public function get($string)
{
$key = Text::lowercase($string);
$key = Text::replace(' ', '-', $key);
if (isset($this->db[$key])) {
return $this->db[$key];
}
return '';
}
private function build($slug)
{
// Check if directory exists for the slug
/*$path = glob($this->path.$slug, GLOB_ONLYDIR);
if(empty($path))
return false;
// Get the first element from the directories array
//$path = $path[0];
*/
$path = $this->path . $slug;
if (!is_dir($path)) {
return false;
}
// Path
$this->setField('path', $path);
// Slug
$this->setField('slug', $slug);
// Check if file exists
$file = $path . '/index.txt';
if (!file_exists($file)) {
return false;
}
$tmp = 0;
$lines = file($file);
foreach ($lines as $lineNumber => $line) {
$parts = array_map('trim', explode(':', $line, 2));
// Lowercase variable
$parts[0] = Text::lowercase($parts[0]);
if ($parts[0] === 'content') {
$tmp = $lineNumber;
break;
}
if (!empty($parts[0]) && !empty($parts[1])) {
$this->vars[$parts[0]] = $parts[1];
}
}
// Content
if ($tmp != 0) {
$tmp++;
// Next line after Content:
$output = array_slice($lines, $tmp);
// Lines after Content
$this->vars['content'] = implode($output);
}
//
}
private function build($path)
{
if (!Sanitize::pathFile($path . FILENAME)) {
return false;
}
$tmp = 0;
$lines = file($path . FILENAME);
foreach ($lines as $lineNumber => $line) {
$parts = array_map('trim', explode(':', $line, 2));
// Lowercase variable
$parts[0] = Text::lowercase($parts[0]);
// If variables is content then break the foreach and process the content after.
if ($parts[0] === 'content') {
$tmp = $lineNumber;
break;
}
if (!empty($parts[0]) && !empty($parts[1])) {
// Sanitize all fields, except Content.
$this->vars[$parts[0]] = Sanitize::html($parts[1]);
}
}
// Process the content.
if ($tmp !== 0) {
// Next line after "Content:" variable
$tmp++;
// Remove lines after Content
$output = array_slice($lines, $tmp);
if (!empty($parts[1])) {
array_unshift($output, "\n");
array_unshift($output, $parts[1]);
}
$implode = implode($output);
$this->vars['content'] = $implode;
// Sanitize content.
//$this->vars['content'] = Sanitize::html($implode);
}
}
<?php
defined('BLUDIT') or die('Bludit CMS.');
header('Content-Type: application/json');
// Type
$type = 'other';
if (!empty($_POST['type'])) {
$type = Sanitize::html($_POST['type']);
}
// Source.
$source = $_FILES['files']['tmp_name'][0];
// Filename and extension.
$filename = Text::lowercase($_FILES['files']['name'][0]);
$fileExtension = pathinfo($filename, PATHINFO_EXTENSION);
$filename = pathinfo($filename, PATHINFO_FILENAME);
$filename = Text::replace(' ', '', $filename);
$filename = Text::replace('_', '', $filename);
// Generate the next filename if the filename already exist.
$tmpName = $filename . '.' . $fileExtension;
if (file_exists(PATH_UPLOADS . $tmpName)) {
$number = 0;
$tmpName = $filename . '_' . $number . '.' . $fileExtension;
while (file_exists(PATH_UPLOADS . $tmpName)) {
$number++;
$tmpName = $filename . '_' . $number . '.' . $fileExtension;
}
}
// Move from temporary PHP folder to temporary Bludit folder.
move_uploaded_file($source, PATH_TMP . 'original' . '.' . $fileExtension);
// --- PROFILE PICTURE ---
if ($type == 'profilePicture') {
/**
* Get components
*/
protected static function getComponents()
{
$components = array();
if (count(Plugin::$components) > 0) {
foreach (Plugin::$components as $component) {
if (!in_array($component, Sitemap::$forbidden_components)) {
$components[] = Text::lowercase($component);
}
}
}
return $components;
}
/**
* Create safe name. Use to create safe username, filename, pagename.
*
* <code>
* $safe_name = Security::safeName('hello world');
* </code>
*
* @param string $str String
* @param mixed $delimiter String delimiter
* @param boolean $lowercase String Lowercase
* @return string
*/
public static function safeName($str, $delimiter = '-', $lowercase = false)
{
// Redefine vars
$str = (string) $str;
$delimiter = $delimiter;
$lowercase = (bool) $lowercase;
$delimiter = $delimiter;
// Remove tags
$str = filter_var($str, FILTER_SANITIZE_STRING);
// Decode all entities to their simpler forms
$str = html_entity_decode($str, ENT_QUOTES, 'UTF-8');
// Reserved characters (RFC 3986)
$reserved_characters = array('/', '?', ':', '@', '#', '[', ']', '!', '$', '&', '\'', '(', ')', '*', '+', ',', ';', '=');
// Remove reserved characters
$str = str_replace($reserved_characters, ' ', $str);
// Set locale to en_US.UTF8
setlocale(LC_ALL, 'en_US.UTF8');
// Translit ua,ru => latin
$str = Text::translitIt($str);
// Convert string
$str = iconv('UTF-8', 'ASCII//TRANSLIT', $str);
// Remove characters
$str = preg_replace("/[^a-zA-Z0-9\\/_|+ -]/", '', $str);
if ($delimiter != null) {
$str = preg_replace("/[\\/_|+ -]+/", $delimiter, $str);
$str = trim($str, $delimiter);
}
// Lowercase
if ($lowercase === true) {
$str = Text::lowercase($str);
}
// Return safe name
return $str;
}
/**
* Get components
*/
protected static function getComponents()
{
$components = array();
if (count(Plugin::$components) > 0) {
foreach (Plugin::$components as $component) {
if ($component !== 'pages' && $component !== 'sitemap') {
$components[] = Text::lowercase($component);
}
}
}
return $components;
}
<td>
<div class="pull-right">
<?php
if (File::exists(PLUGINS . DS . basename($plug['plugin'], '.manifest.xml') . DS . 'README.md')) {
?>
<?php
echo Html::anchor(__('Info', 'plugins'), '#', array('class' => 'btn btn-info readme_plugin', 'data-toggle' => 'modal', 'data-target' => '#readme', 'readme_plugin' => basename($plug['plugin'], '.manifest.xml')));
?>
<?php
}
?>
<?php
echo Html::anchor(__('Install', 'plugins'), 'index.php?id=plugins&install=' . $plug['plugin'] . '&token=' . Security::token(), array('class' => 'btn btn-primary'));
?>
<?php
echo Html::anchor(__('Delete', 'plugins'), 'index.php?id=plugins&delete_plugin_from_server=' . Text::lowercase(basename($plug['path'], '.manifest.xml')) . '&token=' . Security::token(), array('class' => 'btn btn-danger', 'onclick' => "return confirmDelete('" . __('Delete plugin :plugin', 'plugins', array(':plugin' => $plugin_xml->plugin_name)) . "')"));
?>
</div>
</td>
</tr>
<?php
}
?>
</tbody>
</table>
</div>
<?php
if (strtoupper(substr(PHP_OS, 0, 3)) !== 'WIN') {
?>
<div class="row">
/**
* Plugins admin
*/
public static function main()
{
// Get siteurl
$site_url = Option::get('siteurl');
// Get installed plugin from $plugins array
$installed_plugins = Plugin::$plugins;
// Get installed users plugins
$_users_plugins = array();
foreach (Plugin::$plugins as $plugin) {
if ($plugin['privilege'] !== 'box') {
$_users_plugins[] = $plugin['id'];
}
}
// Get plugins table
$plugins = new Table('plugins');
// Delete plugin
// -------------------------------------
if (Request::get('delete_plugin')) {
if (Security::check(Request::get('token'))) {
// Nobody cant remove box plugins
if ($installed_plugins[Text::lowercase(str_replace("Plugin", "", Request::get('delete_plugin')))]['privilege'] !== 'box') {
// Run plugin uninstaller file
$plugin_name = Request::get('delete_plugin');
if (File::exists(PLUGINS . DS . $plugin_name . DS . 'install' . DS . $plugin_name . '.uninstall.php')) {
include PLUGINS . DS . $plugin_name . DS . 'install' . DS . $plugin_name . '.uninstall.php';
}
// Clean Monstra TMP folder.
Monstra::cleanTmp();
// Increment Styles and Javascript version
Stylesheet::stylesVersionIncrement();
Javascript::javascriptVersionIncrement();
// Delete plugin form plugins table
$plugins->deleteWhere('[name="' . Request::get('delete_plugin') . '"]');
// Redirect
Request::redirect('index.php?id=plugins');
}
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
// Install new plugin
// -------------------------------------
if (Request::get('install')) {
if (Security::check(Request::get('token'))) {
// Load plugin install xml file
$plugin_xml = XML::loadFile(PLUGINS . DS . basename(Text::lowercase(Request::get('install')), '.manifest.xml') . DS . 'install' . DS . Request::get('install'));
// Add plugin to plugins table
$plugins->insert(array('name' => basename(Request::get('install'), '.manifest.xml'), 'location' => (string) $plugin_xml->plugin_location, 'status' => (string) $plugin_xml->plugin_status, 'priority' => (int) $plugin_xml->plugin_priority));
// Clean Monstra TMP folder.
Monstra::cleanTmp();
Stylesheet::stylesVersionIncrement();
Javascript::javascriptVersionIncrement();
// Run plugin installer file
$plugin_name = str_replace(array("Plugin", ".manifest.xml"), "", Request::get('install'));
if (File::exists(PLUGINS . DS . basename(Text::lowercase(Request::get('install')), '.manifest.xml') . DS . 'install' . DS . $plugin_name . '.install.php')) {
include PLUGINS . DS . basename(Text::lowercase(Request::get('install')), '.manifest.xml') . DS . 'install' . DS . $plugin_name . '.install.php';
}
Request::redirect('index.php?id=plugins');
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
// Delete plugin from server
// -------------------------------------
if (Request::get('delete_plugin_from_server')) {
if (Security::check(Request::get('token'))) {
// Clean Monstra TMP folder.
Monstra::cleanTmp();
Stylesheet::stylesVersionIncrement();
Javascript::javascriptVersionIncrement();
Dir::delete(PLUGINS . DS . basename(Request::get('delete_plugin_from_server'), '.manifest.xml'));
Request::redirect('index.php?id=plugins');
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
// Upload & extract plugin archive
// -------------------------------------
if (Request::post('upload_file')) {
if (Security::check(Request::post('csrf'))) {
if ($_FILES['file']) {
if (in_array(File::ext($_FILES['file']['name']), array('zip'))) {
$tmp_dir = ROOT . DS . 'tmp' . DS . uniqid('plugin_');
$error = 'Plugin was not uploaded';
if (Dir::create($tmp_dir)) {
$file_locations = Zip::factory()->extract($_FILES['file']['tmp_name'], $tmp_dir);
if (!empty($file_locations)) {
$manifest = '';
foreach ($file_locations as $filepath) {
if (substr($filepath, -strlen('.manifest.xml')) === '.manifest.xml') {
$manifest = $filepath;
break;
}
}
if (!empty($manifest) && basename(dirname($manifest)) === 'install') {
$manifest_file = pathinfo($manifest, PATHINFO_BASENAME);
$plugin_name = str_replace('.manifest.xml', '', $manifest_file);
if (Dir::create(PLUGINS . DS . $plugin_name)) {
$tmp_plugin_dir = dirname(dirname($manifest));
Dir::copy($tmp_plugin_dir, PLUGINS . DS . $plugin_name);
Notification::set('success', __('Plugin was uploaded', 'plugins'));
$error = false;
}
}
}
} else {
$error = 'System error';
}
} else {
$error = 'Forbidden plugin file type';
}
} else {
$error = 'Plugin was not uploaded';
}
if ($error) {
Notification::set('error', __($error, 'plugins'));
}
if (Request::post('dragndrop')) {
Request::shutdown();
} else {
Request::redirect($site_url . '/admin/index.php?id=plugins#installnew');
}
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
// Installed plugins
$plugins_installed = array();
// New plugins
$plugins_new = array();
// Plugins to install
$plugins_to_intall = array();
// Scan plugins directory for .manifest.xml
$plugins_new = File::scan(PLUGINS, '.manifest.xml');
// Get installed plugins from plugins table
$plugins_installed = $plugins->select(null, 'all', null, array('location', 'priority'), 'priority', 'ASC');
// Update $plugins_installed array. extract plugins names
foreach ($plugins_installed as $plg) {
$_plg[] = basename($plg['location'], 'plugin.php') . 'manifest.xml';
}
// Diff
$plugins_to_install = array_diff($plugins_new, $_plg);
// Create array of plugins to install
$count = 0;
foreach ($plugins_to_install as $plugin) {
$plg_path = PLUGINS . DS . Text::lowercase(basename($plugin, '.manifest.xml')) . DS . 'install' . DS . $plugin;
if (file_exists($plg_path)) {
$plugins_to_intall[$count]['path'] = $plg_path;
$plugins_to_intall[$count]['plugin'] = $plugin;
$count++;
}
}
// Draw template
View::factory('box/plugins/views/backend/index')->assign('installed_plugins', $installed_plugins)->assign('plugins_to_intall', $plugins_to_intall)->assign('_users_plugins', $_users_plugins)->assign('fileuploader', array('uploadUrl' => $site_url . '/admin/index.php?id=plugins', 'csrf' => Security::token(), 'errorMsg' => __('Upload server error', 'filesmanager')))->display();
}