diff --git a/system/admin/admin.php b/system/admin/admin.php index 286e3d4..2d24437 100644 --- a/system/admin/admin.php +++ b/system/admin/admin.php @@ -172,6 +172,33 @@ function add_page($title, $url, $content) { } } +// Add static page +function add_sub_page($title, $url, $content, $static) { + + $post_title = $title; + $post_url = strtolower(preg_replace(array('/[^a-zA-Z0-9 \-\p{L}]/u', '/[ -]+/', '/^-|-$/'), array('', '-', ''), remove_accent($url))); + $post_content = '' . "\n\n" . $content; + + if (!empty($post_title) && !empty($post_url) && !empty($post_content)) { + if (get_magic_quotes_gpc()) { + $post_content = stripslashes($post_content); + } + $filename = $post_url . '.md'; + $dir = 'content/static/' . $static; + if (is_dir($dir)) { + file_put_contents($dir . $filename, print_r($post_content, true)); + } else { + mkdir($dir, 0777, true); + file_put_contents($dir . $filename, print_r($post_content, true)); + } + + rebuilt_cache('all'); + clear_page_cache($post_url); + $redirect = site_url() . 'admin'; + header("Location: $redirect"); + } +} + // Delete blog post function delete_post($file, $destination) { if (!login()) diff --git a/system/htmly.php b/system/htmly.php index 6abbe26..12da4bd 100644 --- a/system/htmly.php +++ b/system/htmly.php @@ -108,22 +108,127 @@ post('/login', function() { } }); -get("/:static/:sub/edit", function($static,$sub){ - echo $static,$sub,"edit"; - die(); +get("/:static/:sub/edit", function($static,$sub) { + + if (login()) { + + config('views.root', 'system/admin/views'); + $post = get_static_post($static); + + if (!$post) { + not_found(); + } + + $post = $post[0]; + + $page = get_static_sub_post($static,$sub); + + if (!$page) { + not_found(); + } + + $page = $page[0]; + + render('edit-page', array( + 'head_contents' => head_contents('Edit page - ' . blog_title(), blog_description(), site_url()), + 'bodyclass' => 'editpage', + 'breadcrumb' => '' . config('breadcrumb.home') . ' » ' . $post->title . ' » ', + 'p' => $page, + 'type' => 'staticpage', + )); + } else { + $login = site_url() . 'login'; + header("location: $login"); + } }); -post("/:static/:sub/edit", function($static,$sub){ - echo $static,$sub,"edit."; - die(); +post("/:static/:sub/edit", function() { + $proper = is_csrf_proper(from($_REQUEST, 'csrf_token')); + + if(!login()) + { + $login = site_url() . 'login'; + header("location: $login"); + } + + $title = from($_REQUEST, 'title'); + $url = from($_REQUEST, 'url'); + $content = from($_REQUEST, 'content'); + $oldfile = from($_REQUEST, 'oldfile'); + $destination = from($_GET, 'destination'); + if ($proper && !empty($title) && !empty($content)) { + if (!empty($url)) { + edit_page($title, $url, $content, $oldfile, $destination); + } else { + $url = $title; + edit_page($title, $url, $content, $oldfile, $destination); + } + } else { + $message['error'] = ''; + if (empty($title)) { + $message['error'] .= '
  • Title field is required.
    • '; + } + if (empty($content)) { + $message['error'] .= '
  • Content field is required.
    • '; + } + if (!$proper) { + $message['error'] .= '
  • CSRF Token not correct.
    • '; + } + config('views.root', 'system/admin/views'); + + render('edit-page', array( + 'head_contents' => head_contents('Edit page - ' . blog_title(), blog_description(), site_url()), + 'error' => '', + 'oldfile' => $oldfile, + 'postTitle' => $title, + 'postUrl' => $url, + 'postContent' => $content, + 'bodyclass' => 'editpage', + 'breadcrumb' => '' . config('breadcrumb.home') . ' » Edit page' + )); + } }); -get("/:static/:sub/delete", function($static,$sub){ - echo $static,$sub,"delete"; - die(); +get("/:static/:sub/delete", function($static,$sub) { + + if (login()) { + + config('views.root', 'system/admin/views'); + $post = get_static_post($static); + + if (!$post) { + not_found(); + } + + $post = $post[0]; + + $page = get_static_sub_post($static,$sub); + + if (!$page) { + not_found(); + } + + $page = $page[0]; + + render('delete-page', array( + 'head_contents' => head_contents('Delete page - ' . blog_title(), blog_description(), site_url()), + 'bodyclass' => 'deletepage', + 'breadcrumb' => '' . config('breadcrumb.home') . ' » ' . $post->title . '' . $page->title, + 'p' => $page, + 'type' => 'staticpage', + )); + } else { + $login = site_url() . 'login'; + header("location: $login"); + } }); -post("/:static/:sub/delete", function($static,$sub){ - echo $static,$sub,"delete."; - die(); +post("/:static/:sub/delete", function() { + + $proper = is_csrf_proper(from($_REQUEST, 'csrf_token')); + if ($proper && login()) { + $file = from($_REQUEST, 'file'); + $destination = from($_GET, 'destination'); + delete_page($file, $destination); + } }); // The blog post page @@ -313,7 +418,7 @@ get('/:year/:month/:name/delete', function($year, $month, $name) { post('/:year/:month/:name/delete', function() { $proper = is_csrf_proper(from($_REQUEST, 'csrf_token')); - if ($proper) { + if ($proper && login()) { $file = from($_REQUEST, 'file'); $destination = from($_GET, 'destination'); delete_post($file, $destination); @@ -660,6 +765,12 @@ get('/:static/edit', function($static) { post('/:static/edit', function() { $proper = is_csrf_proper(from($_REQUEST, 'csrf_token')); + if(!login()) + { + $login = site_url() . 'login'; + header("location: $login"); + } + $title = from($_REQUEST, 'title'); $url = from($_REQUEST, 'url'); $content = from($_REQUEST, 'content'); @@ -729,7 +840,7 @@ get('/:static/delete', function($static) { post('/:static/delete', function() { $proper = is_csrf_proper(from($_REQUEST, 'csrf_token')); - if ($proper) { + if ($proper && login()) { $file = from($_REQUEST, 'file'); $destination = from($_GET, 'destination'); delete_page($file, $destination); @@ -825,7 +936,7 @@ post('/add/page', function() { $title = from($_REQUEST, 'title'); $url = from($_REQUEST, 'url'); $content = from($_REQUEST, 'content'); - if ($proper && !empty($title) && !empty($content)) { + if ($proper && !empty($title) && !empty($content) && login()) { if (!empty($url)) { add_page($title, $url, $content); } else { @@ -1116,13 +1227,67 @@ get('/admin/update/now/:csrf', function($CSRF) { } }); -get('/:static/add', function($static){ - echo $static,"add"; - die(); +get('/:static/add', function($static) { + + if (login()) { + + config('views.root', 'system/admin/views'); + + $post = get_static_post($static); + + if(! $post) + { + not_found(); + } + + $post = $post[0]; + + render('add-page', array( + 'head_contents' => head_contents('Add page - ' . blog_title(), blog_description(), site_url()), + 'bodyclass' => 'addpage', + 'breadcrumb' => '' . config('breadcrumb.home') . ' » ' . $post->title . ' Add page' + )); + } else { + $login = site_url() . 'login'; + header("location: $login"); + } }); -post('/:static/add', function($static){ - echo $static,"add."; - die(); +post('/:static/add', function($static) {//not working + + $proper = is_csrf_proper(from($_REQUEST, 'csrf_token')); + + $title = from($_REQUEST, 'title'); + $url = from($_REQUEST, 'url'); + $content = from($_REQUEST, 'content'); + if ($proper && !empty($title) && !empty($content) && login()) { + if (!empty($url)) { + add_sub_page($title, $url, $content, $static); + } else { + $url = $title; + add_sub_page($title, $url, $content, $static); + } + } else { + $message['error'] = ''; + if (empty($title)) { + $message['error'] .= '
  • Title field is required.
    • '; + } + if (empty($content)) { + $message['error'] .= '
  • Content field is required.
    • '; + } + if (!$proper) { + $message['error'] .= '
  • CSRF Token not correct.
    • '; + } + config('views.root', 'system/admin/views'); + render('add-page', array( + 'head_contents' => head_contents('Add page - ' . blog_title(), blog_description(), site_url()), + 'error' => '', + 'postTitle' => $title, + 'postUrl' => $url, + 'postContent' => $content, + 'bodyclass' => 'addpage', + 'breadcrumb' => '' . config('breadcrumb.home') . ' » ' . $post->title . ' Add page' + )); + } }); get('/:static/:sub', function($static,$sub) {