<?php
require_once "../config/config.php";
require_once "../includes/themepages_class.php";
require_once INCLUDE_DIR."/users_class.php";
$users = new users_class();
if($users->IsAdminhavePermission($_SESSION[SESSION_PREFIX.'Admin_UserID'],'Can view template manager')==false)
{
Redirect('admin_nopermission.php',true);
}
if($users->IsAdminhavePermission($_SESSION[SESSION_PREFIX.'Admin_UserID'],'Can manage template manager')==false)
{
Redirect('admin_nopermission.php',true);
}
$loManageThemePages = new themespages_class();
switch($_action)
{
case 'update':
$query = 'SELECT * FROM '.TABLE_PREFIX.'theme WHERE id=? AND isdefault=1';
$lsThemeID = array($_POST['hiddThemeID']);
$lsResultrow = $loManageThemePages->View($query,$lsThemeID,null);
if($lsResultrow > 0)
{
$lsCreatedFile = array('USER_HEADER','USER_LEFTPANE','USER_RIGHTPANE','USER_FOOTER','USER_PAGE_MAIN','USER_UNSUBSCRIBE','USER_SUBSCRIBE');
$lsCreatedCss = array('WEBSITE_CSS');
if(in_array($_POST['txtPageName'],$lsCreatedFile) or in_array($_POST['txtPageName'],$lsCreatedCss))
{
if($_POST['txtPageName'] == 'WEBSITE_CSS')
{
$folderpath = PHYSICAL_DIR.'/css/';
$filename = 'userpanel.css';
}
else
{
$folderpath = PHYSICAL_DIR.'/templates/';
$filename = strtolower($_POST['txtPageName']).'.tpl';
}
if(function_exists('chmod'))
@chmod($folderpath.$filename,0777);
if(!is_writable($folderpath.$filename))
{
if($_POST['txtPageName'] == 'WEBSITE_CSS')
{
$message->SetMessage('Please change css/userpanel.css file permission to read and write.');
}
else
{
$message->SetMessage('Please change templates/'.strtolower($filename).' templates file permission to read and write.');
}
$_SESSION[SESSION_PREFIX.'is_err']=true;
Redirect('admin_theme_pages_v.php?id='.$_POST['hiddThemeID'],true);
}
}
}
$lbIsPairOfScriptTagsEqual = false;
$lbIsPairOfStyleTagsEqual = false;
$lbIsPairOfCurlyBracketsEqual = false;
$lsInvalidCurlyBrackets = true;
$lsInvalidConstant = true;
$lsTemplateContent = (isset($_POST['spaw1']) and $_POST['spaw1'] != '') ? stripslashes($_POST['spaw1']) : ' ';
/*
//reformat script tags
$lsTemplateContent = ereg_replace('<(.*)script','<script',$lsTemplateContent);
$lsTemplateContent = ereg_replace('<(.*)/(.*)script(.*)>','</script>',$lsTemplateContent);
*/
//reformat style tags
//$lsTemplateContent = eregi_replace('/< style/','<style',$lsTemplateContent);
//$lsTemplateContent = ereg_replace('<(.*)/(.*)style(.*)>','</style>',$lsTemplateContent);
//calculate number of begin and end script tags
$lsNumberOfBeginScriptTags = count(explode('<script', $lsTemplateContent));
$lsNumberOfEndScriptTags = count(explode('</script>', $lsTemplateContent));
if($lsNumberOfBeginScriptTags == $lsNumberOfEndScriptTags) $lbIsPairOfScriptTagsEqual = true;
//calculate number of begin and end style tags
$lsNumberOfBeginStyleTags = count(explode('<style', $lsTemplateContent));
$lsNumberOfEndStyleTags = count(explode('</style>', $lsTemplateContent));
if($lsNumberOfBeginStyleTags == $lsNumberOfEndStyleTags) $lbIsPairOfStyleTagsEqual = true;
//calculate number of begin and end { } bracketes
$lsNumberOfBeginCurlyBrackets = count(explode('{', $lsTemplateContent));
$lsNumberOfEndCurlyBrackets = count(explode('}', $lsTemplateContent));
if($lsNumberOfBeginCurlyBrackets == $lsNumberOfEndCurlyBrackets) $lbIsPairOfCurlyBracketsEqual = true;
//print_r(explode('{',$lsTemplateContent)).'<br/>';
// print_r(explode('}',$lsTemplateContent)).'<br/>';
//
// echo $lsNumberOfBeginCurlyBrackets.'<br/>';
// echo $lsNumberOfEndCurlyBrackets.'<br/>';
// die;
//Check Curly Brackets are properly open and close or not
if($lbIsPairOfCurlyBracketsEqual == true and $lsNumberOfBeginCurlyBrackets > 1 and $lsNumberOfEndCurlyBrackets > 1)
{
$laBeginBracketPosition = array();
$laEndBracketPosition = array();
for($i=0;$i<$lsNumberOfBeginCurlyBrackets-1;$i++)
{
$laBeginBracketPosition[$i] = ($i == 0) ? stripos($lsTemplateContent,"{") : stripos($lsTemplateContent,"{",$laBeginBracketPosition[$i-1]+1) ;
$laEndBracketPosition[$i] = ($i == 0) ? stripos($lsTemplateContent,"}") : stripos($lsTemplateContent,"}",$laEndBracketPosition[$i-1]+1) ;
}
$ConstantArray = array('$WEB_URL','$WEB_URL_SECURE','$WEB_TITLE','$USER_HEADER','$USER_LEFTPANE','$USER_RIGHTPANE','$USER_FOOTER','$WEBSITE_CSS','$USER_PAGE_MAIN','$USER_UNSUBSCRIBE','$USER_SUBSCRIBE','$MEMBERSITE_HOME','$MEMBERSITE_SIGNUP','$MEMBERSITE_SUPPORT','$MEMBERSITE_LOGINSTATUS','$MEMBERSITE_EDITPROFILE','$MEMBERSITE_CHANGEPASSWORD','$MEMBERSITE_USERID','$MEMBERSITE_USERNAME','$MEMBERSITE_USER_LASTLOGGEDINTIME','$USER_CONTENT','$MEMBERSITE_LOGINSTATUS_LINK');
for($i=0;$i<$lsNumberOfBeginCurlyBrackets;$i++)
{
if($laBeginBracketPosition[$i] > $laEndBracketPosition[$i])
{
$lsInvalidCurlyBrackets = false;
break;
}
}
for($i=0;$i<$lsNumberOfBeginCurlyBrackets-1;$i++)
{
$ConstantString = substr($lsTemplateContent,$laBeginBracketPosition[$i]+1,$laEndBracketPosition[$i]-$laBeginBracketPosition[$i]-1);
if(!in_array($ConstantString,$ConstantArray))
{
$lsInvalidConstant = false;
}
}
}
if(($lbIsPairOfScriptTagsEqual == false || $lbIsPairOfStyleTagsEqual == false || $lbIsPairOfCurlyBracketsEqual == false || $lsInvalidCurlyBrackets == false || $lsInvalidConstant == false) and $_POST['txtPageName'] != 'WEBSITE_CSS') {
/*
echo '<textarea>'.$lsTemplateContent.'</textarea>';
echo '$lbIsPairOfScriptTagsEqual=>'.$lbIsPairOfScriptTagsEqual;
echo '<br />';
echo '$lbIsPairOfStyleTagsEqual=>'.$lbIsPairOfStyleTagsEqual;
die;*/
$lTypes = null;
$query = 'SELECT * FROM '.TABLE_PREFIX.'theme_pages WHERE id=?';
$lsValues = array($_GET['id']);
$lsUpdaterows = $loManageThemePages->View($query,$lsValues,null);
$lsUpdaterows[0]['content'] = $lsTemplateContent;
if($lsUpdaterows[0]['name'] == 'USER_PAGE_MAIN')
{
$temp = explode('<!--cut from here-->',$lsUpdaterows[0]['content']);
$lsUpdaterows[0]['content'] = html_entity_decode($temp[0]);
}
//$lsUpdaterows[0]['content'] = htmlentities($temp[0]);
if(!strpos($lsUpdaterows[0]['content'],'<body>') === false)
{
if(!strpos($lsUpdaterows[0]['content'],'</body>') === false)
{
$temp = explode('<body>',$lsUpdaterows[0]['content']);
$temp = explode('</body>',$temp[1]);
$lsUpdaterows[0]['content'] = $temp[0];
}
else
{
$temp = explode('<body>',$lsUpdaterows[0]['content']);
$lsUpdaterows[0]['content'] = $temp[0];
}
}
$smarty->assign('data',$lsUpdaterows);
$smarty->assign('IsEdit','yes');
if($lbIsPairOfScriptTagsEqual == false && $lbIsPairOfStyleTagsEqual == false && $lbIsPairOfCurlyBracketsEqual == false)
$smarty->assign('msg','<style> tags and <script> tags and {} are not properly assigned.');
else if($lbIsPairOfScriptTagsEqual == false)
$smarty->assign('msg','<script> tags are not properly assigned.');
else if($lbIsPairOfStyleTagsEqual == false)
$smarty->assign('msg','<style> tags are not properly assigned.');
else if($lbIsPairOfCurlyBracketsEqual == false)
$smarty->assign('msg','{ } curly brackets are not properly open or closed.');
else if($lsInvalidCurlyBrackets == false)
$smarty->assign('msg','Please enter proper open and close curly brackets {}.');
else if($lsInvalidConstant == false)
$smarty->assign('msg','Invalid constant enter please used one of from list.');
$smarty->display('admin_theme_pages_m.tpl');
}
else {
$lTypes = null;
$query = 'UPDATE '.TABLE_PREFIX.'theme_pages SET content=?, modifiedon=?, modifiedby=?, modifiedipaddress=? WHERE id=? AND themeid=?';
$lsValues = array();
if($_POST['spaw1'] == '')
$_POST['spaw1']=' ';
$_POST['spaw1'] = str_replace('%7B','{',$_POST['spaw1']);
$_POST['spaw1'] = str_replace('%7D','}',$_POST['spaw1']);
$_POST['spaw1'] = str_replace('%20',' ',$_POST['spaw1']);
/******************************************************************************************/
/******************************* Select Data for append file ******************************/
$selectQuery = 'SELECT content FROM '.TABLE_PREFIX.'theme_pages WHERE id=? AND themeid=?';
$DataValues = array($_POST['hiddID'],$_POST['hiddThemeID']);
$laResultData = $loManageThemePages->View($selectQuery,$DataValues,null);
if(!strpos($laResultData[0]['content'],'<body>') === false)
{
if(!strpos($laResultData[0]['content'],'</body>') === false)
{
$temp = explode('<body>',$laResultData[0]['content']);
$lsContent = $temp[0].'<body>'.htmlspecialchars_decode($_POST['spaw1']);
$temp = explode('</body>',$temp[1]);
$temp = explode('<!--cut from here-->',$temp[1]);
$lsContent .= "\r\n".'</body>'.$temp[0];
//$laResultData[0]['content'] .= "\r\n".'</body>'.$temp[1];
}
else
{
$temp = explode('<body>',$laResultData[0]['content']);
$lsContent = $temp[0].'<body>'.htmlspecialchars_decode($_POST['spaw1']);
}
}
/******************************************************************************************/
/****************************************************************** $laResultData[0]['content'] ************************/
//$lsValues[0] = html_entity_decode(($lsContent != null) ? stripslashes($lsContent) : stripslashes($_POST['spaw1']));
$lsValues[0] = stripslashes($_POST['spaw1']);
//echo $lsValues[0];die;
$lsValues[1] = mktime();
$lsValues[2] = $_SESSION[SESSION_PREFIX.'Admin_UserID'];//$_POST['ddlStatus'];
$lsValues[3] = $_SERVER['REMOTE_ADDR'];
$lsValues[4] = $_POST['hiddID'];
$lsValues[5] = $_POST['hiddThemeID'];
$lsUpdatedrows = $loManageThemePages->Update($query,$lsValues,null);
// echo $_POST['spaw1'];
// die;
/*********************** Code for crate user templates file ***********************/
/* $query = 'SELECT * FROM '.TABLE_PREFIX.'theme WHERE id=? AND isdefault=1';
$lsThemeID = array($lsValues[5]);
$lsResultrow = $loManageThemePages->View($query,$lsThemeID,null);*/
if($lsResultrow > 0)
{
$lsCreatedFile = array('USER_HEADER','USER_LEFTPANE','USER_RIGHTPANE','USER_FOOTER','USER_PAGE_MAIN','USER_UNSUBSCRIBE','USER_SUBSCRIBE');
$lsCreatedCss = array('WEBSITE_CSS');
if(in_array($_POST['txtPageName'],$lsCreatedFile))
{
$folderpath = PHYSICAL_DIR.'/templates';
$filename = $_POST['txtPageName'];
$folder = $folderpath;
if(!file_exists($folder))
{
$slastFolder="";
$explodedFolder=explode("/", $folder);
foreach($explodedFolder as $key=>$value)
{
if(!file_exists($slastFolder.$value))
{
mkdir($slastFolder.$value) ;
}
$slastFolder.=$value."/";
}
$filefolder = $slastFolder;
}
else
{
$filefolder = $folderpath;
}
$fileContent = $lsValues[0];
if($_POST['txtPageName'] == 'USER_PAGE_MAIN')
{
$fileContent = '
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>{$PAGE_TITLE}</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="Content-Style-Type" content="text/css" />
<link href="{$WEB_URL}/css/userpanel.css" rel="stylesheet" type="text/css" />
<link href="{$WEB_URL}/css/layout.css" rel="stylesheet" type="text/css" />
<script language="javascript" type="text/javascript" src="{$WEB_URL}/js/gen_validator.js" >
</script>
<script language="javascript" type="text/javascript" src="{$WEB_URL}/js/coolRedirect.js" >
</script>
<script language="javascript" type="text/javascript" src="{$WEB_URL}/js/functions.js" >
</script>
<script src="{$WEB_URL}/js/rollover.js" type="text/javascript"></script>
<script src="{$WEB_URL}/admin/js/functions.js" type="text/javascript"></script>
<script language="javascript" type="text/javascript" src="{$USER_JS_DIR}/jquery-1.4.2.min.js"></script>
<script language="javascript" type="text/javascript" src="{$USER_JS_DIR}/jquery.blockUI.js"></script>
</head>
<body id="page1" >
<!-- <noscript>
<meta http-equiv="Refresh" content="0;{php}echo WEB_URL;{/php}/checkcapability.php?checktype=javascript" />
</noscript>-->
'.$fileContent.'
<script>
if(setfocuscalled == false)
SetControlFocus();
</script>
</body>
</html>';
}
else
{
$arrFileContent_BeforeBeginBodyTag = explode('<body>',$fileContent);
if(count($arrFileContent_BeforeBeginBodyTag) == 2)
$fileContent = $arrFileContent_BeforeBeginBodyTag[1];
$arrFileContent_BeforeEndBodyTag = explode('</body>',$fileContent);
if(count($arrFileContent_BeforeEndBodyTag) == 2)
$fileContent = $arrFileContent_BeforeEndBodyTag[0];
}
$handle = fopen($filefolder."/".strtolower($filename).".tpl","w+");
//echo $lsValues[0];die;
//add literal tag for script tag
$fileContent = eregi_replace('<style','{literal}<style',$fileContent);
$fileContent = eregi_replace('</style>','</style>{/literal}',$fileContent);
//$fileContent = eregi_replace('<script','{literal}<script',$fileContent);
//$fileContent = eregi_replace('</script>','</script>{/literal}',$fileContent);
//print $fileContent;
// die;
$fileContent = html_entity_decode($fileContent,ENT_QUOTES);
fwrite($handle,$fileContent);
fclose($handle);
}
elseif(in_array($_POST['txtPageName'],$lsCreatedCss))
{
/************************ For User Css ***************************/
$folderpath = PHYSICAL_DIR.'/css';
$filename = 'userpanel';
$folder = $folderpath;
if(!file_exists($folder))
{
$slastFolder="";
$explodedFolder=explode("/", $folder);
foreach($explodedFolder as $key=>$value)
{
if(!file_exists($slastFolder.$value))
{
mkdir($slastFolder.$value) ;
}
$slastFolder.=$value."/";
}
$filefolder = $slastFolder;
}
else
{
$filefolder = $folderpath;
}
$handle = fopen($filefolder."/".strtolower($filename).".css","w+");
fwrite($handle,$lsValues[0]);
fclose($handle);
/********************************************************************/
/********************** For spaw2 editor css ************************/
/*
$folderpath = INCLUDE_DIR.'/spaw2/';
$filename = 'wysiwyg';
$folder = $folderpath;
if(!file_exists($folder))
{
$slastFolder="";
$explodedFolder=explode("/", $folder);
foreach($explodedFolder as $key=>$value)
{
if(!file_exists($slastFolder.$value))
{
mkdir($slastFolder.$value) ;
}
$slastFolder.=$value."/";
}
$filefolder = $slastFolder;
}
else
{
$filefolder = $folderpath;
}
$handle = fopen($filefolder."/".strtolower($filename).".css","w+");
fwrite($handle,$lsValues[0]);
fclose($handle);
*/
/*******************************************************************/
}
}
/*********************** End of code ***********************/
if($_POST['txtPageName'] != 'WEBSITE_CSS')
{
$message->SetMessage('Theme page is update successfully.');
}
else
{
$message->SetMessage('Css is update successfully.');
}
Redirect('admin_theme_pages_v.php?id='.$lsValues[5]);
}
break;
case 'edit';
$lTypes = null;
$query = 'SELECT * FROM '.TABLE_PREFIX.'theme_pages WHERE id=?';
$lsValues = array($_GET['id']);
$lsUpdaterows = $loManageThemePages->View($query,$lsValues,null);
if($lsUpdaterows[0]['name'] == 'USER_PAGE_MAIN')
{
$temp = explode('<!--cut from here-->',$lsUpdaterows[0]['content']);
$lsUpdaterows[0]['content'] = html_entity_decode($temp[0]);
}
//$lsUpdaterows[0]['content'] = htmlentities($temp[0]);
if(!strpos($lsUpdaterows[0]['content'],'<body>') === false)
{
if(!strpos($lsUpdaterows[0]['content'],'</body>') === false)
{
$temp = explode('<body>',$lsUpdaterows[0]['content']);
$temp = explode('</body>',$temp[1]);
$lsUpdaterows[0]['content'] = $temp[0];
}
else
{
$temp = explode('<body>',$lsUpdaterows[0]['content']);
$lsUpdaterows[0]['content'] = $temp[0];
}
}
$smarty->assign('data',$lsUpdaterows);
$smarty->assign('IsEdit','yes');
$smarty->display('admin_theme_pages_m.tpl');
break;
default :
break;
}
?>