Mercurial

comparison .cms/admin.cms/html.php @ 0:78edf6b517a0 draft

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
24.10
author Coffee CMS <info@coffee-cms.ru>
date Fri, 11 Oct 2024 22:40:23 +0000
parents
children
comparison
equal deleted inserted replaced
-1:000000000000 0:78edf6b517a0
1 <?php
2
3 // Время истечения cookie входа
4 $expire_days = 365;
5 $expire = time() + $expire_days * 24 * 60 * 60;
6 // Продлевать если истекают через
7 $expire_less = 180;
8
9 // Продление куки входа
10 if ( is_admin() ) {
11 $sess = $_COOKIE["sess"];
12 $expire = (int) $cms["config"]["logged"][$sess]["expire"];
13 $pre_expire = $expire - $expire_less * 24 * 60 * 60;
14 $now = time();
15 if ( $now > $pre_expire ) {
16 $new_expire = time() + $expire_days * 24 * 60 * 60;
17 if ( PHP_VERSION_ID < 70300 ) {
18 setcookie( "sess", $sess, $new_expire );
19 } else {
20 setcookie( "sess", $sess, array( "SameSite" => "Lax", "expires" => $new_expire ) );
21 }
22 // Так же запомнить в конфиге
23 $cms["config"]["logged"][$sess]["expire"] = $new_expire;
24 cms_save_config();
25 }
26 }
27
28 // Для работы выпадающего списка
29 if ( empty( $cms["config"]["locale"] ) ) {
30 $cms["config"]["locale"] = "en_US.UTF-8";
31 $cms["config"]["lang"] = "en";
32 }
33 if ( ! empty( $_GET["locale"] ) ) {
34 $cms["config"]["locale"] = $_GET["locale"];
35 $cms["config"]["lang"] = substr( $_GET["locale"], 0, 2 );
36 }
37
38 // Login
39 if ( isset( $_POST["login"] ) && isset( $_POST["password"] ) ) {
40
41 // Install process
42 if ( empty( $cms["config"]["admin.mod.php"]["admin_login"] )
43 && empty( $cms["config"]["admin.mod.php"]["admin_password"] )
44 && ( ! empty( $_POST["login"] ) || ! empty( $_POST["password"] ) ) ) {
45 $cms["config"]["admin.mod.php"]["admin_login"] = $_POST["login"];
46 $cms["config"]["admin.mod.php"]["admin_password"] = $_POST["password"];
47 $cms["config"]["admin.mod.php"]["admin_salt"] = cms_uid();
48 $cms["config"]["admin.mod.php"]["admin_url"] = "-admin";
49 $link = "{$cms['url']['scheme']}://{$cms['url']['host']}{$cms['base_path']}{$cms['config']['admin.mod.php']['admin_url']}";
50
51 // Set Locale and Timezone
52 $cms["config"]["locale"] = $_POST["locale"];
53 $cms["config"]["lang"] = substr( $cms["config"]["locale"], 0, 2 );
54 cms_save_config();
55
56 if ( is_email( $cms["config"]["admin.mod.php"]["admin_login"] ) ) {
57 $subject = __( "install_finished" );
58 $body = __( "congrat" ) . "\n\n";
59 $body .= __( "install_finished" ) . "\n\n";
60 $body .= __( "login_info" ) . "\n\n";
61 $body .= __( "login_url" ) . ": {$link}\n\n";
62 $body .= __( "login" ) . ": {$_POST['login']}\n\n";
63 $body .= __( "password" ) . ": {$_POST['password']}";
64 cms_email( array(
65 "type" => "text/plain",
66 "from_email" => "noreply@" . $cms["url"]["host"],
67 "from_name" => $cms["url"]["host"],
68 "to_email" => $_POST["login"],
69 "subject" => $subject,
70 "email_body" => $body,
71 ) );
72 }
73 }
74 // Check login and password
75 if ( $_POST["login"] === $cms["config"]["admin.mod.php"]["admin_login"] &&
76 $_POST["password"] === $cms["config"]["admin.mod.php"]["admin_password"] )
77 {
78
79 $d = date( "Y-m-d H:i:s" );
80 $sess = sha1( $cms["config"]["admin.mod.php"]["admin_login"] . $cms["config"]["admin.mod.php"]["admin_salt"] . $d );
81
82 // Prepend New Session
83 if ( ! isset( $cms["config"]["logged"] ) ) {
84 $cms["config"]["logged"] = array();
85 }
86 $cms["config"]["logged"] = array(
87 $sess => array(
88 "ip" => $_SERVER["REMOTE_ADDR"],
89 "date" => $d,
90 "user_agent" => $_SERVER["HTTP_USER_AGENT"],
91 "expire" => $expire,
92 )
93 ) + $cms["config"]["logged"];
94
95 // Set Locale and Timezone
96 $cms["config"]["locale"] = $_POST["locale"];
97 $cms["config"]["lang"] = substr( $cms["config"]["locale"], 0, 2 );
98
99 if ( cms_save_config() ) {
100
101 if ( PHP_VERSION_ID < 70300 ) {
102 setcookie( "sess", $sess, $expire );
103 } else {
104 setcookie( "sess", $sess, array( "SameSite" => "Lax", "expires" => $expire ) );
105 }
106
107 $cms["status"] = "302";
108 $cms["status_302_location"] = $cms["base_path"] . $cms["config"]["admin.mod.php"]["admin_url"];
109 return;
110
111 } else {
112
113 $error_message = __( "cant_write_config" ) . " .cms/config.php";
114
115 }
116
117 } else {
118
119 $error_message = __( "access_denied" );
120
121 }
122 }
123
124 // Тема
125 if ( isset( $_COOKIE["theme"] ) && in_array( $_COOKIE["theme"], array( 0, 2 ) ) ) {
126 $pref_bg = "#1e1d1d";
127 } else {
128 $pref_bg = "#e9e0dd";
129 }
130 $styles = array( "dark", "light", "dark classic" );
131 if ( isset( $_COOKIE["theme"] ) ) {
132 $html_classes = $styles[ $_COOKIE["theme"] ];
133 } else {
134 $html_classes = "dark";
135 }
136
137 ?>
138 <!doctype html>
139 <html lang="<?php echo $cms["config"]["lang"]; ?>" class="<?php echo $html_classes; ?>">
140 <head>
141 <meta charset="utf-8">
142 <meta name="viewport" content="width=device-width, initial-scale=1.0, interactive-widget=resizes-content">
143 <title><?php echo $cms['url']['host']; ?></title>
144 <link rel="icon" href="<?php echo $cms["base_path"]; ?>img/favicon.svg">
145 <style>
146 html {
147 background-color: <?php echo $pref_bg; ?>;
148 }
149 </style>
150
151
152 <?php
153 echo "<link rel=stylesheet href='{$cms['base_path']}css/admin.css'>";
154
155 echo "<script>\nadmin_styles = " . json_encode( $styles ) . ";\n";
156 if ( is_admin() && ! empty( $cms["config"]["locale"] ) ) {
157 $lang = json_encode( $cms["lang"] ); // Переводы
158 $tr = json_encode( $cms["tr"] ); // Транслитерация
159 $modules = json_encode( $cms["modules"] );
160 if ( is_admin() ) {
161 echo "cms = {};
162 cms.base_path = '{$cms['base_path']}';
163 cms.async_api = true;
164 cms.api = '{$cms['base_path']}{$cms['config']['admin.mod.php']['api_url']}';
165 cms.locale = '{$cms['config']['locale']}';
166 cms.modules = {$modules};
167 cms.lang = {$lang};
168 cms.tr = {$tr};";
169 }
170 }
171 echo "</script>\n";
172 ?>
173
174 <?php do_hook( "admin_header" ); ?>
175
176 </head>
177
178
179 <?php if ( is_admin() ) : ?>
180
181 <body class=logged>
182 <header>
183 <div class=burger>
184 <div class=menu-icon>
185 <span class=line-1></span>
186 <span class=line-2></span>
187 </div>
188 </div>
189
190 <div class=menu>
191 <a href="<?php echo $cms["base_path"]; ?>" data-front target=_blank>
192 <?php echo __( "home_link" ); ?>
193 </a>
194 <div class=clear-cache>
195 <?php echo __( "cache_btn" ); ?>
196 </div>
197 <div class=theme-switcher>
198 <?php echo __( "theme_btn" ); ?>
199 </div>
200 <div data-logout>
201 <?php echo __( "logout_btn" ); ?>
202 </div>
203 </div>
204 </header>
205
206 <aside>
207
208 <?php
209 foreach( $cms["admin_sections"] as $section_name => $section ) {
210 if ( empty( $section["hide"] ) ) {
211 // Не выводим пустые секции
212 if ( ! empty( $cms["admin_sections"][$section_name]["items"] ) ) {
213
214 echo "<section sort={$section["sort"]}>";
215 echo "<div>{$cms['admin_sections'][$section_name]['title']}</div>";
216
217 foreach( $cms["admin_sections"][$section_name]["items"] as $page_name => $page ) {
218 if ( empty( $page["hide"] ) ) {
219 $title = __( $page["title"], $page["module"] );
220 // for highlite
221 if ( ! empty( $page["class"] ) ) {
222 $class = "class='{$page['class']}'";
223 } else {
224 $class = "";
225 }
226 if ( empty( $page["url"] ) ) {
227 echo "<a href=#{$page_name} {$class} sort={$page['sort']}>{$title}</a>";
228 } else {
229 echo "<a href='{$page['url']}' target=_blank {$class} sort={$page['sort']}>{$title}</a>";
230 }
231 }
232 }
233 echo "</section>";
234 }
235 }
236 }
237 ?>
238
239 </aside>
240
241
242 <main>
243
244 <?php
245 $hello = __( "hello" );
246 if ( cms_base_connect() === false ) {
247 $base_ok = "<p>" . __( "hello_set_base" ) . "</p>";
248 } else {
249 $base_ok = "";
250 }
251
252 echo "
253 <section id=start>
254 <div>
255 <div>{$hello}</div>
256 {$base_ok}
257 </div>
258 </section>";
259
260 foreach( $cms["admin_pages"] as $name => $page ) {
261 echo "<section id={$name}>{$page}</section>";
262 }
263
264 ?>
265
266 </main>
267
268 <div class=milk></div>
269
270 <div class=log-info-box>
271 <!-- div for messages -->
272 </div>
273
274 <?php else : ?>
275
276 <body class=login>
277
278 <header>
279 <div class=menu>
280 <div class=theme-switcher>
281 <?php echo __( "theme_btn" ); ?>
282 </div>
283 </div>
284 </header>
285
286
287
288 <div class=aside-main>
289 <div class=center-box>
290 <div class=setup-error>
291 <?php
292 // Если файл существует, то не перезаписывать его,
293 // иначе можно менять языки не заходя в админку
294 // Но проверку оставить, могут быть сменены права позже
295 if ( is_file( $cms["config_file"] ) ) {
296 if ( ! is_writable( $cms["config_file"] ) ) {
297 echo __( "cant_write_config" ) . " {$cms["config_file"]}";
298 }
299 }
300 // config.php not writeable
301 elseif ( cms_save_config() === false ) {
302 echo __( "cant_write_config" ) . " {$cms["config_file"]}";
303 }
304
305 // Error login and password
306 if ( isset( $error_message ) ) {
307 echo __( $error_message );
308 }
309 ?>
310 </div>
311
312 <?php
313 // Scan all locales
314 $options = "";
315 foreach( glob( "lang/*.UTF-8", GLOB_ONLYDIR ) as $locale ) {
316 include( $locale . "/admin.mod.php" );
317 $locale = preg_replace( "/.*\//u", "", $locale );
318
319 // translate
320 $lang = $cms["lang"]["admin.mod.php"][$locale][$locale];
321
322 $options .= "<div class=option value='{$locale}'>{$lang}</div>";
323 }
324 ?>
325 <div class=lang-selector>
326 <div class=lang-select-grid>
327 <div class=field-select data-lang='<?php echo $cms["config"]["locale"]; ?>'>
328 <div class=value>
329 <?php echo $cms["lang"]["admin.mod.php"][$cms["config"]["locale"]][$cms["config"]["locale"]]; ?>
330 </div>
331 <div class=icon></div>
332 </div>
333 <div class=field-options>
334 <?php echo $options; ?>
335 </div>
336 </div>
337 </div>
338 <div class=setup-auth>
339 <?php
340 if ( empty( $cms["config"]["admin.mod.php"]["admin_login"] ) && empty( $cms["config"]["admin.mod.php"]["admin_password"] ) ) {
341 echo __( "set_login_and_password" );
342 }
343 ?>
344 </div>
345
346 <script>
347 <?php
348 $form = "
349 <form class=login-and-password method=post>
350 <div class=login>
351 <input placeholder=\"" . __( "login_or_password" ) . "\" name=login type=text>
352 </div>
353 <div class=password>
354 <input placeholder=\"" . __( "password" ) . "\" name=password type=password>
355 <div class=password-eye></div>
356 <button title=\"" . __( "login_btn" ) . "\"></button>
357 </div>
358 <input type=hidden name=locale value=\"{$cms["config"]["locale"]}\">
359 </form>";
360 $form = base64_encode( $form );
361 ?>
362 let f = decodeURIComponent( escape( window.atob( "<?php echo $form; ?>" ) ) );
363 document.write( f );
364
365 document.querySelectorAll( ".login-and-password .login input" ).forEach( function( login ) {
366 login.focus();
367 } );
368
369 function get_cookie( name ) {
370 let cookies = document.cookie.split( ";" );
371 for ( let line of cookies ) {
372 let cookie = line.split( "=" );
373 if ( name == cookie[ 0 ].trim() ) {
374 return decodeURIComponent( cookie[ 1 ] );
375 }
376 }
377 return "";
378 }
379
380 function set_cookie( name, value ) {
381 document.cookie = encodeURIComponent( name ) + "=" + encodeURIComponent( value ) + ";SameSite=Lax";
382 }
383
384 // Theme switcher
385 document.querySelectorAll( ".theme-switcher" ).forEach( function( el ) {
386 el.addEventListener( "click", function( event ) {
387 event.preventDefault();
388 let n = get_cookie( "theme" ) || 0;
389 let styles2 = admin_styles[n];
390 let styles = styles2.split( " " );
391 styles.forEach( function( style ) {
392 document.documentElement.classList.remove( style );
393 } );
394 n = (+n+1) % admin_styles.length;
395 styles2 = admin_styles[n];
396 styles = styles2.split( " " );
397 styles.forEach( function( style ) {
398 document.documentElement.classList.add( style );
399 } );
400 set_cookie( "theme" , n );
401 } );
402 } );
403
404 // Select language. Select
405 document.querySelectorAll( ".login .field-select" ).forEach( function( select ) {
406 select.addEventListener( "click", function( e ) {
407 e.stopPropagation();
408 select.nextElementSibling.classList.toggle( "open" );
409 select.closest( ".lang-select-grid" ).classList.toggle( "open" );
410 } );
411 } );
412
413 // Select language. Option
414 document.querySelectorAll( ".login .field-options .option" ).forEach( function( select ) {
415 select.addEventListener( "click", function( e ) {
416 let input = this.closest( ".lang-select-grid" ).querySelector( ".field-select" );
417 input.setAttribute( "data-lang", this.getAttribute( "value" ) );
418 input.querySelector( ".value" ).innerText = this.innerText;
419 //e.stopPropagation(); убираем чтобы закрылось автоматически
420 let locale = this.getAttribute( "value" );
421 let search = window.location.search.replace( /&*locale=[^&]+/, "" );
422 if ( search == "" ) {
423 search += "?locale=" + locale;
424 } else if ( search == "?" ) {
425 search += "locale=" + locale;
426 } else {
427 search += "&locale=" + locale;
428 }
429 window.location.search = search;
430 } );
431 } );
432
433 // Клик по молоку
434 document.body.addEventListener( "click", function( e ) {
435 let select = document.querySelector( ".login .lang-select-grid" );
436 select.classList.remove( "open" );
437 select.querySelector( ".field-options" ).classList.remove( "open" );
438 } );
439
440 // Show/Hide password
441 document.querySelectorAll( ".password-eye" ).forEach( function( eye ) {
442 eye.addEventListener( "click", function( e ) {
443 this.classList.toggle( "showed" );
444 let inp = this.previousElementSibling;
445 let t = inp.getAttribute( "type" );
446 if ( t == "password" ) {
447 inp.setAttribute( "type", "text" );
448 } else {
449 inp.setAttribute( "type", "password" );
450 }
451 inp.focus();
452 } );
453 } );
454 </script>
455
456 <div class=flatfree></div>
457 <div class=support-box>
458 <a target=_blank href='<?php echo __( "support_url" ); ?>'><?php echo __( "support" ); ?></a>
459 </div>
460 </div>
461 </div>
462
463
464 <?php endif; ?>
465
466 </body>
467 </html>