Merge branch 'dignajar/master'

README.md

@@ -5,7 +5,16 @@ Bludit is a fast, simple, extensible and Flat file CMS.
 
 - [Documentation](http://docs.bludit.com/en/)
 - [Help and Support](http://forum.bludit.com)
-- Follow Bludit on [Twitter](https://twitter.com/bludit) and [Facebook](https://www.facebook.com/pages/Bludit/239255789455913)
+- [Plugins](https://github.com/dignajar/bludit-plugins)
+- [Themes](https://github.com/dignajar/bludit-themes)
+- [More plugins and themes](http://forum.bludit.com/viewforum.php?f=14)
+
+Social
+------
+
+- [Twitter](https://twitter.com/bludit)
+- [Facebook](https://www.facebook.com/pages/Bludit/239255789455913)
+- [Google+](https://plus.google.com/+Bluditcms)
 
 Requirements
 ------------
@@ -18,7 +27,6 @@ You only need a Webserver with PHP support.
   * Apache with module [mod_rewrite](http://httpd.apache.org/docs/current/mod/mod_rewrite.html)
   * Ngnix with module [ngx_http_rewrite_module](http://nginx.org/en/docs/http/ngx_http_rewrite_module.html)
 
-
 Installation guide
 ------------------
 
@@ -29,4 +37,4 @@ Installation guide
 
 License
 -------
-Bludit is opensource software licensed under the [MIT license](https://tldrlegal.com/license/mit-license)
+Bludit is opensource software licensed under the [MIT license](https://tldrlegal.com/license/mit-license)

admin/controllers/dashboard.php

@@ -16,8 +16,10 @@
 // Main after POST
 // ============================================================================
 
-$_newPosts = $dbPosts->regenerate();
-$_newPages = $dbPages->regenerate();
+//$_newPosts = $dbPosts->regenerateCli();
+//$_newPages = $dbPages->regenerateCli();
+
+$_newPages = $_newPosts = array();
 
 $_draftPosts = array();
 foreach($posts as $Post)

admin/controllers/edit-page.php

@@ -24,9 +24,7 @@ function editPage($args)
 	// Edit the page.
 	if( $dbPages->edit($args) )
 	{
-		$dbPages->regenerate();
-
-		//$dbTags->reindexPages( $dbPages->db );
+		$dbPages->regenerateCli();
 
 		Alert::set($Language->g('The changes have been saved'));
 		Redirect::page('admin', 'edit-page/'.$args['key']);

admin/controllers/edit-post.php

@@ -1,5 +1,9 @@
 <?php defined('BLUDIT') or die('Bludit CMS.');
 
+// ============================================================================
+// Check role
+// ============================================================================
+
 // ============================================================================
 // Functions
 // ============================================================================
@@ -7,7 +11,6 @@
 function editPost($args)
 {
 	global $dbPosts;
-	global $dbTags;
 	global $Language;
 
 	// Post status, published or draft.
@@ -21,8 +24,8 @@ function editPost($args)
 	// Edit the post.
 	if( $dbPosts->edit($args) )
 	{
-		// Regenerate the database tags
-		$dbTags->reindexPosts( $dbPosts->db );
+		// Reindex tags, this function is in 70.posts.php
+		reIndexTagsPosts();
 
 		Alert::set($Language->g('The changes have been saved'));
 		Redirect::page('admin', 'edit-post/'.$args['key']);
@@ -31,18 +34,19 @@ function editPost($args)
 	{
 		Log::set(__METHOD__.LOG_SEP.'Error occurred when trying to edit the post.');
 	}
+
+	return false;
 }
 
 function deletePost($key)
 {
 	global $dbPosts;
-	global $dbTags;
 	global $Language;
 
 	if( $dbPosts->delete($key) )
 	{
-		// Regenerate the database tags
-		$dbTags->reindexPosts( $dbPosts->db );
+		// Reindex tags, this function is in 70.posts.php
+		reIndexTagsPosts();
 
 		Alert::set($Language->g('The post has been deleted successfully'));
 		Redirect::page('admin', 'manage-posts');

admin/controllers/login.php

@@ -22,6 +22,9 @@ function checkPost($args)
 	// Verify User sanitize the input
 	if( $Login->verifyUser($_POST['username'], $_POST['password']) )
 	{
+		// Renew the token. This token will be the same inside the session for multiple forms.
+		$Security->generateToken();
+
 		Redirect::page('admin', 'dashboard');
 		return true;
 	}

admin/controllers/new-page.php

@@ -24,8 +24,6 @@ function addPage($args)
 	// Add the page.
 	if( $dbPages->add($args) )
 	{
-		//$dbTags->reindexPages( $dbPages->db );
-
 		Alert::set($Language->g('Page added successfully'));
 		Redirect::page('admin', 'manage-pages');
 	}

admin/controllers/new-post.php

@@ -11,7 +11,6 @@
 function addPost($args)
 {
 	global $dbPosts;
-	global $dbTags;
 	global $Language;
 
 	// Page status, published or draft.
@@ -25,8 +24,8 @@ function addPost($args)
 	// Add the page.
 	if( $dbPosts->add($args) )
 	{
-		// Regenerate the database tags
-		$dbTags->reindexPosts( $dbPosts->db );
+		// Reindex tags, this function is in 70.posts.php
+		reIndexTagsPosts();
 
 		Alert::set($Language->g('Post added successfully'));
 		Redirect::page('admin', 'manage-posts');
@@ -35,6 +34,8 @@ function addPost($args)
 	{
 		Log::set(__METHOD__.LOG_SEP.'Error occurred when trying to create the post.');
 	}
+
+	return false;
 }
 
 // ============================================================================

admin/themes/default/css/default.css

@@ -32,7 +32,7 @@ span.label {
 /* ----------- HEAD ----------- */
 #head {
     overflow: auto;
-    border-top: 10px #f1f1f1 solid;
+    border-top: 10px #eee solid;
     border-bottom: 1px solid #f1f1f1;
     padding: 10px 0;
 }
@@ -105,6 +105,10 @@ h2.title {
     font-weight: normal;
 }
 
+h2.title i.fa {
+    margin-right: 8px;
+}
+
 /* ----------- TABLE ----------- */
 table {
     background-color: #fff;

admin/views/add-user.php

@@ -1,38 +1,41 @@
-<h2 class="title"><i class="fa fa-user-plus"></i> <?php $Language->p('Add a new user') ?></h2>
+<h2 class="title"><i class="fa fa-user-plus"></i><?php $Language->p('Add a new user') ?></h2>
 
 <?php makeNavbar('users'); ?>
 
-<form method="post" action="" class="forms">
-    <label>
-        <?php $Language->p('Username') ?>
-        <input type="text" name="username" class="width-50" value="<?php echo (isset($_POST['username'])?$_POST['username']:'') ?>">
-    </label>
+<form method="post" action="" class="forms" autocomplete="off">
 
-    <label>
-        <?php $Language->p('Password') ?>
-        <input type="password" name="password" class="width-50">
-    </label>
+	<input type="hidden" id="jstoken" name="token" value="<?php $Security->printToken() ?>">
 
-    <label>
-        <?php $Language->p('Confirm Password') ?>
-        <input type="password" name="confirm-password" class="width-50">
-    </label>
+	<label>
+	<?php $Language->p('Username') ?>
+	<input type="text" name="username" class="width-50" value="<?php echo (isset($_POST['username'])?$_POST['username']:'') ?>">
+	</label>
 
-    <label for="country">
-        <?php $Language->p('Role') ?>
-        <select name="role" class="width-50">
-            <option value="editor"><?php $Language->p('Editor') ?></option>
-            <option value="admin"><?php $Language->p('Administrator') ?></option>
-        </select>
-        <div class="forms-desc"><?php $Language->p('you-can-choose-the-users-privilege') ?></div>
-    </label>
+	<label>
+	<?php $Language->p('Password') ?>
+	<input type="password" name="password" class="width-50">
+	</label>
 
-    <label>
-        Email
-        <input type="text" name="email" class="width-50" value="<?php echo (isset($_POST['email'])?$_POST['email']:'') ?>">
-        <div class="forms-desc"><?php $Language->p('email-will-not-be-publicly-displayed') ?></div>
-    </label>
+	<label>
+	<?php $Language->p('Confirm Password') ?>
+	<input type="password" name="confirm-password" class="width-50">
+	</label>
 
-    <input type="submit" class="btn btn-blue" value="<?php $Language->p('Add') ?>" name="add-user">
-    <a href="<?php echo HTML_PATH_ADMIN_ROOT.'users' ?>" class="btn"><?php $Language->p('Cancel') ?></a>
+	<label for="country">
+	<?php $Language->p('Role') ?>
+	<select name="role" class="width-50">
+	<option value="editor"><?php $Language->p('Editor') ?></option>
+	<option value="admin"><?php $Language->p('Administrator') ?></option>
+	</select>
+	<div class="forms-desc"><?php $Language->p('you-can-choose-the-users-privilege') ?></div>
+	</label>
+
+	<label>
+	Email
+	<input type="text" name="email" class="width-50" value="<?php echo (isset($_POST['email'])?$_POST['email']:'') ?>">
+	<div class="forms-desc"><?php $Language->p('email-will-not-be-publicly-displayed') ?></div>
+	</label>
+
+	<input type="submit" class="btn btn-blue" value="<?php $Language->p('Add') ?>" name="add-user">
+	<a href="<?php echo HTML_PATH_ADMIN_ROOT.'users' ?>" class="btn"><?php $Language->p('Cancel') ?></a>
 </form>

admin/views/configure-plugin.php

@@ -2,14 +2,15 @@
 
 <form id="jsformplugin" method="post" action="" class="forms">
 
-    <input type="hidden" id="jskey" name="key" value="">
+	<input type="hidden" id="jstoken" name="token" value="<?php $Security->printToken() ?>">
+	<input type="hidden" id="jskey" name="key" value="">
 
-    <?php
-        echo $_Plugin->form();
-    ?>
+	<?php
+		echo $_Plugin->form();
+	?>
 
-    <div>
-    <button class="btn btn-blue" name="publish"><?php echo $Language->p('Save') ?></button>
-    </div>
+	<div>
+	<button class="btn btn-blue" name="publish"><?php echo $Language->p('Save') ?></button>
+	</div>
 
 </form>

admin/views/edit-page.php

@@ -1,7 +1,8 @@
-<h2 class="title"><i class="fa fa-pencil"></i> <?php $Language->p('Edit page') ?></h2>
+<h2 class="title"><i class="fa fa-pencil"></i><?php $Language->p('Edit page') ?></h2>
 
 <form id="jsform" method="post" action="" class="forms">
 
+    <input type="hidden" id="jstoken" name="token" value="<?php $Security->printToken() ?>">
     <input type="hidden" id="jskey" name="key" value="<?php echo $_Page->key() ?>">
 
     <label>

admin/views/edit-post.php

@@ -1,7 +1,8 @@
-<h2 class="title"><i class="fa fa-pencil"></i> <?php $Language->p('Edit post') ?></h2>
+<h2 class="title"><i class="fa fa-pencil"></i><?php $Language->p('Edit post') ?></h2>
 
 <form method="post" action="" class="forms">
 
+	<input type="hidden" id="jstoken" name="token" value="<?php $Security->printToken() ?>">
 	<input type="hidden" id="jskey" name="key" value="<?php echo $_Post->key() ?>">
 
 	<label>

admin/views/edit-user.php

@@ -1,4 +1,4 @@
-<h2 class="title"><i class="fa fa-user"></i> <?php $Language->p('Edit user') ?></h2>
+<h2 class="title"><i class="fa fa-user"></i><?php $Language->p('Edit user') ?></h2>
 
 <nav class="navbar nav-pills sublinks" data-tools="tabs" data-active="#profile">
     <ul>
@@ -18,6 +18,8 @@
 
 <div id="profile">
 <form method="post" action="" class="forms">
+
+    <input type="hidden" id="jstoken" name="token" value="<?php $Security->printToken() ?>">
     <input type="hidden" name="edit-user" value="true">
     <input type="hidden" name="username" value="<?php echo $_user['username'] ?>">
 

admin/views/login.php

@@ -1,13 +1,18 @@
 <h2 class="title"><?php $Language->p('Login') ?></h2>
 
 <form method="post" action="<?php echo HTML_PATH_ADMIN_ROOT.'login' ?>" class="forms" autocomplete="off">
-    <label>
-        <input type="text" name="username" placeholder="<?php $Language->p('Username') ?>" class="width-100" autocomplete="off">
-    </label>
-    <label>
-        <input type="password" name="password" placeholder="<?php $Language->p('Password') ?>" class="width-100" autocomplete="off">
-    </label>
-    <p>
-        <button class="btn btn-blue width-100"><?php $Language->p('Login') ?></button>
-    </p>
+
+	<input type="hidden" id="jstoken" name="token" value="<?php $Security->printToken() ?>">
+
+	<label>
+		<input type="text" name="username" placeholder="<?php $Language->p('Username') ?>" class="width-100" autocomplete="off">
+	</label>
+
+	<label>
+		<input type="password" name="password" placeholder="<?php $Language->p('Password') ?>" class="width-100" autocomplete="off">
+	</label>
+
+	<p>
+		<button class="btn btn-blue width-100"><?php $Language->p('Login') ?></button>
+	</p>
 </form>

admin/views/manage-pages.php

@@ -1,4 +1,4 @@
-<h2 class="title"><i class="fa fa-file-text-o"></i> <?php $Language->p('Manage pages') ?></h2>
+<h2 class="title"><i class="fa fa-file-text-o"></i><?php $Language->p('Manage pages') ?></h2>
 
 <?php makeNavbar('manage'); ?>
 

admin/views/manage-posts.php

@@ -1,4 +1,4 @@
-<h2 class="title"><i class="fa fa-file-text-o"></i> <?php $Language->p('Manage posts') ?></h2>
+<h2 class="title"><i class="fa fa-file-text-o"></i><?php $Language->p('Manage posts') ?></h2>
 
 <?php makeNavbar('manage'); ?>
 

admin/views/new-page.php

@@ -2,9 +2,11 @@
 
 <form method="post" action="" class="forms">
 
+    <input type="hidden" id="jstoken" name="token" value="<?php $Security->printToken() ?>">
+
     <label>
-        <?php $Language->p('Title') ?>
-        <input id="jstitle" name="title" type="text" class="width-90">
+    <?php $Language->p('Title') ?>
+    <input id="jstitle" name="title" type="text" class="width-90">
     </label>
 
     <label class="width-90">

admin/views/new-post.php

@@ -1,7 +1,9 @@
-<h2 class="title"><i class="fa fa-pencil"></i> <?php $Language->p('New post') ?></h2>
+<h2 class="title"><i class="fa fa-pencil"></i><?php $Language->p('New post') ?></h2>
 
 <form method="post" action="" class="forms">
 
+	<input type="hidden" id="jstoken" name="token" value="<?php $Security->printToken() ?>">
+
 	<label>
 		<?php $Language->p('Title') ?>
 		<input id="jstitle" name="title" type="text" class="width-90">

admin/views/plugins.php

@@ -1,4 +1,4 @@
-<h2 class="title"><i class="fa fa-rocket"></i> <?php $Language->p('Plugins') ?></h2>
+<h2 class="title"><i class="fa fa-rocket"></i><?php $Language->p('Plugins') ?></h2>
 
 <?php
 	foreach($plugins['all'] as $Plugin)

admin/views/settings.php

@@ -1,4 +1,4 @@
-<h2 class="title"><i class="fa fa-cogs"></i> <?php $Language->p('Settings') ?></h2>
+<h2 class="title"><i class="fa fa-cogs"></i><?php $Language->p('Settings') ?></h2>
 
 <nav class="navbar nav-pills sublinks" data-tools="tabs" data-active="#general">
     <ul>
@@ -15,6 +15,9 @@
 
 <div id="general">
 <form method="post" action="" class="forms">
+
+    <input type="hidden" id="jstoken" name="token" value="<?php $Security->printToken() ?>">
+
     <label>
     <?php $Language->p('Site title') ?>
     <input type="text" name="title" class="width-50" value="<?php echo $Site->title() ?>">
@@ -50,6 +53,9 @@
 
 <div id="advanced">
 <form method="post" action="" class="forms">
+
+    <input type="hidden" id="jstoken" name="token" value="<?php $Security->printToken() ?>">
+
     <label for="postsperpage">
         <?php $Language->p('Posts per page') ?>
         <select name="postsperpage" class="width-50">
@@ -112,6 +118,9 @@
 
 <div id="regional">
 <form method="post" action="" class="forms" name="form-regional">
+
+    <input type="hidden" id="jstoken" name="token" value="<?php $Security->printToken() ?>">
+
     <label for="jslanguage">
         <?php $Language->p('Language') ?>
         <select id="jslanguage" name="language" class="width-50">

admin/views/themes.php

@@ -1,4 +1,4 @@
-<h2 class="title"><i class="fa fa-adjust"></i> <?php $Language->p('Themes') ?></h2>
+<h2 class="title"><i class="fa fa-adjust"></i><?php $Language->p('Themes') ?></h2>
 
 <?php
 	foreach($themes as $theme)

admin/views/users.php

@@ -1,4 +1,4 @@
-<h2 class="title"><i class="fa fa-users"></i> <?php $Language->p('Users') ?></h2>
+<h2 class="title"><i class="fa fa-users"></i><?php $Language->p('Users') ?></h2>
 
 <?php makeNavbar('users'); ?>
 

features.txt

@@ -38,10 +38,23 @@ Si cambia el parent
  verificar parent
  mover directorio adentro del parent
 
+—————————
+Nuevo post
+- Reindex dbtags
+
+—————————
+
 Editar usuario
 1- Usuario logueado
 2- Ver si el usuario es administrador o si es el mismo usuario que se esta editando.
 
+—————————
+dbTags
+Regenerate posts list
+- Al momento de regenerarla deberia enviarle la lista de post ordenada por fecha.
+- De esta forma la estructura esta ordenada para mostrarla.
+- El que hace el trabajo es el administrador
+
 —————————
 New post->Publish->Manage posts
 New page->Publish->Manage pages

install.php

@@ -69,7 +69,7 @@ include(PATH_KERNEL.'dblanguage.class.php');
 include(PATH_HELPERS.'log.class.php');
 include(PATH_HELPERS.'date.class.php');
 
-// Try detect locale/language from HTTP
+// Try to detect language from HTTP
 $explode = explode(',', $_SERVER['HTTP_ACCEPT_LANGUAGE']);
 $localeFromHTTP = empty($explode[0])?'en_US':str_replace('-', '_', $explode[0]);
 
@@ -193,13 +193,19 @@ function install($adminPassword, $email)
 
 	if(!mkdir(PATH_PLUGINS_DATABASES.'pages', $dirpermissions, true))
 	{
-		$errorText = 'Error when trying to created the directory=>'.PATH_PLUGINS_DATABASES;
+		$errorText = 'Error when trying to created the directory=>'.PATH_PLUGINS_DATABASES.'pages';
 		error_log($errorText, 0);
 	}
 
 	if(!mkdir(PATH_PLUGINS_DATABASES.'simplemde', $dirpermissions, true))
 	{
-		$errorText = 'Error when trying to created the directory=>'.PATH_PLUGINS_DATABASES;
+		$errorText = 'Error when trying to created the directory=>'.PATH_PLUGINS_DATABASES.'simplemde';
+		error_log($errorText, 0);
+	}
+
+	if(!mkdir(PATH_PLUGINS_DATABASES.'tags', $dirpermissions, true))
+	{
+		$errorText = 'Error when trying to created the directory=>'.PATH_PLUGINS_DATABASES.'tags';
 		error_log($errorText, 0);
 	}
 
@@ -291,34 +297,62 @@ function install($adminPassword, $email)
 
 	file_put_contents(PATH_DATABASES.'security.php', $dataHead.json_encode($data, JSON_PRETTY_PRINT), LOCK_EX);
 
-	// File plugins/pages/db.php
-	$data = array(
-		'homeLink'=>true,
-		'label'=>$Language->get('Pages'),
-		'position'=>'0'
+	// File tags.php
+	file_put_contents(
+		PATH_DATABASES.'tags.php',
+		$dataHead.json_encode(
+			array(
+				'postsIndex'=>array(
+					'bludit'=>array('name'=>'Bludit', 'posts'=>array('first-post')),
+					'cms'=>array('name'=>'cms', 'posts'=>array('first-post'))
+				),
+				'pagesIndex'=>array()
+			),
+		JSON_PRETTY_PRINT),
+		LOCK_EX
 	);
 
-	file_put_contents(PATH_PLUGINS_DATABASES.'pages'.DS.'db.php', $dataHead.json_encode($data, JSON_PRETTY_PRINT), LOCK_EX);
+
+	// PLUGINS
+
+	// File plugins/pages/db.php
+	file_put_contents(
+		PATH_PLUGINS_DATABASES.'pages'.DS.'db.php',
+		$dataHead.json_encode(
+			array(
+				'position'=>0,
+				'homeLink'=>true,
+				'label'=>$Language->get('Pages')
+			),
+		JSON_PRETTY_PRINT),
+		LOCK_EX
+	);
 
 	// File plugins/simplemde/db.php
 	file_put_contents(
 		PATH_PLUGINS_DATABASES.'simplemde'.DS.'db.php',
 		$dataHead.json_encode(
 			array(
-				'position'=>0
+				'position'=>0,
+				'tabSize'=>4,
+				'toolbar'=>'"bold", "italic", "heading", "|", "quote", "unordered-list", "|", "link", "image", "code", "horizontal-rule", "|", "preview", "side-by-side", "fullscreen", "guide"'
 			),
 		JSON_PRETTY_PRINT),
 		LOCK_EX
 	);
 
-	// File tags.php
-	$data = array(
-		'postsIndex'=>array(),
-		'pagesIndex'=>array()
+	// File plugins/tags/db.php
+	file_put_contents(
+		PATH_PLUGINS_DATABASES.'tags'.DS.'db.php',
+		$dataHead.json_encode(
+			array(
+				'position'=>0,
+				'label'=>$Language->get('Tags')
+			),
+		JSON_PRETTY_PRINT),
+		LOCK_EX
 	);
 
-	file_put_contents(PATH_DATABASES.'tags.php', $dataHead.json_encode($data, JSON_PRETTY_PRINT), LOCK_EX);
-
 	// File index.txt for error page
 	$data = 'Title: '.$Language->get('Error').'
 	Content: '.$Language->get('The page has not been found');

kernel/abstract/dbjson.class.php

@@ -3,6 +3,7 @@
 class dbJSON
 {
 	public $db;
+	public $dbBackup;
 	public $file;
 	public $firstLine;
 
@@ -12,6 +13,7 @@ class dbJSON
 	{
 		$this->file = $file;
 		$this->db = array();
+		$this->dbBackup = array();
 		$this->firstLine = $firstLine;
 
 		if(file_exists($file))
@@ -35,6 +37,7 @@ class dbJSON
 			}
 			else {
 				$this->db = $array;
+				$this->dbBackup = $array;
 			}
 		}
 		else
@@ -43,6 +46,12 @@ class dbJSON
 		}
 	}
 
+	public function restoreDb()
+	{
+		$this->db = $this->dbBackup;
+		return true;
+	}
+
 	// Returns the amount of database items.
 	public function count()
 	{
@@ -52,17 +61,20 @@ class dbJSON
 	// Save the JSON file.
 	public function save()
 	{
+		$data = '';
+
 		if($this->firstLine) {
 			$data  = "<?php defined('BLUDIT') or die('Bludit CMS.'); ?>".PHP_EOL;
 		}
-		else {
-			$data = '';
-		}
 
+		// Serialize database
 		$data .= $this->serialize($this->db);
 
+		// Backup the new database.
+		$this->dbBackup = $this->db;
+
 		// LOCK_EX flag to prevent anyone else writing to the file at the same time.
-		file_put_contents($this->file, $data, LOCK_EX);
+		return file_put_contents($this->file, $data, LOCK_EX);
 	}
 
 	private function serialize($data)

kernel/boot/admin.php

@@ -39,18 +39,22 @@ if( $layout['slug']==='ajax' )
 else
 {
 	// Boot rules
-	include(PATH_RULES.'70.build_posts.php');
-	include(PATH_RULES.'70.build_pages.php');
+	include(PATH_RULES.'70.posts.php');
+	include(PATH_RULES.'70.pages.php');
 	include(PATH_RULES.'80.plugins.php');
 	include(PATH_RULES.'99.header.php');
 	include(PATH_RULES.'99.paginator.php');
 	include(PATH_RULES.'99.themes.php');
+	include(PATH_RULES.'99.security.php');
 
 	if($Url->notFound() || !$Login->isLogged() || ($Url->slug()==='login') )
 	{
 		$layout['controller']	= 'login';
 		$layout['view']		= 'login';
 		$layout['template']	= 'login.php';
+
+		// Generate the token for the user not logged, when the user is loggued the token will be change.
+		$Security->generateToken();
 	}
 
 	// Plugins before admin area loaded

kernel/boot/rules/70.posts.php

@@ -10,6 +10,23 @@ $posts = array();
 // Functions
 // ============================================================================
 
+function reIndexTagsPosts()
+{
+	global $dbPosts;
+	global $dbTags;
+
+	// Remove unpublished.
+	$dbPosts->removeUnpublished();
+
+	// Regenerate the tags index for posts
+	$dbTags->reindexPosts( $dbPosts->db );
+
+	// Restore de db on dbPost
+	$dbPosts->restoreDb();
+
+	return true;
+}
+
 function buildPost($key)
 {
 	global $dbPosts;
@@ -59,43 +76,54 @@ function buildPost($key)
 		$user = $dbUsers->getDb( $Post->username() );
 
 		$Post->setField('authorFirstName', $user['firstName'], false);
-
 		$Post->setField('authorLastName', $user['lastName'], false);
 	}
 
 	return $Post;
 }
 
-function build_posts_per_page($pageNumber=0, $amount=5, $draftPosts=false)
+function buildPostsForPage($pageNumber=0, $amount=POSTS_PER_PAGE_ADMIN, $removeUnpublished=true, $tagKey=false)
 {
 	global $dbPosts;
+	global $dbTags;
 	global $posts;
 	global $Url;
 
-	$list = $dbPosts->getPage($pageNumber, $amount, $draftPosts);
+	if($tagKey) {
+		// Get the keys list from tags database, this database is optimized for this case.
+		$list = $dbTags->getList($pageNumber, $amount, $tagKey);
+	}
+	else {
+		// Get the keys list from posts database.
+		$list = $dbPosts->getList($pageNumber, $amount, $removeUnpublished);
+	}
 
-	// There are not post for the pageNumber then true Not found page
+	// There are not posts for the page number then set the page notfound
 	if(empty($list) && $pageNumber>0) {
 		$Url->setNotFound(true);
 	}
 
-	foreach($list as $slug=>$db)
+	// Foreach post key, build the post.
+	foreach($list as $postKey=>$values)
 	{
-		$Post = buildPost($slug);
-
+		$Post = buildPost($postKey);
 		if($Post!==false) {
 			array_push($posts, $Post);
 		}
 	}
 }
 
-
-
 // ============================================================================
 // Main
 // ============================================================================
 
-// Filter by post, then build it
+// Execute the scheduler.
+if( $dbPosts->scheduler() ) {
+	// Reindex dbTags.
+	reIndexTagsPosts();
+}
+
+// Build specific post.
 if( ($Url->whereAmI()==='post') && ($Url->notFound()===false) )
 {
 	$Post = buildPost( $Url->slug() );
@@ -116,20 +144,20 @@ if( ($Url->whereAmI()==='post') && ($Url->notFound()===false) )
 	}
 
 }
+// Build posts by specific tag.
 elseif( ($Url->whereAmI()==='tag') && ($Url->notFound()===false) )
 {
-
+	buildPostsForPage($Url->pageNumber(), $Site->postsPerPage(), true, $Url->slug());
 }
-// Build post per page
+// Build posts for homepage or admin area.
 else
 {
+	// Posts for admin area.
 	if($Url->whereAmI()==='admin') {
-		// Build post for admin area with drafts
-		build_posts_per_page($Url->pageNumber(), POSTS_PER_PAGE_ADMIN, true);
+		buildPostsForPage($Url->pageNumber(), POSTS_PER_PAGE_ADMIN, false);
 	}
-	else
-	{
-		// Build post for the site, without the drafts posts
-		build_posts_per_page($Url->pageNumber(), $Site->postsPerPage(), false);
+	// Posts for homepage
+	else {
+		buildPostsForPage($Url->pageNumber(), $Site->postsPerPage(), true);
 	}
-}
+}

kernel/boot/rules/80.plugins.php

@@ -64,14 +64,14 @@ function build_plugins()
 		$Plugin = new $pluginClass;
 
 		// Set Plugin data
-		$languageFilename = PATH_PLUGINS.$Plugin->directoryName().DS.'language'.DS.$Site->locale().'.json';
+		$languageFilename = PATH_PLUGINS.$Plugin->directoryName().DS.'languages'.DS.$Site->locale().'.json';
 		if( Sanitize::pathFile($languageFilename) )
 		{
 			$database = new dbJSON($languageFilename, false);
 		}
 		else
 		{
-			$languageFilename = PATH_PLUGINS.$Plugin->directoryName().DS.'language'.DS.'en_US.json';
+			$languageFilename = PATH_PLUGINS.$Plugin->directoryName().DS.'languages'.DS.'en_US.json';
 			$database = new dbJSON($languageFilename, false);
 		}
 
@@ -83,7 +83,7 @@ function build_plugins()
 		$Language->add($databaseArray);
 
 		// Push Plugin to array all plugins installed and not installed.
-		array_push($plugins['all'], $Plugin);
+		$plugins['all'][$pluginClass] = $Plugin;
 
 		// If the plugin installed
 		if($Plugin->installed())

kernel/boot/rules/99.security.php

@@ -0,0 +1,41 @@
+<?php defined('BLUDIT') or die('Bludit CMS.');
+
+// ============================================================================
+// Variables
+// ============================================================================
+
+// ============================================================================
+// Functions
+// ============================================================================
+
+// ============================================================================
+// Main before POST
+// ============================================================================
+
+// ============================================================================
+// POST Method
+// ============================================================================
+
+if( $_SERVER['REQUEST_METHOD'] == 'POST' )
+{
+	$token = isset($_POST['token']) ? Sanitize::html($_POST['token']) : false;
+
+	if( !$Security->validateToken($token) )
+	{
+		Log::set(__METHOD__.LOG_SEP.'Error occurred when trying validate the token. Token ID: '.$token);
+
+		// Destroy the session.
+		Session::destroy();
+
+		// Redirect to login panel.
+		Redirect::page('admin', 'login');
+	}
+	else
+	{
+		unset($_POST['token']);
+	}
+}
+
+// ============================================================================
+// Main after POST
+// ============================================================================

kernel/boot/site.php

@@ -1,8 +1,8 @@
 <?php defined('BLUDIT') or die('Bludit CMS.');
 
 // Boot rules
-include(PATH_RULES.'70.build_posts.php');
-include(PATH_RULES.'70.build_pages.php');
+include(PATH_RULES.'70.posts.php');
+include(PATH_RULES.'70.pages.php');
 include(PATH_RULES.'80.plugins.php');
 include(PATH_RULES.'99.header.php');
 include(PATH_RULES.'99.paginator.php');
@@ -20,6 +20,9 @@ if( Sanitize::pathFile(PATH_THEMES, $Site->theme().DS.'init.php') ) {
 if( Sanitize::pathFile(PATH_THEMES, $Site->theme().DS.'index.php') ) {
 	include(PATH_THEMES.$Site->theme().DS.'index.php');
 }
+else {
+	$Language->p('Please check your theme configuration');
+}
 
 // Plugins after site loaded
 Theme::plugins('afterSiteLoad');

kernel/dbpages.class.php

@@ -26,11 +26,7 @@ class dbPages extends dbJSON
 		$dataForFile = array(); // This data will be saved in the file
 
 		$key = $this->generateKey($args['slug'], $args['parent']);
-		/*
-		if($key===false) {
-			return false;
-		}
-		*/
+
 		// The user is always the one loggued.
 		$args['username'] = Session::get('username');
 		if( Text::isEmpty($args['username']) ) {
@@ -289,7 +285,7 @@ class dbPages extends dbJSON
 		return $this->db;
 	}
 
-	public function regenerate()
+	public function regenerateCli()
 	{
 		$db = $this->db;
 		$newPaths = array();
@@ -361,73 +357,4 @@ class dbPages extends dbJSON
 
 		return $this->db!=$db;
 	}
-
-/*
-	public function regenerate()
-	{
-		$db = $this->db;
-		$paths = array();
-		$fields = array();
-
-		// Complete $fields with the default values.
-		foreach($this->dbFields as $field=>$options) {
-			if(!$options['inFile']) {
-				$fields[$field] = $options['value'];
-			}
-		}
-
-		// Foreach new page set the unix time stamp.
-		$fields['unixTimeCreated'] = Date::unixTime();
-
-		// Foreach new page set the owner admin.
-		$fields['username'] = 'admin';
-
-		// Foreach new page set the status.
-		if(HANDMADE_PUBLISHED) {
-			$fields['status']='published';
-		}
-
-		// Get the pages from the first level of directories
-		$tmpPaths = glob(PATH_PAGES.'*', GLOB_ONLYDIR);
-		foreach($tmpPaths as $directory)
-		{
-			$key = basename($directory);
-
-			if(file_exists($directory.DS.'index.txt')){
-				// The key is the directory name
-				$paths[$key] = true;
-			}
-
-			// Recovery pages from subdirectories
-			$subPaths = glob($directory.DS.'*', GLOB_ONLYDIR);
-			foreach($subPaths as $subDirectory)
-			{
-				$subKey = basename($subDirectory);
-
-				if(file_exists($subDirectory.DS.'index.txt')) {
-					// The key is composed by the directory/subdirectory
-					$paths[$key.'/'.$subKey] = true;
-				}
-			}
-		}
-
-		// Remove old posts from db
-		foreach( array_diff_key($db, $paths) as $slug=>$data ) {
-			unset($this->db[$slug]);
-		}
-
-		// Insert new posts to db
-		foreach( array_diff_key($paths, $db) as $slug=>$data ) {
-			$this->db[$slug] = $fields;
-		}
-
-		// Save the database.
-		if( $this->save() === false ) {
-			Log::set(__METHOD__.LOG_SEP.'Error occurred when trying to save the database file.');
-			return false;
-		}
-
-		return $this->db!=$db;
-	}
-	*/
-}
+}

kernel/dbposts.class.php

@@ -7,7 +7,7 @@ class dbPosts extends dbJSON
 		'content'=>		array('inFile'=>true,	'value'=>''),
 		'description'=>		array('inFile'=>false,	'value'=>''),
 		'username'=>		array('inFile'=>false,	'value'=>''),
-		'status'=>		array('inFile'=>false,	'value'=>'draft'),
+		'status'=>		array('inFile'=>false,	'value'=>'draft'), // published, draft, scheduled
 		'tags'=>		array('inFile'=>false,	'value'=>''),
 		'allowComments'=>	array('inFile'=>false,	'value'=>false),
 		'date'=>		array('inFile'=>false,	'value'=>'')
@@ -15,7 +15,7 @@ class dbPosts extends dbJSON
 
 	private $numberPosts = array(
 		'total'=>0,
-		'withoutDrafts'=>0
+		'published'=>0
 	);
 
 	function __construct()
@@ -31,7 +31,7 @@ class dbPosts extends dbJSON
 			return $this->numberPosts['total'];
 		}
 
-		return $this->numberPosts['withoutDrafts'];
+		return $this->numberPosts['published'];
 	}
 
 	// Return an array with the post's database, FALSE otherwise.
@@ -91,6 +91,7 @@ class dbPosts extends dbJSON
 	{
 		$dataForDb = array();	// This data will be saved in the database
 		$dataForFile = array(); // This data will be saved in the file
+		$currentDate = Date::current(DB_DATE_FORMAT);
 
 		// Generate the database key.
 		$key = $this->generateKey($args['slug']);
@@ -101,8 +102,20 @@ class dbPosts extends dbJSON
 			return false;
 		}
 
+		// Date
 		if(!Valid::date($args['date'], DB_DATE_FORMAT)) {
-			$args['date'] = Date::current(DB_DATE_FORMAT);
+			$args['date'] = $currentDate;
+		}
+
+		// Schedule post?
+		if( ($args['date']>$currentDate) && ($args['status']=='published') ) {
+			$args['status'] = 'scheduled';
+		}
+
+		// Tags
+		if(Text::isNotEmpty($args['tags'])) {
+			$cleanTags = array_map('trim', explode(',', $args['tags']));
+			$args['tags'] = implode(',', $cleanTags);
 		}
 
 		// Verify arguments with the database fields.
@@ -153,6 +166,10 @@ class dbPosts extends dbJSON
 
 		// Save the database
 		$this->db[$key] = $dataForDb;
+
+		// Sort posts before save.
+		$this->sortByDate();
+
 		if( $this->save() === false ) {
 			Log::set(__METHOD__.LOG_SEP.'Error occurred when trying to save the database file.');
 			return false;
@@ -163,10 +180,6 @@ class dbPosts extends dbJSON
 
 	public function edit($args)
 	{
-		if( !Valid::date($args['date'], DB_DATE_FORMAT) ) {
-			$args['date'] = Date::current(DB_DATE_FORMAT);
-		}
-
 		if( $this->delete($args['key']) ) {
 			return $this->add($args);
 		}
@@ -203,7 +216,144 @@ class dbPosts extends dbJSON
 		return true;
 	}
 
-	public function regenerate()
+	// Returns an array with a list of posts keys, filtered by a page number.
+	public function getList($pageNumber, $postPerPage, $removeUnpublished=true)
+	{
+		$totalPosts = $this->numberPosts['total'];
+
+		// Remove the unpublished posts.
+		if($removeUnpublished) {
+			$this->removeUnpublished();
+			$totalPosts = $this->numberPosts['published'];
+		}
+
+		$init = (int) $postPerPage * $pageNumber;
+		$end  = (int) min( ($init + $postPerPage - 1), $totalPosts - 1 );
+		$outrange = $init<0 ? true : $init>$end;
+
+		if(!$outrange) {
+			return array_slice($this->db, $init, $postPerPage, true);
+		}
+
+		return array();
+	}
+
+	// Delete all posts from an user.
+	public function deletePostsByUser($username)
+	{
+		foreach($this->db as $key=>$value)
+		{
+			if($value['username']==$username) {
+				unset($this->db[$key]);
+			}
+		}
+
+		// Save the database.
+		if( $this->save() === false ) {
+			Log::set(__METHOD__.LOG_SEP.'Error occurred when trying to save the database file.');
+			return false;
+		}
+
+		return true;
+	}
+
+	// Link-up all posts from an user to another user.
+	public function linkPostsToUser($oldUsername, $newUsername)
+	{
+		foreach($this->db as $key=>$value)
+		{
+			if($value['username']==$oldUsername) {
+				$this->db[$key]['username'] = $newUsername;
+			}
+		}
+
+		// Sort posts before save.
+		$this->sortByDate();
+
+		// Save the database.
+		if( $this->save() === false ) {
+			Log::set(__METHOD__.LOG_SEP.'Error occurred when trying to save the database file.');
+			return false;
+		}
+
+		return true;
+	}
+
+	// Remove unpublished posts, status != published.
+	public function removeUnpublished()
+	{
+		foreach($this->db as $key=>$values)
+		{
+			if($values['status']!='published') {
+				unset($this->db[$key]);
+			}
+		}
+
+		$this->numberPosts['published'] = count($this->db);
+
+		return true;
+	}
+
+	// Return TRUE if there are new posts published, FALSE otherwise.
+	public function scheduler()
+	{
+		// Get current date.
+		$currentDate = Date::current(DB_DATE_FORMAT);
+
+		$saveDatabase = false;
+
+		// Check scheduled posts and publish.
+		foreach($this->db as $postKey=>$values)
+		{
+			if($values['status']=='scheduled')
+			{
+				// Publish post.
+				if($values['date']<=$currentDate) {
+					$this->db[$postKey]['status'] = 'published';
+					$saveDatabase = true;
+				}
+			}
+			elseif($values['status']=='published') {
+				break;
+			}
+		}
+
+		// Save the database.
+		if($saveDatabase)
+		{
+			if( $this->save() === false ) {
+				Log::set(__METHOD__.LOG_SEP.'Error occurred when trying to save the database file.');
+				return false;
+			}
+
+			return true;
+		}
+
+		return false;
+	}
+
+	// Sort posts by date.
+	public function sortByDate($HighToLow=true)
+	{
+		if($HighToLow) {
+			uasort($this->db, array($this, 'sortHighToLow'));
+		}
+		else {
+			uasort($this->db, array($this, 'sortLowToHigh'));
+		}
+
+		return true;
+	}
+
+	private function sortLowToHigh($a, $b) {
+		return $a['date']>$b['date'];
+	}
+
+	private function sortHighToLow($a, $b) {
+		return $a['date']<$b['date'];
+	}
+
+	public function regenerateCli()
 	{
 		$db = $this->db;
 		$newPaths = array();
@@ -265,159 +415,4 @@ class dbPosts extends dbJSON
 		return $this->db!=$db;
 	}
 
-/*
-	public function regenerate()
-	{
-		$db = $this->db;
-		$paths = array();
-		$fields = array();
-
-		// Default fields and value
-		foreach($this->dbFields as $field=>$options) {
-			if(!$options['inFile']) {
-				$fields[$field] = $options['value'];
-			}
-		}
-
-		// Unix time stamp
-		$fields['date'] = Date::current(DB_DATE_FORMAT);
-
-		// Username
-		$fields['username'] = 'admin';
-
-		if(HANDMADE_PUBLISHED) {
-			$fields['status']='published';
-		}
-
-		// Recovery pages from the first level of directories
-		$tmpPaths = glob(PATH_POSTS.'*', GLOB_ONLYDIR);
-		foreach($tmpPaths as $directory)
-		{
-			$key = basename($directory);
-
-			if(file_exists($directory.DS.'index.txt')) {
-				// The key is the directory name
-				$paths[$key] = true;
-			}
-		}
-
-		// Remove old posts from db
-		foreach( array_diff_key($db, $paths) as $slug=>$data ) {
-			unset($this->db[$slug]);
-		}
-
-		// Insert new posts to db
-		foreach( array_diff_key($paths, $db) as $slug=>$data ) {
-			$this->db[$slug] = $fields;
-		}
-
-		// Save the database.
-		if( $this->save() === false ) {
-			Log::set(__METHOD__.LOG_SEP.'Error occurred when trying to save the database file.');
-			return false;
-		}
-
-		return $this->db!=$db;
-	}
-*/
-	public function getPage($pageNumber, $postPerPage, $draftPosts=false)
-	{
-		// DEBUG: Ver una mejor manera de eliminar draft post antes de ordenarlos
-		// DEBUG: Se eliminan antes de ordenarlos porque sino los draft cuentan como publicados en el PostPerPage.
-		if(!$draftPosts) {
-			$this->removeUnpublished();
-			$this->numberPosts['withoutDrafts'] = count($this->db);
-		}
-
-		$init = (int) $postPerPage * $pageNumber;
-		$end  = (int) min( ($init + $postPerPage - 1), count($this->db) - 1 );
-		$outrange = $init<0 ? true : $init > $end;
-
-		// Sort posts
-		$tmp = $this->sortByDate();
-
-		if(!$outrange) {
-			return array_slice($tmp, $init, $postPerPage, true);
-		}
-
-		return array();
-	}
-
-	// Delete all posts from an user.
-	public function deletePostsByUser($username)
-	{
-		foreach($this->db as $key=>$value)
-		{
-			if($value['username']==$username) {
-				unset($this->db[$key]);
-			}
-		}
-
-		// Save the database.
-		if( $this->save() === false ) {
-			Log::set(__METHOD__.LOG_SEP.'Error occurred when trying to save the database file.');
-			return false;
-		}
-
-		return true;
-	}
-
-	// Link-up all posts from an user to another user.
-	public function linkPostsToUser($oldUsername, $newUsername)
-	{
-		foreach($this->db as $key=>$value)
-		{
-			if($value['username']==$oldUsername) {
-				$this->db[$key]['username'] = $newUsername;
-			}
-		}
-
-		// Save the database.
-		if( $this->save() === false ) {
-			Log::set(__METHOD__.LOG_SEP.'Error occurred when trying to save the database file.');
-			return false;
-		}
-
-		return true;
-	}
-
-	// Remove the posts not published, status != published and date grater than current date.
-	// DEBUG: Ver una mejor manera de eliminar draft post antes de ordenarlos
-	private function removeUnpublished()
-	{
-		$tmp = array();
-		$currentDate = Date::current(DB_DATE_FORMAT);
-
-		foreach($this->db as $key=>$values)
-		{
-			if( ($values['status']==='published') && ($values['date']<=$currentDate) ) {
-				$tmp[$key]=$values;
-			}
-		}
-
-		$this->db = $tmp;
-	}
-
-	private function sortByDate($low_to_high=false)
-	{
-		// high to low
-		function high_to_low($a, $b) {
-			return $a['date']<$b['date'];
-		}
-
-		// low to high
-		function low_to_high($a, $b) {
-			return $a['date']>$b['date'];
-		}
-
-		$tmp = $this->db;
-
-		if($low_to_high)
-			uasort($tmp, 'low_to_high');
-		else
-			uasort($tmp, 'high_to_low');
-
-		return $tmp;
-	}
-
-}
+}

kernel/dbsite.class.php

@@ -138,7 +138,7 @@ class dbSite extends dbJSON
 	// Returns the relative home link
 	public function homeLink()
 	{
-		return 	HTML_PATH_ROOT;
+		return HTML_PATH_ROOT;
 	}
 
 	// Returns the timezone.

kernel/dbtags.class.php

@@ -18,16 +18,39 @@ class dbTags extends dbJSON
 		parent::__construct(PATH_DATABASES.'tags.php');
 	}
 
+	// Returns an array with a list of posts keys, filtered by a page number and a tag key.
+	public function getList($pageNumber, $postPerPage, $tagKey)
+	{
+		if( !isset($this->db['postsIndex'][$tagKey]) ) {
+			Log::set(__METHOD__.LOG_SEP.'Error occurred when trying get the posts list by the tag key: '.$tagKey);
+			return array();
+		}
+
+		$init = (int) $postPerPage * $pageNumber;
+		$end  = (int) min( ($init + $postPerPage - 1), $this->countPostsByTag($tagKey) - 1 );
+		$outrange = $init<0 ? true : $init > $end;
+
+		if(!$outrange) {
+			$list = $this->db['postsIndex'][$tagKey]['posts'];
+			$tmp = array_flip($list); // Change the posts keys list in the array key.
+			return array_slice($tmp, $init, $postPerPage, true);
+		}
+
+		Log::set(__METHOD__.LOG_SEP.'Error occurred when trying get the list of posts, out of range?. Pagenumber: '.$pageNumber);
+		return array();
+	}
+
 	public function countPostsByTag($tagKey)
 	{
 		if( isset($this->db['postsIndex'][$tagKey]) ) {
 			return count($this->db['postsIndex'][$tagKey]['posts']);
 		}
-		else {
-			return false;
-		}
+
+		return 0;
 	}
 
+	// Regenerate the posts index for each tag.
+	// (array) $db, the $db must be sorted by date and the posts published only.
 	public function reindexPosts($db)
 	{
 		$tagsIndex = array();
@@ -36,16 +59,18 @@ class dbTags extends dbJSON
 		// Foreach post
 		foreach($db as $postKey=>$values)
 		{
-			if( ($values['status']==='published') && ($values['date']<=$currentDate) )
+			$explode = explode(',', $values['tags']);
+
+			// Foreach tag from post
+			foreach($explode as $tagName)
 			{
-				$explode = explode(',', $values['tags']);
+				$tagName = trim($tagName);
+				$tagKey = $tagName;
+				//$tagKey = Text::cleanUrl($tagName);
 
-				// Foreach tag from post
-				foreach($explode as $tagName)
+				// If the tag is not empty.
+				if(Text::isNotEmpty($tagName))
 				{
-					$tagName = trim($tagName);
-					$tagKey = Text::cleanUrl($tagName);
-
 					if( isset($tagsIndex[$tagKey]) ) {
 						array_push($tagsIndex[$tagKey]['posts'], $postKey);
 					}
@@ -58,10 +83,13 @@ class dbTags extends dbJSON
 		}
 
 		$this->db['postsIndex'] = $tagsIndex;
+
 		if( $this->save() === false ) {
 			Log::set(__METHOD__.LOG_SEP.'Error occurred when trying to save the database file.');
 			return false;
 		}
+
+		return true;
 	}
 
 }

kernel/helpers/session.class.php

@@ -1,6 +1,6 @@
 <?php defined('BLUDIT') or die('Bludit CMS.');
 
-class Session {
+	class Session {
 
 	private static $started = false;
 
@@ -10,40 +10,41 @@ class Session {
 		//	return true;
 
 		// DEBUG: Ver un nombre con alguna llave random al momentode instalar.
-    	$session_name = 'Bludit-KEY';
+		$session_name = 'Bludit-KEY';
 
-    	// If TRUE cookie will only be sent over secure connections.
-    	$secure = false;
+		// If TRUE cookie will only be sent over secure connections.
+		$secure = false;
 
-    	// If set to TRUE then PHP will attempt to send the httponly flag when setting the session cookie.
-    	$httponly = true;
+		// If set to TRUE then PHP will attempt to send the httponly flag when setting the session cookie.
+		$httponly = true;
 
-    	// This specifies the lifetime of the cookie in seconds which is sent to the browser.
-    	// The value 0 means until the browser is closed.
-    	$cookieLifetime = 0;
+		// This specifies the lifetime of the cookie in seconds which is sent to the browser.
+		// The value 0 means until the browser is closed.
+		$cookieLifetime = 0;
 
 		// Gets current cookies params.
 		$cookieParams = session_get_cookie_params();
 
-    	session_set_cookie_params($cookieLifetime,
-        	$cookieParams["path"],
-        	$cookieParams["domain"],
-        	$secure,
-        	$httponly
-        );
+		session_set_cookie_params(
+			$cookieLifetime,
+			$cookieParams["path"],
+			$cookieParams["domain"],
+			$secure,
+			$httponly
+		);
 
-	    // Sets the session name to the one set above.
-	    session_name($session_name);
+		// Sets the session name to the one set above.
+		session_name($session_name);
 
-    	// Start session.
-    	self::$started = session_start();
+		// Start session.
+		self::$started = session_start();
 
 		// Regenerated the session, delete the old one. There are problems with AJAX.
 		//session_regenerate_id(true);
 
-    	if(!self::$started) {
-    		Log::set(__METHOD__.LOG_SEP.'Error occurred when trying to start the session.');
-    	}
+		if(!self::$started) {
+			Log::set(__METHOD__.LOG_SEP.'Error occurred when trying to start the session.');
+		}
 	}
 
 	public static function started()
@@ -81,4 +82,4 @@ class Session {
 
 		return false;
 	}
-}
+}

kernel/helpers/text.class.php

@@ -52,29 +52,6 @@ class Text {
 		 return $text;
 	}
 
-/*
-	public static function cleanUrl($string, $separator='-')
-	{
-		// Delete characters
-		$string = str_replace(array("“", "”", "!", "*", "'", """, "(", ")", ";", ":", "@", "&amp", "=", "+", "$", ",", "/", "?", "%", "#", "[", "]", "|"),'',$string);
-		$string = preg_replace('![^\\pL\d]+!u', $separator, $string);
-
-		// Remove spaces
-		$string = str_replace(' ',$separator, $string);
-
-		//remove any additional characters that might appear after translit
-		//$string = preg_replace('![^-\w]+!', '', $string);
-
-		// Replace multiple dashes
-		$string = preg_replace('/-{2,}/', $separator, $string);
-
-		// Make a string lowercase
-		$string = self::lowercase($string);
-
-		return $string;
-	}
-*/
-
 	public static function cleanUrl($string, $separator='-')
 	{
 		if(function_exists('iconv')) {
@@ -171,7 +148,7 @@ class Text {
 
 	public static function imgRel2Abs($string, $base)
 	{
-		return preg_replace('/(?!code).(src)="([^:"]*)(?:")/', "$1=\"$base$2\"", $string);
+		return preg_replace('/(src)="([^:"]*)(?:")/', "$1=\"$base$2\"", $string);
 	}
 
 	public static function pre2htmlentities($string)
@@ -179,7 +156,6 @@ class Text {
 		return preg_replace_callback('/<pre.*?><code(.*?)>(.*?)<\/code><\/pre>/imsu',
 			create_function('$input', 'return "<pre><code $input[1]>".htmlentities($input[2])."</code></pre>";'),
 			$string);
-
 	}
 
-}
+}

kernel/post.class.php

@@ -63,15 +63,13 @@ class Post extends fileContent
 	// Returns TRUE if the post is published, FALSE otherwise.
 	public function published()
 	{
-		$currentDate = Date::current(DB_DATE_FORMAT);
-		return ( ($this->getField('status')==='published') && ($this->getField('date')<=$currentDate) );
+		return ($this->getField('status')==='published');
 	}
 
 	// Returns TRUE if the post is scheduled, FALSE otherwise.
 	public function scheduled()
 	{
-		$currentDate = Date::current(DB_DATE_FORMAT);
-		return ( ($this->getField('status')==='published') && ($this->getField('date')>$currentDate) );
+		return ($this->getField('status')==='scheduled');
 	}
 
 	// Returns TRUE if the post is draft, FALSE otherwise.
@@ -113,9 +111,18 @@ class Post extends fileContent
 		return $date;
 	}
 
-	public function tags()
+	public function tags($returnsArray=false)
 	{
-		return $this->getField('tags');
+		global $Url;
+
+		$tags = $this->getField('tags');
+
+		if($returnsArray) {
+			return explode(',', $tags);
+		}
+		else {
+			return $tags;
+		}
 	}
 
 	public function slug()

kernel/security.class.php

@@ -13,6 +13,42 @@ class Security extends dbJSON
 		parent::__construct(PATH_DATABASES.'security.php');
 	}
 
+	// ====================================================
+	// TOKEN FOR CSRF
+	// ====================================================
+
+	// Generate and save the token in Session.
+	public function generateToken()
+	{
+		$token = Text::randomText(8);
+		$token = sha1($token);
+
+		Session::set('token', $token);
+	}
+
+	// Validate the token.
+	public function validateToken($token)
+	{
+		$sessionToken = Session::get('token');
+
+		return ( !empty($sessionToken) && ($sessionToken===$token) );
+	}
+
+	// Returns the token.
+	public function getToken()
+	{
+		return Session::get('token');
+	}
+
+	public function printToken()
+	{
+		echo Session::get('token');
+	}
+
+	// ====================================================
+	// BRUTE FORCE PROTECTION
+	// ====================================================
+
 	public function isBlocked()
 	{
 		$ip = $this->getUserIp();

kernel/url.class.php

@@ -100,9 +100,15 @@ class Url
 	}
 
 	// Return the filter used
-	public function filters($type)
+	public function filters($type, $trim=true)
 	{
-		return $this->filters[$type];
+		$filter = $this->filters[$type];
+
+		if($trim) {
+			$filter = trim($filter, '/');
+		}
+
+		return $filter;
 	}
 
 	// Return: home, tag, post

languages/en_US.json

@@ -161,5 +161,6 @@
 	"date": "Date",
 	"you-can-schedule-the-post-just-select-the-date-and-time": "You can schedule the post, just select the date and time.",
 	"scheduled": "Scheduled",
-	"publish": "Publish"
+	"publish": "Publish",
+	"please-check-your-theme-configuration": "Please check your theme configuration."
 }

languages/pl_PL.json

@@ -0,0 +1,166 @@
+{
+	"language-data":
+	{
+		"native": "Polish - Polski",
+		"english-name": "Polish",
+		"last-update": "2015-09-04",
+		"author": "tom-asz",
+		"email": "",
+		"website": "tomektutoria.eu"
+	},
+
+	"username": "Użytkownik",
+	"password": "Hasło",
+	"confirm-password": "Potwierdź hasło",
+	"editor": "Edytor",
+	"dashboard": "Pulpit nawigacyjny",
+	"role": "Rola",
+	"post": "Post",
+	"posts": "Posty",
+	"users": "Użytkownicy",
+	"administrator": "Administrator",
+	"add": "Dodaj",
+	"cancel": "Anuluj",
+	"content": "Zawartość",
+	"title": "Tytuł",
+	"no-parent": "Bez rodzica",
+	"edit-page": "Edytuj stronę",
+	"edit-post": "Edytuj post",
+	"add-a-new-user": "Dodaj nowego użytkownika",
+	"parent": "Rodzic",
+	"friendly-url": "Przyjazny URL",
+	"description": "Opis",
+	"posted-by": "Napisane przez",
+	"tags": "Tagi",
+	"position": "Pozycja",
+	"save": "Zapisz",
+	"draft": "Projekt",
+	"delete": "Usuń",
+	"registered": "Zarejestrowany",
+	"Notifications": "Powiadomienia",
+	"profile": "Profil",
+	"email": "Email",
+	"settings": "Ustawienia",
+	"general": "Ogólne",
+	"advanced": "Zaawansowane",
+	"regional": "Regionalne",
+	"about": "O nas",
+	"login": "Zaloguj",
+	"logout": "Wyloguj",
+	"manage": "Zarządzaj",
+	"themes": "Motywy",
+	"prev-page": "Poprzednia strona",
+	"next-page": "Następna strona",
+	"configure-plugin": "Skonfiguruj plugin",
+	"confirm-delete-this-action-cannot-be-undone": "Potwierdź usunięcie, czynność ta nie może być cofnięta.",
+	"site-title": "Nazwa strony",
+	"site-slogan": "Slogan strony",
+	"site-description": "Opis strony",
+	"footer-text": "Tekst w stopce",
+	"posts-per-page": "Posty na stronie:",
+	"site-url": "Adres strony",
+	"writting-settings": "Ustawienie pisania",
+	"url-filters": "Filtr URL",
+	"page": "Strona",
+	"pages": "Strony",
+	"home": "Home",
+	"welcome-back": "Witaj ponownie",
+	"language": "Język",
+	"website": "Strona WWW",
+	"timezone": "Strefa czasowa",
+	"locale": "Ustawienia regionalne",
+	"new-post": "Nowy post",
+	"html-and-markdown-code-supported": "Kod HTML i Markdown obsługiwany",
+	"new-page": "Nowa strona",
+	"manage-posts": "Zarządzaj postami",
+	"published-date": "Data opublikowania",
+	"modified-date": "Data modyfikacji",
+	"empty-title": "Brak tytułu",
+	"plugins": "Wtyczki",
+	"install-plugin": "Zainstaluj wtyczkę",
+	"uninstall-plugin": "Odinstaluj wtyczkę",
+	"new-password": "Nowe hasło",
+	"edit-user": "Edycja użytkownika",
+	"publish-now": "Opublikuj teraz",
+	"first-name": "Imię",
+	"last-name": "Nazwisko",
+	"bludit-version": "Wersja Bludit",
+	"powered-by": "Silnik",
+	"recent-posts": "Najnowsze posty",
+	"manage-pages": "Zarządzaj stronami",
+	"advanced-options": "Zaawansowane opcje",
+	"user-deleted": "Użytkownik usunięty",
+	"page-added-successfully": "Strona dodany pomyślnie",
+	"post-added-successfully": "Post dodany pomyślnie",
+	"the-post-has-been-deleted-successfully": "Post został pomyślnie usunięty",
+	"the-page-has-been-deleted-successfully": "Strona została pomyślnie usunięta",
+	"username-or-password-incorrect": "Nazwa użytkownika lub hasło nieprawidłowe",
+	"database-regenerated": "Baza danych regenerowana",
+	"the-changes-have-been-saved": "Zmiany zostały zapisane",
+	"enable-more-features-at": "Włącz więcej funkcji w",
+	"username-already-exists": "Nazwa użytkownika już istnieje",
+	"username-field-is-empty": "Pole nazwa użytkownika jest puste",
+	"the-password-and-confirmation-password-do-not-match":"Hasło i potwierdzenie hasła nie pasują do siebie",
+	"user-has-been-added-successfully": "Użytkownik został dodany pomyślnie",
+	"you-do-not-have-sufficient-permissions": "Nie masz wystarczających uprawnień dostępu do tej strony, skontaktuj się z administratorem.",
+	"settings-advanced-writting-settings": "Ustawienia->Zaawansowane->Ustawienia pisania",
+	"new-posts-and-pages-synchronized": "Nowe posty i strony zsynchronizowane.",
+	"you-can-choose-the-users-privilege": "Możesz wybrać przywilej użytkownika. Edytor może tylko pisać strony i posty.",
+	"email-will-not-be-publicly-displayed": "E-mail nie będzie wyświetlany publicznie. Zalecany dla odzyskiwania hasła i powiadomień.",
+	"use-this-field-to-name-your-site": "Pole to służy do nazwy witryny, pojawi się na górze każdej stronie.",
+	"use-this-field-to-add-a-catchy-phrase": "Pole to służy do dodawania chwytliwego tytułu na swojej stronie.",
+	"you-can-add-a-site-description-to-provide": "Możesz dodać opis witryny, aby zapewnić krótki życiorys lub opis swojej strony.",
+	"you-can-add-a-small-text-on-the-bottom": "Możesz dodać mały tekst na dole każdej strony. np: prawo autorskie, właściciel, daty, itp",
+	"number-of-posts-to-show-per-page": "Wyświetlana iczba postów na stronie.",
+	"the-url-of-your-site": "Adres URL witryny.",
+	"add-or-edit-description-tags-or": "Dodać lub edytować opis, tagi lub zmodyfikować przyjazne URL.",
+	"select-your-sites-language": "Wybierz język witryny.",
+	"select-a-timezone-for-a-correct": "Wybierz strefę czasową, dla prawidłowego wyświetlania data / czas na swojej stronie.",
+	"you-can-use-this-field-to-define-a-set-of": "Możesz użyć tego pola, aby zdefiniować zestaw parametrów związanych z językiem, kraju i szczególnych preferencji.",
+	"you-can-modify-the-url-which-identifies":"Możesz zmienić adres URL, który identyfikuje stronę lub pisać przy użyciu słów kluczowych w postaci czytelnej dla człowieka. Nie więcej niż 150 znaków.",
+	"this-field-can-help-describe-the-content": "To pole może pomóc opisać zawartość w kilku słowach. Nie więcej niż 150 znaków.",
+	"write-the-tags-separeted-by-comma": "Napisz tagi oddzielając je przecinkami np: tag1, tag2, tag3",
+	"delete-the-user-and-all-its-posts":"Usuń użytkownika i wszystkich jego posty",
+	"delete-the-user-and-associate-its-posts-to-admin-user": "Usuń użytkownika i powiązać jego posty do użytkownika administratora",
+	"read-more": "Więcej",
+	"show-blog": "Zobacz blog",
+	"default-home-page": "Domyślna strona główna",
+	"version": "Wersja",
+	"there-are-no-drafts": "Brak projektów.",
+	"create-a-new-article-for-your-blog":"Utwórz nowy artykuł na swoim blogu.",
+	"create-a-new-page-for-your-website":"Tworzenie nowej strony na swojej stronie internetowej.",
+	"invite-a-friend-to-collaborate-on-your-website":"Zaproś przyjaciół do współpracy na swojej stronie internetowej.",
+	"change-your-language-and-region-settings":"Zmień ustawienia języka i regionu.",
+	"language-and-timezone":"Język i strefa czasowa",
+	"author": "Autor",
+	"start-here": "Zacznij tutaj",
+	"install-theme": "Zainstaluj motyw",
+	"first-post": "Pierwszy post",
+	"congratulations-you-have-successfully-installed-your-bludit": "Gratulacje pomyślnie zainstalowano **Bludit**",
+	"whats-next": "Co dalej",
+	"manage-your-bludit-from-the-admin-panel": "Zarządzaj Bludit z [obszaru administracyjnego](./admin/)",
+	"follow-bludit-on": "Śledź Bludit na",
+	"visit-the-support-forum": "Odwiedź [forum](http://forum.bludit.com) wsparcia",
+	"read-the-documentation-for-more-information": "Przeczytaj [dokumentację](http://docs.bludit.com) po więcej informacji",
+	"share-with-your-friends-and-enjoy": "Podziel się z przyjaciółmi i ciesz się z Bludit",
+	"the-page-has-not-been-found": "Strona nie została odnaleziona.",
+	"error": "Błąd",
+	"bludit-installer": "Bludit Instalator",
+	"welcome-to-the-bludit-installer": "Zapraszamy do instalatora Bludit",
+	"complete-the-form-choose-a-password-for-the-username-admin": "Wpisz hasło dla użytkownika « admin »",
+	"password-visible-field": "Hasło, widoczne pola!",
+	"install": "Instaluj",
+	"choose-your-language": "Wybierz język",
+	"next": "Dalej",
+	"the-password-field-is-empty": "Pole hasło jest puste",
+	"your-email-address-is-invalid":"Twój adres e-mail jest nieprawidłowy.",
+	"proceed-anyway": "Kontynuuj mimo to!",
+	"drafts":"Projekt",
+	"ip-address-has-been-blocked": "Adres IP został zablokowany.",
+	"try-again-in-a-few-minutes": "Spróbuj ponownie za kilka minut.",
+	"date": "Data",
+	"you-can-schedule-the-post-just-select-the-date-and-time": "Możesz zaplanować post, po prostu wybierz datę i czas.",
+	"scheduled": "Zaplanowane",
+	"publish": "Opublikuj",
+	"please-check-your-theme-configuration": "Proszę sprawdzić konfigurację szablonu"
+}

plugins/pages/plugin.php

@@ -34,7 +34,13 @@ class pluginPages extends Plugin {
 		global $Site;
 
 		$html  = '<div class="plugin plugin-pages">';
-		$html .= '<h2>'.$this->getDbField('label').'</h2>';
+
+		// If the label is not empty, print it.
+		$label = $this->getDbField('label');
+		if( !empty($label) ) {
+			$html .= '<h2>'.$label.'</h2>';
+		}
+
 		$html .= '<div class="plugin-content">';
 
 		$parents = $pagesParents[NO_PARENT_CHAR];

plugins/simplemde/languages/en_US.json

@@ -8,5 +8,8 @@
 		"website": "https://github.com/NextStepWebs/simplemde-markdown-editor",
 		"version": "0.1",
 		"releaseDate": "2015-08-27"
-	}
+	},
+	"toolbar": "Toolbar",
+	"tab-size": "Tab size"
+
 }

plugins/simplemde/languages/es_AR.json

@@ -0,0 +1,15 @@
+{
+	"plugin-data":
+	{
+		"name": "SimpleMDE",
+		"description": "Simple, facil y hermoso editor Markdown.",
+		"author": "Bludit",
+		"email": "",
+		"website": "https://github.com/NextStepWebs/simplemde-markdown-editor",
+		"version": "0.1",
+		"releaseDate": "2015-08-27"
+	},
+	"toolbar": "Barra de herramientas",
+	"tab-size": "Tamaño de la tabulación"
+
+}

plugins/simplemde/plugin.php

@@ -9,10 +9,33 @@ class pluginsimpleMDE extends Plugin {
 		'edit-page'
 	);
 
-	public function adminHead()
+	public function init()
+	{
+		$this->dbFields = array(
+			'tabSize'=>'2',
+			'toolbar'=>'"bold", "italic", "heading", "|", "quote", "unordered-list", "|", "link", "image", "code", "horizontal-rule", "|", "preview", "side-by-side", "fullscreen", "guide"'
+		);
+	}
+
+	public function form()
 	{
 		global $Language;
-		global $Site;
+
+		$html  = '<div>';
+		$html .= '<label>'.$Language->get('Toolbar').'</label>';
+		$html .= '<input name="toolbar" id="jstoolbar" type="text" value="'.$this->getDbField('toolbar').'">';
+		$html .= '</div>';
+
+		$html .= '<div>';
+		$html .= '<label>'.$Language->get('Tab size').'</label>';
+		$html .= '<input name="tabSize" id="jstabSize" type="text" value="'.$this->getDbField('tabSize').'">';
+		$html .= '</div>';
+
+		return $html;
+	}
+
+	public function adminHead()
+	{
 		global $layout;
 
 		$html = '';
@@ -20,16 +43,20 @@ class pluginsimpleMDE extends Plugin {
 		// Load CSS and JS only on Controllers in array.
 		if(in_array($layout['controller'], $this->loadWhenController))
 		{
-			$language = $Site->shortLanguage();
+			// Path plugin.
 			$pluginPath = $this->htmlPath();
 
+			// Load CSS
 			$html .= '<link rel="stylesheet" href="'.$pluginPath.'css/simplemde.min.css">';
+
+			// Load Javascript
 			$html .= '<script src="'.$pluginPath.'js/simplemde.min.js"></script>';
 
-			//$html  = '<link rel="stylesheet" href="//maxcdn.bootstrapcdn.com/font-awesome/latest/css/font-awesome.min.css">';
-			//$html .= '<link rel="stylesheet" href="//cdn.jsdelivr.net/simplemde/latest/simplemde.min.css">';
-			//$html .= '<script src="//cdn.jsdelivr.net/simplemde/latest/simplemde.min.js"></script>';
-
+			// Hack for Bludit
+			$html .= '<style>
+					.editor-toolbar::before { margin-bottom: 2px !important }
+					.editor-toolbar::after { margin-top: 2px !important }
+				</style>';
 
 		}
 
@@ -38,8 +65,6 @@ class pluginsimpleMDE extends Plugin {
 
 	public function adminBodyEnd()
 	{
-		global $Language;
-		global $Site;
 		global $layout;
 
 		$html = '';
@@ -47,7 +72,6 @@ class pluginsimpleMDE extends Plugin {
 		// Load CSS and JS only on Controllers in array.
 		if(in_array($layout['controller'], $this->loadWhenController))
 		{
-			$language = $Site->shortLanguage();
 			$pluginPath = $this->htmlPath();
 
 			$html  = '<script>$(document).ready(function() { ';
@@ -58,14 +82,15 @@ class pluginsimpleMDE extends Plugin {
 					toolbarTips: true,
 					toolbarGuideIcon: true,
 					autofocus: false,
-					lineWrapping: false,
+					lineWrapping: true,
 					indentWithTabs: true,
-					tabSize: 4,
-					spellChecker: false
+					tabSize: '.$this->getDbField('tabSize').',
+					spellChecker: false,
+					toolbar: ['.Sanitize::htmlDecode($this->getDbField('toolbar')).']
 				});';
 			$html .= '}); </script>';
 		}
 
 		return $html;
 	}
-}
+}

plugins/tags/plugin.php

@@ -27,12 +27,12 @@ class pluginTags extends Plugin {
 		global $dbTags;
 		global $Url;
 
+		$db = $dbTags->db['postsIndex'];
+		$filter = $Url->filters('tag');
+
 		$html  = '<div class="plugin plugin-tags">';
 		$html .= '<h2>'.$this->getDbField('label').'</h2>';
 		$html .= '<div class="plugin-content">';
-
-		$db = $dbTags->db['postsIndex'];
-
 		$html .= '<ul>';
 
 		foreach($db as $tagKey=>$fields)
@@ -40,7 +40,7 @@ class pluginTags extends Plugin {
 			$count = $dbTags->countPostsByTag($tagKey);
 
 			// Print the parent
-			$html .= '<li><a href="'.HTML_PATH_ROOT.$Url->filters('tag').$tagKey.'">'.$fields['name'].' ('.$count.')</a></li>';
+			$html .= '<li><a href="'.HTML_PATH_ROOT.$filter.'/'.$tagKey.'">'.$fields['name'].' ('.$count.')</a></li>';
 		}
 
 		$html .= '</ul>';

themes/pure/index.php

@@ -24,7 +24,7 @@
 
         <!-- Content -->
         <?php
-            if($Url->whereAmI()=='home')
+            if( ($Url->whereAmI()=='home') || ($Url->whereAmI()=='tag') )
             {
                 include('php/home.php');
             }