public function testArea()
{
$areas = array('create', 'credits', 'dashboard', 'edit', 'manage', 'media', 'settings');
foreach ($areas as $area) {
$this->assertTrue(ae_Security::isValidArea($area));
}
$this->assertFalse(ae_Security::isValidArea('created'));
$this->assertFalse(ae_Security::isValidArea(''));
$this->assertFalse(ae_Security::isValidArea(TRUE));
$this->assertFalse(ae_Security::isValidArea(NULL));
$subAreasManage = array('category', 'comment', 'media', 'page', 'post', 'user');
foreach ($subAreasManage as $area) {
$this->assertTrue(ae_Security::isValidSubArea('manage', $area));
}
$this->assertFalse(ae_Security::isValidSubArea('manage', 'created'));
$this->assertFalse(ae_Security::isValidSubArea('media', 'created'));
$this->assertFalse(ae_Security::isValidSubArea('media', ''));
$this->assertFalse(ae_Security::isValidSubArea('media', TRUE));
$this->assertFalse(ae_Security::isValidSubArea('media', NULL));
}
<?php
require_once '../core/autoload.php';
require_once '../core/config.php';
if (!ae_Security::isLoggedIn()) {
header('Location: index.php?error=not_logged_in');
exit;
}
$area = 'dashboard';
if (!isset($_GET['area'])) {
$area = 'dashboard';
} else {
if (!ae_Security::isValidArea($_GET['area'])) {
$msg = sprintf('Area "%s" is not a valid area.', htmlspecialchars($_GET['area']));
ae_Log::warning($msg);
} else {
$area = $_GET['area'];
}
}
$sb = new ae_SiteBuilder();
include_once 'sb_params.php';
?>
<!DOCTYPE html>
<html>
<?php
$sb->render('templates/head.php', $paramsHead);
?>
<body>
<?php
