2015-05-05 03:00:01 +02:00
|
|
|
<?php defined('BLUDIT') or die('Bludit CMS.');
|
|
|
|
|
2018-07-12 20:03:31 +02:00
|
|
|
// Session
|
|
|
|
Session::start();
|
|
|
|
if (Session::started()===false) {
|
|
|
|
exit('Bludit CMS. Session initialization failure.');
|
|
|
|
}
|
|
|
|
|
2018-07-17 19:13:01 +02:00
|
|
|
$login = $Login = new Login();
|
2018-07-14 15:17:06 +02:00
|
|
|
|
2015-05-05 03:00:01 +02:00
|
|
|
$layout = array(
|
|
|
|
'controller'=>null,
|
|
|
|
'view'=>null,
|
|
|
|
'template'=>'index.php',
|
|
|
|
'slug'=>null,
|
2015-07-07 00:22:03 +02:00
|
|
|
'parameters'=>null,
|
|
|
|
'title'=>'Bludit'
|
2015-05-05 03:00:01 +02:00
|
|
|
);
|
|
|
|
|
|
|
|
// Get the view, controller, and the parameters from the URL.
|
2018-07-17 19:13:01 +02:00
|
|
|
$explodeSlug = $url->explodeSlug();
|
2017-09-15 21:26:06 +02:00
|
|
|
$layout['controller'] = $layout['view'] = $layout['slug'] = empty($explodeSlug[0])?'dashboard':$explodeSlug[0];
|
2015-05-05 03:00:01 +02:00
|
|
|
unset($explodeSlug[0]);
|
|
|
|
$layout['parameters'] = implode('/', $explodeSlug);
|
|
|
|
|
2015-11-28 15:47:03 +01:00
|
|
|
// Disable Magic Quotes.
|
2015-05-15 00:07:45 +02:00
|
|
|
// Thanks, http://stackoverflow.com/questions/517008/how-to-turn-off-magic-quotes-on-shared-hosting
|
2017-07-13 22:39:04 +02:00
|
|
|
if ( in_array( strtolower( ini_get( 'magic_quotes_gpc' ) ), array( '1', 'on' ) ) ) {
|
2015-08-17 04:33:49 +02:00
|
|
|
$_POST = array_map('stripslashes', $_POST);
|
|
|
|
$_GET = array_map('stripslashes', $_GET);
|
2015-05-15 00:07:45 +02:00
|
|
|
$_COOKIE = array_map('stripslashes', $_COOKIE);
|
|
|
|
}
|
|
|
|
|
2018-05-08 00:15:40 +02:00
|
|
|
// Boot plugins rules
|
|
|
|
include(PATH_RULES.'60.plugins.php');
|
|
|
|
|
2015-11-28 15:47:03 +01:00
|
|
|
// --- AJAX ---
|
2017-07-13 22:39:04 +02:00
|
|
|
if ($layout['slug']==='ajax') {
|
2018-07-14 15:17:06 +02:00
|
|
|
if ($login->isLogged()) {
|
2016-09-26 04:30:06 +02:00
|
|
|
// Rules: Security check CSRF
|
|
|
|
include(PATH_RULES.'99.security.php');
|
|
|
|
|
2017-07-13 22:39:04 +02:00
|
|
|
// Load the ajax file
|
2018-06-24 13:37:45 +02:00
|
|
|
if (Sanitize::pathFile(PATH_AJAX, $layout['parameters'].'.php')) {
|
2015-08-18 04:02:19 +02:00
|
|
|
include(PATH_AJAX.$layout['parameters'].'.php');
|
|
|
|
}
|
2015-08-17 04:33:49 +02:00
|
|
|
}
|
2018-06-24 13:37:45 +02:00
|
|
|
header('HTTP/1.1 401 User not logged.');
|
2018-05-08 00:15:40 +02:00
|
|
|
exit(0);
|
2015-05-05 03:00:01 +02:00
|
|
|
}
|
2015-11-28 15:47:03 +01:00
|
|
|
// --- ADMIN AREA ---
|
2015-05-05 03:00:01 +02:00
|
|
|
else
|
|
|
|
{
|
|
|
|
// Boot rules
|
2017-05-16 00:46:20 +02:00
|
|
|
include(PATH_RULES.'69.pages.php');
|
2015-05-05 03:00:01 +02:00
|
|
|
include(PATH_RULES.'99.header.php');
|
2015-07-20 05:14:12 +02:00
|
|
|
include(PATH_RULES.'99.paginator.php');
|
2015-08-02 04:47:45 +02:00
|
|
|
include(PATH_RULES.'99.themes.php');
|
2015-09-08 02:51:48 +02:00
|
|
|
include(PATH_RULES.'99.security.php');
|
2015-05-05 03:00:01 +02:00
|
|
|
|
2015-11-28 15:47:03 +01:00
|
|
|
// Page not found.
|
|
|
|
// User not logged.
|
|
|
|
// Slug is login.
|
|
|
|
// Slug is login-email.
|
2018-07-17 19:13:01 +02:00
|
|
|
if($url->notFound() || !$login->isLogged() || ($url->slug()==='login') || ($url->slug()==='login-email') ) {
|
2015-05-05 03:00:01 +02:00
|
|
|
$layout['controller'] = 'login';
|
2015-08-07 23:33:43 +02:00
|
|
|
$layout['view'] = 'login';
|
|
|
|
$layout['template'] = 'login.php';
|
2015-09-08 02:51:48 +02:00
|
|
|
|
2018-07-17 19:13:01 +02:00
|
|
|
if ($url->slug()==='login-email') {
|
2015-10-19 00:45:58 +02:00
|
|
|
$layout['controller'] = 'login-email';
|
|
|
|
$layout['view'] = 'login-email';
|
|
|
|
}
|
|
|
|
|
2015-11-28 15:47:03 +01:00
|
|
|
// Generate the tokenCSRF for the user not logged, when the user log-in the token will be change.
|
2018-07-17 19:13:01 +02:00
|
|
|
$security->generateTokenCSRF();
|
2015-05-05 03:00:01 +02:00
|
|
|
}
|
|
|
|
|
2017-05-17 18:48:51 +02:00
|
|
|
// Define variables
|
|
|
|
$ADMIN_CONTROLLER = $layout['controller'];
|
|
|
|
$ADMIN_VIEW = $layout['view'];
|
|
|
|
|
2015-11-28 15:47:03 +01:00
|
|
|
// Load plugins before the admin area will be load.
|
2015-08-08 02:39:10 +02:00
|
|
|
Theme::plugins('beforeAdminLoad');
|
|
|
|
|
2015-11-28 15:47:03 +01:00
|
|
|
// Load init.php if the theme has one.
|
2018-07-17 19:13:01 +02:00
|
|
|
if( Sanitize::pathFile(PATH_ADMIN_THEMES, $site->adminTheme().DS.'init.php') ) {
|
|
|
|
include(PATH_ADMIN_THEMES.$site->adminTheme().DS.'init.php');
|
2015-08-17 04:33:49 +02:00
|
|
|
}
|
2015-05-05 03:00:01 +02:00
|
|
|
|
2015-11-28 15:47:03 +01:00
|
|
|
// Load controller.
|
2015-08-17 04:33:49 +02:00
|
|
|
if( Sanitize::pathFile(PATH_ADMIN_CONTROLLERS, $layout['controller'].'.php') ) {
|
2015-05-05 03:00:01 +02:00
|
|
|
include(PATH_ADMIN_CONTROLLERS.$layout['controller'].'.php');
|
2015-08-17 04:33:49 +02:00
|
|
|
}
|
2015-05-05 03:00:01 +02:00
|
|
|
|
2015-11-28 15:47:03 +01:00
|
|
|
// Load view and theme.
|
2018-07-17 19:13:01 +02:00
|
|
|
if( Sanitize::pathFile(PATH_ADMIN_THEMES, $site->adminTheme().DS.$layout['template']) ) {
|
|
|
|
include(PATH_ADMIN_THEMES.$site->adminTheme().DS.$layout['template']);
|
2015-08-17 04:33:49 +02:00
|
|
|
}
|
2015-08-08 02:39:10 +02:00
|
|
|
|
2015-11-28 15:47:03 +01:00
|
|
|
// Load plugins after the admin area is loaded.
|
2015-08-08 02:39:10 +02:00
|
|
|
Theme::plugins('afterAdminLoad');
|
2018-06-24 13:37:45 +02:00
|
|
|
}
|