prepend.php @ 106:cca7b21765d2

Visit:

Revision 106:cca7b21765d2, 10.6 KB checked in by xpla@…, 14 years ago (diff)
Bugfix for userprefs load.

Rev	Line
[0]	1	<?php
	2	# -- BEGIN LICENSE BLOCK ---------------------------------------
	3	#
	4	# This file is part of Dotclear 2.
	5	#
	6	# Copyright (c) 2003-2010 Olivier Meunier & Association Dotclear
	7	# Licensed under the GPL version 2.0 license.
	8	# See LICENSE file or
	9	# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
	10	#
	11	# -- END LICENSE BLOCK -----------------------------------------
	12
	13	require_once dirname(__FILE__).'/../prepend.php';
	14
	15	// HTTP/1.1
	16	header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
	17	header('Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0');
	18
	19	// HTTP/1.0
	20	header("Pragma: no-cache");
	21
	22	define('DC_CONTEXT_ADMIN',true);
	23
	24	function dc_load_locales() {
	25	global $_lang, $core;
	26
	27	$_lang = $core->auth->getInfo('user_lang');
	28	$_lang = preg_match('/^[a-z]{2}(-[a-z]{2})?$/',$_lang) ? $_lang : 'en';
	29
	30	if (l10n::set(dirname(__FILE__).'/../../locales/'.$_lang.'/date') === false && $_lang != 'en') {
	31	l10n::set(dirname(__FILE__).'/../../locales/en/date');
	32	}
	33	l10n::set(dirname(__FILE__).'/../../locales/'.$_lang.'/main');
	34	l10n::set(dirname(__FILE__).'/../../locales/'.$_lang.'/plugins');
	35	}
	36
	37	if (defined('DC_AUTH_SESS_ID') && defined('DC_AUTH_SESS_UID'))
	38	{
	39	# We have session information in constants
	40	$_COOKIE[DC_SESSION_NAME] = DC_AUTH_SESS_ID;
	41
	42	if (!$core->auth->checkSession(DC_AUTH_SESS_UID)) {
	43	throw new Exception('Invalid session data.');
	44	}
	45
	46	# Check nonce from POST requests
	47	if (!empty($_POST))
	48	{
	49	if (empty($_POST['xd_check']) \|\| !$core->checkNonce($_POST['xd_check'])) {
	50	throw new Exception('Precondition Failed.');
	51	}
	52	}
	53
	54	if (empty($_SESSION['sess_blog_id'])) {
	55	throw new Exception('Permission denied.');
	56	}
	57
	58	# Loading locales
	59	dc_load_locales();
	60
	61	$core->setBlog($_SESSION['sess_blog_id']);
	62	if (!$core->blog->id) {
	63	throw new Exception('Permission denied.');
	64	}
	65	}
	66	elseif ($core->auth->sessionExists())
	67	{
	68	# If we have a session we launch it now
	69	try {
	70	if (!$core->auth->checkSession())
	71	{
	72	# Avoid loop caused by old cookie
	73	$p = $core->session->getCookieParameters(false,-600);
	74	$p[3] = '/';
	75	call_user_func_array('setcookie',$p);
	76
	77	http::redirect('auth.php');
	78	}
	79	} catch (Exception $e) {
	80	__error(__('Database error')
	81	,__('There seems to be no Session table in your database. Is Dotclear completly installed?')
	82	,20);
	83	}
	84
	85	# Check nonce from POST requests
	86	if (!empty($_POST))
	87	{
	88	if (empty($_POST['xd_check']) \|\| !$core->checkNonce($_POST['xd_check'])) {
	89	http::head(412);
	90	header('Content-Type: text/plain');
	91	echo 'Precondition Failed';
	92	exit;
	93	}
	94	}
	95
	96
	97	if (!empty($_REQUEST['switchblog'])
	98	&& $core->auth->getPermissions($_REQUEST['switchblog']) !== false)
	99	{
	100	$_SESSION['sess_blog_id'] = $_REQUEST['switchblog'];
	101	if (isset($_SESSION['media_manager_dir'])) {
	102	unset($_SESSION['media_manager_dir']);
	103	}
	104	if (isset($_SESSION['media_manager_page'])) {
	105	unset($_SESSION['media_manager_page']);
	106	}
	107
	108	# Removing switchblog from URL
	109	$redir = $_SERVER['REQUEST_URI'];
	110	$redir = preg_replace('/switchblog=(.*?)(&\|$)/','',$redir);
	111	$redir = preg_replace('/\?$/','',$redir);
	112	http::redirect($redir);
	113	exit;
	114	}
	115
	116	# Check blog to use and log out if no result
	117	if (isset($_SESSION['sess_blog_id']))
	118	{
	119	if ($core->auth->getPermissions($_SESSION['sess_blog_id']) === false) {
	120	unset($_SESSION['sess_blog_id']);
	121	}
	122	}
	123	else
	124	{
	125	if (($b = $core->auth->findUserBlog($core->auth->getInfo('user_default_blog'))) !== false) {
	126	$_SESSION['sess_blog_id'] = $b;
	127	unset($b);
	128	}
	129	}
	130
	131	# Loading locales
	132	dc_load_locales();
	133
	134	if (isset($_SESSION['sess_blog_id'])) {
	135	$core->setBlog($_SESSION['sess_blog_id']);
	136	} else {
	137	$core->session->destroy();
	138	http::redirect('auth.php');
	139	}
[3]	140
	141	/*
	142	# Check add to my fav fired
	143	if (!empty($_REQUEST['add-favorite'])) {
	144	$redir = $_SERVER['REQUEST_URI'];
	145	# Extract admin page from URI
	146	# TO BE COMPLETED
	147	}
	148	*/
[0]	149	}
	150
	151	if ($core->auth->userID() && $core->blog !== null)
	152	{
	153	# Loading resources and help files
	154	$locales_root = dirname(__FILE__).'/../../locales/';
	155	require $locales_root.'/en/resources.php';
	156	if (($f = l10n::getFilePath($locales_root,'resources.php',$_lang))) {
	157	require $f;
	158	}
	159	unset($f);
	160
	161	if (($hfiles = @scandir($locales_root.$_lang.'/help')) !== false)
	162	{
	163	foreach ($hfiles as $hfile) {
	164	if (preg_match('/^(.*)\.html$/',$hfile,$m)) {
	165	$GLOBALS['__resources']['help'][$m[1]] = $locales_root.$_lang.'/help/'.$hfile;
	166	}
	167	}
	168	}
	169	unset($hfiles,$locales_root);
[3]	170
	171	# Standard favorites
	172	$_fav = new ArrayObject();
	173
	174	# [] : Title, URL, small icon, large icon, permissions, id, class
	175	# NB : '*' in permissions means any, null means super admin only
	176
	177	$_fav['prefs'] = new ArrayObject(array('prefs',__('My preferences'),'preferences.php',
	178	'images/menu/user-pref.png','images/menu/user-pref-b.png',
	179	'*',null,null));
	180
	181	$_fav['new_post'] = new ArrayObject(array('new_post',__('New entry'),'post.php',
	182	'images/menu/edit.png','images/menu/edit-b.png',
	183	'usage,contentadmin',null,'menu-new-post'));
	184	$_fav['posts'] = new ArrayObject(array('posts',__('Entries'),'posts.php',
	185	'images/menu/entries.png','images/menu/entries-b.png',
	186	'usage,contentadmin',null,null));
	187	$_fav['comments'] = new ArrayObject(array('comments',__('Comments'),'comments.php',
	188	'images/menu/comments.png','images/menu/comments-b.png',
	189	'usage,contentadmin',null,null));
	190	$_fav['search'] = new ArrayObject(array('search',__('Search'),'search.php',
	191	'images/menu/search.png','images/menu/search-b.png',
	192	'usage,contentadmin',null,null));
	193	$_fav['categories'] = new ArrayObject(array('categories',__('Categories'),'categories.php',
	194	'images/menu/categories.png','images/menu/categories-b.png',
	195	'categories',null,null));
	196	$_fav['media'] = new ArrayObject(array('media',__('Media manager'),'media.php',
	197	'images/menu/media.png','images/menu/media-b.png',
	198	'media,media_admin',null,null));
	199	$_fav['blog_pref'] = new ArrayObject(array('blog_pref',__('Blog settings'),'blog_pref.php',
	200	'images/menu/blog-pref.png','images/menu/blog-pref-b.png',
	201	'admin',null,null));
	202	$_fav['blog_theme'] = new ArrayObject(array('blog_theme',__('Blog appearance'),'blog_theme.php',
	203	'images/menu/themes.png','images/menu/blog-theme-b.png',
	204	'admin',null,null));
	205
	206	$_fav['blogs'] = new ArrayObject(array('blogs',__('Blogs'),'blogs.php',
	207	'images/menu/blogs.png','images/menu/blogs-b.png',
	208	'usage,contentadmin',null,null));
	209	$_fav['users'] = new ArrayObject(array('users',__('Users'),'users.php',
	210	'images/menu/users.png','images/menu/users-b.png',
	211	null,null,null));
	212	$_fav['plugins'] = new ArrayObject(array('plugins',__('Plugins'),'plugins.php',
	213	'images/menu/plugins.png','images/menu/plugins-b.png',
	214	null,null,null));
	215	$_fav['langs'] = new ArrayObject(array('langs',__('Languages'),'langs.php',
	216	'images/menu/langs.png','images/menu/langs-b.png',
	217	null,null,null));
[0]	218
	219	# Menus creation
	220	$_menu['Dashboard'] = new dcMenu('dashboard-menu',null);
[3]	221	$_menu['Favorites'] = new dcMenu('favorites-menu','My favorites');
[0]	222	$_menu['Blog'] = new dcMenu('blog-menu','Blog');
	223	$_menu['System'] = new dcMenu('system-menu','System');
	224	$_menu['Plugins'] = new dcMenu('plugins-menu','Plugins');
	225
	226	# Loading plugins
	227	$core->plugins->loadModules(DC_PLUGINS_ROOT,'admin',$_lang);
[3]	228
	229	# Loading favorites info from plugins
	230	$core->callBehavior('adminDashboardFavs', $core, $_fav);
[0]	231
	232	# Set menu titles
	233
	234	$_menu['System']->title = __('System');
	235	$_menu['Blog']->title = __('Blog');
	236	$_menu['Plugins']->title = __('Plugins');
[3]	237	$_menu['Favorites']->title = __('My favorites');
	238
	239	/*
	240	if (!preg_match('/index.php$/',$_SERVER['REQUEST_URI'])) {
	241	# Admin index can't be add in fav's
	242	$_menu['Dashboard']->prependItem(__('Add this page to my favorites'),'#','images/menu/add_to_favorites.png',
	243	false,$core->auth->check('usage,contentadmin',$core->blog->id),'fav-add');
	244	}
	245	*/
	246	$_menu['Dashboard']->prependItem(__('My preferences'),'preferences.php','images/menu/user-pref.png',
	247	preg_match('/preferences.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
	248	true);
[0]	249	$_menu['Dashboard']->prependItem(__('Dashboard'),'index.php','images/menu/dashboard.png',
	250	preg_match('/index.php$/',$_SERVER['REQUEST_URI']),
	251	$core->auth->check('usage,contentadmin',$core->blog->id));
	252
	253	$_menu['Blog']->prependItem(__('Blog appearance'),'blog_theme.php','images/menu/themes.png',
	254	preg_match('/blog_theme.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
	255	$core->auth->check('admin',$core->blog->id));
[3]	256	$_menu['Blog']->prependItem(__('Blog settings'),'blog_pref.php','images/menu/blog-pref.png',
	257	preg_match('/blog_pref.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
	258	$core->auth->check('admin',$core->blog->id));
[0]	259	$_menu['Blog']->prependItem(__('Media manager'),'media.php','images/menu/media.png',
	260	preg_match('/media(_item)?.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
	261	$core->auth->check('media,media_admin',$core->blog->id));
	262	$_menu['Blog']->prependItem(__('Categories'),'categories.php','images/menu/categories.png',
	263	preg_match('/categories.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
	264	$core->auth->check('categories',$core->blog->id));
	265	$_menu['Blog']->prependItem(__('Search'),'search.php','images/menu/search.png',
	266	preg_match('/search.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
	267	$core->auth->check('usage,contentadmin',$core->blog->id));
	268	$_menu['Blog']->prependItem(__('Comments'),'comments.php','images/menu/comments.png',
	269	preg_match('/comments.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
	270	$core->auth->check('usage,contentadmin',$core->blog->id));
	271	$_menu['Blog']->prependItem(__('Entries'),'posts.php','images/menu/entries.png',
	272	preg_match('/posts.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
	273	$core->auth->check('usage,contentadmin',$core->blog->id));
	274	$_menu['Blog']->prependItem(__('New entry'),'post.php','images/menu/edit.png',
	275	preg_match('/post.php$/',$_SERVER['REQUEST_URI']),
	276	$core->auth->check('usage,contentadmin',$core->blog->id),'menu-new-post');
	277
	278	$_menu['System']->prependItem(__('Updates'),'update.php','images/menu/update.png',
	279	preg_match('/update.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
	280	$core->auth->isSuperAdmin() && is_readable(DC_DIGESTS));
	281	$_menu['System']->prependItem(__('Languages'),'langs.php','images/menu/langs.png',
	282	preg_match('/langs.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
	283	$core->auth->isSuperAdmin());
	284	$_menu['System']->prependItem(__('Plugins'),'plugins.php','images/menu/plugins.png',
	285	preg_match('/plugins.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
	286	$core->auth->isSuperAdmin());
	287	$_menu['System']->prependItem(__('Users'),'users.php','images/menu/users.png',
	288	preg_match('/users.php$/',$_SERVER['REQUEST_URI']),
	289	$core->auth->isSuperAdmin());
	290	$_menu['System']->prependItem(__('Blogs'),'blogs.php','images/menu/blogs.png',
	291	preg_match('/blogs.php$/',$_SERVER['REQUEST_URI']),
	292	$core->auth->isSuperAdmin() \|\|
	293	$core->auth->check('usage,contentadmin',$core->blog->id) && $core->auth->blog_count > 1);
[3]	294	}
[0]	295	?>

Note: See TracBrowser for help on using the repository browser.

Dotclear

Context Navigation

source: inc/admin/prepend.php @ 106:cca7b21765d2

Download in other formats:

Sites map