prepend.php @ 852:969647a6c35e

Visit:

Revision 852:969647a6c35e, 11.5 KB checked in by Dsls <dsls@…>, 13 years ago (diff)
sexy step 3 : no more media.

Line
1	<?php
2	# -- BEGIN LICENSE BLOCK ---------------------------------------
3	#
4	# This file is part of Dotclear 2.
5	#
6	# Copyright (c) 2003-2011 Olivier Meunier & Association Dotclear
7	# Licensed under the GPL version 2.0 license.
8	# See LICENSE file or
9	# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
10	#
11	# -- END LICENSE BLOCK -----------------------------------------
12
13	require_once dirname(__FILE__).'/../prepend.php';
14
15	// HTTP/1.1
16	header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
17	header('Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0');
18
19	// HTTP/1.0
20	header("Pragma: no-cache");
21
22	define('DC_CONTEXT_ADMIN',true);
23
24	function dc_valid_fav($url) {
25	global $core;
26
27	if (preg_match('#plugin\.php\?p=([^&]+)#',$url,$matches)) {
28	if (isset($matches[1])) {
29	if (!$core->plugins->moduleExists($matches[1])) {
30	return false;
31	}
32	}
33	}
34	return true;
35	}
36
37	function dc_prepare_url($url) {
38
39	$u = str_replace(array('?','&'),array('\?','&'),$url);
40	return (!strpos($u,'\?') ?
41	'/'.$u.'$/' :
42	(!strpos($u,'&') ?
43	'/'.$u.'(\?.*)?$/' :
44	'/'.$u.'(&.*)?$/'));
45	}
46
47	function dc_load_locales() {
48	global $_lang, $core;
49
50	$_lang = $core->auth->getInfo('user_lang');
51	$_lang = preg_match('/^[a-z]{2}(-[a-z]{2})?$/',$_lang) ? $_lang : 'en';
52
53	if (l10n::set(dirname(__FILE__).'/../../locales/'.$_lang.'/date') === false && $_lang != 'en') {
54	l10n::set(dirname(__FILE__).'/../../locales/en/date');
55	}
56	l10n::set(dirname(__FILE__).'/../../locales/'.$_lang.'/main');
57	l10n::set(dirname(__FILE__).'/../../locales/'.$_lang.'/plugins');
58	}
59
60	function dc_admin_icon_url($img)
61	{
62	global $core;
63
64	$core->auth->user_prefs->addWorkspace('interface');
65	$user_ui_iconset = @$core->auth->user_prefs->interface->iconset;
66	if (($user_ui_iconset) && ($img)) {
67	$icon = false;
68	if ((preg_match('/^images\/menu\/(.+)$/',$img,$m)) \|\|
69	(preg_match('/^index\.php\?pf=(.+)$/',$img,$m))) {
70	if ($m[1]) {
71	$icon = path::real(dirname(__FILE__).'/../../admin/images/iconset/'.$user_ui_iconset.'/'.$m[1],false);
72	if ($icon !== false) {
73	$allow_types = array('png','jpg','jpeg','gif');
74	if (is_file($icon) && is_readable($icon) && in_array(files::getExtension($icon),$allow_types)) {
75	return DC_ADMIN_URL.'images/iconset/'.$user_ui_iconset.'/'.$m[1];
76	}
77	}
78	}
79	}
80	}
81	return $img;
82	}
83
84	if (defined('DC_AUTH_SESS_ID') && defined('DC_AUTH_SESS_UID'))
85	{
86	# We have session information in constants
87	$_COOKIE[DC_SESSION_NAME] = DC_AUTH_SESS_ID;
88
89	if (!$core->auth->checkSession(DC_AUTH_SESS_UID)) {
90	throw new Exception('Invalid session data.');
91	}
92
93	# Check nonce from POST requests
94	if (!empty($_POST))
95	{
96	if (empty($_POST['xd_check']) \|\| !$core->checkNonce($_POST['xd_check'])) {
97	throw new Exception('Precondition Failed.');
98	}
99	}
100
101	if (empty($_SESSION['sess_blog_id'])) {
102	throw new Exception('Permission denied.');
103	}
104
105	# Loading locales
106	dc_load_locales();
107
108	$core->setBlog($_SESSION['sess_blog_id']);
109	if (!$core->blog->id) {
110	throw new Exception('Permission denied.');
111	}
112	}
113	elseif ($core->auth->sessionExists())
114	{
115	# If we have a session we launch it now
116	try {
117	if (!$core->auth->checkSession())
118	{
119	# Avoid loop caused by old cookie
120	$p = $core->session->getCookieParameters(false,-600);
121	$p[3] = '/';
122	call_user_func_array('setcookie',$p);
123
124	http::redirect('auth.php');
125	}
126	} catch (Exception $e) {
127	__error(__('Database error')
128	,__('There seems to be no Session table in your database. Is Dotclear completly installed?')
129	,20);
130	}
131
132	# Check nonce from POST requests
133	if (!empty($_POST))
134	{
135	if (empty($_POST['xd_check']) \|\| !$core->checkNonce($_POST['xd_check'])) {
136	http::head(412);
137	header('Content-Type: text/plain');
138	echo 'Precondition Failed';
139	exit;
140	}
141	}
142
143
144	if (!empty($_REQUEST['switchblog'])
145	&& $core->auth->getPermissions($_REQUEST['switchblog']) !== false)
146	{
147	$_SESSION['sess_blog_id'] = $_REQUEST['switchblog'];
148
149	# Removing switchblog from URL
150	$redir = $_SERVER['REQUEST_URI'];
151	$redir = preg_replace('/switchblog=(.*?)(&\|$)/','',$redir);
152	$redir = preg_replace('/\?$/','',$redir);
153	http::redirect($redir);
154	exit;
155	}
156
157	# Check blog to use and log out if no result
158	if (isset($_SESSION['sess_blog_id']))
159	{
160	if ($core->auth->getPermissions($_SESSION['sess_blog_id']) === false) {
161	unset($_SESSION['sess_blog_id']);
162	}
163	}
164	else
165	{
166	if (($b = $core->auth->findUserBlog($core->auth->getInfo('user_default_blog'))) !== false) {
167	$_SESSION['sess_blog_id'] = $b;
168	unset($b);
169	}
170	}
171
172	# Loading locales
173	dc_load_locales();
174
175	if (isset($_SESSION['sess_blog_id'])) {
176	$core->setBlog($_SESSION['sess_blog_id']);
177	} else {
178	$core->session->destroy();
179	http::redirect('auth.php');
180	}
181
182	/*
183	# Check add to my fav fired
184	if (!empty($_REQUEST['add-favorite'])) {
185	$redir = $_SERVER['REQUEST_URI'];
186	# Extract admin page from URI
187	# TO BE COMPLETED
188	}
189	*/
190	}
191
192	if ($core->auth->userID() && $core->blog !== null)
193	{
194	# Loading resources and help files
195	$locales_root = dirname(__FILE__).'/../../locales/';
196	require $locales_root.'/en/resources.php';
197	if (($f = l10n::getFilePath($locales_root,'resources.php',$_lang))) {
198	require $f;
199	}
200	unset($f);
201
202	if (($hfiles = @scandir($locales_root.$_lang.'/help')) !== false)
203	{
204	foreach ($hfiles as $hfile) {
205	if (preg_match('/^(.*)\.html$/',$hfile,$m)) {
206	$GLOBALS['__resources']['help'][$m[1]] = $locales_root.$_lang.'/help/'.$hfile;
207	}
208	}
209	}
210	unset($hfiles,$locales_root);
211
212	$core->auth->user_prefs->addWorkspace('interface');
213	$user_ui_nofavmenu = $core->auth->user_prefs->interface->nofavmenu;
214
215	# Standard favorites
216	$_fav = new ArrayObject();
217
218	# [] : Title, URL, small icon, large icon, permissions, id, class
219	# NB : '*' in permissions means any, null means super admin only
220
221	$_fav['prefs'] = new ArrayObject(array('prefs','My preferences','preferences.php',
222	'images/menu/user-pref.png','images/menu/user-pref-b.png',
223	'*',null,null));
224
225	$_fav['new_post'] = new ArrayObject(array('new_post','New entry','post.php',
226	'images/menu/edit.png','images/menu/edit-b.png',
227	'usage,contentadmin',null,'menu-new-post'));
228	$_fav['posts'] = new ArrayObject(array('posts','Entries','posts.php',
229	'images/menu/entries.png','images/menu/entries-b.png',
230	'usage,contentadmin',null,null));
231	$_fav['search'] = new ArrayObject(array('search','Search','search.php',
232	'images/menu/search.png','images/menu/search-b.png',
233	'usage,contentadmin',null,null));
234	$_fav['blog_pref'] = new ArrayObject(array('blog_pref','Blog settings','blog_pref.php',
235	'images/menu/blog-pref.png','images/menu/blog-pref-b.png',
236	'admin',null,null));
237	$_fav['blog_theme'] = new ArrayObject(array('blog_theme','Blog appearance','blog_theme.php',
238	'images/menu/themes.png','images/menu/blog-theme-b.png',
239	'admin',null,null));
240
241	$_fav['blogs'] = new ArrayObject(array('blogs','Blogs','blogs.php',
242	'images/menu/blogs.png','images/menu/blogs-b.png',
243	'usage,contentadmin',null,null));
244	$_fav['users'] = new ArrayObject(array('users','Users','users.php',
245	'images/menu/users.png','images/menu/users-b.png',
246	null,null,null));
247	$_fav['plugins'] = new ArrayObject(array('plugins','Plugins','plugins.php',
248	'images/menu/plugins.png','images/menu/plugins-b.png',
249	null,null,null));
250	$_fav['langs'] = new ArrayObject(array('langs','Languages','langs.php',
251	'images/menu/langs.png','images/menu/langs-b.png',
252	null,null,null));
253
254	# Menus creation
255	$_menu['Dashboard'] = new dcMenu('dashboard-menu',null);
256	if (!$user_ui_nofavmenu)
257	$_menu['Favorites'] = new dcMenu('favorites-menu','My favorites');
258	$_menu['Blog'] = new dcMenu('blog-menu','Blog');
259	$_menu['System'] = new dcMenu('system-menu','System');
260	$_menu['Plugins'] = new dcMenu('plugins-menu','Plugins');
261
262	# Loading plugins
263	$core->plugins->loadModules(DC_PLUGINS_ROOT,'admin',$_lang);
264
265	# Loading favorites info from plugins
266	$core->callBehavior('adminDashboardFavs', $core, $_fav);
267
268	# Set menu titles
269
270	$_menu['System']->title = __('System');
271	$_menu['Blog']->title = __('Blog');
272	$_menu['Plugins']->title = __('Plugins');
273	if (!$user_ui_nofavmenu)
274	$_menu['Favorites']->title = __('My favorites');
275
276	/*
277	if (!preg_match('/index.php$/',$_SERVER['REQUEST_URI'])) {
278	# Admin index can't be add in fav's
279	$_menu['Dashboard']->prependItem(__('Add this page to my favorites'),'#','images/menu/add_to_favorites.png',
280	false,$core->auth->check('usage,contentadmin',$core->blog->id),'fav-add');
281	}
282	*/
283	$_menu['Blog']->prependItem(__('Blog appearance'),'blog_theme.php','images/menu/themes.png',
284	preg_match('/blog_theme.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
285	$core->auth->check('admin',$core->blog->id));
286	$_menu['Blog']->prependItem(__('Blog settings'),'blog_pref.php','images/menu/blog-pref.png',
287	preg_match('/blog_pref.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
288	$core->auth->check('admin',$core->blog->id));
289	$_menu['Blog']->prependItem(__('Search'),'search.php','images/menu/search.png',
290	preg_match('/search.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
291	$core->auth->check('usage,contentadmin',$core->blog->id));
292	$_menu['Blog']->prependItem(__('Entries'),'posts.php','images/menu/entries.png',
293	preg_match('/posts.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
294	$core->auth->check('usage,contentadmin',$core->blog->id));
295	$_menu['Blog']->prependItem(__('New entry'),'post.php','images/menu/edit.png',
296	preg_match('/post.php$/',$_SERVER['REQUEST_URI']),
297	$core->auth->check('usage,contentadmin',$core->blog->id),'menu-new-post');
298
299	$_menu['System']->prependItem(__('Updates'),'update.php','images/menu/update.png',
300	preg_match('/update.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
301	$core->auth->isSuperAdmin() && is_readable(DC_DIGESTS));
302	$_menu['System']->prependItem(__('Languages'),'langs.php','images/menu/langs.png',
303	preg_match('/langs.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
304	$core->auth->isSuperAdmin());
305	$_menu['System']->prependItem(__('Plugins'),'plugins.php','images/menu/plugins.png',
306	preg_match('/plugins.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
307	$core->auth->isSuperAdmin());
308	$_menu['System']->prependItem(__('Users'),'users.php','images/menu/users.png',
309	preg_match('/users.php$/',$_SERVER['REQUEST_URI']),
310	$core->auth->isSuperAdmin());
311	$_menu['System']->prependItem(__('Blogs'),'blogs.php','images/menu/blogs.png',
312	preg_match('/blogs.php$/',$_SERVER['REQUEST_URI']),
313	$core->auth->isSuperAdmin() \|\|
314	$core->auth->check('usage,contentadmin',$core->blog->id) && $core->auth->blog_count > 1);
315
316	if (!$user_ui_nofavmenu) {
317	// Set favorites menu
318	$ws = $core->auth->user_prefs->addWorkspace('favorites');
319	$count = 0;
320	foreach ($ws->dumpPrefs() as $k => $v) {
321	// User favorites only
322	if (!$v['global']) {
323	$fav = unserialize($v['value']);
324	if (dc_valid_fav($fav['url'])) {
325	$count++;
326	$_menu['Favorites']->addItem(__($fav['title']),$fav['url'],$fav['small-icon'],
327	preg_match(dc_prepare_url($fav['url']),$_SERVER['REQUEST_URI']),
328	(($fav['permissions'] == '*') \|\| $core->auth->check($fav['permissions'],$core->blog->id)),$fav['id'],$fav['class']);
329	}
330	}
331	}
332	if (!$count) {
333	// Global favorites if any
334	foreach ($ws->dumpPrefs() as $k => $v) {
335	$fav = unserialize($v['value']);
336	if (dc_valid_fav($fav['url'])) {
337	$count++;
338	$_menu['Favorites']->addItem(__($fav['title']),$fav['url'],$fav['small-icon'],
339	preg_match(dc_prepare_url($fav['url']),$_SERVER['REQUEST_URI']),
340	(($fav['permissions'] == '*') \|\| $core->auth->check($fav['permissions'],$core->blog->id)),$fav['id'],$fav['class']);
341	}
342	}
343	}
344	if (!$count) {
345	// No user or global favorites, add "new entry" fav
346	$_menu['Favorites']->addItem(__('New entry'),'post.php','images/menu/edit.png',
347	preg_match('/post.php$/',$_SERVER['REQUEST_URI']),
348	$core->auth->check('usage,contentadmin',$core->blog->id),'menu-new-post',null);
349	}
350	}
351	}
352	?>

Note: See TracBrowser for help on using the repository browser.

Dotclear

Context Navigation

source: inc/admin/prepend.php @ 852:969647a6c35e

Download in other formats:

Sites map