabs). */
// +---------------------------------------------------------------------------+
// | Static Pages Plugin 1.7 |
// +---------------------------------------------------------------------------+
// | index.php |
// | |
// | This is the main page for the Geeklog Static Pages Plugin |
// +---------------------------------------------------------------------------+
// | Copyright (C) 2000-2017 by the following authors: |
// | |
// | Authors: Tony Bibbs - tony AT tonybibbs DOT com |
// | Tom Willett - twillett AT users DOT sourceforge DOT net |
// | Dirk Haun - dirk AT haun-online DOT de |
// +---------------------------------------------------------------------------+
// | |
// | This program is free software; you can redistribute it and/or |
// | modify it under the terms of the GNU General Public License |
// | as published by the Free Software Foundation; either version 2 |
// | of the License, or (at your option) any later version. |
// | |
// | This program is distributed in the hope that it will be useful, |
// | but WITHOUT ANY WARRANTY; without even the implied warranty of |
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
// | GNU General Public License for more details. |
// | |
// | You should have received a copy of the GNU General Public License |
// | along with this program; if not, write to the Free Software Foundation, |
// | Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
// | |
// +---------------------------------------------------------------------------+
/**
* Display a Static Page
*
* @package StaticPages
* @subpackage public_html
*/
/**
* Geeklog common function library
*/
require_once '../lib-common.php';
if (!in_array('staticpages', $_PLUGINS)) {
COM_handle404();
exit;
}
// MAIN
COM_setArgNames(array('page', 'disp_mode'));
$page = COM_applyFilter(COM_getArgument('page'));
$display_mode = COM_applyFilter(COM_getArgument('disp_mode'));
$query = Geeklog\Input::fRequest('query', '');
// If user is allowed to switch languages
if ($_CONF['allow_user_language'] == 1) {
// Let's figure out if page is for specific language
// If so let URL class know in case user changes language
$page_lang = COM_getLanguageIdForObject($page);
if (!empty($page) AND !empty($page_lang)) {
$_URL->setItemInfo($page, $page_lang);
}
}
TOPIC_getTopic('staticpages', $page);
// from comments display refresh:
if (isset($_REQUEST['order'])) {
$comment_order = Geeklog\Input::fRequest('order');
$comment_mode = Geeklog\Input::fRequest('mode');
if (isset($_REQUEST['cpage'])) {
$comment_page = Geeklog\Input::fRequest('cpage');
}
if ((strcasecmp($comment_order, 'ASC') != 0) &&
(strcasecmp($comment_order, 'DESC') != 0)
) {
$comment_order = '';
}
} else {
$comment_order = '';
$comment_mode = '';
$comment_page = 1;
}
if ($display_mode !== 'print') {
$display_mode = '';
}
$msg = (int) Geeklog\Input::fGet('msg', 0);
if ($msg <= 0) {
$msg = 0;
}
// Handle just template staticpage security here, rest done in services.
// Cannot view template staticpages directly. If template staticpage bail here
// if user doesn't have edit rights.
if (DB_getItem($_TABLES['staticpage'], 'template_flag', "sp_id = '$page'") == 1) {
if (SEC_hasRights('staticpages.edit')) {
$perms = SP_getPerms('', '3');
if (!empty($perms)) {
$perms = ' AND ' . $perms;
}
if (DB_getItem($_TABLES['staticpage'], 'sp_id', "sp_id = '$page'" . $perms) == '') {
COM_handle404();
exit;
}
} else {
COM_handle404();
exit;
}
}
$retval = SP_returnStaticpage($page, $display_mode, $comment_order, $comment_mode, $comment_page, $msg, $query);
if ($display_mode === 'print') {
header('Content-Type: text/html; charset=' . COM_getCharset());
header('X-XSS-Protection: 1; mode=block');
header('X-Content-Type-Options: nosniff');
if (!empty($_CONF['frame_options'])) {
header('X-FRAME-OPTIONS: ' . $_CONF['frame_options']);
}
}
COM_output($retval);