Esempio n. 1
0
 public function index()
 {
     /*
     UserCake (Via CupCake) Version: 2.0.2
     http://usercake.com
     */
     global $baseURL;
     require_once "{$baseURL}/application/third_party/user_cake/models/config.php";
     if (!securePage($_SERVER['PHP_SELF'])) {
         die;
     }
     $pages = getPageFiles();
     //Retrieve list of pages in root usercake folder
     $dbpages = fetchAllPages();
     //Retrieve list of pages in pages table
     $creations = array();
     $deletions = array();
     //Check if any pages exist which are not in DB
     foreach ($pages as $page) {
         if (!isset($dbpages[str_replace(".php", "", $page)])) {
             $creations[] = str_replace(".php", "", $page);
         }
     }
     //Enter new pages in DB if found
     if (count($creations) > 0) {
         createPages($creations);
     }
     if (count($dbpages) > 0) {
         //Check if DB contains pages that don't exist
         foreach ($dbpages as $page) {
             if (!isset($pages[$page['page'] . '.php'])) {
                 $deletions[] = $page['id'];
             }
         }
     }
     //Delete pages from DB if not found
     if (count($deletions) > 0) {
         deletePages($deletions);
     }
     //Update DB pages
     $dbpages = fetchAllPages();
     require_once "{$baseURL}/application/third_party/user_cake/models/header.php";
     echo "\r\n<body>\r\n<div id='wrapper'>\r\n<div id='top'><div id='logo'></div></div>\r\n<div id='content'>\r\n<h1>UserCake (Via CupCake)</h1>\r\n<h2>Admin Pages</h2>\r\n<div id='left-nav'>";
     include "{$baseURL}/application/third_party/user_cake/left-nav.php";
     echo "\r\n</div>\r\n<div id='main'>\r\n<form name='adminPages' action='" . $_SERVER['PHP_SELF'] . "' method='post'>\r\n<table class='admin'>\r\n<tr><th>Delete</th><th>Id</th><th>Page</th><th>Access</th></tr>";
     //Display list of pages
     foreach ($dbpages as $page) {
         echo "\r\n\t<tr>\r\n\t<td><input type='checkbox' name='delete[" . $page['id'] . "]' id='delete[" . $page['id'] . "]' value='" . $page['id'] . "'></td>\r\n\t<td>\r\n\t" . $page['id'] . "\r\n\t</td>\r\n\t<td>\r\n\t<a href ='" . str_replace('index.php/', '', site_url('admin_page')) . "?id=" . $page['id'] . "'>" . $page['page'] . "</a>\r\n\t</td>\r\n\t<td>";
         //Show public/private setting of page
         if ($page['private'] == 0) {
             echo "Public";
         } else {
             echo "Private";
         }
         echo "\r\n\t</td>\r\n\t</tr>";
     }
     echo "\r\n</table>\r\n<input type = 'submit' value = 'Submit'/>\r\n</form>\r\n</div>\r\n<div id='bottom'></div>\r\n</div>\r\n<div id = 'createNewPage'>\r\n<a href ='" . str_replace('index.php/', '', site_url('new_page')) . "'>Add Page</a>\r\n</div>\r\n</body>\r\n</html>";
 }
Esempio n. 2
0
    public function index()
    {
        /*
        UserCake (Via CupCake) Version: 2.0.2
        http://usercake.com
        */
        global $baseURL, $loggedInUser, $errors, $success;
        require_once "{$baseURL}/application/third_party/user_cake/models/config.php";
        if (!securePage($_SERVER['PHP_SELF'])) {
            die;
        }
        //Forms posted
        if (!empty($_POST)) {
            $pageName = $_POST['pageName'];
            $pageNameWithoutExt = str_replace(".php", "", $pageName);
            $defaultPages = fetchAllPages();
            $pageCheck = false;
            foreach ($defaultPages as $indPage) {
                if ($indPage['page'] == $pageNameWithoutExt) {
                    $pageCheck = true;
                }
            }
            if (preg_match('/^[A-Za-z][A-Za-z0-9]*(?:_[A-Za-z0-9]+)*$/', $pageNameWithoutExt) && !$pageCheck) {
                $comment = $_POST['pageComment'];
                $nameWords = explode("_", $pageNameWithoutExt);
                $className = '';
                if (sizeof($nameWords)) {
                    for ($i = 0; $i < sizeof($nameWords); $i++) {
                        $sep = $i ? "_" : "";
                        $className .= $sep . ucfirst($nameWords[$i]);
                    }
                } else {
                    $className = ucfirst($pageNameWithoutExt);
                }
                $file = fopen("{$baseURL}/application/controllers/{$pageName}.php", "w");
                fwrite($file, '<?php
/* This pase was created by ' . $loggedInUser->displayname . ' at "' . date("Y m d H-i-s") . '". */
/* ' . $comment . ' */

class ' . $className . ' extends CI_Controller{
	public function __construct(){
		parent::__construct();
		global $baseURL; 
		$baseURL = getcwd();
		// File requires to check logged in user information.
		require_once("$baseURL/application/third_party/user_cake/models/class.user.php");
		
		// Basic helper and libraries
		$this->load->helper();
		$this->load->library("session");
	}
	public function index(){
		global $baseURL; 
		// Require config file
		require_once("$baseURL/application/third_party/user_cake/models/config.php");
		
		// Write your code after this line
		
		
		
		// Code ends here
		
		// index function
		$this->load->view("' . $pageName . '");
	} 
	}
?>');
                fclose($file);
                $file = fopen("{$baseURL}/application/views/{$pageName}.php", "w");
                fwrite($file, '<?php
global $baseURL;
require_once("$baseURL/application/third_party/user_cake/models/header.php");
?>
<!DOCTYPE html PUBLIC \'-//W3C//DTD XHTML 1.0 Transitional//EN\' \'http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\'>
<html xmlns=\'http://www.w3.org/1999/xhtml\'>
<head>
<meta http-equiv=\'Content-Type\' content=\'text/html; charset=utf-8\' />
<title>' . $pageName . '</title>
</head>
<body>
<div id="wrapper">
<div id="top"><div id="logo"></div></div>
<div id="content">
<h1>UserCake (Via CupCake)</h1>
<h2>Account</h2>
<div id="left-nav">
<?php
include("$baseURL/application/third_party/user_cake/left-nav.php");
?>

</div>
<div id="main">

</div>
<div id="bottom"></div>
</div>
</body>
</html>');
                fclose($file);
                $newPage = array(str_replace(".php", "", $pageName));
                createPages($newPage);
                $successes[] = lang("PAGE_CREATED_SUCCESSFULLY", array($baseURL, $pageName));
            } else {
                if ($pageCheck) {
                    $errors[] = lang("USER_CREATED_PAGE_EXIST");
                } else {
                    $errors[] = lang("PAGE_VALIDATION_ERROR");
                }
            }
        }
        require_once "{$baseURL}/application/third_party/user_cake/models/header.php";
        echo "\r\n<body>\r\n<div id='wrapper'>\r\n<div id='top'><div id='logo'></div></div>\r\n<div id='content'>\r\n<h1>UserCake (Via CupCake)</h1>\r\n<h2>Admin Page</h2>\r\n<div id='left-nav'>";
        include "{$baseURL}/application/third_party/user_cake/left-nav.php";
        echo "\r\n</div>\r\n<div id='main'>";
        echo resultBlock($errors, $successes);
        echo "\r\n<form name='newPage' action='" . $_SERVER['PHP_SELF'] . "' method='post'>\r\n<input type='hidden' name='process' value='1'>\r\n<table class='admin'>\r\n<tr><td>\r\n<h3>Add New Page</h3>\r\n<div id='regbox'>\r\n<p>\r\n<label>New Page Name:</label>\r\n<input type = 'text' name = 'pageName' id = 'pageName'><br/>\r\n(only underscore '_' is allowed as special character.)<br/>\r\n<label>Write your comment:</label><textarea rows = '5' cols = '30' name = 'pageComment' id = 'pageComment'></textarea><br/>\r\n<div>( This is only for documentation purpose. )</div>";
        echo "<input type='submit' value='Create' class='submit'/>\r\n</p>\r\n</form>\r\n</div>\r\n<div id='bottom'></div>\r\n</div>\r\n</body>\r\n</html>";
    }
Esempio n. 3
0
    createPages($creations);
}
if (count($dbpages) > 0) {
    //Check if DB contains pages that don't exist
    foreach ($dbpages as $page) {
        if (!isset($pages[$page['page']])) {
            $deletions[] = $page['id'];
        }
    }
}
//Delete pages from DB if not found
if (count($deletions) > 0) {
    deletePages($deletions);
}
//Update DB pages
$dbpages = fetchAllPages();
require_once "models/header.php";
echo "\r\n<body>\r\n<div id='wrapper'>\r\n<div id='top'><div id='logo'></div></div>\r\n<div id='content'>\r\n<h1>UserCake</h1>\r\n<h2>Admin Pages</h2>\r\n<div id='left-nav'>";
include "left-nav.php";
echo "\r\n</div>\r\n<div id='main'>\r\n<table class='admin'>\r\n<tr><th>Id</th><th>Page</th><th>Access</th></tr>";
//Display list of pages
foreach ($dbpages as $page) {
    echo "\r\n\t<tr>\r\n\t<td>\r\n\t" . $page['id'] . "\r\n\t</td>\r\n\t<td>\r\n\t<a href ='admin_page.php?id=" . $page['id'] . "'>" . $page['page'] . "</a>\r\n\t</td>\r\n\t<td>";
    //Show public/private setting of page
    if ($page['private'] == 0) {
        echo "Public";
    } else {
        echo "Private";
    }
    echo "\r\n\t</td>\r\n\t</tr>";
}
Esempio n. 4
0
            if ($addition_count = addPage($add, $permissionId)) {
                $successes[] = lang("PERMISSION_ADD_PAGES", array($addition_count));
            } else {
                $errors[] = lang("SQL_ERROR");
            }
        }
        $permissionDetails = fetchPermissionDetails($permissionId);
    }
}
$pagePermissions = fetchPermissionPages($permissionId);
//Retrieve list of accessible pages
$permissionUsers = fetchPermissionUsers($permissionId);
//Retrieve list of users with membership
$userData = fetchAllUsers();
//Fetch all users
$pageData = fetchAllPages();
//Fetch all pages
require_once "models/header.php";
echo "\n<body>\n<div id='wrapper'>\n<div id='top'><div id='logo'></div></div>\n<div id='content'>\n<h1> </h1>\n<h2>Admin Permissions</h2>\n<div id='left-nav'>";
include "left-nav.php";
echo "\n</div>\n<div id='main'>";
echo resultBlock($errors, $successes);
echo "\n<form name='adminPermission' action='" . $_SERVER['PHP_SELF'] . "?id=" . $permissionId . "' method='post'>\n<table class='admin'>\n<tr><td>\n<h3>Permission Information</h3>\n<div id='regbox'>\n<p>\n<label>ID:</label>\n" . $permissionDetails['id'] . "\n</p>\n<p>\n<label>Name:</label>\n<input type='text' name='name' value='" . $permissionDetails['name'] . "' />\n</p>\n<label>Delete:</label>\n<input type='checkbox' name='delete[" . $permissionDetails['id'] . "]' id='delete[" . $permissionDetails['id'] . "]' value='" . $permissionDetails['id'] . "'>\n</p>\n</div></td><td>\n<h3>Permission Membership</h3>\n<div id='regbox'>\n<p>\nRemove Members:";
//List users with permission level
foreach ($userData as $v1) {
    if (isset($permissionUsers[$v1['id']])) {
        echo "<br><input type='checkbox' name='removePermission[" . $v1['id'] . "]' id='removePermission[" . $v1['id'] . "]' value='" . $v1['id'] . "'> " . $v1['display_name'];
    }
}
echo "\n</p><p>Add Members:";
//List users without permission level
Esempio n. 5
0
/**
 * Loads all site pages, adds new pages found, deletes pages not found
 * @return array $allPages containing all pages and associated permissions for those pages
 */
function loadSitePages()
{
    // This block automatically checks this action against the permissions database before running.
    if (!checkActionPermissionSelf(__FUNCTION__, func_get_args())) {
        addAlert("danger", "Sorry, you do not have permission to access this resource.");
        return false;
    }
    global $page_include_paths;
    try {
        // Retrieve files in all included directories
        $pages = array();
        foreach ($page_include_paths as $path) {
            $pages = array_merge($pages, getPageFiles($path));
        }
        $dbpages = fetchAllPages();
        //Retrieve list of pages in pages table
        $creations = array();
        $deletions = array();
        $originals = array();
        //Check if any pages exist which are not in DB
        foreach ($pages as $page) {
            if (!isset($dbpages[$page])) {
                $creations[] = $page;
            }
        }
        //Enter new pages in DB if found
        if (count($creations) > 0) {
            createPages($creations);
        }
        // Find pages in table which no longer exist
        if (count($dbpages) > 0) {
            //Check if DB contains pages that don't exist
            foreach ($dbpages as $page) {
                if (!isset($pages[$page['page']])) {
                    $deletions[] = $page['id'];
                } else {
                    $originals[] = $page['id'];
                }
            }
        }
        $allPages = fetchAllPages();
        // Merge the newly created pages, plus the pages slated for deletion, load their permissions, and set a flag (C)reated, (U)pdated, (D)eleted
        foreach ($allPages as $page) {
            $id = $page['id'];
            $name = $page['page'];
            if (in_array($name, $creations)) {
                $allPages[$name]['status'] = 'C';
            } else {
                if (in_array($id, $deletions)) {
                    $allPages[$name]['status'] = 'D';
                } else {
                    $allPages[$name]['status'] = 'U';
                }
            }
            $pageGroups = fetchPageGroups($id);
            if ($pageGroups) {
                $allPages[$name]['permissions'] = $pageGroups;
            } else {
                $allPages[$name]['permissions'] = array();
            }
        }
        //Delete pages from DB
        if (count($deletions) > 0) {
            deletePages($deletions);
        }
        return $allPages;
    } catch (PDOException $e) {
        addAlert("danger", "Oops, looks like our database encountered an error.");
        error_log("Error in " . $e->getFile() . " on line " . $e->getLine() . ": " . $e->getMessage());
    } catch (ErrorException $e) {
        addAlert("danger", "Oops, looks like our server might have goofed.  If you're an admin, please check the PHP error logs.");
    }
}
Esempio n. 6
0
 public function index()
 {
     /*
     UserCake (Via CupCake) Version: 2.0.2
     http://usercake.com
     */
     global $baseURL;
     require_once "{$baseURL}/application/third_party/user_cake/models/config.php";
     if (!securePage($_SERVER['PHP_SELF'])) {
         die;
     }
     $permissionId = $_GET['id'];
     //Check if selected permission level exists
     if (!permissionIdExists($permissionId)) {
         header("Location: " . site_url('admin_permissions'));
         die;
     }
     $permissionDetails = fetchPermissionDetails($permissionId);
     //Fetch information specific to permission level
     //Forms posted
     if (!empty($_POST)) {
         //Delete selected permission level
         if (!empty($_POST['delete'])) {
             $deletions = $_POST['delete'];
             if ($deletion_count = deletePermission($deletions)) {
                 $successes[] = lang("PERMISSION_DELETIONS_SUCCESSFUL", array($deletion_count));
                 header("Location: " . site_url('admin_permissions'));
             } else {
                 $errors[] = lang("SQL_ERROR");
             }
         } else {
             //Update permission level name
             if ($permissionDetails[0]['name'] != $_POST['name']) {
                 $permission = trim($_POST['name']);
                 //Validate new name
                 if (permissionNameExists($permission)) {
                     $errors[] = lang("ACCOUNT_PERMISSIONNAME_IN_USE", array($permission));
                 } elseif (minMaxRange(1, 50, $permission)) {
                     $errors[] = lang("ACCOUNT_PERMISSION_CHAR_LIMIT", array(1, 50));
                 } else {
                     if (updatePermissionName($permissionId, $permission)) {
                         $successes[] = lang("PERMISSION_NAME_UPDATE", array($permission));
                     } else {
                         $errors[] = lang("SQL_ERROR");
                     }
                 }
             }
             //Remove access to pages
             if (!empty($_POST['removePermission'])) {
                 $remove = $_POST['removePermission'];
                 if ($deletion_count = removePermission($permissionId, $remove)) {
                     $successes[] = lang("PERMISSION_REMOVE_USERS", array($deletion_count));
                 } else {
                     $errors[] = lang("SQL_ERROR");
                 }
             }
             //Add access to pages
             if (!empty($_POST['addPermission'])) {
                 $add = $_POST['addPermission'];
                 if ($addition_count = addPermission($permissionId, $add)) {
                     $successes[] = lang("PERMISSION_ADD_USERS", array($addition_count));
                 } else {
                     $errors[] = lang("SQL_ERROR");
                 }
             }
             //Remove access to pages
             if (!empty($_POST['removePage'])) {
                 $remove = $_POST['removePage'];
                 if ($deletion_count = removePage($remove, $permissionId)) {
                     $successes[] = lang("PERMISSION_REMOVE_PAGES", array($deletion_count));
                 } else {
                     $errors[] = lang("SQL_ERROR");
                 }
             }
             //Add access to pages
             if (!empty($_POST['addPage'])) {
                 $add = $_POST['addPage'];
                 if ($addition_count = addPage($add, $permissionId)) {
                     $successes[] = lang("PERMISSION_ADD_PAGES", array($addition_count));
                 } else {
                     $errors[] = lang("SQL_ERROR");
                 }
             }
             $permissionDetails = fetchPermissionDetails($permissionId);
         }
     }
     $pagePermissions = fetchPermissionPages($permissionId);
     //Retrieve list of accessible pages
     $permissionUsers = fetchPermissionUsers($permissionId);
     //Retrieve list of users with membership
     $userData = fetchAllUsers();
     //Fetch all users
     $pageData = fetchAllPages();
     //Fetch all pages
     require_once "{$baseURL}/application/third_party/user_cake/models/header.php";
     echo "\r\n<body>\r\n<div id='wrapper'>\r\n<div id='top'><div id='logo'></div></div>\r\n<div id='content'>\r\n<h1>UserCake (Via CupCake)</h1>\r\n<h2>Admin Permissions</h2>\r\n<div id='left-nav'>";
     include "{$baseURL}/application/third_party/user_cake/left-nav.php";
     echo "\r\n</div>\r\n<div id='main'>";
     echo resultBlock($errors, $successes);
     echo "\r\n<form name='adminPermission' action='" . $_SERVER['PHP_SELF'] . "?id=" . $permissionId . "' method='post'>\r\n<table class='admin'>\r\n<tr><td>\r\n<h3>Permission Information</h3>\r\n<div id='regbox'>\r\n<p>\r\n<label>ID:</label>\r\n" . $permissionDetails[0]['id'] . "\r\n</p>\r\n<p>\r\n<label>Name:</label>\r\n<input type='text' name='name' value='" . $permissionDetails[0]['name'] . "' />\r\n</p>\r\n<label>Delete:</label>\r\n<input type='checkbox' name='delete[" . $permissionDetails[0]['id'] . "]' id='delete[" . $permissionDetails[0]['id'] . "]' value='" . $permissionDetails[0]['id'] . "'>\r\n</p>\r\n</div></td><td>\r\n<h3>Permission Membership</h3>\r\n<div id='regbox'>\r\n<p>\r\nRemove Members:";
     //List users with permission level
     foreach ($userData as $v1) {
         if (isset($permissionUsers[$v1['id']])) {
             echo "<br><input type='checkbox' name='removePermission[" . $v1['id'] . "]' id='removePermission[" . $v1['id'] . "]' value='" . $v1['id'] . "'> " . $v1['display_name'];
         }
     }
     echo "\r\n</p><p>Add Members:";
     //List users without permission level
     foreach ($userData as $v1) {
         if (!isset($permissionUsers[$v1['id']])) {
             echo "<br><input type='checkbox' name='addPermission[" . $v1['id'] . "]' id='addPermission[" . $v1['id'] . "]' value='" . $v1['id'] . "'> " . $v1['display_name'];
         }
     }
     echo "\r\n</p>\r\n</div>\r\n</td>\r\n<td>\r\n<h3>Permission Access</h3>\r\n<div id='regbox'>\r\n<p>\r\nPublic Access:";
     //List public pages
     foreach ($pageData as $v1) {
         if ($v1['private'] != 1) {
             echo "<br>" . $v1['page'];
         }
     }
     echo "\r\n</p>\r\n<p>\r\nRemove Access:";
     //List pages accessible to permission level
     foreach ($pageData as $v1) {
         if (isset($pagePermissions[$v1['id']]) and $v1['private'] == 1) {
             echo "<br><input type='checkbox' name='removePage[" . $v1['id'] . "]' id='removePage[" . $v1['id'] . "]' value='" . $v1['id'] . "'> " . $v1['page'];
         }
     }
     echo "\r\n</p><p>Add Access:";
     //List pages inaccessible to permission level
     foreach ($pageData as $v1) {
         if (!isset($pagePermissions[$v1['id']]) and $v1['private'] == 1) {
             echo "<br><input type='checkbox' name='addPage[" . $v1['id'] . "]' id='addPage[" . $v1['id'] . "]' value='" . $v1['id'] . "'> " . $v1['page'];
         }
     }
     echo "\r\n</p>\r\n</div>\r\n</td>\r\n</tr>\r\n</table>\r\n<p>\r\n<label>&nbsp;</label>\r\n<input type='submit' value='Update' class='submit' />\r\n</p>\r\n</form>\r\n</div>\r\n<div id='bottom'></div>\r\n</div>\r\n</body>\r\n</html>";
 }