Merge branch 'master' of https://github.com/vigneshmanix/pragyan into pdo

Author: vigneshmanix

cms/searchbar.lib.php

@@ -1,16 +1,16 @@
 <?php
 /**
  * @package pragyan
+ * @author Sriram Sundarraj (srirams6)
  * @copyright (c) 2010 Pragyan Team
  * @license http://www.gnu.org/licenses/ GNU Public License
  * For more details, see README
  */
-if(!defined('__PRAGYAN_CMS'))
-{ 
-	header($_SERVER['SERVER_PROTOCOL'].' 403 Forbidden');
-	echo "<h1>403 Forbidden<h1><h4>You are not authorized to access the page.</h4>";
-	echo '<hr/>'.$_SERVER['SERVER_SIGNATURE'];
-	exit(1);
+if (!defined('__PRAGYAN_CMS')) { 
+    header($_SERVER['SERVER_PROTOCOL'].' 403 Forbidden');
+    echo "<h1>403 Forbidden<h1><h4>You are not authorized to access the page.</h4>";
+    echo '<hr/>'.$_SERVER['SERVER_SIGNATURE'];
+    exit(1);
 }
 
 /**
@@ -19,67 +19,87 @@
  *
  * @return $searchbar The search bar for tags. 
  */
-function getSearchbar($userId, $pageId){
-	if(isset($_GET['searchbar']) && isset($_GET['searchContents'])){
-		$searchQuery="SELECT DISTINCT `page_id` FROM `". MYSQL_DATABASE_PREFIX ."pagetags` WHERE `tag_text` LIKE '%{$_GET['searchContents']}%';";
-		$searchResult=mysql_query($searchQuery);
-		$suggestions="";
-		while($row=mysql_fetch_assoc($searchResult)){
-			$suggestions.="<a href=".hostURL().getPagePath($row['page_id']).">";
-			$pageInfo=getPageInfo($row['page_id']);
-			$suggestions.=$pageInfo['page_title']."</a><br/>";
-		}
-		echo $suggestions;
-		exit(0);
-	}
-	$allPageQuery="SELECT `page_id`, `page_module` FROM `". MYSQL_DATABASE_PREFIX ."pages`";
-	$allPageResult=mysql_query($allPageQuery);
-	$pagesIdList=array();
-	while ($row=mysql_fetch_assoc($allPageResult)){
-		if(getPermissions($userId, $row['page_id'], $action="view", $module=$row['page_module']))
-			array_push($pagesIdList, intval($row['page_id']));
-	}
-	$tagsWithPermsQuery="SELECT * FROM `". MYSQL_DATABASE_PREFIX ."pagetags` WHERE `page_id` IN (";
-	foreach ($pagesIdList as $key => $value) {
-		$tagsWithPermsQuery.=$value.",";
-	}
-	$tagsWithPermsQuery=substr($tagsWithPermsQuery,0,-1).");";
-	$tagsWithPermsResult= mysql_query($tagsWithPermsQuery);
-	$searchbar=<<<SEARCHSCRIPT
-		<script> 
-			function showResult(searchstr) {
-				if (searchstr.length==0) { 
-				    document.getElementById("tagSuggestions").innerHTML="";
-				    document.getElementById("tagSuggestions").style.border="0px";
-				    return;
-				}
-				if (window.XMLHttpRequest) {
-					// code for IE7+, Firefox, Chrome, Opera, Safari
-					xmlhttp=new XMLHttpRequest();
-				}else {  // code for IE6, IE5
-				    xmlhttp=new ActiveXObject("Microsoft.XMLHTTP");
-				}
-				xmlhttp.onreadystatechange=function() {
-					if (xmlhttp.readyState==4 && xmlhttp.status==200) {
-				    	if(xmlhttp.responseText != ""){
-				    		console.log(xmlhttp.responseText);
-				    		document.getElementById("tagSuggestions").innerHTML=xmlhttp.responseText;
-				    		document.getElementById("tagSuggestions").style.border="1px solid #A5ACB2";
-				    	}
-				    	else{
-					    	document.getElementById("tagSuggestions").innerHTML="";
-					    	document.getElementById("tagSuggestions").style.border="0px";
-				    	}
-					}
-				}
-				xmlhttp.open("GET","./&searchbar=1&searchContents="+searchstr,true);
-				xmlhttp.send();
-			}
-		</script>
+function getSearchbar($userId, $pageId) {
+    if(isset($_GET['searchbar']) && isset($_GET['searchContents'])) {
+        $_GET['searchbar'] = escape($_GET['searchbar']);
+        $_GET['searchContents'] = escape($_GET['searchContents']);
+
+        $allPageQuery="SELECT `page_id`, `page_module` FROM `". MYSQL_DATABASE_PREFIX ."pages`";
+        $allPageResult=mysql_query($allPageQuery);
+        $pagesIdList=array(); //Contains all pages for which the user has view permission
+        while ($row=mysql_fetch_assoc($allPageResult)) {
+            if(getPermissions($userId, $row['page_id'], $action="view", $module=$row['page_module']))
+                array_push($pagesIdList, intval($row['page_id']));
+        }
+        $searchQueryParams="";
+        foreach ($pagesIdList as $key => $value) {
+            $searchQueryParams.=$value.",";
+        }
+        $searchQueryParams=substr($searchQueryParams,0,-1);
+        $searchQuery="SELECT * FROM `". MYSQL_DATABASE_PREFIX ."pagetags` WHERE `tag_text` LIKE '%{$_GET['searchContents']}%' AND `page_id` IN (".$searchQueryParams.");";
+        $tagsWithPermsResult= mysql_query($searchQuery);
+
+        $searchResult=mysql_query($searchQuery);
+        $suggestions="";
+        while ($row=mysql_fetch_assoc($searchResult)) {
+            $suggestions.="<a href=".hostURL().getPagePath($row['page_id']).">";
+            $pageInfo=getPageInfo($row['page_id']);
+            $suggestions.=$pageInfo['page_title']."</a><br/>";
+        }
+        echo $suggestions;
+        exit(0);
+    }
+    $searchbar=<<<SEARCHSCRIPT
+        <script> 
+            function showResult(searchstr) {
+                if (searchstr.length==0) { 
+                    document.getElementById("tagSuggestions").innerHTML="";
+                    document.getElementById("tagSuggestions").style.border="0px";
+                    return;
+                }
+                if (window.XMLHttpRequest) {
+                    // code for IE7+, Firefox, Chrome, Opera, Safari
+                    xmlhttp=new XMLHttpRequest();
+                }else {  // code for IE6, IE5
+                    xmlhttp=new ActiveXObject("Microsoft.XMLHTTP");
+                }
+                xmlhttp.onreadystatechange=function() {
+                    if (xmlhttp.readyState==4 && xmlhttp.status==200) {
+                        if(xmlhttp.responseText != "") {
+                            console.log(xmlhttp.responseText);
+                            document.getElementById("tagSuggestions").innerHTML=xmlhttp.responseText;
+                            document.getElementById("tagSuggestions").style.border="1px solid #A5ACB2";
+                        }
+                        else {
+                            document.getElementById("tagSuggestions").innerHTML="";
+                            document.getElementById("tagSuggestions").style.border="0px";
+                        }
+                    }
+                }
+                xmlhttp.open("GET","./&searchbar=1&searchContents="+searchstr,true);
+                xmlhttp.send();
+            }
+        </script>
 SEARCHSCRIPT;
-	$searchbar.="<div id=\"cms-searchbar\">";
-	$searchbar.="<input type=\"text\" size=\"30\" onkeyup=\"showResult(this.value)\">";
-	$searchbar.="<div id=\"tagSuggestions\"></div>";
-	$searchbar.="</div>";
-	return $searchbar;
+    $searchbar.="<div id='cms-searchbar'>";
+    $searchbar.="<input type='text' size='30' onkeyup='showResult(this.value)'>";
+    $searchbar.="<div id='tagSuggestions'></div>";
+    $searchbar.="</div>";
+    return $searchbar;
+}
+
+/**
+ * @param $pageId The page on which the permissible action for the user is computed
+ *
+ * @return $pagetags The tags for the page. 
+ */
+function getPagetags($pageId) {
+    $pageTagQuery="SELECT `tag_text` FROM `". MYSQL_DATABASE_PREFIX ."pagetags` WHERE `page_id` = {$pageId}";
+    $pageTagResult=mysql_query($pageTagQuery);
+    $pagetags=[];
+    while ($row=mysql_fetch_assoc($pageTagResult)) {
+        array_push($pagetags, $row['tag_text']);
+    }
+    $pagetags = implode(" , ", $pagetags);
+    return $pagetags;
 }

cms/template.lib.php

@@ -53,7 +53,7 @@ function getPageTemplate($pageId)
  * template
  *
  */
-function templateReplace(&$TITLE,&$MENUBAR,&$ACTIONBARMODULE,&$ACTIONBARPAGE,&$BREADCRUMB,&$SEARCHBAR,&$INHERITEDINFO,&$CONTENT,&$FOOTER,&$DEBUGINFO,&$ERRORSTRING,&$WARNINGSTRING,&$INFOSTRING,&$STARTSCRIPTS,&$LOGINFORM) {
+function templateReplace(&$TITLE,&$MENUBAR,&$ACTIONBARMODULE,&$ACTIONBARPAGE,&$BREADCRUMB,&$SEARCHBAR,&$PAGEKEYWORDS,&$INHERITEDINFO,&$CONTENT,&$FOOTER,&$DEBUGINFO,&$ERRORSTRING,&$WARNINGSTRING,&$INFOSTRING,&$STARTSCRIPTS,&$LOGINFORM) {
 	global $cmsFolder;
 	global $sourceFolder;
 	global $templateFolder;

cms/templates/crystalx/index.php

@@ -1,19 +1,19 @@
-<?php
-if(!defined('__PRAGYAN_CMS'))
-{ 
-	header($_SERVER['SERVER_PROTOCOL'].' 403 Forbidden');
-	echo "<h1>403 Forbidden<h1><h4>You are not authorized to access the page.</h4>";
-	echo '<hr/>'.$_SERVER['SERVER_SIGNATURE'];
-	exit(1);
-}
-?>
+<?php
+if(!defined('__PRAGYAN_CMS'))
+{ 
+	header($_SERVER['SERVER_PROTOCOL'].' 403 Forbidden');
+	echo "<h1>403 Forbidden<h1><h4>You are not authorized to access the page.</h4>";
+	echo '<hr/>'.$_SERVER['SERVER_SIGNATURE'];
+	exit(1);
+}
+?>
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="cs" lang="cs">
 <head>
     <meta http-equiv="content-type" content="text/html; charset=utf-8" />
     <title><?php echo  $TITLE; ?></title>
     <meta name="description" content="<?php echo $SITEDESCRIPTION ?>" />
-    <meta name="keywords" content="<?php echo $SITEKEYWORDS ?>" /> 
+    <meta name="keywords" content="<?php echo $SITEKEYWORDS.', '.$PAGEKEYWORDS ?>" /> 
 	<?php global $urlRequestRoot;	global $PAGELASTUPDATED;
 	if($PAGELASTUPDATED!="")
 		echo '<meta http-equiv="Last-Update" content="'.substr($PAGELASTUPDATED,0,10).'" />'."\n";

cms/templates/integriti/index.php

@@ -15,7 +15,7 @@
 	<link rel="shortcut icon" href="<?php echo $TEMPLATEBROWSERPATH; ?>/images/logo_16.png" >
 	<link rel="stylesheet" type="text/css" href="<?php echo $TEMPLATEBROWSERPATH; ?>/styles/main.css" />
     <meta name="description" content="<?php echo $SITEDESCRIPTION ?>" />
-    <meta name="keywords" content="<?php echo $SITEKEYWORDS ?>" /> 
+    <meta name="keywords" content="<?php echo $SITEKEYWORDS.', '.$PAGEKEYWORDS ?>" /> 
 	<?php global $urlRequestRoot;	global $PAGELASTUPDATED;
 	if($PAGELASTUPDATED!="")
 		echo '<meta http-equiv="Last-Update" content="'.substr($PAGELASTUPDATED,0,10).'" />'."\n";

index.php

@@ -225,7 +225,8 @@
 	$BREADCRUMB = breadcrumbs(array(0=>0)," » ");
 	$MENUBAR = getMenu($userId, $pageIdArray);
 	$SEARCHBAR = getSearchbar($userId, $pageId);
-	templateReplace($TITLE,$MENUBAR,$ACTIONBARMODULE,$ACTIONBARPAGE,$BREADCRUMB,$SEARCHBAR,$INHERITEDINFO,$CONTENT,$FOOTER,$DEBUGINFO,$ERRORSTRING,$WARNINGSTRING,$INFOSTRING,$STARTSCRIPTS,$LOGINFORM);
+	$PAGEKEYWORDS = getPagetags($pageId);
+	templateReplace($TITLE,$MENUBAR,$ACTIONBARMODULE,$ACTIONBARPAGE,$BREADCRUMB,$SEARCHBAR,$PAGEKEYWORDS,$INHERITEDINFO,$CONTENT,$FOOTER,$DEBUGINFO,$ERRORSTRING,$WARNINGSTRING,$INFOSTRING,$STARTSCRIPTS,$LOGINFORM);
 	exit(1);
 }
 
@@ -238,7 +239,7 @@
 	$MENUBAR = '';
 	$CONTENT = "The requested URL was found to have invalid syntax and cannot be processed for security reasons.<br/> If you believe its a". 				"correct URL, please contact the administrator immediately..<br />$_SERVER[SERVER_SIGNATURE]".
 			"<br /><br />Click <a href='".$urlRequestRoot."'>here </a> to return to the home page";
-	templateReplace($TITLE,$MENUBAR,$ACTIONBARMODULE,$ACTIONBARPAGE,$BREADCRUMB,$SEARCHBAR,$INHERITEDINFO,$CONTENT,$FOOTER,$DEBUGINFO,$ERRORSTRING,$WARNINGSTRING,$INFOSTRING,$STARTSCRIPTS,$LOGINFORM);
+	templateReplace($TITLE,$MENUBAR,$ACTIONBARMODULE,$ACTIONBARPAGE,$BREADCRUMB,$SEARCHBAR,$PAGEKEYWORDS,$INHERITEDINFO,$CONTENT,$FOOTER,$DEBUGINFO,$ERRORSTRING,$WARNINGSTRING,$INFOSTRING,$STARTSCRIPTS,$LOGINFORM);
 	exit();
 }
 
@@ -253,7 +254,7 @@
 	$MENUBAR = '';
 	$CONTENT = "The requested URL was not found on this server.<br />$_SERVER[SERVER_SIGNATURE]".
 		"<br /><br />Click <a href='".$urlRequestRoot."'>here </a> to return to the home page";
-	templateReplace($TITLE,$MENUBAR,$ACTIONBARMODULE,$ACTIONBARPAGE,$BREADCRUMB,$SEARCHBAR,$INHERITEDINFO,$CONTENT,$FOOTER,$DEBUGINFO,$ERRORSTRING,$WARNINGSTRING,$INFOSTRING,$STARTSCRIPTS,$LOGINFORM);
+	templateReplace($TITLE,$MENUBAR,$ACTIONBARMODULE,$ACTIONBARPAGE,$BREADCRUMB,$SEARCHBAR,$PAGEKEYWORDS,$INHERITEDINFO,$CONTENT,$FOOTER,$DEBUGINFO,$ERRORSTRING,$WARNINGSTRING,$INFOSTRING,$STARTSCRIPTS,$LOGINFORM);
 	exit();
 }
 
@@ -294,6 +295,9 @@
 //Gets the searchbar
 $SEARCHBAR = getSearchbar($userId, $pageId);
 
+//Gets the page-speciit keywords
+$PAGEKEYWORDS = getPagetags($pageId);
+
 ///Gets the menubar consisting of the child pages from the current location upto a certain depth
 $MENUBAR = getMenu($userId, $pageIdArray); 
 
@@ -352,7 +356,7 @@
 setcookie("cookie_support", "enabled", 0, "/"); 
 
 ///Apply the template on the generated content and display the page
-templateReplace($TITLE,$MENUBAR,$ACTIONBARMODULE,$ACTIONBARPAGE,$BREADCRUMB,$SEARCHBAR,$INHERITEDINFO,$CONTENT,$FOOTER,$DEBUGINFO,$ERRORSTRING,$WARNINGSTRING,$INFOSTRING,$STARTSCRIPTS,$LOGINFORM);
+templateReplace($TITLE,$MENUBAR,$ACTIONBARMODULE,$ACTIONBARPAGE,$BREADCRUMB,$SEARCHBAR,$PAGEKEYWORDS,$INHERITEDINFO,$CONTENT,$FOOTER,$DEBUGINFO,$ERRORSTRING,$WARNINGSTRING,$INFOSTRING,$STARTSCRIPTS,$LOGINFORM);
 
 disconnect();
 exit();