public static function configure( $home ){
self::$home = $home;
$js = ""; $css = "";
if( Authorization::isAuthorized() ){
$files = API::getFileList( INCLUDEPATH );
$files = array_merge(API::getFileList( PLUGINSPATH ), $files);
$pos = array_search("./include/cmf/js/lib.js",$files);
unset($files[$pos]);
}
else{
$files = API::getFileList( INCLUDEPATH,-1 );
$files[] = "./include/cmf/js/lib.js";
$files[] = "./include/cmf/css/cmf.notify.css";
$files[] = "./include/cmf/css/cmf.ui.css";
}
rsort($files);
foreach ($files as $path) {
$ext = pathinfo($path);
if( substr($ext['filename'], 0,1) == '_' ) continue;
$ext = $ext['extension'];
if($ext == "js"){
$js .= str_replace("{PATH}", $path, Storage::get("Template::jsInclude"));
}else if($ext == "css")
$css .= str_replace("{PATH}", $path, Storage::get("Template::cssInclude"));
}
self::assign("TITLE", Config::$SiteConf['name']);
self::assign("META", Config::$SiteConf['meta']);
self::assign("JSINCLUDE", $js);
self::assign("CSSINCLUDE", $css);
// l(self::$vars);
}
public static function getPanel() {
if( !Authorization::isAuthorized() ) return;
$panelStyles = API::parseStylesFile(CUSTOMPATH.DS."Global.views");
$paneltpl = $panelStyles["VeronicaAdminPanel"][2];
$menuItemtpl = $panelStyles["VeronicaMenuListItem"][2];
$controllers = Api::getCustom("Controller");
$modeles = Api::getCustom("Model");
$user = Authorization::getCurrentUser();
$userpanel = ViewHandler::wrap("CurrentUser", $user[0]);
$paneltpl = str_replace("<? echo \$USERPANEL;?>", $userpanel, $paneltpl);
$list = "";
foreach ($controllers as $controller){
if($controller::$inAdminPanel){
$l = str_replace("<? echo \$ADDCLICKHANDLER;?>", "Controller.add('".$controller::$name."');", $menuItemtpl);
$l = str_replace("<? echo \$CLICKHANDLER;?>", "Controller.openDashboard('".$controller::$name."');", $l);
$l = str_replace("<? echo \$COUNT;?>", "Controller.openDashboard('".$controller::$name."');", $l);
$list .= str_replace("<? echo \$ALIAS;?>", $controller::$alias, $l);
}
}
$paneltpl = str_replace("<? echo \$MENULIST;?>", $list, $paneltpl);
return $paneltpl;
}
}
}
}
//- Check user authentication, login and logout
$auth = new Authorization();
//create authorization object
// check if user has attempted to log out
if (isset($_POST['logout'])) {
$auth->revoke();
} else {
if (isset($_POST['login']) && isset($_POST['password'])) {
$auth->attemptGrant($_POST['password'], isset($_POST['remember']));
}
}
//- Actions on database files and bulk data
if ($auth->isAuthorized()) {
//- Create a new database
if (isset($_POST['new_dbname'])) {
if ($_POST['new_dbname'] == '') {
// TODO: Display an error message (do NOT echo here. echo below in the html-body!)
} else {
$str = preg_replace('@[^\\w-.]@', '', $_POST['new_dbname']);
$dbname = $str;
$dbpath = $str;
if (checkDbName($dbname)) {
$tdata = array();
$tdata['name'] = $dbname;
$tdata['path'] = $directory . DIRECTORY_SEPARATOR . $dbpath;
$td = new Database($tdata);
$td->query("VACUUM");
} else {
}
};
}();
</script>
</head>
<body>
<?php
if(ini_get("register_globals")) //check whether register_globals is turned on - if it is, we need to not continue
{
echo "<div class='confirm' style='margin:20px;'>";
echo "It appears that the PHP directive, 'register_globals' is enabled. This is bad. You need to disable it before continuing.";
echo "</div>";
exit();
}
if(!$auth->isAuthorized()) //user is not authorized - display the login screen
{
echo "<div id='loginBox'>";
echo "<h1><span id='logo'>".PROJECT."</span> <span id='version'>v".VERSION."</span></h1>";
echo "<div style='padding:15px; text-align:center;'>";
if(isset($_POST['login']))
echo "<span style='color:red;'>Incorrect password.</span><br/><br/>";
echo "<form action='".PAGE."' method='post'>";
echo "Password: <input type='password' name='password'/><br/>";
echo "<input type='checkbox' name='remember' value='yes' checked='checked'/> Remember me<br/><br/>";
echo "<input type='submit' value='Log In' name='login' class='btn'/>";
echo "<input type='hidden' name='proc_login' value='true' />";
echo "</form>";
echo "</div>";
echo "</div>";
echo "<br/>";
if (isset($_POST['logout'])) {
//user has attempted to log out
$auth->revoke();
} else {
if (isset($_POST['login']) || isset($_POST['proc_login'])) {
$_POST['login'] = true;
if ($_POST['password'] == SYSTEMPASSWORD) {
if (isset($_POST['remember'])) {
$auth->grant(true);
} else {
$auth->grant(false);
}
}
}
}
if ($auth->isAuthorized()) {
//user is creating a new Database
if (isset($_POST['new_dbname']) && $auth->isAuthorized()) {
$str = preg_replace('@[^\\w-.]@', '', $_POST['new_dbname']);
$dbname = $str;
$dbpath = $str;
if (checkDbName($dbname)) {
$tdata = array();
$tdata['name'] = $dbname;
$tdata['path'] = $directory . DIRECTORY_SEPARATOR . $dbpath;
$td = new Database($tdata);
$td->query("VACUUM");
} else {
if (is_file($dbname) || is_dir($dbname)) {
$dbexists = true;
} else {
public static function getCurrentUser() {
if(Authorization::isAuthorized()) return ModelHandler::get('Users', array($_COOKIE['user_id']));
else return false;
}
