diff --git a/index-differences-from-2-3-2-to-2-4-0.php b/index-differences-from-2-3-2-to-2-4-0.php index a1e6ab8..6921517 100644 --- a/index-differences-from-2-3-2-to-2-4-0.php +++ b/index-differences-from-2-3-2-to-2-4-0.php @@ -1,130 +1,150 @@ {'config'}->{'dbVersion'})) { - if (file_exists(__DIR__ . '/themes/default/theme.php')) file_put_contents(__DIR__ . '/themes/default/theme.php', wCMS::_getExternalFile('https://raw.githubusercontent.com/robiso/wondercms/master/themes/default/theme.php')); - if (file_exists(__DIR__ . '/themes/default/css/style.css')) file_put_contents(__DIR__ . '/themes/default/css/style.css', wCMS::_getExternalFile('https://raw.githubusercontent.com/robiso/wondercms/master/themes/default/css/style.css')); - if (file_exists('.htaccess')) file_put_contents('.htaccess', wCMS::_getExternalFile('https://raw.githubusercontent.com/robiso/wondercms/master/.htaccess')); - unlink('database.js'); - wCMS::_createDatabase(); - $newdb = wCMS::db(); - $newdb->{'config'}->{'siteTitle'} = $olddb->{'config'}->{'siteTitle'}; - $newdb->{'config'}->{'theme'} = 'default'; - $newdb->{'config'}->{'defaultPage'} = $olddb->{'config'}->{'defaultPage'}; - $newdb->{'config'}->{'login'} = $olddb->{'config'}->{'login'}; - $newdb->{'config'}->{'password'} = $olddb->{'config'}->{'password'}; - $newdb->{'config'}->{'menuItems'} = $olddb->{'config'}->{'menuItems'}; - $newdb->{'pages'} = $olddb->{'pages'}; - $newdb->{'blocks'}->{'subside'}->{'content'} = $olddb->{'config'}->{'subside'}; - $newdb->{'blocks'}->{'footer'}->{'content'} = $olddb->{'config'}->{'copyright'}; - wCMS::save($newdb); - } - if ($olddb->config->dbVersion < '2.1.0') { - $newMenu = new stdClass(); - $newPages = new stdClass(); - $i = 0; - foreach ($olddb->pages as $pageName => $page) { - $slugPage = wCMS::_slugify($pageName); - $newPages->$slugPage = $page; - $newMenu->{$i} = new stdClass; - $newMenu->{$i}->name = $page->title; - $newMenu->{$i}->slug = $slugPage; - $newMenu->{$i}->visibility = "show"; - $i++; + private static $db = false; + private static $listeners = []; + public static $loggedIn = false; + + public static function init() + { + wCMS::createDatabase(); + wCMS::installThemePluginAction(); + wCMS::loadPlugins(); + if (isset($_SESSION['l'], $_SESSION['i']) && $_SESSION['i'] == __DIR__) { + wCMS::$loggedIn = true; + } + wCMS::$currentPage = empty(wCMS::parseUrl()) ? wCMS::get('config', 'defaultPage') : wCMS::parseUrl(); + if (isset(wCMS::get('pages')->{wCMS::$currentPage})) { + wCMS::$currentPageExists = true; + } + if (isset($_GET['page']) && ! wCMS::$loggedIn) { + if (wCMS::$currentPage !== wCMS::slugify($_GET['page'])) { + wCMS::$currentPageExists = false; } - unset($olddb->config->menuItems); - unset($olddb->pages); - $olddb->config->menuItems = $newMenu; - $olddb->pages = $newPages; - $olddb->config->dbVersion = '2.1.0'; - wCMS::save($olddb); - } elseif ($olddb->config->dbVersion < '2.3.0') { - if (file_exists(__DIR__ . '/themes/default/theme.php')) file_put_contents(__DIR__ . '/themes/default/theme.php', wCMS::_getExternalFile('https://raw.githubusercontent.com/robiso/wondercms/master/themes/default/theme.php')); - if (file_exists(__DIR__ . '/themes/default/css/style.css')) file_put_contents(__DIR__ . '/themes/default/css/style.css', wCMS::_getExternalFile('https://raw.githubusercontent.com/robiso/wondercms/master/themes/default/css/style.css')); - $olddb->config->dbVersion = '2.3.0'; - wCMS::save($olddb); - } - } - public static function init() { - wCMS::_loadPlugins(); - wCMS::_createDatabase(); - wCMS::_updateOtherFiles(); - wCMS::_installThemePlugin(); - if (isset($_SESSION['l'], $_SESSION['i']) && $_SESSION['i'] == __DIR__) wCMS::$loggedIn = true; - wCMS::$currentPage = empty(wCMS::parseUrl()) ? wCMS::get('config','defaultPage') : wCMS::parseUrl(); - if (isset(wCMS::get('pages')->{wCMS::$currentPage})) wCMS::$currentPageExists = true; - if (isset($_GET['page']) && ! wCMS::$loggedIn) if (wCMS::$currentPage !== wCMS::_slugify($_GET['page'])) wCMS::$currentPageExists = false; - wCMS::_logoutAction(); wCMS::_loginAction(); wCMS::_saveAction(); wCMS::_changePasswordAction(); wCMS::_deleteAction(); wCMS::_upgradeAction(); wCMS::_notify(); wCMS::_removeFile(); wCMS::_uploadFile(); wCMS::_backUp(); - if ( ! wCMS::$loggedIn && ! wCMS::$currentPageExists) header("HTTP/1.1 404 Not Found"); - if (file_exists(__DIR__ . '/themes/' . wCMS::get('config','theme') . '/functions.php')) require_once __DIR__ . '/themes/' . wCMS::get('config','theme') . '/functions.php'; - require_once __DIR__ . '/themes/' . wCMS::get('config','theme') . '/theme.php'; - } - public static function editable($id, $content, $dataTarget = '') { + } + wCMS::backupAction(); + wCMS::changePasswordAction(); + wCMS::deleteFileThemePluginAction(); + wCMS::deletePageAction(); + wCMS::loginAction(); + wCMS::logoutAction(); + wCMS::notifyAction(); + wCMS::saveAction(); + wCMS::upgradeAction(); + wCMS::uploadFileAction(); + if (! wCMS::$loggedIn && ! wCMS::$currentPageExists) { + header("HTTP/1.1 404 Not Found"); + } + if (file_exists(__DIR__ . '/themes/' . wCMS::get('config', 'theme') . '/functions.php')) { + require_once __DIR__ . '/themes/' . wCMS::get('config', 'theme') . '/functions.php'; + } + require_once __DIR__ . '/themes/' . wCMS::get('config', 'theme') . '/theme.php'; + } + + public static function editable($id, $content, $dataTarget = '') + { return '' . $content . ''; } - public static function page($key) { - $segments = wCMS::$currentPageExists ? wCMS::get('pages', wCMS::$currentPage) : (wCMS::get('config','login') == wCMS::$currentPage ? (object) wCMS::_loginView() : (object) wCMS::_notFoundView()); - $segments->content = isset($segments->content) ? $segments->content: '

Click here to create some content

Once you do that, this page will be eventually visited by search engines.

'; + + public static function page($key) + { + $segments = wCMS::$currentPageExists ? wCMS::get('pages', wCMS::$currentPage) : (wCMS::get('config','login') == wCMS::$currentPage ? (object) wCMS::loginView() : (object) wCMS::notFoundView()); + $segments->content = isset($segments->content) ? $segments->content: '

Click here to create some content

Once you do that, this page will be eventually visited by search engines.

'; $keys = ['title' => $segments->title, 'description' => $segments->description, 'keywords' => $segments->keywords, 'content' => (wCMS::$loggedIn ? wCMS::editable('content', $segments->content, 'pages') : $segments->content)]; $content = isset($keys[$key]) ? $keys[$key] : ''; - return wCMS::_hook('page', $content, $key)[0]; + return wCMS::hook('page', $content, $key)[0]; } - public static function block($key) { + + public static function block($key) + { $blocks = wCMS::get('blocks'); return isset($blocks->{$key}) ? (wCMS::$loggedIn ? wCMS::editable($key, $blocks->{$key}->content, 'blocks') : $blocks->{$key}->content) : ''; } - public static function menu() { + + public static function menu() + { $output = ''; - foreach (wCMS::get('config','menuItems') as $key => $value) { - if ($value->visibility == "hide") continue; + foreach (wCMS::get('config', 'menuItems') as $key => $value) { + if ($value->visibility == "hide") { + continue; + } $output .= 'slug ? ' class="active"' : '') . '>' . $value->name . ''; } - return wCMS::_hook('menu', $output)[0]; + return wCMS::hook('menu', $output)[0]; } - public static function footer() { - $output = wCMS::get('blocks','footer')->content . ( ! wCMS::$loggedIn ? ((wCMS::get('config','login') == 'loginURL') ? ' • Login' : '') : ''); - return wCMS::_hook('footer', $output)[0]; + + public static function footer() + { + $output = wCMS::get('blocks', 'footer')->content . (! wCMS::$loggedIn ? ((wCMS::get('config', 'login') == 'loginURL') ? ' • Login' : '') : ''); + return wCMS::hook('footer', $output)[0]; } - public static function alerts() { - if ( ! isset($_SESSION['alert'])) return; + + private static function alerts() + { + if (! isset($_SESSION['alert'])) { + return; + } $session = $_SESSION['alert']; $output = ''; unset($_SESSION['alert']); - foreach ($session as $key => $value) foreach ($value as $key => $val) $output .= '
'.( ! $val['sticky'] ? '' : '').$val['message'].'
'; + foreach ($session as $key => $value) { + foreach ($value as $key => $val) { + $output .= '
'.(! $val['sticky'] ? '' : '').$val['message'].'
'; + } + } return $output; } - public static function alert($class, $message, $sticky = false) { - if (isset($_SESSION['alert'][$class])) foreach ($_SESSION['alert'][$class] as $k => $v) if ($v['message'] == $message) return; + + private static function alert($class, $message, $sticky = false) + { + if (isset($_SESSION['alert'][$class])) { + foreach ($_SESSION['alert'][$class] as $k => $v) { + if ($v['message'] == $message) { + return; + } + } + } $_SESSION['alert'][$class][] = ['class' => $class, 'message' => $message, 'sticky' => $sticky]; } - public static function redirect($location = '') { - header('Location: '.wCMS::url($location)); die(); + + public static function redirect($location = '') + { + header('Location: '.wCMS::url($location)); + die(); } - public static function asset($location) { - return wCMS::url('themes/' . wCMS::get('config','theme') . '/' . $location); + + public static function asset($location) + { + return wCMS::url('themes/' . wCMS::get('config', 'theme') . '/' . $location); } - public static function url($location = '') { - return 'http' . (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on' ? 's' : '') . '://' . $_SERVER['SERVER_NAME'] . ((($_SERVER['SERVER_PORT'] == '80') || ($_SERVER['SERVER_PORT'] == '443'))? '' : ':' . $_SERVER['SERVER_PORT']) . ((dirname($_SERVER['SCRIPT_NAME']) == '/')? '' : dirname($_SERVER['SCRIPT_NAME'])) . '/' . $location; + + public static function url($location = '') + { + return 'http' . (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on' ? 's' : '') . '://' . $_SERVER['SERVER_NAME'] . ((($_SERVER['SERVER_PORT'] == '80') || ($_SERVER['SERVER_PORT'] == '443')) ? '' : ':' . $_SERVER['SERVER_PORT']) . ((dirname($_SERVER['SCRIPT_NAME']) == '/') ? '' : dirname($_SERVER['SCRIPT_NAME'])) . '/' . $location; } - public static function parseUrl() { - if (isset($_GET['page']) && $_GET['page'] == wCMS::get('config','login')) return htmlspecialchars($_GET['page'], ENT_QUOTES); - return isset($_GET['page']) ? wCMS::_slugify($_GET['page']) : ''; + + public static function parseUrl() + { + if (isset($_GET['page']) && $_GET['page'] == wCMS::get('config', 'login')) { + return htmlspecialchars($_GET['page'], ENT_QUOTES); + } + return isset($_GET['page']) ? wCMS::slugify($_GET['page']) : ''; } - public static function get() { + + public static function get() + { $numArgs = func_num_args(); $args = func_get_args(); - if ( ! wCMS::$db) wCMS::$db = wCMS::db(); + if (! wCMS::$db) { + wCMS::$db = wCMS::db(); + } switch ($numArgs) { case 1: return wCMS::$db->{$args[0]}; break; case 2: return wCMS::$db->{$args[0]}->{$args[1]}; break; @@ -133,7 +153,9 @@ public static function get() { default: return false; break; } } - public static function set() { + + public static function set() + { $numArgs = func_num_args(); $args = func_get_args(); $db = wCMS::db(); @@ -145,80 +167,90 @@ public static function set() { } wCMS::save($db); } - public static function db() { + + public static function db() + { return file_exists(__DIR__ . '/database.js') ? json_decode(file_get_contents(__DIR__ . '/database.js')) : false; } - public static function save($db) { + + public static function save($db) + { file_put_contents(__DIR__ . '/database.js', json_encode($db, JSON_FORCE_OBJECT | JSON_UNESCAPED_UNICODE | JSON_PRETTY_PRINT)); } - public static function addListener($hook, $functionName) { - wCMS::$_listeners[$hook][] = $functionName; + + private static function addListener($hook, $functionName) + { + wCMS::$listeners[$hook][] = $functionName; } - public static function getMenuSettings() { - if ( ! wCMS::$loggedIn) return; - $items = wCMS::get('config','menuItems'); + + private static function getMenuSettings() + { + if (! wCMS::$loggedIn) { + return; + } + $items = wCMS::get('config', 'menuItems'); reset($items); $first = key($items); end($items); $end = key($items); - $output = '

Menu

'; - return wCMS::_hook('getMenuSettings', $output)[0]; + $output .= ''; + return wCMS::hook('getMenuSettings', $output)[0]; } - public static function settings() { - if ( ! wCMS::$loggedIn) return; + + public static function settings() + { + if (! wCMS::$loggedIn) { + return; + } $fileList = array_slice(scandir(__DIR__ . '/files/'), 2); - $fileImagesList = array_slice(scandir(__DIR__ . '/files/images/'), 2); - $fileDocsList = array_slice(scandir(__DIR__ . '/files/docs/'), 2); $themeList = array_slice(scandir(__DIR__ . '/themes/'), 2); $pluginList = array_slice(scandir(__DIR__ . '/plugins/'), 2); - $output ='

Saving...

SettingsLogout
'; + return wCMS::hook('settings', $output)[0]; } - public static function css() { + + private static function css() + { if (wCMS::$loggedIn) { $styles = <<<'EOT' - + EOT; - return wCMS::_hook('css', $styles)[0]; + return wCMS::hook('css', $styles)[0]; } - return wCMS::_hook('css', '')[0]; + return wCMS::hook('css', '')[0]; } - public static function js() { + + private static function js() + { if (wCMS::$loggedIn) { $scripts = <<<'EOT' @@ -226,56 +258,80 @@ public static function js() { EOT; - $scripts .= ''; - return wCMS::_hook('js', $scripts)[0]; + $scripts .= ''; + return wCMS::hook('js', $scripts)[0]; } - return wCMS::_hook('js', '')[0]; + return wCMS::hook('js', '')[0]; } - public static function _loginAction() { - if (wCMS::$currentPage !== wCMS::get('config','login')) return; - if (wCMS::$loggedIn) wCMS::redirect(); - if ($_SERVER['REQUEST_METHOD'] !== 'POST') return; + + private static function loginAction() + { + if (wCMS::$currentPage !== wCMS::get('config', 'login')) { + return; + } + if (wCMS::$loggedIn) { + wCMS::redirect(); + } + if ($_SERVER['REQUEST_METHOD'] !== 'POST') { + return; + } $password = isset($_POST['password']) ? $_POST['password'] : ''; - if (password_verify($password, wCMS::get('config','password'))) { - $_SESSION['l'] = true; $_SESSION['i'] = __DIR__; wCMS::redirect(); + if (password_verify($password, wCMS::get('config', 'password'))) { + $_SESSION['l'] = true; + $_SESSION['i'] = __DIR__; + wCMS::redirect(); } - wCMS::alert('danger', 'Wrong password.'); wCMS::redirect(wCMS::get('config','login')); + wCMS::alert('danger', 'Wrong password.'); + wCMS::redirect(wCMS::get('config', 'login')); } - public static function _logoutAction() { - if (wCMS::$currentPage === 'logout' && $_REQUEST['token'] == wCMS::_generateToken()) { - unset($_SESSION['l'], $_SESSION['i'], $_SESSION['u'], $_SESSION['token']); wCMS::redirect(); + + private static function logoutAction() + { + if (wCMS::$currentPage === 'logout' && hash_equals($_REQUEST['token'], wCMS::generateToken())) { + unset($_SESSION['l'], $_SESSION['i'], $_SESSION['u'], $_SESSION['token']); + wCMS::redirect(); } } - public static function _newMenuItem($content, $menu, $visibility) { + + private static function createMenuItem($content, $menu, $visibility) + { $conf = 'config'; $field = 'menuItems'; $exist = is_numeric($menu); $visibility = (isset($visibility) && $visibility == "show") ? "show" : "hide"; $content = empty($content) ? "empty" : str_replace(array(PHP_EOL, '
'), '', $content); - $slug = wCMS::_slugify($content); + $slug = wCMS::slugify($content); $menuCount = count(get_object_vars(wCMS::get($conf, $field))); - if ( ! $exist) { + if (! $exist) { $db = wCMS::db(); $slug.= ($menu) ? "-" . $menuCount : ""; - foreach($db->config->{$field} as $key=>$value) if ($value->slug == $slug) $slug.= "-extra"; + foreach ($db->config->{$field} as $key=>$value) { + if ($value->slug == $slug) { + $slug.= "-extra"; + } + } $db->config->{$field}->{$menuCount} = new stdClass; - wCMS::save($db); + wCMS::save($db); wCMS::set($conf, $field, $menuCount, 'name', str_replace("-", " ", $content)); wCMS::set($conf, $field, $menuCount, 'slug', $slug); wCMS::set($conf, $field, $menuCount, 'visibility', $visibility); - if ($menu) wCMS::_createPage($slug); + if ($menu) { + wCMS::createPage($slug); + } } else { $oldSlug = wCMS::get($conf, $field, $menu, 'slug'); wCMS::set($conf, $field, $menu, 'name', $content); wCMS::set($conf, $field, $menu, 'slug', $slug); wCMS::set($conf, $field, $menu, 'visibility', $visibility); if ($slug !== $oldSlug) { - wCMS::_createPage($slug); - wCMS::_deleteAction($oldSlug, false); + wCMS::createPage($slug); + wCMS::deletePageAction($oldSlug, false); } } } - public static function _orderMenuItem($content, $menu) { + + private static function orderMenuItem($content, $menu) + { $conf = 'config'; $field = 'menuItems'; $content = (int) trim(htmlentities($content, ENT_QUOTES, 'UTF-8')); @@ -290,234 +346,377 @@ public static function _orderMenuItem($content, $menu) { wCMS::set($conf, $field, $menu, 'slug', $tmp->slug); wCMS::set($conf, $field, $menu, 'visibility', $tmp->visibility); } - public static function _saveAction() { - if ( ! wCMS::$loggedIn) return; - if (isset($_POST['fieldname']) && isset($_POST['content']) && isset($_POST['target']) && isset($_REQUEST['token']) && ($_REQUEST['token'] == wCMS::_generateToken())) { - list($fieldname, $content, $target, $menu, $visibility) = wCMS::_hook('save', $_POST['fieldname'], $_POST['content'], $_POST['target'], $_POST['menu'], $_POST['visibility']); - if ($target === 'menuItem') wCMS::_newMenuItem($content, $menu, $visibility); - if ($target === 'menuItemVsbl') wCMS::set('config', $fieldname, $menu, 'visibility', $visibility); - if ($target === 'menuItemOrder') wCMS::_orderMenuItem($content, $menu); - if ($fieldname === 'defaultPage') if ( ! isset(wCMS::get('pages')->$content)) return; - if ($fieldname === 'login') if (empty($content) || isset(wCMS::get('pages')->$content)) return; - if ($fieldname === 'theme') if ( ! is_dir(__DIR__ . '/themes/' . $content)) return; - if ($target === 'config') wCMS::set('config', $fieldname, $content); - elseif ($target === 'blocks') wCMS::set('blocks', $fieldname, 'content', $content); - elseif ($target === 'pages') { - if ( ! isset(wCMS::get('pages')->{wCMS::$currentPage})) wCMS::_createPage(); + + private static function saveAction() + { + if (! wCMS::$loggedIn) { + return; + } + if (isset($_POST['fieldname']) && isset($_POST['content']) && isset($_POST['target']) && isset($_REQUEST['token']) && hash_equals($_REQUEST['token'], wCMS::generateToken())) { + list($fieldname, $content, $target, $menu, $visibility) = wCMS::hook('save', $_POST['fieldname'], $_POST['content'], $_POST['target'], $_POST['menu'], $_POST['visibility']); + if ($target === 'menuItem') { + wCMS::createMenuItem($content, $menu, $visibility); + } + if ($target === 'menuItemVsbl') { + wCMS::set('config', $fieldname, $menu, 'visibility', $visibility); + } + if ($target === 'menuItemOrder') { + wCMS::orderMenuItem($content, $menu); + } + if ($fieldname === 'defaultPage') { + if (! isset(wCMS::get('pages')->$content)) { + return; + } + } + if ($fieldname === 'login') { + if (empty($content) || isset(wCMS::get('pages')->$content)) { + return; + } + } + if ($fieldname === 'theme') { + if (! is_dir(__DIR__ . '/themes/' . $content)) { + return; + } + } + if ($target === 'config') { + wCMS::set('config', $fieldname, $content); + } elseif ($target === 'blocks') { + wCMS::set('blocks', $fieldname, 'content', $content); + } elseif ($target === 'pages') { + if (! isset(wCMS::get('pages')->{wCMS::$currentPage})) { + wCMS::createPage(); + } wCMS::set('pages', wCMS::$currentPage, $fieldname, $content); } } } - public static function _generateToken() { + + public static function generateToken() + { return (isset($_SESSION["token"])) ? $_SESSION["token"] : $_SESSION["token"] = bin2hex(openssl_random_pseudo_bytes(32)); } - public static function _changePasswordAction() { - if ( ! wCMS::$loggedIn || ! isset($_POST['old_password']) || ! isset($_POST['new_password'])) return; - if ($_SESSION['token'] === $_REQUEST['token'] && ($_REQUEST['token'] == wCMS::_generateToken())) { - if ( ! password_verify($_POST['old_password'], wCMS::get('config','password'))) { - wCMS::alert('danger', 'Wrong password.'); wCMS::redirect(wCMS::$currentPage); + + private static function changePasswordAction() + { + if (! wCMS::$loggedIn || ! isset($_POST['old_password']) || ! isset($_POST['new_password'])) { + return; + } + if ($_SESSION['token'] === $_REQUEST['token'] && hash_equals($_REQUEST['token'], wCMS::generateToken())) { + if (! password_verify($_POST['old_password'], wCMS::get('config', 'password'))) { + wCMS::alert('danger', 'Wrong password.'); + wCMS::redirect(wCMS::$currentPage); } if (strlen($_POST['new_password']) < 4) { - wCMS::alert('danger', 'Password must be longer than 4 characters.'); wCMS::redirect(wCMS::$currentPage); + wCMS::alert('danger', 'Password must be longer than 4 characters.'); + wCMS::redirect(wCMS::$currentPage); } - wCMS::set('config', 'password', password_hash($_POST['new_password'], PASSWORD_DEFAULT)); wCMS::alert('success', 'Password changed.'); wCMS::redirect(wCMS::$currentPage); + wCMS::set('config', 'password', password_hash($_POST['new_password'], PASSWORD_DEFAULT)); + wCMS::alert('success', 'Password changed.'); + wCMS::redirect(wCMS::$currentPage); } } - public static function _deleteAction($needle = false, $menu = true) { - if ( ! $needle) { - if ( ! wCMS::$loggedIn || ! isset($_GET['delete']) || ($_REQUEST['token'] != wCMS::_generateToken())) return; - $needle = $_GET['delete']; + + private static function deletePageAction($needle = false, $menu = true) + { + if (! $needle) { + if (wCMS::$loggedIn && isset($_GET['delete']) && hash_equals($_REQUEST['token'], wCMS::generateToken())) { + $needle = $_GET['delete']; + } + } + $db = wCMS::db(); + if (isset(wCMS::get('pages')->{$needle})) { + unset($db->pages->{$needle}); } - $db=wCMS::db(); - if (isset(wCMS::get('pages')->{$needle})) unset($db->pages->{$needle}); if ($menu) { - $menuItems = json_decode(json_encode(wCMS::get('config','menuItems')), TRUE); - if (false === ($index = array_search($needle, array_column($menuItems, "slug")))) return; + $menuItems = json_decode(json_encode(wCMS::get('config', 'menuItems')), true); + if (false === ($index = array_search($needle, array_column($menuItems, "slug")))) { + return; + } unset($menuItems[$index]); $newMenu=array_values($menuItems); $db->config->menuItems = json_decode(json_encode($newMenu)); } - wCMS::save($db); wCMS::alert('success', 'Page deleted.'); wCMS::redirect(); + wCMS::save($db); + wCMS::alert('success', 'Page deleted.'); + wCMS::redirect(); } - public static function _upgradeAction() { - if ( ! wCMS::$loggedIn || ! isset($_POST['upgrade'])) return; - if ($_REQUEST['token'] == wCMS::_generateToken()) { - $contents = wCMS::_getExternalFile('https://raw.githubusercontent.com/robiso/wondercms/master/index.php'); - if ($contents) file_put_contents(__FILE__, $contents); wCMS::alert('success', 'WonderCMS successfully updated. Wohoo!'); wCMS::redirect(wCMS::$currentPage); + + private static function upgradeAction() + { + if (! wCMS::$loggedIn || ! isset($_POST['upgrade'])) { + return; + } + if (hash_equals($_REQUEST['token'], wCMS::generateToken())) { + $contents = wCMS::getExternalFile('https://raw.githubusercontent.com/robiso/wondercms/master/index.php'); + if ($contents) { + file_put_contents(__FILE__, $contents); + } + wCMS::alert('success', 'WonderCMS successfully updated. Wohoo!'); + wCMS::redirect(wCMS::$currentPage); } } - public static function _notFoundView() { - if (wCMS::$loggedIn) return ['title' => str_replace("-", " ", wCMS::$currentPage), 'description' => '', 'keywords' => '', 'content' => '

Click here to create some content

Once you do that, this page will be eventually visited by search engines.

']; return ['title' => 'Page not found', 'description' => '', 'keywords' => '', 'content' => '

Sorry, page not found. :(

']; + + public static function notFoundView() + { + if (wCMS::$loggedIn) { + return ['title' => str_replace("-", " ", wCMS::$currentPage), 'description' => '', 'keywords' => '', 'content' => '

Click here to create some content

Once you do that, this page will be eventually visited by search engines.

']; + } + return ['title' => 'Page not found', 'description' => '', 'keywords' => '', 'content' => '

Sorry, page not found. :(

']; } - public static function _loginView() { - return ['title' => 'Login', 'description' => '', 'keywords' => '', 'content' => '
']; + + public static function loginView() + { + return ['title' => 'Login', 'description' => '', 'keywords' => '', 'content' => '
']; } - public static function _notify() { - if ( ! wCMS::$loggedIn) return; - if ( ! wCMS::$currentPageExists) wCMS::alert('info', 'This page (' . wCMS::$currentPage . ') doesn\'t exist yet. Click inside the content below to create it.'); - if (wCMS::get('config','login') === 'loginURL') wCMS::alert('warning', 'Change the default admin login URL. (Settings -> Security)', true); - if (password_verify('admin', wCMS::get('config','password'))) wCMS::alert('danger', 'Change the default password. (Settings -> Security)', true); - $repoVersion = wCMS::_getOfficialVersion(); + + private static function notifyAction() + { + if (! wCMS::$loggedIn) { + return; + } + if (! wCMS::$currentPageExists) { + wCMS::alert('info', 'This page (' . wCMS::$currentPage . ') doesn\'t exist. Click inside the content below to create it.'); + } + if (wCMS::get('config', 'login') === 'loginURL') { + wCMS::alert('warning', 'Change the default admin login URL. (Settings -> Security)', true); + } + if (password_verify('admin', wCMS::get('config', 'password'))) { + wCMS::alert('danger', 'Change the default password. (Settings -> Security)', true); + } + $repoVersion = wCMS::getOfficialVersion(); if ($repoVersion != version) { - wCMS::alert('info', 'New WonderCMS update available.

- Backup your website and check what\'s new before updating.

', true); + wCMS::alert('info', 'New WonderCMS update available.

- Backup your website and check what\'s new before updating.

', true); } } - private static function _getOfficialVersion() { - $data = trim(wCMS::_getExternalFile('https://raw.githubusercontent.com/robiso/wondercms/master/version')); + + private static function getOfficialVersion() + { + $data = trim(wCMS::getExternalFile('https://raw.githubusercontent.com/robiso/wondercms/master/version')); return $data; } - public static function _getExternalFile($url) { - $ch = curl_init(); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_URL, $url); - $data = curl_exec($ch); curl_close($ch); return $data; + + public static function getExternalFile($url) + { + $ch = curl_init(); + curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); + curl_setopt($ch, CURLOPT_URL, $url); + $data = curl_exec($ch); + curl_close($ch); + return $data; } - public static function _loadPlugins() { - if ( ! is_dir(__DIR__ . '/plugins')) mkdir(__DIR__ . '/plugins'); - if ( ! is_dir(__DIR__ . '/files/images') || ! is_dir(__DIR__ . '/files/docs') || ! is_dir(__DIR__ . '/files/docs')) { - mkdir(__DIR__ . '/files'); mkdir(__DIR__ . '/files/docs'); mkdir(__DIR__ . '/files/images'); + + private static function loadPlugins() + { + if (! is_dir(__DIR__ . '/plugins')) { + mkdir(__DIR__ . '/plugins'); + } + if (! is_dir(__DIR__ . '/files')) { + mkdir(__DIR__ . '/files'); + } + foreach (glob(__DIR__ . '/plugins/*', GLOB_ONLYDIR) as $dir) { + if (file_exists($dir . '/' . basename($dir) . '.php')) { + include $dir . '/' . basename($dir) . '.php'; + } } - foreach (glob(__DIR__ . '/plugins/*', GLOB_ONLYDIR) as $dir) if (file_exists($dir . '/' . basename($dir) . '.php')) include $dir . '/' . basename($dir) . '.php'; } - public static function _createPage($slug = false) { + + private static function createPage($slug = false) + { $db = wCMS::db(); - $db->pages->{( ! $slug) ? wCMS::$currentPage : $slug} = new stdClass; + $db->pages->{(! $slug) ? wCMS::$currentPage : $slug} = new stdClass; wCMS::save($db); - wCMS::set('pages', ( ! $slug) ? wCMS::_slugify(wCMS::$currentPage) : $slug, 'title', ( ! $slug) ? mb_convert_case(str_replace("-", " ", wCMS::$currentPage), MB_CASE_TITLE) : mb_convert_case(str_replace("-", " ", $slug), MB_CASE_TITLE)); - wCMS::set('pages', ( ! $slug) ? wCMS::_slugify(wCMS::$currentPage) : $slug, 'keywords', 'Keywords, are, good, for, search, engines'); - wCMS::set('pages', ( ! $slug) ? wCMS::_slugify(wCMS::$currentPage) : $slug, 'description', 'A short description is also good.'); - if ( ! $slug) wCMS::_newMenuItem(wCMS::_slugify(wCMS::$currentPage), null, "show"); + wCMS::set('pages', (! $slug) ? wCMS::slugify(wCMS::$currentPage) : $slug, 'title', (! $slug) ? mb_convert_case(str_replace("-", " ", wCMS::$currentPage), MB_CASE_TITLE) : mb_convert_case(str_replace("-", " ", $slug), MB_CASE_TITLE)); + wCMS::set('pages', (! $slug) ? wCMS::slugify(wCMS::$currentPage) : $slug, 'keywords', 'Keywords, are, good, for, search, engines'); + wCMS::set('pages', (! $slug) ? wCMS::slugify(wCMS::$currentPage) : $slug, 'description', 'A short description is also good.'); + if (! $slug) { + wCMS::createMenuItem(wCMS::slugify(wCMS::$currentPage), null, "show"); + } } - public static function _slugify($text) { - $text = preg_replace('~[^\\pL\d]+~u','-', $text); + + public static function slugify($text) + { + $text = preg_replace('~[^\\pL\d]+~u', '-', $text); $text = trim(htmlspecialchars(mb_strtolower($text), ENT_QUOTES), '/'); - $text = trim($text,'-'); + $text = trim($text, '-'); return empty($text) ? "-" : $text; } - public static function _hook() { + + private static function hook() + { $numArgs = func_num_args(); $args = func_get_args(); - if ($numArgs < 2) trigger_error('Insufficient arguments', E_USER_ERROR); + if ($numArgs < 2) { + trigger_error('Insufficient arguments', E_USER_ERROR); + } $hookName = array_shift($args); - if ( ! isset(wCMS::$_listeners[$hookName])) return $args; - foreach (wCMS::$_listeners[$hookName] as $func) $args = $func($args); + if (! isset(wCMS::$listeners[$hookName])) { + return $args; + } + foreach (wCMS::$listeners[$hookName] as $func) { + $args = $func($args); + } return $args; } - public static function _installThemePlugin() { - if ( ! wCMS::$loggedIn && ! isset($_POST['installAddon'])) return; - if ($_REQUEST['token'] == wCMS::_generateToken()) { - $installLocation = $_POST['installLocation']; + + private static function installThemePluginAction() + { + if (! wCMS::$loggedIn && ! isset($_POST['installAddon'])) { + return; + } + if (hash_equals($_REQUEST['token'], wCMS::generateToken())) { + $installLocation = trim(strtolower($_POST['installLocation'])); $addonURL = $_POST['addonURL']; - if ($installLocation == 'themes' || $installLocation == 'plugins' && ! empty($addonURL)) { + $validPaths = array("themes", "plugins"); + if (in_array($installLocation, $validPaths) && ! empty($addonURL)) { $zipFile = __DIR__ . '/files/ZIPFromURL.zip'; $zipResource = fopen($zipFile, "w"); - $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $addonURL); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); curl_setopt($ch, CURLOPT_FILE, $zipResource); curl_exec($ch); curl_close($ch); + $ch = curl_init(); + curl_setopt($ch, CURLOPT_URL, $addonURL); + curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); + curl_setopt($ch, CURLOPT_FILE, $zipResource); + curl_exec($ch); + curl_close($ch); $zip = new ZipArchive; $extractPath = __DIR__ . '/' . $installLocation . '/'; - if ($zip->open($zipFile) != 'true' || (stripos($addonURL,'.zip') != true)) { - wCMS::_recursiveDelete(__DIR__ . '/files/ZIPFromURL.zip'); wCMS::alert('danger', 'Error openning ZIP file.'); wCMS::redirect(); + if ($zip->open($zipFile) != 'true' || (stripos($addonURL, '.zip') != true)) { + wCMS::recursiveDelete(__DIR__ . '/files/ZIPFromURL.zip'); + wCMS::alert('danger', 'Error openning ZIP file.'); + wCMS::redirect(); } $zip->extractTo($extractPath); $zip->close(); - wCMS::_recursiveDelete(__DIR__ . '/files/ZIPFromURL.zip'); wCMS::alert('success', 'Installed successfully.'); wCMS::redirect(); + wCMS::recursiveDelete(__DIR__ . '/files/ZIPFromURL.zip'); + wCMS::alert('success', 'Installed successfully.'); + wCMS::redirect(); + } elseif (empty($addonURL)) { + wCMS::alert('danger', 'Error openning ZIP file.'); } else { - wCMS::alert('danger', 'Choose between theme or plugin and enter link to ZIP file.'); wCMS::redirect(); + wCMS::alert('danger', 'Choose between theme or plugin and enter link to ZIP file.'); + wCMS::redirect(); } } } - public static function _uploadFile() { - if ( ! wCMS::$loggedIn && ! isset($_FILES['uploadFile']) && ! isset($_REQUEST['token'])) return; - if (isset($_REQUEST['token']) && $_REQUEST['token'] == wCMS::_generateToken() && isset($_FILES['uploadFile'])) { + + private static function uploadFileAction() + { + if (! wCMS::$loggedIn && ! isset($_FILES['uploadFile']) && ! isset($_REQUEST['token'])) { + return; + } + if (isset($_REQUEST['token']) && hash_equals($_REQUEST['token'], wCMS::generateToken()) && isset($_FILES['uploadFile'])) { try { - if ( ! isset($_FILES['uploadFile']['error']) || is_array($_FILES['uploadFile']['error'])) { - wCMS::alert('danger', 'Invalid parameters.'); wCMS::redirect(wCMS::$currentPage); + if (! isset($_FILES['uploadFile']['error']) || is_array($_FILES['uploadFile']['error'])) { + wCMS::alert('danger', 'Invalid parameters.'); + wCMS::redirect(wCMS::$currentPage); } switch ($_FILES['uploadFile']['error']) { case UPLOAD_ERR_OK: break; case UPLOAD_ERR_NO_FILE: - wCMS::alert('danger', 'No file selected.'); wCMS::redirect(wCMS::$currentPage); + wCMS::alert('danger', 'No file selected.'); + wCMS::redirect(wCMS::$currentPage); case UPLOAD_ERR_INI_SIZE: case UPLOAD_ERR_FORM_SIZE: - wCMS::alert('danger', 'File too large. Change maximum upload size limit or contact your host.'); wCMS::redirect(wCMS::$currentPage); + wCMS::alert('danger', 'File too large. Change maximum upload size limit or contact your host.'); + wCMS::redirect(wCMS::$currentPage); default: - wCMS::alert('danger', 'Unknown error.'); wCMS::redirect(wCMS::$currentPage); + wCMS::alert('danger', 'Unknown error.'); + wCMS::redirect(wCMS::$currentPage); } $mimeType = ''; if (class_exists('finfo')) { $finfo = new finfo(FILEINFO_MIME_TYPE); $mimeType = $finfo->file($_FILES['uploadFile']['tmp_name']); - } else if (function_exists('mime_content_type')) { + } elseif (function_exists('mime_content_type')) { $mimeType = mime_content_type($_FILES['uploadFile']['tmp_name']); } else { $ext = strtolower(array_pop(explode('.', $_FILES['uploadFile']['name']))); } - if ( ! move_uploaded_file($_FILES['uploadFile']['tmp_name'], sprintf(__DIR__ . '/files/%s', $_FILES['uploadFile']['name']))) { - wCMS::alert('danger', 'Failed to move uploaded file.'); wCMS::redirect(wCMS::$currentPage); + if (! move_uploaded_file($_FILES['uploadFile']['tmp_name'], sprintf(__DIR__ . '/files/%s', $_FILES['uploadFile']['name']))) { + wCMS::alert('danger', 'Failed to move uploaded file.'); + wCMS::redirect(wCMS::$currentPage); } - wCMS::alert('success', 'File uploaded.'); wCMS::redirect(wCMS::$currentPage); + wCMS::alert('success', 'File uploaded.'); + wCMS::redirect(wCMS::$currentPage); } catch (RuntimeException $e) { - wCMS::alert('danger', 'Error: ' . $e->getMessage()); wCMS::redirect(wCMS::$currentPage); + wCMS::alert('danger', 'Error: ' . $e->getMessage()); + wCMS::redirect(wCMS::$currentPage); } } } - public static function _recursiveDelete($file) { + + private static function recursiveDelete($file) + { if (is_dir($file)) { $list = glob($file . '*', GLOB_MARK); - foreach ($list as $dir) wCMS::_recursiveDelete($dir); - rmdir($file); - } elseif (is_file($file)) unlink($file); - } - public static function _removeFile() { - if ( ! wCMS::$loggedIn) return; - if (isset($_REQUEST['deleteFile']) || isset($_REQUEST['deleteTheme']) || isset($_REQUEST['deletePlugin']) && isset($_REQUEST['token']) && $_REQUEST['token'] == wCMS::_generateToken()) { - $fileList = array_slice(scandir(__DIR__ . '/files/'), 2); - foreach ($fileList as $file) { - if (isset($_REQUEST['deleteFile']) && $_REQUEST['deleteFile'] == $file) { - wCMS::_recursiveDelete(__DIR__ . '/files/' . $file); wCMS::alert('success', 'File removed.'); wCMS::redirect(); - } - } - $fileImagesList = array_slice(scandir(__DIR__ . '/files/images/'), 2); - foreach ($fileImagesList as $fileImage) { - if (isset($_REQUEST['deleteFile']) && $_REQUEST['deleteFile'] == $fileImage) { - wCMS::_recursiveDelete(__DIR__ . '/files/images/' . $fileImage); wCMS::alert('success', 'File removed.'); wCMS::redirect(); - } - } - $fileDocsList = array_slice(scandir(__DIR__ . '/files/docs/'), 2); - foreach ($fileDocsList as $fileDoc) { - if (isset($_REQUEST['deleteFile']) && $_REQUEST['deleteFile'] == $fileDoc) { - wCMS::_recursiveDelete(__DIR__ . '/files/docs/' . $fileDoc); wCMS::alert('success', 'File removed.'); wCMS::redirect(); - } + foreach ($list as $dir) { + wCMS::recursiveDelete($dir); } - $themeList = array_slice(scandir(__DIR__ . '/themes'), 2); - foreach ($themeList as $theme) { - if (isset($_REQUEST['deleteTheme']) && wCMS::get('config','theme') == $_REQUEST['deleteTheme']) { - wCMS::alert('danger', 'Cannot remove currently active theme.'); wCMS::redirect(); + rmdir($file); + } elseif (is_file($file)) { + unlink($file); + } + } + + private static function deleteFileThemePluginAction() + { + if (! wCMS::$loggedIn) { + return; + } + if (isset($_REQUEST['deleteFile']) || isset($_REQUEST['deleteTheme']) || isset($_REQUEST['deletePlugin']) && isset($_REQUEST['token'])) { + if (hash_equals($_REQUEST['token'], wCMS::generateToken())) { + $fileList = array_slice(scandir(__DIR__ . '/files/'), 2); + foreach ($fileList as $file) { + if (isset($_REQUEST['deleteFile']) && $_REQUEST['deleteFile'] == $file) { + wCMS::recursiveDelete(__DIR__ . '/files/' . $file); + wCMS::alert('success', 'File deleted.'); + wCMS::redirect(); + } } - elseif (isset($_REQUEST['deleteTheme']) && $_REQUEST['deleteTheme'] == $theme) { - wCMS::_recursiveDelete(__DIR__ . '/themes/' . $theme . '/'); wCMS::alert('success', 'Theme removed.'); wCMS::redirect(); + $themeList = array_slice(scandir(__DIR__ . '/themes'), 2); + foreach ($themeList as $theme) { + if (isset($_REQUEST['deleteTheme']) && wCMS::get('config', 'theme') == $_REQUEST['deleteTheme']) { + wCMS::alert('danger', 'Cannot delete currently active theme.'); + wCMS::redirect(); + } elseif (isset($_REQUEST['deleteTheme']) && $_REQUEST['deleteTheme'] == $theme) { + wCMS::recursiveDelete(__DIR__ . '/themes/' . $theme . '/'); + wCMS::alert('success', 'Theme deleted.'); + wCMS::redirect(); + } } - } - $pluginList = array_slice(scandir(__DIR__ . '/plugins'), 2); - foreach ($pluginList as $plugin) { - if (isset($_REQUEST['deletePlugin']) && $_REQUEST['deletePlugin'] == $plugin) { - wCMS::_recursiveDelete(__DIR__ . '/plugins/' . $plugin . '/'); wCMS::alert('success', 'Plugin removed.'); wCMS::redirect(); + $pluginList = array_slice(scandir(__DIR__ . '/plugins'), 2); + foreach ($pluginList as $plugin) { + if (isset($_REQUEST['deletePlugin']) && $_REQUEST['deletePlugin'] == $plugin) { + wCMS::recursiveDelete(__DIR__ . '/plugins/' . $plugin . '/'); + wCMS::alert('success', 'Plugin deleted.'); + wCMS::redirect(); + } } - } + } } } - public static function _backUp() { - if ( ! wCMS::$loggedIn) return; - $backups = glob(__DIR__ . '/files/backup-*.zip'); - if ( ! empty($backups)) { - $backups = implode(' and ', array_map('basename', $backups)); - wCMS::alert('danger', 'Remove backup files. (Settings -> Files -> Remove files)'); + + private static function backupAction() + { + if (! wCMS::$loggedIn) { + return; + } + $backupList = glob(__DIR__ . '/files/backup-*.zip'); + if (! empty($backupList)) { + wCMS::alert('danger', 'Delete backup files. (Settings -> Files -> Delete files)'); } $backup = 'backup-' . date('Y-m-d-') . substr(md5(microtime()), rand(0, 26), 5) . '.zip'; - if ( ! isset($_POST['backup'])) return; - if ($_POST['token'] == wCMS::_generateToken()) { - if (wCMS::zipBackUp(__DIR__, __DIR__ . '/files/' . $backup) !== false) wCMS::redirect('files/'.$backup); + if (! isset($_POST['backup'])) { + return; + } + if (hash_equals($_POST['token'], wCMS::generateToken())) { + if (wCMS::zipBackup(__DIR__, __DIR__ . '/files/' . $backup) !== false) { + wCMS::redirect('files/'.$backup); + } } } - public static function zipBackUp($source, $destination) { + + private static function zipBackup($source, $destination) + { if (extension_loaded('zip')) { if (file_exists($source)) { $zip = new ZipArchive(); @@ -531,11 +730,11 @@ public static function zipBackUp($source, $destination) { $file = realpath($file); if (is_dir($file)) { $zip->addEmptyDir(str_replace($source . '/', '', $file . '/')); - } else if (is_file($file)) { + } elseif (is_file($file)) { $zip->addFromString(str_replace($source . '/', '', $file), file_get_contents($file)); } } - } else if (is_file($source)) { + } elseif (is_file($source)) { $zip->addFromString(basename($source), file_get_contents($source)); } } @@ -544,8 +743,12 @@ public static function zipBackUp($source, $destination) { } return false; } - public static function _createDatabase() { - if (wCMS::db() !== false) return; + + private static function createDatabase() + { + if (wCMS::db() !== false) { + return; + } wCMS::save([ 'config' => [ 'dbVersion' => '2.3.0',