From 3635084bec12504d70db2239c3ff7a56eb2de1b3 Mon Sep 17 00:00:00 2001
From: Diego Najar <dignajar@gmail.com>
Date: Sun, 24 Jun 2018 13:37:45 +0200
Subject: [PATCH] check user is logged

---
 bl-kernel/admin/themes/booty/html/alert.php   |   5 +-
 bl-kernel/admin/themes/booty/html/sidebar.php |   4 +-
 .../admin/themes/booty/html/user-logged.php   |   8 +
 bl-kernel/admin/themes/booty/index.php        |   6 +-
 bl-kernel/admin/views/categories.php          |   2 +-
 bl-kernel/admin/views/edit-category.php       |   2 +-
 bl-kernel/admin/views/new-content.php         |   2 +-
 bl-kernel/admin/views/settings.php            |  11 +-
 bl-kernel/ajax/user-logged.php                |  24 +++
 bl-kernel/boot/admin.php                      |   5 +-
 bl-kernel/boot/variables.php                  |   5 +-
 bl-kernel/dbsite.class.php                    |   8 +-
 bl-kernel/js/bludit-ajax.php                  |  36 ++++-
 bl-kernel/js/functions.php                    |   2 +-
 bl-plugins/updater/plugin.php                 | 138 ++++++------------
 install.php                                   |  10 +-
 16 files changed, 157 insertions(+), 111 deletions(-)
 create mode 100644 bl-kernel/admin/themes/booty/html/user-logged.php
 create mode 100644 bl-kernel/ajax/user-logged.php

diff --git a/bl-kernel/admin/themes/booty/html/alert.php b/bl-kernel/admin/themes/booty/html/alert.php
index ee30000a..c9f11ea5 100644
--- a/bl-kernel/admin/themes/booty/html/alert.php
+++ b/bl-kernel/admin/themes/booty/html/alert.php
@@ -1,8 +1,9 @@
 <!-- Alert -->
 <script>
 	function showAlert(text) {
+		console.log("[INFO] Function showAlert() called.");
 		$("#alert").html(text);
-		$("#alert").slideDown().delay(3500).slideUp();
+		$("#alert").slideDown().delay(<?php echo $GLOBALS['ALERT_DISSAPEAR_IN']*1000 ?>).slideUp();
 	}
 
 	<?php if (Alert::defined()): ?>
@@ -14,4 +15,4 @@
 	});
 </script>
 
-<div id="alert" class="alert <?php echo (Alert::status()==ALERT_STATUS_FAIL)?'alert-danger':'alert-success' ?>"></div>
\ No newline at end of file
+<div id="alert" class="alert <?php echo (Alert::status()==ALERT_STATUS_FAIL)?'alert-danger':'alert-success' ?>"></div>
diff --git a/bl-kernel/admin/themes/booty/html/sidebar.php b/bl-kernel/admin/themes/booty/html/sidebar.php
index 11b53e06..ce20527b 100644
--- a/bl-kernel/admin/themes/booty/html/sidebar.php
+++ b/bl-kernel/admin/themes/booty/html/sidebar.php
@@ -28,7 +28,7 @@
 		<a class="nav-link" href="<?php echo HTML_PATH_ADMIN_ROOT.'categories' ?>"><?php $L->p('Categories') ?></a>
 	</li>
 	<li class="nav-item">
-		<a class="nav-link" href="<?php echo HTML_PATH_ADMIN_ROOT.'Users' ?>"><?php $L->p('Users') ?></a>
+		<a class="nav-link" href="<?php echo HTML_PATH_ADMIN_ROOT.'users' ?>"><?php $L->p('Users') ?></a>
 	</li>
 
 	<li class="nav-item mt-3">
@@ -52,4 +52,4 @@
 	<li class="nav-item mt-5">
 		<a class="nav-link" href="<?php echo HTML_PATH_ADMIN_ROOT.'logout' ?>"><span class="oi oi-account-logout"></span><?php $L->p('Logout') ?></a>
 	</li>
-</ul>
\ No newline at end of file
+</ul>
diff --git a/bl-kernel/admin/themes/booty/html/user-logged.php b/bl-kernel/admin/themes/booty/html/user-logged.php
new file mode 100644
index 00000000..efd815f7
--- /dev/null
+++ b/bl-kernel/admin/themes/booty/html/user-logged.php
@@ -0,0 +1,8 @@
+<!-- Check if the user is logged -->
+<script>
+	setInterval(
+		function() {
+			var ajax = new bluditAjax();
+			ajax.userLogged(showAlert);
+		}, 15000);
+</script>
diff --git a/bl-kernel/admin/themes/booty/index.php b/bl-kernel/admin/themes/booty/index.php
index 3d830f58..1534b4c2 100644
--- a/bl-kernel/admin/themes/booty/index.php
+++ b/bl-kernel/admin/themes/booty/index.php
@@ -75,8 +75,12 @@
 	</div>
 </div>
 
+<!-- Check user logged and Internet connection -->
+<?php include('html/user-logged.php'); ?>
+
+
 <!-- Plugins -->
 <?php Theme::plugins('adminBodyEnd') ?>
 
 </body>
-</html>
\ No newline at end of file
+</html>
diff --git a/bl-kernel/admin/views/categories.php b/bl-kernel/admin/views/categories.php
index 3c85278a..caf14e6c 100644
--- a/bl-kernel/admin/views/categories.php
+++ b/bl-kernel/admin/views/categories.php
@@ -1,6 +1,6 @@
 <?php defined('BLUDIT') or die('Bludit CMS.');
 
-echo Bootstrap::pageTitle(array('title'=>$L->g('Categories'), 'icon'=>'grid-three-up'));
+echo Bootstrap::pageTitle(array('title'=>$L->g('Categories'), 'icon'=>'tags'));
 
 echo Bootstrap::link(array(
 	'title'=>'Add a new category',
diff --git a/bl-kernel/admin/views/edit-category.php b/bl-kernel/admin/views/edit-category.php
index 94cdf292..03725c91 100644
--- a/bl-kernel/admin/views/edit-category.php
+++ b/bl-kernel/admin/views/edit-category.php
@@ -1,6 +1,6 @@
 <?php defined('BLUDIT') or die('Bludit CMS.');
 
-echo Bootstrap::pageTitle(array('title'=>$L->g('Edit Category'), 'icon'=>'grid-three-up'));
+echo Bootstrap::pageTitle(array('title'=>$L->g('Edit Category'), 'icon'=>'tags'));
 
 echo Bootstrap::formOpen(array());
 
diff --git a/bl-kernel/admin/views/new-content.php b/bl-kernel/admin/views/new-content.php
index e1dff256..2e911a69 100644
--- a/bl-kernel/admin/views/new-content.php
+++ b/bl-kernel/admin/views/new-content.php
@@ -113,7 +113,7 @@
 			echo Bootstrap::formInputText(array(
 				'name'=>'tags',
 				'label'=>'Tags',
-				'placeholder'=>'Tags separeted by comma'
+				'placeholder'=>'Write the tags separeted by comma'
 			));
 
 			// Description
diff --git a/bl-kernel/admin/views/settings.php b/bl-kernel/admin/views/settings.php
index 7be07bb6..27ced189 100644
--- a/bl-kernel/admin/views/settings.php
+++ b/bl-kernel/admin/views/settings.php
@@ -254,6 +254,15 @@ echo Bootstrap::pageTitle(array('title'=>$L->g('Settings'), 'icon'=>'cog'));
 			'tip'=>''
 		));
 
+		echo Bootstrap::formInputText(array(
+			'name'=>'gitlab',
+			'label'=>'Gitlab',
+			'value'=>$Site->gitlab(),
+			'class'=>'',
+			'placeholder'=>'',
+			'tip'=>''
+		));
+
 		echo Bootstrap::formInputText(array(
 			'name'=>'github',
 			'label'=>'Github',
@@ -376,4 +385,4 @@ $(document).ready(function() {
 	});
 
 });
-</script>
\ No newline at end of file
+</script>
diff --git a/bl-kernel/ajax/user-logged.php b/bl-kernel/ajax/user-logged.php
new file mode 100644
index 00000000..3c28a0cd
--- /dev/null
+++ b/bl-kernel/ajax/user-logged.php
@@ -0,0 +1,24 @@
+<?php defined('BLUDIT') or die('Bludit CMS.');
+header('Content-Type: application/json');
+
+/*
+ * 
+ * This script check if the user is logged
+ * 
+ */
+
+// Check UUID
+if ($Login->isLogged()) {
+	exit (json_encode(array(
+		'status'=>1,
+		'message'=>'The user is logged.'
+	)));
+}
+
+exit (json_encode(array(
+	'status'=>0,
+	'message'=>'The user is NOT logged.'
+)));
+
+
+?>
diff --git a/bl-kernel/boot/admin.php b/bl-kernel/boot/admin.php
index 246e6105..e2268c47 100644
--- a/bl-kernel/boot/admin.php
+++ b/bl-kernel/boot/admin.php
@@ -33,10 +33,11 @@ if ($layout['slug']==='ajax') {
 		include(PATH_RULES.'99.security.php');
 
 		// Load the ajax file
-		if( Sanitize::pathFile(PATH_AJAX, $layout['parameters'].'.php') ) {
+		if (Sanitize::pathFile(PATH_AJAX, $layout['parameters'].'.php')) {
 			include(PATH_AJAX.$layout['parameters'].'.php');
 		}
 	}
+	header('HTTP/1.1 401 User not logged.');
 	exit(0);
 }
 // --- ADMIN AREA ---
@@ -91,4 +92,4 @@ else
 
 	// Load plugins after the admin area is loaded.
 	Theme::plugins('afterAdminLoad');
-}
\ No newline at end of file
+}
diff --git a/bl-kernel/boot/variables.php b/bl-kernel/boot/variables.php
index a74b87f1..26c875aa 100644
--- a/bl-kernel/boot/variables.php
+++ b/bl-kernel/boot/variables.php
@@ -113,4 +113,7 @@ $GLOBALS['THUMBNAILS_HEIGHT'] = 400;
 $GLOBALS['THUMBNAILS_QUALITY'] = 100;
 
 // Autosave
-$GLOBALS['AUTOSAVE_TIME'] = 2; // Minutes
\ No newline at end of file
+$GLOBALS['AUTOSAVE_TIME'] = 2; // Minutes
+
+// Alert
+$GLOBALS['ALERT_DISSAPEAR_IN'] = 3; // Seconds
diff --git a/bl-kernel/dbsite.class.php b/bl-kernel/dbsite.class.php
index 09564d3f..c2c4e2b5 100644
--- a/bl-kernel/dbsite.class.php
+++ b/bl-kernel/dbsite.class.php
@@ -30,6 +30,7 @@ class dbSite extends dbJSON
 		'googlePlus'=>		array('inFile'=>false, 'value'=>''),
 		'instagram'=>		array('inFile'=>false, 'value'=>''),
 		'github'=>		array('inFile'=>false, 'value'=>''),
+		'gitlab'=>		array('inFile'=>false, 'value'=>''),
 		'linkedin'=>		array('inFile'=>false, 'value'=>''),
 		'orderBy'=>		array('inFile'=>false, 'value'=>'date'), // date or position
 		'extremeFriendly'=>	array('inFile'=>false, 'value'=>true)
@@ -130,6 +131,11 @@ class dbSite extends dbJSON
 	{
 		return $this->getField('github');
 	}
+	
+	public function gitlab()
+	{
+		return $this->getField('gitlab');
+	}
 
 	public function googlePlus()
 	{
@@ -304,4 +310,4 @@ class dbSite extends dbJSON
 		return date_default_timezone_set($timezone);
 	}
 
-}
\ No newline at end of file
+}
diff --git a/bl-kernel/js/bludit-ajax.php b/bl-kernel/js/bludit-ajax.php
index 6e987437..c85ab5b5 100644
--- a/bl-kernel/js/bludit-ajax.php
+++ b/bl-kernel/js/bludit-ajax.php
@@ -1,7 +1,7 @@
 class bluditAjax {
 
 	// Autosave works only when the content has more than 100 characters
-	// callBack function need to be showAlert() is the function to display an alert defined in alert.php
+	// callBack function need to be showAlert(), this function is for display alerts to the user, defined in alert.php
 	autosave(uuid, title, content, callBack) {
 		var ajaxRequest;
 		if (ajaxRequest) {
@@ -38,6 +38,40 @@ class bluditAjax {
 		});
 	}
 
+	// Alert the user when the user is not logged
+	userLogged(callBack) {
+		var ajaxRequest;
+		if (ajaxRequest) {
+			ajaxRequest.abort();
+		}
+
+		console.log("[INFO] Bludit AJAX: userLogged(): running");
+
+		ajaxRequest = $.ajax({
+			type: "POST",
+			data: {
+				tokenCSRF: tokenCSRF // token from env variables
+			},
+			url: "<?php echo HTML_PATH_ADMIN_ROOT ?>ajax/user-logged"
+		});
+
+		ajaxRequest.done(function (response, textStatus, jqXHR) {
+			console.log("[INFO] Bludit AJAX: userLogged(): done handler");
+		});
+
+		ajaxRequest.fail(function (jqXHR, textStatus, errorThrown) {
+			// The fail is produced by admin.php when the user is not logged the ajax request is not possible and returns 401
+			console.log("[INFO] Bludit AJAX: userLogged(): fail handler");
+			if (jqXHR.status==401) {
+				callBack("Your are not more logged, Bludit can't save your settings and content.");
+			}
+		});
+
+		ajaxRequest.always(function () {
+			console.log("[INFO] Bludit AJAX: userLogged(): always handler");
+		});
+	}
+
 	generateSlug(text, parentKey, currentKey, callBack) {
 		var ajaxRequest;
 		if (ajaxRequest) {
diff --git a/bl-kernel/js/functions.php b/bl-kernel/js/functions.php
index af4d4e6e..70c2edbc 100644
--- a/bl-kernel/js/functions.php
+++ b/bl-kernel/js/functions.php
@@ -1,7 +1,7 @@
 <script>
 
 // DEPRECATED
-// ALL THIS FUNCTIONS IS DEPREACTED
+// ALL THIS FUNCTIONS ARE DEPREACTED
 
 var ajaxRequest;
 
diff --git a/bl-plugins/updater/plugin.php b/bl-plugins/updater/plugin.php
index 0fa92262..5af05e4e 100644
--- a/bl-plugins/updater/plugin.php
+++ b/bl-plugins/updater/plugin.php
@@ -4,6 +4,8 @@ class pluginUpdater extends Plugin {
 
 	// Define if the extension zip is loaded
 	private $zip = false;
+	private $urlLatestVersionFile = 'https://';
+	private $localLatestVersionFile = '';
 
 	public function init()
 	{
@@ -12,6 +14,15 @@ class pluginUpdater extends Plugin {
 
 		// Check for zip extension installed
 		$this->zip = extension_loaded('zip');
+		
+		// Local full path of the file of the latest version of Bludit
+		$this->localLatestVersionFile = $this->workspace().DS.'bludit-latest.zip';
+	}
+
+	// Redefine workspace
+	public function workspace()
+	{
+		return PATH_CONTENT.'updater'.DS;
 	}
 
 	// Install the plugin and create the workspace directory
@@ -30,27 +41,21 @@ class pluginUpdater extends Plugin {
 		return Filesystem::deleteRecursive($workspace);
 	}
 
-	// Redefine workspace
-	public function workspace()
-	{
-		return PATH_CONTENT.'updater'.DS;
-	}
-
 	// Check if the root directory is writable
-	private function isWritable()
+	public function isWritable()
 	{
 		return is_writable(PATH_ROOT);
 	}
 
 	// Create a copy of all the system and compress it
 	// Returns the name of the backup directory
-	private function makeFullBackup()
+	public function makeFullBackup()
 	{
 		$currentDate = Date::current(BACKUP_DATE_FORMAT);
 		$backupDirectory = $this->workspace().$currentDate;
 
-		// Copy all the files to a backup directory formed by date
-		Filesystem::copyRecursive(PATH_CONTENT, $backupDirectory, $backupDirectory);
+		// Copy all files from PATH_ROOT to $backupDirectory, also omit the directory $backupDirectory
+		Filesystem::copyRecursive(PATH_ROOT, $backupDirectory, $backupDirectory);
 
 		// Compress the backup directory
 		if (Filesystem::zip($backupDirectory, $backupDirectory.'.zip')) {
@@ -61,19 +66,37 @@ class pluginUpdater extends Plugin {
 	}
 
 	// Download the latest version of Bludit
-	private function downloadLatestVersion()
+	public function downloadLatestVersion()
 	{
-		TCP::download('https://bludit-latest.zip', $this->workspace().DS.'bludit-latest.zip');
+		return TCP::download($this->urlLatestVersionFile, $this->localLatestVersionFile);
+	}
+
+	public function validChecksum()
+	{
+		// IMPLEMENT !!!	
+		return true;
+	}
+
+	// Unzip the latest version and replace the old files
+	public function upgradeFiles()
+	{
+		return Filesystem::unzip($this->localLatestVersionFile, PATH_ROOT);
 	}
 
 	public function post()
 	{
-		if (isset($_POST['createBackup'])) {
-			return $this->createBackup();
-		} elseif (isset($_POST['restoreBackup'])) {
-			return $this->restoreBackup($_POST['restoreBackup']);
-		} elseif (isset($_POST['deleteBackup'])) {
-			return $this->deleteBackup($_POST['deleteBackup']);
+		if (isset($_POST['updateNow'])) {
+			echo 'Making a backup';
+			$this->makeFullBackup();
+			
+			echo 'Downloading the latest version of Bludit';
+			$this->downloadLatestVersion();
+			
+			echo 'Validating checksum';
+			if ($this->validChecksum()) {
+				echo 'Updating files';
+				return $this->upgradeFiles();
+			}
 		}
 
 		return false;
@@ -83,86 +106,15 @@ class pluginUpdater extends Plugin {
 	{
 		global $Language;
 
-		$backups = Filesystem::listDirectories($this->workspace(), '*', true);
-		if ($this->zip) {
-			$backups = Filesystem::listFiles($this->workspace(), '*', 'zip', true);
+		if ($this->zip===false) {
+			//return '<div class="alert alert-success">The extension zip file is not installed, to use this plugin you need install the extension first.</div>';
 		}
 
 		$html  = '<div>';
-		$html .= '<button name="createBackup" value="true" class="left small blue" type="submit"><i class="uk-icon-plus"></i> '.$Language->get('create-backup').'</button>';
+		$html .= '<button name="updateNow" value="true" class="btn btn-primary" type="submit">'.$Language->get('Update Now').'</button>';
 		$html .= '</div>';
-		$html .= '<hr>';
 
-		foreach ($backups as $backup) {
-			$filename = pathinfo($backup,PATHINFO_FILENAME);
-			$basename = pathinfo($backup,PATHINFO_BASENAME);
-
-			$html .= '<div>';
-			$html .= '<h3>'.Date::format($filename, BACKUP_DATE_FORMAT, 'F j, Y, g:i a').'</h3>';
-			// Allow download if a zip file
-			if ($this->zip) {
-				$html .= '<a class="uk-button small left blue" href="'.DOMAIN_CONTENT.'backup/'.$filename.'.zip"><i class="uk-icon-download"></i> '.$Language->get('download').'</a>';
-			}
-			$html .= '<button name="restoreBackup" value="'.$filename.'" class="uk-button small left" type="submit"><i class="uk-icon-clock-o"></i> '.$Language->get('restore-backup').'</button>';
-			$html .= '<button name="deleteBackup"  value="'.$filename.'" class="uk-button small left" type="submit"><i class="uk-icon-trash-o"></i> '.$Language->get('delete-backup').'</button>';
-			$html .= '</div>';
-			$html .= '<hr>';
-		}
 		return $html;
 	}
 
-	public function createBackup()
-	{
-		// Current backup directory
-		$currentDate = Date::current(BACKUP_DATE_FORMAT);
-		$backupDir = $this->workspace().$currentDate;
-
-		// Copy directories to backup directory
-		// $directoriesToBackup is a private variable of this class
-		foreach ($this->directoriesToBackup as $dir) {
-			$destination = $backupDir.DS.basename($dir);
-			Filesystem::copyRecursive($dir, $destination);
-		}
-
-		// Compress backup directory
-		if ($this->zip) {
-			if (Filesystem::zip($backupDir, $backupDir.'.zip')) {
-				Filesystem::deleteRecursive($backupDir);
-			}
-		}
-
-		return true;
-	}
-
-	public function restoreBackup($filename)
-	{
-		// Remove current files
-		foreach ($this->directoriesToBackup as $dir) {
-			Filesystem::deleteRecursive($dir);
-		}
-
-		// Recover backuped files
-		// Zip format
-		if ($this->zip) {
-			$tmp = $this->workspace().$filename.'.zip';
-			return Filesystem::unzip($tmp, PATH_CONTENT);
-		}
-
-		// Directory format
-		$tmp = $this->workspace().$filename;
-		return Filesystem::copyRecursive($tmp, PATH_CONTENT);
-	}
-
-	public function deleteBackup($filename)
-	{
-		// Zip format
-		if ($this->zip) {
-			$tmp = $this->workspace().$filename.'.zip';
-			return Filesystem::rmfile($tmp);
-		}
-
-		// Directory format
-		$tmp = $this->workspace().$filename;
-		return Filesystem::deleteRecursive($tmp);
-	}
-}
\ No newline at end of file
+}
diff --git a/install.php b/install.php
index 7d687b11..dc60054e 100644
--- a/install.php
+++ b/install.php
@@ -422,7 +422,7 @@ function install($adminPassword, $email='', $timezone)
 		'locale'=>$Language->locale(),
 		'timezone'=>$timezone,
 		'theme'=>'alternative',
-		'adminTheme'=>'default',
+		'adminTheme'=>'booty',
 		'homepage'=>'',
 		'pageNotFound'=>'',
 		'uriPage'=>'/',
@@ -438,7 +438,11 @@ function install($adminPassword, $email='', $timezone)
 		'codepen'=>'',
 		'googlePlus'=>'https://plus.google.com/+Bluditcms',
 		'github'=> 'https://github.com/bludit',
-		'dateFormat'=>'F j, Y'
+		'instagram'=>'',
+		'gitlab'=>'',
+		'linkedin'=>'',
+		'dateFormat'=>'F j, Y',
+		'extremeFriendly'=>true
 	);
 
 	file_put_contents(PATH_DATABASES.'site.php', $dataHead.json_encode($data, JSON_PRETTY_PRINT), LOCK_EX);
@@ -740,4 +744,4 @@ $(document).ready(function()
 </script>
 
 </body>
-</html>
\ No newline at end of file
+</html>