koblog/bl-kernel/boot/admin.php

<?php defined('BLUDIT') or die('Bludit CMS.');

// Start the session
// If the session is not possible to start the admin area is not available
Session::start();
if (Session::started()===false) {
	exit('Bludit CMS. Session initialization failed.');
}

$login = new Login();

$layout = array(
	'controller'=>null,
	'view'=>null,
	'template'=>'index.php',
	'slug'=>null,
	'plugin'=>false,
	'parameters'=>null,
	'title'=>'Bludit'
);

// Get the Controller
$explodeSlug = $url->explodeSlug();
$layout['controller'] = $layout['view'] = $layout['slug'] = empty($explodeSlug[0])?'dashboard':$explodeSlug[0];
unset($explodeSlug[0]);

// Get the Plugins
include(PATH_RULES.'60.plugins.php');
// Check if the user want to access to an admin controller or view from a plugin
if ($layout['controller'] === 'plugin' && !empty($explodeSlug)) {
	// Lowercase plugins class name to search by case-insensitive
	$pluginsLowerCases = array_change_key_case($pluginsInstalled);
	$pluginName = Text::lowercase(array_shift($explodeSlug));
	if (isset($pluginsLowerCases[$pluginName])) {
		$layout['plugin'] = $pluginsLowerCases[$pluginName];
	}
}

// Get the URL parameters
$layout['parameters'] = implode('/', $explodeSlug);

// --- AJAX ---
if ($layout['slug']==='ajax') {
	if ($login->isLogged()) {
		// Rules: Security check CSRF
		include(PATH_RULES.'99.security.php');

		// Load the ajax file
		if (Sanitize::pathFile(PATH_AJAX, $layout['parameters'].'.php')) {
			include(PATH_AJAX.$layout['parameters'].'.php');
		}
	}
	header('HTTP/1.1 401 User not logged.');
	exit(0);
}
// --- ADMIN AREA ---
else
{
	// Boot rules
	include(PATH_RULES.'69.pages.php');
	include(PATH_RULES.'99.header.php');
	include(PATH_RULES.'99.paginator.php');
	include(PATH_RULES.'99.themes.php');
	include(PATH_RULES.'99.security.php');

	// Page not found.
	// User not logged.
	// Slug is login.
	if ($url->notFound() || !$login->isLogged() || ($url->slug()==='login') ) {
		$layout['controller']	= 'login';
		$layout['view']			= 'login';
		$layout['template']		= 'login.php';

		// Generate the tokenCSRF for the user not logged, when the user log-in the token will be change.
		$security->generateTokenCSRF();
	}

	// Define variables
	$ADMIN_CONTROLLER 	= $layout['controller'];
	$ADMIN_VIEW 		= $layout['view'];

	// Load plugins before the admin area will be load.
	Theme::plugins('beforeAdminLoad');

	// Load init.php if the theme has one.
	if (Sanitize::pathFile(PATH_ADMIN_THEMES, $site->adminTheme().DS.'init.php')) {
		include(PATH_ADMIN_THEMES.$site->adminTheme().DS.'init.php');
	}

	// Load controller.
	if (Sanitize::pathFile(PATH_ADMIN_CONTROLLERS, $layout['controller'].'.php')) {
		include(PATH_ADMIN_CONTROLLERS.$layout['controller'].'.php');
	} elseif ($layout['plugin'] && method_exists($layout['plugin'], 'adminController')) {
		$layout['plugin']->adminController();
	}

	// Load view and theme.
	if (Sanitize::pathFile(PATH_ADMIN_THEMES, $site->adminTheme().DS.$layout['template'])) {
		include(PATH_ADMIN_THEMES.$site->adminTheme().DS.$layout['template']);
	}

	// Load plugins after the admin area is loaded.
	Theme::plugins('afterAdminLoad');
}
New features 2015-05-05 03:00:01 +02:00			`<?php defined('BLUDIT') or die('Bludit CMS.');`

Support admin controller and view over plugins 2020-06-15 16:27:12 +02:00			`// Start the session`
			`// If the session is not possible to start the admin area is not available`
Session in admin area, improves in creation content 2018-07-12 20:03:31 +02:00			`Session::start();`
			`if (Session::started()===false) {`
Support admin controller and view over plugins 2020-06-15 16:27:12 +02:00			`exit('Bludit CMS. Session initialization failed.');`
Session in admin area, improves in creation content 2018-07-12 20:03:31 +02:00			`}`

New rule for routing URLs 2018-09-11 23:37:45 +02:00			`$login = new Login();`
Session in admin area and when you create the Login object 2018-07-14 15:17:06 +02:00
New features 2015-05-05 03:00:01 +02:00			`$layout = array(`
			`'controller'=>null,`
			`'view'=>null,`
			`'template'=>'index.php',`
			`'slug'=>null,`
Namespace Plugin Pages 2020-05-22 23:55:22 +02:00			`'plugin'=>false,`
Fix: redeclare getdb 2015-07-07 00:22:03 +02:00			`'parameters'=>null,`
			`'title'=>'Bludit'`
New features 2015-05-05 03:00:01 +02:00			`);`

Namespace Plugin Pages 2020-05-22 23:55:22 +02:00			`// Get the Controller`
Title in database, improves on Page Object, Perfomance improvements, TinyMCE and Bootstrap updated 2018-07-17 19:13:01 +02:00			`$explodeSlug = $url->explodeSlug();`
Cleaning code 2017-09-15 21:26:06 +02:00			`$layout['controller'] = $layout['view'] = $layout['slug'] = empty($explodeSlug[0])?'dashboard':$explodeSlug[0];`
New features 2015-05-05 03:00:01 +02:00			`unset($explodeSlug[0]);`

Support admin controller and view over plugins 2020-06-15 21:05:46 +02:00			`// Get the Plugins`
Autosave function 2018-05-08 00:15:40 +02:00			`include(PATH_RULES.'60.plugins.php');`
Support admin controller and view over plugins 2020-06-15 21:05:46 +02:00			`// Check if the user want to access to an admin controller or view from a plugin`
Namespace Plugin Pages 2020-05-22 23:55:22 +02:00			`if ($layout['controller'] === 'plugin' && !empty($explodeSlug)) {`
Support admin controller and view over plugins 2020-06-15 21:05:46 +02:00			`// Lowercase plugins class name to search by case-insensitive`
			`$pluginsLowerCases = array_change_key_case($pluginsInstalled);`
			`$pluginName = Text::lowercase(array_shift($explodeSlug));`
			`if (isset($pluginsLowerCases[$pluginName])) {`
			`$layout['plugin'] = $pluginsLowerCases[$pluginName];`
			`}`
Namespace Plugin Pages 2020-05-22 23:55:22 +02:00			`}`

			`// Get the URL parameters`
			`$layout['parameters'] = implode('/', $explodeSlug);`
Autosave function 2018-05-08 00:15:40 +02:00
Opengraph, Admin panel responsive, Improves on Security tokens 2015-11-28 15:47:03 +01:00			`// --- AJAX ---`
fixed ajax calls 2017-07-13 22:39:04 +02:00			`if ($layout['slug']==='ajax') {`
Session in admin area and when you create the Login object 2018-07-14 15:17:06 +02:00			`if ($login->isLogged()) {`
Security fixes 2016-09-26 04:30:06 +02:00			`// Rules: Security check CSRF`
			`include(PATH_RULES.'99.security.php');`

fixed ajax calls 2017-07-13 22:39:04 +02:00			`// Load the ajax file`
check user is logged 2018-06-24 13:37:45 +02:00			`if (Sanitize::pathFile(PATH_AJAX, $layout['parameters'].'.php')) {`
Bruteforce protection 2015-08-18 04:02:19 +02:00			`include(PATH_AJAX.$layout['parameters'].'.php');`
			`}`
Installer improves 2015-08-17 04:33:49 +02:00			`}`
check user is logged 2018-06-24 13:37:45 +02:00			`header('HTTP/1.1 401 User not logged.');`
Autosave function 2018-05-08 00:15:40 +02:00			`exit(0);`
New features 2015-05-05 03:00:01 +02:00			`}`
Opengraph, Admin panel responsive, Improves on Security tokens 2015-11-28 15:47:03 +01:00			`// --- ADMIN AREA ---`
New features 2015-05-05 03:00:01 +02:00			`else`
			`{`
			`// Boot rules`
Remove posts 2017-05-16 00:46:20 +02:00			`include(PATH_RULES.'69.pages.php');`
New features 2015-05-05 03:00:01 +02:00			`include(PATH_RULES.'99.header.php');`
Paginator 2015-07-20 05:14:12 +02:00			`include(PATH_RULES.'99.paginator.php');`
Minor changes 2015-08-02 04:47:45 +02:00			`include(PATH_RULES.'99.themes.php');`
Updates 2015-09-08 02:51:48 +02:00			`include(PATH_RULES.'99.security.php');`
New features 2015-05-05 03:00:01 +02:00
Opengraph, Admin panel responsive, Improves on Security tokens 2015-11-28 15:47:03 +01:00			`// Page not found.`
			`// User not logged.`
			`// Slug is login.`
New rule for routing URLs 2018-09-11 23:37:45 +02:00			`if ($url->notFound() \|\| !$login->isLogged() \|\| ($url->slug()==='login') ) {`
New features 2015-05-05 03:00:01 +02:00			`$layout['controller'] = 'login';`
Support admin controller and view over plugins 2020-06-15 16:27:12 +02:00			`$layout['view'] = 'login';`
			`$layout['template'] = 'login.php';`
Updates 2015-09-08 02:51:48 +02:00
Opengraph, Admin panel responsive, Improves on Security tokens 2015-11-28 15:47:03 +01:00			`// Generate the tokenCSRF for the user not logged, when the user log-in the token will be change.`
Title in database, improves on Page Object, Perfomance improvements, TinyMCE and Bootstrap updated 2018-07-17 19:13:01 +02:00			`$security->generateTokenCSRF();`
New features 2015-05-05 03:00:01 +02:00			`}`

removing posts 2017-05-17 18:48:51 +02:00			`// Define variables`
Repair Spaces 2020-05-23 00:04:16 +02:00			`$ADMIN_CONTROLLER = $layout['controller'];`
			`$ADMIN_VIEW = $layout['view'];`
removing posts 2017-05-17 18:48:51 +02:00
Opengraph, Admin panel responsive, Improves on Security tokens 2015-11-28 15:47:03 +01:00			`// Load plugins before the admin area will be load.`
Bug fixes 2015-08-08 02:39:10 +02:00			`Theme::plugins('beforeAdminLoad');`

Opengraph, Admin panel responsive, Improves on Security tokens 2015-11-28 15:47:03 +01:00			`// Load init.php if the theme has one.`
New rule for routing URLs 2018-09-11 23:37:45 +02:00			`if (Sanitize::pathFile(PATH_ADMIN_THEMES, $site->adminTheme().DS.'init.php')) {`
Title in database, improves on Page Object, Perfomance improvements, TinyMCE and Bootstrap updated 2018-07-17 19:13:01 +02:00			`include(PATH_ADMIN_THEMES.$site->adminTheme().DS.'init.php');`
Installer improves 2015-08-17 04:33:49 +02:00			`}`
New features 2015-05-05 03:00:01 +02:00
Opengraph, Admin panel responsive, Improves on Security tokens 2015-11-28 15:47:03 +01:00			`// Load controller.`
New rule for routing URLs 2018-09-11 23:37:45 +02:00			`if (Sanitize::pathFile(PATH_ADMIN_CONTROLLERS, $layout['controller'].'.php')) {`
New features 2015-05-05 03:00:01 +02:00			`include(PATH_ADMIN_CONTROLLERS.$layout['controller'].'.php');`
Support admin controller and view over plugins 2020-06-15 16:27:12 +02:00			`} elseif ($layout['plugin'] && method_exists($layout['plugin'], 'adminController')) {`
Namespace Plugin Pages 2020-05-22 23:55:22 +02:00			`$layout['plugin']->adminController();`
Installer improves 2015-08-17 04:33:49 +02:00			`}`
New features 2015-05-05 03:00:01 +02:00
Opengraph, Admin panel responsive, Improves on Security tokens 2015-11-28 15:47:03 +01:00			`// Load view and theme.`
New rule for routing URLs 2018-09-11 23:37:45 +02:00			`if (Sanitize::pathFile(PATH_ADMIN_THEMES, $site->adminTheme().DS.$layout['template'])) {`
Title in database, improves on Page Object, Perfomance improvements, TinyMCE and Bootstrap updated 2018-07-17 19:13:01 +02:00			`include(PATH_ADMIN_THEMES.$site->adminTheme().DS.$layout['template']);`
Installer improves 2015-08-17 04:33:49 +02:00			`}`
Bug fixes 2015-08-08 02:39:10 +02:00
Opengraph, Admin panel responsive, Improves on Security tokens 2015-11-28 15:47:03 +01:00			`// Load plugins after the admin area is loaded.`
Bug fixes 2015-08-08 02:39:10 +02:00			`Theme::plugins('afterAdminLoad');`
check user is logged 2018-06-24 13:37:45 +02:00			`}`