You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

218 lines
9.2 KiB

require_once __DIR__ . "/../required.php";
if (!defined("IN_NEWSPEN")) {
if (is_numeric($VARS['pubid'])) {
if ($database->has('publications', ['pubid' => $VARS['pubid']])) {
$pub = $VARS['pubid'];
$pubdata = $database->get("publications", ["[>]pub_permissions" => ["permid" => "permid"]], ["pubname", "uid", "pubdate", "styleid", "columns", "page_size", "landscape", "publications.permid", "permname", "pwd"], ["pubid" => $pub]);
if ($pubdata["permname"] != "LINK") {
if ($pubdata["uid"] != $_SESSION['uid']) {
if ($pubdata["permname"] == "OWNER") {
die(lang("no permission"));
if ($pubdata['permname'] == "LINK" && !is_empty($pubdata['pwd']) && $_SESSION['loggedin'] != true) {
$passok = false;
$passfail = false;
if (isset($VARS['password'])) {
$passok = password_verify($VARS['password'], $pubdata['pwd']);
$passfail = !$passok;
if (!$passok) {
<!DOCTYPE html>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title><?php echo htmlspecialchars($pubdata["pubname"] . " | " . date("Y-m-d", strtotime($pubdata["pubdate"]))); ?></title>
<link href="../static/css/bootstrap.min.css" rel="stylesheet">
<link href="../static/css/font-awesome.min.css" rel="stylesheet">
<style nonce="<?php echo $SECURE_NONCE; ?>">
#heading {
background-color: #673ab7;
<br />
<div class="row">
<div class="col-xs-12 col-sm-4 col-sm-offset-4">
<form action="gencontent.php" method="POST" class="panel panel-info">
<div class="panel-heading" id="heading">
<label class="panel-title" for="password"><i class="fa fa-lock"></i> <?php lang("enter password to view file"); ?></label>
<div class="panel-body">
<?php if ($passfail) {
<div class="alert alert-danger">
<i class="fa fa-times"></i> <?php lang("password incorrect"); ?>
<input type="password" name="password" class="form-control" placeholder="<?php lang("password"); ?>" />
<input type="hidden" name="pubid" value="<?php echo $pub; ?>" />
<div class="panel-footer">
<button type="submit" class="btn btn-success"><i class="fa fa-sign-in"></i> <?php lang("view file"); ?></button>
} else {
die(lang("invalid parameters", false));
} else {
die(lang("invalid parameters", false));
if (defined("EDIT_MODE") && EDIT_MODE == true) {
<script nonce="<?php echo $SECURE_NONCE; ?>">
var pubid = <?php echo $pub; ?>;
var pubcolumns = <?php echo $pubdata["columns"]; ?>;
<style nonce="<?php echo $SECURE_NONCE; ?>">
<?php $pubcss = $database->get("pub_styles", ["css", "cssvars", "cssextra", "background"], ["styleid" => $pubdata["styleid"]]); ?>
.pub-content {
$pubvars = json_decode($pubcss["cssvars"], TRUE);
foreach ($pubvars as $name => $val) {
echo "--$name: $val;\n";
.pub-content {
<?php echo $pubcss["css"]; ?>
<?php echo $pubcss["cssextra"]; ?>
.pub-content {
background-image: url('data:image/png;base64,<?php echo $pubcss["background"]; ?>');
<?php $pagesize = $database->get("page_sizes", ["sizewidth (width)", "sizeheight (height)"], ["sizeid" => $pubdata["page_size"]]); ?>
.pub-content {
max-width: <?php echo ($pubdata["landscape"] == 0 ? $pagesize["width"] : $pagesize["height"]); ?>;
height: <?php echo ($pubdata["landscape"] == 0 ? $pagesize["height"] : $pagesize["width"]); ?>;
@media (max-width: 900px) {
.pub-content {
height: auto;
min-height: <?php echo ($pubdata["landscape"] == 0 ? $pagesize["height"] : $pagesize["width"]); ?>;
.page-safe-line .bottom {
top: calc(<?php echo ($pubdata["landscape"] == 0 ? $pagesize["height"] : $pagesize["width"]); ?> - 5mm);
<style nonce="<?php echo $SECURE_NONCE; ?>" media="all">
$styles = $database->select("tile_styles", ["styleid", "css"]);
$tiles = $database->select("tiles", ["tileid", "page", "styleid", "content", "width", "order"], ["pubid" => $pub, "ORDER" => ["page", "order"]]);
foreach ($styles as $style) {
.tile-style-<?php echo $style["styleid"]; ?> {
<?php echo $style["css"] . "\n"; ?>
foreach ($tiles as $tile) {
if ($tile["width"] > $pubdata["columns"]) {
$tile["width"] = $pubdata["columns"];
#tile-<?php echo $tile["tileid"]; ?> {
order: <?php echo $tile["order"]; ?>;
width: <?php echo round((($tile["width"] * 1.0) / ($pubdata["columns"] * 1.0) * 100)); ?>%;
flex-basis: <?php echo round((($tile["width"] * 1.0) / ($pubdata["columns"] * 1.0) * 100)); ?>%;
flex: 0 0 calc(<?php echo round((($tile["width"] * 1.0) / ($pubdata["columns"] * 1.0) * 100)); ?>% - 10px);
// Get a list of pages
$pages = [];
foreach ($tiles as $tile) {
if (!in_array($tile["page"], $pages)) {
$pages[] = $tile["page"];
foreach ($pages as $page) {
<div class="pub-content">
<div class="page-safe-line">
<div class="bottom"></div>
<div class="tile-bin">
foreach ($tiles as $tile) {
if ($tile["page"] == $page) {
<div class="tile" id="tile-<?php echo $tile["tileid"]; ?>" data-tileid="<?php echo $tile["tileid"]; ?>" data-page="<?php echo $tile["page"]; ?>" data-styleid="<?php echo $tile["styleid"]; ?>" data-width="<?php echo $tile["width"]; ?>" data-order="<?php echo $tile["order"]; ?>">
if (defined("EDIT_MODE") && EDIT_MODE == true) {
?><div class="btn-group btn-group-sm">
<button type="button" class="btn btn-default edit-btn" data-tile="<?php echo $tile["tileid"]; ?>"><i class="fa fa-pencil"></i> <?php lang("edit"); ?></button>
<button type="button" class="btn btn-default save-btn" data-tile="<?php echo $tile["tileid"]; ?>"><i class="fa fa-save"></i> <?php lang("save"); ?></button>
<button type="button" class="btn btn-default opts-btn" data-tile="<?php echo $tile["tileid"]; ?>" data-toggle="modal" data-target="#tile-options-modal"><i class="fa fa-gear"></i> <?php lang("options"); ?></button>
<?php } ?>
<div id="tile-<?php echo $tile["tileid"]; ?>-content" class="tile-style-<?php echo $tile["styleid"]; ?>">
<div class="tile-html"><?php echo $tile["content"]; ?></div>
$content = ob_get_clean();
if (defined("HTML_ME") || !defined("IN_NEWSPEN")) {
$contentcss = file_get_contents(__DIR__ . "/../static/css/content.css");
$title = htmlspecialchars($pubdata["pubname"] . " | " . date("Y-m-d", strtotime($pubdata["pubdate"])));
$content = "<!DOCTYPE html>\n"
. "<meta charset=\"utf-8\">\n"
. "<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">\n"
. "<title>$title</title>\n"
. "<style nonce=\"$SECURE_NONCE\">$contentcss</style>\n"
. "$content";
// Credit:
$content = preg_replace("/(^[\r\n]*|[\r\n]+)[\s\t]*[\r\n]+/", "\n", $content);
// End credit
$content = str_replace("\t", " ", $content);
// TODO: replace this loop with something less freshman
while (strpos($content, " ") !== FALSE) {
$content = str_replace(" ", " ", $content);
if (!defined("IN_NEWSPEN")) {
echo $content;