Files
awo-hamburg-intranet/mysyde/admin/edit_site.inc.php

346 lines
16 KiB
PHP
Raw Normal View History

2026-02-17 14:56:23 +01:00
<?
switch ($_REQUEST["action"]) {
case 'edit':
edit_site();
break;
case 'delete':
delete_site();
break;
case 'new':
require_once("edit_site_cardform.inc.php");
break;
case 'save':
save_site();
break;
case 'send_sitemap':
send_sitemap();
break;
case 'copy':
copy_site();
break;
case 'delete_image':
delete_image();
require_once("edit_site_listform.inc.php");
break;
default:
require_once("edit_site_listform.inc.php");
break;
}
function copy_site() {
$translation = \DynCom\mysyde\common\classes\Registry::get("translation");
require_once("edit_site_functions.php");
$SiteFunctions = new SiteFunctions();
$step = (isset($_REQUEST['next_step']) ? $_REQUEST['next_step'] : "");
$copyError = array();
switch($step) {
case 'copy_site':
// loeschen von ID Zuordnungen
$query = "DELETE FROM copy_link WHERE session_id = '" . session_id() . "'";
@mysqli_query($GLOBALS['mysql_con'], $query);
if(!$SiteFunctions->copy_site($_REQUEST["input_id"])) {
$copyError = $SiteFunctions->errorMessages;
break;
}
echo json_encode(array("next_step" => "copy_language", "message" => $translation->get("copy_start_all_languages"), "copy_language_id" => 0));
return;
case 'copy_language':
if(!$SiteFunctions->copy_language($_REQUEST["input_id"])) {
$copyError = $SiteFunctions->errorMessages;
break;
}
if($SiteFunctions->copyLanguageId == 0) {
// keine Sprachen mehr zum kopieren vorhanden.
break;
}
echo json_encode(array("next_step" => "copy_siteparts", "message" => $SiteFunctions->message, "copy_language_id" => $SiteFunctions->copyLanguageId));
return;
case 'copy_siteparts';
case 'copy_collection_setup';
case 'copy_collection';
case 'copy_component';
case 'copy_main_page';
case 'copy_main_navigation';
$newSiteId = $SiteFunctions->get_new_id($_REQUEST["input_id"], "main_site");
$LanguageFunctions = new LanguageFunctions($_REQUEST["copy_language_id"], $newSiteId);
if(!$LanguageFunctions->$step()) {
$copyError = $LanguageFunctions->errorMessages;
break;
}
$nextStep = $LanguageFunctions->nextStep;
if($nextStep == "") {
// naechste Sprache kopieren.
$nextStep = "copy_language";
}
echo json_encode(array("next_step" => $nextStep, "message" => $LanguageFunctions->message, "copy_language_id" => $_REQUEST["copy_language_id"]));
return;
default:
break;
}
if(count($copyError)) {
$errorDivs = array();
foreach($copyError as $error) {
$errorDivs[] = "<div class=\"errorbox\">" . $error . "</div>\n";
}
echo json_encode(array("next_step" => "", "message" => $errorDivs, "error" => 1));
} else {
echo json_encode(array("next_step" => "", "message" => array('<div class="successbox">' . $translation->get("copy_site_success") . '</div>'), "error" => 0));
}
}
function edit_site() {
if ($_REQUEST["input_id"] <> '') {
$pdoHost = getenv('MAIN_MYSQL_DB_HOST');
$pdoPort = getenv('MAIN_MYSQL_DB_PORT');
$pdoUser = getenv('MAIN_MYSQL_DB_USER');
$pdoPass = getenv('MAIN_MYSQL_DB_PASS');
$pdoSchema = getenv('MAIN_MYSQL_DB_SCHEMA');
$pdo = new \DynCom\mysyde\common\classes\PDOQueryWrapper($pdoHost, $pdoPort, $pdoSchema, $pdoUser, $pdoPass);
$prepStatement = " SELECT *,
(SELECT COUNT(id)
FROM main_navigation
WHERE main_site_id = main_site.id) AS 'no_of_navigation'
FROM main_site
WHERE id = :id LIMIT 1
";
$params = [
[':id', $_REQUEST["input_id"], PDO::PARAM_STR],
];
$pdo->setQuery($prepStatement);
$pdo->prepareQuery();
$pdo->bindParameters($params);
$pdo->executePreparedStatement();
$result = $pdo->getResultArray();
if (count($result) == 1) {
$input_site = $result[0];
require_once("edit_site_cardform.inc.php");
}
} else {
require_once("edit_site_listform.inc.php");
}
}
function delete_site() {
$translation = \DynCom\mysyde\common\classes\Registry::get("translation");
$messages = array();
if ($_REQUEST["input_id"] <> '') {
$query = "DELETE FROM main_site WHERE id = '" . $_REQUEST["input_id"] . "' LIMIT 1";
@mysqli_query($GLOBALS['mysql_con'], $query);
$querySetup = "SELECT mcs.id FROM main_language as ml INNER JOIN main_collection_setup as mcs on ml.id = mcs.main_language_id WHERE main_site_id = '" . (int)$_REQUEST["input_id"]."'";
$resultSetup = @mysqli_query($GLOBALS['mysql_con'], $querySetup);
while($row = @mysqli_fetch_array($resultSetup)){
$query = "DELETE FROM main_collection_setup_websites WHERE id = '" . (int)$row["id"]."'";
@mysqli_query($GLOBALS['mysql_con'], $query);
$query = "DELETE FROM main_collection_setup WHERE id = '" . (int)$row["id"]."'";
@mysqli_query($GLOBALS['mysql_con'], $query);
}
$query = "DELETE FROM main_language WHERE main_site_id = '" . (int)$_REQUEST["input_id"]."'";
@mysqli_query($GLOBALS['mysql_con'], $query);
if($GLOBALS["site"]['id'] == $_REQUEST["input_id"]) {
$messages[] = '<div class="infobox">' . $translation->get("website_msg_info2") . '<br><a href="/mysyde/?action=admin_logout">' . $translation->get("website_msg_tologin") . '</a></div>';
if(IS_AJAX) {
header('EDIT_ERROR: 1');
$input_site = array();
require_once("edit_site_cardform.inc.php");
return;
}
}
}
require_once("edit_site_listform.inc.php");
}
function save_site() {
$messages = array();
$error = FALSE;
$translation = \DynCom\mysyde\common\classes\Registry::get("translation");
$login_required = ($_REQUEST["input_login_required"] == "on") ? '1' : '0';
$use_session_id = ($_REQUEST["input_use_session_id"] == "on") ? '1' : '0';
$create_xml_sitemap = ($_REQUEST["input_create_xml_sitemap"] == "on") ? '1' : '0';
$is_standard_site = ($_REQUEST["input_is_standard_site"] == "on") ? '1' : '0';
$use_browser_language_detection = ($_REQUEST["input_use_browser_language_detection"] == "on") ? '1' : '0';
$mysql_update_standard = "UPDATE main_site SET is_standard_site = 0";
if ($_REQUEST["input_id"] <> '') {
$query = "UPDATE main_site
SET code = '" . mysqli_real_escape_string($GLOBALS['mysql_con'], $_REQUEST["input_code"]) . "',
name = '" . mysqli_real_escape_string($GLOBALS['mysql_con'], $_REQUEST["input_name"]) . "',
std_main_language_id = '" . $_REQUEST["input_std_main_language_id"] . "',
is_standard_site = " . $is_standard_site . ",
login_required = '" . $login_required . "',
google_analytics_id = '" . mysqli_real_escape_string($GLOBALS['mysql_con'], $_REQUEST["input_google_analytics_id"]) . "',
facebook_pixel_id = '" . mysqli_real_escape_string($GLOBALS['mysql_con'], $_REQUEST["input_facebook_pixel_id"]) . "',
use_session_id = '" . $use_session_id . "',
create_xml_sitemap = '" . $create_xml_sitemap . "',
site_url = '" . $_REQUEST["input_site_url"] . "',
use_browser_language_detection = '" . $use_browser_language_detection . "',
default_country_codes = '" . $_REQUEST["input_default_country_codes"] . "',
websitekey = '" . $_REQUEST["input_websitekey"] . "',
secretkey = '" . $_REQUEST["input_secretkey"] . "'
WHERE id = '" . $_REQUEST["input_id"] . "' LIMIT 1";
$this_site = mysqli_fetch_array(mysqli_query($GLOBALS['mysql_con'], "SELECT * FROM main_site WHERE id = '" . $_REQUEST["input_id"] . "'"));
} else {
$query = "INSERT INTO main_site (id,code,name,std_main_language_id, is_standard_site, login_required,google_analytics_id,use_session_id,create_xml_sitemap,site_url,use_browser_language_detection, default_country_codes, facebook_pixel_id, websitekey, secretkey)
VALUES (
NULL,
'" . mysqli_real_escape_string($GLOBALS['mysql_con'], $_REQUEST["input_code"]) . "',
'" . mysqli_real_escape_string($GLOBALS['mysql_con'], $_REQUEST["input_name"]) . "',
NULL,
" . $is_standard_site . ",
'" . $login_required . "',
'" . mysqli_real_escape_string($GLOBALS['mysql_con'], $_REQUEST["input_google_analytics_id"]) . "',
'" . $use_session_id . "',
'" . $create_xml_sitemap . "',
'" . $_REQUEST["input_site_url"] . "',
'" . $use_browser_language_detection . "',
'" . $_REQUEST["input_default_country_codes"] . "',
'" . mysqli_real_escape_string($GLOBALS['mysql_con'], $_REQUEST["input_facebook_pixel_id"]) . "',
'" . $_REQUEST["input_websitekey"] . "',
'" . $_REQUEST["input_secretkey"] . "'
)";
$inserted = TRUE;
}
if (($_REQUEST["input_code"] == '') | ($_REQUEST["input_name"] == '')) {
$messages[] = "<div class=\"errorbox\">" . $translation->get("error_textkey_description") . "</div>\n";
$error = TRUE;
}
if ($_REQUEST["input_code"] <> urlencode($_REQUEST["input_code"])) {
$messages[] = "<div class=\"errorbox\">" . $translation->get("error_textkey_encoding") . "</div>\n";
$error = TRUE;
}
$result = @mysqli_query($GLOBALS['mysql_con'], "SELECT * FROM main_site WHERE code = '" . $_REQUEST["input_code"] . "'");
if ((@mysqli_num_rows($result) <> 0) && ($_REQUEST["input_id"] == '')) {
$messages[] = "<div class=\"errorbox\">" . $translation->get("error_textkey_exists") . "</div>\n";
$error = TRUE;
}
$input_site["id"] = $_REQUEST["input_id"];
// benoetigt fuer ajax calls
if ($error === TRUE) {
header('EDIT_ERROR: 1');
}
if (!$error) {
// saveImg
if(isset($_FILES) && !empty($_FILES) && $_FILES['input_image']['size'] != 0 ){
$fileName = saveImage('input_image', $input_site["id"]);
$query = "UPDATE main_site SET
image = '" . $fileName. "'
WHERE id = '" . $input_site["id"] . "' LIMIT 1";
@mysqli_query($GLOBALS['mysql_con'],$query);
}
// SaveImag
@mysqli_query($GLOBALS['mysql_con'], $mysql_update_standard);
@mysqli_query($GLOBALS['mysql_con'], $query);
if ($inserted == TRUE) {
$messages[] = '<div class="successbox">' . $translation->get("website_msg_success1") . '</div>';
$last_insert_id = mysqli_insert_id($GLOBALS['mysql_con']);
$new_site = mysqli_fetch_array(mysqli_query($GLOBALS['mysql_con'], "SELECT * FROM main_site WHERE id = '" . $last_insert_id . "'"));
$query_2 = "INSERT INTO main_language (main_site_id, code, name, site_name, site_title_name) VALUES ('" . $new_site["id"] . "', 'de', 'Deutsch', '" . mysqli_real_escape_string($GLOBALS['mysql_con'], $new_site["name"]) . "', '" . mysqli_real_escape_string($GLOBALS['mysql_con'], $new_site["name"]) . "')";
@mysqli_query($GLOBALS['mysql_con'], $query_2);
$last_insert_id = mysqli_insert_id($GLOBALS['mysql_con']);
$std_language = mysqli_fetch_array(mysqli_query($GLOBALS['mysql_con'], "SELECT id FROM main_language WHERE id = '" . $last_insert_id . "'"));
$query_3 = "UPDATE main_site SET std_main_language_id = '" . $std_language["id"] . "' WHERE id = '" . $new_site["id"] . "'";
@mysqli_query($GLOBALS['mysql_con'], $query_3);
$input_site["id"] = $new_site["id"];
} else {
$messages[] = '<div class="successbox">' . $translation->get("website_msg_success2") . '</div>';
}
// Wenn die aktuell gewählte Seite bearbeitet wurde, wird ein Relog erbeten. - MH 02. Dezember 2009
if ($this_site["code"] == $_REQUEST["site"]) {
if ($_REQUEST["input_code"] <> $this_site["code"]) {
$messages[] = '<div class="infobox">' . $translation->get("website_msg_info1") . '<br><a href="/mysyde/?action=admin_logout">' . $translation->get("website_msg_tologin") . '</a></div>';
} else {
}
}
}
$input_site["code"] = $_REQUEST["input_code"];
$input_site["name"] = $_REQUEST["input_name"];
$input_site["std_main_language_id"] = $_REQUEST["input_std_main_language_id"];
$input_site["login_required"] = $login_required;
$input_site["is_standard_site"] = $is_standard_site;
$input_site["no_of_navigation"] = @mysqli_num_rows(@mysqli_query($GLOBALS['mysql_con'], "SELECT id FROM main_navigation WHERE main_site_id = '" . $_REQUEST["input_id"]."'"));
$input_site["google_analytics_id"] = $_REQUEST["input_google_analytics_id"];
$input_site["facebook_pixel_id"] = $_REQUEST["input_facebook_pixel_id"];
$input_site["use_session_id"] = $use_session_id;
$input_site["create_xml_sitemap"] = $create_xml_sitemap;
$input_site["site_url"] = $_REQUEST["input_site_url"];
$input_site["use_browser_language_detection"] = $use_browser_language_detection;
$input_site["default_country_codes"] = $_REQUEST["input_default_country_codes"];
require_once("edit_site_cardform.inc.php");
}
function saveImage($filekey = 'input_image', $input_id) {
$erlaubte_endungen = array("ico");
$filename = strtolower($_FILES[$filekey]['name']);
$filename_expl = explode(".", $filename);
if (!in_array($filename_expl[count($filename_expl) - 1], $erlaubte_endungen)) {
$messages = "<div class='errorbox'>" . $translation->get("error_slideshow_line2") . "</div>\n";
$error = TRUE;
}
$saveFilename = $input_id . "_" . time() . "_" . cleanFilename($_FILES[$filekey]['name']);
define("PATH_FAVICON", "../../layout/frontend/b2c/dist/favicons/");
move_uploaded_file($_FILES[$filekey]['tmp_name'], PATH_FAVICON . $saveFilename);
return $saveFilename;
}
function delete_image() {
$nav_id = $_POST['input_id'];
$query = "SELECT * FROM main_site WHERE id =".$nav_id." LIMIT 1";
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
$nav = @mysqli_fetch_array($result);
if(!empty($nav)){
$filename = $nav['image'];
define("PATH_FAVICON", "../../layout/frontend/b2c/dist/favicons/");
if (file_exists(PATH_FAVICON . $filename)) {
unlink(PATH_FAVICON . $filename);
}
$query = "UPDATE main_site SET
image = ''
WHERE id = '" . $nav_id . "' LIMIT 1";
@mysqli_query($GLOBALS['mysql_con'], $query);
}
}