prepend.php @ 468:572060f80465

Visit:

Revision 468:572060f80465, 12.4 KB checked in by Franck <carnet.franck.paul@…>, 14 years ago (diff)

Un favori de plugin désactivé ou désinstallé n'est plus actif dans le menu des favoris et sur le dashboard. Il reste cependant enregistré et l'utilisateur devra le supprimer manuellement si nécessaire.

La fonction de contrôle — bien que fonctionnelle — est à revoir (bouillie de tests)

Line
1	<?php
2	# -- BEGIN LICENSE BLOCK ---------------------------------------
3	#
4	# This file is part of Dotclear 2.
5	#
6	# Copyright (c) 2003-2011 Olivier Meunier & Association Dotclear
7	# Licensed under the GPL version 2.0 license.
8	# See LICENSE file or
9	# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
10	#
11	# -- END LICENSE BLOCK -----------------------------------------
12
13	require_once dirname(__FILE__).'/../prepend.php';
14
15	// HTTP/1.1
16	header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
17	header('Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0');
18
19	// HTTP/1.0
20	header("Pragma: no-cache");
21
22	define('DC_CONTEXT_ADMIN',true);
23
24	function dc_valid_fav($url) {
25	global $core;
26
27	$parts = parse_url($url);
28	if (isset($parts['path'])) {
29	if ($parts['path'] == 'plugin.php') {
30	if (isset($parts['query'])) {
31	$parts = explode('&', $parts['query']);
32	$param = explode('=', $parts[0]);
33	if (($param[0] == 'p') && (isset($param[1]))) {
34	if (!$core->plugins->moduleExists($param[1])) {
35	return false;
36	}
37	}
38	}
39	}
40	}
41	return true;
42	}
43
44	function dc_prepare_url($url) {
45
46	$u = str_replace(array('?','&'),array('\?','&'),$url);
47	return (!strpos($u,'\?') ?
48	'/'.$u.'$/' :
49	(!strpos($u,'&') ?
50	'/'.$u.'(\?.*)?$/' :
51	'/'.$u.'(&.*)?$/'));
52	}
53
54	function dc_load_locales() {
55	global $_lang, $core;
56
57	$_lang = $core->auth->getInfo('user_lang');
58	$_lang = preg_match('/^[a-z]{2}(-[a-z]{2})?$/',$_lang) ? $_lang : 'en';
59
60	if (l10n::set(dirname(__FILE__).'/../../locales/'.$_lang.'/date') === false && $_lang != 'en') {
61	l10n::set(dirname(__FILE__).'/../../locales/en/date');
62	}
63	l10n::set(dirname(__FILE__).'/../../locales/'.$_lang.'/main');
64	l10n::set(dirname(__FILE__).'/../../locales/'.$_lang.'/plugins');
65	}
66
67	if (defined('DC_AUTH_SESS_ID') && defined('DC_AUTH_SESS_UID'))
68	{
69	# We have session information in constants
70	$_COOKIE[DC_SESSION_NAME] = DC_AUTH_SESS_ID;
71
72	if (!$core->auth->checkSession(DC_AUTH_SESS_UID)) {
73	throw new Exception('Invalid session data.');
74	}
75
76	# Check nonce from POST requests
77	if (!empty($_POST))
78	{
79	if (empty($_POST['xd_check']) \|\| !$core->checkNonce($_POST['xd_check'])) {
80	throw new Exception('Precondition Failed.');
81	}
82	}
83
84	if (empty($_SESSION['sess_blog_id'])) {
85	throw new Exception('Permission denied.');
86	}
87
88	# Loading locales
89	dc_load_locales();
90
91	$core->setBlog($_SESSION['sess_blog_id']);
92	if (!$core->blog->id) {
93	throw new Exception('Permission denied.');
94	}
95	}
96	elseif ($core->auth->sessionExists())
97	{
98	# If we have a session we launch it now
99	try {
100	if (!$core->auth->checkSession())
101	{
102	# Avoid loop caused by old cookie
103	$p = $core->session->getCookieParameters(false,-600);
104	$p[3] = '/';
105	call_user_func_array('setcookie',$p);
106
107	http::redirect('auth.php');
108	}
109	} catch (Exception $e) {
110	__error(__('Database error')
111	,__('There seems to be no Session table in your database. Is Dotclear completly installed?')
112	,20);
113	}
114
115	# Check nonce from POST requests
116	if (!empty($_POST))
117	{
118	if (empty($_POST['xd_check']) \|\| !$core->checkNonce($_POST['xd_check'])) {
119	http::head(412);
120	header('Content-Type: text/plain');
121	echo 'Precondition Failed';
122	exit;
123	}
124	}
125
126
127	if (!empty($_REQUEST['switchblog'])
128	&& $core->auth->getPermissions($_REQUEST['switchblog']) !== false)
129	{
130	$_SESSION['sess_blog_id'] = $_REQUEST['switchblog'];
131	if (isset($_SESSION['media_manager_dir'])) {
132	unset($_SESSION['media_manager_dir']);
133	}
134	if (isset($_SESSION['media_manager_page'])) {
135	unset($_SESSION['media_manager_page']);
136	}
137
138	# Removing switchblog from URL
139	$redir = $_SERVER['REQUEST_URI'];
140	$redir = preg_replace('/switchblog=(.*?)(&\|$)/','',$redir);
141	$redir = preg_replace('/\?$/','',$redir);
142	http::redirect($redir);
143	exit;
144	}
145
146	# Check blog to use and log out if no result
147	if (isset($_SESSION['sess_blog_id']))
148	{
149	if ($core->auth->getPermissions($_SESSION['sess_blog_id']) === false) {
150	unset($_SESSION['sess_blog_id']);
151	}
152	}
153	else
154	{
155	if (($b = $core->auth->findUserBlog($core->auth->getInfo('user_default_blog'))) !== false) {
156	$_SESSION['sess_blog_id'] = $b;
157	unset($b);
158	}
159	}
160
161	# Loading locales
162	dc_load_locales();
163
164	if (isset($_SESSION['sess_blog_id'])) {
165	$core->setBlog($_SESSION['sess_blog_id']);
166	} else {
167	$core->session->destroy();
168	http::redirect('auth.php');
169	}
170
171	/*
172	# Check add to my fav fired
173	if (!empty($_REQUEST['add-favorite'])) {
174	$redir = $_SERVER['REQUEST_URI'];
175	# Extract admin page from URI
176	# TO BE COMPLETED
177	}
178	*/
179	}
180
181	if ($core->auth->userID() && $core->blog !== null)
182	{
183	# Loading resources and help files
184	$locales_root = dirname(__FILE__).'/../../locales/';
185	require $locales_root.'/en/resources.php';
186	if (($f = l10n::getFilePath($locales_root,'resources.php',$_lang))) {
187	require $f;
188	}
189	unset($f);
190
191	if (($hfiles = @scandir($locales_root.$_lang.'/help')) !== false)
192	{
193	foreach ($hfiles as $hfile) {
194	if (preg_match('/^(.*)\.html$/',$hfile,$m)) {
195	$GLOBALS['__resources']['help'][$m[1]] = $locales_root.$_lang.'/help/'.$hfile;
196	}
197	}
198	}
199	unset($hfiles,$locales_root);
200
201	# Standard favorites
202	$_fav = new ArrayObject();
203
204	# [] : Title, URL, small icon, large icon, permissions, id, class
205	# NB : '*' in permissions means any, null means super admin only
206
207	$_fav['prefs'] = new ArrayObject(array('prefs','My preferences','preferences.php',
208	'images/menu/user-pref.png','images/menu/user-pref-b.png',
209	'*',null,null));
210
211	$_fav['new_post'] = new ArrayObject(array('new_post','New entry','post.php',
212	'images/menu/edit.png','images/menu/edit-b.png',
213	'usage,contentadmin',null,'menu-new-post'));
214	$_fav['posts'] = new ArrayObject(array('posts','Entries','posts.php',
215	'images/menu/entries.png','images/menu/entries-b.png',
216	'usage,contentadmin',null,null));
217	$_fav['comments'] = new ArrayObject(array('comments','Comments','comments.php',
218	'images/menu/comments.png','images/menu/comments-b.png',
219	'usage,contentadmin',null,null));
220	$_fav['search'] = new ArrayObject(array('search','Search','search.php',
221	'images/menu/search.png','images/menu/search-b.png',
222	'usage,contentadmin',null,null));
223	$_fav['categories'] = new ArrayObject(array('categories','Categories','categories.php',
224	'images/menu/categories.png','images/menu/categories-b.png',
225	'categories',null,null));
226	$_fav['media'] = new ArrayObject(array('media','Media manager','media.php',
227	'images/menu/media.png','images/menu/media-b.png',
228	'media,media_admin',null,null));
229	$_fav['blog_pref'] = new ArrayObject(array('blog_pref','Blog settings','blog_pref.php',
230	'images/menu/blog-pref.png','images/menu/blog-pref-b.png',
231	'admin',null,null));
232	$_fav['blog_theme'] = new ArrayObject(array('blog_theme','Blog appearance','blog_theme.php',
233	'images/menu/themes.png','images/menu/blog-theme-b.png',
234	'admin',null,null));
235
236	$_fav['blogs'] = new ArrayObject(array('blogs','Blogs','blogs.php',
237	'images/menu/blogs.png','images/menu/blogs-b.png',
238	'usage,contentadmin',null,null));
239	$_fav['users'] = new ArrayObject(array('users','Users','users.php',
240	'images/menu/users.png','images/menu/users-b.png',
241	null,null,null));
242	$_fav['plugins'] = new ArrayObject(array('plugins','Plugins','plugins.php',
243	'images/menu/plugins.png','images/menu/plugins-b.png',
244	null,null,null));
245	$_fav['langs'] = new ArrayObject(array('langs','Languages','langs.php',
246	'images/menu/langs.png','images/menu/langs-b.png',
247	null,null,null));
248
249	# Menus creation
250	$_menu['Dashboard'] = new dcMenu('dashboard-menu',null);
251	$_menu['Favorites'] = new dcMenu('favorites-menu','My favorites');
252	$_menu['Blog'] = new dcMenu('blog-menu','Blog');
253	$_menu['System'] = new dcMenu('system-menu','System');
254	$_menu['Plugins'] = new dcMenu('plugins-menu','Plugins');
255
256	# Loading plugins
257	$core->plugins->loadModules(DC_PLUGINS_ROOT,'admin',$_lang);
258
259	# Loading favorites info from plugins
260	$core->callBehavior('adminDashboardFavs', $core, $_fav);
261
262	# Set menu titles
263
264	$_menu['System']->title = __('System');
265	$_menu['Blog']->title = __('Blog');
266	$_menu['Plugins']->title = __('Plugins');
267	$_menu['Favorites']->title = __('My favorites');
268
269	/*
270	if (!preg_match('/index.php$/',$_SERVER['REQUEST_URI'])) {
271	# Admin index can't be add in fav's
272	$_menu['Dashboard']->prependItem(__('Add this page to my favorites'),'#','images/menu/add_to_favorites.png',
273	false,$core->auth->check('usage,contentadmin',$core->blog->id),'fav-add');
274	}
275	*/
276	$_menu['Dashboard']->prependItem(__('My preferences'),'preferences.php','images/menu/user-pref.png',
277	preg_match('/preferences.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
278	true);
279	$_menu['Dashboard']->prependItem(__('Dashboard'),'index.php','images/menu/dashboard.png',
280	preg_match('/index.php$/',$_SERVER['REQUEST_URI']),
281	$core->auth->check('usage,contentadmin',$core->blog->id));
282
283	$_menu['Blog']->prependItem(__('Blog appearance'),'blog_theme.php','images/menu/themes.png',
284	preg_match('/blog_theme.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
285	$core->auth->check('admin',$core->blog->id));
286	$_menu['Blog']->prependItem(__('Blog settings'),'blog_pref.php','images/menu/blog-pref.png',
287	preg_match('/blog_pref.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
288	$core->auth->check('admin',$core->blog->id));
289	$_menu['Blog']->prependItem(__('Media manager'),'media.php','images/menu/media.png',
290	preg_match('/media(_item)?.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
291	$core->auth->check('media,media_admin',$core->blog->id));
292	$_menu['Blog']->prependItem(__('Categories'),'categories.php','images/menu/categories.png',
293	preg_match('/categories.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
294	$core->auth->check('categories',$core->blog->id));
295	$_menu['Blog']->prependItem(__('Search'),'search.php','images/menu/search.png',
296	preg_match('/search.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
297	$core->auth->check('usage,contentadmin',$core->blog->id));
298	$_menu['Blog']->prependItem(__('Comments'),'comments.php','images/menu/comments.png',
299	preg_match('/comments.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
300	$core->auth->check('usage,contentadmin',$core->blog->id));
301	$_menu['Blog']->prependItem(__('Entries'),'posts.php','images/menu/entries.png',
302	preg_match('/posts.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
303	$core->auth->check('usage,contentadmin',$core->blog->id));
304	$_menu['Blog']->prependItem(__('New entry'),'post.php','images/menu/edit.png',
305	preg_match('/post.php$/',$_SERVER['REQUEST_URI']),
306	$core->auth->check('usage,contentadmin',$core->blog->id),'menu-new-post');
307
308	$_menu['System']->prependItem(__('Updates'),'update.php','images/menu/update.png',
309	preg_match('/update.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
310	$core->auth->isSuperAdmin() && is_readable(DC_DIGESTS));
311	$_menu['System']->prependItem(__('Languages'),'langs.php','images/menu/langs.png',
312	preg_match('/langs.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
313	$core->auth->isSuperAdmin());
314	$_menu['System']->prependItem(__('Plugins'),'plugins.php','images/menu/plugins.png',
315	preg_match('/plugins.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
316	$core->auth->isSuperAdmin());
317	$_menu['System']->prependItem(__('Users'),'users.php','images/menu/users.png',
318	preg_match('/users.php$/',$_SERVER['REQUEST_URI']),
319	$core->auth->isSuperAdmin());
320	$_menu['System']->prependItem(__('Blogs'),'blogs.php','images/menu/blogs.png',
321	preg_match('/blogs.php$/',$_SERVER['REQUEST_URI']),
322	$core->auth->isSuperAdmin() \|\|
323	$core->auth->check('usage,contentadmin',$core->blog->id) && $core->auth->blog_count > 1);
324
325	// Set favorites menu
326	$ws = $core->auth->user_prefs->addWorkspace('favorites');
327	$count = 0;
328	foreach ($ws->dumpPrefs() as $k => $v) {
329	// User favorites only
330	if (!$v['global']) {
331	$fav = unserialize($v['value']);
332	if (dc_valid_fav($fav['url'])) {
333	$count++;
334	$_menu['Favorites']->addItem(__($fav['title']),$fav['url'],$fav['small-icon'],
335	preg_match(dc_prepare_url($fav['url']),$_SERVER['REQUEST_URI']),
336	(($fav['permissions'] == '*') \|\| $core->auth->check($fav['permissions'],$core->blog->id)),$fav['id'],$fav['class']);
337	}
338	}
339	}
340	if (!$count) {
341	// Global favorites if any
342	foreach ($ws->dumpPrefs() as $k => $v) {
343	$fav = unserialize($v['value']);
344	if (dc_valid_fav($fav[url])) {
345	$count++;
346	$_menu['Favorites']->addItem(__($fav['title']),$fav['url'],$fav['small-icon'],
347	preg_match(dc_prepare_url($fav['url']),$_SERVER['REQUEST_URI']),
348	(($fav['permissions'] == '*') \|\| $core->auth->check($fav['permissions'],$core->blog->id)),$fav['id'],$fav['class']);
349	}
350	}
351	}
352	if (!$count) {
353	// No user or global favorites, add "new entry" fav
354	$_menu['Favorites']->addItem(__('New entry'),'post.php','images/menu/edit.png',
355	preg_match('/post.php$/',$_SERVER['REQUEST_URI']),
356	$core->auth->check('usage,contentadmin',$core->blog->id),'menu-new-post',null);
357	}
358	}
359	?>

Note: See TracBrowser for help on using the repository browser.

Dotclear

Context Navigation

source: inc/admin/prepend.php @ 468:572060f80465

Download in other formats:

Sites map