Esempio n. 1
0
	public static function configure( $home ){
		self::$home = $home;
                $js = ""; $css = "";
                if( Authorization::isAuthorized() ){
                    $files = API::getFileList( INCLUDEPATH );
                    
                    $files = array_merge(API::getFileList( PLUGINSPATH ), $files);
                    $pos = array_search("./include/cmf/js/lib.js",$files);
                    unset($files[$pos]);
                }
                else{
                    $files = API::getFileList( INCLUDEPATH,-1 );
                    $files[] = "./include/cmf/js/lib.js";
                    $files[] = "./include/cmf/css/cmf.notify.css";
                    $files[] = "./include/cmf/css/cmf.ui.css";
                }
                
                rsort($files);
                foreach ($files as $path) {

                    $ext = pathinfo($path);
                    if( substr($ext['filename'], 0,1) == '_' ) continue;
                    $ext = $ext['extension'];
                    if($ext == "js"){
                        $js .= str_replace("{PATH}", $path, Storage::get("Template::jsInclude"));
                    }else if($ext == "css")
                        $css .= str_replace("{PATH}", $path, Storage::get("Template::cssInclude"));
                }

                self::assign("TITLE", Config::$SiteConf['name']);
                self::assign("META", Config::$SiteConf['meta']);
                self::assign("JSINCLUDE", $js);
                self::assign("CSSINCLUDE", $css);
               // l(self::$vars);
	}
Esempio n. 2
0
    public static function getPanel() {

        if( !Authorization::isAuthorized() ) return;

        $panelStyles = API::parseStylesFile(CUSTOMPATH.DS."Global.views");
        $paneltpl = $panelStyles["VeronicaAdminPanel"][2];
        $menuItemtpl = $panelStyles["VeronicaMenuListItem"][2];
        $controllers = Api::getCustom("Controller");
        $modeles = Api::getCustom("Model");
        
        $user = Authorization::getCurrentUser();
        
        $userpanel = ViewHandler::wrap("CurrentUser", $user[0]);

        
        $paneltpl = str_replace("<? echo \$USERPANEL;?>", $userpanel, $paneltpl);
        
        $list = "";
        foreach ($controllers as $controller){
            if($controller::$inAdminPanel){
                
                $l = str_replace("<? echo \$ADDCLICKHANDLER;?>", "Controller.add('".$controller::$name."');", $menuItemtpl);
                $l = str_replace("<? echo \$CLICKHANDLER;?>", "Controller.openDashboard('".$controller::$name."');", $l);
                $l = str_replace("<? echo \$COUNT;?>", "Controller.openDashboard('".$controller::$name."');", $l);
                $list .= str_replace("<? echo \$ALIAS;?>", $controller::$alias, $l);
            }
        }
        $paneltpl = str_replace("<? echo \$MENULIST;?>", $list, $paneltpl);
        return $paneltpl;

    }
Esempio n. 3
0
        }
    }
}
//- Check user authentication, login and logout
$auth = new Authorization();
//create authorization object
// check if user has attempted to log out
if (isset($_POST['logout'])) {
    $auth->revoke();
} else {
    if (isset($_POST['login']) && isset($_POST['password'])) {
        $auth->attemptGrant($_POST['password'], isset($_POST['remember']));
    }
}
//- Actions on database files and bulk data
if ($auth->isAuthorized()) {
    //- Create a new database
    if (isset($_POST['new_dbname'])) {
        if ($_POST['new_dbname'] == '') {
            // TODO: Display an error message (do NOT echo here. echo below in the html-body!)
        } else {
            $str = preg_replace('@[^\\w-.]@', '', $_POST['new_dbname']);
            $dbname = $str;
            $dbpath = $str;
            if (checkDbName($dbname)) {
                $tdata = array();
                $tdata['name'] = $dbname;
                $tdata['path'] = $directory . DIRECTORY_SEPARATOR . $dbpath;
                $td = new Database($tdata);
                $td->query("VACUUM");
            } else {
Esempio n. 4
0
		}
	};
}();
</script>
</head>
<body>
<?php
if(ini_get("register_globals")) //check whether register_globals is turned on - if it is, we need to not continue
{
	echo "<div class='confirm' style='margin:20px;'>";
	echo "It appears that the PHP directive, 'register_globals' is enabled. This is bad. You need to disable it before continuing.";
	echo "</div>";
	exit();
}

if(!$auth->isAuthorized()) //user is not authorized - display the login screen
{
	echo "<div id='loginBox'>";
	echo "<h1><span id='logo'>".PROJECT."</span> <span id='version'>v".VERSION."</span></h1>";
	echo "<div style='padding:15px; text-align:center;'>";
	if(isset($_POST['login']))
		echo "<span style='color:red;'>Incorrect password.</span><br/><br/>";
	echo "<form action='".PAGE."' method='post'>";
	echo "Password: <input type='password' name='password'/><br/>";
	echo "<input type='checkbox' name='remember' value='yes' checked='checked'/> Remember me<br/><br/>";
	echo "<input type='submit' value='Log In' name='login' class='btn'/>";
	echo "<input type='hidden' name='proc_login' value='true' />";
	echo "</form>";
	echo "</div>";
	echo "</div>";
	echo "<br/>";
Esempio n. 5
0
if (isset($_POST['logout'])) {
    //user has attempted to log out
    $auth->revoke();
} else {
    if (isset($_POST['login']) || isset($_POST['proc_login'])) {
        $_POST['login'] = true;
        if ($_POST['password'] == SYSTEMPASSWORD) {
            if (isset($_POST['remember'])) {
                $auth->grant(true);
            } else {
                $auth->grant(false);
            }
        }
    }
}
if ($auth->isAuthorized()) {
    //user is creating a new Database
    if (isset($_POST['new_dbname']) && $auth->isAuthorized()) {
        $str = preg_replace('@[^\\w-.]@', '', $_POST['new_dbname']);
        $dbname = $str;
        $dbpath = $str;
        if (checkDbName($dbname)) {
            $tdata = array();
            $tdata['name'] = $dbname;
            $tdata['path'] = $directory . DIRECTORY_SEPARATOR . $dbpath;
            $td = new Database($tdata);
            $td->query("VACUUM");
        } else {
            if (is_file($dbname) || is_dir($dbname)) {
                $dbexists = true;
            } else {
Esempio n. 6
0
    public static function getCurrentUser() {

        if(Authorization::isAuthorized()) return ModelHandler::get('Users', array($_COOKIE['user_id']));
        else return false;
    }