public function toJS()
{
$generatedJS = " window.setInterval(function() {";
//$generatedJS .= " try{";
$generatedJS .= " fetchNotifications('" . orongoURL("ajax/fetchNotifications.php") . "'); ";
//$generatedJS .= "}catch(err){ alert(err); }";
$generatedJS .= " }, " . $this->refreshInterval . "); ";
return $generatedJS;
}
/**
* Redirects user to login and if he logged he will be returned to where this was calles
* @param String $paramTo To what should he be redirected? (OPTIONAL)
*/
public static function promptAuth($paramTo = null)
{
if (getUser() != null) {
return;
}
if ($paramTo != null) {
header("Location: " . orongoURL('orongo-login.php?redirect=' . $paramTo));
exit;
}
if (!function_exists('getCurrentPage')) {
header("Location: " . orongoURL('orongo-login.php'));
exit;
}
$currentPage = str_replace("admin_", "orongo-admin/", getCurrentPage()) . '.php';
header("Location: " . orongoURL('orongo-login.php?redirect=' . $currentPage));
exit;
}
/**
* Init Menu
*/
public function __construct()
{
$this->flip = false;
$this->URLs = array();
$this->hookURL(orongoURL("index.php"), l("Home"), 0);
if (Settings::showArchive()) {
$this->hookURL(orongoURL("archive.php"), l("Archive"), 10000);
}
$pages = @orongo_query('action=fetch&object=page&max=10000&order=page.id');
if ($pages != false) {
$c = 1;
foreach ($pages as $page) {
if ($page instanceof Page == false) {
continue;
}
$this->hookURL(orongoURL("page.php?id=" . $page->getID()), $page->getTitle(), $c);
//C++, SOOO HARDCORE :D
$c++;
}
}
}
/**
* Gets activation URL of User
* @param int $paramID ID of User
* @return String Activation URL
*/
public static function getActivationURL($paramID)
{
$row = getDatabase()->queryFirstRow("SELECT `code` FROM `user_activations` WHERE `userID` = %i", $paramID);
$url = orongoURL("orongo-activation.php?code=" . $row['code']);
return $url;
}
$xmlPath = ADMIN . '/plugins' . urldecode($_GET['xml_path']);
$install = new AdminFrontend();
$install->main(array("time" => time(), "page_title" => "Uninstall", "page_template" => "dashboard"));
if (!file_exists($xmlPath)) {
$install->addMessage(l("Plugin not found"), "error");
$install->render();
exit;
}
$installed = false;
foreach (getPlugins() as $plugin) {
if ($plugin instanceof OrongoPluggableObject == false) {
continue;
}
if ($plugin->getInfoPath() == $xmlPath) {
$installed = true;
}
}
if (!$installed) {
$install->addMessage(l("Plugin not installed"), "warning");
$install->render();
exit;
}
try {
Plugin::deinstall($xmlPath);
} catch (Exception $e) {
$install->addMessage($e->getMessage(), "error");
$install->render();
exit;
}
header("Location: " . orongoURL("orongo-admin/manage.php?obj=plugins&msg=4"));
exit;
$xml = @simplexml_load_file($xmlFile);
$json = @json_encode($xml);
$info = @json_decode($json, true);
$styles[$info['style']['name']] = $file;
}
}
}
$settingForm->addSelect("website_style", $styles);
$settingForm->addSelect("website_lang", $languages);
$settingForm->addButton("Save", true);
$settings->addObject($settingForm);
$xml = @simplexml_load_file(getStyle()->getStylePath() . "info.xml");
$json = @json_encode($xml);
$info = @json_decode($json, true);
if (is_array($info['style']['settings']) && getStyle()->isUsingPHP()) {
$styleForm = new AdminFrontendForm(100, "Style Settings", "POST", orongoURL("actions/action_SaveStyleSettings.php"));
$styleSettings = getDatabase()->query("SELECT `setting`, `setting_value` FROM `style_data` WHERE `style_main_class` = %s", $info['style']['main_class']);
foreach ($styleSettings as $setting) {
if (!isset($info['style']['settings'][$setting['setting']])) {
continue;
}
$settingInfo = $info['style']['settings'][$setting['setting']];
if ($settingInfo['type'] == 'boolean') {
$selected = $setting['setting_value'] == 'false' ? l("No") : l("Yes");
$styleForm->addRadios($settingInfo['description'], $setting['setting'], array(l("Yes") => "true", l("No") => "false"), $selected, false);
} else {
$styleForm->addInput($settingInfo['description'], $setting['setting'], "text", $setting['setting_value'], false, false, false);
}
}
$styleForm->addButton("Save", true);
$settings->addObject($styleForm);
<?php
/**
* @author Jaco Ruit
*/
require '../startOrongo.php';
startOrongo('admin_index');
Security::promptAuth();
$index = new AdminFrontend();
$index->main(array("time" => time(), "page_title" => "Dashboard", "page_template" => "dashboard"));
if (isset($_GET['msg'])) {
switch ($_GET['msg']) {
case 0:
$index->addMessage(l("No Permission"), "error");
break;
case 1:
$index->addMessage(l("Invalid Query Arg"), "warning");
break;
case 2:
$index->addMessage(l("Internal Error"), "warning");
break;
}
}
$text = "<strong>Thank you for testing OrongoCMS!</strong><br/><br/>";
$text .= "<p>To check for updates go to <a href='" . orongoURL("orongo-admin/orongo-update-check.php") . "'>the update checker</a>.";
$text .= "<br/>Found bugs? Please post them <a href='" . orongoURL("orongo-admin/post-issue.php") . "'>here</a>.";
$text .= "<br/>You can find the terminal of your OrongoCMS installation <a href='" . OrongoURL("orongo-admin/terminal.php") . "'>here</a>.";
$text .= "<br/><br/>Enjoy OrongoCMS,<br/> ";
$text .= "<strong>The OrongoCMS Team</strong>";
$index->addObject(new AdminFrontendObject(100, "Info", $text, null, false));
$index->render();
if (is_dir(ADMIN . '/plugins/' . $file)) {
$xmlFile = ADMIN . '/plugins/' . $file . '/info.xml';
if (!file_exists($xmlFile)) {
continue;
}
$exists = false;
foreach (getPlugins() as $plugin) {
if ($plugin->getInfoPath() == $xmlFile) {
$exists = true;
}
}
if ($exists) {
continue;
}
if (file_exists($xmlFile)) {
$ainfo = Plugin::getAuthorInfo($xmlFile);
$manager->addItem("Not installed plugins", array(Plugin::getName($xmlFile), Plugin::getDescription($xmlFile), $ainfo['name'], '<a href="' . $ainfo['website'] . '">' . $ainfo['website'] . '</a>', "override_actions" => array("<a href='" . orongoURL("orongo-admin/plugin-install.php?xml_path=" . urlencode(str_replace(ADMIN . '/plugins', "", $xmlFile))) . "'>" . l("Install") . "</a>")), "", "");
}
} else {
continue;
}
}
}
$manage->addObject($manager);
$manage->render();
break;
default:
header("Location: " . orongoURL("orongo-admin/index.php?msg=1"));
exit;
break;
}
<?php
/**
* @author Jaco Ruit
*/
require 'startOrongo.php';
startOrongo('page');
$page = null;
if (!isset($_GET['id'])) {
header('Location: ' . orongoURL("error.php?error_code=404"));
exit;
} else {
try {
$page = new Page(mysql_escape_string($_GET['id']));
} catch (Exception $e) {
if ($e->getCode() == PAGE_NOT_EXIST) {
header('Location: ' . orongoURL("error.php?error_code=404"));
exit;
} else {
header('Location: ' . orongoURL("error.php?error_code=500"));
exit;
}
}
}
$pageFO = new PageFrontend();
$pageFO->main(array("time" => time(), "page" => &$page));
$pageFO->render();
$msgtype = "warning";
break;
case 2:
$msg = l("REG_MSG_USERNAME_TOO_SHORT");
$msgtype = "error";
break;
case 3:
$msg = l("REG_MSG_PASSWORD_TOO_SHORT");
$msgtype = "error";
break;
case 4:
$msg = l("REG_MSG_FILL_IN_USERNAME");
$msgtype = "error";
break;
default:
break;
}
}
$register = new AdminFrontend();
$register->main(array("time" => time(), "page_title" => "Register", "page_template" => "ndashboard"));
$form = new AdminFrontendForm(100, "Register", "POST", orongoURL("actions/action_Register.php"));
$form->addInput("Username", "username", "text", "", true);
$form->addInput("Password", "password", "password", "", true);
$form->addInput("Password again", "password_again", "password", "", true);
$form->addInput("Email", "email", "email", "", true);
$form->addButton("Register", true);
$register->addObject($form);
if ($msg != null) {
$register->addMessage($msg, $msgtype);
}
$register->render();
}
if (!$installed) {
header("Location: " . orongoURL("orongo-admin/manage.php?plugins"));
exit;
}
$xml = @simplexml_load_file($xmlPath);
$json = @json_encode($xml);
$info = @json_decode($json, true);
if (empty($info['plugin']['settings']) || !is_array($info['plugin']['settings'])) {
header("Location: " . orongoURL("orongo-admin/manage.php?plugins"));
exit;
}
$accessKey = $info['plugin']['access_key'];
$authKey = null;
foreach (Plugin::getAuthKeys() as $pAuthKey => $pAccessKey) {
if ($pAccessKey == $accessKey) {
$authKey = $pAuthKey;
}
}
if ($authKey == null) {
header("Location: " . orongoURL("orongo-admin/manage.php?plugins"));
exit;
}
$pSettings = Plugin::getSettings($authKey);
foreach ($pSettings as $settingName => $value) {
if (isset($_POST[$settingName]) && strval($value) != $_POST[$settingName]) {
Plugin::setSetting($authKey, $settingName, $_POST[$settingName]);
}
}
header("Location: " . orongoURL("orongo-admin/manage.php?msg=5&obj=plugins"));
exit;
header("Location: " . orongoURL("orongo-admin/create.php?msg=1&obj=page"));
exit;
break;
case "user":
if (getUser()->getRank() < RANK_ADMIN) {
header("Location: " . orongoURL("orongo-admin/index.php?msg=0"));
exit;
}
if (!isset($_POST['name']) || !isset($_POST['password']) || !isset($_POST['email']) || !isset($_POST['rank'])) {
header("Location: " . orongoURL("orongo-admin/create.php?user"));
exit;
}
if (User::usernameExists($_POST['name'])) {
header("Location: " . orongoURL("orongo-admin/create.php?msg=0&obj=user"));
exit;
}
try {
$user = User::registerUser($_POST['name'], $_POST['email'], Security::hash($_POST['password']), $_POST['rank']);
User::activateUser($user->getID());
} catch (Exception $e) {
header("Location: " . orongoURL("orongo-admin/create.php?msg=0&obj=user"));
exit;
}
header("Location: " . orongoURL("orongo-admin/create.php?msg=1&obj=user"));
exit;
break;
default:
header("Location: " . orongoURL("orongo-admin/create.php"));
exit;
break;
}
exit;
}
$name = Security::escape($_POST['username']);
$email = Security::escape($_POST['email']);
$password = Security::hash($_POST['password']);
if (User::usernameExists($name) == false) {
$user = null;
try {
$user = User::registerUser($name, $email, $password, RANK_USER);
} catch (Exception $e) {
header("Location: " . orongoURL("orongo-login.php?msg=3"));
exit;
}
$activationLink = User::generateActivationURL($user->getID());
$mail = MailFactory::generateActivationEmail($user->getName(), $activationLink);
$sendEmail = mail($user->getEmail(), $mail['subject'], $mail['message'], $mail['headers']);
if (!$sendEmail) {
header("Location: " . orongoURL("orongo-login.php?msg=3"));
exit;
}
header("Location: " . orongoURL("orongo-login.php?msg=2"));
exit;
} else {
echo $name;
header("Location:" . orongoURL("orongo-login.php?msg=1"));
exit;
}
} else {
header("Location: " . orongoURL("orongo-register.php?msg=3"));
exit;
}
$msg = l("LOGIN_MSG_INVALID_ACTIVATION_URL");
$msgtype = "warning";
break;
case 5:
$msg = l('LOGIN_MSG_ALREADY_ACTIVATED');
$msgtype = "info";
break;
case 6:
$msg = l('LOGIN_MSG_ACTIVATION_OK');
$msgtype = "success";
break;
case 7:
$msg = l("LOGIN_MSG_PROMPT_ACTIVATION");
$msgtype = "warning";
break;
default:
break;
}
}
$login = new AdminFrontend();
$login->main(array("time" => time(), "page_title" => "Login", "page_template" => "ndashboard"));
$form = new AdminFrontendForm(75, "Login", "POST", orongoURL("actions/action_Login.php"));
$form->addInput("Username", "username", "text");
$form->addInput("Password", "password", "password");
$form->addButton("Login", true);
$login->addObject($form);
$login->addObject(new AdminFrontendObject(25, "", '<h4>' . l("New here") . '</h4><p>' . l("Register text", array('<a href="' . orongoURL("orongo-register.php#") . '">', '</a>')) . '</p>'));
if ($msg != null) {
$login->addMessage($msg, $msgtype);
}
$login->render();
$js = 'window.setInterval(function() {';
$js .= 'if(getAjaxBool("' . orongoURL("ajax/isGCSet.php") . '")) window.location="' . orongoURL("orongo-admin/post-issue.php") . '"; ';
$js .= '},2000);';
getDisplay()->addJS($js, "document.ready");
if (isset($_GET['error'])) {
$postIssue->addMessage($_GET['error'], "error");
}
if (isset($_GET['msg'])) {
switch ($_GET['msg']) {
case 0:
$postIssue->addMessage(l("Issue posted"), "success");
break;
default:
break;
}
} else {
$windowJS = "var login = window.open('" . IssueTracker::getAuthSubRequestUrl(orongoURL("orongo-admin/post-issue.php")) . "');";
getDisplay()->addJS($windowJS, "document.ready");
}
$postIssue->render();
} else {
$postIssue->main(array("time" => time(), "page_title" => "Post Issue", "page_template" => "dashboard"));
$form = new AdminFrontendForm(100, "Post Issue", "POST", orongoURL("actions/action_PostIssue.php"));
$form->addInput("Issue Author", "issue_author", "text", "", true);
$form->addInput("Issue Title", "issue_title", "text", "", true);
$form->addInput("Issue Description", "issue_content", "textarea", "", true);
$form->addInput("Issue Labels", "issue_labels", "text", "");
$form->addButton("Post", true);
$postIssue->addObject($form);
$postIssue->render();
}
<?php
/**
* @author Jaco Ruit
*/
require '../startOrongo.php';
startOrongo();
if (isset($_SESSION['auth-sub-token']) || isset($_POST['issue_author']) || isset($_POST['issue_title']) || isset($_POST['issue_labels']) || isset($_POST['issue_content'])) {
$issue = new Issue($_POST['issue_title']);
$issue->setStatus("New");
$issue->setAuthor($_POST['issue_author']);
$issue->setContent($_POST['issue_content']);
if (!empty($_POST['issue_labels'])) {
$labels = explode(",", trim($_POST['issue_labels']));
foreach ($labels as &$label) {
trim($label);
}
$issue->setLabels($labels);
}
$issueTracker = new IssueTracker($_SESSION['auth-sub-token']);
unset($_SESSION['auth-sub-token']);
try {
$issueTracker->postIssue($issue);
header("Location: " . orongoURL("orongo-admin/post-issue.php?msg=0"));
} catch (Exception $e) {
header("Location: " . orongoURL("orongo-admin/post-issue.php?error=" . $e->getMessage()));
}
} else {
header("Location: " . orongoURL("orongo-admin/post-issue.php"));
}
require '../startOrongo.php';
startOrongo('admin_media');
Security::promptAuth();
if (getUser()->getRank() != RANK_ADMIN) {
header("Location: " . orongoURL("orongo-admin/index.php?msg=0"));
exit;
}
if (isset($_SERVER['QUERY_STRING'])) {
$type = $_SERVER['QUERY_STRING'];
} else {
$type = null;
}
$types = array("files", "images");
if ($type != null) {
if (!in_array($type, $types)) {
$type = null;
}
$type = strtoupper(substr($type, 0, 1)) . substr($type, 1);
$pageTitle = "Gallery";
}
if ($type == null) {
$pageTitle = "Media";
}
$media = new AdminFrontend();
$media->main(array("time" => time(), "page_title" => $pageTitle, "page_template" => "dashboard"));
$ckfinder = new CKFinder(orongoURL("lib/ckfinder/"));
if ($type != null) {
$ckfinder->ResourceType = $type;
}
$media->addObject(new AdminFrontendObject(100, l("Media Manager") . " - " . l("Powered by") . " CKFinder", $ckfinder->CreateHTML(), null, false));
$media->render();
public function doImports()
{
if (!getDisplay()->isImported(orongoURL('js/ajax.comments.js'))) {
getDisplay()->import(orongoURL('js/ajax.comments.js'));
}
}
/**
* Renders the Display
*/
public function render()
{
if ($this->rendered) {
return;
}
$this->setTemplateVariable("website_name", Settings::getWebsiteName());
$this->setTemplateVariable("website_url", Settings::getWebsiteURL());
$this->setTemplateVariable("version", "r" . REVISION);
$this->setTemplateVariable("menu", getMenu()->toHTML());
if (getUser() != null) {
$this->setTemplateVariable("user", getUser());
$on = new OrongoNotifier();
$on->start();
}
if (!$this->isImported(orongoURL('orongo-admin/theme/smoothness/jquery-ui-1.8.16.custom.css'))) {
$this->import(orongoURL('orongo-admin/theme/smoothness/jquery-ui-1.8.16.custom.css'));
}
if (!$this->isImported('https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.16/jquery-ui.min.js')) {
$this->import('https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.16/jquery-ui.min.js');
}
foreach ($this->objects as $object) {
if ($object == null) {
continue;
}
if ($object instanceof OrongoDisplayableObject == false) {
continue;
}
$this->addToTemplateVariable("body", $object->toHTML());
}
foreach ($this->imports as $import) {
$type = strrev($import);
$type = explode(".", $type);
$type = strrev($type[0]);
if (stristr($type, "?")) {
$type = explode("?", $type);
$type = $type[0];
}
switch ($type) {
case "css":
$this->addHTML('<link rel="stylesheet" href="' . $import . '" type="text/css" media="screen" />', "head");
break;
case "js":
$this->addHTML('<script type="text/javascript" src="' . $import . '"></script>', "head");
break;
default:
break;
}
}
$this->addToTemplateVariable("head", $this->head);
$this->addToTemplateVariable("body", $this->generalhtml);
foreach ($this->pluginhtml as $field => $html) {
$this->setTemplateVariable($field, $html);
}
$this->addToTemplateVariable("body", '<script type="text/javascript">' . $this->js . '</script>');
foreach ($this->tpls as $tpl) {
if (empty($tpl)) {
continue;
}
if (function_exists("getCurrentPage") && !stristr(getCurrentPage(), "admin") && !file_exists(raintpl::$tpl_dir . $tpl . ".html")) {
$msgbox = new MessageBox("Style was missing a file: " . $tpl . ".html");
die($msgbox->getImports() . $msgbox->toHTML());
}
$this->raintpl->draw($tpl);
}
$this->rendered = true;
}
<?php
/**
* @author Jaco Ruit
*/
require 'startOrongo.php';
startOrongo('error');
$errorCodes = array(400, 401, 403, 404, 500, 503);
if (!isset($_GET['error_code']) || !in_array($_GET['error_code'], $errorCodes)) {
header("Location: " . orongoURL("index.php"));
exit;
}
$articleFO = new ErrorFrontend();
$articleFO->main(array("time" => time(), "error_code" => $_GET['error_code']));
$articleFO->render();
/**
* Updates the AdminFrontendObject
*/
public function updateHTML()
{
$head = "<ul class=\"tabs\">";
$content = "<div class=\"tab_container\">";
$currentTab = 1;
foreach ($this->tabs as $name => $items) {
if (!is_array($items)) {
continue;
}
$head .= '<li><a href="#tab' . $currentTab . '">' . l($name) . '</a></li>';
$content .= '<div id="tab' . $currentTab . '" class="tab_content">';
$content .= '<table class="tablesorter" cellspacing="0"> <thead><tr> ';
if (isset($this->tabheads[$name])) {
if (is_array($this->tabheads[$name])) {
foreach ($this->tabheads[$name] as $tabhead) {
$content .= '<th>' . l($tabhead) . '</th>';
}
}
}
$content .= '</tr> </thead><tbody>';
if (is_array($items)) {
foreach ($items as $itemarray) {
$content .= '<tr>';
foreach ($itemarray as $itemname => $item) {
if (is_array($item) && $itemname == '__actions' && !isset($itemarray['override_actions'])) {
$content .= '<td>';
if (!$this->hideEditButton) {
$content .= '<a href="' . $item['edit'] . '"><input type="image" src="' . orongoURL('orongo-admin/theme/images/icn_edit.png') . '" title="Edit"></a>';
}
if (!$this->hideTrashButton) {
$content .= '<a href="' . $item['delete'] . '"><input type="image" src="' . orongoURL('orongo-admin/theme/images/icn_trash.png') . '" title="Trash"></a>';
}
$content .= '</td>';
} else {
if (is_array($item) && $itemname == 'override_actions') {
$content .= '<td>';
foreach ($item as $html) {
if (!is_string($html)) {
continue;
}
$content .= $html . " ";
}
$content .= '</td>';
} else {
$content .= '<td>' . $item . '</td>';
}
}
}
$content .= '</tr>';
}
}
$content .= '</tbody></table></div>';
$currentTab++;
}
$head .= "</ul>";
$content .= "</div>";
parent::setRawContent($content);
parent::setHeader('<h3 class="tabs_involved">' . $this->title . '</h3>' . $head);
}
if (getUser()->getRank() != RANK_ADMIN) {
header("Location: " . orongoURL("orongo-admin/index.php?msg=0"));
exit;
}
if (!isset($_POST['website_url']) || !isset($_POST['website_style']) || !isset($_POST['website_name']) || !isset($_POST['website_lang']) || !isset($_POST['show_archive'])) {
header("Location: " . orongoURL("orongo-admin/orongo-settings.php"));
exit;
}
if (Settings::getWebsiteURL() != $_POST['website_url'] && !empty($_POST['website_url'])) {
Settings::setWebsiteURL($_POST['website_url']);
}
if (Settings::getWebsiteName() != $_POST['website_name'] && !empty($_POST['website_name'])) {
Settings::setWebsiteName($_POST['website_name']);
}
if (Settings::getLanguageName() != $_POST['website_lang'] && !empty($_POST['website_lang'])) {
Settings::setLanguageName($_POST['website_lang']);
}
if (strval(Settings::showArchive()) != $_POST['show_archive'] && !empty($_POST['show_archive'])) {
Settings::setShowArchive($_POST['show_archive']);
}
if (getStyle()->getStyleFolder() != $_POST['website_style'] && file_exists(ROOT . "/themes/" . $_POST['website_style']) . "/info.xml") {
try {
Settings::setStyle($_POST['website_style']);
} catch (Exception $e) {
$msgbox = new MessageBox("Can't install style: " . $_POST['website_style']);
$msgbox->bindException($e);
die($msgbox->getImports() . $msgbox->toHTML());
}
}
header("Location: " . orongoURL("orongo-admin/orongo-settings.php?msg=0"));
exit;
$accessKey = $info['plugin']['access_key'];
$authKey = null;
foreach (Plugin::getAuthKeys() as $pAuthKey => $pAccessKey) {
if ($pAccessKey == $accessKey) {
$authKey = $pAuthKey;
}
}
if ($authKey == null) {
$settings->addMessage(l("Plugin not found"), "error");
$settings->render();
exit;
}
$settings->setTitle(l("Plugin Settings") . " (" . $pluginName . ") ", false);
//That's how you hack an auth key :P
$pSettings = Plugin::getSettings($authKey);
$settingForm = new AdminFrontendForm(100, l("Plugin Settings") . " (" . $pluginName . ") ", "POST", orongoURL("actions/action_SavePluginSettings.php?xml_path=" . $_GET['xml_path']), false);
foreach ($pSettings as $settingName => $value) {
if (!isset($info['plugin']['settings'][$settingName])) {
continue;
}
$setting = $info['plugin']['settings'][$settingName];
if ($setting['type'] == 'boolean') {
$selected = $value ? l("Yes") : l("No");
$settingForm->addRadios($setting['description'], $settingName, array(l("Yes") => "true", l("No") => "false"), $selected, false);
} else {
$settingForm->addInput($setting['description'], $settingName, "text", $value, false, false, false);
}
}
$settingForm->addButton("Save", true);
$settings->addObject($settingForm);
$settings->render();
