Bug fixes

2018-07-28 18:33:37 +02:00 · 2018-07-28 18:33:37 +02:00 · bb481498be
parent 710d7d3c67
commit bb481498be
24 changed files with 171 additions and 73 deletions
--- a/.gitignore
+++ b/.gitignore
@ -8,3 +8,4 @@ bl-plugins/discovery
 bl-kernel/bludit.pro.php
 bl-themes/docs
 bl-themes/docsx
 bl-themes/mediumish
--- a/bl-kernel/admin/controllers/content.php
+++ b/bl-kernel/admin/controllers/content.php
@ -4,7 +4,7 @@
 // Check role
 // ============================================================================
-checkRole(array('admin', 'moderator'));
+checkRole(array('admin', 'editor'));
 // ============================================================================
 // Functions
--- a/bl-kernel/admin/controllers/edit-content.php
+++ b/bl-kernel/admin/controllers/edit-content.php
@ -4,7 +4,7 @@
 // Check role
 // ============================================================================
-if (!checkRole(array('admin','moderator'), false)) {
+if (!checkRole(array('admin','editor'), false)) {
 	try {
 		$pageKey = isset($_POST['key']) ? $_POST['key'] : $layout['parameters'];
 		$page = new PageX($pageKey);
--- a/bl-kernel/admin/controllers/login.php
+++ b/bl-kernel/admin/controllers/login.php
@ -31,6 +31,7 @@ function checkLogin($args)
 			Redirect::home();
 		}
 		// Other user without the role reader redirect to dashboard
 		Redirect::page('dashboard');
 		return true;
 	}
@ -40,7 +41,6 @@ function checkLogin($args)
 	// Create alert
 	Alert::set($Language->g('Username or password incorrect'), ALERT_STATUS_FAIL);
 	return false;
 }
--- a/bl-kernel/admin/controllers/new-content.php
+++ b/bl-kernel/admin/controllers/new-content.php
@ -4,7 +4,7 @@
 // Check role
 // ============================================================================
-checkRole(array('admin', 'moderator', 'editor'));
+checkRole(array('admin', 'editor'));
 // ============================================================================
 // Functions
--- a/bl-kernel/admin/themes/booty/html/sidebar.php
+++ b/bl-kernel/admin/themes/booty/html/sidebar.php
@ -16,6 +16,13 @@
 		<a class="nav-link" href="<?php echo HTML_PATH_ADMIN_ROOT.'new-content' ?>"><span class="oi oi-plus"></span><?php $L->p('New content') ?></a>
 	</li>
 	<?php if (checkRole(array('editor'),false)): ?>
 	<li class="nav-item">
 		<a class="nav-link" href="<?php echo HTML_PATH_ADMIN_ROOT.'content' ?>"><span class="oi oi-layers"></span><?php $L->p('Content') ?></a>
 	</li>
 	<?php endif; ?>
 	<?php if (checkRole(array('admin'),false)): ?>
 	<li class="nav-item mt-3">
@ -24,6 +31,7 @@
 	<li class="nav-item">
 		<a class="nav-link" href="<?php echo HTML_PATH_ADMIN_ROOT.'content' ?>"><?php $L->p('Content') ?></a>
 	</li>
 	<li class="nav-item">
 		<a class="nav-link" href="<?php echo HTML_PATH_ADMIN_ROOT.'categories' ?>"><?php $L->p('Categories') ?></a>
 	</li>
@ -57,7 +65,6 @@
 				}
 			}
 		?>
 	<?php endif; ?>
 	<li class="nav-item mt-5">
--- a/bl-kernel/admin/views/content.php
+++ b/bl-kernel/admin/views/content.php
@ -57,9 +57,9 @@ function table($type) {
 	<table class="table mt-3">
 		<thead>
 			<tr>
-				<th class="border-0" scope="col">'.$Language->g('Title').'</th>
+				<th style="font-size: 0.8em;" class="border-0 text-uppercase text-muted" scope="col">'.$Language->g('Title').'</th>
-				<th class="border-0 d-none d-lg-table-cell" scope="col">'.$Language->g('URL').'</th>
+				<th style="font-size: 0.8em;" class="border-0 d-none d-lg-table-cell text-uppercase text-muted" scope="col">'.$Language->g('URL').'</th>
-				<th class="border-0 text-center d-none d-sm-table-cell" scope="col">'.( ((ORDER_BY=='position') || ($type!='published'))?$Language->g('Position'):$Language->g('Creation date')).'</th>
+				<th style="font-size: 0.8em;" class="border-0 text-center d-none d-sm-table-cell text-uppercase text-muted" scope="col">Actions</th>
 			</tr>
 		</thead>
 		<tbody>
@ -111,16 +111,24 @@ function table($type) {
 			try {
 				$page = new PageX($pageKey);
 				echo '<tr>';
-				echo '<td>
+				echo '<td class="pt-3">
-					<a href="'.HTML_PATH_ADMIN_ROOT.'edit-content/'.$page->key().'">'
+					<div>
-					.($page->title()?$page->title():'<span class="label-empty-title">'.$Language->g('Empty title').'</span> ')
+						<a style="font-size: 1.1em" href="'.HTML_PATH_ADMIN_ROOT.'edit-content/'.$page->key().'">'
-					.'</a>
+						.($page->title()?$page->title():'<span class="label-empty-title">'.$Language->g('Empty title').'</span> ')
 						.'</a>
 					</div>
 					<div>
 						<p style="font-size: 0.8em" class="m-0 text-uppercase text-muted">'.( ((ORDER_BY=='position') || ($type!='published'))?'Position: '.$page->position():$page->relativeTime() ).'</p>
 					</div>
 				</td>';
 				$friendlyURL = Text::isEmpty($url->filters('page')) ? '/'.$page->key() : '/'.$url->filters('page').'/'.$page->key();
-				echo '<td class="d-none d-lg-table-cell"><a target="_blank" href="'.$page->permalink().'">'.$friendlyURL.'</a></td>';
+				echo '<td class="pt-3 d-none d-lg-table-cell"><a target="_blank" href="'.$page->permalink().'">'.$friendlyURL.'</a></td>';
-				echo '<td class="text-center d-none d-sm-table-cell">'.( ((ORDER_BY=='position') || ($type!='published'))?$page->position():$page->dateRaw(ADMIN_PANEL_DATE_FORMAT) ).'</td>';
+				echo '<td class="pt-3 text-center d-none d-sm-table-cell">'.PHP_EOL;
 				echo '<a type="button" class="btn btn-secondary btn-sm" href="'.HTML_PATH_ADMIN_ROOT.'edit-content/'.$page->key().'">Edit</a>'.PHP_EOL;
 				echo '<button type="button" class="btn btn-secondary btn-sm deletePageButton" data-toggle="modal" data-target="#jsdeletePageModal" data-key="'.$page->key().'"><span class="oi oi-trash"></span> Delete</button>'.PHP_EOL;
 				echo '</td>';
 				echo '</tr>';
 			} catch (Exception $e) {
@ -160,6 +168,7 @@ function table($type) {
 	<div class="tab-pane show active" id="pages" role="tabpanel">
 		<?php table('published'); ?>
 		<?php if (Paginator::amountOfPages() > 1): ?>
 		<!-- Paginator -->
 		<nav class="paginator">
 			<ul class="pagination flex-wrap justify-content-center">
@ -186,6 +195,7 @@ function table($type) {
 			</ul>
 		</nav>
 		<?php endif; ?>
 	</div>
 	<!-- TABS STATIC -->
@ -208,3 +218,49 @@ function table($type) {
 	<?php table('draft'); ?>
 	</div>
 </div>
 <!-- Modal for delete page -->
 <?php echo Bootstrap::modal(array(
 	'modalId'=>'jsdeletePageModal',
 	'modalTitle'=>'Delete content',
 	'modalText'=>'Are you sure you ?',
 	'buttonPrimary'=>'Delete',
 	'buttonPrimaryClass'=>'deletePageModalAcceptButton',
 	'buttonSecondary'=>'Cancel',
 	'buttonSecondaryClass'=>''
 ));
 ?>
 <script>
 $(document).ready(function() {
 	var key = false;
 	// Button for delete a page in the table
 	$(".deletePageButton").on("click", function() {
 		key = $(this).data('key');
 	});
 	// Event from button accept from the modal
 	$(".deletePageModalAcceptButton").on("click", function() {
 		var form = jQuery('<form>', {
 			'action': HTML_PATH_ADMIN_ROOT+'edit-content/'+key,
 			'method': 'post',
 			'target': '_top'
 		}).append(jQuery('<input>', {
 			'type': 'hidden',
 			'name': 'tokenCSRF',
 			'value': tokenCSRF
 		}).append(jQuery('<input>', {
 			'type': 'hidden',
 			'name': 'key',
 			'value': key
 		}).append(jQuery('<input>', {
 			'type': 'hidden',
 			'name': 'type',
 			'value': 'delete'
 		}))));
 		form.hide().appendTo("body").submit();
 	});
 });
 </script>
--- a/bl-kernel/admin/views/edit-content.php
+++ b/bl-kernel/admin/views/edit-content.php
@ -138,10 +138,20 @@
 				<button type="button" class="jsbuttonSave btn btn-primary btn-sm"><?php echo ($page->draft()?$L->g('Publish'):$L->g('Update')) ?></button>
 				<button type="button" class="jsbuttonDraft btn btn-secondary btn-sm"><?php echo $L->g('Save as draft') ?></button>
 			</div>
-			<h4 class="mt-4 mb-4 font-weight-normal">Cover Image</h4>
+			<h4 class="mt-4 mb-4 font-weight-normal">General</h4>
 		</div>
 		<?php
 			// Username
 			echo Bootstrap::formInputText(array(
 				'name'=>'',
 				'label'=>'User',
 				'placeholder'=>'',
 				'value'=>$page->username(),
 				'tip'=>'',
 				'disabled'=>true
 			));
 			// Date
 			echo Bootstrap::formInputText(array(
 				'name'=>'date',
--- a/bl-kernel/admin/views/edit-user.php
+++ b/bl-kernel/admin/views/edit-user.php
@ -1,9 +1,19 @@
 <?php defined('BLUDIT') or die('Bludit CMS.');
 echo Bootstrap::pageTitle(array('title'=>$L->g('Edit user'), 'icon'=>'person'));
 echo Bootstrap::formOpen(array());
 	echo '
 	<div>
 	<div class="float-right">
 		<button type="submit" class="btn btn-primary btn-sm" name="save">'.$L->g('Save').'</button>
 		<a class="btn btn-secondary btn-sm" href="'.HTML_PATH_ADMIN_ROOT.'users" role="button">'.$L->g('Cancel').'</a>
 	</div>
 	<h2 class="mt-0 mb-3">
 		<span class="oi oi-person" style="font-size: 0.7em;"></span> Edit user
 	</h2>
 	</div>
 	';
 	echo Bootstrap::formInputHidden(array(
 		'name'=>'tokenCSRF',
 		'value'=>$security->getTokenCSRF()
@ -28,7 +38,7 @@ echo Bootstrap::formOpen(array());
 		echo Bootstrap::formSelect(array(
 			'name'=>'role',
 			'label'=>$L->g('Role'),
-			'options'=>array('reader'=>$L->g('Reader'), 'editor'=>$L->g('Editor'), 'moderator'=>$L->g('Moderator'), 'admin'=>$L->g('Administrator')),
+			'options'=>array('reader'=>$L->g('Reader'), 'editor'=>$L->g('Editor'), 'admin'=>$L->g('Administrator')),
 			'selected'=>$user->role(),
 			'class'=>'',
 			'tip'=>''
@ -46,6 +56,15 @@ echo Bootstrap::formOpen(array());
 	echo Bootstrap::formTitle(array('title'=>$L->g('Profile')));
 	echo Bootstrap::formInputText(array(
 		'name'=>'nickname',
 		'label'=>$L->g('Nickname'),
 		'value'=>$user->nickname(),
 		'class'=>'',
 		'placeholder'=>'',
 		'tip'=>'The nickname is almost used in the themes to display the author of the content'
 	));
 	echo Bootstrap::formInputText(array(
 		'name'=>'firstName',
 		'label'=>$L->g('First Name'),
--- a/bl-kernel/admin/views/new-user.php
+++ b/bl-kernel/admin/views/new-user.php
@ -41,7 +41,7 @@ echo Bootstrap::formOpen(array());
 	echo Bootstrap::formSelect(array(
 		'name'=>'role',
 		'label'=>$L->g('Role'),
-		'options'=>array('reader'=>$L->g('Reader'), 'editor'=>$L->g('Editor'), 'moderator'=>$L->g('Moderator'), 'admin'=>$L->g('Administrator')),
+		'options'=>array('reader'=>$L->g('Reader'), 'editor'=>$L->g('Editor'), 'admin'=>$L->g('Administrator')),
 		'selected'=>'reader',
 		'class'=>'',
 		'tip'=>''
--- a/bl-kernel/admin/views/users.php
+++ b/bl-kernel/admin/views/users.php
@ -36,8 +36,6 @@ foreach ($list as $username) {
 		echo '<td>'.($user->enabled()?'<b>'.$L->g('Enabled').'</b>':$L->g('Disabled')).'</td>';
 		if ($user->role()=='admin') {
 			echo '<td>'.$L->g('Administrator').'</td>';
 		} elseif ($user->role()=='moderator') {
 			echo '<td>'.$L->g('Moderator').'</td>';
 		} elseif ($user->role()=='editor') {
 			echo '<td>'.$L->g('Editor').'</td>';
 		} else {
--- a/bl-kernel/ajax/user-logged.php
+++ b/bl-kernel/ajax/user-logged.php
@ -21,4 +21,4 @@ exit (json_encode(array(
 )));
-?>
+?>
--- a/bl-kernel/boot/rules/99.security.php
+++ b/bl-kernel/boot/rules/99.security.php
@ -16,15 +16,15 @@
 // POST Method
 // ============================================================================
-if( $_SERVER['REQUEST_METHOD'] == 'POST' )
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
 {
 	$token = isset($_POST['tokenCSRF']) ? Sanitize::html($_POST['tokenCSRF']) : false;
-	if( !$security->validateTokenCSRF($token) ) {
+	if (!$security->validateTokenCSRF($token)) {
-		Log::set(__FILE__.LOG_SEP.'Error occurred when trying to validate the tokenCSRF. Token CSRF ID: '.$token);
+		Log::set(__FILE__.LOG_SEP.'Error occurred when trying to validate the tokenCSRF.', ALERT_STATUS_FAIL);
 		Log::set(__FILE__.LOG_SEP.'Token via POST ['.$token.']', ALERT_STATUS_FAIL);
 		Session::destroy();
 		Redirect::page('login');
-	}
+	} else {
 	else {
 		unset( $_POST['tokenCSRF'] );
 	}
 }
--- a/bl-kernel/dbpages.class.php
+++ b/bl-kernel/dbpages.class.php
@ -57,7 +57,9 @@ class dbPages extends dbJSON {
 		// Check values on args and set default values if not exists
 		foreach ($this->dbFields as $field=>$value) {
-			if (isset($args[$field])) {
+			if ($field=='tags') {
 				$finalValue = $this->generateTags($args['tags']);
 			} elseif (isset($args[$field])) {
 				// Sanitize if will be stored on database
 				$finalValue = Sanitize::html($args[$field]);
 			} else {
@ -100,11 +102,6 @@ class dbPages extends dbJSON {
 			$row['uuid'] = $this->generateUUID();
 		}
 		// Tags
 		if (!empty($row['tags'])) {
 			$row['tags'] = $this->generateTags($args['tags']);
 		}
 		// Validate date
 		if (!Valid::date($row['date'], DB_DATE_FORMAT)) {
 			$row['date'] = Date::current(DB_DATE_FORMAT);
@ -150,7 +147,9 @@ class dbPages extends dbJSON {
 		// Check values on args or set default values
 		foreach ($this->dbFields as $field=>$value) {
-			if (isset($args[$field])) {
+			if ($field=='tags') {
 				$finalValue = $this->generateTags($args['tags']);
 			} elseif (isset($args[$field])) {
 				// Sanitize if will be stored on database
 				$finalValue = Sanitize::html($args[$field]);
 			} else {
@ -794,23 +793,17 @@ class dbPages extends dbJSON {
 	public function generateTags($tags)
 	{
 		$tmp = array();
 		$tags = trim($tags);
-
+		if (empty($tags)) {
 		if(empty($tags)) {
 			return $tmp;
 		}
 		// Make array
 		$tags = explode(',', $tags);
-
+		foreach ($tags as $tag) {
 		foreach($tags as $tag)
 		{
 			$tag = trim($tag);
 			$tagKey = Text::cleanUrl($tag);
 			$tmp[$tagKey] = $tag;
 		}
 		return $tmp;
 	}
--- a/bl-kernel/dbusers.class.php
+++ b/bl-kernel/dbusers.class.php
@ -5,7 +5,8 @@ class dbUsers extends dbJSON {
 	public $dbFields = array(
 		'firstName'=>'',
 		'lastName'=>'',
-		'role'=>'editor', // admin, moderator, editor, reader
+		'nickname'=>'',
 		'role'=>'editor', // admin, editor, reader
 		'password'=>'',
 		'salt'=>'!Pink Floyd!Welcome to the machine!',
 		'email'=>'',
--- a/bl-kernel/helpers/log.class.php
+++ b/bl-kernel/helpers/log.class.php
@ -4,8 +4,11 @@ class Log {
 	public static function set($text, $type=LOG_TYPE_INFO)
 	{
-		$messageType = 0;
+		if (!DEBUG_MODE) {
 			return false;
 		}
 		$messageType = 0;
 		if (is_array($text) ) {
 			error_log('------------------------', $messageType);
 			error_log('Array', $messageType);
--- a/bl-kernel/helpers/theme.class.php
+++ b/bl-kernel/helpers/theme.class.php
@ -137,6 +137,11 @@ class Theme {
 		return '<meta name="viewport" content="'.$content.'">'.PHP_EOL;
 	}
 	public static function src($file, $base=DOMAIN_THEME)
 	{
 		return $base.$file;
 	}
 	public static function css($files, $base=DOMAIN_THEME)
 	{
 		if( !is_array($files) ) {
--- a/bl-kernel/js/bludit-ajax.php
+++ b/bl-kernel/js/bludit-ajax.php
@ -20,7 +20,7 @@ class bluditAjax {
 				title: title,
 				content: content
 			},
-			url: "<?php echo HTML_PATH_ADMIN_ROOT ?>ajax/save-as-draft"
+			url: HTML_PATH_ADMIN_ROOT+"ajax/save-as-draft"
 		});
 		ajaxRequest.done(function (response, textStatus, jqXHR) {
@ -52,7 +52,7 @@ class bluditAjax {
 			data: {
 				tokenCSRF: tokenCSRF // token from env variables
 			},
-			url: "<?php echo HTML_PATH_ADMIN_ROOT ?>ajax/user-logged"
+			url: HTML_PATH_ADMIN_ROOT+"ajax/user-logged"
 		});
 		ajaxRequest.done(function (response, textStatus, jqXHR) {
@ -82,7 +82,7 @@ class bluditAjax {
 			parentKey: parentKey,
 			currentKey: currentKey
 		    },
-		    url: "<?php echo HTML_PATH_ADMIN_ROOT.'ajax/generate-slug' ?>"
+		    url: HTML_PATH_ADMIN_ROOT+"ajax/generate-slug"
 		});
 		ajaxRequest.done(function (response, textStatus, jqXHR) {
--- a/bl-kernel/login.class.php
+++ b/bl-kernel/login.class.php
@ -44,7 +44,7 @@ class Login {
 			}
 		}
-		Log::set(__METHOD__.LOG_SEP.'FingerPrint are differents. Current fingerPrint: '.Session::get('fingerPrint').' !== Current fingerPrint: '.$this->fingerPrint());
+		Log::set(__METHOD__.LOG_SEP.'FingerPrint are differents. ['.Session::get('fingerPrint').'] != ['.$this->fingerPrint().']');
 		return false;
 	}
@ -56,7 +56,7 @@ class Login {
 		Session::set('fingerPrint',	$this->fingerPrint());
 		Session::set('sessionTime',	time());
-		Log::set(__METHOD__.LOG_SEP.'User logged, fingerprint: '.$this->fingerPrint());
+		Log::set(__METHOD__.LOG_SEP.'User logged, fingerprint ['.$this->fingerPrint().']');
 	}
 	public function setRememberMe($username)
@ -113,7 +113,7 @@ class Login {
 		$passwordHash = $this->dbUsers->generatePasswordHash($password, $user->salt());
 		if ($passwordHash===$user->password()) {
 			$this->setLogin($username, $user->role());
-			Log::set(__METHOD__.LOG_SEP.'User logged succeeded by username and password - Username: '.$username);
+			Log::set(__METHOD__.LOG_SEP.'User logged succeeded by username and password - Username ['.$username.']');
 			return true;
 		}
--- a/bl-kernel/pagex.class.php
+++ b/bl-kernel/pagex.class.php
@ -205,12 +205,19 @@ class PageX {
 		return false;
 	}
-	// Returns the user object
+	// Returns the user object or passing the method returns the object User method
-	public function user()
+	public function user($method=false)
 	{
 		global $dbUsers;
 		$username = $this->username();
-		return $dbUsers->getUser($username);
+		try {
 			$user = new User($username);
 			if ($method) {
 				return $user->{$method}();
 			}
 			return $user;
 		} catch (Exception $e) {
 			return false;
 		}
 	}
 	public function template()
@ -226,23 +233,22 @@ class PageX {
 	// Returns the tags separated by comma
 	// (boolean) $returnsArray, TRUE to get the tags as an array, FALSE to get the tags separeted by comma
 	// The tags in array format returns array( tagKey => tagName )
 	public function tags($returnsArray=false)
 	{
 		$tags = $this->getValue('tags');
-
+		if ($returnsArray) {
-		if($returnsArray) {
+			if (empty($tags)) {
 			if($tags==false) {
 				return array();
 			}
 			return $tags;
 		}
-		else {
+
-			if($tags==false) {
+		if (empty($tags)) {
-				return false;
+			return '';
 			}
 			// Return string with tags separeted by comma.
 			return implode(', ', $tags);
 		}
 		// Return string with tags separeted by comma.
 		return implode(', ', $tags);
 	}
 	public function json($returnsArray=false)
--- a/bl-kernel/security.class.php
+++ b/bl-kernel/security.class.php
@ -22,7 +22,7 @@ class Security extends dbJSON
 	{
 		$token = sha1( uniqid().time() );
 		Session::set('tokenCSRF', $token);
-		Log::set('New Token CSRF: '.$token);
+		Log::set(__METHOD__.LOG_SEP.'New Token CSRF ['.$token.']');
 	}
 	// Validate the token
--- a/bl-kernel/url.class.php
+++ b/bl-kernel/url.class.php
@ -118,15 +118,13 @@ class Url
 		return $this->uri;
 	}
-	// Return the filter used
+	// Return the filter filter by type
 	public function filters($type, $trim=true)
 	{
 		$filter = $this->filters[$type];
-
+		if ($trim) {
 		if($trim) {
 			$filter = trim($filter, '/');
 		}
 		return $filter;
 	}
--- a/bl-kernel/user.class.php
+++ b/bl-kernel/user.class.php
@ -49,6 +49,11 @@ class User {
 		return $this->getValue('username');
 	}
 	public function nickname()
 	{
 		return $this->getValue('nickname');
 	}
 	public function firstName()
 	{
 		return $this->getValue('firstName');
--- a/index.php
+++ b/index.php
@ -40,7 +40,3 @@ if ($url->whereAmI()==='admin') {
 else {
 	require(PATH_BOOT.'site.php');
 }
 $endLoadTime = microtime(true);
 $time = $endLoadTime - $loadTime;
 var_dump($time);
`@ -21,4 +21,4 @@ exit (json_encode(array(`
	`)));`	`)));`


	`?>`	`?>`