/** * Renders the admin-side footer. * * The footer's default markup is provided by a theme. It can be further * customised via the "admin_side > footer" pluggable UI callback event. * * In addition to the pluggable UI, this function also calls callback events * "admin_side > main_content_end" and "admin_side > body_end". */ function end_page() { global $event, $app_mode, $theme, $textarray_script; if ($app_mode != 'async' && $event != 'tag') { callback_event('admin_side', 'main_content_end'); echo n . '</main><!-- /txp-body -->' . n . '<footer class="txp-footer">'; echo pluggable_ui('admin_side', 'footer', $theme->footer()); callback_event('admin_side', 'body_end'); gTxtScript(array('password_strength_0', 'password_strength_1', 'password_strength_2', 'password_strength_3', 'password_strength_4'), array(), array('admin', 'new_pass_form')); echo script_js('vendors/dropbox/zxcvbn/zxcvbn.js', TEXTPATTERN_SCRIPT_URL, array('admin', 'new_pass_form')) . script_js('textpattern.textarray = ' . json_encode($textarray_script)) . n . '</footer><!-- /txp-footer -->' . n . '</body>' . n . '</html>'; } }
function add_i18n_entries() { // Which strings do we need to push to the client? // single string gTxtScript('404_not_found'); // array of strings gTxtScript(array('form_submission_error', 'publish')); // single string w/ one variable substitution gTxtScript('file_updated', array('{name}' => 'readme.txt')); // single string w/ two variable substitutions gTxtScript('comment_received', array('{site}' => 'My Site', '{title}' => 'My First Post')); // array of strings w/ matching array of variable substitutions gTxtScript(array('file_updated', 'password_changed_mailed'), array(array('{name}' => 'readme.txt'), array('{email}' => '*****@*****.**'))); }
$_SERVER['PHP_SELF'] = preg_replace('#^(.*index.php).*$#i', '$1', $_SERVER['PHP_SELF']); // Sniff out the 'textpattern' directory's name '/path/to/site/textpattern/setup/index.php'. $txpdir = explode('/', $_SERVER['PHP_SELF']); if (count($txpdir) > 3) { // We live in the regular directory structure. $txpdir = '/' . $txpdir[count($txpdir) - 3]; } else { // We probably came here from a clever assortment of symlinks and DocumentRoot. $txpdir = '/'; } global $textarray_script; $step = ps('step'); $rel_siteurl = preg_replace("#^(.*?)({$txpdir})?/setup.*\$#i", '$1', $_SERVER['PHP_SELF']); $rel_txpurl = rtrim(dirname(dirname($_SERVER['PHP_SELF'])), '/\\'); $bodyclass = $step == '' ? ' welcome' : ''; gTxtScript(array('setup_password_strength_0', 'setup_password_strength_1', 'setup_password_strength_2', 'setup_password_strength_3', 'setup_password_strength_4')); echo <<<eod <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <meta name="robots" content="noindex, nofollow"> <title>Setup | Textpattern CMS</title> eod; echo script_js('../vendors/jquery/jquery/jquery.js', TEXTPATTERN_SCRIPT_URL) . script_js('../vendors/jquery/jquery-ui/jquery-ui.js', TEXTPATTERN_SCRIPT_URL) . script_js('../vendors/dropbox/zxcvbn/zxcvbn.js', TEXTPATTERN_SCRIPT_URL) . script_js('var textpattern = ' . json_encode(array('event' => 'setup', 'step' => $step, 'textarray' => (object) $textarray_script)) . ';') . script_js('../textpattern.js', TEXTPATTERN_SCRIPT_URL); echo <<<eod <link rel="stylesheet" href="../theme/hive/assets/css/textpattern.min.css"> <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=0"> </head> <body class="setup{$bodyclass}" id="page-setup"> <main class="txp-body">
/** * Creates and outputs an admin-side header. * * The output contains HTML <head> section and the main * navigation. The results are echoed as opposed to returned. * * This function offers a way to invoke modal activity messages * and set the page title. * * Output will automatically become silent on asynchronous * script responses that do not want HTML headers. * * @param string $pagetitle The page title * @param string|array $message A message show to the user * @example * pagetop('Title', array('My error message', E_ERROR)); * echo 'My page contents.'; */ function pagetop($pagetitle, $message = '') { global $siteurl, $sitename, $txp_user, $event, $step, $app_mode, $theme, $privs; if ($app_mode == 'async') { return; } $area = gps('area'); $event = !$event ? 'article' : $event; $bm = gps('bm'); $privs = safe_field("privs", "txp_users", "name = '" . doSlash($txp_user) . "'"); $areas = areas(); $area = false; foreach ($areas as $k => $v) { if (in_array($event, $v)) { $area = $k; break; } } if (gps('logout')) { $body_id = 'page-logout'; } elseif (!$txp_user) { $body_id = 'page-login'; } else { $body_id = 'page-' . txpspecialchars($event); } header('X-Frame-Options: ' . X_FRAME_OPTIONS); header('X-UA-Compatible: ' . X_UA_COMPATIBLE); $lang_direction = gTxt('lang_dir'); if (!in_array($lang_direction, array('ltr', 'rtl'))) { // Apply biased default for missing translations $lang_direction = 'ltr'; } ?> <!DOCTYPE html> <html lang="<?php echo LANG; ?> " dir="<?php echo $lang_direction; ?> "> <head> <meta charset="utf-8"> <meta name="robots" content="noindex, nofollow"> <title><?php echo admin_title($pagetitle); ?> </title><?php echo script_js('vendors/jquery/jquery/jquery.js', TEXTPATTERN_SCRIPT_URL) . script_js('vendors/jquery/ui/js/jquery-ui.js', TEXTPATTERN_SCRIPT_URL) . script_js('//code.jquery.com/jquery-migrate-1.2.1.js', TEXTPATTERN_SCRIPT_URL) . script_js('var textpattern = ' . json_encode(array('event' => $event, 'step' => $step, '_txp_token' => form_token(), 'ajax_timeout' => (int) AJAX_TIMEOUT, 'textarray' => (object) null, 'do_spellcheck' => get_pref('do_spellcheck', '#page-article #body, #page-article #title,' . '#page-image #alt-text, #page-image #caption,' . '#page-file #description,' . '#page-link #link-title, #page-link #link-description'), 'production_status' => get_pref('production_status'))) . ';') . script_js('textpattern.js', TEXTPATTERN_SCRIPT_URL) . n; gTxtScript(array('form_submission_error', 'are_you_sure', 'cookies_must_be_enabled', 'ok', 'save', 'publish')); // Mandatory un-themable Textpattern core styles ?> <style> .not-ready .doc-ready, .not-ready form.async input[type="submit"], .not-ready a.async { visibility: hidden; } </style> <?php echo $theme->html_head(); callback_event('admin_side', 'head_end'); ?> </head> <body id="<?php echo $body_id; ?> " class="not-ready <?php echo $area; ?> "> <header role="banner" class="txp-header"> <?php callback_event('admin_side', 'pagetop'); $theme->set_state($area, $event, $bm, $message); echo pluggable_ui('admin_side', 'header', $theme->header()); callback_event('admin_side', 'pagetop_end'); echo n . '</header><!-- /txp-header -->' . n . '<main role="main" class="txp-body" aria-label="' . gTxt('main_content') . '">'; callback_event('admin_side', 'main_content'); }
function pagetop($pagetitle, $message = "") { global $siteurl, $sitename, $txp_user, $event, $step, $app_mode, $theme; if ($app_mode == 'async') { return; } $area = gps('area'); $event = !$event ? 'article' : $event; $bm = gps('bm'); $privs = safe_field("privs", "txp_users", "name = '" . doSlash($txp_user) . "'"); $GLOBALS['privs'] = $privs; $areas = areas(); $area = false; foreach ($areas as $k => $v) { if (in_array($event, $v)) { $area = $k; break; } } if (gps('logout')) { $body_id = 'page-logout'; } elseif (!$txp_user) { $body_id = 'page-login'; } else { $body_id = 'page-' . txpspecialchars($event); } header('X-Frame-Options: ' . X_FRAME_OPTIONS); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="<?php echo LANG; ?> " lang="<?php echo LANG; ?> " dir="<?php echo txpspecialchars(gTxt('lang_dir')); ?> "> <head> <meta http-equiv="content-type" content="text/html; charset=utf-8" /> <meta name="robots" content="noindex, nofollow" /> <title><?php echo escape_title($pagetitle); ?> - <?php echo txpspecialchars($sitename); ?> | Textpattern CMS</title> <script type="text/javascript" src="jquery.js"></script> <?php echo script_js('var textpattern = { event: "' . txpspecialchars($event) . '", step: "' . txpspecialchars($step) . '", _txp_token: "' . txpspecialchars(form_token()) . '", ajax_timeout: ' . txpspecialchars(AJAX_TIMEOUT) . ', ajaxally_challenged: ' . (AJAXALLY_CHALLENGED ? 'true' : 'false') . ', textarray: {}, do_spellcheck: "' . txpspecialchars(get_pref('do_spellcheck', '#page-article #body, #page-article #title,' . '#page-image #alt-text, #page-image #caption,' . '#page-file #description,' . '#page-link #link-title, #page-link #link-description')) . '"};'); gTxtScript(array('form_submission_error', 'are_you_sure')); ?> <script type="text/javascript" src="textpattern.js"></script> <script type="text/javascript"> <!-- var cookieEnabled = checkCookies(); if (!cookieEnabled) { confirm('<?php echo trim(gTxt('cookies_must_be_enabled')); ?> '); } function poweredit(elm) { var something = elm.options[elm.selectedIndex].value; // Add another chunk of HTML var pjs = document.getElementById('js'); if (pjs == null) { var br = document.createElement('br'); elm.parentNode.appendChild(br); pjs = document.createElement('P'); pjs.setAttribute('id','js'); elm.parentNode.appendChild(pjs); } if (pjs.style.display == 'none' || pjs.style.display == '') { pjs.style.display = 'block'; } if (something != '') { switch (something) { default: pjs.style.display = 'none'; break; } } return false; } addEvent(window, 'load', cleanSelects); --> </script> <?php // Mandatory un-themable Textpattern core styles ?> <style type="text/css"> .not-ready .doc-ready, .not-ready form.async input[type="submit"], .not-ready a.async { visibility: hidden; } </style> <?php echo $theme->html_head(); callback_event('admin_side', 'head_end'); ?> </head> <body id="<?php echo $body_id; ?> " class="not-ready <?php echo $area; ?> "> <div class="txp-header"> <?php callback_event('admin_side', 'pagetop'); $theme->set_state($area, $event, $bm, $message); echo pluggable_ui('admin_side', 'header', $theme->header()); callback_event('admin_side', 'pagetop_end'); echo '</div><!-- /txp-header --><div class="txp-body">'; }
/** * Renders and outputs a login form. * * This function outputs a full HTML document, * including <head> and footer. * * @param string|array $message The activity message */ function doLoginForm($message) { global $textarray_script, $event, $step; include txpath . '/lib/txplib_head.php'; $event = 'login'; $stay = cs('txp_login') && !gps('logout') ? 1 : 0; $reset = gps('reset'); $confirm = gps('confirm'); $activate = gps('activate'); if (gps('logout')) { $step = 'logout'; } elseif ($reset) { $step = 'reset'; } elseif ($activate) { $step = 'activate'; } elseif ($confirm) { $step = 'confirm'; } $name = join(',', array_slice(explode(',', cs('txp_login')), 0, -1)); $out = array(); if ($reset) { $pageTitle = gTxt('password_reset'); $out[] = hed(gTxt('password_reset'), 1, array('id' => 'txp-login-heading')) . inputLabel('login_name', fInput('text', 'p_userid', $name, '', '', '', INPUT_REGULAR, '', 'login_name'), 'name', '', array('class' => 'txp-form-field login-name')) . graf(fInput('submit', '', gTxt('password_reset_button'), 'publish')) . graf(href(gTxt('back_to_login'), 'index.php'), array('class' => 'login-return')) . hInput('p_reset', 1); } elseif ($confirm || $activate) { $pageTitle = $confirm ? gTxt('change_password') : gTxt('set_password'); $label = $confirm ? 'change_password' : 'set_password'; $class = $confirm ? 'change-password' : 'set-password'; $out[] = hed($pageTitle, 1, array('id' => 'txp-' . $class . '-heading')) . inputLabel($label, fInput('password', 'p_password', '', 'txp-maskable txp-strength-hint', '', '', INPUT_REGULAR, '', $label, false, true) . n . tag(null, 'div', array('class' => 'strength-meter')) . n . tag(checkbox('unmask', 1, false, 0, 'show_password') . n . tag(gTxt('show_password'), 'label', array('for' => 'show_password')), 'div', array('class' => 'show-password')), 'new_password', '', array('class' => 'txp-form-field ' . $class)) . graf(fInput('submit', '', gTxt('password_confirm_button'), 'publish')) . graf(href(gTxt('back_to_login'), 'index.php'), array('class' => 'login-return')) . hInput('hash', gps('confirm') . gps('activate')) . hInput($confirm ? 'p_alter' : 'p_set', 1); } else { $pageTitle = gTxt('login'); $out[] = hed(gTxt('login_to_textpattern'), 1, array('id' => 'txp-login-heading')) . inputLabel('login_name', fInput('text', 'p_userid', $name, '', '', '', INPUT_REGULAR, '', 'login_name'), 'name', '', array('class' => 'txp-form-field login-name')) . inputLabel('login_password', fInput('password', 'p_password', '', '', '', '', INPUT_REGULAR, '', 'login_password'), 'password', '', array('class' => 'txp-form-field login-password')) . graf(checkbox('stay', 1, $stay, '', 'login_stay') . n . tag(gTxt('stay_logged_in'), 'label', array('for' => 'login_stay')) . popHelp('remember_login'), array('class' => 'login-stay')) . graf(fInput('submit', '', gTxt('log_in_button'), 'publish')) . graf(href(gTxt('password_forgotten'), '?reset=1'), array('class' => 'login-forgot')); if (gps('event')) { $out[] = eInput(gps('event')); } } pagetop($pageTitle, $message); gTxtScript(array('password_strength_0', 'password_strength_1', 'password_strength_2', 'password_strength_3', 'password_strength_4')); echo form(join('', $out), '', '', 'post', 'txp-login', '', 'login_form') . script_js('vendors/dropbox/zxcvbn/zxcvbn.js', TEXTPATTERN_SCRIPT_URL) . script_js('textpattern.textarray = ' . json_encode($textarray_script)) . n . '</main><!-- /txp-body -->' . n . '</body>' . n . '</html>'; exit(0); }