Location: PHPKode > projects > Gnew > Gnew-2013.1/admin/templates.php
<?php
// -----------------------------------------------------------------------------
// $Id: templates.php 665 2013-03-23 06:48:57Z raoul $
//
// Copyright (C) 2013 Raoul Proença
// License: GNU GPL version 3 (see copying.txt file)
// Website: http://www.gnew.fr/
// -----------------------------------------------------------------------------
// This program is free software: you can redistribute it and/or modify it under
// the terms of the GNU General Public License as published by the Free Software
// Foundation, either version 3 of the License, or (at your option) any later
// version.
//
// This program is distributed in the hope that it will be useful, but WITHOUT
// ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
// FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
// details.
//
// You should have received a copy of the GNU General Public License along with
// this program. If not, see <http://www.gnu.org/licenses/>.
// -----------------------------------------------------------------------------

include('./../includes/common.php');

page_header($lang['ADMIN_TEMPLATES']);

// Administrator?
if ($users['user_level'] < 4)
{
    error_template($lang['ERROR_LEVEL_ACCESS']);
}
else
{
    // Edit form
    if (isset($_GET['action']) && $_GET['action'] == 'edit_template')
    {
        // Check query
        if (!empty($_GET['file']))
        {
            // Check file and directory
            if (!file_exists($_GET['file']) || !preg_match('`^\./\.\./templates/[^\.]+\.(css|htpl|js)$`', $_GET['file']))
            {
                error_template($lang['ERROR_QUERY']);
            }
            else
            {
                $handle = $_GET['file'];
                $fp = fopen($handle, 'rb');
                $template_content = fread($fp, filesize($handle));
                fclose($fp);
                // HTML entities
                $template_content = preg_replace('`&([^;\s]+;)`', '&#38;\\1', $template_content);
                // Template variables
                $template_content = preg_replace('`{([0-9a-z_:\*\-\.·•]+)}`i', '&#123;\\1&#125;', $template_content);
                // HTML tags
                $template_content = str_replace('<', '&#60;', $template_content);
                $template_content = str_replace('>', '&#62;', $template_content);
                $template->set_file('admin', 'admin/templates/edit.htpl');
                $template->set_var(array('FILE' => $_GET['file'],
                                         'TEMPLATE_CONTENT' => $template_content));
                $template->parse('admin');
            }
        }
        else
        {
            error_template($lang['ERROR_QUERY']);
        }
    }
    // Edit?
    elseif (isset($_POST['edit_template']))
    {
        if (is_writable($_POST['file']))
        {
            $template_content = preg_replace('`&#123;([0-9a-z_:\*\-\.·•]+)&#125;`i', '{\\1}', $_POST['template_content']);
            $fp = fopen($_POST['file'], 'wb');
            flock($fp, LOCK_EX);
            fwrite($fp, $template_content, strlen($template_content));
            flock($fp, LOCK_UN);
            fclose($fp);
            success_template($lang['TEMPLATE_EDITED'], './../admin/templates.php');
        }
        else
        {
            error_template(sprintf($lang['ERROR_FILE_NOT_WRITABLE'], $_POST['file']));
        }
    }
    // Templates tree
    else
    {
        $template->set_file('admin', 'admin/templates/view.htpl');
        $template->set_var('TEMPLATES_LIST', get_templates_tree());
        $template->parse('admin');
    }
}

page_footer();

?>
Return current item: Gnew