prepend.php @ 484:73d87eef9a70

Visit:

Revision 484:73d87eef9a70, 12.1 KB checked in by Franck <carnet.franck.paul@…>, 14 years ago (diff)
Merge

Line
1	<?php
2	# -- BEGIN LICENSE BLOCK ---------------------------------------
3	#
4	# This file is part of Dotclear 2.
5	#
6	# Copyright (c) 2003-2011 Olivier Meunier & Association Dotclear
7	# Licensed under the GPL version 2.0 license.
8	# See LICENSE file or
9	# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
10	#
11	# -- END LICENSE BLOCK -----------------------------------------
12
13	require_once dirname(__FILE__).'/../prepend.php';
14
15	// HTTP/1.1
16	header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
17	header('Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0');
18
19	// HTTP/1.0
20	header("Pragma: no-cache");
21
22	define('DC_CONTEXT_ADMIN',true);
23
24	function dc_valid_fav($url) {
25	global $core;
26
27	if (preg_match('#plugin\.php\?p=([^&]+)#',$url,$matches)) {
28	if (isset($matches[1])) {
29	if (!$core->plugins->moduleExists($matches[1])) {
30	return false;
31	}
32	}
33	}
34	return true;
35	}
36
37	function dc_prepare_url($url) {
38
39	$u = str_replace(array('?','&'),array('\?','&'),$url);
40	return (!strpos($u,'\?') ?
41	'/'.$u.'$/' :
42	(!strpos($u,'&') ?
43	'/'.$u.'(\?.*)?$/' :
44	'/'.$u.'(&.*)?$/'));
45	}
46
47	function dc_load_locales() {
48	global $_lang, $core;
49
50	$_lang = $core->auth->getInfo('user_lang');
51	$_lang = preg_match('/^[a-z]{2}(-[a-z]{2})?$/',$_lang) ? $_lang : 'en';
52
53	if (l10n::set(dirname(__FILE__).'/../../locales/'.$_lang.'/date') === false && $_lang != 'en') {
54	l10n::set(dirname(__FILE__).'/../../locales/en/date');
55	}
56	l10n::set(dirname(__FILE__).'/../../locales/'.$_lang.'/main');
57	l10n::set(dirname(__FILE__).'/../../locales/'.$_lang.'/plugins');
58	}
59
60	if (defined('DC_AUTH_SESS_ID') && defined('DC_AUTH_SESS_UID'))
61	{
62	# We have session information in constants
63	$_COOKIE[DC_SESSION_NAME] = DC_AUTH_SESS_ID;
64
65	if (!$core->auth->checkSession(DC_AUTH_SESS_UID)) {
66	throw new Exception('Invalid session data.');
67	}
68
69	# Check nonce from POST requests
70	if (!empty($_POST))
71	{
72	if (empty($_POST['xd_check']) \|\| !$core->checkNonce($_POST['xd_check'])) {
73	throw new Exception('Precondition Failed.');
74	}
75	}
76
77	if (empty($_SESSION['sess_blog_id'])) {
78	throw new Exception('Permission denied.');
79	}
80
81	# Loading locales
82	dc_load_locales();
83
84	$core->setBlog($_SESSION['sess_blog_id']);
85	if (!$core->blog->id) {
86	throw new Exception('Permission denied.');
87	}
88	}
89	elseif ($core->auth->sessionExists())
90	{
91	# If we have a session we launch it now
92	try {
93	if (!$core->auth->checkSession())
94	{
95	# Avoid loop caused by old cookie
96	$p = $core->session->getCookieParameters(false,-600);
97	$p[3] = '/';
98	call_user_func_array('setcookie',$p);
99
100	http::redirect('auth.php');
101	}
102	} catch (Exception $e) {
103	__error(__('Database error')
104	,__('There seems to be no Session table in your database. Is Dotclear completly installed?')
105	,20);
106	}
107
108	# Check nonce from POST requests
109	if (!empty($_POST))
110	{
111	if (empty($_POST['xd_check']) \|\| !$core->checkNonce($_POST['xd_check'])) {
112	http::head(412);
113	header('Content-Type: text/plain');
114	echo 'Precondition Failed';
115	exit;
116	}
117	}
118
119
120	if (!empty($_REQUEST['switchblog'])
121	&& $core->auth->getPermissions($_REQUEST['switchblog']) !== false)
122	{
123	$_SESSION['sess_blog_id'] = $_REQUEST['switchblog'];
124	if (isset($_SESSION['media_manager_dir'])) {
125	unset($_SESSION['media_manager_dir']);
126	}
127	if (isset($_SESSION['media_manager_page'])) {
128	unset($_SESSION['media_manager_page']);
129	}
130
131	# Removing switchblog from URL
132	$redir = $_SERVER['REQUEST_URI'];
133	$redir = preg_replace('/switchblog=(.*?)(&\|$)/','',$redir);
134	$redir = preg_replace('/\?$/','',$redir);
135	http::redirect($redir);
136	exit;
137	}
138
139	# Check blog to use and log out if no result
140	if (isset($_SESSION['sess_blog_id']))
141	{
142	if ($core->auth->getPermissions($_SESSION['sess_blog_id']) === false) {
143	unset($_SESSION['sess_blog_id']);
144	}
145	}
146	else
147	{
148	if (($b = $core->auth->findUserBlog($core->auth->getInfo('user_default_blog'))) !== false) {
149	$_SESSION['sess_blog_id'] = $b;
150	unset($b);
151	}
152	}
153
154	# Loading locales
155	dc_load_locales();
156
157	if (isset($_SESSION['sess_blog_id'])) {
158	$core->setBlog($_SESSION['sess_blog_id']);
159	} else {
160	$core->session->destroy();
161	http::redirect('auth.php');
162	}
163
164	/*
165	# Check add to my fav fired
166	if (!empty($_REQUEST['add-favorite'])) {
167	$redir = $_SERVER['REQUEST_URI'];
168	# Extract admin page from URI
169	# TO BE COMPLETED
170	}
171	*/
172	}
173
174	if ($core->auth->userID() && $core->blog !== null)
175	{
176	# Loading resources and help files
177	$locales_root = dirname(__FILE__).'/../../locales/';
178	require $locales_root.'/en/resources.php';
179	if (($f = l10n::getFilePath($locales_root,'resources.php',$_lang))) {
180	require $f;
181	}
182	unset($f);
183
184	if (($hfiles = @scandir($locales_root.$_lang.'/help')) !== false)
185	{
186	foreach ($hfiles as $hfile) {
187	if (preg_match('/^(.*)\.html$/',$hfile,$m)) {
188	$GLOBALS['__resources']['help'][$m[1]] = $locales_root.$_lang.'/help/'.$hfile;
189	}
190	}
191	}
192	unset($hfiles,$locales_root);
193
194	# Standard favorites
195	$_fav = new ArrayObject();
196
197	# [] : Title, URL, small icon, large icon, permissions, id, class
198	# NB : '*' in permissions means any, null means super admin only
199
200	$_fav['prefs'] = new ArrayObject(array('prefs','My preferences','preferences.php',
201	'images/menu/user-pref.png','images/menu/user-pref-b.png',
202	'*',null,null));
203
204	$_fav['new_post'] = new ArrayObject(array('new_post','New entry','post.php',
205	'images/menu/edit.png','images/menu/edit-b.png',
206	'usage,contentadmin',null,'menu-new-post'));
207	$_fav['posts'] = new ArrayObject(array('posts','Entries','posts.php',
208	'images/menu/entries.png','images/menu/entries-b.png',
209	'usage,contentadmin',null,null));
210	$_fav['comments'] = new ArrayObject(array('comments','Comments','comments.php',
211	'images/menu/comments.png','images/menu/comments-b.png',
212	'usage,contentadmin',null,null));
213	$_fav['search'] = new ArrayObject(array('search','Search','search.php',
214	'images/menu/search.png','images/menu/search-b.png',
215	'usage,contentadmin',null,null));
216	$_fav['categories'] = new ArrayObject(array('categories','Categories','categories.php',
217	'images/menu/categories.png','images/menu/categories-b.png',
218	'categories',null,null));
219	$_fav['media'] = new ArrayObject(array('media','Media manager','media.php',
220	'images/menu/media.png','images/menu/media-b.png',
221	'media,media_admin',null,null));
222	$_fav['blog_pref'] = new ArrayObject(array('blog_pref','Blog settings','blog_pref.php',
223	'images/menu/blog-pref.png','images/menu/blog-pref-b.png',
224	'admin',null,null));
225	$_fav['blog_theme'] = new ArrayObject(array('blog_theme','Blog appearance','blog_theme.php',
226	'images/menu/themes.png','images/menu/blog-theme-b.png',
227	'admin',null,null));
228
229	$_fav['blogs'] = new ArrayObject(array('blogs','Blogs','blogs.php',
230	'images/menu/blogs.png','images/menu/blogs-b.png',
231	'usage,contentadmin',null,null));
232	$_fav['users'] = new ArrayObject(array('users','Users','users.php',
233	'images/menu/users.png','images/menu/users-b.png',
234	null,null,null));
235	$_fav['plugins'] = new ArrayObject(array('plugins','Plugins','plugins.php',
236	'images/menu/plugins.png','images/menu/plugins-b.png',
237	null,null,null));
238	$_fav['langs'] = new ArrayObject(array('langs','Languages','langs.php',
239	'images/menu/langs.png','images/menu/langs-b.png',
240	null,null,null));
241
242	# Menus creation
243	$_menu['Dashboard'] = new dcMenu('dashboard-menu',null);
244	$_menu['Favorites'] = new dcMenu('favorites-menu','My favorites');
245	$_menu['Blog'] = new dcMenu('blog-menu','Blog');
246	$_menu['System'] = new dcMenu('system-menu','System');
247	$_menu['Plugins'] = new dcMenu('plugins-menu','Plugins');
248
249	# Loading plugins
250	$core->plugins->loadModules(DC_PLUGINS_ROOT,'admin',$_lang);
251
252	# Loading favorites info from plugins
253	$core->callBehavior('adminDashboardFavs', $core, $_fav);
254
255	# Set menu titles
256
257	$_menu['System']->title = __('System');
258	$_menu['Blog']->title = __('Blog');
259	$_menu['Plugins']->title = __('Plugins');
260	$_menu['Favorites']->title = __('My favorites');
261
262	/*
263	if (!preg_match('/index.php$/',$_SERVER['REQUEST_URI'])) {
264	# Admin index can't be add in fav's
265	$_menu['Dashboard']->prependItem(__('Add this page to my favorites'),'#','images/menu/add_to_favorites.png',
266	false,$core->auth->check('usage,contentadmin',$core->blog->id),'fav-add');
267	}
268	*/
269	$_menu['Dashboard']->prependItem(__('Dashboard'),'index.php','images/menu/dashboard.png',
270	preg_match('/index.php$/',$_SERVER['REQUEST_URI']),
271	$core->auth->check('usage,contentadmin',$core->blog->id));
272
273	$_menu['Blog']->prependItem(__('Blog appearance'),'blog_theme.php','images/menu/themes.png',
274	preg_match('/blog_theme.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
275	$core->auth->check('admin',$core->blog->id));
276	$_menu['Blog']->prependItem(__('Blog settings'),'blog_pref.php','images/menu/blog-pref.png',
277	preg_match('/blog_pref.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
278	$core->auth->check('admin',$core->blog->id));
279	$_menu['Blog']->prependItem(__('Media manager'),'media.php','images/menu/media.png',
280	preg_match('/media(_item)?.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
281	$core->auth->check('media,media_admin',$core->blog->id));
282	$_menu['Blog']->prependItem(__('Categories'),'categories.php','images/menu/categories.png',
283	preg_match('/categories.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
284	$core->auth->check('categories',$core->blog->id));
285	$_menu['Blog']->prependItem(__('Search'),'search.php','images/menu/search.png',
286	preg_match('/search.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
287	$core->auth->check('usage,contentadmin',$core->blog->id));
288	$_menu['Blog']->prependItem(__('Comments'),'comments.php','images/menu/comments.png',
289	preg_match('/comments.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
290	$core->auth->check('usage,contentadmin',$core->blog->id));
291	$_menu['Blog']->prependItem(__('Entries'),'posts.php','images/menu/entries.png',
292	preg_match('/posts.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
293	$core->auth->check('usage,contentadmin',$core->blog->id));
294	$_menu['Blog']->prependItem(__('New entry'),'post.php','images/menu/edit.png',
295	preg_match('/post.php$/',$_SERVER['REQUEST_URI']),
296	$core->auth->check('usage,contentadmin',$core->blog->id),'menu-new-post');
297
298	$_menu['System']->prependItem(__('Updates'),'update.php','images/menu/update.png',
299	preg_match('/update.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
300	$core->auth->isSuperAdmin() && is_readable(DC_DIGESTS));
301	$_menu['System']->prependItem(__('Languages'),'langs.php','images/menu/langs.png',
302	preg_match('/langs.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
303	$core->auth->isSuperAdmin());
304	$_menu['System']->prependItem(__('Plugins'),'plugins.php','images/menu/plugins.png',
305	preg_match('/plugins.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
306	$core->auth->isSuperAdmin());
307	$_menu['System']->prependItem(__('Users'),'users.php','images/menu/users.png',
308	preg_match('/users.php$/',$_SERVER['REQUEST_URI']),
309	$core->auth->isSuperAdmin());
310	$_menu['System']->prependItem(__('Blogs'),'blogs.php','images/menu/blogs.png',
311	preg_match('/blogs.php$/',$_SERVER['REQUEST_URI']),
312	$core->auth->isSuperAdmin() \|\|
313	$core->auth->check('usage,contentadmin',$core->blog->id) && $core->auth->blog_count > 1);
314
315	// Set favorites menu
316	$ws = $core->auth->user_prefs->addWorkspace('favorites');
317	$count = 0;
318	foreach ($ws->dumpPrefs() as $k => $v) {
319	// User favorites only
320	if (!$v['global']) {
321	$fav = unserialize($v['value']);
322	if (dc_valid_fav($fav['url'])) {
323	$count++;
324	$_menu['Favorites']->addItem(__($fav['title']),$fav['url'],$fav['small-icon'],
325	preg_match(dc_prepare_url($fav['url']),$_SERVER['REQUEST_URI']),
326	(($fav['permissions'] == '*') \|\| $core->auth->check($fav['permissions'],$core->blog->id)),$fav['id'],$fav['class']);
327	}
328	}
329	}
330	if (!$count) {
331	// Global favorites if any
332	foreach ($ws->dumpPrefs() as $k => $v) {
333	$fav = unserialize($v['value']);
334	if (dc_valid_fav($fav['url'])) {
335	$count++;
336	$_menu['Favorites']->addItem(__($fav['title']),$fav['url'],$fav['small-icon'],
337	preg_match(dc_prepare_url($fav['url']),$_SERVER['REQUEST_URI']),
338	(($fav['permissions'] == '*') \|\| $core->auth->check($fav['permissions'],$core->blog->id)),$fav['id'],$fav['class']);
339	}
340	}
341	}
342	if (!$count) {
343	// No user or global favorites, add "new entry" fav
344	$_menu['Favorites']->addItem(__('New entry'),'post.php','images/menu/edit.png',
345	preg_match('/post.php$/',$_SERVER['REQUEST_URI']),
346	$core->auth->check('usage,contentadmin',$core->blog->id),'menu-new-post',null);
347	}
348	}
349	?>

Note: See TracBrowser for help on using the repository browser.

Dotclear

Context Navigation

source: inc/admin/prepend.php @ 484:73d87eef9a70

Download in other formats:

Sites map