public static function scan($path, $recursive = true, $excludeDir = true) { $path = self::formatPath($path); $dh = opendir($path); if (!$dh) { return []; } $files = []; while (false !== ($file = readdir($dh))) { if ($file == '.' || $file == '..') { continue; } $fileType = filetype($path . $file); if ('file' == $fileType) { $files[] = $path . $file; } if ('dir' == $fileType) { if (true === $recursive) { $innerFiles = Dir::scan($path . $file . '/', $recursive, $excludeDir); $files = Arr::join($files, $innerFiles); } if (false === $excludeDir) { $files[] = $path . $file . '/'; } } } closedir($dh); return $files; }
/** * Get Admin Themes */ public static function getSiteThemes() { $themes_folders = array(); // Get all themes folders $_themes_folders = Dir::scan(THEMES_SITE); // Create an array of valid themes folders foreach ($_themes_folders as $folder) { if (File::exists(THEMES_SITE . DS . $folder . DS . 'index.template.php')) { $__themes_folders[] = $folder; } } foreach ($__themes_folders as $theme) { $themes[$theme] = $theme; } return $themes; }
/** * System plugin admin */ public static function main() { if (Session::exists('user_role') && in_array(Session::get('user_role'), array('admin'))) { $filters = Filter::$filters; $plugins = Plugin::$plugins; $components = Plugin::$components; $actions = Action::$actions; // Get pages table $pages = new Table('pages'); // Get system timezone $system_timezone = Option::get('timezone'); // Get languages files $language_files = File::scan(PLUGINS_BOX . DS . 'system' . DS . 'languages' . DS, '.lang.php'); foreach ($language_files as $language) { $parts = explode('.', $language); $languages_array[$parts[0]] = I18n::$locales[$parts[0]]; } // Get all pages $pages_array = array(); $pages_list = $pages->select('[slug!="error404" and parent="" and status="published"]'); foreach ($pages_list as $page) { $pages_array[$page['slug']] = Html::toText($page['title']); } // Create Sitemap // ------------------------------------- if (Request::get('sitemap') == 'create') { if (Security::check(Request::get('token'))) { Notification::set('success', __('Sitemap created', 'system')); Sitemap::create(); Request::redirect('index.php?id=system'); } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); } } // Delete temporary files // ------------------------------------- if (Request::get('temporary_files') == 'delete') { if (Security::check(Request::get('token'))) { Monstra::cleanTmp(); if (count(File::scan(MINIFY, array('css', 'js', 'php'))) == 0 && count(Dir::scan(CACHE)) == 0) { Notification::set('success', __('Temporary files deleted', 'system')); Request::redirect('index.php?id=system'); } } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); } } // Set maintenance state on or off // ------------------------------------- if (Request::get('maintenance')) { if (Security::check(Request::get('token'))) { if ('on' == Request::get('maintenance')) { Option::update('maintenance_status', 'on'); Request::redirect('index.php?id=system'); } if ('off' == Request::get('maintenance')) { Option::update('maintenance_status', 'off'); Request::redirect('index.php?id=system'); } } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); } } // Edit settings // ------------------------------------- if (Request::post('edit_settings')) { if (Security::check(Request::post('csrf'))) { // Add trailing slashes $_site_url = Request::post('system_url'); Option::update(array('sitename' => Request::post('site_name'), 'keywords' => Request::post('site_keywords'), 'description' => Request::post('site_description'), 'slogan' => Request::post('site_slogan'), 'defaultpage' => Request::post('site_default_page'), 'siteurl' => $_site_url, 'timezone' => Request::post('system_timezone'), 'system_email' => Request::post('system_email'), 'language' => Request::post('system_language'), 'maintenance_message' => Request::post('site_maintenance_message'))); Notification::set('success', __('Your changes have been saved.', 'system')); Request::redirect('index.php?id=system'); } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); } } // Its mean that you can add your own actions for this plugin Action::run('admin_system_extra_actions'); // Display view View::factory('box/system/views/backend/index')->assign('pages_array', $pages_array)->assign('languages_array', $languages_array)->display(); } else { Request::redirect('index.php?id=users&action=edit&user_id=' . Session::get('user_id')); } }
/** * Clean Monstra TMP folder. */ public static function cleanTmp() { // Cleanup minify if (count($files = File::scan(MINIFY, array('css', 'js', 'php'))) > 0) { foreach ($files as $file) { File::delete(MINIFY . DS . $file); } } // Cleanup cache if (count($namespaces = Dir::scan(CACHE)) > 0) { foreach ($namespaces as $namespace) { Dir::delete(CACHE . DS . $namespace); } } }
<?php defined('PANEL_ACCESS') or die('No direct script access.'); // new panel $p = new Panel(); /* = Sections --------------------------------------------*/ /* * @name Dashboard | login * @desc if session user get Dashboard * @desc if not redirecto to login page */ $p->route('/', function () use($p) { if (Session::exists('user')) { // show dashboard $p->view('index', ['title' => $p::$lang['Dashboard'], 'pages' => count(File::scan(ROOTBASE . DS . 'storage' . DS . 'pages', 'md')), 'images' => count(File::scan(ROOTBASE . DS . 'public' . DS . 'images')), 'uploads' => count(File::scan(ROOTBASE . DS . 'public' . DS . 'uploads')), 'blocks' => count(File::scan(ROOTBASE . DS . 'storage' . DS . 'blocks', 'md')), 'themes' => count(Dir::scan(ROOTBASE . DS . 'themes' . DS)), 'plugins' => count(Dir::scan(ROOTBASE . DS . 'plugins' . DS))]); } else { // empty error $error = ''; if (Request::post('login')) { if (Request::post('csrf')) { if (Request::post('pass') == $p::$site['backend_password'] && Request::post('email') == $p::$site['autor']['email']) { @Session::start(); Session::set('user', uniqid('morfy_user')); Request::redirect($p::$site['url'] . '/' . $p::$site['backend_folder']); } else { // password not correct show error $error = '<span class="login-error error">' . $p::$lang['Password_Error'] . '</span>'; } } else { // crsf
} if (Dir::exists(CACHE_PATH . '/fenom/')) { Dir::delete(CACHE_PATH . '/fenom/'); } Request::redirect(Url::getBase()); } else { die('crsf detect !'); } } // logout if (Request::post('access_logout')) { Session::delete(Config::get('plugins.edit.name') . '_user'); Request::redirect(Url::getCurrent()); } // show template $template->display('admin.tpl', ['title' => $name, 'content' => $page, 'current' => $url, 'directory' => Dir::scan(STORAGE_PATH . '/pages')]); } else { // login if (Request::post('access_login')) { if (Request::post('token')) { if (sha1(md5(Request::post('password'))) == $password && Request::post('email') == $user) { @Session::start(); Session::set(Config::get('plugins.edit.name') . '_user', $hash); // show admin template Request::redirect(Url::getCurrent()); } else { // password not correct show error $template->display('partials/error.tpl', ['title' => 'Access Error', 'content' => Config::get('plugins.edit.errorPassword')]); } } else { // crsf
if (Session::exists('user')) { // show Diagnostic $p->view('diag', array('title' => 'Diagnostic')); } }); /* DASHBOARD -----------------------------*/ /* * @name Dashboard | login * @desc if session user get Dashboard * @desc if not redirecto to login page */ $p->route('/', function () use($p) { if (Session::exists('user')) { // show dashboard $p->view('index', array('title' => $p::$lang['Dashboard'], 'pages' => count(File::scan(PAGES, 'md')), 'media' => count(File::scan(MEDIA . '/album_thumbs')), 'uploads' => count(File::scan(UPLOADS)), 'blocks' => count(File::scan(BLOCKS, 'md')), 'themes' => count(Dir::scan(ROOTBASE . '/themes')), 'plugins' => count(Dir::scan(ROOTBASE . '/plugins')))); } else { // empty error $error = ''; if (Request::post('login')) { if (Request::post('csrf')) { if (Request::post('pass') == $p::$site['backend_password'] && Request::post('email') == $p::$site['author']['email']) { @Session::start(); Session::set('user', uniqid('morfy_user')); Request::redirect($p::$site['url'] . '/' . $p::$site['backend_folder']); } else { // password not correct show error $error = '<span class="well red">' . $p::$lang['Password_Error'] . '</span>'; } } else { // crsf
/** * main events admin function */ public static function main() { $path = ROOT . DS . 'public' . DS . 'uploads' . DS; // Request: add event if (Request::post('add_event')) { if (Security::check(Request::post('csrf'))) { if (EventsRepository::insert(EventsAdmin::_getEventData())) { Notification::set('success', __('Event was added with success!', 'events')); } else { Notification::set('error', __('Table->insert() returned an error. Event could not be saved.', 'events')); } Request::redirect('index.php?id=events#events/' . EventsRepository::getStatus(EventsRepository::getLastId()) . '-events'); } else { Notification::set('error', __('Request was denied. Invalid security token. Please refresh the page and try again.', 'events')); die; } } // Request: edit event if (Request::post('edit_event')) { if (Security::check(Request::post('csrf'))) { $id = (int) Request::post('edit_event'); if (EventsRepository::update($id, EventsAdmin::_getEventData())) { Notification::set('success', __('Event was updated with success!', 'events')); } else { Notification::set('error', __('Table->update() returned an error. Event could not be saved.', 'events')); } Request::redirect('index.php?id=events#events/' . EventsRepository::getStatus($id) . '-events'); } else { Notification::set('error', __('Request was denied. Invalid security token. Please refresh the page and try again.', 'events')); die; } } // Request: restore event if (Request::post('restore_trash_event')) { if (Security::check(Request::post('csrf'))) { $id = (int) Request::post('restore_trash_event'); if (EventsRepository::update($id, array('deleted' => 0))) { Notification::set('success', __('Event has been restored from trash with success!', 'events')); } else { Notification::set('error', __('Table->update() returned an error. Event could not be restored.', 'events')); } Request::redirect('index.php?id=events#trash/trash-events'); } else { Notification::set('error', __('Request was denied. Invalid security token. Please refresh the page and try again.', 'events')); die; } } // Request: delete event if (Request::post('delete_event')) { if (Security::check(Request::post('csrf'))) { $id = (int) Request::post('delete_event'); if (EventsRepository::update($id, array('deleted' => 1))) { Notification::set('success', __('Event has been moved to trash with success!', 'events')); } else { Notification::set('error', __('Table->update() returned an error. Event could not be deleted.', 'events')); } $record = EventsRepository::getById($id); Request::redirect('index.php?id=events#events/' . EventsRepository::getStatus($id) . '-events'); } else { Notification::set('error', __('Request was denied. Invalid security token. Please refresh the page and try again.', 'events')); die; } } // Request: delete trash event if (Request::post('delete_trash_event')) { if (Security::check(Request::post('csrf'))) { $id = (int) Request::post('delete_trash_event'); if (EventsRepository::delete($id)) { Notification::set('success', __('Event has been deleted permanently with success!', 'events')); } else { Notification::set('error', __('Table->delete() returned an error. Event could not be deleted.', 'events')); } Request::redirect('index.php?id=events#trash/trash-events'); } else { Notification::set('error', __('Request was denied. Invalid security token. Please refresh the page and try again.', 'events')); die; } } // Request: update event status ['published','draft'] if (Request::get('eventaction') and Request::get('eventaction') == 'update_status') { if (Security::check(Request::get('token'))) { $id = (int) Request::get('event_id'); if (EventsRepository::update($id, array('status' => Request::get('status')))) { Notification::set('success', __('Event status has been updated with success!', 'events')); } else { Notification::set('error', __('Table->update() returned an error. Event status could not be updated.', 'events')); } Request::redirect('index.php?id=events#events/' . EventsRepository::getStatus($id) . '-events'); } else { Notification::set('error', __('Request was denied. Invalid security token. Please refresh the page and try again.', 'events')); die; } } // Request: add category if (Request::post('add_category')) { if (Security::check(Request::post('csrf'))) { if (CategoriesRepository::insert(EventsAdmin::_getCategoryData())) { Notification::set('success', __('Category was added with success!', 'events')); } else { Notification::set('error', __('Table->insert() returned an error. Category could not be saved.', 'events')); } Request::redirect('index.php?id=events#categories'); } else { Notification::set('error', __('Request was denied. Invalid security token. Please refresh the page and try again.', 'events')); die; } } // Request: edit category if (Request::post('edit_category')) { if (Security::check(Request::post('csrf'))) { $id = (int) Request::post('edit_category'); if (CategoriesRepository::update($id, EventsAdmin::_getCategoryData())) { Notification::set('success', __('Category was updated with success!', 'events')); } else { Notification::set('error', __('Table->update() returned an error. Category could not be saved.', 'events')); } Request::redirect('index.php?id=events#categories'); } else { Notification::set('error', __('Request was denied. Invalid security token. Please refresh the page and try again.', 'events')); die; } } // Request: restore category if (Request::post('restore_trash_category')) { if (Security::check(Request::post('csrf'))) { $id = (int) Request::post('restore_trash_category'); if (CategoriesRepository::update($id, array('deleted' => 0))) { Notification::set('success', __('Category has been restored from trash with success!', 'events')); } else { Notification::set('error', __('Table->update() returned an error. Category could not be restored.', 'events')); } Request::redirect('index.php?id=events#trash/trash-categories'); } else { Notification::set('error', __('Request was denied. Invalid security token. Please refresh the page and try again.', 'events')); die; } } // Request: delete category if (Request::post('delete_category')) { if (Security::check(Request::post('csrf'))) { $id = (int) Request::post('delete_category'); if (!CategoriesRepository::hasEvents($id)) { if (CategoriesRepository::update($id, array('deleted' => 1))) { Notification::set('success', __('Category has been moved to trash with success!', 'events')); } else { Notification::set('error', __('Table->update() returned an error. Category could not be deleted.', 'events')); } } else { Notification::set('error', __('Deletion failed. This category is assigned to at least one event. Remove this category from every event to delete it.', 'events')); } Request::redirect('index.php?id=events#categories'); } else { Notification::set('error', __('Request was denied. Invalid security token. Please refresh the page and try again.', 'events')); die; } } // Request: delete trash category if (Request::post('delete_trash_category')) { if (Security::check(Request::post('csrf'))) { $id = (int) Request::post('delete_trash_category'); if (CategoriesRepository::delete($id)) { Notification::set('success', __('Category has been deleted permanently with success!', 'events')); } else { Notification::set('error', __('Table->delete() returned an error. Category could not be deleted.', 'events')); } Request::redirect('index.php?id=events#trash/trash-categories'); } else { Notification::set('error', __('Request was denied. Invalid security token. Please refresh the page and try again.', 'events')); die; } } // Request: add location if (Request::post('add_location')) { if (Security::check(Request::post('csrf'))) { if (LocationsRepository::insert(EventsAdmin::_getLocationData())) { Notification::set('success', __('Location was added with success!', 'events')); } else { Notification::set('error', __('Table->insert() returned an error. Location could not be saved.', 'events')); } Request::redirect('index.php?id=events#locations'); } else { Notification::set('error', __('Request was denied. Invalid security token. Please refresh the page and try again.', 'events')); die; } } // Request: edit location if (Request::post('edit_location')) { if (Security::check(Request::post('csrf'))) { $id = (int) Request::post('edit_location'); if (LocationsRepository::update($id, EventsAdmin::_getLocationData())) { Notification::set('success', __('Location was updated with success!', 'events')); } else { Notification::set('error', __('Table->update() returned an error. Location could not be saved.', 'events')); } Request::redirect('index.php?id=events#locations'); } else { Notification::set('error', __('Request was denied. Invalid security token. Please refresh the page and try again.', 'events')); die; } } // Request: restore location if (Request::post('restore_trash_location')) { if (Security::check(Request::post('csrf'))) { $id = (int) Request::post('restore_trash_location'); if (LocationsRepository::update($id, array('deleted' => 0))) { Notification::set('success', __('Location has been restored from trash with success!', 'events')); } else { Notification::set('error', __('Table->update() returned an error. Location could not be restored.', 'events')); } Request::redirect('index.php?id=events#trash/trash-locations'); } else { Notification::set('error', __('Request was denied. Invalid security token. Please refresh the page and try again.', 'events')); die; } } // Request: delete location if (Request::post('delete_location')) { if (Security::check(Request::post('csrf'))) { $id = (int) Request::post('delete_location'); if (!LocationsRepository::hasEvents($id)) { if (LocationsRepository::update($id, array('deleted' => 1))) { Notification::set('success', __('Location has been moved to trash with success!', 'events')); } else { Notification::set('error', __('Table->update() returned an error. Location could not be deleted.', 'events')); } } else { Notification::set('error', __('Deletion failed. This location is assigned to at least one event. Remove this location from every event to delete it.', 'events')); } Request::redirect('index.php?id=events#locations'); } else { Notification::set('error', __('Request was denied. Invalid security token. Please refresh the page and try again.', 'events')); die; } } // Request: delete trash location if (Request::post('delete_trash_location')) { if (Security::check(Request::post('csrf'))) { $id = (int) Request::post('delete_trash_location'); if (LocationsRepository::delete($id)) { Notification::set('success', __('Location has been deleted permanently with success!', 'events')); } else { Notification::set('error', __('Table->delete() returned an error. Location could not be deleted.', 'events')); } Request::redirect('index.php?id=events#trash/trash-locations'); } else { Notification::set('error', __('Request was denied. Invalid security token. Please refresh the page and try again.', 'events')); die; } } // get upload directories $directory_list = Dir::scan($path); $directories = array(DS => DS); if (!empty($directory_list)) { foreach ($directory_list as $directory_name) { $directories[$directory_name] = DS . $directory_name; } ksort($directories); } // Get files $file_list = File::scan($path . Option::get('events_image_directory')); $files = array('' => ''); if (!empty($file_list)) { foreach ($file_list as $file_name) { $files[$file_name] = $file_name; } ksort($files); } if (Request::get('action')) { switch (Request::get('action')) { // Request: configuration case "configuration": // Request: options if (Request::post('events_options_update') or Request::post('events_options_update_and_exit')) { if (Security::check(Request::post('csrf'))) { Option::update('events_image_directory', (string) Request::post('events_image_directory')); Option::update('events_placeholder_archive', (string) Request::post('events_placeholder_archive')); Notification::set('success', __('Configuration has been saved with success!', 'events')); Request::redirect('index.php?id=events' . (Request::post('events_options_update') ? '&action=configuration' : '')); } else { Notification::set('error', __('Request was denied. Invalid security token. Please refresh the page and try again.', 'events')); die; } } // Request: action: resize images if (Request::post('events_action_resize_images') or Request::post('events_action_resize_images_and_exit')) { if (Security::check(Request::post('csrf'))) { $n = 0; $size = (int) Request::post('events_action_resize_size'); $image_dir = $path . Option::get('events_image_directory'); $image_dir_res = $path . Option::get('events_image_directory') . DS . 'resized'; $images = File::scan($image_dir); if (!empty($images)) { // create 'resized' directory if not exists if (!Dir::exists($image_dir_res)) { Dir::create($image_dir_res); } foreach ($images as $file_name) { if (File::exists($image_dir_res . DS . $file_name)) { if (Request::post('events_action_resize_overwrite')) { File::delete($image_dir_res . DS . $file_name); } else { continue; } } list($width, $height) = getimagesize($image_dir . DS . $file_name); $image_orientation = $width > $height ? Image::HEIGHT : Image::WIDTH; Image::factory($image_dir . DS . $file_name)->resize($size, $size, $image_orientation)->save($image_dir_res . DS . $file_name); $n++; } Notification::set('success', __($n . ' images have been resized and saved with success!', 'events')); } else { Notification::set('error', __('There are no images to resize in configured image directory.', 'events')); } Request::redirect('index.php?id=events' . (Request::post('events_action_resize_images') ? '&action=configuration' : '')); } else { Notification::set('error', __('Request was denied. Invalid security token. Please refresh the page and try again.', 'events')); die; } } // Display configuration view View::factory('events/views/backend/configuration')->assign('directories', $directories)->display(); break; // Request: statistics // Request: statistics case "stats": // category-events $categories = CategoriesRepository::getAll(); $categories_active = CategoriesRepository::getActive(); $categories_data = array(); foreach ($categories_active as $c) { $categories_data[$c['id']] = array('title' => '"' . $c['title'] . '"', 'color' => '"#' . $c['color'] . '"', 'highlight' => '"' . EventsAdmin::adjustBrightness('#' . $c['color'], 25) . '"', 'count' => $categories[$c['id']]['count']); } // location-events $locations = LocationsRepository::getAll(); $locations_active = LocationsRepository::getActive(); $locations_data = array(); foreach ($locations_active as $l) { $locations_data[$l['id']] = array('title' => '"' . $l['title'] . '"', 'count' => $locations[$l['id']]['count']); } $locations_data = EventsAdmin::_sortArrayByFields($locations_data, array('count' => SORT_DESC, 'title' => array(SORT_ASC, SORT_STRING))); // year-events and year-visitors $years_data = array(); $categories_years_events = array(); foreach (EventsRepository::getYearEvents() as $year => $events) { $years_data[$year] = array('number_events' => count($events), 'number_visitors' => array_sum(array_column($events, 'number_visitors'))); foreach ($events as $event) { $categories_years_events[$event['category']][$year][] = $event; } } $categories_years_data = array(); $categories_years_visitors = array(); foreach ($categories_years_events as $category => $years) { foreach ($years as $year => $events) { foreach ($years_data as $total_year => $total_count) { if ($year == $total_year) { $categories_years_data[$category][$year] = count($events); $categories_years_visitors[$category][$year] = array_sum(array_column($events, 'number_visitors')); } else { if (array_key_exists($total_year, $categories_years_data[$category])) { $categories_years_data[$category][$year] = count($events); $categories_years_visitors[$category][$year] = array_sum(array_column($events, 'number_visitors')); } else { $categories_years_data[$category][$total_year] = 0; $categories_years_visitors[$category][$total_year] = 0; } } } } } // locations $locations_list = array(); $coordinates = array(); $longitudes = array(); $latitudes = array(); // get location data ready to use with OSM JavaScript foreach (LocationsRepository::getActive() as $location) { if ($location['address']) { $locations_list[] = '"' . $location['address'] . '"'; $coordinates[] = $location['lon'] . ',' . $location['lat']; $longitudes[] = $location['lon']; $latitudes[] = $location['lat']; } } // calculate map center $longitudes = EventsAdmin::_removeOutliers($longitudes, 0.5); $latitudes = EventsAdmin::_removeOutliers($latitudes, 0.5); $coordinates_average = array('lon' => array_sum($longitudes) / count($longitudes), 'lat' => array_sum($latitudes) / count($latitudes)); // event visitors and staff $participants = array(); $events = EventsRepository::getVisitorsAndStaff(); foreach ($events as $event) { if (!CategoriesRepository::hiddenInArchive($event['category'])) { $participants[$event['category']][] = array('title' => $event['title'], 'visitors' => (int) $event['number_visitors'], 'staff' => (int) $event['number_staff']); } } // Display statistics view View::factory('events/views/backend/statistics')->assign('categories', $categories)->assign('categories_active', $categories_active)->assign('categories_data', $categories_data)->assign('locations', $locations)->assign('locations_active', $locations_active)->assign('locations_data', $locations_data)->assign('years_data', $years_data)->assign('categories_years_data', $categories_years_data)->assign('categories_years_visitors', $categories_years_visitors)->assign('coordinates', $coordinates)->assign('coordinates_average', $coordinates_average)->assign('participants', $participants)->display(); break; } } else { // Display index view View::factory('events/views/backend/index')->assign('categories', CategoriesRepository::getAll())->assign('categories_active', CategoriesRepository::getActive())->assign('categories_select', CategoriesRepository::getActiveForSelect())->assign('categories_deleted', CategoriesRepository::getDeleted())->assign('locations', LocationsRepository::getAll())->assign('locations_active', LocationsRepository::getActive())->assign('locations_select', LocationsRepository::getActiveForSelect())->assign('locations_deleted', LocationsRepository::getDeleted())->assign('events_active', EventsRepository::getActive())->assign('events_upcoming', EventsRepository::getUpcoming())->assign('events_past', EventsRepository::getPast())->assign('events_draft', EventsRepository::getDraft())->assign('events_deleted', EventsRepository::getDeleted())->assign('imagepath', DS . 'public' . DS . 'uploads' . DS . Option::get('events_image_directory') . DS)->assign('files', $files)->display(); } }