Opengraph, Admin panel responsive, Improves on Security tokens
This commit is contained in:
parent
3c72cc92e2
commit
8d8cf62de8
@ -30,6 +30,7 @@ define('PATH_BOOT', PATH_ROOT.'kernel'.DS.'boot'.DS);
|
||||
// Init
|
||||
require(PATH_BOOT.'init.php');
|
||||
|
||||
|
||||
// Admin area
|
||||
if($Url->whereAmI()==='admin') {
|
||||
require(PATH_BOOT.'admin.php');
|
||||
|
@ -660,4 +660,4 @@ $(document).ready(function()
|
||||
</script>
|
||||
|
||||
</body>
|
||||
</html>
|
||||
</html>
|
||||
|
@ -106,4 +106,4 @@ class dbJSON
|
||||
return unserialize($data);
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
@ -191,4 +191,4 @@ class Plugin {
|
||||
// The user can define your own dbFields.
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
@ -23,4 +23,4 @@ if($Login->role()!=='admin') {
|
||||
|
||||
// ============================================================================
|
||||
// Main after POST
|
||||
// ============================================================================
|
||||
// ============================================================================
|
||||
|
@ -79,4 +79,4 @@ if(!$dbPosts->postExists($layout['parameters']))
|
||||
|
||||
$_Post = buildPost($layout['parameters']);
|
||||
|
||||
$layout['title'] .= ' - '.$Language->g('Edit post').' - '.$_Post->title();
|
||||
$layout['title'] .= ' - '.$Language->g('Edit post').' - '.$_Post->title();
|
||||
|
@ -33,4 +33,4 @@ foreach($plugins['all'] as $P)
|
||||
}
|
||||
}
|
||||
|
||||
Redirect::page('admin', 'plugins');
|
||||
Redirect::page('admin', 'plugins');
|
||||
|
@ -36,4 +36,4 @@ else
|
||||
Log::set(__METHOD__.LOG_SEP.'Error occurred when trying to install the theme: '.$themeDirname);
|
||||
}
|
||||
|
||||
Redirect::page('admin', 'themes');
|
||||
Redirect::page('admin', 'themes');
|
||||
|
@ -83,7 +83,7 @@ function checkGet($args)
|
||||
if( $Login->verifyUserByToken($args['username'], $args['tokenEmail']) )
|
||||
{
|
||||
// Renew the tokenCRFS. This token will be the same inside the session for multiple forms.
|
||||
$Security->generateToken();
|
||||
$Security->generateTokenCSRF();
|
||||
|
||||
Redirect::page('admin', 'dashboard');
|
||||
return true;
|
||||
@ -119,4 +119,4 @@ if( $_SERVER['REQUEST_METHOD'] == 'POST' )
|
||||
|
||||
// ============================================================================
|
||||
// Main after POST
|
||||
// ============================================================================
|
||||
// ============================================================================
|
||||
|
@ -23,7 +23,7 @@ function checkPost($args)
|
||||
if( $Login->verifyUser($_POST['username'], $_POST['password']) )
|
||||
{
|
||||
// Renew the token. This token will be the same inside the session for multiple forms.
|
||||
$Security->generateToken();
|
||||
$Security->generateTokenCSRF();
|
||||
|
||||
Redirect::page('admin', 'dashboard');
|
||||
return true;
|
||||
@ -51,4 +51,4 @@ if( $_SERVER['REQUEST_METHOD'] == 'POST' )
|
||||
|
||||
// ============================================================================
|
||||
// Main after POST
|
||||
// ============================================================================
|
||||
// ============================================================================
|
||||
|
@ -23,4 +23,4 @@
|
||||
if( $Login->logout())
|
||||
{
|
||||
Redirect::home();
|
||||
}
|
||||
}
|
||||
|
@ -18,4 +18,4 @@
|
||||
|
||||
// ============================================================================
|
||||
// Main after POST
|
||||
// ============================================================================
|
||||
// ============================================================================
|
||||
|
@ -18,4 +18,4 @@
|
||||
|
||||
// ============================================================================
|
||||
// Main after POST
|
||||
// ============================================================================
|
||||
// ============================================================================
|
||||
|
@ -40,4 +40,4 @@ if( $_SERVER['REQUEST_METHOD'] == 'POST' )
|
||||
|
||||
// ============================================================================
|
||||
// Main after POST
|
||||
// ============================================================================
|
||||
// ============================================================================
|
||||
|
@ -45,4 +45,4 @@ if( $_SERVER['REQUEST_METHOD'] == 'POST' )
|
||||
|
||||
// ============================================================================
|
||||
// Main after POST
|
||||
// ============================================================================
|
||||
// ============================================================================
|
||||
|
@ -23,4 +23,4 @@ if($Login->role()!=='admin') {
|
||||
|
||||
// ============================================================================
|
||||
// Main after POST
|
||||
// ============================================================================
|
||||
// ============================================================================
|
||||
|
@ -29,4 +29,4 @@ $pluginClassName = $layout['parameters'];
|
||||
$Plugin = new $pluginClassName;
|
||||
$Plugin->uninstall();
|
||||
|
||||
Redirect::page('admin', 'plugins');
|
||||
Redirect::page('admin', 'plugins');
|
||||
|
@ -28,6 +28,7 @@
|
||||
|
||||
.uk-form legend {
|
||||
width: 70% !important;
|
||||
margin-top: 40px;
|
||||
}
|
||||
|
||||
.uk-navbar-nav > li > a {
|
||||
@ -90,7 +91,7 @@ li.bludit-logo {
|
||||
}
|
||||
|
||||
h2.title {
|
||||
margin: 20px 0;
|
||||
margin: 0 0 20px 0;
|
||||
}
|
||||
|
||||
button.delete-button {
|
||||
@ -111,6 +112,10 @@ button.delete-button:hover {
|
||||
height: 400px;
|
||||
}
|
||||
|
||||
.bl-view {
|
||||
margin-top: 25px;
|
||||
margin-bottom: 25px;
|
||||
}
|
||||
|
||||
/* ----------- ALERT ----------- */
|
||||
|
||||
@ -149,7 +154,7 @@ div.login-form {
|
||||
/* ----------- DASHBOARD ----------- */
|
||||
|
||||
div.dashboard-links {
|
||||
margin: 20px 0;
|
||||
margin: 0 0 25px 0;
|
||||
}
|
||||
|
||||
div.dashboard-links h4 {
|
||||
|
@ -18,6 +18,11 @@ input[type="password"] {
|
||||
|
||||
/* ----------- BLUDIT ----------- */
|
||||
|
||||
div.login-box {
|
||||
width: 400px;
|
||||
max-width: calc(100% - 40px);
|
||||
}
|
||||
|
||||
div.login-box > h1 {
|
||||
font-weight: lighter;
|
||||
letter-spacing: 4px;
|
||||
@ -26,7 +31,6 @@ div.login-box > h1 {
|
||||
}
|
||||
|
||||
div.login-form {
|
||||
width: 400px;
|
||||
text-align: left;
|
||||
}
|
||||
|
||||
|
@ -55,77 +55,80 @@ $(document).ready(function() {
|
||||
|
||||
<!-- Navbar -->
|
||||
<nav class="uk-navbar">
|
||||
<div class="uk-container uk-container-center">
|
||||
|
||||
<ul class="uk-navbar-nav uk-hidden-small">
|
||||
<li class="bludit-logo">BLUDIT</li>
|
||||
<li <?php echo ($layout['view']=='dashboard')?'class="uk-active"':'' ?> ><a href="<?php echo HTML_PATH_ADMIN_ROOT.'dashboard' ?>"><i class="uk-icon-object-ungroup"></i> <?php $L->p('Dashboard') ?></a></li>
|
||||
<li <?php echo ($layout['view']=='new-post')?'class="uk-active"':'' ?>><a href="<?php echo HTML_PATH_ADMIN_ROOT.'new-post' ?>"><i class="uk-icon-pencil"></i> <?php $L->p('New post') ?></a></li>
|
||||
<li <?php echo ($layout['view']=='new-page')?'class="uk-active"':'' ?>><a href="<?php echo HTML_PATH_ADMIN_ROOT.'new-page' ?>"><i class="uk-icon-file-text-o"></i> <?php $L->p('New page') ?></a></li>
|
||||
<!-- Navbar for Desktop -->
|
||||
<div class="uk-container uk-container-center uk-hidden-small">
|
||||
|
||||
<li class="uk-parent" data-uk-dropdown>
|
||||
<a href="<?php echo HTML_PATH_ADMIN_ROOT.'manage-posts' ?>"><i class="uk-icon-clone"></i> <?php $L->p('Manage') ?> ▾</a>
|
||||
<div class="uk-dropdown uk-dropdown-navbar">
|
||||
<ul class="uk-nav uk-nav-navbar">
|
||||
<li><a href="<?php echo HTML_PATH_ADMIN_ROOT.'manage-posts' ?>"><i class="uk-icon-folder-o"></i> <?php $L->p('Posts') ?></a></li>
|
||||
<li><a href="<?php echo HTML_PATH_ADMIN_ROOT.'manage-pages' ?>"><i class="uk-icon-folder-o"></i> <?php $L->p('Pages') ?></a></li>
|
||||
<?php if($Login->role() == 'admin') { ?>
|
||||
<li><a href="<?php echo HTML_PATH_ADMIN_ROOT.'users' ?>"><i class="uk-icon-users"></i> <?php $L->p('Users') ?></a></li>
|
||||
<?php } ?>
|
||||
</ul>
|
||||
<ul class="uk-navbar-nav">
|
||||
<li class="bludit-logo">BLUDIT</li>
|
||||
<li <?php echo ($layout['view']=='dashboard')?'class="uk-active"':'' ?> ><a href="<?php echo HTML_PATH_ADMIN_ROOT.'dashboard' ?>"><i class="uk-icon-object-ungroup"></i> <?php $L->p('Dashboard') ?></a></li>
|
||||
<li <?php echo ($layout['view']=='new-post')?'class="uk-active"':'' ?>><a href="<?php echo HTML_PATH_ADMIN_ROOT.'new-post' ?>"><i class="uk-icon-pencil"></i> <?php $L->p('New post') ?></a></li>
|
||||
<li <?php echo ($layout['view']=='new-page')?'class="uk-active"':'' ?>><a href="<?php echo HTML_PATH_ADMIN_ROOT.'new-page' ?>"><i class="uk-icon-file-text-o"></i> <?php $L->p('New page') ?></a></li>
|
||||
|
||||
<li class="uk-parent" data-uk-dropdown>
|
||||
<a href="<?php echo HTML_PATH_ADMIN_ROOT.'manage-posts' ?>"><i class="uk-icon-clone"></i> <?php $L->p('Manage') ?> ▾</a>
|
||||
<div class="uk-dropdown uk-dropdown-navbar">
|
||||
<ul class="uk-nav uk-nav-navbar">
|
||||
<li><a href="<?php echo HTML_PATH_ADMIN_ROOT.'manage-posts' ?>"><i class="uk-icon-folder-o"></i> <?php $L->p('Posts') ?></a></li>
|
||||
<li><a href="<?php echo HTML_PATH_ADMIN_ROOT.'manage-pages' ?>"><i class="uk-icon-folder-o"></i> <?php $L->p('Pages') ?></a></li>
|
||||
<?php if($Login->role() == 'admin') { ?>
|
||||
<li><a href="<?php echo HTML_PATH_ADMIN_ROOT.'users' ?>"><i class="uk-icon-users"></i> <?php $L->p('Users') ?></a></li>
|
||||
<?php } ?>
|
||||
</ul>
|
||||
</div>
|
||||
</li>
|
||||
|
||||
<?php if($Login->role() == 'admin') { ?>
|
||||
<li class="uk-parent" data-uk-dropdown>
|
||||
<a href="<?php echo HTML_PATH_ADMIN_ROOT.'settings-general' ?>"><i class="uk-icon-cog"></i> <?php $L->p('Settings') ?> ▾</a>
|
||||
<div class="uk-dropdown uk-dropdown-navbar">
|
||||
<ul class="uk-nav uk-nav-navbar">
|
||||
<li><a href="<?php echo HTML_PATH_ADMIN_ROOT.'settings-general' ?>"><i class="uk-icon-th-large"></i> <?php $L->p('General') ?></a></li>
|
||||
<li><a href="<?php echo HTML_PATH_ADMIN_ROOT.'settings-advanced' ?>"><i class="uk-icon-th"></i> <?php $L->p('Advanced') ?></a></li>
|
||||
<li><a href="<?php echo HTML_PATH_ADMIN_ROOT.'settings-regional' ?>"><i class="uk-icon-globe"></i> <?php $L->p('Language and timezone') ?></a></li>
|
||||
<li class="uk-nav-divider"></li>
|
||||
<li><a href="<?php echo HTML_PATH_ADMIN_ROOT.'plugins' ?>"><i class="uk-icon-puzzle-piece"></i> <?php $L->p('Plugins') ?></a></li>
|
||||
<li><a href="<?php echo HTML_PATH_ADMIN_ROOT.'themes' ?>"><i class="uk-icon-paint-brush"></i> <?php $L->p('Themes') ?></a></li>
|
||||
<li class="uk-nav-divider"></li>
|
||||
<li><a href="<?php echo HTML_PATH_ADMIN_ROOT.'about' ?>"><?php $L->p('About') ?></a></li>
|
||||
</ul>
|
||||
</div>
|
||||
</li>
|
||||
<?php } ?>
|
||||
|
||||
</ul>
|
||||
|
||||
<div class="uk-navbar-flip">
|
||||
<ul class="uk-navbar-nav">
|
||||
<li class="uk-parent" data-uk-dropdown>
|
||||
<?php
|
||||
$profilePictureSrc = HTML_PATH_ADMIN_THEME_IMG.'default.jpg';
|
||||
if(file_exists(PATH_UPLOADS_PROFILES.$Login->username().'.jpg')) {
|
||||
$profilePictureSrc = HTML_PATH_UPLOADS_PROFILES.$Login->username().'.jpg';
|
||||
}
|
||||
?>
|
||||
<a href="<?php echo HTML_PATH_ADMIN_ROOT.'edit-user/'.$Login->username() ?>">
|
||||
<img class="uk-border-circle" width="28px" src="<?php echo $profilePictureSrc ?>" alt=""> <?php echo $Login->username() ?> ▾
|
||||
</a>
|
||||
<div class="uk-dropdown uk-dropdown-navbar">
|
||||
<ul class="uk-nav uk-nav-navbar">
|
||||
<li><a href="<?php echo HTML_PATH_ADMIN_ROOT.'edit-user/'.$Login->username() ?>"><?php $L->p('Profile') ?></a></li>
|
||||
<li class="uk-nav-divider"></li>
|
||||
<li><a target="_blank" href="<?php echo HTML_PATH_ROOT ?>"><?php $L->p('Website') ?></a></li>
|
||||
<li><a href="<?php echo HTML_PATH_ADMIN_ROOT.'logout' ?>"><?php $L->p('Logout') ?></a></li>
|
||||
</ul>
|
||||
</div>
|
||||
</li>
|
||||
</ul>
|
||||
</div>
|
||||
</li>
|
||||
|
||||
<?php if($Login->role() == 'admin') { ?>
|
||||
<li class="uk-parent" data-uk-dropdown>
|
||||
<a href="<?php echo HTML_PATH_ADMIN_ROOT.'settings-general' ?>"><i class="uk-icon-cog"></i> <?php $L->p('Settings') ?> ▾</a>
|
||||
<div class="uk-dropdown uk-dropdown-navbar">
|
||||
<ul class="uk-nav uk-nav-navbar">
|
||||
<li><a href="<?php echo HTML_PATH_ADMIN_ROOT.'settings-general' ?>"><i class="uk-icon-th-large"></i> <?php $L->p('General') ?></a></li>
|
||||
<li><a href="<?php echo HTML_PATH_ADMIN_ROOT.'settings-advanced' ?>"><i class="uk-icon-th"></i> <?php $L->p('Advanced') ?></a></li>
|
||||
<li><a href="<?php echo HTML_PATH_ADMIN_ROOT.'settings-regional' ?>"><i class="uk-icon-globe"></i> <?php $L->p('Language and timezone') ?></a></li>
|
||||
<li class="uk-nav-divider"></li>
|
||||
<li><a href="<?php echo HTML_PATH_ADMIN_ROOT.'plugins' ?>"><i class="uk-icon-puzzle-piece"></i> <?php $L->p('Plugins') ?></a></li>
|
||||
<li><a href="<?php echo HTML_PATH_ADMIN_ROOT.'themes' ?>"><i class="uk-icon-paint-brush"></i> <?php $L->p('Themes') ?></a></li>
|
||||
<li class="uk-nav-divider"></li>
|
||||
<li><a href="<?php echo HTML_PATH_ADMIN_ROOT.'about' ?>"><?php $L->p('About') ?></a></li>
|
||||
</ul>
|
||||
</div>
|
||||
</li>
|
||||
<?php } ?>
|
||||
|
||||
</ul>
|
||||
|
||||
<div class="uk-navbar-flip uk-hidden-small">
|
||||
<ul class="uk-navbar-nav">
|
||||
<li class="uk-parent" data-uk-dropdown>
|
||||
<?php
|
||||
$profilePictureSrc = HTML_PATH_ADMIN_THEME_IMG.'default.jpg';
|
||||
if(file_exists(PATH_UPLOADS_PROFILES.$Login->username().'.jpg')) {
|
||||
$profilePictureSrc = HTML_PATH_UPLOADS_PROFILES.$Login->username().'.jpg';
|
||||
}
|
||||
?>
|
||||
<a href="<?php echo HTML_PATH_ADMIN_ROOT.'edit-user/'.$Login->username() ?>">
|
||||
<img class="uk-border-circle" width="28px" src="<?php echo $profilePictureSrc ?>" alt=""> <?php echo $Login->username() ?> ▾
|
||||
</a>
|
||||
<div class="uk-dropdown uk-dropdown-navbar">
|
||||
<ul class="uk-nav uk-nav-navbar">
|
||||
<li><a href="<?php echo HTML_PATH_ADMIN_ROOT.'edit-user/'.$Login->username() ?>"><?php $L->p('Profile') ?></a></li>
|
||||
<li class="uk-nav-divider"></li>
|
||||
<li><a target="_blank" href="<?php echo HTML_PATH_ROOT ?>"><?php $L->p('Website') ?></a></li>
|
||||
<li><a href="<?php echo HTML_PATH_ADMIN_ROOT.'logout' ?>"><?php $L->p('Logout') ?></a></li>
|
||||
</ul>
|
||||
</div>
|
||||
</li>
|
||||
</ul>
|
||||
</div>
|
||||
|
||||
<!-- Navbar for Mobile -->
|
||||
<a href="#offcanvas" class="uk-navbar-toggle uk-visible-small" data-uk-offcanvas></a>
|
||||
<div class="uk-navbar-brand uk-navbar-center uk-visible-small">Bludit</div>
|
||||
</div>
|
||||
<div class="uk-navbar-brand uk-navbar-center uk-visible-small">BLUDIT</div>
|
||||
</nav>
|
||||
|
||||
<!-- Offcanvas -->
|
||||
<!-- Offcanvas for Mobile -->
|
||||
<div id="offcanvas" class="uk-offcanvas">
|
||||
<div class="uk-offcanvas-bar">
|
||||
<ul class="uk-nav uk-nav-offcanvas">
|
||||
@ -148,7 +151,7 @@ $(document).ready(function() {
|
||||
</div>
|
||||
|
||||
<!-- View -->
|
||||
<div class="uk-container uk-container-center">
|
||||
<div class="uk-container uk-container-center bl-view">
|
||||
<?php
|
||||
if( Sanitize::pathFile(PATH_ADMIN_VIEWS, $layout['view'].'.php') ) {
|
||||
include(PATH_ADMIN_VIEWS.$layout['view'].'.php');
|
||||
@ -163,4 +166,4 @@ $(document).ready(function() {
|
||||
<?php Theme::plugins('adminBodyEnd') ?>
|
||||
|
||||
</body>
|
||||
</html>
|
||||
</html>
|
||||
|
@ -267,4 +267,4 @@ class HTML {
|
||||
echo $html;
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
@ -1,7 +1,6 @@
|
||||
<!DOCTYPE HTML>
|
||||
<html class="uk-height-1-1 uk-notouch">
|
||||
<head>
|
||||
<base href="<?php echo HTML_PATH_ADMIN_THEME ?>">
|
||||
<meta charset="<?php echo CHARSET ?>">
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
||||
<meta name="robots" content="noindex,nofollow">
|
||||
@ -9,15 +8,15 @@
|
||||
<title>Bludit</title>
|
||||
|
||||
<!-- Favicon -->
|
||||
<link rel="shortcut icon" type="image/x-icon" href="./img/favicon.png">
|
||||
<link rel="shortcut icon" type="image/x-icon" href="<?php echo HTML_PATH_ADMIN_THEME.'img/favicon.png' ?>">
|
||||
|
||||
<!-- CSS -->
|
||||
<link rel="stylesheet" type="text/css" href="./css/uikit/uikit.almost-flat.min.css?version=<?php echo BLUDIT_VERSION ?>">
|
||||
<link rel="stylesheet" type="text/css" href="./css/login.css?version=<?php echo BLUDIT_VERSION ?>">
|
||||
<link rel="stylesheet" type="text/css" href="<?php echo HTML_PATH_ADMIN_THEME.'css/uikit/uikit.almost-flat.min.css?version='.BLUDIT_VERSION ?>">
|
||||
<link rel="stylesheet" type="text/css" href="<?php echo HTML_PATH_ADMIN_THEME.'css/login.css?version='.BLUDIT_VERSION ?>">
|
||||
|
||||
<!-- Javascript -->
|
||||
<script charset="utf-8" src="./js/jquery.min.js?version=<?php echo BLUDIT_VERSION ?>"></script>
|
||||
<script charset="utf-8" src="./js/uikit/uikit.min.js?version=<?php echo BLUDIT_VERSION ?>"></script>
|
||||
<script charset="utf-8" src="<?php echo HTML_PATH_ADMIN_THEME.'js/jquery.min.js?version='.BLUDIT_VERSION ?>"></script>
|
||||
<script charset="utf-8" src="<?php echo HTML_PATH_ADMIN_THEME.'js/uikit/uikit.min.js?version='.BLUDIT_VERSION ?>"></script>
|
||||
|
||||
<!-- Plugins -->
|
||||
<?php Theme::plugins('loginHead') ?>
|
||||
@ -46,4 +45,4 @@
|
||||
<?php Theme::plugins('loginBodyEnd') ?>
|
||||
|
||||
</body>
|
||||
</html>
|
||||
</html>
|
||||
|
@ -31,4 +31,4 @@ echo '
|
||||
echo '
|
||||
</tbody>
|
||||
</table>
|
||||
';
|
||||
';
|
||||
|
@ -7,7 +7,7 @@ HTML::formOpen(array('id'=>'add-user-form', 'class'=>'uk-form-horizontal'));
|
||||
// Security token
|
||||
HTML::formInputHidden(array(
|
||||
'name'=>'tokenCSRF',
|
||||
'value'=>$Security->getToken()
|
||||
'value'=>$Security->getTokenCSRF()
|
||||
));
|
||||
|
||||
HTML::formInputText(array(
|
||||
@ -57,4 +57,4 @@ HTML::formOpen(array('id'=>'add-user-form', 'class'=>'uk-form-horizontal'));
|
||||
</div>
|
||||
</div>';
|
||||
|
||||
HTML::formClose();
|
||||
HTML::formClose();
|
||||
|
@ -7,7 +7,7 @@ HTML::formOpen(array('id'=>'jsformplugin'));
|
||||
// Security token
|
||||
HTML::formInputHidden(array(
|
||||
'name'=>'tokenCSRF',
|
||||
'value'=>$Security->getToken()
|
||||
'value'=>$Security->getTokenCSRF()
|
||||
));
|
||||
|
||||
// Print the plugin form
|
||||
@ -19,4 +19,4 @@ HTML::formOpen(array('id'=>'jsformplugin'));
|
||||
<a class="uk-button" href="'.HTML_PATH_ADMIN_ROOT.'plugins">'.$L->g('Cancel').'</a>
|
||||
</div>';
|
||||
|
||||
HTML::formClose();
|
||||
HTML::formClose();
|
||||
|
@ -128,4 +128,4 @@
|
||||
|
||||
</div>
|
||||
|
||||
</div>
|
||||
</div>
|
||||
|
@ -7,7 +7,7 @@ HTML::formOpen(array('class'=>'uk-form-stacked'));
|
||||
// Security token
|
||||
HTML::formInputHidden(array(
|
||||
'name'=>'tokenCSRF',
|
||||
'value'=>$Security->getToken()
|
||||
'value'=>$Security->getTokenCSRF()
|
||||
));
|
||||
|
||||
// Key input
|
||||
@ -195,4 +195,4 @@ $(document).ready(function()
|
||||
|
||||
});
|
||||
|
||||
</script>
|
||||
</script>
|
||||
|
@ -7,7 +7,7 @@ HTML::formOpen(array('class'=>'uk-form-stacked'));
|
||||
// Security token
|
||||
HTML::formInputHidden(array(
|
||||
'name'=>'tokenCSRF',
|
||||
'value'=>$Security->getToken()
|
||||
'value'=>$Security->getTokenCSRF()
|
||||
));
|
||||
|
||||
// Key input
|
||||
@ -155,4 +155,4 @@ $(document).ready(function() {
|
||||
|
||||
});
|
||||
|
||||
</script>
|
||||
</script>
|
||||
|
@ -10,7 +10,7 @@ HTML::formOpen(array('id'=>'edit-user-profile-form','class'=>'uk-form-horizontal
|
||||
// Security token
|
||||
HTML::formInputHidden(array(
|
||||
'name'=>'tokenCSRF',
|
||||
'value'=>$Security->getToken()
|
||||
'value'=>$Security->getTokenCSRF()
|
||||
));
|
||||
|
||||
// Security token
|
||||
@ -122,4 +122,4 @@ $(document).ready(function() {
|
||||
|
||||
});
|
||||
|
||||
</script>
|
||||
</script>
|
||||
|
@ -2,7 +2,7 @@
|
||||
|
||||
<form method="post" action="" class="uk-form" autocomplete="off">
|
||||
|
||||
<input type="hidden" id="jstoken" name="tokenCSRF" value="<?php $Security->printToken() ?>">
|
||||
<input type="hidden" id="jstoken" name="tokenCSRF" value="<?php $Security->printTokenCSRF() ?>">
|
||||
|
||||
<div class="uk-form-row">
|
||||
<input name="email" class="uk-width-1-1 uk-form-large" placeholder="<?php $L->p('Email') ?>" type="text">
|
||||
@ -16,4 +16,4 @@
|
||||
|
||||
</div>
|
||||
|
||||
<a class="login-email" href="<?php echo HTML_PATH_ADMIN_ROOT.'login' ?>"><i class="uk-icon-chevron-left"></i> <?php $L->p('Back to login form') ?></a>
|
||||
<a class="login-email" href="<?php echo HTML_PATH_ADMIN_ROOT.'login' ?>"><i class="uk-icon-chevron-left"></i> <?php $L->p('Back to login form') ?></a>
|
||||
|
@ -2,7 +2,7 @@
|
||||
|
||||
<form method="post" action="" class="uk-form" autocomplete="off">
|
||||
|
||||
<input type="hidden" id="jstoken" name="tokenCSRF" value="<?php $Security->printToken() ?>">
|
||||
<input type="hidden" id="jstoken" name="tokenCSRF" value="<?php $Security->printTokenCSRF() ?>">
|
||||
|
||||
<div class="uk-form-row">
|
||||
<input name="username" class="uk-width-1-1 uk-form-large" placeholder="<?php $L->p('Username') ?>" type="text">
|
||||
@ -20,4 +20,4 @@
|
||||
|
||||
</div>
|
||||
|
||||
<a class="login-email" href="<?php echo HTML_PATH_ADMIN_ROOT.'login-email' ?>"><i class="uk-icon-envelope-o"></i> <?php $L->p('Send me a login access code') ?></a>
|
||||
<a class="login-email" href="<?php echo HTML_PATH_ADMIN_ROOT.'login-email' ?>"><i class="uk-icon-envelope-o"></i> <?php $L->p('Send me a login access code') ?></a>
|
||||
|
@ -38,4 +38,4 @@ echo '
|
||||
echo '
|
||||
</tbody>
|
||||
</table>
|
||||
';
|
||||
';
|
||||
|
@ -52,4 +52,4 @@ echo '
|
||||
}
|
||||
?>
|
||||
</ul>
|
||||
</div>
|
||||
</div>
|
||||
|
@ -7,7 +7,7 @@ HTML::formOpen(array('class'=>'uk-form-stacked'));
|
||||
// Security token
|
||||
HTML::formInputHidden(array(
|
||||
'name'=>'tokenCSRF',
|
||||
'value'=>$Security->getToken()
|
||||
'value'=>$Security->getTokenCSRF()
|
||||
));
|
||||
|
||||
// ---- LEFT SIDE ----
|
||||
@ -170,4 +170,4 @@ $(document).ready(function()
|
||||
|
||||
});
|
||||
|
||||
</script>
|
||||
</script>
|
||||
|
@ -7,7 +7,7 @@ HTML::formOpen(array('class'=>'uk-form-stacked'));
|
||||
// Security token
|
||||
HTML::formInputHidden(array(
|
||||
'name'=>'tokenCSRF',
|
||||
'value'=>$Security->getToken()
|
||||
'value'=>$Security->getTokenCSRF()
|
||||
));
|
||||
|
||||
// ---- LEFT SIDE ----
|
||||
@ -140,4 +140,4 @@ $(document).ready(function() {
|
||||
|
||||
});
|
||||
|
||||
</script>
|
||||
</script>
|
||||
|
@ -49,4 +49,4 @@ echo '
|
||||
echo '
|
||||
</tbody>
|
||||
</table>
|
||||
';
|
||||
';
|
||||
|
@ -6,9 +6,11 @@ HTML::formOpen(array('class'=>'uk-form-horizontal'));
|
||||
|
||||
HTML::formInputHidden(array(
|
||||
'name'=>'tokenCSRF',
|
||||
'value'=>$Security->getToken()
|
||||
'value'=>$Security->getTokenCSRF()
|
||||
));
|
||||
|
||||
HTML::legend(array('value'=>$L->g('General')));
|
||||
|
||||
HTML::formSelect(array(
|
||||
'name'=>'postsperpage',
|
||||
'label'=>$L->g('Posts per page'),
|
||||
|
@ -7,9 +7,11 @@ HTML::formOpen(array('class'=>'uk-form-horizontal'));
|
||||
// Security token
|
||||
HTML::formInputHidden(array(
|
||||
'name'=>'tokenCSRF',
|
||||
'value'=>$Security->getToken()
|
||||
'value'=>$Security->getTokenCSRF()
|
||||
));
|
||||
|
||||
HTML::legend(array('value'=>$L->g('Site')));
|
||||
|
||||
HTML::formInputText(array(
|
||||
'name'=>'title',
|
||||
'label'=>$L->g('Site title'),
|
||||
@ -48,4 +50,4 @@ HTML::formOpen(array('class'=>'uk-form-horizontal'));
|
||||
</div>
|
||||
</div>';
|
||||
|
||||
HTML::formClose();
|
||||
HTML::formClose();
|
||||
|
@ -6,7 +6,7 @@ HTML::formOpen(array('class'=>'uk-form-horizontal'));
|
||||
|
||||
HTML::formInputHidden(array(
|
||||
'name'=>'tokenCSRF',
|
||||
'value'=>$Security->getToken()
|
||||
'value'=>$Security->getTokenCSRF()
|
||||
));
|
||||
|
||||
HTML::formSelect(array(
|
||||
@ -63,4 +63,4 @@ $(document).ready(function() {
|
||||
|
||||
});
|
||||
|
||||
</script>
|
||||
</script>
|
||||
|
@ -42,4 +42,4 @@ echo '
|
||||
echo '
|
||||
</tbody>
|
||||
</table>
|
||||
';
|
||||
';
|
||||
|
@ -7,7 +7,7 @@ HTML::formOpen(array('id'=>'edit-user-profile-form','class'=>'uk-form-horizontal
|
||||
// Security token
|
||||
HTML::formInputHidden(array(
|
||||
'name'=>'tokenCSRF',
|
||||
'value'=>$Security->getToken()
|
||||
'value'=>$Security->getTokenCSRF()
|
||||
));
|
||||
|
||||
// Hidden field username
|
||||
@ -52,4 +52,4 @@ HTML::formOpen(array('id'=>'edit-user-profile-form','class'=>'uk-form-horizontal
|
||||
|
||||
HTML::formClose();
|
||||
|
||||
?>
|
||||
?>
|
||||
|
@ -35,4 +35,4 @@ foreach($users as $username=>$field)
|
||||
echo '
|
||||
</tbody>
|
||||
</table>
|
||||
';
|
||||
';
|
||||
|
@ -23,4 +23,4 @@ elseif( $_POST['type']==='post' ) {
|
||||
|
||||
echo json_encode( array('slug'=>$slug) );
|
||||
|
||||
?>
|
||||
?>
|
||||
|
@ -58,4 +58,4 @@ exit(json_encode(array(
|
||||
'filename'=>$tmpName
|
||||
)));
|
||||
|
||||
?>
|
||||
?>
|
||||
|
@ -15,7 +15,7 @@ $layout['controller'] = $layout['view'] = $layout['slug'] = $explodeSlug[0];
|
||||
unset($explodeSlug[0]);
|
||||
$layout['parameters'] = implode('/', $explodeSlug);
|
||||
|
||||
// Disable Magic Quotes
|
||||
// Disable Magic Quotes.
|
||||
// Thanks, http://stackoverflow.com/questions/517008/how-to-turn-off-magic-quotes-on-shared-hosting
|
||||
if ( in_array( strtolower( ini_get( 'magic_quotes_gpc' ) ), array( '1', 'on' ) ) )
|
||||
{
|
||||
@ -24,18 +24,19 @@ if ( in_array( strtolower( ini_get( 'magic_quotes_gpc' ) ), array( '1', 'on' ) )
|
||||
$_COOKIE = array_map('stripslashes', $_COOKIE);
|
||||
}
|
||||
|
||||
// AJAX
|
||||
// --- AJAX ---
|
||||
if( $layout['slug']==='ajax' )
|
||||
{
|
||||
// Check if the user is loggued.
|
||||
if($Login->isLogged())
|
||||
{
|
||||
// Load AJAX file
|
||||
// Load the ajax file.
|
||||
if( Sanitize::pathFile(PATH_AJAX, $layout['parameters'].'.php') ) {
|
||||
include(PATH_AJAX.$layout['parameters'].'.php');
|
||||
}
|
||||
}
|
||||
}
|
||||
// ADMIN AREA
|
||||
// --- ADMIN AREA ---
|
||||
else
|
||||
{
|
||||
// Boot rules
|
||||
@ -47,6 +48,10 @@ else
|
||||
include(PATH_RULES.'99.themes.php');
|
||||
include(PATH_RULES.'99.security.php');
|
||||
|
||||
// Page not found.
|
||||
// User not logged.
|
||||
// Slug is login.
|
||||
// Slug is login-email.
|
||||
if($Url->notFound() || !$Login->isLogged() || ($Url->slug()==='login') || ($Url->slug()==='login-email') )
|
||||
{
|
||||
$layout['controller'] = 'login';
|
||||
@ -59,28 +64,29 @@ else
|
||||
$layout['view'] = 'login-email';
|
||||
}
|
||||
|
||||
// Generate the token for the user not logged, when the user is loggued the token will be change.
|
||||
$Security->generateToken();
|
||||
// Generate the tokenCSRF for the user not logged, when the user log-in the token will be change.
|
||||
$Security->generateTokenCSRF();
|
||||
}
|
||||
|
||||
// Plugins before admin area loaded
|
||||
// Load plugins before the admin area will be load.
|
||||
Theme::plugins('beforeAdminLoad');
|
||||
|
||||
// Admin theme init.php
|
||||
// Load init.php if the theme has one.
|
||||
if( Sanitize::pathFile(PATH_ADMIN_THEMES, $Site->adminTheme().DS.'init.php') ) {
|
||||
include(PATH_ADMIN_THEMES.$Site->adminTheme().DS.'init.php');
|
||||
}
|
||||
|
||||
// Load controller
|
||||
// Load controller.
|
||||
if( Sanitize::pathFile(PATH_ADMIN_CONTROLLERS, $layout['controller'].'.php') ) {
|
||||
include(PATH_ADMIN_CONTROLLERS.$layout['controller'].'.php');
|
||||
}
|
||||
|
||||
// Load view and theme
|
||||
// Load view and theme.
|
||||
if( Sanitize::pathFile(PATH_ADMIN_THEMES, $Site->adminTheme().DS.$layout['template']) ) {
|
||||
include(PATH_ADMIN_THEMES.$Site->adminTheme().DS.$layout['template']);
|
||||
}
|
||||
|
||||
// Plugins after admin area loaded
|
||||
// Load plugins after the admin area is loaded.
|
||||
Theme::plugins('afterAdminLoad');
|
||||
}
|
||||
|
||||
}
|
||||
|
@ -172,4 +172,4 @@ else
|
||||
else {
|
||||
buildPostsForPage($Url->pageNumber(), $Site->postsPerPage(), true);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -20,9 +20,9 @@ if( $_SERVER['REQUEST_METHOD'] == 'POST' )
|
||||
{
|
||||
$token = isset($_POST['tokenCSRF']) ? Sanitize::html($_POST['tokenCSRF']) : false;
|
||||
|
||||
if( !$Security->validateToken($token) )
|
||||
if( !$Security->validateTokenCSRF($token) )
|
||||
{
|
||||
Log::set(__METHOD__.LOG_SEP.'Error occurred when trying validate the tokenCSRF. Token CSRF ID: '.$token);
|
||||
Log::set(__FILE__.LOG_SEP.'Error occurred when trying to validate the tokenCSRF. Token CSRF ID: '.$token);
|
||||
|
||||
// Destroy the session.
|
||||
Session::destroy();
|
||||
@ -38,4 +38,4 @@ if( $_SERVER['REQUEST_METHOD'] == 'POST' )
|
||||
|
||||
// ============================================================================
|
||||
// Main after POST
|
||||
// ============================================================================
|
||||
// ============================================================================
|
||||
|
@ -47,4 +47,4 @@ if($database!==false)
|
||||
|
||||
// Add new words from language theme
|
||||
$Language->add($databaseArray);
|
||||
}
|
||||
}
|
||||
|
@ -25,4 +25,4 @@ else {
|
||||
}
|
||||
|
||||
// Plugins after site loaded
|
||||
Theme::plugins('afterSiteLoad');
|
||||
Theme::plugins('afterSiteLoad');
|
||||
|
@ -106,4 +106,4 @@ class dbLanguage extends dbJSON
|
||||
|
||||
return $tmp;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -418,4 +418,4 @@ class dbPages extends dbJSON
|
||||
|
||||
return $this->db!=$db;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -466,4 +466,4 @@ class dbPosts extends dbJSON
|
||||
return $this->db!=$db;
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
@ -150,6 +150,14 @@ class dbSite extends dbJSON
|
||||
return $this->getField('url');
|
||||
}
|
||||
|
||||
public function domain()
|
||||
{
|
||||
$parse = parse_url($this->url());
|
||||
$domain = $parse['scheme']."://".$parse['host'];
|
||||
|
||||
return $domain;
|
||||
}
|
||||
|
||||
// Returns TRUE if the cli mode is enabled, otherwise FALSE.
|
||||
public function cliMode()
|
||||
{
|
||||
@ -228,4 +236,4 @@ class dbSite extends dbJSON
|
||||
return date_default_timezone_set($timezone);
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
@ -84,4 +84,4 @@ class dbTags extends dbJSON
|
||||
return true;
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
@ -188,4 +188,4 @@ class dbUsers extends dbJSON
|
||||
return true;
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
@ -31,4 +31,4 @@ class Alert {
|
||||
return Session::get('defined');
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
@ -26,4 +26,4 @@ class Email {
|
||||
return mail($args['to'], $args['subject'], $message, implode(PHP_EOL, $headers));
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
@ -63,4 +63,4 @@ class Paginator {
|
||||
return $html;
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
@ -76,4 +76,4 @@ class Sanitize {
|
||||
return 0;
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
@ -82,4 +82,4 @@
|
||||
|
||||
return false;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -225,4 +225,4 @@ class Text {
|
||||
$string);
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
@ -33,4 +33,4 @@ class Valid {
|
||||
return $tmp && $tmp->format($format)==$date;
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
@ -71,4 +71,4 @@ function checkSlug(type, text, parentPage, key, writeResponse)
|
||||
});
|
||||
}
|
||||
|
||||
</script>
|
||||
</script>
|
||||
|
@ -159,4 +159,4 @@ class Login {
|
||||
return Session::destroy();
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
@ -202,4 +202,4 @@ class Page extends fileContent
|
||||
return $this->getField('authorLastName');
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
@ -19,16 +19,18 @@ class Security extends dbJSON
|
||||
// ====================================================
|
||||
|
||||
// Generate and save the token in Session.
|
||||
public function generateToken()
|
||||
public function generateTokenCSRF()
|
||||
{
|
||||
$token = Text::randomText(8);
|
||||
$token = sha1($token);
|
||||
|
||||
Log::set(__METHOD__.LOG_SEP.'New tokenCSRF was generated '.$token);
|
||||
|
||||
Session::set('tokenCSRF', $token);
|
||||
}
|
||||
|
||||
// Validate the token.
|
||||
public function validateToken($token)
|
||||
public function validateTokenCSRF($token)
|
||||
{
|
||||
$sessionToken = Session::get('tokenCSRF');
|
||||
|
||||
@ -36,12 +38,12 @@ class Security extends dbJSON
|
||||
}
|
||||
|
||||
// Returns the token.
|
||||
public function getToken()
|
||||
public function getTokenCSRF()
|
||||
{
|
||||
return Session::get('tokenCSRF');
|
||||
}
|
||||
|
||||
public function printToken()
|
||||
public function printTokenCSRF()
|
||||
{
|
||||
echo Session::get('tokenCSRF');
|
||||
}
|
||||
@ -134,4 +136,4 @@ class Security extends dbJSON
|
||||
|
||||
return $ip;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -184,4 +184,4 @@ class Url
|
||||
return strlen($b)-strlen($a);
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
@ -44,4 +44,4 @@ class pluginAbout extends Plugin {
|
||||
|
||||
return $html;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -121,4 +121,4 @@ class pluginDisqus extends Plugin {
|
||||
|
||||
return $html;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -60,4 +60,4 @@ class pluginGoogleTools extends Plugin {
|
||||
|
||||
return $html;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -2,34 +2,58 @@
|
||||
|
||||
class pluginOpenGraph extends Plugin {
|
||||
|
||||
private function getImage($content)
|
||||
{
|
||||
$dom = new DOMDocument();
|
||||
$dom->loadHTML('<meta http-equiv="content-type" content="text/html; charset=utf-8">'.$content);
|
||||
$finder = new DomXPath($dom);
|
||||
$classname = "bludit-img-opengraph";
|
||||
$images = $finder->query("//img[contains(@class, '$classname')]");
|
||||
|
||||
if($images->length>0)
|
||||
{
|
||||
// First image from the list
|
||||
$image = $images->item(0);
|
||||
|
||||
// Get value from attribute src
|
||||
$coverImage = $image->getAttribute('src');
|
||||
|
||||
return $coverImage;
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
public function siteHead()
|
||||
{
|
||||
global $Url, $Site;
|
||||
global $Post, $Page;
|
||||
|
||||
$og = array(
|
||||
'locale' =>$Site->locale(),
|
||||
'type' =>'website',
|
||||
'title' =>$Site->title(),
|
||||
'locale' =>$Site->locale(),
|
||||
'type' =>'website',
|
||||
'title' =>$Site->title(),
|
||||
'description' =>$Site->description(),
|
||||
'url' =>$Site->url(),
|
||||
'image' =>'',
|
||||
'siteName' =>$Site->title()
|
||||
'url' =>$Site->url(),
|
||||
'image' =>'',
|
||||
'siteName' =>$Site->title()
|
||||
);
|
||||
|
||||
switch($Url->whereAmI())
|
||||
{
|
||||
case 'post':
|
||||
$og['type'] = 'article';
|
||||
$og['type'] = 'article';
|
||||
$og['title'] = $Post->title().' | '.$og['title'];
|
||||
$og['description'] = $Post->description();
|
||||
$og['url'] = $Post->permalink(true);
|
||||
$og['url'] = $Post->permalink(true);
|
||||
$og['image'] = $Site->domain().$this->getImage($Post->content());
|
||||
break;
|
||||
case 'page':
|
||||
$og['type'] = 'article';
|
||||
$og['type'] = 'article';
|
||||
$og['title'] = $Page->title().' | '.$og['title'];
|
||||
$og['description'] = $Page->description();
|
||||
$og['url'] = $Page->permalink(true);
|
||||
$og['url'] = $Page->permalink(true);
|
||||
$og['image'] = $Site->domain().$this->getImage($Page->content());
|
||||
break;
|
||||
}
|
||||
|
||||
@ -44,4 +68,4 @@ class pluginOpenGraph extends Plugin {
|
||||
|
||||
return $html;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -89,4 +89,4 @@ class pluginPages extends Plugin {
|
||||
|
||||
return $html;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -109,4 +109,4 @@ class pluginsimpleMDE extends Plugin {
|
||||
|
||||
return $html;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -51,4 +51,4 @@
|
||||
<?php Theme::plugins('siteBodyEnd') ?>
|
||||
|
||||
</body>
|
||||
</html>
|
||||
</html>
|
||||
|
@ -43,4 +43,4 @@
|
||||
</style>
|
||||
|
||||
<!-- Plugins Site Head -->
|
||||
<?php Theme::plugins('siteHead') ?>
|
||||
<?php Theme::plugins('siteHead') ?>
|
||||
|
@ -56,4 +56,4 @@
|
||||
<!-- Paginator for posts -->
|
||||
<?php
|
||||
echo Paginator::html();
|
||||
?>
|
||||
?>
|
||||
|
@ -23,4 +23,4 @@
|
||||
<!-- Plugins Page Begin -->
|
||||
<?php Theme::plugins('pageEnd') ?>
|
||||
|
||||
</section>
|
||||
</section>
|
||||
|
@ -40,4 +40,4 @@
|
||||
<!-- Plugins Post End -->
|
||||
<?php Theme::plugins('postEnd') ?>
|
||||
|
||||
</section>
|
||||
</section>
|
||||
|
@ -6,4 +6,4 @@
|
||||
<!-- Plugins Sidebar -->
|
||||
<?php Theme::plugins('siteSidebar') ?>
|
||||
|
||||
</div>
|
||||
</div>
|
||||
|
Loading…
Reference in New Issue
Block a user