/** * USED INTERNALLY. Check content file to see if it exists. And if it doesn't, create it. $path contains the file path, $default contains the default text to go in the file if it is new. * @param string $name Content area name. */ function ContentCheck($path, $name) { // If file doesn't exist yet or is of 0 length, create and write something in it. if (!file_exists($path) || !filesize($path)) { $fh = fopen($path, 'w') or die(NCUtility::Error("Could not write file: " . basename($path) . ". Make sure that this server has read and write permissions to the /nc-cms/content folder.")); fwrite($fh, $default) or die(NCUtility::Error("Could not write file: " . basename($path) . ". Make sure that this server has read and write permissions to the /nc-cms/content folder.")); fclose($fh); } clearstatcache(); // Clear status cache (so filesize() will do its work again) }
} // Close connection. // Refresh page if no errors were reported. if ($output == "") { $location = NC_CMS_URL . '/' . basename(__FILE__); // Load default installer page. header('Location: ' . $location); } } else { $output .= '<p>Welcome to the nc-cms MySQL database setup. This script will install the appropriate database tables for use with nc-cms.</p>'; if ($nc_db_fail) { if ($nc_report_error != "") { $output .= NCUtility::Error($nc_report_error); } if ($nc_report_tip != "") { $output .= NCUtility::Tip($nc_report_tip); } $output .= '<p>You may delete this file if you do not plan to use nc-cms\'s database support.</p>'; } else { if ($nc_already_setup) { $output .= '<h2><strong>Database Setup Complete!</strong></h2> <p>The required nc-cms tables have already been setup in your database. You may now delete this file if you wish.</p>'; } else { $output .= '<p style="width: 200px; margin: 0 auto; text-align: center;"><span class="button"><a href="?action=install" ><span class="icon icon_setup_database" > Setup MySQL Database</span></a></span></p><br />'; $output .= '<p>You may delete this file if you do not plan to use nc-cms\'s database support.</p>'; } } } ?> <!DOCTYPE html> <html lang="en">
$("input").keypress(keypress_action); document.loginform.user.focus(); } $(document).ready(setup); // Go jQuery ! </script> </head> <body> <div id="wrapper"> <div id="login"> <h1 title="Powered by nc-cms"><?php echo NC_WEBSITE_NAME; ?> </h1> <form name="loginform" id="loginform" method="post" action="<?php echo NCUtility::Referrer(); ?> /"> <p> <label for="user" class="label"><?php echo NC_LANG_USERNAME; ?> </label><br /> <input type="text" name="user" id="user" class="textfield" size="24" /> </p> <p style="margin-top: 10px;"> <label for="pass" class="label"><?php echo NC_LANG_PASSWORD; ?> </label><br /> <input type="password" name="pass" id="pass" class="textfield" size="24" />
?> </strong> <br /><br /> <div class="listing"> <?php if ($handle = opendir(NC_UPLOAD_DIRECTORY)) { while ($file = readdir($handle)) { clearstatcache(); if (is_file(NC_UPLOAD_DIRECTORY . $file)) { if (NCUtility::FileType($file) == 1) { echo '<a class="icon_picture file_selectable" href="' . NC_BASEPATH . '/../content/upload/' . $file . '" target="_self">' . $file . '</a>'; } else { if (NCUtility::FileType($file) == 2) { echo '<a class="icon_archive file_selectable" href="' . NC_BASEPATH . '/../content/upload/' . $file . '" target="_self">' . $file . '</a>'; } else { if (NCUtility::FileType($file) == 3) { echo '<a class="icon_audio file_selectable" href="' . NC_BASEPATH . '/../content/upload/' . $file . '" target="_self">' . $file . '</a>'; } else { echo '<a class="icon_file file_selectable" href="' . NC_BASEPATH . '/../content/upload/' . $file . '" target="_self">' . $file . '</a>'; } } } } } closedir($handle); } ?> </div> </div> </body>
/** * USED INTERNALLY. Checks the validity of the mysql link. Selects the database. Returns the db link, presents any errors if any are found. * @param string $name Content area name. */ function DatabaseLink($link, $_database) { if ($link) { if (mysql_select_db($_database, $link)) { return $link; } else { NCUtility::Error("MySQL reported: " . mysql_error()); exit; } } else { NCUtility::Error("MySQL reported: " . mysql_error()); exit; } }
/** * Main routine for content editors using the CMS. */ function Manage() { // Determine which action to take. $action = ''; if (isset($_GET['action'])) { $action = $_GET['action']; } // Take action! if ($action == 'logout') { // Log out if user is in session. $login = new NCLogin(); $login->Logout(); // Load previous page as view. $location = $_SERVER['HTTP_REFERER']; $location = substr($_SERVER['HTTP_REFERER'], 0, strrpos($location, "/")); header('Location: ' . $location); } else { if ($action == 'edit_string') { $this->UserCheck(); $name = ''; $data = ''; if (isset($_GET['name'])) { $name = basename($_GET['name']); // Strip paths. $data = $this->storage->ContentLoad($name); } else { $this->UserBoot(); } // Posible hacking attempt. include NC_BASEPATH . '/views/edit_string.php'; // Load string editor view. } else { if ($action == 'edit_html') { $this->UserCheck(); $name = ''; $data = ''; if (isset($_GET['name'])) { $name = basename($_GET['name']); // Strip paths. $data = $this->storage->ContentLoad($name); } else { $this->UserBoot(); } // Posible hacking attempt. include NC_BASEPATH . '/views/edit_html.php'; // Load html editor view. } else { if ($action == 'save') { $this->UserCheck(); if (isset($_GET['ref'])) { if (isset($_POST['name']) && isset($_POST['editordata'])) { $this->storage->ContentSave($_POST['name'], $_POST['editordata']); } header('Location: ' . $_GET['ref']); exit; } else { $this->UserBoot(); } } else { if ($action == 'file_manager') { $this->UserCheck(); $status_message = ''; include NC_BASEPATH . '/views/file_manager.php'; // Load file manager view. } else { if ($action == 'file_manager_upload') { $this->UserCheck(); $status_message = ''; if ($_FILES['file']['error'] > 0) { if ($_FILES['file']['error'] == UPLOAD_ERR_INI_SIZE) { $status_message = NC_LANG_FILE_INI_SIZE; } if ($_FILES['file']['error'] == UPLOAD_ERR_NO_FILE) { $status_message = NC_LANG_FILE_NOT_FOUND; } else { $status_message = NC_LANG_FILE_ERROR . '<br />' . $_FILES['file']["error"] . '<br />' . NC_LANG_ERROR_PHP_MANUAL; } } else { $replacing_file = false; if (file_exists(NC_UPLOAD_DIRECTORY . $_FILES['file']['name'])) { $replacing_file = true; } move_uploaded_file($_FILES['file']['tmp_name'], NC_UPLOAD_DIRECTORY . $_FILES['file']['name']); // Write the file if ($replacing_file) { $status_message = NC_LANG_FILE_REPLACED . '<br /><strong>' . $_FILES['file']['name'] . ' (' . NCUtility::ReturnStringSize($_FILES['file']['size']) . ')</strong>'; } else { $status_message = NC_LANG_FILE_UPLOADED . '<br /><strong>' . $_FILES['file']['name'] . ' (' . NCUtility::ReturnStringSize($_FILES['file']['size']) . ')</strong>'; } } include NC_BASEPATH . '/views/file_manager.php'; // Load file manager view. } else { if ($action == 'file_manager_remove') { $this->UserCheck(); $status_message = ''; $file = ''; if (isset($_GET['file'])) { $file = $_GET['file']; } basename($file); if (is_file(NC_UPLOAD_DIRECTORY . $file)) { if (unlink(NC_UPLOAD_DIRECTORY . $file)) { $status_message = NC_LANG_FILE_REMOVED . '<br /><strong>' . $file . '</strong>'; } else { $status_message = NC_LANG_FILE_REMOVED_ERROR . '<br /><strong>' . $file . '</strong>'; } } else { $status_message = NC_LANG_FILE_REMOVED_ERROR_NOT_FOUND . '<br /><strong>' . $file . '</strong>'; } include NC_BASEPATH . '/views/file_manager.php'; // Load file manager view. } else { include NC_BASEPATH . '/views/login.php'; // Load login view. } } } } } } } }