Updates
This commit is contained in:
parent
3120e7975a
commit
62196c1177
|
@ -22,6 +22,9 @@ function checkPost($args)
|
||||||
// Verify User sanitize the input
|
// Verify User sanitize the input
|
||||||
if( $Login->verifyUser($_POST['username'], $_POST['password']) )
|
if( $Login->verifyUser($_POST['username'], $_POST['password']) )
|
||||||
{
|
{
|
||||||
|
// Renew the token. This token will be the same inside the session for multiple forms.
|
||||||
|
$Security->generateToken();
|
||||||
|
|
||||||
Redirect::page('admin', 'dashboard');
|
Redirect::page('admin', 'dashboard');
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
|
@ -32,7 +32,7 @@ span.label {
|
||||||
/* ----------- HEAD ----------- */
|
/* ----------- HEAD ----------- */
|
||||||
#head {
|
#head {
|
||||||
overflow: auto;
|
overflow: auto;
|
||||||
border-top: 10px #f1f1f1 solid;
|
border-top: 10px #eee solid;
|
||||||
border-bottom: 1px solid #f1f1f1;
|
border-bottom: 1px solid #f1f1f1;
|
||||||
padding: 10px 0;
|
padding: 10px 0;
|
||||||
}
|
}
|
||||||
|
@ -105,6 +105,10 @@ h2.title {
|
||||||
font-weight: normal;
|
font-weight: normal;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
h2.title i.fa {
|
||||||
|
margin-right: 8px;
|
||||||
|
}
|
||||||
|
|
||||||
/* ----------- TABLE ----------- */
|
/* ----------- TABLE ----------- */
|
||||||
table {
|
table {
|
||||||
background-color: #fff;
|
background-color: #fff;
|
||||||
|
|
|
@ -1,38 +1,41 @@
|
||||||
<h2 class="title"><i class="fa fa-user-plus"></i> <?php $Language->p('Add a new user') ?></h2>
|
<h2 class="title"><i class="fa fa-user-plus"></i><?php $Language->p('Add a new user') ?></h2>
|
||||||
|
|
||||||
<?php makeNavbar('users'); ?>
|
<?php makeNavbar('users'); ?>
|
||||||
|
|
||||||
<form method="post" action="" class="forms" autocomplete="off">
|
<form method="post" action="" class="forms" autocomplete="off">
|
||||||
<label>
|
|
||||||
<?php $Language->p('Username') ?>
|
|
||||||
<input type="text" name="username" class="width-50" value="<?php echo (isset($_POST['username'])?$_POST['username']:'') ?>">
|
|
||||||
</label>
|
|
||||||
|
|
||||||
<label>
|
<input type="hidden" id="jstoken" name="token" value="<?php $Security->printToken() ?>">
|
||||||
<?php $Language->p('Password') ?>
|
|
||||||
<input type="password" name="password" class="width-50">
|
|
||||||
</label>
|
|
||||||
|
|
||||||
<label>
|
<label>
|
||||||
<?php $Language->p('Confirm Password') ?>
|
<?php $Language->p('Username') ?>
|
||||||
<input type="password" name="confirm-password" class="width-50">
|
<input type="text" name="username" class="width-50" value="<?php echo (isset($_POST['username'])?$_POST['username']:'') ?>">
|
||||||
</label>
|
</label>
|
||||||
|
|
||||||
<label for="country">
|
<label>
|
||||||
<?php $Language->p('Role') ?>
|
<?php $Language->p('Password') ?>
|
||||||
<select name="role" class="width-50">
|
<input type="password" name="password" class="width-50">
|
||||||
<option value="editor"><?php $Language->p('Editor') ?></option>
|
</label>
|
||||||
<option value="admin"><?php $Language->p('Administrator') ?></option>
|
|
||||||
</select>
|
|
||||||
<div class="forms-desc"><?php $Language->p('you-can-choose-the-users-privilege') ?></div>
|
|
||||||
</label>
|
|
||||||
|
|
||||||
<label>
|
<label>
|
||||||
Email
|
<?php $Language->p('Confirm Password') ?>
|
||||||
<input type="text" name="email" class="width-50" value="<?php echo (isset($_POST['email'])?$_POST['email']:'') ?>">
|
<input type="password" name="confirm-password" class="width-50">
|
||||||
<div class="forms-desc"><?php $Language->p('email-will-not-be-publicly-displayed') ?></div>
|
</label>
|
||||||
</label>
|
|
||||||
|
|
||||||
<input type="submit" class="btn btn-blue" value="<?php $Language->p('Add') ?>" name="add-user">
|
<label for="country">
|
||||||
<a href="<?php echo HTML_PATH_ADMIN_ROOT.'users' ?>" class="btn"><?php $Language->p('Cancel') ?></a>
|
<?php $Language->p('Role') ?>
|
||||||
|
<select name="role" class="width-50">
|
||||||
|
<option value="editor"><?php $Language->p('Editor') ?></option>
|
||||||
|
<option value="admin"><?php $Language->p('Administrator') ?></option>
|
||||||
|
</select>
|
||||||
|
<div class="forms-desc"><?php $Language->p('you-can-choose-the-users-privilege') ?></div>
|
||||||
|
</label>
|
||||||
|
|
||||||
|
<label>
|
||||||
|
Email
|
||||||
|
<input type="text" name="email" class="width-50" value="<?php echo (isset($_POST['email'])?$_POST['email']:'') ?>">
|
||||||
|
<div class="forms-desc"><?php $Language->p('email-will-not-be-publicly-displayed') ?></div>
|
||||||
|
</label>
|
||||||
|
|
||||||
|
<input type="submit" class="btn btn-blue" value="<?php $Language->p('Add') ?>" name="add-user">
|
||||||
|
<a href="<?php echo HTML_PATH_ADMIN_ROOT.'users' ?>" class="btn"><?php $Language->p('Cancel') ?></a>
|
||||||
</form>
|
</form>
|
|
@ -2,14 +2,15 @@
|
||||||
|
|
||||||
<form id="jsformplugin" method="post" action="" class="forms">
|
<form id="jsformplugin" method="post" action="" class="forms">
|
||||||
|
|
||||||
<input type="hidden" id="jskey" name="key" value="">
|
<input type="hidden" id="jstoken" name="token" value="<?php $Security->printToken() ?>">
|
||||||
|
<input type="hidden" id="jskey" name="key" value="">
|
||||||
|
|
||||||
<?php
|
<?php
|
||||||
echo $_Plugin->form();
|
echo $_Plugin->form();
|
||||||
?>
|
?>
|
||||||
|
|
||||||
<div>
|
<div>
|
||||||
<button class="btn btn-blue" name="publish"><?php echo $Language->p('Save') ?></button>
|
<button class="btn btn-blue" name="publish"><?php echo $Language->p('Save') ?></button>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
</form>
|
</form>
|
|
@ -1,7 +1,8 @@
|
||||||
<h2 class="title"><i class="fa fa-pencil"></i> <?php $Language->p('Edit page') ?></h2>
|
<h2 class="title"><i class="fa fa-pencil"></i><?php $Language->p('Edit page') ?></h2>
|
||||||
|
|
||||||
<form id="jsform" method="post" action="" class="forms">
|
<form id="jsform" method="post" action="" class="forms">
|
||||||
|
|
||||||
|
<input type="hidden" id="jstoken" name="token" value="<?php $Security->printToken() ?>">
|
||||||
<input type="hidden" id="jskey" name="key" value="<?php echo $_Page->key() ?>">
|
<input type="hidden" id="jskey" name="key" value="<?php echo $_Page->key() ?>">
|
||||||
|
|
||||||
<label>
|
<label>
|
||||||
|
|
|
@ -1,7 +1,8 @@
|
||||||
<h2 class="title"><i class="fa fa-pencil"></i> <?php $Language->p('Edit post') ?></h2>
|
<h2 class="title"><i class="fa fa-pencil"></i><?php $Language->p('Edit post') ?></h2>
|
||||||
|
|
||||||
<form method="post" action="" class="forms">
|
<form method="post" action="" class="forms">
|
||||||
|
|
||||||
|
<input type="hidden" id="jstoken" name="token" value="<?php $Security->printToken() ?>">
|
||||||
<input type="hidden" id="jskey" name="key" value="<?php echo $_Post->key() ?>">
|
<input type="hidden" id="jskey" name="key" value="<?php echo $_Post->key() ?>">
|
||||||
|
|
||||||
<label>
|
<label>
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
<h2 class="title"><i class="fa fa-user"></i> <?php $Language->p('Edit user') ?></h2>
|
<h2 class="title"><i class="fa fa-user"></i><?php $Language->p('Edit user') ?></h2>
|
||||||
|
|
||||||
<nav class="navbar nav-pills sublinks" data-tools="tabs" data-active="#profile">
|
<nav class="navbar nav-pills sublinks" data-tools="tabs" data-active="#profile">
|
||||||
<ul>
|
<ul>
|
||||||
|
@ -18,6 +18,8 @@
|
||||||
|
|
||||||
<div id="profile">
|
<div id="profile">
|
||||||
<form method="post" action="" class="forms">
|
<form method="post" action="" class="forms">
|
||||||
|
|
||||||
|
<input type="hidden" id="jstoken" name="token" value="<?php $Security->printToken() ?>">
|
||||||
<input type="hidden" name="edit-user" value="true">
|
<input type="hidden" name="edit-user" value="true">
|
||||||
<input type="hidden" name="username" value="<?php echo $_user['username'] ?>">
|
<input type="hidden" name="username" value="<?php echo $_user['username'] ?>">
|
||||||
|
|
||||||
|
|
|
@ -1,13 +1,18 @@
|
||||||
<h2 class="title"><?php $Language->p('Login') ?></h2>
|
<h2 class="title"><?php $Language->p('Login') ?></h2>
|
||||||
|
|
||||||
<form method="post" action="<?php echo HTML_PATH_ADMIN_ROOT.'login' ?>" class="forms" autocomplete="off">
|
<form method="post" action="<?php echo HTML_PATH_ADMIN_ROOT.'login' ?>" class="forms" autocomplete="off">
|
||||||
<label>
|
|
||||||
<input type="text" name="username" placeholder="<?php $Language->p('Username') ?>" class="width-100" autocomplete="off">
|
<input type="hidden" id="jstoken" name="token" value="<?php $Security->printToken() ?>">
|
||||||
</label>
|
|
||||||
<label>
|
<label>
|
||||||
<input type="password" name="password" placeholder="<?php $Language->p('Password') ?>" class="width-100" autocomplete="off">
|
<input type="text" name="username" placeholder="<?php $Language->p('Username') ?>" class="width-100" autocomplete="off">
|
||||||
</label>
|
</label>
|
||||||
<p>
|
|
||||||
<button class="btn btn-blue width-100"><?php $Language->p('Login') ?></button>
|
<label>
|
||||||
</p>
|
<input type="password" name="password" placeholder="<?php $Language->p('Password') ?>" class="width-100" autocomplete="off">
|
||||||
|
</label>
|
||||||
|
|
||||||
|
<p>
|
||||||
|
<button class="btn btn-blue width-100"><?php $Language->p('Login') ?></button>
|
||||||
|
</p>
|
||||||
</form>
|
</form>
|
|
@ -1,4 +1,4 @@
|
||||||
<h2 class="title"><i class="fa fa-file-text-o"></i> <?php $Language->p('Manage pages') ?></h2>
|
<h2 class="title"><i class="fa fa-file-text-o"></i><?php $Language->p('Manage pages') ?></h2>
|
||||||
|
|
||||||
<?php makeNavbar('manage'); ?>
|
<?php makeNavbar('manage'); ?>
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
<h2 class="title"><i class="fa fa-file-text-o"></i> <?php $Language->p('Manage posts') ?></h2>
|
<h2 class="title"><i class="fa fa-file-text-o"></i><?php $Language->p('Manage posts') ?></h2>
|
||||||
|
|
||||||
<?php makeNavbar('manage'); ?>
|
<?php makeNavbar('manage'); ?>
|
||||||
|
|
||||||
|
|
|
@ -2,9 +2,11 @@
|
||||||
|
|
||||||
<form method="post" action="" class="forms">
|
<form method="post" action="" class="forms">
|
||||||
|
|
||||||
|
<input type="hidden" id="jstoken" name="token" value="<?php $Security->printToken() ?>">
|
||||||
|
|
||||||
<label>
|
<label>
|
||||||
<?php $Language->p('Title') ?>
|
<?php $Language->p('Title') ?>
|
||||||
<input id="jstitle" name="title" type="text" class="width-90">
|
<input id="jstitle" name="title" type="text" class="width-90">
|
||||||
</label>
|
</label>
|
||||||
|
|
||||||
<label class="width-90">
|
<label class="width-90">
|
||||||
|
|
|
@ -1,7 +1,9 @@
|
||||||
<h2 class="title"><i class="fa fa-pencil"></i> <?php $Language->p('New post') ?></h2>
|
<h2 class="title"><i class="fa fa-pencil"></i><?php $Language->p('New post') ?></h2>
|
||||||
|
|
||||||
<form method="post" action="" class="forms">
|
<form method="post" action="" class="forms">
|
||||||
|
|
||||||
|
<input type="hidden" id="jstoken" name="token" value="<?php $Security->printToken() ?>">
|
||||||
|
|
||||||
<label>
|
<label>
|
||||||
<?php $Language->p('Title') ?>
|
<?php $Language->p('Title') ?>
|
||||||
<input id="jstitle" name="title" type="text" class="width-90">
|
<input id="jstitle" name="title" type="text" class="width-90">
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
<h2 class="title"><i class="fa fa-rocket"></i> <?php $Language->p('Plugins') ?></h2>
|
<h2 class="title"><i class="fa fa-rocket"></i><?php $Language->p('Plugins') ?></h2>
|
||||||
|
|
||||||
<?php
|
<?php
|
||||||
foreach($plugins['all'] as $Plugin)
|
foreach($plugins['all'] as $Plugin)
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
<h2 class="title"><i class="fa fa-cogs"></i> <?php $Language->p('Settings') ?></h2>
|
<h2 class="title"><i class="fa fa-cogs"></i><?php $Language->p('Settings') ?></h2>
|
||||||
|
|
||||||
<nav class="navbar nav-pills sublinks" data-tools="tabs" data-active="#general">
|
<nav class="navbar nav-pills sublinks" data-tools="tabs" data-active="#general">
|
||||||
<ul>
|
<ul>
|
||||||
|
@ -15,6 +15,9 @@
|
||||||
|
|
||||||
<div id="general">
|
<div id="general">
|
||||||
<form method="post" action="" class="forms">
|
<form method="post" action="" class="forms">
|
||||||
|
|
||||||
|
<input type="hidden" id="jstoken" name="token" value="<?php $Security->printToken() ?>">
|
||||||
|
|
||||||
<label>
|
<label>
|
||||||
<?php $Language->p('Site title') ?>
|
<?php $Language->p('Site title') ?>
|
||||||
<input type="text" name="title" class="width-50" value="<?php echo $Site->title() ?>">
|
<input type="text" name="title" class="width-50" value="<?php echo $Site->title() ?>">
|
||||||
|
@ -50,6 +53,9 @@
|
||||||
|
|
||||||
<div id="advanced">
|
<div id="advanced">
|
||||||
<form method="post" action="" class="forms">
|
<form method="post" action="" class="forms">
|
||||||
|
|
||||||
|
<input type="hidden" id="jstoken" name="token" value="<?php $Security->printToken() ?>">
|
||||||
|
|
||||||
<label for="postsperpage">
|
<label for="postsperpage">
|
||||||
<?php $Language->p('Posts per page') ?>
|
<?php $Language->p('Posts per page') ?>
|
||||||
<select name="postsperpage" class="width-50">
|
<select name="postsperpage" class="width-50">
|
||||||
|
@ -112,6 +118,9 @@
|
||||||
|
|
||||||
<div id="regional">
|
<div id="regional">
|
||||||
<form method="post" action="" class="forms" name="form-regional">
|
<form method="post" action="" class="forms" name="form-regional">
|
||||||
|
|
||||||
|
<input type="hidden" id="jstoken" name="token" value="<?php $Security->printToken() ?>">
|
||||||
|
|
||||||
<label for="jslanguage">
|
<label for="jslanguage">
|
||||||
<?php $Language->p('Language') ?>
|
<?php $Language->p('Language') ?>
|
||||||
<select id="jslanguage" name="language" class="width-50">
|
<select id="jslanguage" name="language" class="width-50">
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
<h2 class="title"><i class="fa fa-adjust"></i> <?php $Language->p('Themes') ?></h2>
|
<h2 class="title"><i class="fa fa-adjust"></i><?php $Language->p('Themes') ?></h2>
|
||||||
|
|
||||||
<?php
|
<?php
|
||||||
foreach($themes as $theme)
|
foreach($themes as $theme)
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
<h2 class="title"><i class="fa fa-users"></i> <?php $Language->p('Users') ?></h2>
|
<h2 class="title"><i class="fa fa-users"></i><?php $Language->p('Users') ?></h2>
|
||||||
|
|
||||||
<?php makeNavbar('users'); ?>
|
<?php makeNavbar('users'); ?>
|
||||||
|
|
||||||
|
|
|
@ -45,12 +45,16 @@ else
|
||||||
include(PATH_RULES.'99.header.php');
|
include(PATH_RULES.'99.header.php');
|
||||||
include(PATH_RULES.'99.paginator.php');
|
include(PATH_RULES.'99.paginator.php');
|
||||||
include(PATH_RULES.'99.themes.php');
|
include(PATH_RULES.'99.themes.php');
|
||||||
|
include(PATH_RULES.'99.security.php');
|
||||||
|
|
||||||
if($Url->notFound() || !$Login->isLogged() || ($Url->slug()==='login') )
|
if($Url->notFound() || !$Login->isLogged() || ($Url->slug()==='login') )
|
||||||
{
|
{
|
||||||
$layout['controller'] = 'login';
|
$layout['controller'] = 'login';
|
||||||
$layout['view'] = 'login';
|
$layout['view'] = 'login';
|
||||||
$layout['template'] = 'login.php';
|
$layout['template'] = 'login.php';
|
||||||
|
|
||||||
|
// Generate the token for the user not logged, when the user is loggued the token will be change.
|
||||||
|
$Security->generateToken();
|
||||||
}
|
}
|
||||||
|
|
||||||
// Plugins before admin area loaded
|
// Plugins before admin area loaded
|
||||||
|
|
|
@ -99,8 +99,7 @@ function buildPostsForPage($pageNumber=0, $amount=POSTS_PER_PAGE_ADMIN, $removeU
|
||||||
}
|
}
|
||||||
|
|
||||||
// There are not posts for the page number then set the page notfound
|
// There are not posts for the page number then set the page notfound
|
||||||
//if(empty($list) && $pageNumber>0) {
|
if(empty($list) && $pageNumber>0) {
|
||||||
if(empty($list)) {
|
|
||||||
$Url->setNotFound(true);
|
$Url->setNotFound(true);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -83,7 +83,7 @@ function build_plugins()
|
||||||
$Language->add($databaseArray);
|
$Language->add($databaseArray);
|
||||||
|
|
||||||
// Push Plugin to array all plugins installed and not installed.
|
// Push Plugin to array all plugins installed and not installed.
|
||||||
array_push($plugins['all'], $Plugin);
|
$plugins['all'][$pluginClass] = $Plugin;
|
||||||
|
|
||||||
// If the plugin installed
|
// If the plugin installed
|
||||||
if($Plugin->installed())
|
if($Plugin->installed())
|
||||||
|
|
|
@ -0,0 +1,41 @@
|
||||||
|
<?php defined('BLUDIT') or die('Bludit CMS.');
|
||||||
|
|
||||||
|
// ============================================================================
|
||||||
|
// Variables
|
||||||
|
// ============================================================================
|
||||||
|
|
||||||
|
// ============================================================================
|
||||||
|
// Functions
|
||||||
|
// ============================================================================
|
||||||
|
|
||||||
|
// ============================================================================
|
||||||
|
// Main before POST
|
||||||
|
// ============================================================================
|
||||||
|
|
||||||
|
// ============================================================================
|
||||||
|
// POST Method
|
||||||
|
// ============================================================================
|
||||||
|
|
||||||
|
if( $_SERVER['REQUEST_METHOD'] == 'POST' )
|
||||||
|
{
|
||||||
|
$token = isset($_POST['token']) ? Sanitize::html($_POST['token']) : false;
|
||||||
|
|
||||||
|
if( !$Security->validateToken($token) )
|
||||||
|
{
|
||||||
|
Log::set(__METHOD__.LOG_SEP.'Error occurred when trying validate the token. Token ID: '.$token);
|
||||||
|
|
||||||
|
// Destroy the session.
|
||||||
|
Session::destroy();
|
||||||
|
|
||||||
|
// Redirect to login panel.
|
||||||
|
Redirect::page('admin', 'login');
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
unset($_POST['token']);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// ============================================================================
|
||||||
|
// Main after POST
|
||||||
|
// ============================================================================
|
|
@ -20,6 +20,9 @@ if( Sanitize::pathFile(PATH_THEMES, $Site->theme().DS.'init.php') ) {
|
||||||
if( Sanitize::pathFile(PATH_THEMES, $Site->theme().DS.'index.php') ) {
|
if( Sanitize::pathFile(PATH_THEMES, $Site->theme().DS.'index.php') ) {
|
||||||
include(PATH_THEMES.$Site->theme().DS.'index.php');
|
include(PATH_THEMES.$Site->theme().DS.'index.php');
|
||||||
}
|
}
|
||||||
|
else {
|
||||||
|
$Language->p('Please check your theme configuration');
|
||||||
|
}
|
||||||
|
|
||||||
// Plugins after site loaded
|
// Plugins after site loaded
|
||||||
Theme::plugins('afterSiteLoad');
|
Theme::plugins('afterSiteLoad');
|
|
@ -112,6 +112,12 @@ class dbPosts extends dbJSON
|
||||||
$args['status'] = 'scheduled';
|
$args['status'] = 'scheduled';
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Tags
|
||||||
|
if(Text::isNotEmpty($args['tags'])) {
|
||||||
|
$cleanTags = array_map('trim', explode(',', $args['tags']));
|
||||||
|
$args['tags'] = implode(',', $cleanTags);
|
||||||
|
}
|
||||||
|
|
||||||
// Verify arguments with the database fields.
|
// Verify arguments with the database fields.
|
||||||
foreach($this->dbFields as $field=>$options)
|
foreach($this->dbFields as $field=>$options)
|
||||||
{
|
{
|
||||||
|
@ -336,9 +342,6 @@ class dbPosts extends dbJSON
|
||||||
uasort($this->db, array($this, 'sortLowToHigh'));
|
uasort($this->db, array($this, 'sortLowToHigh'));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
Log::set(__METHOD__.LOG_SEP.'Sorted.'.$HighToLow);
|
|
||||||
|
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -138,7 +138,7 @@ class dbSite extends dbJSON
|
||||||
// Returns the relative home link
|
// Returns the relative home link
|
||||||
public function homeLink()
|
public function homeLink()
|
||||||
{
|
{
|
||||||
return HTML_PATH_ROOT;
|
return HTML_PATH_ROOT;
|
||||||
}
|
}
|
||||||
|
|
||||||
// Returns the timezone.
|
// Returns the timezone.
|
||||||
|
|
|
@ -65,7 +65,8 @@ class dbTags extends dbJSON
|
||||||
foreach($explode as $tagName)
|
foreach($explode as $tagName)
|
||||||
{
|
{
|
||||||
$tagName = trim($tagName);
|
$tagName = trim($tagName);
|
||||||
$tagKey = Text::cleanUrl($tagName);
|
$tagKey = $tagName;
|
||||||
|
//$tagKey = Text::cleanUrl($tagName);
|
||||||
|
|
||||||
// If the tag is not empty.
|
// If the tag is not empty.
|
||||||
if(Text::isNotEmpty($tagName))
|
if(Text::isNotEmpty($tagName))
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
<?php defined('BLUDIT') or die('Bludit CMS.');
|
<?php defined('BLUDIT') or die('Bludit CMS.');
|
||||||
|
|
||||||
class Session {
|
class Session {
|
||||||
|
|
||||||
private static $started = false;
|
private static $started = false;
|
||||||
|
|
||||||
|
@ -10,40 +10,41 @@ class Session {
|
||||||
// return true;
|
// return true;
|
||||||
|
|
||||||
// DEBUG: Ver un nombre con alguna llave random al momentode instalar.
|
// DEBUG: Ver un nombre con alguna llave random al momentode instalar.
|
||||||
$session_name = 'Bludit-KEY';
|
$session_name = 'Bludit-KEY';
|
||||||
|
|
||||||
// If TRUE cookie will only be sent over secure connections.
|
// If TRUE cookie will only be sent over secure connections.
|
||||||
$secure = false;
|
$secure = false;
|
||||||
|
|
||||||
// If set to TRUE then PHP will attempt to send the httponly flag when setting the session cookie.
|
// If set to TRUE then PHP will attempt to send the httponly flag when setting the session cookie.
|
||||||
$httponly = true;
|
$httponly = true;
|
||||||
|
|
||||||
// This specifies the lifetime of the cookie in seconds which is sent to the browser.
|
// This specifies the lifetime of the cookie in seconds which is sent to the browser.
|
||||||
// The value 0 means until the browser is closed.
|
// The value 0 means until the browser is closed.
|
||||||
$cookieLifetime = 0;
|
$cookieLifetime = 0;
|
||||||
|
|
||||||
// Gets current cookies params.
|
// Gets current cookies params.
|
||||||
$cookieParams = session_get_cookie_params();
|
$cookieParams = session_get_cookie_params();
|
||||||
|
|
||||||
session_set_cookie_params($cookieLifetime,
|
session_set_cookie_params(
|
||||||
$cookieParams["path"],
|
$cookieLifetime,
|
||||||
$cookieParams["domain"],
|
$cookieParams["path"],
|
||||||
$secure,
|
$cookieParams["domain"],
|
||||||
$httponly
|
$secure,
|
||||||
);
|
$httponly
|
||||||
|
);
|
||||||
|
|
||||||
// Sets the session name to the one set above.
|
// Sets the session name to the one set above.
|
||||||
session_name($session_name);
|
session_name($session_name);
|
||||||
|
|
||||||
// Start session.
|
// Start session.
|
||||||
self::$started = session_start();
|
self::$started = session_start();
|
||||||
|
|
||||||
// Regenerated the session, delete the old one. There are problems with AJAX.
|
// Regenerated the session, delete the old one. There are problems with AJAX.
|
||||||
//session_regenerate_id(true);
|
//session_regenerate_id(true);
|
||||||
|
|
||||||
if(!self::$started) {
|
if(!self::$started) {
|
||||||
Log::set(__METHOD__.LOG_SEP.'Error occurred when trying to start the session.');
|
Log::set(__METHOD__.LOG_SEP.'Error occurred when trying to start the session.');
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
public static function started()
|
public static function started()
|
||||||
|
@ -81,4 +82,4 @@ class Session {
|
||||||
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
}
|
}
|
|
@ -148,7 +148,7 @@ class Text {
|
||||||
|
|
||||||
public static function imgRel2Abs($string, $base)
|
public static function imgRel2Abs($string, $base)
|
||||||
{
|
{
|
||||||
return preg_replace('/(?!code).(src)="([^:"]*)(?:")/', "$1=\"$base$2\"", $string);
|
return preg_replace('/(src)="([^:"]*)(?:")/', "$1=\"$base$2\"", $string);
|
||||||
}
|
}
|
||||||
|
|
||||||
public static function pre2htmlentities($string)
|
public static function pre2htmlentities($string)
|
||||||
|
|
|
@ -111,9 +111,18 @@ class Post extends fileContent
|
||||||
return $date;
|
return $date;
|
||||||
}
|
}
|
||||||
|
|
||||||
public function tags()
|
public function tags($returnsArray=false)
|
||||||
{
|
{
|
||||||
return $this->getField('tags');
|
global $Url;
|
||||||
|
|
||||||
|
$tags = $this->getField('tags');
|
||||||
|
|
||||||
|
if($returnsArray) {
|
||||||
|
return explode(',', $tags);
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
return $tags;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
public function slug()
|
public function slug()
|
||||||
|
|
|
@ -13,6 +13,42 @@ class Security extends dbJSON
|
||||||
parent::__construct(PATH_DATABASES.'security.php');
|
parent::__construct(PATH_DATABASES.'security.php');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// ====================================================
|
||||||
|
// TOKEN FOR CSRF
|
||||||
|
// ====================================================
|
||||||
|
|
||||||
|
// Generate and save the token in Session.
|
||||||
|
public function generateToken()
|
||||||
|
{
|
||||||
|
$token = Text::randomText(8);
|
||||||
|
$token = sha1($token);
|
||||||
|
|
||||||
|
Session::set('token', $token);
|
||||||
|
}
|
||||||
|
|
||||||
|
// Validate the token.
|
||||||
|
public function validateToken($token)
|
||||||
|
{
|
||||||
|
$sessionToken = Session::get('token');
|
||||||
|
|
||||||
|
return ( !empty($sessionToken) && ($sessionToken===$token) );
|
||||||
|
}
|
||||||
|
|
||||||
|
// Returns the token.
|
||||||
|
public function getToken()
|
||||||
|
{
|
||||||
|
return Session::get('token');
|
||||||
|
}
|
||||||
|
|
||||||
|
public function printToken()
|
||||||
|
{
|
||||||
|
echo Session::get('token');
|
||||||
|
}
|
||||||
|
|
||||||
|
// ====================================================
|
||||||
|
// BRUTE FORCE PROTECTION
|
||||||
|
// ====================================================
|
||||||
|
|
||||||
public function isBlocked()
|
public function isBlocked()
|
||||||
{
|
{
|
||||||
$ip = $this->getUserIp();
|
$ip = $this->getUserIp();
|
||||||
|
|
|
@ -100,9 +100,15 @@ class Url
|
||||||
}
|
}
|
||||||
|
|
||||||
// Return the filter used
|
// Return the filter used
|
||||||
public function filters($type)
|
public function filters($type, $trim=true)
|
||||||
{
|
{
|
||||||
return $this->filters[$type];
|
$filter = $this->filters[$type];
|
||||||
|
|
||||||
|
if($trim) {
|
||||||
|
$filter = trim($filter, '/');
|
||||||
|
}
|
||||||
|
|
||||||
|
return $filter;
|
||||||
}
|
}
|
||||||
|
|
||||||
// Return: home, tag, post
|
// Return: home, tag, post
|
||||||
|
|
|
@ -161,5 +161,6 @@
|
||||||
"date": "Date",
|
"date": "Date",
|
||||||
"you-can-schedule-the-post-just-select-the-date-and-time": "You can schedule the post, just select the date and time.",
|
"you-can-schedule-the-post-just-select-the-date-and-time": "You can schedule the post, just select the date and time.",
|
||||||
"scheduled": "Scheduled",
|
"scheduled": "Scheduled",
|
||||||
"publish": "Publish"
|
"publish": "Publish",
|
||||||
|
"please-check-your-theme-configuration": "Please check your theme configuration."
|
||||||
}
|
}
|
||||||
|
|
|
@ -34,7 +34,13 @@ class pluginPages extends Plugin {
|
||||||
global $Site;
|
global $Site;
|
||||||
|
|
||||||
$html = '<div class="plugin plugin-pages">';
|
$html = '<div class="plugin plugin-pages">';
|
||||||
$html .= '<h2>'.$this->getDbField('label').'</h2>';
|
|
||||||
|
// If the label is not empty, print it.
|
||||||
|
$label = $this->getDbField('label');
|
||||||
|
if( !empty($label) ) {
|
||||||
|
$html .= '<h2>'.$label.'</h2>';
|
||||||
|
}
|
||||||
|
|
||||||
$html .= '<div class="plugin-content">';
|
$html .= '<div class="plugin-content">';
|
||||||
|
|
||||||
$parents = $pagesParents[NO_PARENT_CHAR];
|
$parents = $pagesParents[NO_PARENT_CHAR];
|
||||||
|
|
|
@ -82,7 +82,7 @@ class pluginsimpleMDE extends Plugin {
|
||||||
toolbarTips: true,
|
toolbarTips: true,
|
||||||
toolbarGuideIcon: true,
|
toolbarGuideIcon: true,
|
||||||
autofocus: false,
|
autofocus: false,
|
||||||
lineWrapping: false,
|
lineWrapping: true,
|
||||||
indentWithTabs: true,
|
indentWithTabs: true,
|
||||||
tabSize: '.$this->getDbField('tabSize').',
|
tabSize: '.$this->getDbField('tabSize').',
|
||||||
spellChecker: false,
|
spellChecker: false,
|
||||||
|
|
|
@ -28,7 +28,7 @@ class pluginTags extends Plugin {
|
||||||
global $Url;
|
global $Url;
|
||||||
|
|
||||||
$db = $dbTags->db['postsIndex'];
|
$db = $dbTags->db['postsIndex'];
|
||||||
$filter = trim($Url->filters('tag'), '/');
|
$filter = $Url->filters('tag');
|
||||||
|
|
||||||
$html = '<div class="plugin plugin-tags">';
|
$html = '<div class="plugin plugin-tags">';
|
||||||
$html .= '<h2>'.$this->getDbField('label').'</h2>';
|
$html .= '<h2>'.$this->getDbField('label').'</h2>';
|
||||||
|
|
Loading…
Reference in New Issue