<?php
require_once 'autoload.php';
require_once 'Cosmo.class.php';
$Cosmo = new Cosmo($pdo, $prefix, $salt);
session_start();
// Initialize variables
$angularModules = '';
$directives = array();
$classes = '';
$minifyScripts = 'min/?f=';
$minifyCSS = 'min/?f=';
$scripts = '';
$CSS = '';
$developerMode = FALSE;
// Log user in if they have a cookie
if (isset($_COOKIE['usersID']) && $_COOKIE['usersID'] && $_COOKIE['token']) {
// Validate token
if ($Cosmo->tokensRead($_COOKIE['usersID'], $_COOKIE['token'])) {
$usersID = $_COOKIE['usersID'];
$username = $_COOKIE['username'];
$roleRecord = $Cosmo->usersRead($usersID);
$role = $roleRecord['role'];
// Delete one-use token, issue a new one
// todo: fix this so it doesn't break every refresh
//$Cosmo->tokensDelete($username, $_COOKIE['token']);
//$token = $Cosmo->tokensCreate($username);
$token = $_COOKIE['token'];
//setcookie('token', $token, time()+60*60*24*90); // Set cookie to expire in 90 days
$minifyScripts .= FOLDER . "core/js/3rd-party/angular-file-upload-shim.min.js,";
// Breaks IE9, so only load it for admins
<?php
/**
* Controller that connects the front-end to the back-end
*/
require_once 'autoload.php';
require_once 'Cosmo.class.php';
$Cosmo = new Cosmo($pdo, $prefix, $salt);
$method = $_SERVER['REQUEST_METHOD'];
# GET, POST, PUT, or DELETE
$uri = substr($_SERVER['REQUEST_URI'], 5 + strlen(FOLDER));
# remove '/api/' and prefix - (strlen($prefix) +)
$uri = explode('?', $uri);
// Separate GET parameters
$segments = explode('/', $uri[0]);
$HTTPHeaderCode = 200;
$role = '';
// Check permissions for autorized requests
if (isset($_SERVER['HTTP_USERSID']) && $_SERVER['HTTP_USERSID'] && isset($_SERVER['HTTP_TOKEN']) && $_SERVER['HTTP_TOKEN']) {
if ($Cosmo->tokensRead($_SERVER['HTTP_USERSID'], $_SERVER['HTTP_TOKEN'])) {
$usersID = $_SERVER['HTTP_USERSID'];
$username = $_SERVER['HTTP_USERNAME'];
$roleRecord = $Cosmo->usersRead($usersID);
$role = $roleRecord['role'];
}
}
function checkPermissions($action, $publishedStatus = null, $url = null)
{
global $Cosmo;
global $username;
global $role;
<?php
/**
* Create a sitemap for search engines
*/
require_once 'autoload.php';
require_once 'Cosmo.class.php';
$Cosmo = new Cosmo($pdo, $prefix, $salt);
$pages = $Cosmo->contentRead();
echo '<?xml version="1.0" encoding="UTF-8"?><urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">' . "\n";
foreach ($pages as $page) {
if ($page['published'] === 'Y') {
echo "\t<url>\n\t\t<loc>http://www." . $_SERVER['HTTP_HOST'] . '/' . $page['url'] . "</loc>\n\t</url>\n";
}
}
echo '</urlset>';
$prefix = \'' . $prefix . '\'; // e.g. cosmo_
define(\'FOLDER\', \'' . $folder . '\'); // /subfolder
$salt = \'' . $salt . '\';
$developerMode = false; // Switching this to true prevents minification/combination of JS/CSS files for better error reporting
$pdo = new PDO("mysql:host=$host;dbname=$dbName;charset=utf8", $username, $password);
$pdo->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$username = null;
?>');
fclose($fp);
// Install database
include 'core/app/autoload.php';
include 'core/app/Cosmo.class.php';
$Cosmo = new Cosmo($pdo, $prefix, $salt);
$sqlFile = file_get_contents('install.sql');
$statements = explode(';', $sqlFile);
// Execute MySQL statements, replacing the prefix
foreach ($statements as $statement) {
if (trim($statement) != '') {
$stmt = $pdo->prepare(str_replace('**prefix**', $prefix, $statement));
$stmt->execute();
}
}
// Setup site info
$stmt = $pdo->prepare('INSERT INTO ' . $prefix . 'settings (site_name, email, theme, language) VALUES (?,?,?,?) ON DUPLICATE KEY UPDATE site_name=VALUES(site_name)');
$data = array($title, $email, 'Pendant', $language);
$stmt->execute($data);
// Create home page
$stmt = $pdo->prepare('INSERT INTO ' . $prefix . 'content (url, type, published) VALUES (?,?,?) ON DUPLICATE KEY UPDATE url=VALUES(url)');
<?php
require_once '../../../core/app/autoload.php';
require_once '../../../core/app/Cosmo.class.php';
$Cosmo = new Cosmo($pdo, $prefix, $salt);
if ($_GET['settings']) {
echo $Cosmo->miscRead('googleMapsSettings');
} else {
if ($_SERVER['HTTP_USERSID'] && $_SERVER['HTTP_TOKEN']) {
if ($Cosmo->tokensRead($_SERVER['HTTP_USERSID'], $_SERVER['HTTP_TOKEN'])) {
$usersID = $_SERVER['HTTP_USERSID'];
$role = $Cosmo->usersRead($usersID)['role'];
if ($role === 'admin') {
$_POST = json_decode(file_get_contents("php://input"), TRUE);
// Update record if it exists already
if ($Cosmo->miscRead('googleMapsSettings')) {
$Cosmo->miscUpdate('googleMapsSettings', json_encode(array("marker" => $_POST['marker'], "style" => $_POST['style'])));
} else {
$Cosmo->miscCreate('googleMapsSettings', json_encode(array("marker" => $_POST['marker'], "style" => $_POST['style'])));
}
$output = array("success" => true);
} else {
$output = array("success" => false);
}
}
} else {
$output = array("success" => false);
}
}
if ($output) {
echo json_encode($output);
