* @version $Id$ * @access public * @license http://opensource.org/licenses/gpl-3.0.html */ //////////// Check Inclusion de pages //////////// if (!class_exists('auth')) { include_once ("../lib/lib_common.php"); ReloadIndex('admin'); } //////////// //////////// Check Droits utilisateur //////////// if (!$l21auth->isSuperAdmin()) ReloadIndex('admin'); //////////// include_once('../lib/input_helpers.php'); // we check if we edit PLUGIN or THEME files if(isset($_REQUEST['plugin'])) { $plug = new plugin($_REQUEST['plugin']); $infos = $plug->getPluginInfo(); $excluded_files = $infos['restricted_edition']['files']; $excluded_folders = $infos['restricted_edition']['folders']; $root_folder = '../plugins/'.strip_tags($_REQUEST['plugin']).'/'; $file = '__init__.php'; $edit_link=$rub_link."&todo=edit_files&plugin=".strip_tags($_REQUEST['plugin'])."&file="; $editor_title = _t('system','plugin_editor'). ' - '. strip_tags($_REQUEST['plugin']); } else { $theme = loadThemeInfo('public', THEME_PUBLIC); $excluded_files = $theme['restricted_edition']['files']; $excluded_folders = $theme['restricted_edition']['folders']; $root_folder = THEME_PUBLIC_PATH; $file = 'css/style.css'; $edit_link=$rub_link."&todo=edit_files&file="; $editor_title = _t('system','theme_editor'); } if (isset($_REQUEST['file']) && !empty($_REQUEST['file'])) { $file = strip_tags($_REQUEST['file']); $file_path = $root_folder . $file; // if file is contained in $excluded_files we kill the session if(in_array($file_path, $excluded_files)) ReloadIndex('admin'); } else { $file_path = $root_folder . $file; // file already known } $link_confirm = "confirm.php?rub=".$rub."&todo=".$todo.'&file='.$file; if(isset($_REQUEST['plugin'])) { $link_confirm .= '&plugin='.strip_tags($_REQUEST['plugin']); } if(isset($_POST['save'])) { if (version_compare(PHP_VERSION, '7.4.0', '<')) { if (get_magic_quotes_gpc()) $savecontent = stripslashes($_POST['file_content']); else $savecontent = $_POST['file_content']; } else { $savecontent = $_POST['file_content']; } // we restore html content because it was transfered as htmlentities before $savecontent = html_entity_decode($savecontent, ENT_QUOTES, 'utf-8'); if(!is_writable($file_path)) { $user_msg = array('class' => 'error', 'msg' => _t('system', 'not_writable')); } else { $r = file_put_contents($file_path, $savecontent, LOCK_EX); if(is_numeric($r)) { header("Location: ".safe_redirect($link_confirm)); exit; } else system_error(); } } // we get current file content for edit $content = ''; if(file_exists($file_path) && is_readable($file_path)) { $content = file_get_contents($file_path); } else { $user_msg = array('class' => 'error', 'msg' => _t('system', 'not_accessible')); } if(!is_writable($file_path)) { $user_msg = array('class' => 'error', 'msg' => _t('system', 'not_writable')); } // we get all editables files $editables = GetAllFiles($root_folder,array('php', 'css', 'js', 'txt', 'xml', 'json'), true, $excluded_folders); sort($editables); // and populate the container $edit_files = '

'. $shortname. "

'; ?>

'.$user_msg['msg'].'

'; } ?>