function fpb_toolbar_body()
{
$toolbar_authorized = FPBAuth::GetInstance()->IsLoggedIn() && FPBAuth::GetInstance()->IsUserAdmin();
/**
* The 'toolbar_pre_authorize' hook runs before the toolbar code determines if the user is authorized to utilize
* the toolbar
* @see Hooks
*/
Plugins::RunHook('toolbar_pre_authorize');
if (!$toolbar_authorized) {
return;
}
$toolbar_content = <<<HTML
<div id="fpb-admin-tb">
<a href="#" onclick="fpb_admin_Dashboard();">
<div class="menu-item menu-dashboard">
</div>
</a><a href="#" onclick="fpb_admin_Posts();">
<div class="menu-item menu-post">
</div>
</a><a href="#" onclick="alert('yo');">
<div class="menu-item menu-media">
</div>
</a><a href="#" onclick="alert('yo');">
<div class="menu-item menu-comments">
</div>
</a><a href="#" onclick="alert('yo');">
<div class="menu-item menu-pages">
</div>
</a><hr/>
<a href="#" onclick="alert('yo');">
<div class="menu-item menu-appearance">
</div>
</a><a href="#" onclick="fpb_admin_Plugins();">
<div class="menu-item menu-plugins">
</div>
</a><hr/><a href="#" onclick="alert('yo');">
<div class="menu-item menu-users">
</div>
</a><a href="#" onclick="alert('yo');">
<div class="menu-item menu-tools">
</div>
</a><a href="#" onclick="alert('yo');">
<div class="menu-item menu-settings">
</div>
</a>
</div>
<div id="fpb-admin-popup"><div id="fpb-admin-popup-content"></div></div>
<div id="fpb-admin-blackout"></div>
HTML;
Plugins::RunHook('toolbar_body_content');
/**
* The 'toolbar_body_content' hook runs before the toolbar code returns the HTML to be added to the end of <body> -
* hooks should 'global $toolbar_content;' to access the content returned
* @see Hooks
*/
echo $toolbar_content;
}
/**
* Checks the current Facebook session for validity and logs the user in (or creates the user in our local
* database if necessary)
* @return void
* @access private
*/
public function CheckFBStatus()
{
/**
* The 'pre_fb_auth_check' is run prior to validating the current Facebook session
* @see Hooks
*/
Plugins::RunHook('pre_fb_auth_check');
if ($this->_facebook->getSession()) {
$fbid = $this->_facebook->getUser();
// We have a Facebook session - check it
$user_record = FPBDatabase::Instance()->GetUserFromFBId($fbid);
if (!$user_record) {
// we must make the user!
$user_data = array();
$this->_fb_api = $this->_facebook->api('/me');
$user = $this->_facebook->getUser();
$user_data['id'] = $user;
/**
* the password table is kind of superfluous, but is here in case plugins want to override
* the column's use - perhaps an OpenID/Google Federated Login? Until then this is
* @deprecated
*/
$user_data['password'] = md5($user);
$url = "https://api.facebook.com/method/fql.query";
$url .= "?access_token=" . $this->_facebook->getAccessToken();
$url .= "&query=SELECT email, name FROM user WHERE uid={$user}";
$userData = simplexml_load_file($url);
$user_data['username'] = (string) $userData->user->email;
$user_data['displayname'] = (string) $userData->user->name;
if (strlen($user_data['username']) == 0) {
$params = array();
$params["canvas"] = "1";
$params["fbconnect"] = "0";
$params["next"] = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
$params["req_perms"] = "email,user_website,user_about_me";
$loginUrl = $this->_facebook->getLoginUrl($params);
header("Location: {$loginUrl}");
echo '<meta http-equiv="refresh" content="0;url=' . $loginUrl . '"/>';
die;
}
/**
* The 'pre_fb_useradd' hook is run before inserting a new user record into the database
* @see Hooks
*/
Plugins::RunHook('pre_fb_useradd');
FPBDatabase::Instance()->AddUser($user_data);
$this->_user = $user_data;
} else {
$this->_user = $user_record[0];
}
} else {
$this->_user = null;
}
/**
* The 'post_fb_auth_check' is run after the validation of the curent Facebook session
* @see Hooks
*/
Plugins::RunHook('post_fb_auth_check');
}
$body_contents = ob_get_contents();
ob_clean();
$tpl_file = $action;
/**
* The 'post_action' hook runs just after we have run the requested action, just before
* it is finished and then rendered
* @see Hooks
*/
Plugins::RunHook('post_action');
$smarty->assign('body_contents', $body_contents);
// Grab all archives for the $archives variable to be populated
$archives = FPBDatabase::Instance()->GetArchiveList();
$smarty->assign('archives', $archives);
// Grab array of all pages
$pages = FPBDatabase::Instance()->GetPageArray();
$smarty->assign('pages', $pages);
/**
* The 'pre_render' hook runs just before we render the smarty template to the client
* @see Hooks
*/
Plugins::RunHook('pre_render');
// make it happen!
header('Content-type: text/html; charset=UTF-8;', true);
$smarty->display($tpl_file . '.tpl');
/**
* The 'page_ended' hook is executed at the very end of execution, this is a good
* place to put plugin cleanup
* @see Hooks
*/
Plugins::RunHook('page_ended');
require BASEDIR . '/fpb-includes/fbhelper.php';
require BASEDIR . '/fpb-includes/spyc.php';
require BASEDIR . '/fpb-includes/plugins.php';
Plugins::Instance()->Load();
FPBAuth::GetInstance()->CheckFBStatus();
// Check for a valid admin session
$admin_authorized = FPBAuth::GetInstance()->IsLoggedIn() && FPBAuth::GetInstance()->IsUserAdmin();
/**
* The 'admin_pre_authorize' hook runs before the admin code determines if the user is authorized to utilize
* its functions
* @see Hooks
*/
Plugins::RunHook('admin_pre_authorize');
if (!$admin_authorized) {
header("HTTP/1.0 403 Access denied", true, 403);
die('HTTP/1.0 403 Access denied');
}
/**
* The 'admin_bootstrap' hook runs after all files have been included and before any processing occurs in the
* admin pages
* @see Hooks
*/
Plugins::RunHook('admin_bootstrap');
if (empty($_POST)) {
die('Invalid request');
}
if (file_exists(BASEDIR . '/fpb-admin/' . $_POST['action'] . '.php')) {
include_once BASEDIR . '/fpb-admin/' . $_POST['action'] . '.php';
} else {
die('Invalid request');
}
