kiduc
/
bibiuc.com
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 59 Wiki Activity
Browse Source

Fix menu edit author

pull/475/head
Yaya Laressa 4 years ago
parent
6879f09ff8
commit
2ee5404d15
5 changed files with 114 additions and 42 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +16
    -2
      system/admin/admin.php
  2. +5
    -3
      system/admin/views/edit-author.html.php
  3. +13
    -4
      system/admin/views/layout.html.php
  4. +76
    -28
      system/htmly.php
  5. +4
    -5
      system/includes/functions.php

+ 16
- 2
system/admin/admin.php View File

@ -71,7 +71,20 @@ function edit_author($name, $title, $user, $password, $content)
$name = get_author_info($name);
$name = $name[0];
create_user($user, $password, $name->role);
// Jika edit tanpa ganti password
if(empty($password)) {
$file = 'config/users/' . $user . '.ini';
if (!file_exists($file))
{
// Hanya akan dieksekusi ketika tidak melakukan penggantian password namun melakukan penggantian username
file_put_contents($file, "password = " . $name->password . "\n" .
"encryption = password_hash\n" .
"role = " . $name->role . "\n");
}
} else {
// jika melakukan pergantian password
create_user($user, $password, $name->role);
}
$user_title = safe_html($title);
$user_content = '<!--t ' . $user_title . ' t-->' . "\n\n" . $content;
@ -91,9 +104,10 @@ function edit_author($name, $title, $user, $password, $content)
// Jika username lama tidak sama dengan yang baru maka file username lama akan dihapus
if($name->username !== $user) {
// copying all content and file dari username lama ke username baru
copy_folders('content/' . $name->username, 'content/' . $user);
remove_folders('content/' . $name->username);
// Memastikan kalau username sesi sama dengan username lama
// Jika username sesi sama dengan username lama
if($_SESSION[config("site.url")]['user'] === $name->username) {
if (session_status() == PHP_SESSION_NONE) session_start();
$_SESSION[config("site.url")]['user'] = $user;


+ 5
- 3
system/admin/views/edit-author.html.php View File

@ -40,21 +40,23 @@ if(!empty($username)) {
<br>
</div>
</div>
<?php if(!is_admin()): ?>
<div class="row">
<div class="col-sm-6">
<label for="aOldPassword"><?php echo i18n('Old_Password');?> <span class="required">*</span></label>
<label for="aOldPassword"><?php echo i18n('Old_Password');?></label>
<input type="password" class="form-control text <?php if (isset($aOldPassword)) {if (empty($aOldPassword)) {echo 'is-invalid';}} ?>" id="aOldPassword" name="oldpassword" value="<?php if (isset($aOldPassword)) {echo $aOldPassword;} ?>"/>
<br>
</div>
</div>
<?php endif; ?>
<div class="row">
<div class="col-sm-6">
<label for="aPassword"><?php echo i18n('New_Password');?> <span class="required">*</span></label>
<label for="aPassword"><?php echo i18n('New_Password');?></label>
<input type="password" class="form-control text <?php if (isset($aPassword)) {if (empty($aPassword)) {echo 'is-invalid';}} ?>" id="aPassword" name="password" value="<?php if (isset($aPassword)) {echo $aPassword;} ?>"/>
<br>
</div>
<div class="col-sm-6">
<label for="aPassConfirm"><?php echo i18n('Password_confirm');?> <span class="required">*</span></label>
<label for="aPassConfirm"><?php echo i18n('Password_confirm');?></label>
<input type="password" class="form-control text <?php if (isset($aPassConfirm)) {if (empty($aPassConfirm)) {echo 'is-invalid';}} ?>" id="aPassConfirm" name="passconfirm" value="<?php if (isset($aPassConfirm)) {echo $aPassConfirm;} ?>" placeholder="<?php if (isset($aPassConfirm)) {echo $aPassConfirm;} ?>"/>
<br>
</div>


+ 13
- 4
system/admin/views/layout.html.php View File

@ -30,15 +30,19 @@
<li class="nav-item">
<a class="nav-link" data-widget="pushmenu" href="#" role="button"><i class="fa fa-bars"></i></a>
</li>
<li class="nav-item d-none d-sm-inline-block">
<a href="<?php echo site_url(); ?>" class="nav-link"><i class="fa fa-globe"></i> <?php echo config('breadcrumb.home') ?></a>
</li>
</ul>
<!-- SEARCH FORM -->
<form class="form-inline ml-3">
<input type="search" name="search" class="form-control" placeholder="<?php echo i18n('Type_to_search') ?>">
</form>
<!-- Right navbar links -->
<ul class="navbar-nav ml-auto">
<li class="nav-item d-sm-inline-block">
<a href="<?php echo site_url(); ?>" class="nav-link"><i class="fa fa-home"></i> <span class="d-none d-sm-inline-block"><?php echo config('breadcrumb.home') ?></span></a>
</li>
</ul>
</nav>
<!-- /.navbar -->
<!-- Main Sidebar Container -->
@ -95,12 +99,14 @@
</li>
</ul>
</li>
<?php if(is_admin()): ?>
<li class="nav-item has-treeview menu-open">
<a href="#" class="nav-link">
<i class="nav-icon fa fa-users"></i>
<p>
<?php echo i18n('Authors'); ?> <sup class="font-weight-bold text-danger"><?php echo i18n('Beta'); ?></sup>
<?php echo i18n('Authors'); ?>
<i class="right fa fa-angle-left"></i>
<sup class="font-weight-bold text-danger"><?php echo i18n('Beta'); ?></sup>
</p>
</a>
<ul class="nav nav-treeview">
@ -111,6 +117,7 @@
</li>
</ul>
</li>
<?php endif; ?>
<li class="nav-item has-treeview menu-open">
<a href="#" class="nav-link">
<i class="nav-icon fa fa-cogs"></i>
@ -127,11 +134,13 @@
</a>
</li>
<?php endif; ?>
<?php if(is_admin()): ?>
<li class="nav-item">
<a href="<?php echo site_url(); ?>admin/config" class="nav-link">
<p><?php echo i18n('Config'); ?></p>
</a>
</li>
<?php endif; ?>
<li class="nav-item">
<a href="<?php echo site_url(); ?>admin/menu" class="nav-link">
<p><?php echo i18n('Menus'); ?></p>


+ 76
- 28
system/htmly.php View File

@ -137,19 +137,27 @@ post('/login', function () {
$log = session($user, $pass);
if (!empty($log)) {
// Only role as admin is allowed login here
if(is_admin()) {
config('views.root', 'system/admin/views');
config('views.root', 'system/admin/views');
render('login', array(
'title' => 'Login - ' . blog_title(),
'description' => 'Login page on ' . blog_title(),
'canonical' => site_url(),
'error' => '<ul>' . $log . '</ul>',
'type' => 'is_login',
'is_login' => true,
'bodyclass' => 'in-login',
'breadcrumb' => '<a href="' . site_url() . '">' . config('breadcrumb.home') . '</a> &#187; Login'
));
render('login', array(
'title' => 'Login - ' . blog_title(),
'description' => 'Login page on ' . blog_title(),
'canonical' => site_url(),
'error' => '<ul>' . $log . '</ul>',
'type' => 'is_login',
'is_login' => true,
'bodyclass' => 'in-login',
'breadcrumb' => '<a href="' . site_url() . '">' . config('breadcrumb.home') . '</a> &#187; Login'
));
} else {
// If role not as admin is not allowed login here
unset($_SESSION[config("site.url")]);
$url = site_url();
header("Location: $url");
}
}
} else {
$message['error'] = '';
@ -319,7 +327,7 @@ post('/add/author', function () {
$passconfirm = from($_REQUEST, 'passconfirm');
$content = from($_REQUEST, 'content');
if ($proper && !empty($title) && !empty($username) && preg_match('/(?=.{6})^[a-z0-9]+$/', $username) && !username_exists($username) && !empty($password) && !empty($passconfirm) && password_match($password, $passconfirm) && login()) {
if ($proper && !empty($title) && !empty($username) && preg_match('/(?=.{6})^[a-z0-9]+$/', $username) && !username_exists($username) && !empty($password) && !empty($passconfirm) && password_match($password, $passconfirm) && is_admin()) {
add_author($title, $username, $password, $content);
} else {
$message['error'] = '';
@ -414,8 +422,60 @@ post('/author/:name/edit', function ($name) {
$passconfirm = from($_REQUEST, 'passconfirm');
$content = from($_REQUEST, 'content');
if ($proper && !empty($title) && !empty($username) && preg_match('/(?=.{6})^[a-z0-9]+$/', $username) && !username_exists($username, $name) && !empty($password) && !empty($passconfirm) && password_match($password, $passconfirm) && valid_password($name, $oldpassword) && login()) {
edit_author($name, $title, $username, $password, $content);
if ($proper && !empty($title) && !empty($username) && preg_match('/(?=.{6})^[a-z0-9]+$/', $username) && !username_exists($username, $name) && is_admin()) {
if(empty($password)) {
// If not change the password
edit_author($name, $title, $username, $password, $content);
} else {
// If you want change the password
if(is_admin() && !empty($passconfirm) && password_match($password, $passconfirm)) {
// Only session user role as admin
edit_author($name, $title, $username, $password, $content);
} else if(!empty($passconfirm) && password_match($password, $passconfirm) && valid_password($name, $oldpassword)) {
// If session user role not as admin
edit_author($name, $title, $username, $password, $content);
} else {
$message['error'] = '';
if(is_admin()) {
// Only session user role as admin
if (empty($passconfirm)) {
$message['error'] .= '<li class="alert alert-danger">Password Confirm field is required.</li>';
}
if (!password_match($password, $passconfirm)) {
$message['error'] .= '<li class="alert alert-danger">Password and Password Confirm is not match.</li>';
}
} else {
// If session user role not as admin
if (empty($passconfirm)) {
$message['error'] .= '<li class="alert alert-danger">Password Confirm field is required.</li>';
}
if (!password_match($password, $passconfirm)) {
$message['error'] .= '<li class="alert alert-danger">Password and Password Confirm is not match.</li>';
}
if (!valid_password($name, $oldpassword)) {
$message['error'] .= '<li class="alert alert-danger">Old Password is not valid.</li>';
}
}
config('views.root', 'system/admin/views');
render('edit-author', array(
'title' => 'Edit author - ' . blog_title(),
'description' => strip_tags(blog_description()),
'canonical' => site_url(),
'error' => '<ul>' . $message['error'] . '</ul>',
'aTitle' => $title,
'aUsername' => $username,
'aOldPassword' => $oldpassword,
'aPassword' => $password,
'aPassConfirm' => $passconfirm,
'aContent' => $content,
'heading' => 'Edit author',
'is_admin' => true,
'bodyclass' => 'edit-author',
'breadcrumb' => '<span><a href="' . site_url() . '">' . config('breadcrumb.home') . '</a></span> &#187; Edit author'
));
}
}
} else {
$message['error'] = '';
if (empty($title)) {
@ -430,18 +490,6 @@ post('/author/:name/edit', function ($name) {
if (username_exists($username, $name)) {
$message['error'] .= '<li class="alert alert-danger">Username is already exist.</li>';
}
if (empty($password)) {
$message['error'] .= '<li class="alert alert-danger">Password field is required.</li>';
}
if (empty($passconfirm)) {
$message['error'] .= '<li class="alert alert-danger">Password Confirm field is required.</li>';
}
if (!password_match($password, $passconfirm)) {
$message['error'] .= '<li class="alert alert-danger">Password and Password Confirm is not match.</li>';
}
if (!valid_password($name, $oldpassword)) {
$message['error'] .= '<li class="alert alert-danger">Old Password is not valid.</li>';
}
if (!$proper) {
$message['error'] .= '<li class="alert alert-danger">CSRF Token not correct.</li>';
}
@ -509,7 +557,7 @@ get('/author/:name/delete', function ($name) {
// Get data Delete author
post('/author/:name/delete', function () {
$proper = is_csrf_proper(from($_REQUEST, 'csrf_token'));
if ($proper && login()) {
if ($proper && is_admin()) {
$file = from($_REQUEST, 'file');
$destination = from($_GET, 'destination');
delete_author($file, $destination);


+ 4
- 5
system/includes/functions.php View File

@ -2943,8 +2943,6 @@ function head_contents()
// Return toolbar
function toolbar()
{
$user = $_SESSION[config("site.url")]['user'];
$role = user('role', $user);
$base = site_url();
echo <<<EOF
@ -2953,7 +2951,7 @@ EOF;
echo '<div id="toolbar"><ul>';
echo '<li class="tb-admin"><a href="' . $base . 'admin">' . i18n('Admin') . '</a></li>';
echo '<li class="tb-addcontent"><a href="' . $base . 'admin/content">' . i18n('Add_content') . '</a></li>';
if ($role === 'admin') {
if (is_admin()) {
echo '<li class="tb-posts"><a href="' . $base . 'admin/posts">' . i18n('Posts') . '</a></li>';
if (config('views.counter') == 'true') {
echo '<li class="tb-popular"><a href="' . $base . 'admin/popular">Popular</a></li>';
@ -2961,11 +2959,12 @@ EOF;
}
echo '<li class="tb-mine"><a href="' . $base . 'admin/pages">Pages</a></li>';
echo '<li class="tb-draft"><a href="' . $base . 'admin/draft">' . i18n('Draft') . '</a></li>';
if ($role === 'admin') {
if (is_admin()) {
echo '<li class="tb-categories"><a href="' . $base . 'admin/categories">' . i18n('Categories') . '</a></li>';
echo '<li class="tb-authors"><a href="' . $base . 'admin/authors">' . i18n('Authors') . '</a></li>';
}
echo '<li class="tb-import"><a href="' . $base . 'admin/menu">Menu</a></li>';
if ($role === 'admin') {
if (is_admin()) {
echo '<li class="tb-config"><a href="' . $base . 'admin/config">' . i18n('Config') . '</a></li>';
}
echo '<li class="tb-backup"><a href="' . $base . 'admin/backup">' . i18n('Backup') . '</a></li>';


Write Preview
Loading…
Cancel
Save