prepend.php @ 2062:b6517fa59aed

Visit:

Revision 2062:b6517fa59aed, 13.4 KB checked in by Dsls, 12 years ago (diff)
Made favorite link recognition a bit more intelligent

Line
1	<?php
2	# -- BEGIN LICENSE BLOCK ---------------------------------------
3	#
4	# This file is part of Dotclear 2.
5	#
6	# Copyright (c) 2003-2013 Olivier Meunier & Association Dotclear
7	# Licensed under the GPL version 2.0 license.
8	# See LICENSE file or
9	# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
10	#
11	# -- END LICENSE BLOCK -----------------------------------------
12
13	define('DC_CONTEXT_ADMIN',true);
14
15	require_once dirname(__FILE__).'/../prepend.php';
16
17	// HTTP/1.1
18	header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
19	header('Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0');
20
21	// HTTP/1.0
22	header("Pragma: no-cache");
23
24	function dc_valid_fav($url) {
25	global $core;
26
27	if (preg_match('#plugin\.php\?p=([^&]+)#',$url,$matches)) {
28	if (isset($matches[1])) {
29	if (!$core->plugins->moduleExists($matches[1])) {
30	return false;
31	}
32	}
33	}
34	return true;
35	}
36
37	function dc_check_active($url) {
38	$u = explode('?',$url,2);
39	if (!preg_match('/'.preg_quote($u[0],"/").'/',$_SERVER['REQUEST_URI'])) {
40	return false;
41	}
42	if (count($u) == 2) {
43	parse_str($u[1],$p);
44	foreach ($p as $k => $v) {
45	if (!isset($_REQUEST[$k]) \|\| $_REQUEST[$k] !== $v) {
46	return false;
47	}
48	}
49	}
50	return true;
51	}
52
53
54	function dc_load_locales() {
55	global $_lang, $core;
56
57	$_lang = $core->auth->getInfo('user_lang');
58	$_lang = preg_match('/^[a-z]{2}(-[a-z]{2})?$/',$_lang) ? $_lang : 'en';
59
60	l10n::lang($_lang);
61	if (l10n::set(dirname(__FILE__).'/../../locales/'.$_lang.'/date') === false && $_lang != 'en') {
62	l10n::set(dirname(__FILE__).'/../../locales/en/date');
63	}
64	l10n::set(dirname(__FILE__).'/../../locales/'.$_lang.'/main');
65	l10n::set(dirname(__FILE__).'/../../locales/'.$_lang.'/public');
66	l10n::set(dirname(__FILE__).'/../../locales/'.$_lang.'/plugins');
67	}
68
69	function dc_admin_icon_url($img)
70	{
71	global $core;
72
73	$core->auth->user_prefs->addWorkspace('interface');
74	$user_ui_iconset = @$core->auth->user_prefs->interface->iconset;
75	if (($user_ui_iconset) && ($img)) {
76	$icon = false;
77	if ((preg_match('/^images\/menu\/(.+)$/',$img,$m)) \|\|
78	(preg_match('/^index\.php\?pf=(.+)$/',$img,$m))) {
79	if ($m[1]) {
80	$icon = path::real(dirname(__FILE__).'/../../admin/images/iconset/'.$user_ui_iconset.'/'.$m[1],false);
81	if ($icon !== false) {
82	$allow_types = array('png','jpg','jpeg','gif');
83	if (is_file($icon) && is_readable($icon) && in_array(files::getExtension($icon),$allow_types)) {
84	return DC_ADMIN_URL.'images/iconset/'.$user_ui_iconset.'/'.$m[1];
85	}
86	}
87	}
88	}
89	}
90	return $img;
91	}
92
93	if (defined('DC_AUTH_SESS_ID') && defined('DC_AUTH_SESS_UID'))
94	{
95	# We have session information in constants
96	$_COOKIE[DC_SESSION_NAME] = DC_AUTH_SESS_ID;
97
98	if (!$core->auth->checkSession(DC_AUTH_SESS_UID)) {
99	throw new Exception('Invalid session data.');
100	}
101
102	# Check nonce from POST requests
103	if (!empty($_POST))
104	{
105	if (empty($_POST['xd_check']) \|\| !$core->checkNonce($_POST['xd_check'])) {
106	throw new Exception('Precondition Failed.');
107	}
108	}
109
110	if (empty($_SESSION['sess_blog_id'])) {
111	throw new Exception('Permission denied.');
112	}
113
114	# Loading locales
115	dc_load_locales();
116
117	$core->setBlog($_SESSION['sess_blog_id']);
118	if (!$core->blog->id) {
119	throw new Exception('Permission denied.');
120	}
121	}
122	elseif ($core->auth->sessionExists())
123	{
124	# If we have a session we launch it now
125	try {
126	if (!$core->auth->checkSession())
127	{
128	# Avoid loop caused by old cookie
129	$p = $core->session->getCookieParameters(false,-600);
130	$p[3] = '/';
131	call_user_func_array('setcookie',$p);
132
133	http::redirect('auth.php');
134	}
135	} catch (Exception $e) {
136	__error(__('Database error')
137	,__('There seems to be no Session table in your database. Is Dotclear completly installed?')
138	,20);
139	}
140
141	# Check nonce from POST requests
142	if (!empty($_POST))
143	{
144	if (empty($_POST['xd_check']) \|\| !$core->checkNonce($_POST['xd_check'])) {
145	http::head(412);
146	header('Content-Type: text/plain');
147	echo 'Precondition Failed';
148	exit;
149	}
150	}
151
152
153	if (!empty($_REQUEST['switchblog'])
154	&& $core->auth->getPermissions($_REQUEST['switchblog']) !== false)
155	{
156	$_SESSION['sess_blog_id'] = $_REQUEST['switchblog'];
157	if (isset($_SESSION['media_manager_dir'])) {
158	unset($_SESSION['media_manager_dir']);
159	}
160	if (isset($_SESSION['media_manager_page'])) {
161	unset($_SESSION['media_manager_page']);
162	}
163
164	# Removing switchblog from URL
165	$redir = $_SERVER['REQUEST_URI'];
166	$redir = preg_replace('/switchblog=(.*?)(&\|$)/','',$redir);
167	$redir = preg_replace('/\?$/','',$redir);
168	http::redirect($redir);
169	exit;
170	}
171
172	# Check blog to use and log out if no result
173	if (isset($_SESSION['sess_blog_id']))
174	{
175	if ($core->auth->getPermissions($_SESSION['sess_blog_id']) === false) {
176	unset($_SESSION['sess_blog_id']);
177	}
178	}
179	else
180	{
181	if (($b = $core->auth->findUserBlog($core->auth->getInfo('user_default_blog'))) !== false) {
182	$_SESSION['sess_blog_id'] = $b;
183	unset($b);
184	}
185	}
186
187	# Loading locales
188	dc_load_locales();
189
190	if (isset($_SESSION['sess_blog_id'])) {
191	$core->setBlog($_SESSION['sess_blog_id']);
192	} else {
193	$core->session->destroy();
194	http::redirect('auth.php');
195	}
196
197	/*
198	# Check add to my fav fired
199	if (!empty($_REQUEST['add-favorite'])) {
200	$redir = $_SERVER['REQUEST_URI'];
201	# Extract admin page from URI
202	# TO BE COMPLETED
203	}
204	*/
205	}
206
207	if ($core->auth->userID() && $core->blog !== null)
208	{
209	# Loading resources and help files
210	$locales_root = dirname(__FILE__).'/../../locales/';
211	require $locales_root.'/en/resources.php';
212	if (($f = l10n::getFilePath($locales_root,'resources.php',$_lang))) {
213	require $f;
214	}
215	unset($f);
216
217	if (($hfiles = @scandir($locales_root.$_lang.'/help')) !== false)
218	{
219	foreach ($hfiles as $hfile) {
220	if (preg_match('/^(.*)\.html$/',$hfile,$m)) {
221	$GLOBALS['__resources']['help'][$m[1]] = $locales_root.$_lang.'/help/'.$hfile;
222	}
223	}
224	}
225	unset($hfiles,$locales_root);
226	// Contextual help flag
227	$GLOBALS['__resources']['ctxhelp'] = false;
228
229	$core->auth->user_prefs->addWorkspace('interface');
230	$user_ui_nofavmenu = $core->auth->user_prefs->interface->nofavmenu;
231
232	# Standard favorites
233	$_fav = new ArrayObject();
234
235	# [] : Title, URL, small icon, large icon, permissions, id, class
236	# NB : '*' in permissions means any, null means super admin only
237
238	$_fav['prefs'] = new ArrayObject(array('prefs','My preferences','preferences.php',
239	'images/menu/user-pref.png','images/menu/user-pref-b.png',
240	'*',null,null));
241
242	$_fav['new_post'] = new ArrayObject(array('new_post','New entry','post.php',
243	'images/menu/edit.png','images/menu/edit-b.png',
244	'usage,contentadmin',null,'menu-new-post'));
245	$_fav['posts'] = new ArrayObject(array('posts','Entries','posts.php',
246	'images/menu/entries.png','images/menu/entries-b.png',
247	'usage,contentadmin',null,null));
248	$_fav['comments'] = new ArrayObject(array('comments','Comments','comments.php',
249	'images/menu/comments.png','images/menu/comments-b.png',
250	'usage,contentadmin',null,null));
251	$_fav['search'] = new ArrayObject(array('search','Search','search.php',
252	'images/menu/search.png','images/menu/search-b.png',
253	'usage,contentadmin',null,null));
254	$_fav['categories'] = new ArrayObject(array('categories','Categories','categories.php',
255	'images/menu/categories.png','images/menu/categories-b.png',
256	'categories',null,null));
257	$_fav['media'] = new ArrayObject(array('media','Media manager','media.php',
258	'images/menu/media.png','images/menu/media-b.png',
259	'media,media_admin',null,null));
260	$_fav['blog_pref'] = new ArrayObject(array('blog_pref','Blog settings','blog_pref.php',
261	'images/menu/blog-pref.png','images/menu/blog-pref-b.png',
262	'admin',null,null));
263	$_fav['blog_theme'] = new ArrayObject(array('blog_theme','Blog appearance','blog_theme.php',
264	'images/menu/themes.png','images/menu/blog-theme-b.png',
265	'admin',null,null));
266
267	$_fav['blogs'] = new ArrayObject(array('blogs','Blogs','blogs.php',
268	'images/menu/blogs.png','images/menu/blogs-b.png',
269	'usage,contentadmin',null,null));
270	$_fav['users'] = new ArrayObject(array('users','Users','users.php',
271	'images/menu/users.png','images/menu/users-b.png',
272	null,null,null));
273	$_fav['plugins'] = new ArrayObject(array('plugins','Plugins management','plugins.php',
274	'images/menu/plugins.png','images/menu/plugins-b.png',
275	null,null,null));
276	$_fav['langs'] = new ArrayObject(array('langs','Languages','langs.php',
277	'images/menu/langs.png','images/menu/langs-b.png',
278	null,null,null));
279
280	$_fav['help'] = new ArrayObject(array('help','Global help','help.php',
281	'images/menu/help.png','images/menu/help-b.png',
282	'*',null,null));
283
284	# Menus creation
285	$_menu['Dashboard'] = new dcMenu('dashboard-menu',null);
286	if (!$user_ui_nofavmenu)
287	$_menu['Favorites'] = new dcMenu('favorites-menu','My favorites');
288	$_menu['Blog'] = new dcMenu('blog-menu','Blog');
289	$_menu['System'] = new dcMenu('system-menu','System');
290	$_menu['Plugins'] = new dcMenu('plugins-menu','Plugins');
291
292	# Loading plugins
293	$core->plugins->loadModules(DC_PLUGINS_ROOT,'admin',$_lang);
294
295	# Loading favorites info from plugins
296	$core->callBehavior('adminDashboardFavs', $core, $_fav);
297
298	# Set menu titles
299
300	$_menu['System']->title = __('System settings');
301	$_menu['Blog']->title = __('Blog');
302	$_menu['Plugins']->title = __('Plugins');
303	if (!$user_ui_nofavmenu)
304	$_menu['Favorites']->title = __('My favorites');
305
306	/*
307	if (!preg_match('/index.php$/',$_SERVER['REQUEST_URI'])) {
308	# Admin index can't be add in fav's
309	$_menu['Dashboard']->prependItem(__('Add this page to my favorites'),'#','images/menu/add_to_favorites.png',
310	false,$core->auth->check('usage,contentadmin',$core->blog->id),'fav-add');
311	}
312	*/
313	$_menu['Blog']->prependItem(__('Blog appearance'),'blog_theme.php','images/menu/themes.png',
314	preg_match('/blog_theme.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
315	$core->auth->check('admin',$core->blog->id));
316	$_menu['Blog']->prependItem(__('Blog settings'),'blog_pref.php','images/menu/blog-pref.png',
317	preg_match('/blog_pref.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
318	$core->auth->check('admin',$core->blog->id));
319	$_menu['Blog']->prependItem(__('Media manager'),'media.php','images/menu/media.png',
320	preg_match('/media(_item)?.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
321	$core->auth->check('media,media_admin',$core->blog->id));
322	$_menu['Blog']->prependItem(__('Categories'),'categories.php','images/menu/categories.png',
323	preg_match('/categories.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
324	$core->auth->check('categories',$core->blog->id));
325	$_menu['Blog']->prependItem(__('Search'),'search.php','images/menu/search.png',
326	preg_match('/search.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
327	$core->auth->check('usage,contentadmin',$core->blog->id));
328	$_menu['Blog']->prependItem(__('Comments'),'comments.php','images/menu/comments.png',
329	preg_match('/comments.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
330	$core->auth->check('usage,contentadmin',$core->blog->id));
331	$_menu['Blog']->prependItem(__('Entries'),'posts.php','images/menu/entries.png',
332	preg_match('/posts.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
333	$core->auth->check('usage,contentadmin',$core->blog->id));
334	$_menu['Blog']->prependItem(__('New entry'),'post.php','images/menu/edit.png',
335	preg_match('/post.php$/',$_SERVER['REQUEST_URI']),
336	$core->auth->check('usage,contentadmin',$core->blog->id),'menu-new-post');
337
338	$_menu['System']->prependItem(__('Update'),'update.php','images/menu/update.png',
339	preg_match('/update.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
340	$core->auth->isSuperAdmin() && is_readable(DC_DIGESTS));
341	$_menu['System']->prependItem(__('Languages'),'langs.php','images/menu/langs.png',
342	preg_match('/langs.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
343	$core->auth->isSuperAdmin());
344	$_menu['System']->prependItem(__('Plugins management'),'plugins.php','images/menu/plugins.png',
345	preg_match('/plugins.php(\?.*)?$/',$_SERVER['REQUEST_URI']),
346	$core->auth->isSuperAdmin());
347	$_menu['System']->prependItem(__('Users'),'users.php','images/menu/users.png',
348	preg_match('/users.php$/',$_SERVER['REQUEST_URI']),
349	$core->auth->isSuperAdmin());
350	$_menu['System']->prependItem(__('Blogs'),'blogs.php','images/menu/blogs.png',
351	preg_match('/blogs.php$/',$_SERVER['REQUEST_URI']),
352	$core->auth->isSuperAdmin() \|\|
353	$core->auth->check('usage,contentadmin',$core->blog->id) && $core->auth->blog_count > 1);
354
355	if (!$user_ui_nofavmenu) {
356	// Set favorites menu
357	$ws = $core->auth->user_prefs->addWorkspace('favorites');
358	$count = 0;
359	foreach ($ws->dumpPrefs() as $k => $v) {
360	// User favorites only
361	if (!$v['global']) {
362	$fav = unserialize($v['value']);
363	if (dc_valid_fav($fav['url'])) {
364	$count++;
365	$_menu['Favorites']->addItem(__($fav['title']),$fav['url'],$fav['small-icon'],
366	dc_check_active($fav['url']),
367	(($fav['permissions'] == '*') \|\| $core->auth->check($fav['permissions'],$core->blog->id)),$fav['id'],$fav['class']);
368	}
369	}
370	}
371	if (!$count) {
372	// Global favorites if any
373	foreach ($ws->dumpPrefs() as $k => $v) {
374	$fav = unserialize($v['value']);
375	if (dc_valid_fav($fav['url'])) {
376	$count++;
377	$_menu['Favorites']->addItem(__($fav['title']),$fav['url'],$fav['small-icon'],
378	dc_check_active($fav['url']),
379	(($fav['permissions'] == '*') \|\| $core->auth->check($fav['permissions'],$core->blog->id)),$fav['id'],$fav['class']);
380	}
381	}
382	}
383	if (!$count) {
384	// No user or global favorites, add "new entry" fav
385	$_menu['Favorites']->addItem(__('New entry'),'post.php','images/menu/edit.png',
386	preg_match('/post.php$/',$_SERVER['REQUEST_URI']),
387	$core->auth->check('usage,contentadmin',$core->blog->id),'menu-new-post',null);
388	}
389	}
390
391	if (empty($core->blog->settings->system->jquery_migrate_mute)) {
392	$core->blog->settings->system->put('jquery_migrate_mute', true, 'boolean', 'Mute warnings for jquery migrate plugin ?', false);
393	}
394	}
395	?>

Note: See TracBrowser for help on using the repository browser.

Dotclear

Context Navigation

source: inc/admin/prepend.php @ 2062:b6517fa59aed

Download in other formats:

Sites map