function fpb_toolbar_body() { $toolbar_authorized = FPBAuth::GetInstance()->IsLoggedIn() && FPBAuth::GetInstance()->IsUserAdmin(); /** * The 'toolbar_pre_authorize' hook runs before the toolbar code determines if the user is authorized to utilize * the toolbar * @see Hooks */ Plugins::RunHook('toolbar_pre_authorize'); if (!$toolbar_authorized) { return; } $toolbar_content = <<<HTML <div id="fpb-admin-tb"> <a href="#" onclick="fpb_admin_Dashboard();"> <div class="menu-item menu-dashboard"> </div> </a><a href="#" onclick="fpb_admin_Posts();"> <div class="menu-item menu-post"> </div> </a><a href="#" onclick="alert('yo');"> <div class="menu-item menu-media"> </div> </a><a href="#" onclick="alert('yo');"> <div class="menu-item menu-comments"> </div> </a><a href="#" onclick="alert('yo');"> <div class="menu-item menu-pages"> </div> </a><hr/> <a href="#" onclick="alert('yo');"> <div class="menu-item menu-appearance"> </div> </a><a href="#" onclick="fpb_admin_Plugins();"> <div class="menu-item menu-plugins"> </div> </a><hr/><a href="#" onclick="alert('yo');"> <div class="menu-item menu-users"> </div> </a><a href="#" onclick="alert('yo');"> <div class="menu-item menu-tools"> </div> </a><a href="#" onclick="alert('yo');"> <div class="menu-item menu-settings"> </div> </a> </div> <div id="fpb-admin-popup"><div id="fpb-admin-popup-content"></div></div> <div id="fpb-admin-blackout"></div> HTML; Plugins::RunHook('toolbar_body_content'); /** * The 'toolbar_body_content' hook runs before the toolbar code returns the HTML to be added to the end of <body> - * hooks should 'global $toolbar_content;' to access the content returned * @see Hooks */ echo $toolbar_content; }
/** * Checks the current Facebook session for validity and logs the user in (or creates the user in our local * database if necessary) * @return void * @access private */ public function CheckFBStatus() { /** * The 'pre_fb_auth_check' is run prior to validating the current Facebook session * @see Hooks */ Plugins::RunHook('pre_fb_auth_check'); if ($this->_facebook->getSession()) { $fbid = $this->_facebook->getUser(); // We have a Facebook session - check it $user_record = FPBDatabase::Instance()->GetUserFromFBId($fbid); if (!$user_record) { // we must make the user! $user_data = array(); $this->_fb_api = $this->_facebook->api('/me'); $user = $this->_facebook->getUser(); $user_data['id'] = $user; /** * the password table is kind of superfluous, but is here in case plugins want to override * the column's use - perhaps an OpenID/Google Federated Login? Until then this is * @deprecated */ $user_data['password'] = md5($user); $url = "https://api.facebook.com/method/fql.query"; $url .= "?access_token=" . $this->_facebook->getAccessToken(); $url .= "&query=SELECT email, name FROM user WHERE uid={$user}"; $userData = simplexml_load_file($url); $user_data['username'] = (string) $userData->user->email; $user_data['displayname'] = (string) $userData->user->name; if (strlen($user_data['username']) == 0) { $params = array(); $params["canvas"] = "1"; $params["fbconnect"] = "0"; $params["next"] = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']; $params["req_perms"] = "email,user_website,user_about_me"; $loginUrl = $this->_facebook->getLoginUrl($params); header("Location: {$loginUrl}"); echo '<meta http-equiv="refresh" content="0;url=' . $loginUrl . '"/>'; die; } /** * The 'pre_fb_useradd' hook is run before inserting a new user record into the database * @see Hooks */ Plugins::RunHook('pre_fb_useradd'); FPBDatabase::Instance()->AddUser($user_data); $this->_user = $user_data; } else { $this->_user = $user_record[0]; } } else { $this->_user = null; } /** * The 'post_fb_auth_check' is run after the validation of the curent Facebook session * @see Hooks */ Plugins::RunHook('post_fb_auth_check'); }
$body_contents = ob_get_contents(); ob_clean(); $tpl_file = $action; /** * The 'post_action' hook runs just after we have run the requested action, just before * it is finished and then rendered * @see Hooks */ Plugins::RunHook('post_action'); $smarty->assign('body_contents', $body_contents); // Grab all archives for the $archives variable to be populated $archives = FPBDatabase::Instance()->GetArchiveList(); $smarty->assign('archives', $archives); // Grab array of all pages $pages = FPBDatabase::Instance()->GetPageArray(); $smarty->assign('pages', $pages); /** * The 'pre_render' hook runs just before we render the smarty template to the client * @see Hooks */ Plugins::RunHook('pre_render'); // make it happen! header('Content-type: text/html; charset=UTF-8;', true); $smarty->display($tpl_file . '.tpl'); /** * The 'page_ended' hook is executed at the very end of execution, this is a good * place to put plugin cleanup * @see Hooks */ Plugins::RunHook('page_ended');
require BASEDIR . '/fpb-includes/fbhelper.php'; require BASEDIR . '/fpb-includes/spyc.php'; require BASEDIR . '/fpb-includes/plugins.php'; Plugins::Instance()->Load(); FPBAuth::GetInstance()->CheckFBStatus(); // Check for a valid admin session $admin_authorized = FPBAuth::GetInstance()->IsLoggedIn() && FPBAuth::GetInstance()->IsUserAdmin(); /** * The 'admin_pre_authorize' hook runs before the admin code determines if the user is authorized to utilize * its functions * @see Hooks */ Plugins::RunHook('admin_pre_authorize'); if (!$admin_authorized) { header("HTTP/1.0 403 Access denied", true, 403); die('HTTP/1.0 403 Access denied'); } /** * The 'admin_bootstrap' hook runs after all files have been included and before any processing occurs in the * admin pages * @see Hooks */ Plugins::RunHook('admin_bootstrap'); if (empty($_POST)) { die('Invalid request'); } if (file_exists(BASEDIR . '/fpb-admin/' . $_POST['action'] . '.php')) { include_once BASEDIR . '/fpb-admin/' . $_POST['action'] . '.php'; } else { die('Invalid request'); }