<?php
/**
* @author Jaco Ruit
*/
require '../startOrongo.php';
startOrongo('admin_index');
Security::promptAuth();
$index = new AdminFrontend();
$index->main(array("time" => time(), "page_title" => "Dashboard", "page_template" => "dashboard"));
if (isset($_GET['msg'])) {
switch ($_GET['msg']) {
case 0:
$index->addMessage(l("No Permission"), "error");
break;
case 1:
$index->addMessage(l("Invalid Query Arg"), "warning");
break;
case 2:
$index->addMessage(l("Internal Error"), "warning");
break;
}
}
$text = "<strong>Thank you for testing OrongoCMS!</strong><br/><br/>";
$text .= "<p>To check for updates go to <a href='" . orongoURL("orongo-admin/orongo-update-check.php") . "'>the update checker</a>.";
$text .= "<br/>Found bugs? Please post them <a href='" . orongoURL("orongo-admin/post-issue.php") . "'>here</a>.";
$text .= "<br/>You can find the terminal of your OrongoCMS installation <a href='" . OrongoURL("orongo-admin/terminal.php") . "'>here</a>.";
$text .= "<br/><br/>Enjoy OrongoCMS,<br/> ";
$text .= "<strong>The OrongoCMS Team</strong>";
$index->addObject(new AdminFrontendObject(100, "Info", $text, null, false));
$index->render();
$msg = l("LOGIN_MSG_INVALID_ACTIVATION_URL");
$msgtype = "warning";
break;
case 5:
$msg = l('LOGIN_MSG_ALREADY_ACTIVATED');
$msgtype = "info";
break;
case 6:
$msg = l('LOGIN_MSG_ACTIVATION_OK');
$msgtype = "success";
break;
case 7:
$msg = l("LOGIN_MSG_PROMPT_ACTIVATION");
$msgtype = "warning";
break;
default:
break;
}
}
$login = new AdminFrontend();
$login->main(array("time" => time(), "page_title" => "Login", "page_template" => "ndashboard"));
$form = new AdminFrontendForm(75, "Login", "POST", orongoURL("actions/action_Login.php"));
$form->addInput("Username", "username", "text");
$form->addInput("Password", "password", "password");
$form->addButton("Login", true);
$login->addObject($form);
$login->addObject(new AdminFrontendObject(25, "", '<h4>' . l("New here") . '</h4><p>' . l("Register text", array('<a href="' . orongoURL("orongo-register.php#") . '">', '</a>')) . '</p>'));
if ($msg != null) {
$login->addMessage($msg, $msgtype);
}
$login->render();
try {
$objs = orongo_query("action=fetch&object=article&max=1000000&order=article.id,desc");
} catch (Exception $e) {
$manage->addMessage($e, "error");
$manage->render();
exit;
}
$manager = new AdminFrontendContentManager(100, "Articles");
$manager->createTab("Articles", array("ID", "Title", "Date", "Author", "Comments"));
foreach ($objs as $obj) {
if ($obj instanceof Article == false) {
continue;
}
$manager->addItem("Articles", array($obj->getID(), '<a href="' . orongoURL('orongo-admin/view.php?article.' . $obj->getID()) . '">' . $obj->getTitle() . '</a>', $obj->getDate(), '<a href="' . orongoURL("orongo-admin/view.php?user." . $obj->getAuthorID()) . '">' . $obj->getAuthorName() . '</a>', $obj->getCommentCount()), orongoURL("orongo-admin/delete.php?article." . $obj->getID()), orongoURL("orongo-admin/edit.php?article." . $obj->getID()));
}
$manage->addObject($manager);
$manage->render();
break;
case "users":
if (getUser()->getRank() < RANK_ADMIN) {
header("Location: " . orongoURL("orongo-admin/index.php?msg=0"));
exit;
}
$objs = null;
$manage->setTitle("Manage Users");
try {
$objs = orongo_query("action=fetch&object=user&max=1000000&order=user.id,asc");
} catch (Exception $e) {
$manage->addMessage($e, "error");
$manage->render();
exit;
} catch (Exception $e) {
if ($e->getCode() == PAGE_NOT_EXIST) {
header("Location: " . orongoURL("orongo-admin/manage.php?msg=0&obj=pages"));
exit;
} else {
header("Location: " . orongoURL("orongo-admin/index.php?msg=2"));
exit;
}
}
$form = new AdminFrontendForm(100, l("Page") . ": " . $page->getTitle(), "GET", "", false);
$form->addInput("ID", "id", "text", $page->getID(), false, true);
$form->addInput("Page Title", "title", "text", $page->getTitle(), false, true);
$form->addInput("Page Content", "content", "ckeditor", $page->getContent(), false, true);
$form->addButton("Delete", false, orongoURL("orongo-admin/delete.php?page." . $id));
$form->addButton("Edit", false, orongoURL("orongo-admin/edit.php?page." . $id));
$view->addObject($form);
$view->render();
break;
case "user":
if ($id != getUser()->getID() && getUser()->getRank() != RANK_ADMIN) {
header("Location: " . orongoURL("orongo-admin/index.php?msg=0"));
exit;
}
$user = null;
$view->setTitle("Viewing User");
try {
$user = new User($id);
} catch (Exception $e) {
if ($e->getCode() == USER_NOT_EXIST) {
header("Location: " . orongoURL("orongo-admin/manage.php?msg=0&obj=users"));
exit;
case 1:
$create->addMessage(l("Object post success"), "success");
break;
default:
break;
}
}
switch ($object) {
case "article":
$create->setTitle("Create Article");
$form = new AdminFrontendForm(100, "New Article", "POST", orongoURL("actions/action_Create.php?article"));
$form->addInput("Article Title", "title", "text", "", true);
$form->addInput("Article Content", "content", "ckeditor", "", true);
$form->addInput("Tags", "tags", "text", "tag1, tag2");
$form->addButton("Post", true);
$create->addObject($form);
$create->render();
break;
case "user":
if (getUser()->getRank() < RANK_ADMIN) {
header("Location: " . orongoURL("orongo-admin/index.php?msg=0"));
exit;
}
$create->setTitle("Create User");
$form = new AdminFrontendForm(100, "New User", "POST", orongoURL("actions/action_Create.php?user"));
$form->addInput("Username", "name", "text", "", true);
$form->addInput("Password", "password", "password", "blaat123", true);
$form->addInput("Email", "email", "email", "*****@*****.**", true);
$form->addSelect("rank", array(l("User") => 1, l("Writer") => 2, l("Admin") => 3));
$form->addButton("Create", true);
$create->addObject($form);
startOrongo('admin_post-issue');
Security::promptAuth();
if (getUser()->getRank() < RANK_ADMIN) {
header("Location: " . orongoURL("orongo-admin/index.php?msg=0"));
exit;
}
$postIssue = new AdminFrontend();
getDisplay()->addHTML('<script src="' . orongoURL("js/ajax.boolean.js") . '" type="text/javascript"></script>');
if (isset($_GET['token'])) {
$_SESSION["auth-sub-token"] = $_GET['token'];
getDisplay()->closeWindow();
exit;
}
if (!isset($_SESSION["auth-sub-token"])) {
$postIssue->main(array("time" => time(), "page_title" => "Login to Google", "page_template" => "dashboard"));
$postIssue->addObject(new AdminFrontendObject(100, "Logging in to Google", l("Waiting for login") . "<br/><br/><br/><strong>" . l("Do not see popup") . "</strong><br/>" . l("Enable popups")));
$js = 'window.setInterval(function() {';
$js .= 'if(getAjaxBool("' . orongoURL("ajax/isGCSet.php") . '")) window.location="' . orongoURL("orongo-admin/post-issue.php") . '"; ';
$js .= '},2000);';
getDisplay()->addJS($js, "document.ready");
if (isset($_GET['error'])) {
$postIssue->addMessage($_GET['error'], "error");
}
if (isset($_GET['msg'])) {
switch ($_GET['msg']) {
case 0:
$postIssue->addMessage(l("Issue posted"), "success");
break;
default:
break;
}
require '../startOrongo.php';
startOrongo('admin_media');
Security::promptAuth();
if (getUser()->getRank() != RANK_ADMIN) {
header("Location: " . orongoURL("orongo-admin/index.php?msg=0"));
exit;
}
if (isset($_SERVER['QUERY_STRING'])) {
$type = $_SERVER['QUERY_STRING'];
} else {
$type = null;
}
$types = array("files", "images");
if ($type != null) {
if (!in_array($type, $types)) {
$type = null;
}
$type = strtoupper(substr($type, 0, 1)) . substr($type, 1);
$pageTitle = "Gallery";
}
if ($type == null) {
$pageTitle = "Media";
}
$media = new AdminFrontend();
$media->main(array("time" => time(), "page_title" => $pageTitle, "page_template" => "dashboard"));
$ckfinder = new CKFinder(orongoURL("lib/ckfinder/"));
if ($type != null) {
$ckfinder->ResourceType = $type;
}
$media->addObject(new AdminFrontendObject(100, l("Media Manager") . " - " . l("Powered by") . " CKFinder", $ckfinder->CreateHTML(), null, false));
$media->render();
exit;
}
$updater = new AdminFrontend();
$updater->main(array("time" => time(), "page_title" => "Update Checker", "page_template" => "dashboard"));
$isUpdateAvailable = false;
try {
$isUpdateAvailable = OrongoUpdateChecker::isUpdateAvailable();
} catch (Exception $e) {
$msgbox = new MessageBox(l("Error update check"));
$msgbox->bindException($e);
getDisplay()->addObject($msgbox);
}
if ($isUpdateAvailable) {
$updater->addMessage(l("Update available"), "success");
$info = null;
try {
$info = OrongoUpdateChecker::getLatestVersionInfo();
} catch (Exception $e) {
$msgbox = new MessageBox("Error occured while checking for update");
$msgbox->bindException($e);
getDisplay()->addObject($msgbox);
break;
}
if ($info->critical) {
$updater->addMessage(l("Critical update"), "warning");
}
$updater->addObject(new AdminFrontendObject(100, "How to update", l("Ready to update to", "r" . $info->latest_version) . '<br/>' . l("Visit for update information", "<a href='" . $info->update_url . "'>" . str_replace("http://", "", $info->update_url) . "</a>")));
} else {
$updater->addMessage(l("No update"), "info");
}
$updater->render();
$msgtype = "warning";
break;
case 2:
$msg = l("REG_MSG_USERNAME_TOO_SHORT");
$msgtype = "error";
break;
case 3:
$msg = l("REG_MSG_PASSWORD_TOO_SHORT");
$msgtype = "error";
break;
case 4:
$msg = l("REG_MSG_FILL_IN_USERNAME");
$msgtype = "error";
break;
default:
break;
}
}
$register = new AdminFrontend();
$register->main(array("time" => time(), "page_title" => "Register", "page_template" => "ndashboard"));
$form = new AdminFrontendForm(100, "Register", "POST", orongoURL("actions/action_Register.php"));
$form->addInput("Username", "username", "text", "", true);
$form->addInput("Password", "password", "password", "", true);
$form->addInput("Password again", "password_again", "password", "", true);
$form->addInput("Email", "email", "email", "", true);
$form->addButton("Register", true);
$register->addObject($form);
if ($msg != null) {
$register->addMessage($msg, $msgtype);
}
$register->render();
$article = new Article($id);
} catch (Exception $e) {
if ($e->getCode() == ARTICLE_NOT_EXIST) {
header("Location: " . orongoURL("orongo-admin/manage.php?msg=0&obj=articles"));
exit;
} else {
header("Location: " . orongoURL("orongo-admin/index.php?msg=2"));
exit;
}
}
$form = new AdminFrontendForm(100, l("Delete Article") . " (" . $article->getID() . ")", "POST", "", false);
$form->addButton("Yes", true, orongoURL("actions/action_Delete.php?article." . $article->getID()));
$form->addButton("No", false, orongoURL("orongo-admin/manage.php?articles"));
$form->setContent(l("Sure delete article", $article->getTitle()));
//The AdminFrontendForm isn't a form anymore (updateHTML() wasn't called, how epic.)
$delete->addObject($form);
$delete->render();
break;
case "user":
if (getUser()->getRank() < RANK_ADMIN) {
header("Location: " . orongoURL("orongo-admin/index.php?msg=0"));
exit;
}
$delete->setTitle("Delete User");
try {
$user = new User($id);
} catch (Exception $e) {
if ($e->getCode() == USER_NOT_EXIST) {
header("Location: " . orongoURL("orongo-admin/manage.php?msg=0&obj=users"));
exit;
} else {
if (is_dir(ROOT . '/themes/' . $file) && getStyle()->getStyleFolder() != ROOT . '/themes/' . $file . "/") {
$xmlFile = ROOT . '/themes/' . $file . '/info.xml';
if (!file_exists($xmlFile)) {
continue;
}
$xml = @simplexml_load_file($xmlFile);
$json = @json_encode($xml);
$info = @json_decode($json, true);
$styles[$info['style']['name']] = $file;
}
}
}
$settingForm->addSelect("website_style", $styles);
$settingForm->addSelect("website_lang", $languages);
$settingForm->addButton("Save", true);
$settings->addObject($settingForm);
$xml = @simplexml_load_file(getStyle()->getStylePath() . "info.xml");
$json = @json_encode($xml);
$info = @json_decode($json, true);
if (is_array($info['style']['settings']) && getStyle()->isUsingPHP()) {
$styleForm = new AdminFrontendForm(100, "Style Settings", "POST", orongoURL("actions/action_SaveStyleSettings.php"));
$styleSettings = getDatabase()->query("SELECT `setting`, `setting_value` FROM `style_data` WHERE `style_main_class` = %s", $info['style']['main_class']);
foreach ($styleSettings as $setting) {
if (!isset($info['style']['settings'][$setting['setting']])) {
continue;
}
$settingInfo = $info['style']['settings'][$setting['setting']];
if ($settingInfo['type'] == 'boolean') {
$selected = $setting['setting_value'] == 'false' ? l("No") : l("Yes");
$styleForm->addRadios($settingInfo['description'], $setting['setting'], array(l("Yes") => "true", l("No") => "false"), $selected, false);
} else {
$accessKey = $info['plugin']['access_key'];
$authKey = null;
foreach (Plugin::getAuthKeys() as $pAuthKey => $pAccessKey) {
if ($pAccessKey == $accessKey) {
$authKey = $pAuthKey;
}
}
if ($authKey == null) {
$settings->addMessage(l("Plugin not found"), "error");
$settings->render();
exit;
}
$settings->setTitle(l("Plugin Settings") . " (" . $pluginName . ") ", false);
//That's how you hack an auth key :P
$pSettings = Plugin::getSettings($authKey);
$settingForm = new AdminFrontendForm(100, l("Plugin Settings") . " (" . $pluginName . ") ", "POST", orongoURL("actions/action_SavePluginSettings.php?xml_path=" . $_GET['xml_path']), false);
foreach ($pSettings as $settingName => $value) {
if (!isset($info['plugin']['settings'][$settingName])) {
continue;
}
$setting = $info['plugin']['settings'][$settingName];
if ($setting['type'] == 'boolean') {
$selected = $value ? l("Yes") : l("No");
$settingForm->addRadios($setting['description'], $settingName, array(l("Yes") => "true", l("No") => "false"), $selected, false);
} else {
$settingForm->addInput($setting['description'], $settingName, "text", $value, false, false, false);
}
}
$settingForm->addButton("Save", true);
$settings->addObject($settingForm);
$settings->render();
