Version 1.3.1 (#9)

* updated the version and contact info

* sanitize more input variables

* update to version 1.3.1 beta

* update readme with some more info and link to the github page

* collapse dirname() calls

* remove commented code from rss page

* mark version 1.3.1 as final

README.md

@@ -2,4 +2,8 @@
 	[![GitHub release](https://img.shields.io/github/release/ImpressCMS/impresscms-module-content.svg?maxAge=2592000)](https://github.com/ImpressCMS/impresscms-module-content/releases) 
 		[![This is ImpressCMS module](https://img.shields.io/badge/ImpressCMS-module-F3AC03.svg?maxAge=2592000)](http://impresscms.org)
 #Content
-ImpressCMS Content Manager module
+Content is the standard ImpressCMS Content Manager module, which is part of the core distribution. Using this module, you can manage textual content pages and their hierarchy.
+## Compatibility
+PHP : The module is tested to be compatible with PHP 7.2+.
+## Updates
+Updates of this module are available on the Github page - https://github.com/IPFModules/content

admin/admin_header.php

@@ -15,6 +15,8 @@
 
 include_once '../../../include/cp_header.php';
 
-include_once ICMS_ROOT_PATH.'/modules/' . basename(dirname(dirname(__FILE__))) .'/include/common.php';
-if (!defined("CONTENT_ADMIN_URL")) define('CONTENT_ADMIN_URL', CONTENT_URL . "admin/");
+include_once ICMS_ROOT_PATH.'/modules/' . basename(dirname(__FILE__, 2)) .'/include/common.php';
+if (!defined("CONTENT_ADMIN_URL")) {
+    define('CONTENT_ADMIN_URL', CONTENT_URL . "admin/");
+}
 include_once CONTENT_ROOT_PATH . 'include/requirements.php';

admin/content.php

@@ -13,7 +13,7 @@
  */
 
 /**
- * Edit a Content
+ * Edit a Content page
  *
  * @param int $content_id Contentid to be edited
  */
@@ -24,7 +24,7 @@ function editcontent($content_id = 0, $clone = false, $content_pid = false) {
 
 	if (!$clone && !$contentObj->isNew()) {
 		$contentObj->hideFieldFromForm(array('content_published_date', 'content_updated_date'));
-		if($contentObj->getVar("content_makesymlink") == 1) {
+		if($contentObj->getVar("content_makesymlink") === 1) {
 			//$contentObj->hideFieldFromForm("content_makesymlink");
 			$contentObj->makeFieldReadOnly("short_url");
 		}
@@ -57,24 +57,26 @@ function editcontent($content_id = 0, $clone = false, $content_pid = false) {
 
 include_once "admin_header.php";
 
-$content_content_handler = icms_getModuleHandler('content', basename(dirname(dirname(__FILE__))), "content");
+$content_content_handler = icms_getModuleHandler('content', basename(dirname(__FILE__, 2)), "content");
 /** Use a naming convention that indicates the source of the content of the variable */
 $clean_op = '';
 /** Create a whitelist of valid values, be sure to use appropriate types for each value
  * Be sure to include a value for no parameter, if you have a default condition
  */
 $valid_op = array('mod', 'changedField', 'addcontent', 'del', 'clone', 'view', '');
 
-if (isset($_GET ['op']))
-$clean_op = htmlentities($_GET ['op']);
-if (isset($_POST ['op']))
-$clean_op = htmlentities($_POST ['op']);
+if (isset($_GET ['op'])) {
+    $clean_op = htmlentities($_GET ['op']);
+}
+if (isset($_POST ['op'])) {
+    $clean_op = htmlentities($_POST ['op']);
+}
 
 /** Again, use a naming convention that indicates the source of the content of the variable */
-$clean_content_id = isset($_GET ['content_id']) ?(int)$_GET ['content_id'] : 0;
-$clean_content_id = isset($_POST ['content_id']) ?(int)$_POST ['content_id'] : $clean_content_id;
-$clean_content_pid = isset($_GET ['content_pid']) ?(int)$_GET ['content_pid'] : 0;
-$clean_content_pid = isset($_POST ['content_pid']) ?(int)$_POST ['content_pid'] : $clean_content_pid;
+$clean_content_id = isset($_GET ['content_id']) ?(int)htmlentities($_GET ['content_id']) : 0;
+$clean_content_id = isset($_POST ['content_id']) ?(int)htmlentities($_POST ['content_id']) : htmlentities($clean_content_id);
+$clean_content_pid = isset($_GET ['content_pid']) ?(int)htmlentities($_GET ['content_pid']) : 0;
+$clean_content_pid = isset($_POST ['content_pid']) ?(int)htmlentities($_POST ['content_pid']) : htmlentities($clean_content_pid);
 
 /**
  * in_array() is a native PHP function that will determine if the value of the
@@ -103,7 +105,7 @@ function editcontent($content_id = 0, $clone = false, $content_pid = false) {
 			$contentObj = $content_content_handler->get($clean_content_id);
 			if(is_object($contentObj) && !$contentObj->isNew())  {
 				$subs = $contentObj->getContentSubs($clean_content_id, true);
-				if((isset($_POST['confirm']) && $_POST['confirm'] == TRUE) || !count($subs)) {
+				if((isset($_POST['confirm']) && $_POST['confirm'] === TRUE) || !count($subs)) {
 					$controller = new icms_ipf_Controller($content_content_handler);
 					$controller->handleObjectDeletion();
 				}

admin/menu.php

@@ -14,7 +14,7 @@
 	'title'	=> _MI_CONTENT_CONTENTS,
 	'link'	=> 'admin/content.php');
 
-$module = icms::handler("icms_module")->getByDirname(basename(dirname(dirname(__FILE__))));
+$module = icms::handler("icms_module")->getByDirname(basename(dirname(__FILE__, 2)));
 $headermenu[] = array(
 	'title'	=> _PREFERENCES,
 	'link'	=> '../../system/admin.php?fct=preferences&op=showmod&mod=' . $module->getVar('mid'));

blocks/content_display.php

@@ -17,12 +17,12 @@ function content_content_display_show($options) {
 
 	$block = array();
 
-	$xoTheme->addStylesheet(ICMS_URL . '/modules/' . basename(dirname(dirname(__FILE__))) . '/module.css');
-	$xoTheme->addStylesheet(ICMS_URL . '/modules/' . basename(dirname(dirname(__FILE__))) . '/include/content.css');
+	$xoTheme->addStylesheet(ICMS_URL . '/modules/' . basename(dirname(__FILE__, 2)) . '/module.css');
+	$xoTheme->addStylesheet(ICMS_URL . '/modules/' . basename(dirname(__FILE__, 2)) . '/include/content.css');
 
-	include_once ICMS_ROOT_PATH . '/modules/' . basename(dirname(dirname(__FILE__))) . '/include/common.php';
+	include_once ICMS_ROOT_PATH . '/modules/' . basename(dirname(__FILE__, 2)) . '/include/common.php';
 
-	$content_content_handler = icms_getModuleHandler('content', basename(dirname(dirname(__FILE__))), 'content');
+	$content_content_handler = icms_getModuleHandler('content', basename(dirname(__FILE__, 2)), 'content');
 
 	if ($options[0] == 0) {
 		$options[0] = $content_content_handler->getLastestCreated(false);
@@ -45,9 +45,9 @@ function content_content_display_show($options) {
 }
 
 function content_content_display_edit($options) {
-	include_once ICMS_ROOT_PATH . '/modules/' . basename(dirname(dirname(__FILE__))) . '/include/common.php';
+	include_once ICMS_ROOT_PATH . '/modules/' . basename(dirname(__FILE__, 2)) . '/include/common.php';
 
-	$content_content_handler = icms_getModuleHandler('content', basename(dirname(dirname(__FILE__))), 'content');
+	$content_content_handler = icms_getModuleHandler('content', basename(dirname(__FILE__, 2)), 'content');
 
 	$selpages = new icms_form_elements_Select('', 'options[0]', $options[0]);
 	$selpages->addOptionArray($content_content_handler->getContentList());

blocks/content_menu.php

@@ -19,7 +19,7 @@
 function content_content_menu_show($options) {
 	global $xoTheme;
 
-	include_once ICMS_ROOT_PATH.'/modules/' . basename(dirname(dirname(__FILE__))) . '/include/common.php';
+	include_once ICMS_ROOT_PATH.'/modules/' . basename(dirname(__FILE__, 2)) . '/include/common.php';
 
 	$block = array();
 	$block['showsubs'] = $options[2];
@@ -39,8 +39,8 @@ function content_content_menu_show($options) {
  * @return string $form The generated form HTML string
  */
 function content_content_menu_edit($options){
-	include_once ICMS_ROOT_PATH . '/modules/' . basename(dirname(dirname(__FILE__))) . '/include/common.php';
-	$content_content_handler = icms_getModuleHandler('content', basename(dirname(dirname(__FILE__))), 'content');
+	include_once ICMS_ROOT_PATH . '/modules/' . basename(dirname(__FILE__, 2)) . '/include/common.php';
+	$content_content_handler = icms_getModuleHandler('content', basename(dirname(__FILE__, 2)), 'content');
 
 	$sort = array('content_weight' => _CO_CONTENT_CONTENT_CONTENT_WEIGHT, 'content_title' => _CO_CONTENT_CONTENT_CONTENT_TITLE);
 	$selsort = new icms_form_elements_Select('', 'options[0]', $options[0]);
@@ -92,8 +92,8 @@ function content_content_menu_edit($options){
 function getPages($showsubs = true, $sort='content_weight', $order='ASC', $content_id = 0, $relateds = 0 ) {
 	$groups = is_object(icms::$user) ? icms::$user->getGroups() : array(ICMS_GROUP_ANONYMOUS);
 	$uid = is_object(icms::$user) ? icms::$user->getVar('uid') : 0;
-	$content_handler =& icms_getModuleHandler('content', basename(dirname(dirname(__FILE__))), 'content');
-	$module = icms::handler('icms_module')->getByDirname(basename(dirname(dirname(__FILE__))));
+	$content_handler =& icms_getModuleHandler('content', basename(dirname(__FILE__, 2)), 'content');
+	$module = icms::handler('icms_module')->getByDirname(basename(dirname(__FILE__, 2)));
 	$criteria = new icms_db_criteria_Compo(new icms_db_criteria_Item('content_status', 1));
 	if (!$relateds){
 		$criteria->add(new icms_db_criteria_Item('content_pid', $content_id));

class/Content.php

@@ -205,7 +205,7 @@ function accessGranted() {
 		$gperm_handler = icms::handler('icms_member_groupperm');
 		$groups = is_object(icms::$user) ? icms::$user->getGroups() : array(ICMS_GROUP_ANONYMOUS);
 
-		$module = icms::handler('icms_module')->getByDirname(basename(dirname(dirname(__FILE__))));
+		$module = icms::handler('icms_module')->getByDirname(basename(dirname(__FILE__, 2)));
 
 		$agroups = $gperm_handler->getGroupIds('module_admin', $module->getVar("mid"));
 		$allowed_groups = array_intersect($groups, $agroups);
@@ -348,7 +348,7 @@ function getContentLead() {
 	 * @return VOID
 	 */
 	function sendNotifContentPublished() {
-		$module = icms::handler('icms_module')->getByDirname(basename(dirname(dirname(__FILE__))));
+		$module = icms::handler('icms_module')->getByDirname(basename(dirname(__FILE__, 2)));
 		$tags ['CONTENT_TITLE'] = $this->getVar('content_title');
 		$tags ['CONTENT_URL'] = $this->getItemLink(true);
 		icms::handler('icms_data_notification')->triggerEvent('global', 0, 'content_published', $tags, array(), $module->getVar('mid'));

class/ContentHandler.php

@@ -53,7 +53,7 @@ class mod_content_ContentHandler extends icms_ipf_Handler {
 	public function __construct(&$db) {
 		parent::__construct($db, 'content', 'content_id', 'content_title', 'content_body', 'content');
 
-		icms_loadLanguageFile(basename(dirname(dirname(__FILE__))), 'common');
+		icms_loadLanguageFile(basename(dirname(__FILE__, 2)), 'common');
 		$this->addPermission('content_read', _CO_CONTENT_CONTENT_READ, _CO_CONTENT_CONTENT_READ_DSC);
 	}
 
@@ -258,7 +258,7 @@ public function userCanSubmit() {
 		if (!is_object(icms::$user)) return false;
 		if ($content_isAdmin) return true;
 		$user_groups = icms::$user->getGroups();
-		$module = icms::handler("icms_module")->getByDirname(basename(dirname(dirname(__FILE__))), TRUE);
+		$module = icms::handler("icms_module")->getByDirname(basename(dirname(__FILE__, 2)), TRUE);
 		return count(array_intersect($module->config['poster_groups'], $user_groups)) > 0;
 	}
 
@@ -523,7 +523,7 @@ protected function afterSave(&$obj) {
 	protected function afterDelete(&$obj) {
 		$seo = $obj->handler->makelink($obj);
 		$url = str_replace(ICMS_URL . '/', '', $obj->handler->_moduleUrl . $obj->handler->_itemname . '.php?content_id=' . $obj->getVar('content_id') . '&page=' . $seo);
-		$module = icms::handler('icms_module')->getByDirname(basename(dirname(dirname(__FILE__))));
+		$module = icms::handler('icms_module')->getByDirname(basename(dirname(__FILE__, 2)));
 		$symlink_handler = icms_getModuleHandler('pages', 'system');
 		$criteria = new icms_db_criteria_Compo(new icms_db_criteria_Item('page_url', $url));
 		$criteria->add(new icms_db_criteria_Item('page_moduleid', $module->getVar('mid')));

comment_new.php

@@ -15,7 +15,7 @@
 include_once "header.php";
 $com_itemid = isset($_GET["com_itemid"]) ? (int)$_GET["com_itemid"] : 0;
 if ($com_itemid > 0) {
-	$content_content_handler = icms_getModuleHandler("content", basename(dirname(__FILE__)), "content");
+	$content_content_handler = icms_getModuleHandler("content", basename(__DIR__), "content");
 	$contentObj = $content_content_handler->get($com_itemid);
 	if ($contentObj && !$contentObj->isNew()) {
 		$com_replytext = "test...";

content.php

@@ -39,7 +39,7 @@ function editcontent($contentObj) {
 $xoopsOption['template_main'] = 'content_content.html';
 include_once ICMS_ROOT_PATH . '/header.php';
 
-$content_content_handler = icms_getModuleHandler('content', basename(dirname(__FILE__)));
+$content_content_handler = icms_getModuleHandler('content', basename(__DIR__));
 
 /** Again, use a naming convention that indicates the source of the content of the variable */
 $clean_content_id = isset($_GET['content_id']) ? filter_input(INPUT_GET, 'content_id', FILTER_SANITIZE_NUMBER_INT) : 0;

docs/install.md

@@ -0,0 +1,7 @@
+# How to install content
+
+Content is installed as a regular ImpressCMS module, which means you should copy the complete /content folder into the /modules directory of your website. 
+
+Then, log in to your site as administrator, go to System Admin > Modules, look for the content icon in the list of uninstalled modules and click in the install icon. 
+
+Follow the directions in the screen and you'll be ready to go.

icms_version.php

@@ -17,14 +17,14 @@
 $modversion = array(
 /**  General Information  */
 	'name'						=> _MI_CONTENT_MD_NAME,
-	'version'					=> "1.3.0",
+	'version'					=> "1.3.1",
 	'description'				=> _MI_CONTENT_MD_DESC,
 	'author'					=> "David Janssens (fiammybe)",
-	'credits'					=> "The ImpressCMS Project, Rodrigo P Lima aka TheRplima, Phoenyx, skenow, QM-B",
+	'credits'					=> "mekdrop, skenow, Rodrigo P Lima aka TheRplima, Phoenyx",
 	'help'						=> "",
 	'license'					=> "GNU General Public License v2 (GPLv2)",
 	'official'					=> 1,
-	'dirname'					=> basename(dirname(__FILE__)),
+	'dirname'					=> basename(__DIR__),
 	'modname'					=> "content",
 
 /**  Images information  */
@@ -33,9 +33,9 @@
 	'image'						=> "images/icon_big.png", /* for backward compatibility */
 
 /**  Development information */
-	'status_version'			=> "Final",
-	'status'					=> "Final",
-	'date'						=> "10 Oct 2019",
+	'status_version'			=> "final",
+	'status'					=> "final",
+	'date'						=> "9 Mar 2022",
 	'author_word'				=> "",
 	'warning'					=> _CO_ICMS_WARNING_FINAL,
 
@@ -83,7 +83,7 @@
 $modversion['manual']['wiki'][] = "<a href='http://wiki.impresscms.org/index.php?title=content' target='_blank'>English</a>";
 
 if (is_object(icms::$module) && icms::$module->getVar('dirname') == 'content') {
-	$content_content_handler = icms_getModuleHandler('content', basename(dirname(__FILE__)), 'content');
+	$content_content_handler = icms_getModuleHandler('content', basename(__DIR__), 'content');
 	if ($content_content_handler->userCanSubmit()) {
 		$modversion['sub'][1]['name'] = _MI_CONTENT_CONTENT_ADD;
 		$modversion['sub'][1]['url'] = 'content.php?op=mod';

include/comment.inc.php

@@ -13,7 +13,7 @@
  */
 
 function content_com_update($item_id, $total_num) {
-	$content_content_handler = icms_getModuleHandler("content", basename(dirname(dirname(__FILE__))), "content");
+	$content_content_handler = icms_getModuleHandler("content", basename(dirname(__FILE__, 2)), "content");
 	$content_content_handler->updateComments($item_id, $total_num);
 }
 

include/common.php

@@ -12,7 +12,7 @@
 
 defined("ICMS_ROOT_PATH") or die("ICMS root path not defined");
 
-if(!defined("CONTENT_DIRNAME"))		define("CONTENT_DIRNAME", $modversion["dirname"] = basename(dirname(dirname(__FILE__))));
+if(!defined("CONTENT_DIRNAME"))		define("CONTENT_DIRNAME", $modversion["dirname"] = basename(dirname(__FILE__, 2)));
 if(!defined("CONTENT_URL"))			define("CONTENT_URL", ICMS_URL."/modules/".CONTENT_DIRNAME."/");
 if(!defined("CONTENT_ROOT_PATH"))	define("CONTENT_ROOT_PATH", ICMS_ROOT_PATH."/modules/".CONTENT_DIRNAME."/");
 if(!defined("CONTENT_IMAGES_URL"))	define("CONTENT_IMAGES_URL", CONTENT_URL."images/");

include/onupdate.inc.php

@@ -35,7 +35,7 @@ function content_db_upgrade_2() {
  }*/
 
 function icms_module_update_content($module) {
-	$content_handler = icms_getModuleHandler('content', basename(dirname(dirname(__FILE__))), 'content');
+	$content_handler = icms_getModuleHandler('content', basename(dirname(__FILE__, 2)), 'content');
 	$gperm_handler = icms::handler('icms_member_groupperm');
 
 	$table = new icms_db_legacy_updater_Table('icmscontent');

include/search.inc.php

@@ -14,9 +14,9 @@
 
 defined("ICMS_ROOT_PATH") or die("ICMS root path not defined");
 
-include_once ICMS_ROOT_PATH . '/modules/' . basename(dirname(dirname(__FILE__))) . '/include/common.php';
+include_once ICMS_ROOT_PATH . '/modules/' . basename(dirname(__FILE__, 2)) . '/include/common.php';
 function content_search($queryarray, $andor, $limit, $offset, $userid){
-	$imcontent_content_handler = icms_getModuleHandler('content', basename(dirname(dirname(__FILE__))), 'content');
+	$imcontent_content_handler = icms_getModuleHandler('content', basename(dirname(__FILE__, 2)), 'content');
 	$contentsArray = $imcontent_content_handler->getContentsForSearch($queryarray, $andor, $limit, $offset, $userid);
 
 	$ret = array();

index.php

@@ -17,7 +17,7 @@
 $xoopsOption['template_main'] = 'content_index.html';
 include_once ICMS_ROOT_PATH . '/header.php';
 
-$content_content_handler = icms_getModuleHandler('content', basename(dirname(__FILE__)), 'content');
+$content_content_handler = icms_getModuleHandler('content', basename(__DIR__), 'content');
 
 if (icms::$module->config['default_page'] == 0) {
 	// At which record shall we start display

rss.php

@@ -13,32 +13,3 @@
 include_once "header.php";
 include_once ICMS_ROOT_PATH . "/header.php";
 
-/** To come soon in imBuilding...
-
-$clean_post_uid = isset($_GET['uid']) ? (int)$_GET['uid'] : false;
-
-$content_feed = new icms_feed_Rss();
-
-$content_feed->title = $icmsConfig['sitename'] . ' - ' . icms::$module->name();
-$content_feed->url = ICMS_URL;
-$content_feed->description = $icmsConfig['slogan'];
-$content_feed->language = _LANGCODE;
-$content_feed->charset = _CHARSET;
-$content_feed->category = icms::$module->name();
-
-$content_post_handler = icms_getModuleHandler('post');
-//ContentPostHandler::getPosts($start = 0, $limit = 0, $post_uid = false, $year = false, $month = false
-$postsArray = $content_post_handler->getPosts(0, 10, $clean_post_uid);
-
-foreach($postsArray as $postArray) {
-$content_feed->feeds[] = array (
-'title' => $postArray['post_title'],
-'link' => str_replace('&', '&', $postArray['itemUrl']),
-'description' => htmlspecialchars(str_replace('&', '&', $postArray['post_lead']), ENT_QUOTES),
-'pubdate' => $postArray['post_published_date_int'],
-'guid' => str_replace('&', '&', $postArray['itemUrl']),
-);
-}
-
-$content_feed->render();
-*/