<?php require_once 'autoload.php'; require_once 'Cosmo.class.php'; $Cosmo = new Cosmo($pdo, $prefix, $salt); session_start(); // Initialize variables $angularModules = ''; $directives = array(); $classes = ''; $minifyScripts = 'min/?f='; $minifyCSS = 'min/?f='; $scripts = ''; $CSS = ''; $developerMode = FALSE; // Log user in if they have a cookie if (isset($_COOKIE['usersID']) && $_COOKIE['usersID'] && $_COOKIE['token']) { // Validate token if ($Cosmo->tokensRead($_COOKIE['usersID'], $_COOKIE['token'])) { $usersID = $_COOKIE['usersID']; $username = $_COOKIE['username']; $roleRecord = $Cosmo->usersRead($usersID); $role = $roleRecord['role']; // Delete one-use token, issue a new one // todo: fix this so it doesn't break every refresh //$Cosmo->tokensDelete($username, $_COOKIE['token']); //$token = $Cosmo->tokensCreate($username); $token = $_COOKIE['token']; //setcookie('token', $token, time()+60*60*24*90); // Set cookie to expire in 90 days $minifyScripts .= FOLDER . "core/js/3rd-party/angular-file-upload-shim.min.js,"; // Breaks IE9, so only load it for admins
<?php /** * Controller that connects the front-end to the back-end */ require_once 'autoload.php'; require_once 'Cosmo.class.php'; $Cosmo = new Cosmo($pdo, $prefix, $salt); $method = $_SERVER['REQUEST_METHOD']; # GET, POST, PUT, or DELETE $uri = substr($_SERVER['REQUEST_URI'], 5 + strlen(FOLDER)); # remove '/api/' and prefix - (strlen($prefix) +) $uri = explode('?', $uri); // Separate GET parameters $segments = explode('/', $uri[0]); $HTTPHeaderCode = 200; $role = ''; // Check permissions for autorized requests if (isset($_SERVER['HTTP_USERSID']) && $_SERVER['HTTP_USERSID'] && isset($_SERVER['HTTP_TOKEN']) && $_SERVER['HTTP_TOKEN']) { if ($Cosmo->tokensRead($_SERVER['HTTP_USERSID'], $_SERVER['HTTP_TOKEN'])) { $usersID = $_SERVER['HTTP_USERSID']; $username = $_SERVER['HTTP_USERNAME']; $roleRecord = $Cosmo->usersRead($usersID); $role = $roleRecord['role']; } } function checkPermissions($action, $publishedStatus = null, $url = null) { global $Cosmo; global $username; global $role;
<?php /** * Create a sitemap for search engines */ require_once 'autoload.php'; require_once 'Cosmo.class.php'; $Cosmo = new Cosmo($pdo, $prefix, $salt); $pages = $Cosmo->contentRead(); echo '<?xml version="1.0" encoding="UTF-8"?><urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">' . "\n"; foreach ($pages as $page) { if ($page['published'] === 'Y') { echo "\t<url>\n\t\t<loc>http://www." . $_SERVER['HTTP_HOST'] . '/' . $page['url'] . "</loc>\n\t</url>\n"; } } echo '</urlset>';
$prefix = \'' . $prefix . '\'; // e.g. cosmo_ define(\'FOLDER\', \'' . $folder . '\'); // /subfolder $salt = \'' . $salt . '\'; $developerMode = false; // Switching this to true prevents minification/combination of JS/CSS files for better error reporting $pdo = new PDO("mysql:host=$host;dbname=$dbName;charset=utf8", $username, $password); $pdo->setAttribute(PDO::ATTR_EMULATE_PREPARES, false); $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); $username = null; ?>'); fclose($fp); // Install database include 'core/app/autoload.php'; include 'core/app/Cosmo.class.php'; $Cosmo = new Cosmo($pdo, $prefix, $salt); $sqlFile = file_get_contents('install.sql'); $statements = explode(';', $sqlFile); // Execute MySQL statements, replacing the prefix foreach ($statements as $statement) { if (trim($statement) != '') { $stmt = $pdo->prepare(str_replace('**prefix**', $prefix, $statement)); $stmt->execute(); } } // Setup site info $stmt = $pdo->prepare('INSERT INTO ' . $prefix . 'settings (site_name, email, theme, language) VALUES (?,?,?,?) ON DUPLICATE KEY UPDATE site_name=VALUES(site_name)'); $data = array($title, $email, 'Pendant', $language); $stmt->execute($data); // Create home page $stmt = $pdo->prepare('INSERT INTO ' . $prefix . 'content (url, type, published) VALUES (?,?,?) ON DUPLICATE KEY UPDATE url=VALUES(url)');
<?php require_once '../../../core/app/autoload.php'; require_once '../../../core/app/Cosmo.class.php'; $Cosmo = new Cosmo($pdo, $prefix, $salt); if ($_GET['settings']) { echo $Cosmo->miscRead('googleMapsSettings'); } else { if ($_SERVER['HTTP_USERSID'] && $_SERVER['HTTP_TOKEN']) { if ($Cosmo->tokensRead($_SERVER['HTTP_USERSID'], $_SERVER['HTTP_TOKEN'])) { $usersID = $_SERVER['HTTP_USERSID']; $role = $Cosmo->usersRead($usersID)['role']; if ($role === 'admin') { $_POST = json_decode(file_get_contents("php://input"), TRUE); // Update record if it exists already if ($Cosmo->miscRead('googleMapsSettings')) { $Cosmo->miscUpdate('googleMapsSettings', json_encode(array("marker" => $_POST['marker'], "style" => $_POST['style']))); } else { $Cosmo->miscCreate('googleMapsSettings', json_encode(array("marker" => $_POST['marker'], "style" => $_POST['style']))); } $output = array("success" => true); } else { $output = array("success" => false); } } } else { $output = array("success" => false); } } if ($output) { echo json_encode($output);