static function login() { core::reg('run-naked',true); $realm= core::config('cms-realm'); if (!$realm) { $realm= strtolower($_SERVER['HTTP_HOST']); if (substr($realm,0,4)=='www.') $realm= substr($realm,4); $realm= 'ConKit@'.$realm; } if (!isset($_SERVER['PHP_AUTH_USER'])) core::halt(401,$realm); $exp= (isset($_COOKIE['conkit_cms_exp']) ? $_COOKIE['conkit_cms_exp'] : null); if ($_SERVER['PHP_AUTH_USER']===$exp) { setcookie('conkit_cms_exp','',0,'/'); core::halt(401,$realm); } $loginHandler= core::config('cms-user-check'); if (!$loginHandler) $res= cms::loginCheck($_SERVER['PHP_AUTH_USER'],$_SERVER['PHP_AUTH_PW']); else $res= call_user_func($loginHandler,$_SERVER['PHP_AUTH_USER'],$_SERVER['PHP_AUTH_PW']); if ($res!==false) { if (!$loginHandler) $res= core::reqSession('.cms-admin', array_merge(array('name'=>$_SERVER['PHP_AUTH_USER']),core::$config['cms-users'][$_SERVER['PHP_AUTH_USER']])); elseif (is_array($res)) $res= array_merge(array('name'=>$_SERVER['PHP_AUTH_USER'],'password'=>$_SERVER['PHP_AUTH_PW']),$res); else $res= array('name'=>$_SERVER['PHP_AUTH_USER'],'password'=>$_SERVER['PHP_AUTH_PW'],'attr'=>$res); core::reqSession('.cms-admin', $res); core::halt(302,urldecode(core::req('cms-request'))); } else core::halt(401,$realm); }
//throw new controller_exception('Action not found'); } else { /** * Create post * supplied type_name and title */ // @todo check rate if (!empty($post)) { if (empty($post['title'])) { $this->get_context()->get_core()->set_message('error_empty_title'); $this->get_context()->get_core()->set_message_data($post, true); } try { $id = $post_handle->create_empty($post, $user); } catch (validator_exception $e) { $this->set_null_template(); core::get_instance()->set_raw_message($e->getMessage()); return; } if ($id) { // well done, move user to post edit $url = $this->get_context()->get_cp_links('post'); $url = $url['url'] . $id . '/'; functions::redirect($url); core::halt(); } else { core::get_instance()->set_message(array('users', 'error_post_too_often')); } // redirect to this post } }
static function redirect() { core::halt(303, core::url(func_get_args())); }
<? if (!core::cms()) core::halt(403); core::reg('run-naked',true); $file= core::config('data-path').'block1.txt'; $output.= "<h2>File $file</h2>"; if (file_exists($file)) { if (is_writable($file)) $output.= 'is OK'; else $output.= 'is not writable'; } else $output.= 'does not exist'; $output.= "<hr>"; $file= core::config('data-path').'block2.txt'; $output.= "<h2>File $file</h2>"; if (file_exists($file)) { if (is_writable($file)) $output.= 'is OK'; else $output.= 'is not writable'; } else $output.= 'does not exist'; $output.= "<hr>";
{ $f= cms::form(); $f-> method('post') -> action(core::urlAdd('cms-form-action','upload')); $f-> file('picture') -> preview('image'); $f-> static('Use only jpeg for the sake of test simplicity'); $f-> submit('Save'); $f-> display(); } elseif (core::req('cms-form-action')=='upload') { $picture= core::req('picture'); move_uploaded_file($picture['tmp_name'],core::config('data-path').'sample.jpg'); core::req('.hide-image',false,'session'); core::redirect('home'); } elseif (core::req('cms-form-action')=='hide') { core::req('.hide-image',true,'session'); core::redirect('home'); } elseif (core::req('cms-form-action')=='unhide') { core::req('.hide-image',false,'session'); core::redirect('home'); } else { core::halt(404,'Unknown action '.core::req('cms-form-action')); } return true;
static function forward($file) { core::reg('run-naked', true); if ($file!='cms.css' && $file!='cms.js') core::halt(403); if (isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) && !core::config('run-devel')) { header('HTTP/1.1 304 Not Modified'); header('Cache-Control: public, max-age=3600'); header('Content-Length: 0'); exit; } else { if ($file=='cms.js') { header('Content-Type: text/javascript'); header('Cache-Control: public, max-age=3600'); header('Content-Length: '.filesize(CORE.$file)); header('Last-Modified: '.gmdate('D, d M Y H:i:s', filemtime(CORE.$file)).' GMT'); header('Pragma: public'); readfile(CORE.$file); } elseif ($file=='cms.css') { $setcolor= function($color) { return str_pad(core::config('cms-'.$color ),24); }; header('Content-Type: text/css'); header('Cache-Control: public, max-age=3600'); header('Content-Length: '.filesize(CORE.$file.'.php')); header('Last-Modified: '.gmdate('D, d M Y H:i:s', time()).' GMT'); header('Pragma: public'); include(CORE.$file.'.php'); } else core::halt(404); exit; } }