prepend.php @ 270:48858be15bda

Visit:

Revision 270:48858be15bda, 12.0 KB checked in by Franck <carnet.franck.paul@…>, 14 years ago (diff)
Changement d'année

Rev	Line
[0]	1	<?php
	2	# -- BEGIN LICENSE BLOCK ---------------------------------------
	3	#
	4	# This file is part of Dotclear 2.
	5	#
[270]	6	# Copyright (c) 2003-2011 Olivier Meunier & Association Dotclear
[0]	7	# Licensed under the GPL version 2.0 license.
	8	# See LICENSE file or
	9	# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
	10	#
	11	# -- END LICENSE BLOCK -----------------------------------------
	12
	13	require_once dirname(__FILE__).'/../prepend.php';
	14
	15	// HTTP/1.1
	16	header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
	17	header('Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0');
	18
	19	// HTTP/1.0
	20	header("Pragma: no-cache");
	21
	22	define('DC_CONTEXT_ADMIN',true);
	23
[172]	24	function dc_prepare_url($url) {
	25
	26	$u = str_replace(array('?','&'),array('\?','&'),$url);
[185]	27	return (!strpos($u,'\?') ?
	28	'/'.$u.'$/' :
	29	(!strpos($u,'&') ?
[172]	30	'/'.$u.'(\?.*)?$/' :
[185]	31	'/'.$u.'(&.*)?$/'));
[172]	32	}
	33
[0]	34	function dc_load_locales() {
	35	global $_lang, $core;
	36
	37	$_lang = $core->auth->getInfo('user_lang');
	38	$_lang = preg_match('/^[a-z]{2}(-[a-z]{2})?$/',$_lang) ? $_lang : 'en';
	39
	40	if (l10n::set(dirname(__FILE__).'/../../locales/'.$_lang.'/date') === false && $_lang != 'en') {
	41	l10n::set(dirname(__FILE__).'/../../locales/en/date');
	42	}
	43	l10n::set(dirname(__FILE__).'/../../locales/'.$_lang.'/main');
	44	l10n::set(dirname(__FILE__).'/../../locales/'.$_lang.'/plugins');
	45	}
	46
	47	if (defined('DC_AUTH_SESS_ID') && defined('DC_AUTH_SESS_UID'))
	48	{
	49	# We have session information in constants
	50	$_COOKIE[DC_SESSION_NAME] = DC_AUTH_SESS_ID;
	51
	52	if (!$core->auth->checkSession(DC_AUTH_SESS_UID)) {
	53	throw new Exception('Invalid session data.');
	54	}
	55
	56	# Check nonce from POST requests
	57	if (!empty($_POST))
	58	{
	59	if (empty($_POST['xd_check']) \|\| !$core->checkNonce($_POST['xd_check'])) {
	60	throw new Exception('Precondition Failed.');
	61	}
	62	}
	63
	64	if (empty($_SESSION['sess_blog_id'])) {
	65	throw new Exception('Permission denied.');
	66	}
	67
	68	# Loading locales
	69	dc_load_locales();
	70
	71	$core->setBlog($_SESSION['sess_blog_id']);
	72	if (!$core->blog->id) {
	73	throw new Exception('Permission denied.');
	74	}
	75	}
	76	elseif ($core->auth->sessionExists())
	77	{
	78	# If we have a session we launch it now
	79	try {
	80	if (!$core->auth->checkSession())
	81	{
	82	# Avoid loop caused by old cookie
	83	$p = $core->session->getCookieParameters(false,-600);
	84	$p[3] = '/';
	85	call_user_func_array('setcookie',$p);
	86
	87	http::redirect('auth.php');
	88	}
	89	} catch (Exception $e) {
	90	__error(__('Database error')
	91	,__('There seems to be no Session table in your database. Is Dotclear completly installed?')
	92	,20);
	93	}
	94
	95	# Check nonce from POST requests
	96	if (!empty($_POST))
	97	{
	98	if (empty($_POST['xd_check']) \|\| !$core->checkNonce($_POST['xd_check'])) {
	99	http::head(412);
	100	header('Content-Type: text/plain');
	101	echo 'Precondition Failed';
	102	exit;
	103	}
	104	}
	105
	106
	107	if (!empty($_REQUEST['switchblog'])
	108	&& $core->auth->getPermissions($_REQUEST['switchblog']) !== false)
	109	{
	110	$_SESSION['sess_blog_id'] = $_REQUEST['switchblog'];
	111	if (isset($_SESSION['media_manager_dir'])) {
	112	unset($_SESSION['media_manager_dir']);
	113	}
	114	if (isset($_SESSION['media_manager_page'])) {
	115	unset($_SESSION['media_manager_page']);
	116	}
	117
	118	# Removing switchblog from URL
	119	$redir = $_SERVER['REQUEST_URI'];
	120	$redir = preg_replace('/switchblog=(.*?)(&\|$)/','',$redir);
	121	$redir = preg_replace('/\?$/','',$redir);
	122	http::redirect($redir);
	123	exit;
	124	}
	125
	126	# Check blog to use and log out if no result
	127	if (isset($_SESSION['sess_blog_id']))
	128	{
	129	if ($core->auth->getPermissions($_SESSION['sess_blog_id']) === false) {
	130	unset($_SESSION['sess_blog_id']);
	131	}
	132	}
	133	else
	134	{
	135	if (($b = $core->auth->findUserBlog($core->auth->getInfo('user_default_blog'))) !== false) {
	136	$_SESSION['sess_blog_id'] = $b;
	137	unset($b);
	138	}
	139	}
	140
	141	# Loading locales
	142	dc_load_locales();
	143
	144	if (isset($_SESSION['sess_blog_id'])) {
	145	$core->setBlog($_SESSION['sess_blog_id']);
	146	} else {
	147	$core->session->destroy();
	148	http::redirect('auth.php');
	149	}
[3]	150
	151	/*
	152	# Check add to my fav fired
	153	if (!empty($_REQUEST['add-favorite'])) {
	154	$redir = $_SERVER['REQUEST_URI'];
	155	# Extract admin page from URI
	156	# TO BE COMPLETED
	157	}
	158	*/
[0]	159	}
	160
	161	if ($core->auth->userID() && $core->blog !== null)
	162	{
	163	# Loading resources and help files
	164	$locales_root = dirname(__FILE__).'/../../locales/';
	165	require $locales_root.'/en/resources.php';
	166	if (($f = l10n::getFilePath($locales_root,'resources.php',$_lang))) {
	167	require $f;
	168	}
	169	unset($f);
	170
	171	if (($hfiles = @scandir($locales_root.$_lang.'/help')) !== false)
	172	{
	173	foreach ($hfiles as $hfile) {
	174	if (preg_match('/^(.*)\.html$/',$hfile,$m)) {
	175	$GLOBALS['__resources']['help'][$m[1]] = $locales_root.$_lang.'/help/'.$hfile;
	176	}
	177	}
	178	}
	179	unset($hfiles,$locales_root);
[3]	180
	181	# Standard favorites
	182	$_fav = new ArrayObject();
	183
	184	# [] : Title, URL, small icon, large icon, permissions, id, class
	185	# NB : '*' in permissions means any, null means super admin only
	186
	187	$_fav['prefs'] = new ArrayObject(array('prefs',__('My preferences'),'preferences.php',
	188	'images/menu/user-pref.png','images/menu/user-pref-b.png',
	189	'*',null,null));
	190
	191	$_fav['new_post'] = new ArrayObject(array('new_post',__('New entry'),'post.php',
	192	'images/menu/edit.png','images/menu/edit-b.png',
	193	'usage,contentadmin',null,'menu-new-post'));
	194	$_fav['posts'] = new ArrayObject(array('posts',__('Entries'),'posts.php',
	195	'images/menu/entries.png','images/menu/entries-b.png',
	196	'usage,contentadmin',null,null));
	197	$_fav['comments'] = new ArrayObject(array('comments',__('Comments'),'comments.php',
	198	'images/menu/comments.png','images/menu/comments-b.png',
	199	'usage,contentadmin',null,null));
	200	$_fav['search'] = new ArrayObject(array('search',__('Search'),'search.php',
	201	'images/menu/search.png','images/menu/search-b.png',
	202	'usage,contentadmin',null,null));
	203	$_fav['categories'] = new ArrayObject(array('categories',__('Categories'),'categories.php',
	204	'images/menu/categories.png','images/menu/categories-b.png',
	205	'categories',null,null));
	206	$_fav['media'] = new ArrayObject(array('media',__('Media manager'),'media.php',
	207	'images/menu/media.png','images/menu/media-b.png',
	208	'media,media_admin',null,null));
	209	$_fav['blog_pref'] = new ArrayObject(array('blog_pref',__('Blog settings'),'blog_pref.php',
	210	'images/menu/blog-pref.png','images/menu/blog-pref-b.png',
	211	'admin',null,null));
	212	$_fav['blog_theme'] = new ArrayObject(array('blog_theme',__('Blog appearance'),'blog_theme.php',
	213	'images/menu/themes.png','images/menu/blog-theme-b.png',
	214	'admin',null,null));
	215
	216	$_fav['blogs'] = new ArrayObject(array('blogs',__('Blogs'),'blogs.php',
	217	'images/menu/blogs.png','images/menu/blogs-b.png',
	218	'usage,contentadmin',null,null));
	219	$_fav['users'] = new ArrayObject(array('users',__('Users'),'users.php',
	220	'images/menu/users.png','images/menu/users-b.png',
	221	null,null,null));
	222	$_fav['plugins'] = new ArrayObject(array('plugins',__('Plugins'),'plugins.php',
	223	'images/menu/plugins.png','images/menu/plugins-b.png',
	224	null,null,null));
	225	$_fav['langs'] = new ArrayObject(array('langs',__('Languages'),'langs.php',
	226	'images/menu/langs.png','images/menu/langs-b.png',
	227	null,null,null));
[0]	228
	229	# Menus creation
	230	$_menu['Dashboard'] = new dcMenu('dashboard-menu',null);
[3]	231	$_menu['Favorites'] = new dcMenu('favorites-menu','My favorites');
[0]	232	$_menu['Blog'] = new dcMenu('blog-menu','Blog');
	233	$_menu['System'] = new dcMenu('system-menu','System');
	234	$_menu['Plugins'] = new dcMenu('plugins-menu','Plugins');
	235
	236	# Loading plugins
	237	$core->plugins->loadModules(DC_PLUGINS_ROOT,'admin',$_lang);
[3]	238
	239	# Loading favorites info from plugins
	240	$core->callBehavior('adminDashboardFavs', $core, $_fav);
[0]	241
	242	# Set menu titles
	243
	244	$_menu['System']->title = __('System');
	245	$_menu['Blog']->title = __('Blog');
	246	$_menu['Plugins']->title = __('Plugins');
[3]	247	$_menu['Favorites']->title = __('My favorites');
	248
	249	/*
	250	if (!preg_match('/index.php$/',$_SERVER['REQUEST_URI'])) {
	251	# Admin index can't be add in fav's
	252	$_menu['Dashboard']->prependItem(__('Add this page to my favorites'),'#','images/menu/add_to_favorites.png',
	253	false,$core->auth->check('usage,contentadmin',$core->blog->id),'fav-add');
	254	}
	255	*/
	256	$_menu['Dashboard']->prependItem(__('My preferences'),'preferences.php','images/menu/user-pref.png',
	257	preg_match('/preferences.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
	258	true);
[0]	259	$_menu['Dashboard']->prependItem(__('Dashboard'),'index.php','images/menu/dashboard.png',
	260	preg_match('/index.php$/',$_SERVER['REQUEST_URI']),
	261	$core->auth->check('usage,contentadmin',$core->blog->id));
	262
	263	$_menu['Blog']->prependItem(__('Blog appearance'),'blog_theme.php','images/menu/themes.png',
	264	preg_match('/blog_theme.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
	265	$core->auth->check('admin',$core->blog->id));
[3]	266	$_menu['Blog']->prependItem(__('Blog settings'),'blog_pref.php','images/menu/blog-pref.png',
	267	preg_match('/blog_pref.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
	268	$core->auth->check('admin',$core->blog->id));
[0]	269	$_menu['Blog']->prependItem(__('Media manager'),'media.php','images/menu/media.png',
	270	preg_match('/media(_item)?.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
	271	$core->auth->check('media,media_admin',$core->blog->id));
	272	$_menu['Blog']->prependItem(__('Categories'),'categories.php','images/menu/categories.png',
	273	preg_match('/categories.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
	274	$core->auth->check('categories',$core->blog->id));
	275	$_menu['Blog']->prependItem(__('Search'),'search.php','images/menu/search.png',
	276	preg_match('/search.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
	277	$core->auth->check('usage,contentadmin',$core->blog->id));
	278	$_menu['Blog']->prependItem(__('Comments'),'comments.php','images/menu/comments.png',
	279	preg_match('/comments.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
	280	$core->auth->check('usage,contentadmin',$core->blog->id));
	281	$_menu['Blog']->prependItem(__('Entries'),'posts.php','images/menu/entries.png',
	282	preg_match('/posts.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
	283	$core->auth->check('usage,contentadmin',$core->blog->id));
	284	$_menu['Blog']->prependItem(__('New entry'),'post.php','images/menu/edit.png',
	285	preg_match('/post.php$/',$_SERVER['REQUEST_URI']),
	286	$core->auth->check('usage,contentadmin',$core->blog->id),'menu-new-post');
	287
	288	$_menu['System']->prependItem(__('Updates'),'update.php','images/menu/update.png',
	289	preg_match('/update.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
	290	$core->auth->isSuperAdmin() && is_readable(DC_DIGESTS));
	291	$_menu['System']->prependItem(__('Languages'),'langs.php','images/menu/langs.png',
	292	preg_match('/langs.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
	293	$core->auth->isSuperAdmin());
	294	$_menu['System']->prependItem(__('Plugins'),'plugins.php','images/menu/plugins.png',
	295	preg_match('/plugins.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
	296	$core->auth->isSuperAdmin());
	297	$_menu['System']->prependItem(__('Users'),'users.php','images/menu/users.png',
	298	preg_match('/users.php$/',$_SERVER['REQUEST_URI']),
	299	$core->auth->isSuperAdmin());
	300	$_menu['System']->prependItem(__('Blogs'),'blogs.php','images/menu/blogs.png',
	301	preg_match('/blogs.php$/',$_SERVER['REQUEST_URI']),
	302	$core->auth->isSuperAdmin() \|\|
	303	$core->auth->check('usage,contentadmin',$core->blog->id) && $core->auth->blog_count > 1);
[139]	304
[157]	305	// Set favorites menu
	306	$ws = $core->auth->user_prefs->addWorkspace('favorites');
	307	$count = 0;
	308	foreach ($ws->dumpPrefs() as $k => $v) {
	309	// User favorites only
	310	if (!$v['global']) {
	311	$count++;
	312	$fav = unserialize($v['value']);
	313	$_menu['Favorites']->addItem($fav['title'],$fav['url'],$fav['small-icon'],
[172]	314	preg_match(dc_prepare_url($fav['url']),$_SERVER['REQUEST_URI']),
[157]	315	(($fav['permissions'] == '*') \|\| $core->auth->check($fav['permissions'],$core->blog->id)),$fav['id'],$fav['class']);
	316	}
	317	}
	318	if (!$count) {
	319	// Global favorites if any
[139]	320	foreach ($ws->dumpPrefs() as $k => $v) {
[157]	321	$count++;
	322	$fav = unserialize($v['value']);
	323	$_menu['Favorites']->addItem($fav['title'],$fav['url'],$fav['small-icon'],
[172]	324	preg_match(dc_prepare_url($fav['url']),$_SERVER['REQUEST_URI']),
[157]	325	(($fav['permissions'] == '*') \|\| $core->auth->check($fav['permissions'],$core->blog->id)),$fav['id'],$fav['class']);
[139]	326	}
[157]	327	}
	328	if (!$count) {
	329	// No user or global favorites, add "new entry" fav
	330	$_menu['Favorites']->addItem(__('New entry'),'post.php','images/menu/edit.png',
	331	preg_match('/post.php$/',$_SERVER['REQUEST_URI']),
	332	$core->auth->check('usage,contentadmin',$core->blog->id),'menu-new-post',null);
	333	}
[140]	334	}
[0]	335	?>

Note: See TracBrowser for help on using the repository browser.

Dotclear

Context Navigation

source: inc/admin/prepend.php @ 270:48858be15bda

Download in other formats:

Sites map